daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
12,176 Commits
17 Branches
0 Tags
165 MiB
Commit Graph

3592 Commits (56160908f039ad65ee6a328f00fd52b2b0a04831)

Author SHA1 Message Date
Prince Chaddha 6c39177ddc
Delete CVE-2021-32818.yaml 2022-02-03 01:11:45 +05:30
MostInterestingBotInTheWorld fb84327f3c Enhancement: cves/2005/CVE-2005-2428.yaml by mp 2022-02-02 13:15:44 -05:00
MostInterestingBotInTheWorld 8c22a7f11a Enhancement: cves/2005/CVE-2005-2428.yaml by cs 2022-02-02 13:08:10 -05:00
6d616461 0c1fb1e697 Updated CVE-2016-10956 Template 2022-02-02 18:36:24 +01:00
MostInterestingBotInTheWorld 0d1f876866 Enhancement: cves/2021/CVE-2021-37538.yaml by mp 2022-02-02 12:15:24 -05:00
6d616461 83bb5912fe Updated CVE-2019-9618 Template 2022-02-02 17:47:13 +01:00
cckuailong 7c9b7017d2 Merge branch 'master' of github.com:cckuailong/nuclei-templates 2022-02-02 23:28:26 +08:00
cckuailong 58282f56f1 add CVE-2016-10940 2022-02-02 23:27:47 +08:00
Sandeep Singh 633205a001
Update CVE-2021-32853.yaml 2022-02-02 13:56:12 +05:30
Dwi Siswanto 940db2f928 Add CVE-2021-32853 2022-02-02 13:27:36 +07:00
sullo 09558de213 Adding classification 2022-02-01 16:52:18 -05:00
MostInterestingBotInTheWorld 141392e683 Enhancement: cves/2018/CVE-2018-17254.yaml by cs 2022-02-01 16:47:16 -05:00
Prince Chaddha cf9821e3b1
Update CVE-2021-26247.yaml 2022-02-02 00:48:29 +05:30
MostInterestingBotInTheWorld c052b84ffc Enhancement: cves/2014/CVE-2014-8682.yaml by mp 2022-02-01 13:09:32 -05:00
GitHub Action 8868b0f56b Auto Generated CVE annotations [Tue Feb 1 06:10:46 UTC 2022] 🤖 2022-02-01 06:10:46 +00:00
Dhiyaneshwaran a5bd8630c8
Create CVE-2021-32818.yaml 2022-02-01 11:39:12 +05:30
GitHub Action a18a19ff3c Auto Generated CVE annotations [Tue Feb 1 06:06:15 UTC 2022] 🤖 2022-02-01 06:06:15 +00:00
Dhiyaneshwaran bcc7113677
Create CVE-2021-26247.yaml 2022-02-01 11:34:51 +05:30
Prince Chaddha dca4cdc12f
Update CVE-2020-35489.yaml 2022-02-01 01:28:32 +05:30
Prince Chaddha ee95110be4
Merge pull request #3614 from Akokonunes/patch-109 
Create CVE-2020-18268.yaml
 2022-02-01 00:45:53 +05:30
Prince Chaddha fdddc48c2f
Update CVE-2020-18268.yaml 2022-02-01 00:42:58 +05:30
Prince Chaddha 992687329c
Update CVE-2020-18268.yaml 2022-02-01 00:41:58 +05:30
GitHub Action 606e9b09e5 Auto Generated CVE annotations [Mon Jan 31 18:38:32 UTC 2022] 🤖 2022-01-31 18:38:32 +00:00
Prince Chaddha 961873521f
Merge pull request #3630 from Akokonunes/patch-110 
Added CVE-2016-3978
 2022-02-01 00:07:07 +05:30
Prince Chaddha 812d76a1b8
Merge pull request #3514 from Akokonunes/patch-103 
Create CVE-2019-13396.yaml
 2022-02-01 00:06:48 +05:30
Prince Chaddha a9734d712b
Update CVE-2019-13396.yaml 2022-02-01 00:05:35 +05:30
Prince Chaddha cc40d47cf7
Update CVE-2016-3978.yaml 2022-01-31 23:41:51 +05:30
Prince Chaddha 8efaa0754e
Merge pull request #3633 from cckuailong/master 
add CVE-2021-46005 (Sourcecodester Car Rental Management System 1.0 - Stored XSS)
 2022-01-31 23:38:53 +05:30
Prince Chaddha cd221355ee
Update CVE-2021-46005.yaml 2022-01-31 23:34:34 +05:30
Prince Chaddha fb48b67f39
Update CVE-2021-46005.yaml 2022-01-31 23:29:36 +05:30
Roberto Nunes 9c4df9e91a
Create CVE-2021-25864.yaml (#3631) 
* Create CVE-2021-25864.yaml

* moving template to cves folder

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
 2022-01-31 14:36:37 +05:30
Sandeep Singh cfb6fff36d
removing trailing spaces 2022-01-29 19:24:58 +05:30
cckuailong 80b60ef829 add CVE-2021-46005 2022-01-29 21:22:44 +08:00
sandeep 39e41ce464 template name and ID update 2022-01-29 17:15:08 +05:30
sandeep 57d742bfb4 Removing temporarily due to limited information 2022-01-28 16:58:30 +05:30
sandeep 9fa97d4221 path update 2022-01-28 16:55:45 +05:30
Aaron Chen cb2f2a8721
Update CVE-2018-13380.yaml (#3623) 
* Update CVE-2018-13380.yaml

* Fix payload and matcher
* Add reference

* misc updates

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
 2022-01-28 15:46:21 +05:30
GitHub Action 7ce2191287 Auto Generated CVE annotations [Fri Jan 28 09:01:49 UTC 2022] 🤖 2022-01-28 09:01:49 +00:00
Sandeep Singh d4136282cc
Merge pull request #3621 from MostInterestingBotInTheWorld/dashboard 
Enhancement: Template Enhancements from Dashboard
 2022-01-28 11:20:43 +05:30
Prince Chaddha dfdfc369d1
Merge pull request #3597 from paradessia/master 
CVE-2022-21371
 2022-01-28 11:14:44 +05:30
sandeep 6ee7b7c83b syntax update 2022-01-28 11:12:09 +05:30
sandeep 72f14d4d2e fix spaces 2022-01-28 11:08:17 +05:30
Prince Chaddha 850ae90f55
Update CVE-2021-45380.yaml 2022-01-28 10:59:21 +05:30
Sullo f3f320dc29 Spacing matters 2022-01-27 14:31:57 -05:00
Sullo 81bf8288b5 Syntax fixes 2022-01-27 14:23:33 -05:00
MostInterestingBotInTheWorld 4ed9d6221b
Merge branch 'projectdiscovery:master' into dashboard 2022-01-27 13:55:22 -05:00
MostInterestingBotInTheWorld 318c7a46c2 Enhancement: cves/2008/CVE-2008-6172.yaml by mp 2022-01-27 13:55:00 -05:00
MostInterestingBotInTheWorld 57d4afde0a Enhancement: cves/2004/CVE-2004-0519.yaml by mp 2022-01-27 13:48:06 -05:00
MostInterestingBotInTheWorld 6a6d272fdf Enhancement: cves/2004/CVE-2004-0519.yaml by mp 2022-01-27 13:45:09 -05:00
PikPikcU 4beabd88f9
Create CVE-2021-45380.yaml 2022-01-27 13:40:43 -05:00
MostInterestingBotInTheWorld 794febebef Enhancement: cves/2000/CVE-2000-0114.yaml by mp 2022-01-27 13:36:56 -05:00
MostInterestingBotInTheWorld 1d12645904 Enhancement: cves/2000/CVE-2000-0114.yaml by mp 2022-01-27 13:30:23 -05:00
cckuailong 5b424fafe1
add CVE-2022-23944 (#3605) 
* add CVE-2022-23944

* fix CVE-2021-23944 matcher type

* Update CVE-2022-23944.yaml

* minor updates

Co-authored-by: Prince Chaddha <prince@projectdiscovery.io>
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
 2022-01-27 15:59:26 +05:30
GitHub Action 4bd8b86a3e Auto Generated CVE annotations [Thu Jan 27 10:22:20 UTC 2022] 🤖 2022-01-27 10:22:20 +00:00
Sandeep Singh 53da8a8206
Added CVE-2021-21973 (#3615) 
* Added CVE-2021-21973

* minor update
 2022-01-27 15:50:44 +05:30
Prince Chaddha fd777fd0b6
Update and rename CVE-2020-18268.yaml to cves/2020/CVE-2020-18268.yaml 2022-01-27 14:18:01 +05:30
GitHub Action 3a1d847b57 Auto Generated CVE annotations [Wed Jan 26 17:59:10 UTC 2022] 🤖 2022-01-26 17:59:10 +00:00
Smaran Chand 0babc27b75
Added elFinder filemanger exposed (#3602) 
* Added elFinder filemanger exposed

* Template name / id update + more reference

* template name update

* matcher update

* Modified the matcher.

* minor updates

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
 2022-01-26 23:27:45 +05:30
Sandeep Singh 21b7bd1547
Update CVE-2017-7391.yaml 2022-01-26 17:37:19 +05:30
Sullo 9a8482172d Remove: 
- various nonstandard ascii chars in favor of the standard ones (mostly quotes)
 - spaces after : in some files
 2022-01-25 14:38:53 -05:00
GitHub Action 173f0ef2d3 Auto Generated CVE annotations [Tue Jan 25 16:51:00 UTC 2022] 🤖 2022-01-25 16:51:00 +00:00
Sandeep Singh 4401b9ebe9
Merge pull request #3599 from projectdiscovery/CVE-2021-24838 
Added CVE-2021-24838
 2022-01-25 22:19:30 +05:30
Sandeep Singh 494a80799c
Merge pull request #3600 from MostInterestingBotInTheWorld/dashboard 
Enhancement: cves/2021/CVE-2021-29156.yaml by cs
 2022-01-25 22:09:27 +05:30
sandeep 8c7ec49185 lint fix 2022-01-25 22:08:01 +05:30
Prince Chaddha 97b38b98b4
Update CVE-2022-21371.yaml 2022-01-25 21:06:14 +05:30
Prince Chaddha 91d9b71864
Merge pull request #3596 from gy741/rule-add-v93 
Create CVE-2021-39350.yaml
 2022-01-25 17:16:12 +05:30
sandeep 47e34dba46 Added CVE-2021-24838 2022-01-25 17:14:00 +05:30
Prince Chaddha 6a2ff6f09e
Update CVE-2021-39350.yaml 2022-01-25 17:08:01 +05:30
GitHub Action 48add9c36b Auto Generated CVE annotations [Tue Jan 25 11:06:39 UTC 2022] 🤖 2022-01-25 11:06:39 +00:00
Prince Chaddha 2460dceff3
Update CVE-2022-21371.yaml 2022-01-25 16:36:10 +05:30
GitHub Action 5f2efaf5df Auto Generated CVE annotations [Tue Jan 25 09:56:37 UTC 2022] 🤖 2022-01-25 09:56:37 +00:00
on abfbfe29ae CVE-2022-21371.yaml 2022-01-25 12:48:56 +03:00
GitHub Action e035a797c6 Auto Generated CVE annotations [Tue Jan 25 09:41:31 UTC 2022] 🤖 2022-01-25 09:41:31 +00:00
GwanYeong Kim 67b2955d98 Create CVE-2021-39350.yaml 
The FV Flowplayer Video Player WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the player_id parameter found in the ~/view/stats.php file which allows attackers to inject arbitrary web scripts, in versions 7.5.0.727 - 7.5.2.727.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
 2022-01-25 17:31:13 +09:00
Prince Chaddha 25e3537212
Update CVE-2021-43810.yaml 2022-01-25 12:34:20 +05:30
GwanYeong Kim c368e33117 Create CVE-2021-43810.yaml 
Admidio is a free open source user management system for websites of organizations and groups. A cross-site scripting vulnerability is present in Admidio prior to version 4.0.12. The Reflected XSS vulnerability occurs because redirect.php does not properly validate the value of the url parameter. Through this vulnerability, an attacker is capable to execute malicious scripts. This issue is patched in version 4.0.12.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
 2022-01-25 13:55:34 +09:00
MostInterestingBotInTheWorld 44d23ef3eb Enhancement: cves/2021/CVE-2021-29156.yaml by cs 2022-01-24 13:45:03 -05:00
Prince Chaddha 5511ff1efd
Merge pull request #3578 from hexcat/add-wp-html-mail-xss 
Added wp-html-mail-xss template
 2022-01-24 14:21:06 +05:30
Prince Chaddha 6dd35d6491
Update and rename vulnerabilities/wordpress/wp-html-mail-xss.yaml to cves/2022/CVE-2022-0218.yaml 2022-01-24 14:17:01 +05:30
GitHub Action f882764c9b Auto Generated CVE annotations [Mon Jan 24 07:12:56 UTC 2022] 🤖 2022-01-24 07:12:56 +00:00
Prince Chaddha fa30e05f61
Merge pull request #3586 from V35HR4J/master 
Create CVE-2021-39433.yaml
 2022-01-24 12:40:15 +05:30
Prince Chaddha 018ae134c0
Merge pull request #3585 from gy741/rule-add-v90 
Create CVE-2022-23178.yaml
 2022-01-24 12:39:17 +05:30
Prince Chaddha e9897bddaa
Update CVE-2022-23178.yaml 2022-01-24 12:37:55 +05:30
Prince Chaddha 03697ed21a
Update CVE-2021-39433.yaml 2022-01-24 12:28:03 +05:30
Veshraj Ghimire df907cc2e3
Create CVE-2021-39433.yaml 2022-01-23 21:00:30 +05:45
GwanYeong Kim 2d53221aea Create CVE-2022-23178.yaml 
An issue was discovered on Crestron HD-MD4X2-4K-E 1.0.0.2159 devices. When the administrative web interface of the HDMI switcher is accessed unauthenticated, user credentials are disclosed that are valid to authenticate to the web interface. Specifically, aj.html sends a JSON document with uname and upassword fields.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
 2022-01-23 20:28:25 +09:00
Prince Chaddha 1d15a5464a
Update CVE-2021-24750.yaml 2022-01-23 14:51:25 +05:30
Prince Chaddha 3c9e02150d
Update CVE-2021-24750.yaml 2022-01-23 14:39:38 +05:30
Prince Chaddha 75184ca383
Update CVE-2021-24750.yaml 2022-01-23 14:38:12 +05:30
cckuailong dad34d012c add CVE-2021-24750 2022-01-23 13:17:20 +08:00
sandeep 2a8d8e1095 more updates 2022-01-22 23:27:52 +05:30
sandeep 6b14c6c6fc CVE-2021-40438 update 2022-01-22 23:18:07 +05:30
sullo 3b7bcda337 Enhancement: cves/2001/CVE-2001-1473.yaml by Chris 2022-01-21 13:58:26 -05:00
sullo 0fcaacfb8c Enhancement: cves/2001/CVE-2001-1473.yaml by Chris 2022-01-21 13:57:17 -05:00
Sandeep Singh 8a3e575e9f
Added CVE-2012-4547 / CVE-2009-5020 (#3575) 
* Added CVE-2012-4547 / CVE-2009-5020

* Update CVE-2009-5020.yaml
 2022-01-21 16:37:41 +05:30
Houziaux Mike 3564e64027
[Add] - Zimbra unauthenticated LFI (#3571) 
* add zimbra lfi

* template updates

- CVE update
- Matchers update
- Additional LFI payload + matchers

* Update CVE-2013-7091.yaml

* Revert "Update CVE-2013-7091.yaml"

This reverts commit fdffa3944f29754d8971a2697754011d29677c42.

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
Co-authored-by: Prince Chaddha <prince@projectdiscovery.io>
Co-authored-by: Prince Chaddha <cyberbossprince@gmail.com>
 2022-01-21 13:02:08 +05:30
Leovalcante bac26e1669
Create check for cve-2020-24391 mongo-express RCE (#3566) 
* Create check for cve-2020-24391 mongo-express RCE

* random file to write + matcher updates + extractor

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
 2022-01-20 14:55:01 +05:30
Sandeep Singh 1b0c7f1b7f
CVE-2021-22205 update (#3568) 
*moved cves/2021/CVE-2021-22205.yaml to vulnerabilities/gitlab/gitlab-rce.yaml
*template extension update + added missing severity + misc updates
 2022-01-20 14:25:57 +05:30
Greg Johnson e0a2d35a8d
add passive fingerprinting template for CVE-2021-22205 (#3565) 
Co-authored-by: Greg Johnson (codeEmitter) <gjohnson@gitlab.com>
 2022-01-20 14:12:37 +05:30
sandeep f6e3df8b33 CVE-2020-13483 Update 2022-01-19 13:44:01 +05:30