Commit Graph

817 Commits (673f7a1701b6eee36868b78844729d23d12bd102)

Author SHA1 Message Date
MostInterestingBotInTheWorld a330bb78bb
Merge branch 'master' into dashboard 2022-02-28 17:21:32 -05:00
Prince Chaddha 44a9163e54
Update microweber-xss.yaml 2022-03-01 02:47:11 +05:30
MostInterestingBotInTheWorld 420a995b14 Enhancement: vulnerabilities/other/unauth-spark-api.yaml by cs 2022-02-28 14:17:05 -05:00
GwanYeong Kim 1368ea9fe7 Create microweber-xss.yaml
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2022-02-28 16:17:51 +09:00
sandeep c07bd54967 payload fix 2022-02-25 17:28:47 +05:30
Prince Chaddha 402cda8a0a
Merge pull request #3747 from Akokonunes/patch-120
Create otobo-open-redirect.yaml
2022-02-23 17:35:55 +05:30
Prince Chaddha b86641d6df
Update and rename otobo-open-redirect.yaml to vulnerabilities/other/otobo-open-redirect.yaml 2022-02-23 17:07:41 +05:30
Prince Chaddha d5b600a2a1
Merge pull request #3727 from evanRubinsteinIT/pollbot-redirect
Added pollbot-redirect
2022-02-22 13:56:25 +05:30
Prince Chaddha 4731194ac2
Update pollbot-redirect.yaml 2022-02-22 12:01:20 +05:30
Prince Chaddha 2fb5401ddb
Update pollbot-redirect.yaml 2022-02-22 11:48:32 +05:30
Prince Chaddha 0672c4dc7d
Update goip-1-lfi.yaml 2022-02-22 11:38:07 +05:30
Evan Rubinstein 21a267d106
Updated Template 2022-02-18 10:48:34 -05:00
Evan Rubinstein a536bb5087
Added pollbot-redirect 2022-02-18 10:39:04 -05:00
GwanYeong Kim a2cec40a5d Create goip-1-lfi.yaml
Input passed thru the 'content' or 'sidebar' GET parameter in 'frame.html' or 'frame.A100.html' not properly sanitized before being used to read files. This can be exploited by an unauthenticated attacker to read arbitrary files on the affected system.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2022-02-18 21:33:17 +09:00
Sandeep Singh f705c2debd
removing duplicate template 2022-02-15 23:43:06 +05:30
Prince Chaddha be309f08e0
Update and rename yshaadmin-traversal.yaml to yishaadmin-lfi.yaml 2022-02-15 18:33:24 +05:30
Evan Rubinstein 22d14023a7
Update yshaadmin-traversal.yaml 2022-02-14 23:53:28 -05:00
Evan Rubinstein 5fcaefe315
Added yshaadmin path traversal vulnerability 2022-02-14 23:48:57 -05:00
Evan Rubinstein b9efa77da3
Merge branch 'projectdiscovery:master' into master 2022-02-14 23:47:10 -05:00
Prince Chaddha 6c6b4e7270
Merge pull request #3700 from Akokonunes/patch-116
Create kyocera-rx-ecosys-m2035dn-lfi.yaml
2022-02-15 02:16:54 +05:30
Prince Chaddha 1f1b03ba67
Update and rename kyocera-rx-ecosys-m2035dn-lfi.yaml to vulnerabilities/other/kyocera-m2035dn-lfi.yaml 2022-02-15 02:10:30 +05:30
Prince Chaddha f8a52f9be2
Update nuuno-network-login.yaml (#3701)
* Update nuuno-network-login.yaml

* Update panasonic-network-management.yaml

* Update cisco-network-config.yaml

* Update emerson-power-panel.yaml

* Update unifi-network-log4j-rce.yaml
2022-02-14 19:53:51 +05:30
sullo 111f7d9a88 Cleanup some dashboard artifacts 2022-02-04 14:02:53 -05:00
MostInterestingBotInTheWorld 439b0ebffc Enhancement: vulnerabilities/other/zhiyuan-file-upload.yaml by mp 2022-02-04 10:55:39 -05:00
MostInterestingBotInTheWorld 26137cf96f Enhancement: vulnerabilities/other/zhiyuan-file-upload.yaml by mp 2022-02-04 10:54:04 -05:00
Prince Chaddha e1b8bf3da2
Update antsword-backdoor.yaml 2022-02-01 01:52:39 +05:30
Prince Chaddha e5a77aa803
Create antsword-backdoor.yaml 2022-02-01 01:39:46 +05:30
Sullo 9a8482172d Remove:
- various nonstandard ascii chars in favor of the standard ones (mostly quotes)
 - spaces after : in some files
2022-01-25 14:38:53 -05:00
Prince Chaddha e5b30f69d1
Update and rename vulnerabilities/JavaMelody/java-melody-xss.yaml to vulnerabilities/other/java-melody-xss.yaml 2022-01-24 13:15:23 +05:30
Evan Rubinstein ae3e6c0c21
Merge branch 'projectdiscovery:master' into master 2022-01-16 23:24:58 -05:00
gy741 e5958c1364
Update tags (#3538) 2022-01-16 02:08:21 +05:30
Muhammad Daffa 0a651c182f
Update tags (#3530) 2022-01-13 10:49:53 +05:30
Muhammad Daffa 64cf0fa4ba
Rename maian cart rce (#3532)
* Update and rename vulnerabilities/other/maian-cart-preauth-rce.yaml to cves/2021/CVE-2021-32172.yaml

* Update CVE-2021-32172.yaml

Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
2022-01-13 10:48:51 +05:30
Prince Chaddha 33d009da24
Update xerox-efi-lfi.yaml 2022-01-10 12:07:06 +05:30
GwanYeong Kim 9befbf0654 Create xerox-efi-lfi.yaml
Input passed thru the 'file' GET parameter in 'forceSave.php' script is not properly sanitized before being used to read files. This can be exploited by an unauthenticated attacker to read arbitrary files on the affected system.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2022-01-09 15:39:39 +09:00
Sandeep Singh 844c3b4a02
Network template updates & fixes (#3497)
* Fixed template syntax

* network template update and fixes
2022-01-07 12:58:37 +05:30
ImNightmaree c5723bdf55
Renames vulnerabilities/other/WooYun2015-148227 (#3488)
Swaps capitalization to all lowercase, as Linux filesystems don't handle capitalization well which may result in this file being skipped.
2022-01-06 12:00:31 +05:30
Pathtaga e281e5bf88
Updated all templates tags with technologies (#3478)
* Updated tags for template sonicwall-email-security-detect.yaml

* Updated tags for template detect-sentry.yaml

* Updated tags for template kong-detect.yaml

* Updated tags for template openam-detect.yaml

* Updated tags for template shiro-detect.yaml

* Updated tags for template iplanet-web-server.yaml

* Updated tags for template graylog-api-browser.yaml

* Updated tags for template prtg-detect.yaml

* Updated tags for template node-red-detect.yaml

* Updated tags for template abyss-web-server.yaml

* Updated tags for template geo-webserver.yaml

* Updated tags for template autobahn-python-detect.yaml

* Updated tags for template default-lighttpd-page.yaml

* Updated tags for template microsoft-iis-8.yaml

* Updated tags for template lucee-detect.yaml

* Updated tags for template php-proxy-detect.yaml

* Updated tags for template jenkins-detect.yaml

* Updated tags for template cockpit-detect.yaml

* Updated tags for template csrfguard-detect.yaml

* Updated tags for template dwr-index-detect.yaml

* Updated tags for template netsweeper-webadmin-detect.yaml

* Updated tags for template weblogic-detect.yaml

* Updated tags for template s3-detect.yaml

* Updated tags for template tileserver-gl.yaml

* Updated tags for template springboot-actuator.yaml

* Updated tags for template terraform-detect.yaml

* Updated tags for template redmine-cli-detect.yaml

* Updated tags for template mrtg-detect.yaml

* Updated tags for template tableau-server-detect.yaml

* Updated tags for template magmi-detect.yaml

* Updated tags for template oidc-detect.yaml

* Updated tags for template tor-socks-proxy.yaml

* Updated tags for template synology-web-station.yaml

* Updated tags for template herokuapp-detect.yaml

* Updated tags for template gunicorn-detect.yaml

* Updated tags for template sql-server-reporting.yaml

* Updated tags for template google-bucket-service.yaml

* Updated tags for template kubernetes-mirantis.yaml

* Updated tags for template kubernetes-enterprise-manager.yaml

* Updated tags for template oracle-iplanet-web-server.yaml

* Updated tags for template dell-idrac7-detect.yaml

* Updated tags for template dell-idrac6-detect.yaml

* Updated tags for template dell-idrac9-detect.yaml

* Updated tags for template dell-idrac8-detect.yaml

* Updated tags for template apache-guacamole.yaml

* Updated tags for template aws-cloudfront-service.yaml

* Updated tags for template aws-bucket-service.yaml

* Updated tags for template nginx-linux-page.yaml

* Updated tags for template telerik-fileupload-detect.yaml

* Updated tags for template telerik-dialoghandler-detect.yaml

* Updated tags for template htaccess-config.yaml

* Updated tags for template microsoft-azure-error.yaml

* Updated tags for template detect-options-method.yaml

* Updated tags for template unpatched-coldfusion.yaml

* Updated tags for template moodle-changelog.yaml

* Updated tags for template detect-dns-over-https.yaml

* Updated tags for template CVE-2019-19134.yaml

* Updated tags for template CVE-2019-3929.yaml

* Updated tags for template CVE-2019-19908.yaml

* Updated tags for template CVE-2019-10475.yaml

* Updated tags for template CVE-2019-17382.yaml

* Updated tags for template CVE-2019-16332.yaml

* Updated tags for template CVE-2019-14974.yaml

* Updated tags for template CVE-2019-19368.yaml

* Updated tags for template CVE-2019-12725.yaml

* Updated tags for template CVE-2019-15501.yaml

* Updated tags for template CVE-2019-9733.yaml

* Updated tags for template CVE-2019-14322.yaml

* Updated tags for template CVE-2019-9955.yaml

* Updated tags for template CVE-2019-0230.yaml

* Updated tags for template CVE-2019-10232.yaml

* Updated tags for template CVE-2019-17506.yaml

* Updated tags for template CVE-2019-8449.yaml

* Updated tags for template CVE-2019-12593.yaml

* Updated tags for template CVE-2019-10092.yaml

* Updated tags for template CVE-2019-1821.yaml

* Updated tags for template CVE-2019-3401.yaml

* Updated tags for template CVE-2019-16662.yaml

* Updated tags for template CVE-2019-5418.yaml

* Updated tags for template CVE-2016-4975.yaml

* Updated tags for template CVE-2016-1000137.yaml

* Updated tags for template CVE-2016-7552.yaml

* Updated tags for template CVE-2016-10956.yaml

* Updated tags for template CVE-2016-1000146.yaml

* Updated tags for template CVE-2013-2251.yaml

* Updated tags for template CVE-2013-1965.yaml

* Updated tags for template CVE-2014-2323.yaml

* Updated tags for template CVE-2014-5111.yaml

* Updated tags for template CVE-2014-2962.yaml

* Updated tags for template CVE-2014-4561.yaml

* Updated tags for template CVE-2014-4558.yaml

* Updated tags for template CVE-2014-3120.yaml

* Updated tags for template CVE-2007-5728.yaml

* Updated tags for template CVE-2009-4679.yaml

* Updated tags for template CVE-2009-1558.yaml

* Updated tags for template CVE-2009-4202.yaml

* Updated tags for template CVE-2009-0932.yaml

* Updated tags for template CVE-2015-2068.yaml

* Updated tags for template CVE-2015-8813.yaml

* Updated tags for template CVE-2015-7450.yaml

* Updated tags for template CVE-2015-2067.yaml

* Updated tags for template CVE-2015-3306.yaml

* Updated tags for template CVE-2015-3337.yaml

* Updated tags for template CVE-2015-1427.yaml

* Updated tags for template CVE-2015-1503.yaml

* Updated tags for template CVE-2015-1880.yaml

* Updated tags for template CVE-2018-3810.yaml

* Updated tags for template CVE-2018-18069.yaml

* Updated tags for template CVE-2018-17246.yaml

* Updated tags for template CVE-2018-10141.yaml

* Updated tags for template CVE-2018-16341.yaml

* Updated tags for template CVE-2018-18777.yaml

* Updated tags for template CVE-2018-15138.yaml

* Updated tags for template CVE-2018-11784.yaml

* Updated tags for template CVE-2018-16299.yaml

* Updated tags for template CVE-2018-7251.yaml

* Updated tags for template CVE-2018-1273.yaml

* Updated tags for template CVE-2018-1271.yaml

* Updated tags for template CVE-2018-11759.yaml

* Updated tags for template CVE-2018-3167.yaml

* Updated tags for template CVE-2018-7490.yaml

* Updated tags for template CVE-2018-2628.yaml

* Updated tags for template CVE-2018-13380.yaml

* Updated tags for template CVE-2018-2893.yaml

* Updated tags for template CVE-2018-5316.yaml

* Updated tags for template CVE-2018-20985.yaml

* Updated tags for template CVE-2018-10818.yaml

* Updated tags for template CVE-2018-1000861.yaml

* Updated tags for template CVE-2018-0296.yaml

* Updated tags for template CVE-2018-19458.yaml

* Updated tags for template CVE-2018-3760.yaml

* Updated tags for template CVE-2018-12998.yaml

* Updated tags for template CVE-2018-9118.yaml

* Updated tags for template CVE-2018-1000130.yaml

* Updated tags for template CVE-2008-6668.yaml

* Updated tags for template CVE-2017-7269.yaml

* Updated tags for template CVE-2017-1000170.yaml

* Updated tags for template CVE-2017-16877.yaml

* Updated tags for template CVE-2017-1000486.yaml

* Updated tags for template CVE-2017-9822.yaml

* Updated tags for template CVE-2017-0929.yaml

* Updated tags for template CVE-2017-7921.yaml

* Updated tags for template CVE-2017-14535.yaml

* Updated tags for template CVE-2017-5521.yaml

* Updated tags for template CVE-2017-12637.yaml

* Updated tags for template CVE-2017-12635.yaml

* Updated tags for template CVE-2017-11610.yaml

* Updated tags for template CVE-2021-20114.yaml

* Updated tags for template CVE-2021-40856.yaml

* Updated tags for template CVE-2021-21972.yaml

* Updated tags for template CVE-2021-31602.yaml

* Updated tags for template CVE-2021-41773.yaml

* Updated tags for template CVE-2021-37704.yaml

* Updated tags for template CVE-2021-45046.yaml

* Updated tags for template CVE-2021-26084.yaml

* Updated tags for template CVE-2021-27931.yaml

* Updated tags for template CVE-2021-24291.yaml

* Updated tags for template CVE-2021-41648.yaml

* Updated tags for template CVE-2021-37216.yaml

* Updated tags for template CVE-2021-22005.yaml

* Updated tags for template CVE-2021-37573.yaml

* Updated tags for template CVE-2021-31755.yaml

* Updated tags for template CVE-2021-43287.yaml

* Updated tags for template CVE-2021-24274.yaml

* Updated tags for template CVE-2021-33564.yaml

* Updated tags for template CVE-2021-22145.yaml

* Updated tags for template CVE-2021-24237.yaml

* Updated tags for template CVE-2021-44848.yaml

* Updated tags for template CVE-2021-25646.yaml

* Updated tags for template CVE-2021-21816.yaml

* Updated tags for template CVE-2021-41649.yaml

* Updated tags for template CVE-2021-41291.yaml

* Updated tags for template CVE-2021-41293.yaml

* Updated tags for template CVE-2021-21801.yaml

* Updated tags for template CVE-2021-29156.yaml

* Updated tags for template CVE-2021-34370.yaml

* Updated tags for template CVE-2021-27132.yaml

* Updated tags for template CVE-2021-28151.yaml

* Updated tags for template CVE-2021-26812.yaml

* Updated tags for template CVE-2021-21985.yaml

* Updated tags for template CVE-2021-43778.yaml

* Updated tags for template CVE-2021-25281.yaml

* Updated tags for template CVE-2021-40539.yaml

* Updated tags for template CVE-2021-36749.yaml

* Updated tags for template CVE-2021-21234.yaml

* Updated tags for template CVE-2021-33221.yaml

* Updated tags for template CVE-2021-42013.yaml

* Updated tags for template CVE-2021-33807.yaml

* Updated tags for template CVE-2021-44228.yaml

* Updated tags for template CVE-2012-0896.yaml

* Updated tags for template CVE-2012-0991.yaml

* Updated tags for template CVE-2012-0392.yaml

* Updated tags for template CVE-2012-4940.yaml

* Updated tags for template CVE-2012-1226.yaml

* Updated tags for template CVE-2012-4878.yaml

* Updated tags for template CVE-2010-1304.yaml

* Updated tags for template CVE-2010-1217.yaml

* Updated tags for template CVE-2010-0759.yaml

* Updated tags for template CVE-2010-2307.yaml

* Updated tags for template CVE-2010-4231.yaml

* Updated tags for template CVE-2010-2861.yaml

* Updated tags for template CVE-2010-4282.yaml

* Updated tags for template CVE-2010-1302.yaml

* Updated tags for template CVE-2010-1461.yaml

* Updated tags for template CVE-2020-4463.yaml

* Updated tags for template CVE-2020-1943.yaml

* Updated tags for template CVE-2020-36289.yaml

* Updated tags for template CVE-2020-17518.yaml

* Updated tags for template CVE-2020-12800.yaml

* Updated tags for template CVE-2020-10770.yaml

* Updated tags for template CVE-2020-17506.yaml

* Updated tags for template CVE-2020-11547.yaml

* Updated tags for template CVE-2020-11034.yaml

* Updated tags for template CVE-2020-24589.yaml

* Updated tags for template CVE-2020-9054.yaml

* Updated tags for template CVE-2020-28976.yaml

* Updated tags for template CVE-2020-16952.yaml

* Updated tags for template CVE-2020-24312.yaml

* Updated tags for template CVE-2020-8512.yaml

* Updated tags for template CVE-2020-14179.yaml

* Updated tags for template CVE-2020-6308.yaml

* Updated tags for template CVE-2020-35846.yaml

* Updated tags for template CVE-2020-7318.yaml

* Updated tags for template CVE-2020-2140.yaml

* Updated tags for template CVE-2020-5410.yaml

* Updated tags for template CVE-2020-5777.yaml

* Updated tags for template CVE-2020-13700.yaml

* Updated tags for template CVE-2020-5775.yaml

* Updated tags for template CVE-2020-13167.yaml

* Updated tags for template CVE-2020-35848.yaml

* Updated tags for template CVE-2020-9484.yaml

* Updated tags for template CVE-2020-15505.yaml

* Updated tags for template CVE-2020-9047.yaml

* Updated tags for template CVE-2020-17519.yaml

* Updated tags for template CVE-2020-17505.yaml

* Updated tags for template CVE-2020-9376.yaml

* Updated tags for template CVE-2020-8497.yaml

* Updated tags for template CVE-2020-14092.yaml

* Updated tags for template CVE-2020-10148.yaml

* Updated tags for template CVE-2020-35847.yaml

* Updated tags for template CVE-2020-12116.yaml

* Updated tags for template CVE-2020-11930.yaml

* Updated tags for template CVE-2020-24186.yaml

* Updated tags for template CVE-2020-9496.yaml

* Updated tags for template CVE-2020-35489.yaml

* Updated tags for template CVE-2020-26413.yaml

* Updated tags for template CVE-2020-2096.yaml

* misc updates

* misc update

* more updates

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-01-05 01:04:16 +05:30
Prince Chaddha 3357141838
Merge pull request #3425 from Akokonunes/patch-96
Create accent-microcomputers-lfi.yaml
2022-01-03 10:29:56 +05:30
Prince Chaddha 7ab7eca6ef
Merge pull request #3426 from Akokonunes/patch-97
Create sofneta-mecdream-pacs-server-lfi.yaml
2022-01-03 10:29:46 +05:30
Prince Chaddha 2ed4e8a966
Merge pull request #3421 from pikpikcu/patch-311
Create sponip-network-system-ping-rce
2022-01-03 10:28:00 +05:30
Prince Chaddha ba686ad67f
Update and rename accent-microcomputers-lfi.yaml to vulnerabilities/other/accent-microcomputers-lfi.yaml 2022-01-03 10:24:12 +05:30
Prince Chaddha b70b9bcbf1
Update and rename sofneta-mecdream-pacs-server-lfi.yaml to sofneta-mecdream-pacs-lfi.yaml 2022-01-03 10:21:00 +05:30
Prince Chaddha 139b04c9b6
Update and rename jinfornet-jreport-lfi.yaml to vulnerabilities/other/jinfornet-jreport-lfi.yaml 2022-01-03 10:01:12 +05:30
Prince Chaddha cb9fdbd7cc
Update and rename sofneta-mecdream-pacs-server-lfi.yaml to vulnerabilities/other/sofneta-mecdream-pacs-server-lfi.yaml 2021-12-29 11:28:09 +05:30
Prince Chaddha 4ba5e931cc
Update sl-studio-lfi.yaml 2021-12-29 09:20:13 +05:30
Prince Chaddha b7974b288e
Update and rename sl-studio-lfi.yaml to vulnerabilities/other/sl-studio-lfi.yaml 2021-12-29 09:16:32 +05:30
Prince Chaddha 955c71fa50
Update sponip-network-system-ping-rce.yaml 2021-12-24 20:24:40 +05:30
PikPikcU 51843e1e62
Create sponip-network-system-ping-rce.yaml 2021-12-24 09:30:31 -05:00
Prince Chaddha 0ddd4c7911
Update and rename dicoogle-pacs-lfi.yaml to vulnerabilities/other/dicoogle-pacs-lfi.yaml 2021-12-24 19:23:04 +05:30
niudaii 8289e92291
Fixed h3c-imc-rce.yaml (#3401)
* Fixed h3c-imc-rce.yaml

* Update h3c-imc-rce.yaml

* Additional payload for windows

Co-authored-by: niudai <niudai@zp857s-mbp.local>
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2021-12-23 20:23:42 +05:30
Sandeep Singh c57984b8f8
Added UniFi Network Log4j JNDI RCE (#3402)
Co-Authored-By: KrE80r <13027962+KrE80r@users.noreply.github.com>

Co-authored-by: KrE80r <13027962+KrE80r@users.noreply.github.com>
2021-12-23 08:57:03 +05:30
Melvin 7933cfc470
Removing extra space from raw HTTP request
Should prevent issues with parsing this request
2021-12-22 13:33:51 +01:00
Prince Chaddha 6e6349205d
Update and rename pacsone-server-6-6-2-lfi.yaml to vulnerabilities/other/pacsone-server-lfi.yaml 2021-12-21 17:32:19 +05:30
Sandeep Singh 7a5cdc2bc3
Added ServiceNow Helpdesk Credential Exposure (#3371)
* Added ServiceNow Helpdesk Credential Exposure

Co-Authored-By: JP <19959240+jordanpotti@users.noreply.github.com>

* matcher update

Co-authored-by: JP <19959240+jordanpotti@users.noreply.github.com>
2021-12-19 23:42:01 +05:30
Prince Chaddha dcf3f57bdf
Merge pull request #3373 from projectdiscovery/princechaddha-patch-2
Create global-domains-xss.yaml
2021-12-18 15:02:06 +05:30
Prince Chaddha 71027cbc79
Merge pull request #3357 from Akokonunes/patch-90
Create global-domains-lfi.yaml
2021-12-18 14:52:35 +05:30
Prince Chaddha 3b067a1aca
Create global-domains-xss.yaml 2021-12-18 14:51:08 +05:30
Prince Chaddha 0f40857119
Update and rename global-domains-lfi.yaml to vulnerabilities/other/global-domains-lfi.yaml 2021-12-18 14:43:28 +05:30
Prince Chaddha 9a4941d995
Merge pull request #3356 from Akokonunes/patch-89
Create groupoffice-lfi.yaml
2021-12-18 14:33:42 +05:30
Prince Chaddha 7b39972bfd
Merge pull request #3367 from gy741/rule-add-v80
Create oliver-library-server-lfi.yaml
2021-12-18 14:33:23 +05:30
Prince Chaddha c6521085b7
Update groupoffice-lfi.yaml 2021-12-18 14:32:09 +05:30
Prince Chaddha 4747277a4e
Update and rename asanhamayesh-cms-lfi.yaml to vulnerabilities/other/asanhamayesh-lfi.yaml 2021-12-18 14:28:39 +05:30
Prince Chaddha 35faabd29f
Update and rename groupoffice-lfi.yaml to vulnerabilities/other/groupoffice-lfi.yaml 2021-12-18 14:26:46 +05:30
Prince Chaddha 8afbfdc8dc
Update and rename oliver-library-server-lfi.yaml to oliver-library-lfi.yaml 2021-12-18 14:23:57 +05:30
GwanYeong Kim 4fdb934da0 Create oliver-library-server-lfi.yaml
An arbitrary file download vulnerability in Oliver v5 Library Server Versions < 8.00.008.053 via the FileServlet function allows for arbitrary file download by an attacker using unsanitized user supplied input.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-12-18 10:55:28 +09:00
sandeep c9ddd7a0ae update: id + reference update 2021-12-14 21:07:46 +05:30
Evan Rubinstein dddb0bbb82
Added CVE-2021-24997 (#3298)
* Added CVE-39226

* Added CVE-39226

* Delete CVE-39226.yaml

* Renamed CVE-39226 to CVE-2021-39226

Fixed naming error

* Added Wp-Guppy-Information-Disclosure template

* Removed File

Found better descriptor

* Added CVE-2021-24997

Added WordPress Guppy Information Disclosure CVE

* Fixed CVE-2021-24997

Fixed YAML formatting

* Fixed Typo

URL Path had an extra double quote

* Auto Generated Templates Stats [Wed Dec  8 23:07:24 UTC 2021] 🤖

* Deleted Blank Space

* Update CVE-2021-24997.yaml

* Update CVE-2021-24997.yaml

* Update CVE-2021-24997.yaml

* Update CVE-2021-24997.yaml

* Added CVE-2021-43496

* Update CVE-2021-43496.yaml

* fix: syntax update

* Added New Vuln

* Update CVE-2021-24997.yaml

* Update CVE-2021-43496.yaml

* Update and rename hd-netowrk-realtime-monitor-system-LFI.yaml to hdnetwork-realtime-lfi.yaml

* fix: lints update

Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
Co-authored-by: GitHub Action <action@github.com>
Co-authored-by: Prince Chaddha <prince@projectdiscovery.io>
2021-12-14 02:22:26 +05:30
sandeep 51944ab6a2 fix: lints update 2021-12-14 02:14:35 +05:30
Prince Chaddha 6b007f48e7
Update and rename hd-netowrk-realtime-monitor-system-LFI.yaml to hdnetwork-realtime-lfi.yaml 2021-12-14 00:47:37 +05:30
Evan Rubinstein f52b1f0d55
Added New Vuln 2021-12-13 05:01:48 -05:00
Prince Chaddha 0e94557017
Merge pull request #3248 from pikpikcu/patch-307
added thruk-xss
2021-12-09 22:01:56 +05:30
Prince Chaddha f476c5ff5b
Update thruk-xss.yaml 2021-12-09 21:58:15 +05:30
Prince Chaddha d35a55f7b4
Update and rename watchguard-fireware-ad-helper-component-credentials-disclosure.yaml to watchguard-credentials-disclosure.yaml 2021-12-09 21:05:13 +05:30
GwanYeong Kim bde4e1815a Create watchguard-fireware-ad-helper-component-credentials-disclosure.yaml
a credential-disclosure vulnerability in the AD Helper component of the WatchGuard Fireware Threat Detection and Response (TDR) service, which allows unauthenticated attackers to gain Active Directory credentials for a Windows domain in plaintext.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-12-09 16:02:48 +09:00
sandeep 9da0d768a1 fix: syntax + lint 2021-12-03 10:37:42 +05:30
PikPikcU 83f6b2a153
Update thruk-xss.yaml 2021-12-02 19:07:50 +07:00
PikPikcU 435eeca764
Create thruk-xss.yaml 2021-12-02 19:02:40 +07:00
Noam Rathaus 725782050a Add description 2021-11-23 12:09:00 +02:00
Prince Chaddha 1e31e0f76d
Update and rename eibiz-server-3-8-0-lfi.yaml to vulnerabilities/other/eibiz-lfi.yaml 2021-11-18 21:52:30 +05:30
Prince Chaddha 4eb84d7802
Merge pull request #3131 from Akokonunes/patch-70
Create hrsale-unauthenticated-lfi.yaml
2021-11-13 23:46:11 +05:30
Prince Chaddha 9a227941a1
Rename hrsale-unauthenticated-lfi.yaml to vulnerabilities/other/hrsale-unauthenticated-lfi.yaml 2021-11-13 23:37:32 +05:30
sandeep b2aa8f9f5b misc updates 2021-11-13 23:01:53 +05:30
sandeep 35bfff6f61 Added skip-variables-check for SSTI template 2021-11-09 22:16:37 +05:30
sandeep cb74944f43 misc updates 2021-11-08 15:45:54 +05:30
Prince Chaddha c51bbf8715
Merge pull request #3099 from ImNightmaree/master
Create ecshop-sql.yaml
2021-11-08 13:44:54 +05:30
Prince Chaddha 5a6c30c7cf
Update ecshop-sqli.yaml 2021-11-08 13:42:44 +05:30
Prince Chaddha 85741bbcf9
Update and rename ecshop-sql.yaml to ecshop-sqli.yaml 2021-11-08 13:42:13 +05:30
Prince Chaddha 06bb1f444c
Update seowon-router-rce.yaml 2021-11-08 12:49:37 +05:30
Prince Chaddha 7973948360
Update seowon-router-rce.yaml 2021-11-08 12:43:14 +05:30
GwanYeong Kim 6183e248d8 Create seowon-router-rce.yaml
Execute commands without authentication as admin user, To use it in all versions, we only enter the router ip & Port(if available) in the request The result of the request is visible on the browser page

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-11-07 14:50:39 +09:00
ImNightmaree 797d9066a1
More linting 2021-11-07 02:49:07 +00:00
ImNightmaree b77df460dd
Linting 2021-11-07 02:39:21 +00:00
ImNightmaree bbecf3965a
Update ecshop-sql.yaml 2021-11-07 02:36:28 +00:00
ImNightmaree 38135df2a6
Update ecshop-sql.yaml 2021-11-07 02:30:38 +00:00
ImNightmaree f37527101c
Create ecshop-sql.yaml 2021-11-07 02:03:09 +00:00
Prince Chaddha a57cb5081a
Update vanguard-post-xss.yaml 2021-11-05 21:36:53 +05:30
sandeep eef5252cc5 file name update 2021-11-05 06:01:59 +05:30
sandeep 8c3f98c767 fixed invalid template syntax 2021-10-30 16:47:35 +05:30
Noam Rathaus 9848f92894 Add description 2021-10-27 14:06:15 +03:00
Noam Rathaus 14ae8e3f59 Add description 2021-10-27 14:05:11 +03:00
Noam Rathaus 3a02b7c325 Add description 2021-10-27 14:04:00 +03:00
Noam Rathaus f1cf6fd9a7 Add description 2021-10-27 14:03:22 +03:00
Noam Rathaus d5d2ed0a0e Add description 2021-10-27 13:52:34 +03:00
Noam Rathaus c9efc02223 Add description 2021-10-26 15:29:20 +03:00
Noam Rathaus 093a495b5f Add description 2021-10-26 15:28:43 +03:00
Noam Rathaus 25f7c812c2 Add description 2021-10-26 15:27:57 +03:00
Noam Rathaus 5d98d22416 Add description 2021-10-26 15:27:16 +03:00
Noam Rathaus 8adbf37ab4 Add description 2021-10-26 15:26:10 +03:00
Noam Rathaus 57bae34cb9 Add description 2021-10-26 15:25:34 +03:00
Noam Rathaus 4c0e8bae7e Add description 2021-10-26 15:24:26 +03:00
Noam Rathaus dcf402cfa4 Add description 2021-10-26 15:23:43 +03:00
Noam Rathaus 7d0c8669a3 Add description 2021-10-26 15:22:21 +03:00
Noam Rathaus 9c96179595 Fix description 2021-10-26 12:45:16 +03:00
Noam Rathaus 081a2546fe Add description 2021-10-25 12:59:08 +03:00
Noam Rathaus e4018d4a0c Add description 2021-10-25 12:58:22 +03:00
Noam Rathaus f9fb282770 Add description 2021-10-25 12:57:40 +03:00
Noam Rathaus 319c8a830e Add description 2021-10-25 12:56:03 +03:00
Noam Rathaus 3029da4ceb Add description 2021-10-25 12:55:23 +03:00
Noam Rathaus 9f8270bb7a Add description 2021-10-25 12:54:49 +03:00
Noam Rathaus e9bd13da3e Product name is 'OA' 2021-10-25 10:07:28 +03:00
Noam Rathaus a3d1ca6b81 Description 2021-10-25 10:06:44 +03:00
Noam Rathaus 130e5b1ff5 add description 2021-10-25 10:01:03 +03:00
Noam Rathaus d03fce098e Add description 2021-10-25 09:58:59 +03:00
Noam Rathaus 5636579be1 Non-broken link 2021-10-25 09:57:47 +03:00
Noam Rathaus ee82e5c591 Add description 2021-10-25 09:56:44 +03:00
Noam Rathaus 8ad49535b0 Add description 2021-10-24 12:38:06 +03:00
sandeep c66ad46464 more metadata update 2021-10-22 23:24:21 +05:30
sandeep 2d5beca867 metadata update 2021-10-22 23:23:25 +05:30
Noam Rathaus 07472bb021 Add description 2021-10-21 14:21:38 +03:00
Noam Rathaus ae55315ec6 Improve description 2021-10-21 14:15:52 +03:00
Noam Rathaus 7e4cd54f9e Add description 2021-10-21 14:13:53 +03:00
Noam Rathaus 379513c015 Make description more clear 2021-10-21 08:55:02 +03:00
Noam Rathaus 691dab8a52 Add description 2021-10-21 08:51:56 +03:00
Noam Rathaus fde188d253 Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates 2021-10-21 08:32:04 +03:00
Sandeep Singh a21cec6362
Merge pull request #2844 from projectdiscovery/more-fixes
Changes to adopt v2.5.3 engine
2021-10-21 07:21:20 +05:30
Noam Rathaus cfa3a798f3 Add description 2021-10-19 13:17:58 +03:00
Noam Rathaus e45550f4ed Add description 2021-10-19 13:10:34 +03:00
Noam Rathaus d1684e7d67 Add description 2021-10-19 13:10:29 +03:00
Noam Rathaus 5c910ab3b4 Add description 2021-10-19 13:03:41 +03:00
Noam Rathaus 6d5e933128 Add description 2021-10-19 12:56:40 +03:00
sandeep 33badb66d1 oob tags update 2021-10-19 02:10:26 +05:30
sandeep a614391d3f Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates into more-fixes 2021-10-18 03:14:44 +05:30
Noam Rathaus 087bbd2263 Add description 2021-10-17 15:54:19 +03:00
Noam Rathaus 0fd1574fe2 Add description 2021-10-17 15:52:26 +03:00
Noam Rathaus c1b42bcc55 Add description 2021-10-17 15:50:52 +03:00
Prince Chaddha 5385191a9d
Update microstrategy-ssrf.yaml 2021-10-17 07:46:32 +05:30
Philippe Delteil 274f3f941a
Update microstrategy-ssrf.yaml 2021-10-16 17:19:30 -03:00
sandeep 42cc6d9507 Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates into more-fixes 2021-10-14 23:51:16 +05:30
sandeep aad97c084c misc update 2021-10-14 20:08:44 +05:30