Commit Graph

798 Commits (84336cabfe94dff1230546e80e814c576b301be8)

Author SHA1 Message Date
Prince Chaddha 6b007f48e7
Update and rename hd-netowrk-realtime-monitor-system-LFI.yaml to hdnetwork-realtime-lfi.yaml 2021-12-14 00:47:37 +05:30
Evan Rubinstein f52b1f0d55
Added New Vuln 2021-12-13 05:01:48 -05:00
Prince Chaddha 0e94557017
Merge pull request #3248 from pikpikcu/patch-307
added thruk-xss
2021-12-09 22:01:56 +05:30
Prince Chaddha f476c5ff5b
Update thruk-xss.yaml 2021-12-09 21:58:15 +05:30
Prince Chaddha d35a55f7b4
Update and rename watchguard-fireware-ad-helper-component-credentials-disclosure.yaml to watchguard-credentials-disclosure.yaml 2021-12-09 21:05:13 +05:30
GwanYeong Kim bde4e1815a Create watchguard-fireware-ad-helper-component-credentials-disclosure.yaml
a credential-disclosure vulnerability in the AD Helper component of the WatchGuard Fireware Threat Detection and Response (TDR) service, which allows unauthenticated attackers to gain Active Directory credentials for a Windows domain in plaintext.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-12-09 16:02:48 +09:00
sandeep 9da0d768a1 fix: syntax + lint 2021-12-03 10:37:42 +05:30
PikPikcU 83f6b2a153
Update thruk-xss.yaml 2021-12-02 19:07:50 +07:00
PikPikcU 435eeca764
Create thruk-xss.yaml 2021-12-02 19:02:40 +07:00
Noam Rathaus 725782050a Add description 2021-11-23 12:09:00 +02:00
Prince Chaddha 1e31e0f76d
Update and rename eibiz-server-3-8-0-lfi.yaml to vulnerabilities/other/eibiz-lfi.yaml 2021-11-18 21:52:30 +05:30
Prince Chaddha 4eb84d7802
Merge pull request #3131 from Akokonunes/patch-70
Create hrsale-unauthenticated-lfi.yaml
2021-11-13 23:46:11 +05:30
Prince Chaddha 9a227941a1
Rename hrsale-unauthenticated-lfi.yaml to vulnerabilities/other/hrsale-unauthenticated-lfi.yaml 2021-11-13 23:37:32 +05:30
sandeep b2aa8f9f5b misc updates 2021-11-13 23:01:53 +05:30
sandeep 35bfff6f61 Added skip-variables-check for SSTI template 2021-11-09 22:16:37 +05:30
sandeep cb74944f43 misc updates 2021-11-08 15:45:54 +05:30
Prince Chaddha c51bbf8715
Merge pull request #3099 from ImNightmaree/master
Create ecshop-sql.yaml
2021-11-08 13:44:54 +05:30
Prince Chaddha 5a6c30c7cf
Update ecshop-sqli.yaml 2021-11-08 13:42:44 +05:30
Prince Chaddha 85741bbcf9
Update and rename ecshop-sql.yaml to ecshop-sqli.yaml 2021-11-08 13:42:13 +05:30
Prince Chaddha 06bb1f444c
Update seowon-router-rce.yaml 2021-11-08 12:49:37 +05:30
Prince Chaddha 7973948360
Update seowon-router-rce.yaml 2021-11-08 12:43:14 +05:30
GwanYeong Kim 6183e248d8 Create seowon-router-rce.yaml
Execute commands without authentication as admin user, To use it in all versions, we only enter the router ip & Port(if available) in the request The result of the request is visible on the browser page

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-11-07 14:50:39 +09:00
ImNightmaree 797d9066a1
More linting 2021-11-07 02:49:07 +00:00
ImNightmaree b77df460dd
Linting 2021-11-07 02:39:21 +00:00
ImNightmaree bbecf3965a
Update ecshop-sql.yaml 2021-11-07 02:36:28 +00:00
ImNightmaree 38135df2a6
Update ecshop-sql.yaml 2021-11-07 02:30:38 +00:00
ImNightmaree f37527101c
Create ecshop-sql.yaml 2021-11-07 02:03:09 +00:00
Prince Chaddha a57cb5081a
Update vanguard-post-xss.yaml 2021-11-05 21:36:53 +05:30
sandeep eef5252cc5 file name update 2021-11-05 06:01:59 +05:30
sandeep 8c3f98c767 fixed invalid template syntax 2021-10-30 16:47:35 +05:30
Noam Rathaus 9848f92894 Add description 2021-10-27 14:06:15 +03:00
Noam Rathaus 14ae8e3f59 Add description 2021-10-27 14:05:11 +03:00
Noam Rathaus 3a02b7c325 Add description 2021-10-27 14:04:00 +03:00
Noam Rathaus f1cf6fd9a7 Add description 2021-10-27 14:03:22 +03:00
Noam Rathaus d5d2ed0a0e Add description 2021-10-27 13:52:34 +03:00
Noam Rathaus c9efc02223 Add description 2021-10-26 15:29:20 +03:00
Noam Rathaus 093a495b5f Add description 2021-10-26 15:28:43 +03:00
Noam Rathaus 25f7c812c2 Add description 2021-10-26 15:27:57 +03:00
Noam Rathaus 5d98d22416 Add description 2021-10-26 15:27:16 +03:00
Noam Rathaus 8adbf37ab4 Add description 2021-10-26 15:26:10 +03:00
Noam Rathaus 57bae34cb9 Add description 2021-10-26 15:25:34 +03:00
Noam Rathaus 4c0e8bae7e Add description 2021-10-26 15:24:26 +03:00
Noam Rathaus dcf402cfa4 Add description 2021-10-26 15:23:43 +03:00
Noam Rathaus 7d0c8669a3 Add description 2021-10-26 15:22:21 +03:00
Noam Rathaus 9c96179595 Fix description 2021-10-26 12:45:16 +03:00
Noam Rathaus 081a2546fe Add description 2021-10-25 12:59:08 +03:00
Noam Rathaus e4018d4a0c Add description 2021-10-25 12:58:22 +03:00
Noam Rathaus f9fb282770 Add description 2021-10-25 12:57:40 +03:00
Noam Rathaus 319c8a830e Add description 2021-10-25 12:56:03 +03:00
Noam Rathaus 3029da4ceb Add description 2021-10-25 12:55:23 +03:00
Noam Rathaus 9f8270bb7a Add description 2021-10-25 12:54:49 +03:00
Noam Rathaus e9bd13da3e Product name is 'OA' 2021-10-25 10:07:28 +03:00
Noam Rathaus a3d1ca6b81 Description 2021-10-25 10:06:44 +03:00
Noam Rathaus 130e5b1ff5 add description 2021-10-25 10:01:03 +03:00
Noam Rathaus d03fce098e Add description 2021-10-25 09:58:59 +03:00
Noam Rathaus 5636579be1 Non-broken link 2021-10-25 09:57:47 +03:00
Noam Rathaus ee82e5c591 Add description 2021-10-25 09:56:44 +03:00
Noam Rathaus 8ad49535b0 Add description 2021-10-24 12:38:06 +03:00
sandeep c66ad46464 more metadata update 2021-10-22 23:24:21 +05:30
sandeep 2d5beca867 metadata update 2021-10-22 23:23:25 +05:30
Noam Rathaus 07472bb021 Add description 2021-10-21 14:21:38 +03:00
Noam Rathaus ae55315ec6 Improve description 2021-10-21 14:15:52 +03:00
Noam Rathaus 7e4cd54f9e Add description 2021-10-21 14:13:53 +03:00
Noam Rathaus 379513c015 Make description more clear 2021-10-21 08:55:02 +03:00
Noam Rathaus 691dab8a52 Add description 2021-10-21 08:51:56 +03:00
Noam Rathaus fde188d253 Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates 2021-10-21 08:32:04 +03:00
Sandeep Singh a21cec6362
Merge pull request #2844 from projectdiscovery/more-fixes
Changes to adopt v2.5.3 engine
2021-10-21 07:21:20 +05:30
Noam Rathaus cfa3a798f3 Add description 2021-10-19 13:17:58 +03:00
Noam Rathaus e45550f4ed Add description 2021-10-19 13:10:34 +03:00
Noam Rathaus d1684e7d67 Add description 2021-10-19 13:10:29 +03:00
Noam Rathaus 5c910ab3b4 Add description 2021-10-19 13:03:41 +03:00
Noam Rathaus 6d5e933128 Add description 2021-10-19 12:56:40 +03:00
sandeep 33badb66d1 oob tags update 2021-10-19 02:10:26 +05:30
sandeep a614391d3f Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates into more-fixes 2021-10-18 03:14:44 +05:30
Noam Rathaus 087bbd2263 Add description 2021-10-17 15:54:19 +03:00
Noam Rathaus 0fd1574fe2 Add description 2021-10-17 15:52:26 +03:00
Noam Rathaus c1b42bcc55 Add description 2021-10-17 15:50:52 +03:00
Prince Chaddha 5385191a9d
Update microstrategy-ssrf.yaml 2021-10-17 07:46:32 +05:30
Philippe Delteil 274f3f941a
Update microstrategy-ssrf.yaml 2021-10-16 17:19:30 -03:00
sandeep 42cc6d9507 Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates into more-fixes 2021-10-14 23:51:16 +05:30
sandeep aad97c084c misc update 2021-10-14 20:08:44 +05:30
sandeep f9f4e3327e moving files around 2021-10-14 20:05:25 +05:30
sandeep adfbed9d51 lint fix 2021-10-14 19:50:43 +05:30
sandeep 558272470e Merge branch 'master' of https://github.com/nrathaus/nuclei-templates into pr/2893 2021-10-14 19:32:03 +05:30
sandeep a313e27f6e misc update 2021-10-14 19:31:57 +05:30
Noam Rathaus 4532646b44 Description 2021-10-14 16:35:40 +03:00
Noam Rathaus d803f91971 Add description 2021-10-14 16:34:15 +03:00
Noam Rathaus dbb28d586a Add description 2021-10-14 16:32:34 +03:00
Noam Rathaus 5a00c6841d Working link 2021-10-14 16:32:15 +03:00
Noam Rathaus 75f96128d5 Better description 2021-10-14 16:31:27 +03:00
Noam Rathaus 16dd5c6e8e More reference 2021-10-14 16:30:44 +03:00
Noam Rathaus 09de143099 Add CVE 2021-10-14 16:30:14 +03:00
Noam Rathaus 6eaff09b16 Add description 2021-10-14 16:29:51 +03:00
Noam Rathaus a6800e0e1a Add description 2021-10-14 16:28:41 +03:00
Noam Rathaus 5618e8eaa9 Better description 2021-10-14 16:27:26 +03:00
Noam Rathaus e3071a4f26 Added description 2021-10-14 16:10:54 +03:00
Noam Rathaus eef7ba6cd4 Spelling 2021-10-14 16:07:39 +03:00
Noam Rathaus 083ca2805a Add description 2021-10-14 16:07:18 +03:00
Noam Rathaus 2946782493 Fix name 2021-10-14 16:06:20 +03:00
Noam Rathaus 3322a4becc Previous reference is no longer available 2021-10-14 16:05:47 +03:00
Noam Rathaus 67a6e574a0 Add description 2021-10-14 16:04:37 +03:00
Noam Rathaus 4b603769c5 Add vendor CERT advisory/cve 2021-10-14 15:59:38 +03:00
Noam Rathaus 39ebcc13a3 Add description 2021-10-14 15:55:59 +03:00
Noam Rathaus 18e6257e33 description 2021-10-14 15:54:28 +03:00
Noam Rathaus 2e9613d75b Improve description 2021-10-13 12:01:33 +03:00
Noam Rathaus d5038b7520 Add description 2021-10-13 12:00:55 +03:00
Noam Rathaus ab008edc5b Add description 2021-10-13 12:00:39 +03:00
Noam Rathaus b86a987030 Dead link 2021-10-13 12:00:36 +03:00
Noam Rathaus a3608c32f4 Add description 2021-10-13 11:56:10 +03:00
Sandeep Singh 9273a765c0
Merge branch 'master' into more-fixes 2021-10-13 13:48:52 +05:30
sandeep 6205415bbd Update keycloak-xss.yaml
Updating severity as this XSS is not exploitable directly.
2021-10-09 08:46:17 +05:30
Sandeep Singh 95305667c0
Merge pull request #2852 from pdelteil/patch-65
Update qcubed-xss.yaml
2021-10-08 19:14:41 +05:30
sandeep 6a00b9245c Update qcubed-xss.yaml 2021-10-08 19:14:26 +05:30
sandeep de0a0ff3c1 misc update 2021-10-08 19:10:03 +05:30
Philippe Delteil 60a3b6f4a4
Update qcubed-xss.yaml 2021-10-08 03:46:49 -03:00
Philippe Delteil 888c703a3c
Update pmb-directory-traversal.yaml 2021-10-08 03:33:40 -03:00
sandeep 53fc9bcb3f misc fixes 2021-10-07 05:23:20 +05:30
sandeep 8dfa5ce9b4 Added Lucee Unauthenticated Reflected XSS 2021-10-06 16:38:23 +05:30
Sandeep Singh 47853b869b
Update metinfo-lfi.yaml 2021-10-02 17:57:59 +05:30
Sandeep Singh f43b256e6e
Update metinfo-lfi.yaml 2021-10-02 17:57:33 +05:30
Philippe Delteil 8fc91de606
Update metinfo-lfi.yaml 2021-10-02 03:42:22 -03:00
Prince Chaddha 58fd372498
Update and rename qihang-media-web-lfi.yaml to qihang-media-lfi.yaml 2021-10-01 16:28:20 +05:30
Prince Chaddha ea71661d79
Update and rename qihang-media-web-credentials-disclosure.yaml to qihang-media-disclosure.yaml 2021-10-01 16:26:25 +05:30
GwanYeong Kim f750bf5ba5 Create qihang-media-web-credentials-disclosure.yaml
The application suffers from clear-text credentials disclosure vulnerability that allows an unauthenticated attacker to issue a request to an unprotected directory that hosts an XML file /xml/User/User.xml and obtain administrative login information that allows for a successful authentication bypass attack.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-10-01 15:42:48 +09:00
GwanYeong Kim 90138f44d1 Create qihang-media-web-lfi.yaml
The application suffers from an unauthenticated file disclosure vulnerability when input passed thru the filename parameter when using the download action or thru path parameter when using the getAll action is not properly verified before being used. This can be exploited to disclose contents of files and directories from local resources.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-10-01 15:35:12 +09:00
Sullo c9a374bed5 renamed: simple-employee-rce.yaml -> ../../cves/2019/CVE-2019-20183.yaml 2021-09-30 13:06:46 -04:00
Sullo 28def083f6 Merge branch 'master' of https://github.com/sullo/nuclei-templates
Fix typo for cvss
2021-09-30 13:03:09 -04:00
Sullo 3878138bfe * Added Host headers where needed (validated via disclosures/posts)
* Added CVE simple-employee-rce.yaml
2021-09-30 12:52:05 -04:00
Prince Chaddha f839f628b6
Update and rename fatpipe-networks-warp-backdoor.yaml to fatpipe-backdoor.yaml 2021-09-30 17:18:45 +05:30
Prince Chaddha b65719103f
Update and rename fatpipe-networks-warp-auth-bypass.yaml to fatpipe-auth-bypass.yaml 2021-09-30 17:18:21 +05:30
Prince Chaddha 9e25b4871e
Update fatpipe-networks-warp-backdoor.yaml 2021-09-30 16:13:19 +05:30
GwanYeong Kim 606d2b5ea4 Create fatpipe-networks-warp-backdoor.yaml
The application has a hidden administrative account cmuser that has no password and has write access permissions to the device. The user cmuser is not visible in Users menu list of the application.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-09-30 13:38:01 +09:00
GwanYeong Kim 263cadaacf Create fatpipe-networks-warp-auth-bypass.yaml
Improper access control occurs when the application provides direct access to objects based on user-supplied input. As a result of this vulnerability attackers can bypass authorization and access resources behind protected pages.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-09-30 11:07:24 +09:00
Prince Chaddha 8d7e5b2d24
Merge pull request #2748 from gy741/rule-add-v60
Create commax-cctv-rtsp-credentials-disclosure.yaml
2021-09-25 11:49:18 +05:30
Prince Chaddha 2808f46429
Update and rename commax-cctv-rtsp-credentials-disclosure.yaml to commax-credentials-disclosure.yaml 2021-09-25 11:32:31 +05:30
Prince Chaddha 2e7e35eb70
Update and rename ecoa-building-directory-traversal.yaml to ecoa-building-lfi.yaml 2021-09-25 11:22:48 +05:30
GwanYeong Kim fac7f96b34 Create ecoa-building-directory-traversal.yaml
The BAS controller suffers from a directory traversal content disclosure vulnerability. Using the GET parameter cpath in File Manager (fmangersub), attackers can disclose directory content on the affected device

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-09-25 08:58:58 +09:00
GwanYeong Kim 59e0eb7ad3 Create commax-cctv-rtsp-credentials-disclosure.yaml
The COMMAX CCTV Bridge for the DVR service allows an unauthenticated attacker
to disclose RTSP credentials in plain-text.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-09-25 08:43:18 +09:00
sandeep 18142906f0 moving files around 2021-09-22 18:09:43 +05:30
PikPikcU 991963fe4a
Update Severity 2021-09-20 12:11:56 +07:00
Muhammad Daffa 50dfd3dc3d
Update Severity 2021-09-18 21:07:47 +07:00
Sandeep Singh 0f03f5ff55
Merge pull request #2692 from projectdiscovery/metadata-attribute-update 2021-09-18 18:19:07 +05:30
sandeep 8c28120218 Update luftguitar-arbitrary-file-upload.yaml 2021-09-18 14:32:13 +05:30
sandeep fb1aee75ce Update luftguitar-arbitrary-file-upload.yaml 2021-09-18 14:28:03 +05:30
Prince Chaddha 63cc624c4a
Update luftguitar-arbitrary-file-upload.yaml 2021-09-18 12:14:32 +05:30
PikPikcU 2a1341274a
Create luftguitar-arbitrary-file-upload.yaml 2021-09-17 21:04:21 +07:00
Prince Chaddha df59ad5670
Update and rename ecoa-building-automation-lfd.yaml to vulnerabilities/other/ecoa-building-automation-lfd.yaml 2021-09-17 16:39:09 +05:30
sandeep 676b51d20c Metadata attribute update 2021-09-16 21:24:33 +05:30
Prince Chaddha 18879698fa
Update bullwark-momentum-lfi.yaml 2021-09-13 15:55:14 +05:30
Prince Chaddha e18cc14218
Update bullwark-momentum-lfi.yaml 2021-09-13 15:34:18 +05:30
sandeep 546bd6a038 matcher update 2021-09-13 15:28:35 +05:30
sandeep 207c140c50 moving files around 2021-09-11 21:06:36 +05:30
Sandeep Singh cf4ef2ac5a
Merge pull request #2622 from projectdiscovery/missing-tags 2021-09-10 12:32:47 +05:30
sandeep bd24dc198e Coverage for all templates using tags 2021-09-09 19:08:13 +05:30
Prince Chaddha 67766f381a
Merge pull request #2600 from Akokonunes/patch-35
Create phpwiki-lfi.yaml
2021-09-09 15:02:41 +05:30
Prince Chaddha 6ce33e2f47
Rename phpwiki-lfi.yaml to vulnerabilities/other/phpwiki-lfi.yaml 2021-09-09 15:01:35 +05:30
Prince Chaddha 08dac56385
Update simple-employee-rce.yaml 2021-09-09 12:06:24 +05:30
sandeep 609705f676 removed extra headers not required for template 2021-09-08 17:47:19 +05:30
Prince Chaddha 9b75486616
Rename homeautomation-v3-openredirect.yaml to vulnerabilities/other/homeautomation-v3-openredirect.yaml 2021-09-07 18:07:48 +05:30
Sandeep Singh e6a71e0e80
Merge pull request #2593 from projectdiscovery/openvpn-hhi
Added OpenVPN Host Header Injection
2021-09-06 18:56:27 +05:30
Prince Chaddha 4075664390
Merge pull request #2580 from Akokonunes/patch-29
Create gSOAP-LFl.yaml
2021-09-06 17:36:18 +05:30
Prince Chaddha e9d5665383
Update gsoap-lfi.yaml 2021-09-06 17:34:51 +05:30
Prince Chaddha 1942d13ed6
Update openvpn-hhi.yaml 2021-09-06 17:15:30 +05:30
sandeep cec54e6d51 tags update
Co-Authored-By: me_dheeraj <9442273+Dheerajmadhukar@users.noreply.github.com>
2021-09-06 16:15:07 +05:30
sandeep c105e41fa4 Added OpenVPN Host Header Injection
Co-Authored-By: me_dheeraj <9442273+Dheerajmadhukar@users.noreply.github.com>
2021-09-06 16:13:17 +05:30
Prince Chaddha f6e52a6739
Merge pull request #2585 from sullo/master
Updates across many templates for clarity, spelling, and grammar.
2021-09-06 15:02:52 +05:30
Prince Chaddha 7579fe98c2
Update and rename minimouse-lfi.yaml to vulnerabilities/other/minimouse-lfi.yaml 2021-09-06 14:44:39 +05:30
sullo ef1f7c5e92 Updates across many templates for clarity, spelling, and grammar. 2021-09-05 17:13:45 -04:00
Prince Chaddha bf1d6374b2
Rename gSOAP-LFl.yaml to vulnerabilities/other/gsoap-lfi.yaml 2021-09-05 19:22:07 +05:30
sandeep 90f8caf302 Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates into pr/2481 2021-09-03 14:55:30 +05:30
sandeep c266084621 Added stop-at-first-match in applicable templates 2021-09-02 17:29:10 +05:30
Prince Chaddha 5c5c6c3974
Update processmaker-lfi.yaml 2021-08-31 14:08:11 +05:30
Prince Chaddha 0b69ea80b2
Create processmaker-lfi.yaml 2021-08-31 14:03:47 +05:30
Noam Rathaus 86f3c08ba6 Vendor writes it as "NETGEAR" 2021-08-29 09:39:06 +03:00
Noam Rathaus 9f9970c8e9 Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates 2021-08-29 09:15:40 +03:00
forgedhallpass 419a957409 Fixing errors in templates
Related nuclei tickets:
* #259 - dynamic key-value field support for template information
* #940 - new infos in template
* #834
* RES-84
2021-08-27 10:43:24 +03:00
forgedhallpass a4250b8f2f Merge remote-tracking branch 'origin' into dynamic_attributes 2021-08-26 15:04:14 +03:00
socketz ed76585ed6 Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates 2021-08-25 14:33:32 +02:00
socketz c766a8454d Fixed yaml linting errors 2021-08-25 14:09:42 +02:00
sandeep 8fb3c65965 template fix 2021-08-25 01:32:14 +05:30
forgedhallpass 110f9c9ddd Merge remote-tracking branch 'origin' into dynamic_attributes 2021-08-24 20:38:11 +03:00
Prince Chaddha f66f36237b
Merge pull request #2455 from gy741/rule-add-v58
Create commax-biometric-access-control-system-auth-bypass.yaml
2021-08-24 17:44:13 +05:30
Prince Chaddha 554c4a505f
Update and rename commax-biometric-access-control-system-auth-bypass.yaml to commax-biometric-auth-bypass.yaml 2021-08-24 17:17:43 +05:30
Prince Chaddha 0a4cd456bf
Update commax-biometric-access-control-system-auth-bypass.yaml 2021-08-24 17:13:17 +05:30
Prince Chaddha ba03c2b377
Update unauth-hoteldruid-panel.yaml 2021-08-24 16:46:24 +05:30
Prince Chaddha d1065cd3fc
Create unauth-hoteldruid-panel.yaml 2021-08-24 16:42:11 +05:30
PikPikcU ecd6547d05
Update thinkific-redirect.yaml 2021-08-24 14:56:21 +07:00
forgedhallpass a124e393b4 Merge remote-tracking branch 'origin' into dynamic_attributes 2021-08-23 19:15:14 +03:00
Prince Chaddha 647d27925a
Merge pull request #2426 from projectdiscovery/generic
Templates by geeknik
2021-08-23 19:55:32 +05:30
GwanYeong Kim cad976abda Create commax-biometric-access-control-system-auth-bypass.yaml
The application suffers from an authentication bypass vulnerability. An unauthenticated attacker through cookie poisoning can bypass authentication and disclose sensitive information and circumvent physical controls in smart homes and buildings.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-08-22 18:19:34 +09:00
sandeep cbdef618f3 Update netgear-router-exposure.yaml 2021-08-21 00:38:54 +05:30
forgedhallpass dc4cc62629 Merge remote-tracking branch 'origin/master' into dynamic_attributes 2021-08-20 15:35:17 +03:00
sandeep e160acb481 misc updates 2021-08-20 16:37:22 +05:30
sandeep 0ef2106a6e Improved template 2021-08-19 23:34:16 +05:30
Sandeep Singh 0bef05c541
Merge pull request #793 from pikpikcu/patch-40
resin information disclosure
2021-08-19 23:15:42 +05:30
Sandeep Singh ab824564d3
minor updates 2021-08-19 23:11:29 +05:30
Sandeep Singh 1247fcd993
Update vulnerabilities/other/caucho-resin-info-disclosure.yaml
Co-authored-by: Toufik Airane <toufik.airane@appsectribe.com>
2021-08-19 23:09:26 +05:30
forgedhallpass 77103bc629 Satisfying the linter (all errors and warnings)
* whitespace modifications only
2021-08-19 17:44:46 +03:00
forgedhallpass 002e8db616 Moved the "vendor" custom attribute under reference
Related nuclei tickets:
* #259 - dynamic key-value field support for template information
* #940 - new infos in template
* #834
* RES-84
2021-08-19 17:00:46 +03:00
forgedhallpass 97d4f8705b Fixed mistakes/typos
Related nuclei tickets:
* #259 - dynamic key-value field support for template information
* #940 - new infos in template
* #834
* RES-84
2021-08-19 16:59:55 +03:00