daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
12,504 Commits
17 Branches
0 Tags
165 MiB
Commit Graph

916 Commits (6411ca373f6fc39b70f51c22fa6f001bbfe4e61c)

Author SHA1 Message Date
Sandeep Singh cd59d38e3d
Merge pull request #3083 from pussycat0x/master 
Pentaho <= 9.1 Authentication Bypass of Spring APIs
 2021-11-06 16:52:44 +05:30
sandeep 0963b5f289 Added stop-at-first-match 2021-11-06 16:52:33 +05:30
sandeep 1d4ff44b88 misc update 2021-11-06 16:51:03 +05:30
sandeep 5fa10c4b64 cves update 2021-11-06 12:34:04 +05:30
sandeep 3e12441f6d matcher update 2021-11-06 03:56:14 +05:30
Prince Chaddha c1e8682918
Update CVE-2021-31602.yaml 2021-11-05 21:20:29 +05:30
pussycat0x 70425f1be2
Update CVE-2021-31602.yaml 2021-11-05 14:11:44 +05:30
pussycat0x 802607241d
Update CVE-2021-31602.yaml 2021-11-05 13:59:09 +05:30
pussycat0x 153a00af52
Add files via upload 2021-11-05 13:45:21 +05:30
Pradeepch99 8c5987b2b2
Update CVE-2021-36260.yaml 2021-11-05 08:44:19 +05:30
ImNightmaree acc8d46849
Updates "whoami" regex 
Fixes #3060
 2021-11-03 17:43:48 +00:00
GitHub Action ba5d199dbb Auto Generated CVE annotations [Tue Nov 2 20:23:01 UTC 2021] 🤖 2021-11-02 20:23:01 +00:00
sandeep 36bda42c27 misc update 2021-11-03 01:49:51 +05:30
Prince Chaddha 94c49907ce
Update CVE-2021-38704.yaml 2021-11-02 23:35:14 +05:30
Prince Chaddha 3541fb5754
Update CVE-2021-38704.yaml 2021-11-02 23:25:17 +05:30
Prince Chaddha 19ca42a3d6
Update CVE-2021-38704.yaml 2021-11-02 23:23:11 +05:30
Prince Chaddha 5e774b4e9b
Create CVE-2021-38704.yaml 2021-11-02 23:16:22 +05:30
Sandeep Singh c2a167939e
Merge pull request #3031 from gy741/rule-add-v70 
Create CVE-2021-31682.yaml
 2021-10-31 17:09:29 +05:30
sandeep fe6dbc8b4d misc update 2021-10-31 16:56:16 +05:30
GitHub Action 4cc2a7a205 Auto Generated CVE annotations [Sat Oct 30 11:41:59 UTC 2021] 🤖 2021-10-30 11:41:59 +00:00
sandeep 8c3f98c767 fixed invalid template syntax 2021-10-30 16:47:35 +05:30
GwanYeong Kim 43629d5f49 Create CVE-2021-31682.yaml 
The login portal for the Automated Logic WebCTRL/WebCTRL OEM web application contains a vulnerability that allows for reflected XSS attacks due to the operatorlocale GET parameter not being sanitized. This issue impacts versions 6.5 and below. This issue works by passing in a basic XSS payload to a vulnerable GET parameter that is reflected in the output without sanitization.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
 2021-10-30 19:36:29 +09:00
sandeep 9a7111c936 updating author details 2021-10-29 22:16:25 +05:30
sandeep 1fdf1ce10a name update 2021-10-29 21:36:05 +05:30
sandeep d6fbf8b35c misc updates 2021-10-29 21:33:59 +05:30
GitHub Action 4236ca70b5 Auto Generated CVE annotations [Fri Oct 29 12:45:06 UTC 2021] 🤖 2021-10-29 12:45:07 +00:00
Dhiyaneshwaran afbd8f0448
Create CVE-2021-20837.yaml 2021-10-29 18:13:32 +05:30
Sandeep Singh ba04bc0d3a
Merge pull request #3022 from projectdiscovery/CVE-2021-36260 
Added Hikvision RCE (CVE-2021-36260)
 2021-10-29 17:09:01 +05:30
GitHub Action b46d572636 Auto Generated CVE annotations [Fri Oct 29 10:29:18 UTC 2021] 🤖 2021-10-29 10:29:18 +00:00
sandeep f635c80512 Adding metadata 2021-10-29 14:49:58 +05:30
sandeep a451cfb48a misc update 2021-10-29 14:24:20 +05:30
sandeep 8f4a90f33a Added Hikvision RCE (CVE-2021-36260) 2021-10-29 13:47:09 +05:30
Prince Chaddha 3aadf53a95
Merge pull request #3014 from Mad-robot/patch-2 
Create CVE-2021-42566.yaml
 2021-10-29 00:29:05 +05:30
Prince Chaddha e58e1ef96d
Update CVE-2021-42566.yaml 2021-10-29 00:25:45 +05:30
Prince Chaddha 7f9490d762
Update CVE-2021-42565.yaml 2021-10-29 00:25:12 +05:30
Prince Chaddha 263fb400e9
Update CVE-2021-42566.yaml 2021-10-29 00:22:29 +05:30
SaN ThosH ca73e75974
Create CVE-2021-42566.yaml 2021-10-27 20:13:56 +05:30
SaN ThosH 0675ba8c67
Update and rename CVE-2021-42566.yaml to CVE-2021-42565.yaml 2021-10-27 20:10:59 +05:30
SaN ThosH bbe3e7b542
Create CVE-2021-42566.yaml 2021-10-27 20:08:59 +05:30
sandeep 2d19236680 misc update 2021-10-27 18:21:06 +05:30
sandeep 6490a968b3 Added GitLab CE/EE Unauthenticated RCE using ExifTool (CVE-2021-22205) 2021-10-27 18:01:04 +05:30
sandeep 2fa9791bdc misc update 2021-10-26 14:32:23 +05:30
sandeep 1986e1211d Adding condition between word matcher 2021-10-26 14:25:37 +05:30
Dwi Siswanto 9773130879 Remove blank lines 2021-10-26 15:31:41 +07:00
Dwi Siswanto bf7070dbc7 Add CVE-2021-42258 2021-10-26 15:26:22 +07:00
Prince Chaddha 1db2405c25
Create CVE-2021-36749.yaml 2021-10-25 17:30:48 +05:30
GitHub Action ed4d1afd12 Auto Generated CVE annotations [Fri Oct 22 09:40:47 UTC 2021] 🤖 2021-10-22 09:40:47 +00:00
Prince Chaddha b39200b8e4
Update CVE-2021-33044.yaml 2021-10-21 15:47:46 +05:30
Philippe Delteil 56b0f60d5a
Update CVE-2021-41773.yaml 
Fixes false positive due to IPS/ 

 'Request denied by WatchGuard Firewall.</p><p><b> Reason: </b> IPS detected for "WEB Apache HTTP Server Path traversal (CVE-2021-41773)"'
 2021-10-21 00:57:23 -03:00
GitHub Action f05e7364ca Auto Generated CVE annotations [Wed Oct 20 22:40:20 UTC 2021] 🤖 2021-10-20 22:40:20 +00:00
Prince Chaddha 10ebb22fb8
Merge pull request #2910 from gy741/rule-add-v65 
Create CVE-2021-20031.yaml
 2021-10-19 18:23:40 +05:30
Prince Chaddha 181dda73ec
Update CVE-2021-33044.yaml 2021-10-19 17:44:06 +05:30
GwanYeong Kim 02655a9f22 Create CVE-2021-33044.yaml 
The identity authentication bypass vulnerability found in some Dahua products during the login process. Attackers can bypass device identity authentication by constructing malicious data packets.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
 2021-10-19 12:50:07 +09:00
sandeep 3175b12b22 Additional matcher 2021-10-19 03:19:32 +05:30
sandeep 33badb66d1 oob tags update 2021-10-19 02:10:26 +05:30
Prince Chaddha 9e37e202bd
Update CVE-2021-20031.yaml 2021-10-18 20:55:47 +05:30
Prince Chaddha 6346c6e93a
Update CVE-2021-20031.yaml 2021-10-18 20:52:36 +05:30
GwanYeong Kim c7fc202ef1 Create CVE-2021-20031.yaml 
A Host Header Injection vulnerability may allow an attacker to spoof a particular Host header, allowing the attacker to render arbitrary links that point to a malicious website with poisoned Host header webpages. An issue was discovered in Sonicwall NAS, SonicWall Analyzer version 8.5.0 (may be affected on other versions too). The values of the 'Host' headers are implicitly set as trusted while this should be forbidden, leading to potential host header injection attack and also the affected hosts can be used for domain fronting. This means affected hosts can be used by attackers to hide behind during various other attack

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
 2021-10-18 08:24:29 +09:00
GitHub Action dc22f77a50 Auto Generated CVE annotations [Sun Oct 17 02:21:14 UTC 2021] 🤖 2021-10-17 02:21:14 +00:00
GitHub Action 1833c3de19 Auto Generated CVE annotations [Thu Oct 14 20:34:25 UTC 2021] 🤖 2021-10-14 20:34:25 +00:00
sandeep 1ef07b6ad9 Added CVE-2021-40438 2021-10-15 01:29:52 +05:30
sandeep 46fafc5a16 Merge branch 'master' of https://github.com/nrathaus/nuclei-templates into pr/2893 2021-10-14 20:11:47 +05:30
sandeep ac9cbb54b0 tags update 2021-10-14 20:10:59 +05:30
GitHub Action b025811dd2 Auto Generated CVE annotations [Thu Oct 14 14:40:51 UTC 2021] 🤖 2021-10-14 14:40:51 +00:00
sandeep 58ebf6b043 Merge branch 'master' of https://github.com/nrathaus/nuclei-templates into pr/2893 2021-10-14 20:09:00 +05:30
sandeep aad97c084c misc update 2021-10-14 20:08:44 +05:30
GitHub Action e8a32dbbf7 Auto Generated CVE annotations [Thu Oct 14 14:37:07 UTC 2021] 🤖 2021-10-14 14:37:07 +00:00
sandeep f9f4e3327e moving files around 2021-10-14 20:05:25 +05:30
Prince Chaddha 83dd71fe27
Merge pull request #2890 from pdelteil/patch-71 
Update CVE-2021-41773.yaml
 2021-10-14 16:25:15 +05:30
GitHub Action e1adf856e4 Auto Generated CVE annotations [Thu Oct 14 10:52:45 UTC 2021] 🤖 2021-10-14 10:52:45 +00:00
Philippe Delteil 742677870a
Update CVE-2021-41773.yaml 
shodan query added
 2021-10-14 03:52:10 -03:00
Prince Chaddha 1e4fae76a3
Update CVE-2021-40978.yaml 2021-10-14 09:23:48 +05:30
PikPikcU b22eb1ba01
Create CVE-2021-40978.yaml 2021-10-14 08:37:46 +07:00
GitHub Action 708adea285 Auto Generated CVE annotations [Wed Oct 13 08:57:56 UTC 2021] 🤖 2021-10-13 08:57:56 +00:00
sandeep 665e3f15e5 dynamic match 2021-10-10 18:27:15 +05:30
sandeep 9b1c57506b Updating CVE-2021-41773 / CVE-2021-42013 to include RCE check 2021-10-10 06:00:43 +05:30
GitHub Action 462a599f56 Auto Generated CVE annotations [Fri Oct 8 13:57:22 UTC 2021] 🤖 2021-10-08 13:57:22 +00:00
Sandeep Singh b58e2973ca
Merge pull request #2855 from geeknik/patch-34 
Create CVE-2021-39327.yaml
 2021-10-08 19:25:53 +05:30
sandeep 0e51fefd4b misc update 2021-10-08 19:23:59 +05:30
GitHub Action 87c57ed4ac Auto Generated CVE annotations [Fri Oct 8 13:40:21 UTC 2021] 🤖 2021-10-08 13:40:21 +00:00
Geeknik Labs 9e913ddb8e
Update CVE-2021-39327.yaml 2021-10-08 08:36:01 -05:00
Geeknik Labs cc38e20d14
Create CVE-2021-39327.yaml 2021-10-08 08:31:41 -05:00
sandeep b2fec03884 misc update 2021-10-08 02:42:44 +05:30
Naveen Sunkavally dce764380c yaml typo 2021-10-07 15:36:29 -04:00
Naveen Sunkavally 9384dd235e template for CVE-2021-42013.yaml 2021-10-07 14:17:29 -04:00
SaN ThosH a04df98f6f
Update CVE-2021-41878.yaml 2021-10-07 08:26:09 +05:30
Prince Chaddha 590e7d128b
Update CVE-2021-41878.yaml 2021-10-06 23:57:24 +05:30
Prince Chaddha f0c69c4d83
Update CVE-2021-41878.yaml 2021-10-06 23:56:54 +05:30
Prince Chaddha b204eedff5
Update CVE-2021-41467.yaml 2021-10-06 23:55:26 +05:30
SaN ThosH 7f9bb46eb8
Create CVE-2021-41878.yaml 2021-10-06 13:52:02 +05:30
SaN ThosH b38a29fcce
Create CVE-2021-41467.yaml 2021-10-06 12:41:01 +05:30
Prince Chaddha 796ccd1d9d
Update CVE-2021-41773.yaml 2021-10-05 20:36:02 +05:30
sandeep 311f1b006c more sources 2021-10-05 20:33:10 +05:30
sandeep 876a83371f misc update 2021-10-05 20:32:16 +05:30
Muhammad Daffa 47720d5da6
Create CVE-2021-41773.yaml 2021-10-05 21:49:36 +07:00
Prince Chaddha 223d49db9c
Merge pull request #2786 from geeknik/patch-29 
Create CVE-2021-41826.yaml
 2021-10-05 09:34:43 +05:30
meme-lord 98f51394a7
Update CVE-2021-38314.yaml 
Added my blog post on how to PoC it to the references
 2021-10-04 18:20:43 +01:00
Prince Chaddha ed07a99242
Update CVE-2021-41826.yaml 2021-10-04 22:20:00 +05:30
Prince Chaddha 5ede21e686
Merge pull request #2810 from gy741/rule-add-v64 
Create CVE-2021-1499.yaml
 2021-10-04 21:38:21 +05:30
Prince Chaddha 9c89100c2d
Update CVE-2021-1499.yaml 2021-10-04 21:36:06 +05:30
Prince Chaddha 5620395c94
Update CVE-2021-1499.yaml 2021-10-04 20:09:39 +05:30
Prince Chaddha 7182361020
Merge pull request #2814 from daffainfo/patch-234 
Create CVE-2021-41649.yaml
 2021-10-04 19:39:12 +05:30
Prince Chaddha c8f24c940c
Merge pull request #2813 from daffainfo/patch-233 
Create CVE-2021-41648.yaml
 2021-10-04 19:38:49 +05:30
Prince Chaddha 8492360296
Update CVE-2021-41648.yaml 2021-10-04 19:34:16 +05:30
Prince Chaddha 0f5d9ac24d
Update CVE-2021-41649.yaml 2021-10-04 19:32:07 +05:30
GitHub Action 937db784ee Auto Generated CVE annotations [Sun Oct 3 20:44:21 UTC 2021] 🤖 2021-10-03 20:44:21 +00:00
sandeep 6ab5ea4a63 Update CVE-2021-33357.yaml 2021-10-04 02:10:33 +05:30
sandeep 23c1cf45ce Added working payload 2021-10-04 02:07:21 +05:30
sandeep b2fa48e6a4 Update CVE-2021-33357.yaml 2021-10-03 22:41:42 +05:30
PikPikcU 90b924199d
Create CVE-2021-33357.yaml 2021-10-03 19:37:22 +07:00
Muhammad Daffa c64937c70e
Update and rename CVE-2021-41648.yaml to CVE-2021-41649.yaml 2021-10-03 17:46:22 +07:00
Muhammad Daffa c6fbeaebc5
Create CVE-2021-41648.yaml 2021-10-02 22:22:04 +07:00
Muhammad Daffa 670e3fe100
Create CVE-2021-41648.yaml 2021-10-02 22:16:40 +07:00
Sandeep Singh f033458524
misc update 2021-10-02 18:02:45 +05:30
GitHub Action ed2c42e833 Auto Generated CVE annotations [Sat Oct 2 12:30:44 UTC 2021] 🤖 2021-10-02 12:30:44 +00:00
GwanYeong Kim 1b3807a94d Create CVE-2021-1499.yaml 
A vulnerability in the web-based management interface of Cisco HyperFlex HX Data Platform could allow an unauthenticated, remote attacker to upload files to an affected device. This vulnerability is due to missing authentication for the upload function. An attacker could exploit this vulnerability by sending a specific HTTP request to an affected device. A successful exploit could allow the attacker to upload files to the affected device with the permissions of the tomcat8 user.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
 2021-10-02 16:33:51 +09:00
sandeep aec246bf5b Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates into CVE-2021-1497 2021-10-02 05:18:04 +05:30
Muhammad Daffa 3af984c55d
Create CVE-2021-40960.yaml 2021-10-01 21:52:29 +07:00
Geeknik Labs 5c802b1772
Create CVE-2021-41826.yaml 
Add CVE-2021-41826, PlaceOS 1.2109.1 - Open Redirection
 2021-09-30 12:19:17 -05:00
GitHub Action c139eab58f Auto Generated CVE annotations [Thu Sep 30 10:40:57 UTC 2021] 🤖 2021-09-30 10:40:57 +00:00
Prince Chaddha e432ffe3cf
Merge pull request #2772 from pikpikcu/patch-291 
Create CVE-2021-41381.yaml
 2021-09-30 16:09:11 +05:30
Prince Chaddha 1a4635eaff
Update CVE-2021-41381.yaml 2021-09-30 15:58:53 +05:30
GitHub Action 61e41f9997 Auto Generated CVE annotations [Thu Sep 30 10:24:26 UTC 2021] 🤖 2021-09-30 10:24:26 +00:00
Prince Chaddha 5a94410f04
Update CVE-2021-40870.yaml 2021-09-30 15:50:41 +05:30
PikPikcU 8060293ebe
Create CVE-2021-40870.yaml 2021-09-30 13:57:47 +07:00
PikPikcU 006d368aca
Create CVE-2021-41381.yaml 2021-09-30 13:30:48 +07:00
sullo a4563e5909 Add check for CVE-2021-1497 2021-09-29 17:49:02 -04:00
sullo 715c8de5c0 Changed CVE-2021-1497 to CVE-2021-1498 per original advisory. Added ref to original advisory. 2021-09-29 13:05:43 -04:00
Prince Chaddha aac4c689b5
Update CVE-2021-24276.yaml 2021-09-29 00:24:48 +05:30
Prince Chaddha 58e6ee07a9
Update CVE-2021-24275.yaml 2021-09-29 00:22:52 +05:30
Prince Chaddha c0912f3a08
Update CVE-2021-24226.yaml 2021-09-29 00:21:25 +05:30
Prince Chaddha b1d6874462
Update CVE-2021-24274.yaml 2021-09-29 00:20:48 +05:30
Prince Chaddha 23d3993c46
Update CVE-2021-24226.yaml 2021-09-29 00:18:37 +05:30
GitHub Action 53651864fc Auto Generated CVE annotations [Tue Sep 28 17:13:05 UTC 2021] 🤖 2021-09-28 17:13:05 +00:00
Dhiyaneshwaran b4ea85bcb7
Create CVE-2021-24274.yaml 2021-09-28 22:41:56 +05:30
Dhiyaneshwaran 48f33d66f4
Update CVE-2021-24276.yaml 2021-09-28 22:41:24 +05:30
GitHub Action 0b79b925c9 Auto Generated CVE annotations [Tue Sep 28 17:08:48 UTC 2021] 🤖 2021-09-28 17:08:48 +00:00
Dhiyaneshwaran a484d974a1
Create CVE-2021-24276.yaml 2021-09-28 22:37:40 +05:30
GitHub Action f122f2c7b3 Auto Generated CVE annotations [Tue Sep 28 17:04:46 UTC 2021] 🤖 2021-09-28 17:04:46 +00:00
Dhiyaneshwaran ed8bc69c87
Create CVE-2021-24275.yaml 2021-09-28 22:33:24 +05:30
GitHub Action 22cabd2ba8 Auto Generated CVE annotations [Tue Sep 28 16:57:55 UTC 2021] 🤖 2021-09-28 16:57:55 +00:00
Dhiyaneshwaran b91abeab09
Create CVE-2021-24226.yaml 2021-09-28 22:26:37 +05:30
Prince Chaddha e9e1492823
Merge pull request #2757 from daffainfo/patch-230 
Create CVE-2021-40868.yaml
 2021-09-28 15:47:34 +05:30
Prince Chaddha 436bcecfe9
Merge pull request #2755 from DhiyaneshGeek/master 
CVE-2021-39320
 2021-09-28 15:44:56 +05:30
GitHub Action 783be71a1c Auto Generated CVE annotations [Tue Sep 28 10:14:40 UTC 2021] 🤖 2021-09-28 10:14:40 +00:00
Prince Chaddha af85d5f6cc
Update CVE-2021-39320.yaml 2021-09-28 15:43:21 +05:30
Prince Chaddha 779302f717
Update CVE-2021-40868.yaml 2021-09-28 15:35:46 +05:30
GitHub Action 6a38e21a98 Auto Generated CVE annotations [Tue Sep 28 10:05:39 UTC 2021] 🤖 2021-09-28 10:05:39 +00:00
Geeknik Labs ca7a035303
Update CVE-2021-3654.yaml 
add reference
 2021-09-27 20:58:51 -05:00
Geeknik Labs 2b635a352e
Create CVE-2021-3654.yaml 2021-09-27 20:53:50 -05:00
Muhammad Daffa 3fd4dfacde
Create CVE-2021-40868.yaml 2021-09-28 07:42:28 +07:00
GitHub Action 6f3678a7e8 Auto Generated CVE annotations [Mon Sep 27 17:17:13 UTC 2021] 🤖 2021-09-27 17:17:13 +00:00
Dhiyaneshwaran f0dda40b1b
Create CVE-2021-39320.yaml 2021-09-27 22:45:53 +05:30
GitHub Action fb776417b5 Auto Generated CVE annotations [Mon Sep 27 10:27:40 UTC 2021] 🤖 2021-09-27 10:27:40 +00:00
Prince Chaddha 09a75b8d74
Update CVE-2021-3577.yaml 2021-09-25 11:28:27 +05:30
GwanYeong Kim 7d57a07d86 Create CVE-2021-3577.yaml 
Vulnerabilities in the interface of Motorola Baby Monitors could allow an unauthenticated, remote attacker to perform command injection attacks against an affected device.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
 2021-09-25 08:13:24 +09:00
Sandeep Singh 2c07be1945
Merge pull request #2737 from oscarintherocks/CVE-2021-40875 
Added CVE-2021-40875 Template
 2021-09-23 15:31:46 +05:30
sandeep 24376a47e7 Added shodan query 2021-09-23 15:30:58 +05:30
sandeep b39b785461 misc update 2021-09-23 15:29:04 +05:30
GitHub Action 49f53e2e56 Auto Generated CVE annotations [Thu Sep 23 06:09:32 UTC 2021] 🤖 2021-09-23 06:09:32 +00:00
Prince Chaddha e3dc2ef1ec
Update CVE-2021-39316.yaml 2021-09-23 10:58:40 +05:30
Muhammad Daffa 2df403879a
Create CVE-2021-39316.yaml 2021-09-23 07:07:52 +07:00
Óscar Marín ff844ba63c Added CVE-2021-40875 Template 2021-09-22 21:10:03 +02:00
sandeep f1b6b4dc9b improved matchers 2021-09-22 15:33:51 +05:30
PR3R00T 1bed5c9351
New VMWare Vcenter File upload check. 
https://kb.vmware.com/s/article/85717 - taking the attached python script as validation.
 2021-09-22 09:05:36 +01:00
sandeep ff1537d7da fixing tags typos 2021-09-21 15:43:08 +05:30
Sandeep Singh 39041648fb
Merge pull request #2718 from sullo/master 
Typos and incorrect matcher information
 2021-09-21 15:34:53 +05:30
GitHub Action 5219dd00b8 Auto Generated CVE annotations [Tue Sep 21 08:07:26 UTC 2021] 🤖 2021-09-21 08:07:26 +00:00
Sandeep Singh 7373045e14
Merge pull request #2691 from meme-lord/master 
Added CVE-2021-38314 ( Redux Framework )
 2021-09-21 13:35:30 +05:30
sandeep 27d8d4e4ec misc update 2021-09-21 13:33:21 +05:30
sullo b57620cce2 Typo and language corrections 2021-09-20 15:25:11 -04:00
Sandeep Singh 0f03f5ff55
Merge pull request #2692 from projectdiscovery/metadata-attribute-update 2021-09-18 18:19:07 +05:30
sandeep 320919c177 Merge branch 'master' of https://github.com/meme-lord/nuclei-templates into pr/2566 2021-09-17 18:47:28 +05:30
sandeep 8369de26de misc update 2021-09-17 18:38:19 +05:30
GitHub Action 1f833a4e27 Auto Generated CVE annotations [Fri Sep 17 12:44:33 UTC 2021] 🤖 2021-09-17 12:44:33 +00:00
Prince Chaddha 0d9d58a46b
Update CVE-2021-30049.yaml 2021-09-17 17:56:34 +05:30
Muhammad Daffa 2bed4d9a92
Update CVE-2021-30049.yaml 2021-09-17 18:57:55 +07:00
Muhammad Daffa ffafbe02f6
Create CVE-2021-30049.yaml 2021-09-17 18:55:39 +07:00
GitHub Action d877a465c7 Auto Generated CVE annotations [Fri Sep 17 09:53:01 UTC 2021] 🤖 2021-09-17 09:53:01 +00:00
Prince Chaddha e61dfc88ff
Merge pull request #2683 from daffainfo/patch-218 
Workreap WordPress theme - unauthenticated RCE
 2021-09-17 15:21:40 +05:30
Prince Chaddha 90e5aaf04a
Update CVE-2021-38314.yaml 2021-09-17 15:20:33 +05:30
sandeep 84c91cbfc3 misc update 2021-09-17 14:03:42 +05:30
Sandeep Singh fe1f734ceb
Merge pull request #2681 from daffainfo/patch-217 
OMIGOD - Open Management Infrastructure RCE
 2021-09-17 13:45:46 +05:30
sandeep 728e36a99d Update CVE-2021-38647.yaml 2021-09-17 13:42:40 +05:30
sandeep e26a1bb759 misc update 2021-09-17 13:42:22 +05:30
Muhammad Daffa b9cb5a8d72
Update CVE-2021-38647.yaml 2021-09-17 12:56:55 +07:00
Muhammad Daffa 6eed1c1f29
Update CVE-2021-38647.yaml 2021-09-17 05:49:53 +07:00
GitHub Action 0c18bafa42 Auto Generated CVE annotations [Thu Sep 16 17:31:46 UTC 2021] 🤖 2021-09-16 17:31:46 +00:00
Prince Chaddha a3a750bc56
Merge pull request #2670 from pikpikcu/patch-271 
Create CVE-2021-37833.yaml
 2021-09-16 23:00:32 +05:30
GitHub Action 9b31b06493 Auto Generated CVE annotations [Thu Sep 16 17:29:49 UTC 2021] 🤖 2021-09-16 17:29:49 +00:00
Prince Chaddha e442502fc5
Merge pull request #2672 from pikpikcu/patch-273 
Added Jannah WordPress theme POC
 2021-09-16 22:58:22 +05:30
Prince Chaddha 1ba6b92a13
Update CVE-2021-37833.yaml 2021-09-16 22:58:05 +05:30
Prince Chaddha 14dd731ba2
Update CVE-2021-24407.yaml 2021-09-16 22:51:39 +05:30
Prince Chaddha 684d541115
Update CVE-2021-24364.yaml 2021-09-16 22:51:27 +05:30
Prince Chaddha ac93a8acaf
Update CVE-2021-24407.yaml 2021-09-16 22:46:36 +05:30
Prince Chaddha d0df2974fd
Update CVE-2021-24499.yaml 2021-09-16 22:42:22 +05:30
GitHub Action c40be75a13 Auto Generated CVE annotations [Thu Sep 16 17:04:58 UTC 2021] 🤖 2021-09-16 17:04:58 +00:00
Prince Chaddha 03ec41a0f6
Merge pull request #2671 from pikpikcu/patch-272 
Create CVE-2021-35265.yaml
 2021-09-16 22:33:42 +05:30
Prince Chaddha d3c6985d3e
Update CVE-2021-35265.yaml 2021-09-16 22:31:41 +05:30
Sandeep Singh 77a468e9c7
Update and rename CVE-2021-38314.yml to CVE-2021-38314.yaml 2021-09-16 21:59:41 +05:30
Sandeep Singh 32d0a0d99d
Update CVE-2021-38314.yml 2021-09-16 21:56:49 +05:30
sandeep 676b51d20c Metadata attribute update 2021-09-16 21:24:33 +05:30
meme-lord ea4b5a5c81 Added Redux Framework 2021 CVE 2021-09-16 15:08:12 +01:00
GitHub Action 77c3dc36ac Auto Generated CVE annotations [Thu Sep 16 13:13:57 UTC 2021] 🤖 2021-09-16 13:13:57 +00:00
Prince Chaddha 55d676dc77
Update CVE-2021-40539.yaml 2021-09-16 18:18:51 +05:30
Muhammad Daffa da9e132232
Update CVE-2021-40539.yaml 2021-09-16 16:10:20 +07:00
Muhammad Daffa 3e2c882d84
Create CVE-2021-40539.yaml 2021-09-16 11:07:34 +07:00
Muhammad Daffa e0cacf21df
Create CVE-2021-24499.yaml 2021-09-16 08:07:40 +07:00
sandeep a7fbdb10ae misc update - WIP 2021-09-15 22:00:09 +05:30
Muhammad Daffa f168c83b44
Update CVE-2021-38647.yaml 2021-09-15 23:16:39 +07:00
Muhammad Daffa 03aa89e4de
Create CVE-2021-38647.yaml 2021-09-15 23:10:58 +07:00
GitHub Action 40b630e5cd Auto Generated CVE annotations [Wed Sep 15 10:50:34 UTC 2021] 🤖 2021-09-15 10:50:34 +00:00
Prince Chaddha d89b82f810
Update CVE-2021-24342.yaml 2021-09-15 14:35:51 +05:30
PikPikcU 88c319a148
Update CVE-2021-24342.yaml 2021-09-15 12:04:51 +07:00
PikPikcU 7a88129ee8
Update CVE-2021-24407.yaml 2021-09-15 12:03:37 +07:00
PikPikcU 9cf31a5078
Update CVE-2021-24364.yaml 2021-09-15 12:03:20 +07:00
PikPikcU 643623211c
Create CVE-2021-24342.yaml 2021-09-15 12:02:38 +07:00
PikPikcU 936ec94e23
Create CVE-2021-24407.yaml 2021-09-15 11:51:50 +07:00
PikPikcU 04ab1bb769
Create CVE-2021-24364.yaml 2021-09-15 11:45:52 +07:00
PikPikcU 3ca80153b3
Create CVE-2021-35265.yaml 2021-09-15 11:36:38 +07:00
PikPikcU fde477de48
Update CVE-2021-37833.yaml 2021-09-15 11:32:11 +07:00
PikPikcU 796093ae5d
Create CVE-2021-37833.yaml 2021-09-15 11:26:23 +07:00
GitHub Action d39ba8391e Auto Generated CVE annotations [Tue Sep 14 15:20:20 UTC 2021] 🤖 2021-09-14 15:20:20 +00:00
sandeep 6e5255514d misc update 2021-09-14 20:47:58 +05:30
sandeep 5b09b9ca11 misc update 2021-09-14 20:15:44 +05:30
Prince Chaddha ede2e49751
Update CVE-2021-21287.yaml 2021-09-14 16:52:28 +05:30
PikPikcU 4b1bca299d
Create CVE-2021-21287.yaml 2021-09-14 17:31:27 +07:00
sandeep acbb038e01 misc update 2021-09-14 01:22:44 +05:30
sandeep 162928ed27 Update CVE-2021-26295.yaml 2021-09-12 17:16:47 +05:30
sandeep 34bba4e794 misc update 2021-09-12 17:10:52 +05:30
Ice3man543 e9f728c321 Added cve annotations + severity adjustments 2021-09-10 16:56:40 +05:30
Sandeep Singh cf4ef2ac5a
Merge pull request #2622 from projectdiscovery/missing-tags 2021-09-10 12:32:47 +05:30
Philippe Delteil bcc55f6a3f
Update CVE-2021-26084.yaml 
Some targets worked without the ?SpaceKey=x
 2021-09-09 17:38:22 -03:00
sandeep bd24dc198e Coverage for all templates using tags 2021-09-09 19:08:13 +05:30
sandeep 609705f676 removed extra headers not required for template 2021-09-08 17:47:19 +05:30
Prince Chaddha c87a4b2022
Merge pull request #2594 from push4d/CVE-2021-20114 
Add files via upload
 2021-09-06 17:52:37 +05:30
Prince Chaddha 54e5eea581
Update CVE-2021-20114.yaml 2021-09-06 17:48:01 +05:30
Prince Chaddha e1ab21616f
Update CVE-2021-20114.yaml 2021-09-06 17:30:51 +05:30
Prince Chaddha 0f5c79bc6e
Merge pull request #2582 from daffainfo/patch-198 
Create CVE-2021-29625.yaml
 2021-09-06 16:56:43 +05:30
push4d 47a892d375
Add files via upload 2021-09-06 13:21:29 +02:00
Prince Chaddha 21a7fc63a5
Update CVE-2021-29625.yaml 2021-09-06 15:16:12 +05:30
sullo ef1f7c5e92 Updates across many templates for clarity, spelling, and grammar. 2021-09-05 17:13:45 -04:00
Muhammad Daffa 062487f9e8
Create CVE-2021-29625.yaml 2021-09-05 17:12:40 +07:00
Sandeep Singh f168615b37
Merge pull request #2554 from projectdiscovery/CVE-2021-22145 
Added CVE-2021-22145
 2021-09-03 14:47:13 +05:30
Sandeep Singh 6daa8a3d3e
Merge pull request #1883 from johnjhacking/patch-3 
Create Netmask SSRF Template
 2021-09-03 13:17:08 +05:30
sandeep eea43b6304 Update CVE-2021-28918.yaml 2021-09-03 13:14:24 +05:30
sandeep f81851b53b few fixes 2021-09-03 13:10:35 +05:30
Sandeep Singh c78d1bae92
Merge pull request #2555 from pdelteil/patch-46 
Update CVE-2021-26084.yaml
 2021-09-03 12:42:18 +05:30
sandeep 2d104a0053 Added multiple endpoint support 2021-09-03 12:40:20 +05:30
John Jackson 56af312e25
Added an additional check 
Hello, when you get the change, please check the changes. I removed some of the methods and cleaned it up + made a matcher for /etc/passwd. Thanks!
 2021-09-02 22:48:24 -06:00
Prince Chaddha c38cb4a7b2
Update and rename CVE-2021-34370.yaml to cves/2021/CVE-2021-34370.yaml 2021-09-03 09:16:36 +05:30
Sandeep Singh cdd022c29d
Merge pull request #2550 from projectdiscovery/adding-sfm 
Added stop-at-first-match in applicable templates
 2021-09-02 23:09:21 +05:30
Philippe Delteil fb0aabfe96
Update CVE-2021-26084.yaml 
Extra paths were I did found vulnerable assets
 2021-09-02 13:35:07 -04:00
sandeep c2048eb6b5 Added CVE-2021-22145 
Co-Authored-By: Dhiyaneshwaran <leedhiyanesh@gmail.com>
 2021-09-02 22:07:29 +05:30
sandeep c266084621 Added stop-at-first-match in applicable templates 2021-09-02 17:29:10 +05:30
Prince Chaddha 0832288afb
Merge pull request #2536 from projectdiscovery/CVE-2021-31856 
Create CVE-2021-31856.yaml
 2021-09-02 17:03:42 +05:30
Sandeep Singh 71531d8467
Merge pull request #2444 from pikpikcu/patch-257 
Added CVE-2021-32819
 2021-09-02 00:35:45 +05:30
sandeep 6c1dc4de74 avoiding lint warnings 2021-09-02 00:28:41 +05:30
sandeep 38b456eb34 safe payload + reference 2021-09-02 00:04:06 +05:30
Prince Chaddha ff05dfd60b
Create CVE-2021-31856.yaml 2021-09-01 17:45:54 +05:30
sandeep 8d5172ed62 Removed unused headers 
Co-Authored-By: Dhiyaneshwaran <leedhiyanesh@gmail.com>
 2021-09-01 02:11:40 +05:30
sandeep f1f5add797 Added CVE-2021-26084 
Co-Authored-By: Dhiyaneshwaran <leedhiyanesh@gmail.com>
 2021-09-01 02:10:27 +05:30
Prince Chaddha eb820fe1f2
Update CVE-2021-24288.yaml 2021-08-31 11:07:38 +05:30
Prince Chaddha 886c06b53e
Rename CVE-2021-24288.yaml to cves/2021/CVE-2021-24288.yaml 2021-08-31 10:57:44 +05:30
Noam Rathaus 0e9ce643db Updated 2021-08-30 12:51:47 +03:00
sandeep ac68ef0e9a misc updates 2021-08-29 14:44:12 +05:30
Noam Rathaus 5f446d4553 Updated description 2021-08-29 09:47:35 +03:00
Noam Rathaus 5526895971 Fix description 2021-08-29 09:45:32 +03:00
Noam Rathaus f6e9fea5c4 Update the description 2021-08-29 09:43:37 +03:00
forgedhallpass a4250b8f2f Merge remote-tracking branch 'origin' into dynamic_attributes 2021-08-26 15:04:14 +03:00
sandeep 7a2138a8c8 few updates 2021-08-26 15:27:01 +05:30
sandeep 9ada252cdb misc update 2021-08-26 15:25:05 +05:30
Bùi Đại Gia 7a468632dc
Create CVE-2021-26086.yaml 2021-08-26 10:45:56 +07:00
sandeep 05305904ef more strict matchers 2021-08-26 02:43:53 +05:30
forgedhallpass 110f9c9ddd Merge remote-tracking branch 'origin' into dynamic_attributes 2021-08-24 20:38:11 +03:00
Sandeep Singh 9e4b63b669
Merge pull request #2475 from pajoda/CVE-2021-37538 
Create CVE-2021-37538.yaml
 2021-08-24 18:35:53 +05:30
sandeep 5410d9ab85 minor update 2021-08-24 18:35:13 +05:30
Prince Chaddha 8361cbe8c3
Update CVE-2021-21234.yaml 2021-08-24 15:19:47 +05:30
Prince Chaddha bdd2f700be
Update CVE-2021-21234.yaml 2021-08-24 14:16:14 +05:30
PikPikcU 63e208e3d7
Update CVE-2021-21234.yaml 2021-08-24 14:47:25 +07:00
pajoda 11b6899c9e
Create CVE-2021-37538.yaml 2021-08-24 01:42:35 +00:00
sandeep 91a429c5d1 minor update 2021-08-21 01:12:52 +05:30
PikPikcU 611d5f76dd
Create CVE-2021-32819.yaml 2021-08-20 20:19:00 +07:00
forgedhallpass dc4cc62629 Merge remote-tracking branch 'origin/master' into dynamic_attributes 2021-08-20 15:35:17 +03:00
sandeep 3f803deb28 more updates 2021-08-20 02:14:42 +05:30
forgedhallpass 77103bc629 Satisfying the linter (all errors and warnings) 
* whitespace modifications only
 2021-08-19 17:44:46 +03:00
Sandeep Singh 2510c01fac
Merge pull request #2419 from dwisiswant0/add/CVE-2021-38751 
Add CVE-2021-38751
 2021-08-19 20:09:48 +05:30
forgedhallpass 97d4f8705b Fixed mistakes/typos 
Related nuclei tickets:
* #259 - dynamic key-value field support for template information
* #940 - new infos in template
* #834
* RES-84
 2021-08-19 16:59:55 +03:00
forgedhallpass f55d6b75e1 Removed pipe (|) character from references, because the structure requires it to be a string slice, not a string 
Related nuclei tickets:
* #259 - dynamic key-value field support for template information
* #940 - new infos in template
* #834
* RES-84
 2021-08-19 16:59:12 +03:00
forgedhallpass 7b29be739e Merge branch 'master' into dynamic_attributes 2021-08-19 16:23:26 +03:00
forgedhallpass ffaff64565 Changes fixes/around dynamic attributes ("additional-fields") 
Related nuclei tickets:
* #259 - dynamic key-value field support for template information
* #940 - new infos in template
* #834
* RES-84
 2021-08-19 16:17:27 +03:00
forgedhallpass 0b432b341b Added comments with URLs under the "references" field 
Related nuclei tickets:
* #259 - dynamic key-value field support for template information
* #940 - new infos in template
* #834
* RES-84
 2021-08-19 16:15:35 +03:00
Dwi Siswanto 33ec4eddbf Update regEx matcher 2021-08-19 06:39:09 +07:00
Dwi Siswanto 09cf9f35eb Update matcher using regex instead 2021-08-18 20:54:49 +07:00
forgedhallpass cdf9451158 Removed pipe (|) character from references, because the structure requires it to be a string slice, not a string 
Related nuclei tickets:
* #259 - dynamic key-value field support for template information
* #940 - new infos in template
* #834
* RES-84
 2021-08-18 14:44:27 +03:00
forgedhallpass 4c920b2552 Rename "references" to "reference" to match the expected template info structure 
Related nuclei tickets:
* #259 - dynamic key-value field support for template information
* #940 - new infos in template
* #834
* RES-84
 2021-08-18 14:29:20 +03:00
Prince Chaddha f021817d65
Update CVE-2021-38702.yaml 2021-08-17 22:06:37 +05:30
Geeknik Labs 888c9a4573
Create CVE-2021-38702.yaml 2021-08-17 08:11:02 -05:00
Prince Chaddha 7bb40042a3
Update CVE-2021-38751.yaml 2021-08-17 17:13:45 +05:30
Prince Chaddha ec9b83bd1f
Update CVE-2021-38751.yaml 2021-08-17 17:12:51 +05:30