daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
11,413 Commits
17 Branches
0 Tags
165 MiB
Commit Graph

1437 Commits (85c8b47b6240ac154746d4b1abbd0865cacfb442)

Author SHA1 Message Date
sandeep 39a71c641a update: added more reference 2021-12-15 21:20:18 +05:30
Evan Rubinstein 11fe2fdfee
Added apache-solr-log4j RCE (#3336) 
* update: added apache-solr-log4j-rce

Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
Co-authored-by: GitHub Action <action@github.com>
 2021-12-15 21:15:43 +05:30
Sandeep Singh d9ed21458f
Added VMware VCenter Log4j JNDI RCE (#3340) 
* Added VMware VCenter Log4j JNDI RCE

Co-Authored-By: FQ Hsu <fanqxu@gmail.com>

* update: removed static UA

Co-Authored-By: FQ Hsu <fanqxu@gmail.com>

Co-authored-by: FQ Hsu <fanqxu@gmail.com>
 2021-12-14 21:27:30 +05:30
sandeep c9ddd7a0ae update: id + reference update 2021-12-14 21:07:46 +05:30
Evan Rubinstein dddb0bbb82
Added CVE-2021-24997 (#3298) 
* Added CVE-39226

* Added CVE-39226

* Delete CVE-39226.yaml

* Renamed CVE-39226 to CVE-2021-39226

Fixed naming error

* Added Wp-Guppy-Information-Disclosure template

* Removed File

Found better descriptor

* Added CVE-2021-24997

Added WordPress Guppy Information Disclosure CVE

* Fixed CVE-2021-24997

Fixed YAML formatting

* Fixed Typo

URL Path had an extra double quote

* Auto Generated Templates Stats [Wed Dec  8 23:07:24 UTC 2021] 🤖

* Deleted Blank Space

* Update CVE-2021-24997.yaml

* Update CVE-2021-24997.yaml

* Update CVE-2021-24997.yaml

* Update CVE-2021-24997.yaml

* Added CVE-2021-43496

* Update CVE-2021-43496.yaml

* fix: syntax update

* Added New Vuln

* Update CVE-2021-24997.yaml

* Update CVE-2021-43496.yaml

* Update and rename hd-netowrk-realtime-monitor-system-LFI.yaml to hdnetwork-realtime-lfi.yaml

* fix: lints update

Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
Co-authored-by: GitHub Action <action@github.com>
Co-authored-by: Prince Chaddha <prince@projectdiscovery.io>
 2021-12-14 02:22:26 +05:30
pudsec 8cac8b5a36
Update open-redirect.yaml (#3333) 2021-12-13 20:42:06 +05:30
S Bani b76dbf91c6
Add Another Redirect Payload and Extend the Regex to Recognize it (#3299) 
* Fix Open Redirect Header Regex

The regex was missing the correct escaping for special char `/`

* Add New General Open Redirect

There's another option for open redirects. I tested it in FF and Chrome.

* Update Location Redirect Regex

* update: mix changes

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
 2021-12-13 20:38:21 +05:30
Prince Chaddha 79a95a56d7
Update and rename pieregister-plugin-open-redirect.yaml to vulnerabilities/wordpress/pieregister-open-redirect.yaml 2021-12-12 16:59:16 +05:30
Dwi Siswanto 6a4bbdf93a
Update Grafana Arbitrary File Read (#3321) 
* Add Grafana plugins wordlist

* Using payloads instead

* fix: updated variable name

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
 2021-12-11 11:07:55 +05:30
Prince Chaddha 0e94557017
Merge pull request #3248 from pikpikcu/patch-307 
added thruk-xss
 2021-12-09 22:01:56 +05:30
Prince Chaddha f476c5ff5b
Update thruk-xss.yaml 2021-12-09 21:58:15 +05:30
Prince Chaddha d35a55f7b4
Update and rename watchguard-fireware-ad-helper-component-credentials-disclosure.yaml to watchguard-credentials-disclosure.yaml 2021-12-09 21:05:13 +05:30
GwanYeong Kim bde4e1815a Create watchguard-fireware-ad-helper-component-credentials-disclosure.yaml 
a credential-disclosure vulnerability in the AD Helper component of the WatchGuard Fireware Threat Detection and Response (TDR) service, which allows unauthenticated attackers to gain Active Directory credentials for a Windows domain in plaintext.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
 2021-12-09 16:02:48 +09:00
Sandeep Singh 2521cb62bf
Added CVE-2021-43798 (#3296) 
* Added CVE-2021-43798

* updated with default plugin list

* Update grafana-file-read.yaml
 2021-12-08 16:46:47 +05:30
z0ne d79b085051
add grafana file read (#3286) 
* add grafana file read

* update: more reference

Co-authored-by: dev <z0ne>
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
 2021-12-07 15:42:59 +05:30
Prince Chaddha fdcccb5938
Update and rename netsweeper-reflected-xss.yaml to netsweeper-rxss.yaml 2021-12-07 13:56:30 +05:30
Prince Chaddha ba8bad94c4
Update netsweeper-open-redirect.yaml 2021-12-07 13:43:29 +05:30
daffainfo b90d0b7e3e Add 10 templates and edit 1 workflows 2021-12-06 23:38:54 +07:00
sandeep 9da0d768a1 fix: syntax + lint 2021-12-03 10:37:42 +05:30
PikPikcU 83f6b2a153
Update thruk-xss.yaml 2021-12-02 19:07:50 +07:00
PikPikcU 435eeca764
Create thruk-xss.yaml 2021-12-02 19:02:40 +07:00
sandeep 1dabef2e6f Revert "CVE update - CVE-2021-22049" 
This reverts commit 70128c2587.
 2021-12-02 01:34:29 +05:30
sandeep 70128c2587 CVE update - CVE-2021-22049 2021-12-02 01:31:41 +05:30
Sandeep Singh 7ea7da8d4b
Added VMware vCenter SSRF/LFI/XSS (#3240) 2021-12-02 00:53:47 +05:30
sandeep 71143da193 Added missing tags 2021-11-28 04:13:45 +05:30
sandeep e7e8c33d64 fixed matcher + added additional matcher 2021-11-27 10:20:04 +05:30
alph4byt3 5080276f31
Update flow-flow-social-stream-xss.yaml 2021-11-26 09:48:04 +02:00
alph4byt3 f82f4d1a0b
Create flow-flow-social-stream-xss.yaml 2021-11-26 06:55:21 +02:00
Prince Chaddha 0d2a2f4e15
Merge pull request #3188 from pussycat0x/master 
WordPress Themes Haberadam IDOR and Full Path Disclosure via JSON API
 2021-11-24 12:14:54 +04:00
Prince Chaddha 85d79fd597
Update and rename wp-haberadam-theme-idor.yaml to wp-haberadam-idor.yaml 2021-11-24 12:09:22 +04:00
pussycat0x b7701dc7b3
Update wp-haberadam-theme-idor.yaml 2021-11-23 19:53:36 +05:30
pussycat0x e7bc254415
Update wp-haberadam-theme-idor.yaml 2021-11-23 19:50:27 +05:30
pussycat0x b3ceaffb9f
Add files via upload 2021-11-23 19:46:33 +05:30
Noam Rathaus 725782050a Add description 2021-11-23 12:09:00 +02:00
Prince Chaddha 42a9f46f94
Merge pull request #3176 from pussycat0x/master 
Wordpress Revslider - Unauthenticated Arbitrary File Download
 2021-11-23 09:40:48 +05:30
Prince Chaddha 2407b57779
Update wp-revslider-file-download.yaml 2021-11-23 08:09:29 +04:00
sandeep fdb0cc0277 lint fix + moving template to wp folder 2021-11-22 22:55:00 +05:30
pussycat0x ee2a766a35
Update wp-revslider-file-download.yaml 2021-11-22 20:40:38 +05:30
pussycat0x 680fffc187
Update wp-revslider-file-download.yaml 2021-11-22 20:33:29 +05:30
pussycat0x a8ee7e2ddf
Update wp-revslider-file-download.yaml 2021-11-22 20:29:59 +05:30
pussycat0x ba3d453744
Add files via upload 2021-11-21 17:00:25 +05:30
Sandeep Singh 6eea2f5ec3
Merge pull request #3170 from pussycat0x/master 
new templates
 2021-11-21 14:44:52 +05:30
sandeep bb5dcd79ac moved templates to correct directory/location 2021-11-21 14:40:48 +05:30
pussycat0x 41669cb8f6
Add files via upload 2021-11-21 06:45:24 +05:30
Prince Chaddha 1e31e0f76d
Update and rename eibiz-server-3-8-0-lfi.yaml to vulnerabilities/other/eibiz-lfi.yaml 2021-11-18 21:52:30 +05:30
Prince Chaddha cacf934f38
Merge pull request #3144 from DhiyaneshGeek/master 
Axigen Mail Server & Squirrel Server
 2021-11-16 16:09:21 +05:30
Prince Chaddha dfea5262ab
Update squirrelmail-add-xss.yaml 2021-11-16 15:30:41 +05:30
Prince Chaddha 77e5352a78
Update squirrelmail-vkeyboard-xss.yaml 2021-11-16 15:13:47 +05:30
Dhiyaneshwaran 32715528d8
Update squirrelmail-lfi.yaml 2021-11-16 00:10:15 +05:30
Dhiyaneshwaran 1905c9321a
Create squirrelmail-vkeyboard-xss.yaml 2021-11-15 23:58:18 +05:30