daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
13,174 Commits
12 Branches
0 Tags
148 MiB
Commit Graph

727 Commits (6be998f1e999674cab5bcd4e459549dd6e84ffe0)

Author SHA1 Message Date
Prince Chaddha 2ed4e8a966
Merge pull request #3421 from pikpikcu/patch-311 
Create sponip-network-system-ping-rce
 2022-01-03 10:28:00 +05:30
Prince Chaddha ba686ad67f
Update and rename accent-microcomputers-lfi.yaml to vulnerabilities/other/accent-microcomputers-lfi.yaml 2022-01-03 10:24:12 +05:30
Prince Chaddha b70b9bcbf1
Update and rename sofneta-mecdream-pacs-server-lfi.yaml to sofneta-mecdream-pacs-lfi.yaml 2022-01-03 10:21:00 +05:30
Prince Chaddha 139b04c9b6
Update and rename jinfornet-jreport-lfi.yaml to vulnerabilities/other/jinfornet-jreport-lfi.yaml 2022-01-03 10:01:12 +05:30
Prince Chaddha cb9fdbd7cc
Update and rename sofneta-mecdream-pacs-server-lfi.yaml to vulnerabilities/other/sofneta-mecdream-pacs-server-lfi.yaml 2021-12-29 11:28:09 +05:30
Prince Chaddha 4ba5e931cc
Update sl-studio-lfi.yaml 2021-12-29 09:20:13 +05:30
Prince Chaddha b7974b288e
Update and rename sl-studio-lfi.yaml to vulnerabilities/other/sl-studio-lfi.yaml 2021-12-29 09:16:32 +05:30
Prince Chaddha 955c71fa50
Update sponip-network-system-ping-rce.yaml 2021-12-24 20:24:40 +05:30
PikPikcU 51843e1e62
Create sponip-network-system-ping-rce.yaml 2021-12-24 09:30:31 -05:00
Prince Chaddha 0ddd4c7911
Update and rename dicoogle-pacs-lfi.yaml to vulnerabilities/other/dicoogle-pacs-lfi.yaml 2021-12-24 19:23:04 +05:30
niudaii 8289e92291
Fixed h3c-imc-rce.yaml (#3401) 
* Fixed h3c-imc-rce.yaml

* Update h3c-imc-rce.yaml

* Additional payload for windows

Co-authored-by: niudai <niudai@zp857s-mbp.local>
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
 2021-12-23 20:23:42 +05:30
Sandeep Singh c57984b8f8
Added UniFi Network Log4j JNDI RCE (#3402) 
Co-Authored-By: KrE80r <13027962+KrE80r@users.noreply.github.com>

Co-authored-by: KrE80r <13027962+KrE80r@users.noreply.github.com>
 2021-12-23 08:57:03 +05:30
Melvin 7933cfc470
Removing extra space from raw HTTP request 
Should prevent issues with parsing this request
 2021-12-22 13:33:51 +01:00
Prince Chaddha 6e6349205d
Update and rename pacsone-server-6-6-2-lfi.yaml to vulnerabilities/other/pacsone-server-lfi.yaml 2021-12-21 17:32:19 +05:30
Sandeep Singh 7a5cdc2bc3
Added ServiceNow Helpdesk Credential Exposure (#3371) 
* Added ServiceNow Helpdesk Credential Exposure

Co-Authored-By: JP <19959240+jordanpotti@users.noreply.github.com>

* matcher update

Co-authored-by: JP <19959240+jordanpotti@users.noreply.github.com>
 2021-12-19 23:42:01 +05:30
Prince Chaddha dcf3f57bdf
Merge pull request #3373 from projectdiscovery/princechaddha-patch-2 
Create global-domains-xss.yaml
 2021-12-18 15:02:06 +05:30
Prince Chaddha 71027cbc79
Merge pull request #3357 from Akokonunes/patch-90 
Create global-domains-lfi.yaml
 2021-12-18 14:52:35 +05:30
Prince Chaddha 3b067a1aca
Create global-domains-xss.yaml 2021-12-18 14:51:08 +05:30
Prince Chaddha 0f40857119
Update and rename global-domains-lfi.yaml to vulnerabilities/other/global-domains-lfi.yaml 2021-12-18 14:43:28 +05:30
Prince Chaddha 9a4941d995
Merge pull request #3356 from Akokonunes/patch-89 
Create groupoffice-lfi.yaml
 2021-12-18 14:33:42 +05:30
Prince Chaddha 7b39972bfd
Merge pull request #3367 from gy741/rule-add-v80 
Create oliver-library-server-lfi.yaml
 2021-12-18 14:33:23 +05:30
Prince Chaddha c6521085b7
Update groupoffice-lfi.yaml 2021-12-18 14:32:09 +05:30
Prince Chaddha 4747277a4e
Update and rename asanhamayesh-cms-lfi.yaml to vulnerabilities/other/asanhamayesh-lfi.yaml 2021-12-18 14:28:39 +05:30
Prince Chaddha 35faabd29f
Update and rename groupoffice-lfi.yaml to vulnerabilities/other/groupoffice-lfi.yaml 2021-12-18 14:26:46 +05:30
Prince Chaddha 8afbfdc8dc
Update and rename oliver-library-server-lfi.yaml to oliver-library-lfi.yaml 2021-12-18 14:23:57 +05:30
GwanYeong Kim 4fdb934da0 Create oliver-library-server-lfi.yaml 
An arbitrary file download vulnerability in Oliver v5 Library Server Versions < 8.00.008.053 via the FileServlet function allows for arbitrary file download by an attacker using unsanitized user supplied input.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
 2021-12-18 10:55:28 +09:00
sandeep c9ddd7a0ae update: id + reference update 2021-12-14 21:07:46 +05:30
Evan Rubinstein dddb0bbb82
Added CVE-2021-24997 (#3298) 
* Added CVE-39226

* Added CVE-39226

* Delete CVE-39226.yaml

* Renamed CVE-39226 to CVE-2021-39226

Fixed naming error

* Added Wp-Guppy-Information-Disclosure template

* Removed File

Found better descriptor

* Added CVE-2021-24997

Added WordPress Guppy Information Disclosure CVE

* Fixed CVE-2021-24997

Fixed YAML formatting

* Fixed Typo

URL Path had an extra double quote

* Auto Generated Templates Stats [Wed Dec  8 23:07:24 UTC 2021] 🤖

* Deleted Blank Space

* Update CVE-2021-24997.yaml

* Update CVE-2021-24997.yaml

* Update CVE-2021-24997.yaml

* Update CVE-2021-24997.yaml

* Added CVE-2021-43496

* Update CVE-2021-43496.yaml

* fix: syntax update

* Added New Vuln

* Update CVE-2021-24997.yaml

* Update CVE-2021-43496.yaml

* Update and rename hd-netowrk-realtime-monitor-system-LFI.yaml to hdnetwork-realtime-lfi.yaml

* fix: lints update

Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
Co-authored-by: GitHub Action <action@github.com>
Co-authored-by: Prince Chaddha <prince@projectdiscovery.io>
 2021-12-14 02:22:26 +05:30
sandeep 51944ab6a2 fix: lints update 2021-12-14 02:14:35 +05:30
Prince Chaddha 6b007f48e7
Update and rename hd-netowrk-realtime-monitor-system-LFI.yaml to hdnetwork-realtime-lfi.yaml 2021-12-14 00:47:37 +05:30
Evan Rubinstein f52b1f0d55
Added New Vuln 2021-12-13 05:01:48 -05:00
Prince Chaddha 0e94557017
Merge pull request #3248 from pikpikcu/patch-307 
added thruk-xss
 2021-12-09 22:01:56 +05:30
Prince Chaddha f476c5ff5b
Update thruk-xss.yaml 2021-12-09 21:58:15 +05:30
Prince Chaddha d35a55f7b4
Update and rename watchguard-fireware-ad-helper-component-credentials-disclosure.yaml to watchguard-credentials-disclosure.yaml 2021-12-09 21:05:13 +05:30
GwanYeong Kim bde4e1815a Create watchguard-fireware-ad-helper-component-credentials-disclosure.yaml 
a credential-disclosure vulnerability in the AD Helper component of the WatchGuard Fireware Threat Detection and Response (TDR) service, which allows unauthenticated attackers to gain Active Directory credentials for a Windows domain in plaintext.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
 2021-12-09 16:02:48 +09:00
sandeep 9da0d768a1 fix: syntax + lint 2021-12-03 10:37:42 +05:30
PikPikcU 83f6b2a153
Update thruk-xss.yaml 2021-12-02 19:07:50 +07:00
PikPikcU 435eeca764
Create thruk-xss.yaml 2021-12-02 19:02:40 +07:00
Noam Rathaus 725782050a Add description 2021-11-23 12:09:00 +02:00
Prince Chaddha 1e31e0f76d
Update and rename eibiz-server-3-8-0-lfi.yaml to vulnerabilities/other/eibiz-lfi.yaml 2021-11-18 21:52:30 +05:30
Prince Chaddha 4eb84d7802
Merge pull request #3131 from Akokonunes/patch-70 
Create hrsale-unauthenticated-lfi.yaml
 2021-11-13 23:46:11 +05:30
Prince Chaddha 9a227941a1
Rename hrsale-unauthenticated-lfi.yaml to vulnerabilities/other/hrsale-unauthenticated-lfi.yaml 2021-11-13 23:37:32 +05:30
sandeep b2aa8f9f5b misc updates 2021-11-13 23:01:53 +05:30
sandeep 35bfff6f61 Added skip-variables-check for SSTI template 2021-11-09 22:16:37 +05:30
sandeep cb74944f43 misc updates 2021-11-08 15:45:54 +05:30
Prince Chaddha c51bbf8715
Merge pull request #3099 from ImNightmaree/master 
Create ecshop-sql.yaml
 2021-11-08 13:44:54 +05:30
Prince Chaddha 5a6c30c7cf
Update ecshop-sqli.yaml 2021-11-08 13:42:44 +05:30
Prince Chaddha 85741bbcf9
Update and rename ecshop-sql.yaml to ecshop-sqli.yaml 2021-11-08 13:42:13 +05:30
Prince Chaddha 06bb1f444c
Update seowon-router-rce.yaml 2021-11-08 12:49:37 +05:30
Prince Chaddha 7973948360
Update seowon-router-rce.yaml 2021-11-08 12:43:14 +05:30
GwanYeong Kim 6183e248d8 Create seowon-router-rce.yaml 
Execute commands without authentication as admin user, To use it in all versions, we only enter the router ip & Port(if available) in the request The result of the request is visible on the browser page

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
 2021-11-07 14:50:39 +09:00
ImNightmaree 797d9066a1
More linting 2021-11-07 02:49:07 +00:00
ImNightmaree b77df460dd
Linting 2021-11-07 02:39:21 +00:00
ImNightmaree bbecf3965a
Update ecshop-sql.yaml 2021-11-07 02:36:28 +00:00
ImNightmaree 38135df2a6
Update ecshop-sql.yaml 2021-11-07 02:30:38 +00:00
ImNightmaree f37527101c
Create ecshop-sql.yaml 2021-11-07 02:03:09 +00:00
Prince Chaddha a57cb5081a
Update vanguard-post-xss.yaml 2021-11-05 21:36:53 +05:30
sandeep eef5252cc5 file name update 2021-11-05 06:01:59 +05:30
sandeep 8c3f98c767 fixed invalid template syntax 2021-10-30 16:47:35 +05:30
Noam Rathaus 9848f92894 Add description 2021-10-27 14:06:15 +03:00
Noam Rathaus 14ae8e3f59 Add description 2021-10-27 14:05:11 +03:00
Noam Rathaus 3a02b7c325 Add description 2021-10-27 14:04:00 +03:00
Noam Rathaus f1cf6fd9a7 Add description 2021-10-27 14:03:22 +03:00
Noam Rathaus d5d2ed0a0e Add description 2021-10-27 13:52:34 +03:00
Noam Rathaus c9efc02223 Add description 2021-10-26 15:29:20 +03:00
Noam Rathaus 093a495b5f Add description 2021-10-26 15:28:43 +03:00
Noam Rathaus 25f7c812c2 Add description 2021-10-26 15:27:57 +03:00
Noam Rathaus 5d98d22416 Add description 2021-10-26 15:27:16 +03:00
Noam Rathaus 8adbf37ab4 Add description 2021-10-26 15:26:10 +03:00
Noam Rathaus 57bae34cb9 Add description 2021-10-26 15:25:34 +03:00
Noam Rathaus 4c0e8bae7e Add description 2021-10-26 15:24:26 +03:00
Noam Rathaus dcf402cfa4 Add description 2021-10-26 15:23:43 +03:00
Noam Rathaus 7d0c8669a3 Add description 2021-10-26 15:22:21 +03:00
Noam Rathaus 9c96179595 Fix description 2021-10-26 12:45:16 +03:00
Noam Rathaus 081a2546fe Add description 2021-10-25 12:59:08 +03:00
Noam Rathaus e4018d4a0c Add description 2021-10-25 12:58:22 +03:00
Noam Rathaus f9fb282770 Add description 2021-10-25 12:57:40 +03:00
Noam Rathaus 319c8a830e Add description 2021-10-25 12:56:03 +03:00
Noam Rathaus 3029da4ceb Add description 2021-10-25 12:55:23 +03:00
Noam Rathaus 9f8270bb7a Add description 2021-10-25 12:54:49 +03:00
Noam Rathaus e9bd13da3e Product name is 'OA' 2021-10-25 10:07:28 +03:00
Noam Rathaus a3d1ca6b81 Description 2021-10-25 10:06:44 +03:00
Noam Rathaus 130e5b1ff5 add description 2021-10-25 10:01:03 +03:00
Noam Rathaus d03fce098e Add description 2021-10-25 09:58:59 +03:00
Noam Rathaus 5636579be1 Non-broken link 2021-10-25 09:57:47 +03:00
Noam Rathaus ee82e5c591 Add description 2021-10-25 09:56:44 +03:00
Noam Rathaus 8ad49535b0 Add description 2021-10-24 12:38:06 +03:00
sandeep c66ad46464 more metadata update 2021-10-22 23:24:21 +05:30
sandeep 2d5beca867 metadata update 2021-10-22 23:23:25 +05:30
Noam Rathaus 07472bb021 Add description 2021-10-21 14:21:38 +03:00
Noam Rathaus ae55315ec6 Improve description 2021-10-21 14:15:52 +03:00
Noam Rathaus 7e4cd54f9e Add description 2021-10-21 14:13:53 +03:00
Noam Rathaus 379513c015 Make description more clear 2021-10-21 08:55:02 +03:00
Noam Rathaus 691dab8a52 Add description 2021-10-21 08:51:56 +03:00
Noam Rathaus fde188d253 Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates 2021-10-21 08:32:04 +03:00
Sandeep Singh a21cec6362
Merge pull request #2844 from projectdiscovery/more-fixes 
Changes to adopt v2.5.3 engine
 2021-10-21 07:21:20 +05:30
Noam Rathaus cfa3a798f3 Add description 2021-10-19 13:17:58 +03:00
Noam Rathaus e45550f4ed Add description 2021-10-19 13:10:34 +03:00
Noam Rathaus d1684e7d67 Add description 2021-10-19 13:10:29 +03:00
Noam Rathaus 5c910ab3b4 Add description 2021-10-19 13:03:41 +03:00