Commit Graph

661 Commits (5a3213e9f2fc2e1382f29b79af8f6aa38938bed6)

Author SHA1 Message Date
Prince Chaddha 6e6349205d
Update and rename pacsone-server-6-6-2-lfi.yaml to vulnerabilities/other/pacsone-server-lfi.yaml 2021-12-21 17:32:19 +05:30
Sandeep Singh 7a5cdc2bc3
Added ServiceNow Helpdesk Credential Exposure (#3371)
* Added ServiceNow Helpdesk Credential Exposure

Co-Authored-By: JP <19959240+jordanpotti@users.noreply.github.com>

* matcher update

Co-authored-by: JP <19959240+jordanpotti@users.noreply.github.com>
2021-12-19 23:42:01 +05:30
Prince Chaddha dcf3f57bdf
Merge pull request #3373 from projectdiscovery/princechaddha-patch-2
Create global-domains-xss.yaml
2021-12-18 15:02:06 +05:30
Prince Chaddha 71027cbc79
Merge pull request #3357 from Akokonunes/patch-90
Create global-domains-lfi.yaml
2021-12-18 14:52:35 +05:30
Prince Chaddha 3b067a1aca
Create global-domains-xss.yaml 2021-12-18 14:51:08 +05:30
Prince Chaddha 0f40857119
Update and rename global-domains-lfi.yaml to vulnerabilities/other/global-domains-lfi.yaml 2021-12-18 14:43:28 +05:30
Prince Chaddha 9a4941d995
Merge pull request #3356 from Akokonunes/patch-89
Create groupoffice-lfi.yaml
2021-12-18 14:33:42 +05:30
Prince Chaddha 7b39972bfd
Merge pull request #3367 from gy741/rule-add-v80
Create oliver-library-server-lfi.yaml
2021-12-18 14:33:23 +05:30
Prince Chaddha c6521085b7
Update groupoffice-lfi.yaml 2021-12-18 14:32:09 +05:30
Prince Chaddha 4747277a4e
Update and rename asanhamayesh-cms-lfi.yaml to vulnerabilities/other/asanhamayesh-lfi.yaml 2021-12-18 14:28:39 +05:30
Prince Chaddha 35faabd29f
Update and rename groupoffice-lfi.yaml to vulnerabilities/other/groupoffice-lfi.yaml 2021-12-18 14:26:46 +05:30
Prince Chaddha 8afbfdc8dc
Update and rename oliver-library-server-lfi.yaml to oliver-library-lfi.yaml 2021-12-18 14:23:57 +05:30
GwanYeong Kim 4fdb934da0 Create oliver-library-server-lfi.yaml
An arbitrary file download vulnerability in Oliver v5 Library Server Versions < 8.00.008.053 via the FileServlet function allows for arbitrary file download by an attacker using unsanitized user supplied input.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-12-18 10:55:28 +09:00
sandeep c9ddd7a0ae update: id + reference update 2021-12-14 21:07:46 +05:30
Evan Rubinstein dddb0bbb82
Added CVE-2021-24997 (#3298)
* Added CVE-39226

* Added CVE-39226

* Delete CVE-39226.yaml

* Renamed CVE-39226 to CVE-2021-39226

Fixed naming error

* Added Wp-Guppy-Information-Disclosure template

* Removed File

Found better descriptor

* Added CVE-2021-24997

Added WordPress Guppy Information Disclosure CVE

* Fixed CVE-2021-24997

Fixed YAML formatting

* Fixed Typo

URL Path had an extra double quote

* Auto Generated Templates Stats [Wed Dec  8 23:07:24 UTC 2021] 🤖

* Deleted Blank Space

* Update CVE-2021-24997.yaml

* Update CVE-2021-24997.yaml

* Update CVE-2021-24997.yaml

* Update CVE-2021-24997.yaml

* Added CVE-2021-43496

* Update CVE-2021-43496.yaml

* fix: syntax update

* Added New Vuln

* Update CVE-2021-24997.yaml

* Update CVE-2021-43496.yaml

* Update and rename hd-netowrk-realtime-monitor-system-LFI.yaml to hdnetwork-realtime-lfi.yaml

* fix: lints update

Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
Co-authored-by: GitHub Action <action@github.com>
Co-authored-by: Prince Chaddha <prince@projectdiscovery.io>
2021-12-14 02:22:26 +05:30
Prince Chaddha 0e94557017
Merge pull request #3248 from pikpikcu/patch-307
added thruk-xss
2021-12-09 22:01:56 +05:30
Prince Chaddha f476c5ff5b
Update thruk-xss.yaml 2021-12-09 21:58:15 +05:30
Prince Chaddha d35a55f7b4
Update and rename watchguard-fireware-ad-helper-component-credentials-disclosure.yaml to watchguard-credentials-disclosure.yaml 2021-12-09 21:05:13 +05:30
GwanYeong Kim bde4e1815a Create watchguard-fireware-ad-helper-component-credentials-disclosure.yaml
a credential-disclosure vulnerability in the AD Helper component of the WatchGuard Fireware Threat Detection and Response (TDR) service, which allows unauthenticated attackers to gain Active Directory credentials for a Windows domain in plaintext.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-12-09 16:02:48 +09:00
sandeep 9da0d768a1 fix: syntax + lint 2021-12-03 10:37:42 +05:30
PikPikcU 83f6b2a153
Update thruk-xss.yaml 2021-12-02 19:07:50 +07:00
PikPikcU 435eeca764
Create thruk-xss.yaml 2021-12-02 19:02:40 +07:00
Noam Rathaus 725782050a Add description 2021-11-23 12:09:00 +02:00
Prince Chaddha 1e31e0f76d
Update and rename eibiz-server-3-8-0-lfi.yaml to vulnerabilities/other/eibiz-lfi.yaml 2021-11-18 21:52:30 +05:30
Prince Chaddha 4eb84d7802
Merge pull request #3131 from Akokonunes/patch-70
Create hrsale-unauthenticated-lfi.yaml
2021-11-13 23:46:11 +05:30
Prince Chaddha 9a227941a1
Rename hrsale-unauthenticated-lfi.yaml to vulnerabilities/other/hrsale-unauthenticated-lfi.yaml 2021-11-13 23:37:32 +05:30
sandeep b2aa8f9f5b misc updates 2021-11-13 23:01:53 +05:30
sandeep 35bfff6f61 Added skip-variables-check for SSTI template 2021-11-09 22:16:37 +05:30
sandeep cb74944f43 misc updates 2021-11-08 15:45:54 +05:30
Prince Chaddha c51bbf8715
Merge pull request #3099 from ImNightmaree/master
Create ecshop-sql.yaml
2021-11-08 13:44:54 +05:30
Prince Chaddha 5a6c30c7cf
Update ecshop-sqli.yaml 2021-11-08 13:42:44 +05:30
Prince Chaddha 85741bbcf9
Update and rename ecshop-sql.yaml to ecshop-sqli.yaml 2021-11-08 13:42:13 +05:30
Prince Chaddha 06bb1f444c
Update seowon-router-rce.yaml 2021-11-08 12:49:37 +05:30
Prince Chaddha 7973948360
Update seowon-router-rce.yaml 2021-11-08 12:43:14 +05:30
GwanYeong Kim 6183e248d8 Create seowon-router-rce.yaml
Execute commands without authentication as admin user, To use it in all versions, we only enter the router ip & Port(if available) in the request The result of the request is visible on the browser page

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-11-07 14:50:39 +09:00
ImNightmaree 797d9066a1
More linting 2021-11-07 02:49:07 +00:00
ImNightmaree b77df460dd
Linting 2021-11-07 02:39:21 +00:00
ImNightmaree bbecf3965a
Update ecshop-sql.yaml 2021-11-07 02:36:28 +00:00
ImNightmaree 38135df2a6
Update ecshop-sql.yaml 2021-11-07 02:30:38 +00:00
ImNightmaree f37527101c
Create ecshop-sql.yaml 2021-11-07 02:03:09 +00:00
Prince Chaddha a57cb5081a
Update vanguard-post-xss.yaml 2021-11-05 21:36:53 +05:30
sandeep eef5252cc5 file name update 2021-11-05 06:01:59 +05:30
sandeep 8c3f98c767 fixed invalid template syntax 2021-10-30 16:47:35 +05:30
Noam Rathaus 9848f92894 Add description 2021-10-27 14:06:15 +03:00
Noam Rathaus 14ae8e3f59 Add description 2021-10-27 14:05:11 +03:00
Noam Rathaus 3a02b7c325 Add description 2021-10-27 14:04:00 +03:00
Noam Rathaus f1cf6fd9a7 Add description 2021-10-27 14:03:22 +03:00
Noam Rathaus d5d2ed0a0e Add description 2021-10-27 13:52:34 +03:00
Noam Rathaus c9efc02223 Add description 2021-10-26 15:29:20 +03:00
Noam Rathaus 093a495b5f Add description 2021-10-26 15:28:43 +03:00