Commit Graph

397 Commits (6396390240bf5897e927a58fa855962f336650d1)

Author SHA1 Message Date
pussycat0x cb6eaf95a2
Merge pull request #7637 from projectdiscovery/cve-templates4
CVEs added
2023-07-07 16:46:09 +05:30
Ritik Chaddha 1565dc6517
Rename universal-media-xss.yaml to universal-media-xss.yaml 2023-07-07 16:40:25 +05:30
Prince Chaddha 7d7e4f43ac updated stored tags 2023-07-07 15:34:00 +05:30
Prince Chaddha 332e19282e templates added 2023-07-07 15:08:49 +05:30
Prince Chaddha 75ed275328 removed enhanced by comments 2023-07-05 13:37:58 +05:30
German d60ab4e5d0
Update cacti-weathermap-file-write.yaml removing broken reference
Reference does not exist on website anymore, no cached version found and I also couldn't find a good replacement reference.
2023-07-03 17:59:02 +02:00
Arm!tage 5603a4344d
fix CVE-2022-46934.yaml (#7505)
* fix CVE-2022-46934.yaml

* add tags

* add kkfileview-ssrf.yaml

* misc fixes

* Update kkfileview-ssrf.yaml

* misc fixes

---------

Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
2023-07-01 22:09:12 +05:30
Dhiyaneshwaran 956ef19f42
Merge pull request #7526 from mastercho/arcadephp
Added ardace.php SQL Inj template
2023-06-29 11:43:33 +05:30
Ritik Chaddha 84380cffbd
reverted back with updates 2023-06-28 17:18:50 +05:30
Sandeep Singh 62f0c160d8
Added Hikvision iVMS-8700 - File Upload Remote Code Execution (#7536)
Co-authored-by: brucelsone <101378596+brucelsone@users.noreply.github.com>
2023-06-25 14:32:37 +05:30
Ritik Chaddha 19610568a3
lint and format fix 2023-06-24 23:52:39 +05:30
mastercho 724e350077 Added ardace.php SQL Inj template 2023-06-24 02:25:56 +03:00
GitHub Action 41277637c0 TemplateMan Update [Wed Jun 21 21:03:53 UTC 2023] 🤖 2023-06-21 21:03:54 +00:00
Dhiyaneshwaran 6d1b1368a0
Merge pull request #7486 from projectdiscovery/fix-fp-avaya-rce
Fix FP - avaya-aura-rce.yaml
2023-06-21 12:33:19 +05:30
Prince Chaddha 38fc2440ce
Update epp-server-lfi.yaml 2023-06-21 09:15:12 +05:30
sandeep c90fa30096 removed deprecated header syntax with latest one 2023-06-20 02:40:30 +05:30
Dhiyaneshwaran 56f9bc7156
Fix FP - avaya-aura-rce.yaml 2023-06-19 17:56:23 +05:30
pussycat0x ab5a846742
Merge pull request #7475 from projectdiscovery/nuxt-js-lfi
Create nuxt-js-lfi.yaml
2023-06-17 12:12:13 +05:30
pussycat0x 77a41f5163
Merge pull request #7476 from projectdiscovery/nuxt-js-semi-lfi
Create nuxt-js-semi-lfi.yaml
2023-06-17 12:11:38 +05:30
Dhiyaneshwaran 81ca5507a0
fix FP 2023-06-17 11:07:34 +05:30
Dhiyaneshwaran 33344bd676
Create nuxt-js-xss.yaml 2023-06-17 10:47:59 +05:30
Dhiyaneshwaran b24934f4c0
Create nuxt-js-semi-lfi.yaml 2023-06-17 10:46:30 +05:30
Dhiyaneshwaran d2c173d91b
Create nuxt-js-lfi.yaml 2023-06-17 10:44:18 +05:30
pussycat0x 73f7e49c9a
Merge pull request #7398 from projectdiscovery/epp-server-lfi
Create epp-server-lfi.yaml
2023-06-16 13:25:47 +05:30
Ritik Chaddha 06a3ae4604
Merge pull request #7455 from j4vaovo/patch-65
Update avaya-aura-rce.yaml
2023-06-16 10:17:48 +05:30
Ritik Chaddha b6debd17b7
Update avaya-aura-rce.yaml 2023-06-16 10:14:46 +05:30
Ritik Chaddha 6f883ac17b
Update avaya-aura-rce.yaml 2023-06-16 10:13:11 +05:30
Dhiyaneshwaran 3f13ff9e76
Merge pull request #7392 from projectdiscovery/princechaddha-patch-2
Fixing tags
2023-06-16 09:48:34 +05:30
J4vaovo 67338b772a
Update avaya-aura-rce.yaml 2023-06-15 19:24:13 +08:00
Dhiyaneshwaran 788e8c1a2b
Merge pull request #7314 from ruben-condor/add-cve-id-to-joomla-jvehicles-lfi
Updated joomla-jvehicles-lfi.yaml
2023-06-14 12:59:19 +05:30
Dhiyaneshwaran f8210e87d2
Create epp-server-lfi.yaml 2023-06-13 13:03:41 +05:30
Prince Chaddha f9fd870fbb misc changes 2023-06-12 18:54:55 +05:30
Prince Chaddha 6494cd33a0 Update sponip-network-system-ping-rce.yaml 2023-06-12 18:48:47 +05:30
Ruben Condor 610683658a
remove cve-id and cve tags from joomla-jvehicles-lfi.yaml 2023-06-12 13:23:45 +03:00
Dhiyaneshwaran 75541d494d
Update jenkins-script.yaml 2023-06-12 10:57:03 +05:30
Ritik Chaddha 19dd0c11a8
Update open-redirect.yaml 2023-06-08 09:40:40 +05:30
Paul McCarty 4c73436286
Updated open-redirect.yaml Template 2023-06-08 10:03:21 +10:00
Ritik Chaddha 7b68cb0130
updated matcher 2023-06-05 15:59:01 +05:30
Dhiyaneshwaran 93826c209c
Create sitecore-xml-xss.yaml 2023-06-05 15:31:33 +05:30
Ritik Chaddha a736eaf0c9
Merge pull request #7308 from j4vaovo/patch-40
fix vmware-vcenter-ssrf-false positive
2023-06-05 13:32:04 +05:30
sandeep e53d19f583 boolean format update 2023-06-04 13:43:42 +05:30
J4vaovo 93fd9f737a
Update vmware-vcenter-ssrf.yaml 2023-06-04 07:17:40 +08:00
GitHub Action df5a969b80 Auto Generated CVE annotations [Sat Jun 3 18:56:35 UTC 2023] 🤖 2023-06-03 18:56:35 +00:00
Ritik Chaddha 12e3a86986 updated metadata 2023-06-01 23:09:07 +05:30
Ritik Chaddha bc3dd3c0d4 Revert "update max-req => max-request"
This reverts commit d82143eacc.
2023-06-01 22:48:38 +05:30
Ritik Chaddha d82143eacc update max-req => max-request 2023-06-01 22:46:25 +05:30
Ruben Condor d8c0b70793
Updated joomla-jvehicles-lfi.yaml 2023-05-30 12:01:27 +03:00
Ritik Chaddha 7e0eae2303
Merge pull request #7313 from ruben-condor/add-description-and-classification-to-xenmobile-server-log4j
Updated xenmobile-server-log4j.yaml
2023-05-30 14:31:06 +05:30
Ruben Condor 21cc1381f9
Updated xenmobile-server-log4j.yaml 2023-05-30 11:55:30 +03:00
J4vaovo 4306a9eb08
Update vmware-vcenter-ssrf.yaml 2023-05-30 05:46:56 +08:00
Ritik Chaddha 3fd9defc7c
Update yeswiki-xss.yaml 2023-05-29 23:25:05 +05:30
Ruben Condor b4e86356f5
Update yeswiki-xss.yaml 2023-05-29 14:09:34 +03:00
Prince Chaddha 9b21697dcd
Merge pull request #7285 from projectdiscovery/princechaddha-patch-5
Updated wordpress-rce-simplefilelist
2023-05-23 16:46:23 +05:30
Dhiyaneshwaran 24d1465ec4
Merge pull request #7174 from dm-ct/patch-1
Create unauth-ztp-ping.yaml
2023-05-23 13:48:59 +05:30
Prince Chaddha 60348d2e4a
updated tags 2023-05-23 13:36:55 +05:30
Prince Chaddha 12862393b6
Update wordpress-rce-simplefilelist.yaml 2023-05-23 13:35:51 +05:30
Walter Sagehorn a1226428e6
Adds 'tags' attribute to deadbolt-ransomware.yaml 2023-05-22 14:10:53 -05:00
pussycat0x f998a28e12
Update unauth-ztp-ping.yaml 2023-05-22 20:58:34 +05:30
Dhiyaneshwaran 48ef52b582
Merge pull request #7237 from projectdiscovery/avtech-verification-bypass
Create avtech-verification-bypass.yaml
2023-05-17 10:43:23 +05:30
Dhiyaneshwaran 6643107c90
added default username and password 2023-05-17 10:40:43 +05:30
Dhiyaneshwaran 7d21e9fc51
Merge pull request #7233 from projectdiscovery/avtech-unauth-file-download
Create avtech-unauth-file-download.yaml
2023-05-17 01:54:44 +05:30
Dhiyaneshwaran d602862a19
Merge pull request #7236 from projectdiscovery/avtech-dvr-ssrf
Create avtech-dvr-ssrf.yaml
2023-05-17 01:53:08 +05:30
Dhiyaneshwaran a612bc4c8b
Merge pull request #7234 from projectdiscovery/avtech-auth-bypass
Create avtech-auth-bypass.yaml
2023-05-17 01:29:25 +05:30
Ritik Chaddha 04196e0eb3
Create ecology-mysql-config.yaml 2023-05-16 12:07:50 +05:30
Ritik Chaddha d9e2a77566
Create avtech-verification-bypass.yaml 2023-05-16 01:52:39 +05:30
Ritik Chaddha a13cafd50a
Create avtech-dvr-ssrf.yaml 2023-05-16 01:12:10 +05:30
Ritik Chaddha a0a92bc170
Create avtech-auth-bypass.yaml 2023-05-15 23:33:12 +05:30
Ritik Chaddha a947db87a3
Create avtech-unauth-file-download.yaml 2023-05-15 23:31:22 +05:30
GitHub Action 1c5197c6f7 Auto Generated CVE annotations [Thu May 11 13:27:36 UTC 2023] 🤖 2023-05-11 13:27:36 +00:00
pussycat0x 627b495a89
Merge pull request #7119 from kazet/generic-env-detector
Generic .env detector
2023-05-11 15:04:42 +05:30
pussycat0x 128d1499a8
protocol -update 2023-05-11 14:49:23 +05:30
Ritik Chaddha 6ee69d03a1 Merge branch 'main' into update-log4j 2023-05-11 13:08:41 +05:30
Dhiyaneshwaran 6cf79c00d5
Update and rename exposures/configs/env.yaml to http/vulnerabilities/generic/generic-env.yaml 2023-05-10 16:47:21 +05:30
Dhiyaneshwaran 68828dd492
Merge pull request #7183 from projectdiscovery/cve-templates1
CVE templates added
2023-05-10 01:09:21 +05:30
Sandeep Singh 6addff3ac6
misc syntax fixes (#7201) 2023-05-09 18:13:13 +05:30
Ritik Chaddha f96e98052e payload update 2023-05-08 11:07:00 +05:30
Prince Chaddha 124b2230cf templates added 2023-05-06 17:42:20 +05:30
Prince Chaddha b08774126b
Merge pull request #7155 from projectdiscovery/add-max-request
Added `max-request` counter of each template
2023-05-04 17:55:42 +05:30
dm-ct f74e8bd714
Update unauth-ztp-ping.yaml
accidentally left a ?ref tag in a reference.
2023-05-04 10:54:09 +01:00
dm-ct 9ec854c91e
Create unauth-ztp-ping.yaml
Creates a template that can detect ZyXEL ZTP (Zero Touch Provisioning) interfaces that lack any authentication checks.
Authentication checks were added in the fixes for CVE-2023-28771
2023-05-04 10:14:16 +01:00
Ritik Chaddha 05eb753985
Update apache-ofbiz-log4j-rce.yaml 2023-05-04 11:05:06 +05:30
Ritik Chaddha 0c049e028e updated templates 2023-05-04 00:16:17 +05:30
Ritik Chaddha 109d452109 Merge branch 'update-log4j' of https://github.com/projectdiscovery/nuclei-templates into update-log4j 2023-05-03 23:51:59 +05:30
Ritik Chaddha 82a8526978 updated templates 2023-05-03 23:51:23 +05:30
Ritik Chaddha 8da408f77c
name update=id 2023-05-03 23:42:07 +05:30
Ritik Chaddha 89185ad7fe
fix 2023-05-03 23:31:55 +05:30
Ritik Chaddha b50e22b7da updated log4j 2023-05-03 23:21:44 +05:30
Ritik Chaddha 3cf8d0bd94
Update All Existing Log4j Templates 2023-05-03 17:21:48 +05:30
sandeep a470c2a150 Merge remote-tracking branch 'origin' into add-max-request 2023-05-02 17:52:27 +05:30
Dhiyaneshwaran 1c1bc41ea2 added metadata 2023-05-02 11:03:28 +05:30
sandeep e762172422 Added WPML XSS 2023-05-01 21:18:57 +05:30
j4vaovo f5df1a74cb
Update vmware-siterecovery-log4j-rce.yaml (#7157) 2023-04-30 16:03:43 +05:30
Sandeep Singh 28f4302dcd
Merge branch 'main' into add-max-request 2023-04-29 13:32:16 +05:30
Dhiyaneshwaran bb63a4aeab
Merge pull request #7116 from j4vaovo/patch-28
Create apache-druid-kafka-connect-rce.yaml
2023-04-28 15:27:30 +05:30
Dhiyaneshwaran 5136c8f23c
Rename vulnerabilities/apache/apache-druid-kafka-connect-rce.yaml to http/vulnerabilities/apache/apache-druid-kafka-connect-rce.yaml 2023-04-28 15:25:03 +05:30
sandeep 1f5b1f2c47 Added max request counter of each template 2023-04-28 13:41:21 +05:30
Prince Chaddha e0af666e1c
Refactoring the directory structure based on protocols (#7137)
* moving http templates

* updated cves.json

* moved network CVEs

* updated scripts

* updated workflows

* updated requests to http

* replaced network to tcp

---------

Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
2023-04-27 09:58:59 +05:30