Commit Graph

300 Commits (61e5b6a62759b6aad78e8809af4fc75ebe2986d5)

Author SHA1 Message Date
Robbie 07c84b347e
Create wordpress-emails-verification-for-woocommerce.yaml 2020-09-08 12:12:53 +01:00
PikPikcU 9c6f45a08a
Create mida-eframework-xss.yaml 2020-09-08 09:45:12 +00:00
bauthard 450df94e3d Update bullwark-momentum-series-directory-traversal.yaml 2020-09-07 02:16:06 +05:30
PikPikcU 67f72d11e6
Create bullwark-momentum-series-directory-traversal.yaml 2020-09-05 14:58:51 +00:00
un-fmunozs 21c8656c12 False positive on XSS templates
Encode XSS payload to prevent false positives when the Query string is returned AS IS by the server. Recent browsers will always send the parameters encoded.
2020-09-03 10:56:31 -05:00
sushant-kamble 25fd4da110 new template 2020-09-02 17:22:30 -05:00
Dwi Siswanto ca4dbf605b 🔡 Justifying id's 2020-09-01 09:25:25 +07:00
bauthard 9bf0b6dbaf uniform format 2020-09-01 00:04:29 +05:30
bauthard 6abc3c9429
Merge pull request #369 from projectdiscovery/wems-manager-xss
Create wems-manager-xss.yaml
2020-08-30 11:11:18 +05:30
bauthard 140716bac8 Create wems-manager-xss.yaml 2020-08-30 11:10:09 +05:30
bauthard 62cbf524aa
Merge pull request #368 from projectdiscovery/eclipse-help-system-xss
Create eclipse-help-system-xss.yaml
2020-08-30 10:39:19 +05:30
bauthard 01d055aa1f Update eclipse-help-system-xss.yaml 2020-08-30 10:38:28 +05:30
bauthard 5a860c63ed Create eclipse-help-system-xss.yaml 2020-08-30 10:35:28 +05:30
bauthard 1d8b3f71a0 Update sick-beard-xss.yaml 2020-08-29 02:33:17 +05:30
bauthard 99c83642fa Create sick-beard-xss.yaml 2020-08-29 02:25:56 +05:30
bauthard 747aa48d09
Merge pull request #345 from aqme/master
Add *description* property to nuclei-templates
2020-08-28 01:09:39 +05:30
toufik-airane 8cc901ced0
comment reference field 2020-08-27 21:05:33 +02:00
toufik-airane 146e114a3b
fix minor yamllint issues
Fix minor yamllint issues to move forward.
2020-08-25 22:18:58 +02:00
bauthard ddb9a608ff Update rce-via-java-deserialization.yaml 2020-08-26 01:22:50 +05:30
toufik-airane 79ccce2ae4
add few descriptions
add few descriptions and references on /vulnerabilities/ templates.
2020-08-25 21:43:43 +02:00
toufik-airane 9990d326e4
CRLF injection
update description
2020-08-25 18:46:19 +02:00
toufik-airane 79e826d782
CouchDB Admin Party
update description
2020-08-25 17:29:11 +02:00
Khaled Mohamed 532072c677
Update crlf-injection.yaml 2020-08-11 14:58:53 +02:00
Aron Molnar f4ebffa1bc
Improve shellshock payload 2020-08-06 10:03:58 +02:00
un-fmunozs 03eb473c7b Update rce-via-java-deserialization.yaml
Add rce-via-java-deserialization id
2020-08-05 22:57:52 -05:00
bauthard f5d35e3fad minor fixs 2020-08-01 02:18:24 +05:30
SaN ThosH 99d78127ea
Nginx virtual host traffic status module XSS
https://github.com/vozlt/nginx-module-vts/issues/174
2020-07-31 23:18:14 +05:30
bauthard b44f47c502 matcher updates 2020-07-31 23:12:34 +05:30
SaN ThosH a46612e7b7
Create tikiwiki-reflected-xss.yam 2020-07-31 22:55:41 +05:30
bauthard d6930042a9 trailing-spaces 2020-07-31 15:32:19 +05:30
bauthard 9be9a16bbc
Merge pull request #269 from eugui/patch-4
Update open-redirect.yaml
2020-07-28 21:16:58 +05:30
bauthard e23e6767fd updating template 2020-07-28 20:44:22 +05:30
d[-_-]b 318a78ebef
Update open-redirect.yaml 2020-07-28 14:29:36 +01:00
Alfie Njeru 6e8b732d57
Update oracle-ebs-bispgraph-file-access-vulnerability(rce).yaml 2020-07-27 12:37:21 +03:00
Alfie Njeru 5340a96e4c
Oracle EBS Bispgraph File Access Vulnerability
A test to check whether you can read the etc/password file on a vulnerable Oracle Enterprise Business Suite instance
2020-07-27 12:25:15 +03:00
bauthard 4651a012cd
Rename RCE-via-java-deserialization.yaml to rce-via-java-deserialization.yaml 2020-07-24 15:02:04 +05:30
bauthard 55ccaba797 Update RCE-via-java-deserialization.yaml 2020-07-24 14:59:46 +05:30
uhnysh 5e26af7cfc
Update RCE-via-java-deserialization.yaml 2020-07-24 14:54:31 +05:30
uhnysh 41f25f0fc2
rce via java deserialization 2020-07-24 14:45:31 +05:30
bauthard 0153c765a9 Update open-redirect.yaml 2020-07-21 13:32:10 +05:30
Ice3man543 ed4e9e7feb Fixed default condition OR to AND in false-positives 2020-07-08 17:08:57 +05:30
Harsh Bothra 3d7f039cbd
Rename ibm-infoprint-directory-traversal to ibm-infoprint-directory-traversal.yaml 2020-07-07 17:41:34 +05:30
Harsh Bothra 97db04d90e
Create ibm-infoprint-directory-traversal
IBM InfoPrint 4247-Z03 Impact Matrix Printer - Directory Traversal
2020-07-07 17:40:48 +05:30
Mohamed Elbadry 3381eed789
Update open-redirect.yaml 2020-07-06 16:21:43 +02:00
Mohamed Elbadry d2f024dc32
Update crlf-injection.yaml 2020-07-06 16:16:27 +02:00
Mohamed Elbadry e255561721
Update crlf-injection.yaml 2020-07-06 16:11:29 +02:00
bauthard 6d498a6054 syntax update 2020-07-06 13:57:46 +05:30
bauthard 991376c439
Merge pull request #174 from dwisiswant0/development
Adding Spring Boot Actuators (Jolokia) XXE
2020-07-02 23:07:34 +05:30
dw1 ecd295aff4 🔥 Add Springboot Actuators (Jolokia) XXE Vulnerability 2020-07-02 23:15:33 +07:00
organiccrap 2d8c78c263 updates 2020-07-02 21:53:41 +08:00
Ice3man e9c23dffe0
Merge pull request #126 from projectdiscovery/iceman-regex-fix
Regex issues fix by simplifying and fixing some edge cases
2020-06-22 08:36:29 -07:00
Manuel Bua 7df644ed6a Handle more spacing edge-cases, anchor at end of line 2020-06-22 13:15:01 +02:00
Manuel Bua 15fa8f2244 Switch to multiline matching to avoid false positives 2020-06-22 12:26:30 +02:00
Manuel Bua c7262c3ee7 Handle spaces in non-standard response headers 2020-06-22 10:55:52 +02:00
dudez 4ec258bd16
Handle protocol-relative URL in redirects 2020-06-22 10:02:43 +02:00
Manuel Bua c08676116c Handle some more edge cases 2020-06-21 23:04:37 +02:00
Aditya Soni 1ccc5d2b53
Update rce-shellshock-user-agent.yaml 2020-06-03 05:38:36 +05:30
Khaled Mohamed b390ffa076
Create rce-shellshock-user-agent.yaml 2020-05-28 17:20:00 +02:00
Ice3man 4480395e5c
Update open-redirect.yaml 2020-05-27 22:24:32 +05:30
Ice3man 1a558c820b
Update crlf-injection.yaml 2020-05-27 21:40:32 +05:30
Ice3man 0ae2fe3c85
Better regex for CRLF injection that catches whitespaces 2020-05-27 21:38:40 +05:30
Ice3man543 1758728197 Linting refactor to make yamllint happy 2020-05-25 17:22:12 +05:30
Fabian Affolter 3dfc2f99db
Update syntax 2020-05-25 10:24:39 +02:00
Fabian Affolter 4404138e70
Fix syntax 2020-05-25 00:19:21 +02:00
Pxmme 8b6bd2f717
Update crlf-injection.yaml 2020-05-24 14:22:35 +02:00
bauthard 6e495e41e7
Merge pull request #88 from Pxmme/master
Updating open redirect detection with regex + more payloads
2020-05-17 04:11:36 +05:30
Pxmme 6961c63659
Adding @ for Twitter handles cause Andi bitched about it 2020-05-16 23:39:47 +02:00
Pxmme 22c85b660f
Updating authors with Twitter handles + forgot Andi for giving me a few path based payloads 2020-05-16 23:32:21 +02:00
Pxmme 42e05c89b5
Forgot to add fisher who gave me the GET param list! 2020-05-16 23:28:20 +02:00
Pxmme 7c25948a33
Update open-redirect.yaml 2020-05-16 23:25:31 +02:00
Pxmme e33d72e4f2
Update and rename path-based-open-redirect-1.yaml to open-redirect.yaml 2020-05-16 23:25:16 +02:00
bauthard 0d5b682e94 updating cve names 2020-05-08 18:40:02 +00:00
Michael Blake 5caa7cecb9 Reduce false-positives for Moodle XSS 2020-05-07 21:50:17 -07:00
Nadino92 73d4a18752
CRLF injection
CRLF injection with normal encoding and unicode bypass encoding https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/CRLF%20Injection
2020-05-04 17:53:49 +02:00
Aditya Soni 4a1d217c9a
Create cached-aem-pages.yaml 2020-04-25 20:08:27 +05:30
bauthard f708589c91
updating template ID. 2020-04-22 15:24:04 +05:30
Mohamed Elbadry b9a7f2b384
Create x-forwarded-host-injection.yaml 2020-04-22 07:05:14 +02:00
Prince Chaddha 82f2a9dfa6
Update twig-php-ssti.yaml 2020-04-20 17:44:59 +05:30
bauthard 6ea37ba7e5
fixing the template. 2020-04-09 19:06:44 +05:30
bauthard c3af1e5cd2
fixing the format 2020-04-09 18:11:59 +05:30
bauthard 634db637af
Update and rename Moodle filter_jmol lfi.yaml to moodle-filter-jmol-lfi.yaml 2020-04-08 22:29:16 +05:30
bauthard 99f56328a5
Update and rename Moodle filter_jmol XSS.yaml to moodle-filter-jmol-xss.yaml 2020-04-08 22:22:17 +05:30
bauthard 1f53153ef3
Update and rename PDF Signer v3.0 - SSTI to RCE via CSRF Cookie.yaml to pdf-signer-ssti-to-rce.yaml 2020-04-08 22:20:31 +05:30
bauthard eee4ed9198
Update and rename WordPress Wordfence 7.4.6 XSS.yaml to wordpress-wordfence-xss.yaml 2020-04-08 22:19:00 +05:30
bauthard 27a44abdba
Update and rename WordPress duplicator Path Traversal.yaml to wordpress-duplicator-path-traversal.yaml 2020-04-08 22:17:56 +05:30
bauthard 27f29ab484
adding twig-php-ssti 2020-04-08 22:00:10 +05:30
bauthard 1431ca6265
Create discourse-xss.yaml 2020-04-08 21:40:51 +05:30
SaN ThosH e0a4f22bc0
Update WordPress duplicator Path Traversal.yaml 2020-04-08 18:58:11 +05:30
SaN ThosH 366688b5d8
Update WordPress Wordfence 7.4.6 XSS.yaml 2020-04-08 18:57:59 +05:30
SaN ThosH 15a27df85f
Update Moodle filter_jmol XSS.yaml 2020-04-08 18:57:52 +05:30
SaN ThosH 29a58d9465
Update and rename Moodle filter_jmol multiple vulnerabilities.yaml to Moodle filter_jmol lfi.yaml 2020-04-08 18:20:43 +05:30
SaN ThosH 1b346644e7
Create Moodle filter_jmol XSS.yaml 2020-04-08 18:18:06 +05:30
SaN ThosH f5eddff072
Create Moodle filter_jmol multiple vulnerabilities.yaml 2020-04-08 18:17:16 +05:30
SaN ThosH be72ce2889
Create PDF Signer v3.0 - SSTI to RCE via CSRF Cookie.yaml 2020-04-08 18:15:37 +05:30
SaN ThosH fb3b4ed44d
Create WordPress duplicator Path Traversal.yaml 2020-04-08 17:43:25 +05:30
SaN ThosH bd7a74ae84
Update WordPress Wordfence 7.4.6 XSS.yaml 2020-04-08 17:37:15 +05:30
SaN ThosH edc7a1ed8c
Create WordPress Wordfence 7.4.6 XSS.yaml 2020-04-08 17:36:42 +05:30
bauthard a3935196cf
more updates. 2020-04-06 17:58:53 +05:30
bauthard 1d75ccaa2c
updating the id and name for better understanding 2020-04-06 17:56:14 +05:30
MMrhassel 16ded6d47e
Create open-redirect.yaml 2020-04-06 14:12:30 +02:00