a0ecc3da00
TemplateMan Update [Tue Oct 3 06:40:54 UTC 2023] 🤖
2023-10-03 06:40:55 +00:00
09b71b9afe
Merge pull request #8299 from projectdiscovery/unauth-celery-flower
...
Create unauth-celery-flower.yaml
2023-10-03 12:09:55 +05:30
fd071b4900
Auto WordPress Plugins Update [Tue Oct 3 04:02:30 UTC 2023] 🤖
2023-10-03 04:02:30 +00:00
8ccee371e6
change endpoint to fix fp
2023-10-02 22:28:04 +05:30
4572b7c0a7
Update api-tatum.yaml
2023-10-02 22:04:10 +05:30
d9efa67522
TemplateMan Update [Mon Oct 2 16:03:47 UTC 2023] 🤖
2023-10-02 16:03:47 +00:00
f37e2b3a02
Rename milesight-system-log.yaml to milesight-system-log.yaml
2023-10-02 21:33:19 +05:30
19d9af9261
Merge pull request #8261 from projectdiscovery/princechaddha-patch-2
...
Create shiro-deserialization-detection.yaml
2023-10-02 21:31:51 +05:30
63dcb68b75
Create CVE-2023-2224.yaml
2023-10-02 08:57:09 -03:00
fa6c8f9bb6
Update php-backup-files.yaml
2023-10-02 15:37:48 +05:30
f8794112ab
TemplateMan Update [Mon Oct 2 08:23:48 UTC 2023] 🤖
2023-10-02 08:23:49 +00:00
fef8a38e22
Create CVE-2023-43261 ( #8300 )
...
* Auto WordPress Plugins Update [Sun Oct 1 04:12:23 UTC 2023] 🤖
* Create CVE-2023-43261.yaml
A critical security vulnerability has been identified in Milesight Industrial Cellular Routers, compromising the security of sensitive credentials and permitting unauthorized access. This vulnerability stems from a misconfiguration that results in directory listing being enabled on the router systems, rendering log files publicly accessible. These log files, while containing sensitive information such as admin and other user passwords (encrypted as a security measure), can be exploited by attackers via the router's web interface. The presence of a hardcoded AES secret key and initialization vector (IV) in the JavaScript code further exacerbates the situation, facilitating the decryption of these passwords. This chain of vulnerabilities allows malicious actors to gain unauthorized access to the router.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
* Revert "Auto WordPress Plugins Update [Sun Oct 1 04:12:23 UTC 2023] 🤖 "
This reverts commit ceb38c80b0
2023-10-02 13:51:12 +05:30
0599afee2c
Create milesight-system-log.yaml
2023-10-02 12:01:44 +05:30
658d741b44
Auto WordPress Plugins Update [Mon Oct 2 04:02:10 UTC 2023] 🤖
2023-10-02 04:02:10 +00:00
ffa4a84ba9
added metadata and updated matcher
2023-10-02 00:47:23 +05:30
06674c9bca
Create CVE-2023-33831.yaml
...
A remote command execution (RCE) vulnerability in the /api/runscript endpoint of FUXA 1.1.13 allows attackers to execute arbitrary commands via a crafted POST request.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2023-10-02 01:19:18 +09:00
a151696a50
Create unauth-celery-flower.yaml
2023-10-01 18:12:23 +05:30
763b2e702d
Update icewarp-open-redirect.yaml
2023-10-01 17:53:02 +05:30
6396390240
matcher update
2023-10-01 17:36:17 +05:30
d52def2330
TemplateMan Update [Sun Oct 1 08:42:42 UTC 2023] 🤖
2023-10-01 08:42:43 +00:00
cef5268b09
Merge pull request #8227 from sttlr/rdap-whois
...
Update rdap-whois.yaml
2023-10-01 14:10:19 +05:30
48b3253a7e
added additional matcher
2023-10-01 13:59:50 +05:30
392adf2300
Revert "Auto WordPress Plugins Update [Sun Oct 1 04:12:23 UTC 2023] 🤖 "
...
This reverts commit ceb38c80b0
2023-10-01 13:50:49 +05:30
32ee9d8ebb
Auto WordPress Plugins Update [Sun Oct 1 04:01:57 UTC 2023] 🤖
2023-10-01 04:01:57 +00:00
ce1a84f8c4
TemplateMan Update [Sat Sep 30 08:23:25 UTC 2023] 🤖
2023-09-30 08:23:25 +00:00
f953aca287
Create wsftp-detect.yaml ( #8285 )
...
* Create wsftp-detect.yaml
* Update and rename wsftp-detect.yaml to wsftp-ssh-detect.yaml
* Update and rename wsftp-ssh-detect.yaml to ws_ftp-ssh-detect.yaml
* Create ws_ftp-server-web-transfer.yaml
* misc update
* Update ws_ftp-server-web-transfer.yaml
* Update ws_ftp-ssh-detect.yaml
---------
Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
2023-09-30 13:51:24 +05:30
f10d3a0aa5
Auto WordPress Plugins Update [Sat Sep 30 04:02:07 UTC 2023] 🤖
2023-09-30 04:02:07 +00:00
ff450a65ba
strict matcher
2023-09-29 19:04:39 +05:30
fd69046097
Added CVE-2023-29357 (Microsoft SharePoint - Authentication Bypass)
2023-09-29 18:51:23 +05:30
6784a9d2c1
format fix
2023-09-29 14:24:46 +05:30
5574a26f60
Update CVE-2019-6802.yaml
...
Updated to remove false positives.
As the previous change matches the words "Set-Cookie: crlfinjection=1" even if the words are present in the Location header too.
The updated code, will match only if the "Set-Cookie: crlfinjection=1" is actually a header, by verifying that it actually starts in the beginning of a response header.
2023-09-29 13:46:22 +05:30
77bfd17949
TemplateMan Update [Fri Sep 29 05:57:07 UTC 2023] 🤖
2023-09-29 05:57:07 +00:00
30217297c2
Merge pull request #8271 from projectdiscovery/CVE-2014-9180
...
Create CVE-2014-9180.yaml
2023-09-29 11:24:52 +05:30
ba23b0da91
Merge pull request #8276 from projectdiscovery/shopware-installer
...
Create shopware-installer.yaml
2023-09-29 11:17:39 +05:30
d008a02bc6
reference - update
2023-09-29 11:11:33 +05:30
52c948b3d6
Merge pull request #8283 from projectdiscovery/zencart-installer
...
Create zencart-installer.yaml
2023-09-29 11:09:50 +05:30
39bde187ad
Update zencart-installer.yaml
2023-09-29 11:05:56 +05:30
20b7ed5bfa
TemplateMan Update [Fri Sep 29 05:32:45 UTC 2023] 🤖
2023-09-29 05:32:46 +00:00
aed5b2c10b
Merge pull request #8279 from sullo/main
...
Joomla! version matching fixes
2023-09-29 11:00:48 +05:30
dd0d479008
Auto WordPress Plugins Update [Fri Sep 29 04:02:18 UTC 2023] 🤖
2023-09-29 04:02:18 +00:00
09c7344744
Merge pull request #8277 from projectdiscovery/vironeer-installer
...
Create vironeer-installer.yaml
2023-09-28 22:59:46 +05:30
b6f2c618e8
TemplateMan Update [Thu Sep 28 17:26:49 UTC 2023] 🤖
2023-09-28 17:26:49 +00:00
0cef5a5fae
Merge pull request #8282 from projectdiscovery/dolphin-installer
...
Create dolphin-installer.yaml
2023-09-28 22:56:27 +05:30
5e2c584c5e
Merge pull request #8284 from projectdiscovery/clipbucket-installer
...
Create clipbucket-installer.yaml
2023-09-28 22:55:10 +05:30
0351e4977c
Merge pull request #8275 from projectdiscovery/fix-fp-gitignore
...
Update exposed-gitignore.yaml
2023-09-28 22:54:54 +05:30
0dd0f0e9df
Update vironeer-installer.yaml
2023-09-28 22:54:20 +05:30
97a84f6b23
Update dolphin-installer.yaml
2023-09-28 22:53:19 +05:30
5077ecae67
Update clipbucket-installer.yaml
2023-09-28 22:52:08 +05:30
fc00af69a0
Auto WordPress Plugins Update [Thu Sep 28 04:02:23 UTC 2023] 🤖
2023-09-28 04:02:23 +00:00
cb632e613f
Create clipbucket-installer.yaml
2023-09-28 08:00:05 +05:30
4050afbbc9
Create zencart-installer.yaml
2023-09-28 07:47:47 +05:30
8346d97b22
Create dolphin-installer.yaml
2023-09-28 07:20:48 +05:30
e616bb0ec7
protocol update
2023-09-27 23:35:44 +05:30
bc957cd1a4
Update CVE-2023-42793.yaml
2023-09-27 23:35:06 +05:30
f0ba24afa1
JetBrains TeamCity - Remote Code Execution (CVE-2023-42793)
2023-09-27 23:25:18 +05:30
4afb8a0587
This updates the order of files so that versions are extracted before generic Joomla! detection, fixes the regex for version matching, and adds a required AND matcher for the joomla.xml file.
2023-09-27 13:08:55 -04:00
48b9ff2205
Create vironeer-installer.yaml
2023-09-27 19:42:23 +05:30
4efec2d2e3
Create shopware-installer.yaml
2023-09-27 19:16:20 +05:30
ebedb7ed93
Update exposed-gitignore.yaml
2023-09-27 18:38:37 +05:30
446532191f
Create yonyou-u8-sqli.yaml
2023-09-27 16:52:56 +05:30
dc6b9c1e73
metadata update
2023-09-27 14:39:20 +05:30
334c3be057
Create CVE-2023-22432.yaml
2023-09-27 14:38:24 +05:30
082966e07a
Create CVE-2014-9180.yaml
2023-09-27 14:13:02 +05:30
a5af4a1f44
TemplateMan Update [Wed Sep 27 04:48:39 UTC 2023] 🤖
2023-09-27 04:48:40 +00:00
ea82d21d64
Create klr300n-installer.yaml
2023-09-27 10:04:00 +05:30
898e468d2c
Auto WordPress Plugins Update [Wed Sep 27 04:02:06 UTC 2023] 🤖
2023-09-27 04:02:06 +00:00
e47239d4df
Merge pull request #8267 from projectdiscovery/CVE-2023-5074
...
Create CVE-2023-5074.yaml (Authentication Bypass in D-Link D-View 8 🔥 )
2023-09-26 21:24:12 +05:30
17669c7fd8
lint -fix
2023-09-26 21:21:03 +05:30
5f4f590e7f
Update CVE-2023-5074.yaml
2023-09-26 21:16:55 +05:30
3b789d908b
Update CVE-2023-5074.yaml
2023-09-26 21:13:29 +05:30
eec309f75f
TemplateMan Update [Tue Sep 26 15:42:15 UTC 2023] 🤖
2023-09-26 15:42:16 +00:00
85868d5802
Merge pull request #8216 from zn9988/main
...
Create CVE-2023-2479.yaml
2023-09-26 21:09:57 +05:30
e48aa75f0f
fix-trail-spacing
2023-09-26 20:09:49 +05:30
52c9d36132
Create CVE-2023-5074.yaml
2023-09-26 20:05:39 +05:30
8624a3723b
TemplateMan Update [Tue Sep 26 13:42:18 UTC 2023] 🤖
2023-09-26 13:42:19 +00:00
1709d2bd2f
Merge pull request #8259 from projectdiscovery/ojs-installer
...
Create ojs-installer.yaml
2023-09-26 19:09:55 +05:30
634eb6f24f
Merge pull request #8225 from projectdiscovery/CVE-2023-36845
...
Create CVE-2023-36845.yaml (Juniper J-Web - Remote Code Execution 🔥 )
2023-09-26 18:57:53 +05:30
2c1ad47f56
Merge pull request #8229 from projectdiscovery/bitrix24-installer
...
Create bitrix24-installer.yaml
2023-09-26 18:45:37 +05:30
9fd65a9f6e
Merge pull request #8234 from projectdiscovery/akeeba-installer
...
Create akeeba-installer.yaml
2023-09-26 18:44:48 +05:30
6d40f1256d
fix trail space
2023-09-26 12:42:57 +05:30
ae67cf87ba
minor update
2023-09-26 12:33:31 +05:30
f06822363f
Update twilio-api-key.yaml
2023-09-26 12:30:36 +05:45
d5046b1dae
Update twilio-api-key.yaml
2023-09-26 12:30:07 +05:45
e0c79e9609
my template extracts all the keys if the word twilio is present.
2023-09-26 11:53:59 +05:45
c79554fd80
TemplateMan Update [Tue Sep 26 05:47:05 UTC 2023] 🤖
2023-09-26 05:47:06 +00:00
96d22d5350
Merge pull request #8258 from righettod/add_blazor_tpl
...
Add template to detect Blazor WebAssembly app
2023-09-26 11:16:02 +05:30
2c1392e423
Merge pull request #8260 from kazet/zzzcms-rce-fp
...
ZZZCMS RCE is a false positive if we see phpinfo() without posting any data
2023-09-26 11:14:55 +05:30
59151619bc
req and matcher update
2023-09-26 10:19:09 +05:30
34a19dd885
fix trailing space
2023-09-25 23:21:28 +05:30
c02fc785e0
Create shiro-deserialization-detection.yaml
2023-09-25 23:17:08 +05:30
f188fcbe2f
more precise status code match
2023-09-25 16:28:43 +02:00
8e3d9c97ce
ZZZCMS RCE is a false positive if we see phpinfo() without posting any data
2023-09-25 16:24:23 +02:00
476f2ea24d
Create ojs-installer.yaml
2023-09-25 08:53:10 +05:30
580da365f2
Update blazor-webassembly-detect.yaml
2023-09-25 08:07:20 +05:30
463f722ad7
Create CVE-2023-30625.yaml
...
rudder-server is part of RudderStack, an open source Customer Data Platform (CDP). Versions of rudder-server prior to 1.3.0-rc.1 are vulnerable to SQL injection. This issue may lead to Remote Code Execution (RCE) due to the `rudder` role in PostgresSQL having superuser permissions by default. Version 1.3.0-rc.1 contains patches for this issue.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2023-09-24 18:15:00 +09:00
ceb38c80b0
Auto WordPress Plugins Update [Sun Oct 1 04:12:23 UTC 2023] 🤖
2023-10-01 04:12:23 +00:00
580de94348
Add tpl
2023-09-24 09:17:15 +02:00
d8cc4d809e
Auto WordPress Plugins Update [Sun Sep 24 04:02:04 UTC 2023] 🤖
2023-09-24 04:02:04 +00:00
3282e2c8e2
Merge pull request #8231 from projectdiscovery/zabbix-installer
...
Create zabbix-installer.yaml
2023-09-24 08:22:16 +05:30
d549599606
fix: typo in cve-2023-23492 template name ( #8250 )
2023-09-23 15:12:58 +05:30
GitHub Action
pussycat0x
Dhiyaneshwaran
Luis Felipe
Pugalarasan
gy741
Ritik Chaddha
sandeep
Prince Chaddha
Prince Chaddha
johnk3r
jainiresh
sullo
shankar acharya
sank
Krzysztof Zając
Dominique RIGHETTO
pentesttools-com