Prince Chaddha
615db88ce6
Merge pull request #2004 from daffainfo/patch-49
...
Create wp-custom-tables-xss.yaml
2021-07-15 14:53:41 +05:30
Prince Chaddha
7cecd5aa3e
Update wp-custom-tables-xss.yaml
2021-07-15 14:34:40 +05:30
Prince Chaddha
22ecd2a192
Merge pull request #2016 from DhiyaneshGeek/master
...
Severity Update
2021-07-15 14:14:38 +05:30
Prince Chaddha
887e7bcfab
Update wordpress-updraftplus-pem-key.yaml
2021-07-15 14:13:25 +05:30
Dhiyaneshwaran
69b04c8a98
Update wordpress-updraftplus-pem-key.yaml
2021-07-15 13:51:19 +05:30
GwanYeong Kim
1eb999ce02
Create optiLink-ont1gew-gpon-rce.yaml
...
vulnerabilities in the web-based management interface of OptiLink could allow an authenticated, remote attacker to perform command injection attacks against an affected device.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-07-15 14:57:34 +09:00
Muhammad Daffa
ad3f81bc95
Create wp-custom-tables-xss.yaml
2021-07-15 06:21:50 +07:00
Sandeep Singh
11dc9db49e
Merge pull request #1997 from skar4444/sassy-update
...
Update-sassy-social-share-xss
2021-07-14 20:56:57 +05:30
sandeep
117b0558a9
Update sassy-social-share.yaml
2021-07-14 20:55:05 +05:30
Prince Chaddha
5182b88b54
Merge pull request #1871 from projectdiscovery/huijietong-cloud-fileread
...
Create huijietong-cloud-fileread.yaml
2021-07-14 19:27:43 +05:30
Prince Chaddha
ecd98c6403
Merge pull request #1967 from daffainfo/patch-31
...
Create wp-slideshow-xss.yaml
2021-07-14 19:15:07 +05:30
Prince Chaddha
55ea2242b7
Rename vulnerabilities/wp-slideshow-xss.yaml to vulnerabilities/wordpress/wp-slideshow-xss.yaml
2021-07-14 19:14:06 +05:30
Prince Chaddha
9fb7e17c0d
Merge pull request #1966 from daffainfo/patch-30
...
Create wp-nextgen-xss.yaml
2021-07-14 19:10:26 +05:30
Prince Chaddha
933c1d5f05
Merge pull request #1965 from daffainfo/patch-29
...
Create wp-flagem-xss.yaml
2021-07-14 19:09:34 +05:30
Suman Kar
00f1e65d50
Update-sassy-social-share-xss
2021-07-14 17:01:59 +05:30
sandeep
7e258fcae2
template-fix
2021-07-14 16:07:09 +05:30
Muhammad Daffa
69dd5ae8a0
Adding some path
2021-07-13 18:24:23 +07:00
Muhammad Daffa
6b8a398a76
Create wp-slideshow-xss.yaml
2021-07-13 18:20:25 +07:00
Muhammad Daffa
62cb5ce2bc
Create wp-nextgen-xss.yaml
2021-07-13 18:17:14 +07:00
Muhammad Daffa
c751aca059
Create wp-flagem-xss.yaml
2021-07-13 18:15:43 +07:00
Sandeep Singh
83ee761691
Merge pull request #1957 from projectdiscovery/hasura-graphql-ssrf
...
Create hasura-graphql-ssrf.yaml
2021-07-13 15:58:27 +05:30
sandeep
c8c49c5046
Update hasura-graphql-ssrf.yaml
2021-07-13 15:58:06 +05:30
sandeep
5fe872788f
minor update
2021-07-13 15:57:10 +05:30
Sandeep Singh
e167cf0ab9
Merge pull request #1937 from daffainfo/patch-20
...
Create wp-phpfreechat-xss.yaml
2021-07-13 15:45:53 +05:30
Sandeep Singh
df0e4b7117
Merge pull request #1938 from daffainfo/patch-21
...
Create wp-finder-xss.yaml
2021-07-13 15:42:29 +05:30
Sandeep Singh
67a679860e
Update wp-finder-xss.yaml
2021-07-13 15:41:44 +05:30
Sandeep Singh
500f0b70f8
Merge pull request #1936 from daffainfo/patch-19
...
Create wp-knews-xss.yaml
2021-07-13 15:36:57 +05:30
Sandeep Singh
08f2cfea0b
Merge pull request #1924 from daffainfo/master
...
WordPress Plugin SocialFit - 'msg' Cross-Site Scripting
2021-07-13 15:29:49 +05:30
sandeep
a8be22ad0a
Removed as it requires admin login
2021-07-13 15:28:48 +05:30
Sandeep Singh
5a2d81e578
Merge pull request #1935 from daffainfo/patch-18
...
Create wp-church-admin-xss.yaml
2021-07-13 15:22:31 +05:30
sandeep
06efff9ddd
minor update
2021-07-13 15:21:26 +05:30
Sandeep Singh
cb32c05cfa
Merge pull request #1953 from Akokonunes/patch-17
...
Create wordpress-wordfence-lfi.yaml
2021-07-13 15:00:01 +05:30
sandeep
47a07b533b
moving files around
2021-07-13 14:59:11 +05:30
Sandeep Singh
920255635b
Merge pull request #1876 from pussycat0x/master
...
web-ftp
2021-07-13 01:53:15 +05:30
sandeep
8b8663970f
minor update
2021-07-13 01:44:24 +05:30
sandeep
81f1f8badc
minor update
2021-07-13 01:43:52 +05:30
pussycat0x
a1d3678a70
Add files via upload
2021-07-12 23:24:24 +05:30
Prince Chaddha
4ef8ed8e97
Create hasura-graphql-ssrf.yaml
2021-07-12 20:49:09 +05:30
Muhammad Daffa
0e195c4138
Merge branch 'projectdiscovery:master' into master
2021-07-12 14:58:59 +07:00
pussycat0x
0f46d27b60
Add files via upload
2021-07-11 23:45:02 +05:30
Muhammad Daffa
64bdaee44e
Create wp-finder-xss.yaml
2021-07-11 13:23:51 +07:00
Muhammad Daffa
d3f21f1793
Create wp-phpfreechat-xss.yaml
2021-07-11 13:19:01 +07:00
Muhammad Daffa
e6272bf44c
Create wp-knews-xss.yaml
2021-07-11 13:11:03 +07:00
Muhammad Daffa
8a6e78934c
Create wp-church-admin-xss.yaml
2021-07-11 13:07:34 +07:00
Prince Chaddha
361a641483
Update wp-socialfit-xss.yaml
2021-07-11 10:16:24 +05:30
Prince Chaddha
5366b70077
Merge pull request #1931 from daffainfo/patch-16
...
Create wp-securimage-xss.yaml
2021-07-11 10:08:02 +05:30
Prince Chaddha
b830f86384
Update wp-securimage-xss.yaml
2021-07-11 10:02:30 +05:30
Prince Chaddha
b1f755466b
Update wp-ambience-xss.yaml
2021-07-11 09:57:44 +05:30
Muhammad Daffa
cc165287fd
Create wp-ambience-xss.yaml
2021-07-11 09:16:13 +07:00
Muhammad Daffa
ab85fd5eba
Create wp-securimage-xss.yaml
2021-07-11 09:10:35 +07:00
Muhammad Daffa
d0ec1acc76
Create wp-socialfit-xss.yaml
2021-07-11 07:41:04 +07:00
Muhammad Daffa
05bc6366f3
Rename wp-supsystic-backup-lfi to wp-supsystic-backup-lfi.yaml
2021-07-11 07:24:41 +07:00
Muhammad Daffa
04e5e30051
Update and rename wp-upsystic-backup-lfi to wp-supsystic-backup-lfi
2021-07-11 07:24:27 +07:00
Muhammad Daffa
e26b467c76
Create wp-upsystic-backup-lfi
2021-07-11 07:22:38 +07:00
Sandeep Singh
6a99a183cd
Merge pull request #1920 from projectdiscovery/wordpress-user-enum
...
Added wordpress-user-enum
2021-07-10 21:56:17 +05:30
sandeep
b228b35f83
Added wordpress-user-enum
2021-07-10 21:54:31 +05:30
Prince Chaddha
ba90f28231
Merge pull request #1909 from gy741/rule-add-v17
...
Create icewarp-webclient-rce.yaml
2021-07-10 09:23:50 +05:30
Prince Chaddha
a0d643561f
Update icewarp-webclient-rce.yaml
2021-07-10 09:18:32 +05:30
Sandeep Singh
c36a62a120
Update jira-unauthenticated-installed-gadgets.yaml
2021-07-10 01:28:30 +05:30
Sandeep Singh
3f46e48426
Update jira-unauthenticated-installed-gadgets.yaml
2021-07-10 01:26:45 +05:30
GwanYeong Kim
ef74a354ca
Create icewarp-webclient-rce.yaml
...
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-07-09 13:52:28 +09:00
Philippe Delteil
98c925a413
Create jira-unauthenticated-installed-gadgets.yaml
2021-07-08 16:55:20 -04:00
Prince Chaddha
808712f772
Update clockwatch-enterprise-rce.yaml
2021-07-08 14:20:18 +05:30
Prince Chaddha
6e6d383b6c
Update clockwatch-enterprise-rce.yaml
2021-07-08 14:00:27 +05:30
Prince Chaddha
7695526e13
Update clockwatch-enterprise-rce.yaml
2021-07-08 14:00:01 +05:30
GwanYeong Kim
a722b9fff6
Create clockwatch-enterprise-rce.yaml
...
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-07-08 13:18:31 +09:00
sandeep
edc0f1a775
Update opensns-rce.yaml
2021-07-07 18:30:48 +05:30
sandeep
9588eadaed
minor updates
2021-07-07 18:30:15 +05:30
GwanYeong Kim
c3cbee2794
Create opensns-rce.yaml
...
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-07-07 18:49:36 +09:00
Sandeep Singh
0446fe1996
Merge pull request #1844 from rwincey/maestro-unauth-rce
...
LISTSERV Maestro
2021-07-06 23:55:22 +05:30
sandeep
d8b3cbf750
Update listserv_maestro_rce.yaml
2021-07-06 23:53:38 +05:30
sandeep
b02708055d
Update listserv_maestro_rce.yaml
2021-07-06 23:52:24 +05:30
sandeep
07f3f0d988
Removed extra lines and few updates
2021-07-06 23:44:06 +05:30
Sandeep Singh
f683e0bade
Merge pull request #1837 from gy741/rule-add-v10
...
Create huawei-router-auth-bypass.yaml
2021-07-06 23:33:47 +05:30
sandeep
cc4244d36c
Update huawei-router-auth-bypass.yaml
2021-07-06 23:32:45 +05:30
Sandeep Singh
2373873f30
Merge pull request #1881 from johnjhacking/patch-1
...
Added bypass for 1.9.2
2021-07-06 12:34:07 +05:30
sandeep
fc68a95803
Template Name/ID update as per assigned CVE
2021-07-06 12:07:53 +05:30
sandeep
fd13654972
Merge branch 'patch-1' of https://github.com/johnjhacking/nuclei-templates into pr/1827
2021-07-06 12:04:00 +05:30
sandeep
192201c27c
condition update as per new bypass
2021-07-06 12:03:51 +05:30
John Jackson
a2f283c51b
CVE number was assigned
...
As stated.
2021-07-06 00:32:35 -06:00
John Jackson
9068a38b56
Update reference
...
Currently, the provided reference doesn't exist anymore. However, this tweet posted on May 9th should work as a reference.
2021-07-06 00:27:15 -06:00
John Jackson
601a192703
Added bypass for 1.9.2
...
Another payload was identified, as a bypass in version 1.9.2. This bypass caused the vendor to upgrade to 1.9.3
I have added the bypass and the matcher above. Let me know what you think.
2021-07-05 18:39:25 -06:00
Prince Chaddha
7c06dfaf70
Create huijietong-cloud-fileread.yaml
2021-07-05 21:59:12 +05:30
Prince Chaddha
f55aef6a1b
Merge pull request #1839 from gy741/rule-add-v11
...
Create netgear-router-auth-bypass.yaml
2021-07-05 21:46:00 +05:30
Prince Chaddha
b1e6c71d89
Merge pull request #1857 from Akokonunes/patch-16
...
Create wp-vault-lfi.yaml
2021-07-05 21:08:11 +05:30
Prince Chaddha
ce43643e00
Update and rename wp-vault-lfi.yaml to vulnerabilities/wordpress/wp-vault-lfi.yaml
2021-07-05 21:06:50 +05:30
sandeep
457ce76e34
minor updates
2021-07-04 17:09:45 +05:30
PikPikcU
ecdd86167a
Create lotuscms-rce.yaml
2021-07-04 11:11:19 +00:00
sandeep
d50459eb9b
Added missing matcher
2021-07-04 01:26:41 +05:30
Sandeep Singh
22421fd38e
Merge pull request #1843 from DhiyaneshGeek/master
...
Update AEM CRX bypass , AEM Debug XSS and Java sean debug page, Jetty showcontexts enable , jfrog-unauth-build-exposed Templates Added
2021-07-04 01:23:20 +05:30
sandeep
afcbe4cfe4
minor updates
2021-07-04 01:22:08 +05:30
sandeep
b137eb57d3
More edge cases
...
Only looking for DNS interaction is not reliable as few servers make DNS requests for host included in path or query parameter.
2021-07-04 00:41:57 +05:30
Dhiyaneshwaran
127673455a
Update coldfusion-debug-xss.yaml
2021-07-02 20:55:33 +05:30
Dhiyaneshwaran
e259c3dd2f
Update jfrog-unauth-build-exposed.yaml
2021-07-02 20:53:02 +05:30
Sandeep Singh
52e0c861a1
Merge pull request #1733 from milo2012/master
...
Added CVE-2018-1000130/ CVE-2018-2628/ CVE-2018-2628/ CVE-2019-3401/ CVE-2020-1938/ oracle-bi-default-login/ jolokia-heap-disclosure
2021-07-02 18:27:45 +05:30
sandeep
e2a0f93f79
misc updates
2021-07-02 18:24:31 +05:30
Sandeep Singh
f02befc6f7
Merge pull request #1834 from pussycat0x/master
...
wp-plugin-1-flash-gallery.yaml
2021-07-02 13:56:53 +05:30
sandeep
f983baba38
misc changes
2021-07-02 13:55:32 +05:30
Dhiyaneshwaran
2787fc01b6
Update jfrog-unauth-build-exposed.yaml
2021-07-02 08:25:40 +05:30
Dhiyaneshwaran
2fa4382ef5
Create jfrog-unauth-build-exposed.yaml
2021-07-02 08:23:42 +05:30
b0yd
dad74b4738
LISTSERV Maestro
2021-07-01 12:14:33 -07:00
Dhiyaneshwaran
453b09d3ff
Create coldfusion-debug-xss.yaml
2021-07-01 22:31:01 +05:30
GwanYeong Kim
c0ebf56f85
Create netgear-router-auth-bypass.yaml
...
NETGEAR decided to use to check if a page has “.jpg”, “.gif” or “ess_” substrings, trying to match the entire URL. We can therefore access any page on the device, including those that require authentication, by appending a GET variable with the relevant substring (like “?.gif”).
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-07-01 14:39:10 +09:00
GwanYeong Kim
4d56d47c69
Create huawei-router-auth-bypass.yaml
...
The default password of this router is the last 8 characters of the
device's serial number which exist in the back of the device.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-07-01 09:28:30 +09:00
pussycat0x
89eff74128
Add files via upload
2021-06-30 21:33:39 +05:30
sandeep
5affbf47b3
misc changes
2021-06-30 18:24:34 +05:30
Prince Chaddha
9f6b6aeb89
Update jolokia-heap-info-disclosure.yaml
2021-06-30 15:36:25 +05:30
John Jackson
d2df3303c6
Add Marmoset Viewer XSS Vulnerability
...
Reference:
https://wordpress.org/plugins/marmoset-viewer/#developers
2021-06-30 01:12:12 -06:00
sandeep
d564c257d8
Additional check add
2021-06-29 17:26:42 +05:30
Sandeep Singh
b80df5756a
Merge pull request #1795 from Mad-robot/patch-1
...
Create multiple-theme-ssrf.yaml
2021-06-28 23:58:54 +05:30
sandeep
2a1772d78c
misc changes
2021-06-28 23:58:31 +05:30
Sandeep Singh
039a41e790
Merge pull request #1774 from pikpikcu/patch-185
...
Create huawei-hg659-lfi.yaml
2021-06-28 21:46:51 +05:30
sandeep
24a3fab9d3
Added missing condition
2021-06-26 19:35:52 +05:30
SaN ThosH
59e24ab8a7
Create multiple-theme-ssrf.yaml
2021-06-26 13:38:26 +05:30
Sandeep Singh
e84c784fa2
Merge pull request #1689 from nrathaus/master
...
CVE-2021-28164 and some fixes
2021-06-24 23:58:29 +05:30
PikPikcU
cb18f313fd
Create huawei-hg659-lfi.yaml
2021-06-24 15:41:18 +00:00
Prince Chaddha
37261f7a2f
Update and rename vulnerabilities/jira/jira-unauthenticated-popular-filters.yaml to cves/2019/CVE-2019-3401.yaml
2021-06-24 16:52:04 +05:30
Prince Chaddha
bc7e8a80db
Merge pull request #1336 from projectdiscovery/princechaddha-patch-5
...
Create resin-inputfile-fileread.yaml
2021-06-24 02:32:40 +05:30
Prince Chaddha
ed4c5a415d
Merge pull request #1335 from projectdiscovery/princechaddha-patch-4
...
Create resin-viewfile-lfr.yaml
2021-06-24 02:28:47 +05:30
Prince Chaddha
c45ec90d5f
Update resin-inputfile-fileread.yaml
2021-06-24 02:28:18 +05:30
Prince Chaddha
b2114008ad
Merge pull request #1595 from pikpikcu/patch-173
...
Create jeewms-lfi
2021-06-24 02:24:41 +05:30
Prince Chaddha
89b4fdf8ed
Merge pull request #1757 from pussycat0x/master
...
New template added
2021-06-24 02:02:42 +05:30
Prince Chaddha
c383c120b7
moved to wordpress folder
2021-06-24 01:39:09 +05:30
Prince Chaddha
3e7269f2a4
Rename ALFA_DATA.yaml to alfacgiapi-wordpress.yaml
2021-06-24 01:37:45 +05:30
Prince Chaddha
8c7e69fafd
Update ALFA_DATA.yaml
2021-06-24 01:36:47 +05:30
Prince Chaddha
aeed665ff7
Update ALFA_DATA.yaml
2021-06-24 01:29:50 +05:30
Sandeep Singh
161204c20e
Rename wordpress-123ContactForm.yaml to wp-123contactform-plugin-listing.yaml
2021-06-24 01:13:42 +05:30
sandeep
8f247c03c0
Removed trailing spaces
2021-06-24 01:11:14 +05:30
sandeep
a4e439024e
Added missing condition
2021-06-24 01:10:33 +05:30
pussycat0x
c1f5c60700
Update wordpress-123ContactForm.yaml
2021-06-23 21:31:03 +05:30
pussycat0x
418de400a7
Add files via upload
2021-06-23 21:27:43 +05:30
Keith
5e9847260a
remove trailing spaces
2021-06-23 01:46:57 +08:00
Keith
f48d1d8b35
Add jolokia-heap-info-disclosure.yaml
2021-06-23 01:43:31 +08:00
pussycat0x
1c1186e4da
Add files via upload
2021-06-22 20:39:40 +05:30
Prince Chaddha
1d581af4ec
Update jeewms-lfi.yaml
2021-06-22 18:28:52 +05:30
Sandeep Singh
37bf78a3a9
Merge pull request #1752 from DhiyaneshGeek/master
...
6 New Wordpress Template Added
2021-06-21 18:12:33 +05:30
sandeep
27287e473b
Update wordpress-woocommerce-listing.yaml
2021-06-21 18:11:30 +05:30
sandeep
3844df9fc8
misc changes
2021-06-21 18:09:16 +05:30
Dhiyaneshwaran
9ba613b509
Create wordpress-gtranslate-plugin.yaml
2021-06-21 15:00:25 +05:30
Dhiyaneshwaran
f5ef733bd8
Update wp-gtranslate-open-redirect.yaml
2021-06-21 14:48:53 +05:30
Dhiyaneshwaran
402d5eb9f3
Update wp-gtranslate-open-redirect.yaml
2021-06-21 14:45:43 +05:30
Dhiyaneshwaran
c990105b0d
Update wp-gtranslate-open-redirect.yaml
2021-06-21 14:41:57 +05:30
Dhiyaneshwaran
401a26eefd
Update wp-gtranslate-open-redirect.yaml
2021-06-21 14:39:42 +05:30
Dhiyaneshwaran
d5afd2831f
Create wp-gtranslate-open-redirect.yaml
2021-06-21 14:37:29 +05:30
Emad Youssef
38668c44e7
Update open-redirect.yaml
...
this payload worked for me while i was hunting.
2021-06-21 10:21:44 +02:00
Dhiyaneshwaran
2d91148f39
Create wordpress-bbpress-plugin.yaml
2021-06-21 13:50:11 +05:30
Dhiyaneshwaran
08f9cf9de6
Update wordpress-woocommerce-plugin.yaml
2021-06-21 13:48:15 +05:30
Dhiyaneshwaran
b2bc8d61a1
Create wordpress-woocommerce-plugin.yaml
2021-06-21 13:03:20 +05:30
Dhiyaneshwaran
fbd53598d6
Create wordpress-elementor-plugin.yaml
2021-06-21 12:29:50 +05:30
Sandeep Singh
00a0b17bf5
Merge pull request #1744 from pussycat0x/master
...
Add files via upload
2021-06-21 01:43:48 +05:30
sandeep
788fc31fd3
Adding additional condition
2021-06-21 01:40:01 +05:30
pussycat0x
82e23a03e3
Add files via upload
2021-06-21 00:26:48 +05:30
sandeep
0ec921ef4f
misc changes
2021-06-21 00:09:04 +05:30
Dhiyaneshwaran
5d01e7b235
Create wordpress-updraftplus-pem-key.yaml
2021-06-20 23:03:52 +05:30
Dhiyaneshwaran
42c937d730
Create wpmudev-my-calender-xss.yaml
2021-06-20 22:45:15 +05:30
Dhiyaneshwaran
40dfa6d6fe
Create wpmudev-pub-keys.yaml
2021-06-20 22:38:20 +05:30
Dhiyaneshwaran
dbd72a33e0
Create wordpress-redirection-listing.yaml
2021-06-20 22:26:23 +05:30
sandeep
4160cb168a
misc changes to work with workflows
2021-06-20 16:35:59 +05:30
Noam Rathaus
bb6fa66dd9
Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates
2021-06-20 13:56:54 +03:00
Sandeep Singh
3430bc2efd
Merge pull request #1710 from skar4444/gitlab-user-indormation-disclosed
...
GitLab - User Information Disclosure Via Open API
2021-06-18 13:54:24 +05:30
sandeep
351534bd1a
Added reference
2021-06-18 13:52:48 +05:30
sandeep
d0076b92c7
Added fuzz tags + more strict matcher
2021-06-18 13:50:34 +05:30
Prince Chaddha
62fb7fd0b9
Rename gitlab-user-information-disclosure-via-open-api.yaml to gitlab-user-open-api.yaml
2021-06-17 22:03:32 +05:30
Noam Rathaus
01b77a7ed2
Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates
2021-06-17 16:54:18 +03:00
Prince Chaddha
b50032d692
Update gitlab-user-information-disclosure-via-open-api.yaml
2021-06-17 13:31:19 +05:30
PikPikcU
9f8cae8ab5
Update tamronos-rce.yaml
2021-06-17 01:34:49 +00:00
PikPikcU
90bdede7dd
Create tamronos-rce.yaml
2021-06-17 01:31:59 +00:00
Suman Kar
bd7b099e97
GitLab - User Information Disclosure Via Open API
2021-06-16 21:39:35 +05:30
Sandeep Singh
bb4cdb5e3d
Merge pull request #1696 from skar4444/skar4444
...
GitLab User Enumeration
2021-06-16 01:25:55 +05:30
sandeep
564a0ea6ae
minor changes
2021-06-16 01:23:59 +05:30
sandeep
e103e7b0ff
Update confluence-ssrf-sharelinks.yaml
2021-06-14 23:13:30 +05:30
Noam Rathaus
a91ee941ff
Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates
2021-06-14 14:59:58 +03:00
sandeep
26da2936eb
misc updates
2021-06-14 16:13:38 +05:30
Techbrunch
c164158aff
Add Confluence SSRF in sharelinks
2021-06-14 11:10:56 +02:00
Suman Kar
13617d98cf
GitLab User Enumeration
2021-06-14 14:20:55 +05:30
Prince Chaddha
fecae7747e
Merge pull request #1691 from DhiyaneshGeek/master
...
2 new template
2021-06-13 20:57:19 +05:30
Prince Chaddha
1e77410799
Update wpdm-cache-session.yaml
2021-06-13 20:56:28 +05:30
Dhiyaneshwaran
dab25e2df3
Create wpdm-cache-session.yaml
2021-06-13 17:43:24 +05:30
sandeep
cb342f8564
misc changes
2021-06-13 17:28:10 +05:30
Noam Rathaus
3369c5a4dd
Reference
2021-06-13 11:55:20 +03:00
Noam Rathaus
b5bdac494b
Merge branch 'master' of https://github.com/nrathaus/nuclei-templates
2021-06-13 09:54:52 +03:00
Noam Rathaus
feb42e49b0
Reduce chances of FP
2021-06-13 09:53:47 +03:00
Noam Rathaus
513596d2e0
Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates
2021-06-13 09:05:57 +03:00
Suman Kar
641e0c0672
Wordpress DB Backup
2021-06-12 20:13:29 +05:30
sandeep
962959f573
Removed invalid payload
2021-06-11 22:20:01 +05:30
Prince Chaddha
98e49295b6
Merge pull request #1672 from DhiyaneshGeek/master
...
CKAN DOM Based XSS , php-zerodium-backdoor-rce
2021-06-11 14:16:18 +05:30
Dhiyaneshwaran
771e55eca6
Create php-zerodium-backdoor-rce.yaml
2021-06-10 22:01:26 +05:30
sandeep
69ded42e3a
Template rename / update
2021-06-10 21:57:07 +05:30
sandeep
181647cb77
Added binary matcher + max-size
2021-06-10 21:39:40 +05:30
Dhiyaneshwaran
fd70f535dd
Update ckan-dom-based-xss.yaml
2021-06-10 17:27:21 +05:30
Sandeep Singh
a4897080b2
Merge pull request #1668 from pikpikcu/patch-181
...
Create php-timeclock-xss
2021-06-10 14:57:05 +05:30
sandeep
b43c8f2c93
misc update
2021-06-10 14:53:31 +05:30
sandeep
083d32c05f
More validation
2021-06-10 14:37:26 +05:30
sandeep
0ebeff27a6
misc changes
2021-06-10 14:25:20 +05:30
Dhiyaneshwaran
5b2ec54d34
Create ckan-dom-based-xss.yaml
2021-06-10 13:37:33 +05:30
PikPikcU
a4e714718f
Create php-timeclock-xss.yaml
2021-06-10 07:29:19 +00:00
PikPikcU
c80690c829
Create mpsec-isg1000-lfi.yaml
2021-06-10 07:11:07 +00:00
Noam Rathaus
885aeadaa7
Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates
2021-06-09 16:07:06 +03:00
Prince Chaddha
83ce809e8d
Updated author names
2021-06-09 17:50:56 +05:30
sandeep
23cb4c4d9f
moving files around
2021-06-09 14:37:40 +05:30
Noam Rathaus
46e4d47d92
Another reference
2021-06-09 09:43:04 +03:00
Noam Rathaus
27db48cb53
Another vector
2021-06-09 09:42:41 +03:00
Noam Rathaus
d39bb43848
Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates
2021-06-09 09:07:57 +03:00
Noam Rathaus
1e0a542b21
New test
2021-06-09 09:07:03 +03:00
sandeep
c273587fa9
Adding more conditions
2021-06-09 01:34:02 +05:30
Noam Rathaus
8b0c5eaee3
Spelling
2021-06-06 10:35:09 +03:00
Sandeep Singh
29e706d101
Merge pull request #1622 from pikpikcu/patch-177
...
Create interlib-fileread
2021-06-04 21:37:23 +05:30
sandeep
5d63b1bb05
Fixing the condition
2021-06-04 21:33:01 +05:30
sandeep
1f6334671c
escape fix
2021-06-04 21:26:59 +05:30
sandeep
1fab4f8dbf
Duplicate with - wordpress-directory-listing
2021-06-04 21:14:20 +05:30
sandeep
1557b782e9
Added WordPress Popup Plugin listing
2021-06-04 20:57:01 +05:30
sandeep
76bd8824a5
Added WordPress Mailchimp 4 Debug Log Exposure
2021-06-04 20:36:33 +05:30
PikPikcU
bc9a760d29
Create interlib-fileread.yaml
2021-06-04 02:54:55 +00:00
sandeep
0f0ff2ee1e
moving files around
2021-06-03 21:54:08 +05:30
Prince Chaddha
3202a0dd65
Merge pull request #1606 from nrathaus/master
...
Description / Spelling
2021-06-02 13:10:50 +05:30
sandeep
2fe2c88872
Moving files around
2021-06-02 12:22:24 +05:30
Noam Rathaus
2d52259f70
Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates
2021-06-02 09:09:05 +03:00
sandeep
a5ccb5f893
strict matcher
2021-06-01 16:08:41 +05:30
PikPikcU
7f5dfedf55
Create jeewms-lfi.yaml
2021-06-01 09:08:45 +00:00
Sandeep Singh
2685f492ed
Merge pull request #1580 from pikpikcu/patch-167
...
Create ns-asg-file-read
2021-06-01 14:10:09 +05:30
sandeep
d5b9e4c7b6
Update ns-asg-file-read.yaml
2021-06-01 14:09:01 +05:30
Sandeep Singh
fdd2103fa1
Merge pull request #1576 from Udyz/patch-1
...
Create wp-statistics-blindsql.yaml
2021-06-01 11:36:42 +05:30
sandeep
bad1f52fd2
Added additional path
2021-05-31 20:05:39 +05:30
fanpan
5dd09fe02d
spring 2x path
2021-05-31 19:28:31 +05:30
sandeep
8d3f2e3604
misc changes
2021-05-31 17:29:52 +05:30
Prince Chaddha
31341b547e
Update blue-ocean-excellence-lfi.yaml
2021-05-31 15:44:21 +05:30
PikPikcU
f944191e7a
Create blue-ocean-excellence-lfi.yaml
2021-05-31 09:29:51 +00:00
PikPikcU
65c73dbe34
Create hiboss-rce.yaml
2021-05-31 09:08:16 +00:00
Sandeep Singh
1c559f1ba3
Merge pull request #1567 from pikpikcu/patch-165
...
hjtcloud poc
2021-05-31 14:27:17 +05:30
PikPikcU
e56a64402c
Create ns-asg-file-read.yaml
2021-05-31 08:56:01 +00:00
sandeep
4edb345286
Merge branch 'patch-165' of https://github.com/pikpikcu/nuclei-templates into pr/1567
2021-05-31 14:20:30 +05:30
sandeep
2ad903dcf1
misc changes
2021-05-31 14:19:23 +05:30
sandeep
5fed1d3432
Improved matcher
2021-05-31 13:31:13 +05:30
lulz
2b1a39cbab
Update wp-statistics-blindsql.yaml
2021-05-31 14:39:15 +07:00
lulz
e89760c89c
Create wp-statistics-blindsql.yaml
2021-05-31 14:23:44 +07:00
sandeep
1f5c65d4c0
Added Wordpress Exposed DB Repair
2021-05-31 11:35:30 +05:30
PikPikcU
76886054ce
Create h3c-imc-rce.yaml
2021-05-31 05:53:21 +00:00
PikPikcU
5f4923ddce
Create hjtcloud-arbitrary-file-read.yaml
2021-05-31 05:38:23 +00:00
Noam Rathaus
81d1180769
Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates
2021-05-30 09:09:37 +03:00
Prince Chaddha
aaae0a8214
Merge pull request #1540 from projectdiscovery/wp-lfi
...
Adding Wordpress Plugin LFI Templates
2021-05-28 17:03:27 +05:30
Prince Chaddha
b54a107deb
Delete wp-supsystic-backup-lfi.yaml
2021-05-28 17:01:06 +05:30
Prince Chaddha
b53a99109a
Delete wp-loco-translate-lfi.yaml
2021-05-28 17:00:56 +05:30
Sandeep Singh
585c649740
Merge pull request #1547 from pikpikcu/patch-162
...
Create natshell-rce.yaml
2021-05-28 11:13:33 +05:30
sandeep
1644eb793a
misc changes
2021-05-28 11:12:36 +05:30
sandeep
2348650a50
misc changes
2021-05-28 08:41:58 +05:30
sandeep
4358f69b52
misc changes
2021-05-28 02:43:04 +05:30
PikPikcU
b94ba82591
Update natshell-rce.yaml
2021-05-28 02:49:17 +07:00
PikPikcU
f1726d3a1f
Create natshell-rce.yaml
2021-05-27 14:59:33 +00:00
sandeep
ca83581cd2
misc updates
2021-05-27 08:58:03 +05:30
sandeep
9c1e801ade
Adding Wordpress Plugin LFI Templates
2021-05-27 08:45:53 +05:30
Noam Rathaus
b32eac85b1
Give description
2021-05-25 14:35:41 +03:00
sandeep
8676d8c23c
Added Maian Cart 3.8 preauth RCE template
2021-05-25 05:08:52 +05:30
TheConciergeDev
e1de4803f0
updated template tags
...
The given "moodle" tag can not be found in the referenced PDFs and it definitely is an oracle vulnerability. I guess a legacy issue
2021-05-21 15:36:55 +02:00
sandeep
d7d86bbd95
More strict matcher
2021-05-20 23:15:01 +05:30
sandeep
e66ce65285
Adding Fanruan related templates
2021-05-20 22:56:55 +05:30
sandeep
2906b2a3fb
Improved matcher and paths
2021-05-20 19:58:57 +05:30
sandeep
3fc65caf62
misc changes
2021-05-19 05:52:07 +05:30
Prince Chaddha
3bd6843159
Revert "Merge branch 'magento-stuff' of https://github.com/Techbrunch/nuclei-templates into pr/1494"
...
This reverts commit 4279c8e4bc
, reversing
changes made to a6059be7ce
.
2021-05-18 22:30:15 +05:30
Techbrunch
2658aa1c03
Add reference to magento-2-exposed-api
2021-05-18 17:25:33 +02:00
Techbrunch
776776621a
Added a few Magento related templates
2021-05-18 15:53:10 +02:00
sandeep
f0879103d4
Improved matcher
2021-05-17 22:39:05 +05:30
sandeep
08ee1ad5ee
matcher update
2021-05-17 19:49:24 +05:30
PikPikcU
08001381c4
Create natshell-path-traversal.yaml
2021-05-17 08:14:20 +00:00
PikPikcU
04e1fb0ef8
Create flir-path-traversal.yaml
2021-05-16 04:54:40 +00:00
Prince Chaddha
21c1dc2c70
Merge pull request #1337 from projectdiscovery/princechaddha-patch-7
...
Create resin-cnnvd-200705-315.yaml
2021-05-16 02:33:31 +05:30
sandeep
fc66a9e076
Removing duplicate template
2021-05-11 23:48:36 +05:30
sandeep
7cd00b6145
Removing invalid paths
2021-05-11 02:15:17 +05:30
Sandeep Singh
c2aad94548
Merge pull request #1458 from geeknik/patch-91
...
Update top-xss-params.yaml
2021-05-11 00:29:39 +05:30
sandeep
7019946599
Improved matcher
2021-05-11 00:29:01 +05:30
Geeknik Labs
37ac4c0924
Update top-xss-params.yaml
...
Fix more false positives.
2021-05-10 18:39:09 +00:00
Geeknik Labs
dea16d4ebd
Update top-xss-params.yaml
...
Fixes an edge case false positive on AkamaiGhost servers
2021-05-10 18:20:48 +00:00
Prince Chaddha
b4b30c95ee
Update oa-v9-uploads-file.yaml
2021-05-10 13:23:08 +05:30
Noam Rathaus
8766b537dd
Add reference
2021-05-10 09:52:26 +03:00
Noam Rathaus
fa7567f68e
Its not really a regex
2021-05-10 09:35:36 +03:00
Noam Rathaus
4c201aa1dd
It is not just a file upload
2021-05-10 09:35:10 +03:00
Noam Rathaus
1e364a6cdb
Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates
2021-05-10 09:27:13 +03:00
Sandeep Singh
7fde950173
Merge pull request #1327 from projectdiscovery/showdoc-file-upload
...
Adding Showdoc < 2.8.6 File Upload RCE
2021-05-10 01:36:45 +05:30
sandeep
1f8ff83353
tags update
2021-05-10 01:34:11 +05:30
sandeep
ccfb5ca4c4
regex update
2021-05-10 01:33:27 +05:30
Noam Rathaus
18dff7387c
Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates
2021-05-09 08:32:05 +03:00
Sandeep Singh
bd9997113e
Merge pull request #1430 from geeknik/patch-90
...
Update open-redirect.yaml
2021-05-07 16:18:32 +05:30
Sandeep Singh
311d517c05
Merge pull request #1421 from geeknik/patch-85
...
Update top-xss-params.yaml
2021-05-07 15:23:09 +05:30
sandeep
871a4107b5
Added complete payload and matcher
2021-05-07 15:21:59 +05:30
sandeep
d950f72ff9
minor update
2021-05-07 14:56:40 +05:30
sandeep
0159c284e7
minor update
2021-05-07 14:53:34 +05:30
sandeep
8b9ec9d5fe
Minor updates
2021-05-07 14:48:53 +05:30
Geeknik Labs
2f41002213
Update open-redirect.yaml
2021-05-06 22:38:09 +00:00
Geeknik Labs
565404910b
Update top-xss-params.yaml
2021-05-06 12:55:40 +00:00
Noam Rathaus
253ede65c1
Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates
2021-05-06 15:16:27 +03:00
Dhiyaneshwaran
f5524e2b78
Update oracle-ebs-xss.yaml
2021-05-06 00:21:46 +05:30
Dhiyaneshwaran
b7d47eb01a
Create oracle-ebs-xss.yaml
2021-05-06 00:05:07 +05:30
Dhiyaneshwaran
8274939810
Create kafdrop-xss.yaml
2021-05-05 23:51:53 +05:30
Dhiyaneshwaran
9944ef191f
Create joomla-lfi-com_fabrik.yaml
2021-05-05 23:48:57 +05:30
Prince Chaddha
e87baf2967
Merge pull request #1346 from projectdiscovery/princechaddha-patch-11
...
Create wuzhicms-sqli.yaml
2021-05-05 23:30:36 +05:30
Prince Chaddha
ae45a6b386
Merge pull request #1344 from projectdiscovery/princechaddha-patch-9
...
Create ueditor-file-upload.yaml
2021-05-05 23:29:11 +05:30
Noam Rathaus
d5949e74d8
Add references
2021-05-05 17:32:21 +03:00
Noam Rathaus
e68777d20a
Alternative reference
2021-05-05 17:08:11 +03:00
Noam Rathaus
7f90af4d32
Reference is dead
2021-05-05 17:07:52 +03:00
Noam Rathaus
07c2e79fb9
Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates
2021-05-05 17:04:59 +03:00
Sandeep Singh
0520ad05d3
Merge pull request #1351 from projectdiscovery/princechaddha-patch-16
...
Create ecology-filedownload-directory-traversal.yaml
2021-05-05 17:56:59 +05:30
Sandeep Singh
d1f62765f9
Merge pull request #1409 from DhiyaneshGeek/master
...
Gogs install exposure,Gloo UI Unauthentication
2021-05-05 17:54:37 +05:30
sandeep
ae13e5e44e
minor updates
2021-05-05 17:53:34 +05:30
sandeep
b10918510c
Adding strict matcher
2021-05-05 17:39:31 +05:30
Noam Rathaus
a094b38f83
Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates
2021-05-05 08:46:32 +03:00
Sandeep Singh
127ac5e37c
Merge pull request #962 from pikpikcu/patch-89
...
add hashicorp-consul-rce
2021-05-05 00:02:57 +05:30
Noam Rathaus
c95dc69495
References
2021-05-04 15:15:10 +03:00
Noam Rathaus
39290e574f
Fix description
2021-05-04 15:14:40 +03:00
sandeep
819e201ebd
Update concrete-xss.yaml
2021-05-04 13:36:54 +05:30
sandeep
052f1b3b7b
Adding concrete-xss
2021-05-04 13:36:16 +05:30
Dhiyaneshwaran
585b651592
Update gloo-unauth.yaml
2021-05-03 18:23:30 +05:30
Dhiyaneshwaran
a1fc27ca75
Create gloo-unauth.yaml
2021-05-03 18:14:44 +05:30
sandeep
acf5d41ef9
Minor update
2021-05-02 17:51:44 +05:30
Sandeep Singh
4f9a142c6b
Merge pull request #1398 from pikpikcu/patch-154
...
Create landray-oa-fileread
2021-05-02 13:59:50 +05:30
sandeep
f9559b1e21
Update landray-oa-fileread.yaml
2021-05-02 13:58:47 +05:30
sandeep
a6df4754d4
Update landray-oa-fileread.yaml
2021-05-02 13:57:33 +05:30
Noam Rathaus
41f47a4fef
Expose references
2021-05-02 09:19:55 +03:00
Noam Rathaus
d8bd0d2744
This is a better name for the test
2021-05-02 09:07:50 +03:00
PikPikcU
c5bdf6cbca
Create landray-oa-fileread.yaml
2021-05-02 04:42:37 +00:00
sandeep
cc9d4eddf1
Update rce-via-java-deserialization.yaml
2021-05-01 17:22:03 +05:30
Noam Rathaus
9d66fd0ae1
Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates
2021-04-29 12:03:56 +03:00
sandeep
020c9a959c
Additional payload
2021-04-29 13:38:39 +05:30
Noam Rathaus
f898e4b539
Correct product name
2021-04-29 09:20:58 +03:00
Noam Rathaus
574135de9a
Expose reference
2021-04-29 09:12:56 +03:00
Noam Rathaus
25a38d34ec
Missing 's'
2021-04-29 09:11:35 +03:00
Noam Rathaus
a7de9915c7
Removed self-reference
2021-04-29 08:58:02 +03:00
Noam Rathaus
91b6b1b175
Make references visible
2021-04-29 08:57:39 +03:00
Noam Rathaus
2860cdfb4a
Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates
2021-04-29 08:38:11 +03:00
sandeep
2920fa9bfb
matcher and payload update
2021-04-28 19:44:28 +05:30
Prince Chaddha
a55db7af44
Merge pull request #1332 from projectdiscovery/princechaddha-patch-2
...
Create WooYun-2015-148227.yaml
2021-04-28 18:51:07 +05:30
Noam Rathaus
ecb436df3e
Those aren't really regexes
2021-04-28 15:07:39 +03:00
Noam Rathaus
ad9314acdc
Provide references to the problem (in eclipse site) and how it was fixed (and Jenkins upstream bugs related to this)
2021-04-28 14:17:47 +03:00
Noam Rathaus
9ece07bf9a
Provide reference
2021-04-28 14:00:15 +03:00
Noam Rathaus
e32c1bd4c1
Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates
2021-04-28 13:29:39 +03:00
Prince Chaddha
8d9d46e00a
Merge pull request #1362 from underfl0w/chamilo-lms-sqli
...
Chamilo 1.11.14 LMS sql injection
2021-04-28 15:55:14 +05:30
Prince Chaddha
722e305878
Update chamilo-lms-sqli.yaml
2021-04-28 15:48:34 +05:30
sandeep
5f5430a7a4
Payload and matcher fix
2021-04-28 14:42:10 +05:30
sullo
be24a83a98
Simplify regex
2021-04-27 10:42:41 -04:00
sullo
1824c1df92
More flexible matching to prevent false-negatives
2021-04-27 10:38:57 -04:00
Noam Rathaus
3bdb2fdbd4
Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates
2021-04-27 14:02:16 +03:00
Noam Rathaus
f55bb45e75
Give some description
2021-04-27 14:02:08 +03:00
sandeep
3adf607b6f
Matcher for DNS interaction
2021-04-27 16:24:39 +05:30
Prince Chaddha
eaf70d16ab
Merge pull request #1350 from projectdiscovery/princechaddha-patch-15
...
Create zcms-v3-sqli.yaml
2021-04-27 16:09:32 +05:30
Prince Chaddha
427f99b0c1
Update wordpress-rce-simplefilelist.yaml
2021-04-27 15:25:28 +05:30
Noam Rathaus
1aca402bf6
Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates
2021-04-27 09:42:50 +03:00
Noam Rathaus
4cc6b3bdb0
Reduce FP due to not actually execution of the PHP but rather it being returned as is (the content)
2021-04-27 09:42:41 +03:00
Prince Chaddha
d705648dc4
Merge pull request #1343 from projectdiscovery/princechaddha-patch-8
...
Create spark-webui-unauth.yaml
2021-04-26 21:58:53 +05:30
Prince Chaddha
3079fce648
Update spark-webui-unauth.yaml
2021-04-26 21:57:46 +05:30
Prince Chaddha
f726562445
Update spark-webui-unauth.yaml
2021-04-26 21:56:13 +05:30
Prince Chaddha
487e2300e1
Merge pull request #1331 from projectdiscovery/princechaddha-patch-1
...
Create unauth-spark-api.yaml
2021-04-26 21:52:22 +05:30
Prince Chaddha
5fcba18d1e
Merge pull request #1349 from projectdiscovery/princechaddha-patch-14
...
Create xunchi-file-read.yaml
2021-04-26 21:06:27 +05:30