daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
13,252 Commits
17 Branches
0 Tags
165 MiB
Commit Graph

424 Commits (650397142e633a9608b2fdb8763cc6522b332a9a)

Author SHA1 Message Date
alph4byt3 f82f4d1a0b
Create flow-flow-social-stream-xss.yaml 2021-11-26 06:55:21 +02:00
Prince Chaddha 0d2a2f4e15
Merge pull request #3188 from pussycat0x/master 
WordPress Themes Haberadam IDOR and Full Path Disclosure via JSON API
 2021-11-24 12:14:54 +04:00
Prince Chaddha 85d79fd597
Update and rename wp-haberadam-theme-idor.yaml to wp-haberadam-idor.yaml 2021-11-24 12:09:22 +04:00
pussycat0x b7701dc7b3
Update wp-haberadam-theme-idor.yaml 2021-11-23 19:53:36 +05:30
pussycat0x e7bc254415
Update wp-haberadam-theme-idor.yaml 2021-11-23 19:50:27 +05:30
pussycat0x b3ceaffb9f
Add files via upload 2021-11-23 19:46:33 +05:30
Prince Chaddha 42a9f46f94
Merge pull request #3176 from pussycat0x/master 
Wordpress Revslider - Unauthenticated Arbitrary File Download
 2021-11-23 09:40:48 +05:30
Prince Chaddha 2407b57779
Update wp-revslider-file-download.yaml 2021-11-23 08:09:29 +04:00
sandeep fdb0cc0277 lint fix + moving template to wp folder 2021-11-22 22:55:00 +05:30
Sandeep Singh 6eea2f5ec3
Merge pull request #3170 from pussycat0x/master 
new templates
 2021-11-21 14:44:52 +05:30
sandeep bb5dcd79ac moved templates to correct directory/location 2021-11-21 14:40:48 +05:30
sandeep fbf50f1109 format fixing 2021-11-15 21:00:17 +05:30
Prince Chaddha b66427b7c1
Update and rename wp-plugin-ad-widget-lfi.yaml to vulnerabilities/wordpress/ad-widget-lfi.yaml 2021-11-06 00:06:13 +05:30
sandeep 915bb09a82 updating file name 2021-11-04 15:43:49 +05:30
Prince Chaddha c4b7bb3bd2
Merge pull request #3032 from r3dg33k/wordpress-rdf-user-enum 
wordpress-rdf-user-enum
 2021-11-01 15:43:00 +05:30
Prince Chaddha 7b20a25fc6
Update and rename wordpress-rdf-user-enum.yaml to rdf-user-enumeration.yaml 2021-11-01 15:37:58 +05:30
Prince Chaddha a862dc3a6f
Update wordpress-rdf-user-enum.yaml 2021-11-01 15:33:06 +05:30
Prince Chaddha ff5b68a343
Update wordpress-rdf-user-enum.yaml 2021-11-01 15:30:54 +05:30
Prince Chaddha 3decaed012
Merge pull request #3036 from Akokonunes/patch-64 
Create wp-theme-diarise-lfi.yaml
 2021-11-01 14:54:58 +05:30
Prince Chaddha 756ed2c443
Update and rename wp-theme-diarise-lfi.yaml to vulnerabilities/wordpress/diarise-theme-lfi.yaml 2021-11-01 14:37:16 +05:30
Noam Rathaus d277d83c8e Add description 2021-10-31 15:58:17 +02:00
r3dg33k 2925226122
Update wordpress-rdf-user-enum.yaml 2021-10-30 13:58:24 +03:00
r3dg33k f3a44a7f50
Update wordpress-rdf-user-enum.yaml 2021-10-30 13:57:53 +03:00
r3dg33k f75fcde7a9
Update wordpress-rdf-user-enum.yaml 2021-10-30 13:56:04 +03:00
r3dg33k 2d50cb52c6
Add files via upload 2021-10-30 13:46:56 +03:00
Prince Chaddha ac70e14788
Merge pull request #2995 from Akokonunes/patch-63 
Create wp-tinymce-thumbnail-plugin-lfi.yaml
 2021-10-27 00:13:01 +05:30
Prince Chaddha b928d9a269
Update and rename wp-tinymce-thumbnail-plugin-lfi.yaml to wp-tinymce-lfi.yaml 2021-10-27 00:11:48 +05:30
Prince Chaddha 7abaf59c18
Merge pull request #2993 from Akokonunes/patch-61 
Create wp-javospot-premium-theme-lfi.yaml
 2021-10-27 00:02:00 +05:30
Prince Chaddha ab633f8675
Update and rename wp-javospot-premium-theme-lfi.yaml to vulnerabilities/wordpress/wp-javospot-lfi.yaml 2021-10-26 23:55:34 +05:30
Noam Rathaus 058d859cd8 Add description 2021-10-26 12:45:23 +03:00
sandeep 423584f1b7 moving files around 2021-10-26 15:08:26 +05:30
Noam Rathaus fb81f4ca36 Better description 2021-10-26 12:35:56 +03:00
Noam Rathaus c9e9c04f37 Add description 2021-10-25 12:54:00 +03:00
Noam Rathaus 6a6ba60aad Description 2021-10-25 12:53:22 +03:00
Noam Rathaus a96bfc3992 Add description 2021-10-25 12:52:58 +03:00
Noam Rathaus 2bffa26635 Advisory description 2021-10-25 10:09:13 +03:00
Noam Rathaus 66a811c3c2 Better description 2021-10-25 10:06:50 +03:00
Prince Chaddha 9ab9cd2a25
Merge pull request #2953 from Akokonunes/patch-59 
Create aspose-importer-exporter-file-download.yaml
 2021-10-22 22:03:37 +05:30
Prince Chaddha 82ca4a8c43
Update and rename aspose-file-download.yaml to aspose-ie-file-download.yaml 2021-10-22 15:59:44 +05:30
Prince Chaddha 5118c00e24
Update aspose-pdf-file-download.yaml 2021-10-22 15:58:02 +05:30
Prince Chaddha aa77769481
Rename aspose-pdf-file-download.yaml to vulnerabilities/wordpress/aspose-pdf-file-download.yaml 2021-10-22 15:49:18 +05:30
Noam Rathaus 0cb293abca Add description 2021-10-21 14:25:28 +03:00
sandeep 33badb66d1 oob tags update 2021-10-19 02:10:26 +05:30
Prince Chaddha 48588a6b81
Merge pull request #2887 from Akokonunes/patch-56 
Create aspose-words-exporter-file-download.yaml
 2021-10-17 17:04:08 +05:30
Prince Chaddha ef16ad713b
Update and rename wp-aspose-cloud-ebook-plugin-file-download.yaml to vulnerabilities/wordpress/aspose-file-download.yaml 2021-10-17 07:49:46 +05:30
Noam Rathaus d1105f1d79 Add description 2021-10-14 15:35:52 +03:00
Noam Rathaus e599ba1261 Add description 2021-10-14 15:35:47 +03:00
Noam Rathaus 4275cce69a Add description 2021-10-14 15:35:42 +03:00
Noam Rathaus 5453f2ccdb Add description 2021-10-14 15:35:37 +03:00
Prince Chaddha 02d0071660
Update and rename aspose-words-exporter-file-download.yaml to vulnerabilities/wordpress/aspose-words-file-download.yaml 2021-10-14 16:33:38 +05:30
Prince Chaddha 4ce3559d58
Update and rename wp-cherry-plugin-file-download.yaml to vulnerabilities/wordpress/cherry-file-download.yaml 2021-10-14 16:29:47 +05:30
Prince Chaddha da08f02913
Update and rename advanced-access-manager-plugin-lfi.yaml to vulnerabilities/wordpress/advanced-access-manager-lfi.yaml 2021-10-11 16:52:28 +05:30
sandeep ecca8374fc moving file around 2021-10-08 19:19:29 +05:30
Prince Chaddha 3ce3718a5e
Merge pull request #2835 from Akokonunes/patch-49 
Create ultimatemember-plugin-open-redirect.yaml
 2021-10-06 11:04:54 +05:30
Prince Chaddha 183af8b95b
Update and rename ultimatemember-plugin-open-redirect.yaml to vulnerabilities/wordpress/ultimatemember-open-redirect.yaml 2021-10-06 10:59:48 +05:30
Prince Chaddha f1130595ce
Update and rename wptouch-plugin-open-redirect.yaml to vulnerabilities/wordpress/wptouch-open-redirect.yaml 2021-10-06 10:46:16 +05:30
Prince Chaddha 5b5e764b48
Merge pull request #2787 from mr-rizwan-syed/master 
wp-config-file and aws-s3-access-key-leak
 2021-10-05 18:25:04 +05:30
Prince Chaddha 6e7b91f6dc
Update wordpress-accessible-wpconfig.yaml 2021-10-05 18:02:50 +05:30
Philippe Delteil e3947fbfeb
Update wp-plugin-1-flashgallery-listing.yaml 2021-10-02 03:29:17 -03:00
Prince Chaddha d7e6cb313e
Update wp-woocommerce-email-verification.yaml 2021-10-01 16:31:50 +05:30
Philippe Delteil 145f1a643d
Update and rename wordpress-emails-verification-for-woocommerce.yaml to wp-woocommerce-email-verification.yaml 
- name changed to match template id. 
- added  stop-at-first-match condition.
 2021-09-30 22:49:21 -03:00
Rizwan Syed 4065f6a493
Update wordpress-accessible-wpconfig.yaml 2021-09-30 23:15:18 +05:30
Prince Chaddha 5c80f9dc4c
Update and rename wp-church-admin-lfi.yaml to vulnerabilities/wordpress/church-admin-lfi.yaml 2021-09-28 15:38:03 +05:30
Prince Chaddha 93b6f3a799
Merge pull request #2743 from Akokonunes/patch-43 
Create wp-brandfolder-plugin-open-redirect.yaml
 2021-09-25 00:55:20 +05:30
Prince Chaddha d0ee5cbe02
Merge pull request #2744 from Akokonunes/patch-44 
Create wp-brandfolder-plugin-lfi.yaml
 2021-09-25 00:54:30 +05:30
Prince Chaddha f70cc70c26
Update and rename wp-brandfolder-plugin-open-redirect.yaml to vulnerabilities/wordpress/brandfolder-open-redirect.yaml 2021-09-25 00:54:03 +05:30
Prince Chaddha 624c722c5a
Update and rename wp-brandfolder-plugin-lfi.yaml to vulnerabilities/wordpress/brandfolder-lfi.yaml 2021-09-25 00:51:56 +05:30
Prince Chaddha e832a50401
Update issuu-panel-lfi.yaml 2021-09-25 00:49:53 +05:30
Prince Chaddha f35db18633
Update and rename wp-plugin-issuu-panel-lfi.yaml to vulnerabilities/wordpress/issuu-panel-lfi.yaml 2021-09-25 00:47:37 +05:30
sandeep a898a6c3a6 Update wp-woocommerce-file-download.yaml 2021-09-22 18:19:25 +05:30
sandeep dfa85833e2 misc update 2021-09-22 18:18:21 +05:30
Sandeep Singh a5982b8f32
Merge pull request #2721 from nerrorsec/patch-1 
Added a path
 2021-09-21 15:32:42 +05:30
Prince Chaddha ff4811e085
Create wordpress-git-config.yaml 2021-09-21 15:21:16 +05:30
sandeep 10a6436f6f Added Wordpress XMLRPC Pingback detection 2021-09-21 15:18:49 +05:30
Prince Chaddha 6564d0fca4
Merge pull request #2708 from pussycat0x/master 
New templates
 2021-09-20 14:18:41 +05:30
Prince Chaddha e183b518db
Update wp-altair-listing.yaml 2021-09-18 14:11:17 +05:30
Prince Chaddha d0c5083632
Update wp-altair-listing.yaml 2021-09-18 14:09:59 +05:30
Prince Chaddha 0523d46ed2 Revert "Delete wp-altair-listing.yaml" 
This reverts commit 05dd3affce.
 2021-09-18 13:54:03 +05:30
Prince Chaddha 05dd3affce
Delete wp-altair-listing.yaml 2021-09-18 13:51:28 +05:30
Prince Chaddha 893f8d3bc6
Update wp-altair-listing.yaml 2021-09-18 12:01:47 +05:30
pussycat0x 10b3bc327d
Add files via upload 2021-09-18 10:37:16 +05:30
Prince Chaddha b00b70c150
Merge pull request #2697 from Akokonunes/patch-39 
Create attitude-wp-theme-open-redirect.yaml
 2021-09-17 15:12:21 +05:30
Prince Chaddha 5cac00bada
Merge pull request #2698 from Akokonunes/patch-40 
Create eatery-restaurant-wp-theme-open-redirect.yaml
 2021-09-17 15:12:09 +05:30
Prince Chaddha a40530d9d4
Update and rename eatery-restaurant-wp-theme-open-redirect.yaml to vulnerabilities/wordpress/eatery-restaurant-open-redirect.yaml 2021-09-17 15:10:30 +05:30
Prince Chaddha 69e546ea4d
Update attitude-theme-open-redirect.yaml 2021-09-17 15:10:23 +05:30
Prince Chaddha c5ccf9d991
Update and rename attitude-wp-theme-open-redirect.yaml to vulnerabilities/wordpress/attitude-theme-open-redirect.yaml 2021-09-17 15:08:59 +05:30
Prince Chaddha 2e8329b645
Update and rename weekender-newspaper-wp-theme-open-redirect.yaml to vulnerabilities/wordpress/weekender-newspaper-open-redirect.yaml 2021-09-17 15:06:13 +05:30
sandeep 34bba4e794 misc update 2021-09-12 17:10:52 +05:30
Noam Rathaus 46b16bcfa2 Incomplete title 2021-09-12 14:16:01 +03:00
Noam Rathaus 59525a5846 Working reference 2021-09-12 13:02:41 +03:00
Noam Rathaus e602575ae0 Working reference 2021-09-12 12:58:48 +03:00
Noam Rathaus fb2f89bc86 References 2021-09-12 12:58:43 +03:00
Noam Rathaus 624162cca7 Working reference 2021-09-12 12:50:53 +03:00
Philippe Delteil c41f64987b
Update wordpress-db-repair.yaml 
Solves this false positive (different encoding) 

nuclei -debug -t   nuclei-templates/vulnerabilities/wordpress/wordpress-db-repair.yaml -u https://try.walmart.com

<p><code>define(&#39;WP_ALLOW_REPAIR&#39;, true);
 2021-09-10 17:18:15 -03:00
Prince Chaddha 576499034d
Update wordpress-rce-simplefilelist.yaml 2021-09-09 12:09:13 +05:30
sandeep 609705f676 removed extra headers not required for template 2021-09-08 17:47:19 +05:30
sandeep c266084621 Added stop-at-first-match in applicable templates 2021-09-02 17:29:10 +05:30
forgedhallpass a4250b8f2f Merge remote-tracking branch 'origin' into dynamic_attributes 2021-08-26 15:04:14 +03:00
sandeep 05305904ef more strict matchers 2021-08-26 02:43:53 +05:30
forgedhallpass 110f9c9ddd Merge remote-tracking branch 'origin' into dynamic_attributes 2021-08-24 20:38:11 +03:00
Sandeep Singh ee37e34f54
Update wp-woocommerce-pdf-invoice-listing.yaml 2021-08-24 17:48:31 +05:30
forgedhallpass 296edfc37b Merge remote-tracking branch 'origin' into dynamic_attributes 2021-08-23 14:40:33 +03:00
sandeep 62530eafc2 Update wp-slideshow-xss.yaml 2021-08-23 15:15:26 +05:30
forgedhallpass 77103bc629 Satisfying the linter (all errors and warnings) 
* whitespace modifications only
 2021-08-19 17:44:46 +03:00
forgedhallpass 97d4f8705b Fixed mistakes/typos 
Related nuclei tickets:
* #259 - dynamic key-value field support for template information
* #940 - new infos in template
* #834
* RES-84
 2021-08-19 16:59:55 +03:00
forgedhallpass f55d6b75e1 Removed pipe (|) character from references, because the structure requires it to be a string slice, not a string 
Related nuclei tickets:
* #259 - dynamic key-value field support for template information
* #940 - new infos in template
* #834
* RES-84
 2021-08-19 16:59:12 +03:00
forgedhallpass 7b29be739e Merge branch 'master' into dynamic_attributes 2021-08-19 16:23:26 +03:00
forgedhallpass 0b432b341b Added comments with URLs under the "references" field 
Related nuclei tickets:
* #259 - dynamic key-value field support for template information
* #940 - new infos in template
* #834
* RES-84
 2021-08-19 16:15:35 +03:00
forgedhallpass cdf9451158 Removed pipe (|) character from references, because the structure requires it to be a string slice, not a string 
Related nuclei tickets:
* #259 - dynamic key-value field support for template information
* #940 - new infos in template
* #834
* RES-84
 2021-08-18 14:44:27 +03:00
forgedhallpass 4c920b2552 Rename "references" to "reference" to match the expected template info structure 
Related nuclei tickets:
* #259 - dynamic key-value field support for template information
* #940 - new infos in template
* #834
* RES-84
 2021-08-18 14:29:20 +03:00
sandeep 3ac7a756fc Added woocommerce-pdf-invoice-listing 2021-08-16 15:37:07 +05:30
Sandeep Singh 3918071875
Merge pull request #2348 from Akokonunes/patch-25 
Create grimag-open-redirect.yaml
 2021-08-08 12:38:24 +05:30
sandeep d7b8760231 minor update 2021-08-08 12:29:11 +05:30
sandeep 4c057dcb1e minor update 2021-08-08 12:26:34 +05:30
Sandeep Singh 918a6deead
Merge pull request #2265 from pussycat0x/master 
zabbix-dashboards-access
 2021-07-30 02:37:02 +05:30
sandeep 0d7dfa1713 Update wp-upload-data.yaml 2021-07-30 02:36:18 +05:30
Prince Chaddha 576b42b412
Update wp-upload-data.yaml 2021-07-29 00:09:11 +05:30
pussycat0x 7038617c86
Add files via upload 2021-07-28 23:56:51 +05:30
sandeep 6ccc5f8792 matcher update to handle edge cases 2021-07-25 03:05:55 +05:30
Sandeep Singh 59f90ffffa
Merge pull request #2150 from pussycat0x/master 
New templates added
 2021-07-24 00:09:43 +05:30
sandeep 79e15e7123 Update wordpress-wpcourses-info-disclosure.yaml 2021-07-24 00:07:50 +05:30
sandeep 43dccef185 generic improvements 2021-07-24 00:06:13 +05:30
sandeep 97aa239d52 Merge branch 'master' of https://github.com/pussycat0x/nuclei-templates into pr/2037 2021-07-24 00:00:55 +05:30
sandeep 3960d1f295 strict matchers 2021-07-23 23:59:54 +05:30
Sandeep Singh 38c2b6d4a9
Update vulnerabilities/wordpress/wp-idx-broker-platinum-listing.yaml 
Co-authored-by: Toufik Airane <toufik.airane@appsectribe.com>
 2021-07-23 23:49:58 +05:30
Sandeep Singh bdfee95603
Update vulnerabilities/wordpress/wp-idx-broker-platinum-listing.yaml 
Co-authored-by: Toufik Airane <toufik.airane@appsectribe.com>
 2021-07-23 23:49:33 +05:30
Sandeep Singh 6ebd1a36e0
Update vulnerabilities/wordpress/wp-email-subscribers-listing.yaml 
Co-authored-by: Toufik Airane <toufik.airane@appsectribe.com>
 2021-07-23 23:49:28 +05:30
Sandeep Singh edc62d15a4
Update vulnerabilities/wordpress/wp-email-subscribers-listing.yaml 
Co-authored-by: Toufik Airane <toufik.airane@appsectribe.com>
 2021-07-23 23:49:20 +05:30
Sandeep Singh 5170f4962b
Update vulnerabilities/wordpress/wp-arforms-listing.yaml 
Co-authored-by: Toufik Airane <toufik.airane@appsectribe.com>
 2021-07-23 23:49:14 +05:30
Sandeep Singh 1feaaded28
Update vulnerabilities/wordpress/wp-idx-broker-platinum-listing.yaml 
Co-authored-by: Toufik Airane <toufik.airane@appsectribe.com>
 2021-07-23 23:41:26 +05:30
Sandeep Singh 750a86c500
Update vulnerabilities/wordpress/wp-iwp-client-listing.yaml 
Co-authored-by: Toufik Airane <toufik.airane@appsectribe.com>
 2021-07-23 23:41:14 +05:30
Sandeep Singh 04b71d9335
Update vulnerabilities/wordpress/wp-iwp-client-listing.yaml 
Co-authored-by: Toufik Airane <toufik.airane@appsectribe.com>
 2021-07-23 23:41:06 +05:30
Sandeep Singh b82ac4b3fc
Update vulnerabilities/wordpress/wp-iwp-client-listing.yaml 
Co-authored-by: Toufik Airane <toufik.airane@appsectribe.com>
 2021-07-23 23:40:56 +05:30
sandeep 28d7d26953 Update wp-sfwd-lms-listing.yaml 2021-07-23 23:39:46 +05:30
pussycat0x d3ff29daaa
Update vulnerabilities/wordpress/wp-arforms-listing.yaml 
Co-authored-by: Toufik Airane <toufik.airane@appsectribe.com>
 2021-07-23 00:32:13 +05:30
pussycat0x 6987e1ffee
Update vulnerabilities/wordpress/wp-arforms-listing.yaml 
Co-authored-by: Toufik Airane <toufik.airane@appsectribe.com>
 2021-07-23 00:32:05 +05:30
pussycat0x eac08288e8
Update vulnerabilities/wordpress/wp-sfwd-lms-listing.yaml 
Co-authored-by: Toufik Airane <toufik.airane@appsectribe.com>
 2021-07-23 00:31:33 +05:30
pussycat0x 05846a34c7
Update vulnerabilities/wordpress/wp-sfwd-lms-listing.yaml 
Co-authored-by: Toufik Airane <toufik.airane@appsectribe.com>
 2021-07-23 00:31:13 +05:30
pussycat0x a81e3b53cb
Add files via upload 2021-07-22 19:42:25 +05:30
Prince Chaddha 5455222476
Merge pull request #2140 from pussycat0x/master 
New templates added
 2021-07-22 17:53:25 +05:30
Prince Chaddha c17763ac20
Update and rename wp-plugineasy-media-gallery-pro-listing.yaml to easy-media-gallery-pro-listing.yaml 2021-07-22 17:45:43 +05:30
pussycat0x f00f5eeaa9
Add files via upload 2021-07-22 08:04:21 +05:30
Muhammad Daffa 21809132da
Renamed to CVE-2021-24340.yaml 2021-07-20 13:36:04 +07:00
sandeep 13e5528c46 duplicate update 2021-07-20 11:40:23 +05:30
Muhammad Daffa d27fb4c3b0
Renamed CVE-2020-8771.yaml 2021-07-20 12:49:16 +07:00
sandeep 4dbf36813d removing duplicate template 2021-07-20 00:43:39 +05:30
Sandeep Singh 6eee57115c
Merge pull request #2083 from projectdiscovery/fixing-xss-matchers 
fixing-xss-matchers
 2021-07-20 00:28:01 +05:30
Muhammad Daffa 68efee3702
Merge branch 'projectdiscovery:master' into master 2021-07-19 19:48:57 +07:00
Muhammad Daffa 7a99c2db48
Rename to CVE-2018-16283 2021-07-19 19:47:31 +07:00
sandeep 96d7a23ccd removed duplicate 2021-07-19 18:15:42 +05:30