daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
3,142 Commits
18 Branches
0 Tags
171 MiB
Commit Graph

817 Commits (79ebf9b5bd7a55dfe56a40f43cdde3365619494d)

Author SHA1 Message Date
PikPikcU ad23717e7c
Create CVE-2020-17530.yaml 2021-01-27 18:47:58 +00:00
pudsec 5e7ae851f1 Added CVE-2021-22873 2021-01-24 19:37:25 +08:00
PD-Team 8d647ffbad Update CVE-2020-5410.yaml 2021-01-14 20:21:36 +05:30
PD-Team dc24595935 BaseURL updates 2021-01-14 20:11:56 +05:30
Michael Henriksen b528ce663c Introduce a new risky-cves root folder 
The template for CVE-2020-16139 lived in `cves/`
and was not ignored by default in .nuclei-ignore
for a considurable time because of directory
restructuring. The risky-cves root folder is
introduced to make this mistake less likely to
happen in the future.
 2021-01-13 12:53:29 +01:00
team-projectdiscovery 106da77fc3 Preparing for request clustering 2021-01-13 13:01:46 +05:30
team-projectdiscovery d8fc0079d9 Adding CVE-2020-9376 2021-01-12 21:45:12 +05:30
team-projectdiscovery 1468d8a52c matcher updates 2021-01-11 12:14:22 +05:30
team-projectdiscovery b5dd30abf5 fixes 2021-01-11 04:09:54 +05:30
team-projectdiscovery a52ffe5c4e fixes and updates 2021-01-10 19:45:36 +05:30
team-projectdiscovery 664a6f3b04 more cves 🔥 2021-01-09 20:15:11 +05:30
team-projectdiscovery eaaf56e9da workflow updates 2021-01-09 18:58:57 +05:30
team-projectdiscovery 87ec61f0de Update CVE-2020-17518.yaml 2021-01-08 00:19:39 +05:30
team-projectdiscovery 32143aa738 Create CVE-2020-17518.yaml 2021-01-06 23:08:45 +05:30
team-projectdiscovery dfd308612b adding CVE-2020-17519 2021-01-06 12:38:41 +05:30
team-projectdiscovery 9ec41352f6 matcher update 2021-01-05 00:33:42 +05:30
team-projectdiscovery 4f2a99345c cve id updates 2021-01-02 10:32:50 +05:30
team-projectdiscovery 82b5a7f57b misc changes 2021-01-02 10:30:39 +05:30
team-projectdiscovery 0cec810029 misc changes 2021-01-02 10:29:06 +05:30
team-projectdiscovery 6cc3f88a5d misc changes 2021-01-02 10:26:15 +05:30
team-projectdiscovery ba58677a74 moving cves to year based structure 
easy for viewing / running templates based on years.
 2021-01-02 09:52:04 +05:30
team-projectdiscovery e7677fcc81 Update CVE-2020-10148.yaml 2021-01-01 17:03:22 +05:30
team-projectdiscovery c0609a6dd9 misc changes 2021-01-01 16:41:05 +05:30
team-projectdiscovery 7c0bfcd167 Update CVE-2020-10148.yaml 2021-01-01 16:10:35 +05:30
team-projectdiscovery 9ccdc41c6a updating matchers and path 2021-01-01 16:08:09 +05:30
Dwi Siswanto dfd822bfe2 ✏️ Replace reference 2020-12-31 16:12:13 +07:00
Dwi Siswanto 7bc5bf03be 🔨 Splitting matcher parts 2020-12-31 15:51:24 +07:00
Dwi Siswanto 87f2961ed0 🔨 Simplify matchers & add more references 2020-12-31 15:40:10 +07:00
Dwi Siswanto 4b0c979208 🔥 Add CVE-2020-10148 2020-12-29 14:32:08 +07:00
dsm 6c575732f4
Fixed small typing error 
Changed temaplte to template
 2020-12-25 14:44:40 -03:00
team-projectdiscovery a5e062992d Update CVE-2008-2398.yaml 2020-12-25 20:34:57 +05:30
team-projectdiscovery eded3a5bc5 Update CVE-2008-2398.yaml 2020-12-25 20:13:47 +05:30
team-projectdiscovery 6bc5af5ce2 updating rules 2020-12-25 15:26:00 +05:30
Ganesh Bagaria e5234dbcc6
Add CVE-2019-11869 
XSS in Yuzo Related Posts plugin before 5.12.94
 2020-12-25 13:51:48 +05:30
team-projectdiscovery 7a1c7f63b7 Update CVE-2019-20141.yaml 2020-12-23 19:08:42 +05:30
team-projectdiscovery 441c1d2c40 updated rails6-xss 2020-12-23 14:54:03 +05:30
team-projectdiscovery 365098fd7b Update CVE-2020-8185.yaml 2020-12-23 08:03:49 +05:30
rootxharsh 93154ff6ae Formatted YAML 2020-12-23 04:03:16 +05:30
rootxharsh 61beebde41 Add Rails 6 XSS 2020-12-23 03:55:41 +05:30
team-projectdiscovery 077fda9228 Update CVE-2008-2398.yaml 2020-12-16 11:06:39 +05:30
shubham chaskar 8c9ce49b2d
cve-2008-2398 added 2020-12-16 01:20:04 +05:30
Philippe Pépos Petitclerc 00ef32a392 Reintroduce CVE-2019-15858.yaml check 
Old version had a lot of FP as it did not check if the returned page was
acutally the correct readme. So I added a check for the name of the
plugin and another one to ensure there is a changelog. This shoud remove
almost all false positives.
 2020-12-14 20:53:39 -05:00
team-projectdiscovery d0df82d928 Adding content type checks for XSS templates 2020-12-14 00:54:23 +05:30
PD-Team f5a5a0883d
Merge pull request #675 from geeknik/patch-27 
Delete CVE-2019-11043.yaml
 2020-12-14 00:42:16 +05:30
Geeknik Labs 5e844c925f
Delete CVE-2019-11043.yaml 
This is the incorrect way to test for this particular bug. The person who pointed this out has no desire to open a pull request. So we nuke this file.
 2020-12-12 19:45:59 +00:00
Dwi Siswanto 044bf5d19b 🔥 Add CVE-2020-11738 2020-12-12 12:03:34 +07:00
Dwi Siswanto d383687b6a 🔥 Add CVE-2020-7318 2020-12-09 15:54:40 +07:00
bauthard 33c36b045e
Merge pull request #667 from dwisiswant0/add/CVE-2020-4463 
Add CVE-2020-4463
 2020-12-07 20:31:05 +05:30
bauthard dd077a0300 Adding small note 2020-12-07 20:30:11 +05:30
bauthard ad01bb0633 Temporarily removing due to f/p 2020-12-07 20:18:03 +05:30
Dwi Siswanto 676b5d23ef 🔥 Add CVE-2020-4463 2020-12-07 14:59:25 +07:00
bauthard e22932c1fa Improving matchers 2020-12-06 15:12:32 +05:30
bauthard 04d566eea5 misc changes 2020-12-06 15:02:10 +05:30
ree4pwn b7102ea11b
Update CVE-2019-11581.yaml 2020-12-05 17:21:28 +08:00
ree4pwn bf3e0f501a
Update CVE-2019-11581.yaml 2020-12-05 17:17:48 +08:00
ree4pwn b19bcfacf8
Update CVE-2019-11581.yaml 
Fix syntax error
 2020-12-05 17:00:05 +08:00
ree4pwn d3a77c422d
Update and rename cve-2019-11581.yaml to CVE-2019-11581.yaml 2020-12-05 16:53:14 +08:00
ree4pwn 3a7130030e
cve-2019-11581 
Jira template injection
 2020-12-05 16:51:54 +08:00
bauthard 950d3e4f24 Create CVE-2019-15858.yaml 2020-12-02 10:55:57 +05:30
bauthard 2ef8cb5c8f
temporary remove 2020-12-02 10:47:07 +05:30
bauthard 6b5734f25d
Merge pull request #630 from Patralos/master 
cve-2019-15858 reversed check
 2020-12-02 10:22:45 +05:30
Dwi Siswanto 06b94ebae3 🔥 Add CVE-2020-23972 2020-12-01 16:25:33 +07:00
bauthard 7d0d8bdb99 Update CVE-2019-11043.yaml 2020-11-29 17:38:24 +05:30
Geeknik Labs 0bc9e92da6
Update CVE-2019-11043.yaml 2020-11-28 19:14:21 +00:00
bauthard 231974676e
Merge pull request #650 from projectdiscovery/bugfix-cve-2019-12725 
fixing unmarshal error
 2020-11-27 01:19:50 +05:30
bauthard 519ddb4ce5
reverting the change 2020-11-27 01:19:35 +05:30
bauthard 1b203b350b
Update CVE-2019-12725.yaml 2020-11-27 01:16:49 +05:30
Mzack9999 f5e5515a35 fixing unmarshal error 2020-11-26 20:36:28 +01:00
bauthard 0fae570c4c Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates 2020-11-26 20:59:30 +05:30
bauthard a1732cc1a3 Removing cve-2020-14815 
This will be added back with support of https://github.com/projectdiscovery/nuclei/issues/295
 2020-11-26 20:59:10 +05:30
bauthard 3d7e839a99 Update CVE-2019-12725.yaml 2020-11-26 14:42:15 +05:30
Dwi Siswanto f9301c5808 🔥 Add CVE-2019-12725 2020-11-26 11:24:02 +07:00
bauthard 6c4fcfc602 Adding marker to payload 2020-11-26 02:02:20 +05:30
Dwi Siswanto e39ffdf513 🔨 Fix false-positive for CVE-2013-2251 2020-11-25 07:26:52 +07:00
bauthard 6f3b2cdd0c adding more info and matchers 2020-11-25 01:30:01 +05:30
shelld3v b81c8ea57d
🔥 Add CVE-2018-13380 2020-11-24 21:30:18 +07:00
Dwi Siswanto 05796b0692 🔥 Rename cve-* files to CVEs 2020-11-22 05:49:16 +07:00
bauthard 971f016178 few updates 2020-11-21 20:39:12 +05:30
SaN ThosH bf5e619803
Create CVE-2019-6340.yaml 2020-11-21 13:07:33 +05:30
bauthard beb578cdf0 Marker updates to payloads 
Adding § marker to variable names to avoid any confusion with real data and variable name, supported from nuclei v2.2.0
 2020-11-21 12:25:49 +05:30
Patralos f35eec7ba1
remove empty lines 2020-11-20 10:33:26 +01:00
Patralos becd37a635
cve-2019-15858 reversed check 
2.2.5 is the fixed version and should therefore be absent.
 2020-11-20 10:28:29 +01:00
bauthard 1ec8040a8d
Merge pull request #624 from dwisiswant0/add/CVE-2020-13942 
Add CVE-2020-13942
 2020-11-19 00:42:55 +05:30
Dwi Siswanto 05f41079f4 🔥 Add CVE-2020-13942 2020-11-19 00:47:19 +07:00
Dwi Siswanto 63cfa344bd 🔥 Add CVE-2020-16846 2020-11-19 00:21:07 +07:00
bauthard 071e3b25c9 few updates 2020-11-17 16:27:15 +05:30
Sandor Toth 0202889780 cve-2017-12637.yaml tab fixed 2020-11-17 11:18:19 +01:00
Sandor Toth f5e1d23545 cve-2017-12637.yaml added 2020-11-17 11:14:41 +01:00
Dwi Siswanto d6198665e7 🔥 Add CVE-2020-8209 
References:
- https://swarm.ptsecurity.com/path-traversal-on-citrix-xenmobile-server/
 2020-11-16 21:49:51 +07:00
bauthard b1965155f7 Update CVE-2020-14815.yaml 2020-11-14 15:37:15 +05:30
bauthard a710c24d4d Update CVE-2020-14815.yaml 2020-11-14 15:35:06 +05:30
mohammedshine a273c87c2e
Create CVE-2020-14815.yaml 2020-11-13 01:25:48 +05:30
bauthard 3cf5167077 Update CVE-2019-20141.yaml 2020-11-12 14:30:01 +05:30
bauthard c4349a33cf fixing possible false positive 2020-11-12 13:55:56 +05:30
bauthard 4f746684c8 Encoding updates 2020-11-10 19:43:51 +05:30
Casper Guldbech Nielsen 29d421549a Search for "provider":"ldap" to complete the match on the cve 
Signed-off-by: Casper Guldbech Nielsen <whopsec@protonmail.com>
 2020-11-07 12:37:29 +01:00
Casper Guldbech Nielsen e9b57b3e9a Add cve-2020-26214 detection 
Signed-off-by: Casper Guldbech Nielsen <whopsec@protonmail.com>
 2020-11-07 11:47:02 +01:00
bauthard cd90698cb5 Adding cve-2019-3402 2020-11-06 15:58:11 +05:30
Dwi Siswanto b175c2117c 🔥 Update CVE-2020-14882 payload & with positive matchers 2020-11-02 14:23:12 +07:00
bauthard 73c94b174c moved to another branch for the fix. 2020-11-01 12:53:33 +05:30
bauthard 8503dd1471
fixing mistake 2020-10-30 11:01:43 +05:30
Dwi Siswanto baaba9036e 🔥 Add CVE-2020-14882 2020-10-29 19:58:49 +07:00
bauthard 0c3b87f943
Merge pull request #595 from projectdiscovery/z-xxe 
adding cve-2019-9670
 2020-10-29 16:24:59 +05:30
bauthard 0c63ebfd8f adding cve-2019-9670 2020-10-29 16:23:46 +05:30
bauthard ca1c3e7f72 Update CVE-2020-14864.yaml 2020-10-29 15:43:50 +05:30
palaziv 54f73f80e1
add template for CVE-2020-14864 2020-10-29 10:54:06 +01:00
SaN ThosH 3b1f0bf6f9
Create CVE-2020-9344.yaml 2020-10-23 11:59:51 +05:30
bauthard c912513e40
Merge pull request #575 from dwisiswant0/fix/cve-2020-7961 
Update CVE-2020-7961
 2020-10-16 11:34:23 +05:30
Dwi Siswanto d9f53727c9 ✏️ Escaping dot in extractors 2020-10-16 02:59:46 +07:00
Dwi Siswanto b69d65fe7b 🔨 Update matchers using regexes 2020-10-16 02:58:54 +07:00
bauthard 9bd306ab3f matcher updates 2020-10-16 00:20:10 +05:30
Dwi Siswanto 53c239b645 ✏️ Escaping dots in patterns 2020-10-15 18:21:25 +07:00
Dwi Siswanto 31c8d723c1 🔥 Update methods & matchers for CVE-2020-16952 2020-10-15 17:27:52 +07:00
bauthard dddb8e8a37
Merge pull request #562 from knassar702/new-branch 
Neon Dashboard - XSS Reflected (CVE-2019-20141)
 2020-10-15 00:17:02 +05:30
bauthard 431a56847b
Merge pull request #561 from dwisiswant0/add/CVE-2020-16952 
Add CVE-2020-16952
 2020-10-15 00:13:44 +05:30
Khaled Nassar f4ba565b50 Neon Dashboard - XSS Reflected (CVE-2019-20141) 2020-10-14 15:39:46 +00:00
Dwi Siswanto 18bdf7f9d1 🔥 Add CVE-2020-16952 2020-10-14 15:49:48 +07:00
Jonatas Fil 6a9f6cd3dc
Update CVE-2013-2251.yaml 2020-10-13 18:15:07 -04:00
Jonatas Fil 78b652f2e8
add cve-2013-2251 2020-10-13 19:06:01 -03:00
Vidhun K e6c3ec08c4
Update CVE-2020-3452.yaml 
Added another endpoint that's vulnerable to the same path traversal issue
 2020-10-07 15:33:36 +05:30
bauthard a926f61ed2 Removing this for the time being 2020-10-04 11:54:28 +05:30
bauthard 107d9b9dcc
Merge pull request #512 from dwisiswant0/add/CVE-2020-2034 
Add CVE-2020-2034
 2020-10-03 11:45:12 +05:30
bauthard 41f64dfcf9
Merge pull request #533 from projectdiscovery/bp0lr/master 
Bp0lr/master
 2020-10-03 11:42:29 +05:30
bauthard a5840f0205 template update 2020-10-03 11:40:14 +05:30
bauthard b129f008f2 updates 2020-10-03 11:27:10 +05:30
sillydadddy 32d42575f7
Create CVE-2019-8442.yaml 2020-10-03 01:20:52 +05:30
bauthard 69d03e0d6f
Merge pull request #522 from swisskyrepo/swisskyrepo-shellshock 
CVE-2014-6271 Shellshock
 2020-10-02 23:11:14 +05:30
bauthard 5254fb77af
Merge pull request #517 from dwisiswant0/add/CVE-2019-1653 
Add CVE-2019-1653
 2020-10-02 23:08:48 +05:30
bauthard 365e93ec23
Merge pull request #518 from dwisiswant0/add/CVE-2019-15858 
Add CVE-2019-15858
 2020-10-02 23:07:51 +05:30
bauthard a5df22b9d6
Merge pull request #519 from dwisiswant0/add/CVE-2019-16920 
Add CVE-2019-16920
 2020-10-02 21:57:05 +05:30
bauthard 729fc628f2
Merge pull request #516 from dwisiswant0/add/CVE-2020-12116 
Add CVE-2020-12116
 2020-10-02 03:15:53 +05:30
bauthard 5a7d6dd30d
Merge pull request #515 from jaiswalakshansh/master 
added cve-2019-9733.yaml
 2020-10-02 03:00:00 +05:30
bauthard 1acddaff20
Update CVE-2020-14181.yaml 2020-10-02 02:56:01 +05:30
bauthard 91bd427d6e Update cve-2019-9733.yaml 2020-10-02 02:49:18 +05:30
bauthard 05df03474a
Merge pull request #514 from dwisiswant0/add/CVE-2020-9047 
Add CVE-2020-9047
 2020-10-02 02:39:20 +05:30
bauthard c739852f38
Merge pull request #513 from dwisiswant0/add/CVE-2020-2551 
Add CVE-2020-2551
 2020-10-02 02:38:10 +05:30
bauthard 0849da5510
Merge pull request #511 from dwisiswant0/add/CVE-2018-1273 
Add CVE-2018-1273
 2020-10-02 02:23:20 +05:30
bauthard 9f11563a7f Update CVE-2020-14181.yaml 2020-10-02 00:23:53 +05:30
Swissky 73b40d6dda
Update CVE-2014-6271.yaml 2020-10-01 20:45:00 +02:00
Swissky e669c6dc47
Fixing the YAMLint error for CVE-2014-6271 2020-10-01 20:28:37 +02:00
Swissky 970a81c9eb
CVE-2014-6271 Shellshock 2020-10-01 20:03:35 +02:00
Dwi Siswanto 6959f3c1f9 🔥 Add CVE-2019-16920 2020-10-01 15:21:26 +07:00
Dwi Siswanto cb639dd534 🔥 Add CVE-2019-15858 2020-10-01 15:02:00 +07:00
akshansh 949a7bc910 add cve-2019-9733 2020-10-01 12:47:40 +05:30
Dwi Siswanto 43006913e1 🔥 Add CVE-2019-1653 2020-10-01 14:17:09 +07:00
akshansh 5affe9c250 updated cve-2019-9733 2020-10-01 12:44:05 +05:30
akshansh ffecf7ccc0 cve-2019-9733 2020-10-01 12:38:30 +05:30
Dwi Siswanto d91334f612 🔥 Add CVE-2020-12116 2020-10-01 13:55:32 +07:00
akshansh 02cffb6720 cve-2019-9733.yaml 2020-10-01 12:10:15 +05:30
Dwi Siswanto d7fa08cb67 🔥 Add CVE-2020-9047 2020-10-01 13:36:19 +07:00
Dwi Siswanto 6d9ae2b147 ✏️ Update part matchers 2020-10-01 13:12:30 +07:00
Dwi Siswanto 005fde3835 ✏️ Update severity 2020-10-01 13:11:28 +07:00
Dwi Siswanto fc14cc2a6c 🔥 Add CVE-2020-2551 2020-10-01 13:10:28 +07:00
Dwi Siswanto 0710cbe9ad 🔨 Sort paths 2020-10-01 12:39:33 +07:00
Dwi Siswanto 1a6c98f2c5 🔥 Add CVE-2020-2034 2020-10-01 12:37:52 +07:00
Dwi Siswanto a488f75bb1 🔥 Add CVE-2018-1273 2020-10-01 09:28:22 +07:00
bjhulst fd8fce4308
1st version 2020-09-30 23:36:12 +03:00
bauthard 5488ef6104 adding another matcher 2020-09-30 20:14:12 +05:30
x1m f273d2e6c5 Added CVE-2020-24312 2020-09-30 16:30:06 +02:00
bauthard 0153333b9b template update 2020-09-29 22:56:43 +05:30
bauthard fadb29e379
Merge pull request #503 from joeldeleep/master 
cve-2020-0618
 2020-09-29 01:03:47 +05:30
bauthard 9c592e45fd Update cve-2020-0618.yaml 2020-09-29 01:02:19 +05:30
joeldeleep 25a04ef0cf
Update cve-2020-0618.yaml 2020-09-28 07:31:06 +05:30
joeldeleep 13a3ee21f2
Delete CVE-2020-13379.yaml 2020-09-28 07:27:02 +05:30
joeldeleep 2f7c40d80d
Create cve-2020-0618.yaml 
The template only scans for the respective vulnerable url , it has to be manually verified .
 2020-09-28 07:22:37 +05:30
bauthard 0aee5a9715 remvoing cve-2017-7529 
This can be precisely checked only when Nginx version is known, otherwise it will produce false positives results, as such removing this template for the time being.
 2020-09-27 15:41:50 +05:30
bauthard a2d60bbd1e Removing cve-2020-13379 2020-09-27 13:59:33 +05:30
joeldeleep e53c03ab60
Update CVE-2020-13379.yaml 2020-09-27 12:49:42 +05:30
joeldeleep aa50c7370d
Update CVE-2020-13379.yaml 2020-09-27 12:44:17 +05:30
joeldeleep f83e33f78f
Update CVE-2020-13379.yaml 2020-09-27 12:37:03 +05:30
joeldeleep 3da6c533f0
Update CVE-2020-13379.yaml 
The old matching using status code 502 returned false positive when the endpoint is already having a bad gateway. Going through the report here 
https://hackerone.com/reports/878779 and video https://www.youtube.com/watch?v=NWHOmYbLrZ0 , the path has been rewritten and matched with respective image/jpeg as explained in the poc
 2020-09-27 11:58:57 +05:30
Dwi Siswanto 624bb0316a 🔥 Add CVE-2017-11444 2020-09-26 08:05:00 +07:00
bp0lr 0922fb623e added CVE-2019-15107 2020-09-25 09:30:58 -03:00
bp0lr ecddef3d6c added cve-2019-15107 2020-09-25 09:23:29 -03:00
bp0lr bee3e3839e added cve-2019-15107 2020-09-25 09:20:52 -03:00
root 114f83abc4 add CVE-2017-7615 2020-09-24 15:34:36 -03:00
bauthard c89904cc14 Update CVE-2020-14179.yaml 2020-09-24 23:32:55 +05:30
bauthard 23e5970714
Merge pull request #486 from dwisiswant0/add/CVE-2018-17431 
Add CVE-2018-17431
 2020-09-22 21:36:51 +05:30
bauthard ecc56a5140 matchers updates 2020-09-22 21:33:17 +05:30
x1m 76971fcea7 Added CVE-2020-14179 2020-09-22 17:44:12 +02:00
Dwi Siswanto 3740c58965 🔥 Add CVE-2018-17431 2020-09-22 21:41:13 +07:00
bauthard faf6b488a5
matcher update 2020-09-18 20:28:38 +05:30
bauthard cd8699a104 Update CVE-2019-6715.yaml 2020-09-17 22:09:30 +05:30
Robbie 5657004705
Update CVE-2019-6715.yaml 2020-09-17 16:51:35 +01:00
Robbie 296e18768b
Create CVE-2019-6715.yaml 2020-09-17 15:59:14 +01:00
Adam Jordan 5dc45f1fb1 Fix typo in cve-2019-14696.yaml and cve-2020-24223 2020-09-17 17:58:51 +08:00
bauthard 048ab54a98 Update CVE-2020-25540.yaml 2020-09-16 23:54:38 +05:30
Geeknik Labs 9ff599c333
Update CVE-2020-25540.yaml 2020-09-16 18:20:43 +00:00
Geeknik Labs 74a88ab411
Create CVE-2020-25540.yaml 
This is for testing against a Linux host as per https://www.exploit-db.com/exploits/48812. If someone else wants to update this to add the check for Windows, that would be swell.
 2020-09-16 18:17:57 +00:00
bauthard beed4568eb
Merge pull request #473 from CasperGN/fix-cve-2020-15920 
Correcting endpoint to contain /PDC/ajaxreq.php?
 2020-09-16 23:03:45 +05:30
Casper Guldbech Nielsen 63c0a78fc8 Correcting endpoint to contain /PDC/ajaxreq.php? 
Signed-off-by: Casper Guldbech Nielsen <whopsec@protonmail.com>
 2020-09-16 19:02:49 +02:00
Ice3man543 ffef121561 Normalized id fields to match schema regex 2020-09-16 00:55:55 +05:30
bauthard e8ef3b5759
Merge pull request #461 from dwisiswant0/add/CVE-2020-15129 
Add CVE-2020-15129
 2020-09-15 19:45:59 +05:30
Dwi Siswanto fa570b5560 ✏️ Add reference 2020-09-15 00:40:03 +07:00
Dwi Siswanto 19f9e5842a 🔨 Update status matcher 2020-09-15 00:39:24 +07:00
Dwi Siswanto e0f4437cdd 🔥 Add CVE-2020-15129 2020-09-15 00:31:40 +07:00
Dwi Siswanto f7d2851490 ✏️ Add descriptions 2020-09-14 14:26:39 +07:00
Dwi Siswanto 66f1789690 ⬇️ Delete payloads 2020-09-14 14:26:11 +07:00
Dwi Siswanto 4c29679877 ✏️ Update name 2020-09-14 14:25:01 +07:00
Dwi Siswanto 5fb87d81a2 🔥 Add CVE-2020-15505 2020-09-14 14:23:20 +07:00
PikPikcU 118df25b44
Create CVE-2019-16662.yaml 2020-09-11 13:25:48 +00:00
bauthard a1d9be6097
Update CVE-2018-16763.yaml 2020-09-11 16:20:03 +05:30
PikPikcU 73572d26de
Update CVE-2020-16139.yaml 2020-09-10 12:45:32 +00:00
PikPikcU 459bdf6922
Cisco 7937G Denial-of-Service Reboot Attack 🔥 2020-09-10 07:32:07 +00:00
Dwi Siswanto 1110db2ad4 🔨 Add matchers condition 2020-09-10 01:44:26 +07:00
bauthard 90de2070c4
Merge pull request #434 from CasperGN/master 
More templates to Lotus Domino + workflow to bind them together
 2020-09-09 22:40:33 +05:30
Casper Guldbech Nielsen ad3bab450d Based on metasploit regex 
Signed-off-by: Casper Guldbech Nielsen <whopsec@protonmail.com>
 2020-09-09 19:08:23 +02:00
Casper Guldbech Nielsen e984f1466f Adding word matcher which mimics public PoC exploits 
Signed-off-by: Casper Guldbech Nielsen <whopsec@protonmail.com>
 2020-09-09 16:53:16 +02:00
Casper Guldbech Nielsen 5f452f2969 And the last file 
Signed-off-by: Casper Guldbech Nielsen <whopsec@protonmail.com>
 2020-09-09 10:38:32 +02:00
Casper Guldbech Nielsen 7cf712bd49 Inclusion of stage- 1 detection of the old hashdump vuln. 
Signed-off-by: Casper Guldbech Nielsen <whopsec@protonmail.com>
 2020-09-09 10:11:50 +02:00
PikPikcU 061c4e5c1f
Create CVE-2018-19386.yaml 2020-09-09 01:45:42 +00:00
toufik-airane 0d0cb8c225
Fixed some spaces 2020-09-07 15:07:46 +02:00
toufik-airane 7dcba733f0
Removed original code 2020-09-07 15:07:13 +02:00
toufik-airane 1ba5ba68af
Moved some spaces 2020-09-07 15:06:14 +02:00
toufik-airane dd3ce36a87
Fix CVE-2017-7529.yaml matcher 
Submit a fix to resolve the issue
https://github.com/projectdiscovery/nuclei-templates/issues/424.
 2020-09-07 15:04:58 +02:00
PikPikcU 23e88269bb
Update CVE-2018-16763.yaml 2020-09-07 00:47:19 +00:00
bauthard 28d50c311f
Merge pull request #422 from pikpikcu/patch-18 
Add CVE-2018-16763 fuelCMS 1.4.1 - Remote Code Execution
 2020-09-07 02:28:38 +05:30
bauthard f9ee82f180 Update CVE-2018-16763.yaml 2020-09-07 02:25:49 +05:30
bauthard a2fe4e9932 few updates 2020-09-07 02:22:50 +05:30
PikPikcU 33643990de
Create CVE-2018-16763.yaml 2020-09-06 17:22:32 +00:00
PikPikcU 3a624136d4
Update CVE-2019-7256.yaml 2020-09-06 12:06:45 +00:00
PikPikcU 06c45b8a8d
Create CVE-2019-7256.yaml 2020-09-06 11:55:23 +00:00
bauthard cb5d5b9f0d Update CVE-2019-1010287.yaml 2020-09-05 13:10:46 +05:30
bauthard 6d67bb8d7b
Merge pull request #416 from pikpikcu/patch-15 
Add CVE-2019-12593 IIceWarp <=10.4.4 - Local File Inclusion
 2020-09-05 12:42:58 +05:30
bauthard 3839c683f4 Update CVE-2019-12593.yaml 2020-09-05 12:41:21 +05:30
PikPikcU 02a46f245e
Update CVE-2019-12593.yaml 2020-09-05 07:00:51 +00:00
PikPikcU 4d4ff8073c
Update CVE-2019-12593.yaml 2020-09-05 07:00:15 +00:00
bauthard 651396a50b
Merge pull request #413 from geeknik/patch-4 
Create sql-dump.yaml
 2020-09-05 12:28:38 +05:30
bauthard 148bb16fa7 Update CVE-2020-11034.yaml 2020-09-05 12:27:56 +05:30
PikPikcU d0b755c0e3
Create CVE-2019-12593.yaml 2020-09-05 06:49:58 +00:00
bauthard 798dbf01a4
Merge pull request #412 from geeknik/patch-2 
Create CVE-2019-11043.yaml
 2020-09-05 12:18:04 +05:30
bauthard 4450dec23c
Merge pull request #410 from pikpikcu/patch-13 
Add CVE-2019-14696 Open-Scool 3.0 - Cross Site Scripting
 2020-09-05 12:11:01 +05:30
bauthard 4b828d3a06 Update CVE-2019-14696.yaml 2020-09-05 12:10:16 +05:30
bauthard a5da5abd03
Merge pull request #409 from dwisiswant0/tpl/magmi-multiple-vulns 
Add Magmi Multiple Vulnerabilities
 2020-09-05 12:07:14 +05:30
bauthard 6dd5f429d9 updates 2020-09-05 12:04:18 +05:30
Geeknik Labs f663a946c6
Update CVE-2019-11043.yaml 2020-09-04 22:30:54 +00:00
Geeknik Labs b773cc9f0f
Create CVE-2019-11043.yaml 
PHP-FPM & nginx RCE (CVE-2019-11043)
 2020-09-04 22:28:41 +00:00
PikPikcU 6b64e78280
Solved escape character 2020-09-04 18:02:18 +00:00
PikPikcU 301135ad74
Update URL Encoding 2020-09-04 15:51:55 +00:00
PikPikcU cc1e0a3fef
Create CVE-2019-14696.yaml 2020-09-04 15:46:07 +00:00
Dwi Siswanto 8cce587aa8 📝 Remove trailing spaces 2020-09-04 20:34:53 +07:00
Dwi Siswanto 9036d1bdc9 ✏️ Update CVEs name 2020-09-04 20:25:30 +07:00
Dwi Siswanto 196cb1691b 🔥 Add CVE-2020-5776 2020-09-04 20:19:13 +07:00
Dwi Siswanto 5ce8c21fa1 🔥 Add CVE-2020-5777 2020-09-04 20:02:17 +07:00
bauthard 9fd85c7bba
Merge pull request #407 from pikpikcu/patch-12 
Add CVE-2019-1010287 Timesheet  Cross Site Scripting
 2020-09-04 17:25:11 +05:30
bauthard 243eb9b04e
Merge pull request #405 from pikpikcu/patch-11 
Add CVE-2020-11034 - GLPI v.9.4.6 - Open redirect
 2020-09-04 17:15:34 +05:30
bauthard 6f3992305e
Merge pull request #403 from pikpikcu/patch-10 
Add CVE-2017-14537 trixbox 2.8.0 - directory-traversal
 2020-09-04 17:10:36 +05:30
bauthard 4547aeb6bb Update CVE-2017-14537.yaml 2020-09-04 17:09:45 +05:30
PikPikcU 089cf671eb
Create CVE-2019-1010287.yaml 2020-09-04 10:01:06 +00:00
PikPikcU 216def75b4
Update CVE-2020-11034.yaml 2020-09-04 07:25:27 +00:00
PikPikcU 26aeaaa5a4
GLPI v.9.4.6 - Open redirect Detection 2020-09-04 07:16:47 +00:00
un-fmunozs 07d10d6e50 Fix encoding for XSS payloads 
Prevent false positives encoding the xss payloads, and remove from the match data that was not injected.
 2020-09-04 00:55:13 -05:00
PikPikcU de779e3de1
Create CVE-2017-14537.yaml 2020-09-04 04:26:20 +00:00
bauthard 39cfec87ae Update CVE-2019-17558.yaml 2020-09-03 22:44:42 +05:30
PikPikcU 6d1789ff76
Create CVE-2019-17558.yaml 2020-09-03 16:13:34 +00:00
PikPikcU d78a56514a
Create CVE-2019-12461.yaml 2020-09-03 12:37:18 +00:00
bauthard a3f96907fe Update CVE-2017-7391.yaml 2020-09-03 09:12:43 +05:30
PikPikcU df52790318
Create CVE-2017-7391.yaml 2020-09-03 03:32:29 +00:00
bauthard 4b8fb4774f
Merge pull request #391 from dwisiswant0/cve/CVE-2020-15920 
Add CVE-2020-15920
 2020-09-02 12:40:21 +05:30
Dwi Siswanto 455a98f771 🔥 Add CVE-2020-15920 2020-09-02 01:38:31 +07:00
bauthard b08882d0fe Update CVE-2020-24223.yaml 2020-09-02 00:01:57 +05:30
PikPikcU 4fca8d598f
Update CVE-2020-24223.yaml 2020-09-01 18:23:35 +00:00
PikPikcU e82474224e
Create CVE-2020-24223.yaml 2020-09-01 18:16:14 +00:00
bauthard 5e1d63fa5f Update CVE-2019-16278.yaml 2020-09-01 23:29:32 +05:30
bauthard 8d1b5caf39 Update CVE-2019-16278.yaml 2020-09-01 23:28:20 +05:30
PikPikcU cc3affd053
Update CVE-2019-16278.yaml 2020-09-01 16:10:27 +00:00
PikPikcU 4d4343cc54
Create CVE-2019-16278.yaml 2020-09-01 15:59:30 +00:00
bauthard b1f2a9ebe8
Merge pull request #386 from dwisiswant0/cve/CVE-2020-5412 
Add CVE-2020-5412
 2020-09-01 19:03:46 +05:30
bauthard cd3c9f56c3 Update CVE-2020-5412.yaml 2020-09-01 19:02:57 +05:30
Dwi Siswanto 92720cbc20 ✏️ Update template name 2020-09-01 20:26:37 +07:00
Dwi Siswanto bfee8d6679 ♨️ Update severity 2020-09-01 20:25:49 +07:00
Dwi Siswanto c43cac170c 🔥 Add CVE-2020-5412 2020-09-01 20:24:39 +07:00
bauthard 23de5c8b44
Merge pull request #384 from ohlinge/master 
Fix bug about CVE-2018-1000129
 2020-09-01 18:42:45 +05:30
PikPikcU d7a44ae025
Update CVE-2020-7209.yaml 2020-09-01 13:08:31 +00:00
0h1in9e d1d679e04c
Merge branch 'master' into master 2020-09-01 20:49:15 +08:00
ohlinge 27fd87ce24 Fix bug about CVE-2018-1000129 2020-09-01 20:42:12 +08:00
bauthard 9bf0b6dbaf uniform format 2020-09-01 00:04:29 +05:30
bauthard 1dd5658717 Update CVE-2020-2140.yaml 2020-08-31 13:09:38 +05:30
bauthard dfc487caba Update CVE-2020-2140.yaml 2020-08-31 13:08:04 +05:30
Gabriel Geraldino 72a2b1ec29
Delete CVE-2019-7238.yaml 2020-08-30 15:08:56 -03:00
Gabriel Geraldino 5fa09b15cc
Create CVE-2019-7238.yaml 2020-08-30 15:03:30 -03:00
Gabriel Geraldino 635446eb26
Create CVE-2020-2140.yaml 2020-08-30 14:42:46 -03:00
bauthard f4f36ec0c6 Update CVE-2018-1000129.yaml 2020-08-30 18:49:02 +05:30
bauthard 4667c44bb0
Merge pull request #365 from projectdiscovery/CVE-2017-7529-fix 
drafting CVE-2017-7529
 2020-08-30 10:42:18 +05:30
Dwi Siswanto f40edfcbb8 🔨 Add 'and' condition 2020-08-30 12:04:34 +07:00
Dwi Siswanto a850c41aa1 🔨 Add server matcher 2020-08-30 11:58:14 +07:00
bauthard 3558952c03
Merge pull request #353 from flag007/patch-3 
Update CVE-2018-1000129.yaml
 2020-08-30 10:03:58 +05:30
bauthard 3ff2f585c5 Update CVE-2018-1000129.yaml 2020-08-30 10:02:59 +05:30
bauthard 4f9de168af drafting cve 2020-08-30 09:57:07 +05:30
bauthard efaecb5df5 CVE-2017-7529 to draft 2020-08-30 09:54:06 +05:30
bauthard 53f7438d58 Update CVE-2017-5638.yaml 2020-08-30 09:44:52 +05:30
bauthard 374d6c54b0 Update CVE-2017-7529.yaml 2020-08-29 10:20:04 +05:30
bauthard 747aa48d09
Merge pull request #345 from aqme/master 
Add *description* property to nuclei-templates
 2020-08-28 01:09:39 +05:30
toufik-airane 0896fc82f9
fix minor issue 
fix issue from yamllint.
 2020-08-27 18:19:24 +02:00
flag007 10bc6dbef6
Update CVE-2018-1000129.yaml 
A single svg is prone to false positives, let me update the payload
 2020-08-27 20:32:15 +08:00
flag007 2113093014
Update CVE-2018-1000129.yaml 
There are two problems with this payload, / means the path, add it cannot be detected correctly, in addition, it should not be url-encoded
 2020-08-27 20:27:47 +08:00
SaN ThosH c76c05af44
Update CVE-2018-2791.yaml 2020-08-26 13:04:18 +05:30
SaN ThosH 0856415d43
Update CVE-2018-2791.yaml 2020-08-26 13:01:07 +05:30
chajer 58d0e08739 description 2020-08-26 00:52:00 +02:00
chajer 32f77c4632 The avatar feature 2020-08-26 00:43:40 +02:00