071e3b25c9
few updates
2020-11-17 16:27:15 +05:30
0202889780
cve-2017-12637.yaml tab fixed
2020-11-17 11:18:19 +01:00
f5e1d23545
cve-2017-12637.yaml added
2020-11-17 11:14:41 +01:00
d6198665e7
🔥 Add CVE-2020-8209
...
References:
- https://swarm.ptsecurity.com/path-traversal-on-citrix-xenmobile-server/
2020-11-16 21:49:51 +07:00
b1965155f7
Update CVE-2020-14815.yaml
2020-11-14 15:37:15 +05:30
a710c24d4d
Update CVE-2020-14815.yaml
2020-11-14 15:35:06 +05:30
a273c87c2e
Create CVE-2020-14815.yaml
2020-11-13 01:25:48 +05:30
3cf5167077
Update CVE-2019-20141.yaml
2020-11-12 14:30:01 +05:30
c4349a33cf
fixing possible false positive
2020-11-12 13:55:56 +05:30
4f746684c8
Encoding updates
2020-11-10 19:43:51 +05:30
29d421549a
Search for "provider":"ldap" to complete the match on the cve
...
Signed-off-by: Casper Guldbech Nielsen <whopsec@protonmail.com>
2020-11-07 12:37:29 +01:00
e9b57b3e9a
Add cve-2020-26214 detection
...
Signed-off-by: Casper Guldbech Nielsen <whopsec@protonmail.com>
2020-11-07 11:47:02 +01:00
cd90698cb5
Adding cve-2019-3402
2020-11-06 15:58:11 +05:30
b175c2117c
🔥 Update CVE-2020-14882 payload & with positive matchers
2020-11-02 14:23:12 +07:00
73c94b174c
moved to another branch for the fix.
2020-11-01 12:53:33 +05:30
8503dd1471
fixing mistake
2020-10-30 11:01:43 +05:30
baaba9036e
🔥 Add CVE-2020-14882
2020-10-29 19:58:49 +07:00
0c3b87f943
Merge pull request #595 from projectdiscovery/z-xxe
...
adding cve-2019-9670
2020-10-29 16:24:59 +05:30
0c63ebfd8f
adding cve-2019-9670
2020-10-29 16:23:46 +05:30
ca1c3e7f72
Update CVE-2020-14864.yaml
2020-10-29 15:43:50 +05:30
54f73f80e1
add template for CVE-2020-14864
2020-10-29 10:54:06 +01:00
3b1f0bf6f9
Create CVE-2020-9344.yaml
2020-10-23 11:59:51 +05:30
c912513e40
Merge pull request #575 from dwisiswant0/fix/cve-2020-7961
...
Update CVE-2020-7961
2020-10-16 11:34:23 +05:30
d9f53727c9
✏️ Escaping dot in extractors
2020-10-16 02:59:46 +07:00
b69d65fe7b
🔨 Update matchers using regexes
2020-10-16 02:58:54 +07:00
9bd306ab3f
matcher updates
2020-10-16 00:20:10 +05:30
53c239b645
✏️ Escaping dots in patterns
2020-10-15 18:21:25 +07:00
31c8d723c1
🔥 Update methods & matchers for CVE-2020-16952
2020-10-15 17:27:52 +07:00
dddb8e8a37
Merge pull request #562 from knassar702/new-branch
...
Neon Dashboard - XSS Reflected (CVE-2019-20141)
2020-10-15 00:17:02 +05:30
431a56847b
Merge pull request #561 from dwisiswant0/add/CVE-2020-16952
...
Add CVE-2020-16952
2020-10-15 00:13:44 +05:30
f4ba565b50
Neon Dashboard - XSS Reflected (CVE-2019-20141)
2020-10-14 15:39:46 +00:00
18bdf7f9d1
🔥 Add CVE-2020-16952
2020-10-14 15:49:48 +07:00
6a9f6cd3dc
Update CVE-2013-2251.yaml
2020-10-13 18:15:07 -04:00
78b652f2e8
add cve-2013-2251
2020-10-13 19:06:01 -03:00
e6c3ec08c4
Update CVE-2020-3452.yaml
...
Added another endpoint that's vulnerable to the same path traversal issue
2020-10-07 15:33:36 +05:30
a926f61ed2
Removing this for the time being
2020-10-04 11:54:28 +05:30
107d9b9dcc
Merge pull request #512 from dwisiswant0/add/CVE-2020-2034
...
Add CVE-2020-2034
2020-10-03 11:45:12 +05:30
41f64dfcf9
Merge pull request #533 from projectdiscovery/bp0lr/master
...
Bp0lr/master
2020-10-03 11:42:29 +05:30
a5840f0205
template update
2020-10-03 11:40:14 +05:30
b129f008f2
updates
2020-10-03 11:27:10 +05:30
32d42575f7
Create CVE-2019-8442.yaml
2020-10-03 01:20:52 +05:30
69d03e0d6f
Merge pull request #522 from swisskyrepo/swisskyrepo-shellshock
...
CVE-2014-6271 Shellshock
2020-10-02 23:11:14 +05:30
5254fb77af
Merge pull request #517 from dwisiswant0/add/CVE-2019-1653
...
Add CVE-2019-1653
2020-10-02 23:08:48 +05:30
365e93ec23
Merge pull request #518 from dwisiswant0/add/CVE-2019-15858
...
Add CVE-2019-15858
2020-10-02 23:07:51 +05:30
a5df22b9d6
Merge pull request #519 from dwisiswant0/add/CVE-2019-16920
...
Add CVE-2019-16920
2020-10-02 21:57:05 +05:30
729fc628f2
Merge pull request #516 from dwisiswant0/add/CVE-2020-12116
...
Add CVE-2020-12116
2020-10-02 03:15:53 +05:30
5a7d6dd30d
Merge pull request #515 from jaiswalakshansh/master
...
added cve-2019-9733.yaml
2020-10-02 03:00:00 +05:30
1acddaff20
Update CVE-2020-14181.yaml
2020-10-02 02:56:01 +05:30
91bd427d6e
Update cve-2019-9733.yaml
2020-10-02 02:49:18 +05:30
05df03474a
Merge pull request #514 from dwisiswant0/add/CVE-2020-9047
...
Add CVE-2020-9047
2020-10-02 02:39:20 +05:30
c739852f38
Merge pull request #513 from dwisiswant0/add/CVE-2020-2551
...
Add CVE-2020-2551
2020-10-02 02:38:10 +05:30
0849da5510
Merge pull request #511 from dwisiswant0/add/CVE-2018-1273
...
Add CVE-2018-1273
2020-10-02 02:23:20 +05:30
9f11563a7f
Update CVE-2020-14181.yaml
2020-10-02 00:23:53 +05:30
73b40d6dda
Update CVE-2014-6271.yaml
2020-10-01 20:45:00 +02:00
e669c6dc47
Fixing the YAMLint error for CVE-2014-6271
2020-10-01 20:28:37 +02:00
970a81c9eb
CVE-2014-6271 Shellshock
2020-10-01 20:03:35 +02:00
6959f3c1f9
🔥 Add CVE-2019-16920
2020-10-01 15:21:26 +07:00
cb639dd534
🔥 Add CVE-2019-15858
2020-10-01 15:02:00 +07:00
949a7bc910
add cve-2019-9733
2020-10-01 12:47:40 +05:30
43006913e1
🔥 Add CVE-2019-1653
2020-10-01 14:17:09 +07:00
5affe9c250
updated cve-2019-9733
2020-10-01 12:44:05 +05:30
ffecf7ccc0
cve-2019-9733
2020-10-01 12:38:30 +05:30
d91334f612
🔥 Add CVE-2020-12116
2020-10-01 13:55:32 +07:00
02cffb6720
cve-2019-9733.yaml
2020-10-01 12:10:15 +05:30
d7fa08cb67
🔥 Add CVE-2020-9047
2020-10-01 13:36:19 +07:00
6d9ae2b147
✏️ Update part matchers
2020-10-01 13:12:30 +07:00
005fde3835
✏️ Update severity
2020-10-01 13:11:28 +07:00
fc14cc2a6c
🔥 Add CVE-2020-2551
2020-10-01 13:10:28 +07:00
0710cbe9ad
🔨 Sort paths
2020-10-01 12:39:33 +07:00
1a6c98f2c5
🔥 Add CVE-2020-2034
2020-10-01 12:37:52 +07:00
a488f75bb1
🔥 Add CVE-2018-1273
2020-10-01 09:28:22 +07:00
fd8fce4308
1st version
2020-09-30 23:36:12 +03:00
5488ef6104
adding another matcher
2020-09-30 20:14:12 +05:30
f273d2e6c5
Added CVE-2020-24312
2020-09-30 16:30:06 +02:00
0153333b9b
template update
2020-09-29 22:56:43 +05:30
fadb29e379
Merge pull request #503 from joeldeleep/master
...
cve-2020-0618
2020-09-29 01:03:47 +05:30
9c592e45fd
Update cve-2020-0618.yaml
2020-09-29 01:02:19 +05:30
25a04ef0cf
Update cve-2020-0618.yaml
2020-09-28 07:31:06 +05:30
13a3ee21f2
Delete CVE-2020-13379.yaml
2020-09-28 07:27:02 +05:30
2f7c40d80d
Create cve-2020-0618.yaml
...
The template only scans for the respective vulnerable url , it has to be manually verified .
2020-09-28 07:22:37 +05:30
0aee5a9715
remvoing cve-2017-7529
...
This can be precisely checked only when Nginx version is known, otherwise it will produce false positives results, as such removing this template for the time being.
2020-09-27 15:41:50 +05:30
a2d60bbd1e
Removing cve-2020-13379
2020-09-27 13:59:33 +05:30
e53c03ab60
Update CVE-2020-13379.yaml
2020-09-27 12:49:42 +05:30
aa50c7370d
Update CVE-2020-13379.yaml
2020-09-27 12:44:17 +05:30
f83e33f78f
Update CVE-2020-13379.yaml
2020-09-27 12:37:03 +05:30
3da6c533f0
Update CVE-2020-13379.yaml
...
The old matching using status code 502 returned false positive when the endpoint is already having a bad gateway. Going through the report here
https://hackerone.com/reports/878779 and video https://www.youtube.com/watch?v=NWHOmYbLrZ0 , the path has been rewritten and matched with respective image/jpeg as explained in the poc
2020-09-27 11:58:57 +05:30
624bb0316a
🔥 Add CVE-2017-11444
2020-09-26 08:05:00 +07:00
0922fb623e
added CVE-2019-15107
2020-09-25 09:30:58 -03:00
ecddef3d6c
added cve-2019-15107
2020-09-25 09:23:29 -03:00
bee3e3839e
added cve-2019-15107
2020-09-25 09:20:52 -03:00
114f83abc4
add CVE-2017-7615
2020-09-24 15:34:36 -03:00
c89904cc14
Update CVE-2020-14179.yaml
2020-09-24 23:32:55 +05:30
23e5970714
Merge pull request #486 from dwisiswant0/add/CVE-2018-17431
...
Add CVE-2018-17431
2020-09-22 21:36:51 +05:30
ecc56a5140
matchers updates
2020-09-22 21:33:17 +05:30
76971fcea7
Added CVE-2020-14179
2020-09-22 17:44:12 +02:00
3740c58965
🔥 Add CVE-2018-17431
2020-09-22 21:41:13 +07:00
faf6b488a5
matcher update
2020-09-18 20:28:38 +05:30
cd8699a104
Update CVE-2019-6715.yaml
2020-09-17 22:09:30 +05:30
5657004705
Update CVE-2019-6715.yaml
2020-09-17 16:51:35 +01:00
296e18768b
Create CVE-2019-6715.yaml
2020-09-17 15:59:14 +01:00
5dc45f1fb1
Fix typo in cve-2019-14696.yaml and cve-2020-24223
2020-09-17 17:58:51 +08:00
048ab54a98
Update CVE-2020-25540.yaml
2020-09-16 23:54:38 +05:30
9ff599c333
Update CVE-2020-25540.yaml
2020-09-16 18:20:43 +00:00
74a88ab411
Create CVE-2020-25540.yaml
...
This is for testing against a Linux host as per https://www.exploit-db.com/exploits/48812 . If someone else wants to update this to add the check for Windows, that would be swell.
2020-09-16 18:17:57 +00:00
beed4568eb
Merge pull request #473 from CasperGN/fix-cve-2020-15920
...
Correcting endpoint to contain /PDC/ajaxreq.php?
2020-09-16 23:03:45 +05:30
63c0a78fc8
Correcting endpoint to contain /PDC/ajaxreq.php?
...
Signed-off-by: Casper Guldbech Nielsen <whopsec@protonmail.com>
2020-09-16 19:02:49 +02:00
ffef121561
Normalized id fields to match schema regex
2020-09-16 00:55:55 +05:30
e8ef3b5759
Merge pull request #461 from dwisiswant0/add/CVE-2020-15129
...
Add CVE-2020-15129
2020-09-15 19:45:59 +05:30
fa570b5560
✏️ Add reference
2020-09-15 00:40:03 +07:00
19f9e5842a
🔨 Update status matcher
2020-09-15 00:39:24 +07:00
e0f4437cdd
🔥 Add CVE-2020-15129
2020-09-15 00:31:40 +07:00
f7d2851490
✏️ Add descriptions
2020-09-14 14:26:39 +07:00
66f1789690
⬇️ Delete payloads
2020-09-14 14:26:11 +07:00
4c29679877
✏️ Update name
2020-09-14 14:25:01 +07:00
5fb87d81a2
🔥 Add CVE-2020-15505
2020-09-14 14:23:20 +07:00
118df25b44
Create CVE-2019-16662.yaml
2020-09-11 13:25:48 +00:00
a1d9be6097
Update CVE-2018-16763.yaml
2020-09-11 16:20:03 +05:30
73572d26de
Update CVE-2020-16139.yaml
2020-09-10 12:45:32 +00:00
459bdf6922
Cisco 7937G Denial-of-Service Reboot Attack 🔥
2020-09-10 07:32:07 +00:00
1110db2ad4
🔨 Add matchers condition
2020-09-10 01:44:26 +07:00
90de2070c4
Merge pull request #434 from CasperGN/master
...
More templates to Lotus Domino + workflow to bind them together
2020-09-09 22:40:33 +05:30
ad3bab450d
Based on metasploit regex
...
Signed-off-by: Casper Guldbech Nielsen <whopsec@protonmail.com>
2020-09-09 19:08:23 +02:00
e984f1466f
Adding word matcher which mimics public PoC exploits
...
Signed-off-by: Casper Guldbech Nielsen <whopsec@protonmail.com>
2020-09-09 16:53:16 +02:00
5f452f2969
And the last file
...
Signed-off-by: Casper Guldbech Nielsen <whopsec@protonmail.com>
2020-09-09 10:38:32 +02:00
7cf712bd49
Inclusion of stage- 1 detection of the old hashdump vuln.
...
Signed-off-by: Casper Guldbech Nielsen <whopsec@protonmail.com>
2020-09-09 10:11:50 +02:00
061c4e5c1f
Create CVE-2018-19386.yaml
2020-09-09 01:45:42 +00:00
0d0cb8c225
Fixed some spaces
2020-09-07 15:07:46 +02:00
7dcba733f0
Removed original code
2020-09-07 15:07:13 +02:00
1ba5ba68af
Moved some spaces
2020-09-07 15:06:14 +02:00
dd3ce36a87
Fix CVE-2017-7529.yaml matcher
...
Submit a fix to resolve the issue
https://github.com/projectdiscovery/nuclei-templates/issues/424 .
2020-09-07 15:04:58 +02:00
23e88269bb
Update CVE-2018-16763.yaml
2020-09-07 00:47:19 +00:00
28d50c311f
Merge pull request #422 from pikpikcu/patch-18
...
Add CVE-2018-16763 fuelCMS 1.4.1 - Remote Code Execution
2020-09-07 02:28:38 +05:30
f9ee82f180
Update CVE-2018-16763.yaml
2020-09-07 02:25:49 +05:30
a2fe4e9932
few updates
2020-09-07 02:22:50 +05:30
33643990de
Create CVE-2018-16763.yaml
2020-09-06 17:22:32 +00:00
3a624136d4
Update CVE-2019-7256.yaml
2020-09-06 12:06:45 +00:00
06c45b8a8d
Create CVE-2019-7256.yaml
2020-09-06 11:55:23 +00:00
cb5d5b9f0d
Update CVE-2019-1010287.yaml
2020-09-05 13:10:46 +05:30
6d67bb8d7b
Merge pull request #416 from pikpikcu/patch-15
...
Add CVE-2019-12593 IIceWarp <=10.4.4 - Local File Inclusion
2020-09-05 12:42:58 +05:30
3839c683f4
Update CVE-2019-12593.yaml
2020-09-05 12:41:21 +05:30
02a46f245e
Update CVE-2019-12593.yaml
2020-09-05 07:00:51 +00:00
4d4ff8073c
Update CVE-2019-12593.yaml
2020-09-05 07:00:15 +00:00
651396a50b
Merge pull request #413 from geeknik/patch-4
...
Create sql-dump.yaml
2020-09-05 12:28:38 +05:30
148bb16fa7
Update CVE-2020-11034.yaml
2020-09-05 12:27:56 +05:30
d0b755c0e3
Create CVE-2019-12593.yaml
2020-09-05 06:49:58 +00:00
798dbf01a4
Merge pull request #412 from geeknik/patch-2
...
Create CVE-2019-11043.yaml
2020-09-05 12:18:04 +05:30
4450dec23c
Merge pull request #410 from pikpikcu/patch-13
...
Add CVE-2019-14696 Open-Scool 3.0 - Cross Site Scripting
2020-09-05 12:11:01 +05:30
4b828d3a06
Update CVE-2019-14696.yaml
2020-09-05 12:10:16 +05:30
a5da5abd03
Merge pull request #409 from dwisiswant0/tpl/magmi-multiple-vulns
...
Add Magmi Multiple Vulnerabilities
2020-09-05 12:07:14 +05:30
6dd5f429d9
updates
2020-09-05 12:04:18 +05:30
bauthard
Sandor Toth
Dwi Siswanto
mohammedshine
Casper Guldbech Nielsen
palaziv
SaN ThosH
Khaled Nassar
Jonatas Fil
Vidhun K
sillydadddy
Swissky
akshansh
bjhulst
x1m
joeldeleep
bp0lr
root
Robbie
Adam Jordan
Geeknik Labs
Ice3man543
PikPikcU
toufik-airane