ed4b717d65
Create wooyun-path-traversal.yaml
2021-01-30 21:37:05 +00:00
f6ccec48ed
Update CNVD-2020-62422.yaml
2021-01-30 18:33:26 +05:30
64209dca7d
Create CNVD-2020-62422.yaml
2021-01-30 10:45:17 +00:00
a887ebe289
few updates
2021-01-26 20:01:01 +05:30
7f1abf1e4b
Update sonicwall-sslvpn-shellshock.yml
2021-01-26 10:45:15 +00:00
1712d10086
Update sonicwall-sslvpn-shellshock.yml
2021-01-26 10:44:17 +00:00
4782898579
Update sonicwall-sslvpn-shellshock.yml
2021-01-26 10:40:48 +00:00
f4529d02c5
Update sonicwall-sslvpn-shellshock.yml
2021-01-26 10:37:18 +00:00
abe3f04402
Update sonicwall-sslvpn-shellshock.yml
2021-01-26 10:34:17 +00:00
45d26b875e
New Sonicwall 0day Exploit test
2021-01-26 10:20:46 +00:00
c762044d29
updating incorrect file permissions
2021-01-21 23:28:32 +05:30
a98c2c6bb1
moving files
2021-01-21 23:11:15 +05:30
de09cbbd43
updating template
2021-01-21 20:17:20 +05:30
1a14ff8c44
syntax update
2021-01-19 12:33:48 +05:30
58ebf59035
Added ThinkPHP templates and signature.
2021-01-19 01:16:59 -03:00
dc24595935
BaseURL updates
2021-01-14 20:11:56 +05:30
106da77fc3
Preparing for request clustering
2021-01-13 13:01:46 +05:30
b5159893d0
removing duplicate template
2021-01-13 12:40:31 +05:30
0b4c49e485
misc
2021-01-11 13:24:57 +05:30
c62dfd2b53
adding few from masters
2021-01-11 12:28:56 +05:30
1468d8a52c
matcher updates
2021-01-11 12:14:22 +05:30
b5dd30abf5
fixes
2021-01-11 04:09:54 +05:30
b80ca7732d
linting errors
2021-01-11 03:31:24 +05:30
a52ffe5c4e
fixes and updates
2021-01-10 19:45:36 +05:30
a90d047991
Massive template checks addition 🎉 🎉
2021-01-10 18:41:25 +05:30
187e4a5feb
moving more files around
2021-01-09 18:32:04 +05:30
95d784d9b7
moving folder/files around
2021-01-08 22:25:54 +05:30
9a1c93c1c0
Update thinkific-redirect.yaml
2020-12-29 11:30:30 +05:30
c5838760fe
Create thinkific-redirect.yaml
2020-12-29 00:51:40 +02:00
fb3b2551df
Removing as this is same as cve-2020-11738
2020-12-23 19:31:29 +05:30
441c1d2c40
updated rails6-xss
2020-12-23 14:54:03 +05:30
280ad158a5
Merge pull request #682 from PR3R00T/patch-6
...
Linux appliance version of vmware-vcenter-lfi.yaml
2020-12-15 01:14:33 +05:30
6690a49299
Update vmware-vcenter-lfi-linux.yaml
2020-12-15 01:14:06 +05:30
961977a1d4
Update easy-wp-smtp-listing.yaml
2020-12-14 19:04:51 +05:30
9d6d6bbd70
Linux appliance version of vmware-vcenter-lfi.yaml
...
Looking into the references in vmware-vcenter-lfi.yaml, Twitter comments also mentioned it affecting the Linux appliance version (VMWare PSC).
I created this template and tested it on vulnerable PSCs.
2020-12-13 20:30:05 +00:00
76e8315c3f
Create easy-wp-smtp-listing.yaml
2020-12-13 20:05:21 +00:00
d0df82d928
Adding content type checks for XSS templates
2020-12-14 00:54:23 +05:30
0d103fe950
✏️ Update description
2020-12-09 15:53:20 +07:00
711053cfa5
🔥 Add McAfee ePO RCE vulnerability
2020-12-09 15:33:35 +07:00
9d51cec01e
Reference update
2020-11-23 23:56:36 +05:30
beb578cdf0
Marker updates to payloads
...
Adding § marker to variable names to avoid any confusion with real data and variable name, supported from nuclei v2.2.0
2020-11-21 12:25:49 +05:30
bc398cf3e3
Update open-redirect.yaml
...
Add `langTo` parameter.
2020-11-16 17:02:48 +00:00
a2243cbf30
Update open-redirect.yaml
...
Add missing host to `RequestURI`. 👍🏻
2020-11-16 16:52:13 +00:00
4f746684c8
Encoding updates
2020-11-10 19:43:51 +05:30
377a7df758
Adding NUUO NVRmini2 3.0.8 - Remote Code Execution
2020-11-09 16:09:50 +05:30
e55d12c8de
Merge pull request #587 from dwisiswant0/add-vuln/wordpress-wpcourses-info-disclosure
...
Add wordpress-wpcourses-info-disclosure
2020-10-23 02:16:07 +05:30
c11b53eedb
Update sassy-social-share.yaml
2020-10-23 02:08:55 +05:30
4e09270571
🔥 Add wordpress-wpcourses-info-disclosure
2020-10-20 23:46:12 +07:00
6a1ade3566
Create sassy-social-share.yaml
2020-10-20 16:28:01 +01:00
ec50c8519e
Merge pull request #574 from dwisiswant0/add/vpms-auth-bypass
...
Add Vehicle Parking Management System 1.0 - Authentication Bypass
2020-10-16 13:23:21 +05:30
5885f7b7cc
🔥 Add VPMS Auth Bypass
2020-10-16 02:42:37 +07:00
8903773275
📝 Add more regex patterns
2020-10-16 02:32:52 +07:00
c098675c01
🔥 Add ZMS Auth Bypass
2020-10-16 02:30:42 +07:00
f899b78fa8
🔥 Add rConfig RCE
2020-10-16 00:26:11 +07:00
29ec4777e2
Update vmware-vcenter-lfi.yaml
2020-10-13 21:34:12 +05:30
aa83f5e443
Update vmware-vcenter-lfi.yaml
2020-10-13 21:32:26 +05:30
7b662fbaee
🔨 Update regex pattern
2020-10-13 22:51:29 +07:00
ac8c5c98b4
🔨 Using paths as payloads
2020-10-13 21:55:29 +07:00
e0afe64ec1
📝 Remove additional matchers based on docs.vmware.com
2020-10-13 21:34:08 +07:00
e238af244b
🔥 Add VMware vCenter Unauthenticated Arbitrary File Read
2020-10-13 21:24:30 +07:00
1a01b49bd5
Removed host-header-injection
...
Removing as this template look for reflection and not HTTP interaction, that is also not possible to detect for now.
2020-10-12 21:19:32 +05:30
901f8d4483
Rename Symantec-Messaging-Gateway.yaml to symantec-messaging-gateway.yaml
2020-10-08 16:01:14 +05:30
072adb6681
template update
2020-10-08 03:49:59 +05:30
4b42f6852a
Add Oracle-EBS LFI
2020-10-07 21:59:39 +00:00
1c602223fb
template update
2020-10-06 19:38:59 +05:30
53c296c49a
Create w3c-total-cache.yaml
2020-10-06 10:45:54 +01:00
2ae545cab4
some updates
2020-10-02 22:28:16 +05:30
864c0781b4
Merge pull request #394 from sushant-kamble/master
...
[fuzzing][wip] new template in vulnerability
2020-10-02 22:23:42 +05:30
471daf1bfd
Update arbitrary-file-read.yaml
2020-10-02 22:22:52 +05:30
bcf83e3191
Update open-redirect.yaml
2020-10-01 20:49:01 +05:30
6045c00987
wordpress workflow update
2020-09-27 13:22:13 +05:30
debc3c846a
Update wordpress-social-metrics-tracker.yaml
2020-09-27 13:14:52 +05:30
dae1c4af79
Update wordpress-social-metrics-tracker.yaml
2020-09-27 13:12:57 +05:30
0a92a6acc4
Create wordpress-social-metrics-tracker.yaml
2020-09-26 09:20:15 +01:00
dbfa0fca2d
severity updates
2020-09-20 18:27:43 +05:30
2febdea3ec
Merge pull request #476 from al3xdelarge/master
...
Replace /etc/shadow by /etc/passwd
2020-09-17 14:04:13 +05:30
ac0df32184
Fix malformed yaml
2020-09-17 10:30:45 +02:00
7140ca2430
Fix malformed yaml
2020-09-17 10:24:16 +02:00
3deec15ad1
Fix malformed yaml
2020-09-17 10:23:00 +02:00
7d434171fc
Adapt matcher to passwd
2020-09-17 10:15:41 +02:00
0f7b226f69
Replace shadow by passwd
2020-09-17 10:13:19 +02:00
a33439106d
Update Symantec-Messaging-Gateway.yaml
2020-09-16 17:56:22 +05:30
67bd041417
Create Symantec-Messaging-Gateway.yaml
2020-09-16 12:13:10 +01:00
ffef121561
Normalized id fields to match schema regex
2020-09-16 00:55:55 +05:30
d0b47926dc
Merge pull request #453 from dwisiswant0/springboot/h2-db-rce
...
Add Spring Boot H2 Database RCE
2020-09-13 21:33:14 +05:30
9fbcc70b37
🔥 Add Spring Boot H2 Database RCE
2020-09-13 22:33:07 +07:00
0a49f1255e
Update open-redirect.yaml
2020-09-13 20:45:16 +08:00
52b5f5bb13
Merge pull request #429 from random-robbie/patch-5
...
Create wordpress-emails-verification-for-woocommerce.yaml
2020-09-10 19:26:37 +05:30
74ca1daede
✏️ Replace em-dash with dash
2020-09-09 22:08:12 +07:00
8e645bff19
Update wordpress-emails-verification-for-woocommerce.yaml
2020-09-08 23:57:06 +05:30
31b049898e
Update wordpress-emails-verification-for-woocommerce.yaml
2020-09-08 12:25:55 +01:00
07c84b347e
Create wordpress-emails-verification-for-woocommerce.yaml
2020-09-08 12:12:53 +01:00
9c6f45a08a
Create mida-eframework-xss.yaml
2020-09-08 09:45:12 +00:00
450df94e3d
Update bullwark-momentum-series-directory-traversal.yaml
2020-09-07 02:16:06 +05:30
67f72d11e6
Create bullwark-momentum-series-directory-traversal.yaml
2020-09-05 14:58:51 +00:00
21c8656c12
False positive on XSS templates
...
Encode XSS payload to prevent false positives when the Query string is returned AS IS by the server. Recent browsers will always send the parameters encoded.
2020-09-03 10:56:31 -05:00
25fd4da110
new template
2020-09-02 17:22:30 -05:00
ca4dbf605b
🔡 Justifying id's
2020-09-01 09:25:25 +07:00
9bf0b6dbaf
uniform format
2020-09-01 00:04:29 +05:30
6abc3c9429
Merge pull request #369 from projectdiscovery/wems-manager-xss
...
Create wems-manager-xss.yaml
2020-08-30 11:11:18 +05:30
140716bac8
Create wems-manager-xss.yaml
2020-08-30 11:10:09 +05:30
62cbf524aa
Merge pull request #368 from projectdiscovery/eclipse-help-system-xss
...
Create eclipse-help-system-xss.yaml
2020-08-30 10:39:19 +05:30
01d055aa1f
Update eclipse-help-system-xss.yaml
2020-08-30 10:38:28 +05:30
5a860c63ed
Create eclipse-help-system-xss.yaml
2020-08-30 10:35:28 +05:30
1d8b3f71a0
Update sick-beard-xss.yaml
2020-08-29 02:33:17 +05:30
99c83642fa
Create sick-beard-xss.yaml
2020-08-29 02:25:56 +05:30
747aa48d09
Merge pull request #345 from aqme/master
...
Add *description* property to nuclei-templates
2020-08-28 01:09:39 +05:30
8cc901ced0
comment reference field
2020-08-27 21:05:33 +02:00
146e114a3b
fix minor yamllint issues
...
Fix minor yamllint issues to move forward.
2020-08-25 22:18:58 +02:00
ddb9a608ff
Update rce-via-java-deserialization.yaml
2020-08-26 01:22:50 +05:30
79ccce2ae4
add few descriptions
...
add few descriptions and references on /vulnerabilities/ templates.
2020-08-25 21:43:43 +02:00
9990d326e4
CRLF injection
...
update description
2020-08-25 18:46:19 +02:00
79e826d782
CouchDB Admin Party
...
update description
2020-08-25 17:29:11 +02:00
532072c677
Update crlf-injection.yaml
2020-08-11 14:58:53 +02:00
f4ebffa1bc
Improve shellshock payload
2020-08-06 10:03:58 +02:00
03eb473c7b
Update rce-via-java-deserialization.yaml
...
Add rce-via-java-deserialization id
2020-08-05 22:57:52 -05:00
f5d35e3fad
minor fixs
2020-08-01 02:18:24 +05:30
99d78127ea
Nginx virtual host traffic status module XSS
...
https://github.com/vozlt/nginx-module-vts/issues/174
2020-07-31 23:18:14 +05:30
b44f47c502
matcher updates
2020-07-31 23:12:34 +05:30
a46612e7b7
Create tikiwiki-reflected-xss.yam
2020-07-31 22:55:41 +05:30
d6930042a9
trailing-spaces
2020-07-31 15:32:19 +05:30
9be9a16bbc
Merge pull request #269 from eugui/patch-4
...
Update open-redirect.yaml
2020-07-28 21:16:58 +05:30
e23e6767fd
updating template
2020-07-28 20:44:22 +05:30
318a78ebef
Update open-redirect.yaml
2020-07-28 14:29:36 +01:00
6e8b732d57
Update oracle-ebs-bispgraph-file-access-vulnerability(rce).yaml
2020-07-27 12:37:21 +03:00
5340a96e4c
Oracle EBS Bispgraph File Access Vulnerability
...
A test to check whether you can read the etc/password file on a vulnerable Oracle Enterprise Business Suite instance
2020-07-27 12:25:15 +03:00
4651a012cd
Rename RCE-via-java-deserialization.yaml to rce-via-java-deserialization.yaml
2020-07-24 15:02:04 +05:30
55ccaba797
Update RCE-via-java-deserialization.yaml
2020-07-24 14:59:46 +05:30
5e26af7cfc
Update RCE-via-java-deserialization.yaml
2020-07-24 14:54:31 +05:30
41f25f0fc2
rce via java deserialization
2020-07-24 14:45:31 +05:30
0153c765a9
Update open-redirect.yaml
2020-07-21 13:32:10 +05:30
ed4e9e7feb
Fixed default condition OR to AND in false-positives
2020-07-08 17:08:57 +05:30
3d7f039cbd
Rename ibm-infoprint-directory-traversal to ibm-infoprint-directory-traversal.yaml
2020-07-07 17:41:34 +05:30
97db04d90e
Create ibm-infoprint-directory-traversal
...
IBM InfoPrint 4247-Z03 Impact Matrix Printer - Directory Traversal
2020-07-07 17:40:48 +05:30
3381eed789
Update open-redirect.yaml
2020-07-06 16:21:43 +02:00
d2f024dc32
Update crlf-injection.yaml
2020-07-06 16:16:27 +02:00
e255561721
Update crlf-injection.yaml
2020-07-06 16:11:29 +02:00
6d498a6054
syntax update
2020-07-06 13:57:46 +05:30
991376c439
Merge pull request #174 from dwisiswant0/development
...
Adding Spring Boot Actuators (Jolokia) XXE
2020-07-02 23:07:34 +05:30
ecd295aff4
🔥 Add Springboot Actuators (Jolokia) XXE Vulnerability
2020-07-02 23:15:33 +07:00
2d8c78c263
updates
2020-07-02 21:53:41 +08:00
e9c23dffe0
Merge pull request #126 from projectdiscovery/iceman-regex-fix
...
Regex issues fix by simplifying and fixing some edge cases
2020-06-22 08:36:29 -07:00
7df644ed6a
Handle more spacing edge-cases, anchor at end of line
2020-06-22 13:15:01 +02:00
15fa8f2244
Switch to multiline matching to avoid false positives
2020-06-22 12:26:30 +02:00
c7262c3ee7
Handle spaces in non-standard response headers
2020-06-22 10:55:52 +02:00
4ec258bd16
Handle protocol-relative URL in redirects
2020-06-22 10:02:43 +02:00
c08676116c
Handle some more edge cases
2020-06-21 23:04:37 +02:00
1ccc5d2b53
Update rce-shellshock-user-agent.yaml
2020-06-03 05:38:36 +05:30
b390ffa076
Create rce-shellshock-user-agent.yaml
2020-05-28 17:20:00 +02:00
4480395e5c
Update open-redirect.yaml
2020-05-27 22:24:32 +05:30
PikPikcU
PD-Team
PR3R00T
parrot
Gal Nagli
PD-Team
Dwi Siswanto
Geeknik Labs
Robbie
Hacker2202
mohammedshine
aron
Ice3man543
flag007
un-fmunozs
sushant-kamble
toufik-airane
Khaled Mohamed
Aron Molnar
SaN ThosH
d[-_-]b
Alfie Njeru
uhnysh
Harsh Bothra
Mohamed Elbadry
organiccrap
Manuel Bua
Aditya Soni