Noam Rathaus
ecb436df3e
Those aren't really regexes
2021-04-28 15:07:39 +03:00
Noam Rathaus
9ece07bf9a
Provide reference
2021-04-28 14:00:15 +03:00
Prince Chaddha
8d9d46e00a
Merge pull request #1362 from underfl0w/chamilo-lms-sqli
...
Chamilo 1.11.14 LMS sql injection
2021-04-28 15:55:14 +05:30
Prince Chaddha
722e305878
Update chamilo-lms-sqli.yaml
2021-04-28 15:48:34 +05:30
sandeep
5f5430a7a4
Payload and matcher fix
2021-04-28 14:42:10 +05:30
sandeep
3adf607b6f
Matcher for DNS interaction
2021-04-27 16:24:39 +05:30
Prince Chaddha
eaf70d16ab
Merge pull request #1350 from projectdiscovery/princechaddha-patch-15
...
Create zcms-v3-sqli.yaml
2021-04-27 16:09:32 +05:30
Prince Chaddha
d705648dc4
Merge pull request #1343 from projectdiscovery/princechaddha-patch-8
...
Create spark-webui-unauth.yaml
2021-04-26 21:58:53 +05:30
Prince Chaddha
3079fce648
Update spark-webui-unauth.yaml
2021-04-26 21:57:46 +05:30
Prince Chaddha
f726562445
Update spark-webui-unauth.yaml
2021-04-26 21:56:13 +05:30
Prince Chaddha
487e2300e1
Merge pull request #1331 from projectdiscovery/princechaddha-patch-1
...
Create unauth-spark-api.yaml
2021-04-26 21:52:22 +05:30
Prince Chaddha
5fcba18d1e
Merge pull request #1349 from projectdiscovery/princechaddha-patch-14
...
Create xunchi-file-read.yaml
2021-04-26 21:06:27 +05:30
Prince Chaddha
ac29e9a622
Merge pull request #1348 from projectdiscovery/princechaddha-patch-13
...
Create xiuno-bbs-reinstallation.yaml
2021-04-26 21:05:39 +05:30
Prince Chaddha
4cc83776f3
Merge pull request #1352 from projectdiscovery/princechaddha-patch-17
...
Create ecology-springframework-directory-traversal.yaml
2021-04-26 20:48:30 +05:30
Noam Rathaus
2e1e0e932f
Product name
2021-04-26 09:07:57 +03:00
Noam Rathaus
19a4bbc844
Correct product name, and link to the Gitee
2021-04-26 09:03:24 +03:00
Noam Rathaus
3857469468
Add reference
2021-04-26 09:01:39 +03:00
Noam Rathaus
909a0ce4dd
Product seems to be called ectouch
2021-04-26 08:51:08 +03:00
Noam Rathaus
bb974381b5
add references
2021-04-26 08:48:16 +03:00
Jurjen de Jonge
b9ad93a3cd
Reverted back to old technique
...
The ;INSERT method only seemed to work on my dev enviroment.
2021-04-24 22:15:57 +03:00
Jurjen de Jonge
5f264c9891
Updated chamilo-lms-sqli.yaml
...
Uses SQL injection to insert data into the database, then checks to see
if this data has been added;
2021-04-24 21:41:38 +03:00
Jurjen de Jonge
d4e8720797
Chamilo 1.11.14 LMS sql injection
...
YAML file is now indented correctly
2021-04-24 19:35:29 +03:00
Jurjen de Jonge
2f7746fe3d
Chamilo 1.11.14 LMS sql injection
2021-04-24 19:11:58 +03:00
Prince Chaddha
71e25fa42d
Create ecology-springframework-directory-traversal.yaml
2021-04-23 18:52:08 +05:30
Prince Chaddha
85bc6464cb
Create ecology-filedownload-directory-traversal.yaml
2021-04-23 18:50:11 +05:30
Prince Chaddha
2aa7764e58
Create zcms-v3-sqli.yaml
2021-04-23 18:48:00 +05:30
Prince Chaddha
525475ea2e
Create xunchi-file-read.yaml
2021-04-23 18:45:02 +05:30
Prince Chaddha
3527ffcd5c
Update xiuno-bbs-reinstallation.yaml
2021-04-23 18:41:15 +05:30
Prince Chaddha
bfa6113b45
Create xiuno-bbs-reinstallation.yaml
2021-04-23 18:40:17 +05:30
Prince Chaddha
9341841862
Create wuzhicms-sqli.yaml
2021-04-23 18:26:43 +05:30
Prince Chaddha
bfae33ab72
Create ueditor-file-upload.yaml
2021-04-23 17:45:09 +05:30
Prince Chaddha
fcb93ad108
Create spark-webui-unauth.yaml
2021-04-23 17:37:19 +05:30
sandeep
f7875a24d6
Adding Apache Solr <= 8.8.1 Arbitrary File Read
2021-04-23 15:48:04 +05:30
Prince Chaddha
ed1f462a3c
Create resin-cnnvd-200705-315.yaml
2021-04-22 19:37:30 +05:30
Prince Chaddha
376e8ec590
Create resin-inputfile-fileread.yaml
2021-04-22 19:16:56 +05:30
Prince Chaddha
edbe48cdf7
Update resin-viewfile-lfr.yaml
2021-04-22 19:14:41 +05:30
Prince Chaddha
bafc6d146a
Update resin-viewfile-lfr.yaml
2021-04-22 19:13:46 +05:30
Prince Chaddha
175bd1780d
Create resin-viewfile-lfr.yaml
2021-04-22 14:46:29 +05:30
Prince Chaddha
b9e013caec
Create sangfor-edr-auth-bypass.yaml
2021-04-22 14:37:32 +05:30
Prince Chaddha
7b051a70a9
Create WooYun-2015-148227.yaml
2021-04-22 14:29:47 +05:30
Prince Chaddha
af89aaf731
Update unauth-spark-api.yaml
2021-04-22 14:23:08 +05:30
Prince Chaddha
6c80ff0b68
Update unauth-spark-api.yaml
2021-04-22 13:48:03 +05:30
Prince Chaddha
c89872228c
Update unauth-spark-api.yaml
2021-04-22 13:46:18 +05:30
Prince Chaddha
22ddf02690
Create unauth-spark-api.yaml
2021-04-22 13:45:01 +05:30
sandeep
333c7965ad
Adding Showdoc < 2.8.6 File Upload RCE
2021-04-22 01:04:21 +05:30
Prince Chaddha
d8ccf26cc5
Merge pull request #1222 from projectdiscovery/princechaddha-patch-7
...
Create feifeicms-lfr.yaml
2021-04-21 23:56:37 +05:30
Prince Chaddha
89dd2b02a6
Merge pull request #1210 from projectdiscovery/princechaddha-patch-1
...
Create 74cms-sqli.yaml
2021-04-21 23:54:00 +05:30
Prince Chaddha
8d53d57728
Merge pull request #1243 from projectdiscovery/princechaddha-patch-12
...
Create maccmsv10-backdoor.yaml
2021-04-21 23:49:17 +05:30
Prince Chaddha
41b35fe99b
Merge pull request #1242 from projectdiscovery/princechaddha-patch-11
...
Create myucms-lfr.yaml
2021-04-21 23:48:16 +05:30
Prince Chaddha
63effa3f1f
Merge pull request #1279 from projectdiscovery/princechaddha-patch-16
...
Create nuuo-file-inclusion.yaml
2021-04-21 23:41:50 +05:30
Noam Rathaus
e5e995e909
Usually matchers is under requests and not at top level
2021-04-20 18:40:55 +03:00
Prince Chaddha
3fa6b9fb74
Create nuuo-file-inclusion.yaml
2021-04-14 01:57:44 +05:30
sandeep
9302d0397b
Update eyou-email-rce.yaml
2021-04-14 01:54:06 +05:30
sandeep
19553cf671
matcher improvements
2021-04-14 01:53:24 +05:30
PikPikcU
98af0ce0cc
Create erp-nc-directory-traversal.yaml
2021-04-13 07:18:15 +00:00
PikPikcU
c19e8aa1cc
Create qi-anxin-netkang-next-generation-firewall-rce.yaml
2021-04-13 07:13:07 +00:00
PikPikcU
9583b3bbd5
Create oa-v9-uploads-file.yaml
2021-04-13 07:06:02 +00:00
PikPikcU
52f5496134
Create core-chuangtian-cloud-rce.yaml
2021-04-13 06:53:27 +00:00
PikPikcU
fb3b481ae8
Create eyou-email-rce.yaml
2021-04-13 06:40:20 +00:00
sandeep
d96746d193
minor update
2021-04-11 17:24:54 +05:30
PikPikcU
cdac8b34a6
Create turbocrm-xss.yaml
2021-04-11 00:22:56 +00:00
Prince Chaddha
1df35d4f32
Create maccmsv10-backdoor.yaml
2021-04-10 03:30:22 +05:30
Prince Chaddha
939b8bee6c
Create myucms-lfr.yaml
2021-04-10 03:10:57 +05:30
Prince Chaddha
03c6126f60
Create etouch-v2-sqli.yaml
2021-04-07 22:03:17 +05:30
Prince Chaddha
797098e7fc
Create feifeicms-lfr.yaml
2021-04-07 19:54:35 +05:30
Prince Chaddha
220a6461fb
Create 74cms-sqli.yaml
2021-04-06 23:59:29 +05:30
sandeep
8fdfc64e54
misc tag updates
2021-04-06 12:16:11 +05:30
sandeep
d34ca6773b
misc changes
2021-04-05 23:55:18 +05:30
sandeep
e934241101
Update empirecms-xss.yaml
2021-04-05 22:13:16 +05:30
PikPikcU
d789177b06
Create empirecms-xss.yaml
2021-04-05 08:16:27 +00:00
PD-Team
59574cc701
Revert "Create apache-spark-rce"
2021-03-26 00:16:29 +05:30
sandeep
28bf41830f
Merge branch 'patch-104' of https://github.com/pikpikcu/nuclei-templates into pikpikcu-patch-104
2021-03-25 22:37:34 +05:30
Mzack9999
351167e91f
removing redundant boolean check
2021-03-25 00:28:50 +01:00
PD-Team
1e541d324f
Merge pull request #1116 from pikpikcu/patch-127
...
Create tpshop-directory-traversal.yaml
2021-03-21 21:04:43 +05:30
sandeep
7af81a3ce8
Update tpshop-directory-traversal.yaml
2021-03-21 21:04:33 +05:30
PikPikcU
7674824c98
Create xdcms-sqli.yaml
2021-03-21 10:15:44 +00:00
PikPikcU
ce51bfee06
Create tpshop-directory-traversal.yaml
2021-03-21 02:53:52 +00:00
sandeep
d2115fa8f6
Update hashicorp-consul-rce.yaml
2021-03-18 18:37:43 +05:30
sandeep
4e16407c52
Update hashicorp-consul-rce.yaml
2021-03-18 18:36:13 +05:30
sandeep
3c8432686c
Update viewlinc-crlf-injection.yaml
2021-03-16 14:05:20 +05:30
Geeknik Labs
e951c75c59
Update viewlinc-crlf-injection.yaml
2021-03-15 20:04:37 +00:00
Geeknik Labs
0068d7ae0c
Create viewlinc-crlf-injection.yaml
...
This was discovered whilst participating in a private Hacker0x01 bug bounty program.
2021-03-15 20:00:56 +00:00
PikPikcU
6689aa0a81
Create dedecms-carbuyaction-fileinclude.yaml
2021-03-15 08:40:45 +00:00
PD-Team
fb65d9341b
Merge branch 'master' into patch-4
2021-03-15 00:30:30 +05:30
sandeep
ffae74a6a8
Updated to openam-detection
2021-03-15 00:27:59 +05:30
PD-Team
47a7ea85e0
Merge pull request #1066 from r3naissance/master
...
Add teacherease-xss and parentlink-xss to /vulnerabilities/other/
2021-03-14 17:12:05 +05:30
sandeep
e18b34cc64
few updates
2021-03-14 17:07:52 +05:30
Dhiyaneshwaran
ed87cc42a8
Create pmb-local-file-disclosure.yaml
2021-03-12 22:42:45 +05:30
sandeep
a0785510f5
Update apache-flink-unauth-rce.yaml
2021-03-12 12:42:17 +05:30
sandeep
db18f137e6
linting updates
2021-03-12 12:40:16 +05:30
Chapman Schleiss
655308b864
Added reference
2021-03-11 09:50:26 -07:00
sandeep
86faa863f6
Added some reference
2021-03-11 20:33:36 +05:30
Chapman Schleiss
881cedaabc
Adding teacherease-xss
2021-03-10 12:36:44 -07:00
Chapman Schleiss
8a015fe306
Adding parentlink-xss
2021-03-10 12:36:08 -07:00
sandeep
ed91c0813e
more typos
2021-03-10 19:45:41 +05:30
sandeep
04cc9c44fb
xss matchers update
2021-03-04 21:32:34 +05:30
sandeep
e9c9c4822f
misc update
2021-03-04 21:04:06 +05:30
PikPikcU
4e31596426
Fix 🛠️
2021-03-03 22:07:46 +07:00
PikPikcU
8a2f8ca4ee
Fix name 🛠️
2021-03-03 22:03:52 +07:00
PikPikcU
b831644c7e
Update apache-sprak-rce.yaml
2021-03-03 21:49:11 +07:00
PikPikcU
0389429c1f
Create apache-sprak-rce.yaml
2021-03-03 11:02:51 +00:00
sandeep
fdd015042f
Update simple-employee-rce.yaml
2021-03-02 21:42:00 +05:30
PikPikcU
0e78ce0a5b
Create simple-employee-rce.yaml
2021-03-01 11:40:03 +00:00
PikPikcU
b9d3325fc6
Create ruijie-networks-lfi.yaml
2021-03-01 10:21:32 +00:00
sandeep
4c319fc79f
Update ruijie-networks-rce.yaml
2021-03-01 13:37:10 +05:30
PikPikcU
7ec42cf499
Update ruijie-networks-rce.yaml
2021-03-01 06:57:32 +00:00
PikPikcU
c55692e01c
Create ruijie-networks-rce.yaml
2021-03-01 06:56:46 +00:00
PikPikcU
6a4bd45625
Add tags
2021-02-27 00:39:28 +07:00
PikPikcU
481ba6aba1
Create duomicms-sql-injection.yaml
2021-02-26 22:44:31 +07:00
sandeep
e29525ecf7
Update hashicorp-consul-rce.yaml
2021-02-26 17:32:50 +05:30
sandeep
a15fad8cb7
Update hashicorp-consul-rce.yaml
2021-02-26 17:01:59 +05:30
PikPikcU
d926680125
Update hashicorp-consul-rce.yaml
2021-02-26 11:29:22 +00:00
PikPikcU
52f6fab37b
Update hashicorp-consul-rce.yaml
2021-02-26 11:06:28 +00:00
PikPikcU
50f5c91edf
Create hashicorp-consul-rce.yaml
2021-02-26 09:02:50 +00:00
sandeep
1355185b45
improved matcher
2021-02-25 23:04:21 +05:30
PD-Team
237b268e31
Merge pull request #937 from pikpikcu/patch-82
...
Create weiphp-path-traversal
2021-02-25 18:43:18 +05:30
sandeep
1dbd3b082b
matcher update
2021-02-25 18:29:49 +05:30
PikPikcU
277f7c21d6
Delete weiphp-sql-injection.yaml
2021-02-25 12:37:44 +00:00
PikPikcU
bf11f5889f
Update weiphp-sql-injection.yaml
2021-02-25 12:02:35 +00:00
sandeep
609ac0e098
Update rockmongo-xss.yaml
2021-02-25 17:16:33 +05:30
sandeep
3ea4c3a826
Update rockmongo-xss.yaml
2021-02-25 17:15:21 +05:30
PikPikcU
63a71afa62
Create rockmongo-xss.yaml
2021-02-25 11:28:40 +00:00
sandeep
c2982994a4
Update weiphp-sql-injection.yaml
2021-02-25 16:36:57 +05:30
sandeep
30483cf1e5
Update weiphp-path-traversal.yaml
2021-02-25 16:18:18 +05:30
PikPikcU
4a55ac7128
Update weiphp-sql-injection.yaml
2021-02-25 10:02:04 +00:00
PikPikcU
e81b961873
Update weiphp-sql-injection.yaml
2021-02-25 09:51:58 +00:00
PikPikcU
fe995933bc
Create weiphp-sql-injection.yaml
2021-02-25 09:49:18 +00:00
sandeep
48f55d25d0
Update weiphp-path-traversal.yaml
2021-02-25 15:03:56 +05:30
PikPikcU
f0f11568c0
Update weiphp-path-traversal.yaml
2021-02-25 09:07:26 +00:00
PikPikcU
b18c68674c
Create weiphp-path-traversal.yaml
2021-02-25 08:59:17 +00:00
PD-Team
9e9aa20646
Merge pull request #929 from pikpikcu/patch-80
...
zhiyuan-oa session leak
2021-02-24 23:24:28 +05:30
sandeep
a0175f96c4
Update zhiyuan-oa-info-leak.yaml
2021-02-24 23:22:23 +05:30
sandeep
00abdb4732
Update yarn-resourcemanager-rce.yaml
2021-02-24 21:29:13 +05:30
sandeep
99b1ae2d46
Improved matcher
2021-02-24 21:28:48 +05:30
PikPikcU
2f39160e65
Create zhiyuan-oa-info-leak.yaml
2021-02-24 08:07:57 +00:00
PikPikcU
b86a406d26
Create zhiyuan-oa-session-leak.yaml
2021-02-24 08:06:28 +00:00
sandeep
cd2a3a7a77
Update dedecms-openredirect.yaml
2021-02-20 23:12:14 +05:30
PikPikcU
d118e3e8cf
Create dedecms-openredirect.yaml
2021-02-21 00:35:47 +07:00
sandeep
6f74d31e0b
few updates
2021-02-20 22:41:54 +05:30
PikPikcU
6ace5ab376
Create finereport-path-traversal.yaml
2021-02-20 23:36:48 +07:00
sandeep
5ffc1aa211
Update metinfo-lfi.yaml
2021-02-20 19:24:20 +05:30
PikPikcU
6e19a6eb45
Create metinfo-lfi.yaml
2021-02-20 07:25:43 +07:00
sandeep
d77862ef7b
adding tags
2021-02-19 13:51:21 +05:30
PikPikcU
e537b279a0
Create cisco-webui-rce.yaml
2021-02-19 14:39:32 +07:00
sandeep
b538a7f481
Update seacms-rce.yaml
2021-02-18 20:38:50 +05:30
PikPikcU
15bff234ef
Create seacms-rce.yaml
2021-02-18 20:05:35 +07:00
sandeep
b4a9d2ec68
Update cacti-weathermap-file-write.yaml
2021-02-16 02:17:45 +05:30
PikPikcU
ef6b416535
Create cacti-weathermap-file-write.yaml
2021-02-15 04:39:47 +00:00
sandeep
eb50c32a64
Update rails6-xss.yaml
2021-02-15 04:27:45 +05:30
sandeep
58835cfc59
Update oa-tongda-path-traversal.yaml
2021-02-14 20:24:12 +05:30
PikPikcU
9362086705
Create oa-tongda-path-traversal.yaml
2021-02-14 12:22:51 +00:00
sandeep
0e5a07232f
misc changes
2021-02-14 16:29:41 +05:30
PikPikcU
197bf2286e
Create powercreator-cms-rce.yaml
2021-02-14 08:40:45 +00:00
sandeep
768c05a9df
Update rce-shellshock-user-agent.yaml
2021-02-13 10:25:02 +05:30
sandeep
ec7a29957d
Adding tags to vulnerabilities and workflows
2021-02-12 11:23:01 +05:30
Khaled Mohamed
e7c6731d1a
Update
...
Edit after update from Mohamed elbadry @melbadry9
2021-02-11 22:53:19 +02:00
sandeep
5c419acb32
misc updates
2021-02-12 02:03:38 +05:30
PikPikcU
82acc49390
Update and rename thinkcmf-shell-write.yaml to thinkcmf-rce.yaml
2021-02-11 17:49:03 +00:00
PikPikcU
29eda8d1ab
Create thinkcmf-shell-write.yaml
2021-02-11 17:31:25 +00:00
sandeep
e6c31e6512
Update thinkcmf-lfi.yaml
2021-02-11 22:23:14 +05:30
PikPikcU
2b8c738e03
Create thinkcmf-lfi.yaml
2021-02-11 15:46:20 +00:00
PikPikcU
f27418b7ba
Added apache-flink-rce ( #810 )
2021-02-10 20:48:24 +05:30
PD-Team
83fb22a81b
Merge pull request #801 from pikpikcu/patch-42
...
Adding sangfor-edr-rce
2021-02-03 17:30:11 +05:30
PD-Team
3a28f79400
Update chamilo-lms-xss.yaml
2021-02-03 16:58:43 +05:30
PikPikcU
c21acfa7a0
Create sangfor-edr-rce.yaml
2021-02-03 04:40:07 +00:00
Geeknik Labs
26f1e7d857
Create chamilo-lms-xss.yaml
2021-02-01 20:54:21 +00:00
PD-Team
fa732d4565
Merge pull request #787 from pikpikcu/patch-36
...
Create dlink-dir-850l-info-leak
2021-02-01 23:12:23 +05:30
PD-Team
b476243f85
misc changes
2021-02-01 23:11:29 +05:30
PD-Team
c649ff4a85
Added key-cloak xss and admin panel
2021-02-01 22:17:31 +05:30
PD-Team
6101f8e537
misc update
2021-01-31 12:54:53 +05:30
PikPikcU
ed4b717d65
Create wooyun-path-traversal.yaml
2021-01-30 21:37:05 +00:00
PD-Team
f6ccec48ed
Update CNVD-2020-62422.yaml
2021-01-30 18:33:26 +05:30
PikPikcU
64209dca7d
Create CNVD-2020-62422.yaml
2021-01-30 10:45:17 +00:00
PD-Team
a887ebe289
few updates
2021-01-26 20:01:01 +05:30
PR3R00T
7f1abf1e4b
Update sonicwall-sslvpn-shellshock.yml
2021-01-26 10:45:15 +00:00
PR3R00T
1712d10086
Update sonicwall-sslvpn-shellshock.yml
2021-01-26 10:44:17 +00:00
PR3R00T
4782898579
Update sonicwall-sslvpn-shellshock.yml
2021-01-26 10:40:48 +00:00
PR3R00T
f4529d02c5
Update sonicwall-sslvpn-shellshock.yml
2021-01-26 10:37:18 +00:00
PR3R00T
abe3f04402
Update sonicwall-sslvpn-shellshock.yml
2021-01-26 10:34:17 +00:00
PR3R00T
45d26b875e
New Sonicwall 0day Exploit test
2021-01-26 10:20:46 +00:00
PD-Team
c762044d29
updating incorrect file permissions
2021-01-21 23:28:32 +05:30
Khaled Mohamed
5c2eabbebc
Create openam-ldap-injection.yaml
...
reference: https://blog.cybercastle.io/ldap-injection-in-openam/
The vulnerability was found in the password reset feature that OpenAM provides. When a user tries to reset his password, he is asked to enter his username then the backend validates whether the user exists or not through an LDAP query before the password reset token is sent to the user’s email.
2021-01-13 23:36:19 +02:00
team-projectdiscovery
106da77fc3
Preparing for request clustering
2021-01-13 13:01:46 +05:30
team-projectdiscovery
c62dfd2b53
adding few from masters
2021-01-11 12:28:56 +05:30
team-projectdiscovery
b80ca7732d
linting errors
2021-01-11 03:31:24 +05:30
team-projectdiscovery
a52ffe5c4e
fixes and updates
2021-01-10 19:45:36 +05:30
team-projectdiscovery
a90d047991
Massive template checks addition 🎉 🎉
2021-01-10 18:41:25 +05:30
team-projectdiscovery
187e4a5feb
moving more files around
2021-01-09 18:32:04 +05:30