Commit Graph

1161 Commits (707b6361b80ecb9ecfe437547438c3a4820c3802)

Author SHA1 Message Date
林寒 707b6361b8
Update CVE-2021-42627.yaml 2022-08-24 11:01:11 +08:00
林寒 48c7a38fa1
fix trailing spaces 2022-08-24 10:52:29 +08:00
林寒 e0e15520c0
Create CVE-2021-42627.yaml 2022-08-24 10:47:25 +08:00
GitHub Action 226c78a313 Auto Generated CVE annotations [Mon May 23 10:54:57 UTC 2022] 🤖 2022-05-23 10:54:57 +00:00
Prince Chaddha c5b8da568f
Merge pull request #4362 from ritikchaddha/patch-49
Update CVE-2021-3223.yaml
2022-05-23 16:15:15 +05:30
Prince Chaddha 1955f01b6a
Update CVE-2021-21745.yaml 2022-05-23 15:56:16 +05:30
GwanYeong Kim 2222ca9605 Create CVE-2021-21745.yaml
ZTE MF971R product has a Referer authentication bypass vulnerability. Without CSRF verification, an attackercould     use this vulnerability to perform illegal authorization operations by sending a request to the user to click.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2022-05-21 14:59:00 +09:00
GitHub Action cb9991092a Auto Generated CVE annotations [Thu May 19 19:35:49 UTC 2022] 🤖 2022-05-19 19:35:49 +00:00
Prince Chaddha be5b6338bf
Merge pull request #4446 from gy741/rule-add-v111
Create CVE-2021-45428.yaml
2022-05-20 00:54:46 +05:30
Prince Chaddha 8cc82f868e
Update CVE-2021-45428.yaml 2022-05-20 00:44:47 +05:30
GitHub Action 4f819d9656 Auto Generated CVE annotations [Thu May 19 19:05:56 UTC 2022] 🤖 2022-05-19 19:05:56 +00:00
Prince Chaddha e2af35b5ac
Update CVE-2021-46422.yaml 2022-05-20 00:05:27 +05:30
Prince Chaddha c29a8699bf
Update CVE-2021-46422.yaml 2022-05-19 23:51:49 +05:30
GwanYeong Kim 7e811151b5 Create CVE-2021-45428.yaml
TLR-2005KSH is affected by an incorrect access control vulnerability. THe PUT method is enabled so an attacker can upload arbitrary files including HTML and CGI formats.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2022-05-19 08:38:13 +09:00
GitHub Action 3115bd2f3a Auto Generated CVE annotations [Wed May 18 21:10:42 UTC 2022] 🤖 2022-05-18 21:10:42 +00:00
MostInterestingBotInTheWorld 5eb6b79331
Dashboard Content Enhancements (#4426)
Dashboard Content Enhancements
2022-05-18 16:58:07 -04:00
GitHub Action 844f04e029 Auto Generated CVE annotations [Wed May 18 17:19:05 UTC 2022] 🤖 2022-05-18 17:19:05 +00:00
Prince Chaddha 7d0507ecb3
Merge pull request #4440 from For3stCo1d/CVE-2021-40822
Create CVE-2021-40822.yaml
2022-05-18 22:34:53 +05:30
Prince Chaddha e741d8ba00
Update CVE-2021-40822.yaml 2022-05-18 22:30:54 +05:30
Prince Chaddha e9800153bb
Update CVE-2021-46422.yaml 2022-05-18 19:31:36 +05:30
林寒 2e85ec8bb8
Create CVE-2021-40822.yaml 2022-05-18 21:04:39 +08:00
GitHub Action cf1a9724f4 Auto Generated CVE annotations [Wed May 18 08:55:27 UTC 2022] 🤖 2022-05-18 08:55:27 +00:00
Prince Chaddha b240abad90
Merge pull request #4430 from projectdiscovery/CVE-2021-46422
Create CVE-2021-46422.yaml
2022-05-18 14:12:50 +05:30
Prince Chaddha 96a05ccd1e
Update CVE-2021-46422.yaml 2022-05-18 14:10:28 +05:30
GitHub Action afa33e5431 Auto Generated CVE annotations [Wed May 18 08:14:19 UTC 2022] 🤖 2022-05-18 08:14:19 +00:00
Prince Chaddha f263e723c2
Create CVE-2021-46422.yaml 2022-05-18 13:31:57 +05:30
Prince Chaddha 7d3456031b
Update and rename CVE-2021-46379.yaml to cves/2021/CVE-2021-46379.yaml 2022-05-18 13:29:23 +05:30
GitHub Action d0832c679e Auto Generated CVE annotations [Tue May 17 20:46:49 UTC 2022] 🤖 2022-05-17 20:46:49 +00:00
Sandeep Singh 6644d6aecb
Added dynamic payload instead of hardcoded one using native deserialization helpers (#4379) 2022-05-18 02:03:23 +05:30
Sandeep Singh b59ff42aaf
additional reference to cves templates (#4395)
* additional reference to cves templates

* Update CVE-2006-1681.yaml

* Update CVE-2009-3318.yaml

* Update CVE-2009-4223.yaml

* Update CVE-2010-0942.yaml

* Update CVE-2010-0944.yaml

* Update CVE-2010-0972.yaml

* Update CVE-2010-1304.yaml

* Update CVE-2010-1308.yaml

* Update CVE-2010-1313.yaml

* Update CVE-2010-1461.yaml

* Update CVE-2010-1470.yaml

* Update CVE-2010-1471.yaml

* Update CVE-2010-1472.yaml

* Update CVE-2010-1474.yaml

* removed duplicate references

* misc fix

Co-authored-by: Prince Chaddha <prince@projectdiscovery.io>
Co-authored-by: Prince Chaddha <cyberbossprince@gmail.com>
2022-05-17 14:48:12 +05:30
MostInterestingBotInTheWorld 83cc50ce3e
Dashboard Content Enhancements (#4411)
* standardizing enhanced by tag

* Fix spacing. Add classification->cve

* Enhancement: cves/2021/CVE-2021-20158.yaml by mp

* Enhancement: cves/2021/CVE-2021-20167.yaml by mp

* Typo

* Enhancement: cves/2021/CVE-2021-20837.yaml by mp

* Enhancement: cves/2021/CVE-2021-21307.yaml by mp

* Enhancement: cves/2021/CVE-2021-21479.yaml by mp

* Enhancement: cves/2021/CVE-2021-21881.yaml by mp

* Enhancement: cves/2021/CVE-2021-21972.yaml by mp

* Enhancement: cves/2021/CVE-2021-21978.yaml by mp

* Enhancement: cves/2021/CVE-2021-22005.yaml by mp

* Enhancement: cves/2021/CVE-2021-22205.yaml by mp

* Enhancement: cves/2021/CVE-2021-22986.yaml by mp

* Enhancement: cves/2021/CVE-2021-24285.yaml by mp

* Enhancement: cves/2021/CVE-2021-24472.yaml by mp

* Enhancement: cves/2021/CVE-2021-20090.yaml by mp

* Enhancement: cves/2021/CVE-2021-20167.yaml by mp

* Enhancement: cves/2021/CVE-2021-21307.yaml by mp

* Enhancement: cves/2021/CVE-2021-21978.yaml by mp

* Enhancement: cves/2021/CVE-2021-21985.yaml by mp

* Enhancement: cves/2021/CVE-2021-21972.yaml by mp

* Enhancement: cves/2021/CVE-2021-22205.yaml by mp

* Enhancement: cves/2021/CVE-2021-22986.yaml by mp

* Enhancement: cves/2021/CVE-2021-24285.yaml by mp

* Restore empty lines

* Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs

* Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs

* Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs

* Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs

* Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs

* Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs

* Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs

* Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs

* Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs

* Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs

* Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs

* Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs

* Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs

* Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs

* Enhancement: undefined by cs

* Enhancement: undefined by cs

* Enhancement: undefined by cs

* Enhancement: undefined by cs

* Enhancement: undefined by cs

* Enhancement: undefined by cs

* Enhancement: undefined by cs

* Remove unnecessary file

* Restore content after bad dashboard edit

* Enhancement: undefined by cs

* Spacing issues

* Enhancement: undefined by cs

* Enhancement: undefined by cs

* Enhancement: undefined by cs

* Enhancement: undefined by cs

* Enhancement: undefined by cs

* Enhancement: undefined by cs

* Enhancement: undefined by cs

* Enhancement: undefined by cs

* Enhancement: undefined by cs

* Enhancement: undefined by cs

* Enhancement: undefined by cs

* Enhancement: undefined by cs

* Enhancement: undefined by cs

* Enhancement: undefined by cs

* Enhancement: undefined by cs

* Enhancement: undefined by cs

* Enhancement: undefined by cs

* Enhancement: undefined by cs

* Enhancement: undefined by cs

* Enhancement: undefined by cs

* Enhancement: undefined by cs

* Enhancement: undefined by cs

* Enhancement: undefined by cs

* Enhancement: undefined by cs

* Enhancement: undefined by cs

* Enhancement: undefined by cs

* Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs

* Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs

* Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs

* Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs

* Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs

* Delete null file created by dashboard

* Remove improper Enhanced tag

* Spacing issues

* Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs

* Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs

* Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs

* Remove test dashboard commits

* Enhancement: cves/2014/CVE-2014-9618.yaml by mp

* Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs

* Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs

* Not really enhanced

* Add classification->cve-id

* Restore content from dashboard mess up

* Enhancement: cves/2014/CVE-2014-9618.yaml by mp

* Enhancement: cves/2014/CVE-2014-9618.yaml by mp

* Restore newlines

* Enhancement: cves/2007/CVE-2007-4556.yaml by mp

* Enhancement: cves/2007/CVE-2007-4556.yaml by mp

* Enhancement: cves/2014/CVE-2014-9618.yaml by mp

* Enhancement: cves/2015/CVE-2015-1427.yaml by mp

* Enhancement: cves/2015/CVE-2015-3224.yaml by mp

* Enhancement: cves/2015/CVE-2015-7450.yaml by mp

* Enhancement: cves/2016/CVE-2016-10134.yaml by mp

* Enhancement: cves/2016/CVE-2016-1555.yaml by mp

* Enhancement: cves/2016/CVE-2016-2004.yaml by mp

* Enhancement: cves/2016/CVE-2016-5649.yaml by mp

* Enhancement: cves/2016/CVE-2016-7552.yaml by mp

* Enhancement: cves/2017/CVE-2017-1000486.yaml by mp

* Enhancement: cves/2017/CVE-2017-11444.yaml by mp

* Spacing issues

* Added better reference

* Enhancement: cves/2017/CVE-2017-12149.yaml by mp

* Enhancement: cves/2017/CVE-2017-12542.yaml by mp

* Enhancement: cves/2017/CVE-2017-12611.yaml by mp

* Enhancement: cves/2017/CVE-2017-12635.yaml by mp

* Enhancement: cves/2017/CVE-2017-14135.yaml by mp

* Enhancement: cves/2017/CVE-2017-3881.yaml by mp

* Enhancement: cves/2017/CVE-2017-7269.yaml by mp

* Enhancement: cves/2017/CVE-2017-8917.yaml by mp

* Enhancement: cves/2017/CVE-2017-9791.yaml by mp

* Enhancement: cves/2015/CVE-2015-1427.yaml by mp

* Enhancement: cves/2017/CVE-2017-12149.yaml by mp

* Enhancement: cves/2017/CVE-2017-12542.yaml by mp

* Enhancement: cves/2017/CVE-2017-8917.yaml by mp

* Spacing and other minor issues

* Update CVE-2015-1427.yaml

* Update CVE-2017-12149.yaml

* Update CVE-2017-12542.yaml

* Update CVE-2017-12635.yaml

* Update CVE-2017-14135.yaml

* Update CVE-2017-3881.yaml

* Update CVE-2017-7269.yaml

* Update CVE-2017-8917.yaml

* Update CVE-2017-9791.yaml

* Enhancement: cnvd/2019/CNVD-2019-19299.yaml by mp

* Enhancement: cnvd/2019/CNVD-2019-32204.yaml by mp

* Enhancement: cnvd/2020/CNVD-2020-68596.yaml by mp

* Enhancement: cnvd/2021/CNVD-2021-09650.yaml by mp

* Enhancement: cnvd/2021/CNVD-2021-26422.yaml by mp

* Enhancement: cnvd/2022/CNVD-2022-03672.yaml by mp

* Enhancement: cves/2017/CVE-2017-9841.yaml by mp

* Enhancement: cves/2018/CVE-2018-0127.yaml by mp

* Enhancement: cves/2018/CVE-2018-1000226.yaml by mp

* Enhancement: cves/2018/CVE-2018-1000861.yaml by mp

* Enhancement: cves/2018/CVE-2018-10562.yaml by mp

* Enhancement: cves/2018/CVE-2018-12031.yaml by mp

* Enhancement: cves/2018/CVE-2018-1207.yaml by mp

* Enhancement: cves/2018/CVE-2018-12634.yaml by mp

* Enhancement: cves/2018/CVE-2018-1273.yaml by mp

* Enhancement: cves/2018/CVE-2018-16763.yaml by mp

* Enhancement: cves/2018/CVE-2018-16167.yaml by mp

* Enhancement: cves/2018/CVE-2018-14916.yaml by mp

* Enhancement: cves/2018/CVE-2018-14064.yaml by mp

* Enhancement: cves/2018/CVE-2018-13379.yaml by mp

* Enhancement: cves/2017/CVE-2017-9841.yaml by mp

* Enhancement: cves/2018/CVE-2018-1000861.yaml by mp

* Enhancement: cves/2018/CVE-2018-10562.yaml by mp

* Enhancement: cves/2018/CVE-2018-12031.yaml by mp

* Enhancement: cves/2018/CVE-2018-1207.yaml by mp

* Enhancement: cves/2018/CVE-2018-12634.yaml by mp

* Enhancement: cves/2018/CVE-2018-13379.yaml by mp

* Enhancement: cves/2018/CVE-2018-14916.yaml by mp

* Enhancement: cves/2018/CVE-2018-16167.yaml by mp

* Enhancement: cves/2018/CVE-2018-16763.yaml by mp

* Cleanup and spacing

* Remove blank cve-id lines

* Enhancement: cves/2018/CVE-2018-16836.yaml by mp

* Enhancement: cves/2018/CVE-2018-17246.yaml by mp

* Enhancement: cves/2018/CVE-2018-17431.yaml by mp

* Enhancement: cves/2018/CVE-2018-18925.yaml by mp

* Enhancement: cves/2018/CVE-2018-20985.yaml by mp

* Enhancement: cves/2018/CVE-2018-2894.yaml by mp

* Enhancement: cves/2018/CVE-2018-3810.yaml by mp

* Enhancement: cves/2018/CVE-2018-7600.yaml by mp

* Enhancement: cves/2018/CVE-2018-7600.yaml by mp

* Enhancement: cves/2018/CVE-2018-7602.yaml by mp

* Enhancement: cves/2018/CVE-2018-9161.yaml by mp

* Enhancement: cves/2018/CVE-2018-16836.yaml by mp

* Enhancement: cves/2018/CVE-2018-17431.yaml by mp

* Many title clean-ups for more standardization.
Some vendor name clean-up

* Enhancement: cves/2018/CVE-2018-20985.yaml by mp

* Enhancement: cves/2018/CVE-2018-3810.yaml by mp

* Spacing issues

* Remove 2 blank newlines

* Enhancement: vulnerabilities/other/tamronos-rce.yaml by cs

* Enhancement: cves/2018/CVE-2018-9845.yaml by mp

* Enhancement: cves/2018/CVE-2018-9995.yaml by mp

* Enhancement: cves/2019/CVE-2019-0230.yaml by mp

* Enhancement: cves/2019/CVE-2019-16920.yaml by mp

* Enhancement: cves/2019/CVE-2019-17270.yaml by mp

* Enhancement: cves/2019/CVE-2019-17382.yaml by mp

* Enhancement: cves/2019/CVE-2019-17444.yaml by mp

* Enhancement: cves/2019/CVE-2019-17506.yaml by mp

* Enhancement: cves/2020/CVE-2020-10148.yaml by mp

* Enhancement: cves/2020/CVE-2020-11710.yaml by mp

* Enhancement: cves/2020/CVE-2020-11854.yaml by mp

* Enhancement: cves/2020/CVE-2020-12800.yaml by mp

* Enhancement: cves/2020/CVE-2020-13117.yaml by mp

* Enhancement: cves/2020/CVE-2020-13167.yaml by mp

* Enhancement: cves/2020/CVE-2020-13927.yaml by mp

* Enhancement: cves/2020/CVE-2020-13942.yaml by mp

* Spacing, syntax error

* Spacing, correct this time.

* Enhancement: cves/2020/CVE-2020-15920.yaml by mp

* Enhancement: cves/2020/CVE-2020-29227.yaml by mp

* Enhancement: cves/2021/CVE-2021-24499.yaml by mp

* Enhancement: cves/2021/CVE-2021-24762.yaml by mp

* Enhancement: cves/2018/CVE-2018-9995.yaml by mp

* Enhancement: cves/2019/CVE-2019-0230.yaml by mp

* Enhancement: cves/2019/CVE-2019-17444.yaml by mp

* Enhancement: cves/2020/CVE-2020-10148.yaml by mp

* Enhancement: cves/2020/CVE-2020-11854.yaml by mp

* Enhancement: cves/2020/CVE-2020-13167.yaml by mp

* Enhancement: cves/2020/CVE-2020-13927.yaml by mp

* Enhancement: cves/2020/CVE-2020-15920.yaml by mp

* Enhancement: cves/2021/CVE-2021-24499.yaml by mp

* Extra newlines and one sp;acing issue

* Update CVE-2018-9995.yaml

* Update CVE-2019-0230.yaml

* Update CVE-2019-16920.yaml

* Update CVE-2019-17270.yaml

* Update CVE-2019-17382.yaml

* Update CVE-2019-17444.yaml

* Update CVE-2019-17506.yaml

* Update CVE-2020-10148.yaml

* Update CVE-2020-11710.yaml

* Update CVE-2020-11854.yaml

* Update CVE-2020-12800.yaml

* Update CVE-2020-13167.yaml

* Update CVE-2020-13927.yaml

* Update CVE-2020-13942.yaml

* Update CVE-2020-15920.yaml

* Update CVE-2020-29227.yaml

* Update CVE-2021-24499.yaml

* Update CVE-2021-24762.yaml

Co-authored-by: sullo <sullo@cirt.net>
Co-authored-by: Prince Chaddha <prince@projectdiscovery.io>
2022-05-17 14:41:26 +05:30
Prince Chaddha 565b183905
false negative
The current template will result in false negatives for this CVE, so we need to create a headless template
2022-05-17 13:26:59 +05:30
Prince Chaddha 0deea2ce88
Merge pull request #4408 from daffainfo/patch-23
Update CVE-2021-27330
2022-05-17 12:34:56 +05:30
Prince Chaddha e5ef699566
Update CVE-2021-27330.yaml 2022-05-17 12:31:28 +05:30
Prince Chaddha 2010c97355
Update CVE-2021-46424.yaml 2022-05-17 11:47:22 +05:30
GwanYeong Kim f06f02b0c1 Create CVE-2021-46424.yaml
Telesquare TLR-2005KSH 1.0.0 is affected by an arbitrary file deletion vulnerability that allows a remote attacker to delete any file, even system internal files, via a DELETE request.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2022-05-17 14:35:45 +09:00
Muhammad Daffa 262d638222
Adding google dork, fix path, adding some matchers 2022-05-17 00:16:14 +07:00
sandeep 22ab0f9d53 minor matcher update 2022-05-15 04:48:52 +05:30
GitHub Action 3f66b769c1 Auto Generated CVE annotations [Sat May 14 23:03:15 UTC 2022] 🤖 2022-05-14 23:03:15 +00:00
Dhiyaneshwaran a3ce25a5a6
Authenticated Wordpress XSS Templates (#4398)
* Create CVE-2021-25075.yaml

* Create seo-redirection-xss.yaml
2022-05-15 04:32:53 +05:30
MostInterestingBotInTheWorld 581b7a627b
Dashboard Content Enhancements (#4381)
Dashboard Content Enhancements
2022-05-13 16:26:43 -04:00
Prince Chaddha 5e38345931
Merge pull request #4386 from Akokonunes/patch-146
Create CVE-2021-20124.yaml
2022-05-13 18:34:48 +05:30
Prince Chaddha 0481125ecb
Update and rename CVE-2021-20124.yaml to cves/2021/CVE-2021-20124.yaml 2022-05-13 15:35:36 +05:30
Prince Chaddha c6f34b351b
Update and rename CVE-2021-20123.yaml to cves/2021/CVE-2021-20123.yaml 2022-05-13 15:25:01 +05:30
Ritik Chaddha 27a039a70c
Update metadata query (#4350)
* Update adobe-component-login.yaml

* Update cold-fusion-cfcache-map.yaml

* Update unpatched-coldfusion.yaml

* Update coldfusion-debug-xss.yaml

* Update CVE-2020-11978.yaml

* Update CVE-2020-13927.yaml

* Update CVE-2021-38540.yaml

* Update CVE-2021-44451.yaml

* Update CVE-2022-24288.yaml

* Update airflow-debug.yaml

* Update airflow-detect.yaml

* Update CVE-2010-0219.yaml

* Update apache-axis-detect.yaml

* Update CVE-2020-11991.yaml

* Update apache-cocoon-detect.yaml

* Update CVE-2021-21402.yaml

* Update jellyfin-detect.yaml

* Update CVE-2021-21402.yaml

* Update CVE-2021-21402.yaml

* Update ecology-arbitrary-file-upload.yaml

* Update ecology-v8-sqli.yaml

* Update ecology-syncuserinfo-sqli.yaml

* Update ecology-filedownload-directory-traversal.yaml

* Update CNVD-2021-15822.yaml

* Update dedecms-carbuyaction-fileinclude.yaml

* Update dedecms-openredirect.yaml

* Update tamronos-rce.yaml

* Update natshell-path-traversal.yaml
2022-05-12 19:48:36 +05:30
Ritik Chaddha f9120595d2
Update CVE-2021-3223.yaml 2022-05-11 18:39:39 +05:30
Ritik Chaddha 2068a8cacf
Update CVE-2021-3223.yaml 2022-05-11 18:32:11 +05:30
MostInterestingBotInTheWorld 73e289527d
Dashboard Content Enhancements (#4339)
* Spacing issues
2022-05-09 12:16:12 -04:00
MostInterestingBotInTheWorld 9ff9285916
Dashboard Content Enhancements (#4338)
Dashboard Content Enhancements
2022-05-09 12:12:52 -04:00
vrenzolaverace f0a431bcc8
Add CVE-2021-37416 (#4235)
* Add CVE-2022-0208

* misc updates

* Add CVE-2021-37416

* Added metadata + additional page specific matcher

* additional metadata

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-05-09 15:21:53 +05:30