53fc9bcb3f
misc fixes
2021-10-07 05:23:20 +05:30
634e215433
Merge pull request #2840 from projectdiscovery/apache-httpd-rce
...
Added Apache HTTPd - 2.4.49 (CGI enabled) RCE
2021-10-06 19:50:18 +05:30
8dfa5ce9b4
Added Lucee Unauthenticated Reflected XSS
2021-10-06 16:38:23 +05:30
856b96a084
lint update
2021-10-06 15:56:00 +05:30
796dd93113
Added Apache HTTPd - 2.4.49 (CGI enabled) RCE
2021-10-06 15:53:31 +05:30
3ce3718a5e
Merge pull request #2835 from Akokonunes/patch-49
...
Create ultimatemember-plugin-open-redirect.yaml
2021-10-06 11:04:54 +05:30
183af8b95b
Update and rename ultimatemember-plugin-open-redirect.yaml to vulnerabilities/wordpress/ultimatemember-open-redirect.yaml
2021-10-06 10:59:48 +05:30
f1130595ce
Update and rename wptouch-plugin-open-redirect.yaml to vulnerabilities/wordpress/wptouch-open-redirect.yaml
2021-10-06 10:46:16 +05:30
5b5e764b48
Merge pull request #2787 from mr-rizwan-syed/master
...
wp-config-file and aws-s3-access-key-leak
2021-10-05 18:25:04 +05:30
6e7b91f6dc
Update wordpress-accessible-wpconfig.yaml
2021-10-05 18:02:50 +05:30
478a7ef833
Merge pull request #2808 from pdelteil/patch-61
...
Update wp-plugin-1-flashgallery-listing.yaml
2021-10-02 17:59:10 +05:30
47853b869b
Update metinfo-lfi.yaml
2021-10-02 17:57:59 +05:30
f43b256e6e
Update metinfo-lfi.yaml
2021-10-02 17:57:33 +05:30
8fc91de606
Update metinfo-lfi.yaml
2021-10-02 03:42:22 -03:00
e3947fbfeb
Update wp-plugin-1-flashgallery-listing.yaml
2021-10-02 03:29:17 -03:00
4dc168520c
Merge pull request #2791 from pdelteil/patch-59
...
Update and rename wordpress-emails-verification-for-woocommerce.yaml …
2021-10-01 16:33:44 +05:30
d7e6cb313e
Update wp-woocommerce-email-verification.yaml
2021-10-01 16:31:50 +05:30
58fd372498
Update and rename qihang-media-web-lfi.yaml to qihang-media-lfi.yaml
2021-10-01 16:28:20 +05:30
ea71661d79
Update and rename qihang-media-web-credentials-disclosure.yaml to qihang-media-disclosure.yaml
2021-10-01 16:26:25 +05:30
f750bf5ba5
Create qihang-media-web-credentials-disclosure.yaml
...
The application suffers from clear-text credentials disclosure vulnerability that allows an unauthenticated attacker to issue a request to an unprotected directory that hosts an XML file /xml/User/User.xml and obtain administrative login information that allows for a successful authentication bypass attack.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-10-01 15:42:48 +09:00
90138f44d1
Create qihang-media-web-lfi.yaml
...
The application suffers from an unauthenticated file disclosure vulnerability when input passed thru the filename parameter when using the download action or thru path parameter when using the getAll action is not properly verified before being used. This can be exploited to disclose contents of files and directories from local resources.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-10-01 15:35:12 +09:00
145f1a643d
Update and rename wordpress-emails-verification-for-woocommerce.yaml to wp-woocommerce-email-verification.yaml
...
- name changed to match template id.
- added stop-at-first-match condition.
2021-09-30 22:49:21 -03:00
7adfd01163
Moving listserv_maestro_rce.yaml to cves folder
2021-09-30 15:39:45 -04:00
d34e6c1145
Add information for CVE-2010-1870
2021-09-30 15:38:59 -04:00
3c012b137d
Break CVE-2016-4975 into its own template
2021-09-30 15:35:17 -04:00
4065f6a493
Update wordpress-accessible-wpconfig.yaml
2021-09-30 23:15:18 +05:30
c9a374bed5
renamed: simple-employee-rce.yaml -> ../../cves/2019/CVE-2019-20183.yaml
2021-09-30 13:06:46 -04:00
28def083f6
Merge branch 'master' of https://github.com/sullo/nuclei-templates
...
Fix typo for cvss
2021-09-30 13:03:09 -04:00
3878138bfe
* Added Host headers where needed (validated via disclosures/posts)
...
* Added CVE simple-employee-rce.yaml
2021-09-30 12:52:05 -04:00
66cad3ff35
Revert "* Added CVE info & moved simple-employee-rce.yaml to cves/2019/CVE-2019-20183.yaml"
...
incorrect push to master repo
This reverts commit 7191aee570
2021-09-30 12:25:22 -04:00
7191aee570
* Added CVE info & moved simple-employee-rce.yaml to cves/2019/CVE-2019-20183.yaml
...
* Added missing {{Hostname}} to some raw requests (confirmed that hostname is allowed in exploits)
* Minor cleanup in the modified plugins
2021-09-30 12:20:54 -04:00
e90e3b49bc
Added more unique matchers
2021-09-30 20:22:53 +05:30
88f6bba576
Added thinkphp keyword from response to avoid false positive
2021-09-30 18:35:14 +05:30
f839f628b6
Update and rename fatpipe-networks-warp-backdoor.yaml to fatpipe-backdoor.yaml
2021-09-30 17:18:45 +05:30
b65719103f
Update and rename fatpipe-networks-warp-auth-bypass.yaml to fatpipe-auth-bypass.yaml
2021-09-30 17:18:21 +05:30
9e25b4871e
Update fatpipe-networks-warp-backdoor.yaml
2021-09-30 16:13:19 +05:30
606d2b5ea4
Create fatpipe-networks-warp-backdoor.yaml
...
The application has a hidden administrative account cmuser that has no password and has write access permissions to the device. The user cmuser is not visible in Users menu list of the application.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-09-30 13:38:01 +09:00
263cadaacf
Create fatpipe-networks-warp-auth-bypass.yaml
...
Improper access control occurs when the application provides direct access to objects based on user-supplied input. As a result of this vulnerability attackers can bypass authorization and access resources behind protected pages.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-09-30 11:07:24 +09:00
e9f81943b6
Merge pull request #2759 from projectdiscovery/generic-ssrf
...
generic-ssrf
2021-09-30 03:31:52 +05:30
553a7a2480
Update request-based-interaction.yaml
2021-09-30 03:31:03 +05:30
be297d732b
misc update
2021-09-30 03:26:16 +05:30
5c80f9dc4c
Update and rename wp-church-admin-lfi.yaml to vulnerabilities/wordpress/church-admin-lfi.yaml
2021-09-28 15:38:03 +05:30
cee46ca968
Update and rename request-interaction-oob.yaml to request-based-interaction.yaml
2021-09-28 15:22:30 +05:30
97ef8f00e2
Update and rename generic-oob-param-based-interaction.yaml to oob-param-based-interaction.yaml
2021-09-28 15:21:41 +05:30
25a971efd4
Update and rename generic-oob-header-based-interaction.yaml to oob-header-based-interaction.yaml
2021-09-28 15:21:27 +05:30
8042d1233e
Create request-interaction-oob.yaml
2021-09-28 15:18:26 +05:30
52a5e33556
Create generic-oob-param-based-interaction.yaml
2021-09-28 15:17:21 +05:30
1a4f6754b4
Create generic-oob-header-based-interaction.yaml
2021-09-28 15:15:57 +05:30
8d7e5b2d24
Merge pull request #2748 from gy741/rule-add-v60
...
Create commax-cctv-rtsp-credentials-disclosure.yaml
2021-09-25 11:49:18 +05:30
2808f46429
Update and rename commax-cctv-rtsp-credentials-disclosure.yaml to commax-credentials-disclosure.yaml
2021-09-25 11:32:31 +05:30
2e7e35eb70
Update and rename ecoa-building-directory-traversal.yaml to ecoa-building-lfi.yaml
2021-09-25 11:22:48 +05:30
fac7f96b34
Create ecoa-building-directory-traversal.yaml
...
The BAS controller suffers from a directory traversal content disclosure vulnerability. Using the GET parameter cpath in File Manager (fmangersub), attackers can disclose directory content on the affected device
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-09-25 08:58:58 +09:00
59e0eb7ad3
Create commax-cctv-rtsp-credentials-disclosure.yaml
...
The COMMAX CCTV Bridge for the DVR service allows an unauthenticated attacker
to disclose RTSP credentials in plain-text.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-09-25 08:43:18 +09:00
93b6f3a799
Merge pull request #2743 from Akokonunes/patch-43
...
Create wp-brandfolder-plugin-open-redirect.yaml
2021-09-25 00:55:20 +05:30
d0ee5cbe02
Merge pull request #2744 from Akokonunes/patch-44
...
Create wp-brandfolder-plugin-lfi.yaml
2021-09-25 00:54:30 +05:30
f70cc70c26
Update and rename wp-brandfolder-plugin-open-redirect.yaml to vulnerabilities/wordpress/brandfolder-open-redirect.yaml
2021-09-25 00:54:03 +05:30
624c722c5a
Update and rename wp-brandfolder-plugin-lfi.yaml to vulnerabilities/wordpress/brandfolder-lfi.yaml
2021-09-25 00:51:56 +05:30
e832a50401
Update issuu-panel-lfi.yaml
2021-09-25 00:49:53 +05:30
f35db18633
Update and rename wp-plugin-issuu-panel-lfi.yaml to vulnerabilities/wordpress/issuu-panel-lfi.yaml
2021-09-25 00:47:37 +05:30
d75bad52c7
Merge pull request #2732 from Akokonunes/patch-38
...
Create product-input-fields-for-woocommerce-file-download.yaml
2021-09-22 18:19:59 +05:30
a898a6c3a6
Update wp-woocommerce-file-download.yaml
2021-09-22 18:19:25 +05:30
dfa85833e2
misc update
2021-09-22 18:18:21 +05:30
551c9127a2
Merge pull request #2733 from Akokonunes/patch-42
...
Create cs-cart-unauthenticated-lfi.yaml
2021-09-22 18:10:38 +05:30
18142906f0
moving files around
2021-09-22 18:09:43 +05:30
a60e8a9d5e
misc update
2021-09-22 18:08:32 +05:30
807920c0ac
clean-up
2021-09-21 17:16:53 +05:30
a5982b8f32
Merge pull request #2721 from nerrorsec/patch-1
...
Added a path
2021-09-21 15:32:42 +05:30
e0a8cb25bf
Merge pull request #2725 from projectdiscovery/wp-xmlrpc-pingback-detection
...
Added Wordpress XMLRPC Pingback detection
2021-09-21 15:29:25 +05:30
d9c5095780
fixing xmlrpc-pingback-ssrf.yaml
2021-09-21 15:21:35 +05:30
ff4811e085
Create wordpress-git-config.yaml
2021-09-21 15:21:16 +05:30
10a6436f6f
Added Wordpress XMLRPC Pingback detection
2021-09-21 15:18:49 +05:30
8034e43e2c
Merge pull request #2711 from 0xSmiley/generic_lfi
...
Generic lfi
2021-09-21 00:11:59 +05:30
8a985aa5c8
Update generic-linux-lfi.yaml
2021-09-20 23:53:49 +05:30
6564d0fca4
Merge pull request #2708 from pussycat0x/master
...
New templates
2021-09-20 14:18:41 +05:30
e9e99de988
Merge pull request #2714 from pikpikcu/patch-288
...
Update Severity
2021-09-20 12:20:12 +05:30
991963fe4a
Update Severity
2021-09-20 12:11:56 +07:00
ffe20a273d
fix: typo error
2021-09-19 20:23:22 -03:00
083a72b24c
Generic Template Updated
2021-09-18 20:13:32 +01:00
50dfd3dc3d
Update Severity
2021-09-18 21:07:47 +07:00
0f03f5ff55
Merge pull request #2692 from projectdiscovery/metadata-attribute-update
2021-09-18 18:19:07 +05:30
8c28120218
Update luftguitar-arbitrary-file-upload.yaml
2021-09-18 14:32:13 +05:30
fb1aee75ce
Update luftguitar-arbitrary-file-upload.yaml
2021-09-18 14:28:03 +05:30
e183b518db
Update wp-altair-listing.yaml
2021-09-18 14:11:17 +05:30
d0c5083632
Update wp-altair-listing.yaml
2021-09-18 14:09:59 +05:30
0523d46ed2
Revert "Delete wp-altair-listing.yaml"
...
This reverts commit 05dd3affce
2021-09-18 13:54:03 +05:30
05dd3affce
Delete wp-altair-listing.yaml
2021-09-18 13:51:28 +05:30
63cc624c4a
Update luftguitar-arbitrary-file-upload.yaml
2021-09-18 12:14:32 +05:30
893f8d3bc6
Update wp-altair-listing.yaml
2021-09-18 12:01:47 +05:30
10b3bc327d
Add files via upload
2021-09-18 10:37:16 +05:30
2a1341274a
Create luftguitar-arbitrary-file-upload.yaml
2021-09-17 21:04:21 +07:00
3deb522abc
Merge pull request #2664 from Akokonunes/patch-37
...
Create ecoa-building-automation-lfd.yaml
2021-09-17 16:47:54 +05:30
df59ad5670
Update and rename ecoa-building-automation-lfd.yaml to vulnerabilities/other/ecoa-building-automation-lfd.yaml
2021-09-17 16:39:09 +05:30
b00b70c150
Merge pull request #2697 from Akokonunes/patch-39
...
Create attitude-wp-theme-open-redirect.yaml
2021-09-17 15:12:21 +05:30
5cac00bada
Merge pull request #2698 from Akokonunes/patch-40
...
Create eatery-restaurant-wp-theme-open-redirect.yaml
2021-09-17 15:12:09 +05:30
a40530d9d4
Update and rename eatery-restaurant-wp-theme-open-redirect.yaml to vulnerabilities/wordpress/eatery-restaurant-open-redirect.yaml
2021-09-17 15:10:30 +05:30
69e546ea4d
Update attitude-theme-open-redirect.yaml
2021-09-17 15:10:23 +05:30
c5ccf9d991
Update and rename attitude-wp-theme-open-redirect.yaml to vulnerabilities/wordpress/attitude-theme-open-redirect.yaml
2021-09-17 15:08:59 +05:30
2e8329b645
Update and rename weekender-newspaper-wp-theme-open-redirect.yaml to vulnerabilities/wordpress/weekender-newspaper-open-redirect.yaml
2021-09-17 15:06:13 +05:30
03a79aa0c3
Update jenkins-script.yaml
2021-09-16 15:17:15 -05:00
676b51d20c
Metadata attribute update
2021-09-16 21:24:33 +05:30
18879698fa
Update bullwark-momentum-lfi.yaml
2021-09-13 15:55:14 +05:30
e18cc14218
Update bullwark-momentum-lfi.yaml
2021-09-13 15:34:18 +05:30
546bd6a038
matcher update
2021-09-13 15:28:35 +05:30
34bba4e794
misc update
2021-09-12 17:10:52 +05:30
46b16bcfa2
Incomplete title
2021-09-12 14:16:01 +03:00
59525a5846
Working reference
2021-09-12 13:02:41 +03:00
e602575ae0
Working reference
2021-09-12 12:58:48 +03:00
fb2f89bc86
References
2021-09-12 12:58:43 +03:00
624162cca7
Working reference
2021-09-12 12:50:53 +03:00
896343be12
Clarify description
2021-09-12 12:41:33 +03:00
dde7140ff9
misc update
2021-09-11 23:46:31 +05:30
207c140c50
moving files around
2021-09-11 21:06:36 +05:30
c41f64987b
Update wordpress-db-repair.yaml
...
Solves this false positive (different encoding)
nuclei -debug -t nuclei-templates/vulnerabilities/wordpress/wordpress-db-repair.yaml -u https://try.walmart.com
<p><code>define('WP_ALLOW_REPAIR', true);
2021-09-10 17:18:15 -03:00
cf4ef2ac5a
Merge pull request #2622 from projectdiscovery/missing-tags
2021-09-10 12:32:47 +05:30
bd24dc198e
Coverage for all templates using tags
2021-09-09 19:08:13 +05:30
67766f381a
Merge pull request #2600 from Akokonunes/patch-35
...
Create phpwiki-lfi.yaml
2021-09-09 15:02:41 +05:30
6ce33e2f47
Rename phpwiki-lfi.yaml to vulnerabilities/other/phpwiki-lfi.yaml
2021-09-09 15:01:35 +05:30
576499034d
Update wordpress-rce-simplefilelist.yaml
2021-09-09 12:09:13 +05:30
08dac56385
Update simple-employee-rce.yaml
2021-09-09 12:06:24 +05:30
609705f676
removed extra headers not required for template
2021-09-08 17:47:19 +05:30
9b75486616
Rename homeautomation-v3-openredirect.yaml to vulnerabilities/other/homeautomation-v3-openredirect.yaml
2021-09-07 18:07:48 +05:30
e6a71e0e80
Merge pull request #2593 from projectdiscovery/openvpn-hhi
...
Added OpenVPN Host Header Injection
2021-09-06 18:56:27 +05:30
e31a75af04
Merge pull request #2595 from projectdiscovery/host-header-injection
...
Create host-header-injection.yaml
2021-09-06 18:56:09 +05:30
4075664390
Merge pull request #2580 from Akokonunes/patch-29
...
Create gSOAP-LFl.yaml
2021-09-06 17:36:18 +05:30
e9d5665383
Update gsoap-lfi.yaml
2021-09-06 17:34:51 +05:30
1942d13ed6
Update openvpn-hhi.yaml
2021-09-06 17:15:30 +05:30
acd4624200
Create host-header-injection.yaml
2021-09-06 17:14:27 +05:30
842f66380f
Revert "Create host-header-injection.yaml"
...
This reverts commit 6abfcd80e1
2021-09-06 17:13:48 +05:30
6abfcd80e1
Create host-header-injection.yaml
2021-09-06 17:13:20 +05:30
cec54e6d51
tags update
...
Co-Authored-By: me_dheeraj <9442273+Dheerajmadhukar@users.noreply.github.com>
2021-09-06 16:15:07 +05:30
c105e41fa4
Added OpenVPN Host Header Injection
...
Co-Authored-By: me_dheeraj <9442273+Dheerajmadhukar@users.noreply.github.com>
2021-09-06 16:13:17 +05:30
f6e52a6739
Merge pull request #2585 from sullo/master
...
Updates across many templates for clarity, spelling, and grammar.
2021-09-06 15:02:52 +05:30
7579fe98c2
Update and rename minimouse-lfi.yaml to vulnerabilities/other/minimouse-lfi.yaml
2021-09-06 14:44:39 +05:30
ef1f7c5e92
Updates across many templates for clarity, spelling, and grammar.
2021-09-05 17:13:45 -04:00
bf1d6374b2
Rename gSOAP-LFl.yaml to vulnerabilities/other/gsoap-lfi.yaml
2021-09-05 19:22:07 +05:30
90f8caf302
Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates into pr/2481
2021-09-03 14:55:30 +05:30
c266084621
Added stop-at-first-match in applicable templates
2021-09-02 17:29:10 +05:30
faf111362c
Removing extra space
2021-09-01 12:37:02 +05:30
5c5c6c3974
Update processmaker-lfi.yaml
2021-08-31 14:08:11 +05:30
0b69ea80b2
Create processmaker-lfi.yaml
2021-08-31 14:03:47 +05:30
86f3c08ba6
Vendor writes it as "NETGEAR"
2021-08-29 09:39:06 +03:00
9f9970c8e9
Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates
2021-08-29 09:15:40 +03:00
419a957409
Fixing errors in templates
...
Related nuclei tickets:
* #259 - dynamic key-value field support for template information
* #940 - new infos in template
* #834
* RES-84
2021-08-27 10:43:24 +03:00
a4250b8f2f
Merge remote-tracking branch 'origin' into dynamic_attributes
2021-08-26 15:04:14 +03:00
e66463d466
Merge pull request #2355 from G4L1T0/corsmisc
...
add cors-misconfig.yaml
2021-08-26 04:26:37 +05:30
1999a9b560
Enhanced CORS checks
2021-08-26 04:24:06 +05:30
05305904ef
more strict matchers
2021-08-26 02:43:53 +05:30
ed76585ed6
Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates
2021-08-25 14:33:32 +02:00
c766a8454d
Fixed yaml linting errors
2021-08-25 14:09:42 +02:00
8fb3c65965
template fix
2021-08-25 01:32:14 +05:30
110f9c9ddd
Merge remote-tracking branch 'origin' into dynamic_attributes
2021-08-24 20:38:11 +03:00
ee37e34f54
Update wp-woocommerce-pdf-invoice-listing.yaml
2021-08-24 17:48:31 +05:30
f66f36237b
Merge pull request #2455 from gy741/rule-add-v58
...
Create commax-biometric-access-control-system-auth-bypass.yaml
2021-08-24 17:44:13 +05:30
554c4a505f
Update and rename commax-biometric-access-control-system-auth-bypass.yaml to commax-biometric-auth-bypass.yaml
2021-08-24 17:17:43 +05:30
0a4cd456bf
Update commax-biometric-access-control-system-auth-bypass.yaml
2021-08-24 17:13:17 +05:30
ba03c2b377
Update unauth-hoteldruid-panel.yaml
2021-08-24 16:46:24 +05:30
d1065cd3fc
Create unauth-hoteldruid-panel.yaml
2021-08-24 16:42:11 +05:30
ecd6547d05
Update thinkific-redirect.yaml
2021-08-24 14:56:21 +07:00
a124e393b4
Merge remote-tracking branch 'origin' into dynamic_attributes
2021-08-23 19:15:14 +03:00
647d27925a
Merge pull request #2426 from projectdiscovery/generic
...
Templates by geeknik
2021-08-23 19:55:32 +05:30
296edfc37b
Merge remote-tracking branch 'origin' into dynamic_attributes
2021-08-23 14:40:33 +03:00
04b401a8ef
Merge pull request #2456 from projectdiscovery/payloads-update
...
Payloads positional update to keep the request format uniform
2021-08-23 15:26:35 +05:30
62530eafc2
Update wp-slideshow-xss.yaml
2021-08-23 15:15:26 +05:30
2aa54304ee
Payloads positional update to keep the request format uniform
2021-08-22 23:39:33 +05:30
cad976abda
Create commax-biometric-access-control-system-auth-bypass.yaml
...
The application suffers from an authentication bypass vulnerability. An unauthenticated attacker through cookie poisoning can bypass authentication and disclose sensitive information and circumvent physical controls in smart homes and buildings.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-08-22 18:19:34 +09:00
cbdef618f3
Update netgear-router-exposure.yaml
2021-08-21 00:38:54 +05:30
dc4cc62629
Merge remote-tracking branch 'origin/master' into dynamic_attributes
2021-08-20 15:35:17 +03:00
e160acb481
misc updates
2021-08-20 16:37:22 +05:30
0ef2106a6e
Improved template
2021-08-19 23:34:16 +05:30
0bef05c541
Merge pull request #793 from pikpikcu/patch-40
...
resin information disclosure
2021-08-19 23:15:42 +05:30
ab824564d3
minor updates
2021-08-19 23:11:29 +05:30
1247fcd993
Update vulnerabilities/other/caucho-resin-info-disclosure.yaml
...
Co-authored-by: Toufik Airane <toufik.airane@appsectribe.com>
2021-08-19 23:09:26 +05:30
77103bc629
Satisfying the linter (all errors and warnings)
...
* whitespace modifications only
2021-08-19 17:44:46 +03:00
002e8db616
Moved the "vendor" custom attribute under reference
...
Related nuclei tickets:
* #259 - dynamic key-value field support for template information
* #940 - new infos in template
* #834
* RES-84
2021-08-19 17:00:46 +03:00
97d4f8705b
Fixed mistakes/typos
...
Related nuclei tickets:
* #259 - dynamic key-value field support for template information
* #940 - new infos in template
* #834
* RES-84
2021-08-19 16:59:55 +03:00
f55d6b75e1
Removed pipe (|) character from references, because the structure requires it to be a string slice, not a string
...
Related nuclei tickets:
* #259 - dynamic key-value field support for template information
* #940 - new infos in template
* #834
* RES-84
2021-08-19 16:59:12 +03:00
7b29be739e
Merge branch 'master' into dynamic_attributes
2021-08-19 16:23:26 +03:00
ffaff64565
Changes fixes/around dynamic attributes ("additional-fields")
...
Related nuclei tickets:
* #259 - dynamic key-value field support for template information
* #940 - new infos in template
* #834
* RES-84
2021-08-19 16:17:27 +03:00
0b432b341b
Added comments with URLs under the "references" field
...
Related nuclei tickets:
* #259 - dynamic key-value field support for template information
* #940 - new infos in template
* #834
* RES-84
2021-08-19 16:15:35 +03:00
e68d15ab63
Fixed mistakes/typos in the templates.
...
Related nuclei tickets:
* #259 - dynamic key-value field support for template information
* #940 - new infos in template
* #834
* RES-84
2021-08-19 15:30:14 +03:00
bc1bf5d919
Create comtrend-ct5367-disclosure.yaml
2021-08-19 14:47:44 +05:30
f8a8968408
Revert "Create comtrend-ct5367-disclosure.yaml"
...
This reverts commit 33ea2d360c
2021-08-19 14:46:35 +05:30
33ea2d360c
Create comtrend-ct5367-disclosure.yaml
2021-08-19 14:45:37 +05:30
ab0750b570
minor update
2021-08-19 00:43:44 +05:30
cdf9451158
Removed pipe (|) character from references, because the structure requires it to be a string slice, not a string
...
Related nuclei tickets:
* #259 - dynamic key-value field support for template information
* #940 - new infos in template
* #834
* RES-84
2021-08-18 14:44:27 +03:00
dd1bbe6093
Revert "Delete netgear-router-disclosure.yaml"
...
This reverts commit 3b969e7e0d
2021-08-18 17:02:08 +05:30
3b969e7e0d
Delete netgear-router-disclosure.yaml
2021-08-18 16:59:49 +05:30
4c920b2552
Rename "references" to "reference" to match the expected template info structure
...
Related nuclei tickets:
* #259 - dynamic key-value field support for template information
* #940 - new infos in template
* #834
* RES-84
2021-08-18 14:29:20 +03:00
0a0b5c7f74
Update netgear-router-disclosure.yaml
2021-08-18 16:56:56 +05:30
d07323e0be
Create netgear-router-disclosure.yaml
2021-08-18 16:44:28 +05:30
af15e4817f
Update netgear-router-auth-bypass.yaml
2021-08-18 16:42:34 +05:30
067c9a8755
Create xmlrpc-pingback-ssrf.yaml
2021-08-18 16:39:22 +05:30
fe1e7d36fb
Merge pull request #2429 from Mad-robot/patch-3
...
Create geovision-geowebserver-lfi.yaml
2021-08-18 16:19:49 +05:30
0731a772d4
Update geovision-geowebserver-lfi.yaml
2021-08-18 16:18:12 +05:30
1db2715a06
Update geovision-geowebserver-xss.yaml
2021-08-18 14:51:23 +05:30
eeb284a7ec
Update geovision-geowebserver-xss.yaml
2021-08-18 14:48:34 +05:30
db4073d2b5
Update geovision-geowebserver-lfi.yaml
2021-08-18 03:54:30 +05:30
d5748c95fc
Create geovision-geowebserver-lfi.yaml
2021-08-18 03:50:45 +05:30
0c24cc2f74
Create geovision-geowebserver-xss.yaml
2021-08-18 03:50:39 +05:30
f60cef447b
Update generic-blind-xxe.yaml
2021-08-17 22:57:34 +05:30
727e73c5c3
Create solar-log-authbypass.yaml
2021-08-17 18:02:41 +05:30
c39f0e2077
Create generic-blind-xxe.yaml
2021-08-17 17:18:52 +05:30
59b2aeda40
Merge pull request #2420 from geeknik/patch-18
...
Update twig-php-ssti.yaml
2021-08-17 17:12:00 +05:30
c2f87671fb
strict matcher
2021-08-17 15:52:22 +05:30
03cd55a33f
severity update based on poc
...
We will update this again as per assigned CVE which is not available right now?
2021-08-17 15:02:47 +05:30
4a5137b742
more tags
2021-08-17 15:00:30 +05:30
e8c3a1f9c7
Additional matchers update
2021-08-17 15:00:05 +05:30
5072dbbcbb
Create ms-exchange-server-reflected-xss.yaml
2021-08-17 13:55:38 +05:30
3b9fb75fcb
Update twig-php-ssti.yaml
...
Another FP fix
2021-08-16 15:30:23 -05:00
d52c97c569
Update twig-php-ssti.yaml
...
False positive fix
2021-08-16 15:28:13 -05:00
970bdb3ac7
Update pmb-directory-traversal.yaml
2021-08-16 16:43:47 +05:30
d45887f9f9
Delete node-nunjucks-ssti.yaml
2021-08-16 16:41:58 +05:30
d3a379e112
Update eyelock-nano-lfd.yaml
2021-08-16 16:40:42 +05:30
af4f29ab03
Update beward-ipcamera-disclosure.yaml
2021-08-16 16:37:34 +05:30
4e498a6478
Create pmb-directory-traversal.yaml
2021-08-16 16:14:02 +05:30
451823f887
Create node-nunjucks-ssti.yaml
2021-08-16 16:13:27 +05:30
c6927262eb
Create eyelock-nano-lfd.yaml
2021-08-16 16:12:45 +05:30
232b187a40
Create beward-ipcamera-disclosure.yaml
2021-08-16 16:11:44 +05:30
3ac7a756fc
Added woocommerce-pdf-invoice-listing
2021-08-16 15:37:07 +05:30
b3d27f3d0c
Merge pull request #2407 from DhiyaneshGeek/master
...
Oracle XSS
2021-08-16 14:14:20 +05:30
610924d55b
Update oracle-siebel-xss.yaml
2021-08-16 14:12:49 +05:30
2875be2d82
Update simple-crm-sql-injection.yaml
2021-08-16 14:06:18 +05:30
bd865a0615
Update simple-crm-sql-injection.yaml
2021-08-16 14:03:41 +05:30
2a448b52db
Update simple-crm-sql-injection.yaml
2021-08-16 14:03:09 +05:30
cacb2ff684
Update simple-crm-sql-injection.yaml
2021-08-15 15:28:00 -05:00
9fb1b464b4
Create simple-crm-sql-injection.yaml
2021-08-15 15:23:38 -05:00
cceb32a88b
Create oracle-siebel-xss.yaml
2021-08-15 23:18:13 +05:30
7bce4fbb26
Update netis-info-leak.yaml
2021-08-14 16:00:00 +05:30
edffa49ca4
Update netis-info-leak.yaml
2021-08-14 15:53:30 +05:30
5b81af7ab4
Create netis-info-leak.yaml
...
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-08-13 13:34:28 +09:00
df65ba694b
Update ewebs-arbitrary-file-reading.yaml
2021-08-12 18:19:22 +05:30
65ed503022
Create ewebs-arbitrary-file-reading.yaml
2021-08-12 18:41:02 +07:00
5ca0a70f3e
Merge pull request #2372 from projectdiscovery/buffalo
...
Added CVE-2021-20090 / CVE-2021-20091 / CVE-2021-20092
2021-08-12 16:07:45 +05:30
0875847c7d
Merge pull request #2374 from gy741/rule-add-v54
...
Create sar2html-rce.yaml
2021-08-12 15:06:13 +05:30
cfc534af89
Update sar2html-rce.yaml
2021-08-12 15:03:49 +05:30
98a07bd594
Added unauth config injection
2021-08-12 14:12:20 +05:30
6ac4da7993
Merge branch 'master' into corsmisc
2021-08-11 13:17:10 +05:30
b466fce758
Update basic-cors.yaml
2021-08-11 13:15:04 +05:30
5ac272597b
Delete cors-misconfig.yaml
2021-08-11 13:14:04 +05:30
cb94b58009
Update basic-cors.yaml
2021-08-11 13:13:45 +05:30
d49dc5f9d4
Update top-xss-params.yaml
2021-08-11 13:08:49 +05:30
c576f4317b
Update open-redirect.yaml
2021-08-11 13:08:24 +05:30
efa7319d40
Update generic-windows-lfi.yaml
2021-08-11 13:08:11 +05:30
57b8d89815
Update generic-linux-lfi.yaml
2021-08-11 13:08:00 +05:30
cbfe76f33f
Update error-based-sql-injection.yaml
2021-08-11 13:07:46 +05:30
aa0b195c99
Update crlf-injection.yaml
2021-08-11 13:07:36 +05:30
2165418c59
Update cache-poisoning.yaml
2021-08-11 13:07:27 +05:30
4d4ae2edd2
Update basic-xss-prober.yaml
2021-08-11 13:07:17 +05:30
791472aa2b
Update basic-cors.yaml
2021-08-11 13:07:05 +05:30
0d2b53e71d
Create sar2html-rce.yaml
...
SAR2HTML could allow a remote attacker to execute arbitrary commands on the system, caused by a commend injection flaw in the index.php script. By sending specially-crafted commands, an attacker could exploit this vulnerability to execute arbitrary commands on the system.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-08-11 14:11:25 +09:00
8c48ca97d2
matcher + payload + regex updates
2021-08-09 21:58:28 +05:30
a44324ec2f
updatev2 cors-misconfig.yaml
2021-08-09 11:57:37 -03:00
e98fb7179e
update cors-misconfig.yaml
2021-08-09 11:56:37 -03:00
a806149864
Spelling
2021-08-09 16:31:00 +03:00
864b209cc1
Add reference
2021-08-09 16:10:10 +03:00
3651410d37
Provide description
2021-08-09 16:08:19 +03:00
210c57768d
Merge pull request #2193 from gy741/rule-add-v42
...
Create kevinlab-hems-backdoor.yaml
2021-08-08 13:56:56 +05:30
3918071875
Merge pull request #2348 from Akokonunes/patch-25
...
Create grimag-open-redirect.yaml
2021-08-08 12:38:24 +05:30
d7b8760231
minor update
2021-08-08 12:29:11 +05:30
4c057dcb1e
minor update
2021-08-08 12:26:34 +05:30
a7dcd3f317
added more tags
2021-08-08 00:27:18 +05:30
3b6d6322ea
Additional matcher
2021-08-08 00:22:55 +05:30
e690901c86
minor update
2021-08-08 00:20:56 +05:30
0ee60c4a3e
Merge pull request #2197 from mesaglio/master
...
Detect azure directory traversal hosts file
2021-08-07 23:15:29 +05:30
318aa4736e
misc update
2021-08-07 23:04:27 +05:30
2233ebf3f1
moving files around
2021-08-07 23:02:17 +05:30
ca9efec5c0
tag update
2021-08-07 15:00:29 +05:30
afcbd374a9
Create sap-redirect.yaml
2021-08-07 11:31:58 +05:30
5cddd4312b
Adding additional steps to make it work
2021-08-06 23:30:34 +05:30
57624f3d25
Create ruijie-eg-rce.yaml
2021-08-06 17:04:32 +07:00
3395eff8a0
Merge pull request #2316 from gy741/rule-add-v49
...
Create CVE-2020-7796.yaml
2021-08-03 19:57:45 +05:30
c581a94bf4
Merge pull request #2318 from gy741/rule-add-v50
...
Create longjing-technology-bems-api-lfi.yaml
2021-08-03 19:56:57 +05:30
28d568b88c
Update and rename longjing-technology-bems-api-lfi.yaml to bems-api-lfi.yaml
2021-08-03 19:55:25 +05:30
23bc448b1b
Merge pull request #2199 from pikpikcu/patch-208
...
Add OpenSIS POC
2021-08-03 19:53:32 +05:30
5fb6332bd9
Create longjing-technology-bems-api-lfi.yaml
...
The application suffers from an unauthenticated arbitrary file download vulnerability. Input passed through the fileName parameter through downloads endpoint is not properly verified before being used to download files. This can be exploited to disclose the contents of arbitrary and sensitive files through directory traversal attacks.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-08-03 21:52:14 +09:00
ea1ae20a82
Create zimbra-preauth-ssrf.yaml
2021-08-03 12:52:56 +05:30
2491a6a4b7
Merge pull request #2227 from Udyz/patch-5
...
Create hasura-graphql-sql-exec.yaml
2021-08-02 22:25:31 +05:30
4e976706b8
Update hasura-graphql-psql-exec.yaml
2021-08-02 22:18:41 +05:30
204cf337c8
Update hasura-graphql-psql-exec.yaml
2021-08-02 22:15:52 +05:30
6102421e22
Update hasura-graphql-ssrf.yaml
2021-08-02 22:03:12 +05:30
03077a9ca2
Update tikiwiki-reflected-xss.yaml
2021-08-02 21:44:48 +05:30
9f8d31200f
Merge pull request #2263 from pdelteil/patch-35
...
Create jenkins-script.yaml
2021-08-02 20:59:12 +05:30
451aca42f9
Update jenkins-script.yaml
2021-08-02 20:57:19 +05:30
493acb8afe
Description
2021-08-02 14:30:22 +03:00
e896a8982d
misc updates
2021-08-02 12:53:35 +05:30
27eef8c1a9
Create zhiyuan-file-upload.yaml
...
Zhiyuan OA is a set of office coordinating management software. Recently, Qianxin CERT monitors the relevant vulnerability information of the long OA. Since there is an unauthorized access in some interfaces, and some functions are insufficient, the attacker can upload malicious script files without logging in, so that there is no need to log in. Zhiyuan OA official has provided patches for this vulnerability. In view of the large vulnerability harm, it is recommended that users apply patch updates as soon as possible.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-08-02 11:07:14 +09:00
aa336ed979
matcher update
2021-07-31 23:08:46 +05:30
918a6deead
Merge pull request #2265 from pussycat0x/master
...
zabbix-dashboards-access
2021-07-30 02:37:02 +05:30
0d7dfa1713
Update wp-upload-data.yaml
2021-07-30 02:36:18 +05:30
147ac0143a
Create jenkins-script.yaml
2021-07-29 12:29:05 -04:00
1f6a6a8764
Update jenkins-stack-trace.yaml
...
file name = template id.
2021-07-29 02:50:35 -04:00
6d205308ea
Merge pull request #2239 from pikpikcu/patch-236
...
Add Bitrix Open redirect
2021-07-29 00:16:19 +05:30
49efd9fa07
Update bitrix-open-redirect.yaml
2021-07-29 00:13:15 +05:30
576b42b412
Update wp-upload-data.yaml
2021-07-29 00:09:11 +05:30
7038617c86
Add files via upload
2021-07-28 23:56:51 +05:30
4b7080333a
Rename unauthenticated-jenkin-dashboard.yaml to unaunthenticated-jenkin.yaml
...
id - name file consistency
2021-07-28 01:17:18 -04:00
783550d003
Update bitrix-open-redirect.yaml
2021-07-28 08:38:48 +07:00
72fcdc20bf
Create bitrix-open-redirect.yaml
2021-07-28 08:37:25 +07:00
0c68ef5f66
Rename raw-psql-warp.yaml to hasura-graphql-psql-exec.yaml
2021-07-27 23:25:36 +07:00
0706823399
Update raw-psql-warp.yaml
2021-07-27 23:23:55 +07:00
5c931f8d00
Update raw-psql-warp.yaml
2021-07-27 22:12:41 +07:00
2219ab607e
Create raw-psql-warp.yaml
2021-07-27 21:57:59 +07:00
9f28ff8f9b
Update qcubed-xss.yaml
2021-07-27 11:57:30 +05:30
a2fc63b7ac
Create qcubed-xss.yaml
2021-07-27 13:06:30 +07:00
72c038bbf1
Update opensis-lfi.yaml
2021-07-27 08:07:21 +07:00
29e399df87
Create opensis-lfi.yaml
2021-07-27 07:43:02 +07:00
5d5dafc6e7
Detect azure directory traversal hosts file
2021-07-26 20:12:26 -03:00
eadc9b4dac
Create kevinlab-hems-backdoor.yaml
...
The HEMS solution has an undocumented backdoor account and these sets of credentials are never exposed to the end-user and cannot be changed through any normal operation of the solution thru the RMI. Attacker could exploit this vulnerability by logging in using the backdoor account with highest privileges for administration and gain full system control. The backdoor user cannot be seen in the users settings in the admin panel and it also uses an undocumented privilege level (admin_pk=1) which allows full availability of the features that the HEMS is offering remotely.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-07-27 02:48:31 +09:00
833ae4ae48
Merge pull request #1083 from pikpikcu/patch-123
...
Create dedecms-membergroup-sqli
2021-07-26 18:02:27 +05:30
86989129d1
Update netgear-wnap320-rce.yaml
2021-07-26 13:38:38 +05:30
c72190c4bf
Create netgear-wnap320-rce.yaml
...
vulnerabilities in the web-based management interface of Netgear WNAP320 Access Point could allow an authenticated, remote attacker to perform command injection attacks against an affected device.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-07-26 08:35:22 +09:00
6ccc5f8792
matcher update to handle edge cases
2021-07-25 03:05:55 +05:30
2c0aa783c4
Merge pull request #2148 from gy741/rule-add-v34
...
Add KevinLAB BEMS 1.0 Multiple Vulnerabilities
2021-07-24 15:37:48 +05:30
bf7c0d3a63
Merge pull request #2122 from gy741/rule-add-v33
...
Create magicflow-lfi.yaml
2021-07-24 12:13:59 +05:30
ac45802ef5
Update kevinlab-bems-sqli.yaml
2021-07-24 12:10:46 +05:30
2631f55550
Update kevinlab-bems-backdoor.yaml
2021-07-24 12:07:27 +05:30
9a46592f71
Update kevinlab-bems-sqli.yaml
2021-07-24 11:59:35 +05:30
87b4c2e98b
Update kevinlab-bems-sqli.yaml
2021-07-24 11:47:05 +05:30
4b444af3c4
Merge pull request #2125 from DhiyaneshGeek/master
...
17 New Templates Added
2021-07-24 03:26:09 +05:30
9617bc5815
matcher update
2021-07-24 03:25:22 +05:30
47ea40bc55
Update kevinlab-bems-backdoor.yaml
2021-07-24 03:17:53 +05:30
b346584002
Update vulnerabilities/other/nginx-merge-slashes-path-traversal.yaml
...
Co-authored-by: Toufik Airane <toufik.airane@appsectribe.com>
2021-07-24 00:25:13 +05:30
1909e3f628
Update vulnerabilities/other/nginx-merge-slashes-path-traversal.yaml
...
Co-authored-by: Toufik Airane <toufik.airane@appsectribe.com>
2021-07-24 00:24:37 +05:30
59f90ffffa
Merge pull request #2150 from pussycat0x/master
...
New templates added
2021-07-24 00:09:43 +05:30
79e15e7123
Update wordpress-wpcourses-info-disclosure.yaml
2021-07-24 00:07:50 +05:30
43dccef185
generic improvements
2021-07-24 00:06:13 +05:30
97aa239d52
Merge branch 'master' of https://github.com/pussycat0x/nuclei-templates into pr/2037
2021-07-24 00:00:55 +05:30
3960d1f295
strict matchers
2021-07-23 23:59:54 +05:30
38c2b6d4a9
Update vulnerabilities/wordpress/wp-idx-broker-platinum-listing.yaml
...
Co-authored-by: Toufik Airane <toufik.airane@appsectribe.com>
2021-07-23 23:49:58 +05:30
bdfee95603
Update vulnerabilities/wordpress/wp-idx-broker-platinum-listing.yaml
...
Co-authored-by: Toufik Airane <toufik.airane@appsectribe.com>
2021-07-23 23:49:33 +05:30
6ebd1a36e0
Update vulnerabilities/wordpress/wp-email-subscribers-listing.yaml
...
Co-authored-by: Toufik Airane <toufik.airane@appsectribe.com>
2021-07-23 23:49:28 +05:30
edc62d15a4
Update vulnerabilities/wordpress/wp-email-subscribers-listing.yaml
...
Co-authored-by: Toufik Airane <toufik.airane@appsectribe.com>
2021-07-23 23:49:20 +05:30
5170f4962b
Update vulnerabilities/wordpress/wp-arforms-listing.yaml
...
Co-authored-by: Toufik Airane <toufik.airane@appsectribe.com>
2021-07-23 23:49:14 +05:30
1feaaded28
Update vulnerabilities/wordpress/wp-idx-broker-platinum-listing.yaml
...
Co-authored-by: Toufik Airane <toufik.airane@appsectribe.com>
2021-07-23 23:41:26 +05:30
750a86c500
Update vulnerabilities/wordpress/wp-iwp-client-listing.yaml
...
Co-authored-by: Toufik Airane <toufik.airane@appsectribe.com>
2021-07-23 23:41:14 +05:30
04b71d9335
Update vulnerabilities/wordpress/wp-iwp-client-listing.yaml
...
Co-authored-by: Toufik Airane <toufik.airane@appsectribe.com>
2021-07-23 23:41:06 +05:30
b82ac4b3fc
Update vulnerabilities/wordpress/wp-iwp-client-listing.yaml
...
Co-authored-by: Toufik Airane <toufik.airane@appsectribe.com>
2021-07-23 23:40:56 +05:30
28d7d26953
Update wp-sfwd-lms-listing.yaml
2021-07-23 23:39:46 +05:30
ca49fb21c7
Merge pull request #2154 from pdelteil/patch-25
...
Update coldfusion-debug-xss.yaml
2021-07-23 20:54:31 +05:30
2dfa3d2e82
Update visual-tools-dvr-rce.yaml
2021-07-23 20:46:49 +05:30
1dd4e3c846
Update visual-tools-dvr-rce.yaml
2021-07-23 15:15:23 +05:30
2c77510faa
Create visual-tools-dvr-rce.yaml
...
vulnerabilities in the web-based management interface of Visual Tools DVR VX16 4.2.28.0 could allow an authenticated, remote attacker to perform command injection attacks against an affected device.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-07-23 08:47:29 +09:00
abacdafb4f
Update coldfusion-debug-xss.yaml
...
The term adobe is more general than coldfusion. Since Coldfusion is a product of Adobe.
2021-07-22 19:44:57 -04:00
d3ff29daaa
Update vulnerabilities/wordpress/wp-arforms-listing.yaml
...
Co-authored-by: Toufik Airane <toufik.airane@appsectribe.com>
2021-07-23 00:32:13 +05:30
6987e1ffee
Update vulnerabilities/wordpress/wp-arforms-listing.yaml
...
Co-authored-by: Toufik Airane <toufik.airane@appsectribe.com>
2021-07-23 00:32:05 +05:30
eac08288e8
Update vulnerabilities/wordpress/wp-sfwd-lms-listing.yaml
...
Co-authored-by: Toufik Airane <toufik.airane@appsectribe.com>
2021-07-23 00:31:33 +05:30
05846a34c7
Update vulnerabilities/wordpress/wp-sfwd-lms-listing.yaml
...
Co-authored-by: Toufik Airane <toufik.airane@appsectribe.com>
2021-07-23 00:31:13 +05:30
a81e3b53cb
Add files via upload
2021-07-22 19:42:25 +05:30
69db0862ee
Create kevinlab-bems-backdoor.yaml
...
The BEMS solution has an undocumented backdoor account and these sets of credentials are never exposed to the end-user and cannot be changed through any normal operation of the solution thru the RMI. Attacker could exploit this vulnerability by logging in using the backdoor account with highest privileges for administration and gain full system control. The backdoor user cannot be seen in the users settings in the admin panel and it also uses an undocumented privilege level (admin_pk=1) which allows full availability of the features that the BEMS is offering remotely.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-07-22 22:13:00 +09:00
a4ec6a2b11
Create kevinlab-bems-sqli.yaml
...
The application suffers from an unauthenticated SQL Injection vulnerability. Input passed through 'input_id' POST parameter in '/http/index.php' is not properly sanitised before being returned to the user or used in SQL queries.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-07-22 21:46:18 +09:00
5455222476
Merge pull request #2140 from pussycat0x/master
...
New templates added
2021-07-22 17:53:25 +05:30
c17763ac20
Update and rename wp-plugineasy-media-gallery-pro-listing.yaml to easy-media-gallery-pro-listing.yaml
2021-07-22 17:45:43 +05:30
f00f5eeaa9
Add files via upload
2021-07-22 08:04:21 +05:30
111da22943
Update dedecms-membergroup-sqli.yaml
2021-07-21 18:34:37 +05:30
403a73d1c7
Merge pull request #1085 from pikpikcu/patch-125
...
Create dedecms-carbuyaction-fileinclude.yaml
2021-07-21 18:27:45 +05:30
f5fc07dd72
Merge pull request #1581 from pikpikcu/patch-168
...
Create hiboss-rce
2021-07-21 18:27:38 +05:30
08541f08c4
Update dedecms-carbuyaction-fileinclude.yaml
2021-07-21 18:26:36 +05:30
00ce088daf
Merge pull request #1334 from projectdiscovery/princechaddha-patch-3
...
Create sangfor-edr-auth-bypass.yaml
2021-07-21 18:18:08 +05:30
8d953c45ea
Update sangfor-edr-auth-bypass.yaml
2021-07-21 18:14:42 +05:30
da1ef3b031
Merge pull request #1568 from pikpikcu/patch-166
...
Create h3c-imc-rce
2021-07-21 18:11:11 +05:30
08f160f0e2
Create nginx-merge-slashes-path-traversal.yaml
2021-07-21 13:46:40 +05:30
16750fd9a2
Create magicflow-lfi.yaml
...
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-07-21 14:18:00 +09:00
21809132da
Renamed to CVE-2021-24340.yaml
2021-07-20 13:36:04 +07:00
13e5528c46
duplicate update
2021-07-20 11:40:23 +05:30
d27fb4c3b0
Renamed CVE-2020-8771.yaml
2021-07-20 12:49:16 +07:00
4dbf36813d
removing duplicate template
2021-07-20 00:43:39 +05:30
6eee57115c
Merge pull request #2083 from projectdiscovery/fixing-xss-matchers
...
fixing-xss-matchers
2021-07-20 00:28:01 +05:30
13d26d8c6d
moving files around
2021-07-20 00:10:30 +05:30
68efee3702
Merge branch 'projectdiscovery:master' into master
2021-07-19 19:48:57 +07:00
7a99c2db48
Rename to CVE-2018-16283
2021-07-19 19:47:31 +07:00
96d7a23ccd
removed duplicate
2021-07-19 18:15:42 +05:30
a88710e503
Removed duplicate template
2021-07-19 16:56:45 +05:30
574245af0d
Update wp-socialfit-xss.yaml
2021-07-19 11:43:07 +05:30
5fcbd0e446
Update wp-slideshow-xss.yaml
2021-07-19 11:42:34 +05:30
f77f66d1e6
Update wp-phpfreechat-xss.yaml
2021-07-19 11:41:40 +05:30
4df08a33c4
Update wp-nextgen-xss.yaml
2021-07-19 11:41:15 +05:30
0329b1b2fb
Update wp-knews-xss.yaml
2021-07-19 11:40:45 +05:30
e14b31489b
Update wp-flagem-xss.yaml
2021-07-19 11:40:14 +05:30
705f431c1c
Update wp-finder-xss.yaml
2021-07-19 11:39:33 +05:30
57c3f3ec20
Update wp-custom-tables-xss.yaml
2021-07-19 11:38:50 +05:30
ac66db36f3
Update wp-church-admin-xss.yaml
2021-07-19 11:38:22 +05:30
19fa522fec
Create mirai-unknown-rce.yaml
...
The unknown exploit targets the login CGI script, where a key parameter is not properly sanitized leading to a command injection.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-07-18 22:44:29 +09:00
63ae086b67
Payload + matcher update
2021-07-17 23:02:43 +05:30
fc38b27176
minor update
2021-07-17 16:32:15 +05:30
33a0ede229
Merge pull request #2009 from gy741/rule-add-v24
...
Create CVE-2020-26919, CVE-2020-25506, OptiLink ONT1GEW GPON RCE, CVE-2021-31755
2021-07-16 18:04:52 +05:30
fbc281f0a1
Merge pull request #2027 from projectdiscovery/yapi-rce
...
Added Yapi RCE
2021-07-16 17:27:37 +05:30
6d27a6fe8e
payload update
2021-07-16 00:34:38 +05:30
07db6737e5
Update wordpress-woocommerce-sqli.yaml
2021-07-16 00:08:42 +05:30
9b7a57bf15
Update wordpress-woocommerce-sqli.yaml
2021-07-15 23:35:02 +05:30
9286c79bc1
Rename optiLink-ont1gew-gpon-rce.yaml to optilink-ont1gew-gpon-rce.yaml
2021-07-15 23:15:45 +05:30
6bf13454ae
Update optiLink-ont1gew-gpon-rce.yaml
2021-07-15 23:15:22 +05:30
382534fedc
Update wordpress-woocommerce-sqli.yaml
2021-07-15 22:58:43 +05:30
ede6df8fa4
Add WooCommerce SQLi Template
2021-07-15 17:02:19 +00:00
642f71278d
Added Yapi RCE
2021-07-15 22:11:22 +05:30
6fcbe11064
Update oscommerce-rce.yaml
2021-07-15 18:29:24 +05:30
9e7bf184b7
minor update
2021-07-15 18:28:08 +05:30
e9b5b8fceb
osCommerce 2.3.4.1 - Remote Code Execution
2021-07-15 18:11:26 +05:30
ba64446d08
Update nativechurch-wp-theme-lfd.yaml
2021-07-15 17:43:45 +05:30
a95133ee3d
Update and rename nativechurch-wp-theme-lfd.yaml to vulnerabilities/wordpress/nativechurch-wp-theme-lfd.yaml
2021-07-15 15:16:37 +05:30
615db88ce6
Merge pull request #2004 from daffainfo/patch-49
...
Create wp-custom-tables-xss.yaml
2021-07-15 14:53:41 +05:30
7cecd5aa3e
Update wp-custom-tables-xss.yaml
2021-07-15 14:34:40 +05:30
22ecd2a192
Merge pull request #2016 from DhiyaneshGeek/master
...
Severity Update
2021-07-15 14:14:38 +05:30
887e7bcfab
Update wordpress-updraftplus-pem-key.yaml
2021-07-15 14:13:25 +05:30
69b04c8a98
Update wordpress-updraftplus-pem-key.yaml
2021-07-15 13:51:19 +05:30
1eb999ce02
Create optiLink-ont1gew-gpon-rce.yaml
...
vulnerabilities in the web-based management interface of OptiLink could allow an authenticated, remote attacker to perform command injection attacks against an affected device.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-07-15 14:57:34 +09:00
ad3f81bc95
Create wp-custom-tables-xss.yaml
2021-07-15 06:21:50 +07:00
11dc9db49e
Merge pull request #1997 from skar4444/sassy-update
...
Update-sassy-social-share-xss
2021-07-14 20:56:57 +05:30
117b0558a9
Update sassy-social-share.yaml
2021-07-14 20:55:05 +05:30
5182b88b54
Merge pull request #1871 from projectdiscovery/huijietong-cloud-fileread
...
Create huijietong-cloud-fileread.yaml
2021-07-14 19:27:43 +05:30
ecd98c6403
Merge pull request #1967 from daffainfo/patch-31
...
Create wp-slideshow-xss.yaml
2021-07-14 19:15:07 +05:30
55ea2242b7
Rename vulnerabilities/wp-slideshow-xss.yaml to vulnerabilities/wordpress/wp-slideshow-xss.yaml
2021-07-14 19:14:06 +05:30
9fb7e17c0d
Merge pull request #1966 from daffainfo/patch-30
...
Create wp-nextgen-xss.yaml
2021-07-14 19:10:26 +05:30
933c1d5f05
Merge pull request #1965 from daffainfo/patch-29
...
Create wp-flagem-xss.yaml
2021-07-14 19:09:34 +05:30
00f1e65d50
Update-sassy-social-share-xss
2021-07-14 17:01:59 +05:30
7e258fcae2
template-fix
2021-07-14 16:07:09 +05:30
69dd5ae8a0
Adding some path
2021-07-13 18:24:23 +07:00
6b8a398a76
Create wp-slideshow-xss.yaml
2021-07-13 18:20:25 +07:00
62cb5ce2bc
Create wp-nextgen-xss.yaml
2021-07-13 18:17:14 +07:00
c751aca059
Create wp-flagem-xss.yaml
2021-07-13 18:15:43 +07:00
83ee761691
Merge pull request #1957 from projectdiscovery/hasura-graphql-ssrf
...
Create hasura-graphql-ssrf.yaml
2021-07-13 15:58:27 +05:30
c8c49c5046
Update hasura-graphql-ssrf.yaml
2021-07-13 15:58:06 +05:30
5fe872788f
minor update
2021-07-13 15:57:10 +05:30
e167cf0ab9
Merge pull request #1937 from daffainfo/patch-20
...
Create wp-phpfreechat-xss.yaml
2021-07-13 15:45:53 +05:30
df0e4b7117
Merge pull request #1938 from daffainfo/patch-21
...
Create wp-finder-xss.yaml
2021-07-13 15:42:29 +05:30
67a679860e
Update wp-finder-xss.yaml
2021-07-13 15:41:44 +05:30
500f0b70f8
Merge pull request #1936 from daffainfo/patch-19
...
Create wp-knews-xss.yaml
2021-07-13 15:36:57 +05:30
08f2cfea0b
Merge pull request #1924 from daffainfo/master
...
WordPress Plugin SocialFit - 'msg' Cross-Site Scripting
2021-07-13 15:29:49 +05:30
a8be22ad0a
Removed as it requires admin login
2021-07-13 15:28:48 +05:30
5a2d81e578
Merge pull request #1935 from daffainfo/patch-18
...
Create wp-church-admin-xss.yaml
2021-07-13 15:22:31 +05:30
06efff9ddd
minor update
2021-07-13 15:21:26 +05:30
cb32c05cfa
Merge pull request #1953 from Akokonunes/patch-17
...
Create wordpress-wordfence-lfi.yaml
2021-07-13 15:00:01 +05:30
47a07b533b
moving files around
2021-07-13 14:59:11 +05:30
920255635b
Merge pull request #1876 from pussycat0x/master
...
web-ftp
2021-07-13 01:53:15 +05:30
8b8663970f
minor update
2021-07-13 01:44:24 +05:30
81f1f8badc
minor update
2021-07-13 01:43:52 +05:30
a1d3678a70
Add files via upload
2021-07-12 23:24:24 +05:30
4ef8ed8e97
Create hasura-graphql-ssrf.yaml
2021-07-12 20:49:09 +05:30
0e195c4138
Merge branch 'projectdiscovery:master' into master
2021-07-12 14:58:59 +07:00
0f46d27b60
Add files via upload
2021-07-11 23:45:02 +05:30
64bdaee44e
Create wp-finder-xss.yaml
2021-07-11 13:23:51 +07:00
d3f21f1793
Create wp-phpfreechat-xss.yaml
2021-07-11 13:19:01 +07:00
e6272bf44c
Create wp-knews-xss.yaml
2021-07-11 13:11:03 +07:00
8a6e78934c
Create wp-church-admin-xss.yaml
2021-07-11 13:07:34 +07:00
361a641483
Update wp-socialfit-xss.yaml
2021-07-11 10:16:24 +05:30
5366b70077
Merge pull request #1931 from daffainfo/patch-16
...
Create wp-securimage-xss.yaml
2021-07-11 10:08:02 +05:30
b830f86384
Update wp-securimage-xss.yaml
2021-07-11 10:02:30 +05:30
b1f755466b
Update wp-ambience-xss.yaml
2021-07-11 09:57:44 +05:30
cc165287fd
Create wp-ambience-xss.yaml
2021-07-11 09:16:13 +07:00
ab85fd5eba
Create wp-securimage-xss.yaml
2021-07-11 09:10:35 +07:00
d0ec1acc76
Create wp-socialfit-xss.yaml
2021-07-11 07:41:04 +07:00
05bc6366f3
Rename wp-supsystic-backup-lfi to wp-supsystic-backup-lfi.yaml
2021-07-11 07:24:41 +07:00
04e5e30051
Update and rename wp-upsystic-backup-lfi to wp-supsystic-backup-lfi
2021-07-11 07:24:27 +07:00
e26b467c76
Create wp-upsystic-backup-lfi
2021-07-11 07:22:38 +07:00
6a99a183cd
Merge pull request #1920 from projectdiscovery/wordpress-user-enum
...
Added wordpress-user-enum
2021-07-10 21:56:17 +05:30
b228b35f83
Added wordpress-user-enum
2021-07-10 21:54:31 +05:30
ba90f28231
Merge pull request #1909 from gy741/rule-add-v17
...
Create icewarp-webclient-rce.yaml
2021-07-10 09:23:50 +05:30
a0d643561f
Update icewarp-webclient-rce.yaml
2021-07-10 09:18:32 +05:30
c36a62a120
Update jira-unauthenticated-installed-gadgets.yaml
2021-07-10 01:28:30 +05:30
3f46e48426
Update jira-unauthenticated-installed-gadgets.yaml
2021-07-10 01:26:45 +05:30
ef74a354ca
Create icewarp-webclient-rce.yaml
...
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-07-09 13:52:28 +09:00
98c925a413
Create jira-unauthenticated-installed-gadgets.yaml
2021-07-08 16:55:20 -04:00
808712f772
Update clockwatch-enterprise-rce.yaml
2021-07-08 14:20:18 +05:30
6e6d383b6c
Update clockwatch-enterprise-rce.yaml
2021-07-08 14:00:27 +05:30
7695526e13
Update clockwatch-enterprise-rce.yaml
2021-07-08 14:00:01 +05:30
a722b9fff6
Create clockwatch-enterprise-rce.yaml
...
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-07-08 13:18:31 +09:00
edc0f1a775
Update opensns-rce.yaml
2021-07-07 18:30:48 +05:30
9588eadaed
minor updates
2021-07-07 18:30:15 +05:30
c3cbee2794
Create opensns-rce.yaml
...
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-07-07 18:49:36 +09:00
0446fe1996
Merge pull request #1844 from rwincey/maestro-unauth-rce
...
LISTSERV Maestro
2021-07-06 23:55:22 +05:30
d8b3cbf750
Update listserv_maestro_rce.yaml
2021-07-06 23:53:38 +05:30
b02708055d
Update listserv_maestro_rce.yaml
2021-07-06 23:52:24 +05:30
07f3f0d988
Removed extra lines and few updates
2021-07-06 23:44:06 +05:30
f683e0bade
Merge pull request #1837 from gy741/rule-add-v10
...
Create huawei-router-auth-bypass.yaml
2021-07-06 23:33:47 +05:30
cc4244d36c
Update huawei-router-auth-bypass.yaml
2021-07-06 23:32:45 +05:30
2373873f30
Merge pull request #1881 from johnjhacking/patch-1
...
Added bypass for 1.9.2
2021-07-06 12:34:07 +05:30
fc68a95803
Template Name/ID update as per assigned CVE
2021-07-06 12:07:53 +05:30
fd13654972
Merge branch 'patch-1' of https://github.com/johnjhacking/nuclei-templates into pr/1827
2021-07-06 12:04:00 +05:30
192201c27c
condition update as per new bypass
2021-07-06 12:03:51 +05:30
a2f283c51b
CVE number was assigned
...
As stated.
2021-07-06 00:32:35 -06:00
9068a38b56
Update reference
...
Currently, the provided reference doesn't exist anymore. However, this tweet posted on May 9th should work as a reference.
2021-07-06 00:27:15 -06:00
601a192703
Added bypass for 1.9.2
...
Another payload was identified, as a bypass in version 1.9.2. This bypass caused the vendor to upgrade to 1.9.3
I have added the bypass and the matcher above. Let me know what you think.
2021-07-05 18:39:25 -06:00
7c06dfaf70
Create huijietong-cloud-fileread.yaml
2021-07-05 21:59:12 +05:30
f55aef6a1b
Merge pull request #1839 from gy741/rule-add-v11
...
Create netgear-router-auth-bypass.yaml
2021-07-05 21:46:00 +05:30
b1e6c71d89
Merge pull request #1857 from Akokonunes/patch-16
...
Create wp-vault-lfi.yaml
2021-07-05 21:08:11 +05:30
ce43643e00
Update and rename wp-vault-lfi.yaml to vulnerabilities/wordpress/wp-vault-lfi.yaml
2021-07-05 21:06:50 +05:30
457ce76e34
minor updates
2021-07-04 17:09:45 +05:30
ecdd86167a
Create lotuscms-rce.yaml
2021-07-04 11:11:19 +00:00
d50459eb9b
Added missing matcher
2021-07-04 01:26:41 +05:30
22421fd38e
Merge pull request #1843 from DhiyaneshGeek/master
...
Update AEM CRX bypass , AEM Debug XSS and Java sean debug page, Jetty showcontexts enable , jfrog-unauth-build-exposed Templates Added
2021-07-04 01:23:20 +05:30
afcbe4cfe4
minor updates
2021-07-04 01:22:08 +05:30
b137eb57d3
More edge cases
...
Only looking for DNS interaction is not reliable as few servers make DNS requests for host included in path or query parameter.
2021-07-04 00:41:57 +05:30
127673455a
Update coldfusion-debug-xss.yaml
2021-07-02 20:55:33 +05:30
e259c3dd2f
Update jfrog-unauth-build-exposed.yaml
2021-07-02 20:53:02 +05:30
52e0c861a1
Merge pull request #1733 from milo2012/master
...
Added CVE-2018-1000130/ CVE-2018-2628/ CVE-2018-2628/ CVE-2019-3401/ CVE-2020-1938/ oracle-bi-default-login/ jolokia-heap-disclosure
2021-07-02 18:27:45 +05:30
e2a0f93f79
misc updates
2021-07-02 18:24:31 +05:30
f02befc6f7
Merge pull request #1834 from pussycat0x/master
...
wp-plugin-1-flash-gallery.yaml
2021-07-02 13:56:53 +05:30
f983baba38
misc changes
2021-07-02 13:55:32 +05:30
2787fc01b6
Update jfrog-unauth-build-exposed.yaml
2021-07-02 08:25:40 +05:30
2fa4382ef5
Create jfrog-unauth-build-exposed.yaml
2021-07-02 08:23:42 +05:30
dad74b4738
LISTSERV Maestro
2021-07-01 12:14:33 -07:00
sandeep
Prince Chaddha
Philippe Delteil
GwanYeong Kim
Sullo
Rizwan Syed
Sullo
Prince Chaddha
PikPikcU
kn1ght
Nuno
Muhammad Daffa
pussycat0x
Geeknik Labs
Noam Rathaus
forgedhallpass
socketz
SaN ThosH
Sanyam Chawla
Dhiyaneshwaran
G4L1T0
lulz
juan mesaglio
rootxharsh
Suman Kar
John Jackson
sandeep
b0yd