Commit Graph

1648 Commits (613ff3f1eb2c004192cb8eed3b27e942ad824c64)

Author SHA1 Message Date
sandeep fdeb2b8500 Merge branch 'master' of https://github.com/DhiyaneshGeek/nuclei-templates into pr/3354 2021-12-16 14:32:14 +05:30
Dhiyaneshwaran 7670d1d6b8
Update wordpress-ssrf-oembed.yaml 2021-12-16 14:28:12 +05:30
sandeep 1cfc899a27 update: lint fix 2021-12-16 14:25:00 +05:30
Dhiyaneshwaran 77441c0d81
Update wordpress-ssrf-oembed.yaml 2021-12-16 14:24:56 +05:30
Dhiyaneshwaran 0047b611cf
Update wordpress-ssrf-oembed.yaml 2021-12-16 14:21:53 +05:30
Dhiyaneshwaran 499fe055bf
Create wordpress-ssrf-oembed.yaml 2021-12-16 13:48:34 +05:30
sandeep 39a71c641a update: added more reference 2021-12-15 21:20:18 +05:30
Evan Rubinstein 11fe2fdfee
Added apache-solr-log4j RCE (#3336)
* update: added apache-solr-log4j-rce

Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
Co-authored-by: GitHub Action <action@github.com>
2021-12-15 21:15:43 +05:30
Sandeep Singh d9ed21458f
Added VMware VCenter Log4j JNDI RCE (#3340)
* Added VMware VCenter Log4j JNDI RCE

Co-Authored-By: FQ Hsu <fanqxu@gmail.com>

* update: removed static UA

Co-Authored-By: FQ Hsu <fanqxu@gmail.com>

Co-authored-by: FQ Hsu <fanqxu@gmail.com>
2021-12-14 21:27:30 +05:30
sandeep c9ddd7a0ae update: id + reference update 2021-12-14 21:07:46 +05:30
Evan Rubinstein dddb0bbb82
Added CVE-2021-24997 (#3298)
* Added CVE-39226

* Added CVE-39226

* Delete CVE-39226.yaml

* Renamed CVE-39226 to CVE-2021-39226

Fixed naming error

* Added Wp-Guppy-Information-Disclosure template

* Removed File

Found better descriptor

* Added CVE-2021-24997

Added WordPress Guppy Information Disclosure CVE

* Fixed CVE-2021-24997

Fixed YAML formatting

* Fixed Typo

URL Path had an extra double quote

* Auto Generated Templates Stats [Wed Dec  8 23:07:24 UTC 2021] 🤖

* Deleted Blank Space

* Update CVE-2021-24997.yaml

* Update CVE-2021-24997.yaml

* Update CVE-2021-24997.yaml

* Update CVE-2021-24997.yaml

* Added CVE-2021-43496

* Update CVE-2021-43496.yaml

* fix: syntax update

* Added New Vuln

* Update CVE-2021-24997.yaml

* Update CVE-2021-43496.yaml

* Update and rename hd-netowrk-realtime-monitor-system-LFI.yaml to hdnetwork-realtime-lfi.yaml

* fix: lints update

Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
Co-authored-by: GitHub Action <action@github.com>
Co-authored-by: Prince Chaddha <prince@projectdiscovery.io>
2021-12-14 02:22:26 +05:30
sandeep 51944ab6a2 fix: lints update 2021-12-14 02:14:35 +05:30
sandeep 5bdd98f32d Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates into pr/3298 2021-12-14 02:05:35 +05:30
Prince Chaddha 6b007f48e7
Update and rename hd-netowrk-realtime-monitor-system-LFI.yaml to hdnetwork-realtime-lfi.yaml 2021-12-14 00:47:37 +05:30
pudsec 8cac8b5a36
Update open-redirect.yaml (#3333) 2021-12-13 20:42:06 +05:30
S Bani b76dbf91c6
Add Another Redirect Payload and Extend the Regex to Recognize it (#3299)
* Fix Open Redirect Header Regex

The regex was missing the correct escaping for special char `/`

* Add New General Open Redirect

There's another option for open redirects. I tested it in FF and Chrome.

* Update Location Redirect Regex

* update: mix changes

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2021-12-13 20:38:21 +05:30
Evan Rubinstein 030cfe89b9
Merge branch 'master' into master 2021-12-13 05:07:57 -05:00
Evan Rubinstein f52b1f0d55
Added New Vuln 2021-12-13 05:01:48 -05:00
Prince Chaddha 79a95a56d7
Update and rename pieregister-plugin-open-redirect.yaml to vulnerabilities/wordpress/pieregister-open-redirect.yaml 2021-12-12 16:59:16 +05:30
Dwi Siswanto 6a4bbdf93a
Update Grafana Arbitrary File Read (#3321)
* Add Grafana plugins wordlist

* Using payloads instead

* fix: updated variable name

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2021-12-11 11:07:55 +05:30
Prince Chaddha 0e94557017
Merge pull request #3248 from pikpikcu/patch-307
added thruk-xss
2021-12-09 22:01:56 +05:30
Prince Chaddha f476c5ff5b
Update thruk-xss.yaml 2021-12-09 21:58:15 +05:30
Prince Chaddha d35a55f7b4
Update and rename watchguard-fireware-ad-helper-component-credentials-disclosure.yaml to watchguard-credentials-disclosure.yaml 2021-12-09 21:05:13 +05:30
GwanYeong Kim bde4e1815a Create watchguard-fireware-ad-helper-component-credentials-disclosure.yaml
a credential-disclosure vulnerability in the AD Helper component of the WatchGuard Fireware Threat Detection and Response (TDR) service, which allows unauthenticated attackers to gain Active Directory credentials for a Windows domain in plaintext.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-12-09 16:02:48 +09:00
Sandeep Singh 2521cb62bf
Added CVE-2021-43798 (#3296)
* Added CVE-2021-43798

* updated with default plugin list

* Update grafana-file-read.yaml
2021-12-08 16:46:47 +05:30
z0ne d79b085051
add grafana file read (#3286)
* add grafana file read

* update: more reference

Co-authored-by: dev <z0ne>
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2021-12-07 15:42:59 +05:30
Prince Chaddha fdcccb5938
Update and rename netsweeper-reflected-xss.yaml to netsweeper-rxss.yaml 2021-12-07 13:56:30 +05:30
Prince Chaddha ba8bad94c4
Update netsweeper-open-redirect.yaml 2021-12-07 13:43:29 +05:30
daffainfo b90d0b7e3e Add 10 templates and edit 1 workflows 2021-12-06 23:38:54 +07:00
sandeep 9da0d768a1 fix: syntax + lint 2021-12-03 10:37:42 +05:30
PikPikcU 83f6b2a153
Update thruk-xss.yaml 2021-12-02 19:07:50 +07:00
PikPikcU 435eeca764
Create thruk-xss.yaml 2021-12-02 19:02:40 +07:00
sandeep 1dabef2e6f Revert "CVE update - CVE-2021-22049"
This reverts commit 70128c2587.
2021-12-02 01:34:29 +05:30
sandeep 70128c2587 CVE update - CVE-2021-22049 2021-12-02 01:31:41 +05:30
Sandeep Singh 7ea7da8d4b
Added VMware vCenter SSRF/LFI/XSS (#3240) 2021-12-02 00:53:47 +05:30
sandeep 71143da193 Added missing tags 2021-11-28 04:13:45 +05:30
sandeep e7e8c33d64 fixed matcher + added additional matcher 2021-11-27 10:20:04 +05:30
alph4byt3 5080276f31
Update flow-flow-social-stream-xss.yaml 2021-11-26 09:48:04 +02:00
alph4byt3 f82f4d1a0b
Create flow-flow-social-stream-xss.yaml 2021-11-26 06:55:21 +02:00
Prince Chaddha 0d2a2f4e15
Merge pull request #3188 from pussycat0x/master
WordPress Themes Haberadam IDOR and Full Path Disclosure via JSON API
2021-11-24 12:14:54 +04:00
Prince Chaddha 85d79fd597
Update and rename wp-haberadam-theme-idor.yaml to wp-haberadam-idor.yaml 2021-11-24 12:09:22 +04:00
pussycat0x b7701dc7b3
Update wp-haberadam-theme-idor.yaml 2021-11-23 19:53:36 +05:30
pussycat0x e7bc254415
Update wp-haberadam-theme-idor.yaml 2021-11-23 19:50:27 +05:30
pussycat0x b3ceaffb9f
Add files via upload 2021-11-23 19:46:33 +05:30
Noam Rathaus 725782050a Add description 2021-11-23 12:09:00 +02:00
Prince Chaddha 42a9f46f94
Merge pull request #3176 from pussycat0x/master
Wordpress Revslider - Unauthenticated Arbitrary File Download
2021-11-23 09:40:48 +05:30
Prince Chaddha 2407b57779
Update wp-revslider-file-download.yaml 2021-11-23 08:09:29 +04:00
sandeep fdb0cc0277 lint fix + moving template to wp folder 2021-11-22 22:55:00 +05:30
pussycat0x ee2a766a35
Update wp-revslider-file-download.yaml 2021-11-22 20:40:38 +05:30
pussycat0x 680fffc187
Update wp-revslider-file-download.yaml 2021-11-22 20:33:29 +05:30
pussycat0x a8ee7e2ddf
Update wp-revslider-file-download.yaml 2021-11-22 20:29:59 +05:30
pussycat0x ba3d453744
Add files via upload 2021-11-21 17:00:25 +05:30
Sandeep Singh 6eea2f5ec3
Merge pull request #3170 from pussycat0x/master
new templates
2021-11-21 14:44:52 +05:30
sandeep bb5dcd79ac moved templates to correct directory/location 2021-11-21 14:40:48 +05:30
pussycat0x 41669cb8f6
Add files via upload 2021-11-21 06:45:24 +05:30
Prince Chaddha 1e31e0f76d
Update and rename eibiz-server-3-8-0-lfi.yaml to vulnerabilities/other/eibiz-lfi.yaml 2021-11-18 21:52:30 +05:30
Prince Chaddha cacf934f38
Merge pull request #3144 from DhiyaneshGeek/master
Axigen Mail Server & Squirrel Server
2021-11-16 16:09:21 +05:30
Prince Chaddha dfea5262ab
Update squirrelmail-add-xss.yaml 2021-11-16 15:30:41 +05:30
Prince Chaddha 77e5352a78
Update squirrelmail-vkeyboard-xss.yaml 2021-11-16 15:13:47 +05:30
Dhiyaneshwaran 32715528d8
Update squirrelmail-lfi.yaml 2021-11-16 00:10:15 +05:30
Dhiyaneshwaran 1905c9321a
Create squirrelmail-vkeyboard-xss.yaml 2021-11-15 23:58:18 +05:30
Dhiyaneshwaran 36c96f5dd8
Rename squirrelmail-vkeyboard-xss.yaml to squirrelmail-add-xss.yaml 2021-11-15 23:57:48 +05:30
Dhiyaneshwaran c003036a7e
Create squirrelmail-vkeyboard-xss.yaml 2021-11-15 23:44:51 +05:30
Dhiyaneshwaran fcbbb3475c
Create squirrelmail-lfi.yaml 2021-11-15 23:40:09 +05:30
sandeep fbf50f1109 format fixing 2021-11-15 21:00:17 +05:30
Prince Chaddha 4eb84d7802
Merge pull request #3131 from Akokonunes/patch-70
Create hrsale-unauthenticated-lfi.yaml
2021-11-13 23:46:11 +05:30
Prince Chaddha 9a227941a1
Rename hrsale-unauthenticated-lfi.yaml to vulnerabilities/other/hrsale-unauthenticated-lfi.yaml 2021-11-13 23:37:32 +05:30
sandeep b2aa8f9f5b misc updates 2021-11-13 23:01:53 +05:30
sandeep 35bfff6f61 Added skip-variables-check for SSTI template 2021-11-09 22:16:37 +05:30
sandeep cb74944f43 misc updates 2021-11-08 15:45:54 +05:30
Prince Chaddha c51bbf8715
Merge pull request #3099 from ImNightmaree/master
Create ecshop-sql.yaml
2021-11-08 13:44:54 +05:30
Prince Chaddha 5a6c30c7cf
Update ecshop-sqli.yaml 2021-11-08 13:42:44 +05:30
Prince Chaddha 85741bbcf9
Update and rename ecshop-sql.yaml to ecshop-sqli.yaml 2021-11-08 13:42:13 +05:30
Prince Chaddha 06bb1f444c
Update seowon-router-rce.yaml 2021-11-08 12:49:37 +05:30
Prince Chaddha 7973948360
Update seowon-router-rce.yaml 2021-11-08 12:43:14 +05:30
GwanYeong Kim 6183e248d8 Create seowon-router-rce.yaml
Execute commands without authentication as admin user, To use it in all versions, we only enter the router ip & Port(if available) in the request The result of the request is visible on the browser page

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-11-07 14:50:39 +09:00
ImNightmaree 797d9066a1
More linting 2021-11-07 02:49:07 +00:00
ImNightmaree b77df460dd
Linting 2021-11-07 02:39:21 +00:00
ImNightmaree bbecf3965a
Update ecshop-sql.yaml 2021-11-07 02:36:28 +00:00
ImNightmaree 38135df2a6
Update ecshop-sql.yaml 2021-11-07 02:30:38 +00:00
ImNightmaree f37527101c
Create ecshop-sql.yaml 2021-11-07 02:03:09 +00:00
sandeep 5fa10c4b64 cves update 2021-11-06 12:34:04 +05:30
Prince Chaddha 86f00468e1
Merge pull request #3070 from ImNightmaree/patch-2
Vanguard CMS Post-XSS
2021-11-06 00:13:58 +05:30
Prince Chaddha b66427b7c1
Update and rename wp-plugin-ad-widget-lfi.yaml to vulnerabilities/wordpress/ad-widget-lfi.yaml 2021-11-06 00:06:13 +05:30
Prince Chaddha a57cb5081a
Update vanguard-post-xss.yaml 2021-11-05 21:36:53 +05:30
sandeep eef5252cc5 file name update 2021-11-05 06:01:59 +05:30
ImNightmaree e98a1b4085
Update vanguard-post-xss 2021-11-04 16:56:40 +00:00
ImNightmaree 5a94091468
Create vanguard-post-xss 2021-11-04 15:12:47 +00:00
sandeep 915bb09a82 updating file name 2021-11-04 15:43:49 +05:30
sandeep 67f3530dbf Added meta info 2021-11-03 17:27:53 +05:30
sandeep be65921cc3 Added remediation information 2021-11-03 17:11:48 +05:30
sandeep c06cc9f690 Added Sitecore Experience Platform Pre-Auth RCE 2021-11-03 16:52:25 +05:30
sandeep e2b4d2b29c misc update 2021-11-03 02:54:23 +05:30
sandeep b83e79a8fe moving files around 2021-11-01 19:36:21 +05:30
sandeep f650961021 Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates into gitlab-updates 2021-11-01 19:21:55 +05:30
Prince Chaddha c4b7bb3bd2
Merge pull request #3032 from r3dg33k/wordpress-rdf-user-enum
wordpress-rdf-user-enum
2021-11-01 15:43:00 +05:30
Prince Chaddha 7b20a25fc6
Update and rename wordpress-rdf-user-enum.yaml to rdf-user-enumeration.yaml 2021-11-01 15:37:58 +05:30
Prince Chaddha a862dc3a6f
Update wordpress-rdf-user-enum.yaml 2021-11-01 15:33:06 +05:30
Prince Chaddha ff5b68a343
Update wordpress-rdf-user-enum.yaml 2021-11-01 15:30:54 +05:30
Prince Chaddha 3decaed012
Merge pull request #3036 from Akokonunes/patch-64
Create wp-theme-diarise-lfi.yaml
2021-11-01 14:54:58 +05:30
Prince Chaddha 756ed2c443
Update and rename wp-theme-diarise-lfi.yaml to vulnerabilities/wordpress/diarise-theme-lfi.yaml 2021-11-01 14:37:16 +05:30
Noam Rathaus 4381a462e2 Add description 2021-10-31 16:00:56 +02:00
Noam Rathaus d277d83c8e Add description 2021-10-31 15:58:17 +02:00
sandeep 8e27d69da4 misc update 2021-10-31 16:24:36 +05:30
Geeknik Labs 26c298ed03
Update top-xss-params.yaml
added an additional 23 parameters and matchers
2021-10-30 16:26:28 -05:00
sandeep 8c3f98c767 fixed invalid template syntax 2021-10-30 16:47:35 +05:30
r3dg33k 2925226122
Update wordpress-rdf-user-enum.yaml 2021-10-30 13:58:24 +03:00
r3dg33k f3a44a7f50
Update wordpress-rdf-user-enum.yaml 2021-10-30 13:57:53 +03:00
r3dg33k f75fcde7a9
Update wordpress-rdf-user-enum.yaml 2021-10-30 13:56:04 +03:00
r3dg33k 2d50cb52c6
Add files via upload 2021-10-30 13:46:56 +03:00
Noam Rathaus 9848f92894 Add description 2021-10-27 14:06:15 +03:00
Noam Rathaus 14ae8e3f59 Add description 2021-10-27 14:05:11 +03:00
Noam Rathaus 3a02b7c325 Add description 2021-10-27 14:04:00 +03:00
Noam Rathaus f1cf6fd9a7 Add description 2021-10-27 14:03:22 +03:00
Noam Rathaus d5d2ed0a0e Add description 2021-10-27 13:52:34 +03:00
Prince Chaddha 659f61ca53
Create thinkphp-501-rce.yaml 2021-10-27 00:17:42 +05:30
Prince Chaddha ac70e14788
Merge pull request #2995 from Akokonunes/patch-63
Create wp-tinymce-thumbnail-plugin-lfi.yaml
2021-10-27 00:13:01 +05:30
Prince Chaddha b928d9a269
Update and rename wp-tinymce-thumbnail-plugin-lfi.yaml to wp-tinymce-lfi.yaml 2021-10-27 00:11:48 +05:30
Prince Chaddha 7abaf59c18
Merge pull request #2993 from Akokonunes/patch-61
Create wp-javospot-premium-theme-lfi.yaml
2021-10-27 00:02:00 +05:30
Prince Chaddha ab633f8675
Update and rename wp-javospot-premium-theme-lfi.yaml to vulnerabilities/wordpress/wp-javospot-lfi.yaml 2021-10-26 23:55:34 +05:30
Noam Rathaus c9efc02223 Add description 2021-10-26 15:29:20 +03:00
Noam Rathaus 093a495b5f Add description 2021-10-26 15:28:43 +03:00
Noam Rathaus 25f7c812c2 Add description 2021-10-26 15:27:57 +03:00
Noam Rathaus 5d98d22416 Add description 2021-10-26 15:27:16 +03:00
Noam Rathaus 8adbf37ab4 Add description 2021-10-26 15:26:10 +03:00
Noam Rathaus 57bae34cb9 Add description 2021-10-26 15:25:34 +03:00
Noam Rathaus 4c0e8bae7e Add description 2021-10-26 15:24:26 +03:00
Noam Rathaus dcf402cfa4 Add description 2021-10-26 15:23:43 +03:00
Noam Rathaus 7d0c8669a3 Add description 2021-10-26 15:22:21 +03:00
sandeep 0de8bc19f8 misc template updates 2021-10-26 17:39:26 +05:30
Noam Rathaus 058d859cd8 Add description 2021-10-26 12:45:23 +03:00
Noam Rathaus 9c96179595 Fix description 2021-10-26 12:45:16 +03:00
sandeep 423584f1b7 moving files around 2021-10-26 15:08:26 +05:30
Noam Rathaus fb81f4ca36 Better description 2021-10-26 12:35:56 +03:00
Noam Rathaus 081a2546fe Add description 2021-10-25 12:59:08 +03:00
Noam Rathaus e4018d4a0c Add description 2021-10-25 12:58:22 +03:00
Noam Rathaus f9fb282770 Add description 2021-10-25 12:57:40 +03:00
Noam Rathaus 319c8a830e Add description 2021-10-25 12:56:03 +03:00
Noam Rathaus 3029da4ceb Add description 2021-10-25 12:55:23 +03:00
Noam Rathaus 9f8270bb7a Add description 2021-10-25 12:54:49 +03:00
Noam Rathaus c9e9c04f37 Add description 2021-10-25 12:54:00 +03:00
Noam Rathaus 6a6ba60aad Description 2021-10-25 12:53:22 +03:00
Noam Rathaus a96bfc3992 Add description 2021-10-25 12:52:58 +03:00
Noam Rathaus 2bffa26635 Advisory description 2021-10-25 10:09:13 +03:00
Noam Rathaus e9bd13da3e Product name is 'OA' 2021-10-25 10:07:28 +03:00
Noam Rathaus 66a811c3c2 Better description 2021-10-25 10:06:50 +03:00
Noam Rathaus a3d1ca6b81 Description 2021-10-25 10:06:44 +03:00
Noam Rathaus 130e5b1ff5 add description 2021-10-25 10:01:03 +03:00
Noam Rathaus d03fce098e Add description 2021-10-25 09:58:59 +03:00
Noam Rathaus 5636579be1 Non-broken link 2021-10-25 09:57:47 +03:00
Noam Rathaus ee82e5c591 Add description 2021-10-25 09:56:44 +03:00
Noam Rathaus 8ad49535b0 Add description 2021-10-24 12:38:06 +03:00
sandeep c66ad46464 more metadata update 2021-10-22 23:24:21 +05:30
sandeep 2d5beca867 metadata update 2021-10-22 23:23:25 +05:30
Prince Chaddha 9ab9cd2a25
Merge pull request #2953 from Akokonunes/patch-59
Create aspose-importer-exporter-file-download.yaml
2021-10-22 22:03:37 +05:30
Prince Chaddha 82ca4a8c43
Update and rename aspose-file-download.yaml to aspose-ie-file-download.yaml 2021-10-22 15:59:44 +05:30
Prince Chaddha 5118c00e24
Update aspose-pdf-file-download.yaml 2021-10-22 15:58:02 +05:30
Prince Chaddha aa77769481
Rename aspose-pdf-file-download.yaml to vulnerabilities/wordpress/aspose-pdf-file-download.yaml 2021-10-22 15:49:18 +05:30
Noam Rathaus 0cb293abca Add description 2021-10-21 14:25:28 +03:00
Noam Rathaus 07472bb021 Add description 2021-10-21 14:21:38 +03:00
Noam Rathaus ae55315ec6 Improve description 2021-10-21 14:15:52 +03:00
Noam Rathaus 7e4cd54f9e Add description 2021-10-21 14:13:53 +03:00
Noam Rathaus 379513c015 Make description more clear 2021-10-21 08:55:02 +03:00
Noam Rathaus f1d4569a8c Add description 2021-10-21 08:52:48 +03:00
Noam Rathaus 691dab8a52 Add description 2021-10-21 08:51:56 +03:00
Noam Rathaus fde188d253 Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates 2021-10-21 08:32:04 +03:00
Sandeep Singh a21cec6362
Merge pull request #2844 from projectdiscovery/more-fixes
Changes to adopt v2.5.3 engine
2021-10-21 07:21:20 +05:30
Noam Rathaus cfa3a798f3 Add description 2021-10-19 13:17:58 +03:00
Noam Rathaus e45550f4ed Add description 2021-10-19 13:10:34 +03:00
Noam Rathaus d1684e7d67 Add description 2021-10-19 13:10:29 +03:00
Noam Rathaus 5c910ab3b4 Add description 2021-10-19 13:03:41 +03:00
Noam Rathaus 6d5e933128 Add description 2021-10-19 12:56:40 +03:00
sandeep 33badb66d1 oob tags update 2021-10-19 02:10:26 +05:30
sandeep a614391d3f Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates into more-fixes 2021-10-18 03:14:44 +05:30
Noam Rathaus 1688b8073a Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates 2021-10-17 15:54:29 +03:00
Noam Rathaus 087bbd2263 Add description 2021-10-17 15:54:19 +03:00
Noam Rathaus 0fd1574fe2 Add description 2021-10-17 15:52:26 +03:00
Noam Rathaus c1b42bcc55 Add description 2021-10-17 15:50:52 +03:00
Prince Chaddha 48588a6b81
Merge pull request #2887 from Akokonunes/patch-56
Create aspose-words-exporter-file-download.yaml
2021-10-17 17:04:08 +05:30
Prince Chaddha 1022a0a556
Merge pull request #2898 from asurti6783/patch-2
Create jira-unauthenticated-screens.yaml
2021-10-17 08:40:26 +05:30
Prince Chaddha ba3c7afed0
Update jira-unauthenticated-screens.yaml 2021-10-17 08:36:48 +05:30
Prince Chaddha 7d41f63091
Merge pull request #2903 from Akokonunes/patch-58
Create wp-aspose-cloud-ebook-plugin-file-download.yaml
2021-10-17 08:00:55 +05:30
Prince Chaddha ef16ad713b
Update and rename wp-aspose-cloud-ebook-plugin-file-download.yaml to vulnerabilities/wordpress/aspose-file-download.yaml 2021-10-17 07:49:46 +05:30
Prince Chaddha 5385191a9d
Update microstrategy-ssrf.yaml 2021-10-17 07:46:32 +05:30
Philippe Delteil 274f3f941a
Update microstrategy-ssrf.yaml 2021-10-16 17:19:30 -03:00
Arman Sameer 0d98ff0dd4
Create jira-unauthenticated-screens.yaml 2021-10-15 12:05:51 -04:00
Sandeep Singh 968cfe7d03
Merge pull request #2870 from projectdiscovery/fastjson-rces
Fastjson Deserialization RCEs
2021-10-15 03:28:35 +05:30
sandeep 42cc6d9507 Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates into more-fixes 2021-10-14 23:51:16 +05:30
sandeep aad97c084c misc update 2021-10-14 20:08:44 +05:30
sandeep f9f4e3327e moving files around 2021-10-14 20:05:25 +05:30
sandeep adfbed9d51 lint fix 2021-10-14 19:50:43 +05:30
sandeep 558272470e Merge branch 'master' of https://github.com/nrathaus/nuclei-templates into pr/2893 2021-10-14 19:32:03 +05:30
sandeep a313e27f6e misc update 2021-10-14 19:31:57 +05:30
Noam Rathaus 4532646b44 Description 2021-10-14 16:35:40 +03:00
Noam Rathaus d803f91971 Add description 2021-10-14 16:34:15 +03:00
Noam Rathaus dbb28d586a Add description 2021-10-14 16:32:34 +03:00
Noam Rathaus 5a00c6841d Working link 2021-10-14 16:32:15 +03:00
Noam Rathaus 75f96128d5 Better description 2021-10-14 16:31:27 +03:00
Noam Rathaus 16dd5c6e8e More reference 2021-10-14 16:30:44 +03:00
Noam Rathaus 09de143099 Add CVE 2021-10-14 16:30:14 +03:00
Noam Rathaus 6eaff09b16 Add description 2021-10-14 16:29:51 +03:00
Noam Rathaus a6800e0e1a Add description 2021-10-14 16:28:41 +03:00
Noam Rathaus 5618e8eaa9 Better description 2021-10-14 16:27:26 +03:00
Noam Rathaus e3071a4f26 Added description 2021-10-14 16:10:54 +03:00
Noam Rathaus eef7ba6cd4 Spelling 2021-10-14 16:07:39 +03:00
Noam Rathaus 083ca2805a Add description 2021-10-14 16:07:18 +03:00
Noam Rathaus 2946782493 Fix name 2021-10-14 16:06:20 +03:00
Noam Rathaus 3322a4becc Previous reference is no longer available 2021-10-14 16:05:47 +03:00
Noam Rathaus 67a6e574a0 Add description 2021-10-14 16:04:37 +03:00
Noam Rathaus 4b603769c5 Add vendor CERT advisory/cve 2021-10-14 15:59:38 +03:00
Noam Rathaus 39ebcc13a3 Add description 2021-10-14 15:55:59 +03:00
Noam Rathaus 18e6257e33 description 2021-10-14 15:54:28 +03:00
Noam Rathaus d1105f1d79 Add description 2021-10-14 15:35:52 +03:00
Noam Rathaus e599ba1261 Add description 2021-10-14 15:35:47 +03:00
Noam Rathaus 4275cce69a Add description 2021-10-14 15:35:42 +03:00
Noam Rathaus 5453f2ccdb Add description 2021-10-14 15:35:37 +03:00
Prince Chaddha 02d0071660
Update and rename aspose-words-exporter-file-download.yaml to vulnerabilities/wordpress/aspose-words-file-download.yaml 2021-10-14 16:33:38 +05:30
Prince Chaddha 4ce3559d58
Update and rename wp-cherry-plugin-file-download.yaml to vulnerabilities/wordpress/cherry-file-download.yaml 2021-10-14 16:29:47 +05:30
Noam Rathaus 2e9613d75b Improve description 2021-10-13 12:01:33 +03:00
Noam Rathaus d5038b7520 Add description 2021-10-13 12:00:55 +03:00
Noam Rathaus ab008edc5b Add description 2021-10-13 12:00:39 +03:00
Noam Rathaus b86a987030 Dead link 2021-10-13 12:00:36 +03:00
Noam Rathaus a3608c32f4 Add description 2021-10-13 11:56:10 +03:00
Sandeep Singh 9273a765c0
Merge branch 'master' into more-fixes 2021-10-13 13:48:52 +05:30
sandeep dc2d9485a9 additional matcher 2021-10-12 12:07:05 +05:30
sandeep 9d1f7fb627 more tags 2021-10-12 11:28:49 +05:30
sandeep 6e6601a462 more templates 2021-10-12 11:27:50 +05:30
Prince Chaddha 843c688505
Merge pull request #2867 from Akokonunes/patch-54
Create advanced-access-manager-plugin-lfi.yaml
2021-10-11 16:55:58 +05:30
Prince Chaddha da08f02913
Update and rename advanced-access-manager-plugin-lfi.yaml to vulnerabilities/wordpress/advanced-access-manager-lfi.yaml 2021-10-11 16:52:28 +05:30
sandeep 86f52501a5 Added Fastjson 1.2.47 Deserialization RCE 2021-10-11 04:23:52 +05:30
sandeep 16ea26b295 Added Fastjson 1.2.24 Deserialization RCE 2021-10-11 01:16:37 +05:30
sandeep 5072932509 more updates 2021-10-10 06:43:30 +05:30
sandeep 9b1c57506b Updating CVE-2021-41773 / CVE-2021-42013 to include RCE check 2021-10-10 06:00:43 +05:30
sandeep 6205415bbd Update keycloak-xss.yaml
Updating severity as this XSS is not exploitable directly.
2021-10-09 08:46:17 +05:30
Sandeep Singh 0c8e813c15
Merge pull request #2854 from Akokonunes/patch-52
Create wp-oxygen-theme-lfi.yaml
2021-10-08 19:20:54 +05:30
sandeep ecca8374fc moving file around 2021-10-08 19:19:29 +05:30
Sandeep Singh 95305667c0
Merge pull request #2852 from pdelteil/patch-65
Update qcubed-xss.yaml
2021-10-08 19:14:41 +05:30
sandeep 6a00b9245c Update qcubed-xss.yaml 2021-10-08 19:14:26 +05:30
sandeep de0a0ff3c1 misc update 2021-10-08 19:10:03 +05:30
Philippe Delteil 60a3b6f4a4
Update qcubed-xss.yaml 2021-10-08 03:46:49 -03:00
Philippe Delteil 888c703a3c
Update pmb-directory-traversal.yaml 2021-10-08 03:33:40 -03:00
sandeep 53fc9bcb3f misc fixes 2021-10-07 05:23:20 +05:30
Sandeep Singh 634e215433
Merge pull request #2840 from projectdiscovery/apache-httpd-rce
Added Apache HTTPd - 2.4.49 (CGI enabled) RCE
2021-10-06 19:50:18 +05:30
sandeep 8dfa5ce9b4 Added Lucee Unauthenticated Reflected XSS 2021-10-06 16:38:23 +05:30
sandeep 856b96a084 lint update 2021-10-06 15:56:00 +05:30
sandeep 796dd93113 Added Apache HTTPd - 2.4.49 (CGI enabled) RCE 2021-10-06 15:53:31 +05:30
Prince Chaddha 3ce3718a5e
Merge pull request #2835 from Akokonunes/patch-49
Create ultimatemember-plugin-open-redirect.yaml
2021-10-06 11:04:54 +05:30
Prince Chaddha 183af8b95b
Update and rename ultimatemember-plugin-open-redirect.yaml to vulnerabilities/wordpress/ultimatemember-open-redirect.yaml 2021-10-06 10:59:48 +05:30
Prince Chaddha f1130595ce
Update and rename wptouch-plugin-open-redirect.yaml to vulnerabilities/wordpress/wptouch-open-redirect.yaml 2021-10-06 10:46:16 +05:30
Prince Chaddha 5b5e764b48
Merge pull request #2787 from mr-rizwan-syed/master
wp-config-file and aws-s3-access-key-leak
2021-10-05 18:25:04 +05:30