Dwi Siswanto
d91334f612
🔥 Add CVE-2020-12116
2020-10-01 13:55:32 +07:00
akshansh
02cffb6720
cve-2019-9733.yaml
2020-10-01 12:10:15 +05:30
Dwi Siswanto
d7fa08cb67
🔥 Add CVE-2020-9047
2020-10-01 13:36:19 +07:00
Dwi Siswanto
6d9ae2b147
✏️ Update part matchers
2020-10-01 13:12:30 +07:00
Dwi Siswanto
005fde3835
✏️ Update severity
2020-10-01 13:11:28 +07:00
Dwi Siswanto
fc14cc2a6c
🔥 Add CVE-2020-2551
2020-10-01 13:10:28 +07:00
Dwi Siswanto
0710cbe9ad
🔨 Sort paths
2020-10-01 12:39:33 +07:00
Dwi Siswanto
1a6c98f2c5
🔥 Add CVE-2020-2034
2020-10-01 12:37:52 +07:00
Dwi Siswanto
a488f75bb1
🔥 Add CVE-2018-1273
2020-10-01 09:28:22 +07:00
bjhulst
fd8fce4308
1st version
2020-09-30 23:36:12 +03:00
bauthard
5488ef6104
adding another matcher
2020-09-30 20:14:12 +05:30
x1m
f273d2e6c5
Added CVE-2020-24312
2020-09-30 16:30:06 +02:00
bauthard
0153333b9b
template update
2020-09-29 22:56:43 +05:30
bauthard
fadb29e379
Merge pull request #503 from joeldeleep/master
...
cve-2020-0618
2020-09-29 01:03:47 +05:30
bauthard
9c592e45fd
Update cve-2020-0618.yaml
2020-09-29 01:02:19 +05:30
joeldeleep
25a04ef0cf
Update cve-2020-0618.yaml
2020-09-28 07:31:06 +05:30
joeldeleep
13a3ee21f2
Delete CVE-2020-13379.yaml
2020-09-28 07:27:02 +05:30
joeldeleep
2f7c40d80d
Create cve-2020-0618.yaml
...
The template only scans for the respective vulnerable url , it has to be manually verified .
2020-09-28 07:22:37 +05:30
bauthard
0aee5a9715
remvoing cve-2017-7529
...
This can be precisely checked only when Nginx version is known, otherwise it will produce false positives results, as such removing this template for the time being.
2020-09-27 15:41:50 +05:30
bauthard
a2d60bbd1e
Removing cve-2020-13379
2020-09-27 13:59:33 +05:30
joeldeleep
e53c03ab60
Update CVE-2020-13379.yaml
2020-09-27 12:49:42 +05:30
joeldeleep
aa50c7370d
Update CVE-2020-13379.yaml
2020-09-27 12:44:17 +05:30
joeldeleep
f83e33f78f
Update CVE-2020-13379.yaml
2020-09-27 12:37:03 +05:30
joeldeleep
3da6c533f0
Update CVE-2020-13379.yaml
...
The old matching using status code 502 returned false positive when the endpoint is already having a bad gateway. Going through the report here
https://hackerone.com/reports/878779 and video https://www.youtube.com/watch?v=NWHOmYbLrZ0 , the path has been rewritten and matched with respective image/jpeg as explained in the poc
2020-09-27 11:58:57 +05:30
Dwi Siswanto
624bb0316a
🔥 Add CVE-2017-11444
2020-09-26 08:05:00 +07:00
bp0lr
0922fb623e
added CVE-2019-15107
2020-09-25 09:30:58 -03:00
bp0lr
ecddef3d6c
added cve-2019-15107
2020-09-25 09:23:29 -03:00
bp0lr
bee3e3839e
added cve-2019-15107
2020-09-25 09:20:52 -03:00
root
114f83abc4
add CVE-2017-7615
2020-09-24 15:34:36 -03:00
bauthard
c89904cc14
Update CVE-2020-14179.yaml
2020-09-24 23:32:55 +05:30
bauthard
23e5970714
Merge pull request #486 from dwisiswant0/add/CVE-2018-17431
...
Add CVE-2018-17431
2020-09-22 21:36:51 +05:30
bauthard
ecc56a5140
matchers updates
2020-09-22 21:33:17 +05:30
x1m
76971fcea7
Added CVE-2020-14179
2020-09-22 17:44:12 +02:00
Dwi Siswanto
3740c58965
🔥 Add CVE-2018-17431
2020-09-22 21:41:13 +07:00
bauthard
faf6b488a5
matcher update
2020-09-18 20:28:38 +05:30
bauthard
cd8699a104
Update CVE-2019-6715.yaml
2020-09-17 22:09:30 +05:30
Robbie
5657004705
Update CVE-2019-6715.yaml
2020-09-17 16:51:35 +01:00
Robbie
296e18768b
Create CVE-2019-6715.yaml
2020-09-17 15:59:14 +01:00
Adam Jordan
5dc45f1fb1
Fix typo in cve-2019-14696.yaml and cve-2020-24223
2020-09-17 17:58:51 +08:00
bauthard
048ab54a98
Update CVE-2020-25540.yaml
2020-09-16 23:54:38 +05:30
Geeknik Labs
9ff599c333
Update CVE-2020-25540.yaml
2020-09-16 18:20:43 +00:00
Geeknik Labs
74a88ab411
Create CVE-2020-25540.yaml
...
This is for testing against a Linux host as per https://www.exploit-db.com/exploits/48812 . If someone else wants to update this to add the check for Windows, that would be swell.
2020-09-16 18:17:57 +00:00
bauthard
beed4568eb
Merge pull request #473 from CasperGN/fix-cve-2020-15920
...
Correcting endpoint to contain /PDC/ajaxreq.php?
2020-09-16 23:03:45 +05:30
Casper Guldbech Nielsen
63c0a78fc8
Correcting endpoint to contain /PDC/ajaxreq.php?
...
Signed-off-by: Casper Guldbech Nielsen <whopsec@protonmail.com>
2020-09-16 19:02:49 +02:00
Ice3man543
ffef121561
Normalized id fields to match schema regex
2020-09-16 00:55:55 +05:30
bauthard
e8ef3b5759
Merge pull request #461 from dwisiswant0/add/CVE-2020-15129
...
Add CVE-2020-15129
2020-09-15 19:45:59 +05:30
Dwi Siswanto
fa570b5560
✏️ Add reference
2020-09-15 00:40:03 +07:00
Dwi Siswanto
19f9e5842a
🔨 Update status matcher
2020-09-15 00:39:24 +07:00
Dwi Siswanto
e0f4437cdd
🔥 Add CVE-2020-15129
2020-09-15 00:31:40 +07:00
Dwi Siswanto
f7d2851490
✏️ Add descriptions
2020-09-14 14:26:39 +07:00
Dwi Siswanto
66f1789690
⬇️ Delete payloads
2020-09-14 14:26:11 +07:00
Dwi Siswanto
4c29679877
✏️ Update name
2020-09-14 14:25:01 +07:00
Dwi Siswanto
5fb87d81a2
🔥 Add CVE-2020-15505
2020-09-14 14:23:20 +07:00
PikPikcU
118df25b44
Create CVE-2019-16662.yaml
2020-09-11 13:25:48 +00:00
bauthard
a1d9be6097
Update CVE-2018-16763.yaml
2020-09-11 16:20:03 +05:30
PikPikcU
73572d26de
Update CVE-2020-16139.yaml
2020-09-10 12:45:32 +00:00
PikPikcU
459bdf6922
Cisco 7937G Denial-of-Service Reboot Attack 🔥
2020-09-10 07:32:07 +00:00
Dwi Siswanto
1110db2ad4
🔨 Add matchers condition
2020-09-10 01:44:26 +07:00
bauthard
90de2070c4
Merge pull request #434 from CasperGN/master
...
More templates to Lotus Domino + workflow to bind them together
2020-09-09 22:40:33 +05:30
Casper Guldbech Nielsen
ad3bab450d
Based on metasploit regex
...
Signed-off-by: Casper Guldbech Nielsen <whopsec@protonmail.com>
2020-09-09 19:08:23 +02:00
Casper Guldbech Nielsen
e984f1466f
Adding word matcher which mimics public PoC exploits
...
Signed-off-by: Casper Guldbech Nielsen <whopsec@protonmail.com>
2020-09-09 16:53:16 +02:00
Casper Guldbech Nielsen
5f452f2969
And the last file
...
Signed-off-by: Casper Guldbech Nielsen <whopsec@protonmail.com>
2020-09-09 10:38:32 +02:00
Casper Guldbech Nielsen
7cf712bd49
Inclusion of stage- 1 detection of the old hashdump vuln.
...
Signed-off-by: Casper Guldbech Nielsen <whopsec@protonmail.com>
2020-09-09 10:11:50 +02:00
PikPikcU
061c4e5c1f
Create CVE-2018-19386.yaml
2020-09-09 01:45:42 +00:00
toufik-airane
0d0cb8c225
Fixed some spaces
2020-09-07 15:07:46 +02:00
toufik-airane
7dcba733f0
Removed original code
2020-09-07 15:07:13 +02:00
toufik-airane
1ba5ba68af
Moved some spaces
2020-09-07 15:06:14 +02:00
toufik-airane
dd3ce36a87
Fix CVE-2017-7529.yaml matcher
...
Submit a fix to resolve the issue
https://github.com/projectdiscovery/nuclei-templates/issues/424 .
2020-09-07 15:04:58 +02:00
PikPikcU
23e88269bb
Update CVE-2018-16763.yaml
2020-09-07 00:47:19 +00:00
bauthard
28d50c311f
Merge pull request #422 from pikpikcu/patch-18
...
Add CVE-2018-16763 fuelCMS 1.4.1 - Remote Code Execution
2020-09-07 02:28:38 +05:30
bauthard
f9ee82f180
Update CVE-2018-16763.yaml
2020-09-07 02:25:49 +05:30
bauthard
a2fe4e9932
few updates
2020-09-07 02:22:50 +05:30
PikPikcU
33643990de
Create CVE-2018-16763.yaml
2020-09-06 17:22:32 +00:00
PikPikcU
3a624136d4
Update CVE-2019-7256.yaml
2020-09-06 12:06:45 +00:00
PikPikcU
06c45b8a8d
Create CVE-2019-7256.yaml
2020-09-06 11:55:23 +00:00
bauthard
cb5d5b9f0d
Update CVE-2019-1010287.yaml
2020-09-05 13:10:46 +05:30
bauthard
6d67bb8d7b
Merge pull request #416 from pikpikcu/patch-15
...
Add CVE-2019-12593 IIceWarp <=10.4.4 - Local File Inclusion
2020-09-05 12:42:58 +05:30
bauthard
3839c683f4
Update CVE-2019-12593.yaml
2020-09-05 12:41:21 +05:30
PikPikcU
02a46f245e
Update CVE-2019-12593.yaml
2020-09-05 07:00:51 +00:00
PikPikcU
4d4ff8073c
Update CVE-2019-12593.yaml
2020-09-05 07:00:15 +00:00
bauthard
651396a50b
Merge pull request #413 from geeknik/patch-4
...
Create sql-dump.yaml
2020-09-05 12:28:38 +05:30
bauthard
148bb16fa7
Update CVE-2020-11034.yaml
2020-09-05 12:27:56 +05:30
PikPikcU
d0b755c0e3
Create CVE-2019-12593.yaml
2020-09-05 06:49:58 +00:00
bauthard
798dbf01a4
Merge pull request #412 from geeknik/patch-2
...
Create CVE-2019-11043.yaml
2020-09-05 12:18:04 +05:30
bauthard
4450dec23c
Merge pull request #410 from pikpikcu/patch-13
...
Add CVE-2019-14696 Open-Scool 3.0 - Cross Site Scripting
2020-09-05 12:11:01 +05:30
bauthard
4b828d3a06
Update CVE-2019-14696.yaml
2020-09-05 12:10:16 +05:30
bauthard
a5da5abd03
Merge pull request #409 from dwisiswant0/tpl/magmi-multiple-vulns
...
Add Magmi Multiple Vulnerabilities
2020-09-05 12:07:14 +05:30
bauthard
6dd5f429d9
updates
2020-09-05 12:04:18 +05:30
Geeknik Labs
f663a946c6
Update CVE-2019-11043.yaml
2020-09-04 22:30:54 +00:00
Geeknik Labs
b773cc9f0f
Create CVE-2019-11043.yaml
...
PHP-FPM & nginx RCE (CVE-2019-11043)
2020-09-04 22:28:41 +00:00
PikPikcU
6b64e78280
Solved escape character
2020-09-04 18:02:18 +00:00
PikPikcU
301135ad74
Update URL Encoding
2020-09-04 15:51:55 +00:00
PikPikcU
cc1e0a3fef
Create CVE-2019-14696.yaml
2020-09-04 15:46:07 +00:00
Dwi Siswanto
8cce587aa8
📝 Remove trailing spaces
2020-09-04 20:34:53 +07:00
Dwi Siswanto
9036d1bdc9
✏️ Update CVEs name
2020-09-04 20:25:30 +07:00
Dwi Siswanto
196cb1691b
🔥 Add CVE-2020-5776
2020-09-04 20:19:13 +07:00
Dwi Siswanto
5ce8c21fa1
🔥 Add CVE-2020-5777
2020-09-04 20:02:17 +07:00
bauthard
9fd85c7bba
Merge pull request #407 from pikpikcu/patch-12
...
Add CVE-2019-1010287 Timesheet Cross Site Scripting
2020-09-04 17:25:11 +05:30
bauthard
243eb9b04e
Merge pull request #405 from pikpikcu/patch-11
...
Add CVE-2020-11034 - GLPI v.9.4.6 - Open redirect
2020-09-04 17:15:34 +05:30
bauthard
6f3992305e
Merge pull request #403 from pikpikcu/patch-10
...
Add CVE-2017-14537 trixbox 2.8.0 - directory-traversal
2020-09-04 17:10:36 +05:30
bauthard
4547aeb6bb
Update CVE-2017-14537.yaml
2020-09-04 17:09:45 +05:30
PikPikcU
089cf671eb
Create CVE-2019-1010287.yaml
2020-09-04 10:01:06 +00:00
PikPikcU
216def75b4
Update CVE-2020-11034.yaml
2020-09-04 07:25:27 +00:00
PikPikcU
26aeaaa5a4
GLPI v.9.4.6 - Open redirect Detection
2020-09-04 07:16:47 +00:00
un-fmunozs
07d10d6e50
Fix encoding for XSS payloads
...
Prevent false positives encoding the xss payloads, and remove from the match data that was not injected.
2020-09-04 00:55:13 -05:00
PikPikcU
de779e3de1
Create CVE-2017-14537.yaml
2020-09-04 04:26:20 +00:00
bauthard
39cfec87ae
Update CVE-2019-17558.yaml
2020-09-03 22:44:42 +05:30
PikPikcU
6d1789ff76
Create CVE-2019-17558.yaml
2020-09-03 16:13:34 +00:00
PikPikcU
d78a56514a
Create CVE-2019-12461.yaml
2020-09-03 12:37:18 +00:00
bauthard
a3f96907fe
Update CVE-2017-7391.yaml
2020-09-03 09:12:43 +05:30
PikPikcU
df52790318
Create CVE-2017-7391.yaml
2020-09-03 03:32:29 +00:00
bauthard
4b8fb4774f
Merge pull request #391 from dwisiswant0/cve/CVE-2020-15920
...
Add CVE-2020-15920
2020-09-02 12:40:21 +05:30
Dwi Siswanto
455a98f771
🔥 Add CVE-2020-15920
2020-09-02 01:38:31 +07:00
bauthard
b08882d0fe
Update CVE-2020-24223.yaml
2020-09-02 00:01:57 +05:30
PikPikcU
4fca8d598f
Update CVE-2020-24223.yaml
2020-09-01 18:23:35 +00:00
PikPikcU
e82474224e
Create CVE-2020-24223.yaml
2020-09-01 18:16:14 +00:00
bauthard
5e1d63fa5f
Update CVE-2019-16278.yaml
2020-09-01 23:29:32 +05:30
bauthard
8d1b5caf39
Update CVE-2019-16278.yaml
2020-09-01 23:28:20 +05:30
PikPikcU
cc3affd053
Update CVE-2019-16278.yaml
2020-09-01 16:10:27 +00:00
PikPikcU
4d4343cc54
Create CVE-2019-16278.yaml
2020-09-01 15:59:30 +00:00
bauthard
b1f2a9ebe8
Merge pull request #386 from dwisiswant0/cve/CVE-2020-5412
...
Add CVE-2020-5412
2020-09-01 19:03:46 +05:30
bauthard
cd3c9f56c3
Update CVE-2020-5412.yaml
2020-09-01 19:02:57 +05:30
Dwi Siswanto
92720cbc20
✏️ Update template name
2020-09-01 20:26:37 +07:00
Dwi Siswanto
bfee8d6679
♨️ Update severity
2020-09-01 20:25:49 +07:00
Dwi Siswanto
c43cac170c
🔥 Add CVE-2020-5412
2020-09-01 20:24:39 +07:00
bauthard
23de5c8b44
Merge pull request #384 from ohlinge/master
...
Fix bug about CVE-2018-1000129
2020-09-01 18:42:45 +05:30
PikPikcU
d7a44ae025
Update CVE-2020-7209.yaml
2020-09-01 13:08:31 +00:00
0h1in9e
d1d679e04c
Merge branch 'master' into master
2020-09-01 20:49:15 +08:00
ohlinge
27fd87ce24
Fix bug about CVE-2018-1000129
2020-09-01 20:42:12 +08:00
bauthard
9bf0b6dbaf
uniform format
2020-09-01 00:04:29 +05:30
bauthard
1dd5658717
Update CVE-2020-2140.yaml
2020-08-31 13:09:38 +05:30
bauthard
dfc487caba
Update CVE-2020-2140.yaml
2020-08-31 13:08:04 +05:30
Gabriel Geraldino
72a2b1ec29
Delete CVE-2019-7238.yaml
2020-08-30 15:08:56 -03:00
Gabriel Geraldino
5fa09b15cc
Create CVE-2019-7238.yaml
2020-08-30 15:03:30 -03:00
Gabriel Geraldino
635446eb26
Create CVE-2020-2140.yaml
2020-08-30 14:42:46 -03:00
bauthard
f4f36ec0c6
Update CVE-2018-1000129.yaml
2020-08-30 18:49:02 +05:30
bauthard
4667c44bb0
Merge pull request #365 from projectdiscovery/CVE-2017-7529-fix
...
drafting CVE-2017-7529
2020-08-30 10:42:18 +05:30
Dwi Siswanto
f40edfcbb8
🔨 Add 'and' condition
2020-08-30 12:04:34 +07:00
Dwi Siswanto
a850c41aa1
🔨 Add server matcher
2020-08-30 11:58:14 +07:00
bauthard
3558952c03
Merge pull request #353 from flag007/patch-3
...
Update CVE-2018-1000129.yaml
2020-08-30 10:03:58 +05:30
bauthard
3ff2f585c5
Update CVE-2018-1000129.yaml
2020-08-30 10:02:59 +05:30
bauthard
4f9de168af
drafting cve
2020-08-30 09:57:07 +05:30
bauthard
efaecb5df5
CVE-2017-7529 to draft
2020-08-30 09:54:06 +05:30
bauthard
53f7438d58
Update CVE-2017-5638.yaml
2020-08-30 09:44:52 +05:30
bauthard
374d6c54b0
Update CVE-2017-7529.yaml
2020-08-29 10:20:04 +05:30
bauthard
747aa48d09
Merge pull request #345 from aqme/master
...
Add *description* property to nuclei-templates
2020-08-28 01:09:39 +05:30
toufik-airane
0896fc82f9
fix minor issue
...
fix issue from yamllint.
2020-08-27 18:19:24 +02:00
flag007
10bc6dbef6
Update CVE-2018-1000129.yaml
...
A single svg is prone to false positives, let me update the payload
2020-08-27 20:32:15 +08:00
flag007
2113093014
Update CVE-2018-1000129.yaml
...
There are two problems with this payload, / means the path, add it cannot be detected correctly, in addition, it should not be url-encoded
2020-08-27 20:27:47 +08:00
SaN ThosH
c76c05af44
Update CVE-2018-2791.yaml
2020-08-26 13:04:18 +05:30