Commit Graph

468 Commits (735bf9a80337b3e64fd2843d8aa65ff31c69dcae)

Author SHA1 Message Date
ImNightmaree 7e10c6eb42
Creates CVE-2018-15961
Closes #3119 with minor updates to ensure the file isn't accessible predictably
2021-11-10 17:46:34 +00:00
GitHub Action 3a9fcc7cc0 Auto Generated CVE annotations [Sat Nov 6 08:15:35 UTC 2021] 🤖 2021-11-06 08:15:35 +00:00
Sandeep Singh 721f2fce99
Merge pull request #3090 from Leovalcante/cve-2018-3238
create check for cve-2018-3238
2021-11-06 13:43:56 +05:30
Sandeep Singh 55e21f68f7
Merge pull request #3089 from Leovalcante/fix-cve-2018-2791
improve cve-2018-2791 vulnerability check
2021-11-06 13:43:34 +05:30
sandeep c474434ab2 improved matchers 2021-11-06 13:17:42 +05:30
sandeep 2b38dce99c updated with improved matchers 2021-11-06 12:51:30 +05:30
Valerio Preti fe5385e932 create check for cve-2018-3238 2021-11-06 00:51:54 +01:00
Valerio Preti 69fc4c04c2 improve wcs cve-2018-2791 vulnerability check 2021-11-06 00:48:10 +01:00
Huy Nguyen 78189af295
Fix for potential false positives
See also following issue: https://github.com/projectdiscovery/nuclei-templates/issues/3065
2021-11-04 12:07:38 +01:00
GitHub Action e70531ebca Auto Generated CVE annotations [Wed Nov 3 06:21:45 UTC 2021] 🤖 2021-11-03 06:21:45 +00:00
Prince Chaddha fd9e89e0db
Create CVE-2018-18570.yaml 2021-11-03 11:36:30 +05:30
forgedhallpass 5c3bbbb740 Update SSH user enum templates
SSH header structure:
SSH-protoversion-softwareversion[SPcomments]CRLF

see: https://datatracker.ietf.org/doc/html/rfc4253#section-4.2
2021-11-01 20:34:47 +02:00
sandeep 107679bd9a matcher + added version extractors 2021-10-30 19:26:12 +05:30
sandeep 8c3f98c767 fixed invalid template syntax 2021-10-30 16:47:35 +05:30
Noam Rathaus 376c63189d Add description 2021-10-27 14:07:22 +03:00
sandeep 33badb66d1 oob tags update 2021-10-19 02:10:26 +05:30
GitHub Action d2d4d01846 Auto Generated CVE annotations [Mon Oct 18 15:19:41 UTC 2021] 🤖 2021-10-18 15:19:41 +00:00
Prince Chaddha 09d4e1ea28
Merge pull request #2912 from wisnupramoedya/patch-2
Create CVE-2018-10823.yaml
2021-10-18 20:48:20 +05:30
Prince Chaddha 1753507a39
Merge pull request #2911 from wisnupramoedya/patch-1
Create CVE-2018-10093.yaml
2021-10-18 20:47:51 +05:30
GitHub Action 0762d645fb Auto Generated CVE annotations [Mon Oct 18 15:16:57 UTC 2021] 🤖 2021-10-18 15:16:57 +00:00
Prince Chaddha 868264f839
Update CVE-2018-10823.yaml 2021-10-18 20:46:01 +05:30
Prince Chaddha 9f30aa203b
Merge pull request #2913 from wisnupramoedya/patch-3
Create CVE-2018-13980.yaml
2021-10-18 20:45:06 +05:30
GitHub Action 79656346cd Auto Generated CVE annotations [Mon Oct 18 15:14:58 UTC 2021] 🤖 2021-10-18 15:14:58 +00:00
Wisnu Pramoedya cf1b818d5b
Create CVE-2018-12054.yaml 2021-10-18 20:04:38 +07:00
Wisnu Pramoedya 89f9d65d7d
Create CVE-2018-13980.yaml 2021-10-18 20:00:57 +07:00
Wisnu Pramoedya 7d007d29f0
Create CVE-2018-10823.yaml 2021-10-18 19:56:22 +07:00
Wisnu Pramoedya 98d8a15123
Create CVE-2018-10093.yaml 2021-10-18 19:44:09 +07:00
Noam Rathaus 452b4c10ea Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates 2021-10-12 15:45:23 +03:00
GitHub Action d7cd9a21de Auto Generated CVE annotations [Mon Oct 11 11:27:30 UTC 2021] 🤖 2021-10-11 11:27:30 +00:00
Prince Chaddha b9a2afe546
Update CVE-2018-9205.yaml 2021-10-11 16:53:15 +05:30
Muhammad Daffa 55caa61c96
Create CVE-2018-9205.yaml 2021-10-11 18:22:14 +07:00
Noam Rathaus 59a6cef7fb Missing 'a' 2021-10-10 16:07:15 +03:00
sandeep 8f58d37f3a Added missing condition 2021-10-05 23:42:16 +05:30
GitHub Action fa947061ee Auto Generated CVE annotations [Fri Oct 1 23:05:32 UTC 2021] 🤖 2021-10-01 23:05:32 +00:00
sandeep 2f99b4165a misc update 2021-10-02 04:33:14 +05:30
Jackson Rolf 2b477061e8 Added CVE-2018-0127 template. 2021-10-01 15:30:31 -04:00
TheConciergeDev 6011701507
renamed file
the second dash was a unicode value -> "\u2013" instead
2021-09-29 11:18:09 +02:00
sandeep cd37224212 Update CVE-2018–9845.yaml 2021-09-24 15:44:02 +05:30
Prince Chaddha 6cb56d3b77
Update CVE-2018–9845.yaml 2021-09-24 15:05:45 +05:30
Prince Chaddha 0614a6031c
Update CVE-2018–9845.yaml 2021-09-24 15:05:21 +05:30
Philippe Delteil 1f679d8b4e
Create CVE-2018–9845.yaml 2021-09-23 23:18:41 -03:00
GitHub Action 77215862c9 Auto Generated CVE annotations [Wed Sep 22 10:21:33 UTC 2021] 🤖 2021-09-22 10:21:33 +00:00
sandeep a98e8defc2 misc update 2021-09-21 16:22:53 +05:30
sandeep 8fa18933e9 id update 2021-09-21 16:20:24 +05:30
sandeep 1c613882f8 Added missing cve tags 2021-09-21 16:17:16 +05:30
sandeep 7b23f4ebd4 outdated template cleanups 2021-09-21 14:34:20 +05:30
GitHub Action fdc98d1405 Auto Generated CVE annotations [Thu Sep 16 17:39:06 UTC 2021] 🤖 2021-09-16 17:39:06 +00:00
Prince Chaddha 631005ebaa
Update CVE-2018-12998.yaml 2021-09-16 23:03:45 +05:30
PikPikcU 3a2eacf6b9
Update CVE-2018-12998.yaml 2021-09-15 11:31:34 +07:00
PikPikcU 85c32c4cd2
Create CVE-2018-12998.yaml 2021-09-15 11:00:16 +07:00
sandeep e831dd4fe0 lint error fix 2021-09-12 20:45:49 +05:30
sandeep 35e8c3c1cf Added complete poc 2021-09-12 19:50:30 +05:30
Ice3man543 e9f728c321 Added cve annotations + severity adjustments 2021-09-10 16:56:40 +05:30
Prince Chaddha 13ec24c2e3
Update CVE-2018-15535.yaml 2021-09-10 12:01:01 +05:30
Muhammad Daffa 02e6ccfd7e
Create CVE-2018-15535.yaml 2021-09-09 19:48:08 +07:00
sandeep 609705f676 removed extra headers not required for template 2021-09-08 17:47:19 +05:30
Sandeep Singh 0880b65284
Rename CVE-2018–14064.yaml to CVE-2018-14064.yaml 2021-09-08 13:11:41 +05:30
Prince Chaddha ef6350bfcc
Update and rename CVE-2018–14064.yaml to cves/2018/CVE-2018–14064.yaml 2021-09-07 18:14:38 +05:30
Prince Chaddha 960a568ef8
Merge pull request #2500 from LogicalHunter/temp-4
Added CVE-2018-8719.yaml Template
2021-08-31 16:30:09 +05:30
Prince Chaddha 64b25c359b
Update CVE-2018-8719.yaml 2021-08-31 12:07:28 +05:30
Noam Rathaus 5b344c944c Updated 2021-08-30 12:50:56 +03:00
Prince Chaddha 02b429fe89
Update CVE-2018-8719.yaml 2021-08-29 17:56:50 +05:30
sandeep ac68ef0e9a misc updates 2021-08-29 14:44:12 +05:30
Noam Rathaus 5e27e5d528 Add description 2021-08-29 09:42:18 +03:00
Noam Rathaus 3a1f7e0910 Remove | 2021-08-29 09:36:50 +03:00
Noam Rathaus 5b0a50d514 Add description and references 2021-08-29 09:24:41 +03:00
Noam Rathaus 9f9970c8e9 Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates 2021-08-29 09:15:40 +03:00
LogicalHunter 40371e83cc Added CVE-2018-8719.yaml Template 2021-08-27 11:40:18 -07:00
forgedhallpass 419a957409 Fixing errors in templates
Related nuclei tickets:
* #259 - dynamic key-value field support for template information
* #940 - new infos in template
* #834
* RES-84
2021-08-27 10:43:24 +03:00
forgedhallpass a4250b8f2f Merge remote-tracking branch 'origin' into dynamic_attributes 2021-08-26 15:04:14 +03:00
Prince Chaddha 972ba7f4c2
Update CVE-2018-12095.yaml 2021-08-25 16:55:53 +05:30
Borna Nematzadeh 2a3b20de2c
Update CVE-2018-12095.yaml 2021-08-24 12:27:07 -07:00
LogicalHunter 60e2816815 Added CVE-2018-12095.yaml Template 2021-08-24 10:29:51 -07:00
forgedhallpass 296edfc37b Merge remote-tracking branch 'origin' into dynamic_attributes 2021-08-23 14:40:33 +03:00
Sandeep Singh 04b401a8ef
Merge pull request #2456 from projectdiscovery/payloads-update
Payloads positional update to keep the request format uniform
2021-08-23 15:26:35 +05:30
sandeep 1a34341c1e Update CVE-2018-6008.yaml 2021-08-23 15:20:53 +05:30
Muhammad Daffa 906d9fd5af
Create CVE-2018-6008.yaml 2021-08-23 07:03:54 +07:00
sandeep 2aa54304ee Payloads positional update to keep the request format uniform 2021-08-22 23:39:33 +05:30
Prince Chaddha 9cc8cd3353
Update CVE-2018-15473.yaml 2021-08-21 18:52:00 +05:30
Muhammad Daffa 1447a6d3d4
Update and rename network/openssh-username-enumeration.yaml to cves/2018/CVE-2018-15473.yaml 2021-08-21 18:55:11 +07:00
forgedhallpass 77103bc629 Satisfying the linter (all errors and warnings)
* whitespace modifications only
2021-08-19 17:44:46 +03:00
forgedhallpass f55d6b75e1 Removed pipe (|) character from references, because the structure requires it to be a string slice, not a string
Related nuclei tickets:
* #259 - dynamic key-value field support for template information
* #940 - new infos in template
* #834
* RES-84
2021-08-19 16:59:12 +03:00
forgedhallpass 7b29be739e Merge branch 'master' into dynamic_attributes 2021-08-19 16:23:26 +03:00
forgedhallpass ffaff64565 Changes fixes/around dynamic attributes ("additional-fields")
Related nuclei tickets:
* #259 - dynamic key-value field support for template information
* #940 - new infos in template
* #834
* RES-84
2021-08-19 16:17:27 +03:00
forgedhallpass 0b432b341b Added comments with URLs under the "references" field
Related nuclei tickets:
* #259 - dynamic key-value field support for template information
* #940 - new infos in template
* #834
* RES-84
2021-08-19 16:15:35 +03:00
forgedhallpass e68d15ab63 Fixed mistakes/typos in the templates.
Related nuclei tickets:
* #259 - dynamic key-value field support for template information
* #940 - new infos in template
* #834
* RES-84
2021-08-19 15:30:14 +03:00
forgedhallpass cdf9451158 Removed pipe (|) character from references, because the structure requires it to be a string slice, not a string
Related nuclei tickets:
* #259 - dynamic key-value field support for template information
* #940 - new infos in template
* #834
* RES-84
2021-08-18 14:44:27 +03:00
Muhammad Daffa 76e6fbcf8e
Create CVE-2018-16288.yaml 2021-08-12 09:41:00 +07:00
GwanYeong Kim 19517e8855 Create CVE-2018-16167.yaml
LogonTracer 1.2.0 and earlier allows remote attackers to execute arbitrary OS commands via unspecified vectors.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-08-10 14:30:22 +09:00
Noam Rathaus 14d2dcd26b reference 2021-08-09 16:35:43 +03:00
Prince Chaddha 0b3a307294
Update CVE-2018-15517.yaml 2021-08-04 13:44:42 +05:30
Prince Chaddha 8cc213cec1
Update CVE-2018-15745.yaml 2021-08-04 13:42:14 +05:30
GwanYeong Kim 812d4faca2 Create CVE-2018-15517.yaml
Using a web browser or script SSRF can be initiated against internal/external systems to conduct port scans by leveraging D LINKs MailConnect component. The MailConnect feature on D-Link Central WiFiManager CWM-100 1.03 r0098 devices is intended to check a connection to an SMTP server but actually allows outbound TCP to any port on any IP address, leading to SSRF, as demonstrated by an index.php/System/MailConnect/host/127.0.0.1/port/22/secure/ URI. This can undermine accountability of where scan or connections actually came from and or bypass the FW etc. This can be automated via script or using Web Browser.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-08-04 14:25:54 +09:00
GwanYeong Kim adce7d2c39 Create CVE-2018-15745.yaml
Argus Surveillance DVR 4.0.0.0 devices allow Unauthenticated Directory Traversal, leading to File Disclosure via a ..%2F in the WEBACCOUNT.CGI RESULTPAGE parameter.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-08-04 14:16:24 +09:00
Prince Chaddha 41b06a2ed7
Merge pull request #2216 from pikpikcu/patch-223
Add Zimbra XSS
2021-08-03 13:22:42 +05:30
Prince Chaddha c4acd62307
Update CVE-2018-14013.yaml 2021-08-03 13:13:57 +05:30
Prince Chaddha 1c83792023
Merge pull request #2314 from daffainfo/patch-126
Create CVE-2018-20470.yaml
2021-08-03 13:08:36 +05:30
Muhammad Daffa 6e13d833ef
Create CVE-2018-19458.yaml 2021-08-03 06:20:58 +07:00
Muhammad Daffa 02d3258f2a
Create CVE-2018-20470.yaml 2021-08-03 06:19:42 +07:00
Prince Chaddha 1939842ab6
Merge pull request #2219 from pikpikcu/patch-225
Add Dolibarr xss
2021-08-02 22:32:24 +05:30
Prince Chaddha f924e58b8e
Update CVE-2018-10095.yaml 2021-08-02 22:31:01 +05:30
Prince Chaddha dca1dd56b1
Merge pull request #2220 from pikpikcu/patch-226
Add Grav CMS XSS
2021-08-02 22:26:37 +05:30
Prince Chaddha e359b030f2
Update CVE-2018-5233.yaml 2021-08-02 22:25:21 +05:30
sandeep e896a8982d misc updates 2021-08-02 12:53:35 +05:30
Sandeep Singh bc48231304
Merge pull request #2192 from gy741/rule-add-v41
Create CVE-2018-10818.yaml
2021-07-31 22:56:26 +05:30
sandeep 620cd107c6 Update CVE-2018-10818.yaml 2021-07-31 22:55:55 +05:30
PikPikcU ab408ccd04
Create CVE-2018-5233.yaml 2021-07-27 16:03:59 +07:00
PikPikcU 9e2de534a8
Create CVE-2018-10095.yaml 2021-07-27 15:49:19 +07:00
PikPikcU 317a63ec9c
Create CVE-2018-14013.yaml 2021-07-27 14:34:36 +07:00
GwanYeong Kim 4029278d6c Create CVE-2018-10818.yaml
The vulnerability (CVE-2018-10818) is a pre-auth remote command injection vulnerability found in the majority of LG NAS devices. You cannot simply log in with any random username and password. However, there lies a command injection vulnerability in the “password” parameter.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-07-27 02:27:13 +09:00
sandeep 9c66387f0f More CVEs Template 2021-07-26 22:48:45 +05:30
Sandeep Singh 5fc3ae4ef4
Merge pull request #1872 from Vladimir-Ivanov-Git/CVE-2018-2392
CVE-2018-2392 SAP IGS XXE
2021-07-26 20:12:08 +05:30
Sandeep Singh 0d2e18722a
Update CVE-2018-10822.yaml 2021-07-26 01:04:31 +05:30
Muhammad Daffa 9883f04092
Create CVE-2018-10822.yaml 2021-07-25 05:49:24 +07:00
sandeep 6ccc5f8792 matcher update to handle edge cases 2021-07-25 03:05:55 +05:30
Prince Chaddha 4db131a5d3
Update CVE-2018-20985.yaml 2021-07-22 19:01:00 +05:30
Muhammad Daffa a0581944aa
Update CVE-2018-20985.yaml 2021-07-22 19:32:43 +07:00
Muhammad Daffa 7afafb1f4f
Added references 2021-07-22 15:37:50 +07:00
Muhammad Daffa 1c54875f24
Create CVE-2018-20985.yaml 2021-07-22 15:35:12 +07:00
Prince Chaddha f2c22f66b6
Update CVE-2018-3760.yaml 2021-07-20 17:28:29 +05:30
PikPikcU 2b156573bd
Update CVE-2018-3760.yaml 2021-07-20 16:22:18 +07:00
sandeep 4dbf36813d removing duplicate template 2021-07-20 00:43:39 +05:30
Sandeep Singh 6eee57115c
Merge pull request #2083 from projectdiscovery/fixing-xss-matchers
fixing-xss-matchers
2021-07-20 00:28:01 +05:30
Sandeep Singh ae24c38370
Merge pull request #2087 from daffainfo/patch-89
Add CVE-2018-16059
2021-07-20 00:25:31 +05:30
Sandeep Singh aa2c8d210b
Update CVE-2018-16059.yaml 2021-07-20 00:15:32 +05:30
Sandeep Singh ffce401c23
Update CVE-2018-16283.yaml 2021-07-19 18:22:19 +05:30
Muhammad Daffa 68efee3702
Merge branch 'projectdiscovery:master' into master 2021-07-19 19:48:57 +07:00
Muhammad Daffa 7a99c2db48
Rename to CVE-2018-16283 2021-07-19 19:47:31 +07:00
sandeep c22924c1ba misc updates 2021-07-19 18:17:12 +05:30
Muhammad Daffa 5a5b5ea18e
Create CVE-2018-16059.yaml 2021-07-19 17:16:19 +07:00
Prince Chaddha fee3b0dbba
Update CVE-2018-5316.yaml 2021-07-19 11:32:30 +05:30
Prince Chaddha 5923b1522e
Update CVE-2018-20462.yaml 2021-07-19 11:31:57 +05:30
Prince Chaddha 1453b08a1d
Update CVE-2018-11709.yaml 2021-07-19 11:31:16 +05:30
Prince Chaddha 304ab07b28
Update CVE-2018-12031.yaml 2021-07-16 17:42:00 +05:30
Prince Chaddha 110a989ff1
Update CVE-2018-12031.yaml 2021-07-16 17:36:12 +05:30
Prince Chaddha 4238febae3
Update CVE-2018-12031.yaml 2021-07-16 17:33:02 +05:30
Muhammad Daffa 134031c9aa
Update and rename cves/2020/CVE-2020-14461.yaml to cves/2018/CVE-2018-12031.yaml 2021-07-16 18:56:28 +07:00
Prince Chaddha 84223eb0b8
Merge pull request #2033 from daffainfo/patch-67
Create CVE-2018-11709.yaml
2021-07-16 11:07:42 +05:30
Prince Chaddha 247c964e78
Merge pull request #2034 from daffainfo/patch-68
Create CVE-2018-5316.yaml
2021-07-16 11:07:32 +05:30
Prince Chaddha f977df559c
Update CVE-2018-11709.yaml 2021-07-16 11:05:11 +05:30
Prince Chaddha da4b0d4da7
Update CVE-2018-20462.yaml 2021-07-16 11:01:29 +05:30
Muhammad Daffa 5bee8dd716
Create CVE-2018-5316.yaml 2021-07-16 00:16:27 +07:00
Muhammad Daffa 9d84281202
Create CVE-2018-11709.yaml 2021-07-16 00:14:42 +07:00
Muhammad Daffa 367f5d225d
Create CVE-2018-20462.yaml 2021-07-16 00:12:52 +07:00
Prince Chaddha f13d61c128
Update CVE-2018-9118.yaml 2021-07-15 17:41:16 +05:30
Prince Chaddha 42fd30dfd8
Update and rename CVE-2018-9118.yaml to cves/2018/CVE-2018-9118.yaml 2021-07-15 17:40:37 +05:30
Prince Chaddha 491b6f8e2b
Update CVE-2018-2392.yaml 2021-07-08 14:41:02 +05:30
Ivanov Vladimir 05b2837a0a Add CVE-2018-2392.yaml 2021-07-05 19:40:37 +03:00
Sandeep Singh 52e0c861a1
Merge pull request #1733 from milo2012/master
Added CVE-2018-1000130/ CVE-2018-2628/ CVE-2018-2628/ CVE-2019-3401/ CVE-2020-1938/ oracle-bi-default-login/ jolokia-heap-disclosure
2021-07-02 18:27:45 +05:30
sandeep e2a0f93f79 misc updates 2021-07-02 18:24:31 +05:30
Prince Chaddha b3c580d290
Update CVE-2018-8715.yaml 2021-06-30 15:34:58 +05:30
Keith 1afa102620 Add CVE-2018-8715.yaml - AppWeb authentication bypass 2021-06-30 16:30:56 +08:00
PikPikcU 54f40d8f2c
Update CVE-2018-13380.yaml 2021-06-29 02:17:42 +00:00
Prince Chaddha dd98451110
Update CVE-2018-16299.yaml 2021-06-25 12:45:04 +05:30
Prince Chaddha fca70dd2c7
Update and rename CVE-2018-16299.yaml to cves/2018/CVE-2018-16299.yaml 2021-06-25 12:43:55 +05:30
Keith 95b34330ed Add CVE-2018-2893.yaml - Oracle WebLogic Server Deserialization RCE 2021-06-25 03:41:02 +08:00
Keith 4e888bf3e2 Add CVE-2018-2893.yaml - Oracle WebLogic Server Deserialization RCE 2021-06-25 03:38:53 +08:00
Prince Chaddha 35cf8d1378
Merge pull request #1221 from projectdiscovery/princechaddha-patch-6
Create CVE-2018-9995.yaml
2021-06-24 02:33:20 +05:30
Prince Chaddha 0fbbfdd364
Update CVE-2018-9995.yaml 2021-06-24 02:32:23 +05:30
Keith 6e139881ee fix or operator 2021-06-23 00:33:06 +08:00
Keith 139aaf2ecf Add CVE-2018-1000130.yaml - fix spaces 2021-06-22 20:35:17 +08:00
Keith e84dc0e94c Add CVE-2018-1000130.yaml - Jolokia Agent Proxy JNDI Code Injection 2021-06-22 20:32:30 +08:00
Prince Chaddha be89aed331 Update CVE-2018-2628.yaml 2021-06-21 14:26:53 +05:30
Prince Chaddha cb4d12cc8c Moved to cves/2018 2021-06-21 14:20:20 +05:30
Prince Chaddha 1465ad8c76
Merge pull request #1740 from Akokonunes/patch-9
Create CVE-2018-18775.yaml
2021-06-20 16:51:09 +05:30
Prince Chaddha a2623f5e9d Update CVE-2018-18775.yaml 2021-06-20 16:49:24 +05:30
Prince Chaddha b874963894 moved to cves 2021-06-20 16:47:21 +05:30
Prince Chaddha 00ad7ee3db Moved to cves 2021-06-20 16:43:44 +05:30
Prince Chaddha 112113437c Moved template to cves folder 2021-06-18 16:58:27 +05:30
Sandeep Singh 44a53f7090
Merge pull request #1636 from pdelteil/patch-6
Update CVE-2018-18069.yaml
2021-06-18 10:01:04 +05:30
Prince Chaddha 0f590a867b
Update CVE-2018-18069.yaml 2021-06-17 22:20:02 +05:30
Prince Chaddha eeb88e4bd1
Update CVE-2018-18069.yaml 2021-06-17 22:13:32 +05:30
Prince Chaddha 36bb1fff95
Update CVE-2018-18069.yaml 2021-06-17 22:11:00 +05:30
Sandeep Singh 5c2a07d65e
Merge pull request #1684 from geeknik/patch-107
Create CVE-2018-16670.yaml
2021-06-16 02:01:36 +05:30
Sandeep Singh dbee289627
Merge pull request #1683 from geeknik/patch-106
Create CVE-2018-16668.yaml
2021-06-16 01:59:47 +05:30
Sandeep Singh 6c48452767
Merge pull request #1682 from geeknik/patch-105
Create CVE-2018-16671.yaml
2021-06-16 01:58:32 +05:30
Prince Chaddha edf4a45ee4
Update CVE-2018-1000533.yaml 2021-06-15 16:38:28 +05:30
Prince Chaddha 72d9357cf6
Update CVE-2018-1000533.yaml 2021-06-15 16:23:59 +05:30
Prince Chaddha 3cfc921b71
Update CVE-2018-1000533.yaml 2021-06-15 15:31:36 +05:30
PikPikcU e970a09c53
Create CVE-2018-1000533.yaml 2021-06-15 07:28:10 +00:00
Geeknik Labs e83ba1b5ec
Create CVE-2018-16670.yaml 2021-06-11 12:11:36 +00:00
Geeknik Labs c451137ffc
Create CVE-2018-16668.yaml 2021-06-11 12:10:29 +00:00
Geeknik Labs 210465a658
Create CVE-2018-16671.yaml 2021-06-11 12:09:29 +00:00
Sandeep Singh b17196ee18
Merge pull request #1679 from Mad-robot/master
Update CVE-2018-3167.yaml
2021-06-11 16:25:07 +05:30
Prince Chaddha bc4a0d37b1 Moving template to cves folder 2021-06-11 15:58:02 +05:30
SaN ThosH a2e740148f
Update CVE-2018-3167.yaml 2021-06-11 13:21:20 +05:30
SaN ThosH bfed8d5200
Update CVE-2018-3167.yaml 2021-06-11 13:19:46 +05:30
SaN ThosH 84341549c0
Update CVE-2018-3167.yaml 2021-06-11 13:18:36 +05:30
SaN ThosH 42ec1d5636
Update CVE-2018-3167.yaml 2021-06-11 13:14:15 +05:30
Prince Chaddha 83ce809e8d Updated author names 2021-06-09 17:50:56 +05:30
sandeep 68642e226b CVE-2018-1247 fix 2021-06-09 01:40:02 +05:30
Philippe Delteil 39555505db
Update CVE-2018-18069.yaml
The matching condition are not enough. The payload input is not checked for reflection. This creates false positives like this one

nuclei -debug -t nuclei-templates/cves/2018/CVE-2018-18069.yaml -u https://empleo.gbtspain.com
2021-06-05 14:12:50 -04:00
Geeknik Labs fe1ab8385d
Update and rename exposures/logs/circarlife-system-log.yaml to cves/2018/CVE-2018-12634.yaml 2021-05-31 11:31:04 -05:00
sandeep a39f71eeff Fixing CVE-2018-0296 2021-05-31 09:28:47 +05:30
sandeep d63b9e1cb8 Adding missing tags 2021-05-13 00:54:59 +05:30
sandeep f18a611286 Delete CVE-2018-0101.yaml
Temporarily removing as current matcher is not sufficient to match this accurately.
2021-05-09 17:12:50 +05:30
sandeep b2ffaa1c5b Update CVE-2018-10141.yaml 2021-05-03 15:16:29 +05:30
sandeep e94b507722 moving files around 2021-05-03 15:16:08 +05:30
Prince Chaddha fb4020a894
Merge pull request #1245 from projectdiscovery/princechaddha-patch-13
Create CVE-2018-8770.yaml
2021-04-21 23:53:08 +05:30
Prince Chaddha bc4e678ed1
Merge pull request #1235 from projectdiscovery/princechaddha-patch-10
Create CVE-2018-17246.yaml
2021-04-21 23:43:01 +05:30
Al-AizHashim c2a990a0d9 CVE-2018-13379 traversal path is corrected 2021-04-21 02:15:12 +03:00
Prince Chaddha e72784eb53
Merge pull request #1249 from geeknik/patch-67
Create CVE-2018-2894.yaml
2021-04-13 18:10:38 +05:30
Prince Chaddha 4196c94ac5 Update CVE-2018-2894.yaml 2021-04-13 18:08:13 +05:30
sandeep a4ffb88b17 Added CVE-2018-7422 2021-04-11 15:49:26 +05:30
Geeknik Labs 32a3410ff8
Create CVE-2018-2894.yaml 2021-04-10 13:44:41 +00:00
Prince Chaddha abad438c3b
Create CVE-2018-8770.yaml 2021-04-10 03:40:04 +05:30
Prince Chaddha a4ab51f7de
Update CVE-2018-17246.yaml 2021-04-09 15:44:40 +05:30
sandeep 0b746c97c2 Added additional check to avoid possible false positive 2021-04-09 13:13:36 +05:30
Prince Chaddha 8e74c7f37a
Update CVE-2018-17246.yaml 2021-04-09 02:35:42 +05:30
Prince Chaddha bfc477e817
Create CVE-2018-17246.yaml 2021-04-09 02:31:08 +05:30
Prince Chaddha 578ec0bac1
Create CVE-2018-9995.yaml 2021-04-07 18:03:31 +05:30
sandeep 8fdfc64e54 misc tag updates 2021-04-06 12:16:11 +05:30
PD-Team 8d022bcbf7
Merge pull request #1058 from dwisiswant0/add/cves/2018/CVE-2018-0101
Add CVE-2018-0101
2021-04-01 14:02:28 +05:30
sandeep 06827e41c9 Update CVE-2018-0101.yaml 2021-04-01 14:01:09 +05:30
sandeep b7efe0b3c9 minor fixes and improvements 2021-04-01 13:59:23 +05:30
Dwi Siswanto 2925d53ab9 Fix wrong identations 2021-03-28 02:09:26 +07:00
Dwi Siswanto b804f5f676 Add more possible crash 5xx status codes 2021-03-28 02:07:23 +07:00
Dwi Siswanto 53d8ab8322 Using DSL type of matcher 2021-03-28 02:06:37 +07:00
Dwi Siswanto e80e67a592 Using RAW requests 2021-03-28 02:06:04 +07:00
Geeknik Labs c25cb2500e
Create CVE-2018-11784.yaml 2021-03-18 16:22:01 +00:00
sandeep ad84ecb792 tag improvements 2021-03-18 13:24:36 +05:30
PikPikcU 70ea0f089b
Create CVE-2018-7700.yaml 2021-03-15 08:15:21 +00:00
sandeep 7252696ce9 Update CVE-2018-6910.yaml 2021-03-15 13:05:45 +05:30
sandeep e7d135049b Update CVE-2018-6910.yaml 2021-03-15 13:04:20 +05:30
sandeep 819d760b23 Update CVE-2018-6910.yaml 2021-03-15 13:02:01 +05:30
PikPikcU bfb330bea9
update reference 2021-03-15 06:59:55 +00:00
PikPikcU 55a34e3963
Create CVE-2018-6910.yaml 2021-03-15 06:54:11 +00:00
sandeep 28b0636f2d syntax update 2021-03-12 17:32:16 +05:30
PD-Team c35ed8a408
Merge branch 'master' into wordpress-cves 2021-03-12 17:25:27 +05:30
PD-Team 7571b1e149
Merge pull request #1055 from dwisiswant0/add/cves/2018/CVE-2018-1207
Add CVE-2018-1207
2021-03-12 02:22:09 +05:30
sandeep b7618db673 removing empty spaces 2021-03-12 01:46:35 +05:30
Noam Rathaus 6c1abe9b5e Add description 2021-03-11 18:22:34 +02:00
PD-Team d8edcb99a8
Merge branch 'master' into CVE-2018-18778 2021-03-11 20:37:53 +05:30
sandeep ed91c0813e more typos 2021-03-10 19:45:41 +05:30
Dwi Siswanto 2a8cb00525 Add matcher condition to 'or' 2021-03-10 20:33:23 +07:00
Prince Chaddha de3b1d27ea added templates 2021-03-10 17:06:11 +05:30
Dwi Siswanto b8bf230aaf Add possible crash 5xx status codes 2021-03-10 15:47:38 +07:00
Dwi Siswanto f0c941a02f Add reference 2021-03-10 15:47:01 +07:00
Dwi Siswanto 7589706bfa 🔥 Add CVE-2018-0101 2021-03-10 15:46:40 +07:00
Dwi Siswanto 8009300120 Add missing description 2021-03-10 15:00:54 +07:00
Dwi Siswanto 0c389a8c2b Add reference 2021-03-10 14:59:48 +07:00
Dwi Siswanto 67f790752e 🔥 Add CVE-2018-1207 2021-03-10 14:59:38 +07:00
Prince Chaddha 8e67a67b80
Merge pull request #909 from pikpikcu/patch-77
Add poc CVE Apache Struts2
2021-03-06 02:16:25 +05:30
Prince Chaddha 6c84f959f9 fixed trailing spaces 2021-03-06 02:14:21 +05:30
Prince Chaddha cc641d9946 removing few templates 2021-03-06 02:09:54 +05:30
sandeep c59c99a92e Update CVE-2018-1335.yaml 2021-02-27 17:17:45 +05:30
PikPikcU 0bdb8d0d32
Create CVE-2018-1335.yaml 2021-02-27 03:18:29 +00:00
sandeep ad8ebf7f0a Adding CVE-2018-18778 2021-02-25 21:35:18 +05:30
PikPikcU df532f6762
Create CVE-2018-11776.yaml 2021-02-24 04:29:30 +00:00
Dwi Siswanto dd0524ff9b ✏️ Update default path 2021-02-24 03:47:27 +07:00