sandeep
41be58c633
misc update
2021-10-22 15:09:15 +05:30
Sandeep Singh
a21cec6362
Merge pull request #2844 from projectdiscovery/more-fixes
...
Changes to adopt v2.5.3 engine
2021-10-21 07:21:20 +05:30
Sandeep Singh
df54ed28f7
Merge pull request #2942 from projectdiscovery/CVE-2019-2729
...
Added CVE-2019-2729 (Oracle WebLogic RCE)
2021-10-21 05:42:29 +05:30
sandeep
323da341b2
Added CVE-2019-2729 (Oracle WebLogic RCE)
2021-10-21 05:37:30 +05:30
sandeep
33badb66d1
oob tags update
2021-10-19 02:10:26 +05:30
sandeep
a614391d3f
Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates into more-fixes
2021-10-18 03:14:44 +05:30
Philippe Delteil
794dfb0bbe
Update CVE-2019-6340.yaml
...
Solves cases when the source code contains only uid= and gid= (e.g. https://account.mail.ru )
``nuclei -debug -t ~/nuclei-templates/cves/2019/CVE-2019-6340.yaml -u https://account.mail.ru ``
2021-10-15 04:01:39 -03:00
Sandeep Singh
9273a765c0
Merge branch 'master' into more-fixes
2021-10-13 13:48:52 +05:30
sandeep
5072932509
more updates
2021-10-10 06:43:30 +05:30
sandeep
1bdafa4474
Added missing condition for CVE-2019-18818
2021-10-08 19:28:24 +05:30
Sullo
c9a374bed5
renamed: simple-employee-rce.yaml -> ../../cves/2019/CVE-2019-20183.yaml
2021-09-30 13:06:46 -04:00
Sullo
3878138bfe
* Added Host headers where needed (validated via disclosures/posts)
...
* Added CVE simple-employee-rce.yaml
2021-09-30 12:52:05 -04:00
sandeep
1c613882f8
Added missing cve tags
2021-09-21 16:17:16 +05:30
sandeep
ff1537d7da
fixing tags typos
2021-09-21 15:43:08 +05:30
Sandeep Singh
0f03f5ff55
Merge pull request #2692 from projectdiscovery/metadata-attribute-update
2021-09-18 18:19:07 +05:30
GitHub Action
0dd6d4a6b4
Auto Generated CVE annotations [Thu Sep 16 16:58:29 UTC 2021] 🤖
2021-09-16 16:58:29 +00:00
Prince Chaddha
cc9b5ea32e
Merge pull request #2678 from pikpikcu/patch-279
...
Create CVE-2019-13392.yaml
2021-09-16 22:27:05 +05:30
Prince Chaddha
4984b42e66
Update CVE-2019-7543.yaml
2021-09-16 21:28:19 +05:30
sandeep
676b51d20c
Metadata attribute update
2021-09-16 21:24:33 +05:30
PikPikcU
df64158ca6
Create CVE-2019-7543.yaml
2021-09-16 10:35:05 +07:00
Prince Chaddha
9e090c8098
Update CVE-2019-13392.yaml
2021-09-15 17:32:32 +05:30
PikPikcU
bc6470a65a
Create CVE-2019-13392.yaml
2021-09-15 14:10:34 +07:00
Ice3man543
e9f728c321
Added cve annotations + severity adjustments
2021-09-10 16:56:40 +05:30
sandeep
609705f676
removed extra headers not required for template
2021-09-08 17:47:19 +05:30
Prince Chaddha
ed33f5172f
Merge pull request #2581 from Akokonunes/patch-30
...
Create CVE-2019-11013.yaml
2021-09-06 17:29:15 +05:30
Prince Chaddha
6563f9be81
Update CVE-2019-11013.yaml
2021-09-06 16:56:14 +05:30
Prince Chaddha
f6e52a6739
Merge pull request #2585 from sullo/master
...
Updates across many templates for clarity, spelling, and grammar.
2021-09-06 15:02:52 +05:30
Prince Chaddha
861af1bdc8
Update and rename CVE-2019-7275.yaml to cves/2019/CVE-2019-7275.yaml
2021-09-06 14:39:22 +05:30
sullo
ef1f7c5e92
Updates across many templates for clarity, spelling, and grammar.
2021-09-05 17:13:45 -04:00
Prince Chaddha
d3a88548e5
Update and rename CVE-2019-11013.yaml to cves/2019/CVE-2019-11013.yaml
2021-09-05 19:23:17 +05:30
sandeep
17d55f7a17
misc update
2021-09-05 15:51:47 +05:30
sandeep
b7a0587768
Update CVE-2019-18818.yaml
2021-09-04 13:59:56 +05:30
idealphase
2b3851204b
Merge branch 'projectdiscovery:master' into master
2021-09-04 14:09:13 +07:00
idealphase
226d48db4c
Update CVE-2019-18818.yaml
...
Added matchers header
2021-09-04 14:07:24 +07:00
idealphase
f1e770fc06
Added CVE-2019-18818
...
Added CVE-2019-18818
2021-09-04 14:00:28 +07:00
sandeep
90f8caf302
Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates into pr/2481
2021-09-03 14:55:30 +05:30
sandeep
c266084621
Added stop-at-first-match in applicable templates
2021-09-02 17:29:10 +05:30
Prince Chaddha
182511566d
Merge pull request #2503 from LogicalHunter/temp-5
...
Added CVE-2019-17503.yaml Template
2021-08-31 12:08:19 +05:30
Prince Chaddha
b27bdcab41
Update CVE-2019-17503.yaml
2021-08-31 12:00:11 +05:30
sandeep
be7aca060c
Update CVE-2019-15889.yaml
2021-08-30 23:52:12 +05:30
Noam Rathaus
65497ce696
Description and reference
2021-08-30 12:47:31 +03:00
Prince Chaddha
30d762883b
Update CVE-2019-17503.yaml
2021-08-29 17:57:29 +05:30
Noam Rathaus
61ca2a3b56
Make description better
2021-08-29 09:32:10 +03:00
LogicalHunter
e974732b38
Added CVE-2019-17503.yaml Template
2021-08-28 02:51:21 -07:00
forgedhallpass
419a957409
Fixing errors in templates
...
Related nuclei tickets:
* #259 - dynamic key-value field support for template information
* #940 - new infos in template
* #834
* RES-84
2021-08-27 10:43:24 +03:00
forgedhallpass
a4250b8f2f
Merge remote-tracking branch 'origin' into dynamic_attributes
2021-08-26 15:04:14 +03:00
socketz
ed76585ed6
Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates
2021-08-25 14:33:32 +02:00
socketz
c766a8454d
Fixed yaml linting errors
2021-08-25 14:09:42 +02:00
sandeep
0276758096
minor update
2021-08-25 01:37:17 +05:30
forgedhallpass
110f9c9ddd
Merge remote-tracking branch 'origin' into dynamic_attributes
2021-08-24 20:38:11 +03:00
sandeep
20eecc57de
Update CVE-2019-15501.yaml
2021-08-24 17:13:37 +05:30
Prince Chaddha
b87f540da6
Merge pull request #2474 from LogicalHunter/temp-2
...
Added CVE-2019-15501.yaml Template
2021-08-24 17:09:04 +05:30
Prince Chaddha
d9cdbb4e97
Update CVE-2019-15501.yaml
2021-08-24 17:07:33 +05:30
sandeep
b1fdcd003e
Update CVE-2019-8937.yaml
2021-08-24 16:52:44 +05:30
Prince Chaddha
03d1abe23b
Update CVE-2019-8937.yaml
2021-08-24 16:26:03 +05:30
Prince Chaddha
7592638ece
Update CVE-2019-8937.yaml
2021-08-24 16:01:12 +05:30
LogicalHunter
ae800b1ab1
Added CVE-2019-15501.yaml Template
2021-08-23 18:15:08 -07:00
LogicalHunter
21ca2234d2
Added CVE-2019-8937.yaml Template
2021-08-23 17:27:13 -07:00
forgedhallpass
296edfc37b
Merge remote-tracking branch 'origin' into dynamic_attributes
2021-08-23 14:40:33 +03:00
Sandeep Singh
04b401a8ef
Merge pull request #2456 from projectdiscovery/payloads-update
...
Payloads positional update to keep the request format uniform
2021-08-23 15:26:35 +05:30
sandeep
451e938d46
misc changes
2021-08-23 14:54:04 +05:30
sandeep
2aa54304ee
Payloads positional update to keep the request format uniform
2021-08-22 23:39:33 +05:30
sandeep
722646d37e
strict matchers
2021-08-21 02:44:16 +05:30
forgedhallpass
dc4cc62629
Merge remote-tracking branch 'origin/master' into dynamic_attributes
2021-08-20 15:35:17 +03:00
sandeep
3f803deb28
more updates
2021-08-20 02:14:42 +05:30
forgedhallpass
77103bc629
Satisfying the linter (all errors and warnings)
...
* whitespace modifications only
2021-08-19 17:44:46 +03:00
forgedhallpass
97d4f8705b
Fixed mistakes/typos
...
Related nuclei tickets:
* #259 - dynamic key-value field support for template information
* #940 - new infos in template
* #834
* RES-84
2021-08-19 16:59:55 +03:00
forgedhallpass
f55d6b75e1
Removed pipe (|) character from references, because the structure requires it to be a string slice, not a string
...
Related nuclei tickets:
* #259 - dynamic key-value field support for template information
* #940 - new infos in template
* #834
* RES-84
2021-08-19 16:59:12 +03:00
forgedhallpass
7b29be739e
Merge branch 'master' into dynamic_attributes
2021-08-19 16:23:26 +03:00
forgedhallpass
ffaff64565
Changes fixes/around dynamic attributes ("additional-fields")
...
Related nuclei tickets:
* #259 - dynamic key-value field support for template information
* #940 - new infos in template
* #834
* RES-84
2021-08-19 16:17:27 +03:00
forgedhallpass
0b432b341b
Added comments with URLs under the "references" field
...
Related nuclei tickets:
* #259 - dynamic key-value field support for template information
* #940 - new infos in template
* #834
* RES-84
2021-08-19 16:15:35 +03:00
forgedhallpass
e68d15ab63
Fixed mistakes/typos in the templates.
...
Related nuclei tickets:
* #259 - dynamic key-value field support for template information
* #940 - new infos in template
* #834
* RES-84
2021-08-19 15:30:14 +03:00
forgedhallpass
cdf9451158
Removed pipe (|) character from references, because the structure requires it to be a string slice, not a string
...
Related nuclei tickets:
* #259 - dynamic key-value field support for template information
* #940 - new infos in template
* #834
* RES-84
2021-08-18 14:44:27 +03:00
forgedhallpass
4c920b2552
Rename "references" to "reference" to match the expected template info structure
...
Related nuclei tickets:
* #259 - dynamic key-value field support for template information
* #940 - new infos in template
* #834
* RES-84
2021-08-18 14:29:20 +03:00
Prince Chaddha
f0acc877a8
Update CVE-2019-16313.yaml
2021-08-16 15:50:28 +05:30
PikPikcU
73f37aa7c5
Create CVE-2019-16313.yaml
2021-08-14 18:37:50 +07:00
PikPikcU
45a46dad92
Update CVE-2019-20085.yaml
2021-08-14 18:22:17 +07:00
sandeep
f3a758c461
removing extra headers
2021-08-12 18:42:02 +05:30
sandeep
189f62a96f
Update CVE-2019-7238.yaml
2021-08-12 18:21:19 +05:30
PikPikcU
1d8ed811d3
Create CVE-2019-7238.yaml
2021-08-12 19:30:35 +07:00
Prince Chaddha
d2fdd5096d
Update CVE-2019-12616.yaml
2021-08-12 15:07:48 +05:30
Prince Chaddha
6096bc4db7
Update CVE-2019-12616.yaml
2021-08-11 16:38:30 +05:30
Philippe Delteil
8c1050256f
Update CVE-2019-12616.yaml
...
I don't know why the matcher was changed. The matcher phpmyadmin.net doesn't work in my test cases.
2021-08-09 17:35:43 -04:00
sandeep
4f0a3510fa
matcher update
2021-08-09 23:51:31 +05:30
sandeep
8c48ca97d2
matcher + payload + regex updates
2021-08-09 21:58:28 +05:30
sandeep
c0db649278
Added CVE-2019-0193 - Apache Solr - DataImportHandler RCE
2021-08-09 21:57:30 +05:30
sandeep
63595cad63
Update CVE-2019-12616.yaml
2021-08-08 12:20:47 +05:30
sandeep
5d51c6235d
Update CVE-2019-12616.yaml
2021-08-08 12:20:24 +05:30
Philippe Delteil
78cca01d07
Update CVE-2019-12616.yaml
...
regex matching condition to match all vulnerable versions.
With 401 we could find instances behind htaccess protection.
Added a version extractor also.
2021-08-07 18:59:05 -04:00
Sandeep Singh
454e11f6c4
Merge pull request #2271 from pikpikcu/patch-240
...
Update JIRA SSRF
2021-08-02 01:31:27 +05:30
sandeep
f5982c5d28
Update CVE-2019-8451.yaml
2021-08-02 01:30:00 +05:30
sandeep
5023dd6f9c
Update CVE-2019-8451.yaml
2021-08-02 01:27:40 +05:30
Sandeep Singh
c7778257c3
Update CVE-2019-8451.yaml
2021-08-02 01:22:49 +05:30
Sandeep Singh
56d3a2f1bd
Merge pull request #2284 from pikpikcu/patch-242
...
Update CVE-2019-0221
2021-08-02 01:17:36 +05:30
Noam Rathaus
03dfb4bff6
More references
2021-08-01 09:16:33 +03:00
Noam Rathaus
ac70ba03c7
description and reference
2021-08-01 09:12:12 +03:00
Noam Rathaus
21b17993be
Better references
2021-08-01 09:10:14 +03:00
PikPikcU
0653fdc498
Update CVE-2019-0221.yaml
2021-08-01 09:43:53 +07:00
Prince Chaddha
8246b2356c
Update CVE-2019-12276.yaml
2021-07-31 08:58:19 +05:30
sandeep
ff344b0e49
Update CVE-2019-8451.yaml
2021-07-30 17:35:48 +05:30
PikPikcU
5bf63d1811
Update JIRA SSRF
2021-07-30 18:50:31 +07:00
Muhammad Daffa
189f59ba9d
Create CVE-2019-12276.yaml
2021-07-30 05:49:59 +07:00
Muhammad Daffa
3a3ccf0ba2
Create CVE-2019-14312.yaml
2021-07-28 09:04:19 +07:00
sandeep
6ccc5f8792
matcher update to handle edge cases
2021-07-25 03:05:55 +05:30
sandeep
13e5528c46
duplicate update
2021-07-20 11:40:23 +05:30
Sandeep Singh
6eee57115c
Merge pull request #2083 from projectdiscovery/fixing-xss-matchers
...
fixing-xss-matchers
2021-07-20 00:28:01 +05:30
sandeep
2d6198ba04
Updated payload + matcher
2021-07-19 18:13:09 +05:30
Prince Chaddha
aff7f7fa64
Update CVE-2019-19134.yaml
2021-07-19 11:34:59 +05:30
Prince Chaddha
5dce5e078e
Update CVE-2019-16525.yaml
2021-07-19 11:34:07 +05:30
Prince Chaddha
5b1766e10b
Update CVE-2019-16332.yaml
2021-07-19 11:33:40 +05:30
Prince Chaddha
bf0aff7579
Update CVE-2019-15713.yaml
2021-07-19 11:32:53 +05:30
sandeep
e848640e9d
Added CVE-2019-12616
2021-07-16 23:27:01 +05:30
Prince Chaddha
829507fd1e
Update CVE-2019-20085.yaml
2021-07-16 17:58:51 +05:30
Prince Chaddha
379345fc05
Update CVE-2019-20085.yaml
2021-07-16 17:57:49 +05:30
Muhammad Daffa
f857247e84
Create CVE-2019-20085.yaml
2021-07-16 19:17:49 +07:00
Prince Chaddha
833306ad86
Merge pull request #2025 from daffainfo/patch-63
...
Create CVE-2019-16525.yaml
2021-07-16 17:44:09 +05:30
Prince Chaddha
9ab9617b95
Update CVE-2019-16525.yaml
2021-07-16 17:42:41 +05:30
Prince Chaddha
cbd0d293bd
Merge pull request #2031 from daffainfo/patch-65
...
Create CVE-2019-15713.yaml
2021-07-16 11:02:45 +05:30
Prince Chaddha
a08eed7ce8
Update CVE-2019-15713.yaml
2021-07-16 11:00:01 +05:30
Prince Chaddha
a78e6caafc
Update CVE-2019-16332.yaml
2021-07-16 10:57:50 +05:30
Muhammad Daffa
bf68e5060d
Create CVE-2019-15713.yaml
2021-07-16 00:09:33 +07:00
Muhammad Daffa
28278b45a2
Create CVE-2019-16332.yaml
2021-07-16 00:06:33 +07:00
Muhammad Daffa
8a28dc1935
Create CVE-2019-16525.yaml
2021-07-15 19:30:44 +07:00
Prince Chaddha
22a16b4b17
Update CVE-2019-19134.yaml
2021-07-15 17:26:55 +05:30
Muhammad Daffa
f816c58bac
Create CVE-2019-19134.yaml
2021-07-15 18:40:17 +07:00
Prince Chaddha
c20a208c4a
Update CVE-2019-9618.yaml
2021-07-15 14:20:42 +05:30
Muhammad Daffa
3fa2bf156a
Create CVE-2019-9618.yaml
2021-07-15 09:48:59 +07:00
sandeep
f7259df034
typo update
2021-07-14 15:38:56 +05:30
Prince Chaddha
bca05d61d6
Merge pull request #1926 from daffainfo/patch-11
...
Create CVE-2019-14470.yaml
2021-07-11 10:15:11 +05:30
Prince Chaddha
7c19ca873d
Update CVE-2019-14470.yaml
2021-07-11 10:12:41 +05:30
Prince Chaddha
7c0c5033e9
Update CVE-2019-14470.yaml
2021-07-11 10:11:11 +05:30
Prince Chaddha
0bae5e975e
Update CVE-2019-15889.yaml
2021-07-11 10:09:51 +05:30
Muhammad Daffa
009e68c627
Create CVE-2019-15889.yaml
2021-07-11 08:20:03 +07:00
Muhammad Daffa
4889efb117
Create CVE-2019-14470.yaml
2021-07-11 08:06:14 +07:00
sandeep
b137eb57d3
More edge cases
...
Only looking for DNS interaction is not reliable as few servers make DNS requests for host included in path or query parameter.
2021-07-04 00:41:57 +05:30
sandeep
acebe227a1
Update CVE-2019-13101.yaml
2021-07-04 00:12:01 +05:30
sandeep
9e9954cbab
strict matchers
2021-07-04 00:07:30 +05:30
Suman Kar
f249af535a
Update CVE-2019-13101.yaml
...
iot tag added
2021-07-03 17:55:11 +05:30
Suman Kar
e20298b4d3
D-Link DIR-600M Router - Authentication Bypass
2021-07-03 05:50:40 +05:30
Prince Chaddha
37261f7a2f
Update and rename vulnerabilities/jira/jira-unauthenticated-popular-filters.yaml to cves/2019/CVE-2019-3401.yaml
2021-06-24 16:52:04 +05:30
Prince Chaddha
2539c830ac
Update CVE-2019-7481.yaml
2021-06-22 13:20:06 +05:30
Prince Chaddha
c87238c37a
Update CVE-2019-7481.yaml
2021-06-22 13:18:51 +05:30
darrenmartyn
80d159c277
Update CVE-2019-7481.yaml
2021-06-19 22:44:05 +01:00
darrenmartyn
7c65c33396
Update CVE-2019-7481.yaml
...
maybe yaml lint thing doesn't hate me now
2021-06-19 22:42:10 +01:00
darrenmartyn
722a2bd60c
Update and rename CVE-2019-4781.yaml to CVE-2019-7481.yaml
2021-06-19 21:39:08 +01:00
darrenmartyn
a26c0d9c3a
Create CVE-2019-4781.yaml
...
Need some feedback on this, tested it out and it works just fine.
2021-06-19 21:17:40 +01:00
Prince Chaddha
8df5f982f3
Moved template to cves
2021-06-13 21:01:21 +05:30
sandeep
3de46aa21b
misc changes
2021-06-10 00:01:38 +05:30
sandeep
ea26842383
Added CVE-2019-2616
2021-06-09 23:56:42 +05:30
Prince Chaddha
83ce809e8d
Updated author names
2021-06-09 17:50:56 +05:30