Commit Graph

4256 Commits (90d144f2c92940faa57f9d9c7ba57d89c843987f)

Author SHA1 Message Date
MostInterestingBotInTheWorld a24ef794b7
Dashboard Content Enhancements (#4031)
Dashboard Content Enhancements
2022-04-07 09:53:15 -04:00
sullo becdd7810b
Cleanup Joomla! Jvehicles template (#3983)
* Cleanup Joomla! Jvehicles template since it was labeled as SQLi but had a test for LFI
Create new template for the Jvehicles LFI

* Fix id

* path update

* Delete CVE-2010-1873.yaml

temporarily removing as it doesn't contain the exact matchers.

Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
2022-04-06 17:21:08 +05:30
GitHub Action 83dae0cac1 Auto Generated CVE annotations [Wed Apr 6 04:33:20 UTC 2022] 🤖 2022-04-06 04:33:20 +00:00
Prince Chaddha a0e7094664
Update CVE-2021-24746.yaml 2022-04-06 09:55:48 +05:30
Prince Chaddha 68f4159393
Create CVE-2021-24746.yaml 2022-04-06 09:36:53 +05:30
Prince Chaddha 21a73f490c Update CVE-2021-24746.yaml 2022-04-06 09:35:04 +05:30
GitHub Action 9045a7bd9c Auto Generated CVE annotations [Wed Apr 6 04:01:51 UTC 2022] 🤖 2022-04-06 04:01:51 +00:00
Prince Chaddha 90a085d0e3
Merge pull request #4033 from projectdiscovery/CVE-2021-24746
Create CVE-2021-24746.yaml
2022-04-06 09:31:28 +05:30
Prince Chaddha d834c6aef3
Merge pull request #4052 from Akokonunes/patch-135
Create CVE-2017-1000029.yaml
2022-04-05 23:29:09 +05:30
Prince Chaddha f0af9a04b6
Update CVE-2021-24746.yaml 2022-04-05 23:28:52 +05:30
Prince Chaddha 0f8598a14c
Update and rename CVE-2017-1000029.yaml to cves/2017/CVE-2017-1000029.yaml 2022-04-05 22:54:06 +05:30
sandeep 7d195c9984 Added POST method support to CVE-2022-22965 detection 2022-04-05 22:38:34 +05:30
GitHub Action 15575ec82e Auto Generated CVE annotations [Tue Apr 5 13:17:39 UTC 2022] 🤖 2022-04-05 13:17:39 +00:00
Ritik Chaddha 34a2dca9e6
Update CVE-2019-11248.yaml (#4056)
* Update CVE-2019-11248.yaml

* misc fixes

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-04-05 18:47:15 +05:30
Prince Chaddha 18cfd2f11b
Merge pull request #4039 from gy741/rule-add-v104
Create CVE-2018-10562.yaml
2022-04-05 12:40:58 +05:30
Prince Chaddha 66a27e4da0
Update CVE-2018-10562.yaml 2022-04-05 12:18:20 +05:30
Prince Chaddha 02a1d0ce06
Update CVE-2018-10562.yaml 2022-04-05 12:13:12 +05:30
Prince Chaddha 77e61ae45e
Merge pull request #4042 from gy741/rule-add-v105
Create CVE-2021-26598.yaml
2022-04-05 00:14:57 +05:30
Prince Chaddha 3586ec841c
Update CVE-2021-26598.yaml 2022-04-05 00:13:18 +05:30
Prince Chaddha c9e108c7db
Update CVE-2021-26598.yaml 2022-04-04 23:57:11 +05:30
Sandeep Singh d633c2db45
Updated intrusive detection with HTTP OOB interaction (#4028) 2022-04-04 19:58:38 +05:30
Prince Chaddha 1890296f31
Merge pull request #4046 from Akokonunes/patch-134
Create CVE-2020-27191.yaml
2022-04-04 18:13:11 +05:30
Prince Chaddha 963742768a
Update and rename CVE-2020-27191.yaml to cves/2020/CVE-2020-27191.yaml 2022-04-04 18:08:30 +05:30
Rodrigo Schio 4d690358ae
fix match and extractors regexes (#4040) 2022-04-04 18:08:25 +05:30
GwanYeong Kim 1e374c7482 Create CVE-2021-26598.yaml
ImpressCMS before 1.4.3 has Incorrect Access Control because include/findusers.php allows access by unauthenticated attackers (who are, by design, able to have a security token).

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2022-04-03 11:23:45 +09:00
GwanYeong Kim 21a3ce4f12 Create CVE-2018-10562.yaml
An issue was discovered on Dasan GPON home routers. Command Injection can occur via the dest_host parameter in a diag_action=ping request to a GponForm/diag_Form URI. Because the router saves ping results in /tmp and transmits them to the user when the user revisits /diag.html, it's quite simple to execute commands and retrieve their output.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2022-04-02 23:56:35 +09:00
Prince Chaddha c1a7f2398c
Create CVE-2021-24746.yaml 2022-04-02 16:15:26 +05:30
Prince Chaddha a0b190434f
Merge pull request #4021 from rschio/CVE-2021-44103
Create CVE-2021-44103
2022-04-02 16:11:00 +05:30
GitHub Action 9a769040d7 Auto Generated CVE annotations [Sat Apr 2 10:37:27 UTC 2022] 🤖 2022-04-02 10:37:27 +00:00
Prince Chaddha ef88c6b170
Merge pull request #4007 from pikpikcu/patch-328
Create CVE-2022-23881
2022-04-02 15:58:08 +05:30
Prince Chaddha 58cb6dfdcf
Update CVE-2022-23881.yaml 2022-04-02 15:55:31 +05:30
Prince Chaddha 14d40fdb50
Update CVE-2021-44103.yaml 2022-04-02 14:47:22 +05:30
Prince Chaddha d3c4313f64
Update CVE-2021-44103.yaml 2022-04-02 14:39:25 +05:30
GitHub Action 5e128f2c52 Auto Generated CVE annotations [Sat Apr 2 07:59:47 UTC 2022] 🤖 2022-04-02 07:59:47 +00:00
Prince Chaddha 1e011d6442
Merge pull request #4023 from Akokonunes/patch-133
Create CVE-2021-28377.yaml
2022-04-02 13:29:30 +05:30
Prince Chaddha 930ed5e321
Update and rename CVE-2021-28377.yaml to cves/2017/CVE-2021-28377.yaml 2022-04-02 13:23:16 +05:30
rschio da4c4dde5d remove trailing spaces 2022-04-01 12:53:54 -04:00
Sandeep Singh dd0cdb1385
Added CVE-2022-22965 - Spring Framework RCE via Data Binding on JDK 9+ (Spring4Shell) (#4024) 2022-04-01 17:13:45 +05:30
Sandeep Singh a6a4d78065
Added CVE-2021-46387 (#4022) 2022-04-01 15:13:57 +05:30
MostInterestingBotInTheWorld 6ddfbac2b4
Dashboard Content Enhancement (#4020)
* Enhancement: cnvd/2021/CNVD-2021-15822.yaml by mp

* Enhancement: exposed-panels/apache/tomcat-pathnormalization.yaml by mp

* Enhancement: cves/2021/CVE-2021-40542.yaml by mp

* Enhancement: misconfiguration/horde-unauthenticated.yaml by mp

* Enhancement: misconfiguration/horde-unauthenticated.yaml by mp

* Enhancement: misconfiguration/horde-unauthenticated.yaml by mp

* Enhancement: cves/2021/CVE-2021-40542.yaml by mp

* Enhancement: exposed-panels/apiman-panel.yaml by mp

* Enhancement: cves/2010/CVE-2010-1873.yaml by mp

* Enhancement: exposed-panels/arcgis/arcgis-panel.yaml by mp

* Enhancement: exposed-panels/arcgis/arcgis-rest-api.yaml by mp

* Enhancement: exposed-panels/argocd-login.yaml by mp

* Enhancement: exposed-panels/atlassian-crowd-panel.yaml by mp

* Enhancement: exposed-panels/atvise-login.yaml by mp

* Enhancement: exposed-panels/avantfax-panel.yaml by mp

* Enhancement: exposed-panels/avatier-password-management.yaml by mp

* Enhancement: exposed-panels/axigen-webadmin.yaml by mp

* Enhancement: exposed-panels/axigen-webmail.yaml by mp

* Enhancement: exposed-panels/azkaban-web-client.yaml by mp

* Enhancement: exposed-panels/acunetix-panel.yaml by mp

* Enhancement: exposed-panels/adiscon-loganalyzer.yaml by mp

* Enhancement: exposed-panels/adminer-panel.yaml by mp

* Enhancement: cves/2010/CVE-2010-1870.yaml by mp

* Enhancement: exposed-panels/adminset-panel.yaml by mp

* Enhancement: exposed-panels/adobe/adobe-component-login.yaml by mp

* Enhancement: exposed-panels/adobe/adobe-connect-central-login.yaml by mp

* Enhancement: exposed-panels/adobe/adobe-experience-manager-login.yaml by mp

* Enhancement: exposed-panels/adobe/adobe-media-server.yaml by mp

* Enhancement: exposed-panels/advance-setup.yaml by mp

* Enhancement: exposed-panels/aerohive-netconfig-ui.yaml by mp

* Enhancement: exposed-panels/aims-password-mgmt-client.yaml by mp

* Enhancement: exposed-panels/aims-password-mgmt-client.yaml by mp

* Enhancement: exposed-panels/aims-password-portal.yaml by mp

* Enhancement: exposed-panels/airflow-panel.yaml by mp

* Enhancement: exposed-panels/airflow-panel.yaml by mp

* spacing issues

* Spacing

* HTML codes improperly interpreted
Relocate horde-unauthenticated.yaml to CVE-2005-3344.yaml

* Relocate horde-unauthenticated.yaml to CVE-2005-3344.yaml

* Enhancement: technologies/waf-detect.yaml by mp

* Enhancement: vulnerabilities/wordpress/wordpress-wpcourses-info-disclosure.yaml by mp

* Enhancement: vulnerabilities/wordpress/wordpress-wpcourses-info-disclosure.yaml by mp

* Enhancement: network/sap-router-info-leak.yaml by mp

* Enhancement: vulnerabilities/wordpress/wordpress-wpcourses-info-disclosure.yaml by mp

* Enhancement: network/sap-router-info-leak.yaml by mp

* Enhancement: network/exposed-adb.yaml by mp

* Enhancement: vulnerabilities/vmware/vrealize-operations-log4j-rce.yaml by mp

* Enhancement: vulnerabilities/vmware/vrealize-operations-log4j-rce.yaml by mp

* Enhancement: vulnerabilities/vmware/vrealize-operations-log4j-rce.yaml by mp

* Enhancement: vulnerabilities/vmware/vrealize-operations-log4j-rce.yaml by mp

* Enhancement: vulnerabilities/wordpress/wordpress-woocommerce-sqli.yaml by mp

* Enhancement: exposures/tokens/digitalocean/tugboat-config-exposure.yaml by mp

* Enhancement: exposed-panels/concrete5/concrete5-install.yaml by mp

* Enhancement: vulnerabilities/wordpress/wordpress-infinitewp-auth-bypass.yaml by mp

* indentation issue

* Character encoding issue fix

* Enhancement: default-logins/alibaba/canal-default-login.yaml by mp

* Enhancement: default-logins/alphaweb/alphaweb-default-login.yaml by mp

* Enhancement: default-logins/ambari/ambari-default-login.yaml by mp

* Enhancement: default-logins/apache/airflow-default-login.yaml by mp

* Enhancement: default-logins/apache/apisix-default-login.yaml by mp

* Enhancement: default-logins/apollo/apollo-default-login.yaml by mp

* Enhancement: default-logins/arl/arl-default-login.yaml by mp

* Enhancement: default-logins/digitalrebar/digitalrebar-default-login.yaml by mp

* Enhancement: default-logins/mantisbt/mantisbt-default-credential.yaml by mp

* Enhancement: default-logins/stackstorm/stackstorm-default-login.yaml by mp

* Enhancement: dns/caa-fingerprint.yaml by mp

* Enhancement: exposed-panels/active-admin-exposure.yaml by mp

* Enhancement: exposed-panels/activemq-panel.yaml by mp

* Enhancement: default-logins/ambari/ambari-default-login.yaml by mp

* Restore & stomped by dashboard

* Enhancement: cves/2010/CVE-2010-1653.yaml by mp

* Enhancement: cves/2021/CVE-2021-38751.yaml by mp

* Enhancement: cves/2021/CVE-2021-39320.yaml by mp

* Enhancement: cves/2021/CVE-2021-39322.yaml by mp

* Enhancement: cves/2021/CVE-2021-39327.yaml by mp

* Enhancement: cves/2021/CVE-2021-39350.yaml by mp

* Enhancement: cves/2021/CVE-2021-39433.yaml by mp

* Enhancement: cves/2021/CVE-2021-41192.yaml by mp

* Enhancement: cnvd/2021/CNVD-2021-15824.yaml by mp

* Enhancement: exposed-panels/ansible-semaphore-panel.yaml by mp

* Enhancement: exposed-panels/aviatrix-panel.yaml by mp

* Enhancement: cves/2022/CVE-2022-24288.yaml by mp

* Enhancement: cves/2022/CVE-2022-24990.yaml by mp

* Enhancement: cves/2022/CVE-2022-26159.yaml by mp

* Enhancement: default-logins/aem/aem-default-login.yaml by mp

* Enhancement: exposed-panels/blue-iris-login.yaml by mp

* Enhancement: exposed-panels/bigbluebutton-login.yaml by mp

* Enhancement: cves/2022/CVE-2022-24288.yaml by mp

* Enhancement: cves/2022/CVE-2022-24990.yaml by mp

* Enhancement: cves/2022/CVE-2022-26159.yaml by mp

* Enhancement: default-logins/aem/aem-default-login.yaml by mp

* Spacing issues
Add cve-id field

* fix & stomping

* Enhancement: cves/2016/CVE-2016-1000141.yaml by mp

* Enhancement: cves/2020/CVE-2020-24912.yaml by mp

* Enhancement: cves/2021/CVE-2021-35265.yaml by mp

* Enhancement: cves/2022/CVE-2022-0437.yaml by mp

* Enhancement: cves/2010/CVE-2010-1601.yaml by mp

* Enhancement: technologies/teradici-pcoip.yaml by mp

* Enhancement: vulnerabilities/other/unauth-hoteldruid-panel.yaml by mp

* Enhancement: cves/2010/CVE-2010-1475.yaml by mp

* Enhancement: cves/2010/CVE-2010-1535.yaml by mp

* Enhancement: exposed-panels/epson-web-control-detect.yaml by mp

* Enhancement: exposed-panels/epson-access-detect.yaml by mp

* Enhancement: cves/2020/CVE-2020-29453.yaml by mp

* Fix spacing

* Remove empty cve lines and relocate tags

* Remove blank cve lines & move tags

* Fix merge errors

* Enhancement: cves/2020/CVE-2020-21224.yaml by mp

* Enhancement: cves/2020/CVE-2020-24148.yaml by mp

* Enhancement: cves/2020/CVE-2020-24391.yaml by mp

* Enhancement: cves/2020/CVE-2020-24589.yaml by mp

* Enhancement: cves/2020/CVE-2020-25213.yaml by mp

* Enhancement: cves/2020/CVE-2020-25223.yaml by mp

* Enhancement: cves/2020/CVE-2020-25506.yaml by mp

* Enhancement: cves/2020/CVE-2020-2551.yaml by mp

* Enhancement: cves/2020/CVE-2020-28871.yaml by mp

* Enhancement: cves/2020/CVE-2020-28188.yaml by mp

* Enhancement: cves/2020/CVE-2020-26948.yaml by mp

* Enhancement: cves/2020/CVE-2020-26919.yaml by mp

* Enhancement: cves/2020/CVE-2020-26214.yaml by mp

* Enhancement: cves/2020/CVE-2020-25223.yaml by mp

* Enhancement: cves/2020/CVE-2020-21224.yaml by mp

* Enhancement: cves/2020/CVE-2020-24148.yaml by mp

* Enhancement: cves/2020/CVE-2020-24186.yaml by mp

* Enhancement: cves/2020/CVE-2020-24186.yaml by mp

* Enhancement: cves/2020/CVE-2020-24391.yaml by mp

* Enhancement: cves/2020/CVE-2020-24589.yaml by mp

* Enhancement: cves/2020/CVE-2020-25213.yaml by mp

* Enhancement: cves/2020/CVE-2020-25223.yaml by mp

* Enhancement: cves/2020/CVE-2020-25506.yaml by mp

* Enhancement: cves/2020/CVE-2020-28871.yaml by mp

* Enhancement: cves/2020/CVE-2020-28188.yaml by mp

* Enhancement: cves/2020/CVE-2020-26948.yaml by mp

* Enhancement: cves/2020/CVE-2020-26919.yaml by mp

* Enhancement: cves/2020/CVE-2020-26214.yaml by mp

* Syntax cleanup

* Enhancement: cves/2021/CVE-2021-38647.yaml by mp

* Syntax and a title change

* Enhancement: cves/2021/CVE-2021-38702.yaml by mp

* Fix references

* Enhancement: cves/2021/CVE-2021-38704.yaml by mp

* Enhancement: cves/2021/CVE-2021-41691.yaml by mp

* Enhancement: cves/2021/CVE-2021-41691.yaml by mp

* Enhancement: cves/2021/CVE-2021-41691.yaml by mp

* Enhancement: cves/2021/CVE-2021-44529.yaml by mp

* Conflicts resolved

* Fix quoting

* Enhancement: cves/2021/CVE-2021-45967.yaml by mp

* Enhancement: cves/2022/CVE-2022-0189.yaml by mp

* Enhancement: cves/2022/CVE-2022-0189.yaml by mp

* Enhancement: cves/2022/CVE-2022-23779.yaml by mp

* Enhancement: default-logins/apache/dolphinscheduler-default-login.yaml by mp

* Enhancement: default-logins/cobbler/hue-default-credential.yaml by mp

* Enhancement: default-logins/emqx/emqx-default-login.yaml by mp

* Enhancement: default-logins/geoserver/geoserver-default-login.yaml by mp

* Enhancement: cves/2021/CVE-2021-38647.yaml by mp

* Enhancement: cves/2021/CVE-2021-41691.yaml by mp

* Enhancement: cves/2021/CVE-2021-45967.yaml by mp

* Enhancement: cves/2022/CVE-2022-0189.yaml by mp

* Enhancement: cnvd/2021/CNVD-2021-14536.yaml by mp

* Enhancement: default-logins/apache/dolphinscheduler-default-login.yaml by mp

* Enhancement: default-logins/geoserver/geoserver-default-login.yaml by mp

* Update CVE-2020-25223.yaml

* Update CVE-2020-26214.yaml

* Update CVE-2020-25506.yaml

* Update CVE-2020-2551.yaml

* Update CVE-2020-26919.yaml

* Update CVE-2021-44529.yaml

* Update CVE-2020-28871.yaml

* Update CVE-2020-28188.yaml

* Update CVE-2021-45967.yaml

* Update hue-default-credential.yaml

* Update CVE-2021-44529.yaml

* misc syntax update

* Syntax  restore some characters

* Spacing

* Enhancement: vulnerabilities/wordpress/hide-security-enhancer-lfi.yaml by mp

* Enhancement: vulnerabilities/wordpress/issuu-panel-lfi.yaml by mp

* Enhancement: cves/2019/CVE-2019-10068.yaml by mp

* Enhancement: cves/2019/CVE-2019-10232.yaml by mp

* Enhancement: cves/2019/CVE-2019-10758.yaml by mp

* Enhancement: cves/2019/CVE-2019-11510.yaml by mp

* Enhancement: cves/2019/CVE-2019-11580.yaml by mp

* Enhancement: cves/2019/CVE-2019-11581.yaml by mp

* Enhancement: cves/2019/CVE-2019-12314.yaml by mp

* Enhancement: cves/2019/CVE-2019-13101.yaml by mp

* Link wrapping issue

* Enhancement: cves/2019/CVE-2019-13462.yaml by mp

* Enhancement: cves/2019/CVE-2019-15107.yaml by mp

* Enhancement: cves/2019/CVE-2019-15859.yaml by mp

* Enhancement: cves/2019/CVE-2019-16759.yaml by mp

* Enhancement: cves/2019/CVE-2019-16662.yaml by mp

* Enhancement: cves/2019/CVE-2019-16278.yaml by mp

* Enhancement: cves/2019/CVE-2019-10232.yaml by mp

* Enhancement: cves/2019/CVE-2019-10758.yaml by mp

* Enhancement: cves/2019/CVE-2019-11510.yaml by mp

* Enhancement: cves/2019/CVE-2019-12725.yaml by mp

* Enhancement: cves/2019/CVE-2019-13101.yaml by mp

* Enhancement: cves/2019/CVE-2019-15107.yaml by mp

* Enhancement: cves/2019/CVE-2019-15859.yaml by mp

* Enhancement: cves/2019/CVE-2019-16662.yaml by mp

* Enhancement: cnvd/2021/CNVD-2021-10543.yaml by cs

* Enhancement: cves/2021/CVE-2021-33807.yaml by mp

* Enhancement: cves/2010/CVE-2010-0943.yaml by mp

* Enhancement: cves/2008/CVE-2008-6172.yaml by mp

* Enhancement: vulnerabilities/simplecrm/simple-crm-sql-injection.yaml by mp

* Enhancement: vulnerabilities/oracle/oracle-siebel-xss.yaml by mp

* Enhancement: cves/2010/CVE-2010-1602.yaml by mp

* Enhancement: cves/2010/CVE-2010-1474.yaml by mp

* Enhancement: network/cisco-smi-exposure.yaml by mp

* Enhancement: cves/2021/CVE-2021-37704.yaml by mp

* Enhancement: vulnerabilities/other/microweber-xss.yaml by mp

* Enhancement: cves/2019/CVE-2019-16313.yaml by mp

* Enhancement: cves/2021/CVE-2021-3017.yaml by mp

* Enhancement: cves/2010/CVE-2010-1353.yaml by mp

* Enhancement: cves/2010/CVE-2010-5278.yaml by mp

* Enhancement: cves/2021/CVE-2021-37573.yaml by mp

* Enhancement: vulnerabilities/oracle/oracle-siebel-xss.yaml by mp

* Enhancement: cves/2010/CVE-2010-1602.yaml by mp

* Enhancement: cves/2010/CVE-2010-1474.yaml by mp

* Enhancement: vulnerabilities/other/microweber-xss.yaml by mp

* Enhancement: cves/2018/CVE-2018-11709.yaml by mp

* Enhancement: cves/2014/CVE-2014-2321.yaml by mp

* Enhancement: vulnerabilities/other/visual-tools-dvr-rce.yaml by mp

* Enhancement: vulnerabilities/other/visual-tools-dvr-rce.yaml by mp

* Manual enhancement

* Manual enhancement push due to dashboard failure

* Testing of dashboard accidentally commited to dashboard branch

* Spacing
Put some CVEs in the classification

* Add missing cve-id fields to templates in cve/

Co-authored-by: sullo <sullo@cirt.net>
Co-authored-by: Prince Chaddha <prince@projectdiscovery.io>
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-04-01 14:21:42 +05:30
rschio 32d9039f6b add CVE-2021-44103
Konga versions <= 0.14.9 are vulnerable to privilege escalation. It is
possible to update a user and change the admin parameter to true.
2022-04-01 03:39:18 -04:00
xvnpw 001c10644f
Update CVE-2022-24990.yaml (#4016)
* Update CVE-2022-24990.yaml

Removed https://nvd.nist.gov/vuln/detail/CVE-2022-23990. CVE-2022-23990 is not related to this template.

* Update CVE-2022-24990.yaml

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-04-01 02:09:11 +05:30
GitHub Action 074936d227 Auto Generated CVE annotations [Thu Mar 31 19:40:33 UTC 2022] 🤖 2022-03-31 19:40:33 +00:00
Adam Crosser 235ba94b41
Nuclei Template for Adminer SSRF Issue (CVE-2021-21311) (#4019)
* Updated CVE-2022-22963

* Added CVE-2021-21311 Template

* Added Shodan Query

* Updated Title

* misc update

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-04-01 01:10:06 +05:30
Adam Crosser 2686307a64
Updated CVE-2022-22963 (#4011) 2022-03-31 00:39:28 +05:30
sandeep 754ba8574e Added stop-at-first-match 2022-03-30 15:19:04 +05:30
sandeep b06d02b2fe template id update 2022-03-30 15:16:52 +05:30
Geekby bec0912a2a
Create CVE-2022-26148.yaml (#4008)
* Create CVE-2022-26148.yaml

Add CVE-2022-26188

* updated matchers + extractors

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-03-30 13:49:34 +05:30
PikPikcU ae32c73ffa
Create CVE-2022-23881.yaml 2022-03-29 19:41:01 -04:00
MostInterestingBotInTheWorld 13bfc8ff57
Dashboard Content Enhancements (#3998)
* Enhancement: dns/ec2-detection.yaml by mp

* Add CVSS/CWE

* Trailing space

* Linting error on comment indentation

* Typo

* Enhancement: dns/elasticbeantalk-takeover.yaml by mp

* Enhancement: cves/2020/CVE-2020-23517.yaml by mp

* Enhancement: dns/elasticbeantalk-takeover.yaml by mp

* Enhancement: dns/mx-fingerprint.yaml by mp

* Enhancement: dns/mx-service-detector.yaml by mp

* Enhancement: dns/nameserver-fingerprint.yaml by mp

* Enhancement: dns/ptr-fingerprint.yaml by mp

* Enhancement: dns/servfail-refused-hosts.yaml by mp

* Enhancement: dns/spoofable-spf-records-ptr.yaml by mp

* Enhancement: dns/txt-fingerprint.yaml by mp

* Enhancement: dns/worksites-detection.yaml by mp

* Enhancement: exposed-panels/3g-wireless-gateway.yaml by mp

* Enhancement: exposed-panels/acemanager-login.yaml by mp

* Enhancement: exposed-panels/acrolinx-dashboard.yaml by mp

* Enhancement: dns/mx-fingerprint.yaml by mp

* Enhancement: dns/mx-service-detector.yaml by mp

* Enhancement: dns/ptr-fingerprint.yaml by mp

* Enhancement: dns/servfail-refused-hosts.yaml by mp

* Enhancement: dns/spoofable-spf-records-ptr.yaml by mp

* Enhancement: cves/2021/CVE-2021-39501.yaml by mp

* Enhancement: cves/2021/CVE-2021-40323.yaml by mp

* Enhancement: cves/2021/CVE-2021-40539.yaml by mp

* Enhancement: cves/2021/CVE-2021-40542.yaml by mp

* Enhancement: cves/2021/CVE-2021-40856.yaml by mp

* Enhancement: cves/2021/CVE-2021-40859.yaml by mp

* Enhancement: cves/2021/CVE-2021-40323.yaml by mp

* Enhancement: cves/2021/CVE-2021-40539.yaml by mp

* Enhancement: cves/2010/CVE-2010-1875.yaml by mp

* Enhancement: exposed-panels/aims-password-portal.yaml by mp

* Enhancement: exposed-panels/airflow-panel.yaml by mp

* Enhancement: exposed-panels/akamai-cloudtest.yaml by mp

* Enhancement: exposed-panels/alfresco-detect.yaml by mp

* Enhancement: exposed-panels/alienvault-usm.yaml by mp

* Enhancement: exposed-panels/ambari-exposure.yaml by mp

* Enhancement: exposed-panels/amcrest-login.yaml by mp

* Enhancement: exposed-panels/ametys-admin-login.yaml by mp

* Enhancement: exposed-panels/ametys-admin-login.yaml by mp

* Enhancement: exposed-panels/alienvault-usm.yaml by mp

* Enhancement: exposed-panels/airflow-panel.yaml by mp

* Enhancement: exposed-panels/aims-password-portal.yaml by mp

* Enhancement: exposed-panels/ambari-exposure.yaml by mp

* Enhancement: cnvd/2021/CNVD-2021-17369.yaml by mp

* Enhancement: exposed-panels/apache/public-tomcat-manager.yaml by mp

* Enhancement: exposed-panels/apache/apache-apisix-panel.yaml by mp

* Enhancement: exposed-panels/ansible-tower-exposure.yaml by mp

* Enhancement: exposed-panels/ampps-panel.yaml by mp

* Enhancement: exposed-panels/ampps-admin-panel.yaml by mp

* Enhancement: exposed-panels/ametys-admin-login.yaml by mp

* Enhancement: cves/2010/CVE-2010-1878.yaml by mp

* Fix encoded chars

* trailing space

* Enhancement: cnvd/2021/CNVD-2021-15822.yaml by mp

* Enhancement: cnvd/2021/CNVD-2021-15822.yaml by mp

* Enhancement: cnvd/2021/CNVD-2021-15822.yaml by mp

* Enhancement: exposed-panels/apache/tomcat-pathnormalization.yaml by mp

* Enhancement: cves/2021/CVE-2021-40542.yaml by mp

* Enhancement: misconfiguration/horde-unauthenticated.yaml by mp

* Enhancement: misconfiguration/horde-unauthenticated.yaml by mp

* Enhancement: misconfiguration/horde-unauthenticated.yaml by mp

* Enhancement: cves/2021/CVE-2021-40542.yaml by mp

* Enhancement: exposed-panels/apiman-panel.yaml by mp

* Enhancement: cves/2010/CVE-2010-1873.yaml by mp

* Enhancement: exposed-panels/arcgis/arcgis-panel.yaml by mp

* Enhancement: exposed-panels/arcgis/arcgis-rest-api.yaml by mp

* Enhancement: exposed-panels/argocd-login.yaml by mp

* Enhancement: exposed-panels/atlassian-crowd-panel.yaml by mp

* Enhancement: exposed-panels/atvise-login.yaml by mp

* Enhancement: exposed-panels/avantfax-panel.yaml by mp

* Enhancement: exposed-panels/avatier-password-management.yaml by mp

* Enhancement: exposed-panels/axigen-webadmin.yaml by mp

* Enhancement: exposed-panels/axigen-webmail.yaml by mp

* Enhancement: exposed-panels/azkaban-web-client.yaml by mp

* Enhancement: exposed-panels/acunetix-panel.yaml by mp

* Enhancement: exposed-panels/adiscon-loganalyzer.yaml by mp

* Enhancement: exposed-panels/adminer-panel.yaml by mp

* Enhancement: cves/2010/CVE-2010-1870.yaml by mp

* Enhancement: exposed-panels/adminset-panel.yaml by mp

* Enhancement: exposed-panels/adobe/adobe-component-login.yaml by mp

* Enhancement: exposed-panels/adobe/adobe-connect-central-login.yaml by mp

* Enhancement: exposed-panels/adobe/adobe-experience-manager-login.yaml by mp

* Enhancement: exposed-panels/adobe/adobe-media-server.yaml by mp

* Enhancement: exposed-panels/advance-setup.yaml by mp

* Enhancement: exposed-panels/aerohive-netconfig-ui.yaml by mp

* Enhancement: exposed-panels/aims-password-mgmt-client.yaml by mp

* Enhancement: exposed-panels/aims-password-mgmt-client.yaml by mp

* Enhancement: exposed-panels/aims-password-portal.yaml by mp

* Enhancement: exposed-panels/airflow-panel.yaml by mp

* Enhancement: exposed-panels/airflow-panel.yaml by mp

* spacing issues

* Spacing

* HTML codes improperly interpreted
Relocate horde-unauthenticated.yaml to CVE-2005-3344.yaml

* Relocate horde-unauthenticated.yaml to CVE-2005-3344.yaml

* Enhancement: technologies/waf-detect.yaml by mp

* Enhancement: vulnerabilities/wordpress/wordpress-wpcourses-info-disclosure.yaml by mp

* Enhancement: vulnerabilities/wordpress/wordpress-wpcourses-info-disclosure.yaml by mp

* Enhancement: network/sap-router-info-leak.yaml by mp

* Enhancement: vulnerabilities/wordpress/wordpress-wpcourses-info-disclosure.yaml by mp

* Enhancement: network/sap-router-info-leak.yaml by mp

* Enhancement: network/exposed-adb.yaml by mp

* Enhancement: vulnerabilities/vmware/vrealize-operations-log4j-rce.yaml by mp

* Enhancement: vulnerabilities/vmware/vrealize-operations-log4j-rce.yaml by mp

* Enhancement: vulnerabilities/vmware/vrealize-operations-log4j-rce.yaml by mp

* Enhancement: vulnerabilities/vmware/vrealize-operations-log4j-rce.yaml by mp

* Enhancement: vulnerabilities/wordpress/wordpress-woocommerce-sqli.yaml by mp

* Enhancement: exposures/tokens/digitalocean/tugboat-config-exposure.yaml by mp

* Enhancement: exposed-panels/concrete5/concrete5-install.yaml by mp

* Enhancement: vulnerabilities/wordpress/wordpress-infinitewp-auth-bypass.yaml by mp

* indentation issue

* Character encoding issue fix

* Enhancement: default-logins/alibaba/canal-default-login.yaml by mp

* Enhancement: default-logins/alphaweb/alphaweb-default-login.yaml by mp

* Enhancement: default-logins/ambari/ambari-default-login.yaml by mp

* Enhancement: default-logins/apache/airflow-default-login.yaml by mp

* Enhancement: default-logins/apache/apisix-default-login.yaml by mp

* Enhancement: default-logins/apollo/apollo-default-login.yaml by mp

* Enhancement: default-logins/arl/arl-default-login.yaml by mp

* Enhancement: default-logins/digitalrebar/digitalrebar-default-login.yaml by mp

* Enhancement: default-logins/mantisbt/mantisbt-default-credential.yaml by mp

* Enhancement: default-logins/stackstorm/stackstorm-default-login.yaml by mp

* Enhancement: dns/caa-fingerprint.yaml by mp

* Enhancement: exposed-panels/active-admin-exposure.yaml by mp

* Enhancement: exposed-panels/activemq-panel.yaml by mp

* Enhancement: default-logins/ambari/ambari-default-login.yaml by mp

* Restore & stomped by dashboard

* Enhancement: cves/2010/CVE-2010-1653.yaml by mp

* Enhancement: cves/2021/CVE-2021-38751.yaml by mp

* Enhancement: cves/2021/CVE-2021-39320.yaml by mp

* Enhancement: cves/2021/CVE-2021-39322.yaml by mp

* Enhancement: cves/2021/CVE-2021-39327.yaml by mp

* Enhancement: cves/2021/CVE-2021-39350.yaml by mp

* Enhancement: cves/2021/CVE-2021-39433.yaml by mp

* Enhancement: cves/2021/CVE-2021-41192.yaml by mp

* Enhancement: cnvd/2021/CNVD-2021-15824.yaml by mp

* Enhancement: exposed-panels/ansible-semaphore-panel.yaml by mp

* Enhancement: exposed-panels/aviatrix-panel.yaml by mp

* Enhancement: cves/2022/CVE-2022-24288.yaml by mp

* Enhancement: cves/2022/CVE-2022-24990.yaml by mp

* Enhancement: cves/2022/CVE-2022-26159.yaml by mp

* Enhancement: default-logins/aem/aem-default-login.yaml by mp

* Enhancement: exposed-panels/blue-iris-login.yaml by mp

* Enhancement: exposed-panels/bigbluebutton-login.yaml by mp

* Enhancement: cves/2022/CVE-2022-24288.yaml by mp

* Enhancement: cves/2022/CVE-2022-24990.yaml by mp

* Enhancement: cves/2022/CVE-2022-26159.yaml by mp

* Enhancement: default-logins/aem/aem-default-login.yaml by mp

* Spacing issues
Add cve-id field

* fix & stomping

* Enhancement: cves/2016/CVE-2016-1000141.yaml by mp

* Enhancement: cves/2020/CVE-2020-24912.yaml by mp

* Enhancement: cves/2021/CVE-2021-35265.yaml by mp

* Enhancement: cves/2022/CVE-2022-0437.yaml by mp

* Enhancement: cves/2010/CVE-2010-1601.yaml by mp

* Enhancement: technologies/teradici-pcoip.yaml by mp

* Enhancement: vulnerabilities/other/unauth-hoteldruid-panel.yaml by mp

* Enhancement: cves/2010/CVE-2010-1475.yaml by mp

* Enhancement: cves/2010/CVE-2010-1535.yaml by mp

* Enhancement: exposed-panels/epson-web-control-detect.yaml by mp

* Enhancement: exposed-panels/epson-access-detect.yaml by mp

* Enhancement: cves/2020/CVE-2020-29453.yaml by mp

* Fix spacing

* Remove empty cve lines and relocate tags

* Remove blank cve lines & move tags

* Fix merge errors

* Enhancement: cves/2020/CVE-2020-21224.yaml by mp

* Enhancement: cves/2020/CVE-2020-24148.yaml by mp

* Enhancement: cves/2020/CVE-2020-24391.yaml by mp

* Enhancement: cves/2020/CVE-2020-24589.yaml by mp

* Enhancement: cves/2020/CVE-2020-25213.yaml by mp

* Enhancement: cves/2020/CVE-2020-25223.yaml by mp

* Enhancement: cves/2020/CVE-2020-25506.yaml by mp

* Enhancement: cves/2020/CVE-2020-2551.yaml by mp

* Enhancement: cves/2020/CVE-2020-28871.yaml by mp

* Enhancement: cves/2020/CVE-2020-28188.yaml by mp

* Enhancement: cves/2020/CVE-2020-26948.yaml by mp

* Enhancement: cves/2020/CVE-2020-26919.yaml by mp

* Enhancement: cves/2020/CVE-2020-26214.yaml by mp

* Enhancement: cves/2020/CVE-2020-25223.yaml by mp

* Enhancement: cves/2020/CVE-2020-21224.yaml by mp

* Enhancement: cves/2020/CVE-2020-24148.yaml by mp

* Enhancement: cves/2020/CVE-2020-24186.yaml by mp

* Enhancement: cves/2020/CVE-2020-24186.yaml by mp

* Enhancement: cves/2020/CVE-2020-24391.yaml by mp

* Enhancement: cves/2020/CVE-2020-24589.yaml by mp

* Enhancement: cves/2020/CVE-2020-25213.yaml by mp

* Enhancement: cves/2020/CVE-2020-25223.yaml by mp

* Enhancement: cves/2020/CVE-2020-25506.yaml by mp

* Enhancement: cves/2020/CVE-2020-28871.yaml by mp

* Enhancement: cves/2020/CVE-2020-28188.yaml by mp

* Enhancement: cves/2020/CVE-2020-26948.yaml by mp

* Enhancement: cves/2020/CVE-2020-26919.yaml by mp

* Enhancement: cves/2020/CVE-2020-26214.yaml by mp

* Syntax cleanup

* Enhancement: cves/2021/CVE-2021-38647.yaml by mp

* Syntax and a title change

* Enhancement: cves/2021/CVE-2021-38702.yaml by mp

* Fix references

* Enhancement: cves/2021/CVE-2021-38704.yaml by mp

* Enhancement: cves/2021/CVE-2021-41691.yaml by mp

* Enhancement: cves/2021/CVE-2021-41691.yaml by mp

* Enhancement: cves/2021/CVE-2021-41691.yaml by mp

* Enhancement: cves/2021/CVE-2021-44529.yaml by mp

* Conflicts resolved

* Fix quoting

* Enhancement: cves/2021/CVE-2021-45967.yaml by mp

* Enhancement: cves/2022/CVE-2022-0189.yaml by mp

* Enhancement: cves/2022/CVE-2022-0189.yaml by mp

* Enhancement: cves/2022/CVE-2022-23779.yaml by mp

* Enhancement: default-logins/apache/dolphinscheduler-default-login.yaml by mp

* Enhancement: default-logins/cobbler/hue-default-credential.yaml by mp

* Enhancement: default-logins/emqx/emqx-default-login.yaml by mp

* Enhancement: default-logins/geoserver/geoserver-default-login.yaml by mp

* Enhancement: cves/2021/CVE-2021-38647.yaml by mp

* Enhancement: cves/2021/CVE-2021-41691.yaml by mp

* Enhancement: cves/2021/CVE-2021-45967.yaml by mp

* Enhancement: cves/2022/CVE-2022-0189.yaml by mp

* Enhancement: cnvd/2021/CNVD-2021-14536.yaml by mp

* Enhancement: default-logins/apache/dolphinscheduler-default-login.yaml by mp

* Enhancement: default-logins/geoserver/geoserver-default-login.yaml by mp

* Update CVE-2020-25223.yaml

* Update CVE-2020-26214.yaml

* Update CVE-2020-25506.yaml

* Update CVE-2020-2551.yaml

* Update CVE-2020-26919.yaml

* Update CVE-2021-44529.yaml

* Update CVE-2020-28871.yaml

* Update CVE-2020-28188.yaml

* Update CVE-2021-45967.yaml

* Update hue-default-credential.yaml

* Update CVE-2021-44529.yaml

* misc syntax update

Co-authored-by: sullo <sullo@cirt.net>
Co-authored-by: Prince Chaddha <prince@projectdiscovery.io>
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-03-29 16:03:49 +05:30
sandeep 9012b2396a misc update to CVE-2020-10148 2022-03-29 16:00:27 +05:30
Prince Chaddha b6dd43c0c9
Merge pull request #3984 from Akokonunes/patch-132
Create CVE-2021-46381.yaml
2022-03-29 12:14:05 +05:30
Prince Chaddha 708921b3e5
Update and rename CVE-2021-46381.yaml to cves/2021/CVE-2021-46381.yaml 2022-03-29 12:09:40 +05:30
gilfoyle97 91db326b54
Fix CVE-2020-17456 (false positive) (#3997)
* Fix CVE-2020-17456 (false positive)

* additional matchers

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-03-28 16:35:16 +05:30
Sandeep Singh 5f28041069
Added Spring Boot Log4j Remote Code Injection (#3993)
* Added Spring Boot Log4j Remote Code Injection

* minor improvements to CVE-2021-44228

* URI based payload update to catch injection point
2022-03-28 01:46:50 +05:30
sandeep 7b83c9990a minor updates to template names 2022-03-27 22:13:08 +05:30
GitHub Action c8380b3bf8 Auto Generated CVE annotations [Sun Mar 27 14:25:50 UTC 2022] 🤖 2022-03-27 14:25:50 +00:00
Dhiyaneshwaran 014a8c9192
4 New Wordpress Authenticated Templates (#3990)
* Create xss-childlist-selector.yaml

* Update xss-childlist-selector.yaml

* Rename xss-childlist-selector.yaml to aem-xss-childlist-selector.yaml

* adding metadata

* Create CVE-2021-25112.yaml

* Create CVE-2022-0189.yaml

* Create CVE-2021-25055.yaml

* Create CVE-2022-0148.yaml

* misc update

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-03-27 19:55:03 +05:30
Sandeep Singh eeff6b26b8
more strict matchers (#3987) 2022-03-26 16:45:50 +05:30
GitHub Action ac87976a84 Auto Generated CVE annotations [Sat Mar 26 09:11:31 UTC 2022] 🤖 2022-03-26 09:11:31 +00:00
Muhammad Daffa d3a765df85
Update CVE-2017-1000028.yaml (#3968)
* Update CVE-2017-1000028.yaml

* Update CVE-2017-1000028.yaml
2022-03-26 14:40:47 +05:30
MostInterestingBotInTheWorld 814d07fb7d
Dashboard Content Enhancements (#3961)
* Enhancement: default-logins/viewpoint/trilithic-viewpoint-login.yaml by mp

* Enhancement: default-logins/visionhub/visionhub-default-login.yaml by mp

* Enhancement: default-logins/weblogic/weblogic-weak-login.yaml by mp

* Enhancement: default-logins/wifisky/wifisky-default-login.yaml by mp

* Enhancement: default-logins/wso2/wso2-default-login.yaml by mp

* Enhancement: default-logins/xerox/xerox7-default-login.yaml by mp

* Enhancement: default-logins/xxljob/xxljob-default-login.yaml by mp

* Enhancement: default-logins/zabbix/zabbix-default-login.yaml by mp

* Enhancement: default-logins/zmanda/zmanda-default-login.yaml by mp

* Enhancement: dns/azure-takeover-detection.yaml by mp

* Enhancement: dns/cname-fingerprint.yaml by mp

* Enhancement: dns/cname-service-detection.yaml by mp

* Enhancement: dns/detect-dangling-cname.yaml by mp

* Enhancement: dns/dns-waf-detect.yaml by mp

* Enhancement: default-logins/weblogic/weblogic-weak-login.yaml by mp

* Enhancement: default-logins/xxljob/xxljob-default-login.yaml by mp

* Enhancement: dns/dnssec-detection.yaml by mp

* Enhancement: dns/ec2-detection.yaml by mp

* Add CVSS/CWE

* Trailing space

* Linting error on comment indentation

* Typo

* Enhancement: dns/elasticbeantalk-takeover.yaml by mp

* Enhancement: cves/2020/CVE-2020-23517.yaml by mp

* Enhancement: dns/elasticbeantalk-takeover.yaml by mp

* Enhancement: dns/mx-fingerprint.yaml by mp

* Enhancement: dns/mx-service-detector.yaml by mp

* Enhancement: dns/nameserver-fingerprint.yaml by mp

* Enhancement: dns/ptr-fingerprint.yaml by mp

* Enhancement: dns/servfail-refused-hosts.yaml by mp

* Enhancement: dns/spoofable-spf-records-ptr.yaml by mp

* Enhancement: dns/txt-fingerprint.yaml by mp

* Enhancement: dns/worksites-detection.yaml by mp

* Enhancement: exposed-panels/3g-wireless-gateway.yaml by mp

* Enhancement: exposed-panels/acemanager-login.yaml by mp

* Enhancement: exposed-panels/acrolinx-dashboard.yaml by mp

* Enhancement: dns/mx-fingerprint.yaml by mp

* Enhancement: dns/mx-service-detector.yaml by mp

* Enhancement: dns/ptr-fingerprint.yaml by mp

* Enhancement: dns/servfail-refused-hosts.yaml by mp

* Enhancement: dns/spoofable-spf-records-ptr.yaml by mp

* Enhancement: cves/2021/CVE-2021-39501.yaml by mp

* Enhancement: cves/2021/CVE-2021-40323.yaml by mp

* Enhancement: cves/2021/CVE-2021-40539.yaml by mp

* Enhancement: cves/2021/CVE-2021-40542.yaml by mp

* Enhancement: cves/2021/CVE-2021-40856.yaml by mp

* Enhancement: cves/2021/CVE-2021-40859.yaml by mp

* Enhancement: cves/2021/CVE-2021-40323.yaml by mp

* Enhancement: cves/2021/CVE-2021-40539.yaml by mp

* Enhancement: cves/2010/CVE-2010-1875.yaml by mp

* Enhancement: exposed-panels/aims-password-portal.yaml by mp

* Enhancement: exposed-panels/airflow-panel.yaml by mp

* Enhancement: exposed-panels/akamai-cloudtest.yaml by mp

* Enhancement: exposed-panels/alfresco-detect.yaml by mp

* Enhancement: exposed-panels/alienvault-usm.yaml by mp

* Enhancement: exposed-panels/ambari-exposure.yaml by mp

* Enhancement: exposed-panels/amcrest-login.yaml by mp

* Enhancement: exposed-panels/ametys-admin-login.yaml by mp

* Enhancement: exposed-panels/ametys-admin-login.yaml by mp

* Enhancement: exposed-panels/alienvault-usm.yaml by mp

* Enhancement: exposed-panels/airflow-panel.yaml by mp

* Enhancement: exposed-panels/aims-password-portal.yaml by mp

* Enhancement: exposed-panels/ambari-exposure.yaml by mp

* Enhancement: cnvd/2021/CNVD-2021-17369.yaml by mp

* Enhancement: exposed-panels/apache/public-tomcat-manager.yaml by mp

* Enhancement: exposed-panels/apache/apache-apisix-panel.yaml by mp

* Enhancement: exposed-panels/ansible-tower-exposure.yaml by mp

* Enhancement: exposed-panels/ampps-panel.yaml by mp

* Enhancement: exposed-panels/ampps-admin-panel.yaml by mp

* Enhancement: exposed-panels/ametys-admin-login.yaml by mp

* Enhancement: cves/2010/CVE-2010-1878.yaml by mp

* Fix encoded chars

* trailing space

* Enhancement: cnvd/2021/CNVD-2021-15822.yaml by mp

* Enhancement: cnvd/2021/CNVD-2021-15822.yaml by mp

* Enhancement: cnvd/2021/CNVD-2021-15822.yaml by mp

* Enhancement: exposed-panels/apache/tomcat-pathnormalization.yaml by mp

* Enhancement: cves/2021/CVE-2021-40542.yaml by mp

* Enhancement: misconfiguration/horde-unauthenticated.yaml by mp

* Enhancement: misconfiguration/horde-unauthenticated.yaml by mp

* Enhancement: misconfiguration/horde-unauthenticated.yaml by mp

* Enhancement: cves/2021/CVE-2021-40542.yaml by mp

* Enhancement: exposed-panels/apiman-panel.yaml by mp

* Enhancement: cves/2010/CVE-2010-1873.yaml by mp

* Enhancement: exposed-panels/arcgis/arcgis-panel.yaml by mp

* Enhancement: exposed-panels/arcgis/arcgis-rest-api.yaml by mp

* Enhancement: exposed-panels/argocd-login.yaml by mp

* Enhancement: exposed-panels/atlassian-crowd-panel.yaml by mp

* Enhancement: exposed-panels/atvise-login.yaml by mp

* Enhancement: exposed-panels/avantfax-panel.yaml by mp

* Enhancement: exposed-panels/avatier-password-management.yaml by mp

* Enhancement: exposed-panels/axigen-webadmin.yaml by mp

* Enhancement: exposed-panels/axigen-webmail.yaml by mp

* Enhancement: exposed-panels/azkaban-web-client.yaml by mp

* Enhancement: exposed-panels/acunetix-panel.yaml by mp

* Enhancement: exposed-panels/adiscon-loganalyzer.yaml by mp

* Enhancement: exposed-panels/adminer-panel.yaml by mp

* Enhancement: cves/2010/CVE-2010-1870.yaml by mp

* Enhancement: exposed-panels/adminset-panel.yaml by mp

* Enhancement: exposed-panels/adobe/adobe-component-login.yaml by mp

* Enhancement: exposed-panels/adobe/adobe-connect-central-login.yaml by mp

* Enhancement: exposed-panels/adobe/adobe-experience-manager-login.yaml by mp

* Enhancement: exposed-panels/adobe/adobe-media-server.yaml by mp

* Enhancement: exposed-panels/advance-setup.yaml by mp

* Enhancement: exposed-panels/aerohive-netconfig-ui.yaml by mp

* Enhancement: exposed-panels/aims-password-mgmt-client.yaml by mp

* Enhancement: exposed-panels/aims-password-mgmt-client.yaml by mp

* Enhancement: exposed-panels/aims-password-portal.yaml by mp

* Enhancement: exposed-panels/airflow-panel.yaml by mp

* Enhancement: exposed-panels/airflow-panel.yaml by mp

* spacing issues

* Spacing

* HTML codes improperly interpreted
Relocate horde-unauthenticated.yaml to CVE-2005-3344.yaml

* Relocate horde-unauthenticated.yaml to CVE-2005-3344.yaml

* Enhancement: technologies/waf-detect.yaml by mp

* Enhancement: vulnerabilities/wordpress/wordpress-wpcourses-info-disclosure.yaml by mp

* Enhancement: vulnerabilities/wordpress/wordpress-wpcourses-info-disclosure.yaml by mp

* Enhancement: network/sap-router-info-leak.yaml by mp

* Enhancement: vulnerabilities/wordpress/wordpress-wpcourses-info-disclosure.yaml by mp

* Enhancement: network/sap-router-info-leak.yaml by mp

* Enhancement: network/exposed-adb.yaml by mp

* Enhancement: vulnerabilities/vmware/vrealize-operations-log4j-rce.yaml by mp

* Enhancement: vulnerabilities/vmware/vrealize-operations-log4j-rce.yaml by mp

* Enhancement: vulnerabilities/vmware/vrealize-operations-log4j-rce.yaml by mp

* Enhancement: vulnerabilities/vmware/vrealize-operations-log4j-rce.yaml by mp

* Enhancement: vulnerabilities/wordpress/wordpress-woocommerce-sqli.yaml by mp

* Enhancement: exposures/tokens/digitalocean/tugboat-config-exposure.yaml by mp

* Enhancement: exposed-panels/concrete5/concrete5-install.yaml by mp

* Enhancement: vulnerabilities/wordpress/wordpress-infinitewp-auth-bypass.yaml by mp

* indentation issue

* Character encoding issue fix

* Enhancement: default-logins/alibaba/canal-default-login.yaml by mp

* Enhancement: default-logins/alphaweb/alphaweb-default-login.yaml by mp

* Enhancement: default-logins/ambari/ambari-default-login.yaml by mp

* Enhancement: default-logins/apache/airflow-default-login.yaml by mp

* Enhancement: default-logins/apache/apisix-default-login.yaml by mp

* Enhancement: default-logins/apollo/apollo-default-login.yaml by mp

* Enhancement: default-logins/arl/arl-default-login.yaml by mp

* Enhancement: default-logins/digitalrebar/digitalrebar-default-login.yaml by mp

* Enhancement: default-logins/mantisbt/mantisbt-default-credential.yaml by mp

* Enhancement: default-logins/stackstorm/stackstorm-default-login.yaml by mp

* Enhancement: dns/caa-fingerprint.yaml by mp

* Enhancement: exposed-panels/active-admin-exposure.yaml by mp

* Enhancement: exposed-panels/activemq-panel.yaml by mp

* Enhancement: default-logins/ambari/ambari-default-login.yaml by mp

* Restore & stomped by dashboard

* Enhancement: cves/2010/CVE-2010-1653.yaml by mp

* Enhancement: cves/2021/CVE-2021-38751.yaml by mp

* Enhancement: cves/2021/CVE-2021-39320.yaml by mp

* Enhancement: cves/2021/CVE-2021-39322.yaml by mp

* Enhancement: cves/2021/CVE-2021-39327.yaml by mp

* Enhancement: cves/2021/CVE-2021-39350.yaml by mp

* Enhancement: cves/2021/CVE-2021-39433.yaml by mp

* Enhancement: cves/2021/CVE-2021-41192.yaml by mp

* Enhancement: cnvd/2021/CNVD-2021-15824.yaml by mp

* Enhancement: exposed-panels/ansible-semaphore-panel.yaml by mp

* Enhancement: exposed-panels/aviatrix-panel.yaml by mp

* Enhancement: cves/2022/CVE-2022-24288.yaml by mp

* Enhancement: cves/2022/CVE-2022-24990.yaml by mp

* Enhancement: cves/2022/CVE-2022-26159.yaml by mp

* Enhancement: default-logins/aem/aem-default-login.yaml by mp

* Enhancement: exposed-panels/blue-iris-login.yaml by mp

* Enhancement: exposed-panels/bigbluebutton-login.yaml by mp

* Enhancement: cves/2022/CVE-2022-24288.yaml by mp

* Enhancement: cves/2022/CVE-2022-24990.yaml by mp

* Enhancement: cves/2022/CVE-2022-26159.yaml by mp

* Enhancement: default-logins/aem/aem-default-login.yaml by mp

* Spacing issues
Add cve-id field

* fix & stomping

* Enhancement: cves/2016/CVE-2016-1000141.yaml by mp

* Enhancement: cves/2020/CVE-2020-24912.yaml by mp

* Enhancement: cves/2021/CVE-2021-35265.yaml by mp

* Enhancement: cves/2022/CVE-2022-0437.yaml by mp

* Enhancement: cves/2010/CVE-2010-1601.yaml by mp

* Enhancement: technologies/teradici-pcoip.yaml by mp

* Enhancement: vulnerabilities/other/unauth-hoteldruid-panel.yaml by mp

* Enhancement: cves/2010/CVE-2010-1475.yaml by mp

* Enhancement: cves/2010/CVE-2010-1535.yaml by mp

* Enhancement: exposed-panels/epson-web-control-detect.yaml by mp

* Enhancement: exposed-panels/epson-access-detect.yaml by mp

* Enhancement: cves/2020/CVE-2020-29453.yaml by mp

* Fix spacing

Co-authored-by: sullo <sullo@cirt.net>
2022-03-25 17:15:10 +05:30
GitHub Action 83ecf7060b Auto Generated CVE annotations [Wed Mar 23 10:44:27 UTC 2022] 🤖 2022-03-23 10:44:27 +00:00
Sandeep Singh 8c12450b09
Added CVE-2021-42063 (#3956) 2022-03-23 16:13:38 +05:30
Prince Chaddha ca54dd0026
Merge pull request #3946 from bartutku/CVE-2021-41691
CVE-2021-41691
2022-03-23 13:17:18 +05:30
sandeep ec99241f0e Updated "/etc/passwd" regex to avoid possible false positive results. 2022-03-22 13:31:31 +05:30
Sandeep Singh 21c2c0cd2c
lint update 2022-03-22 13:04:29 +05:30
Prince Chaddha bc30daa9fb
Update CVE-2021-41691.yaml 2022-03-22 12:38:45 +05:30
Prince Chaddha 75845a7b6e
Merge pull request #3951 from z3dc0ps/master
changed 'burpcollaborator.net' to "{{interactsh-url}}"
2022-03-22 11:35:52 +05:30
Prince Chaddha 063d6ad7eb
Update CVE-2020-5412.yaml 2022-03-22 11:32:56 +05:30
Prince Chaddha 4e75bb7162
Update CVE-2019-9978.yaml 2022-03-22 11:32:49 +05:30
Prince Chaddha 2d8bc7577a
Update CVE-2020-5412.yaml 2022-03-22 11:25:29 +05:30
Prince Chaddha 3517bab6cc
Update CVE-2019-9978.yaml 2022-03-22 11:24:50 +05:30
MostInterestingBotInTheWorld 9663595dd1
Dashboard Text Enhancements (#3948)
Dashboard content enhancements
2022-03-21 23:48:47 -04:00
z3dc0ps 1e96305cf2
Update CVE-2017-9805.yaml 2022-03-22 01:47:31 +05:30
z3dc0ps 8f37ae4a2f
Update CVE-2021-21315.yaml 2022-03-22 01:46:15 +05:30
z3dc0ps d2afc026eb
Update CVE-2020-5412.yaml 2022-03-22 01:45:11 +05:30
z3dc0ps c87ed3f66f
Update CVE-2019-9978.yaml 2022-03-22 00:40:24 +05:30
bartutku 9fb6c93947 CVE-2021-41691 2022-03-21 16:49:56 +03:00
bartutku df61805ee8 CVE-2021-41691 2022-03-21 16:46:15 +03:00
GitHub Action 412ff87c82 Auto Generated CVE annotations [Mon Mar 21 12:21:54 UTC 2022] 🤖 2022-03-21 12:21:54 +00:00
PikPikcU adbf3eca22
Create CVE-2022-0437 (#3673)
* Create CVE-2022-0437.yaml

* request + matcher update

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-03-21 17:51:11 +05:30
Markus 9e43f3cc18
[false-positive] WordPress Contact Form 7 Plugin - Unrestricted File Upload (#3825)
* Update CVE-2020-35489.yaml

Fix for the false positives mentioned in #3816

* Update CVE-2020-35489.yaml

Fix for the false positives mentioned in #3816

* misc update

* version comparison with new helper function

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-03-21 17:48:01 +05:30
GitHub Action 3f3ba47aaa Auto Generated CVE annotations [Mon Mar 21 12:12:32 UTC 2022] 🤖 2022-03-21 12:12:32 +00:00
Prince Chaddha d42c946e20
Merge pull request #3907 from gy741/rule-add-v101
Create CVE-2020-17456.yaml
2022-03-21 17:41:48 +05:30
Prince Chaddha f4fdbbf415
Update and rename CVE-2020-27467.yaml to cves/2020/CVE-2020-27467.yaml 2022-03-21 16:56:48 +05:30
GitHub Action 6b562eb6f7 Auto Generated CVE annotations [Sun Mar 20 07:45:32 UTC 2022] 🤖 2022-03-20 07:45:32 +00:00
darkc0d37 36ff44ab40
Ivanti EPM CSA Code Injection(CVE-2021-44529) (#3937)
* Added CVE-2021-44529

* Added CVE-2021-44529

* Added CVE-2021-44529

* metadata updates

* contributors update

Co-authored-by: Tirtha Mandal <darkc0d3@Tirthas-MacBook-Pro.local>
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-03-20 13:14:37 +05:30
Sandeep Singh ec2246ee22
added confluence metadata and minor matcher updates (#3929) 2022-03-19 16:12:08 +05:30
sandeep a97dccb54a additional matcher update 2022-03-19 16:10:43 +05:30
Dwi Siswanto 1878c50193
Add Pascom advisories (#3862)
* pascom: Add CVE-2021-45967

* pascom: Add CVE-2021-45968
2022-03-19 16:09:09 +05:30
Xeldax 10b23118aa
add airflow cve-2022-24288 (#3873)
* add airflow cve-2022-24288

* lint update

* template request + matcher + metadata update

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-03-19 15:59:17 +05:30
sandeep dd2322c7f2 tags update 2022-03-19 15:15:41 +05:30
GitHub Action 145620c09c Auto Generated CVE annotations [Sat Mar 19 09:06:25 UTC 2022] 🤖 2022-03-19 09:06:25 +00:00
cckuailong 9fe955392a
add CVE-2021-41282 (#3844)
* add CVE-2021-41282

* tags update

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-03-19 14:35:40 +05:30
sandeep a3a709045a tag update 2022-03-19 14:25:34 +05:30
cckuailong 5b787f0260
add CVE-2021-35587 (#3872)
* add CVE-2021-35587

* fix verbose space

* misc updates

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-03-19 14:24:33 +05:30
Roberto Nunes 66fadd57ad
Create CVE-2021-34805.yaml (#3919)
* Create CVE-2021-34805.yaml

* misc fixes

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-03-19 14:18:46 +05:30
sandeep 218b87a384 removing duplicate template 2022-03-18 21:09:34 +05:30
Podalirius 4c66d04cf1
Added template for CVE-2022-26159 (#3923)
* Added template for CVE-2022-26159

* path + matcher update

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-03-18 14:58:35 +05:30
Philippe Delteil be3d2d42f1
Update CVE-2018-5230.yaml (#3928)
* Update CVE-2018-5230.yaml

Solves a false positive when the requests triggers a file download 

nuclei -debug -t nuclei-templates/cves/2018/CVE-2018-5230.yaml -u https://get-jama.replicated.com

* matcher fixes

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-03-18 12:55:28 +05:30
MostInterestingBotInTheWorld 056323ec5a
Dashboard Text Enhancements (#3927)
Dashboard text enhancements
2022-03-17 13:01:45 -04:00
gilfoyle97 0fa555567a
Request: Fix CVE-2021-21234 (#3920)
* Fixed CVE-2019-9670

* more strict matchers

* Fix CVE-2021-21234

* more strict matcher

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-03-17 14:59:53 +05:30
gilfoyle97 5a25fe8e0f
Fixed CVE-2019-9670 (#3918)
* Fixed CVE-2019-9670

* more strict matchers

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-03-17 13:36:15 +05:30
Prince Chaddha 4c1b01bfc3
Update CVE-2020-17456.yaml 2022-03-15 16:36:08 +05:30
GwanYeong Kim ec174819c4 Create CVE-2020-17456.yaml
SEOWON INTECH SLC-130 And SLR-120S devices allow Remote Code Execution via the ipAddr parameter to the system_log.cgi page.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2022-03-15 19:13:50 +09:00
sandeep 0edbae8e45 limit the matcher / extractor scope to location header 2022-03-15 11:46:47 +05:30
sandeep 2bff343eda more strict matchers for CVE-2022-23779 2022-03-15 02:03:06 +05:30
Prince Chaddha 913a1ab64e
Merge pull request #3894 from Akokonunes/patch-127
Create CVE-2018-12300.yaml
2022-03-15 00:48:39 +05:30
GitHub Action 13df485fff Auto Generated CVE annotations [Mon Mar 14 19:05:47 UTC 2022] 🤖 2022-03-14 19:05:47 +00:00
Prince Chaddha b68f2afd70
Merge pull request #3898 from projectdiscovery/CVE-2018-12296
Create CVE-2018-12296.yaml
2022-03-15 00:35:07 +05:30
Sandeep Singh 5231a3e193
Update CVE-2018-12296.yaml 2022-03-14 17:46:34 +05:30
sandeep 5303173354 additional word matcher 2022-03-14 16:09:08 +05:30
Prince Chaddha e3453ee7db
Create CVE-2018-12296.yaml 2022-03-14 15:58:20 +05:30
Prince Chaddha 9f833a5878
Update and rename CVE-2018-12300.yaml to cves/2018/CVE-2018-12300.yaml 2022-03-14 15:43:20 +05:30
MostInterestingBotInTheWorld 6b7215c4b3
Dashboard Text Enhancements (#3886)
Text Enhancements
2022-03-11 10:27:47 -05:00
Prince Chaddha 911e9eb9ac
Merge pull request #3881 from Akokonunes/patch-126
Create CVE-2020-13158.yaml
2022-03-11 16:00:45 +05:30
GitHub Action bcd67b9429 Auto Generated CVE annotations [Fri Mar 11 09:46:35 UTC 2022] 🤖 2022-03-11 09:46:35 +00:00
Prince Chaddha d016e3102f
Update CVE-2020-13158.yaml 2022-03-11 14:24:04 +05:30
Prince Chaddha d3221ba5d6
Update and rename CVE-2020-13158.yaml to cves/2020/CVE-2020-13158.yaml 2022-03-11 14:21:56 +05:30
Prince Chaddha 3ad976aa51
Merge pull request #3842 from projectdiscovery/CVE-2019-12725-fix
Update CVE-2019-12725.yaml
2022-03-11 01:35:07 +05:30
GitHub Action d23bfa0462 Auto Generated CVE annotations [Thu Mar 10 10:28:37 UTC 2022] 🤖 2022-03-10 10:28:37 +00:00
Sandeep Singh a06653e53c
Merge pull request #3865 from projectdiscovery/puppet
puppet templates
2022-03-09 17:05:15 +05:30
sullo 48675b803a Fix control character issue 2022-03-08 17:38:14 -05:00
sandeep 67e20bc87f puppet templates 2022-03-09 00:17:22 +05:30
MostInterestingBotInTheWorld 7cd9e673ca Enhancement: cves/2022/CVE-2022-24124.yaml by mp 2022-03-08 12:38:46 -05:00
MostInterestingBotInTheWorld acb55f3c06 Enhancement: cves/2022/CVE-2022-23808.yaml by mp 2022-03-08 12:36:49 -05:00
MostInterestingBotInTheWorld 2d350e0a2f Enhancement: cves/2022/CVE-2022-23134.yaml by mp 2022-03-08 12:35:20 -05:00
MostInterestingBotInTheWorld 295de3ec7b Enhancement: cves/2022/CVE-2022-22536.yaml by mp 2022-03-08 12:33:02 -05:00
MostInterestingBotInTheWorld eebef82c6a Enhancement: cves/2022/CVE-2022-21371.yaml by mp 2022-03-08 12:31:20 -05:00
MostInterestingBotInTheWorld 161ba2c6a2 Enhancement: cves/2022/CVE-2022-0692.yaml by mp 2022-03-08 12:29:12 -05:00
MostInterestingBotInTheWorld 28a422d658 Enhancement: cves/2022/CVE-2022-24260.yaml by mp 2022-03-08 10:57:25 -05:00
MostInterestingBotInTheWorld 9004746e16 Enhancement: cves/2022/CVE-2022-24124.yaml by mp 2022-03-08 10:54:16 -05:00
MostInterestingBotInTheWorld 1ce8284cbe Enhancement: cves/2022/CVE-2022-24112.yaml by mp 2022-03-08 10:51:53 -05:00
MostInterestingBotInTheWorld c2fba36a7a Enhancement: cves/2022/CVE-2022-23944.yaml by mp 2022-03-08 10:41:08 -05:00
MostInterestingBotInTheWorld 303f6f71c6 Enhancement: cves/2022/CVE-2022-23134.yaml by mp 2022-03-08 10:36:27 -05:00
MostInterestingBotInTheWorld 613ff3f1eb Enhancement: cves/2022/CVE-2022-23131.yaml by mp 2022-03-08 10:28:19 -05:00
MostInterestingBotInTheWorld dd2d525989 Enhancement: cves/2022/CVE-2022-22947.yaml by mp 2022-03-08 10:15:40 -05:00
MostInterestingBotInTheWorld d0be94c185 Enhancement: cves/2022/CVE-2022-22536.yaml by mp 2022-03-08 10:09:38 -05:00
MostInterestingBotInTheWorld f15357f415 Enhancement: cves/2022/CVE-2022-0692.yaml by mp 2022-03-08 10:03:35 -05:00
MostInterestingBotInTheWorld b6e96c73a8 Enhancement: cves/2022/CVE-2022-21371.yaml by mp 2022-03-08 09:58:58 -05:00
MostInterestingBotInTheWorld c1601ceded
Merge branch 'projectdiscovery:master' into dashboard 2022-03-08 09:36:06 -05:00
GitHub Action a85cb6354e Auto Generated CVE annotations [Tue Mar 8 06:53:29 UTC 2022] 🤖 2022-03-08 06:53:29 +00:00
Prince Chaddha 44f96f3115
Update and rename boa-web-fileread.yaml to cves/2017/CVE-2017-9833.yaml 2022-03-08 11:51:07 +05:30
Prince Chaddha 20e59be53c
Merge pull request #3847 from gy741/rule-add-v100
Create CVE-2020-15050.yaml
2022-03-08 11:17:43 +05:30
Prince Chaddha e14b913101
Update CVE-2020-15050.yaml 2022-03-08 11:12:39 +05:30
sandeep f0d3116b12 added metadata 2022-03-08 07:00:33 +05:30
Sandeep Singh 6ae7f3f361
Update CVE-2022-25323.yaml 2022-03-08 06:38:46 +05:30
Dwi Siswanto 29d462125c Add CVE-2022-24990 2022-03-08 08:05:30 +07:00
MostInterestingBotInTheWorld 5a99c2c4f4 Enhancement: cves/2022/CVE-2022-25323.yaml by mp 2022-03-07 16:36:44 -05:00
MostInterestingBotInTheWorld 1af2e53732 Enhancement: cves/2010/CVE-2010-1607.yaml by mp 2022-03-07 16:30:03 -05:00
MostInterestingBotInTheWorld 73a06a5fab Enhancement: cves/2021/CVE-2021-44521.yaml by mp 2022-03-07 16:29:30 -05:00
sandeep 20774864c5 misc updates 2022-03-08 01:28:57 +05:30
edoardottt 7032b928cc Add CVE-2021-3002 2022-03-07 20:47:40 +01:00
sullo 2d0d48fdb7 Trailing space 2022-03-07 14:26:37 -05:00
sandeep 2ebcbed6a3 additional matcher 2022-03-08 00:49:41 +05:30
MostInterestingBotInTheWorld 81868f926d Enhancement: cves/2021/CVE-2021-4191.yaml by mp 2022-03-07 14:12:26 -05:00
MostInterestingBotInTheWorld aac30ad6ef Enhancement: cves/2010/CVE-2010-1602.yaml by mp 2022-03-07 14:04:05 -05:00
MostInterestingBotInTheWorld bcc094893a Enhancement: cves/2021/CVE-2021-41649.yaml by mp 2022-03-07 14:02:44 -05:00
MostInterestingBotInTheWorld 138142bdba Enhancement: cves/2021/CVE-2021-41648.yaml by mp 2022-03-07 13:45:31 -05:00
MostInterestingBotInTheWorld 7f5de64a29 Enhancement: cves/2021/CVE-2021-41467.yaml by mp 2022-03-07 13:41:37 -05:00
MostInterestingBotInTheWorld 042d3eb4a4 Enhancement: cves/2021/CVE-2021-41349.yaml by mp 2022-03-07 13:40:20 -05:00
edoardottt 74a69107bb Add CVE-2022-0381 2022-03-07 19:19:41 +01:00
MostInterestingBotInTheWorld 49623611cb Enhancement: cves/2021/CVE-2021-41381.yaml by mp 2022-03-07 10:46:28 -05:00
MostInterestingBotInTheWorld 3ed70c8627 Enhancement: cves/2021/CVE-2021-41349.yaml by mp 2022-03-07 10:43:02 -05:00
MostInterestingBotInTheWorld d58cf407d9 Enhancement: cves/2021/CVE-2021-41293.yaml by mp 2022-03-07 10:36:19 -05:00
sullo c002e6c7d5 Accidentally added a vim command 2022-03-07 09:13:57 -05:00
sullo 4266bdad25 Spacing 2022-03-07 09:08:43 -05:00
MostInterestingBotInTheWorld 21d872d42c
Merge branch 'projectdiscovery:master' into dashboard 2022-03-07 08:10:22 -05:00
GwanYeong Kim ba14674e22 Create CVE-2020-15050.yaml
An issue was discovered in the Video Extension in Suprema BioStar 2 before 2.8.2. Remote attackers can read arbitrary files from the server via Directory Traversal.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2022-03-07 19:19:01 +09:00
Prince Chaddha 5f9caa4418
Update CVE-2019-12725.yaml 2022-03-07 03:37:03 +05:30
Prince Chaddha 9587fcfcb8
Update CVE-2019-12725.yaml 2022-03-07 03:36:21 +05:30
MostInterestingBotInTheWorld 2ad1854752 Enhancement: cves/2010/CVE-2010-1601.yaml by mp 2022-03-06 12:04:57 -05:00
MostInterestingBotInTheWorld d743fb7969 Enhancement: cves/2021/CVE-2021-41291.yaml by mp 2022-03-06 12:04:24 -05:00
MostInterestingBotInTheWorld 925f08ff70 Enhancement: cves/2021/CVE-2021-41277.yaml by mp 2022-03-06 12:01:47 -05:00
MostInterestingBotInTheWorld 92aa22ebe8 Enhancement: cves/2021/CVE-2021-41266.yaml by mp 2022-03-06 11:56:57 -05:00
MostInterestingBotInTheWorld 739edecc0f Enhancement: cves/2021/CVE-2021-41174.yaml by mp 2022-03-06 11:52:34 -05:00
MostInterestingBotInTheWorld 220bc5a35a Enhancement: cves/2021/CVE-2021-40978.yaml by mp 2022-03-06 11:50:17 -05:00
MostInterestingBotInTheWorld b20659acef Enhancement: cves/2021/CVE-2021-40960.yaml by mp 2022-03-06 11:43:48 -05:00
MostInterestingBotInTheWorld 0739f98dc7 Enhancement: cves/2021/CVE-2021-40875.yaml by mp 2022-03-06 11:41:44 -05:00
MostInterestingBotInTheWorld b03d23b035 Enhancement: cves/2021/CVE-2021-40870.yaml by mp 2022-03-06 11:35:55 -05:00
MostInterestingBotInTheWorld 57ab79164b Enhancement: cves/2021/CVE-2021-40868.yaml by mp 2022-03-06 11:31:51 -05:00
MostInterestingBotInTheWorld ebaf71e728 Enhancement: cves/2010/CVE-2010-1540.yaml by mp 2022-03-06 11:27:52 -05:00
sandeep 71410871c6 more strict matchers + extractor 2022-03-06 13:47:52 +05:30
cckuailong 4023282a2d add CVE-2022-23779 2022-03-06 09:38:26 +08:00
sandeep 103826f041 strict matchers for CVE-2022-22536 2022-03-05 20:57:11 +05:30
sandeep 25c8f1bc11 cve tag update 2022-03-05 13:46:55 +05:30
sandeep faea03749e tags update + extractor 2022-03-05 13:42:33 +05:30
sandeep 3fd92dbdcd indentation update 2022-03-05 13:15:21 +05:30
zsusac d18e7535d2 Add template for CVE-2021-4191 2022-03-04 16:56:50 -05:00
Sandeep Singh 541568a74c
Merge pull request #3835 from Akokonunes/patch-124
Create CVE-2022-0692.yaml
2022-03-04 22:24:46 +05:30
sandeep a3345c34ae template location update 2022-03-04 22:17:44 +05:30
sandeep 3a6c69df71 template name updates 2022-03-04 22:12:30 +05:30
sandeep af09a6ce4b Added CVE-2020-2103
Co-Authored-By: csh <25989137+c-sh0@users.noreply.github.com>
2022-03-04 21:50:03 +05:30
sandeep 11a0308624 Added CVE-2019-10405
Co-Authored-By: csh <25989137+c-sh0@users.noreply.github.com>
2022-03-04 21:49:54 +05:30
Sandeep Singh 8a8913b916
Merge pull request #3831 from gy741/rule-add-v99
Create CVE-2022-24260.yaml
2022-03-04 20:48:18 +05:30
sandeep 657c4cc1f7 matcher update 2022-03-04 20:46:40 +05:30
sandeep 9f5cc1ca80 added gitlab metadata 2022-03-04 19:20:03 +05:30
Sandeep Singh bdad4ef7e3
Merge pull request #3832 from GitLab-Red-Team/gitlab-cve-2021-22214
GitLab CVE-2021-22214 fixes
2022-03-04 19:17:51 +05:30
Sandeep Singh 8c49bf4708
Merge pull request #3826 from edoardottt/master
Add CVE-2018-18264
2022-03-04 18:09:48 +05:30
sandeep b6afea5710 misc updates 2022-03-04 17:48:26 +05:30
initstring 3389b0b7aa removing irrelevant oast tag 2022-03-04 14:25:00 +11:00
initstring ce85dd4283 Fixed CVE-2021-22214 2022-03-04 13:04:56 +11:00
GwanYeong Kim 834c5a8c64 Create CVE-2022-24260.yaml
A SQL injection vulnerability in Voipmonitor GUI before v24.96 allows attackers to escalate privileges to the Administrator level.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2022-03-04 10:18:40 +09:00
GitHub Action dbdfd6858a Auto Generated CVE annotations [Thu Mar 3 21:20:41 UTC 2022] 🤖 2022-03-03 21:20:41 +00:00
Sandeep Singh 09b90a84a4
Merge pull request #3776 from projectdiscovery/CVE-2022-22536
Added CVE-2022-22536 (SAP Memory Pipes(MPI) Desynchronization) Detection
2022-03-04 02:50:01 +05:30
sandeep 51af63b9ab misc update 2022-03-04 02:48:25 +05:30
GitHub Action ac76cf7004 Auto Generated CVE annotations [Thu Mar 3 21:15:02 UTC 2022] 🤖 2022-03-03 21:15:02 +00:00
Sandeep Singh 0f47239f2a
Merge pull request #3807 from projectdiscovery/CVE-2021-44521
Apache Cassandra Load UDF RCE
2022-03-04 02:43:42 +05:30
gilfoyle97 65683d0000
Update CVE-2018-18264.yaml 2022-03-03 18:05:35 +01:00
edoardottt 6cf8d21cc2 Add CVE-2018-18264 2022-03-03 18:02:39 +01:00
sandeep d91066b9fe moving template around 2022-03-03 20:05:05 +05:30
MostInterestingBotInTheWorld 66f1023114
Merge branch 'projectdiscovery:master' into dashboard 2022-03-03 08:52:54 -05:00
Prince Chaddha 698bfa993e
Update CVE-2022-23808.yaml 2022-03-03 17:09:21 +05:30
Prince Chaddha b0e13cb19d
Merge pull request #3791 from pussycat0x/master
New Template Added
2022-03-03 16:44:20 +05:30
Prince Chaddha 2e71889e88
Merge pull request #3799 from cckuailong/test2
add CVE-2022-24124
2022-03-03 16:16:57 +05:30
Sandeep Singh ff1642796c
Merge pull request #3815 from projectdiscovery/CVE-2022-22947
Spring Cloud Gateway Code Injection (CVE-2022-22947)
2022-03-03 02:49:01 +05:30
sandeep 496c66f6a4 minor updates 2022-03-03 02:44:27 +05:30
MostInterestingBotInTheWorld 11fe5159e1 Enhancement: cves/2015/CVE-2015-7297.yaml by mp 2022-03-02 09:57:55 -05:00
sandeep 9ba37cacfd Spring Cloud Gateway Code Injection (CVE-2022-22947) 2022-03-02 14:15:10 +05:30
sandeep 6d32b81b2a GitLab metadata update 2022-03-02 13:05:29 +05:30
MostInterestingBotInTheWorld e4fe9b88bd Enhancement: cves/2010/CVE-2010-1723.yaml by mp 2022-03-01 15:22:02 -05:00
MostInterestingBotInTheWorld ee24727cfe Enhancement: cves/2010/CVE-2010-1722.yaml by mp 2022-03-01 15:21:36 -05:00
MostInterestingBotInTheWorld 8f0fa84873 Enhancement: cves/2010/CVE-2010-1719.yaml by mp 2022-03-01 15:12:46 -05:00
MostInterestingBotInTheWorld 3373a02ac6 Enhancement: cves/2010/CVE-2010-1718.yaml by mp 2022-03-01 15:12:06 -05:00
sandeep 12e01e2786 Apache Cassandra Load UDF RCE
Co-Authored-By: Y4er <40487319+Y4er@users.noreply.github.com>
2022-03-02 01:06:31 +05:30
MostInterestingBotInTheWorld 33d664c86e Enhancement: cves/2010/CVE-2010-1717.yaml by mp 2022-03-01 12:08:46 -05:00
sandeep 1b76c3e7e8 updated tags and id 2022-03-01 19:10:54 +05:30
sullo f2cc6fdf18 Merge branch 'dashboard' of https://github.com/MostInterestingBotInTheWorld/nuclei-templates into dashboard 2022-02-28 17:41:23 -05:00
sullo ec90d215b0 Merge branch 'dashboard' of https://github.com/MostInterestingBotInTheWorld/nuclei-templates into dashboard 2022-02-28 17:36:39 -05:00
sullo c9a211b19c Merge branch 'dashboard' of https://github.com/MostInterestingBotInTheWorld/nuclei-templates into dashboard 2022-02-28 17:31:45 -05:00
sullo 93e9c04f38 Merge branch 'dashboard' of https://github.com/MostInterestingBotInTheWorld/nuclei-templates into dashboard 2022-02-28 17:31:38 -05:00
MostInterestingBotInTheWorld a330bb78bb
Merge branch 'master' into dashboard 2022-02-28 17:21:32 -05:00
MostInterestingBotInTheWorld 390fe3b65f Enhancement: cves/2021/CVE-2021-45380.yaml by mp 2022-02-28 17:19:33 -05:00
Prince Chaddha fa10201d68
Update CVE-2022-24124.yaml 2022-03-01 03:31:40 +05:30
MostInterestingBotInTheWorld 41be1eb433 Enhancement: cves/2021/CVE-2021-45380.yaml by mp 2022-02-28 16:47:40 -05:00
MostInterestingBotInTheWorld 9e84dd3d67 Enhancement: cves/2021/CVE-2021-45092.yaml by mp 2022-02-28 16:47:00 -05:00
MostInterestingBotInTheWorld c608d27364 Enhancement: cves/2021/CVE-2021-45046.yaml by mp 2022-02-28 16:46:46 -05:00
MostInterestingBotInTheWorld 3cddcc31a3 Enhancement: cves/2021/CVE-2021-45043.yaml by mp 2022-02-28 16:45:51 -05:00
MostInterestingBotInTheWorld cc27c92bf6 Enhancement: cves/2021/CVE-2021-44228.yaml by mp 2022-02-28 16:43:59 -05:00
MostInterestingBotInTheWorld 195455a4a9 Enhancement: cves/2021/CVE-2021-43798.yaml by mp 2022-02-28 16:42:50 -05:00
Prince Chaddha d95b74cf09
Merge pull request #3796 from Akokonunes/patch-122
Create CVE-2018-19365.yaml
2022-03-01 03:11:31 +05:30
MostInterestingBotInTheWorld a1951877d5 Enhancement: cves/2021/CVE-2021-43287.yaml by mp 2022-02-28 16:40:27 -05:00
Prince Chaddha 9f10c0c6c9
Update CVE-2018-19365.yaml 2022-03-01 03:09:24 +05:30
Prince Chaddha 78dc321f70
Update and rename CVE-2018-19365.yaml to cves/2018/CVE-2018-19365.yaml 2022-03-01 03:07:37 +05:30
MostInterestingBotInTheWorld 121157cc78 Enhancement: cves/2022/CVE-2022-23808.yaml by mp 2022-02-28 16:30:49 -05:00
MostInterestingBotInTheWorld ae590f67d4 Enhancement: cves/2022/CVE-2022-23178.yaml by mp 2022-02-28 16:29:50 -05:00
Prince Chaddha 47efd78230
Merge pull request #3797 from Akokonunes/patch-123
Create CVE-2018-16716.yaml
2022-03-01 02:57:40 +05:30
Prince Chaddha 857b1c1e4a
Update and rename CVE-2018-16716.yaml to cves/2018/CVE-2018-16716.yaml 2022-03-01 02:56:06 +05:30
MostInterestingBotInTheWorld 4296ac8ca7 Enhancement: cves/2022/CVE-2022-23131.yaml by mp 2022-02-28 16:20:42 -05:00