208ff38843
Create CVE-2023-30013.yaml
...
TOTOLINK X5000R V9.1.0u.6118_B20201102 and V9.1.0u.6369_B20230113 contain a command insertion vulnerability in setting/setTracerouteCfg. This vulnerability allows an attacker to execute arbitrary commands through the "command" parameter.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2023-09-30 13:15:00 +09:00
ff450a65ba
strict matcher
2023-09-29 19:04:39 +05:30
fd69046097
Added CVE-2023-29357 (Microsoft SharePoint - Authentication Bypass)
2023-09-29 18:51:23 +05:30
6784a9d2c1
format fix
2023-09-29 14:24:46 +05:30
5574a26f60
Update CVE-2019-6802.yaml
...
Updated to remove false positives.
As the previous change matches the words "Set-Cookie: crlfinjection=1" even if the words are present in the Location header too.
The updated code, will match only if the "Set-Cookie: crlfinjection=1" is actually a header, by verifying that it actually starts in the beginning of a response header.
2023-09-29 13:46:22 +05:30
77bfd17949
TemplateMan Update [Fri Sep 29 05:57:07 UTC 2023] 🤖
2023-09-29 05:57:07 +00:00
30217297c2
Merge pull request #8271 from projectdiscovery/CVE-2014-9180
...
Create CVE-2014-9180.yaml
2023-09-29 11:24:52 +05:30
e616bb0ec7
protocol update
2023-09-27 23:35:44 +05:30
bc957cd1a4
Update CVE-2023-42793.yaml
2023-09-27 23:35:06 +05:30
f0ba24afa1
JetBrains TeamCity - Remote Code Execution (CVE-2023-42793)
2023-09-27 23:25:18 +05:30
dc6b9c1e73
metadata update
2023-09-27 14:39:20 +05:30
334c3be057
Create CVE-2023-22432.yaml
2023-09-27 14:38:24 +05:30
082966e07a
Create CVE-2014-9180.yaml
2023-09-27 14:13:02 +05:30
e47239d4df
Merge pull request #8267 from projectdiscovery/CVE-2023-5074
...
Create CVE-2023-5074.yaml (Authentication Bypass in D-Link D-View 8 🔥 )
2023-09-26 21:24:12 +05:30
17669c7fd8
lint -fix
2023-09-26 21:21:03 +05:30
5f4f590e7f
Update CVE-2023-5074.yaml
2023-09-26 21:16:55 +05:30
3b789d908b
Update CVE-2023-5074.yaml
2023-09-26 21:13:29 +05:30
eec309f75f
TemplateMan Update [Tue Sep 26 15:42:15 UTC 2023] 🤖
2023-09-26 15:42:16 +00:00
85868d5802
Merge pull request #8216 from zn9988/main
...
Create CVE-2023-2479.yaml
2023-09-26 21:09:57 +05:30
e48aa75f0f
fix-trail-spacing
2023-09-26 20:09:49 +05:30
52c9d36132
Create CVE-2023-5074.yaml
2023-09-26 20:05:39 +05:30
634eb6f24f
Merge pull request #8225 from projectdiscovery/CVE-2023-36845
...
Create CVE-2023-36845.yaml (Juniper J-Web - Remote Code Execution 🔥 )
2023-09-26 18:57:53 +05:30
6d40f1256d
fix trail space
2023-09-26 12:42:57 +05:30
ae67cf87ba
minor update
2023-09-26 12:33:31 +05:30
c79554fd80
TemplateMan Update [Tue Sep 26 05:47:05 UTC 2023] 🤖
2023-09-26 05:47:06 +00:00
2c1392e423
Merge pull request #8260 from kazet/zzzcms-rce-fp
...
ZZZCMS RCE is a false positive if we see phpinfo() without posting any data
2023-09-26 11:14:55 +05:30
59151619bc
req and matcher update
2023-09-26 10:19:09 +05:30
f188fcbe2f
more precise status code match
2023-09-25 16:28:43 +02:00
8e3d9c97ce
ZZZCMS RCE is a false positive if we see phpinfo() without posting any data
2023-09-25 16:24:23 +02:00
463f722ad7
Create CVE-2023-30625.yaml
...
rudder-server is part of RudderStack, an open source Customer Data Platform (CDP). Versions of rudder-server prior to 1.3.0-rc.1 are vulnerable to SQL injection. This issue may lead to Remote Code Execution (RCE) due to the `rudder` role in PostgresSQL having superuser permissions by default. Version 1.3.0-rc.1 contains patches for this issue.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2023-09-24 18:15:00 +09:00
d549599606
fix: typo in cve-2023-23492 template name ( #8250 )
2023-09-23 15:12:58 +05:30
8c3ccf581b
fix: typo in template CVE-2023-24735 name
2023-09-21 11:10:50 +03:00
47f97458af
Create CVE-2023-42442.yaml
2023-09-20 16:14:04 +05:30
3115469524
Merge pull request #8224 from projectdiscovery/CVE-2023-4568
...
Create CVE-2023-4568.yaml (PaperCut NG Unauthenticated XMLRPC Functionality 🔥 )
2023-09-19 13:50:04 +05:30
4dc094fffa
Create CVE-2023-36845.yaml
2023-09-19 07:24:05 +05:30
835179f9be
Merge pull request #8203 from projectdiscovery/CVE-2023-2766
...
Create CVE-2023-2766.yaml
2023-09-18 23:51:03 +05:30
6335a4e3a0
matcher and info update
2023-09-18 23:47:32 +05:30
681a1b3263
Create CVE-2023-4568.yaml
2023-09-18 23:06:47 +05:30
18f37d9226
Update CVE-2022-0342.yaml
2023-09-18 18:51:11 +05:30
8e38345f0d
Merge pull request #7997 from SleepingBag945/some_tps
...
Added 124 Templates
2023-09-18 18:13:14 +05:30
d5dfd3302c
template update
2023-09-18 18:07:42 +05:30
601100cd0f
Merge pull request #8215 from projectdiscovery/princechaddha-patch-2
...
Create CVE-2023-41892.yaml
2023-09-18 15:20:42 +05:30
823e1b1f49
Merge pull request #8113 from harsh2403/patch-18
...
Create CVE-2023-37629.yaml
2023-09-18 15:18:37 +05:30
716c8ddfce
updated matcher
2023-09-18 15:17:31 +05:30
b6550ca831
updated matcher
2023-09-18 14:31:39 +05:30
274c14e763
updated-templates-p
2023-09-17 14:21:38 +05:30
0e4f7b0565
Update CVE-2023-2813.yaml
2023-09-17 13:41:16 +05:30
1baa17c029
Fix FP -CVE-2023-2813
2023-09-17 13:37:19 +05:30
88153faaf8
Merge branch 'main' into some_tps
2023-09-17 13:03:38 +05:30
4ace2254fa
Merge pull request #8218 from projectdiscovery/CVE-2023-2813
...
Create CVE-2023-2813.yaml (48 Wordpress Themes Affected 🔥 )
2023-09-16 23:21:00 +05:30
0f037e9860
request update
2023-09-15 22:39:22 +05:30
86659ff1f4
TemplateMan Update [Fri Sep 15 17:04:28 UTC 2023] 🤖
2023-09-15 17:04:28 +00:00
8f3dfab992
Merge pull request #8178 from meme-lord/phpinfo_template
...
Added template for CVE-2023-39677 MyPrestaModules PHPInfo
2023-09-15 22:32:31 +05:30
03eb0dedc8
Merge pull request #8204 from projectdiscovery/CVE-2023-22463
...
Create CVE-2023-22463.yaml (KubePi JwtSigKey - Login Bypass 🔥 )
2023-09-15 22:31:29 +05:30
89683e2c2b
info update
2023-09-15 22:24:13 +05:30
af6f3e0897
Merge pull request #8210 from projectdiscovery/CVE-2023-4714
...
Create CVE-2023-4714.yaml
2023-09-15 22:16:15 +05:30
428b82492d
matcher & info update
2023-09-15 22:16:06 +05:30
753e4e5af7
matcher update
2023-09-15 22:12:25 +05:30
b665b1b0e8
info update
2023-09-15 22:11:27 +05:30
f122fc3ec9
Create CVE-2023-2813.yaml
2023-09-15 18:19:17 +05:30
c84e4ef64c
Templates - update
2023-09-15 17:53:57 +05:30
1353a5c204
added metadata
2023-09-15 15:54:32 +05:30
d405588ec1
Create CVE-2023-41892.yaml
2023-09-15 12:44:48 +05:30
a711c0cc04
Create CVE-2023-2479.yaml
2023-09-15 15:11:13 +08:00
67bf15b8cb
Update CVE-2023-25573.yaml
2023-09-14 23:02:41 +05:30
3d99f465a6
Update CVE-2023-4714.yaml
2023-09-14 20:41:26 +05:30
a35edf9795
Create CVE-2023-4714.yaml
2023-09-14 20:38:32 +05:30
9e2b1fa698
Update CVE-2023-25573.yaml
2023-09-14 20:34:56 +05:30
646084dced
Create CVE-2023-25573.yaml
2023-09-14 20:29:27 +05:30
db0ac300f5
Create CVE-2023-22463.yaml
2023-09-13 18:30:12 +05:30
82d46bb11d
Create CVE-2023-2766.yaml
2023-09-13 18:07:55 +05:30
a14aed0579
Merge pull request #8197 from pphuahua/patch-1
...
Fixed CVE-2022-23854.yaml
2023-09-13 11:36:11 +05:30
b4b8015c73
Merge pull request #8173 from meme-lord/main
...
Added template for CVE-2023-39676 FieldPopupNewsletter XSS
2023-09-12 17:27:58 +05:30
f9fe314b2c
name - update
2023-09-12 17:15:08 +05:30
b9b992446b
Update CVE-2022-23854.yaml
2023-09-12 15:41:24 +05:30
78e1d30ab4
TemplateMan Update [Tue Sep 12 10:04:40 UTC 2023] 🤖
2023-09-12 10:04:40 +00:00
38048e3023
Merge pull request #8120 from projectdiscovery/CVE-2023-30943
...
Create CVE-2023-30943.yaml
2023-09-12 15:32:40 +05:30
74eff31e1d
info update
2023-09-12 12:50:58 +05:30
8508734893
added classification
2023-09-12 12:49:44 +05:30
5a9459d0fd
updated template
2023-09-12 12:44:40 +05:30
7f13992675
added content-type
2023-09-12 11:44:58 +05:30
14c8f415d5
Update CVE-2022-23854.yaml
...
Due to version differences, sometimes there is no "EricomSecureGateway" in the http response.
2023-09-12 14:01:48 +08:00
f9cf8a303a
Merge pull request #8169 from projectdiscovery/remediations
...
Updating remediation for CVEs
2023-09-11 20:03:59 +05:30
921a06f483
Merge pull request #8187 from muthumohanprasath/muthumohanprasath-patch-1
...
Create CVE-2023-39598.yaml
2023-09-11 15:41:20 +05:30
e6912e6342
corrected description
2023-09-11 13:09:49 +05:30
d888ca0d4b
Update CVE-2023-39677.yaml
2023-09-11 12:27:02 +05:30
5da357447f
Update CVE-2023-39676.yaml
2023-09-11 12:14:30 +05:30
cf900022f5
Merge branch 'main' into remediations
2023-09-11 12:02:51 +05:30
b71a7bb05c
Merge pull request #8188 from muthumohanprasath/muthumohanprasath-patch-2
...
Create CVE-2023-39600.yaml
2023-09-10 22:28:58 +05:30
8bb91fcd4f
Rename CVE-2023-38433.yaml to CVE-2023-38433.yaml
2023-09-10 20:06:14 +05:30
4471d442e0
matcher update
2023-09-10 20:04:42 +05:30
3ea7388fa2
Rename CVE-2023-39598.yaml to CVE-2023-39598.yaml
2023-09-10 20:03:49 +05:30
8196867c7a
Update and rename CVE-2023-39600.yaml to CVE-2023-39600.yaml
2023-09-10 20:02:16 +05:30
2b0d68f7e7
matcher update
2023-09-10 20:01:33 +05:30
356c07ccdc
add matchers-condition: and
2023-09-10 21:44:34 +08:00
63bcb69d6f
TemplateMan Update [Sat Sep 9 17:06:23 UTC 2023] 🤖
2023-09-09 17:06:24 +00:00
216236de8c
Merge pull request #8157 from projectdiscovery/princechaddha-patch-3
...
Update CVE-2019-11580.yaml
2023-09-09 22:34:13 +05:30
c36a419cac
added myprestamodules phpinfo template
2023-09-08 12:30:28 +01:00
dad997b818
added template for CVE-2023-39676 FieldPopupNewsletter XSS
2023-09-07 10:43:17 +01:00
e418b30d19
Merge branch 'remediations' of https://github.com/projectdiscovery/nuclei-templates into remediations
2023-09-06 18:53:19 +05:30
GwanYeong Kim
sandeep
jainiresh
GitHub Action
pussycat0x
Ritik Chaddha
Dhiyaneshwaran
Krzysztof Zając
pentesttools-com
pentesttools-com
Prince Chaddha
Ritik Chaddha
Prince Chaddha
zn9988
pphua
J4vaovo
meme-lord