ceca4a66eb
Enhancement: vulnerabilities/other/clockwatch-enterprise-rce.yaml by mp
2022-05-27 14:24:57 -04:00
c7879a024a
Enhancement: vulnerabilities/other/clockwatch-enterprise-rce.yaml by mp
2022-05-27 14:24:10 -04:00
a39ff66bc7
Merge branch 'projectdiscovery:master' into dashboard
2022-05-27 09:47:03 -04:00
6a8f9f6ec6
Enhancement: vulnerabilities/other/WSO2-2019-0598.yaml by mp
2022-05-26 15:59:23 -04:00
a81f40cb74
Create digitalrebar-traversal.yaml
2022-05-24 12:18:27 +05:30
fe0bf001b7
Merge pull request #4471 from projectdiscovery/princechaddha-patch-2
...
Update and rename vulnerabilities/other/sangfor-edr-rce.yaml to vulne…
2022-05-23 23:58:57 +05:30
50a9ef0f89
Update cisco-rv-series-rce.yaml
2022-05-23 17:26:06 +05:30
fa903d06d3
Merge pull request #4368 from ritikchaddha/patch-52
...
Create sangfor-ba-rce.yaml
2022-05-23 16:29:32 +05:30
430cc1ea03
Update sangfor-ba-rce.yaml
2022-05-23 16:27:59 +05:30
5ad7e37a87
Update and rename vulnerabilities/other/sangfor-edr-auth-bypass.yaml to vulnerabilities/sangfor/sangfor-edr-auth-bypass.yaml
2022-05-23 16:27:31 +05:30
b8d2df57ba
Update and rename vulnerabilities/other/sangfor-edr-rce.yaml to vulnerabilities/sangfor/sangfor-edr-rce.yaml
2022-05-23 16:25:10 +05:30
d2333f8c0c
Update ecshop-sqli.yaml
2022-05-23 16:13:10 +05:30
40116f7ee3
Create cisco-rv-series-rce.yaml
...
Multiple vulnerabilities exist in the web-based management interface of Cisco Small Business RV Series Routers. A remote
attacker could execute arbitrary commands or bypass authentication and upload files on an affected device. For more infor
mation about these vulnerabilities, see the Details section of this advisory.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2022-05-22 00:15:55 +09:00
30d4f20b7e
Update ecshop-sqli.yaml
2022-05-19 00:51:53 +05:30
6c76c6f99c
Update ecshop-sqli.yaml
2022-05-18 15:06:50 +05:30
14664c1e01
Update ecshop-sqli.yaml
2022-05-18 14:53:08 +05:30
d8fdb31b1b
Update ecshop-sqli.yaml
2022-05-18 14:50:12 +05:30
83cc50ce3e
Dashboard Content Enhancements ( #4411 )
...
* standardizing enhanced by tag
* Fix spacing. Add classification->cve
* Enhancement: cves/2021/CVE-2021-20158.yaml by mp
* Enhancement: cves/2021/CVE-2021-20167.yaml by mp
* Typo
* Enhancement: cves/2021/CVE-2021-20837.yaml by mp
* Enhancement: cves/2021/CVE-2021-21307.yaml by mp
* Enhancement: cves/2021/CVE-2021-21479.yaml by mp
* Enhancement: cves/2021/CVE-2021-21881.yaml by mp
* Enhancement: cves/2021/CVE-2021-21972.yaml by mp
* Enhancement: cves/2021/CVE-2021-21978.yaml by mp
* Enhancement: cves/2021/CVE-2021-22005.yaml by mp
* Enhancement: cves/2021/CVE-2021-22205.yaml by mp
* Enhancement: cves/2021/CVE-2021-22986.yaml by mp
* Enhancement: cves/2021/CVE-2021-24285.yaml by mp
* Enhancement: cves/2021/CVE-2021-24472.yaml by mp
* Enhancement: cves/2021/CVE-2021-20090.yaml by mp
* Enhancement: cves/2021/CVE-2021-20167.yaml by mp
* Enhancement: cves/2021/CVE-2021-21307.yaml by mp
* Enhancement: cves/2021/CVE-2021-21978.yaml by mp
* Enhancement: cves/2021/CVE-2021-21985.yaml by mp
* Enhancement: cves/2021/CVE-2021-21972.yaml by mp
* Enhancement: cves/2021/CVE-2021-22205.yaml by mp
* Enhancement: cves/2021/CVE-2021-22986.yaml by mp
* Enhancement: cves/2021/CVE-2021-24285.yaml by mp
* Restore empty lines
* Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs
* Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs
* Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs
* Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs
* Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs
* Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs
* Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs
* Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs
* Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs
* Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs
* Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs
* Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs
* Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs
* Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs
* Enhancement: undefined by cs
* Enhancement: undefined by cs
* Enhancement: undefined by cs
* Enhancement: undefined by cs
* Enhancement: undefined by cs
* Enhancement: undefined by cs
* Enhancement: undefined by cs
* Remove unnecessary file
* Restore content after bad dashboard edit
* Enhancement: undefined by cs
* Spacing issues
* Enhancement: undefined by cs
* Enhancement: undefined by cs
* Enhancement: undefined by cs
* Enhancement: undefined by cs
* Enhancement: undefined by cs
* Enhancement: undefined by cs
* Enhancement: undefined by cs
* Enhancement: undefined by cs
* Enhancement: undefined by cs
* Enhancement: undefined by cs
* Enhancement: undefined by cs
* Enhancement: undefined by cs
* Enhancement: undefined by cs
* Enhancement: undefined by cs
* Enhancement: undefined by cs
* Enhancement: undefined by cs
* Enhancement: undefined by cs
* Enhancement: undefined by cs
* Enhancement: undefined by cs
* Enhancement: undefined by cs
* Enhancement: undefined by cs
* Enhancement: undefined by cs
* Enhancement: undefined by cs
* Enhancement: undefined by cs
* Enhancement: undefined by cs
* Enhancement: undefined by cs
* Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs
* Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs
* Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs
* Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs
* Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs
* Delete null file created by dashboard
* Remove improper Enhanced tag
* Spacing issues
* Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs
* Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs
* Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs
* Remove test dashboard commits
* Enhancement: cves/2014/CVE-2014-9618.yaml by mp
* Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs
* Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs
* Not really enhanced
* Add classification->cve-id
* Restore content from dashboard mess up
* Enhancement: cves/2014/CVE-2014-9618.yaml by mp
* Enhancement: cves/2014/CVE-2014-9618.yaml by mp
* Restore newlines
* Enhancement: cves/2007/CVE-2007-4556.yaml by mp
* Enhancement: cves/2007/CVE-2007-4556.yaml by mp
* Enhancement: cves/2014/CVE-2014-9618.yaml by mp
* Enhancement: cves/2015/CVE-2015-1427.yaml by mp
* Enhancement: cves/2015/CVE-2015-3224.yaml by mp
* Enhancement: cves/2015/CVE-2015-7450.yaml by mp
* Enhancement: cves/2016/CVE-2016-10134.yaml by mp
* Enhancement: cves/2016/CVE-2016-1555.yaml by mp
* Enhancement: cves/2016/CVE-2016-2004.yaml by mp
* Enhancement: cves/2016/CVE-2016-5649.yaml by mp
* Enhancement: cves/2016/CVE-2016-7552.yaml by mp
* Enhancement: cves/2017/CVE-2017-1000486.yaml by mp
* Enhancement: cves/2017/CVE-2017-11444.yaml by mp
* Spacing issues
* Added better reference
* Enhancement: cves/2017/CVE-2017-12149.yaml by mp
* Enhancement: cves/2017/CVE-2017-12542.yaml by mp
* Enhancement: cves/2017/CVE-2017-12611.yaml by mp
* Enhancement: cves/2017/CVE-2017-12635.yaml by mp
* Enhancement: cves/2017/CVE-2017-14135.yaml by mp
* Enhancement: cves/2017/CVE-2017-3881.yaml by mp
* Enhancement: cves/2017/CVE-2017-7269.yaml by mp
* Enhancement: cves/2017/CVE-2017-8917.yaml by mp
* Enhancement: cves/2017/CVE-2017-9791.yaml by mp
* Enhancement: cves/2015/CVE-2015-1427.yaml by mp
* Enhancement: cves/2017/CVE-2017-12149.yaml by mp
* Enhancement: cves/2017/CVE-2017-12542.yaml by mp
* Enhancement: cves/2017/CVE-2017-8917.yaml by mp
* Spacing and other minor issues
* Update CVE-2015-1427.yaml
* Update CVE-2017-12149.yaml
* Update CVE-2017-12542.yaml
* Update CVE-2017-12635.yaml
* Update CVE-2017-14135.yaml
* Update CVE-2017-3881.yaml
* Update CVE-2017-7269.yaml
* Update CVE-2017-8917.yaml
* Update CVE-2017-9791.yaml
* Enhancement: cnvd/2019/CNVD-2019-19299.yaml by mp
* Enhancement: cnvd/2019/CNVD-2019-32204.yaml by mp
* Enhancement: cnvd/2020/CNVD-2020-68596.yaml by mp
* Enhancement: cnvd/2021/CNVD-2021-09650.yaml by mp
* Enhancement: cnvd/2021/CNVD-2021-26422.yaml by mp
* Enhancement: cnvd/2022/CNVD-2022-03672.yaml by mp
* Enhancement: cves/2017/CVE-2017-9841.yaml by mp
* Enhancement: cves/2018/CVE-2018-0127.yaml by mp
* Enhancement: cves/2018/CVE-2018-1000226.yaml by mp
* Enhancement: cves/2018/CVE-2018-1000861.yaml by mp
* Enhancement: cves/2018/CVE-2018-10562.yaml by mp
* Enhancement: cves/2018/CVE-2018-12031.yaml by mp
* Enhancement: cves/2018/CVE-2018-1207.yaml by mp
* Enhancement: cves/2018/CVE-2018-12634.yaml by mp
* Enhancement: cves/2018/CVE-2018-1273.yaml by mp
* Enhancement: cves/2018/CVE-2018-16763.yaml by mp
* Enhancement: cves/2018/CVE-2018-16167.yaml by mp
* Enhancement: cves/2018/CVE-2018-14916.yaml by mp
* Enhancement: cves/2018/CVE-2018-14064.yaml by mp
* Enhancement: cves/2018/CVE-2018-13379.yaml by mp
* Enhancement: cves/2017/CVE-2017-9841.yaml by mp
* Enhancement: cves/2018/CVE-2018-1000861.yaml by mp
* Enhancement: cves/2018/CVE-2018-10562.yaml by mp
* Enhancement: cves/2018/CVE-2018-12031.yaml by mp
* Enhancement: cves/2018/CVE-2018-1207.yaml by mp
* Enhancement: cves/2018/CVE-2018-12634.yaml by mp
* Enhancement: cves/2018/CVE-2018-13379.yaml by mp
* Enhancement: cves/2018/CVE-2018-14916.yaml by mp
* Enhancement: cves/2018/CVE-2018-16167.yaml by mp
* Enhancement: cves/2018/CVE-2018-16763.yaml by mp
* Cleanup and spacing
* Remove blank cve-id lines
* Enhancement: cves/2018/CVE-2018-16836.yaml by mp
* Enhancement: cves/2018/CVE-2018-17246.yaml by mp
* Enhancement: cves/2018/CVE-2018-17431.yaml by mp
* Enhancement: cves/2018/CVE-2018-18925.yaml by mp
* Enhancement: cves/2018/CVE-2018-20985.yaml by mp
* Enhancement: cves/2018/CVE-2018-2894.yaml by mp
* Enhancement: cves/2018/CVE-2018-3810.yaml by mp
* Enhancement: cves/2018/CVE-2018-7600.yaml by mp
* Enhancement: cves/2018/CVE-2018-7600.yaml by mp
* Enhancement: cves/2018/CVE-2018-7602.yaml by mp
* Enhancement: cves/2018/CVE-2018-9161.yaml by mp
* Enhancement: cves/2018/CVE-2018-16836.yaml by mp
* Enhancement: cves/2018/CVE-2018-17431.yaml by mp
* Many title clean-ups for more standardization.
Some vendor name clean-up
* Enhancement: cves/2018/CVE-2018-20985.yaml by mp
* Enhancement: cves/2018/CVE-2018-3810.yaml by mp
* Spacing issues
* Remove 2 blank newlines
* Enhancement: vulnerabilities/other/tamronos-rce.yaml by cs
* Enhancement: cves/2018/CVE-2018-9845.yaml by mp
* Enhancement: cves/2018/CVE-2018-9995.yaml by mp
* Enhancement: cves/2019/CVE-2019-0230.yaml by mp
* Enhancement: cves/2019/CVE-2019-16920.yaml by mp
* Enhancement: cves/2019/CVE-2019-17270.yaml by mp
* Enhancement: cves/2019/CVE-2019-17382.yaml by mp
* Enhancement: cves/2019/CVE-2019-17444.yaml by mp
* Enhancement: cves/2019/CVE-2019-17506.yaml by mp
* Enhancement: cves/2020/CVE-2020-10148.yaml by mp
* Enhancement: cves/2020/CVE-2020-11710.yaml by mp
* Enhancement: cves/2020/CVE-2020-11854.yaml by mp
* Enhancement: cves/2020/CVE-2020-12800.yaml by mp
* Enhancement: cves/2020/CVE-2020-13117.yaml by mp
* Enhancement: cves/2020/CVE-2020-13167.yaml by mp
* Enhancement: cves/2020/CVE-2020-13927.yaml by mp
* Enhancement: cves/2020/CVE-2020-13942.yaml by mp
* Spacing, syntax error
* Spacing, correct this time.
* Enhancement: cves/2020/CVE-2020-15920.yaml by mp
* Enhancement: cves/2020/CVE-2020-29227.yaml by mp
* Enhancement: cves/2021/CVE-2021-24499.yaml by mp
* Enhancement: cves/2021/CVE-2021-24762.yaml by mp
* Enhancement: cves/2018/CVE-2018-9995.yaml by mp
* Enhancement: cves/2019/CVE-2019-0230.yaml by mp
* Enhancement: cves/2019/CVE-2019-17444.yaml by mp
* Enhancement: cves/2020/CVE-2020-10148.yaml by mp
* Enhancement: cves/2020/CVE-2020-11854.yaml by mp
* Enhancement: cves/2020/CVE-2020-13167.yaml by mp
* Enhancement: cves/2020/CVE-2020-13927.yaml by mp
* Enhancement: cves/2020/CVE-2020-15920.yaml by mp
* Enhancement: cves/2021/CVE-2021-24499.yaml by mp
* Extra newlines and one sp;acing issue
* Update CVE-2018-9995.yaml
* Update CVE-2019-0230.yaml
* Update CVE-2019-16920.yaml
* Update CVE-2019-17270.yaml
* Update CVE-2019-17382.yaml
* Update CVE-2019-17444.yaml
* Update CVE-2019-17506.yaml
* Update CVE-2020-10148.yaml
* Update CVE-2020-11710.yaml
* Update CVE-2020-11854.yaml
* Update CVE-2020-12800.yaml
* Update CVE-2020-13167.yaml
* Update CVE-2020-13927.yaml
* Update CVE-2020-13942.yaml
* Update CVE-2020-15920.yaml
* Update CVE-2020-29227.yaml
* Update CVE-2021-24499.yaml
* Update CVE-2021-24762.yaml
Co-authored-by: sullo <sullo@cirt.net>
Co-authored-by: Prince Chaddha <prince@projectdiscovery.io>
2022-05-17 14:41:26 +05:30
1a5427c415
Fix yonyou product name, add tag yonyou-ufida-nc to CNVD-2021-30167.yaml ( #4388 )
...
* Change weblogic-workflow.yaml file privilege
* Change yonyou product name
* Add Yonyou-ufida-nc workflow template
* misc update
* misc update
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-05-15 05:55:05 +05:30
581b7a627b
Dashboard Content Enhancements ( #4381 )
...
Dashboard Content Enhancements
2022-05-13 16:26:43 -04:00
20b869632b
Merge pull request #4341 from gy741/rule-add-v108
...
Create gnuboard-sms-xss.yaml
2022-05-13 01:14:28 +05:30
c616179c95
Update gnuboard-sms-xss.yaml
2022-05-13 01:11:32 +05:30
27a039a70c
Update metadata query ( #4350 )
...
* Update adobe-component-login.yaml
* Update cold-fusion-cfcache-map.yaml
* Update unpatched-coldfusion.yaml
* Update coldfusion-debug-xss.yaml
* Update CVE-2020-11978.yaml
* Update CVE-2020-13927.yaml
* Update CVE-2021-38540.yaml
* Update CVE-2021-44451.yaml
* Update CVE-2022-24288.yaml
* Update airflow-debug.yaml
* Update airflow-detect.yaml
* Update CVE-2010-0219.yaml
* Update apache-axis-detect.yaml
* Update CVE-2020-11991.yaml
* Update apache-cocoon-detect.yaml
* Update CVE-2021-21402.yaml
* Update jellyfin-detect.yaml
* Update CVE-2021-21402.yaml
* Update CVE-2021-21402.yaml
* Update ecology-arbitrary-file-upload.yaml
* Update ecology-v8-sqli.yaml
* Update ecology-syncuserinfo-sqli.yaml
* Update ecology-filedownload-directory-traversal.yaml
* Update CNVD-2021-15822.yaml
* Update dedecms-carbuyaction-fileinclude.yaml
* Update dedecms-openredirect.yaml
* Update tamronos-rce.yaml
* Update natshell-path-traversal.yaml
2022-05-12 19:48:36 +05:30
93c86e4adf
Update ecsimagingpacs-rce.yaml
2022-05-12 16:38:58 +05:30
70501101a6
Create ecsimagingpacs-rce.yaml
2022-05-12 13:50:38 +05:30
c82ef1fb68
Create sangfor-ba-rce.yaml
2022-05-12 00:17:57 +05:30
92e9c1da0b
Create gnuboard-sms-xss.yaml
...
A vulnerability in Gnuboard CMS allows remote attackers to inject arbitrary Javascript into the responses returned by the server.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2022-05-10 13:22:31 +09:00
c44aed7f5e
Update huijietong-cloud-fileread.yaml
2022-05-09 13:31:15 +05:30
a9de43f0f7
Update huijietong-cloud-fileread.yaml
2022-05-08 18:14:47 +05:30
4124cb441a
Update huijietong-cloud-fileread.yaml
2022-05-08 18:11:28 +05:30
958b15663c
Strict matchers / f/p fix ( #4320 )
...
* more strict matcher + matcher fix
* misc updates
2022-05-08 12:13:38 +05:30
303165dac4
Rename vulnerabilities/other/ruijie-networks-rce.yaml to vulnerabilities/ruijie/ruijie-networks-rce.yaml
2022-05-06 21:09:42 +05:30
ef7e1fcf8b
Rename vulnerabilities/other/ruijie-networks-lfi.yaml to vulnerabilities/ruijie/ruijie-networks-lfi.yaml
2022-05-06 21:09:32 +05:30
027c4ee86e
Rename vulnerabilities/other/ruijie-eg-rce.yaml to vulnerabilities/ruijie/ruijie-eg-rce.yaml
2022-05-06 21:09:20 +05:30
16c82b3aad
Rename vulnerabilities/other/ruijie/ruijie-password-leak.yaml to vulnerabilities/ruijie/ruijie-password-leak.yaml
2022-05-06 21:09:07 +05:30
610f52a09b
Update and rename vulnerabilities/other/ruijie-password-leak.yaml to vulnerabilities/other/ruijie/ruijie-password-leak.yaml
2022-05-06 21:07:45 +05:30
e445aa053a
Update and rename firewall-password-leak.yaml to ruijie-password-leak.yaml
2022-05-06 20:59:15 +05:30
684528467b
Update firewall-password-leak.yaml
2022-05-06 16:13:47 +05:30
7ffa667acc
Create firewall-password-leak.yaml
2022-05-06 16:10:24 +05:30
c9f72c1137
Update avada-xss.yaml
2022-04-28 23:27:46 +05:30
1c2235e87a
Update avada-xss.yaml
2022-04-28 21:41:50 +07:00
aa888bca8d
Dashboard Content Enhancements ( #4238 )
...
Dashboard Content Enhancements
2022-04-25 10:35:07 -04:00
5e58c8a1dc
Added WSO2 < 5.8.0 - Server Side Request Forgery ( #4229 )
2022-04-24 01:19:18 +05:30
5451673368
Moved and renamed templates containing a CVE under their correct location
2022-04-22 19:25:23 +03:00
2487e9877f
Merge pull request #4219 from projectdiscovery/template_info_fixup
...
Info section refactor
2022-04-22 18:01:12 +05:30
209538baa6
refactor: Description field uniformization
...
* info field reorder
* reference values refactored to list
* added new lines after the id and before the protocols
* removed extra new lines
* split really long descriptions to multiple lines (part 1)
* other minor fixes
2022-04-22 13:38:41 +03:00
b0f93aa784
Create avada-xss.yaml
2022-04-22 12:56:53 +04:00
31312b1c19
Dashboard Content Enhancements ( #4191 )
...
Dashboard Content Enhancements
2022-04-21 17:16:41 -04:00
321f265cf4
Merge pull request #4194 from ritikchaddha/patch-35
...
Create tianqing-info-leak.yaml
2022-04-20 12:32:46 +04:00
37b638bd08
Update tianqing-info-leak.yaml
2022-04-20 12:29:00 +04:00
2669491e8a
Update ecology-v8-sqli.yaml
2022-04-20 01:03:52 +04:00
15586bf5ef
Create ecology-v8-sqli.yaml
2022-04-20 02:11:43 +05:30
aec114c561
Create tianqing-info-leak.yaml
2022-04-20 01:34:41 +05:30
406f8fab71
Update zzcms-xss.yaml
2022-04-18 02:37:25 +04:00
768aba3b09
Create zzcms-xss.yaml
2022-04-16 14:32:25 +05:30
5730781afa
Dashboard Content Enhancements ( #4157 )
...
* Enhancement: exposures/files/joomla-file-listing.yaml by cs
* Enhancement: cves/2019/CVE-2019-5418.yaml by mp
* Enhancement: cves/2016/CVE-2016-10940.yaml by mp
* Enhancement: cves/2015/CVE-2015-4694.yaml by mp
* Enhancement: cves/2016/CVE-2016-10960.yaml by mp
* Enhancement: cves/2021/CVE-2021-20091.yaml by mp
* Enhancement: cves/2021/CVE-2021-20092.yaml by mp
* Enhancement: vulnerabilities/other/solar-log-authbypass.yaml by mp
* Enhancement: vulnerabilities/wordpress/churchope-lfi.yaml by mp
* Enhancement: vulnerabilities/other/solar-log-authbypass.yaml by mp
* Enhancement: cves/2017/CVE-2017-10075.yaml by mp
* Enhancement: cves/2021/CVE-2021-27358.yaml by mp
* Enhancement: cves/2017/CVE-2017-9833.yaml by mp
* Enhancement: vulnerabilities/wordpress/wordpress-accessible-wpconfig.yaml by mp
* Enhancement: vulnerabilities/wordpress/wp-spot-premium-lfi.yaml by mp
* Enhancement: misconfiguration/symfony-debugmode.yaml by mp
* Enhancement: cves/2016/CVE-2016-10940.yaml by mp
* Enhancement: cves/2015/CVE-2015-4694.yaml by mp
* Enhancement: cves/2016/CVE-2016-10960.yaml by mp
* Enhancement: cves/2015/CVE-2015-4694.yaml by mp
* Enhancement: vulnerabilities/wordpress/churchope-lfi.yaml by mp
* Enhancement: cves/2017/CVE-2017-10075.yaml by mp
* Enhancement: cves/2021/CVE-2021-27358.yaml by mp
* Enhancement: vulnerabilities/wordpress/wordpress-accessible-wpconfig.yaml by mp
* Enhancement: vulnerabilities/wordpress/wp-spot-premium-lfi.yaml by mp
* Enhancement: vulnerabilities/wordpress/newsletter-open-redirect.yaml by mp
* Enhancement: vulnerabilities/wordpress/newsletter-open-redirect.yaml by mp
* Enhancement: vulnerabilities/wordpress/pieregister-open-redirect.yaml by mp
* Enhancement: cves/2021/CVE-2021-25055.yaml by mp
* Enhancement: cves/2021/CVE-2021-25028.yaml by mp
* Enhancement: vulnerabilities/wordpress/noptin-open-redirect.yaml by mp
* Enhancement: vulnerabilities/wordpress/elex-woocommerce-xss.yaml by mp
* Enhancement: vulnerabilities/wordpress/my-chatbot-xss.yaml by mp
* Enhancement: vulnerabilities/wordpress/wp-adaptive-xss.yaml by mp
* Enhancement: cves/2021/CVE-2021-24947.yaml by mp
* Enhancement: cves/2021/CVE-2021-24406.yaml by mp
* Enhancement: vulnerabilities/wordpress/elementorpage-open-redirect.yaml by mp
* Enhancement: cves/2016/CVE-2016-10033.yaml by mp
* Enhancement: cves/2021/CVE-2021-31682.yaml by mp
* Enhancement: vulnerabilities/wordpress/wp-woocommerce-file-download.yaml by mp
* Enhancement: cves/2021/CVE-2021-22986.yaml by mp
* Enhancement: vulnerabilities/wordpress/newsletter-open-redirect.yaml by mp
* Enhancement: vulnerabilities/wordpress/pieregister-open-redirect.yaml by mp
* Enhancement: cves/2021/CVE-2021-25055.yaml by mp
* Enhancement: cves/2021/CVE-2021-25028.yaml by mp
* Enhancement: vulnerabilities/wordpress/noptin-open-redirect.yaml by mp
* Enhancement: vulnerabilities/wordpress/elex-woocommerce-xss.yaml by mp
* Enhancement: cves/2021/CVE-2021-24947.yaml by mp
* Enhancement: cves/2021/CVE-2021-24406.yaml by mp
* Enhancement: cves/2021/CVE-2021-22986.yaml by mp
* Enhancement: cves/2016/CVE-2016-10033.yaml by mp
* Enhancement: vulnerabilities/wordpress/elementorpage-open-redirect.yaml by mp
* Enhancement: cves/2021/CVE-2021-24406.yaml by mp
* Relocating to CVE folder
* Enhancement: cves/2017/CVE-2017-14651.yaml by mp
* Enhancement: cves/2020/CVE-2020-24589.yaml by mp
* Enhancement: vulnerabilities/confluence/confluence-ssrf-sharelinks.yaml by mp
* Enhancement: cves/2019/CVE-2019-2729.yaml by mp
* Enhancement: cves/2018/CVE-2018-2893.yaml by mp
* Enhancement: cves/2018/CVE-2018-2628.yaml by mp
* Enhancement: cves/2018/CVE-2018-3238.yaml by mp
* Enhancement: cves/2018/CVE-2018-3238.yaml by mp
* Enhancement: cves/2017/CVE-2017-3528.yaml by mp
* Enhancement: cves/2019/CVE-2019-2588.yaml by mp
* Enhancement: cves/2021/CVE-2021-31755.yaml by mp
* Enhancement: cves/2021/CVE-2021-42071.yaml by mp
* Enhancement: misconfiguration/zabbix-dashboards-access.yaml by mp
* Enhancement: cves/2017/CVE-2017-14651.yaml by mp
* Enhancement: cves/2020/CVE-2020-24589.yaml by mp
* Enhancement: vulnerabilities/confluence/confluence-ssrf-sharelinks.yaml by mp
* Enhancement: cves/2019/CVE-2019-2729.yaml by mp
* Enhancement: cves/2018/CVE-2018-2893.yaml by mp
* Enhancement: cves/2018/CVE-2018-3238.yaml by mp
* Enhancement: cves/2017/CVE-2017-3528.yaml by mp
* Enhancement: cves/2021/CVE-2021-42071.yaml by mp
* Syntax corrections
Added some cve-id fields
Removed duplicate dashboard comments
* Tag typo
Co-authored-by: sullo <sullo@cirt.net>
2022-04-15 12:39:44 -04:00
eda4cdd339
Merge pull request #4102 from ritikchaddha/patch-23
...
Create qizhi-fortressaircraft-unauthorized.yaml
2022-04-12 01:39:51 +05:30
13de1b849c
Merge pull request #4106 from ritikchaddha/patch-25
...
Create pyspider-unauthorized-access.yaml
2022-04-12 01:38:05 +05:30
dda19c0a9b
Update and rename qizhi-fortressaircraft-unauthorized.yaml to qizhi-fortressaircraft-unauth.yaml
2022-04-12 01:37:20 +05:30
39336f2ca5
Update pyspider-unauthorized-access.yaml
2022-04-12 01:34:02 +05:30
45174dee16
Dashboard Content Enhancements ( #4111 )
...
Dashboard Content Enhancements
2022-04-11 10:42:35 -04:00
a874ccac44
Create pyspider-unauthorized-access.yaml
2022-04-11 12:36:33 +05:30
55907e03a9
Create qizhi-fortressaircraft-unauthorized.yaml
2022-04-11 12:12:24 +05:30
5eb47292e4
Added Reprise License Manager Templates ( #4097 )
...
Co-Authored-By: Akincibor <99909324+Akincibor@users.noreply.github.com>
Co-authored-by: Akincibor <99909324+Akincibor@users.noreply.github.com>
2022-04-10 12:41:31 +05:30
7a26b26611
Merge pull request #4079 from ritikchaddha/patch-19
...
Create hanming-video-conferencing-file-read.yaml
2022-04-10 01:15:06 +05:30
c48a3009ef
Update and rename hanming-video-conferencing-file-read.yaml to hanming-lfr.yaml
2022-04-10 01:12:47 +05:30
fb3b587f8d
Merge pull request #4080 from ritikchaddha/patch-20
...
Create tongda-user-session-disclosure.yaml
2022-04-10 01:10:41 +05:30
da6a91f00c
Update and rename tongda-user-session-disclosure.yaml to tongda-session-disclosure.yaml
2022-04-10 01:07:22 +05:30
3a870ceb11
Update yongyou-u8-oa-sqli.yaml
2022-04-10 00:40:02 +05:30
e33e5186d7
Create yongyou-u8-oa-sqli.yaml
2022-04-08 13:43:23 +05:30
4333ef4f89
Create tongda-user-session-disclosure.yaml
2022-04-08 13:42:20 +05:30
14029f1772
Create hanming-video-conferencing-file-read.yaml
2022-04-08 13:40:46 +05:30
210d16392b
Merge pull request #4064 from ritikchaddha/patch-8
...
Create ecology-syncuserinfo-sqli.yaml
2022-04-07 19:27:52 +05:30
a24ef794b7
Dashboard Content Enhancements ( #4031 )
...
Dashboard Content Enhancements
2022-04-07 09:53:15 -04:00
bb4358e498
Update ecology-syncuserinfo-sqli.yaml
2022-04-07 18:42:11 +05:30
7791b71a8d
Update ecology-syncuserinfo-sqli.yaml
2022-04-07 18:40:03 +05:30
8a45bc4f7d
Update hiboss-rce.yaml
2022-04-07 18:12:31 +05:30
84b9e66fba
Merge pull request #4073 from ritikchaddha/patch-16
...
Create pbootcms-database-file-download.yaml
2022-04-07 17:32:58 +05:30
6f2ae23929
Merge pull request #4074 from ritikchaddha/patch-17
...
Create dss-download-fileread.yaml
2022-04-07 17:32:37 +05:30
d2c87cf12a
Update pbootcms-database-file-download.yaml
2022-04-07 17:30:29 +05:30
465b904cf1
Update pbootcms-database-file-download.yaml
2022-04-07 17:24:43 +05:30
c509256843
Update dss-download-fileread.yaml
2022-04-07 17:07:42 +05:30
3dafb4bbfe
Update kingsoft-v8-file-read.yaml
2022-04-07 16:58:32 +05:30
78625369df
Create dss-download-fileread.yaml
2022-04-07 16:01:28 +05:30
cfee24aaa7
Create pbootcms-database-file-download.yaml
2022-04-07 15:53:09 +05:30
2f849a6620
Create kingsoft-v8-file-read.yaml
2022-04-07 15:15:14 +05:30
0c6a333a38
Update ns-asg-file-read.yaml
2022-04-07 14:31:10 +05:30
9bf3b9493c
Update ns-asg-file-read.yaml
2022-04-07 14:24:10 +05:30
888c593257
Update ns-asg-file-read.yaml
2022-04-07 14:23:54 +05:30
37dc09b55b
Update ns-asg-file-read.yaml
2022-04-07 14:14:15 +05:30
affc2d4e52
Create ecology-syncuserinfo-sqli.yaml
2022-04-06 14:25:59 +05:30
3b767cd5b6
Merge pull request #4055 from ritikchaddha/patch-5
...
Create kingdee-eas-directory-traversal.yaml
2022-04-06 13:34:12 +05:30
0c07ddb3a7
Update kingdee-eas-directory-traversal.yaml
2022-04-06 13:32:42 +05:30
7aa021fd1e
Merge pull request #4057 from ritikchaddha/patch-7
...
Create seacms-sqli.yaml
2022-04-06 13:32:19 +05:30
b5e81d3f54
Update kingdee-eas-directory-traversal.yaml
2022-04-06 13:31:21 +05:30
831f53d205
Rename vulnerabilities/seacms-sqli.yaml to vulnerabilities/other/seacms-sqli.yaml
2022-04-06 13:21:30 +05:30
0451a7c3ea
Update 3cx-management-console.yaml
2022-04-06 09:30:14 +05:30
cd16ff171d
Create kingdee-eas-directory-traversal.yaml
2022-04-05 17:20:57 +05:30
cbb575dddb
Create 3cx-management-console.yaml
2022-04-02 16:24:05 +05:30
6ddfbac2b4
Dashboard Content Enhancement ( #4020 )
...
* Enhancement: cnvd/2021/CNVD-2021-15822.yaml by mp
* Enhancement: exposed-panels/apache/tomcat-pathnormalization.yaml by mp
* Enhancement: cves/2021/CVE-2021-40542.yaml by mp
* Enhancement: misconfiguration/horde-unauthenticated.yaml by mp
* Enhancement: misconfiguration/horde-unauthenticated.yaml by mp
* Enhancement: misconfiguration/horde-unauthenticated.yaml by mp
* Enhancement: cves/2021/CVE-2021-40542.yaml by mp
* Enhancement: exposed-panels/apiman-panel.yaml by mp
* Enhancement: cves/2010/CVE-2010-1873.yaml by mp
* Enhancement: exposed-panels/arcgis/arcgis-panel.yaml by mp
* Enhancement: exposed-panels/arcgis/arcgis-rest-api.yaml by mp
* Enhancement: exposed-panels/argocd-login.yaml by mp
* Enhancement: exposed-panels/atlassian-crowd-panel.yaml by mp
* Enhancement: exposed-panels/atvise-login.yaml by mp
* Enhancement: exposed-panels/avantfax-panel.yaml by mp
* Enhancement: exposed-panels/avatier-password-management.yaml by mp
* Enhancement: exposed-panels/axigen-webadmin.yaml by mp
* Enhancement: exposed-panels/axigen-webmail.yaml by mp
* Enhancement: exposed-panels/azkaban-web-client.yaml by mp
* Enhancement: exposed-panels/acunetix-panel.yaml by mp
* Enhancement: exposed-panels/adiscon-loganalyzer.yaml by mp
* Enhancement: exposed-panels/adminer-panel.yaml by mp
* Enhancement: cves/2010/CVE-2010-1870.yaml by mp
* Enhancement: exposed-panels/adminset-panel.yaml by mp
* Enhancement: exposed-panels/adobe/adobe-component-login.yaml by mp
* Enhancement: exposed-panels/adobe/adobe-connect-central-login.yaml by mp
* Enhancement: exposed-panels/adobe/adobe-experience-manager-login.yaml by mp
* Enhancement: exposed-panels/adobe/adobe-media-server.yaml by mp
* Enhancement: exposed-panels/advance-setup.yaml by mp
* Enhancement: exposed-panels/aerohive-netconfig-ui.yaml by mp
* Enhancement: exposed-panels/aims-password-mgmt-client.yaml by mp
* Enhancement: exposed-panels/aims-password-mgmt-client.yaml by mp
* Enhancement: exposed-panels/aims-password-portal.yaml by mp
* Enhancement: exposed-panels/airflow-panel.yaml by mp
* Enhancement: exposed-panels/airflow-panel.yaml by mp
* spacing issues
* Spacing
* HTML codes improperly interpreted
Relocate horde-unauthenticated.yaml to CVE-2005-3344.yaml
* Relocate horde-unauthenticated.yaml to CVE-2005-3344.yaml
* Enhancement: technologies/waf-detect.yaml by mp
* Enhancement: vulnerabilities/wordpress/wordpress-wpcourses-info-disclosure.yaml by mp
* Enhancement: vulnerabilities/wordpress/wordpress-wpcourses-info-disclosure.yaml by mp
* Enhancement: network/sap-router-info-leak.yaml by mp
* Enhancement: vulnerabilities/wordpress/wordpress-wpcourses-info-disclosure.yaml by mp
* Enhancement: network/sap-router-info-leak.yaml by mp
* Enhancement: network/exposed-adb.yaml by mp
* Enhancement: vulnerabilities/vmware/vrealize-operations-log4j-rce.yaml by mp
* Enhancement: vulnerabilities/vmware/vrealize-operations-log4j-rce.yaml by mp
* Enhancement: vulnerabilities/vmware/vrealize-operations-log4j-rce.yaml by mp
* Enhancement: vulnerabilities/vmware/vrealize-operations-log4j-rce.yaml by mp
* Enhancement: vulnerabilities/wordpress/wordpress-woocommerce-sqli.yaml by mp
* Enhancement: exposures/tokens/digitalocean/tugboat-config-exposure.yaml by mp
* Enhancement: exposed-panels/concrete5/concrete5-install.yaml by mp
* Enhancement: vulnerabilities/wordpress/wordpress-infinitewp-auth-bypass.yaml by mp
* indentation issue
* Character encoding issue fix
* Enhancement: default-logins/alibaba/canal-default-login.yaml by mp
* Enhancement: default-logins/alphaweb/alphaweb-default-login.yaml by mp
* Enhancement: default-logins/ambari/ambari-default-login.yaml by mp
* Enhancement: default-logins/apache/airflow-default-login.yaml by mp
* Enhancement: default-logins/apache/apisix-default-login.yaml by mp
* Enhancement: default-logins/apollo/apollo-default-login.yaml by mp
* Enhancement: default-logins/arl/arl-default-login.yaml by mp
* Enhancement: default-logins/digitalrebar/digitalrebar-default-login.yaml by mp
* Enhancement: default-logins/mantisbt/mantisbt-default-credential.yaml by mp
* Enhancement: default-logins/stackstorm/stackstorm-default-login.yaml by mp
* Enhancement: dns/caa-fingerprint.yaml by mp
* Enhancement: exposed-panels/active-admin-exposure.yaml by mp
* Enhancement: exposed-panels/activemq-panel.yaml by mp
* Enhancement: default-logins/ambari/ambari-default-login.yaml by mp
* Restore & stomped by dashboard
* Enhancement: cves/2010/CVE-2010-1653.yaml by mp
* Enhancement: cves/2021/CVE-2021-38751.yaml by mp
* Enhancement: cves/2021/CVE-2021-39320.yaml by mp
* Enhancement: cves/2021/CVE-2021-39322.yaml by mp
* Enhancement: cves/2021/CVE-2021-39327.yaml by mp
* Enhancement: cves/2021/CVE-2021-39350.yaml by mp
* Enhancement: cves/2021/CVE-2021-39433.yaml by mp
* Enhancement: cves/2021/CVE-2021-41192.yaml by mp
* Enhancement: cnvd/2021/CNVD-2021-15824.yaml by mp
* Enhancement: exposed-panels/ansible-semaphore-panel.yaml by mp
* Enhancement: exposed-panels/aviatrix-panel.yaml by mp
* Enhancement: cves/2022/CVE-2022-24288.yaml by mp
* Enhancement: cves/2022/CVE-2022-24990.yaml by mp
* Enhancement: cves/2022/CVE-2022-26159.yaml by mp
* Enhancement: default-logins/aem/aem-default-login.yaml by mp
* Enhancement: exposed-panels/blue-iris-login.yaml by mp
* Enhancement: exposed-panels/bigbluebutton-login.yaml by mp
* Enhancement: cves/2022/CVE-2022-24288.yaml by mp
* Enhancement: cves/2022/CVE-2022-24990.yaml by mp
* Enhancement: cves/2022/CVE-2022-26159.yaml by mp
* Enhancement: default-logins/aem/aem-default-login.yaml by mp
* Spacing issues
Add cve-id field
* fix & stomping
* Enhancement: cves/2016/CVE-2016-1000141.yaml by mp
* Enhancement: cves/2020/CVE-2020-24912.yaml by mp
* Enhancement: cves/2021/CVE-2021-35265.yaml by mp
* Enhancement: cves/2022/CVE-2022-0437.yaml by mp
* Enhancement: cves/2010/CVE-2010-1601.yaml by mp
* Enhancement: technologies/teradici-pcoip.yaml by mp
* Enhancement: vulnerabilities/other/unauth-hoteldruid-panel.yaml by mp
* Enhancement: cves/2010/CVE-2010-1475.yaml by mp
* Enhancement: cves/2010/CVE-2010-1535.yaml by mp
* Enhancement: exposed-panels/epson-web-control-detect.yaml by mp
* Enhancement: exposed-panels/epson-access-detect.yaml by mp
* Enhancement: cves/2020/CVE-2020-29453.yaml by mp
* Fix spacing
* Remove empty cve lines and relocate tags
* Remove blank cve lines & move tags
* Fix merge errors
* Enhancement: cves/2020/CVE-2020-21224.yaml by mp
* Enhancement: cves/2020/CVE-2020-24148.yaml by mp
* Enhancement: cves/2020/CVE-2020-24391.yaml by mp
* Enhancement: cves/2020/CVE-2020-24589.yaml by mp
* Enhancement: cves/2020/CVE-2020-25213.yaml by mp
* Enhancement: cves/2020/CVE-2020-25223.yaml by mp
* Enhancement: cves/2020/CVE-2020-25506.yaml by mp
* Enhancement: cves/2020/CVE-2020-2551.yaml by mp
* Enhancement: cves/2020/CVE-2020-28871.yaml by mp
* Enhancement: cves/2020/CVE-2020-28188.yaml by mp
* Enhancement: cves/2020/CVE-2020-26948.yaml by mp
* Enhancement: cves/2020/CVE-2020-26919.yaml by mp
* Enhancement: cves/2020/CVE-2020-26214.yaml by mp
* Enhancement: cves/2020/CVE-2020-25223.yaml by mp
* Enhancement: cves/2020/CVE-2020-21224.yaml by mp
* Enhancement: cves/2020/CVE-2020-24148.yaml by mp
* Enhancement: cves/2020/CVE-2020-24186.yaml by mp
* Enhancement: cves/2020/CVE-2020-24186.yaml by mp
* Enhancement: cves/2020/CVE-2020-24391.yaml by mp
* Enhancement: cves/2020/CVE-2020-24589.yaml by mp
* Enhancement: cves/2020/CVE-2020-25213.yaml by mp
* Enhancement: cves/2020/CVE-2020-25223.yaml by mp
* Enhancement: cves/2020/CVE-2020-25506.yaml by mp
* Enhancement: cves/2020/CVE-2020-28871.yaml by mp
* Enhancement: cves/2020/CVE-2020-28188.yaml by mp
* Enhancement: cves/2020/CVE-2020-26948.yaml by mp
* Enhancement: cves/2020/CVE-2020-26919.yaml by mp
* Enhancement: cves/2020/CVE-2020-26214.yaml by mp
* Syntax cleanup
* Enhancement: cves/2021/CVE-2021-38647.yaml by mp
* Syntax and a title change
* Enhancement: cves/2021/CVE-2021-38702.yaml by mp
* Fix references
* Enhancement: cves/2021/CVE-2021-38704.yaml by mp
* Enhancement: cves/2021/CVE-2021-41691.yaml by mp
* Enhancement: cves/2021/CVE-2021-41691.yaml by mp
* Enhancement: cves/2021/CVE-2021-41691.yaml by mp
* Enhancement: cves/2021/CVE-2021-44529.yaml by mp
* Conflicts resolved
* Fix quoting
* Enhancement: cves/2021/CVE-2021-45967.yaml by mp
* Enhancement: cves/2022/CVE-2022-0189.yaml by mp
* Enhancement: cves/2022/CVE-2022-0189.yaml by mp
* Enhancement: cves/2022/CVE-2022-23779.yaml by mp
* Enhancement: default-logins/apache/dolphinscheduler-default-login.yaml by mp
* Enhancement: default-logins/cobbler/hue-default-credential.yaml by mp
* Enhancement: default-logins/emqx/emqx-default-login.yaml by mp
* Enhancement: default-logins/geoserver/geoserver-default-login.yaml by mp
* Enhancement: cves/2021/CVE-2021-38647.yaml by mp
* Enhancement: cves/2021/CVE-2021-41691.yaml by mp
* Enhancement: cves/2021/CVE-2021-45967.yaml by mp
* Enhancement: cves/2022/CVE-2022-0189.yaml by mp
* Enhancement: cnvd/2021/CNVD-2021-14536.yaml by mp
* Enhancement: default-logins/apache/dolphinscheduler-default-login.yaml by mp
* Enhancement: default-logins/geoserver/geoserver-default-login.yaml by mp
* Update CVE-2020-25223.yaml
* Update CVE-2020-26214.yaml
* Update CVE-2020-25506.yaml
* Update CVE-2020-2551.yaml
* Update CVE-2020-26919.yaml
* Update CVE-2021-44529.yaml
* Update CVE-2020-28871.yaml
* Update CVE-2020-28188.yaml
* Update CVE-2021-45967.yaml
* Update hue-default-credential.yaml
* Update CVE-2021-44529.yaml
* misc syntax update
* Syntax restore some characters
* Spacing
* Enhancement: vulnerabilities/wordpress/hide-security-enhancer-lfi.yaml by mp
* Enhancement: vulnerabilities/wordpress/issuu-panel-lfi.yaml by mp
* Enhancement: cves/2019/CVE-2019-10068.yaml by mp
* Enhancement: cves/2019/CVE-2019-10232.yaml by mp
* Enhancement: cves/2019/CVE-2019-10758.yaml by mp
* Enhancement: cves/2019/CVE-2019-11510.yaml by mp
* Enhancement: cves/2019/CVE-2019-11580.yaml by mp
* Enhancement: cves/2019/CVE-2019-11581.yaml by mp
* Enhancement: cves/2019/CVE-2019-12314.yaml by mp
* Enhancement: cves/2019/CVE-2019-13101.yaml by mp
* Link wrapping issue
* Enhancement: cves/2019/CVE-2019-13462.yaml by mp
* Enhancement: cves/2019/CVE-2019-15107.yaml by mp
* Enhancement: cves/2019/CVE-2019-15859.yaml by mp
* Enhancement: cves/2019/CVE-2019-16759.yaml by mp
* Enhancement: cves/2019/CVE-2019-16662.yaml by mp
* Enhancement: cves/2019/CVE-2019-16278.yaml by mp
* Enhancement: cves/2019/CVE-2019-10232.yaml by mp
* Enhancement: cves/2019/CVE-2019-10758.yaml by mp
* Enhancement: cves/2019/CVE-2019-11510.yaml by mp
* Enhancement: cves/2019/CVE-2019-12725.yaml by mp
* Enhancement: cves/2019/CVE-2019-13101.yaml by mp
* Enhancement: cves/2019/CVE-2019-15107.yaml by mp
* Enhancement: cves/2019/CVE-2019-15859.yaml by mp
* Enhancement: cves/2019/CVE-2019-16662.yaml by mp
* Enhancement: cnvd/2021/CNVD-2021-10543.yaml by cs
* Enhancement: cves/2021/CVE-2021-33807.yaml by mp
* Enhancement: cves/2010/CVE-2010-0943.yaml by mp
* Enhancement: cves/2008/CVE-2008-6172.yaml by mp
* Enhancement: vulnerabilities/simplecrm/simple-crm-sql-injection.yaml by mp
* Enhancement: vulnerabilities/oracle/oracle-siebel-xss.yaml by mp
* Enhancement: cves/2010/CVE-2010-1602.yaml by mp
* Enhancement: cves/2010/CVE-2010-1474.yaml by mp
* Enhancement: network/cisco-smi-exposure.yaml by mp
* Enhancement: cves/2021/CVE-2021-37704.yaml by mp
* Enhancement: vulnerabilities/other/microweber-xss.yaml by mp
* Enhancement: cves/2019/CVE-2019-16313.yaml by mp
* Enhancement: cves/2021/CVE-2021-3017.yaml by mp
* Enhancement: cves/2010/CVE-2010-1353.yaml by mp
* Enhancement: cves/2010/CVE-2010-5278.yaml by mp
* Enhancement: cves/2021/CVE-2021-37573.yaml by mp
* Enhancement: vulnerabilities/oracle/oracle-siebel-xss.yaml by mp
* Enhancement: cves/2010/CVE-2010-1602.yaml by mp
* Enhancement: cves/2010/CVE-2010-1474.yaml by mp
* Enhancement: vulnerabilities/other/microweber-xss.yaml by mp
* Enhancement: cves/2018/CVE-2018-11709.yaml by mp
* Enhancement: cves/2014/CVE-2014-2321.yaml by mp
* Enhancement: vulnerabilities/other/visual-tools-dvr-rce.yaml by mp
* Enhancement: vulnerabilities/other/visual-tools-dvr-rce.yaml by mp
* Manual enhancement
* Manual enhancement push due to dashboard failure
* Testing of dashboard accidentally commited to dashboard branch
* Spacing
Put some CVEs in the classification
* Add missing cve-id fields to templates in cve/
Co-authored-by: sullo <sullo@cirt.net>
Co-authored-by: Prince Chaddha <prince@projectdiscovery.io>
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-04-01 14:21:42 +05:30
04ec5b6b6d
Create netgear-wac124-router-auth-bypass.yaml ( #3986 )
...
* Create netgear-wac124-router-auth-bypass.yaml
This vulnerability allows network-adjacent attackers to bypass authentication on affected of WAC124, AC2000 routers. Authentication is not required to exploit this vulnerability.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
* misc update
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-03-27 20:40:41 +05:30
948ceb8b11
Create oracle-fatwire-lfi.yaml ( #3975 )
...
* Create oracle-fatwire-lfi.yaml
* Update oracle-fatwire-lfi.yaml
* Update oracle-fatwire-lfi.yaml
Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
2022-03-26 14:56:13 +05:30
eb23e6e44e
Dashboard Content Enhancements ( #3980 )
...
Dashboard Content Enhancements
2022-03-25 10:16:18 -04:00
814d07fb7d
Dashboard Content Enhancements ( #3961 )
...
* Enhancement: default-logins/viewpoint/trilithic-viewpoint-login.yaml by mp
* Enhancement: default-logins/visionhub/visionhub-default-login.yaml by mp
* Enhancement: default-logins/weblogic/weblogic-weak-login.yaml by mp
* Enhancement: default-logins/wifisky/wifisky-default-login.yaml by mp
* Enhancement: default-logins/wso2/wso2-default-login.yaml by mp
* Enhancement: default-logins/xerox/xerox7-default-login.yaml by mp
* Enhancement: default-logins/xxljob/xxljob-default-login.yaml by mp
* Enhancement: default-logins/zabbix/zabbix-default-login.yaml by mp
* Enhancement: default-logins/zmanda/zmanda-default-login.yaml by mp
* Enhancement: dns/azure-takeover-detection.yaml by mp
* Enhancement: dns/cname-fingerprint.yaml by mp
* Enhancement: dns/cname-service-detection.yaml by mp
* Enhancement: dns/detect-dangling-cname.yaml by mp
* Enhancement: dns/dns-waf-detect.yaml by mp
* Enhancement: default-logins/weblogic/weblogic-weak-login.yaml by mp
* Enhancement: default-logins/xxljob/xxljob-default-login.yaml by mp
* Enhancement: dns/dnssec-detection.yaml by mp
* Enhancement: dns/ec2-detection.yaml by mp
* Add CVSS/CWE
* Trailing space
* Linting error on comment indentation
* Typo
* Enhancement: dns/elasticbeantalk-takeover.yaml by mp
* Enhancement: cves/2020/CVE-2020-23517.yaml by mp
* Enhancement: dns/elasticbeantalk-takeover.yaml by mp
* Enhancement: dns/mx-fingerprint.yaml by mp
* Enhancement: dns/mx-service-detector.yaml by mp
* Enhancement: dns/nameserver-fingerprint.yaml by mp
* Enhancement: dns/ptr-fingerprint.yaml by mp
* Enhancement: dns/servfail-refused-hosts.yaml by mp
* Enhancement: dns/spoofable-spf-records-ptr.yaml by mp
* Enhancement: dns/txt-fingerprint.yaml by mp
* Enhancement: dns/worksites-detection.yaml by mp
* Enhancement: exposed-panels/3g-wireless-gateway.yaml by mp
* Enhancement: exposed-panels/acemanager-login.yaml by mp
* Enhancement: exposed-panels/acrolinx-dashboard.yaml by mp
* Enhancement: dns/mx-fingerprint.yaml by mp
* Enhancement: dns/mx-service-detector.yaml by mp
* Enhancement: dns/ptr-fingerprint.yaml by mp
* Enhancement: dns/servfail-refused-hosts.yaml by mp
* Enhancement: dns/spoofable-spf-records-ptr.yaml by mp
* Enhancement: cves/2021/CVE-2021-39501.yaml by mp
* Enhancement: cves/2021/CVE-2021-40323.yaml by mp
* Enhancement: cves/2021/CVE-2021-40539.yaml by mp
* Enhancement: cves/2021/CVE-2021-40542.yaml by mp
* Enhancement: cves/2021/CVE-2021-40856.yaml by mp
* Enhancement: cves/2021/CVE-2021-40859.yaml by mp
* Enhancement: cves/2021/CVE-2021-40323.yaml by mp
* Enhancement: cves/2021/CVE-2021-40539.yaml by mp
* Enhancement: cves/2010/CVE-2010-1875.yaml by mp
* Enhancement: exposed-panels/aims-password-portal.yaml by mp
* Enhancement: exposed-panels/airflow-panel.yaml by mp
* Enhancement: exposed-panels/akamai-cloudtest.yaml by mp
* Enhancement: exposed-panels/alfresco-detect.yaml by mp
* Enhancement: exposed-panels/alienvault-usm.yaml by mp
* Enhancement: exposed-panels/ambari-exposure.yaml by mp
* Enhancement: exposed-panels/amcrest-login.yaml by mp
* Enhancement: exposed-panels/ametys-admin-login.yaml by mp
* Enhancement: exposed-panels/ametys-admin-login.yaml by mp
* Enhancement: exposed-panels/alienvault-usm.yaml by mp
* Enhancement: exposed-panels/airflow-panel.yaml by mp
* Enhancement: exposed-panels/aims-password-portal.yaml by mp
* Enhancement: exposed-panels/ambari-exposure.yaml by mp
* Enhancement: cnvd/2021/CNVD-2021-17369.yaml by mp
* Enhancement: exposed-panels/apache/public-tomcat-manager.yaml by mp
* Enhancement: exposed-panels/apache/apache-apisix-panel.yaml by mp
* Enhancement: exposed-panels/ansible-tower-exposure.yaml by mp
* Enhancement: exposed-panels/ampps-panel.yaml by mp
* Enhancement: exposed-panels/ampps-admin-panel.yaml by mp
* Enhancement: exposed-panels/ametys-admin-login.yaml by mp
* Enhancement: cves/2010/CVE-2010-1878.yaml by mp
* Fix encoded chars
* trailing space
* Enhancement: cnvd/2021/CNVD-2021-15822.yaml by mp
* Enhancement: cnvd/2021/CNVD-2021-15822.yaml by mp
* Enhancement: cnvd/2021/CNVD-2021-15822.yaml by mp
* Enhancement: exposed-panels/apache/tomcat-pathnormalization.yaml by mp
* Enhancement: cves/2021/CVE-2021-40542.yaml by mp
* Enhancement: misconfiguration/horde-unauthenticated.yaml by mp
* Enhancement: misconfiguration/horde-unauthenticated.yaml by mp
* Enhancement: misconfiguration/horde-unauthenticated.yaml by mp
* Enhancement: cves/2021/CVE-2021-40542.yaml by mp
* Enhancement: exposed-panels/apiman-panel.yaml by mp
* Enhancement: cves/2010/CVE-2010-1873.yaml by mp
* Enhancement: exposed-panels/arcgis/arcgis-panel.yaml by mp
* Enhancement: exposed-panels/arcgis/arcgis-rest-api.yaml by mp
* Enhancement: exposed-panels/argocd-login.yaml by mp
* Enhancement: exposed-panels/atlassian-crowd-panel.yaml by mp
* Enhancement: exposed-panels/atvise-login.yaml by mp
* Enhancement: exposed-panels/avantfax-panel.yaml by mp
* Enhancement: exposed-panels/avatier-password-management.yaml by mp
* Enhancement: exposed-panels/axigen-webadmin.yaml by mp
* Enhancement: exposed-panels/axigen-webmail.yaml by mp
* Enhancement: exposed-panels/azkaban-web-client.yaml by mp
* Enhancement: exposed-panels/acunetix-panel.yaml by mp
* Enhancement: exposed-panels/adiscon-loganalyzer.yaml by mp
* Enhancement: exposed-panels/adminer-panel.yaml by mp
* Enhancement: cves/2010/CVE-2010-1870.yaml by mp
* Enhancement: exposed-panels/adminset-panel.yaml by mp
* Enhancement: exposed-panels/adobe/adobe-component-login.yaml by mp
* Enhancement: exposed-panels/adobe/adobe-connect-central-login.yaml by mp
* Enhancement: exposed-panels/adobe/adobe-experience-manager-login.yaml by mp
* Enhancement: exposed-panels/adobe/adobe-media-server.yaml by mp
* Enhancement: exposed-panels/advance-setup.yaml by mp
* Enhancement: exposed-panels/aerohive-netconfig-ui.yaml by mp
* Enhancement: exposed-panels/aims-password-mgmt-client.yaml by mp
* Enhancement: exposed-panels/aims-password-mgmt-client.yaml by mp
* Enhancement: exposed-panels/aims-password-portal.yaml by mp
* Enhancement: exposed-panels/airflow-panel.yaml by mp
* Enhancement: exposed-panels/airflow-panel.yaml by mp
* spacing issues
* Spacing
* HTML codes improperly interpreted
Relocate horde-unauthenticated.yaml to CVE-2005-3344.yaml
* Relocate horde-unauthenticated.yaml to CVE-2005-3344.yaml
* Enhancement: technologies/waf-detect.yaml by mp
* Enhancement: vulnerabilities/wordpress/wordpress-wpcourses-info-disclosure.yaml by mp
* Enhancement: vulnerabilities/wordpress/wordpress-wpcourses-info-disclosure.yaml by mp
* Enhancement: network/sap-router-info-leak.yaml by mp
* Enhancement: vulnerabilities/wordpress/wordpress-wpcourses-info-disclosure.yaml by mp
* Enhancement: network/sap-router-info-leak.yaml by mp
* Enhancement: network/exposed-adb.yaml by mp
* Enhancement: vulnerabilities/vmware/vrealize-operations-log4j-rce.yaml by mp
* Enhancement: vulnerabilities/vmware/vrealize-operations-log4j-rce.yaml by mp
* Enhancement: vulnerabilities/vmware/vrealize-operations-log4j-rce.yaml by mp
* Enhancement: vulnerabilities/vmware/vrealize-operations-log4j-rce.yaml by mp
* Enhancement: vulnerabilities/wordpress/wordpress-woocommerce-sqli.yaml by mp
* Enhancement: exposures/tokens/digitalocean/tugboat-config-exposure.yaml by mp
* Enhancement: exposed-panels/concrete5/concrete5-install.yaml by mp
* Enhancement: vulnerabilities/wordpress/wordpress-infinitewp-auth-bypass.yaml by mp
* indentation issue
* Character encoding issue fix
* Enhancement: default-logins/alibaba/canal-default-login.yaml by mp
* Enhancement: default-logins/alphaweb/alphaweb-default-login.yaml by mp
* Enhancement: default-logins/ambari/ambari-default-login.yaml by mp
* Enhancement: default-logins/apache/airflow-default-login.yaml by mp
* Enhancement: default-logins/apache/apisix-default-login.yaml by mp
* Enhancement: default-logins/apollo/apollo-default-login.yaml by mp
* Enhancement: default-logins/arl/arl-default-login.yaml by mp
* Enhancement: default-logins/digitalrebar/digitalrebar-default-login.yaml by mp
* Enhancement: default-logins/mantisbt/mantisbt-default-credential.yaml by mp
* Enhancement: default-logins/stackstorm/stackstorm-default-login.yaml by mp
* Enhancement: dns/caa-fingerprint.yaml by mp
* Enhancement: exposed-panels/active-admin-exposure.yaml by mp
* Enhancement: exposed-panels/activemq-panel.yaml by mp
* Enhancement: default-logins/ambari/ambari-default-login.yaml by mp
* Restore & stomped by dashboard
* Enhancement: cves/2010/CVE-2010-1653.yaml by mp
* Enhancement: cves/2021/CVE-2021-38751.yaml by mp
* Enhancement: cves/2021/CVE-2021-39320.yaml by mp
* Enhancement: cves/2021/CVE-2021-39322.yaml by mp
* Enhancement: cves/2021/CVE-2021-39327.yaml by mp
* Enhancement: cves/2021/CVE-2021-39350.yaml by mp
* Enhancement: cves/2021/CVE-2021-39433.yaml by mp
* Enhancement: cves/2021/CVE-2021-41192.yaml by mp
* Enhancement: cnvd/2021/CNVD-2021-15824.yaml by mp
* Enhancement: exposed-panels/ansible-semaphore-panel.yaml by mp
* Enhancement: exposed-panels/aviatrix-panel.yaml by mp
* Enhancement: cves/2022/CVE-2022-24288.yaml by mp
* Enhancement: cves/2022/CVE-2022-24990.yaml by mp
* Enhancement: cves/2022/CVE-2022-26159.yaml by mp
* Enhancement: default-logins/aem/aem-default-login.yaml by mp
* Enhancement: exposed-panels/blue-iris-login.yaml by mp
* Enhancement: exposed-panels/bigbluebutton-login.yaml by mp
* Enhancement: cves/2022/CVE-2022-24288.yaml by mp
* Enhancement: cves/2022/CVE-2022-24990.yaml by mp
* Enhancement: cves/2022/CVE-2022-26159.yaml by mp
* Enhancement: default-logins/aem/aem-default-login.yaml by mp
* Spacing issues
Add cve-id field
* fix & stomping
* Enhancement: cves/2016/CVE-2016-1000141.yaml by mp
* Enhancement: cves/2020/CVE-2020-24912.yaml by mp
* Enhancement: cves/2021/CVE-2021-35265.yaml by mp
* Enhancement: cves/2022/CVE-2022-0437.yaml by mp
* Enhancement: cves/2010/CVE-2010-1601.yaml by mp
* Enhancement: technologies/teradici-pcoip.yaml by mp
* Enhancement: vulnerabilities/other/unauth-hoteldruid-panel.yaml by mp
* Enhancement: cves/2010/CVE-2010-1475.yaml by mp
* Enhancement: cves/2010/CVE-2010-1535.yaml by mp
* Enhancement: exposed-panels/epson-web-control-detect.yaml by mp
* Enhancement: exposed-panels/epson-access-detect.yaml by mp
* Enhancement: cves/2020/CVE-2020-29453.yaml by mp
* Fix spacing
Co-authored-by: sullo <sullo@cirt.net>
2022-03-25 17:15:10 +05:30
95d9b7f30c
Merge pull request #3953 from projectdiscovery/regex-update
...
Updated "/etc/passwd" regex to avoid possible false positive results.
2022-03-23 00:23:06 +05:30
ec99241f0e
Updated "/etc/passwd" regex to avoid possible false positive results.
2022-03-22 13:31:31 +05:30
c513d88d0d
Merge branch 'master' into rule-add-v102
2022-03-22 13:23:38 +05:30
66927bff20
Update tekon-info-leak.yaml
2022-03-21 16:36:39 +05:30
218b87a384
removing duplicate template
2022-03-18 21:09:34 +05:30
b17a49d4e4
Create CNVD-2021-28277.yaml ( #3892 )
...
* Create CNVD-2021-28277.yaml
* misc update
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-03-18 20:35:35 +05:30
bb7dbc4f0c
Create tekon-info-leak.yaml
...
A vulnerability in Tekon allows remote unauthenticated users to disclose the Log of the remote device.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2022-03-18 19:38:44 +09:00
795dbfdecc
Added Kiwi TCMS JSON-RPC misconfig
2022-03-13 17:50:38 +05:30
713c8d87cf
Merge pull request #3877 from projectdiscovery/dixell-xweb500-file-write
...
Create dixell-xweb500-file-write.yaml
2022-03-11 16:34:36 +05:30
5bd8cb0f89
Update and rename dixell-xweb500-file-write.yaml to dixell-xweb500-filewrite.yaml
2022-03-11 16:30:02 +05:30
030c9484b9
Update and rename unisharp-laravel-file-manager.yaml to laravel-filemanager-lfi.yaml
2022-03-11 15:57:07 +05:30
b7cc60c53d
Update dixell-xweb500-file-write.yaml
2022-03-11 02:00:55 +05:30
d7b8f35d9f
Create unisharp-laravel-file-manager.yaml
2022-03-11 02:00:23 +05:30
a5713235f2
Create dixell-xweb500-file-write.yaml
2022-03-11 01:57:31 +05:30
d5556d3a75
Enhancement: default-logins/cobbler/cobbler-default-login.yaml by mp
2022-03-03 08:27:48 -05:00
83d58c326f
Enhancement: vulnerabilities/other/accent-microcomputers-lfi.yaml by mp
2022-03-02 10:11:09 -05:00
3f18fe8d0b
Enhancement: vulnerabilities/other/accent-microcomputers-lfi.yaml by mp
2022-03-02 09:52:59 -05:00
3b031c3693
Enhancement: vulnerabilities/other/74cms-sqli.yaml by mp
2022-03-02 09:43:09 -05:00
a330bb78bb
Merge branch 'master' into dashboard
2022-02-28 17:21:32 -05:00
44a9163e54
Update microweber-xss.yaml
2022-03-01 02:47:11 +05:30
420a995b14
Enhancement: vulnerabilities/other/unauth-spark-api.yaml by cs
2022-02-28 14:17:05 -05:00
1368ea9fe7
Create microweber-xss.yaml
...
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2022-02-28 16:17:51 +09:00
c07bd54967
payload fix
2022-02-25 17:28:47 +05:30
402cda8a0a
Merge pull request #3747 from Akokonunes/patch-120
...
Create otobo-open-redirect.yaml
2022-02-23 17:35:55 +05:30
b86641d6df
Update and rename otobo-open-redirect.yaml to vulnerabilities/other/otobo-open-redirect.yaml
2022-02-23 17:07:41 +05:30
d5b600a2a1
Merge pull request #3727 from evanRubinsteinIT/pollbot-redirect
...
Added pollbot-redirect
2022-02-22 13:56:25 +05:30
4731194ac2
Update pollbot-redirect.yaml
2022-02-22 12:01:20 +05:30
2fb5401ddb
Update pollbot-redirect.yaml
2022-02-22 11:48:32 +05:30
0672c4dc7d
Update goip-1-lfi.yaml
2022-02-22 11:38:07 +05:30
21a267d106
Updated Template
2022-02-18 10:48:34 -05:00
a536bb5087
Added pollbot-redirect
2022-02-18 10:39:04 -05:00
a2cec40a5d
Create goip-1-lfi.yaml
...
Input passed thru the 'content' or 'sidebar' GET parameter in 'frame.html' or 'frame.A100.html' not properly sanitized before being used to read files. This can be exploited by an unauthenticated attacker to read arbitrary files on the affected system.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2022-02-18 21:33:17 +09:00
f705c2debd
removing duplicate template
2022-02-15 23:43:06 +05:30
be309f08e0
Update and rename yshaadmin-traversal.yaml to yishaadmin-lfi.yaml
2022-02-15 18:33:24 +05:30
22d14023a7
Update yshaadmin-traversal.yaml
2022-02-14 23:53:28 -05:00
5fcaefe315
Added yshaadmin path traversal vulnerability
2022-02-14 23:48:57 -05:00
b9efa77da3
Merge branch 'projectdiscovery:master' into master
2022-02-14 23:47:10 -05:00
6c6b4e7270
Merge pull request #3700 from Akokonunes/patch-116
...
Create kyocera-rx-ecosys-m2035dn-lfi.yaml
2022-02-15 02:16:54 +05:30
1f1b03ba67
Update and rename kyocera-rx-ecosys-m2035dn-lfi.yaml to vulnerabilities/other/kyocera-m2035dn-lfi.yaml
2022-02-15 02:10:30 +05:30
f8a52f9be2
Update nuuno-network-login.yaml ( #3701 )
...
* Update nuuno-network-login.yaml
* Update panasonic-network-management.yaml
* Update cisco-network-config.yaml
* Update emerson-power-panel.yaml
* Update unifi-network-log4j-rce.yaml
2022-02-14 19:53:51 +05:30
111f7d9a88
Cleanup some dashboard artifacts
2022-02-04 14:02:53 -05:00
439b0ebffc
Enhancement: vulnerabilities/other/zhiyuan-file-upload.yaml by mp
2022-02-04 10:55:39 -05:00
26137cf96f
Enhancement: vulnerabilities/other/zhiyuan-file-upload.yaml by mp
2022-02-04 10:54:04 -05:00
e1b8bf3da2
Update antsword-backdoor.yaml
2022-02-01 01:52:39 +05:30
e5a77aa803
Create antsword-backdoor.yaml
2022-02-01 01:39:46 +05:30
9a8482172d
Remove:
...
- various nonstandard ascii chars in favor of the standard ones (mostly quotes)
- spaces after : in some files
2022-01-25 14:38:53 -05:00
e5b30f69d1
Update and rename vulnerabilities/JavaMelody/java-melody-xss.yaml to vulnerabilities/other/java-melody-xss.yaml
2022-01-24 13:15:23 +05:30
ae3e6c0c21
Merge branch 'projectdiscovery:master' into master
2022-01-16 23:24:58 -05:00
e5958c1364
Update tags ( #3538 )
2022-01-16 02:08:21 +05:30
0a651c182f
Update tags ( #3530 )
2022-01-13 10:49:53 +05:30
64cf0fa4ba
Rename maian cart rce ( #3532 )
...
* Update and rename vulnerabilities/other/maian-cart-preauth-rce.yaml to cves/2021/CVE-2021-32172.yaml
* Update CVE-2021-32172.yaml
Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
2022-01-13 10:48:51 +05:30
33d009da24
Update xerox-efi-lfi.yaml
2022-01-10 12:07:06 +05:30
9befbf0654
Create xerox-efi-lfi.yaml
...
Input passed thru the 'file' GET parameter in 'forceSave.php' script is not properly sanitized before being used to read files. This can be exploited by an unauthenticated attacker to read arbitrary files on the affected system.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2022-01-09 15:39:39 +09:00
844c3b4a02
Network template updates & fixes ( #3497 )
...
* Fixed template syntax
* network template update and fixes
2022-01-07 12:58:37 +05:30
c5723bdf55
Renames vulnerabilities/other/WooYun2015-148227 ( #3488 )
...
Swaps capitalization to all lowercase, as Linux filesystems don't handle capitalization well which may result in this file being skipped.
2022-01-06 12:00:31 +05:30
e281e5bf88
Updated all templates tags with technologies ( #3478 )
...
* Updated tags for template sonicwall-email-security-detect.yaml
* Updated tags for template detect-sentry.yaml
* Updated tags for template kong-detect.yaml
* Updated tags for template openam-detect.yaml
* Updated tags for template shiro-detect.yaml
* Updated tags for template iplanet-web-server.yaml
* Updated tags for template graylog-api-browser.yaml
* Updated tags for template prtg-detect.yaml
* Updated tags for template node-red-detect.yaml
* Updated tags for template abyss-web-server.yaml
* Updated tags for template geo-webserver.yaml
* Updated tags for template autobahn-python-detect.yaml
* Updated tags for template default-lighttpd-page.yaml
* Updated tags for template microsoft-iis-8.yaml
* Updated tags for template lucee-detect.yaml
* Updated tags for template php-proxy-detect.yaml
* Updated tags for template jenkins-detect.yaml
* Updated tags for template cockpit-detect.yaml
* Updated tags for template csrfguard-detect.yaml
* Updated tags for template dwr-index-detect.yaml
* Updated tags for template netsweeper-webadmin-detect.yaml
* Updated tags for template weblogic-detect.yaml
* Updated tags for template s3-detect.yaml
* Updated tags for template tileserver-gl.yaml
* Updated tags for template springboot-actuator.yaml
* Updated tags for template terraform-detect.yaml
* Updated tags for template redmine-cli-detect.yaml
* Updated tags for template mrtg-detect.yaml
* Updated tags for template tableau-server-detect.yaml
* Updated tags for template magmi-detect.yaml
* Updated tags for template oidc-detect.yaml
* Updated tags for template tor-socks-proxy.yaml
* Updated tags for template synology-web-station.yaml
* Updated tags for template herokuapp-detect.yaml
* Updated tags for template gunicorn-detect.yaml
* Updated tags for template sql-server-reporting.yaml
* Updated tags for template google-bucket-service.yaml
* Updated tags for template kubernetes-mirantis.yaml
* Updated tags for template kubernetes-enterprise-manager.yaml
* Updated tags for template oracle-iplanet-web-server.yaml
* Updated tags for template dell-idrac7-detect.yaml
* Updated tags for template dell-idrac6-detect.yaml
* Updated tags for template dell-idrac9-detect.yaml
* Updated tags for template dell-idrac8-detect.yaml
* Updated tags for template apache-guacamole.yaml
* Updated tags for template aws-cloudfront-service.yaml
* Updated tags for template aws-bucket-service.yaml
* Updated tags for template nginx-linux-page.yaml
* Updated tags for template telerik-fileupload-detect.yaml
* Updated tags for template telerik-dialoghandler-detect.yaml
* Updated tags for template htaccess-config.yaml
* Updated tags for template microsoft-azure-error.yaml
* Updated tags for template detect-options-method.yaml
* Updated tags for template unpatched-coldfusion.yaml
* Updated tags for template moodle-changelog.yaml
* Updated tags for template detect-dns-over-https.yaml
* Updated tags for template CVE-2019-19134.yaml
* Updated tags for template CVE-2019-3929.yaml
* Updated tags for template CVE-2019-19908.yaml
* Updated tags for template CVE-2019-10475.yaml
* Updated tags for template CVE-2019-17382.yaml
* Updated tags for template CVE-2019-16332.yaml
* Updated tags for template CVE-2019-14974.yaml
* Updated tags for template CVE-2019-19368.yaml
* Updated tags for template CVE-2019-12725.yaml
* Updated tags for template CVE-2019-15501.yaml
* Updated tags for template CVE-2019-9733.yaml
* Updated tags for template CVE-2019-14322.yaml
* Updated tags for template CVE-2019-9955.yaml
* Updated tags for template CVE-2019-0230.yaml
* Updated tags for template CVE-2019-10232.yaml
* Updated tags for template CVE-2019-17506.yaml
* Updated tags for template CVE-2019-8449.yaml
* Updated tags for template CVE-2019-12593.yaml
* Updated tags for template CVE-2019-10092.yaml
* Updated tags for template CVE-2019-1821.yaml
* Updated tags for template CVE-2019-3401.yaml
* Updated tags for template CVE-2019-16662.yaml
* Updated tags for template CVE-2019-5418.yaml
* Updated tags for template CVE-2016-4975.yaml
* Updated tags for template CVE-2016-1000137.yaml
* Updated tags for template CVE-2016-7552.yaml
* Updated tags for template CVE-2016-10956.yaml
* Updated tags for template CVE-2016-1000146.yaml
* Updated tags for template CVE-2013-2251.yaml
* Updated tags for template CVE-2013-1965.yaml
* Updated tags for template CVE-2014-2323.yaml
* Updated tags for template CVE-2014-5111.yaml
* Updated tags for template CVE-2014-2962.yaml
* Updated tags for template CVE-2014-4561.yaml
* Updated tags for template CVE-2014-4558.yaml
* Updated tags for template CVE-2014-3120.yaml
* Updated tags for template CVE-2007-5728.yaml
* Updated tags for template CVE-2009-4679.yaml
* Updated tags for template CVE-2009-1558.yaml
* Updated tags for template CVE-2009-4202.yaml
* Updated tags for template CVE-2009-0932.yaml
* Updated tags for template CVE-2015-2068.yaml
* Updated tags for template CVE-2015-8813.yaml
* Updated tags for template CVE-2015-7450.yaml
* Updated tags for template CVE-2015-2067.yaml
* Updated tags for template CVE-2015-3306.yaml
* Updated tags for template CVE-2015-3337.yaml
* Updated tags for template CVE-2015-1427.yaml
* Updated tags for template CVE-2015-1503.yaml
* Updated tags for template CVE-2015-1880.yaml
* Updated tags for template CVE-2018-3810.yaml
* Updated tags for template CVE-2018-18069.yaml
* Updated tags for template CVE-2018-17246.yaml
* Updated tags for template CVE-2018-10141.yaml
* Updated tags for template CVE-2018-16341.yaml
* Updated tags for template CVE-2018-18777.yaml
* Updated tags for template CVE-2018-15138.yaml
* Updated tags for template CVE-2018-11784.yaml
* Updated tags for template CVE-2018-16299.yaml
* Updated tags for template CVE-2018-7251.yaml
* Updated tags for template CVE-2018-1273.yaml
* Updated tags for template CVE-2018-1271.yaml
* Updated tags for template CVE-2018-11759.yaml
* Updated tags for template CVE-2018-3167.yaml
* Updated tags for template CVE-2018-7490.yaml
* Updated tags for template CVE-2018-2628.yaml
* Updated tags for template CVE-2018-13380.yaml
* Updated tags for template CVE-2018-2893.yaml
* Updated tags for template CVE-2018-5316.yaml
* Updated tags for template CVE-2018-20985.yaml
* Updated tags for template CVE-2018-10818.yaml
* Updated tags for template CVE-2018-1000861.yaml
* Updated tags for template CVE-2018-0296.yaml
* Updated tags for template CVE-2018-19458.yaml
* Updated tags for template CVE-2018-3760.yaml
* Updated tags for template CVE-2018-12998.yaml
* Updated tags for template CVE-2018-9118.yaml
* Updated tags for template CVE-2018-1000130.yaml
* Updated tags for template CVE-2008-6668.yaml
* Updated tags for template CVE-2017-7269.yaml
* Updated tags for template CVE-2017-1000170.yaml
* Updated tags for template CVE-2017-16877.yaml
* Updated tags for template CVE-2017-1000486.yaml
* Updated tags for template CVE-2017-9822.yaml
* Updated tags for template CVE-2017-0929.yaml
* Updated tags for template CVE-2017-7921.yaml
* Updated tags for template CVE-2017-14535.yaml
* Updated tags for template CVE-2017-5521.yaml
* Updated tags for template CVE-2017-12637.yaml
* Updated tags for template CVE-2017-12635.yaml
* Updated tags for template CVE-2017-11610.yaml
* Updated tags for template CVE-2021-20114.yaml
* Updated tags for template CVE-2021-40856.yaml
* Updated tags for template CVE-2021-21972.yaml
* Updated tags for template CVE-2021-31602.yaml
* Updated tags for template CVE-2021-41773.yaml
* Updated tags for template CVE-2021-37704.yaml
* Updated tags for template CVE-2021-45046.yaml
* Updated tags for template CVE-2021-26084.yaml
* Updated tags for template CVE-2021-27931.yaml
* Updated tags for template CVE-2021-24291.yaml
* Updated tags for template CVE-2021-41648.yaml
* Updated tags for template CVE-2021-37216.yaml
* Updated tags for template CVE-2021-22005.yaml
* Updated tags for template CVE-2021-37573.yaml
* Updated tags for template CVE-2021-31755.yaml
* Updated tags for template CVE-2021-43287.yaml
* Updated tags for template CVE-2021-24274.yaml
* Updated tags for template CVE-2021-33564.yaml
* Updated tags for template CVE-2021-22145.yaml
* Updated tags for template CVE-2021-24237.yaml
* Updated tags for template CVE-2021-44848.yaml
* Updated tags for template CVE-2021-25646.yaml
* Updated tags for template CVE-2021-21816.yaml
* Updated tags for template CVE-2021-41649.yaml
* Updated tags for template CVE-2021-41291.yaml
* Updated tags for template CVE-2021-41293.yaml
* Updated tags for template CVE-2021-21801.yaml
* Updated tags for template CVE-2021-29156.yaml
* Updated tags for template CVE-2021-34370.yaml
* Updated tags for template CVE-2021-27132.yaml
* Updated tags for template CVE-2021-28151.yaml
* Updated tags for template CVE-2021-26812.yaml
* Updated tags for template CVE-2021-21985.yaml
* Updated tags for template CVE-2021-43778.yaml
* Updated tags for template CVE-2021-25281.yaml
* Updated tags for template CVE-2021-40539.yaml
* Updated tags for template CVE-2021-36749.yaml
* Updated tags for template CVE-2021-21234.yaml
* Updated tags for template CVE-2021-33221.yaml
* Updated tags for template CVE-2021-42013.yaml
* Updated tags for template CVE-2021-33807.yaml
* Updated tags for template CVE-2021-44228.yaml
* Updated tags for template CVE-2012-0896.yaml
* Updated tags for template CVE-2012-0991.yaml
* Updated tags for template CVE-2012-0392.yaml
* Updated tags for template CVE-2012-4940.yaml
* Updated tags for template CVE-2012-1226.yaml
* Updated tags for template CVE-2012-4878.yaml
* Updated tags for template CVE-2010-1304.yaml
* Updated tags for template CVE-2010-1217.yaml
* Updated tags for template CVE-2010-0759.yaml
* Updated tags for template CVE-2010-2307.yaml
* Updated tags for template CVE-2010-4231.yaml
* Updated tags for template CVE-2010-2861.yaml
* Updated tags for template CVE-2010-4282.yaml
* Updated tags for template CVE-2010-1302.yaml
* Updated tags for template CVE-2010-1461.yaml
* Updated tags for template CVE-2020-4463.yaml
* Updated tags for template CVE-2020-1943.yaml
* Updated tags for template CVE-2020-36289.yaml
* Updated tags for template CVE-2020-17518.yaml
* Updated tags for template CVE-2020-12800.yaml
* Updated tags for template CVE-2020-10770.yaml
* Updated tags for template CVE-2020-17506.yaml
* Updated tags for template CVE-2020-11547.yaml
* Updated tags for template CVE-2020-11034.yaml
* Updated tags for template CVE-2020-24589.yaml
* Updated tags for template CVE-2020-9054.yaml
* Updated tags for template CVE-2020-28976.yaml
* Updated tags for template CVE-2020-16952.yaml
* Updated tags for template CVE-2020-24312.yaml
* Updated tags for template CVE-2020-8512.yaml
* Updated tags for template CVE-2020-14179.yaml
* Updated tags for template CVE-2020-6308.yaml
* Updated tags for template CVE-2020-35846.yaml
* Updated tags for template CVE-2020-7318.yaml
* Updated tags for template CVE-2020-2140.yaml
* Updated tags for template CVE-2020-5410.yaml
* Updated tags for template CVE-2020-5777.yaml
* Updated tags for template CVE-2020-13700.yaml
* Updated tags for template CVE-2020-5775.yaml
* Updated tags for template CVE-2020-13167.yaml
* Updated tags for template CVE-2020-35848.yaml
* Updated tags for template CVE-2020-9484.yaml
* Updated tags for template CVE-2020-15505.yaml
* Updated tags for template CVE-2020-9047.yaml
* Updated tags for template CVE-2020-17519.yaml
* Updated tags for template CVE-2020-17505.yaml
* Updated tags for template CVE-2020-9376.yaml
* Updated tags for template CVE-2020-8497.yaml
* Updated tags for template CVE-2020-14092.yaml
* Updated tags for template CVE-2020-10148.yaml
* Updated tags for template CVE-2020-35847.yaml
* Updated tags for template CVE-2020-12116.yaml
* Updated tags for template CVE-2020-11930.yaml
* Updated tags for template CVE-2020-24186.yaml
* Updated tags for template CVE-2020-9496.yaml
* Updated tags for template CVE-2020-35489.yaml
* Updated tags for template CVE-2020-26413.yaml
* Updated tags for template CVE-2020-2096.yaml
* misc updates
* misc update
* more updates
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-01-05 01:04:16 +05:30
3357141838
Merge pull request #3425 from Akokonunes/patch-96
...
Create accent-microcomputers-lfi.yaml
2022-01-03 10:29:56 +05:30
7ab7eca6ef
Merge pull request #3426 from Akokonunes/patch-97
...
Create sofneta-mecdream-pacs-server-lfi.yaml
2022-01-03 10:29:46 +05:30
2ed4e8a966
Merge pull request #3421 from pikpikcu/patch-311
...
Create sponip-network-system-ping-rce
2022-01-03 10:28:00 +05:30
ba686ad67f
Update and rename accent-microcomputers-lfi.yaml to vulnerabilities/other/accent-microcomputers-lfi.yaml
2022-01-03 10:24:12 +05:30
b70b9bcbf1
Update and rename sofneta-mecdream-pacs-server-lfi.yaml to sofneta-mecdream-pacs-lfi.yaml
2022-01-03 10:21:00 +05:30
139b04c9b6
Update and rename jinfornet-jreport-lfi.yaml to vulnerabilities/other/jinfornet-jreport-lfi.yaml
2022-01-03 10:01:12 +05:30
cb9fdbd7cc
Update and rename sofneta-mecdream-pacs-server-lfi.yaml to vulnerabilities/other/sofneta-mecdream-pacs-server-lfi.yaml
2021-12-29 11:28:09 +05:30
4ba5e931cc
Update sl-studio-lfi.yaml
2021-12-29 09:20:13 +05:30
b7974b288e
Update and rename sl-studio-lfi.yaml to vulnerabilities/other/sl-studio-lfi.yaml
2021-12-29 09:16:32 +05:30
955c71fa50
Update sponip-network-system-ping-rce.yaml
2021-12-24 20:24:40 +05:30
51843e1e62
Create sponip-network-system-ping-rce.yaml
2021-12-24 09:30:31 -05:00
0ddd4c7911
Update and rename dicoogle-pacs-lfi.yaml to vulnerabilities/other/dicoogle-pacs-lfi.yaml
2021-12-24 19:23:04 +05:30
8289e92291
Fixed h3c-imc-rce.yaml ( #3401 )
...
* Fixed h3c-imc-rce.yaml
* Update h3c-imc-rce.yaml
* Additional payload for windows
Co-authored-by: niudai <niudai@zp857s-mbp.local>
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2021-12-23 20:23:42 +05:30
c57984b8f8
Added UniFi Network Log4j JNDI RCE ( #3402 )
...
Co-Authored-By: KrE80r <13027962+KrE80r@users.noreply.github.com>
Co-authored-by: KrE80r <13027962+KrE80r@users.noreply.github.com>
2021-12-23 08:57:03 +05:30
7933cfc470
Removing extra space from raw HTTP request
...
Should prevent issues with parsing this request
2021-12-22 13:33:51 +01:00
6e6349205d
Update and rename pacsone-server-6-6-2-lfi.yaml to vulnerabilities/other/pacsone-server-lfi.yaml
2021-12-21 17:32:19 +05:30
7a5cdc2bc3
Added ServiceNow Helpdesk Credential Exposure ( #3371 )
...
* Added ServiceNow Helpdesk Credential Exposure
Co-Authored-By: JP <19959240+jordanpotti@users.noreply.github.com>
* matcher update
Co-authored-by: JP <19959240+jordanpotti@users.noreply.github.com>
2021-12-19 23:42:01 +05:30
dcf3f57bdf
Merge pull request #3373 from projectdiscovery/princechaddha-patch-2
...
Create global-domains-xss.yaml
2021-12-18 15:02:06 +05:30
71027cbc79
Merge pull request #3357 from Akokonunes/patch-90
...
Create global-domains-lfi.yaml
2021-12-18 14:52:35 +05:30
3b067a1aca
Create global-domains-xss.yaml
2021-12-18 14:51:08 +05:30
0f40857119
Update and rename global-domains-lfi.yaml to vulnerabilities/other/global-domains-lfi.yaml
2021-12-18 14:43:28 +05:30
9a4941d995
Merge pull request #3356 from Akokonunes/patch-89
...
Create groupoffice-lfi.yaml
2021-12-18 14:33:42 +05:30
7b39972bfd
Merge pull request #3367 from gy741/rule-add-v80
...
Create oliver-library-server-lfi.yaml
2021-12-18 14:33:23 +05:30
c6521085b7
Update groupoffice-lfi.yaml
2021-12-18 14:32:09 +05:30
4747277a4e
Update and rename asanhamayesh-cms-lfi.yaml to vulnerabilities/other/asanhamayesh-lfi.yaml
2021-12-18 14:28:39 +05:30
35faabd29f
Update and rename groupoffice-lfi.yaml to vulnerabilities/other/groupoffice-lfi.yaml
2021-12-18 14:26:46 +05:30
8afbfdc8dc
Update and rename oliver-library-server-lfi.yaml to oliver-library-lfi.yaml
2021-12-18 14:23:57 +05:30
4fdb934da0
Create oliver-library-server-lfi.yaml
...
An arbitrary file download vulnerability in Oliver v5 Library Server Versions < 8.00.008.053 via the FileServlet function allows for arbitrary file download by an attacker using unsanitized user supplied input.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-12-18 10:55:28 +09:00
c9ddd7a0ae
update: id + reference update
2021-12-14 21:07:46 +05:30
dddb0bbb82
Added CVE-2021-24997 ( #3298 )
...
* Added CVE-39226
* Added CVE-39226
* Delete CVE-39226.yaml
* Renamed CVE-39226 to CVE-2021-39226
Fixed naming error
* Added Wp-Guppy-Information-Disclosure template
* Removed File
Found better descriptor
* Added CVE-2021-24997
Added WordPress Guppy Information Disclosure CVE
* Fixed CVE-2021-24997
Fixed YAML formatting
* Fixed Typo
URL Path had an extra double quote
* Auto Generated Templates Stats [Wed Dec 8 23:07:24 UTC 2021] 🤖
* Deleted Blank Space
* Update CVE-2021-24997.yaml
* Update CVE-2021-24997.yaml
* Update CVE-2021-24997.yaml
* Update CVE-2021-24997.yaml
* Added CVE-2021-43496
* Update CVE-2021-43496.yaml
* fix: syntax update
* Added New Vuln
* Update CVE-2021-24997.yaml
* Update CVE-2021-43496.yaml
* Update and rename hd-netowrk-realtime-monitor-system-LFI.yaml to hdnetwork-realtime-lfi.yaml
* fix: lints update
Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
Co-authored-by: GitHub Action <action@github.com>
Co-authored-by: Prince Chaddha <prince@projectdiscovery.io>
2021-12-14 02:22:26 +05:30
51944ab6a2
fix: lints update
2021-12-14 02:14:35 +05:30
6b007f48e7
Update and rename hd-netowrk-realtime-monitor-system-LFI.yaml to hdnetwork-realtime-lfi.yaml
2021-12-14 00:47:37 +05:30
f52b1f0d55
Added New Vuln
2021-12-13 05:01:48 -05:00
0e94557017
Merge pull request #3248 from pikpikcu/patch-307
...
added thruk-xss
2021-12-09 22:01:56 +05:30
f476c5ff5b
Update thruk-xss.yaml
2021-12-09 21:58:15 +05:30
d35a55f7b4
Update and rename watchguard-fireware-ad-helper-component-credentials-disclosure.yaml to watchguard-credentials-disclosure.yaml
2021-12-09 21:05:13 +05:30
bde4e1815a
Create watchguard-fireware-ad-helper-component-credentials-disclosure.yaml
...
a credential-disclosure vulnerability in the AD Helper component of the WatchGuard Fireware Threat Detection and Response (TDR) service, which allows unauthenticated attackers to gain Active Directory credentials for a Windows domain in plaintext.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-12-09 16:02:48 +09:00
9da0d768a1
fix: syntax + lint
2021-12-03 10:37:42 +05:30
83f6b2a153
Update thruk-xss.yaml
2021-12-02 19:07:50 +07:00
435eeca764
Create thruk-xss.yaml
2021-12-02 19:02:40 +07:00
725782050a
Add description
2021-11-23 12:09:00 +02:00
1e31e0f76d
Update and rename eibiz-server-3-8-0-lfi.yaml to vulnerabilities/other/eibiz-lfi.yaml
2021-11-18 21:52:30 +05:30
4eb84d7802
Merge pull request #3131 from Akokonunes/patch-70
...
Create hrsale-unauthenticated-lfi.yaml
2021-11-13 23:46:11 +05:30
9a227941a1
Rename hrsale-unauthenticated-lfi.yaml to vulnerabilities/other/hrsale-unauthenticated-lfi.yaml
2021-11-13 23:37:32 +05:30
b2aa8f9f5b
misc updates
2021-11-13 23:01:53 +05:30
35bfff6f61
Added skip-variables-check for SSTI template
2021-11-09 22:16:37 +05:30
cb74944f43
misc updates
2021-11-08 15:45:54 +05:30
c51bbf8715
Merge pull request #3099 from ImNightmaree/master
...
Create ecshop-sql.yaml
2021-11-08 13:44:54 +05:30
5a6c30c7cf
Update ecshop-sqli.yaml
2021-11-08 13:42:44 +05:30
85741bbcf9
Update and rename ecshop-sql.yaml to ecshop-sqli.yaml
2021-11-08 13:42:13 +05:30
06bb1f444c
Update seowon-router-rce.yaml
2021-11-08 12:49:37 +05:30
7973948360
Update seowon-router-rce.yaml
2021-11-08 12:43:14 +05:30
6183e248d8
Create seowon-router-rce.yaml
...
Execute commands without authentication as admin user, To use it in all versions, we only enter the router ip & Port(if available) in the request The result of the request is visible on the browser page
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-11-07 14:50:39 +09:00
797d9066a1
More linting
2021-11-07 02:49:07 +00:00
b77df460dd
Linting
2021-11-07 02:39:21 +00:00
bbecf3965a
Update ecshop-sql.yaml
2021-11-07 02:36:28 +00:00
38135df2a6
Update ecshop-sql.yaml
2021-11-07 02:30:38 +00:00
f37527101c
Create ecshop-sql.yaml
2021-11-07 02:03:09 +00:00
a57cb5081a
Update vanguard-post-xss.yaml
2021-11-05 21:36:53 +05:30
eef5252cc5
file name update
2021-11-05 06:01:59 +05:30
8c3f98c767
fixed invalid template syntax
2021-10-30 16:47:35 +05:30
9848f92894
Add description
2021-10-27 14:06:15 +03:00
14ae8e3f59
Add description
2021-10-27 14:05:11 +03:00
3a02b7c325
Add description
2021-10-27 14:04:00 +03:00
f1cf6fd9a7
Add description
2021-10-27 14:03:22 +03:00
d5d2ed0a0e
Add description
2021-10-27 13:52:34 +03:00
c9efc02223
Add description
2021-10-26 15:29:20 +03:00
093a495b5f
Add description
2021-10-26 15:28:43 +03:00
25f7c812c2
Add description
2021-10-26 15:27:57 +03:00
5d98d22416
Add description
2021-10-26 15:27:16 +03:00
8adbf37ab4
Add description
2021-10-26 15:26:10 +03:00
57bae34cb9
Add description
2021-10-26 15:25:34 +03:00
4c0e8bae7e
Add description
2021-10-26 15:24:26 +03:00
dcf402cfa4
Add description
2021-10-26 15:23:43 +03:00
7d0c8669a3
Add description
2021-10-26 15:22:21 +03:00
9c96179595
Fix description
2021-10-26 12:45:16 +03:00
081a2546fe
Add description
2021-10-25 12:59:08 +03:00
e4018d4a0c
Add description
2021-10-25 12:58:22 +03:00
f9fb282770
Add description
2021-10-25 12:57:40 +03:00
319c8a830e
Add description
2021-10-25 12:56:03 +03:00
3029da4ceb
Add description
2021-10-25 12:55:23 +03:00
9f8270bb7a
Add description
2021-10-25 12:54:49 +03:00
e9bd13da3e
Product name is 'OA'
2021-10-25 10:07:28 +03:00
a3d1ca6b81
Description
2021-10-25 10:06:44 +03:00
130e5b1ff5
add description
2021-10-25 10:01:03 +03:00
d03fce098e
Add description
2021-10-25 09:58:59 +03:00
5636579be1
Non-broken link
2021-10-25 09:57:47 +03:00
ee82e5c591
Add description
2021-10-25 09:56:44 +03:00
8ad49535b0
Add description
2021-10-24 12:38:06 +03:00
c66ad46464
more metadata update
2021-10-22 23:24:21 +05:30
2d5beca867
metadata update
2021-10-22 23:23:25 +05:30
07472bb021
Add description
2021-10-21 14:21:38 +03:00
ae55315ec6
Improve description
2021-10-21 14:15:52 +03:00
7e4cd54f9e
Add description
2021-10-21 14:13:53 +03:00
379513c015
Make description more clear
2021-10-21 08:55:02 +03:00
691dab8a52
Add description
2021-10-21 08:51:56 +03:00
fde188d253
Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates
2021-10-21 08:32:04 +03:00
a21cec6362
Merge pull request #2844 from projectdiscovery/more-fixes
...
Changes to adopt v2.5.3 engine
2021-10-21 07:21:20 +05:30
cfa3a798f3
Add description
2021-10-19 13:17:58 +03:00
e45550f4ed
Add description
2021-10-19 13:10:34 +03:00
d1684e7d67
Add description
2021-10-19 13:10:29 +03:00
5c910ab3b4
Add description
2021-10-19 13:03:41 +03:00
6d5e933128
Add description
2021-10-19 12:56:40 +03:00
33badb66d1
oob tags update
2021-10-19 02:10:26 +05:30
a614391d3f
Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates into more-fixes
2021-10-18 03:14:44 +05:30
087bbd2263
Add description
2021-10-17 15:54:19 +03:00
0fd1574fe2
Add description
2021-10-17 15:52:26 +03:00
c1b42bcc55
Add description
2021-10-17 15:50:52 +03:00
5385191a9d
Update microstrategy-ssrf.yaml
2021-10-17 07:46:32 +05:30
274f3f941a
Update microstrategy-ssrf.yaml
2021-10-16 17:19:30 -03:00
42cc6d9507
Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates into more-fixes
2021-10-14 23:51:16 +05:30
aad97c084c
misc update
2021-10-14 20:08:44 +05:30
f9f4e3327e
moving files around
2021-10-14 20:05:25 +05:30
adfbed9d51
lint fix
2021-10-14 19:50:43 +05:30
558272470e
Merge branch 'master' of https://github.com/nrathaus/nuclei-templates into pr/2893
2021-10-14 19:32:03 +05:30
a313e27f6e
misc update
2021-10-14 19:31:57 +05:30
4532646b44
Description
2021-10-14 16:35:40 +03:00
d803f91971
Add description
2021-10-14 16:34:15 +03:00
dbb28d586a
Add description
2021-10-14 16:32:34 +03:00
5a00c6841d
Working link
2021-10-14 16:32:15 +03:00
75f96128d5
Better description
2021-10-14 16:31:27 +03:00
16dd5c6e8e
More reference
2021-10-14 16:30:44 +03:00
09de143099
Add CVE
2021-10-14 16:30:14 +03:00
6eaff09b16
Add description
2021-10-14 16:29:51 +03:00
a6800e0e1a
Add description
2021-10-14 16:28:41 +03:00
5618e8eaa9
Better description
2021-10-14 16:27:26 +03:00
e3071a4f26
Added description
2021-10-14 16:10:54 +03:00
eef7ba6cd4
Spelling
2021-10-14 16:07:39 +03:00
083ca2805a
Add description
2021-10-14 16:07:18 +03:00
2946782493
Fix name
2021-10-14 16:06:20 +03:00
3322a4becc
Previous reference is no longer available
2021-10-14 16:05:47 +03:00
67a6e574a0
Add description
2021-10-14 16:04:37 +03:00
4b603769c5
Add vendor CERT advisory/cve
2021-10-14 15:59:38 +03:00
39ebcc13a3
Add description
2021-10-14 15:55:59 +03:00
18e6257e33
description
2021-10-14 15:54:28 +03:00
2e9613d75b
Improve description
2021-10-13 12:01:33 +03:00
d5038b7520
Add description
2021-10-13 12:00:55 +03:00
ab008edc5b
Add description
2021-10-13 12:00:39 +03:00
b86a987030
Dead link
2021-10-13 12:00:36 +03:00
a3608c32f4
Add description
2021-10-13 11:56:10 +03:00
9273a765c0
Merge branch 'master' into more-fixes
2021-10-13 13:48:52 +05:30
6205415bbd
Update keycloak-xss.yaml
...
Updating severity as this XSS is not exploitable directly.
2021-10-09 08:46:17 +05:30
95305667c0
Merge pull request #2852 from pdelteil/patch-65
...
Update qcubed-xss.yaml
2021-10-08 19:14:41 +05:30
6a00b9245c
Update qcubed-xss.yaml
2021-10-08 19:14:26 +05:30
de0a0ff3c1
misc update
2021-10-08 19:10:03 +05:30
60a3b6f4a4
Update qcubed-xss.yaml
2021-10-08 03:46:49 -03:00
888c703a3c
Update pmb-directory-traversal.yaml
2021-10-08 03:33:40 -03:00
53fc9bcb3f
misc fixes
2021-10-07 05:23:20 +05:30
8dfa5ce9b4
Added Lucee Unauthenticated Reflected XSS
2021-10-06 16:38:23 +05:30
47853b869b
Update metinfo-lfi.yaml
2021-10-02 17:57:59 +05:30
f43b256e6e
Update metinfo-lfi.yaml
2021-10-02 17:57:33 +05:30
8fc91de606
Update metinfo-lfi.yaml
2021-10-02 03:42:22 -03:00
58fd372498
Update and rename qihang-media-web-lfi.yaml to qihang-media-lfi.yaml
2021-10-01 16:28:20 +05:30
ea71661d79
Update and rename qihang-media-web-credentials-disclosure.yaml to qihang-media-disclosure.yaml
2021-10-01 16:26:25 +05:30
f750bf5ba5
Create qihang-media-web-credentials-disclosure.yaml
...
The application suffers from clear-text credentials disclosure vulnerability that allows an unauthenticated attacker to issue a request to an unprotected directory that hosts an XML file /xml/User/User.xml and obtain administrative login information that allows for a successful authentication bypass attack.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-10-01 15:42:48 +09:00
90138f44d1
Create qihang-media-web-lfi.yaml
...
The application suffers from an unauthenticated file disclosure vulnerability when input passed thru the filename parameter when using the download action or thru path parameter when using the getAll action is not properly verified before being used. This can be exploited to disclose contents of files and directories from local resources.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-10-01 15:35:12 +09:00
c9a374bed5
renamed: simple-employee-rce.yaml -> ../../cves/2019/CVE-2019-20183.yaml
2021-09-30 13:06:46 -04:00
28def083f6
Merge branch 'master' of https://github.com/sullo/nuclei-templates
...
Fix typo for cvss
2021-09-30 13:03:09 -04:00
3878138bfe
* Added Host headers where needed (validated via disclosures/posts)
...
* Added CVE simple-employee-rce.yaml
2021-09-30 12:52:05 -04:00
f839f628b6
Update and rename fatpipe-networks-warp-backdoor.yaml to fatpipe-backdoor.yaml
2021-09-30 17:18:45 +05:30
b65719103f
Update and rename fatpipe-networks-warp-auth-bypass.yaml to fatpipe-auth-bypass.yaml
2021-09-30 17:18:21 +05:30
9e25b4871e
Update fatpipe-networks-warp-backdoor.yaml
2021-09-30 16:13:19 +05:30
606d2b5ea4
Create fatpipe-networks-warp-backdoor.yaml
...
The application has a hidden administrative account cmuser that has no password and has write access permissions to the device. The user cmuser is not visible in Users menu list of the application.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-09-30 13:38:01 +09:00
263cadaacf
Create fatpipe-networks-warp-auth-bypass.yaml
...
Improper access control occurs when the application provides direct access to objects based on user-supplied input. As a result of this vulnerability attackers can bypass authorization and access resources behind protected pages.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-09-30 11:07:24 +09:00
8d7e5b2d24
Merge pull request #2748 from gy741/rule-add-v60
...
Create commax-cctv-rtsp-credentials-disclosure.yaml
2021-09-25 11:49:18 +05:30
2808f46429
Update and rename commax-cctv-rtsp-credentials-disclosure.yaml to commax-credentials-disclosure.yaml
2021-09-25 11:32:31 +05:30
2e7e35eb70
Update and rename ecoa-building-directory-traversal.yaml to ecoa-building-lfi.yaml
2021-09-25 11:22:48 +05:30
fac7f96b34
Create ecoa-building-directory-traversal.yaml
...
The BAS controller suffers from a directory traversal content disclosure vulnerability. Using the GET parameter cpath in File Manager (fmangersub), attackers can disclose directory content on the affected device
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-09-25 08:58:58 +09:00
59e0eb7ad3
Create commax-cctv-rtsp-credentials-disclosure.yaml
...
The COMMAX CCTV Bridge for the DVR service allows an unauthenticated attacker
to disclose RTSP credentials in plain-text.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-09-25 08:43:18 +09:00
18142906f0
moving files around
2021-09-22 18:09:43 +05:30
991963fe4a
Update Severity
2021-09-20 12:11:56 +07:00
50dfd3dc3d
Update Severity
2021-09-18 21:07:47 +07:00
0f03f5ff55
Merge pull request #2692 from projectdiscovery/metadata-attribute-update
2021-09-18 18:19:07 +05:30
8c28120218
Update luftguitar-arbitrary-file-upload.yaml
2021-09-18 14:32:13 +05:30
fb1aee75ce
Update luftguitar-arbitrary-file-upload.yaml
2021-09-18 14:28:03 +05:30
63cc624c4a
Update luftguitar-arbitrary-file-upload.yaml
2021-09-18 12:14:32 +05:30
2a1341274a
Create luftguitar-arbitrary-file-upload.yaml
2021-09-17 21:04:21 +07:00
df59ad5670
Update and rename ecoa-building-automation-lfd.yaml to vulnerabilities/other/ecoa-building-automation-lfd.yaml
2021-09-17 16:39:09 +05:30
676b51d20c
Metadata attribute update
2021-09-16 21:24:33 +05:30
18879698fa
Update bullwark-momentum-lfi.yaml
2021-09-13 15:55:14 +05:30
e18cc14218
Update bullwark-momentum-lfi.yaml
2021-09-13 15:34:18 +05:30
546bd6a038
matcher update
2021-09-13 15:28:35 +05:30
207c140c50
moving files around
2021-09-11 21:06:36 +05:30
cf4ef2ac5a
Merge pull request #2622 from projectdiscovery/missing-tags
2021-09-10 12:32:47 +05:30
bd24dc198e
Coverage for all templates using tags
2021-09-09 19:08:13 +05:30
67766f381a
Merge pull request #2600 from Akokonunes/patch-35
...
Create phpwiki-lfi.yaml
2021-09-09 15:02:41 +05:30
6ce33e2f47
Rename phpwiki-lfi.yaml to vulnerabilities/other/phpwiki-lfi.yaml
2021-09-09 15:01:35 +05:30
08dac56385
Update simple-employee-rce.yaml
2021-09-09 12:06:24 +05:30
609705f676
removed extra headers not required for template
2021-09-08 17:47:19 +05:30
9b75486616
Rename homeautomation-v3-openredirect.yaml to vulnerabilities/other/homeautomation-v3-openredirect.yaml
2021-09-07 18:07:48 +05:30
MostInterestingBotInTheWorld
Prince Chaddha
GwanYeong Kim
Ritik Chaddha
Arm!tage
Sandeep Singh
Muhammad Daffa
forgedhallpass
Evan Rubinstein
sullo
ImNightmaree
Pathtaga
Prince Chaddha
PikPikcU
niudaii
Melvin
Noam Rathaus
ImNightmaree
Philippe Delteil
Sullo