546bd6a038
matcher update
2021-09-13 15:28:35 +05:30
207c140c50
moving files around
2021-09-11 21:06:36 +05:30
cf4ef2ac5a
Merge pull request #2622 from projectdiscovery/missing-tags
2021-09-10 12:32:47 +05:30
bd24dc198e
Coverage for all templates using tags
2021-09-09 19:08:13 +05:30
67766f381a
Merge pull request #2600 from Akokonunes/patch-35
...
Create phpwiki-lfi.yaml
2021-09-09 15:02:41 +05:30
6ce33e2f47
Rename phpwiki-lfi.yaml to vulnerabilities/other/phpwiki-lfi.yaml
2021-09-09 15:01:35 +05:30
08dac56385
Update simple-employee-rce.yaml
2021-09-09 12:06:24 +05:30
609705f676
removed extra headers not required for template
2021-09-08 17:47:19 +05:30
9b75486616
Rename homeautomation-v3-openredirect.yaml to vulnerabilities/other/homeautomation-v3-openredirect.yaml
2021-09-07 18:07:48 +05:30
e6a71e0e80
Merge pull request #2593 from projectdiscovery/openvpn-hhi
...
Added OpenVPN Host Header Injection
2021-09-06 18:56:27 +05:30
4075664390
Merge pull request #2580 from Akokonunes/patch-29
...
Create gSOAP-LFl.yaml
2021-09-06 17:36:18 +05:30
e9d5665383
Update gsoap-lfi.yaml
2021-09-06 17:34:51 +05:30
1942d13ed6
Update openvpn-hhi.yaml
2021-09-06 17:15:30 +05:30
cec54e6d51
tags update
...
Co-Authored-By: me_dheeraj <9442273+Dheerajmadhukar@users.noreply.github.com>
2021-09-06 16:15:07 +05:30
c105e41fa4
Added OpenVPN Host Header Injection
...
Co-Authored-By: me_dheeraj <9442273+Dheerajmadhukar@users.noreply.github.com>
2021-09-06 16:13:17 +05:30
f6e52a6739
Merge pull request #2585 from sullo/master
...
Updates across many templates for clarity, spelling, and grammar.
2021-09-06 15:02:52 +05:30
7579fe98c2
Update and rename minimouse-lfi.yaml to vulnerabilities/other/minimouse-lfi.yaml
2021-09-06 14:44:39 +05:30
ef1f7c5e92
Updates across many templates for clarity, spelling, and grammar.
2021-09-05 17:13:45 -04:00
bf1d6374b2
Rename gSOAP-LFl.yaml to vulnerabilities/other/gsoap-lfi.yaml
2021-09-05 19:22:07 +05:30
90f8caf302
Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates into pr/2481
2021-09-03 14:55:30 +05:30
c266084621
Added stop-at-first-match in applicable templates
2021-09-02 17:29:10 +05:30
5c5c6c3974
Update processmaker-lfi.yaml
2021-08-31 14:08:11 +05:30
0b69ea80b2
Create processmaker-lfi.yaml
2021-08-31 14:03:47 +05:30
86f3c08ba6
Vendor writes it as "NETGEAR"
2021-08-29 09:39:06 +03:00
9f9970c8e9
Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates
2021-08-29 09:15:40 +03:00
419a957409
Fixing errors in templates
...
Related nuclei tickets:
* #259 - dynamic key-value field support for template information
* #940 - new infos in template
* #834
* RES-84
2021-08-27 10:43:24 +03:00
a4250b8f2f
Merge remote-tracking branch 'origin' into dynamic_attributes
2021-08-26 15:04:14 +03:00
ed76585ed6
Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates
2021-08-25 14:33:32 +02:00
c766a8454d
Fixed yaml linting errors
2021-08-25 14:09:42 +02:00
8fb3c65965
template fix
2021-08-25 01:32:14 +05:30
110f9c9ddd
Merge remote-tracking branch 'origin' into dynamic_attributes
2021-08-24 20:38:11 +03:00
f66f36237b
Merge pull request #2455 from gy741/rule-add-v58
...
Create commax-biometric-access-control-system-auth-bypass.yaml
2021-08-24 17:44:13 +05:30
554c4a505f
Update and rename commax-biometric-access-control-system-auth-bypass.yaml to commax-biometric-auth-bypass.yaml
2021-08-24 17:17:43 +05:30
0a4cd456bf
Update commax-biometric-access-control-system-auth-bypass.yaml
2021-08-24 17:13:17 +05:30
ba03c2b377
Update unauth-hoteldruid-panel.yaml
2021-08-24 16:46:24 +05:30
d1065cd3fc
Create unauth-hoteldruid-panel.yaml
2021-08-24 16:42:11 +05:30
ecd6547d05
Update thinkific-redirect.yaml
2021-08-24 14:56:21 +07:00
a124e393b4
Merge remote-tracking branch 'origin' into dynamic_attributes
2021-08-23 19:15:14 +03:00
647d27925a
Merge pull request #2426 from projectdiscovery/generic
...
Templates by geeknik
2021-08-23 19:55:32 +05:30
cad976abda
Create commax-biometric-access-control-system-auth-bypass.yaml
...
The application suffers from an authentication bypass vulnerability. An unauthenticated attacker through cookie poisoning can bypass authentication and disclose sensitive information and circumvent physical controls in smart homes and buildings.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-08-22 18:19:34 +09:00
cbdef618f3
Update netgear-router-exposure.yaml
2021-08-21 00:38:54 +05:30
dc4cc62629
Merge remote-tracking branch 'origin/master' into dynamic_attributes
2021-08-20 15:35:17 +03:00
e160acb481
misc updates
2021-08-20 16:37:22 +05:30
0ef2106a6e
Improved template
2021-08-19 23:34:16 +05:30
0bef05c541
Merge pull request #793 from pikpikcu/patch-40
...
resin information disclosure
2021-08-19 23:15:42 +05:30
ab824564d3
minor updates
2021-08-19 23:11:29 +05:30
1247fcd993
Update vulnerabilities/other/caucho-resin-info-disclosure.yaml
...
Co-authored-by: Toufik Airane <toufik.airane@appsectribe.com>
2021-08-19 23:09:26 +05:30
77103bc629
Satisfying the linter (all errors and warnings)
...
* whitespace modifications only
2021-08-19 17:44:46 +03:00
002e8db616
Moved the "vendor" custom attribute under reference
...
Related nuclei tickets:
* #259 - dynamic key-value field support for template information
* #940 - new infos in template
* #834
* RES-84
2021-08-19 17:00:46 +03:00
97d4f8705b
Fixed mistakes/typos
...
Related nuclei tickets:
* #259 - dynamic key-value field support for template information
* #940 - new infos in template
* #834
* RES-84
2021-08-19 16:59:55 +03:00
f55d6b75e1
Removed pipe (|) character from references, because the structure requires it to be a string slice, not a string
...
Related nuclei tickets:
* #259 - dynamic key-value field support for template information
* #940 - new infos in template
* #834
* RES-84
2021-08-19 16:59:12 +03:00
7b29be739e
Merge branch 'master' into dynamic_attributes
2021-08-19 16:23:26 +03:00
ffaff64565
Changes fixes/around dynamic attributes ("additional-fields")
...
Related nuclei tickets:
* #259 - dynamic key-value field support for template information
* #940 - new infos in template
* #834
* RES-84
2021-08-19 16:17:27 +03:00
0b432b341b
Added comments with URLs under the "references" field
...
Related nuclei tickets:
* #259 - dynamic key-value field support for template information
* #940 - new infos in template
* #834
* RES-84
2021-08-19 16:15:35 +03:00
e68d15ab63
Fixed mistakes/typos in the templates.
...
Related nuclei tickets:
* #259 - dynamic key-value field support for template information
* #940 - new infos in template
* #834
* RES-84
2021-08-19 15:30:14 +03:00
bc1bf5d919
Create comtrend-ct5367-disclosure.yaml
2021-08-19 14:47:44 +05:30
f8a8968408
Revert "Create comtrend-ct5367-disclosure.yaml"
...
This reverts commit 33ea2d360c
2021-08-19 14:46:35 +05:30
33ea2d360c
Create comtrend-ct5367-disclosure.yaml
2021-08-19 14:45:37 +05:30
ab0750b570
minor update
2021-08-19 00:43:44 +05:30
cdf9451158
Removed pipe (|) character from references, because the structure requires it to be a string slice, not a string
...
Related nuclei tickets:
* #259 - dynamic key-value field support for template information
* #940 - new infos in template
* #834
* RES-84
2021-08-18 14:44:27 +03:00
dd1bbe6093
Revert "Delete netgear-router-disclosure.yaml"
...
This reverts commit 3b969e7e0d
2021-08-18 17:02:08 +05:30
3b969e7e0d
Delete netgear-router-disclosure.yaml
2021-08-18 16:59:49 +05:30
4c920b2552
Rename "references" to "reference" to match the expected template info structure
...
Related nuclei tickets:
* #259 - dynamic key-value field support for template information
* #940 - new infos in template
* #834
* RES-84
2021-08-18 14:29:20 +03:00
0a0b5c7f74
Update netgear-router-disclosure.yaml
2021-08-18 16:56:56 +05:30
d07323e0be
Create netgear-router-disclosure.yaml
2021-08-18 16:44:28 +05:30
af15e4817f
Update netgear-router-auth-bypass.yaml
2021-08-18 16:42:34 +05:30
fe1e7d36fb
Merge pull request #2429 from Mad-robot/patch-3
...
Create geovision-geowebserver-lfi.yaml
2021-08-18 16:19:49 +05:30
0731a772d4
Update geovision-geowebserver-lfi.yaml
2021-08-18 16:18:12 +05:30
1db2715a06
Update geovision-geowebserver-xss.yaml
2021-08-18 14:51:23 +05:30
eeb284a7ec
Update geovision-geowebserver-xss.yaml
2021-08-18 14:48:34 +05:30
db4073d2b5
Update geovision-geowebserver-lfi.yaml
2021-08-18 03:54:30 +05:30
d5748c95fc
Create geovision-geowebserver-lfi.yaml
2021-08-18 03:50:45 +05:30
0c24cc2f74
Create geovision-geowebserver-xss.yaml
2021-08-18 03:50:39 +05:30
727e73c5c3
Create solar-log-authbypass.yaml
2021-08-17 18:02:41 +05:30
59b2aeda40
Merge pull request #2420 from geeknik/patch-18
...
Update twig-php-ssti.yaml
2021-08-17 17:12:00 +05:30
c2f87671fb
strict matcher
2021-08-17 15:52:22 +05:30
03cd55a33f
severity update based on poc
...
We will update this again as per assigned CVE which is not available right now?
2021-08-17 15:02:47 +05:30
4a5137b742
more tags
2021-08-17 15:00:30 +05:30
e8c3a1f9c7
Additional matchers update
2021-08-17 15:00:05 +05:30
5072dbbcbb
Create ms-exchange-server-reflected-xss.yaml
2021-08-17 13:55:38 +05:30
3b9fb75fcb
Update twig-php-ssti.yaml
...
Another FP fix
2021-08-16 15:30:23 -05:00
d52c97c569
Update twig-php-ssti.yaml
...
False positive fix
2021-08-16 15:28:13 -05:00
970bdb3ac7
Update pmb-directory-traversal.yaml
2021-08-16 16:43:47 +05:30
d45887f9f9
Delete node-nunjucks-ssti.yaml
2021-08-16 16:41:58 +05:30
d3a379e112
Update eyelock-nano-lfd.yaml
2021-08-16 16:40:42 +05:30
af4f29ab03
Update beward-ipcamera-disclosure.yaml
2021-08-16 16:37:34 +05:30
4e498a6478
Create pmb-directory-traversal.yaml
2021-08-16 16:14:02 +05:30
451823f887
Create node-nunjucks-ssti.yaml
2021-08-16 16:13:27 +05:30
c6927262eb
Create eyelock-nano-lfd.yaml
2021-08-16 16:12:45 +05:30
232b187a40
Create beward-ipcamera-disclosure.yaml
2021-08-16 16:11:44 +05:30
7bce4fbb26
Update netis-info-leak.yaml
2021-08-14 16:00:00 +05:30
edffa49ca4
Update netis-info-leak.yaml
2021-08-14 15:53:30 +05:30
5b81af7ab4
Create netis-info-leak.yaml
...
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-08-13 13:34:28 +09:00
df65ba694b
Update ewebs-arbitrary-file-reading.yaml
2021-08-12 18:19:22 +05:30
65ed503022
Create ewebs-arbitrary-file-reading.yaml
2021-08-12 18:41:02 +07:00
5ca0a70f3e
Merge pull request #2372 from projectdiscovery/buffalo
...
Added CVE-2021-20090 / CVE-2021-20091 / CVE-2021-20092
2021-08-12 16:07:45 +05:30
cfc534af89
Update sar2html-rce.yaml
2021-08-12 15:03:49 +05:30
98a07bd594
Added unauth config injection
2021-08-12 14:12:20 +05:30
0d2b53e71d
Create sar2html-rce.yaml
...
SAR2HTML could allow a remote attacker to execute arbitrary commands on the system, caused by a commend injection flaw in the index.php script. By sending specially-crafted commands, an attacker could exploit this vulnerability to execute arbitrary commands on the system.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-08-11 14:11:25 +09:00
a806149864
Spelling
2021-08-09 16:31:00 +03:00
864b209cc1
Add reference
2021-08-09 16:10:10 +03:00
3651410d37
Provide description
2021-08-09 16:08:19 +03:00
210c57768d
Merge pull request #2193 from gy741/rule-add-v42
...
Create kevinlab-hems-backdoor.yaml
2021-08-08 13:56:56 +05:30
a7dcd3f317
added more tags
2021-08-08 00:27:18 +05:30
3b6d6322ea
Additional matcher
2021-08-08 00:22:55 +05:30
e690901c86
minor update
2021-08-08 00:20:56 +05:30
ca9efec5c0
tag update
2021-08-07 15:00:29 +05:30
afcbd374a9
Create sap-redirect.yaml
2021-08-07 11:31:58 +05:30
5cddd4312b
Adding additional steps to make it work
2021-08-06 23:30:34 +05:30
57624f3d25
Create ruijie-eg-rce.yaml
2021-08-06 17:04:32 +07:00
3395eff8a0
Merge pull request #2316 from gy741/rule-add-v49
...
Create CVE-2020-7796.yaml
2021-08-03 19:57:45 +05:30
c581a94bf4
Merge pull request #2318 from gy741/rule-add-v50
...
Create longjing-technology-bems-api-lfi.yaml
2021-08-03 19:56:57 +05:30
28d568b88c
Update and rename longjing-technology-bems-api-lfi.yaml to bems-api-lfi.yaml
2021-08-03 19:55:25 +05:30
23bc448b1b
Merge pull request #2199 from pikpikcu/patch-208
...
Add OpenSIS POC
2021-08-03 19:53:32 +05:30
5fb6332bd9
Create longjing-technology-bems-api-lfi.yaml
...
The application suffers from an unauthenticated arbitrary file download vulnerability. Input passed through the fileName parameter through downloads endpoint is not properly verified before being used to download files. This can be exploited to disclose the contents of arbitrary and sensitive files through directory traversal attacks.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-08-03 21:52:14 +09:00
ea1ae20a82
Create zimbra-preauth-ssrf.yaml
2021-08-03 12:52:56 +05:30
2491a6a4b7
Merge pull request #2227 from Udyz/patch-5
...
Create hasura-graphql-sql-exec.yaml
2021-08-02 22:25:31 +05:30
4e976706b8
Update hasura-graphql-psql-exec.yaml
2021-08-02 22:18:41 +05:30
204cf337c8
Update hasura-graphql-psql-exec.yaml
2021-08-02 22:15:52 +05:30
6102421e22
Update hasura-graphql-ssrf.yaml
2021-08-02 22:03:12 +05:30
03077a9ca2
Update tikiwiki-reflected-xss.yaml
2021-08-02 21:44:48 +05:30
493acb8afe
Description
2021-08-02 14:30:22 +03:00
e896a8982d
misc updates
2021-08-02 12:53:35 +05:30
27eef8c1a9
Create zhiyuan-file-upload.yaml
...
Zhiyuan OA is a set of office coordinating management software. Recently, Qianxin CERT monitors the relevant vulnerability information of the long OA. Since there is an unauthorized access in some interfaces, and some functions are insufficient, the attacker can upload malicious script files without logging in, so that there is no need to log in. Zhiyuan OA official has provided patches for this vulnerability. In view of the large vulnerability harm, it is recommended that users apply patch updates as soon as possible.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-08-02 11:07:14 +09:00
49efd9fa07
Update bitrix-open-redirect.yaml
2021-07-29 00:13:15 +05:30
783550d003
Update bitrix-open-redirect.yaml
2021-07-28 08:38:48 +07:00
72fcdc20bf
Create bitrix-open-redirect.yaml
2021-07-28 08:37:25 +07:00
0c68ef5f66
Rename raw-psql-warp.yaml to hasura-graphql-psql-exec.yaml
2021-07-27 23:25:36 +07:00
0706823399
Update raw-psql-warp.yaml
2021-07-27 23:23:55 +07:00
5c931f8d00
Update raw-psql-warp.yaml
2021-07-27 22:12:41 +07:00
2219ab607e
Create raw-psql-warp.yaml
2021-07-27 21:57:59 +07:00
9f28ff8f9b
Update qcubed-xss.yaml
2021-07-27 11:57:30 +05:30
a2fc63b7ac
Create qcubed-xss.yaml
2021-07-27 13:06:30 +07:00
72c038bbf1
Update opensis-lfi.yaml
2021-07-27 08:07:21 +07:00
29e399df87
Create opensis-lfi.yaml
2021-07-27 07:43:02 +07:00
eadc9b4dac
Create kevinlab-hems-backdoor.yaml
...
The HEMS solution has an undocumented backdoor account and these sets of credentials are never exposed to the end-user and cannot be changed through any normal operation of the solution thru the RMI. Attacker could exploit this vulnerability by logging in using the backdoor account with highest privileges for administration and gain full system control. The backdoor user cannot be seen in the users settings in the admin panel and it also uses an undocumented privilege level (admin_pk=1) which allows full availability of the features that the HEMS is offering remotely.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-07-27 02:48:31 +09:00
833ae4ae48
Merge pull request #1083 from pikpikcu/patch-123
...
Create dedecms-membergroup-sqli
2021-07-26 18:02:27 +05:30
86989129d1
Update netgear-wnap320-rce.yaml
2021-07-26 13:38:38 +05:30
c72190c4bf
Create netgear-wnap320-rce.yaml
...
vulnerabilities in the web-based management interface of Netgear WNAP320 Access Point could allow an authenticated, remote attacker to perform command injection attacks against an affected device.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-07-26 08:35:22 +09:00
6ccc5f8792
matcher update to handle edge cases
2021-07-25 03:05:55 +05:30
2c0aa783c4
Merge pull request #2148 from gy741/rule-add-v34
...
Add KevinLAB BEMS 1.0 Multiple Vulnerabilities
2021-07-24 15:37:48 +05:30
bf7c0d3a63
Merge pull request #2122 from gy741/rule-add-v33
...
Create magicflow-lfi.yaml
2021-07-24 12:13:59 +05:30
ac45802ef5
Update kevinlab-bems-sqli.yaml
2021-07-24 12:10:46 +05:30
2631f55550
Update kevinlab-bems-backdoor.yaml
2021-07-24 12:07:27 +05:30
9a46592f71
Update kevinlab-bems-sqli.yaml
2021-07-24 11:59:35 +05:30
87b4c2e98b
Update kevinlab-bems-sqli.yaml
2021-07-24 11:47:05 +05:30
4b444af3c4
Merge pull request #2125 from DhiyaneshGeek/master
...
17 New Templates Added
2021-07-24 03:26:09 +05:30
9617bc5815
matcher update
2021-07-24 03:25:22 +05:30
47ea40bc55
Update kevinlab-bems-backdoor.yaml
2021-07-24 03:17:53 +05:30
b346584002
Update vulnerabilities/other/nginx-merge-slashes-path-traversal.yaml
...
Co-authored-by: Toufik Airane <toufik.airane@appsectribe.com>
2021-07-24 00:25:13 +05:30
1909e3f628
Update vulnerabilities/other/nginx-merge-slashes-path-traversal.yaml
...
Co-authored-by: Toufik Airane <toufik.airane@appsectribe.com>
2021-07-24 00:24:37 +05:30
ca49fb21c7
Merge pull request #2154 from pdelteil/patch-25
...
Update coldfusion-debug-xss.yaml
2021-07-23 20:54:31 +05:30
2dfa3d2e82
Update visual-tools-dvr-rce.yaml
2021-07-23 20:46:49 +05:30
1dd4e3c846
Update visual-tools-dvr-rce.yaml
2021-07-23 15:15:23 +05:30
2c77510faa
Create visual-tools-dvr-rce.yaml
...
vulnerabilities in the web-based management interface of Visual Tools DVR VX16 4.2.28.0 could allow an authenticated, remote attacker to perform command injection attacks against an affected device.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-07-23 08:47:29 +09:00
abacdafb4f
Update coldfusion-debug-xss.yaml
...
The term adobe is more general than coldfusion. Since Coldfusion is a product of Adobe.
2021-07-22 19:44:57 -04:00
69db0862ee
Create kevinlab-bems-backdoor.yaml
...
The BEMS solution has an undocumented backdoor account and these sets of credentials are never exposed to the end-user and cannot be changed through any normal operation of the solution thru the RMI. Attacker could exploit this vulnerability by logging in using the backdoor account with highest privileges for administration and gain full system control. The backdoor user cannot be seen in the users settings in the admin panel and it also uses an undocumented privilege level (admin_pk=1) which allows full availability of the features that the BEMS is offering remotely.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-07-22 22:13:00 +09:00
a4ec6a2b11
Create kevinlab-bems-sqli.yaml
...
The application suffers from an unauthenticated SQL Injection vulnerability. Input passed through 'input_id' POST parameter in '/http/index.php' is not properly sanitised before being returned to the user or used in SQL queries.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-07-22 21:46:18 +09:00
111da22943
Update dedecms-membergroup-sqli.yaml
2021-07-21 18:34:37 +05:30
403a73d1c7
Merge pull request #1085 from pikpikcu/patch-125
...
Create dedecms-carbuyaction-fileinclude.yaml
2021-07-21 18:27:45 +05:30
f5fc07dd72
Merge pull request #1581 from pikpikcu/patch-168
...
Create hiboss-rce
2021-07-21 18:27:38 +05:30
08541f08c4
Update dedecms-carbuyaction-fileinclude.yaml
2021-07-21 18:26:36 +05:30
00ce088daf
Merge pull request #1334 from projectdiscovery/princechaddha-patch-3
...
Create sangfor-edr-auth-bypass.yaml
2021-07-21 18:18:08 +05:30
8d953c45ea
Update sangfor-edr-auth-bypass.yaml
2021-07-21 18:14:42 +05:30
da1ef3b031
Merge pull request #1568 from pikpikcu/patch-166
...
Create h3c-imc-rce
2021-07-21 18:11:11 +05:30
08f160f0e2
Create nginx-merge-slashes-path-traversal.yaml
2021-07-21 13:46:40 +05:30
16750fd9a2
Create magicflow-lfi.yaml
...
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-07-21 14:18:00 +09:00
19fa522fec
Create mirai-unknown-rce.yaml
...
The unknown exploit targets the login CGI script, where a key parameter is not properly sanitized leading to a command injection.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-07-18 22:44:29 +09:00
63ae086b67
Payload + matcher update
2021-07-17 23:02:43 +05:30
33a0ede229
Merge pull request #2009 from gy741/rule-add-v24
...
Create CVE-2020-26919, CVE-2020-25506, OptiLink ONT1GEW GPON RCE, CVE-2021-31755
2021-07-16 18:04:52 +05:30
9286c79bc1
Rename optiLink-ont1gew-gpon-rce.yaml to optilink-ont1gew-gpon-rce.yaml
2021-07-15 23:15:45 +05:30
6bf13454ae
Update optiLink-ont1gew-gpon-rce.yaml
2021-07-15 23:15:22 +05:30
642f71278d
Added Yapi RCE
2021-07-15 22:11:22 +05:30
1eb999ce02
Create optiLink-ont1gew-gpon-rce.yaml
...
vulnerabilities in the web-based management interface of OptiLink could allow an authenticated, remote attacker to perform command injection attacks against an affected device.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-07-15 14:57:34 +09:00
5182b88b54
Merge pull request #1871 from projectdiscovery/huijietong-cloud-fileread
...
Create huijietong-cloud-fileread.yaml
2021-07-14 19:27:43 +05:30
c8c49c5046
Update hasura-graphql-ssrf.yaml
2021-07-13 15:58:06 +05:30
5fe872788f
minor update
2021-07-13 15:57:10 +05:30
4ef8ed8e97
Create hasura-graphql-ssrf.yaml
2021-07-12 20:49:09 +05:30
a0d643561f
Update icewarp-webclient-rce.yaml
2021-07-10 09:18:32 +05:30
ef74a354ca
Create icewarp-webclient-rce.yaml
...
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-07-09 13:52:28 +09:00
808712f772
Update clockwatch-enterprise-rce.yaml
2021-07-08 14:20:18 +05:30
6e6d383b6c
Update clockwatch-enterprise-rce.yaml
2021-07-08 14:00:27 +05:30
7695526e13
Update clockwatch-enterprise-rce.yaml
2021-07-08 14:00:01 +05:30
a722b9fff6
Create clockwatch-enterprise-rce.yaml
...
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-07-08 13:18:31 +09:00
edc0f1a775
Update opensns-rce.yaml
2021-07-07 18:30:48 +05:30
9588eadaed
minor updates
2021-07-07 18:30:15 +05:30
c3cbee2794
Create opensns-rce.yaml
...
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-07-07 18:49:36 +09:00
f683e0bade
Merge pull request #1837 from gy741/rule-add-v10
...
Create huawei-router-auth-bypass.yaml
2021-07-06 23:33:47 +05:30
cc4244d36c
Update huawei-router-auth-bypass.yaml
2021-07-06 23:32:45 +05:30
7c06dfaf70
Create huijietong-cloud-fileread.yaml
2021-07-05 21:59:12 +05:30
f55aef6a1b
Merge pull request #1839 from gy741/rule-add-v11
...
Create netgear-router-auth-bypass.yaml
2021-07-05 21:46:00 +05:30
457ce76e34
minor updates
2021-07-04 17:09:45 +05:30
ecdd86167a
Create lotuscms-rce.yaml
2021-07-04 11:11:19 +00:00
d50459eb9b
Added missing matcher
2021-07-04 01:26:41 +05:30
afcbe4cfe4
minor updates
2021-07-04 01:22:08 +05:30
127673455a
Update coldfusion-debug-xss.yaml
2021-07-02 20:55:33 +05:30
e259c3dd2f
Update jfrog-unauth-build-exposed.yaml
2021-07-02 20:53:02 +05:30
2787fc01b6
Update jfrog-unauth-build-exposed.yaml
2021-07-02 08:25:40 +05:30
2fa4382ef5
Create jfrog-unauth-build-exposed.yaml
2021-07-02 08:23:42 +05:30
453b09d3ff
Create coldfusion-debug-xss.yaml
2021-07-01 22:31:01 +05:30
c0ebf56f85
Create netgear-router-auth-bypass.yaml
...
NETGEAR decided to use to check if a page has “.jpg”, “.gif” or “ess_” substrings, trying to match the entire URL. We can therefore access any page on the device, including those that require authentication, by appending a GET variable with the relevant substring (like “?.gif”).
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-07-01 14:39:10 +09:00
4d56d47c69
Create huawei-router-auth-bypass.yaml
...
The default password of this router is the last 8 characters of the
device's serial number which exist in the back of the device.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-07-01 09:28:30 +09:00
039a41e790
Merge pull request #1774 from pikpikcu/patch-185
...
Create huawei-hg659-lfi.yaml
2021-06-28 21:46:51 +05:30
24a3fab9d3
Added missing condition
2021-06-26 19:35:52 +05:30
e84c784fa2
Merge pull request #1689 from nrathaus/master
...
CVE-2021-28164 and some fixes
2021-06-24 23:58:29 +05:30
cb18f313fd
Create huawei-hg659-lfi.yaml
2021-06-24 15:41:18 +00:00
bc7e8a80db
Merge pull request #1336 from projectdiscovery/princechaddha-patch-5
...
Create resin-inputfile-fileread.yaml
2021-06-24 02:32:40 +05:30
ed4c5a415d
Merge pull request #1335 from projectdiscovery/princechaddha-patch-4
...
Create resin-viewfile-lfr.yaml
2021-06-24 02:28:47 +05:30
c45ec90d5f
Update resin-inputfile-fileread.yaml
2021-06-24 02:28:18 +05:30
b2114008ad
Merge pull request #1595 from pikpikcu/patch-173
...
Create jeewms-lfi
2021-06-24 02:24:41 +05:30
1d581af4ec
Update jeewms-lfi.yaml
2021-06-22 18:28:52 +05:30
01b77a7ed2
Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates
2021-06-17 16:54:18 +03:00
9f8cae8ab5
Update tamronos-rce.yaml
2021-06-17 01:34:49 +00:00
90bdede7dd
Create tamronos-rce.yaml
2021-06-17 01:31:59 +00:00
3369c5a4dd
Reference
2021-06-13 11:55:20 +03:00
b5bdac494b
Merge branch 'master' of https://github.com/nrathaus/nuclei-templates
2021-06-13 09:54:52 +03:00
feb42e49b0
Reduce chances of FP
2021-06-13 09:53:47 +03:00
513596d2e0
Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates
2021-06-13 09:05:57 +03:00
98e49295b6
Merge pull request #1672 from DhiyaneshGeek/master
...
CKAN DOM Based XSS , php-zerodium-backdoor-rce
2021-06-11 14:16:18 +05:30
771e55eca6
Create php-zerodium-backdoor-rce.yaml
2021-06-10 22:01:26 +05:30
fd70f535dd
Update ckan-dom-based-xss.yaml
2021-06-10 17:27:21 +05:30
a4897080b2
Merge pull request #1668 from pikpikcu/patch-181
...
Create php-timeclock-xss
2021-06-10 14:57:05 +05:30
b43c8f2c93
misc update
2021-06-10 14:53:31 +05:30
083d32c05f
More validation
2021-06-10 14:37:26 +05:30
0ebeff27a6
misc changes
2021-06-10 14:25:20 +05:30
5b2ec54d34
Create ckan-dom-based-xss.yaml
2021-06-10 13:37:33 +05:30
a4e714718f
Create php-timeclock-xss.yaml
2021-06-10 07:29:19 +00:00
c80690c829
Create mpsec-isg1000-lfi.yaml
2021-06-10 07:11:07 +00:00
885aeadaa7
Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates
2021-06-09 16:07:06 +03:00
83ce809e8d
Updated author names
2021-06-09 17:50:56 +05:30
23cb4c4d9f
moving files around
2021-06-09 14:37:40 +05:30
46e4d47d92
Another reference
2021-06-09 09:43:04 +03:00
27db48cb53
Another vector
2021-06-09 09:42:41 +03:00
1e0a542b21
New test
2021-06-09 09:07:03 +03:00
8b0c5eaee3
Spelling
2021-06-06 10:35:09 +03:00
5d63b1bb05
Fixing the condition
2021-06-04 21:33:01 +05:30
1f6334671c
escape fix
2021-06-04 21:26:59 +05:30
bc9a760d29
Create interlib-fileread.yaml
2021-06-04 02:54:55 +00:00
0f0ff2ee1e
moving files around
2021-06-03 21:54:08 +05:30
3202a0dd65
Merge pull request #1606 from nrathaus/master
...
Description / Spelling
2021-06-02 13:10:50 +05:30
2fe2c88872
Moving files around
2021-06-02 12:22:24 +05:30
2d52259f70
Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates
2021-06-02 09:09:05 +03:00
a5ccb5f893
strict matcher
2021-06-01 16:08:41 +05:30
7f5dfedf55
Create jeewms-lfi.yaml
2021-06-01 09:08:45 +00:00
2685f492ed
Merge pull request #1580 from pikpikcu/patch-167
...
Create ns-asg-file-read
2021-06-01 14:10:09 +05:30
d5b9e4c7b6
Update ns-asg-file-read.yaml
2021-06-01 14:09:01 +05:30
31341b547e
Update blue-ocean-excellence-lfi.yaml
2021-05-31 15:44:21 +05:30
f944191e7a
Create blue-ocean-excellence-lfi.yaml
2021-05-31 09:29:51 +00:00
65c73dbe34
Create hiboss-rce.yaml
2021-05-31 09:08:16 +00:00
e56a64402c
Create ns-asg-file-read.yaml
2021-05-31 08:56:01 +00:00
4edb345286
Merge branch 'patch-165' of https://github.com/pikpikcu/nuclei-templates into pr/1567
2021-05-31 14:20:30 +05:30
2ad903dcf1
misc changes
2021-05-31 14:19:23 +05:30
76886054ce
Create h3c-imc-rce.yaml
2021-05-31 05:53:21 +00:00
5f4923ddce
Create hjtcloud-arbitrary-file-read.yaml
2021-05-31 05:38:23 +00:00
81d1180769
Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates
2021-05-30 09:09:37 +03:00
1644eb793a
misc changes
2021-05-28 11:12:36 +05:30
b94ba82591
Update natshell-rce.yaml
2021-05-28 02:49:17 +07:00
f1726d3a1f
Create natshell-rce.yaml
2021-05-27 14:59:33 +00:00
b32eac85b1
Give description
2021-05-25 14:35:41 +03:00
8676d8c23c
Added Maian Cart 3.8 preauth RCE template
2021-05-25 05:08:52 +05:30
d7d86bbd95
More strict matcher
2021-05-20 23:15:01 +05:30
e66ce65285
Adding Fanruan related templates
2021-05-20 22:56:55 +05:30
f0879103d4
Improved matcher
2021-05-17 22:39:05 +05:30
08ee1ad5ee
matcher update
2021-05-17 19:49:24 +05:30
08001381c4
Create natshell-path-traversal.yaml
2021-05-17 08:14:20 +00:00
04e1fb0ef8
Create flir-path-traversal.yaml
2021-05-16 04:54:40 +00:00
21c1dc2c70
Merge pull request #1337 from projectdiscovery/princechaddha-patch-7
...
Create resin-cnnvd-200705-315.yaml
2021-05-16 02:33:31 +05:30
fc66a9e076
Removing duplicate template
2021-05-11 23:48:36 +05:30
b4b30c95ee
Update oa-v9-uploads-file.yaml
2021-05-10 13:23:08 +05:30
8766b537dd
Add reference
2021-05-10 09:52:26 +03:00
fa7567f68e
Its not really a regex
2021-05-10 09:35:36 +03:00
4c201aa1dd
It is not just a file upload
2021-05-10 09:35:10 +03:00
1e364a6cdb
Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates
2021-05-10 09:27:13 +03:00
7fde950173
Merge pull request #1327 from projectdiscovery/showdoc-file-upload
...
Adding Showdoc < 2.8.6 File Upload RCE
2021-05-10 01:36:45 +05:30
1f8ff83353
tags update
2021-05-10 01:34:11 +05:30
ccfb5ca4c4
regex update
2021-05-10 01:33:27 +05:30
18dff7387c
Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates
2021-05-09 08:32:05 +03:00
d950f72ff9
minor update
2021-05-07 14:56:40 +05:30
0159c284e7
minor update
2021-05-07 14:53:34 +05:30
253ede65c1
Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates
2021-05-06 15:16:27 +03:00
8274939810
Create kafdrop-xss.yaml
2021-05-05 23:51:53 +05:30
9944ef191f
Create joomla-lfi-com_fabrik.yaml
2021-05-05 23:48:57 +05:30
e87baf2967
Merge pull request #1346 from projectdiscovery/princechaddha-patch-11
...
Create wuzhicms-sqli.yaml
2021-05-05 23:30:36 +05:30
ae45a6b386
Merge pull request #1344 from projectdiscovery/princechaddha-patch-9
...
Create ueditor-file-upload.yaml
2021-05-05 23:29:11 +05:30
e68777d20a
Alternative reference
2021-05-05 17:08:11 +03:00
7f90af4d32
Reference is dead
2021-05-05 17:07:52 +03:00
0520ad05d3
Merge pull request #1351 from projectdiscovery/princechaddha-patch-16
...
Create ecology-filedownload-directory-traversal.yaml
2021-05-05 17:56:59 +05:30
d1f62765f9
Merge pull request #1409 from DhiyaneshGeek/master
...
Gogs install exposure,Gloo UI Unauthentication
2021-05-05 17:54:37 +05:30
ae13e5e44e
minor updates
2021-05-05 17:53:34 +05:30
b10918510c
Adding strict matcher
2021-05-05 17:39:31 +05:30
127ac5e37c
Merge pull request #962 from pikpikcu/patch-89
...
add hashicorp-consul-rce
2021-05-05 00:02:57 +05:30
819e201ebd
Update concrete-xss.yaml
2021-05-04 13:36:54 +05:30
052f1b3b7b
Adding concrete-xss
2021-05-04 13:36:16 +05:30
585b651592
Update gloo-unauth.yaml
2021-05-03 18:23:30 +05:30
a1fc27ca75
Create gloo-unauth.yaml
2021-05-03 18:14:44 +05:30
acf5d41ef9
Minor update
2021-05-02 17:51:44 +05:30
f9559b1e21
Update landray-oa-fileread.yaml
2021-05-02 13:58:47 +05:30
a6df4754d4
Update landray-oa-fileread.yaml
2021-05-02 13:57:33 +05:30
c5bdf6cbca
Create landray-oa-fileread.yaml
2021-05-02 04:42:37 +00:00
cc9d4eddf1
Update rce-via-java-deserialization.yaml
2021-05-01 17:22:03 +05:30
f898e4b539
Correct product name
2021-04-29 09:20:58 +03:00
a7de9915c7
Removed self-reference
2021-04-29 08:58:02 +03:00
91b6b1b175
Make references visible
2021-04-29 08:57:39 +03:00
2860cdfb4a
Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates
2021-04-29 08:38:11 +03:00
2920fa9bfb
matcher and payload update
2021-04-28 19:44:28 +05:30
a55db7af44
Merge pull request #1332 from projectdiscovery/princechaddha-patch-2
...
Create WooYun-2015-148227.yaml
2021-04-28 18:51:07 +05:30
ecb436df3e
Those aren't really regexes
2021-04-28 15:07:39 +03:00
9ece07bf9a
Provide reference
2021-04-28 14:00:15 +03:00
8d9d46e00a
Merge pull request #1362 from underfl0w/chamilo-lms-sqli
...
Chamilo 1.11.14 LMS sql injection
2021-04-28 15:55:14 +05:30
722e305878
Update chamilo-lms-sqli.yaml
2021-04-28 15:48:34 +05:30
5f5430a7a4
Payload and matcher fix
2021-04-28 14:42:10 +05:30
3adf607b6f
Matcher for DNS interaction
2021-04-27 16:24:39 +05:30
eaf70d16ab
Merge pull request #1350 from projectdiscovery/princechaddha-patch-15
...
Create zcms-v3-sqli.yaml
2021-04-27 16:09:32 +05:30
d705648dc4
Merge pull request #1343 from projectdiscovery/princechaddha-patch-8
...
Create spark-webui-unauth.yaml
2021-04-26 21:58:53 +05:30
3079fce648
Update spark-webui-unauth.yaml
2021-04-26 21:57:46 +05:30
f726562445
Update spark-webui-unauth.yaml
2021-04-26 21:56:13 +05:30
487e2300e1
Merge pull request #1331 from projectdiscovery/princechaddha-patch-1
...
Create unauth-spark-api.yaml
2021-04-26 21:52:22 +05:30
5fcba18d1e
Merge pull request #1349 from projectdiscovery/princechaddha-patch-14
...
Create xunchi-file-read.yaml
2021-04-26 21:06:27 +05:30
ac29e9a622
Merge pull request #1348 from projectdiscovery/princechaddha-patch-13
...
Create xiuno-bbs-reinstallation.yaml
2021-04-26 21:05:39 +05:30
4cc83776f3
Merge pull request #1352 from projectdiscovery/princechaddha-patch-17
...
Create ecology-springframework-directory-traversal.yaml
2021-04-26 20:48:30 +05:30
2e1e0e932f
Product name
2021-04-26 09:07:57 +03:00
19a4bbc844
Correct product name, and link to the Gitee
2021-04-26 09:03:24 +03:00
3857469468
Add reference
2021-04-26 09:01:39 +03:00
909a0ce4dd
Product seems to be called ectouch
2021-04-26 08:51:08 +03:00
bb974381b5
add references
2021-04-26 08:48:16 +03:00
b9ad93a3cd
Reverted back to old technique
...
The ;INSERT method only seemed to work on my dev enviroment.
2021-04-24 22:15:57 +03:00
5f264c9891
Updated chamilo-lms-sqli.yaml
...
Uses SQL injection to insert data into the database, then checks to see
if this data has been added;
2021-04-24 21:41:38 +03:00
d4e8720797
Chamilo 1.11.14 LMS sql injection
...
YAML file is now indented correctly
2021-04-24 19:35:29 +03:00
2f7746fe3d
Chamilo 1.11.14 LMS sql injection
2021-04-24 19:11:58 +03:00
71e25fa42d
Create ecology-springframework-directory-traversal.yaml
2021-04-23 18:52:08 +05:30
85bc6464cb
Create ecology-filedownload-directory-traversal.yaml
2021-04-23 18:50:11 +05:30
2aa7764e58
Create zcms-v3-sqli.yaml
2021-04-23 18:48:00 +05:30
525475ea2e
Create xunchi-file-read.yaml
2021-04-23 18:45:02 +05:30
3527ffcd5c
Update xiuno-bbs-reinstallation.yaml
2021-04-23 18:41:15 +05:30
bfa6113b45
Create xiuno-bbs-reinstallation.yaml
2021-04-23 18:40:17 +05:30
9341841862
Create wuzhicms-sqli.yaml
2021-04-23 18:26:43 +05:30
bfae33ab72
Create ueditor-file-upload.yaml
2021-04-23 17:45:09 +05:30
fcb93ad108
Create spark-webui-unauth.yaml
2021-04-23 17:37:19 +05:30
f7875a24d6
Adding Apache Solr <= 8.8.1 Arbitrary File Read
2021-04-23 15:48:04 +05:30
ed1f462a3c
Create resin-cnnvd-200705-315.yaml
2021-04-22 19:37:30 +05:30
376e8ec590
Create resin-inputfile-fileread.yaml
2021-04-22 19:16:56 +05:30
edbe48cdf7
Update resin-viewfile-lfr.yaml
2021-04-22 19:14:41 +05:30
bafc6d146a
Update resin-viewfile-lfr.yaml
2021-04-22 19:13:46 +05:30
175bd1780d
Create resin-viewfile-lfr.yaml
2021-04-22 14:46:29 +05:30
b9e013caec
Create sangfor-edr-auth-bypass.yaml
2021-04-22 14:37:32 +05:30
7b051a70a9
Create WooYun-2015-148227.yaml
2021-04-22 14:29:47 +05:30
af89aaf731
Update unauth-spark-api.yaml
2021-04-22 14:23:08 +05:30
6c80ff0b68
Update unauth-spark-api.yaml
2021-04-22 13:48:03 +05:30
c89872228c
Update unauth-spark-api.yaml
2021-04-22 13:46:18 +05:30
22ddf02690
Create unauth-spark-api.yaml
2021-04-22 13:45:01 +05:30
sandeep
Prince Chaddha
sullo
Noam Rathaus
forgedhallpass
socketz
PikPikcU
GwanYeong Kim
Prince Chaddha
SaN ThosH
Sanyam Chawla
Geeknik Labs
Dhiyaneshwaran
lulz
Philippe Delteil
sandeep
Jurjen de Jonge