dw1
fc3bc06f65
🔥 Add SEOmatic SSTI (CVE-2020-9757)
2020-07-04 00:56:51 +07:00
dw1
53a9952dc7
🔥 Add Citrix ShareFile StorageZones Unauthenticated Arbitrary File Read (CVE-2020-8982)
2020-07-04 00:56:16 +07:00
dw1
b427cfc641
🔥 TYPO3 XSS (CVE-2020-8091)
2020-07-04 00:55:17 +07:00
dw1
919d657c41
🔥 Add Liferay Portal Unauthenticated RCE (CVE-2020-8982)
2020-07-04 00:54:34 +07:00
dw1
c173cb357b
🔧 Update Liferay Portal Detection
2020-07-04 00:53:46 +07:00
bauthard
d1eb7d3f68
Merge pull request #177 from dwisiswant0/add-cve-2020-9484
...
Add CVE-2020-9484
2020-07-03 12:00:19 +05:30
bauthard
3914856fab
Merge pull request #176 from dwisiswant0/development
...
Update conditions & regexes for exposed-svn
2020-07-03 11:56:08 +05:30
dw1
5756349c14
⚡ Add Apache Tomcat RCE by deserialization - CVE-2020-9484
2020-07-03 12:39:02 +07:00
dw1
7760d4f172
🔨 Update conditions & regexes for exposed-svn. Fixes #175
2020-07-03 10:26:33 +07:00
bauthard
72f3939981
syntax updates
2020-07-02 18:11:53 +00:00
bauthard
991376c439
Merge pull request #174 from dwisiswant0/development
...
Adding Spring Boot Actuators (Jolokia) XXE
2020-07-02 23:07:34 +05:30
dw1
ecd295aff4
🔥 Add Springboot Actuators (Jolokia) XXE Vulnerability
2020-07-02 23:15:33 +07:00
dw1
c167a31784
🔧 Add path requests & matchers for Springboot Actuators
2020-07-02 23:14:39 +07:00
bauthard
6914ef1d5e
Merge pull request #173 from organiccrap/master
...
updates
2020-07-02 19:33:19 +05:30
organiccrap
2d8c78c263
updates
2020-07-02 21:53:41 +08:00
bauthard
29722f8547
Merge pull request #171 from dwisiswant0/development
...
Update exposed-svn matchers due to False Positive Results
2020-07-02 17:36:31 +05:30
dw1
43c90fc616
✏️ Fix misplaced regex & escaping regexes
2020-07-02 18:56:51 +07:00
dw1
4a140eaeec
🔧 Update exposed-svn regexes & request paths
2020-07-02 18:31:10 +07:00
dw1
19cbaad130
🔧 Update exposed-svn matchers
2020-07-02 18:26:21 +07:00
bauthard
94416fe939
Merge pull request #170 from dwisiswant0/fix-cve-2018-16341-false-positives
...
Fix for false-positive CVE-2018-16341 results
2020-07-02 16:21:35 +05:30
dw1
caf833c28e
🔧 Fix for false-positive CVE-2018-16341 results
2020-07-02 17:45:29 +07:00
bauthard
bd1146d77d
Update chained-workflow-multiple-templates.yaml
2020-07-02 15:47:20 +05:30
bauthard
179edf7914
removing extra spaces
2020-07-02 15:43:03 +05:30
bauthard
14494ba4d3
Update CVE-2019-8449.yaml
2020-07-02 15:36:11 +05:30
bauthard
b369c971dc
Update and rename tomcat.yaml to public-tomcat-instance.yaml
2020-07-01 11:36:04 +05:30
bauthard
0678eb620c
Update GUIDE.md
2020-07-01 02:36:31 +05:30
bauthard
fd0da2c344
Merge pull request #163 from bauthard/master
...
updating information for chained workflow
2020-07-01 02:13:36 +05:30
bauthard
98267729d8
adding tomcat manager bruteforce
2020-06-30 15:08:39 +00:00
bauthard
f2862538ba
Update chained-workflow-multiple-templates.yaml
2020-06-30 18:59:39 +05:30
bauthard
b8f26dd6ba
Update chained-workflow-multiple-templates.yaml
2020-06-30 17:20:26 +05:30
bauthard
ef2f7352e5
Create chained-workflow-multiple-templates.yaml
2020-06-30 17:15:14 +05:30
bauthard
757bea2468
adding wordpress-directory-listing
2020-06-30 17:06:10 +05:30
bauthard
906e6e918d
Update CVE-2017-7529.yaml
2020-06-30 16:54:48 +05:30
bauthard
737d128c11
Merge pull request #162 from harsh-bothra/patch-3
...
Create CVE-2017-7529.yaml
2020-06-30 16:53:44 +05:30
bauthard
0801439e54
Update GUIDE.md
2020-06-30 16:46:31 +05:30
Harsh Bothra
dbaa71a763
Create CVE-2017-7529.yaml
...
Remote Integer Overflow in Nginx allows an attacker to extract sensitive information from memory buffer by triggering specially crafted requests.
2020-06-30 16:44:33 +05:30
bauthard
8c3ac9b4a9
Update GUIDE.md
2020-06-30 16:33:05 +05:30
bauthard
2f59c74b28
Update CVE-2019-8449.yaml
2020-06-30 16:31:20 +05:30
bauthard
b62e5f88d9
Update GUIDE.md
2020-06-30 16:27:24 +05:30
bauthard
eaa0a75395
adding workflow-example
2020-06-30 16:26:32 +05:30
bauthard
fc95489690
Update CVE-2019-8449.yaml
2020-06-30 16:13:35 +05:30
bauthard
3c28475816
Merge pull request #160 from harsh-bothra/patch-2
...
Create CVE-2019-8449.yaml
2020-06-30 16:12:34 +05:30
Harsh Bothra
d6027b67d2
Create CVE-2019-8449.yaml
...
CVE-2019-8449 which allows an Unauthenticated Attacker to enumerate all the users and their information such as Username, Avatars, Emails, Keys, etc.
Reference - https://www.doyler.net/security-not-included/more-jira-enumeration
2020-06-30 16:06:15 +05:30
bauthard
ba30333045
updating trailing space
2020-06-30 15:55:45 +05:30
bauthard
cd3b1a9804
Merge pull request #159 from harsh-bothra/patch-1
...
Create CVE-2018-11409.yaml
2020-06-30 15:54:13 +05:30
Harsh Bothra
53a47cc1bc
Create CVE-2018-11409.yaml
...
CVE-2018-11409 allows an unauthenticated user to get sensitive information such as license key from a Splunk instance by appending /__raw/services/server/info/server-info?output_mode=json to a query.
2020-06-30 15:49:43 +05:30
bauthard
12bff93ab2
Update and rename Wp-user to wordpress-user-enumaration.yaml
2020-06-30 10:30:57 +05:30
bauthard
9f44292e0c
Merge pull request #158 from manasjha7/patch-1
...
Wp-user
2020-06-30 10:29:48 +05:30
bauthard
b9ea4ecaf3
Update CVE-2020-12720.yaml
2020-06-30 02:04:13 +05:30
bauthard
c718848a88
Update CVE-2020-8512.yaml
2020-06-30 01:59:13 +05:30