daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
8,271 Commits
17 Branches
0 Tags
160 MiB
Commit Graph

2380 Commits (60d262ace8b306fe46356b009fd69cadd04baa7c)

Author SHA1 Message Date
Muhammad Daffa 6e13d833ef
Create CVE-2018-19458.yaml 2021-08-03 06:20:58 +07:00
Muhammad Daffa 02d3258f2a
Create CVE-2018-20470.yaml 2021-08-03 06:19:42 +07:00
sandeep e2b20b8f01 Adding metadata 2021-08-02 23:16:05 +05:30
Sandeep Singh 249c39af51
Merge pull request #2299 from httpvoid/master 
Add CVE-2021-29484 - Ghost CMS DOM XSS
 2021-08-02 23:13:22 +05:30
Harsh Jaiswal 3f8e3ce2d0
Update cves/2021/CVE-2021-29484.yaml 
Co-authored-by: Toufik Airane <toufik.airane@appsectribe.com>
 2021-08-02 23:05:35 +05:30
Prince Chaddha 1939842ab6
Merge pull request #2219 from pikpikcu/patch-225 
Add Dolibarr xss
 2021-08-02 22:32:24 +05:30
Prince Chaddha f924e58b8e
Update CVE-2018-10095.yaml 2021-08-02 22:31:01 +05:30
Prince Chaddha dca1dd56b1
Merge pull request #2220 from pikpikcu/patch-226 
Add Grav CMS XSS
 2021-08-02 22:26:37 +05:30
Prince Chaddha e359b030f2
Update CVE-2018-5233.yaml 2021-08-02 22:25:21 +05:30
Prince Chaddha df1348ee5c
Merge pull request #2232 from daffainfo/patch-112 
Create CVE-2014-8799.yaml
 2021-08-02 22:00:52 +05:30
Prince Chaddha f93858622d
Update CVE-2014-8799.yaml 2021-08-02 21:59:27 +05:30
Sandeep Singh 18722cd4f4
Merge pull request #2311 from gy741/rule-add-v48 
Create CVE-2020-27361.yaml
 2021-08-02 21:56:57 +05:30
Prince Chaddha 347a850911
Merge pull request #2233 from pikpikcu/patch-232 
Add Tiki Wiki CMS Groupware XSS
 2021-08-02 21:48:20 +05:30
GwanYeong Kim 8627aadce0 Create CVE-2020-27361.yaml 
An issue exists within Akkadian Provisioning Manager 4.50.02 which allows attackers to view sensitive information within the /pme subdirectories.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
 2021-08-03 01:17:48 +09:00
Prince Chaddha 7d0e2be80a
Update CVE-2011-4336.yaml 2021-08-02 21:47:19 +05:30
Prince Chaddha 7aa7401f3a
Merge pull request #2278 from gy741/rule-add-v44 
Create CVE-2021-21816.yaml
 2021-08-02 21:17:00 +05:30
sandeep a1d73379aa Added CVE-2021-27561 2021-08-02 18:25:13 +05:30
Prince Chaddha c670df2925
Update CVE-2021-21816.yaml 2021-08-02 17:57:09 +05:30
Prince Chaddha 5c7a745e04
Merge pull request #2298 from gy741/rule-add-v47 
Create CVE-2021-3297.yaml
 2021-08-02 17:18:29 +05:30
Prince Chaddha 8810d6fd64
Merge pull request #2294 from daffainfo/patch-123 
Create CVE-2016-1000148.yaml
 2021-08-02 17:18:22 +05:30
Prince Chaddha fb0c113fb6
Merge pull request #2281 from daffainfo/patch-121 
Create CVE-2016-10993.yaml
 2021-08-02 17:18:07 +05:30
Prince Chaddha 434b69608a
Update CVE-2016-10993.yaml 2021-08-02 17:16:58 +05:30
Prince Chaddha a3cba3b1e1
Merge pull request #2280 from daffainfo/patch-120 
Create CVE-2020-35598.yaml
 2021-08-02 17:14:38 +05:30
Prince Chaddha e4817b6e19
Merge pull request #2282 from daffainfo/patch-122 
Create CVE-2012-4253.yaml
 2021-08-02 17:13:52 +05:30
Prince Chaddha 27f96f96c4
Update CVE-2021-3297.yaml 2021-08-02 17:12:42 +05:30
Prince Chaddha 2c0ecb01b3
Update CVE-2021-3297.yaml 2021-08-02 17:09:52 +05:30
Prince Chaddha bae8422cfb
Update CVE-2021-3297.yaml 2021-08-02 17:06:07 +05:30
Noam Rathaus 37608a954c Description 2021-08-02 12:56:17 +03:00
Noam Rathaus 6950d325e6 Update description 2021-08-02 12:55:21 +03:00
rootxharsh 6f2d74337e Add CVE-2021-29484.yaml 2021-08-02 13:28:24 +05:30
GwanYeong Kim bfa043e51f Create CVE-2021-3297.yaml 
On Zyxel NBG2105 V1.00(AAGU.2)C0 devices, setting the login cookie to 1 provides administrator access.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
 2021-08-02 16:35:38 +09:00
Prince Chaddha 1d58b2abd2
Merge pull request #2295 from daffainfo/patch-124 
Create CVE-2016-1000149.yaml
 2021-08-02 12:57:51 +05:30
Prince Chaddha 0757721d24
Update CVE-2016-1000149.yaml 2021-08-02 12:56:49 +05:30
Prince Chaddha 0c7025f30d
Update CVE-2016-1000148.yaml 2021-08-02 12:55:51 +05:30
sandeep 02dc911dc9 Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates 2021-08-02 12:53:44 +05:30
sandeep e896a8982d misc updates 2021-08-02 12:53:35 +05:30
r3dg33k dfcd364059 update to CVE-2017-5487, added extractor 2021-08-02 01:08:39 -04:00
Muhammad Daffa 6347e02b91
Create CVE-2016-1000149.yaml 2021-08-02 06:10:17 +07:00
Muhammad Daffa 54f927329d
Create CVE-2016-1000148.yaml 2021-08-02 06:09:14 +07:00
Sandeep Singh 81572ce596
Merge pull request #2292 from geeknik/patch-4 
Update CVE-2021-31581.yaml
 2021-08-02 02:09:32 +05:30
Sandeep Singh b04dc13dcd
Update CVE-2021-31581.yaml 2021-08-02 02:08:28 +05:30
sandeep a24977aab9 Update CVE-2020-6637.yaml 2021-08-02 01:42:01 +05:30
Sandeep Singh d416aea142
Merge pull request #2279 from gy741/rule-add-v45 
Create CVE-2021-36380.yaml
 2021-08-02 01:36:56 +05:30
sandeep ebf1653d65 Update CVE-2021-36380.yaml 2021-08-02 01:33:10 +05:30
Sandeep Singh 454e11f6c4
Merge pull request #2271 from pikpikcu/patch-240 
Update JIRA SSRF
 2021-08-02 01:31:27 +05:30
sandeep f5982c5d28 Update CVE-2019-8451.yaml 2021-08-02 01:30:00 +05:30
sandeep 5023dd6f9c Update CVE-2019-8451.yaml 2021-08-02 01:27:40 +05:30
Sandeep Singh c7778257c3
Update CVE-2019-8451.yaml 2021-08-02 01:22:49 +05:30
Sandeep Singh 56d3a2f1bd
Merge pull request #2284 from pikpikcu/patch-242 
Update CVE-2019-0221
 2021-08-02 01:17:36 +05:30
Sandeep Singh 76fb40314a
Merge pull request #2277 from pikpikcu/patch-241 
Update CVE-2021-3223
 2021-08-02 01:15:39 +05:30
sandeep 5c22441bac Update CVE-2021-3223.yaml 2021-08-02 01:11:43 +05:30
Geeknik Labs 9cbb151600
Update CVE-2021-31581.yaml 
Fixes https://github.com/projectdiscovery/nuclei-templates/issues/2285. 👍🏻
 2021-08-01 10:59:39 -05:00
Noam Rathaus 03dfb4bff6 More references 2021-08-01 09:16:33 +03:00
Noam Rathaus 3de7af6018 Better reference 2021-08-01 09:14:14 +03:00
Noam Rathaus ac70ba03c7 description and reference 2021-08-01 09:12:12 +03:00
Noam Rathaus 21b17993be Better references 2021-08-01 09:10:14 +03:00
Noam Rathaus 9dc30c37a2 Description and reference 2021-08-01 08:57:40 +03:00
Noam Rathaus 734dde35cc Fix FP - https://github.com/projectdiscovery/nuclei-templates/issues/2217 2021-08-01 08:52:30 +03:00
PikPikcU 0653fdc498
Update CVE-2019-0221.yaml 2021-08-01 09:43:53 +07:00
Muhammad Daffa 7f608a2d57
Create CVE-2012-4253.yaml 2021-08-01 07:33:05 +07:00
Muhammad Daffa 8801d2c380
Create CVE-2016-10993.yaml 2021-08-01 06:41:54 +07:00
Muhammad Daffa b826d82268
Create CVE-2020-35598.yaml 2021-08-01 06:40:11 +07:00
GwanYeong Kim 0678e7d233 Create CVE-2021-36380.yaml 
The /cgi/networkDiag.cgi script directly incorporated user-controllable parameters within a shell command, allowing an attacker to manipulate the resulting command by injecting valid OS command input. The following POST request injects a new command that instructs the server to establish a reverse TCP connection to another system, allowing the establishment of an interactive remote shell session.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
 2021-08-01 03:10:49 +09:00
GwanYeong Kim 5b3529bad5 Create CVE-2021-21816.yaml 
An information disclosure vulnerability exists in the Syslog functionality of D-LINK DIR-3040 1.13B03. A specially crafted network request can lead to the disclosure of sensitive information. An attacker can send an HTTP request to trigger this vulnerability.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
 2021-08-01 02:42:48 +09:00
Sandeep Singh bc48231304
Merge pull request #2192 from gy741/rule-add-v41 
Create CVE-2018-10818.yaml
 2021-07-31 22:56:26 +05:30
sandeep 620cd107c6 Update CVE-2018-10818.yaml 2021-07-31 22:55:55 +05:30
PikPikcU ae672521d9
Update CVE-2021-3223.yaml 2021-07-31 16:12:48 +07:00
Prince Chaddha 3cb1abc436
Merge pull request #2268 from daffainfo/patch-117 
Create CVE-2014-4535.yaml
 2021-07-31 09:02:23 +05:30
Prince Chaddha dccd46c576
Merge pull request #2267 from daffainfo/patch-116 
Create CVE-2019-12276.yaml
 2021-07-31 09:00:52 +05:30
Prince Chaddha 077191496a
Update CVE-2014-4535.yaml 2021-07-31 09:00:47 +05:30
Prince Chaddha 8246b2356c
Update CVE-2019-12276.yaml 2021-07-31 08:58:19 +05:30
Prince Chaddha 9c758ea8fb
Merge pull request #2275 from daffainfo/patch-118 
Create CVE-2014-4536.yaml
 2021-07-31 08:48:36 +05:30
Prince Chaddha b2e3670c91
Update CVE-2014-4536.yaml 2021-07-31 08:43:27 +05:30
Prince Chaddha 9a47b53434
Update CVE-2012-0991.yaml 2021-07-31 08:41:41 +05:30
Muhammad Daffa afe800c0db
Create CVE-2012-0991.yaml 2021-07-31 06:04:14 +07:00
Muhammad Daffa 3afcf2a755
Create CVE-2014-4536.yaml 2021-07-31 06:01:46 +07:00
Toufik Airane 1cce455f1c
Update CVE-2020-13927.yaml 
Following the discussion https://github.com/projectdiscovery/nuclei-templates/discussions/1477.

According to NIST, It's a critical issue.
https://nvd.nist.gov/vuln/detail/CVE-2020-13927
 2021-07-30 16:40:41 +02:00
sandeep ff344b0e49 Update CVE-2019-8451.yaml 2021-07-30 17:35:48 +05:30
PikPikcU 5bf63d1811
Update JIRA SSRF 2021-07-30 18:50:31 +07:00
Muhammad Daffa 010f1a8700
Create CVE-2014-4535.yaml 2021-07-30 05:51:07 +07:00
Muhammad Daffa 189f59ba9d
Create CVE-2019-12276.yaml 2021-07-30 05:49:59 +07:00
Prince Chaddha 10b35b4051
Merge pull request #2231 from daffainfo/patch-111 
Create CVE-2009-5114.yaml
 2021-07-29 18:35:08 +05:30
Muhammad Daffa da3ba72db3
Create CVE-2020-11455.yaml 2021-07-29 05:43:07 +07:00
Prince Chaddha 60be63be57
Merge pull request #2238 from pikpikcu/patch-235 
Add iTop XSS
 2021-07-29 00:23:17 +05:30
Prince Chaddha feb0af88eb
Update CVE-2015-6544.yaml 2021-07-29 00:16:01 +05:30
Prince Chaddha b3fdcb6bb3
Merge pull request #2240 from daffainfo/patch-113 
Create CVE-2019-14312.yaml
 2021-07-29 00:11:17 +05:30
Prince Chaddha 249766aff1
Merge pull request #2243 from pikpikcu/patch-238 
Add CVE-2015-8349
 2021-07-29 00:09:55 +05:30
Prince Chaddha f6b2676b00
Update CVE-2015-8349.yaml 2021-07-28 23:24:32 +05:30
Prince Chaddha 2b719b9fdb
Update CVE-2015-3648.yaml 2021-07-28 15:28:21 +05:30
PikPikcU 56a7c8095e
Create CVE-2015-3648.yaml 2021-07-28 13:00:02 +07:00
PikPikcU e3af07706d
Create CVE-2015-8349.yaml 2021-07-28 12:45:44 +07:00
Muhammad Daffa 3a3ccf0ba2
Create CVE-2019-14312.yaml 2021-07-28 09:04:19 +07:00
PikPikcU b65ac6853e
Update CVE-2015-6544.yaml 2021-07-28 08:02:57 +07:00
PikPikcU 0af99625ba
Create CVE-2015-6544.yaml 2021-07-28 08:01:44 +07:00
PikPikcU 38e095c98c
Fix Tags 2021-07-28 07:38:20 +07:00
PikPikcU 8c9697cb2f
Update CVE-2011-4336.yaml 2021-07-28 07:19:43 +07:00
PikPikcU 2bc6cc018f
Create CVE-2011-4336.yaml 2021-07-28 07:13:33 +07:00
Muhammad Daffa a07d931799
Create CVE-2014-8799.yaml 2021-07-28 05:03:23 +07:00
Muhammad Daffa 0341b58077
Create CVE-2009-5114.yaml 2021-07-28 05:02:29 +07:00
Sandeep Singh c703d92c5b
Merge pull request #2222 from pikpikcu/patch-228 
Add PhpCollab (unauthenticated) Arbitrary File Upload
 2021-07-27 19:44:35 +05:30
sandeep b984f86d67 removing extra headers 2021-07-27 17:59:13 +05:30
sandeep d43a54ada1 Update CVE-2017-6090.yaml 2021-07-27 17:56:56 +05:30
sandeep bfc130dfbd Merge branch 'patch-228' of https://github.com/pikpikcu/nuclei-templates into pr/2222 2021-07-27 17:51:06 +05:30
sandeep 448aec1edb minor updates 2021-07-27 17:50:49 +05:30
PikPikcU 870339ebe1
Update CVE-2017-6090.yaml 2021-07-27 19:10:51 +07:00
Sandeep Singh 32e18be51a
Merge pull request #2215 from TheConciergeDev/patch-4 
Renamed yaml file
 2021-07-27 17:27:23 +05:30
Prince Chaddha cd214580a7
Merge pull request #2224 from pikpikcu/patch-230 
Add SPIP XSS
 2021-07-27 17:25:04 +05:30
Prince Chaddha 0ce590a3f2
Update CVE-2016-7981.yaml 2021-07-27 17:23:32 +05:30
Prince Chaddha fdfd4232a5
Merge pull request #2225 from pikpikcu/patch-231 
Create CVE-2020-26153.yaml
 2021-07-27 17:22:04 +05:30
Prince Chaddha cdb91d44f3
Update CVE-2020-26153.yaml 2021-07-27 17:20:54 +05:30
Prince Chaddha 4a5d374227
Merge pull request #2212 from pikpikcu/patch-220 
Add Jeedom XSS
 2021-07-27 17:18:07 +05:30
Prince Chaddha ff582706c2
Merge pull request #2226 from daffainfo/patch-110 
Create CVE-2017-15647.yaml
 2021-07-27 17:17:44 +05:30
Prince Chaddha 142eb2fe3b
Update CVE-2020-9036.yaml 2021-07-27 17:12:32 +05:30
Prince Chaddha c4e75a7eb5
Merge pull request #2203 from pikpikcu/patch-211 
Add CVE-2020-27735
 2021-07-27 17:08:21 +05:30
Muhammad Daffa 590e6ae172
Create CVE-2017-15647.yaml 2021-07-27 18:36:29 +07:00
PikPikcU d561a8711d
Create CVE-2020-26153.yaml 2021-07-27 18:19:44 +07:00
Prince Chaddha d9f20b63e4
Update CVE-2020-27735.yaml 2021-07-27 16:32:50 +05:30
PikPikcU fb055acf9e
Create CVE-2016-7981.yaml 2021-07-27 17:27:42 +07:00
PikPikcU 315215aa02
Create CVE-2017-6090.yaml 2021-07-27 16:51:01 +07:00
PikPikcU ab408ccd04
Create CVE-2018-5233.yaml 2021-07-27 16:03:59 +07:00
PikPikcU 9e2de534a8
Create CVE-2018-10095.yaml 2021-07-27 15:49:19 +07:00
Prince Chaddha 6e7aba2fb9
Update CVE-2020-27735.yaml 2021-07-27 13:55:45 +05:30
Prince Chaddha 4a13112125
Update CVE-2020-27735.yaml 2021-07-27 13:33:41 +05:30
PikPikcU 317a63ec9c
Create CVE-2018-14013.yaml 2021-07-27 14:34:36 +07:00
TheConciergeDev 62df9585f9
Renamed yaml file 
Added missing "-" in filename
 2021-07-27 09:28:54 +02:00
PikPikcU 6f91b5d052
Create CVE-2020-9036.yaml 2021-07-27 13:45:01 +07:00
Prince Chaddha 840da27221
Merge pull request #2206 from pikpikcu/patch-214 
CLink Office XSS
 2021-07-27 11:59:42 +05:30
Prince Chaddha 76a39c9ef5
Update CVE 2020-6171.yaml 2021-07-27 11:58:42 +05:30
PikPikcU 56b4ada461
Update CVE-2009-0932.yaml 2021-07-27 12:35:57 +07:00
PikPikcU c2012bf293
Create CVE-2009-0932.yaml 2021-07-27 12:32:32 +07:00
PikPikcU 751626e435
Update CVE 2020-6171.yaml 2021-07-27 12:24:17 +07:00
PikPikcU ddc251861f
Create CVE 2020-6171.yaml 2021-07-27 12:21:52 +07:00
Prince Chaddha aff00f0cd8
Merge pull request #2202 from daffainfo/patch-109 
Create CVE-2012-4878.yaml
 2021-07-27 10:44:53 +05:30
Prince Chaddha caf6bb61c3
Update CVE-2020-27735.yaml 2021-07-27 10:41:08 +05:30
Prince Chaddha b2f1863fd7
Update CVE-2020-35774.yaml 2021-07-27 10:40:55 +05:30
Prince Chaddha b75c2dde67
Update CVE-2020-35774.yaml 2021-07-27 10:38:46 +05:30
PikPikcU 326c8265ef
Create CVE-2020-35774.yaml 2021-07-27 10:31:48 +07:00
PikPikcU f619caf26a
Create CVE-2020-27735.yaml 2021-07-27 10:23:23 +07:00
Muhammad Daffa 241eff959c
Create CVE-2012-4878.yaml 2021-07-27 09:31:04 +07:00
PikPikcU 96c03d93cc
Update CVE-2020-6637.yaml 2021-07-27 07:38:49 +07:00
PikPikcU b1dfb89f88
Create CVE-2020-6637.yaml 2021-07-27 07:36:48 +07:00
GwanYeong Kim 12b832cc36 Create CVE-2021-32305.yaml 
WebSVN before 2.6.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the search parameter.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
 2021-07-27 09:24:35 +09:00
Muhammad Daffa 9db92fa24c
Create CVE-2016-1000155.yaml 2021-07-27 06:09:33 +07:00
Muhammad Daffa 47110e15ce
Create CVE-2016-1000153.yaml 2021-07-27 06:04:27 +07:00
GwanYeong Kim 4029278d6c Create CVE-2018-10818.yaml 
The vulnerability (CVE-2018-10818) is a pre-auth remote command injection vulnerability found in the majority of LG NAS devices. You cannot simply log in with any random username and password. However, there lies a command injection vulnerability in the “password” parameter.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
 2021-07-27 02:27:13 +09:00
sandeep 9c66387f0f More CVEs Template 2021-07-26 22:48:45 +05:30
Sandeep Singh 5fc3ae4ef4
Merge pull request #1872 from Vladimir-Ivanov-Git/CVE-2018-2392 
CVE-2018-2392 SAP IGS XXE
 2021-07-26 20:12:08 +05:30
Sandeep Singh 79c077ddf7
Merge pull request #1874 from Vladimir-Ivanov-Git/CVE-2020-6207 
CVE-2020-6207 SAP SolMan RCE
 2021-07-26 18:26:55 +05:30
Sandeep Singh 8130cd2c3b
Update CVE-2020-6207.yaml 2021-07-26 18:26:19 +05:30
Prince Chaddha c58565e8ed
Merge pull request #2118 from daffainfo/patch-95 
Create CVE-2016-1000140.yaml
 2021-07-26 18:09:34 +05:30
Prince Chaddha dbace50bdb
Update CVE-2016-1000140.yaml 2021-07-26 18:03:07 +05:30
Prince Chaddha 4069e981c4
Merge pull request #2120 from daffainfo/patch-96 
Create CVE-2014-6308.yaml
 2021-07-26 18:00:31 +05:30
Prince Chaddha 4e82da883d
Merge pull request #2117 from daffainfo/patch-94 
Create CVE-2016-1000138.yaml
 2021-07-26 17:59:39 +05:30
Prince Chaddha 68327ddfa1
Update CVE-2016-1000138.yaml 2021-07-26 14:28:04 +05:30
sandeep b990243906 uniform tags 2021-07-26 14:25:43 +05:30
Prince Chaddha 9d7b8707e8
Merge pull request #2116 from daffainfo/patch-93 
Create CVE-2016-1000137.yaml
 2021-07-26 14:23:29 +05:30
Prince Chaddha 73ddb84266
Update CVE-2016-1000137.yaml 2021-07-26 14:08:03 +05:30
Prince Chaddha bdaab4c330
Merge pull request #2050 from daffainfo/patch-76 
Create CVE-2016-1000126.yaml
 2021-07-26 14:06:59 +05:30
Prince Chaddha 4ee46bf076
Merge pull request #2112 from daffainfo/patch-91 
Create CVE-2020-35580.yaml
 2021-07-26 14:06:50 +05:30
Prince Chaddha a76d36ead2
Update CVE-2016-1000126.yaml 2021-07-26 14:05:41 +05:30
Prince Chaddha 068a3542e8
Merge pull request #2177 from pussycat0x/master 
Port update
 2021-07-26 14:02:27 +05:30
Prince Chaddha 8b0f37af89
Update CVE-2016-2004.yaml 2021-07-26 13:57:56 +05:30
Prince Chaddha e03898ebe3
Merge pull request #2182 from daffainfo/patch-105 
Create CVE-2013-7240.yaml
 2021-07-26 13:38:53 +05:30
Prince Chaddha e8f9cc580e
Update CVE-2013-7240.yaml 2021-07-26 13:32:53 +05:30
Prince Chaddha fc025a8cc9
Merge pull request #2183 from daffainfo/patch-106 
Create CVE-2014-2962.yaml
 2021-07-26 13:30:23 +05:30
Prince Chaddha 154ed31be9
Update CVE-2014-2962.yaml 2021-07-26 13:30:16 +05:30
Prince Chaddha 84161bc33e
Update CVE-2020-8813.yaml 2021-07-26 13:27:19 +05:30
GwanYeong Kim 620ff3f367 Create CVE-2020-8813.yaml 
This vulnerability could be exploited without authentication if Cacti is enabling “Guest Realtime Graphs” privilege, So in this case no need for the authentication part and you can just use the following code to exploit the vulnerability

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
 2021-07-26 11:32:23 +09:00
Muhammad Daffa f8e16c595a
Create CVE-2014-2962.yaml 2021-07-26 06:58:58 +07:00
Muhammad Daffa fed682443e
Update CVE-2020-35580.yaml 2021-07-26 06:55:48 +07:00
Muhammad Daffa a9d07605c3
Update CVE-2014-6308.yaml 2021-07-26 06:55:17 +07:00
Muhammad Daffa 432e3ecc85
Create CVE-2013-7240.yaml 2021-07-26 06:49:51 +07:00
Sandeep Singh 353b39e941
Merge pull request #2054 from geeknik/patch-3 
Create CVE-2007-0885.yaml
 2021-07-26 01:45:53 +05:30
Sandeep Singh 9eced64983
Update CVE-2007-0885.yaml 2021-07-26 01:45:28 +05:30
Sandeep Singh d14150a8e4
Merge pull request #2172 from daffainfo/patch-104 
Create CVE-2018-10822.yaml
 2021-07-26 01:06:16 +05:30
Sandeep Singh 0d2e18722a
Update CVE-2018-10822.yaml 2021-07-26 01:04:31 +05:30
Sandeep Singh 91055c2b65
Merge pull request #2174 from gy741/rule-add-v38 
Create CVE-2020-5307.yaml
 2021-07-26 01:02:25 +05:30
pussycat0x add1d76b09
Port update 2021-07-25 23:28:54 +05:30
Sandeep Singh 7af0c9c8b0
Merge pull request #2171 from pussycat0x/master 
HP Data Protector A.09.00 - Arbitrary Command Execution
 2021-07-25 22:15:09 +05:30
sandeep 4658f7ffcc moving files around 2021-07-25 22:11:36 +05:30
GwanYeong Kim b9fadff659 Create CVE-2020-5307.yaml 
PHPGurukul Dairy Farm Shop Management System 1.0 is vulnerable to SQL injection, as demonstrated by the username parameter in index.php, the category and CategoryCode parameters in add-category.php, the CompanyName parameter in add-company.php, and the ProductName and ProductPrice parameters in add-product.php.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
 2021-07-25 11:50:53 +09:00
Muhammad Daffa 9883f04092
Create CVE-2018-10822.yaml 2021-07-25 05:49:24 +07:00
sandeep 6ccc5f8792 matcher update to handle edge cases 2021-07-25 03:05:55 +05:30
Muhammad Daffa 3d90fd1047
Fix wrong regex matcher 2021-07-24 17:10:02 +07:00
Prince Chaddha f32521ad9d
Merge pull request #2113 from daffainfo/patch-92 
Create CVE-2020-29227.yaml
 2021-07-24 12:22:54 +05:30
Prince Chaddha af4081d0ec
Update CVE-2020-29227.yaml 2021-07-24 12:17:56 +05:30
Prince Chaddha 956eb6691f
Update CVE-2020-29227.yaml 2021-07-24 12:16:30 +05:30
Prince Chaddha f40aca136b
Update CVE-2020-29227.yaml 2021-07-24 12:15:24 +05:30
Prince Chaddha 677c8b97dd
Merge pull request #2156 from gy741/rule-add-v36 
Create CVE-2020-13117.yaml
 2021-07-24 11:40:54 +05:30
Prince Chaddha 31f62d59ce
Update CVE-2020-13117.yaml 2021-07-24 11:39:47 +05:30
Prince Chaddha 63c48c7712
Merge pull request #2152 from daffainfo/patch-100 
Create CVE-2011-3315.yaml
 2021-07-24 11:36:58 +05:30
Prince Chaddha b4c25f41cb
Merge pull request #2153 from daffainfo/patch-101 
Create CVE-2013-5528.yaml
 2021-07-24 11:36:34 +05:30
Prince Chaddha a2787a379d
Update CVE-2011-3315.yaml 2021-07-24 11:35:35 +05:30
Prince Chaddha 3bca104ff6
Merge pull request #2163 from daffainfo/patch-102 
Create CVE-2012-4889.yaml
 2021-07-24 10:30:21 +05:30
Prince Chaddha 62ba69390c
Update CVE-2012-4889.yaml 2021-07-24 10:00:22 +05:30
sandeep e97e2a4f2a Template update 2021-07-24 06:22:48 +05:30
Muhammad Daffa dddd079706
Update CVE-2012-4889.yaml 2021-07-24 07:20:53 +07:00
Muhammad Daffa f8033758a1
Create CVE-2012-4889.yaml 2021-07-24 07:18:30 +07:00
Sandeep Singh 4b444af3c4
Merge pull request #2125 from DhiyaneshGeek/master 
17 New Templates Added
 2021-07-24 03:26:09 +05:30
Prince Chaddha f60a9ed891
Update CVE-2020-13117.yaml 2021-07-23 15:06:51 +05:30
Prince Chaddha b2b93a5bd2
Merge pull request #2158 from thevillagehacker/master 
Update CVE-2014-6271.yaml
 2021-07-23 15:06:04 +05:30
Naveen J 70fd663219
Update CVE-2014-6271.yaml 2021-07-23 08:40:33 +05:30
GwanYeong Kim 7298a0b35d Create CVE-2020-13117.yaml 
Several Wavlink products are affected by a vulnerability that may allow remote unauthenticated users to execute arbitrary commands as root on Wavlink devices. The user input is not properly sanitized which allows command injection via the "key" parameter in a login request. It has been tested on Wavlink WN575A4 and WN579X3 devices, but other products may be affected.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
 2021-07-23 11:14:31 +09:00
Muhammad Daffa 62ad2f3089
Create CVE-2013-5528.yaml 2021-07-23 06:12:07 +07:00
Muhammad Daffa 19f81758d2
Create CVE-2011-3315.yaml 2021-07-23 06:11:05 +07:00
Prince Chaddha e9a84ec60c
Merge pull request #2123 from projectdiscovery/CVE-2009-1872 
Create CVE-2009-1872.yaml
 2021-07-22 19:17:07 +05:30
Prince Chaddha 920f96d065
Merge pull request #2141 from daffainfo/patch-99 
Create CVE-2018-20985.yaml
 2021-07-22 19:02:30 +05:30
Prince Chaddha 4db131a5d3
Update CVE-2018-20985.yaml 2021-07-22 19:01:00 +05:30
Prince Chaddha 3138e10d7a
Merge pull request #2138 from daffainfo/patch-98 
Create CVE-2016-1000152.yaml
 2021-07-22 18:51:34 +05:30
Prince Chaddha b32a49680c
Merge pull request #2137 from daffainfo/patch-97 
Create CVE-2016-1000154.yaml
 2021-07-22 18:43:32 +05:30
Prince Chaddha ae827beade
Update CVE-2016-1000154.yaml 2021-07-22 18:42:11 +05:30
Muhammad Daffa 07ee00e38d
Update CVE-2016-1000152.yaml 2021-07-22 19:34:36 +07:00
Muhammad Daffa a0581944aa
Update CVE-2018-20985.yaml 2021-07-22 19:32:43 +07:00
Prince Chaddha 4c83f2341b
Update CVE-2016-1000152.yaml 2021-07-22 17:53:22 +05:30
sandeep 7d72783090 WIP improvements 2021-07-22 16:32:37 +05:30
sandeep 938fdeec8f Added CVE-2021-34429 and fixed related templates 2021-07-22 15:23:19 +05:30
Muhammad Daffa 7afafb1f4f
Added references 2021-07-22 15:37:50 +07:00
Muhammad Daffa 1c54875f24
Create CVE-2018-20985.yaml 2021-07-22 15:35:12 +07:00
Muhammad Daffa fa127ec351
Create CVE-2016-1000152.yaml 2021-07-22 05:57:54 +07:00
Muhammad Daffa adf9a1c8dc
Create CVE-2016-1000154.yaml 2021-07-22 05:56:10 +07:00
Prince Chaddha d72b6df0bf
Create CVE-2009-1872.yaml 2021-07-21 11:35:30 +05:30
Dhiyaneshwaran 8d8f39c26f
Create CVE-2021-32820.yaml 2021-07-21 10:40:13 +05:30
Muhammad Daffa bc3f162328
Create CVE-2014-6308.yaml 2021-07-21 08:05:30 +07:00
Muhammad Daffa 44b7a54585
Create CVE-2016-1000140.yaml 2021-07-21 06:16:34 +07:00
Muhammad Daffa 2d098d199e
Create CVE-2016-1000138.yaml 2021-07-21 06:14:21 +07:00
Muhammad Daffa 1114ebe9e7
Create CVE-2016-1000137.yaml 2021-07-21 06:12:19 +07:00
Prince Chaddha 9cadadca8e
Merge pull request #2053 from daffainfo/patch-79 
Create CVE-2010-2307.yaml
 2021-07-20 19:55:25 +05:30
Prince Chaddha d1eca2b59e
Update CVE-2010-2307.yaml 2021-07-20 19:54:23 +05:30
Prince Chaddha dbb75282bc
Merge pull request #2052 from daffainfo/patch-78 
Create CVE-2010-4231.yaml
 2021-07-20 19:51:34 +05:30
Prince Chaddha c38ada9a71
Update CVE-2010-4231.yaml 2021-07-20 19:50:02 +05:30
Prince Chaddha 70e5f48a4c
Merge pull request #2051 from daffainfo/patch-77 
Create CVE-2016-1000127.yaml
 2021-07-20 19:47:28 +05:30
Prince Chaddha 1b8ebe74b6
Update CVE-2016-1000127.yaml 2021-07-20 19:47:19 +05:30
Muhammad Daffa 65bddf3e33
Create CVE-2020-29227.yaml 2021-07-20 20:08:18 +07:00
Muhammad Daffa f7d4a642f1
Create CVE-2020-35580.yaml 2021-07-20 20:02:49 +07:00
Prince Chaddha 103c97a013
Merge pull request #2109 from pikpikcu/patch-201 
Create CVE-2012-1823
 2021-07-20 17:48:02 +05:30
Prince Chaddha 60c0650a3f
Merge pull request #2108 from pikpikcu/patch-200 
Update CVE-2018-3760.yaml
 2021-07-20 17:28:43 +05:30
Prince Chaddha f2c22f66b6
Update CVE-2018-3760.yaml 2021-07-20 17:28:29 +05:30
Prince Chaddha 7020d17f13
Merge pull request #2107 from daffainfo/patch-90 
Create CVE-2021-23241.yaml
 2021-07-20 17:26:37 +05:30
sandeep 8f8105bb99 Update CVE-2021-23241.yaml 2021-07-20 16:00:00 +05:30
PikPikcU e9f9325fd0
Create CVE-2012-1823.yaml 2021-07-20 16:32:27 +07:00
PikPikcU 2b156573bd
Update CVE-2018-3760.yaml 2021-07-20 16:22:18 +07:00
Prince Chaddha 41c9c3e3f9
Update CVE-2021-23241.yaml 2021-07-20 14:25:37 +05:30
Prince Chaddha 86a7fad73a
Update CVE-2021-23241.yaml 2021-07-20 14:23:39 +05:30
Prince Chaddha 1fc173982d
Update CVE-2021-21479.yaml 2021-07-20 14:22:31 +05:30
Muhammad Daffa c63bb91bdb
Create CVE-2021-23241.yaml 2021-07-20 15:52:10 +07:00
Prince Chaddha 94511129f6
Merge pull request #2076 from dwisiswant0/GHSL-2020-227 
Server-Side Template Injection leading to unauthenticated Remote Code Execution in SCIMono - CVE-2021-21479
 2021-07-20 14:20:31 +05:30
Prince Chaddha d738d2c9a3
Update CVE-2021-21479.yaml 2021-07-20 14:18:21 +05:30
Prince Chaddha b10b8a61b8
Update CVE-2021-21479.yaml 2021-07-20 14:16:30 +05:30
Prince Chaddha 0af69ac0fd
Update CVE-2021-21479.yaml 2021-07-20 14:15:45 +05:30
Muhammad Daffa 21809132da
Renamed to CVE-2021-24340.yaml 2021-07-20 13:36:04 +07:00