Commit Graph

2564 Commits (72dae5337fa0fb97684d1602b9586320f659f4d0)

Author SHA1 Message Date
Prince Chaddha 865cced275
Merge pull request #4759 from projectdiscovery/shortpixel-image-optimizer-xss
Create shortpixel-image-optimizer-xss.yaml
2022-07-06 15:35:19 +05:30
Prince Chaddha 6a0c3c9892
Create modula-image-gallery-xss.yaml 2022-07-06 15:32:14 +05:30
Prince Chaddha 0509c8c372
Update woocommerce-pdf-invoices-xss.yaml 2022-07-06 15:31:47 +05:30
Prince Chaddha 85976d219f
Update shortpixel-image-optimizer-xss.yaml 2022-07-06 15:31:26 +05:30
Prince Chaddha 067658568e
Create shortpixel-image-optimizer-xss.yaml 2022-07-06 15:26:41 +05:30
Prince Chaddha 9353c41e78
Update woocommerce-pdf-invoices-xss.yaml 2022-07-06 15:25:31 +05:30
Prince Chaddha fac95562b9
Update woocommerce-pdf-invoices-xss.yaml 2022-07-06 15:19:30 +05:30
Prince Chaddha daca40f05e
Create woocommerce-pdf-invoices-xss.yaml 2022-07-06 15:13:25 +05:30
Bojan Zdrnja 056ef1ba38
Update jenkins-script.yaml (#4752)
* Update jenkins-script.yaml

The Jenkins console (with the latest version) in the response body does not contain Scriptconsole, but contains "Script Console".

* additional matcher update

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-07-06 02:39:28 +05:30
Ritik Chaddha ab4b46a0e5
Create elFinder-path-traversal.yaml 2022-07-05 08:40:51 +05:30
Prince Chaddha 1bd96f8902
Update and rename misconfiguration/vulnerabilities/other/umbraco-base-ssrf.yaml to vulnerabilities/other/umbraco-base-ssrf.yaml 2022-07-05 08:23:51 +05:30
Ritik Chaddha f55d13f03b Update jira-unauthenticated-user-picker.yaml 2022-07-04 18:48:18 +05:30
Ritik Chaddha f575393fcb Update jira-unauthenticated-screens.yaml 2022-07-04 18:48:16 +05:30
Ritik Chaddha 89d1dc600b Update jira-unauthenticated-resolutions.yaml 2022-07-04 18:48:14 +05:30
Ritik Chaddha 0ccac6cf52 Update jira-unauthenticated-projects.yaml 2022-07-04 18:48:12 +05:30
Ritik Chaddha b94e52a340 Update jira-unauthenticated-projectcategories.yaml 2022-07-04 18:48:10 +05:30
Ritik Chaddha cfc4ce1ee5 Update jira-unauthenticated-installed-gadgets.yaml 2022-07-04 18:48:08 +05:30
Ritik Chaddha 2b5f222a01 Update jira-unauthenticated-dashboards.yaml 2022-07-04 18:48:06 +05:30
Ritik Chaddha cad9b674dc Update jira-unauthenticated-adminprojects.yaml 2022-07-04 18:48:04 +05:30
Ritik Chaddha e855d0d067 Update jira-service-desk-signup.yaml 2022-07-04 18:48:00 +05:30
Prince Chaddha 1dccc86c88
Create wp-insert-php-xss.yaml 2022-07-04 17:31:46 +05:30
Prince Chaddha 255b2cf91d Revert "Create wp-insert-php-xss.yaml"
This reverts commit 415ba61d73.
2022-07-04 17:30:26 +05:30
Prince Chaddha 415ba61d73
Create wp-insert-php-xss.yaml 2022-07-04 17:29:53 +05:30
Prince Chaddha 84aedb39bc
Merge pull request #4736 from ritikchaddha/Update-shodan/fofa-links-to-search-query
Update shodan/fofa links to query
2022-07-04 16:56:06 +05:30
Arm!tage 1e7f5d7bed
Classify (#4735)
* Auto Generated CVE annotations [Sun May 15 12:16:57 UTC 2022] 🤖

* Auto Generated CVE annotations [Mon Jun  6 03:02:54 UTC 2022] 🤖

* classify these templates

* misc update

Co-authored-by: GitHub Action <action@github.com>
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-07-04 14:17:10 +05:30
Ritik Chaddha 2a4070fc15 Update shodan/fofa links to query 2022-07-04 14:16:15 +05:30
Prince Chaddha db5029fc61
Update cors-misconfig.yaml 2022-07-02 15:50:54 +05:30
Prince Chaddha 79051fe0e7
Merge pull request #4712 from conitrade/hotfix/cors-path
use path for CORS GET request
2022-07-02 15:48:48 +05:30
Prince Chaddha 123746b30e
Update and rename sym404.yaml to wp-sym404.yaml 2022-07-02 09:22:28 +05:30
Prince Chaddha 66cb988803
Update wp-all-export-xss.yaml 2022-07-01 23:56:05 +05:30
Prince Chaddha f5fe9bd9c0
Create wp-all-export-xss.yaml 2022-07-01 23:54:26 +05:30
Prince Chaddha 3a2f976390
Merge pull request #4720 from ritikchaddha/patch-96
Create siteminder-dom-based-xss.yaml
2022-07-01 19:03:05 +05:30
Prince Chaddha 529ad9f336
Update siteminder-dom-xss.yaml 2022-07-01 19:01:25 +05:30
Prince Chaddha 03b780fdf3
Update and rename siteminder-dom-based-xss.yaml to siteminder-dom-xss.yaml 2022-07-01 18:59:21 +05:30
sullo 0db06d6b15
Dead Site Removal (#4641)
* Deleted buffalo-config-injection.yaml
Add reference from buffalo-config-injection.yaml to CVE-2021-20091.yaml

* Delete vulnerabilities/other/buffalo-config-injection.yaml

* Link cleanups

* Change links to Secunia to point to archive.org

* Additonal link cleanup

* replace securitytracker.com links with archive.org links
2022-07-01 15:32:07 +05:30
Ritik Chaddha da535f4c0c
Create siteminder-dom-based-xss.yaml 2022-07-01 14:10:29 +05:30
Alexander Sennhauser 9e874954c0 use path for CORS GET request
This allows to test endpoints which do not end with a single slash (i.e. '/')
by specifying the path as a variable (e.g. -var Path=/v1/test).
2022-06-30 15:04:02 +02:00
Prince Chaddha 42bcf03924
Merge pull request #4710 from ritikchaddha/patch-92
Create parallels-hsphere-xss.yaml
2022-06-30 18:02:29 +05:30
Sandeep Singh 6f6909cb38
template syntax fixes (#4711) 2022-06-30 16:49:17 +05:30
Ritik Chaddha d7e182c693
Update parallels-hsphere-xss.yaml 2022-06-30 16:30:01 +05:30
Ritik Chaddha 4c862b96cf
Create parallels-hsphere-xss.yaml 2022-06-30 16:23:38 +05:30
Ritik Chaddha 4f913c95aa
Update dedecms-membergroup-sqli.yaml 2022-06-30 09:22:06 +05:30
Ritik Chaddha b7d0d6f21a
Update zcms-v3-sqli.yaml 2022-06-30 08:50:00 +05:30
Ritik Chaddha d81a48e31e
Update xdcms-sqli.yaml 2022-06-30 08:48:00 +05:30
Ritik Chaddha 28e6e03fc5
Update wuzhicms-sqli.yaml 2022-06-30 08:46:19 +05:30
Ritik Chaddha be8560b788
Update seacms-sqli.yaml 2022-06-30 08:43:38 +05:30
Ritik Chaddha 9ecfdf9a0a
Update etouch-v2-sqli.yaml 2022-06-30 08:35:53 +05:30
Ritik Chaddha 967628302d
Update phpok-sqli.yaml 2022-06-30 08:32:35 +05:30
Ritik Chaddha 8ddb1d70da
Update yonyou-u8-oa-sqli.yaml 2022-06-30 08:32:02 +05:30
Ritik Chaddha 9b793127c3
Update phpok-sqli.yaml 2022-06-30 08:31:16 +05:30
Ritik Chaddha 5729e6486a
Update finecms-sqli.yaml 2022-06-30 08:30:16 +05:30
Ritik Chaddha b1f9fc94d6
Update 74cms-sqli.yaml 2022-06-30 08:29:32 +05:30
Ritik Chaddha f1a0cc6cc5
Update duomicms-sql-injection.yaml 2022-06-30 08:24:58 +05:30
Ritik Chaddha 8ab77083cc
Update duomicms-sql-injection.yaml 2022-06-30 08:18:22 +05:30
sandeep a5e29b684a lint fixes 2022-06-28 19:20:23 +05:30
Ritik Chaddha bd3cfa7e4a
Update duomicms-sql-injection.yaml 2022-06-28 18:29:31 +05:30
Ritik Chaddha 29d7c43cdb
Update 74cms-sqli.yaml 2022-06-28 15:23:44 +05:30
Ritik Chaddha 51aadcdb36
Update yonyou-u8-oa-sqli.yaml 2022-06-28 15:14:07 +05:30
Ritik Chaddha 913f3239ab
Update finecms-sqli.yaml 2022-06-28 14:57:21 +05:30
Ritik Chaddha 8234a29c97
Update phpok-sqli.yaml 2022-06-28 14:22:58 +05:30
Prince Chaddha a55edcdca4
Create wpify-woo-czech-xss.yaml 2022-06-28 08:00:31 +05:30
Prince Chaddha 17e1643c64 Revert "Create wpify-woo-czech-xss.yaml"
This reverts commit 6d44b2ee90.
2022-06-28 07:59:11 +05:30
Prince Chaddha 6d44b2ee90
Create wpify-woo-czech-xss.yaml 2022-06-28 07:57:59 +05:30
Prince Chaddha 3f4a9f8783
Merge pull request #4667 from projectdiscovery/new-user-approve-xss
Create new-user-approve-xss.yaml
2022-06-25 14:54:51 +05:30
Prince Chaddha aee8f69c5a
Merge pull request #4663 from ritikchaddha/patch-89
Added reference sym404.yaml
2022-06-25 14:14:34 +05:30
Prince Chaddha 0c4c64ed5c
Create new-user-approve-xss.yaml 2022-06-25 14:11:05 +05:30
Krishna Agarwal 75c6c22a27
Added URL encoded payload (#4664) 2022-06-25 12:38:56 +05:30
Ritik Chaddha 101b139dfd
Update sym404.yaml 2022-06-25 01:02:35 +05:30
Prince Chaddha c49c2abeeb
Merge pull request #4657 from DhiyaneshGeek/master
Create sym404.yaml
2022-06-25 00:39:59 +05:30
Prince Chaddha 4880b0fa67
Update sym404.yaml 2022-06-25 00:36:26 +05:30
Prince Chaddha 74463d0e9f
Merge pull request #4652 from ritikchaddha/patch-85
Create royalevent-stored-xss.yaml
2022-06-25 00:16:05 +05:30
Prince Chaddha de213e905d
Update sym404.yaml 2022-06-25 00:15:02 +05:30
Dhiyaneshwaran 5b0461286c
Update sym404.yaml 2022-06-24 15:25:56 +01:00
Prince Chaddha 5376bf09d3
Update and rename royalevent-management-xss.yaml to royalevent-stored-xss.yaml 2022-06-24 00:15:44 +05:30
Prince Chaddha 59b74c82bd
Merge pull request #4651 from ritikchaddha/patch-84
Create royalevent-management-xss.yaml
2022-06-24 00:11:37 +05:30
Prince Chaddha 98034728fc
Update and rename vulnerabilities/other/royalevent-management-xss.yaml to vulnerabilities/other/royalevent/royalevent-management-xss.yaml 2022-06-24 00:10:24 +05:30
Prince Chaddha 4338eea2ec
Rename vulnerabilities/other/royalevent-management-xss.yaml to vulnerabilities/other/royalevent/royalevent-management-xss.yaml 2022-06-24 00:09:06 +05:30
Prince Chaddha a66f548304
Update royalevent-management-xss.yaml 2022-06-24 00:05:48 +05:30
Dhiyaneshwaran f348eae9d1
Create sym404.yaml 2022-06-23 17:39:44 +01:00
Ritik Chaddha cc07d2cb75
Update finecms-sqli.yaml 2022-06-23 18:28:06 +05:30
Ritik Chaddha 679bc9198e
Create royalevent-management-xss.yaml 2022-06-23 13:00:43 +05:30
Ritik Chaddha 103861f588
Create royalevent-management-xss.yaml 2022-06-23 12:38:09 +05:30
Prince Chaddha 493ea898ea Merge branch 'Update-metadata-query' of https://github.com/ritikchaddha/nuclei-templates into ritikchaddha-Update-metadata-query 2022-06-16 10:03:41 +05:30
Ritik Chaddha 0e7a1483c8 Update magento-2-exposed-api.yaml 2022-06-16 01:29:46 +05:30
Ritik Chaddha 0c0adb758c Update magento-unprotected-dev-files.yaml 2022-06-16 01:27:39 +05:30
Ritik Chaddha c3340b5e33 Update magento-cacheleak.yaml 2022-06-16 01:27:37 +05:30
Ritik Chaddha 9b247d6fa6
Create finecms-sqli.yaml 2022-06-10 19:28:24 +05:30
Prince Chaddha a44e87a683
Update and rename orbiteam-bscw-server-unauthenticated-lfi.yaml to vulnerabilities/other/orbiteam-bscw-server-lfi.yaml 2022-06-10 18:37:39 +05:30
MostInterestingBotInTheWorld b883737198
Dashboard Content Enhancements (#4567)
Dashboard Content Enhancements
2022-06-09 16:35:21 -04:00
Aaron Chen 5aa779a068
Fix templates: change alert(xss) to alert(/xss/) (#4564) 2022-06-09 10:11:03 +05:30
Arm!tage 3401689a2b
classify eyou, seeyon, tonged, weaver, dedecms, yonyou (#4557)
* Auto Generated CVE annotations [Sun May 15 12:16:57 UTC 2022] 🤖

* Auto Generated CVE annotations [Mon Jun  6 03:02:54 UTC 2022] 🤖

* create tongda directory and put templates in

* create weaver directory and put templates in

* create seeyon directory and put templates in

* create yonyou directory and put templates in

* create dedecms directory and put templates in

* create eyou directory and put templates in

* misc update

Co-authored-by: GitHub Action <action@github.com>
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-06-08 13:31:29 +05:30
sullo 9bb6b91ba3
Remove Links for Dead sites (#4554)
* Deleted buffalo-config-injection.yaml
Add reference from buffalo-config-injection.yaml to CVE-2021-20091.yaml

* Delete vulnerabilities/other/buffalo-config-injection.yaml

* Remove/replace links to dead sites:
* archives.neohapsis.com
* osvdb.org
* securityfocus.com
2022-06-08 02:20:59 +05:30
sullo 50fbea791c
buffalo-config-injection.yaml is a duplicate of CVE-2021-20091.yaml (#4547)
* Deleted buffalo-config-injection.yaml
Add reference from buffalo-config-injection.yaml to CVE-2021-20091.yaml

* Delete vulnerabilities/other/buffalo-config-injection.yaml
2022-06-06 20:32:33 +05:30
sandeep 606344bfad template id + file update 2022-06-06 16:23:02 +05:30
Prince Chaddha 7ada510859
Fixed possible FPs in open redirect templates (#4544)
* Fixed possible FPs in open redirect templates

We have replaced example.com with interact.sh since few domains redirect to example.com, which results in FP results.

* updated example domain

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-06-06 16:10:15 +05:30
Prince Chaddha 01080a3aed
Update phpok-sqli.yaml 2022-06-05 17:09:00 +05:30
Prince Chaddha 51cdbeaf6a
Merge pull request #4535 from ritikchaddha/patch-70
Update and rename cves/2020/CVE-2020-22210.yaml to vulnerabilities/ot…
2022-06-05 15:48:17 +05:30
Ritik Chaddha 914aa45704
Update and rename cves/2020/CVE-2020-22210.yaml to vulnerabilities/other/74cms-sqli.yaml 2022-06-05 15:04:44 +05:30
Ritik Chaddha 0780108196
Update phpok-sqli.yaml 2022-06-05 14:06:26 +05:30
Ritik Chaddha 49d7a23320
Create phpok-sqli.yaml 2022-06-05 14:01:28 +05:30
MostInterestingBotInTheWorld 5da580f9c2
Dashboard Content Enhancements (#4519)
Dashboard Content Enhancements
2022-06-03 15:12:31 -04:00
Prince Chaddha 85050febf7
Update unauth-message-read.yaml 2022-06-01 18:51:48 +05:30
Alexandre ZANNI 047a7231a3
add ref + rem 2022-06-01 13:44:10 +02:00
sullo 88c150d2e0
Remove blank cve-id fields from templates. (#4516)
* Remove blank cve-id fields from templates.
Add cve-id to CVE-2022-0776.yaml

* Fix classification spelling
2022-05-31 20:04:35 +05:30
Prince Chaddha ecc12ec58f
Merge pull request #4496 from MostInterestingBotInTheWorld/dashboard
Dashboard Content Enhancements
2022-05-31 15:24:07 +05:30
Prince Chaddha bbc9bd2a84
Update nuuo-nvrmini2-rce.yaml 2022-05-31 14:52:46 +05:30
Prince Chaddha c4aec5a0d1
Update oa-tongda-path-traversal.yaml 2022-05-31 14:51:16 +05:30
Prince Chaddha 683b511766
Update opensns-rce.yaml 2022-05-31 14:49:47 +05:30
Prince Chaddha 35e1863cda
Update oracle-fatwire-lfi.yaml 2022-05-31 14:48:35 +05:30
Prince Chaddha 630a29f710
Update php-zerodium-backdoor-rce.yaml 2022-05-31 14:48:05 +05:30
Prince Chaddha 927b557f16
Update powercreator-cms-rce.yaml 2022-05-31 14:47:10 +05:30
Prince Chaddha 39c25f539b
Update qi-anxin-netkang-next-generation-firewall-rce.yaml 2022-05-31 14:44:03 +05:30
Prince Chaddha e5eeae4afb
Update qihang-media-disclosure.yaml 2022-05-31 14:42:37 +05:30
Prince Chaddha 21cb387113
Update sar2html-rce.yaml 2022-05-31 14:41:26 +05:30
Prince Chaddha a0d74ba5e8
Update seowon-router-rce.yaml 2022-05-31 14:40:43 +05:30
Prince Chaddha 2d03dfdf85
Update showdoc-file-upload-rce.yaml 2022-05-31 14:38:36 +05:30
Prince Chaddha f46b4f6fb0
Update sonicwall-sslvpn-shellshock.yaml 2022-05-31 14:36:41 +05:30
Prince Chaddha cbed893fe9
Update sponip-network-system-ping-rce.yaml 2022-05-31 14:36:06 +05:30
Prince Chaddha e1d05486a8
Update rusty-joomla.yaml 2022-05-31 14:34:37 +05:30
Prince Chaddha 66fe14e8a0
Update metersphere-plugin-rce.yaml 2022-05-31 14:33:16 +05:30
Prince Chaddha 236a91ffd6
Update oracle-ebs-bispgraph-file-access.yaml 2022-05-31 14:32:35 +05:30
Prince Chaddha 399f4d1434
Update clockwatch-enterprise-rce.yaml 2022-05-31 14:31:19 +05:30
Prince Chaddha 9a4a006909
Update commax-biometric-auth-bypass.yaml 2022-05-31 14:30:59 +05:30
Prince Chaddha c4e9ddf1f0
Update commax-credentials-disclosure.yaml 2022-05-31 14:30:21 +05:30
Prince Chaddha 2919dc1469
Update icewarp-webclient-rce.yaml 2022-05-31 14:29:38 +05:30
Prince Chaddha fbf8533896
Update kevinlab-bems-backdoor.yaml 2022-05-31 14:29:07 +05:30
Prince Chaddha 18f573cc0d
Update kevinlab-hems-backdoor.yaml 2022-05-31 14:28:02 +05:30
Prince Chaddha 59f524e539
Update lotuscms-rce.yaml 2022-05-31 14:26:43 +05:30
Prince Chaddha 59a7391451
Update maccmsv10-backdoor.yaml 2022-05-31 14:26:02 +05:30
Prince Chaddha 32b085c52a
Update magicflow-lfi.yaml 2022-05-31 14:25:40 +05:30
Prince Chaddha cd9188a2d9
Update mirai-unknown-rce.yaml 2022-05-31 14:23:16 +05:30
Prince Chaddha 636dec14ab
Update natshell-rce.yaml 2022-05-31 14:22:28 +05:30
Prince Chaddha ff002c5b1b
Update netgear-router-exposure.yaml 2022-05-31 14:21:09 +05:30
Prince Chaddha 8dd9e07f80
Update apache-ofbiz-log4j-rce.yaml 2022-05-31 14:14:19 +05:30
Prince Chaddha 0d4b2cfd10
Update apache-solr-log4j-rce.yaml 2022-05-31 14:13:47 +05:30
Prince Chaddha ad4509d33b
Update code42-log4j-rce.yaml 2022-05-31 14:13:20 +05:30
Prince Chaddha 3106c22125
Update fastjson-1-2-68-rce.yaml 2022-05-31 14:12:39 +05:30
Prince Chaddha 4c90184054
Update jamf-log4j-jndi-rce.yaml 2022-05-31 14:12:11 +05:30
Prince Chaddha 03993005fb
Update jenkins-script.yaml 2022-05-31 14:11:09 +05:30
Prince Chaddha ebab53c7be
Update rusty-joomla.yaml 2022-05-31 14:09:58 +05:30
Prince Chaddha 7be57dbf17
Update dotnetcms-sqli.yaml 2022-05-30 22:56:35 +05:30
MostInterestingBotInTheWorld 8712d2b6c5 Enhancement: vulnerabilities/other/icewarp-webclient-rce.yaml by mp 2022-05-30 13:26:21 -04:00
MostInterestingBotInTheWorld 75e1c543c0 Enhancement: vulnerabilities/other/kevinlab-bems-backdoor.yaml by mp 2022-05-30 13:25:21 -04:00
MostInterestingBotInTheWorld eb1647611f Enhancement: vulnerabilities/other/kevinlab-hems-backdoor.yaml by mp 2022-05-30 13:22:21 -04:00
MostInterestingBotInTheWorld d4543f05a3 Enhancement: vulnerabilities/other/sar2html-rce.yaml by mp 2022-05-30 13:19:43 -04:00
MostInterestingBotInTheWorld e37d064294 Enhancement: vulnerabilities/other/oa-tongda-path-traversal.yaml by mp 2022-05-30 13:13:35 -04:00
MostInterestingBotInTheWorld 35fb337708 Enhancement: vulnerabilities/other/netgear-router-exposure.yaml by mp 2022-05-30 13:12:49 -04:00
MostInterestingBotInTheWorld d4529ca918 Enhancement: vulnerabilities/other/maccmsv10-backdoor.yaml by mp 2022-05-30 13:11:43 -04:00
MostInterestingBotInTheWorld 57348a8841 Enhancement: vulnerabilities/other/lotuscms-rce.yaml by mp 2022-05-30 13:10:32 -04:00
MostInterestingBotInTheWorld 3db25f4ee3 Enhancement: vulnerabilities/other/sponip-network-system-ping-rce.yaml by mp 2022-05-30 12:24:46 -04:00
MostInterestingBotInTheWorld 84df3a4c02 Enhancement: vulnerabilities/other/sonicwall-sslvpn-shellshock.yaml by mp 2022-05-30 12:23:29 -04:00
MostInterestingBotInTheWorld 9a6f0ae3a8 Enhancement: vulnerabilities/other/showdoc-file-upload-rce.yaml by mp 2022-05-30 12:22:09 -04:00
MostInterestingBotInTheWorld 87ac93b918 Enhancement: vulnerabilities/other/seowon-router-rce.yaml by mp 2022-05-30 12:21:04 -04:00
MostInterestingBotInTheWorld 10a9317b22 Enhancement: vulnerabilities/other/sar2html-rce.yaml by mp 2022-05-30 12:19:44 -04:00
MostInterestingBotInTheWorld a8e014d313 Enhancement: vulnerabilities/other/sangfor-ba-rce.yaml by mp 2022-05-30 12:18:15 -04:00
MostInterestingBotInTheWorld 805882fa88 Enhancement: vulnerabilities/other/qihang-media-disclosure.yaml by mp 2022-05-30 12:17:42 -04:00
MostInterestingBotInTheWorld 1ef6598da0 Enhancement: vulnerabilities/other/qi-anxin-netkang-next-generation-firewall-rce.yaml by mp 2022-05-30 12:16:18 -04:00
MostInterestingBotInTheWorld ec9771943b Enhancement: vulnerabilities/other/powercreator-cms-rce.yaml by mp 2022-05-30 12:15:22 -04:00
MostInterestingBotInTheWorld 07fb89712d Enhancement: vulnerabilities/other/php-zerodium-backdoor-rce.yaml by mp 2022-05-30 12:12:27 -04:00
MostInterestingBotInTheWorld 7a980959d2 Enhancement: vulnerabilities/other/oracle-fatwire-lfi.yaml by mp 2022-05-30 11:04:24 -04:00
MostInterestingBotInTheWorld 3a2ddad627 Enhancement: vulnerabilities/other/opensns-rce.yaml by mp 2022-05-30 10:36:52 -04:00
MostInterestingBotInTheWorld 69702aa586 Enhancement: vulnerabilities/other/oa-tongda-path-traversal.yaml by mp 2022-05-30 10:36:06 -04:00
MostInterestingBotInTheWorld 480c2fca93 Enhancement: vulnerabilities/other/nuuo-nvrmini2-rce.yaml by mp 2022-05-30 10:12:35 -04:00
MostInterestingBotInTheWorld 03a8417f7c Enhancement: vulnerabilities/other/netgear-router-exposure.yaml by mp 2022-05-30 10:10:54 -04:00
MostInterestingBotInTheWorld 062c170d10 Enhancement: vulnerabilities/other/natshell-rce.yaml by mp 2022-05-30 10:05:52 -04:00
MostInterestingBotInTheWorld b004ffeb68 Enhancement: vulnerabilities/other/mirai-unknown-rce.yaml by mp 2022-05-30 10:04:12 -04:00
MostInterestingBotInTheWorld 4768876a28 Enhancement: vulnerabilities/other/magicflow-lfi.yaml by mp 2022-05-30 09:57:24 -04:00
Ritik Chaddha 9aac455f6c
Update dotnetcms-sqli.yaml 2022-05-30 19:20:44 +05:30
MostInterestingBotInTheWorld 5cee74ec5c Enhancement: vulnerabilities/other/maccmsv10-backdoor.yaml by mp 2022-05-30 09:48:06 -04:00
MostInterestingBotInTheWorld a604bfaa3d Enhancement: vulnerabilities/other/lotuscms-rce.yaml by mp 2022-05-30 09:46:17 -04:00
Ritik Chaddha fdc7a4825e
Create dotnetcms-sqli.yaml 2022-05-30 19:03:36 +05:30
Prince Chaddha c30ab4dbe7
Update ecology-arbitrary-file-upload.yaml 2022-05-30 14:40:15 +05:30
Prince Chaddha 87ba83be67
Update digitalrebar-traversal.yaml 2022-05-28 22:59:19 +05:30
sullo 9f8bd21e1d Trailng space 2022-05-27 17:05:45 -04:00
MostInterestingBotInTheWorld 29bb7d1fd3 Enhancement: vulnerabilities/other/commax-credentials-disclosure.yaml by mp 2022-05-27 14:28:13 -04:00
MostInterestingBotInTheWorld 3bb9b3b9b4 Enhancement: vulnerabilities/other/commax-biometric-auth-bypass.yaml by mp 2022-05-27 14:27:14 -04:00
MostInterestingBotInTheWorld ceca4a66eb Enhancement: vulnerabilities/other/clockwatch-enterprise-rce.yaml by mp 2022-05-27 14:24:57 -04:00
MostInterestingBotInTheWorld c7879a024a Enhancement: vulnerabilities/other/clockwatch-enterprise-rce.yaml by mp 2022-05-27 14:24:10 -04:00
MostInterestingBotInTheWorld e945b90658 Enhancement: vulnerabilities/apache/apache-solr-log4j-rce.yaml by mp 2022-05-27 11:55:31 -04:00
MostInterestingBotInTheWorld 514dcc9130 Enhancement: vulnerabilities/apache/apache-solr-log4j-rce.yaml by mp 2022-05-27 11:51:56 -04:00
MostInterestingBotInTheWorld a39ff66bc7
Merge branch 'projectdiscovery:master' into dashboard 2022-05-27 09:47:03 -04:00
sullo b04f2e96fc Merge branch 'dashboard' of https://github.com/MostInterestingBotInTheWorld/nuclei-templates into dashboard 2022-05-27 09:46:25 -04:00
sullo a6d9c0dc6f Various syntax updates 2022-05-27 09:44:40 -04:00
MostInterestingBotInTheWorld 0bc780b271 Enhancement: vulnerabilities/joomla/rusty-joomla.yaml by mp 2022-05-27 09:40:04 -04:00
MostInterestingBotInTheWorld e51ffe8e42 Enhancement: vulnerabilities/jamf/jamf-log4j-jndi-rce.yaml by mp 2022-05-27 09:37:10 -04:00
MostInterestingBotInTheWorld 1073ce9376 Enhancement: vulnerabilities/code42/code42-log4j-rce.yaml by mp 2022-05-27 09:32:32 -04:00
MostInterestingBotInTheWorld 1d8806d53b Enhancement: vulnerabilities/apache/apache-ofbiz-log4j-rce.yaml by mp 2022-05-27 09:28:10 -04:00
MostInterestingBotInTheWorld 6a8f9f6ec6 Enhancement: vulnerabilities/other/WSO2-2019-0598.yaml by mp 2022-05-26 15:59:23 -04:00
MostInterestingBotInTheWorld 95ce6f2c3a Enhancement: vulnerabilities/oracle/oracle-ebs-bispgraph-file-access.yaml by mp 2022-05-26 15:57:07 -04:00
MostInterestingBotInTheWorld c039487da2 Enhancement: vulnerabilities/oracle/oracle-ebs-bispgraph-file-access.yaml by mp 2022-05-26 15:56:32 -04:00
MostInterestingBotInTheWorld 8afdeb3629 Enhancement: vulnerabilities/metersphere/metersphere-plugin-rce.yaml by mp 2022-05-26 15:23:19 -04:00
MostInterestingBotInTheWorld b82487b452 Enhancement: vulnerabilities/joomla/rusty-joomla.yaml by mp 2022-05-26 14:11:38 -04:00
MostInterestingBotInTheWorld 29bf5b8a9c Enhancement: vulnerabilities/jenkins/jenkins-script.yaml by mp 2022-05-26 12:51:54 -04:00
MostInterestingBotInTheWorld 0841f7b8af Enhancement: vulnerabilities/jamf/jamf-log4j-jndi-rce.yaml by mp 2022-05-26 12:45:45 -04:00
MostInterestingBotInTheWorld 3f99ce203c Enhancement: vulnerabilities/fastjson/fastjson-1-2-41-rce.yaml by mp 2022-05-25 17:18:25 -04:00
MostInterestingBotInTheWorld faad73bef0 Enhancement: vulnerabilities/fastjson/fastjson-1-2-42-rce.yaml by mp 2022-05-25 17:17:59 -04:00
MostInterestingBotInTheWorld 8fd83cc9ba Enhancement: vulnerabilities/fastjson/fastjson-1-2-43-rce.yaml by mp 2022-05-25 17:05:12 -04:00
MostInterestingBotInTheWorld 6c01b09603 Enhancement: vulnerabilities/fastjson/fastjson-1-2-47-rce.yaml by mp 2022-05-25 17:04:03 -04:00
MostInterestingBotInTheWorld af6d259881 Enhancement: vulnerabilities/fastjson/fastjson-1-2-62-rce.yaml by mp 2022-05-25 17:03:39 -04:00
MostInterestingBotInTheWorld 9b5515f772 Enhancement: vulnerabilities/fastjson/fastjson-1-2-24-rce.yaml by mp 2022-05-25 17:00:30 -04:00
MostInterestingBotInTheWorld 2ee0c440e3 Enhancement: vulnerabilities/fastjson/fastjson-1-2-68-rce.yaml by mp 2022-05-25 14:55:07 -04:00
MostInterestingBotInTheWorld 485b351e12 Enhancement: vulnerabilities/fastjson/fastjson-1-2-67-rce.yaml by mp 2022-05-25 14:53:54 -04:00
MostInterestingBotInTheWorld a665ef18a0 Enhancement: vulnerabilities/fastjson/fastjson-1-2-62-rce.yaml by mp 2022-05-25 14:52:37 -04:00
MostInterestingBotInTheWorld 779a386850 Enhancement: vulnerabilities/fastjson/fastjson-1-2-47-rce.yaml by mp 2022-05-25 14:47:11 -04:00
MostInterestingBotInTheWorld 28f29dfa45 Enhancement: vulnerabilities/fastjson/fastjson-1-2-43-rce.yaml by mp 2022-05-25 14:45:59 -04:00
MostInterestingBotInTheWorld 140502c059 Enhancement: vulnerabilities/fastjson/fastjson-1-2-41-rce.yaml by mp 2022-05-25 14:42:38 -04:00
MostInterestingBotInTheWorld 88ff31247d Enhancement: vulnerabilities/fastjson/fastjson-1-2-24-rce.yaml by mp 2022-05-24 13:53:38 -04:00
MostInterestingBotInTheWorld 1f2b42e0d1 Enhancement: vulnerabilities/code42/code42-log4j-rce.yaml by mp 2022-05-24 13:30:47 -04:00
MostInterestingBotInTheWorld 0fcd77fe46 Enhancement: vulnerabilities/apache/apache-ofbiz-log4j-rce.yaml by mp 2022-05-24 12:41:22 -04:00
MostInterestingBotInTheWorld d0ea7fe0b2 Enhancement: vulnerabilities/apache/apache-ofbiz-log4j-rce.yaml by mp 2022-05-24 12:38:03 -04:00
Prince Chaddha a81f40cb74
Create digitalrebar-traversal.yaml 2022-05-24 12:18:27 +05:30
MostInterestingBotInTheWorld bdb372cfb4
Dashboard Content Enhancements (#4475)
Dashboard Content Enhancements
2022-05-23 17:29:29 -04:00
MostInterestingBotInTheWorld bd5823ea54
Merge branch 'projectdiscovery:master' into dashboard 2022-05-23 17:24:43 -04:00
MostInterestingBotInTheWorld 0880da19a4 Enhancement: vulnerabilities/apache/apache-flink-unauth-rce.yaml by mp 2022-05-23 15:33:34 -04:00
Prince Chaddha fe0bf001b7
Merge pull request #4471 from projectdiscovery/princechaddha-patch-2
Update and rename vulnerabilities/other/sangfor-edr-rce.yaml to vulne…
2022-05-23 23:58:57 +05:30
Prince Chaddha 50a9ef0f89
Update cisco-rv-series-rce.yaml 2022-05-23 17:26:06 +05:30
Prince Chaddha fa903d06d3
Merge pull request #4368 from ritikchaddha/patch-52
Create sangfor-ba-rce.yaml
2022-05-23 16:29:32 +05:30
Prince Chaddha 430cc1ea03
Update sangfor-ba-rce.yaml 2022-05-23 16:27:59 +05:30
Prince Chaddha 5ad7e37a87
Update and rename vulnerabilities/other/sangfor-edr-auth-bypass.yaml to vulnerabilities/sangfor/sangfor-edr-auth-bypass.yaml 2022-05-23 16:27:31 +05:30
Prince Chaddha b8d2df57ba
Update and rename vulnerabilities/other/sangfor-edr-rce.yaml to vulnerabilities/sangfor/sangfor-edr-rce.yaml 2022-05-23 16:25:10 +05:30
Prince Chaddha a6a35ab400
Merge pull request #4431 from ritikchaddha/patch-59
Update ecshop-sqli.yaml
2022-05-23 16:14:33 +05:30
Prince Chaddha d2333f8c0c
Update ecshop-sqli.yaml 2022-05-23 16:13:10 +05:30
Prince Chaddha 78a5fbc640
Merge pull request #4466 from gy741/rule-add-v114
Create ait-csv-import-export-rce.yaml
2022-05-23 14:16:51 +05:30
Prince Chaddha b2be30c340
Update ait-csv-import-export-rce.yaml 2022-05-23 14:04:27 +05:30
Prince Chaddha 09de9e19ce
Merge branch 'master' into master 2022-05-23 13:30:04 +05:30
Prince Chaddha 428176e5f6
Update grafana-file-read.yaml 2022-05-23 13:27:45 +05:30
GwanYeong Kim aacb8f738f Create ait-csv-import-export-rce.yaml
The AIT CSV Import/Export plugin <= 3.0.3 allows unauthenticated remote attackers to upload and execute arbitrary PHP code.  The upload-handler does not require authentication, nor validates the uploaded content.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2022-05-22 10:12:09 +09:00
GwanYeong Kim 40116f7ee3 Create cisco-rv-series-rce.yaml
Multiple vulnerabilities exist in the web-based management interface of Cisco Small Business RV Series Routers. A remote
attacker could execute arbitrary commands or bypass authentication and upload files on an affected device. For more infor
mation about these vulnerabilities, see the Details section of this advisory.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2022-05-22 00:15:55 +09:00
MostInterestingBotInTheWorld 809e87987c
Dashboard Content Enhancements (#4456)
Dashboard Content Enhancements
2022-05-20 17:38:52 -04:00
Prince Chaddha b78e56dbc9
Update and rename vulnerabilities/other/dedecms-configphp-xss.yaml to vulnerabilities/dedecms/dedecms-config-xss.yaml 2022-05-20 00:36:18 +05:30
Ritik Chaddha 35e6d8b5f7
Update dedecms-configphp-xss.yaml 2022-05-19 18:08:04 +05:30
Ritik Chaddha b6f6f3ff76
Create dedecms-configphp-xss.yaml 2022-05-19 18:03:58 +05:30
Ritik Chaddha 30d4f20b7e
Update ecshop-sqli.yaml 2022-05-19 00:51:53 +05:30
Ritik Chaddha 6c76c6f99c
Update ecshop-sqli.yaml 2022-05-18 15:06:50 +05:30
Ritik Chaddha 14664c1e01
Update ecshop-sqli.yaml 2022-05-18 14:53:08 +05:30
Ritik Chaddha d8fdb31b1b
Update ecshop-sqli.yaml 2022-05-18 14:50:12 +05:30
MostInterestingBotInTheWorld 83cc50ce3e
Dashboard Content Enhancements (#4411)
* standardizing enhanced by tag

* Fix spacing. Add classification->cve

* Enhancement: cves/2021/CVE-2021-20158.yaml by mp

* Enhancement: cves/2021/CVE-2021-20167.yaml by mp

* Typo

* Enhancement: cves/2021/CVE-2021-20837.yaml by mp

* Enhancement: cves/2021/CVE-2021-21307.yaml by mp

* Enhancement: cves/2021/CVE-2021-21479.yaml by mp

* Enhancement: cves/2021/CVE-2021-21881.yaml by mp

* Enhancement: cves/2021/CVE-2021-21972.yaml by mp

* Enhancement: cves/2021/CVE-2021-21978.yaml by mp

* Enhancement: cves/2021/CVE-2021-22005.yaml by mp

* Enhancement: cves/2021/CVE-2021-22205.yaml by mp

* Enhancement: cves/2021/CVE-2021-22986.yaml by mp

* Enhancement: cves/2021/CVE-2021-24285.yaml by mp

* Enhancement: cves/2021/CVE-2021-24472.yaml by mp

* Enhancement: cves/2021/CVE-2021-20090.yaml by mp

* Enhancement: cves/2021/CVE-2021-20167.yaml by mp

* Enhancement: cves/2021/CVE-2021-21307.yaml by mp

* Enhancement: cves/2021/CVE-2021-21978.yaml by mp

* Enhancement: cves/2021/CVE-2021-21985.yaml by mp

* Enhancement: cves/2021/CVE-2021-21972.yaml by mp

* Enhancement: cves/2021/CVE-2021-22205.yaml by mp

* Enhancement: cves/2021/CVE-2021-22986.yaml by mp

* Enhancement: cves/2021/CVE-2021-24285.yaml by mp

* Restore empty lines

* Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs

* Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs

* Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs

* Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs

* Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs

* Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs

* Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs

* Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs

* Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs

* Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs

* Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs

* Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs

* Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs

* Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs

* Enhancement: undefined by cs

* Enhancement: undefined by cs

* Enhancement: undefined by cs

* Enhancement: undefined by cs

* Enhancement: undefined by cs

* Enhancement: undefined by cs

* Enhancement: undefined by cs

* Remove unnecessary file

* Restore content after bad dashboard edit

* Enhancement: undefined by cs

* Spacing issues

* Enhancement: undefined by cs

* Enhancement: undefined by cs

* Enhancement: undefined by cs

* Enhancement: undefined by cs

* Enhancement: undefined by cs

* Enhancement: undefined by cs

* Enhancement: undefined by cs

* Enhancement: undefined by cs

* Enhancement: undefined by cs

* Enhancement: undefined by cs

* Enhancement: undefined by cs

* Enhancement: undefined by cs

* Enhancement: undefined by cs

* Enhancement: undefined by cs

* Enhancement: undefined by cs

* Enhancement: undefined by cs

* Enhancement: undefined by cs

* Enhancement: undefined by cs

* Enhancement: undefined by cs

* Enhancement: undefined by cs

* Enhancement: undefined by cs

* Enhancement: undefined by cs

* Enhancement: undefined by cs

* Enhancement: undefined by cs

* Enhancement: undefined by cs

* Enhancement: undefined by cs

* Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs

* Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs

* Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs

* Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs

* Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs

* Delete null file created by dashboard

* Remove improper Enhanced tag

* Spacing issues

* Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs

* Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs

* Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs

* Remove test dashboard commits

* Enhancement: cves/2014/CVE-2014-9618.yaml by mp

* Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs

* Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs

* Not really enhanced

* Add classification->cve-id

* Restore content from dashboard mess up

* Enhancement: cves/2014/CVE-2014-9618.yaml by mp

* Enhancement: cves/2014/CVE-2014-9618.yaml by mp

* Restore newlines

* Enhancement: cves/2007/CVE-2007-4556.yaml by mp

* Enhancement: cves/2007/CVE-2007-4556.yaml by mp

* Enhancement: cves/2014/CVE-2014-9618.yaml by mp

* Enhancement: cves/2015/CVE-2015-1427.yaml by mp

* Enhancement: cves/2015/CVE-2015-3224.yaml by mp

* Enhancement: cves/2015/CVE-2015-7450.yaml by mp

* Enhancement: cves/2016/CVE-2016-10134.yaml by mp

* Enhancement: cves/2016/CVE-2016-1555.yaml by mp

* Enhancement: cves/2016/CVE-2016-2004.yaml by mp

* Enhancement: cves/2016/CVE-2016-5649.yaml by mp

* Enhancement: cves/2016/CVE-2016-7552.yaml by mp

* Enhancement: cves/2017/CVE-2017-1000486.yaml by mp

* Enhancement: cves/2017/CVE-2017-11444.yaml by mp

* Spacing issues

* Added better reference

* Enhancement: cves/2017/CVE-2017-12149.yaml by mp

* Enhancement: cves/2017/CVE-2017-12542.yaml by mp

* Enhancement: cves/2017/CVE-2017-12611.yaml by mp

* Enhancement: cves/2017/CVE-2017-12635.yaml by mp

* Enhancement: cves/2017/CVE-2017-14135.yaml by mp

* Enhancement: cves/2017/CVE-2017-3881.yaml by mp

* Enhancement: cves/2017/CVE-2017-7269.yaml by mp

* Enhancement: cves/2017/CVE-2017-8917.yaml by mp

* Enhancement: cves/2017/CVE-2017-9791.yaml by mp

* Enhancement: cves/2015/CVE-2015-1427.yaml by mp

* Enhancement: cves/2017/CVE-2017-12149.yaml by mp

* Enhancement: cves/2017/CVE-2017-12542.yaml by mp

* Enhancement: cves/2017/CVE-2017-8917.yaml by mp

* Spacing and other minor issues

* Update CVE-2015-1427.yaml

* Update CVE-2017-12149.yaml

* Update CVE-2017-12542.yaml

* Update CVE-2017-12635.yaml

* Update CVE-2017-14135.yaml

* Update CVE-2017-3881.yaml

* Update CVE-2017-7269.yaml

* Update CVE-2017-8917.yaml

* Update CVE-2017-9791.yaml

* Enhancement: cnvd/2019/CNVD-2019-19299.yaml by mp

* Enhancement: cnvd/2019/CNVD-2019-32204.yaml by mp

* Enhancement: cnvd/2020/CNVD-2020-68596.yaml by mp

* Enhancement: cnvd/2021/CNVD-2021-09650.yaml by mp

* Enhancement: cnvd/2021/CNVD-2021-26422.yaml by mp

* Enhancement: cnvd/2022/CNVD-2022-03672.yaml by mp

* Enhancement: cves/2017/CVE-2017-9841.yaml by mp

* Enhancement: cves/2018/CVE-2018-0127.yaml by mp

* Enhancement: cves/2018/CVE-2018-1000226.yaml by mp

* Enhancement: cves/2018/CVE-2018-1000861.yaml by mp

* Enhancement: cves/2018/CVE-2018-10562.yaml by mp

* Enhancement: cves/2018/CVE-2018-12031.yaml by mp

* Enhancement: cves/2018/CVE-2018-1207.yaml by mp

* Enhancement: cves/2018/CVE-2018-12634.yaml by mp

* Enhancement: cves/2018/CVE-2018-1273.yaml by mp

* Enhancement: cves/2018/CVE-2018-16763.yaml by mp

* Enhancement: cves/2018/CVE-2018-16167.yaml by mp

* Enhancement: cves/2018/CVE-2018-14916.yaml by mp

* Enhancement: cves/2018/CVE-2018-14064.yaml by mp

* Enhancement: cves/2018/CVE-2018-13379.yaml by mp

* Enhancement: cves/2017/CVE-2017-9841.yaml by mp

* Enhancement: cves/2018/CVE-2018-1000861.yaml by mp

* Enhancement: cves/2018/CVE-2018-10562.yaml by mp

* Enhancement: cves/2018/CVE-2018-12031.yaml by mp

* Enhancement: cves/2018/CVE-2018-1207.yaml by mp

* Enhancement: cves/2018/CVE-2018-12634.yaml by mp

* Enhancement: cves/2018/CVE-2018-13379.yaml by mp

* Enhancement: cves/2018/CVE-2018-14916.yaml by mp

* Enhancement: cves/2018/CVE-2018-16167.yaml by mp

* Enhancement: cves/2018/CVE-2018-16763.yaml by mp

* Cleanup and spacing

* Remove blank cve-id lines

* Enhancement: cves/2018/CVE-2018-16836.yaml by mp

* Enhancement: cves/2018/CVE-2018-17246.yaml by mp

* Enhancement: cves/2018/CVE-2018-17431.yaml by mp

* Enhancement: cves/2018/CVE-2018-18925.yaml by mp

* Enhancement: cves/2018/CVE-2018-20985.yaml by mp

* Enhancement: cves/2018/CVE-2018-2894.yaml by mp

* Enhancement: cves/2018/CVE-2018-3810.yaml by mp

* Enhancement: cves/2018/CVE-2018-7600.yaml by mp

* Enhancement: cves/2018/CVE-2018-7600.yaml by mp

* Enhancement: cves/2018/CVE-2018-7602.yaml by mp

* Enhancement: cves/2018/CVE-2018-9161.yaml by mp

* Enhancement: cves/2018/CVE-2018-16836.yaml by mp

* Enhancement: cves/2018/CVE-2018-17431.yaml by mp

* Many title clean-ups for more standardization.
Some vendor name clean-up

* Enhancement: cves/2018/CVE-2018-20985.yaml by mp

* Enhancement: cves/2018/CVE-2018-3810.yaml by mp

* Spacing issues

* Remove 2 blank newlines

* Enhancement: vulnerabilities/other/tamronos-rce.yaml by cs

* Enhancement: cves/2018/CVE-2018-9845.yaml by mp

* Enhancement: cves/2018/CVE-2018-9995.yaml by mp

* Enhancement: cves/2019/CVE-2019-0230.yaml by mp

* Enhancement: cves/2019/CVE-2019-16920.yaml by mp

* Enhancement: cves/2019/CVE-2019-17270.yaml by mp

* Enhancement: cves/2019/CVE-2019-17382.yaml by mp

* Enhancement: cves/2019/CVE-2019-17444.yaml by mp

* Enhancement: cves/2019/CVE-2019-17506.yaml by mp

* Enhancement: cves/2020/CVE-2020-10148.yaml by mp

* Enhancement: cves/2020/CVE-2020-11710.yaml by mp

* Enhancement: cves/2020/CVE-2020-11854.yaml by mp

* Enhancement: cves/2020/CVE-2020-12800.yaml by mp

* Enhancement: cves/2020/CVE-2020-13117.yaml by mp

* Enhancement: cves/2020/CVE-2020-13167.yaml by mp

* Enhancement: cves/2020/CVE-2020-13927.yaml by mp

* Enhancement: cves/2020/CVE-2020-13942.yaml by mp

* Spacing, syntax error

* Spacing, correct this time.

* Enhancement: cves/2020/CVE-2020-15920.yaml by mp

* Enhancement: cves/2020/CVE-2020-29227.yaml by mp

* Enhancement: cves/2021/CVE-2021-24499.yaml by mp

* Enhancement: cves/2021/CVE-2021-24762.yaml by mp

* Enhancement: cves/2018/CVE-2018-9995.yaml by mp

* Enhancement: cves/2019/CVE-2019-0230.yaml by mp

* Enhancement: cves/2019/CVE-2019-17444.yaml by mp

* Enhancement: cves/2020/CVE-2020-10148.yaml by mp

* Enhancement: cves/2020/CVE-2020-11854.yaml by mp

* Enhancement: cves/2020/CVE-2020-13167.yaml by mp

* Enhancement: cves/2020/CVE-2020-13927.yaml by mp

* Enhancement: cves/2020/CVE-2020-15920.yaml by mp

* Enhancement: cves/2021/CVE-2021-24499.yaml by mp

* Extra newlines and one sp;acing issue

* Update CVE-2018-9995.yaml

* Update CVE-2019-0230.yaml

* Update CVE-2019-16920.yaml

* Update CVE-2019-17270.yaml

* Update CVE-2019-17382.yaml

* Update CVE-2019-17444.yaml

* Update CVE-2019-17506.yaml

* Update CVE-2020-10148.yaml

* Update CVE-2020-11710.yaml

* Update CVE-2020-11854.yaml

* Update CVE-2020-12800.yaml

* Update CVE-2020-13167.yaml

* Update CVE-2020-13927.yaml

* Update CVE-2020-13942.yaml

* Update CVE-2020-15920.yaml

* Update CVE-2020-29227.yaml

* Update CVE-2021-24499.yaml

* Update CVE-2021-24762.yaml

Co-authored-by: sullo <sullo@cirt.net>
Co-authored-by: Prince Chaddha <prince@projectdiscovery.io>
2022-05-17 14:41:26 +05:30
Prince Chaddha 334a4d03f4
Update cache-poisoning.yaml (#4418)
* Update cache-poisoning.yaml

* added identifier to headers

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-05-17 14:31:33 +05:30
Arm!tage 1a5427c415
Fix yonyou product name, add tag yonyou-ufida-nc to CNVD-2021-30167.yaml (#4388)
* Change weblogic-workflow.yaml file privilege

* Change yonyou product name

* Add Yonyou-ufida-nc workflow template

* misc update

* misc update

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-05-15 05:55:05 +05:30
sandeep 22ab0f9d53 minor matcher update 2022-05-15 04:48:52 +05:30
Dhiyaneshwaran a3ce25a5a6
Authenticated Wordpress XSS Templates (#4398)
* Create CVE-2021-25075.yaml

* Create seo-redirection-xss.yaml
2022-05-15 04:32:53 +05:30
MostInterestingBotInTheWorld 581b7a627b
Dashboard Content Enhancements (#4381)
Dashboard Content Enhancements
2022-05-13 16:26:43 -04:00
Prince Chaddha 20b869632b
Merge pull request #4341 from gy741/rule-add-v108
Create gnuboard-sms-xss.yaml
2022-05-13 01:14:28 +05:30
Prince Chaddha c616179c95
Update gnuboard-sms-xss.yaml 2022-05-13 01:11:32 +05:30
Ritik Chaddha 27a039a70c
Update metadata query (#4350)
* Update adobe-component-login.yaml

* Update cold-fusion-cfcache-map.yaml

* Update unpatched-coldfusion.yaml

* Update coldfusion-debug-xss.yaml

* Update CVE-2020-11978.yaml

* Update CVE-2020-13927.yaml

* Update CVE-2021-38540.yaml

* Update CVE-2021-44451.yaml

* Update CVE-2022-24288.yaml

* Update airflow-debug.yaml

* Update airflow-detect.yaml

* Update CVE-2010-0219.yaml

* Update apache-axis-detect.yaml

* Update CVE-2020-11991.yaml

* Update apache-cocoon-detect.yaml

* Update CVE-2021-21402.yaml

* Update jellyfin-detect.yaml

* Update CVE-2021-21402.yaml

* Update CVE-2021-21402.yaml

* Update ecology-arbitrary-file-upload.yaml

* Update ecology-v8-sqli.yaml

* Update ecology-syncuserinfo-sqli.yaml

* Update ecology-filedownload-directory-traversal.yaml

* Update CNVD-2021-15822.yaml

* Update dedecms-carbuyaction-fileinclude.yaml

* Update dedecms-openredirect.yaml

* Update tamronos-rce.yaml

* Update natshell-path-traversal.yaml
2022-05-12 19:48:36 +05:30
Prince Chaddha 93c86e4adf
Update ecsimagingpacs-rce.yaml 2022-05-12 16:38:58 +05:30
Ritik Chaddha 70501101a6
Create ecsimagingpacs-rce.yaml 2022-05-12 13:50:38 +05:30
Ritik Chaddha f1f82468ea Update natshell-path-traversal.yaml 2022-05-12 01:33:14 +05:30
Ritik Chaddha 57373213b6 Update tamronos-rce.yaml 2022-05-12 01:33:12 +05:30
Ritik Chaddha 750bbe0c15 Update dedecms-openredirect.yaml 2022-05-12 01:33:10 +05:30
Ritik Chaddha dd8800feb3 Update dedecms-carbuyaction-fileinclude.yaml 2022-05-12 01:33:07 +05:30
Ritik Chaddha c82ef1fb68
Create sangfor-ba-rce.yaml 2022-05-12 00:17:57 +05:30
Ritik Chaddha 2b04163410 Update ecology-filedownload-directory-traversal.yaml 2022-05-11 19:11:12 +05:30
Ritik Chaddha 6728a61005 Update ecology-syncuserinfo-sqli.yaml 2022-05-11 19:11:09 +05:30
Ritik Chaddha 02603f1f02 Update ecology-v8-sqli.yaml 2022-05-11 19:11:03 +05:30
Ritik Chaddha 43dd78de1b Update ecology-arbitrary-file-upload.yaml 2022-05-11 19:10:58 +05:30
Prince Chaddha a584def0e1
Create age-gate-open-redirect.yaml 2022-05-11 02:14:39 +05:30
Ritik Chaddha 7619f86249 Update coldfusion-debug-xss.yaml 2022-05-10 15:44:14 +05:30
Prince Chaddha f7fd0efead
Create wp-under-construction-ssrf.yaml 2022-05-10 15:00:09 +05:30
Prince Chaddha 91a4cd3fa0
Create newsletter-manager-open-redirect.yaml 2022-05-10 14:44:58 +05:30
Prince Chaddha 7003c19dda
Create wp-security-open-redirect.yaml 2022-05-10 14:33:03 +05:30
GwanYeong Kim 92e9c1da0b Create gnuboard-sms-xss.yaml
A vulnerability in Gnuboard CMS allows remote attackers to inject arbitrary Javascript into the responses returned by the server.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2022-05-10 13:22:31 +09:00
Prince Chaddha 1ff8b55f06
Update inspur-clusterengine-v4-sysshell-rce.yaml 2022-05-09 23:04:44 +05:30
Prince Chaddha c44aed7f5e
Update huijietong-cloud-fileread.yaml 2022-05-09 13:31:15 +05:30
Ritik Chaddha a9de43f0f7
Update huijietong-cloud-fileread.yaml 2022-05-08 18:14:47 +05:30
Ritik Chaddha 4124cb441a
Update huijietong-cloud-fileread.yaml 2022-05-08 18:11:28 +05:30
Sandeep Singh 958b15663c
Strict matchers / f/p fix (#4320)
* more strict matcher + matcher fix

* misc updates
2022-05-08 12:13:38 +05:30
Prince Chaddha 303165dac4
Rename vulnerabilities/other/ruijie-networks-rce.yaml to vulnerabilities/ruijie/ruijie-networks-rce.yaml 2022-05-06 21:09:42 +05:30
Prince Chaddha ef7e1fcf8b
Rename vulnerabilities/other/ruijie-networks-lfi.yaml to vulnerabilities/ruijie/ruijie-networks-lfi.yaml 2022-05-06 21:09:32 +05:30
Prince Chaddha 027c4ee86e
Rename vulnerabilities/other/ruijie-eg-rce.yaml to vulnerabilities/ruijie/ruijie-eg-rce.yaml 2022-05-06 21:09:20 +05:30
Prince Chaddha 16c82b3aad
Rename vulnerabilities/other/ruijie/ruijie-password-leak.yaml to vulnerabilities/ruijie/ruijie-password-leak.yaml 2022-05-06 21:09:07 +05:30
Prince Chaddha 610f52a09b
Update and rename vulnerabilities/other/ruijie-password-leak.yaml to vulnerabilities/other/ruijie/ruijie-password-leak.yaml 2022-05-06 21:07:45 +05:30
Prince Chaddha e445aa053a
Update and rename firewall-password-leak.yaml to ruijie-password-leak.yaml 2022-05-06 20:59:15 +05:30
Ritik Chaddha 684528467b
Update firewall-password-leak.yaml 2022-05-06 16:13:47 +05:30
Ritik Chaddha 7ffa667acc
Create firewall-password-leak.yaml 2022-05-06 16:10:24 +05:30
Ritik Chaddha 5fdda06ce1
Create inspur-clusterengine-v4-sysshell-rce.yaml 2022-05-04 01:24:06 +05:30
Prince Chaddha c48987d818
Update health-check-lfi.yaml 2022-05-03 01:12:36 +05:30
Dhiyaneshwaran ce8efa4f01
Create health-check-lfi.yaml 2022-05-01 15:39:20 +05:30
Muhammad Daffa 96cc1928eb
Update wp-code-snippets-xss.yaml 2022-04-29 22:01:22 +07:00
sullo c3d4dfd6ae
Tenda Template Enhancementleanup (#4257)
* Replace § markers with {{ }} pairs

* Clean up new Tenda admin panel template

* Update tenda-11n-wireless-router-login.yaml

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-04-29 10:34:34 +05:30
Prince Chaddha c9f72c1137
Update avada-xss.yaml 2022-04-28 23:27:46 +05:30
Muhammad Daffa 1c2235e87a
Update avada-xss.yaml 2022-04-28 21:41:50 +07:00
MostInterestingBotInTheWorld aa888bca8d
Dashboard Content Enhancements (#4238)
Dashboard Content Enhancements
2022-04-25 10:35:07 -04:00
Sandeep Singh 5e58c8a1dc
Added WSO2 < 5.8.0 - Server Side Request Forgery (#4229) 2022-04-24 01:19:18 +05:30
forgedhallpass 5451673368 Moved and renamed templates containing a CVE under their correct location 2022-04-22 19:25:23 +03:00
Sandeep Singh 2487e9877f
Merge pull request #4219 from projectdiscovery/template_info_fixup
Info section refactor
2022-04-22 18:01:12 +05:30
forgedhallpass e349c4ed72 YamlLint warning fix
* added new lines at the end of the template
2022-04-22 13:41:48 +03:00
forgedhallpass 209538baa6 refactor: Description field uniformization
* info field reorder
* reference values refactored to list
* added new lines after the id and before the protocols
* removed extra new lines
* split really long descriptions to multiple lines (part 1)
* other minor fixes
2022-04-22 13:38:41 +03:00
Prince Chaddha b0f93aa784
Create avada-xss.yaml 2022-04-22 12:56:53 +04:00
MostInterestingBotInTheWorld 31312b1c19
Dashboard Content Enhancements (#4191)
Dashboard Content Enhancements
2022-04-21 17:16:41 -04:00
Prince Chaddha 321f265cf4
Merge pull request #4194 from ritikchaddha/patch-35
Create tianqing-info-leak.yaml
2022-04-20 12:32:46 +04:00
Prince Chaddha 37b638bd08
Update tianqing-info-leak.yaml 2022-04-20 12:29:00 +04:00
Prince Chaddha 90d48ca1aa
Merge pull request #4195 from ritikchaddha/patch-36
Create ecology-arbitrary-file-upload.yaml
2022-04-20 01:25:01 +04:00
Prince Chaddha a9aab42ead
Update and rename vulnerabilities/other/ecology-arbitrary-file-upload.yaml to vulnerabilities/ecology/ecology-arbitrary-file-upload.yaml 2022-04-20 01:22:26 +04:00
Prince Chaddha 2669491e8a
Update ecology-v8-sqli.yaml 2022-04-20 01:03:52 +04:00
Ritik Chaddha 6125f3beee
Update ecology-arbitrary-file-upload.yaml 2022-04-20 02:17:41 +05:30
Ritik Chaddha 15586bf5ef
Create ecology-v8-sqli.yaml 2022-04-20 02:11:43 +05:30
Ritik Chaddha bbd06de880
Create ecology-arbitrary-file-upload.yaml 2022-04-20 02:01:43 +05:30
Ritik Chaddha aec114c561
Create tianqing-info-leak.yaml 2022-04-20 01:34:41 +05:30
MostInterestingBotInTheWorld 3e2e842d0e
Dashboard Content Ehnancements (#4183)
* Spacing and other template cleanups
* duplicate yaml tags

Co-authored-by: sullo <sullo@cirt.net>
2022-04-18 10:00:15 -04:00
Prince Chaddha 433bc68f85
Update ninjaform-open-redirect.yaml 2022-04-18 13:47:45 +04:00
Muhammad Daffa fb17e3c779
Update ninjaform-open-redirect.yaml 2022-04-18 14:04:09 +07:00
Prince Chaddha 406f8fab71
Update zzcms-xss.yaml 2022-04-18 02:37:25 +04:00
Muhammad Daffa d8d4d30a3d
Update wp-woocommerce-email-verification.yaml (#4175) 2022-04-17 11:51:29 +05:30
Sandeep Singh f95e43a5af
CORS misconfig improvements (#3988)
* CORS misconfig improvements

* more updates

* Update cors-misconfig.yaml

* misc update
2022-04-16 21:06:53 +05:30
Ritik Chaddha 768aba3b09
Create zzcms-xss.yaml 2022-04-16 14:32:25 +05:30
MostInterestingBotInTheWorld 5730781afa
Dashboard Content Enhancements (#4157)
* Enhancement: exposures/files/joomla-file-listing.yaml by cs

* Enhancement: cves/2019/CVE-2019-5418.yaml by mp

* Enhancement: cves/2016/CVE-2016-10940.yaml by mp

* Enhancement: cves/2015/CVE-2015-4694.yaml by mp

* Enhancement: cves/2016/CVE-2016-10960.yaml by mp

* Enhancement: cves/2021/CVE-2021-20091.yaml by mp

* Enhancement: cves/2021/CVE-2021-20092.yaml by mp

* Enhancement: vulnerabilities/other/solar-log-authbypass.yaml by mp

* Enhancement: vulnerabilities/wordpress/churchope-lfi.yaml by mp

* Enhancement: vulnerabilities/other/solar-log-authbypass.yaml by mp

* Enhancement: cves/2017/CVE-2017-10075.yaml by mp

* Enhancement: cves/2021/CVE-2021-27358.yaml by mp

* Enhancement: cves/2017/CVE-2017-9833.yaml by mp

* Enhancement: vulnerabilities/wordpress/wordpress-accessible-wpconfig.yaml by mp

* Enhancement: vulnerabilities/wordpress/wp-spot-premium-lfi.yaml by mp

* Enhancement: misconfiguration/symfony-debugmode.yaml by mp

* Enhancement: cves/2016/CVE-2016-10940.yaml by mp

* Enhancement: cves/2015/CVE-2015-4694.yaml by mp

* Enhancement: cves/2016/CVE-2016-10960.yaml by mp

* Enhancement: cves/2015/CVE-2015-4694.yaml by mp

* Enhancement: vulnerabilities/wordpress/churchope-lfi.yaml by mp

* Enhancement: cves/2017/CVE-2017-10075.yaml by mp

* Enhancement: cves/2021/CVE-2021-27358.yaml by mp

* Enhancement: vulnerabilities/wordpress/wordpress-accessible-wpconfig.yaml by mp

* Enhancement: vulnerabilities/wordpress/wp-spot-premium-lfi.yaml by mp

* Enhancement: vulnerabilities/wordpress/newsletter-open-redirect.yaml by mp

* Enhancement: vulnerabilities/wordpress/newsletter-open-redirect.yaml by mp

* Enhancement: vulnerabilities/wordpress/pieregister-open-redirect.yaml by mp

* Enhancement: cves/2021/CVE-2021-25055.yaml by mp

* Enhancement: cves/2021/CVE-2021-25028.yaml by mp

* Enhancement: vulnerabilities/wordpress/noptin-open-redirect.yaml by mp

* Enhancement: vulnerabilities/wordpress/elex-woocommerce-xss.yaml by mp

* Enhancement: vulnerabilities/wordpress/my-chatbot-xss.yaml by mp

* Enhancement: vulnerabilities/wordpress/wp-adaptive-xss.yaml by mp

* Enhancement: cves/2021/CVE-2021-24947.yaml by mp

* Enhancement: cves/2021/CVE-2021-24406.yaml by mp

* Enhancement: vulnerabilities/wordpress/elementorpage-open-redirect.yaml by mp

* Enhancement: cves/2016/CVE-2016-10033.yaml by mp

* Enhancement: cves/2021/CVE-2021-31682.yaml by mp

* Enhancement: vulnerabilities/wordpress/wp-woocommerce-file-download.yaml by mp

* Enhancement: cves/2021/CVE-2021-22986.yaml by mp

* Enhancement: vulnerabilities/wordpress/newsletter-open-redirect.yaml by mp

* Enhancement: vulnerabilities/wordpress/pieregister-open-redirect.yaml by mp

* Enhancement: cves/2021/CVE-2021-25055.yaml by mp

* Enhancement: cves/2021/CVE-2021-25028.yaml by mp

* Enhancement: vulnerabilities/wordpress/noptin-open-redirect.yaml by mp

* Enhancement: vulnerabilities/wordpress/elex-woocommerce-xss.yaml by mp

* Enhancement: cves/2021/CVE-2021-24947.yaml by mp

* Enhancement: cves/2021/CVE-2021-24406.yaml by mp

* Enhancement: cves/2021/CVE-2021-22986.yaml by mp

* Enhancement: cves/2016/CVE-2016-10033.yaml by mp

* Enhancement: vulnerabilities/wordpress/elementorpage-open-redirect.yaml by mp

* Enhancement: cves/2021/CVE-2021-24406.yaml by mp

* Relocating to CVE folder

* Enhancement: cves/2017/CVE-2017-14651.yaml by mp

* Enhancement: cves/2020/CVE-2020-24589.yaml by mp

* Enhancement: vulnerabilities/confluence/confluence-ssrf-sharelinks.yaml by mp

* Enhancement: cves/2019/CVE-2019-2729.yaml by mp

* Enhancement: cves/2018/CVE-2018-2893.yaml by mp

* Enhancement: cves/2018/CVE-2018-2628.yaml by mp

* Enhancement: cves/2018/CVE-2018-3238.yaml by mp

* Enhancement: cves/2018/CVE-2018-3238.yaml by mp

* Enhancement: cves/2017/CVE-2017-3528.yaml by mp

* Enhancement: cves/2019/CVE-2019-2588.yaml by mp

* Enhancement: cves/2021/CVE-2021-31755.yaml by mp

* Enhancement: cves/2021/CVE-2021-42071.yaml by mp

* Enhancement: misconfiguration/zabbix-dashboards-access.yaml by mp

* Enhancement: cves/2017/CVE-2017-14651.yaml by mp

* Enhancement: cves/2020/CVE-2020-24589.yaml by mp

* Enhancement: vulnerabilities/confluence/confluence-ssrf-sharelinks.yaml by mp

* Enhancement: cves/2019/CVE-2019-2729.yaml by mp

* Enhancement: cves/2018/CVE-2018-2893.yaml by mp

* Enhancement: cves/2018/CVE-2018-3238.yaml by mp

* Enhancement: cves/2017/CVE-2017-3528.yaml by mp

* Enhancement: cves/2021/CVE-2021-42071.yaml by mp

* Syntax corrections
Added some cve-id fields
Removed duplicate dashboard comments

* Tag typo

Co-authored-by: sullo <sullo@cirt.net>
2022-04-15 12:39:44 -04:00
Prince Chaddha eda4cdd339
Merge pull request #4102 from ritikchaddha/patch-23
Create qizhi-fortressaircraft-unauthorized.yaml
2022-04-12 01:39:51 +05:30
Prince Chaddha 13de1b849c
Merge pull request #4106 from ritikchaddha/patch-25
Create pyspider-unauthorized-access.yaml
2022-04-12 01:38:05 +05:30
Prince Chaddha dda19c0a9b
Update and rename qizhi-fortressaircraft-unauthorized.yaml to qizhi-fortressaircraft-unauth.yaml 2022-04-12 01:37:20 +05:30
Prince Chaddha 39336f2ca5
Update pyspider-unauthorized-access.yaml 2022-04-12 01:34:02 +05:30
MostInterestingBotInTheWorld 45174dee16
Dashboard Content Enhancements (#4111)
Dashboard Content Enhancements
2022-04-11 10:42:35 -04:00
Ritik Chaddha a874ccac44
Create pyspider-unauthorized-access.yaml 2022-04-11 12:36:33 +05:30
Ritik Chaddha 55907e03a9
Create qizhi-fortressaircraft-unauthorized.yaml 2022-04-11 12:12:24 +05:30
Sandeep Singh 5eb47292e4
Added Reprise License Manager Templates (#4097)
Co-Authored-By: Akincibor <99909324+Akincibor@users.noreply.github.com>

Co-authored-by: Akincibor <99909324+Akincibor@users.noreply.github.com>
2022-04-10 12:41:31 +05:30
Prince Chaddha 7a26b26611
Merge pull request #4079 from ritikchaddha/patch-19
Create  hanming-video-conferencing-file-read.yaml
2022-04-10 01:15:06 +05:30
Prince Chaddha c48a3009ef
Update and rename hanming-video-conferencing-file-read.yaml to hanming-lfr.yaml 2022-04-10 01:12:47 +05:30
Prince Chaddha fb3b587f8d
Merge pull request #4080 from ritikchaddha/patch-20
Create tongda-user-session-disclosure.yaml
2022-04-10 01:10:41 +05:30
Prince Chaddha da6a91f00c
Update and rename tongda-user-session-disclosure.yaml to tongda-session-disclosure.yaml 2022-04-10 01:07:22 +05:30
Prince Chaddha 3a870ceb11
Update yongyou-u8-oa-sqli.yaml 2022-04-10 00:40:02 +05:30
Ritik Chaddha e33e5186d7
Create yongyou-u8-oa-sqli.yaml 2022-04-08 13:43:23 +05:30
Ritik Chaddha 4333ef4f89
Create tongda-user-session-disclosure.yaml 2022-04-08 13:42:20 +05:30
Ritik Chaddha 14029f1772
Create hanming-video-conferencing-file-read.yaml 2022-04-08 13:40:46 +05:30
Prince Chaddha 210d16392b
Merge pull request #4064 from ritikchaddha/patch-8
Create ecology-syncuserinfo-sqli.yaml
2022-04-07 19:27:52 +05:30
MostInterestingBotInTheWorld a24ef794b7
Dashboard Content Enhancements (#4031)
Dashboard Content Enhancements
2022-04-07 09:53:15 -04:00
Prince Chaddha bb4358e498
Update ecology-syncuserinfo-sqli.yaml 2022-04-07 18:42:11 +05:30
Prince Chaddha 7791b71a8d
Update ecology-syncuserinfo-sqli.yaml 2022-04-07 18:40:03 +05:30
Prince Chaddha 8a45bc4f7d
Update hiboss-rce.yaml 2022-04-07 18:12:31 +05:30
Prince Chaddha 84b9e66fba
Merge pull request #4073 from ritikchaddha/patch-16
Create pbootcms-database-file-download.yaml
2022-04-07 17:32:58 +05:30
Prince Chaddha 6f2ae23929
Merge pull request #4074 from ritikchaddha/patch-17
Create dss-download-fileread.yaml
2022-04-07 17:32:37 +05:30
Prince Chaddha d2c87cf12a
Update pbootcms-database-file-download.yaml 2022-04-07 17:30:29 +05:30
Prince Chaddha 465b904cf1
Update pbootcms-database-file-download.yaml 2022-04-07 17:24:43 +05:30
Prince Chaddha c509256843
Update dss-download-fileread.yaml 2022-04-07 17:07:42 +05:30
Prince Chaddha 3dafb4bbfe
Update kingsoft-v8-file-read.yaml 2022-04-07 16:58:32 +05:30
Ritik Chaddha 78625369df
Create dss-download-fileread.yaml 2022-04-07 16:01:28 +05:30
Ritik Chaddha cfee24aaa7
Create pbootcms-database-file-download.yaml 2022-04-07 15:53:09 +05:30
Ritik Chaddha 2f849a6620
Create kingsoft-v8-file-read.yaml 2022-04-07 15:15:14 +05:30
Prince Chaddha 0c6a333a38
Update ns-asg-file-read.yaml 2022-04-07 14:31:10 +05:30
Prince Chaddha 9bf3b9493c
Update ns-asg-file-read.yaml 2022-04-07 14:24:10 +05:30
Prince Chaddha 888c593257
Update ns-asg-file-read.yaml 2022-04-07 14:23:54 +05:30
Ritik Chaddha 37dc09b55b
Update ns-asg-file-read.yaml 2022-04-07 14:14:15 +05:30
sullo becdd7810b
Cleanup Joomla! Jvehicles template (#3983)
* Cleanup Joomla! Jvehicles template since it was labeled as SQLi but had a test for LFI
Create new template for the Jvehicles LFI

* Fix id

* path update

* Delete CVE-2010-1873.yaml

temporarily removing as it doesn't contain the exact matchers.

Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
2022-04-06 17:21:08 +05:30
Ritik Chaddha affc2d4e52
Create ecology-syncuserinfo-sqli.yaml 2022-04-06 14:25:59 +05:30
Prince Chaddha 3b767cd5b6
Merge pull request #4055 from ritikchaddha/patch-5
Create kingdee-eas-directory-traversal.yaml
2022-04-06 13:34:12 +05:30
Prince Chaddha 0c07ddb3a7
Update kingdee-eas-directory-traversal.yaml 2022-04-06 13:32:42 +05:30
Prince Chaddha 7aa021fd1e
Merge pull request #4057 from ritikchaddha/patch-7
Create seacms-sqli.yaml
2022-04-06 13:32:19 +05:30
Prince Chaddha b5e81d3f54
Update kingdee-eas-directory-traversal.yaml 2022-04-06 13:31:21 +05:30
Prince Chaddha 831f53d205
Rename vulnerabilities/seacms-sqli.yaml to vulnerabilities/other/seacms-sqli.yaml 2022-04-06 13:21:30 +05:30
Prince Chaddha c3e409cff5
Update seacms-sqli.yaml 2022-04-06 10:18:53 +05:30
Prince Chaddha 9ade9247db
Merge pull request #4035 from projectdiscovery/3cx-management-console
Create 3cx-management-console.yaml
2022-04-06 09:37:38 +05:30
Prince Chaddha 0451a7c3ea
Update 3cx-management-console.yaml 2022-04-06 09:30:14 +05:30
Sandeep Singh 3d15307605
Fixed mobileiron-log4j-jndi-rce (#4060) 2022-04-05 23:02:05 +05:30
Ritik Chaddha 4e8eb2adc8
Create seacms-sqli.yaml 2022-04-05 18:42:45 +05:30
Ritik Chaddha cd16ff171d
Create kingdee-eas-directory-traversal.yaml 2022-04-05 17:20:57 +05:30
Prince Chaddha 1d0be90f62
Merge pull request #4044 from Splint3r7/master
Enhancement - PR#4009
2022-04-04 18:40:48 +05:30
Hassan Khan 45b992d75d Updating Templates 2022-04-03 14:17:31 +05:00
Prince Chaddha cbb575dddb
Create 3cx-management-console.yaml 2022-04-02 16:24:05 +05:30
Prince Chaddha ef807cd420
Merge pull request #4005 from daffainfo/patch-7
Create admin-word-count-column-lfi.yaml
2022-04-02 16:11:47 +05:30
Prince Chaddha 786636813e
Update admin-word-count-column-lfi.yaml 2022-04-02 16:09:39 +05:30
Prince Chaddha 58d84ce38a
Merge pull request #4004 from daffainfo/patch-6
Create amministrazione-aperta-lfi.yaml
2022-04-02 16:07:07 +05:30
Prince Chaddha 56b6ef7205
Update amministrazione-aperta-lfi.yaml 2022-04-02 16:04:50 +05:30
Prince Chaddha b09ac6b3bc
Merge pull request #4009 from Splint3r7/master
Add video-synchro-pdf & cab-fare-calculator - WordPress Plugin LFI
2022-04-02 15:32:30 +05:30
Prince Chaddha 0468dc5782
Update video-synchro-pdf-lfi.yaml 2022-04-02 15:30:18 +05:30
Prince Chaddha a13f72f634
Update cab-fare-calculator-lfi.yaml 2022-04-02 15:28:48 +05:30
Prince Chaddha 4a1d72d2a7
Update video-synchro-pdf-lfi.yaml 2022-04-02 15:25:19 +05:30
Prince Chaddha 87e5919079
Update cab-fare-calculator-lfi.yaml 2022-04-02 15:24:02 +05:30
MostInterestingBotInTheWorld 6ddfbac2b4
Dashboard Content Enhancement (#4020)
* Enhancement: cnvd/2021/CNVD-2021-15822.yaml by mp

* Enhancement: exposed-panels/apache/tomcat-pathnormalization.yaml by mp

* Enhancement: cves/2021/CVE-2021-40542.yaml by mp

* Enhancement: misconfiguration/horde-unauthenticated.yaml by mp

* Enhancement: misconfiguration/horde-unauthenticated.yaml by mp

* Enhancement: misconfiguration/horde-unauthenticated.yaml by mp

* Enhancement: cves/2021/CVE-2021-40542.yaml by mp

* Enhancement: exposed-panels/apiman-panel.yaml by mp

* Enhancement: cves/2010/CVE-2010-1873.yaml by mp

* Enhancement: exposed-panels/arcgis/arcgis-panel.yaml by mp

* Enhancement: exposed-panels/arcgis/arcgis-rest-api.yaml by mp

* Enhancement: exposed-panels/argocd-login.yaml by mp

* Enhancement: exposed-panels/atlassian-crowd-panel.yaml by mp

* Enhancement: exposed-panels/atvise-login.yaml by mp

* Enhancement: exposed-panels/avantfax-panel.yaml by mp

* Enhancement: exposed-panels/avatier-password-management.yaml by mp

* Enhancement: exposed-panels/axigen-webadmin.yaml by mp

* Enhancement: exposed-panels/axigen-webmail.yaml by mp

* Enhancement: exposed-panels/azkaban-web-client.yaml by mp

* Enhancement: exposed-panels/acunetix-panel.yaml by mp

* Enhancement: exposed-panels/adiscon-loganalyzer.yaml by mp

* Enhancement: exposed-panels/adminer-panel.yaml by mp

* Enhancement: cves/2010/CVE-2010-1870.yaml by mp

* Enhancement: exposed-panels/adminset-panel.yaml by mp

* Enhancement: exposed-panels/adobe/adobe-component-login.yaml by mp

* Enhancement: exposed-panels/adobe/adobe-connect-central-login.yaml by mp

* Enhancement: exposed-panels/adobe/adobe-experience-manager-login.yaml by mp

* Enhancement: exposed-panels/adobe/adobe-media-server.yaml by mp

* Enhancement: exposed-panels/advance-setup.yaml by mp

* Enhancement: exposed-panels/aerohive-netconfig-ui.yaml by mp

* Enhancement: exposed-panels/aims-password-mgmt-client.yaml by mp

* Enhancement: exposed-panels/aims-password-mgmt-client.yaml by mp

* Enhancement: exposed-panels/aims-password-portal.yaml by mp

* Enhancement: exposed-panels/airflow-panel.yaml by mp

* Enhancement: exposed-panels/airflow-panel.yaml by mp

* spacing issues

* Spacing

* HTML codes improperly interpreted
Relocate horde-unauthenticated.yaml to CVE-2005-3344.yaml

* Relocate horde-unauthenticated.yaml to CVE-2005-3344.yaml

* Enhancement: technologies/waf-detect.yaml by mp

* Enhancement: vulnerabilities/wordpress/wordpress-wpcourses-info-disclosure.yaml by mp

* Enhancement: vulnerabilities/wordpress/wordpress-wpcourses-info-disclosure.yaml by mp

* Enhancement: network/sap-router-info-leak.yaml by mp

* Enhancement: vulnerabilities/wordpress/wordpress-wpcourses-info-disclosure.yaml by mp

* Enhancement: network/sap-router-info-leak.yaml by mp

* Enhancement: network/exposed-adb.yaml by mp

* Enhancement: vulnerabilities/vmware/vrealize-operations-log4j-rce.yaml by mp

* Enhancement: vulnerabilities/vmware/vrealize-operations-log4j-rce.yaml by mp

* Enhancement: vulnerabilities/vmware/vrealize-operations-log4j-rce.yaml by mp

* Enhancement: vulnerabilities/vmware/vrealize-operations-log4j-rce.yaml by mp

* Enhancement: vulnerabilities/wordpress/wordpress-woocommerce-sqli.yaml by mp

* Enhancement: exposures/tokens/digitalocean/tugboat-config-exposure.yaml by mp

* Enhancement: exposed-panels/concrete5/concrete5-install.yaml by mp

* Enhancement: vulnerabilities/wordpress/wordpress-infinitewp-auth-bypass.yaml by mp

* indentation issue

* Character encoding issue fix

* Enhancement: default-logins/alibaba/canal-default-login.yaml by mp

* Enhancement: default-logins/alphaweb/alphaweb-default-login.yaml by mp

* Enhancement: default-logins/ambari/ambari-default-login.yaml by mp

* Enhancement: default-logins/apache/airflow-default-login.yaml by mp

* Enhancement: default-logins/apache/apisix-default-login.yaml by mp

* Enhancement: default-logins/apollo/apollo-default-login.yaml by mp

* Enhancement: default-logins/arl/arl-default-login.yaml by mp

* Enhancement: default-logins/digitalrebar/digitalrebar-default-login.yaml by mp

* Enhancement: default-logins/mantisbt/mantisbt-default-credential.yaml by mp

* Enhancement: default-logins/stackstorm/stackstorm-default-login.yaml by mp

* Enhancement: dns/caa-fingerprint.yaml by mp

* Enhancement: exposed-panels/active-admin-exposure.yaml by mp

* Enhancement: exposed-panels/activemq-panel.yaml by mp

* Enhancement: default-logins/ambari/ambari-default-login.yaml by mp

* Restore & stomped by dashboard

* Enhancement: cves/2010/CVE-2010-1653.yaml by mp

* Enhancement: cves/2021/CVE-2021-38751.yaml by mp

* Enhancement: cves/2021/CVE-2021-39320.yaml by mp

* Enhancement: cves/2021/CVE-2021-39322.yaml by mp

* Enhancement: cves/2021/CVE-2021-39327.yaml by mp

* Enhancement: cves/2021/CVE-2021-39350.yaml by mp

* Enhancement: cves/2021/CVE-2021-39433.yaml by mp

* Enhancement: cves/2021/CVE-2021-41192.yaml by mp

* Enhancement: cnvd/2021/CNVD-2021-15824.yaml by mp

* Enhancement: exposed-panels/ansible-semaphore-panel.yaml by mp

* Enhancement: exposed-panels/aviatrix-panel.yaml by mp

* Enhancement: cves/2022/CVE-2022-24288.yaml by mp

* Enhancement: cves/2022/CVE-2022-24990.yaml by mp

* Enhancement: cves/2022/CVE-2022-26159.yaml by mp

* Enhancement: default-logins/aem/aem-default-login.yaml by mp

* Enhancement: exposed-panels/blue-iris-login.yaml by mp

* Enhancement: exposed-panels/bigbluebutton-login.yaml by mp

* Enhancement: cves/2022/CVE-2022-24288.yaml by mp

* Enhancement: cves/2022/CVE-2022-24990.yaml by mp

* Enhancement: cves/2022/CVE-2022-26159.yaml by mp

* Enhancement: default-logins/aem/aem-default-login.yaml by mp

* Spacing issues
Add cve-id field

* fix & stomping

* Enhancement: cves/2016/CVE-2016-1000141.yaml by mp

* Enhancement: cves/2020/CVE-2020-24912.yaml by mp

* Enhancement: cves/2021/CVE-2021-35265.yaml by mp

* Enhancement: cves/2022/CVE-2022-0437.yaml by mp

* Enhancement: cves/2010/CVE-2010-1601.yaml by mp

* Enhancement: technologies/teradici-pcoip.yaml by mp

* Enhancement: vulnerabilities/other/unauth-hoteldruid-panel.yaml by mp

* Enhancement: cves/2010/CVE-2010-1475.yaml by mp

* Enhancement: cves/2010/CVE-2010-1535.yaml by mp

* Enhancement: exposed-panels/epson-web-control-detect.yaml by mp

* Enhancement: exposed-panels/epson-access-detect.yaml by mp

* Enhancement: cves/2020/CVE-2020-29453.yaml by mp

* Fix spacing

* Remove empty cve lines and relocate tags

* Remove blank cve lines & move tags

* Fix merge errors

* Enhancement: cves/2020/CVE-2020-21224.yaml by mp

* Enhancement: cves/2020/CVE-2020-24148.yaml by mp

* Enhancement: cves/2020/CVE-2020-24391.yaml by mp

* Enhancement: cves/2020/CVE-2020-24589.yaml by mp

* Enhancement: cves/2020/CVE-2020-25213.yaml by mp

* Enhancement: cves/2020/CVE-2020-25223.yaml by mp

* Enhancement: cves/2020/CVE-2020-25506.yaml by mp

* Enhancement: cves/2020/CVE-2020-2551.yaml by mp

* Enhancement: cves/2020/CVE-2020-28871.yaml by mp

* Enhancement: cves/2020/CVE-2020-28188.yaml by mp

* Enhancement: cves/2020/CVE-2020-26948.yaml by mp

* Enhancement: cves/2020/CVE-2020-26919.yaml by mp

* Enhancement: cves/2020/CVE-2020-26214.yaml by mp

* Enhancement: cves/2020/CVE-2020-25223.yaml by mp

* Enhancement: cves/2020/CVE-2020-21224.yaml by mp

* Enhancement: cves/2020/CVE-2020-24148.yaml by mp

* Enhancement: cves/2020/CVE-2020-24186.yaml by mp

* Enhancement: cves/2020/CVE-2020-24186.yaml by mp

* Enhancement: cves/2020/CVE-2020-24391.yaml by mp

* Enhancement: cves/2020/CVE-2020-24589.yaml by mp

* Enhancement: cves/2020/CVE-2020-25213.yaml by mp

* Enhancement: cves/2020/CVE-2020-25223.yaml by mp

* Enhancement: cves/2020/CVE-2020-25506.yaml by mp

* Enhancement: cves/2020/CVE-2020-28871.yaml by mp

* Enhancement: cves/2020/CVE-2020-28188.yaml by mp

* Enhancement: cves/2020/CVE-2020-26948.yaml by mp

* Enhancement: cves/2020/CVE-2020-26919.yaml by mp

* Enhancement: cves/2020/CVE-2020-26214.yaml by mp

* Syntax cleanup

* Enhancement: cves/2021/CVE-2021-38647.yaml by mp

* Syntax and a title change

* Enhancement: cves/2021/CVE-2021-38702.yaml by mp

* Fix references

* Enhancement: cves/2021/CVE-2021-38704.yaml by mp

* Enhancement: cves/2021/CVE-2021-41691.yaml by mp

* Enhancement: cves/2021/CVE-2021-41691.yaml by mp

* Enhancement: cves/2021/CVE-2021-41691.yaml by mp

* Enhancement: cves/2021/CVE-2021-44529.yaml by mp

* Conflicts resolved

* Fix quoting

* Enhancement: cves/2021/CVE-2021-45967.yaml by mp

* Enhancement: cves/2022/CVE-2022-0189.yaml by mp

* Enhancement: cves/2022/CVE-2022-0189.yaml by mp

* Enhancement: cves/2022/CVE-2022-23779.yaml by mp

* Enhancement: default-logins/apache/dolphinscheduler-default-login.yaml by mp

* Enhancement: default-logins/cobbler/hue-default-credential.yaml by mp

* Enhancement: default-logins/emqx/emqx-default-login.yaml by mp

* Enhancement: default-logins/geoserver/geoserver-default-login.yaml by mp

* Enhancement: cves/2021/CVE-2021-38647.yaml by mp

* Enhancement: cves/2021/CVE-2021-41691.yaml by mp

* Enhancement: cves/2021/CVE-2021-45967.yaml by mp

* Enhancement: cves/2022/CVE-2022-0189.yaml by mp

* Enhancement: cnvd/2021/CNVD-2021-14536.yaml by mp

* Enhancement: default-logins/apache/dolphinscheduler-default-login.yaml by mp

* Enhancement: default-logins/geoserver/geoserver-default-login.yaml by mp

* Update CVE-2020-25223.yaml

* Update CVE-2020-26214.yaml

* Update CVE-2020-25506.yaml

* Update CVE-2020-2551.yaml

* Update CVE-2020-26919.yaml

* Update CVE-2021-44529.yaml

* Update CVE-2020-28871.yaml

* Update CVE-2020-28188.yaml

* Update CVE-2021-45967.yaml

* Update hue-default-credential.yaml

* Update CVE-2021-44529.yaml

* misc syntax update

* Syntax  restore some characters

* Spacing

* Enhancement: vulnerabilities/wordpress/hide-security-enhancer-lfi.yaml by mp

* Enhancement: vulnerabilities/wordpress/issuu-panel-lfi.yaml by mp

* Enhancement: cves/2019/CVE-2019-10068.yaml by mp

* Enhancement: cves/2019/CVE-2019-10232.yaml by mp

* Enhancement: cves/2019/CVE-2019-10758.yaml by mp

* Enhancement: cves/2019/CVE-2019-11510.yaml by mp

* Enhancement: cves/2019/CVE-2019-11580.yaml by mp

* Enhancement: cves/2019/CVE-2019-11581.yaml by mp

* Enhancement: cves/2019/CVE-2019-12314.yaml by mp

* Enhancement: cves/2019/CVE-2019-13101.yaml by mp

* Link wrapping issue

* Enhancement: cves/2019/CVE-2019-13462.yaml by mp

* Enhancement: cves/2019/CVE-2019-15107.yaml by mp

* Enhancement: cves/2019/CVE-2019-15859.yaml by mp

* Enhancement: cves/2019/CVE-2019-16759.yaml by mp

* Enhancement: cves/2019/CVE-2019-16662.yaml by mp

* Enhancement: cves/2019/CVE-2019-16278.yaml by mp

* Enhancement: cves/2019/CVE-2019-10232.yaml by mp

* Enhancement: cves/2019/CVE-2019-10758.yaml by mp

* Enhancement: cves/2019/CVE-2019-11510.yaml by mp

* Enhancement: cves/2019/CVE-2019-12725.yaml by mp

* Enhancement: cves/2019/CVE-2019-13101.yaml by mp

* Enhancement: cves/2019/CVE-2019-15107.yaml by mp

* Enhancement: cves/2019/CVE-2019-15859.yaml by mp

* Enhancement: cves/2019/CVE-2019-16662.yaml by mp

* Enhancement: cnvd/2021/CNVD-2021-10543.yaml by cs

* Enhancement: cves/2021/CVE-2021-33807.yaml by mp

* Enhancement: cves/2010/CVE-2010-0943.yaml by mp

* Enhancement: cves/2008/CVE-2008-6172.yaml by mp

* Enhancement: vulnerabilities/simplecrm/simple-crm-sql-injection.yaml by mp

* Enhancement: vulnerabilities/oracle/oracle-siebel-xss.yaml by mp

* Enhancement: cves/2010/CVE-2010-1602.yaml by mp

* Enhancement: cves/2010/CVE-2010-1474.yaml by mp

* Enhancement: network/cisco-smi-exposure.yaml by mp

* Enhancement: cves/2021/CVE-2021-37704.yaml by mp

* Enhancement: vulnerabilities/other/microweber-xss.yaml by mp

* Enhancement: cves/2019/CVE-2019-16313.yaml by mp

* Enhancement: cves/2021/CVE-2021-3017.yaml by mp

* Enhancement: cves/2010/CVE-2010-1353.yaml by mp

* Enhancement: cves/2010/CVE-2010-5278.yaml by mp

* Enhancement: cves/2021/CVE-2021-37573.yaml by mp

* Enhancement: vulnerabilities/oracle/oracle-siebel-xss.yaml by mp

* Enhancement: cves/2010/CVE-2010-1602.yaml by mp

* Enhancement: cves/2010/CVE-2010-1474.yaml by mp

* Enhancement: vulnerabilities/other/microweber-xss.yaml by mp

* Enhancement: cves/2018/CVE-2018-11709.yaml by mp

* Enhancement: cves/2014/CVE-2014-2321.yaml by mp

* Enhancement: vulnerabilities/other/visual-tools-dvr-rce.yaml by mp

* Enhancement: vulnerabilities/other/visual-tools-dvr-rce.yaml by mp

* Manual enhancement

* Manual enhancement push due to dashboard failure

* Testing of dashboard accidentally commited to dashboard branch

* Spacing
Put some CVEs in the classification

* Add missing cve-id fields to templates in cve/

Co-authored-by: sullo <sullo@cirt.net>
Co-authored-by: Prince Chaddha <prince@projectdiscovery.io>
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-04-01 14:21:42 +05:30
sandeep b06d02b2fe template id update 2022-03-30 15:16:52 +05:30
Hassan Khan e667127067 Merge branch 'master' of https://github.com/Splint3r7/nuclei-templates 2022-03-30 10:42:37 +05:00
Hassan Khan df4bc6693d WordPress LFI 2022-03-30 10:42:22 +05:00
Hassan Khan 1da098f499 Will push again 2022-03-30 10:39:37 +05:00
Hassan Khan 1f815786c0 LFI Templates 2022-03-30 10:35:04 +05:00
Muhammad Daffa 10fe7186ca
Create admin-word-count-column-lfi.yaml 2022-03-29 19:59:12 +07:00
Muhammad Daffa 605bb41f03
Update amministrazione-aperta-lfi.yaml 2022-03-29 19:58:21 +07:00
Muhammad Daffa 613a5800ae
Create amministrazione-aperta-lfi.yaml 2022-03-29 19:55:33 +07:00
sandeep e82f14ee67 additional reference + path update 2022-03-28 22:28:04 +05:30
Sandeep Singh 5f28041069
Added Spring Boot Log4j Remote Code Injection (#3993)
* Added Spring Boot Log4j Remote Code Injection

* minor improvements to CVE-2021-44228

* URI based payload update to catch injection point
2022-03-28 01:46:50 +05:30
gy741 04ec5b6b6d
Create netgear-wac124-router-auth-bypass.yaml (#3986)
* Create netgear-wac124-router-auth-bypass.yaml

This vulnerability allows network-adjacent attackers to bypass authentication on affected of WAC124, AC2000 routers. Authentication is not required to exploit this vulnerability.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>

* misc update

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-03-27 20:40:41 +05:30
东方有鱼名为咸 38a902317f
add springcloud-function-spel-rce (#3991)
* add springcloud-function-spel-rce

* misc updates

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-03-27 20:17:28 +05:30
Sandeep Singh eeff6b26b8
more strict matchers (#3987) 2022-03-26 16:45:50 +05:30
Prince Chaddha 948ceb8b11
Create oracle-fatwire-lfi.yaml (#3975)
* Create oracle-fatwire-lfi.yaml

* Update oracle-fatwire-lfi.yaml

* Update oracle-fatwire-lfi.yaml

Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
2022-03-26 14:56:13 +05:30
MostInterestingBotInTheWorld eb23e6e44e
Dashboard Content Enhancements (#3980)
Dashboard Content Enhancements
2022-03-25 10:16:18 -04:00
MostInterestingBotInTheWorld 814d07fb7d
Dashboard Content Enhancements (#3961)
* Enhancement: default-logins/viewpoint/trilithic-viewpoint-login.yaml by mp

* Enhancement: default-logins/visionhub/visionhub-default-login.yaml by mp

* Enhancement: default-logins/weblogic/weblogic-weak-login.yaml by mp

* Enhancement: default-logins/wifisky/wifisky-default-login.yaml by mp

* Enhancement: default-logins/wso2/wso2-default-login.yaml by mp

* Enhancement: default-logins/xerox/xerox7-default-login.yaml by mp

* Enhancement: default-logins/xxljob/xxljob-default-login.yaml by mp

* Enhancement: default-logins/zabbix/zabbix-default-login.yaml by mp

* Enhancement: default-logins/zmanda/zmanda-default-login.yaml by mp

* Enhancement: dns/azure-takeover-detection.yaml by mp

* Enhancement: dns/cname-fingerprint.yaml by mp

* Enhancement: dns/cname-service-detection.yaml by mp

* Enhancement: dns/detect-dangling-cname.yaml by mp

* Enhancement: dns/dns-waf-detect.yaml by mp

* Enhancement: default-logins/weblogic/weblogic-weak-login.yaml by mp

* Enhancement: default-logins/xxljob/xxljob-default-login.yaml by mp

* Enhancement: dns/dnssec-detection.yaml by mp

* Enhancement: dns/ec2-detection.yaml by mp

* Add CVSS/CWE

* Trailing space

* Linting error on comment indentation

* Typo

* Enhancement: dns/elasticbeantalk-takeover.yaml by mp

* Enhancement: cves/2020/CVE-2020-23517.yaml by mp

* Enhancement: dns/elasticbeantalk-takeover.yaml by mp

* Enhancement: dns/mx-fingerprint.yaml by mp

* Enhancement: dns/mx-service-detector.yaml by mp

* Enhancement: dns/nameserver-fingerprint.yaml by mp

* Enhancement: dns/ptr-fingerprint.yaml by mp

* Enhancement: dns/servfail-refused-hosts.yaml by mp

* Enhancement: dns/spoofable-spf-records-ptr.yaml by mp

* Enhancement: dns/txt-fingerprint.yaml by mp

* Enhancement: dns/worksites-detection.yaml by mp

* Enhancement: exposed-panels/3g-wireless-gateway.yaml by mp

* Enhancement: exposed-panels/acemanager-login.yaml by mp

* Enhancement: exposed-panels/acrolinx-dashboard.yaml by mp

* Enhancement: dns/mx-fingerprint.yaml by mp

* Enhancement: dns/mx-service-detector.yaml by mp

* Enhancement: dns/ptr-fingerprint.yaml by mp

* Enhancement: dns/servfail-refused-hosts.yaml by mp

* Enhancement: dns/spoofable-spf-records-ptr.yaml by mp

* Enhancement: cves/2021/CVE-2021-39501.yaml by mp

* Enhancement: cves/2021/CVE-2021-40323.yaml by mp

* Enhancement: cves/2021/CVE-2021-40539.yaml by mp

* Enhancement: cves/2021/CVE-2021-40542.yaml by mp

* Enhancement: cves/2021/CVE-2021-40856.yaml by mp

* Enhancement: cves/2021/CVE-2021-40859.yaml by mp

* Enhancement: cves/2021/CVE-2021-40323.yaml by mp

* Enhancement: cves/2021/CVE-2021-40539.yaml by mp

* Enhancement: cves/2010/CVE-2010-1875.yaml by mp

* Enhancement: exposed-panels/aims-password-portal.yaml by mp

* Enhancement: exposed-panels/airflow-panel.yaml by mp

* Enhancement: exposed-panels/akamai-cloudtest.yaml by mp

* Enhancement: exposed-panels/alfresco-detect.yaml by mp

* Enhancement: exposed-panels/alienvault-usm.yaml by mp

* Enhancement: exposed-panels/ambari-exposure.yaml by mp

* Enhancement: exposed-panels/amcrest-login.yaml by mp

* Enhancement: exposed-panels/ametys-admin-login.yaml by mp

* Enhancement: exposed-panels/ametys-admin-login.yaml by mp

* Enhancement: exposed-panels/alienvault-usm.yaml by mp

* Enhancement: exposed-panels/airflow-panel.yaml by mp

* Enhancement: exposed-panels/aims-password-portal.yaml by mp

* Enhancement: exposed-panels/ambari-exposure.yaml by mp

* Enhancement: cnvd/2021/CNVD-2021-17369.yaml by mp

* Enhancement: exposed-panels/apache/public-tomcat-manager.yaml by mp

* Enhancement: exposed-panels/apache/apache-apisix-panel.yaml by mp

* Enhancement: exposed-panels/ansible-tower-exposure.yaml by mp

* Enhancement: exposed-panels/ampps-panel.yaml by mp

* Enhancement: exposed-panels/ampps-admin-panel.yaml by mp

* Enhancement: exposed-panels/ametys-admin-login.yaml by mp

* Enhancement: cves/2010/CVE-2010-1878.yaml by mp

* Fix encoded chars

* trailing space

* Enhancement: cnvd/2021/CNVD-2021-15822.yaml by mp

* Enhancement: cnvd/2021/CNVD-2021-15822.yaml by mp

* Enhancement: cnvd/2021/CNVD-2021-15822.yaml by mp

* Enhancement: exposed-panels/apache/tomcat-pathnormalization.yaml by mp

* Enhancement: cves/2021/CVE-2021-40542.yaml by mp

* Enhancement: misconfiguration/horde-unauthenticated.yaml by mp

* Enhancement: misconfiguration/horde-unauthenticated.yaml by mp

* Enhancement: misconfiguration/horde-unauthenticated.yaml by mp

* Enhancement: cves/2021/CVE-2021-40542.yaml by mp

* Enhancement: exposed-panels/apiman-panel.yaml by mp

* Enhancement: cves/2010/CVE-2010-1873.yaml by mp

* Enhancement: exposed-panels/arcgis/arcgis-panel.yaml by mp

* Enhancement: exposed-panels/arcgis/arcgis-rest-api.yaml by mp

* Enhancement: exposed-panels/argocd-login.yaml by mp

* Enhancement: exposed-panels/atlassian-crowd-panel.yaml by mp

* Enhancement: exposed-panels/atvise-login.yaml by mp

* Enhancement: exposed-panels/avantfax-panel.yaml by mp

* Enhancement: exposed-panels/avatier-password-management.yaml by mp

* Enhancement: exposed-panels/axigen-webadmin.yaml by mp

* Enhancement: exposed-panels/axigen-webmail.yaml by mp

* Enhancement: exposed-panels/azkaban-web-client.yaml by mp

* Enhancement: exposed-panels/acunetix-panel.yaml by mp

* Enhancement: exposed-panels/adiscon-loganalyzer.yaml by mp

* Enhancement: exposed-panels/adminer-panel.yaml by mp

* Enhancement: cves/2010/CVE-2010-1870.yaml by mp

* Enhancement: exposed-panels/adminset-panel.yaml by mp

* Enhancement: exposed-panels/adobe/adobe-component-login.yaml by mp

* Enhancement: exposed-panels/adobe/adobe-connect-central-login.yaml by mp

* Enhancement: exposed-panels/adobe/adobe-experience-manager-login.yaml by mp

* Enhancement: exposed-panels/adobe/adobe-media-server.yaml by mp

* Enhancement: exposed-panels/advance-setup.yaml by mp

* Enhancement: exposed-panels/aerohive-netconfig-ui.yaml by mp

* Enhancement: exposed-panels/aims-password-mgmt-client.yaml by mp

* Enhancement: exposed-panels/aims-password-mgmt-client.yaml by mp

* Enhancement: exposed-panels/aims-password-portal.yaml by mp

* Enhancement: exposed-panels/airflow-panel.yaml by mp

* Enhancement: exposed-panels/airflow-panel.yaml by mp

* spacing issues

* Spacing

* HTML codes improperly interpreted
Relocate horde-unauthenticated.yaml to CVE-2005-3344.yaml

* Relocate horde-unauthenticated.yaml to CVE-2005-3344.yaml

* Enhancement: technologies/waf-detect.yaml by mp

* Enhancement: vulnerabilities/wordpress/wordpress-wpcourses-info-disclosure.yaml by mp

* Enhancement: vulnerabilities/wordpress/wordpress-wpcourses-info-disclosure.yaml by mp

* Enhancement: network/sap-router-info-leak.yaml by mp

* Enhancement: vulnerabilities/wordpress/wordpress-wpcourses-info-disclosure.yaml by mp

* Enhancement: network/sap-router-info-leak.yaml by mp

* Enhancement: network/exposed-adb.yaml by mp

* Enhancement: vulnerabilities/vmware/vrealize-operations-log4j-rce.yaml by mp

* Enhancement: vulnerabilities/vmware/vrealize-operations-log4j-rce.yaml by mp

* Enhancement: vulnerabilities/vmware/vrealize-operations-log4j-rce.yaml by mp

* Enhancement: vulnerabilities/vmware/vrealize-operations-log4j-rce.yaml by mp

* Enhancement: vulnerabilities/wordpress/wordpress-woocommerce-sqli.yaml by mp

* Enhancement: exposures/tokens/digitalocean/tugboat-config-exposure.yaml by mp

* Enhancement: exposed-panels/concrete5/concrete5-install.yaml by mp

* Enhancement: vulnerabilities/wordpress/wordpress-infinitewp-auth-bypass.yaml by mp

* indentation issue

* Character encoding issue fix

* Enhancement: default-logins/alibaba/canal-default-login.yaml by mp

* Enhancement: default-logins/alphaweb/alphaweb-default-login.yaml by mp

* Enhancement: default-logins/ambari/ambari-default-login.yaml by mp

* Enhancement: default-logins/apache/airflow-default-login.yaml by mp

* Enhancement: default-logins/apache/apisix-default-login.yaml by mp

* Enhancement: default-logins/apollo/apollo-default-login.yaml by mp

* Enhancement: default-logins/arl/arl-default-login.yaml by mp

* Enhancement: default-logins/digitalrebar/digitalrebar-default-login.yaml by mp

* Enhancement: default-logins/mantisbt/mantisbt-default-credential.yaml by mp

* Enhancement: default-logins/stackstorm/stackstorm-default-login.yaml by mp

* Enhancement: dns/caa-fingerprint.yaml by mp

* Enhancement: exposed-panels/active-admin-exposure.yaml by mp

* Enhancement: exposed-panels/activemq-panel.yaml by mp

* Enhancement: default-logins/ambari/ambari-default-login.yaml by mp

* Restore & stomped by dashboard

* Enhancement: cves/2010/CVE-2010-1653.yaml by mp

* Enhancement: cves/2021/CVE-2021-38751.yaml by mp

* Enhancement: cves/2021/CVE-2021-39320.yaml by mp

* Enhancement: cves/2021/CVE-2021-39322.yaml by mp

* Enhancement: cves/2021/CVE-2021-39327.yaml by mp

* Enhancement: cves/2021/CVE-2021-39350.yaml by mp

* Enhancement: cves/2021/CVE-2021-39433.yaml by mp

* Enhancement: cves/2021/CVE-2021-41192.yaml by mp

* Enhancement: cnvd/2021/CNVD-2021-15824.yaml by mp

* Enhancement: exposed-panels/ansible-semaphore-panel.yaml by mp

* Enhancement: exposed-panels/aviatrix-panel.yaml by mp

* Enhancement: cves/2022/CVE-2022-24288.yaml by mp

* Enhancement: cves/2022/CVE-2022-24990.yaml by mp

* Enhancement: cves/2022/CVE-2022-26159.yaml by mp

* Enhancement: default-logins/aem/aem-default-login.yaml by mp

* Enhancement: exposed-panels/blue-iris-login.yaml by mp

* Enhancement: exposed-panels/bigbluebutton-login.yaml by mp

* Enhancement: cves/2022/CVE-2022-24288.yaml by mp

* Enhancement: cves/2022/CVE-2022-24990.yaml by mp

* Enhancement: cves/2022/CVE-2022-26159.yaml by mp

* Enhancement: default-logins/aem/aem-default-login.yaml by mp

* Spacing issues
Add cve-id field

* fix & stomping

* Enhancement: cves/2016/CVE-2016-1000141.yaml by mp

* Enhancement: cves/2020/CVE-2020-24912.yaml by mp

* Enhancement: cves/2021/CVE-2021-35265.yaml by mp

* Enhancement: cves/2022/CVE-2022-0437.yaml by mp

* Enhancement: cves/2010/CVE-2010-1601.yaml by mp

* Enhancement: technologies/teradici-pcoip.yaml by mp

* Enhancement: vulnerabilities/other/unauth-hoteldruid-panel.yaml by mp

* Enhancement: cves/2010/CVE-2010-1475.yaml by mp

* Enhancement: cves/2010/CVE-2010-1535.yaml by mp

* Enhancement: exposed-panels/epson-web-control-detect.yaml by mp

* Enhancement: exposed-panels/epson-access-detect.yaml by mp

* Enhancement: cves/2020/CVE-2020-29453.yaml by mp

* Fix spacing

Co-authored-by: sullo <sullo@cirt.net>
2022-03-25 17:15:10 +05:30
Prince Chaddha a69887bb85
Update wordpress-wp-cron.yaml 2022-03-25 12:09:19 +05:30
sandeep 52d58896a1 fixed len condition 2022-03-24 18:23:32 +05:30
Prince Chaddha 3253a2a723
Update wordpress-wp-cron.yaml 2022-03-24 16:56:50 +05:30
Prince Chaddha 8956a91f51
Update wordpress-wp-cron.yaml 2022-03-24 16:23:59 +05:30
Prince Chaddha ad8b1a77c3
Update wordpress-wp-cron.yaml 2022-03-24 16:20:45 +05:30
Prince Chaddha b494dd3f94
Update wordpress-wp-cron.yaml 2022-03-24 14:49:46 +05:30
Pathtaga 122c200f76 Added wp-cron.php wordpress template 2022-03-23 18:20:58 +01:00
Prince Chaddha 95d9b7f30c
Merge pull request #3953 from projectdiscovery/regex-update
Updated "/etc/passwd" regex to avoid possible false positive results.
2022-03-23 00:23:06 +05:30
sandeep ec99241f0e Updated "/etc/passwd" regex to avoid possible false positive results. 2022-03-22 13:31:31 +05:30
Sandeep Singh c513d88d0d
Merge branch 'master' into rule-add-v102 2022-03-22 13:23:38 +05:30
MostInterestingBotInTheWorld 9663595dd1
Dashboard Text Enhancements (#3948)
Dashboard content enhancements
2022-03-21 23:48:47 -04:00
Prince Chaddha 0adf4452f8
Merge pull request #3934 from Akokonunes/patch-130
Create huawei-hg255s-lfi.yaml
2022-03-21 16:47:27 +05:30
Prince Chaddha 66927bff20
Update tekon-info-leak.yaml 2022-03-21 16:36:39 +05:30
Prince Chaddha c8118bc79f
Update and rename huawei-hg255s-lfi.yaml to vulnerabilities/huawei/huawei-hg255s-lfi.yaml 2022-03-20 13:14:34 +05:30
Sandeep Singh ec2246ee22
added confluence metadata and minor matcher updates (#3929) 2022-03-19 16:12:08 +05:30
sandeep 218b87a384 removing duplicate template 2022-03-18 21:09:34 +05:30
Muhammad Daffa b17a49d4e4
Create CNVD-2021-28277.yaml (#3892)
* Create CNVD-2021-28277.yaml

* misc update

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-03-18 20:35:35 +05:30
Sandeep Singh 5e1fb187e4
Added negative content type check (#3932) 2022-03-18 19:52:29 +05:30
GwanYeong Kim bb7dbc4f0c Create tekon-info-leak.yaml
A vulnerability in Tekon allows remote unauthenticated users to disclose the Log of the remote device.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2022-03-18 19:38:44 +09:00
Prince Chaddha fd3a1efd51
Update cache-poisoning.yaml 2022-03-17 16:49:43 +05:30
Adam Crosser aa47b1d97b
Added 23 Nuclei Templates (#3909)
* Added 23 Nuclei Templates

* Update cofense-vision-detection.yml

* Update sophos-mobile-panel-detection.yml

* Update cofense-vision-detection.yml

* Update httpbin-open-redirect.yml

* Update httpbin-xss.yml

* Update ansible-semaphore-panel.yml

* Rename ansible-semaphore-panel.yml to ansible-semaphore-panel.yaml

* Update and rename avatier_password_management.yml to avatier-password-management.yaml

* Update and rename buddy-panel.yml to buddy-panel.yaml

* Update and rename buildbot-panel.yml to buildbot-panel.yaml

* Update and rename cofense-vision-detection.yml to cofense-vision-panel.yaml

* Update and rename concourse-ci-panel.yml to concourse-ci-panel.yaml

* Update and rename drone-ci-panel.yml to drone-ci-panel.yaml

* Update and rename flowci-detection.yml to flowci-panel.yaml

* Update and rename gradle-enterprise-build-cache-detect.yml to gradle-cache-node-detect.yaml

* Update and rename exposed-panels/gradle-cache-node-detect.yaml to exposed-panels/gradle/gradle-cache-node-detect.yaml

* Update and rename exposed-panels/gradle-enterprise-panel.yml to exposed-panels/gradle/gradle-enterprise-panel.yaml

* Update and rename httpbin-detection.yml to httpbin-panel.yaml

* Update and rename leostream-detection.yml to leostream-panel.yaml

* Delete redash-detection.yml

* Update and rename sophos-mobile-panel-detection.yml to sophos-mobile-panel.yaml

* Update and rename splunk-enterprise-login-panel.yml to splunk-enterprise-panel.yaml

* Update splunk-enterprise-panel.yaml

* Update and rename stridercd-detection.yml to stridercd-panel.yaml

* Update and rename zuul-panel.yml to zuul-panel.yaml

* Update and rename zentral-detection.yml to zentral-panel.yaml

* Update and rename api-fastly.yml to api-fastly.yaml

* Update and rename api-gitlab.yml to api-gitlab.yaml

* Update and rename httpbin-xss.yml to httpbin-xss.yaml

* Update and rename httpbin-open-redirect.yml to httpbin-open-redirect.yaml

* Update and rename log4j-code42-rce.yml to code42-log4j-rce.yaml

* minor matcher fixes

* added missing hostname variable

* meta data update

Co-authored-by: Prince Chaddha <prince@projectdiscovery.io>
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-03-16 18:47:58 +05:30
Prince Chaddha 9b0c2bb854
Update dzs-zoomsounds-listing.yaml 2022-03-15 17:21:27 +05:30
sandeep 795dbfdecc Added Kiwi TCMS JSON-RPC misconfig 2022-03-13 17:50:38 +05:30
Prince Chaddha 713c8d87cf
Merge pull request #3877 from projectdiscovery/dixell-xweb500-file-write
Create dixell-xweb500-file-write.yaml
2022-03-11 16:34:36 +05:30
Prince Chaddha 5bd8cb0f89
Update and rename dixell-xweb500-file-write.yaml to dixell-xweb500-filewrite.yaml 2022-03-11 16:30:02 +05:30
Prince Chaddha 030c9484b9
Update and rename unisharp-laravel-file-manager.yaml to laravel-filemanager-lfi.yaml 2022-03-11 15:57:07 +05:30
Prince Chaddha b7cc60c53d
Update dixell-xweb500-file-write.yaml 2022-03-11 02:00:55 +05:30
Prince Chaddha d7b8f35d9f
Create unisharp-laravel-file-manager.yaml 2022-03-11 02:00:23 +05:30
Prince Chaddha a5713235f2
Create dixell-xweb500-file-write.yaml 2022-03-11 01:57:31 +05:30
MostInterestingBotInTheWorld 21d872d42c
Merge branch 'projectdiscovery:master' into dashboard 2022-03-07 08:10:22 -05:00
sandeep ac26863c5d template id/name update 2022-03-07 15:46:57 +05:30
Surya 1b814c3d07
Create vrealize-operations-tenant-app-log4j-rce.yaml 2022-03-07 04:43:20 -05:00
sullo 6378a1ab1a Update CVSS information and text content 2022-03-04 15:58:39 -05:00
sandeep 3a6c69df71 template name updates 2022-03-04 22:12:30 +05:30
MostInterestingBotInTheWorld 66f1023114
Merge branch 'projectdiscovery:master' into dashboard 2022-03-03 08:52:54 -05:00
MostInterestingBotInTheWorld d5556d3a75 Enhancement: default-logins/cobbler/cobbler-default-login.yaml by mp 2022-03-03 08:27:48 -05:00
Prince Chaddha a05b7d098e
Merge pull request #3819 from manasmbellani/cisco-ucm-uds-api-userenum
Cisco UCM UDS API Unauthenticated User Enumeration
2022-03-03 17:02:46 +05:30
Prince Chaddha 869638c91a
Update and rename exposures/apis/cisco-ucm-uds-api-username-enumeration.yaml to vulnerabilities/cisco/cucm-username-enumeration.yaml 2022-03-03 17:00:45 +05:30
Prince Chaddha b0e13cb19d
Merge pull request #3791 from pussycat0x/master
New Template Added
2022-03-03 16:44:20 +05:30
Prince Chaddha a55ae538d1
Update and rename wordpress-plugins-dzs-zoomsounds.yaml to dzs-zoomsounds-listing.yaml 2022-03-03 16:42:30 +05:30
Prince Chaddha 64670366a1
Update and rename wordpress-plugins-qards.yaml to wp-qards-listing.yaml 2022-03-03 16:41:00 +05:30
Sandeep Singh cf9e3f95c3
Merge pull request #3814 from projectdiscovery/gitlab-meta-update
GitLab metadata update
2022-03-02 21:20:55 +05:30
sandeep 0a7ad17939 added optional extractor 2022-03-02 21:15:47 +05:30
MostInterestingBotInTheWorld 83d58c326f Enhancement: vulnerabilities/other/accent-microcomputers-lfi.yaml by mp 2022-03-02 10:11:09 -05:00
MostInterestingBotInTheWorld 3f18fe8d0b Enhancement: vulnerabilities/other/accent-microcomputers-lfi.yaml by mp 2022-03-02 09:52:59 -05:00
MostInterestingBotInTheWorld 3b031c3693 Enhancement: vulnerabilities/other/74cms-sqli.yaml by mp 2022-03-02 09:43:09 -05:00
sandeep 6d32b81b2a GitLab metadata update 2022-03-02 13:05:29 +05:30
MostInterestingBotInTheWorld a330bb78bb
Merge branch 'master' into dashboard 2022-02-28 17:21:32 -05:00
Prince Chaddha c77aab2078
Merge pull request #3794 from gy741/rule-add-v98
Create microweber-xss.yaml
2022-03-01 02:50:09 +05:30
Prince Chaddha 44a9163e54
Update microweber-xss.yaml 2022-03-01 02:47:11 +05:30
Prince Chaddha db7352c0ed
Merge pull request #3792 from DhiyaneshGeek/master
Create wp-adaptive-xss.yaml
2022-03-01 02:35:54 +05:30
Prince Chaddha dc6712dbf7
Update wp-adaptive-xss.yaml 2022-03-01 02:30:16 +05:30
MostInterestingBotInTheWorld 84bb70b326 Enhancement: vulnerabilities/mobileiron/mobileiron-log4j-jndi-rce.yaml by cs 2022-02-28 14:44:36 -05:00
MostInterestingBotInTheWorld 420a995b14 Enhancement: vulnerabilities/other/unauth-spark-api.yaml by cs 2022-02-28 14:17:05 -05:00
pussycat0x 6c2c496bac
Add files via upload 2022-02-28 22:29:32 +05:30
MostInterestingBotInTheWorld 07422cead6 Enhancement: vulnerabilities/oracle/oracle-siebel-xss.yaml by cs 2022-02-28 11:32:08 -05:00
sullo 73c4e88830 Rename vulnerabilities/wordpress/easy-wp-smtp-listing.yaml to CVE-2020-35234.yaml 2022-02-28 11:25:50 -05:00
sullo aa96f25eaf Merge branch 'dashboard' of https://github.com/MostInterestingBotInTheWorld/nuclei-templates into dashboard 2022-02-28 11:24:56 -05:00
sullo ea1601f72f Remove in favor of vulnerabilities/wordpress/easy-wp-smtp-listing.yaml, which will also be moved to CVE-2020-35234.yaml 2022-02-28 11:22:57 -05:00
MostInterestingBotInTheWorld 8210121d21 Enhancement: vulnerabilities/wordpress/easy-wp-smtp-listing.yaml by cs 2022-02-28 11:22:38 -05:00
MostInterestingBotInTheWorld 8c4759d292 Enhancement: vulnerabilities/wordpress/easy-wp-smtp-listing.yaml by cs 2022-02-28 11:21:11 -05:00
MostInterestingBotInTheWorld 8bee0e5934 Enhancement: vulnerabilities/wordpress/easy-wp-smtp-listing.yaml by cs 2022-02-28 11:19:29 -05:00
MostInterestingBotInTheWorld f18404302a
Dashboard Text Enhancement (#3798)
Dashboard text enhancements
2022-02-28 09:09:26 -05:00
GwanYeong Kim 1368ea9fe7 Create microweber-xss.yaml
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2022-02-28 16:17:51 +09:00
sandeep 8abb5bf2c0 misc updates 2022-02-27 21:36:08 +05:30
Dhiyaneshwaran ad01679036
Create wp-adaptive-xss.yaml 2022-02-27 21:20:50 +05:30
sandeep fd7ac70096 misc updates 2022-02-27 16:25:03 +05:30
sandeep c07bd54967 payload fix 2022-02-25 17:28:47 +05:30
pussycat0x c8984f9266
Update qards-ssrf.yaml 2022-02-23 23:07:18 +05:30
pussycat0x 89823d95c7
Update qards-ssrf.yaml 2022-02-23 23:04:21 +05:30
pussycat0x 84f65110bd
Update qards-ssrf.yaml 2022-02-23 23:02:04 +05:30
pussycat0x 4be2ec8a81
Update qards-ssrf.yaml 2022-02-23 22:57:52 +05:30
pussycat0x b42e933514
Update qards-ssrf.yaml 2022-02-23 22:56:20 +05:30
pussycat0x e706030d5e
Add files via upload 2022-02-23 22:52:14 +05:30
Prince Chaddha 402cda8a0a
Merge pull request #3747 from Akokonunes/patch-120
Create otobo-open-redirect.yaml
2022-02-23 17:35:55 +05:30
Prince Chaddha b86641d6df
Update and rename otobo-open-redirect.yaml to vulnerabilities/other/otobo-open-redirect.yaml 2022-02-23 17:07:41 +05:30
sandeep 736e7427d6 added missing tags 2022-02-22 19:53:43 +05:30
sandeep 12bcede1ac template id update 2022-02-22 18:53:25 +05:30
Prince Chaddha 22f35f3e23
Merge pull request #3730 from DhiyaneshGeek/master
10 New Wordpress Template
2022-02-22 14:47:20 +05:30
Prince Chaddha d5b600a2a1
Merge pull request #3727 from evanRubinsteinIT/pollbot-redirect
Added pollbot-redirect
2022-02-22 13:56:25 +05:30
Prince Chaddha 9c089cd567
Update my-chatbot-xss.yaml 2022-02-22 13:52:36 +05:30
Prince Chaddha cdd7768f2f
Update and rename wp-mthemeunus-lfi.yaml to mthemeunus-lfi.yaml 2022-02-22 13:51:29 +05:30
Prince Chaddha bf0daa2650
Update elex-woocommerce-xss.yaml 2022-02-22 13:50:29 +05:30
Prince Chaddha 9771206e69
Update and rename vulnerabilities/easy-facebook-likebox-xss.yaml to vulnerabilities/wordpress/easy-social-feed.yaml 2022-02-22 13:46:16 +05:30
Prince Chaddha e944791ddb
Update feedwordpress-xss.yaml 2022-02-22 13:42:49 +05:30
Prince Chaddha f0823ebe1e
Update wp-whmcs-xss.yaml 2022-02-22 13:37:05 +05:30
Prince Chaddha ca58bd4714
Update and rename wp-accessibility-helper-xss.yaml to accessibility-helper-xss.yaml 2022-02-22 13:20:05 +05:30
Prince Chaddha 4731194ac2
Update pollbot-redirect.yaml 2022-02-22 12:01:20 +05:30
Prince Chaddha 2fb5401ddb
Update pollbot-redirect.yaml 2022-02-22 11:48:32 +05:30
Prince Chaddha 0672c4dc7d
Update goip-1-lfi.yaml 2022-02-22 11:38:07 +05:30
Dhiyaneshwaran 4006546b5c
Create easy-facebook-likebox-xss.yaml 2022-02-19 17:08:31 +05:30
Dhiyaneshwaran cb4cf6a176
Create elex-woocommerce-xss.yaml 2022-02-19 17:01:47 +05:30
Dhiyaneshwaran 5241045485
Create my-chatbot-xss.yaml 2022-02-19 16:59:51 +05:30
Dhiyaneshwaran a13bb3fa4e
Create feedwordpress-xss.yaml 2022-02-19 16:48:05 +05:30
Dhiyaneshwaran 9981421aab
Create wp-accessibility-helper-xss.yaml 2022-02-19 16:43:05 +05:30
Dhiyaneshwaran 9f75abc6f6
Create wp-whmcs-xss.yaml 2022-02-19 16:38:30 +05:30
Dhiyaneshwaran 4a9922a66b
Create wp-mthemeunus-lfi.yaml 2022-02-19 16:31:43 +05:30
Evan Rubinstein 21a267d106
Updated Template 2022-02-18 10:48:34 -05:00
Evan Rubinstein a536bb5087
Added pollbot-redirect 2022-02-18 10:39:04 -05:00
GwanYeong Kim a2cec40a5d Create goip-1-lfi.yaml
Input passed thru the 'content' or 'sidebar' GET parameter in 'frame.html' or 'frame.A100.html' not properly sanitized before being used to read files. This can be exploited by an unauthenticated attacker to read arbitrary files on the affected system.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2022-02-18 21:33:17 +09:00
sandeep 6c726a373f template fixes 2022-02-18 12:05:33 +05:30
Prince Chaddha 7addac9e51
Merge pull request #3708 from evanRubinsteinIT/master
Added critical yshaadmin path traveral vulnerability
2022-02-17 01:09:57 +05:30
MostInterestingBotInTheWorld e5e0e1ebf4
Dashboard Content Enhancements (#3711)
* Enhancement: cves/2010/CVE-2010-1353.yaml by mp

* Enhancement: cves/2010/CVE-2010-1352.yaml by mp

* Enhancement: cves/2010/CVE-2010-1345.yaml by mp

* Enhancement: cves/2010/CVE-2010-1340.yaml by mp

* Enhancement: cves/2010/CVE-2010-1345.yaml by mp

* Enhancement: cves/2010/CVE-2010-1315.yaml by mp

* Enhancement: cves/2010/CVE-2010-1314.yaml by mp

* Enhancement: cves/2010/CVE-2010-1313.yaml by mp

* Enhancement: cves/2010/CVE-2010-1312.yaml by mp

* Enhancement: cves/2010/CVE-2010-1308.yaml by mp

* Enhancement: cves/2010/CVE-2010-1307.yaml by mp

* Enhancement: cves/2010/CVE-2010-1306.yaml by mp

* Enhancement: cves/2010/CVE-2010-1305.yaml by mp

* Enhancement: cves/2010/CVE-2010-1304.yaml by mp

* Enhancement: cves/2010/CVE-2010-1302.yaml by mp

* Enhancement: cves/2010/CVE-2010-1219.yaml by mp

* Enhancement: cves/2010/CVE-2010-1352.yaml by mp

* Enhancement: cves/2010/CVE-2010-1354.yaml by mp

* Enhancement: cves/2010/CVE-2010-1461.yaml by mp

* Enhancement: cves/2010/CVE-2010-1469.yaml by mp

* Enhancement: cves/2010/CVE-2010-1470.yaml by mp

* Enhancement: cves/2010/CVE-2010-1471.yaml by mp

* Enhancement: cves/2010/CVE-2010-1472.yaml by mp

* Enhancement: cves/2010/CVE-2010-1473.yaml by mp

* Enhancement: cves/2010/CVE-2010-1474.yaml by mp

* Enhancement: cves/2010/CVE-2010-1475.yaml by mp

* Enhancement: cves/2010/CVE-2010-1476.yaml by mp

* Enhancement: cves/2010/CVE-2010-1478.yaml by mp

* Enhancement: cves/2010/CVE-2010-1491.yaml by mp

* Enhancement: cves/2010/CVE-2010-1494.yaml by mp

* Enhancement: cves/2010/CVE-2010-1495.yaml by mp

* Enhancement: cves/2010/CVE-2010-1531.yaml by mp

* Enhancement: cves/2010/CVE-2010-1473.yaml by mp

* Enhancement: misconfiguration/proxy/metadata-alibaba.yaml by cs

* Enhancement: misconfiguration/proxy/metadata-openstack.yaml by cs

* Enhancement: misconfiguration/proxy/metadata-oracle.yaml by cs

* Enhancement: cves/2016/CVE-2016-4975.yaml by cs

* Enhancement: misconfiguration/proxy/metadata-openstack.yaml by cs

* Enhancement: misconfiguration/proxy/metadata-oracle.yaml by cs

* Enhancement: misconfiguration/proxy/metadata-openstack.yaml by cs

* Enhancement: misconfiguration/proxy/metadata-digitalocean.yaml by cs

* Enhancement: misconfiguration/proxy/metadata-alibaba.yaml by cs

* Enhancement: misconfiguration/proxy/metadata-hetzner.yaml by cs

* Enhancement: misconfiguration/proxy/metadata-aws.yaml by cs

* Enhancement: misconfiguration/proxy/metadata-google.yaml by cs

* Enhancement: misconfiguration/proxy/metadata-azure.yaml by cs

* Enhancement: misconfiguration/proxy/open-proxy-localhost.yaml by cs

* Enhancement: misconfiguration/proxy/open-proxy-internal.yaml by cs

* Enhancement: cves/2021/CVE-2021-1497.yaml by cs

* Spacing fixes and enhancement to CNVD-2019-01348.yaml

* Spacing fixes, and enhancement to CNVD-2019-01348.yaml

* Merge artifact

* Spacing

* Minor tags cleanup

* Enhancement: cves/2010/CVE-2010-1532.yaml by mp

* Enhancement: cves/2010/CVE-2010-1533.yaml by mp

* Enhancement: cves/2010/CVE-2010-1534.yaml by mp

* Enhancement: cves/2010/CVE-2010-1535.yaml by mp

* Enhancement: cves/2010/CVE-2010-1540.yaml by mp

* Enhancement: cves/2010/CVE-2010-1601.yaml by mp

* Enhancement: cves/2010/CVE-2010-1602.yaml by mp

* Enhancement: cves/2010/CVE-2010-1603.yaml by mp

* Enhancement: cves/2010/CVE-2010-1607.yaml by mp

* Enhancement: cves/2010/CVE-2010-1653.yaml by mp

* Enhancement: cves/2010/CVE-2010-1657.yaml by mp

* Enhancement: cves/2010/CVE-2010-1657.yaml by mp

* Enhancement: cves/2010/CVE-2010-1658.yaml by mp

* Enhancement: cves/2010/CVE-2010-1659.yaml by mp

* Enhancement: cves/2010/CVE-2010-1714.yaml by mp

* Enhancement: cves/2010/CVE-2010-1715.yaml by mp

* Enhancement: cves/2010/CVE-2010-1532.yaml by mp

* Enhancement: cves/2010/CVE-2010-1533.yaml by mp

* Enhancement: cves/2010/CVE-2010-1534.yaml by mp

* Enhancement: cves/2010/CVE-2010-1534.yaml by mp

* Enhancement: cves/2010/CVE-2010-1535.yaml by mp

* Enhancement: cves/2010/CVE-2010-1540.yaml by mp

* Enhancement: cves/2010/CVE-2010-1540.yaml by mp

* Enhancement: cves/2010/CVE-2010-1717.yaml by mp

* Enhancement: cves/2010/CVE-2010-1718.yaml by mp

* Enhancement: cves/2010/CVE-2010-1719.yaml by mp

* Enhancement: cves/2010/CVE-2010-1722.yaml by mp

* Enhancement: cves/2010/CVE-2010-1723.yaml by mp

* Enhancement: cves/2010/CVE-2010-1858.yaml by mp

* Enhancement: cves/2010/CVE-2010-1873.yaml by mp

* Enhancement: cves/2010/CVE-2010-1870.yaml by mp

* Enhancement: cves/2010/CVE-2010-1875.yaml by mp

* Enhancement: cves/2010/CVE-2010-1878.yaml by mp

* Enhancement: cves/2010/CVE-2010-1952.yaml by mp

* Enhancement: cves/2010/CVE-2010-1953.yaml by mp

* Enhancement: cves/2010/CVE-2010-1954.yaml by mp

* Enhancement: cves/2010/CVE-2010-1955.yaml by mp

* Enhancement: cves/2010/CVE-2010-1956.yaml by mp

* Information Enhancements

Co-authored-by: sullo <sullo@cirt.net>
2022-02-16 04:17:54 +05:30
Sandeep Singh f705c2debd
removing duplicate template 2022-02-15 23:43:06 +05:30
Prince Chaddha 7bf3ac584c
Merge pull request #3695 from DhiyaneshGeek/master
17 New Wordpress Templates
2022-02-15 18:35:47 +05:30
Prince Chaddha be309f08e0
Update and rename yshaadmin-traversal.yaml to yishaadmin-lfi.yaml 2022-02-15 18:33:24 +05:30
Prince Chaddha 06b34a62f6
Update elementorpage-open-redirect.yaml 2022-02-15 18:25:04 +05:30
Prince Chaddha 4fb33627d4
Update and rename wp-cherry-lfi.yaml to cherry-lfi.yaml 2022-02-15 17:36:09 +05:30
Prince Chaddha e39e61ac5d
Update and rename wp-sniplets-xss.yaml to sniplets-xss.yaml 2022-02-15 17:35:52 +05:30
Prince Chaddha 5e6b000e40
Update and rename wp-sniplets-lfi.yaml to sniplets-lfi.yaml 2022-02-15 17:33:40 +05:30
Prince Chaddha a61b1da563
Update and rename wp-simple-image-manipulator-lfi.yaml to simple-image-manipulator-lfi.yaml 2022-02-15 17:26:32 +05:30
Prince Chaddha d73c5da442
Update and rename wp-hide-security-enhancer-lfi.yaml to hide-security-enhancer-lfi.yaml 2022-02-15 17:19:32 +05:30
Prince Chaddha 110a51a0f1
Update and rename wp-hb-audio-lfi.yaml to hb-audio-lfi.yaml 2022-02-15 17:09:31 +05:30
Prince Chaddha 19fe0f80be
Update wp-cherry-lfi.yaml 2022-02-15 16:59:08 +05:30
Prince Chaddha df3b03f2f9
Update webp-coverter-open-redirect.yaml 2022-02-15 16:52:00 +05:30
Prince Chaddha 6be4e7d1d3
Update shortcode-lfi.yaml 2022-02-15 16:48:20 +05:30
Prince Chaddha 196f4449d9
Update noptin-open-redirect.yaml 2022-02-15 16:44:37 +05:30
Prince Chaddha 5d259e4321
Update ninjaform-open-redirect.yaml 2022-02-15 16:40:56 +05:30
Prince Chaddha fea65848db
Update newsletter-open-redirect.yaml 2022-02-15 16:33:09 +05:30
Evan Rubinstein 22d14023a7
Update yshaadmin-traversal.yaml 2022-02-14 23:53:28 -05:00
Evan Rubinstein 5fcaefe315
Added yshaadmin path traversal vulnerability 2022-02-14 23:48:57 -05:00
Evan Rubinstein b9efa77da3
Merge branch 'projectdiscovery:master' into master 2022-02-14 23:47:10 -05:00
Prince Chaddha 2d745615c5
Update music-store-open-redirect.yaml 2022-02-15 03:10:01 +05:30
Prince Chaddha 94005a6d19
Update and rename eventticket-open-redirect.yaml to eventtickets-open-redirect.yaml 2022-02-15 02:58:41 +05:30
Prince Chaddha bf00922a03
Update elementorpage-open-redirect.yaml 2022-02-15 02:54:12 +05:30
Prince Chaddha f637184495
Update db-backup-lfi.yaml 2022-02-15 02:51:49 +05:30
Prince Chaddha 465eb0c54d
Update and rename churchope-application-lfi.yaml to churchope-lfi.yaml 2022-02-15 02:50:20 +05:30
Prince Chaddha 16193a60ee
Update candidate-application-lfi.yaml 2022-02-15 02:47:56 +05:30
Prince Chaddha 6c6b4e7270
Merge pull request #3700 from Akokonunes/patch-116
Create kyocera-rx-ecosys-m2035dn-lfi.yaml
2022-02-15 02:16:54 +05:30
Prince Chaddha 1f1b03ba67
Update and rename kyocera-rx-ecosys-m2035dn-lfi.yaml to vulnerabilities/other/kyocera-m2035dn-lfi.yaml 2022-02-15 02:10:30 +05:30
Prince Chaddha f8a52f9be2
Update nuuno-network-login.yaml (#3701)
* Update nuuno-network-login.yaml

* Update panasonic-network-management.yaml

* Update cisco-network-config.yaml

* Update emerson-power-panel.yaml

* Update unifi-network-log4j-rce.yaml
2022-02-14 19:53:51 +05:30
Dhiyaneshwaran da6691f067
Create wp-cherry-lfi.yaml 2022-02-12 23:48:31 +05:30
Dhiyaneshwaran 150da05a81
Create wp-hb-audio-lfi.yaml 2022-02-12 23:46:52 +05:30
Dhiyaneshwaran fc660ec0db
Create wp-simple-image-manipulator-lfi.yaml 2022-02-12 23:44:11 +05:30
Dhiyaneshwaran bcbe4dabff
Create wp-sniplets-xss.yaml 2022-02-12 23:40:42 +05:30
Dhiyaneshwaran 5d28b42d7e
Delete wp-sniplets-xss.yaml 2022-02-12 23:38:15 +05:30
Dhiyaneshwaran 30363093f5
Update wp-sniplets-xss.yaml 2022-02-12 23:36:55 +05:30
Dhiyaneshwaran 08f1498d54
Update wp-sniplets-xss.yaml 2022-02-12 23:34:16 +05:30
Dhiyaneshwaran b3b9958989
Create wp-sniplets-xss.yaml 2022-02-12 23:32:15 +05:30
Dhiyaneshwaran 7a10704d42
Create wp-sniplets-lfi.yaml 2022-02-12 23:27:12 +05:30
Dhiyaneshwaran 17108c2b4f
Create wp-hide-security-enhancer-lfi.yaml 2022-02-12 23:23:30 +05:30
Dhiyaneshwaran 7294e5577c
Create churchope-application-lfi.yaml 2022-02-12 23:18:53 +05:30
Dhiyaneshwaran 0796ba6ff3
Create candidate-application-lfi.yaml 2022-02-12 23:08:06 +05:30
Dhiyaneshwaran 7e637c60c3
Create db-backup-lfi.yaml 2022-02-12 22:34:53 +05:30
Dhiyaneshwaran a10ff8f997
Create shortcode-lfi.yaml 2022-02-12 22:30:51 +05:30
Dhiyaneshwaran 96c42781c3
Create noptin-open-redirect.yaml 2022-02-12 22:23:11 +05:30
Dhiyaneshwaran c1cf1971bd
Create webp-coverter-open-redirect.yaml 2022-02-12 22:19:24 +05:30
Dhiyaneshwaran 1e3fb587d6
Create eventticket-open-redirect.yaml 2022-02-12 22:17:01 +05:30
Dhiyaneshwaran e815bdc1b6
Create elementorpage-open-redirect.yaml 2022-02-12 22:11:04 +05:30
Dhiyaneshwaran 19ef16c195
Update ninjaform-open-redirect.yaml 2022-02-12 22:05:49 +05:30
Dhiyaneshwaran 527641f834
Create ninjaform-open-redirect.yaml 2022-02-12 22:03:19 +05:30
Dhiyaneshwaran a0cb16fbc3
Create newsletter-open-redirect.yaml 2022-02-12 21:56:13 +05:30
Dhiyaneshwaran 63c450cba2
Create music-store-open-redirect.yaml 2022-02-12 21:50:32 +05:30
Dhiyaneshwaran 780ec34a40
Delete music-store-open-redirect.yaml 2022-02-12 21:49:53 +05:30
Dhiyaneshwaran d1c6580287
Create music-store-open-redirect.yaml 2022-02-12 21:39:27 +05:30
Prince Chaddha 56160908f0
Merge pull request #3676 from DhiyaneshGeek/master
NetSUS Server Login Panel , Javo Spot Premium Theme - Unauthenticated Directory Traversal
2022-02-08 02:08:30 +05:30
Prince Chaddha a2e236867c
Update and rename wp-java-spot-premium-lfi.yaml to wp-spot-premium-lfi.yaml 2022-02-08 01:56:11 +05:30
Dhiyaneshwaran 74790976c2
Create wp-java-spot-premium-lfi.yaml 2022-02-06 21:26:28 +05:30
sullo 111f7d9a88 Cleanup some dashboard artifacts 2022-02-04 14:02:53 -05:00
MostInterestingBotInTheWorld 439b0ebffc Enhancement: vulnerabilities/other/zhiyuan-file-upload.yaml by mp 2022-02-04 10:55:39 -05:00
MostInterestingBotInTheWorld 26137cf96f Enhancement: vulnerabilities/other/zhiyuan-file-upload.yaml by mp 2022-02-04 10:54:04 -05:00
Prince Chaddha 4b52787228
Merge pull request #3567 from Leovalcante/rusty-joomla-rce
Create check for Rusty Joomla RCE
2022-02-02 02:01:37 +05:30
Prince Chaddha ec94360afd
Update rusty-joomla.yaml 2022-02-02 02:00:09 +05:30
Prince Chaddha b1fe83b35b
Merge pull request #3644 from projectdiscovery/antsword-backdoor
Create antsword-backdoor.yaml
2022-02-02 00:14:26 +05:30
Sandeep Singh 839fc813f3
Merge pull request #3627 from projectdiscovery/deadbolt-ransomware
Added Deadbolt Ransomware Detection
2022-02-01 16:44:54 +05:30
sandeep c68f4762b3 Added JAMF Blind XXE 2022-02-01 16:10:51 +05:30
sandeep ab1291ec13 Added JAMF Log4j JNDI RCE Template 2022-02-01 15:25:52 +05:30