27f96f96c4
Update CVE-2021-3297.yaml
2021-08-02 17:12:42 +05:30
2c0ecb01b3
Update CVE-2021-3297.yaml
2021-08-02 17:09:52 +05:30
bae8422cfb
Update CVE-2021-3297.yaml
2021-08-02 17:06:07 +05:30
37608a954c
Description
2021-08-02 12:56:17 +03:00
6950d325e6
Update description
2021-08-02 12:55:21 +03:00
6f2d74337e
Add CVE-2021-29484.yaml
2021-08-02 13:28:24 +05:30
bfa043e51f
Create CVE-2021-3297.yaml
...
On Zyxel NBG2105 V1.00(AAGU.2)C0 devices, setting the login cookie to 1 provides administrator access.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-08-02 16:35:38 +09:00
1d58b2abd2
Merge pull request #2295 from daffainfo/patch-124
...
Create CVE-2016-1000149.yaml
2021-08-02 12:57:51 +05:30
0757721d24
Update CVE-2016-1000149.yaml
2021-08-02 12:56:49 +05:30
0c7025f30d
Update CVE-2016-1000148.yaml
2021-08-02 12:55:51 +05:30
02dc911dc9
Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates
2021-08-02 12:53:44 +05:30
e896a8982d
misc updates
2021-08-02 12:53:35 +05:30
dfcd364059
update to CVE-2017-5487, added extractor
2021-08-02 01:08:39 -04:00
6347e02b91
Create CVE-2016-1000149.yaml
2021-08-02 06:10:17 +07:00
54f927329d
Create CVE-2016-1000148.yaml
2021-08-02 06:09:14 +07:00
81572ce596
Merge pull request #2292 from geeknik/patch-4
...
Update CVE-2021-31581.yaml
2021-08-02 02:09:32 +05:30
b04dc13dcd
Update CVE-2021-31581.yaml
2021-08-02 02:08:28 +05:30
a24977aab9
Update CVE-2020-6637.yaml
2021-08-02 01:42:01 +05:30
d416aea142
Merge pull request #2279 from gy741/rule-add-v45
...
Create CVE-2021-36380.yaml
2021-08-02 01:36:56 +05:30
ebf1653d65
Update CVE-2021-36380.yaml
2021-08-02 01:33:10 +05:30
454e11f6c4
Merge pull request #2271 from pikpikcu/patch-240
...
Update JIRA SSRF
2021-08-02 01:31:27 +05:30
f5982c5d28
Update CVE-2019-8451.yaml
2021-08-02 01:30:00 +05:30
5023dd6f9c
Update CVE-2019-8451.yaml
2021-08-02 01:27:40 +05:30
c7778257c3
Update CVE-2019-8451.yaml
2021-08-02 01:22:49 +05:30
56d3a2f1bd
Merge pull request #2284 from pikpikcu/patch-242
...
Update CVE-2019-0221
2021-08-02 01:17:36 +05:30
76fb40314a
Merge pull request #2277 from pikpikcu/patch-241
...
Update CVE-2021-3223
2021-08-02 01:15:39 +05:30
5c22441bac
Update CVE-2021-3223.yaml
2021-08-02 01:11:43 +05:30
9cbb151600
Update CVE-2021-31581.yaml
...
Fixes https://github.com/projectdiscovery/nuclei-templates/issues/2285 . 👍🏻
2021-08-01 10:59:39 -05:00
03dfb4bff6
More references
2021-08-01 09:16:33 +03:00
3de7af6018
Better reference
2021-08-01 09:14:14 +03:00
ac70ba03c7
description and reference
2021-08-01 09:12:12 +03:00
21b17993be
Better references
2021-08-01 09:10:14 +03:00
9dc30c37a2
Description and reference
2021-08-01 08:57:40 +03:00
734dde35cc
Fix FP - https://github.com/projectdiscovery/nuclei-templates/issues/2217
2021-08-01 08:52:30 +03:00
0653fdc498
Update CVE-2019-0221.yaml
2021-08-01 09:43:53 +07:00
7f608a2d57
Create CVE-2012-4253.yaml
2021-08-01 07:33:05 +07:00
8801d2c380
Create CVE-2016-10993.yaml
2021-08-01 06:41:54 +07:00
b826d82268
Create CVE-2020-35598.yaml
2021-08-01 06:40:11 +07:00
0678e7d233
Create CVE-2021-36380.yaml
...
The /cgi/networkDiag.cgi script directly incorporated user-controllable parameters within a shell command, allowing an attacker to manipulate the resulting command by injecting valid OS command input. The following POST request injects a new command that instructs the server to establish a reverse TCP connection to another system, allowing the establishment of an interactive remote shell session.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-08-01 03:10:49 +09:00
5b3529bad5
Create CVE-2021-21816.yaml
...
An information disclosure vulnerability exists in the Syslog functionality of D-LINK DIR-3040 1.13B03. A specially crafted network request can lead to the disclosure of sensitive information. An attacker can send an HTTP request to trigger this vulnerability.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-08-01 02:42:48 +09:00
bc48231304
Merge pull request #2192 from gy741/rule-add-v41
...
Create CVE-2018-10818.yaml
2021-07-31 22:56:26 +05:30
620cd107c6
Update CVE-2018-10818.yaml
2021-07-31 22:55:55 +05:30
ae672521d9
Update CVE-2021-3223.yaml
2021-07-31 16:12:48 +07:00
3cb1abc436
Merge pull request #2268 from daffainfo/patch-117
...
Create CVE-2014-4535.yaml
2021-07-31 09:02:23 +05:30
dccd46c576
Merge pull request #2267 from daffainfo/patch-116
...
Create CVE-2019-12276.yaml
2021-07-31 09:00:52 +05:30
077191496a
Update CVE-2014-4535.yaml
2021-07-31 09:00:47 +05:30
8246b2356c
Update CVE-2019-12276.yaml
2021-07-31 08:58:19 +05:30
9c758ea8fb
Merge pull request #2275 from daffainfo/patch-118
...
Create CVE-2014-4536.yaml
2021-07-31 08:48:36 +05:30
b2e3670c91
Update CVE-2014-4536.yaml
2021-07-31 08:43:27 +05:30
9a47b53434
Update CVE-2012-0991.yaml
2021-07-31 08:41:41 +05:30
afe800c0db
Create CVE-2012-0991.yaml
2021-07-31 06:04:14 +07:00
3afcf2a755
Create CVE-2014-4536.yaml
2021-07-31 06:01:46 +07:00
1cce455f1c
Update CVE-2020-13927.yaml
...
Following the discussion https://github.com/projectdiscovery/nuclei-templates/discussions/1477 .
According to NIST, It's a critical issue.
https://nvd.nist.gov/vuln/detail/CVE-2020-13927
2021-07-30 16:40:41 +02:00
ff344b0e49
Update CVE-2019-8451.yaml
2021-07-30 17:35:48 +05:30
5bf63d1811
Update JIRA SSRF
2021-07-30 18:50:31 +07:00
010f1a8700
Create CVE-2014-4535.yaml
2021-07-30 05:51:07 +07:00
189f59ba9d
Create CVE-2019-12276.yaml
2021-07-30 05:49:59 +07:00
10b35b4051
Merge pull request #2231 from daffainfo/patch-111
...
Create CVE-2009-5114.yaml
2021-07-29 18:35:08 +05:30
da3ba72db3
Create CVE-2020-11455.yaml
2021-07-29 05:43:07 +07:00
60be63be57
Merge pull request #2238 from pikpikcu/patch-235
...
Add iTop XSS
2021-07-29 00:23:17 +05:30
feb0af88eb
Update CVE-2015-6544.yaml
2021-07-29 00:16:01 +05:30
b3fdcb6bb3
Merge pull request #2240 from daffainfo/patch-113
...
Create CVE-2019-14312.yaml
2021-07-29 00:11:17 +05:30
249766aff1
Merge pull request #2243 from pikpikcu/patch-238
...
Add CVE-2015-8349
2021-07-29 00:09:55 +05:30
f6b2676b00
Update CVE-2015-8349.yaml
2021-07-28 23:24:32 +05:30
2b719b9fdb
Update CVE-2015-3648.yaml
2021-07-28 15:28:21 +05:30
56a7c8095e
Create CVE-2015-3648.yaml
2021-07-28 13:00:02 +07:00
e3af07706d
Create CVE-2015-8349.yaml
2021-07-28 12:45:44 +07:00
3a3ccf0ba2
Create CVE-2019-14312.yaml
2021-07-28 09:04:19 +07:00
b65ac6853e
Update CVE-2015-6544.yaml
2021-07-28 08:02:57 +07:00
0af99625ba
Create CVE-2015-6544.yaml
2021-07-28 08:01:44 +07:00
38e095c98c
Fix Tags
2021-07-28 07:38:20 +07:00
8c9697cb2f
Update CVE-2011-4336.yaml
2021-07-28 07:19:43 +07:00
2bc6cc018f
Create CVE-2011-4336.yaml
2021-07-28 07:13:33 +07:00
a07d931799
Create CVE-2014-8799.yaml
2021-07-28 05:03:23 +07:00
0341b58077
Create CVE-2009-5114.yaml
2021-07-28 05:02:29 +07:00
c703d92c5b
Merge pull request #2222 from pikpikcu/patch-228
...
Add PhpCollab (unauthenticated) Arbitrary File Upload
2021-07-27 19:44:35 +05:30
b984f86d67
removing extra headers
2021-07-27 17:59:13 +05:30
d43a54ada1
Update CVE-2017-6090.yaml
2021-07-27 17:56:56 +05:30
bfc130dfbd
Merge branch 'patch-228' of https://github.com/pikpikcu/nuclei-templates into pr/2222
2021-07-27 17:51:06 +05:30
448aec1edb
minor updates
2021-07-27 17:50:49 +05:30
870339ebe1
Update CVE-2017-6090.yaml
2021-07-27 19:10:51 +07:00
32e18be51a
Merge pull request #2215 from TheConciergeDev/patch-4
...
Renamed yaml file
2021-07-27 17:27:23 +05:30
cd214580a7
Merge pull request #2224 from pikpikcu/patch-230
...
Add SPIP XSS
2021-07-27 17:25:04 +05:30
0ce590a3f2
Update CVE-2016-7981.yaml
2021-07-27 17:23:32 +05:30
fdfd4232a5
Merge pull request #2225 from pikpikcu/patch-231
...
Create CVE-2020-26153.yaml
2021-07-27 17:22:04 +05:30
cdb91d44f3
Update CVE-2020-26153.yaml
2021-07-27 17:20:54 +05:30
4a5d374227
Merge pull request #2212 from pikpikcu/patch-220
...
Add Jeedom XSS
2021-07-27 17:18:07 +05:30
ff582706c2
Merge pull request #2226 from daffainfo/patch-110
...
Create CVE-2017-15647.yaml
2021-07-27 17:17:44 +05:30
142eb2fe3b
Update CVE-2020-9036.yaml
2021-07-27 17:12:32 +05:30
c4e75a7eb5
Merge pull request #2203 from pikpikcu/patch-211
...
Add CVE-2020-27735
2021-07-27 17:08:21 +05:30
590e6ae172
Create CVE-2017-15647.yaml
2021-07-27 18:36:29 +07:00
d561a8711d
Create CVE-2020-26153.yaml
2021-07-27 18:19:44 +07:00
d9f20b63e4
Update CVE-2020-27735.yaml
2021-07-27 16:32:50 +05:30
fb055acf9e
Create CVE-2016-7981.yaml
2021-07-27 17:27:42 +07:00
315215aa02
Create CVE-2017-6090.yaml
2021-07-27 16:51:01 +07:00
ab408ccd04
Create CVE-2018-5233.yaml
2021-07-27 16:03:59 +07:00
9e2de534a8
Create CVE-2018-10095.yaml
2021-07-27 15:49:19 +07:00
6e7aba2fb9
Update CVE-2020-27735.yaml
2021-07-27 13:55:45 +05:30
4a13112125
Update CVE-2020-27735.yaml
2021-07-27 13:33:41 +05:30
317a63ec9c
Create CVE-2018-14013.yaml
2021-07-27 14:34:36 +07:00
62df9585f9
Renamed yaml file
...
Added missing "-" in filename
2021-07-27 09:28:54 +02:00
6f91b5d052
Create CVE-2020-9036.yaml
2021-07-27 13:45:01 +07:00
840da27221
Merge pull request #2206 from pikpikcu/patch-214
...
CLink Office XSS
2021-07-27 11:59:42 +05:30
76a39c9ef5
Update CVE 2020-6171.yaml
2021-07-27 11:58:42 +05:30
56b4ada461
Update CVE-2009-0932.yaml
2021-07-27 12:35:57 +07:00
c2012bf293
Create CVE-2009-0932.yaml
2021-07-27 12:32:32 +07:00
751626e435
Update CVE 2020-6171.yaml
2021-07-27 12:24:17 +07:00
ddc251861f
Create CVE 2020-6171.yaml
2021-07-27 12:21:52 +07:00
aff00f0cd8
Merge pull request #2202 from daffainfo/patch-109
...
Create CVE-2012-4878.yaml
2021-07-27 10:44:53 +05:30
caf6bb61c3
Update CVE-2020-27735.yaml
2021-07-27 10:41:08 +05:30
b2f1863fd7
Update CVE-2020-35774.yaml
2021-07-27 10:40:55 +05:30
b75c2dde67
Update CVE-2020-35774.yaml
2021-07-27 10:38:46 +05:30
326c8265ef
Create CVE-2020-35774.yaml
2021-07-27 10:31:48 +07:00
f619caf26a
Create CVE-2020-27735.yaml
2021-07-27 10:23:23 +07:00
241eff959c
Create CVE-2012-4878.yaml
2021-07-27 09:31:04 +07:00
96c03d93cc
Update CVE-2020-6637.yaml
2021-07-27 07:38:49 +07:00
b1dfb89f88
Create CVE-2020-6637.yaml
2021-07-27 07:36:48 +07:00
12b832cc36
Create CVE-2021-32305.yaml
...
WebSVN before 2.6.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the search parameter.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-07-27 09:24:35 +09:00
9db92fa24c
Create CVE-2016-1000155.yaml
2021-07-27 06:09:33 +07:00
47110e15ce
Create CVE-2016-1000153.yaml
2021-07-27 06:04:27 +07:00
4029278d6c
Create CVE-2018-10818.yaml
...
The vulnerability (CVE-2018-10818) is a pre-auth remote command injection vulnerability found in the majority of LG NAS devices. You cannot simply log in with any random username and password. However, there lies a command injection vulnerability in the “password” parameter.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-07-27 02:27:13 +09:00
9c66387f0f
More CVEs Template
2021-07-26 22:48:45 +05:30
5fc3ae4ef4
Merge pull request #1872 from Vladimir-Ivanov-Git/CVE-2018-2392
...
CVE-2018-2392 SAP IGS XXE
2021-07-26 20:12:08 +05:30
79c077ddf7
Merge pull request #1874 from Vladimir-Ivanov-Git/CVE-2020-6207
...
CVE-2020-6207 SAP SolMan RCE
2021-07-26 18:26:55 +05:30
8130cd2c3b
Update CVE-2020-6207.yaml
2021-07-26 18:26:19 +05:30
c58565e8ed
Merge pull request #2118 from daffainfo/patch-95
...
Create CVE-2016-1000140.yaml
2021-07-26 18:09:34 +05:30
dbace50bdb
Update CVE-2016-1000140.yaml
2021-07-26 18:03:07 +05:30
4069e981c4
Merge pull request #2120 from daffainfo/patch-96
...
Create CVE-2014-6308.yaml
2021-07-26 18:00:31 +05:30
4e82da883d
Merge pull request #2117 from daffainfo/patch-94
...
Create CVE-2016-1000138.yaml
2021-07-26 17:59:39 +05:30
68327ddfa1
Update CVE-2016-1000138.yaml
2021-07-26 14:28:04 +05:30
b990243906
uniform tags
2021-07-26 14:25:43 +05:30
9d7b8707e8
Merge pull request #2116 from daffainfo/patch-93
...
Create CVE-2016-1000137.yaml
2021-07-26 14:23:29 +05:30
73ddb84266
Update CVE-2016-1000137.yaml
2021-07-26 14:08:03 +05:30
bdaab4c330
Merge pull request #2050 from daffainfo/patch-76
...
Create CVE-2016-1000126.yaml
2021-07-26 14:06:59 +05:30
4ee46bf076
Merge pull request #2112 from daffainfo/patch-91
...
Create CVE-2020-35580.yaml
2021-07-26 14:06:50 +05:30
a76d36ead2
Update CVE-2016-1000126.yaml
2021-07-26 14:05:41 +05:30
068a3542e8
Merge pull request #2177 from pussycat0x/master
...
Port update
2021-07-26 14:02:27 +05:30
8b0f37af89
Update CVE-2016-2004.yaml
2021-07-26 13:57:56 +05:30
e03898ebe3
Merge pull request #2182 from daffainfo/patch-105
...
Create CVE-2013-7240.yaml
2021-07-26 13:38:53 +05:30
e8f9cc580e
Update CVE-2013-7240.yaml
2021-07-26 13:32:53 +05:30
fc025a8cc9
Merge pull request #2183 from daffainfo/patch-106
...
Create CVE-2014-2962.yaml
2021-07-26 13:30:23 +05:30
154ed31be9
Update CVE-2014-2962.yaml
2021-07-26 13:30:16 +05:30
84161bc33e
Update CVE-2020-8813.yaml
2021-07-26 13:27:19 +05:30
620ff3f367
Create CVE-2020-8813.yaml
...
This vulnerability could be exploited without authentication if Cacti is enabling “Guest Realtime Graphs” privilege, So in this case no need for the authentication part and you can just use the following code to exploit the vulnerability
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-07-26 11:32:23 +09:00
f8e16c595a
Create CVE-2014-2962.yaml
2021-07-26 06:58:58 +07:00
fed682443e
Update CVE-2020-35580.yaml
2021-07-26 06:55:48 +07:00
a9d07605c3
Update CVE-2014-6308.yaml
2021-07-26 06:55:17 +07:00
432e3ecc85
Create CVE-2013-7240.yaml
2021-07-26 06:49:51 +07:00
353b39e941
Merge pull request #2054 from geeknik/patch-3
...
Create CVE-2007-0885.yaml
2021-07-26 01:45:53 +05:30
9eced64983
Update CVE-2007-0885.yaml
2021-07-26 01:45:28 +05:30
Prince Chaddha
Noam Rathaus
rootxharsh
GwanYeong Kim
Prince Chaddha
sandeep
r3dg33k
Muhammad Daffa
Geeknik Labs
PikPikcU
Toufik Airane
TheConciergeDev