daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
614 Commits
17 Branches
0 Tags
165 MiB
Commit Graph

614 Commits (507dfb782ac811681c409ad7302dad66341dc113)

Author SHA1 Message Date
bauthard 507dfb782a
Merge pull request #218 from harsh-bothra/patch-9 
Create ibm-infoprint-directory-traversal
 2020-07-08 15:22:00 +05:30
bauthard f2bfdbfb9f
Merge pull request #216 from secureITmania/secureITmania-patch-1 
Update CVE-2020-9757 logic
 2020-07-08 15:19:51 +05:30
bauthard 7044a9116c
Update CVE-2020-5284.yaml 2020-07-08 14:15:47 +05:30
bauthard da431b0aa7
Update elasticsearch.yaml 2020-07-08 14:15:37 +05:30
bauthard 38bc600e99
Update CVE-2020-5284.yaml 2020-07-08 14:15:18 +05:30
bauthard 336bac5e1a
Merge pull request #219 from dwisiswant0/add-cves-and-workflows 
Add CVE-2020-13167, CVE-2020-7209 & Workflows
 2020-07-08 09:46:45 +05:30
dw1 577e3cb429 📝 Remove trailing spaces 2020-07-08 02:55:24 +07:00
dw1 b0aec24951 🔥 Add LinuxKI Toolset RCE - CVE-2020-7209 2020-07-08 02:28:16 +07:00
dw1 a767bea72a 🔥 Add Netsweeper WebAdmin PreAuth RCE Workflow 2020-07-08 02:27:31 +07:00
dw1 f664a763dc 🔨 Add Netsweeper WebAdmin detection 2020-07-08 02:26:45 +07:00
dw1 5f42e15fcb 🔥 Add Netsweeper WebAdmin PreAuth RCE - CVE-2020-13167 2020-07-08 02:26:15 +07:00
Harsh Bothra 3d7f039cbd
Rename ibm-infoprint-directory-traversal to ibm-infoprint-directory-traversal.yaml 2020-07-07 17:41:34 +05:30
Harsh Bothra 97db04d90e
Create ibm-infoprint-directory-traversal 
IBM InfoPrint 4247-Z03 Impact Matrix Printer - Directory Traversal
 2020-07-07 17:40:48 +05:30
secureITmania cc260b27b0
Update CVE-2020-9757.yaml 
template logic changed
 2020-07-07 14:09:32 +05:30
secureITmania 3fdcb6668e
Merge pull request #1 from projectdiscovery/master 
Update from original
 2020-07-07 14:02:35 +05:30
bauthard d58fb83331
Merge pull request #214 from harsh-bothra/patch-6 
Create CVE-2019-17382.yaml
 2020-07-07 11:56:49 +05:30
bauthard 5cfdcf0064 adding matchers-condition 
when we are looking to match two condition, we should add matchers-condition, as the default check is OR which will results into false positive results.
 2020-07-07 11:56:01 +05:30
bauthard 6a1b383466
Merge pull request #212 from hetroublemaker/patch-4 
Create CVE-2020-10204.yaml
 2020-07-07 11:50:49 +05:30
bauthard 0a207f55cc Update CVE-2020-10204.yaml 2020-07-07 11:49:48 +05:30
bauthard 350c7e8708
Merge pull request #213 from fyoorer/add-rabbitmq 
add rabbitmq default password detection
 2020-07-07 11:44:26 +05:30
bauthard aa1660ec79 Update rabbitmq-workflow.yaml 2020-07-07 11:43:50 +05:30
Harsh Bothra 76745f7dcb
Create CVE-2019-17382.yaml 
Zabbix Authentication Bypass to access Dashboard
 2020-07-07 09:47:27 +05:30
Aditya Gujar 5516d741a4
Update rabbitmq-default-admin.yaml 2020-07-06 18:42:01 -04:00
Aditya Gujar 941ab6d875 add rabbitmq default password detection 2020-07-06 18:33:19 -04:00
Aditya Soni 9c8104f937
Create CVE-2020-10204.yaml 2020-07-07 01:54:18 +05:30
bauthard 2499aaa0a6
Update CVE-2018-1247.yaml 2020-07-07 00:37:01 +05:30
bauthard 24eafa3648
updated matcher 2020-07-07 00:34:27 +05:30
bauthard ebb2f1f3ac
Merge pull request #210 from harsh-bothra/patch-5 
Create CVE-2018-11759.yaml
 2020-07-06 22:44:05 +05:30
bauthard ba2fe4bf75 Update CVE-2018-11759.yaml 2020-07-06 22:43:45 +05:30
bauthard 1714fa6674
Merge pull request #209 from harsh-bothra/patch-4 
Create CVE-2020-5405.yaml
 2020-07-06 22:41:09 +05:30
bauthard 8362fb3dc2 Update CVE-2020-5405.yaml 2020-07-06 22:40:05 +05:30
bauthard bd7a526f32
Merge pull request #208 from Techbrunch/patch-5 
Create jira-unauthenticated-projects.yaml
 2020-07-06 22:31:11 +05:30
bauthard e2373db418 Update jira-unauthenticated-projects.yaml 2020-07-06 22:30:26 +05:30
bauthard 01ddd1deae
Merge pull request #207 from Techbrunch/patch-4 
Create jira-unauthenticated-dashboards.yaml
 2020-07-06 22:26:16 +05:30
bauthard 503f300230
Merge pull request #206 from Techbrunch/patch-3 
Create jira-unauthenticated-popular-filters.yaml
 2020-07-06 22:25:48 +05:30
bauthard 63289fb700
Merge pull request #205 from dwisiswant0/update-cve-2020-5902 
Update RAW payloads due to can't use helper function - CVE-2020-5902
 2020-07-06 22:19:31 +05:30
bauthard 6f7aa0570e
Merge pull request #204 from Techbrunch/patch-2 
Create CVE-2019-8451.yaml
 2020-07-06 22:16:27 +05:30
Harsh Bothra 8b4cf6bd46
Create CVE-2018-11759.yaml 
Apache Tomcat JK Status Manager Access
 2020-07-06 21:58:42 +05:30
bauthard c278396f2e
Merge pull request #203 from melbadry9/patch-2 
Update open-redirect.yaml
 2020-07-06 21:52:55 +05:30
Harsh Bothra ebcf1ec0f6
Create CVE-2020-5405.yaml 
Spring Cloud Directory Traversal
 2020-07-06 21:52:18 +05:30
Techbrunch 1b0683e4a3
Create jira-unauthenticated-projects.yaml 
If public sharing is ON it allows users to share projects with all users including those that are not logged in. Those projects could reveal potentially sensitive information.
 2020-07-06 18:03:33 +02:00
Techbrunch 981979d905
Create jira-unauthenticated-dashboards.yaml 
If public sharing is ON it allows users to share dashboards and filters with all users including those that are not logged in. Those dashboard and filters could reveal potentially sensitive information.
 2020-07-06 18:02:11 +02:00
Techbrunch a525139cbe
Update jira-unauthenticated-popular-filters.yaml 2020-07-06 17:58:12 +02:00
Techbrunch 40238f677f
Create jira-unauthenticated-popular-filters.yaml 
If public sharing is ON it allows users to share dashboards and filters with all users including those that are not logged in. Those dashboard and filters could reveal potentially sensitive information.
 2020-07-06 17:56:34 +02:00
Techbrunch 59661b1eb6
Update CVE-2019-8451.yaml 
Fix trailing whitespace
 2020-07-06 16:56:27 +02:00
Techbrunch 3a44d74762
Create CVE-2019-8451.yaml 
# On September 9, Atlassian released version 8.4.0 for Jira Core and Jira Software, which included a fix for an important
# security issue reported in August 2019.

# CVE-2019-8451 is a pre-authentication server-side request forgery (SSRF) vulnerability found in 
# the /plugins/servlet/gadgets/makeRequest resource. The vulnerability exists due to “a logic bug” in the JiraWhitelist class.
# An unauthenticated attacker could exploit this vulnerability by sending a specially crafted web request to a vulnerable 
# Jira server. Successful exploitation would result in unauthorized access to view and potentially modify internal 
# network resources.
# https://www.tenable.com/blog/cve-2019-8451-proof-of-concept-available-for-server-side-request-forgery-ssrf-vulnerability-in
# https://twitter.com/benmontour/status/1177250393220239360
# https://twitter.com/ojensen5115/status/1176569607357730817
 2020-07-06 16:52:34 +02:00
dw1 d19f00bf82 Update RAW payloads due to can't use helper function 2020-07-06 21:45:44 +07:00
Mohamed Elbadry 3381eed789
Update open-redirect.yaml 2020-07-06 16:21:43 +02:00
bauthard 4337755cbe
Merge pull request #202 from melbadry9/patch-1 
Update crlf-injection.yaml
 2020-07-06 19:48:11 +05:30
Mohamed Elbadry d2f024dc32
Update crlf-injection.yaml 2020-07-06 16:16:27 +02:00