Commit Graph

584 Commits (9d8634be337f19d48542de8586d7a5de601182dd)

Author SHA1 Message Date
Prince Chaddha 21c1dc2c70
Merge pull request #1337 from projectdiscovery/princechaddha-patch-7
Create resin-cnnvd-200705-315.yaml
2021-05-16 02:33:31 +05:30
sandeep fc66a9e076 Removing duplicate template 2021-05-11 23:48:36 +05:30
sandeep 7cd00b6145 Removing invalid paths 2021-05-11 02:15:17 +05:30
Sandeep Singh c2aad94548
Merge pull request #1458 from geeknik/patch-91
Update top-xss-params.yaml
2021-05-11 00:29:39 +05:30
sandeep 7019946599 Improved matcher 2021-05-11 00:29:01 +05:30
Geeknik Labs 37ac4c0924
Update top-xss-params.yaml
Fix more false positives.
2021-05-10 18:39:09 +00:00
Geeknik Labs dea16d4ebd
Update top-xss-params.yaml
Fixes an edge case false positive on AkamaiGhost servers
2021-05-10 18:20:48 +00:00
Prince Chaddha b4b30c95ee
Update oa-v9-uploads-file.yaml 2021-05-10 13:23:08 +05:30
Noam Rathaus 8766b537dd Add reference 2021-05-10 09:52:26 +03:00
Noam Rathaus fa7567f68e Its not really a regex 2021-05-10 09:35:36 +03:00
Noam Rathaus 4c201aa1dd It is not just a file upload 2021-05-10 09:35:10 +03:00
Noam Rathaus 1e364a6cdb Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates 2021-05-10 09:27:13 +03:00
Sandeep Singh 7fde950173
Merge pull request #1327 from projectdiscovery/showdoc-file-upload
Adding Showdoc < 2.8.6 File Upload RCE
2021-05-10 01:36:45 +05:30
sandeep 1f8ff83353 tags update 2021-05-10 01:34:11 +05:30
sandeep ccfb5ca4c4 regex update 2021-05-10 01:33:27 +05:30
Noam Rathaus 18dff7387c Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates 2021-05-09 08:32:05 +03:00
Sandeep Singh bd9997113e
Merge pull request #1430 from geeknik/patch-90
Update open-redirect.yaml
2021-05-07 16:18:32 +05:30
Sandeep Singh 311d517c05
Merge pull request #1421 from geeknik/patch-85
Update top-xss-params.yaml
2021-05-07 15:23:09 +05:30
sandeep 871a4107b5 Added complete payload and matcher 2021-05-07 15:21:59 +05:30
sandeep d950f72ff9 minor update 2021-05-07 14:56:40 +05:30
sandeep 0159c284e7 minor update 2021-05-07 14:53:34 +05:30
sandeep 8b9ec9d5fe Minor updates 2021-05-07 14:48:53 +05:30
Geeknik Labs 2f41002213
Update open-redirect.yaml 2021-05-06 22:38:09 +00:00
Geeknik Labs 565404910b
Update top-xss-params.yaml 2021-05-06 12:55:40 +00:00
Noam Rathaus 253ede65c1 Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates 2021-05-06 15:16:27 +03:00
Dhiyaneshwaran f5524e2b78
Update oracle-ebs-xss.yaml 2021-05-06 00:21:46 +05:30
Dhiyaneshwaran b7d47eb01a
Create oracle-ebs-xss.yaml 2021-05-06 00:05:07 +05:30
Dhiyaneshwaran 8274939810
Create kafdrop-xss.yaml 2021-05-05 23:51:53 +05:30
Dhiyaneshwaran 9944ef191f
Create joomla-lfi-com_fabrik.yaml 2021-05-05 23:48:57 +05:30
Prince Chaddha e87baf2967
Merge pull request #1346 from projectdiscovery/princechaddha-patch-11
Create wuzhicms-sqli.yaml
2021-05-05 23:30:36 +05:30
Prince Chaddha ae45a6b386
Merge pull request #1344 from projectdiscovery/princechaddha-patch-9
Create ueditor-file-upload.yaml
2021-05-05 23:29:11 +05:30
Noam Rathaus d5949e74d8 Add references 2021-05-05 17:32:21 +03:00
Noam Rathaus e68777d20a Alternative reference 2021-05-05 17:08:11 +03:00
Noam Rathaus 7f90af4d32 Reference is dead 2021-05-05 17:07:52 +03:00
Noam Rathaus 07c2e79fb9 Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates 2021-05-05 17:04:59 +03:00
Sandeep Singh 0520ad05d3
Merge pull request #1351 from projectdiscovery/princechaddha-patch-16
Create ecology-filedownload-directory-traversal.yaml
2021-05-05 17:56:59 +05:30
Sandeep Singh d1f62765f9
Merge pull request #1409 from DhiyaneshGeek/master
Gogs install exposure,Gloo UI Unauthentication
2021-05-05 17:54:37 +05:30
sandeep ae13e5e44e minor updates 2021-05-05 17:53:34 +05:30
sandeep b10918510c Adding strict matcher 2021-05-05 17:39:31 +05:30
Noam Rathaus a094b38f83 Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates 2021-05-05 08:46:32 +03:00
Sandeep Singh 127ac5e37c
Merge pull request #962 from pikpikcu/patch-89
add hashicorp-consul-rce
2021-05-05 00:02:57 +05:30
Noam Rathaus c95dc69495 References 2021-05-04 15:15:10 +03:00
Noam Rathaus 39290e574f Fix description 2021-05-04 15:14:40 +03:00
sandeep 819e201ebd Update concrete-xss.yaml 2021-05-04 13:36:54 +05:30
sandeep 052f1b3b7b Adding concrete-xss 2021-05-04 13:36:16 +05:30
Dhiyaneshwaran 585b651592
Update gloo-unauth.yaml 2021-05-03 18:23:30 +05:30
Dhiyaneshwaran a1fc27ca75
Create gloo-unauth.yaml 2021-05-03 18:14:44 +05:30
sandeep acf5d41ef9 Minor update 2021-05-02 17:51:44 +05:30
Sandeep Singh 4f9a142c6b
Merge pull request #1398 from pikpikcu/patch-154
Create landray-oa-fileread
2021-05-02 13:59:50 +05:30
sandeep f9559b1e21 Update landray-oa-fileread.yaml 2021-05-02 13:58:47 +05:30
sandeep a6df4754d4 Update landray-oa-fileread.yaml 2021-05-02 13:57:33 +05:30
Noam Rathaus 41f47a4fef Expose references 2021-05-02 09:19:55 +03:00
Noam Rathaus d8bd0d2744 This is a better name for the test 2021-05-02 09:07:50 +03:00
PikPikcU c5bdf6cbca
Create landray-oa-fileread.yaml 2021-05-02 04:42:37 +00:00
sandeep cc9d4eddf1 Update rce-via-java-deserialization.yaml 2021-05-01 17:22:03 +05:30
Noam Rathaus 9d66fd0ae1 Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates 2021-04-29 12:03:56 +03:00
sandeep 020c9a959c Additional payload 2021-04-29 13:38:39 +05:30
Noam Rathaus f898e4b539 Correct product name 2021-04-29 09:20:58 +03:00
Noam Rathaus 574135de9a Expose reference 2021-04-29 09:12:56 +03:00
Noam Rathaus 25a38d34ec Missing 's' 2021-04-29 09:11:35 +03:00
Noam Rathaus a7de9915c7 Removed self-reference 2021-04-29 08:58:02 +03:00
Noam Rathaus 91b6b1b175 Make references visible 2021-04-29 08:57:39 +03:00
Noam Rathaus 2860cdfb4a Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates 2021-04-29 08:38:11 +03:00
sandeep 2920fa9bfb matcher and payload update 2021-04-28 19:44:28 +05:30
Prince Chaddha a55db7af44
Merge pull request #1332 from projectdiscovery/princechaddha-patch-2
Create WooYun-2015-148227.yaml
2021-04-28 18:51:07 +05:30
Noam Rathaus ecb436df3e Those aren't really regexes 2021-04-28 15:07:39 +03:00
Noam Rathaus ad9314acdc Provide references to the problem (in eclipse site) and how it was fixed (and Jenkins upstream bugs related to this) 2021-04-28 14:17:47 +03:00
Noam Rathaus 9ece07bf9a Provide reference 2021-04-28 14:00:15 +03:00
Noam Rathaus e32c1bd4c1 Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates 2021-04-28 13:29:39 +03:00
Prince Chaddha 8d9d46e00a
Merge pull request #1362 from underfl0w/chamilo-lms-sqli
Chamilo 1.11.14 LMS sql injection
2021-04-28 15:55:14 +05:30
Prince Chaddha 722e305878
Update chamilo-lms-sqli.yaml 2021-04-28 15:48:34 +05:30
sandeep 5f5430a7a4 Payload and matcher fix 2021-04-28 14:42:10 +05:30
sullo be24a83a98 Simplify regex 2021-04-27 10:42:41 -04:00
sullo 1824c1df92 More flexible matching to prevent false-negatives 2021-04-27 10:38:57 -04:00
Noam Rathaus 3bdb2fdbd4 Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates 2021-04-27 14:02:16 +03:00
Noam Rathaus f55bb45e75 Give some description 2021-04-27 14:02:08 +03:00
sandeep 3adf607b6f Matcher for DNS interaction 2021-04-27 16:24:39 +05:30
Prince Chaddha eaf70d16ab
Merge pull request #1350 from projectdiscovery/princechaddha-patch-15
Create zcms-v3-sqli.yaml
2021-04-27 16:09:32 +05:30
Prince Chaddha 427f99b0c1
Update wordpress-rce-simplefilelist.yaml 2021-04-27 15:25:28 +05:30
Noam Rathaus 1aca402bf6 Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates 2021-04-27 09:42:50 +03:00
Noam Rathaus 4cc6b3bdb0 Reduce FP due to not actually execution of the PHP but rather it being returned as is (the content) 2021-04-27 09:42:41 +03:00
Prince Chaddha d705648dc4
Merge pull request #1343 from projectdiscovery/princechaddha-patch-8
Create spark-webui-unauth.yaml
2021-04-26 21:58:53 +05:30
Prince Chaddha 3079fce648
Update spark-webui-unauth.yaml 2021-04-26 21:57:46 +05:30
Prince Chaddha f726562445
Update spark-webui-unauth.yaml 2021-04-26 21:56:13 +05:30
Prince Chaddha 487e2300e1
Merge pull request #1331 from projectdiscovery/princechaddha-patch-1
Create unauth-spark-api.yaml
2021-04-26 21:52:22 +05:30
Prince Chaddha 5fcba18d1e
Merge pull request #1349 from projectdiscovery/princechaddha-patch-14
Create xunchi-file-read.yaml
2021-04-26 21:06:27 +05:30
Prince Chaddha ac29e9a622
Merge pull request #1348 from projectdiscovery/princechaddha-patch-13
Create xiuno-bbs-reinstallation.yaml
2021-04-26 21:05:39 +05:30
Prince Chaddha 4cc83776f3
Merge pull request #1352 from projectdiscovery/princechaddha-patch-17
Create ecology-springframework-directory-traversal.yaml
2021-04-26 20:48:30 +05:30
Noam Rathaus 2e1e0e932f Product name 2021-04-26 09:07:57 +03:00
Noam Rathaus 19a4bbc844 Correct product name, and link to the Gitee 2021-04-26 09:03:24 +03:00
Noam Rathaus 3857469468 Add reference 2021-04-26 09:01:39 +03:00
Noam Rathaus 909a0ce4dd Product seems to be called ectouch 2021-04-26 08:51:08 +03:00
Noam Rathaus bb974381b5 add references 2021-04-26 08:48:16 +03:00
Jurjen de Jonge b9ad93a3cd Reverted back to old technique
The ;INSERT method only seemed to work on my dev enviroment.
2021-04-24 22:15:57 +03:00
Jurjen de Jonge 5f264c9891 Updated chamilo-lms-sqli.yaml
Uses SQL injection to insert data into the database, then checks to see
if this data has been added;
2021-04-24 21:41:38 +03:00
Jurjen de Jonge d4e8720797 Chamilo 1.11.14 LMS sql injection
YAML file is now indented correctly
2021-04-24 19:35:29 +03:00
Jurjen de Jonge 2f7746fe3d Chamilo 1.11.14 LMS sql injection 2021-04-24 19:11:58 +03:00
Geeknik Labs 05c948eddd
Update error-based-sql-injection.yaml 2021-04-23 14:12:58 +00:00
Prince Chaddha 71e25fa42d
Create ecology-springframework-directory-traversal.yaml 2021-04-23 18:52:08 +05:30
Prince Chaddha 85bc6464cb
Create ecology-filedownload-directory-traversal.yaml 2021-04-23 18:50:11 +05:30