daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
28,514 Commits
17 Branches
0 Tags
165 MiB
Commit Graph

1473 Commits (63427283e53208d09f3564b1f31ab9bebdb0b5e1)

Author SHA1 Message Date
MostInterestingBotInTheWorld 186745475b
dos2unix conversions (#6969) 
* Add description and enhance one where the UI failed to save properly.
dos2unix on a template

* Change cvedetails link to nvd

* make severities match

* Enhancement: cves/2015/CVE-2015-2863.yaml by md

* Enhancement: cves/2017/CVE-2017-14524.yaml by md

* Enhancement: cves/2017/CVE-2017-5638.yaml by md

* Enhancement: cves/2019/CVE-2019-16759.yaml by md

* Enhancement: cves/2021/CVE-2021-22986.yaml by md

* Enhancement: cves/2021/CVE-2021-24145.yaml by md

* Enhancement: cves/2021/CVE-2021-24145.yaml by md

* Enhancement: cves/2021/CVE-2021-24155.yaml by md

* Enhancement: cves/2021/CVE-2021-24145.yaml by md

* Enhancement: cves/2021/CVE-2021-24145.yaml by md

* Enhancement: cves/2021/CVE-2021-24347.yaml by md

* Enhancement: cves/2021/CVE-2021-25003.yaml by md

* Enhancement: cves/2021/CVE-2021-25296.yaml by md

* Enhancement: cves/2021/CVE-2021-25297.yaml by md

* Enhancement: cves/2021/CVE-2021-25296.yaml by md

* Enhancement: cves/2021/CVE-2021-25297.yaml by md

* Enhancement: cves/2021/CVE-2021-25298.yaml by md

* Enhancement: cves/2021/CVE-2021-25297.yaml by md

* Enhancement: cves/2021/CVE-2021-28151.yaml by md

* Enhancement: cves/2021/CVE-2021-30128.yaml by md

* Enhancement: cves/2022/CVE-2022-0824.yaml by md

* Enhancement: cves/2022/CVE-2022-0824.yaml by md

* Enhancement: cves/2022/CVE-2022-0885.yaml by md

* Enhancement: cves/2022/CVE-2022-21587.yaml by md

* Enhancement: cves/2022/CVE-2022-2314.yaml by md

* Enhancement: cves/2022/CVE-2022-24816.yaml by md

* Enhancement: cves/2022/CVE-2022-31499.yaml by md

* Enhancement: cves/2022/CVE-2022-21587.yaml by md

* Enhancement: cves/2021/CVE-2021-24155.yaml by md

* Enhancement: cves/2017/CVE-2017-5638.yaml by md

* Enhancement: cves/2015/CVE-2015-2863.yaml by md

* Enhancement: cves/2022/CVE-2022-33901.yaml by md

* Enhancement: cves/2022/CVE-2022-2314.yaml by md

* Enhancement: cves/2022/CVE-2022-33901.yaml by md

* Enhancement: cves/2022/CVE-2022-34753.yaml by md

* Enhancement: cves/2022/CVE-2022-39952.yaml by md

* Enhancement: cves/2022/CVE-2022-4060.yaml by md

* Enhancement: cves/2022/CVE-2022-44877.yaml by md

* Enhancement: cves/2023/CVE-2023-0669.yaml by md

* Enhancement: cves/2023/CVE-2023-26255.yaml by md

* Enhancement: cves/2023/CVE-2023-26256.yaml by md

* Enhancement: exposures/files/salesforce-credentials.yaml by md

* Enhancement: misconfiguration/hadoop-unauth-rce.yaml by md

* Enhancement: misconfiguration/installer/nopcommerce-installer.yaml by md

* Enhancement: network/backdoor/backdoored-zte.yaml by md

* Enhancement: network/detection/ibm-d2b-database-server.yaml by md

* Enhancement: network/detection/ibm-d2b-database-server.yaml by md

* Enhancement: technologies/oracle/oracle-atg-commerce.yaml by md

* Enhancement: token-spray/api-abuseipdb.yaml by md

* Enhancement: token-spray/api-abuseipdb.yaml by md

* Enhancement: token-spray/api-dbt.yaml by md

* Enhancement: vulnerabilities/avaya/avaya-aura-rce.yaml by md

* Enhancement: vulnerabilities/avaya/avaya-aura-xss.yaml by md

* Enhancement: vulnerabilities/cisco/cisco-cloudcenter-suite-rce.yaml by md

* Enhancement: vulnerabilities/froxlor-xss.yaml by md

* Enhancement: vulnerabilities/jamf/jamf-log4j-jndi-rce.yaml by md

* Enhancement: vulnerabilities/mobileiron/mobileiron-log4j-jndi-rce.yaml by md

* Enhancement: vulnerabilities/jamf/jamf-log4j-jndi-rce.yaml by md

* Enhancement: vulnerabilities/opencpu/opencpu-rce.yaml by md

* Enhancement: vulnerabilities/other/academy-lms-xss.yaml by md

* Enhancement: vulnerabilities/other/caucho-resin-info-disclosure.yaml by md

* Enhancement: vulnerabilities/other/ckan-dom-based-xss.yaml by md

* Enhancement: vulnerabilities/other/couchdb-adminparty.yaml by md

* Enhancement: vulnerabilities/other/graylog-log4j.yaml by md

* Enhancement: vulnerabilities/mobileiron/mobileiron-log4j-jndi-rce.yaml by md

* Initial cleanups for syntax errors

* dashboard gremlins

* Add log4j back to name

* Enhancement: exposures/files/salesforce-credentials.yaml by cs

* Enhancement: misconfiguration/installer/nopcommerce-installer.yaml by cs

* Enhancement: network/backdoor/backdoored-zte.yaml by cs

* Enhancement: vulnerabilities/other/couchdb-adminparty.yaml by cs

* Sev and other info tweaks

* Merge conflict

* Run dos2unix against all templates

* too many newlines error

* Fix too many blank lines error

* Fix severity mismatches
Cleanup language on a new test

---------

Co-authored-by: sullo <sullo@cirt.net>
 2023-03-27 14:22:40 -04:00
pussycat0x 333fe06d7b
Mlflow - Unauthenticated Access 2023-03-27 23:28:07 +05:30
MostInterestingBotInTheWorld 301fddaeb0
Dashboard Content Enhancements (#6965) 
* Add description and enhance one where the UI failed to save properly.
dos2unix on a template

* Change cvedetails link to nvd

* make severities match

* Enhancement: cves/2015/CVE-2015-2863.yaml by md

* Enhancement: cves/2017/CVE-2017-14524.yaml by md

* Enhancement: cves/2017/CVE-2017-5638.yaml by md

* Enhancement: cves/2019/CVE-2019-16759.yaml by md

* Enhancement: cves/2021/CVE-2021-22986.yaml by md

* Enhancement: cves/2021/CVE-2021-24145.yaml by md

* Enhancement: cves/2021/CVE-2021-24145.yaml by md

* Enhancement: cves/2021/CVE-2021-24155.yaml by md

* Enhancement: cves/2021/CVE-2021-24145.yaml by md

* Enhancement: cves/2021/CVE-2021-24145.yaml by md

* Enhancement: cves/2021/CVE-2021-24347.yaml by md

* Enhancement: cves/2021/CVE-2021-25003.yaml by md

* Enhancement: cves/2021/CVE-2021-25296.yaml by md

* Enhancement: cves/2021/CVE-2021-25297.yaml by md

* Enhancement: cves/2021/CVE-2021-25296.yaml by md

* Enhancement: cves/2021/CVE-2021-25297.yaml by md

* Enhancement: cves/2021/CVE-2021-25298.yaml by md

* Enhancement: cves/2021/CVE-2021-25297.yaml by md

* Enhancement: cves/2021/CVE-2021-28151.yaml by md

* Enhancement: cves/2021/CVE-2021-30128.yaml by md

* Enhancement: cves/2022/CVE-2022-0824.yaml by md

* Enhancement: cves/2022/CVE-2022-0824.yaml by md

* Enhancement: cves/2022/CVE-2022-0885.yaml by md

* Enhancement: cves/2022/CVE-2022-21587.yaml by md

* Enhancement: cves/2022/CVE-2022-2314.yaml by md

* Enhancement: cves/2022/CVE-2022-24816.yaml by md

* Enhancement: cves/2022/CVE-2022-31499.yaml by md

* Enhancement: cves/2022/CVE-2022-21587.yaml by md

* Enhancement: cves/2021/CVE-2021-24155.yaml by md

* Enhancement: cves/2017/CVE-2017-5638.yaml by md

* Enhancement: cves/2015/CVE-2015-2863.yaml by md

* Enhancement: cves/2022/CVE-2022-33901.yaml by md

* Enhancement: cves/2022/CVE-2022-2314.yaml by md

* Enhancement: cves/2022/CVE-2022-33901.yaml by md

* Enhancement: cves/2022/CVE-2022-34753.yaml by md

* Enhancement: cves/2022/CVE-2022-39952.yaml by md

* Enhancement: cves/2022/CVE-2022-4060.yaml by md

* Enhancement: cves/2022/CVE-2022-44877.yaml by md

* Enhancement: cves/2023/CVE-2023-0669.yaml by md

* Enhancement: cves/2023/CVE-2023-26255.yaml by md

* Enhancement: cves/2023/CVE-2023-26256.yaml by md

* Enhancement: exposures/files/salesforce-credentials.yaml by md

* Enhancement: misconfiguration/hadoop-unauth-rce.yaml by md

* Enhancement: misconfiguration/installer/nopcommerce-installer.yaml by md

* Enhancement: network/backdoor/backdoored-zte.yaml by md

* Enhancement: network/detection/ibm-d2b-database-server.yaml by md

* Enhancement: network/detection/ibm-d2b-database-server.yaml by md

* Enhancement: technologies/oracle/oracle-atg-commerce.yaml by md

* Enhancement: token-spray/api-abuseipdb.yaml by md

* Enhancement: token-spray/api-abuseipdb.yaml by md

* Enhancement: token-spray/api-dbt.yaml by md

* Enhancement: vulnerabilities/avaya/avaya-aura-rce.yaml by md

* Enhancement: vulnerabilities/avaya/avaya-aura-xss.yaml by md

* Enhancement: vulnerabilities/cisco/cisco-cloudcenter-suite-rce.yaml by md

* Enhancement: vulnerabilities/froxlor-xss.yaml by md

* Enhancement: vulnerabilities/jamf/jamf-log4j-jndi-rce.yaml by md

* Enhancement: vulnerabilities/mobileiron/mobileiron-log4j-jndi-rce.yaml by md

* Enhancement: vulnerabilities/jamf/jamf-log4j-jndi-rce.yaml by md

* Enhancement: vulnerabilities/opencpu/opencpu-rce.yaml by md

* Enhancement: vulnerabilities/other/academy-lms-xss.yaml by md

* Enhancement: vulnerabilities/other/caucho-resin-info-disclosure.yaml by md

* Enhancement: vulnerabilities/other/ckan-dom-based-xss.yaml by md

* Enhancement: vulnerabilities/other/couchdb-adminparty.yaml by md

* Enhancement: vulnerabilities/other/graylog-log4j.yaml by md

* Enhancement: vulnerabilities/mobileiron/mobileiron-log4j-jndi-rce.yaml by md

* Initial cleanups for syntax errors

* dashboard gremlins

* Add log4j back to name

* Enhancement: exposures/files/salesforce-credentials.yaml by cs

* Enhancement: misconfiguration/installer/nopcommerce-installer.yaml by cs

* Enhancement: network/backdoor/backdoored-zte.yaml by cs

* Enhancement: vulnerabilities/other/couchdb-adminparty.yaml by cs

* Sev and other info tweaks

* Merge conflict

---------

Co-authored-by: sullo <sullo@cirt.net>
 2023-03-27 23:16:47 +05:30
pussycat0x 5165e27927
Merge pull request #6756 from MrHarshvardhan/patch-3 
Create http-only-cookies.yaml
 2023-03-23 20:09:10 +05:30
Ritik Chaddha 28e9d14fa0
updated name 2023-03-23 17:13:03 +05:30
Ritik Chaddha adfde6f30f
update matchers,info 2023-03-23 17:12:27 +05:30
Dhiyaneshwaran e5892f7b47
removed duplicate endpoint 2023-03-23 15:38:43 +05:30
Abdelrhman Allam 179a846e0e
Update phpmyadmin-setup.yaml 
Reference: [https://twitter.com/GodfatherOrwa/status/1638141648029855745](https://twitter.com/GodfatherOrwa/status/1638141648029855745)
 2023-03-23 11:28:14 +02:00
ThePirateWhoSmellsOfSunflowers c5d0fc8593 Add new path in misconfiguration/phpmyadmin/phpmyadmin-setup.yaml 2023-03-22 15:27:14 +01:00
Dhiyaneshwaran 201984b6a2
Merge pull request #6912 from Esonhugh/template_branch_nacos_bypass_authentication 
Add nacos default jwt secret bypass auth Template
 2023-03-22 09:12:07 +05:30
Ritik Chaddha 0c605920b8
updated info,path 2023-03-22 01:55:37 +05:30
Prince Chaddha b1c353f53c
Update phpmyadmin-setup.yaml 2023-03-21 19:40:04 +05:30
pussycat0x 07feb2848a
metadata -update 2023-03-21 14:14:15 +05:30
pussycat0x bdfca5962c
file name -update 2023-03-21 14:09:52 +05:30
Esonhugh a529fd061c
update nacos bypass authentication 2023-03-21 16:34:06 +08:00
Prince Chaddha dd2b2085c6 Merge branch 'main' of https://github.com/projectdiscovery/nuclei-templates 2023-03-18 16:09:38 -06:00
Prince Chaddha fb23d66717 templates added 2023-03-18 16:07:09 -06:00
sandeep 23b23995a4 moving files around 2023-03-18 14:26:12 +05:30
Ritik Chaddha c0f5558d81
added metadata 2023-03-17 21:41:11 +05:30
MostInterestingBotInTheWorld 7677e07dec
Merge branch 'main' into dashboard 2023-03-17 11:24:28 -04:00
sullo 7cbbcde121 Too many spaces after : 2023-03-17 10:08:26 -04:00
MostInterestingBotInTheWorld 1571bbab0f Enhancement: misconfiguration/ups-status.yaml by cs 2023-03-17 09:53:30 -04:00
MostInterestingBotInTheWorld 05bc3c248e Enhancement: misconfiguration/tcpconfig.yaml by cs 2023-03-17 09:50:12 -04:00
MostInterestingBotInTheWorld c5d24f1fba Enhancement: misconfiguration/slurm-hpc-dashboard.yaml by cs 2023-03-17 09:46:43 -04:00
sullo 697efa1e6f Trailing space 2023-03-17 09:39:48 -04:00
Esonhugh 2b9eb20799
Add nacos default jwt secret bypass auth Template 2023-03-17 10:15:42 +08:00
Ritik Chaddha 1f431ca2e7
Merge pull request #6881 from pwnhxl/xxxx 
add apache-nifi-unauth
 2023-03-16 17:53:27 +05:30
Ritik Chaddha 1645865df9
updated matcher,metadata,classification 2023-03-16 12:59:28 +05:30
Dhiyaneshwaran f37cd19f96
Merge pull request #6901 from projectdiscovery/pussycat0x-patch-8 
Everything Server Exposure
 2023-03-16 07:53:02 +05:30
Dhiyaneshwaran dde6da4862
added additional matcher , proper description , accurate shodan query, change of directory 2023-03-16 07:48:24 +05:30
Dhiyaneshwaran 7fdd347bd4
Merge pull request #6900 from projectdiscovery/pussycat0x-patch-7 
Magnolia CMS Installer
 2023-03-16 06:44:00 +05:30
Dhiyaneshwaran dfd1060b1c
added and complete the matchers 2023-03-16 06:39:22 +05:30
Ritik Chaddha 2b5c3c48cc
Merge pull request #6823 from sullo/severity-matching 
Match severity with CVSS
 2023-03-15 20:48:33 +05:30
MostInterestingBotInTheWorld e86b61d644 Enhancement: misconfiguration/ups-status.yaml by md 2023-03-15 10:20:31 -04:00
MostInterestingBotInTheWorld b5f0f9d867 Enhancement: misconfiguration/transmission-dashboard.yaml by md 2023-03-15 10:18:22 -04:00
MostInterestingBotInTheWorld b859fbd8ce Enhancement: misconfiguration/tcpconfig.yaml by md 2023-03-15 10:10:17 -04:00
MostInterestingBotInTheWorld 5b6950ba2b Enhancement: misconfiguration/tcpconfig.yaml by md 2023-03-15 10:09:45 -04:00
Ritik Chaddha 91a3e38f7d
Update iot-vdme-simulator.yaml 2023-03-15 19:34:27 +05:30
Ritik Chaddha 68a5c1295e
severity update 2023-03-15 19:33:14 +05:30
pussycat0x 27a4a0306a
Magnolia CMS Installer 2023-03-15 18:29:13 +05:30
pussycat0x d6777c85d2
minor - update 2023-03-14 22:11:44 +05:30
pussycat0x 260682276b
format -fix 2023-03-14 22:01:31 +05:30
MostInterestingBotInTheWorld 0237c8b315 Enhancement: misconfiguration/slurm-hpc-dashboard.yaml by md 2023-03-14 11:25:56 -04:00
MostInterestingBotInTheWorld 27f11b0de8 Enhancement: misconfiguration/rethinkdb-admin-console.yaml by md 2023-03-14 11:23:14 -04:00
sullo 976539bffd Cleanups. 
rename fuzzing/adminer-panel-fuzz.yaml -> exposed-panels/adminer-panel-detect.yaml as it's just guessing file names, not fuzzing.
 2023-03-10 15:24:54 -05:00
sullo 1c6aeb5afd Some severity mismatch cleanups 2023-03-10 15:05:35 -05:00
MostInterestingBotInTheWorld 828d1b3ba6
Merge branch 'main' into dashboard 2023-03-10 15:03:33 -05:00
sullo ede2183e8e spacing and other cleanups 2023-03-10 15:00:55 -05:00
MostInterestingBotInTheWorld 5490c99965 Enhancement: misconfiguration/questdb-console.yaml by cs 2023-03-10 14:25:53 -05:00
MostInterestingBotInTheWorld d3b52eaff6 Enhancement: misconfiguration/questdb-console.yaml by cs 2023-03-10 14:24:34 -05:00