Commit Graph

584 Commits (9d8634be337f19d48542de8586d7a5de601182dd)

Author SHA1 Message Date
Gal Nagli ab46a9b2f0
Update basic-cors.yaml
Severity should be info.
2021-04-10 01:01:09 +03:00
Prince Chaddha 1df35d4f32
Create maccmsv10-backdoor.yaml 2021-04-10 03:30:22 +05:30
Prince Chaddha 939b8bee6c
Create myucms-lfr.yaml 2021-04-10 03:10:57 +05:30
Prince Chaddha 03c6126f60
Create etouch-v2-sqli.yaml 2021-04-07 22:03:17 +05:30
Prince Chaddha 797098e7fc
Create feifeicms-lfr.yaml 2021-04-07 19:54:35 +05:30
Prince Chaddha 220a6461fb
Create 74cms-sqli.yaml 2021-04-06 23:59:29 +05:30
sandeep 0c243d188a tags improvements 2021-04-06 13:45:46 +05:30
sandeep e4b9397b06 Adding missing wordpress tags 2021-04-06 13:19:32 +05:30
sandeep 8fdfc64e54 misc tag updates 2021-04-06 12:16:11 +05:30
sandeep d34ca6773b misc changes 2021-04-05 23:55:18 +05:30
sandeep e934241101 Update empirecms-xss.yaml 2021-04-05 22:13:16 +05:30
PikPikcU d789177b06
Create empirecms-xss.yaml 2021-04-05 08:16:27 +00:00
sandeep 40fb0066c3 more reference 2021-04-02 21:38:35 +05:30
sandeep 3daa03c799 Update cache-poisoning.yaml 2021-04-02 19:19:50 +05:30
Mohamed Elbadry 5eb1e78503
Create cache-poisoning.yaml 2021-04-02 15:14:09 +02:00
sandeep 532dc4cf0c Added more info and strict matcher 2021-03-29 17:05:11 +05:30
Rojan Rijal 82fbfcf962
Create unauth-message-read.yaml 2021-03-28 23:42:11 -07:00
PD-Team 59574cc701
Revert "Create apache-spark-rce" 2021-03-26 00:16:29 +05:30
sandeep 28bf41830f Merge branch 'patch-104' of https://github.com/pikpikcu/nuclei-templates into pikpikcu-patch-104 2021-03-25 22:37:34 +05:30
Prince Chaddha 2aa7c97e40
Update apache-spark-rce.yaml 2021-03-25 21:25:59 +05:30
sandeep b5c4ed0e2e Update wordpress-rce-simplefilelist.yaml 2021-03-25 19:21:30 +05:30
Mzack9999 351167e91f removing redundant boolean check 2021-03-25 00:28:50 +01:00
Prince Chaddha 9a750ba944
Merge pull request #1136 from pikpikcu/patch-134
Create thinkcmf-arbitrary-code-execution.yaml
2021-03-24 17:22:58 +05:30
Prince Chaddha 915aeb93bb Update thinkcmf-arbitrary-code-execution.yaml 2021-03-24 17:21:31 +05:30
PikPikcU 356856a983
Create thinkcmf-arbitrary-code-execution.yaml 2021-03-24 01:10:20 +00:00
PikPikcU 568a795319
Update thinkcmf-lfi.yaml 2021-03-24 00:42:53 +00:00
PD-Team 1e541d324f
Merge pull request #1116 from pikpikcu/patch-127
Create tpshop-directory-traversal.yaml
2021-03-21 21:04:43 +05:30
sandeep 7af81a3ce8 Update tpshop-directory-traversal.yaml 2021-03-21 21:04:33 +05:30
PD-Team 0c20bbf8b5
Merge pull request #1119 from pikpikcu/patch-130
Create xdcms-sqli
2021-03-21 20:43:51 +05:30
sandeep 8fd55de534 Update error-based-sql-injection.yaml 2021-03-21 20:28:22 +05:30
PikPikcU 7674824c98
Create xdcms-sqli.yaml 2021-03-21 10:15:44 +00:00
PikPikcU ce51bfee06
Create tpshop-directory-traversal.yaml 2021-03-21 02:53:52 +00:00
Geeknik Labs a3d7047521
Update error-based-sql-injection.yaml
Reverting back to raw http request. Sending encoded requests using net/http were missing blatant SQL injections. 

Before:

[INF] Loading templates...
[INF] [error-based-sql-injection] Error based SQL injection (@geeknik) [high]
[INF] Loading workflows...
[INF] Using 1 rules (1 templates, 0 workflows)
[INF] No results found. Better luck next time!

After:

[INF] Loading templates...
[INF] [error-based-sql-injection] Error based SQL injection (@geeknik) [high]
[INF] Loading workflows...
[INF] Using 1 rules (1 templates, 0 workflows)
[2021-03-20 14:48:59] [error-based-sql-injection:MariaDB] [http] [high] https://REDACTED/') [check the manual that corresponds to your MariaDB server version]
2021-03-20 19:52:48 +00:00
Prince Chaddha c04d699985 wordpress-infinitewp-auth-bypass 2021-03-19 02:10:02 +05:30
sandeep d2115fa8f6 Update hashicorp-consul-rce.yaml 2021-03-18 18:37:43 +05:30
sandeep 4e16407c52 Update hashicorp-consul-rce.yaml 2021-03-18 18:36:13 +05:30
PD-Team 75cd16f667
Merge pull request #1100 from geeknik/patch-51
Create error-based-sql-injection.yaml
2021-03-18 14:06:56 +05:30
sandeep 0c602a56e7 Update error-based-sql-injection.yaml 2021-03-18 14:05:19 +05:30
sandeep ad84ecb792 tag improvements 2021-03-18 13:24:36 +05:30
Geeknik Labs 988d0c75c9
Update error-based-sql-injection.yaml 2021-03-17 20:39:57 +00:00
Geeknik Labs 019a193aec
Update error-based-sql-injection.yaml 2021-03-17 19:31:08 +00:00
Geeknik Labs be020357e8
Update error-based-sql-injection.yaml 2021-03-17 19:25:02 +00:00
Geeknik Labs 99bb91c255
Update error-based-sql-injection.yaml 2021-03-17 19:19:27 +00:00
Geeknik Labs 8fe5f4e1ff
Create error-based-sql-injection.yaml
🎉  OMG 🎉 
Detect Error Based SQL Injection
Includes regex matchers + extractors for 29 Database Engines
💥 https://buymeacoffee.com/geeknik 💥
2021-03-17 17:30:53 +00:00
sandeep 3c8432686c Update viewlinc-crlf-injection.yaml 2021-03-16 14:05:20 +05:30
Geeknik Labs e951c75c59
Update viewlinc-crlf-injection.yaml 2021-03-15 20:04:37 +00:00
Geeknik Labs 0068d7ae0c
Create viewlinc-crlf-injection.yaml
This was discovered whilst participating in a private Hacker0x01 bug bounty program.
2021-03-15 20:00:56 +00:00
PD-Team fb65d9341b
Merge branch 'master' into patch-4 2021-03-15 00:30:30 +05:30
sandeep ffae74a6a8 Updated to openam-detection 2021-03-15 00:27:59 +05:30
PD-Team 47a7ea85e0
Merge pull request #1066 from r3naissance/master
Add teacherease-xss and parentlink-xss to /vulnerabilities/other/
2021-03-14 17:12:05 +05:30
sandeep e18b34cc64 few updates 2021-03-14 17:07:52 +05:30
Dhiyaneshwaran ed87cc42a8
Create pmb-local-file-disclosure.yaml 2021-03-12 22:42:45 +05:30
sandeep 9ff6adff73 Update wordpress-accessible-wpconfig.yaml 2021-03-12 17:58:35 +05:30
sandeep 28b0636f2d syntax update 2021-03-12 17:32:16 +05:30
PD-Team c35ed8a408
Merge branch 'master' into wordpress-cves 2021-03-12 17:25:27 +05:30
sandeep a0785510f5 Update apache-flink-unauth-rce.yaml 2021-03-12 12:42:17 +05:30
sandeep db18f137e6 linting updates 2021-03-12 12:40:16 +05:30
PD-Team bee7bbdac0
Merge pull request #1037 from PurushottamanR/master
Moodle jitsi plugin XSS detection
2021-03-12 01:13:37 +05:30
sandeep 830cc84899 Update moodle-jitsi-plugin-xss.yaml 2021-03-12 01:08:56 +05:30
sandeep 48dc97b6fe Update moodle-jitsi-plugin-xss.yaml 2021-03-12 01:06:37 +05:30
Chapman Schleiss 655308b864
Added reference 2021-03-11 09:50:26 -07:00
sandeep 86faa863f6 Added some reference 2021-03-11 20:33:36 +05:30
Chapman Schleiss 881cedaabc Adding teacherease-xss 2021-03-10 12:36:44 -07:00
Chapman Schleiss 8a015fe306 Adding parentlink-xss 2021-03-10 12:36:08 -07:00
sandeep ed91c0813e more typos 2021-03-10 19:45:41 +05:30
sandeep 06945d56a8 fixing typos 2021-03-10 19:33:49 +05:30
Prince Chaddha de3b1d27ea added templates 2021-03-10 17:06:11 +05:30
Prince Chaddha ce919375eb Create wordpress-auth-bypass-wptimecapsule.yaml 2021-03-10 12:29:08 +05:30
sandeep 79ebf9b5bd Update moodle-jitsi-plugin-xss.yaml 2021-03-07 14:28:07 +05:30
sandeep 944493d343 wip 2021-03-07 13:48:33 +05:30
sandeep d67648b6d7 Update moodle-jitsi-plugin-xss.yaml 2021-03-07 13:43:48 +05:30
purushottamanr 17a4f315e7 moodle jitsi plugin XSS detection 2021-03-06 13:52:35 -05:00
purushottamanr 7ab99e908a moodle jitsi plugin XSS detection 2021-03-06 13:25:44 -05:00
sandeep 04cc9c44fb xss matchers update 2021-03-04 21:32:34 +05:30
sandeep e9c9c4822f misc update 2021-03-04 21:04:06 +05:30
PikPikcU 4e31596426
Fix 🛠️ 2021-03-03 22:07:46 +07:00
PikPikcU 8a2f8ca4ee
Fix name 🛠️ 2021-03-03 22:03:52 +07:00
PikPikcU b831644c7e
Update apache-sprak-rce.yaml 2021-03-03 21:49:11 +07:00
PikPikcU 0389429c1f
Create apache-sprak-rce.yaml 2021-03-03 11:02:51 +00:00
sandeep fdd015042f Update simple-employee-rce.yaml 2021-03-02 21:42:00 +05:30
PikPikcU 0e78ce0a5b
Create simple-employee-rce.yaml 2021-03-01 11:40:03 +00:00
PikPikcU b9d3325fc6
Create ruijie-networks-lfi.yaml 2021-03-01 10:21:32 +00:00
sandeep 4c319fc79f Update ruijie-networks-rce.yaml 2021-03-01 13:37:10 +05:30
PikPikcU 7ec42cf499
Update ruijie-networks-rce.yaml 2021-03-01 06:57:32 +00:00
PikPikcU c55692e01c
Create ruijie-networks-rce.yaml 2021-03-01 06:56:46 +00:00
PikPikcU 6a4bd45625
Add tags 2021-02-27 00:39:28 +07:00
PikPikcU 481ba6aba1
Create duomicms-sql-injection.yaml 2021-02-26 22:44:31 +07:00
sandeep e29525ecf7 Update hashicorp-consul-rce.yaml 2021-02-26 17:32:50 +05:30
sandeep a15fad8cb7 Update hashicorp-consul-rce.yaml 2021-02-26 17:01:59 +05:30
PikPikcU d926680125
Update hashicorp-consul-rce.yaml 2021-02-26 11:29:22 +00:00
PikPikcU 52f6fab37b
Update hashicorp-consul-rce.yaml 2021-02-26 11:06:28 +00:00
PikPikcU 50f5c91edf
Create hashicorp-consul-rce.yaml 2021-02-26 09:02:50 +00:00
PD-Team 4fb3b338a0
Merge pull request #954 from daffainfo/patch-2
Update wordpress-user-enumeration.yaml
2021-02-26 11:22:23 +05:30
sandeep 36694ceec9 wp workflow update 2021-02-26 11:21:15 +05:30
Muhammad Daffa 1f3b105490
Update wordpress-user-enumeration.yaml 2021-02-26 08:36:34 +07:00
PD-Team 3a22ab23c0
Merge pull request #938 from gano3s/master
Improvement of the regex in open redirection template
2021-02-26 01:20:40 +05:30
sandeep 5241e0f960 Update open-redirect.yaml 2021-02-26 01:16:45 +05:30
sandeep acd1ab4735 misc changes 2021-02-26 00:21:07 +05:30
Dhiyaneshwaran 2e3aa4355f
Merge pull request #18 from projectdiscovery/master
improved matcher
2021-02-25 23:42:45 +05:30
sandeep 9bcd36338e improved matcher 2021-02-25 23:38:40 +05:30
Dhiyaneshwaran b24a1eecae
Create wordpress-affiliatewp-allowed-products.yaml 2021-02-25 23:21:42 +05:30
sandeep 1355185b45 improved matcher 2021-02-25 23:04:21 +05:30
PD-Team 237b268e31
Merge pull request #937 from pikpikcu/patch-82
Create weiphp-path-traversal
2021-02-25 18:43:18 +05:30
sandeep 1dbd3b082b matcher update 2021-02-25 18:29:49 +05:30
PikPikcU 277f7c21d6
Delete weiphp-sql-injection.yaml 2021-02-25 12:37:44 +00:00
PikPikcU bf11f5889f
Update weiphp-sql-injection.yaml 2021-02-25 12:02:35 +00:00
sandeep 609ac0e098 Update rockmongo-xss.yaml 2021-02-25 17:16:33 +05:30
sandeep 3ea4c3a826 Update rockmongo-xss.yaml 2021-02-25 17:15:21 +05:30
PikPikcU 63a71afa62
Create rockmongo-xss.yaml 2021-02-25 11:28:40 +00:00
sandeep c2982994a4 Update weiphp-sql-injection.yaml 2021-02-25 16:36:57 +05:30
sandeep 30483cf1e5 Update weiphp-path-traversal.yaml 2021-02-25 16:18:18 +05:30
ganoes 8927253cb3 Improvement of the regex in open redirection template 2021-02-25 11:13:01 +01:00
PikPikcU 4a55ac7128
Update weiphp-sql-injection.yaml 2021-02-25 10:02:04 +00:00
PikPikcU e81b961873
Update weiphp-sql-injection.yaml 2021-02-25 09:51:58 +00:00
PikPikcU fe995933bc
Create weiphp-sql-injection.yaml 2021-02-25 09:49:18 +00:00
sandeep 48f55d25d0 Update weiphp-path-traversal.yaml 2021-02-25 15:03:56 +05:30
PikPikcU f0f11568c0
Update weiphp-path-traversal.yaml 2021-02-25 09:07:26 +00:00
PikPikcU b18c68674c
Create weiphp-path-traversal.yaml 2021-02-25 08:59:17 +00:00
PD-Team 9e9aa20646
Merge pull request #929 from pikpikcu/patch-80
zhiyuan-oa session leak
2021-02-24 23:24:28 +05:30
sandeep a0175f96c4 Update zhiyuan-oa-info-leak.yaml 2021-02-24 23:22:23 +05:30
sandeep 00abdb4732 Update yarn-resourcemanager-rce.yaml 2021-02-24 21:29:13 +05:30
sandeep 99b1ae2d46 Improved matcher 2021-02-24 21:28:48 +05:30
PikPikcU 2f39160e65
Create zhiyuan-oa-info-leak.yaml 2021-02-24 08:07:57 +00:00
PikPikcU b86a406d26
Create zhiyuan-oa-session-leak.yaml 2021-02-24 08:06:28 +00:00
Muhammad Daffa f6042d3d43
Update wordpress-accessible-wpconfig.yaml 2021-02-22 09:51:01 +07:00
sandeep cd2a3a7a77 Update dedecms-openredirect.yaml 2021-02-20 23:12:14 +05:30
PikPikcU d118e3e8cf
Create dedecms-openredirect.yaml 2021-02-21 00:35:47 +07:00
sandeep 6f74d31e0b few updates 2021-02-20 22:41:54 +05:30
PikPikcU 6ace5ab376
Create finereport-path-traversal.yaml 2021-02-20 23:36:48 +07:00
sandeep 5ffc1aa211 Update metinfo-lfi.yaml 2021-02-20 19:24:20 +05:30
PikPikcU 6e19a6eb45
Create metinfo-lfi.yaml 2021-02-20 07:25:43 +07:00
sandeep d77862ef7b adding tags 2021-02-19 13:51:21 +05:30
PikPikcU e537b279a0
Create cisco-webui-rce.yaml 2021-02-19 14:39:32 +07:00
sandeep b538a7f481 Update seacms-rce.yaml 2021-02-18 20:38:50 +05:30
PikPikcU 15bff234ef
Create seacms-rce.yaml 2021-02-18 20:05:35 +07:00
sandeep 0ca299e92b adding wp template and workflow 2021-02-17 17:33:03 +05:30
sandeep 86243622cc tag updates 2021-02-16 22:32:57 +05:30
sandeep 6d88f03e08 moving files around 2021-02-16 14:54:04 +05:30
sandeep a9769ed11b Update oracle-glassfish-lfi.yaml 2021-02-16 14:25:42 +05:30
PikPikcU b38e84957e
Update oracle-glassfish-lfi.yaml 2021-02-16 08:41:11 +00:00
PikPikcU 35e0b8e2f4
Create oracle-glassfish-lfi.yaml 2021-02-16 08:38:42 +00:00
PD-Team a772670227
Merge pull request #866 from pikpikcu/patch-66
Create cacti-weathermap-file-write
2021-02-16 02:19:45 +05:30
sandeep b4a9d2ec68 Update cacti-weathermap-file-write.yaml 2021-02-16 02:17:45 +05:30
PD-Team f165b4bef4
Merge pull request #867 from Mad-robot/master
Create Zebra_Form_XSS.yaml
2021-02-16 00:30:09 +05:30
sandeep 3bb6b81dc5 misc changes 2021-02-16 00:28:11 +05:30
Geeknik Labs 07eb454de6
Update open-redirect.yaml
Seems a bit rude to add a production website like test.com to a template like this will generate a ton of unexpected traffic for a company who might not be expecting it or appreciating it.
2021-02-15 17:42:57 +00:00
sandeep 55b6b33e93 misc changes 2021-02-15 21:29:12 +05:30
SaN ThosH 18fde04cb7
Update Zebra_Form_XSS.yaml 2021-02-15 17:54:22 +05:30
SaN ThosH 1655381ae6
Update Zebra_Form_XSS.yaml 2021-02-15 17:53:52 +05:30
SaN ThosH 68ffcca822
Update Zebra_Form_XSS.yaml 2021-02-15 17:42:09 +05:30
SaN ThosH 91768dc160
Create Zebra_Form_XSS.yaml 2021-02-15 16:13:31 +05:30
PikPikcU 3f3f9b9f43
Create samsung-wlan-ap-rce.yaml 2021-02-15 06:17:07 +00:00
PikPikcU 50c0d50d3d
Create samsung-wlan-ap-xss.yaml 2021-02-15 05:53:18 +00:00
PikPikcU ef6b416535
Create cacti-weathermap-file-write.yaml 2021-02-15 04:39:47 +00:00
PikPikcU 9daed142be
Create samsung-wlan-ap-lfi.yaml 2021-02-15 04:30:32 +00:00
sandeep eb50c32a64 Update rails6-xss.yaml 2021-02-15 04:27:45 +05:30
sandeep 4d8510a60d Update rails6-xss.yaml 2021-02-15 00:31:40 +05:30
PD-Team f577b9c91e
Merge pull request #860 from Mad-robot/master
Update rails6-xss.yaml
2021-02-15 00:17:02 +05:30
sandeep 6222b9fe49 Added working poc as comment 2021-02-15 00:15:07 +05:30
sandeep 58835cfc59 Update oa-tongda-path-traversal.yaml 2021-02-14 20:24:12 +05:30
SaN ThosH ccd53e0677
Update rails6-xss.yaml 2021-02-14 19:04:20 +05:30
PikPikcU 9362086705
Create oa-tongda-path-traversal.yaml 2021-02-14 12:22:51 +00:00
PD-Team 483161371b
Merge pull request #857 from afaq1337/patch-2
added new signatures for URL Redirect
2021-02-14 17:13:59 +05:30
sandeep 0c82bbb53c Update open-redirect.yaml 2021-02-14 17:12:34 +05:30
sandeep 0ee8b53fb4 payload updates 2021-02-14 17:11:51 +05:30
sandeep 0e5a07232f misc changes 2021-02-14 16:29:41 +05:30
PikPikcU 197bf2286e
Create powercreator-cms-rce.yaml 2021-02-14 08:40:45 +00:00
Afaq dea2fd28dc
update name 2021-02-14 13:35:57 +05:00
Afaq 01535dd36a
added new signatures for URL Redirect
Update double quotes with single quotes against escaping, and added new signatures
2021-02-14 13:29:18 +05:00
sandeep 768c05a9df Update rce-shellshock-user-agent.yaml 2021-02-13 10:25:02 +05:30
sandeep ec7a29957d Adding tags to vulnerabilities and workflows 2021-02-12 11:23:01 +05:30
sandeep 16f23c84be improved matcher 2021-02-12 10:29:05 +05:30
Khaled Mohamed e7c6731d1a
Update
Edit after update from Mohamed elbadry @melbadry9
2021-02-11 22:53:19 +02:00
sandeep 5c419acb32 misc updates 2021-02-12 02:03:38 +05:30
PikPikcU 82acc49390
Update and rename thinkcmf-shell-write.yaml to thinkcmf-rce.yaml 2021-02-11 17:49:03 +00:00
PikPikcU 29eda8d1ab
Create thinkcmf-shell-write.yaml 2021-02-11 17:31:25 +00:00
sandeep e6c31e6512 Update thinkcmf-lfi.yaml 2021-02-11 22:23:14 +05:30
PikPikcU 2b8c738e03
Create thinkcmf-lfi.yaml 2021-02-11 15:46:20 +00:00
sandeep aefbc1db67 misc changes 2021-02-10 22:07:17 +05:30
PikPikcU f27418b7ba
Added apache-flink-rce (#810) 2021-02-10 20:48:24 +05:30
Prince Chaddha e02cba08c8
Create jira-unauthenticated-projectcategories.yaml 2021-02-10 02:59:28 +05:30
Prince Chaddha 41cb45656c
Create jira-unauthenticated-adminprojects.yaml 2021-02-10 02:51:14 +05:30
Prince Chaddha 557f0113ff
Create jira-unauthenticated-resolutions.yaml (#830) 2021-02-10 02:35:12 +05:30
PD-Team 0a82b1920f Added tags to wordpress templates. 2021-02-05 14:53:55 +05:30
PD-Team 83fb22a81b
Merge pull request #801 from pikpikcu/patch-42
Adding sangfor-edr-rce
2021-02-03 17:30:11 +05:30
PD-Team 3a28f79400 Update chamilo-lms-xss.yaml 2021-02-03 16:58:43 +05:30
PikPikcU c21acfa7a0
Create sangfor-edr-rce.yaml 2021-02-03 04:40:07 +00:00
Geeknik Labs 26f1e7d857
Create chamilo-lms-xss.yaml 2021-02-01 20:54:21 +00:00
PD-Team fa732d4565
Merge pull request #787 from pikpikcu/patch-36
Create dlink-dir-850l-info-leak
2021-02-01 23:12:23 +05:30
PD-Team b476243f85 misc changes 2021-02-01 23:11:29 +05:30
PD-Team c649ff4a85 Added key-cloak xss and admin panel 2021-02-01 22:17:31 +05:30
PD-Team 6101f8e537 misc update 2021-01-31 12:54:53 +05:30
PikPikcU ed4b717d65
Create wooyun-path-traversal.yaml 2021-01-30 21:37:05 +00:00
PD-Team f6ccec48ed Update CNVD-2020-62422.yaml 2021-01-30 18:33:26 +05:30
PikPikcU 64209dca7d
Create CNVD-2020-62422.yaml 2021-01-30 10:45:17 +00:00
PD-Team a887ebe289 few updates 2021-01-26 20:01:01 +05:30
PR3R00T 7f1abf1e4b
Update sonicwall-sslvpn-shellshock.yml 2021-01-26 10:45:15 +00:00
PR3R00T 1712d10086
Update sonicwall-sslvpn-shellshock.yml 2021-01-26 10:44:17 +00:00
PR3R00T 4782898579
Update sonicwall-sslvpn-shellshock.yml 2021-01-26 10:40:48 +00:00
PR3R00T f4529d02c5
Update sonicwall-sslvpn-shellshock.yml 2021-01-26 10:37:18 +00:00
PR3R00T abe3f04402
Update sonicwall-sslvpn-shellshock.yml 2021-01-26 10:34:17 +00:00
PR3R00T 45d26b875e
New Sonicwall 0day Exploit test 2021-01-26 10:20:46 +00:00
PD-Team c762044d29 updating incorrect file permissions 2021-01-21 23:28:32 +05:30
PD-Team a98c2c6bb1 moving files 2021-01-21 23:11:15 +05:30
PD-Team de09cbbd43 updating template 2021-01-21 20:17:20 +05:30
PD-Team 1a14ff8c44 syntax update 2021-01-19 12:33:48 +05:30
parrot 58ebf59035 Added ThinkPHP templates and signature. 2021-01-19 01:16:59 -03:00
PD-Team dc24595935 BaseURL updates 2021-01-14 20:11:56 +05:30
Khaled Mohamed 5c2eabbebc
Create openam-ldap-injection.yaml
reference: https://blog.cybercastle.io/ldap-injection-in-openam/

The vulnerability was found in the password reset feature that OpenAM provides. When a user tries to reset his password, he is asked to enter his username then the backend validates whether the user exists or not through an LDAP query before the password reset token is sent to the user’s email.
2021-01-13 23:36:19 +02:00
team-projectdiscovery 106da77fc3 Preparing for request clustering 2021-01-13 13:01:46 +05:30
team-projectdiscovery b5159893d0 removing duplicate template 2021-01-13 12:40:31 +05:30
team-projectdiscovery 0b4c49e485 misc 2021-01-11 13:24:57 +05:30
team-projectdiscovery c62dfd2b53 adding few from masters 2021-01-11 12:28:56 +05:30
team-projectdiscovery 1468d8a52c matcher updates 2021-01-11 12:14:22 +05:30
team-projectdiscovery b5dd30abf5 fixes 2021-01-11 04:09:54 +05:30
team-projectdiscovery b80ca7732d linting errors 2021-01-11 03:31:24 +05:30
team-projectdiscovery a52ffe5c4e fixes and updates 2021-01-10 19:45:36 +05:30
team-projectdiscovery a90d047991 Massive template checks addition 🎉 🎉 2021-01-10 18:41:25 +05:30
team-projectdiscovery 187e4a5feb moving more files around 2021-01-09 18:32:04 +05:30
team-projectdiscovery 95d784d9b7 moving folder/files around 2021-01-08 22:25:54 +05:30
team-projectdiscovery 9a1c93c1c0 Update thinkific-redirect.yaml 2020-12-29 11:30:30 +05:30
Gal Nagli c5838760fe
Create thinkific-redirect.yaml 2020-12-29 00:51:40 +02:00
team-projectdiscovery fb3b2551df Removing as this is same as cve-2020-11738 2020-12-23 19:31:29 +05:30
team-projectdiscovery 441c1d2c40 updated rails6-xss 2020-12-23 14:54:03 +05:30
PD-Team 280ad158a5
Merge pull request #682 from PR3R00T/patch-6
Linux appliance version of vmware-vcenter-lfi.yaml
2020-12-15 01:14:33 +05:30
team-projectdiscovery 6690a49299 Update vmware-vcenter-lfi-linux.yaml 2020-12-15 01:14:06 +05:30
team-projectdiscovery 961977a1d4 Update easy-wp-smtp-listing.yaml 2020-12-14 19:04:51 +05:30
PR3R00T 9d6d6bbd70
Linux appliance version of vmware-vcenter-lfi.yaml
Looking into the references in vmware-vcenter-lfi.yaml, Twitter comments also mentioned it affecting the Linux appliance version (VMWare PSC). 
I created this template and tested it on vulnerable PSCs.
2020-12-13 20:30:05 +00:00
PR3R00T 76e8315c3f
Create easy-wp-smtp-listing.yaml 2020-12-13 20:05:21 +00:00
team-projectdiscovery d0df82d928 Adding content type checks for XSS templates 2020-12-14 00:54:23 +05:30
Dwi Siswanto 0d103fe950 ✏️ Update description 2020-12-09 15:53:20 +07:00
Dwi Siswanto 711053cfa5 🔥 Add McAfee ePO RCE vulnerability 2020-12-09 15:33:35 +07:00
bauthard 9d51cec01e Reference update 2020-11-23 23:56:36 +05:30
bauthard beb578cdf0 Marker updates to payloads
Adding § marker to variable names to avoid any confusion with real data and variable name, supported from nuclei v2.2.0
2020-11-21 12:25:49 +05:30
Geeknik Labs bc398cf3e3
Update open-redirect.yaml
Add `langTo` parameter.
2020-11-16 17:02:48 +00:00
Geeknik Labs a2243cbf30
Update open-redirect.yaml
Add missing host to `RequestURI`. 👍🏻
2020-11-16 16:52:13 +00:00
bauthard 4f746684c8 Encoding updates 2020-11-10 19:43:51 +05:30
bauthard 377a7df758 Adding NUUO NVRmini2 3.0.8 - Remote Code Execution 2020-11-09 16:09:50 +05:30
bauthard e55d12c8de
Merge pull request #587 from dwisiswant0/add-vuln/wordpress-wpcourses-info-disclosure
Add wordpress-wpcourses-info-disclosure
2020-10-23 02:16:07 +05:30
bauthard c11b53eedb Update sassy-social-share.yaml 2020-10-23 02:08:55 +05:30
Dwi Siswanto 4e09270571 🔥 Add wordpress-wpcourses-info-disclosure 2020-10-20 23:46:12 +07:00
Robbie 6a1ade3566
Create sassy-social-share.yaml 2020-10-20 16:28:01 +01:00
bauthard ec50c8519e
Merge pull request #574 from dwisiswant0/add/vpms-auth-bypass
Add Vehicle Parking Management System 1.0 - Authentication Bypass
2020-10-16 13:23:21 +05:30
Dwi Siswanto 5885f7b7cc 🔥 Add VPMS Auth Bypass 2020-10-16 02:42:37 +07:00
Dwi Siswanto 8903773275 📝 Add more regex patterns 2020-10-16 02:32:52 +07:00
Dwi Siswanto c098675c01 🔥 Add ZMS Auth Bypass 2020-10-16 02:30:42 +07:00
Dwi Siswanto f899b78fa8 🔥 Add rConfig RCE 2020-10-16 00:26:11 +07:00
bauthard 29ec4777e2 Update vmware-vcenter-lfi.yaml 2020-10-13 21:34:12 +05:30
bauthard aa83f5e443 Update vmware-vcenter-lfi.yaml 2020-10-13 21:32:26 +05:30
Dwi Siswanto 7b662fbaee 🔨 Update regex pattern 2020-10-13 22:51:29 +07:00