daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
842 Commits
17 Branches
0 Tags
165 MiB
Commit Graph

842 Commits (9ab0c904c85a0404a4c8376096e4c9635fee4035)

Author SHA1 Message Date
bauthard 9ab0c904c8 updating templates 2020-08-15 14:18:23 +05:30
Benjamin Intfeld 8f599a4c08 added template for xss params 2020-08-12 22:51:22 +02:00
bauthard e91a4518c2
Merge pull request #299 from Mad-robot/master 
Fixing false positives
 2020-08-12 23:15:48 +05:30
bauthard 96093904ad Update CVE-2019-19985.yaml 2020-08-12 23:14:53 +05:30
SaN ThosH dc627f2d97
Update CVE-2019-19985.yaml 2020-08-12 23:10:09 +05:30
SaN ThosH 5e8411900f
Update CVE-2019-19985.yaml 
Fixing false positives
previously shown vulnerable for 
https://books.apple.com/wp-admin/admin.php?page=download_report&report=users&status=all

Originally vulnerable
https://www.yacht-charter.co.uk/wp-admin/admin.php?page=download_report&report=users&status=all
 2020-08-12 23:09:50 +05:30
bauthard 81a11c535a
Merge pull request #298 from Mad-robot/master 
Create CVE-2019-9978.yaml
 2020-08-12 20:51:56 +05:30
bauthard 80d2ccb4e6 Update wordpress-workflow.yaml 2020-08-12 20:50:46 +05:30
bauthard 283dfce89c workflow update 2020-08-12 20:49:20 +05:30
bauthard 4d1ff74303 Merge branch 'master' of https://github.com/Mad-robot/nuclei-templates into pr/298 2020-08-12 20:43:14 +05:30
bauthard d9a36ec84f Update CVE-2019-9978.yaml 2020-08-12 20:42:50 +05:30
SaN ThosH d60f915497
Update CVE-2019-9978.yaml 2020-08-12 20:41:52 +05:30
SaN ThosH ec95929e4b
Create CVE-2019-9978.yaml 2020-08-12 20:35:52 +05:30
bauthard 190e1e1ea5
Merge pull request #297 from Mad-robot/master 
Update wordpress-accessible-wpconfig.yaml
 2020-08-12 20:24:36 +05:30
SaN ThosH c6127b017d
Update wordpress-accessible-wpconfig.yaml 2020-08-12 20:21:27 +05:30
bauthard cbe3dbf145
Merge pull request #295 from Kiblyn11/wordpress-workflow-wp-config 
wp-config misconfig and wordpress workflow
 2020-08-12 18:51:24 +05:30
bauthard 3871001181
Merge pull request #294 from xElkomy/patch-2 
Update crlf-injection.yaml
 2020-08-12 17:49:47 +05:30
Romain 8a3ddb0cf1 fix typo 2020-08-12 10:18:59 +02:00
Romain 64c5b07b76 add wordpress workflow 2020-08-12 10:15:51 +02:00
Romain 325754ad60 add wp-config file misconfig detection 2020-08-12 10:15:34 +02:00
Khaled Mohamed 532072c677
Update crlf-injection.yaml 2020-08-11 14:58:53 +02:00
bauthard aaba00a84d Update CVE-2019-16759-1.yaml 2020-08-10 16:30:34 +05:30
bauthard 8a9c61c035 Update vbulletin-workflow.yaml 2020-08-10 15:00:25 +05:30
bauthard 3b571feeca added vbulletin-workflow 2020-08-10 14:58:30 +05:30
bauthard 634226bdcb
Merge pull request #293 from Mad-robot/master 
Create CVE-2019-16759-fixbypass.yaml
 2020-08-10 14:42:33 +05:30
bauthard b4c75eba60 Updated file name 2020-08-10 14:41:08 +05:30
bauthard 4124bfe326 vbulletin update 2020-08-10 14:38:50 +05:30
SaN ThosH ba3dddc284
Create CVE-2019-16759-fixbypass.yaml 2020-08-10 14:02:30 +05:30
bauthard c4292073be
Adding template details. 2020-08-08 12:56:51 +05:30
bauthard 7807d16913 tech updates 2020-08-08 03:21:16 +05:30
bauthard c29c02f10d
Merge pull request #290 from un-fmunozs/drop-cms-detect 
Improve drupal detection on tech-detect and drop cms-detect
 2020-08-08 02:48:49 +05:30
un-fmunozs 4425ee7a01 Update tech-detect.yaml 2020-08-07 16:15:38 -05:00
un-fmunozs c21eccd8e6 Improve drupal detection on tech-detect and drop cms-detect 
tech-detect does a better job with more cms than cms-detect, strings from cms-detect added for drupal. wordpress detection on tech-detect is ok. Fix #289
 2020-08-07 16:14:24 -05:00
bauthard 84d4e2ab5a
Merge pull request #288 from random-robbie/patch-1 
Create CVE-2017-9841
 2020-08-07 13:43:46 +05:30
bauthard 5c083d5860 Update CVE-2017-9841.yaml 2020-08-07 13:43:01 +05:30
bauthard 7cdf1f2154 Adding Reference 2020-08-07 13:41:39 +05:30
bauthard 5d6e6e8fbf updating file name 2020-08-07 13:37:12 +05:30
Robbie a43291d9d9
Create CVE-2017-9841 2020-08-07 09:02:28 +01:00
bauthard e7514cffc5
Merge pull request #287 from manuelbua/fix-improve-wadl-template 
Improve WADL detection, remove WSDL check, add additional checks
 2020-08-07 01:22:20 +05:30
bauthard b48dc3b9c3 Update wadl-files.yaml 2020-08-07 01:21:37 +05:30
Manuel Bua 378373a5b8 Remove WSDL check, add additional checks 2020-08-06 21:10:09 +02:00
bauthard 62089805d3
Merge pull request #285 from al3xdelarge/patch-2 
Add semicolon to path
 2020-08-06 13:44:18 +05:30
bauthard fca119eb24 adding both path for possilbe use cases 2020-08-06 13:42:12 +05:30
bauthard e4b0d08269
Merge pull request #284 from al3xdelarge/patch-1 
Improve shellshock payload
 2020-08-06 13:38:37 +05:30
Aron Molnar 8315f5f780
Add semicolon to path 
The vulnerability is that access restriction can be circumvented by adding a semicolon to the path (as pointed out in https://github.com/immunIT/CVE-2018-11759).
Without semicolon, jkstatus would be public anyway and would not be related to the CVE.
 2020-08-06 10:06:13 +02:00
Aron Molnar f4ebffa1bc
Improve shellshock payload 2020-08-06 10:03:58 +02:00
bauthard 86c124a3ae
Merge pull request #283 from un-fmunozs/fix279 
Update rce-via-java-deserialization.yaml
 2020-08-06 12:15:26 +05:30
un-fmunozs 03eb473c7b Update rce-via-java-deserialization.yaml 
Add rce-via-java-deserialization id
 2020-08-05 22:57:52 -05:00
bauthard e4ecdde5e0 Added CVE-2019-19985 2020-08-05 01:49:57 +05:30
bauthard 140f069e55 Update detect-all-takeovers.yaml 2020-08-05 00:56:22 +05:30