ab633f8675
Update and rename wp-javospot-premium-theme-lfi.yaml to vulnerabilities/wordpress/wp-javospot-lfi.yaml
2021-10-26 23:55:34 +05:30
c9efc02223
Add description
2021-10-26 15:29:20 +03:00
093a495b5f
Add description
2021-10-26 15:28:43 +03:00
25f7c812c2
Add description
2021-10-26 15:27:57 +03:00
5d98d22416
Add description
2021-10-26 15:27:16 +03:00
8adbf37ab4
Add description
2021-10-26 15:26:10 +03:00
57bae34cb9
Add description
2021-10-26 15:25:34 +03:00
4c0e8bae7e
Add description
2021-10-26 15:24:26 +03:00
dcf402cfa4
Add description
2021-10-26 15:23:43 +03:00
7d0c8669a3
Add description
2021-10-26 15:22:21 +03:00
0de8bc19f8
misc template updates
2021-10-26 17:39:26 +05:30
058d859cd8
Add description
2021-10-26 12:45:23 +03:00
9c96179595
Fix description
2021-10-26 12:45:16 +03:00
423584f1b7
moving files around
2021-10-26 15:08:26 +05:30
fb81f4ca36
Better description
2021-10-26 12:35:56 +03:00
081a2546fe
Add description
2021-10-25 12:59:08 +03:00
e4018d4a0c
Add description
2021-10-25 12:58:22 +03:00
f9fb282770
Add description
2021-10-25 12:57:40 +03:00
319c8a830e
Add description
2021-10-25 12:56:03 +03:00
3029da4ceb
Add description
2021-10-25 12:55:23 +03:00
9f8270bb7a
Add description
2021-10-25 12:54:49 +03:00
c9e9c04f37
Add description
2021-10-25 12:54:00 +03:00
6a6ba60aad
Description
2021-10-25 12:53:22 +03:00
a96bfc3992
Add description
2021-10-25 12:52:58 +03:00
2bffa26635
Advisory description
2021-10-25 10:09:13 +03:00
e9bd13da3e
Product name is 'OA'
2021-10-25 10:07:28 +03:00
66a811c3c2
Better description
2021-10-25 10:06:50 +03:00
a3d1ca6b81
Description
2021-10-25 10:06:44 +03:00
130e5b1ff5
add description
2021-10-25 10:01:03 +03:00
d03fce098e
Add description
2021-10-25 09:58:59 +03:00
5636579be1
Non-broken link
2021-10-25 09:57:47 +03:00
ee82e5c591
Add description
2021-10-25 09:56:44 +03:00
8ad49535b0
Add description
2021-10-24 12:38:06 +03:00
c66ad46464
more metadata update
2021-10-22 23:24:21 +05:30
2d5beca867
metadata update
2021-10-22 23:23:25 +05:30
9ab9cd2a25
Merge pull request #2953 from Akokonunes/patch-59
...
Create aspose-importer-exporter-file-download.yaml
2021-10-22 22:03:37 +05:30
82ca4a8c43
Update and rename aspose-file-download.yaml to aspose-ie-file-download.yaml
2021-10-22 15:59:44 +05:30
5118c00e24
Update aspose-pdf-file-download.yaml
2021-10-22 15:58:02 +05:30
aa77769481
Rename aspose-pdf-file-download.yaml to vulnerabilities/wordpress/aspose-pdf-file-download.yaml
2021-10-22 15:49:18 +05:30
0cb293abca
Add description
2021-10-21 14:25:28 +03:00
07472bb021
Add description
2021-10-21 14:21:38 +03:00
ae55315ec6
Improve description
2021-10-21 14:15:52 +03:00
7e4cd54f9e
Add description
2021-10-21 14:13:53 +03:00
379513c015
Make description more clear
2021-10-21 08:55:02 +03:00
f1d4569a8c
Add description
2021-10-21 08:52:48 +03:00
691dab8a52
Add description
2021-10-21 08:51:56 +03:00
fde188d253
Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates
2021-10-21 08:32:04 +03:00
a21cec6362
Merge pull request #2844 from projectdiscovery/more-fixes
...
Changes to adopt v2.5.3 engine
2021-10-21 07:21:20 +05:30
cfa3a798f3
Add description
2021-10-19 13:17:58 +03:00
e45550f4ed
Add description
2021-10-19 13:10:34 +03:00
d1684e7d67
Add description
2021-10-19 13:10:29 +03:00
5c910ab3b4
Add description
2021-10-19 13:03:41 +03:00
6d5e933128
Add description
2021-10-19 12:56:40 +03:00
33badb66d1
oob tags update
2021-10-19 02:10:26 +05:30
a614391d3f
Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates into more-fixes
2021-10-18 03:14:44 +05:30
1688b8073a
Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates
2021-10-17 15:54:29 +03:00
087bbd2263
Add description
2021-10-17 15:54:19 +03:00
0fd1574fe2
Add description
2021-10-17 15:52:26 +03:00
c1b42bcc55
Add description
2021-10-17 15:50:52 +03:00
48588a6b81
Merge pull request #2887 from Akokonunes/patch-56
...
Create aspose-words-exporter-file-download.yaml
2021-10-17 17:04:08 +05:30
1022a0a556
Merge pull request #2898 from asurti6783/patch-2
...
Create jira-unauthenticated-screens.yaml
2021-10-17 08:40:26 +05:30
ba3c7afed0
Update jira-unauthenticated-screens.yaml
2021-10-17 08:36:48 +05:30
7d41f63091
Merge pull request #2903 from Akokonunes/patch-58
...
Create wp-aspose-cloud-ebook-plugin-file-download.yaml
2021-10-17 08:00:55 +05:30
ef16ad713b
Update and rename wp-aspose-cloud-ebook-plugin-file-download.yaml to vulnerabilities/wordpress/aspose-file-download.yaml
2021-10-17 07:49:46 +05:30
5385191a9d
Update microstrategy-ssrf.yaml
2021-10-17 07:46:32 +05:30
274f3f941a
Update microstrategy-ssrf.yaml
2021-10-16 17:19:30 -03:00
0d98ff0dd4
Create jira-unauthenticated-screens.yaml
2021-10-15 12:05:51 -04:00
968cfe7d03
Merge pull request #2870 from projectdiscovery/fastjson-rces
...
Fastjson Deserialization RCEs
2021-10-15 03:28:35 +05:30
42cc6d9507
Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates into more-fixes
2021-10-14 23:51:16 +05:30
aad97c084c
misc update
2021-10-14 20:08:44 +05:30
f9f4e3327e
moving files around
2021-10-14 20:05:25 +05:30
adfbed9d51
lint fix
2021-10-14 19:50:43 +05:30
558272470e
Merge branch 'master' of https://github.com/nrathaus/nuclei-templates into pr/2893
2021-10-14 19:32:03 +05:30
a313e27f6e
misc update
2021-10-14 19:31:57 +05:30
4532646b44
Description
2021-10-14 16:35:40 +03:00
d803f91971
Add description
2021-10-14 16:34:15 +03:00
dbb28d586a
Add description
2021-10-14 16:32:34 +03:00
5a00c6841d
Working link
2021-10-14 16:32:15 +03:00
75f96128d5
Better description
2021-10-14 16:31:27 +03:00
16dd5c6e8e
More reference
2021-10-14 16:30:44 +03:00
09de143099
Add CVE
2021-10-14 16:30:14 +03:00
6eaff09b16
Add description
2021-10-14 16:29:51 +03:00
a6800e0e1a
Add description
2021-10-14 16:28:41 +03:00
5618e8eaa9
Better description
2021-10-14 16:27:26 +03:00
e3071a4f26
Added description
2021-10-14 16:10:54 +03:00
eef7ba6cd4
Spelling
2021-10-14 16:07:39 +03:00
083ca2805a
Add description
2021-10-14 16:07:18 +03:00
2946782493
Fix name
2021-10-14 16:06:20 +03:00
3322a4becc
Previous reference is no longer available
2021-10-14 16:05:47 +03:00
67a6e574a0
Add description
2021-10-14 16:04:37 +03:00
4b603769c5
Add vendor CERT advisory/cve
2021-10-14 15:59:38 +03:00
39ebcc13a3
Add description
2021-10-14 15:55:59 +03:00
18e6257e33
description
2021-10-14 15:54:28 +03:00
d1105f1d79
Add description
2021-10-14 15:35:52 +03:00
e599ba1261
Add description
2021-10-14 15:35:47 +03:00
4275cce69a
Add description
2021-10-14 15:35:42 +03:00
5453f2ccdb
Add description
2021-10-14 15:35:37 +03:00
02d0071660
Update and rename aspose-words-exporter-file-download.yaml to vulnerabilities/wordpress/aspose-words-file-download.yaml
2021-10-14 16:33:38 +05:30
4ce3559d58
Update and rename wp-cherry-plugin-file-download.yaml to vulnerabilities/wordpress/cherry-file-download.yaml
2021-10-14 16:29:47 +05:30
2e9613d75b
Improve description
2021-10-13 12:01:33 +03:00
d5038b7520
Add description
2021-10-13 12:00:55 +03:00
ab008edc5b
Add description
2021-10-13 12:00:39 +03:00
b86a987030
Dead link
2021-10-13 12:00:36 +03:00
a3608c32f4
Add description
2021-10-13 11:56:10 +03:00
9273a765c0
Merge branch 'master' into more-fixes
2021-10-13 13:48:52 +05:30
dc2d9485a9
additional matcher
2021-10-12 12:07:05 +05:30
9d1f7fb627
more tags
2021-10-12 11:28:49 +05:30
6e6601a462
more templates
2021-10-12 11:27:50 +05:30
843c688505
Merge pull request #2867 from Akokonunes/patch-54
...
Create advanced-access-manager-plugin-lfi.yaml
2021-10-11 16:55:58 +05:30
da08f02913
Update and rename advanced-access-manager-plugin-lfi.yaml to vulnerabilities/wordpress/advanced-access-manager-lfi.yaml
2021-10-11 16:52:28 +05:30
86f52501a5
Added Fastjson 1.2.47 Deserialization RCE
2021-10-11 04:23:52 +05:30
16ea26b295
Added Fastjson 1.2.24 Deserialization RCE
2021-10-11 01:16:37 +05:30
5072932509
more updates
2021-10-10 06:43:30 +05:30
9b1c57506b
Updating CVE-2021-41773 / CVE-2021-42013 to include RCE check
2021-10-10 06:00:43 +05:30
6205415bbd
Update keycloak-xss.yaml
...
Updating severity as this XSS is not exploitable directly.
2021-10-09 08:46:17 +05:30
0c8e813c15
Merge pull request #2854 from Akokonunes/patch-52
...
Create wp-oxygen-theme-lfi.yaml
2021-10-08 19:20:54 +05:30
ecca8374fc
moving file around
2021-10-08 19:19:29 +05:30
95305667c0
Merge pull request #2852 from pdelteil/patch-65
...
Update qcubed-xss.yaml
2021-10-08 19:14:41 +05:30
6a00b9245c
Update qcubed-xss.yaml
2021-10-08 19:14:26 +05:30
de0a0ff3c1
misc update
2021-10-08 19:10:03 +05:30
60a3b6f4a4
Update qcubed-xss.yaml
2021-10-08 03:46:49 -03:00
888c703a3c
Update pmb-directory-traversal.yaml
2021-10-08 03:33:40 -03:00
53fc9bcb3f
misc fixes
2021-10-07 05:23:20 +05:30
634e215433
Merge pull request #2840 from projectdiscovery/apache-httpd-rce
...
Added Apache HTTPd - 2.4.49 (CGI enabled) RCE
2021-10-06 19:50:18 +05:30
8dfa5ce9b4
Added Lucee Unauthenticated Reflected XSS
2021-10-06 16:38:23 +05:30
856b96a084
lint update
2021-10-06 15:56:00 +05:30
796dd93113
Added Apache HTTPd - 2.4.49 (CGI enabled) RCE
2021-10-06 15:53:31 +05:30
3ce3718a5e
Merge pull request #2835 from Akokonunes/patch-49
...
Create ultimatemember-plugin-open-redirect.yaml
2021-10-06 11:04:54 +05:30
183af8b95b
Update and rename ultimatemember-plugin-open-redirect.yaml to vulnerabilities/wordpress/ultimatemember-open-redirect.yaml
2021-10-06 10:59:48 +05:30
f1130595ce
Update and rename wptouch-plugin-open-redirect.yaml to vulnerabilities/wordpress/wptouch-open-redirect.yaml
2021-10-06 10:46:16 +05:30
5b5e764b48
Merge pull request #2787 from mr-rizwan-syed/master
...
wp-config-file and aws-s3-access-key-leak
2021-10-05 18:25:04 +05:30
6e7b91f6dc
Update wordpress-accessible-wpconfig.yaml
2021-10-05 18:02:50 +05:30
478a7ef833
Merge pull request #2808 from pdelteil/patch-61
...
Update wp-plugin-1-flashgallery-listing.yaml
2021-10-02 17:59:10 +05:30
47853b869b
Update metinfo-lfi.yaml
2021-10-02 17:57:59 +05:30
f43b256e6e
Update metinfo-lfi.yaml
2021-10-02 17:57:33 +05:30
8fc91de606
Update metinfo-lfi.yaml
2021-10-02 03:42:22 -03:00
e3947fbfeb
Update wp-plugin-1-flashgallery-listing.yaml
2021-10-02 03:29:17 -03:00
4dc168520c
Merge pull request #2791 from pdelteil/patch-59
...
Update and rename wordpress-emails-verification-for-woocommerce.yaml …
2021-10-01 16:33:44 +05:30
d7e6cb313e
Update wp-woocommerce-email-verification.yaml
2021-10-01 16:31:50 +05:30
58fd372498
Update and rename qihang-media-web-lfi.yaml to qihang-media-lfi.yaml
2021-10-01 16:28:20 +05:30
ea71661d79
Update and rename qihang-media-web-credentials-disclosure.yaml to qihang-media-disclosure.yaml
2021-10-01 16:26:25 +05:30
f750bf5ba5
Create qihang-media-web-credentials-disclosure.yaml
...
The application suffers from clear-text credentials disclosure vulnerability that allows an unauthenticated attacker to issue a request to an unprotected directory that hosts an XML file /xml/User/User.xml and obtain administrative login information that allows for a successful authentication bypass attack.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-10-01 15:42:48 +09:00
90138f44d1
Create qihang-media-web-lfi.yaml
...
The application suffers from an unauthenticated file disclosure vulnerability when input passed thru the filename parameter when using the download action or thru path parameter when using the getAll action is not properly verified before being used. This can be exploited to disclose contents of files and directories from local resources.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-10-01 15:35:12 +09:00
145f1a643d
Update and rename wordpress-emails-verification-for-woocommerce.yaml to wp-woocommerce-email-verification.yaml
...
- name changed to match template id.
- added stop-at-first-match condition.
2021-09-30 22:49:21 -03:00
7adfd01163
Moving listserv_maestro_rce.yaml to cves folder
2021-09-30 15:39:45 -04:00
d34e6c1145
Add information for CVE-2010-1870
2021-09-30 15:38:59 -04:00
3c012b137d
Break CVE-2016-4975 into its own template
2021-09-30 15:35:17 -04:00
4065f6a493
Update wordpress-accessible-wpconfig.yaml
2021-09-30 23:15:18 +05:30
c9a374bed5
renamed: simple-employee-rce.yaml -> ../../cves/2019/CVE-2019-20183.yaml
2021-09-30 13:06:46 -04:00
28def083f6
Merge branch 'master' of https://github.com/sullo/nuclei-templates
...
Fix typo for cvss
2021-09-30 13:03:09 -04:00
Prince Chaddha
Noam Rathaus
sandeep
Philippe Delteil
Arman Sameer
GwanYeong Kim
Sullo
Rizwan Syed
Sullo