Commit Graph

1800 Commits (ad6637e1d7e0eedecaede0076f79e2ad4ecaa04c)

Author SHA1 Message Date
Geeknik Labs 988d0c75c9
Update error-based-sql-injection.yaml 2021-03-17 20:39:57 +00:00
Geeknik Labs 019a193aec
Update error-based-sql-injection.yaml 2021-03-17 19:31:08 +00:00
Geeknik Labs be020357e8
Update error-based-sql-injection.yaml 2021-03-17 19:25:02 +00:00
Geeknik Labs 99bb91c255
Update error-based-sql-injection.yaml 2021-03-17 19:19:27 +00:00
Geeknik Labs 8fe5f4e1ff
Create error-based-sql-injection.yaml
🎉  OMG 🎉 
Detect Error Based SQL Injection
Includes regex matchers + extractors for 29 Database Engines
💥 https://buymeacoffee.com/geeknik 💥
2021-03-17 17:30:53 +00:00
sandeep 3c8432686c Update viewlinc-crlf-injection.yaml 2021-03-16 14:05:20 +05:30
Geeknik Labs e951c75c59
Update viewlinc-crlf-injection.yaml 2021-03-15 20:04:37 +00:00
Geeknik Labs 0068d7ae0c
Create viewlinc-crlf-injection.yaml
This was discovered whilst participating in a private Hacker0x01 bug bounty program.
2021-03-15 20:00:56 +00:00
PikPikcU 6689aa0a81
Create dedecms-carbuyaction-fileinclude.yaml 2021-03-15 08:40:45 +00:00
PikPikcU 332ccbdb36
Create dedecms-membergroup-sqli.yaml 2021-03-15 08:01:47 +00:00
PD-Team fb65d9341b
Merge branch 'master' into patch-4 2021-03-15 00:30:30 +05:30
sandeep ffae74a6a8 Updated to openam-detection 2021-03-15 00:27:59 +05:30
PD-Team 47a7ea85e0
Merge pull request #1066 from r3naissance/master
Add teacherease-xss and parentlink-xss to /vulnerabilities/other/
2021-03-14 17:12:05 +05:30
sandeep e18b34cc64 few updates 2021-03-14 17:07:52 +05:30
Dhiyaneshwaran ed87cc42a8
Create pmb-local-file-disclosure.yaml 2021-03-12 22:42:45 +05:30
sandeep 9ff6adff73 Update wordpress-accessible-wpconfig.yaml 2021-03-12 17:58:35 +05:30
sandeep 28b0636f2d syntax update 2021-03-12 17:32:16 +05:30
PD-Team c35ed8a408
Merge branch 'master' into wordpress-cves 2021-03-12 17:25:27 +05:30
sandeep a0785510f5 Update apache-flink-unauth-rce.yaml 2021-03-12 12:42:17 +05:30
sandeep db18f137e6 linting updates 2021-03-12 12:40:16 +05:30
PD-Team bee7bbdac0
Merge pull request #1037 from PurushottamanR/master
Moodle jitsi plugin XSS detection
2021-03-12 01:13:37 +05:30
sandeep 830cc84899 Update moodle-jitsi-plugin-xss.yaml 2021-03-12 01:08:56 +05:30
sandeep 48dc97b6fe Update moodle-jitsi-plugin-xss.yaml 2021-03-12 01:06:37 +05:30
Chapman Schleiss 655308b864
Added reference 2021-03-11 09:50:26 -07:00
sandeep 86faa863f6 Added some reference 2021-03-11 20:33:36 +05:30
Chapman Schleiss 881cedaabc Adding teacherease-xss 2021-03-10 12:36:44 -07:00
Chapman Schleiss 8a015fe306 Adding parentlink-xss 2021-03-10 12:36:08 -07:00
sandeep ed91c0813e more typos 2021-03-10 19:45:41 +05:30
sandeep 06945d56a8 fixing typos 2021-03-10 19:33:49 +05:30
Prince Chaddha de3b1d27ea added templates 2021-03-10 17:06:11 +05:30
Prince Chaddha ce919375eb Create wordpress-auth-bypass-wptimecapsule.yaml 2021-03-10 12:29:08 +05:30
sandeep 79ebf9b5bd Update moodle-jitsi-plugin-xss.yaml 2021-03-07 14:28:07 +05:30
sandeep 944493d343 wip 2021-03-07 13:48:33 +05:30
sandeep d67648b6d7 Update moodle-jitsi-plugin-xss.yaml 2021-03-07 13:43:48 +05:30
purushottamanr 17a4f315e7 moodle jitsi plugin XSS detection 2021-03-06 13:52:35 -05:00
purushottamanr 7ab99e908a moodle jitsi plugin XSS detection 2021-03-06 13:25:44 -05:00
sandeep 04cc9c44fb xss matchers update 2021-03-04 21:32:34 +05:30
sandeep e9c9c4822f misc update 2021-03-04 21:04:06 +05:30
PikPikcU 4e31596426
Fix 🛠️ 2021-03-03 22:07:46 +07:00
PikPikcU 8a2f8ca4ee
Fix name 🛠️ 2021-03-03 22:03:52 +07:00
PikPikcU b831644c7e
Update apache-sprak-rce.yaml 2021-03-03 21:49:11 +07:00
PikPikcU 0389429c1f
Create apache-sprak-rce.yaml 2021-03-03 11:02:51 +00:00
sandeep fdd015042f Update simple-employee-rce.yaml 2021-03-02 21:42:00 +05:30
PikPikcU 0e78ce0a5b
Create simple-employee-rce.yaml 2021-03-01 11:40:03 +00:00
PikPikcU b9d3325fc6
Create ruijie-networks-lfi.yaml 2021-03-01 10:21:32 +00:00
sandeep 4c319fc79f Update ruijie-networks-rce.yaml 2021-03-01 13:37:10 +05:30
PikPikcU 7ec42cf499
Update ruijie-networks-rce.yaml 2021-03-01 06:57:32 +00:00
PikPikcU c55692e01c
Create ruijie-networks-rce.yaml 2021-03-01 06:56:46 +00:00
PikPikcU 6a4bd45625
Add tags 2021-02-27 00:39:28 +07:00
PikPikcU 481ba6aba1
Create duomicms-sql-injection.yaml 2021-02-26 22:44:31 +07:00
sandeep e29525ecf7 Update hashicorp-consul-rce.yaml 2021-02-26 17:32:50 +05:30
sandeep a15fad8cb7 Update hashicorp-consul-rce.yaml 2021-02-26 17:01:59 +05:30
PikPikcU d926680125
Update hashicorp-consul-rce.yaml 2021-02-26 11:29:22 +00:00
PikPikcU 52f6fab37b
Update hashicorp-consul-rce.yaml 2021-02-26 11:06:28 +00:00
PikPikcU 50f5c91edf
Create hashicorp-consul-rce.yaml 2021-02-26 09:02:50 +00:00
PD-Team 4fb3b338a0
Merge pull request #954 from daffainfo/patch-2
Update wordpress-user-enumeration.yaml
2021-02-26 11:22:23 +05:30
sandeep 36694ceec9 wp workflow update 2021-02-26 11:21:15 +05:30
Muhammad Daffa 1f3b105490
Update wordpress-user-enumeration.yaml 2021-02-26 08:36:34 +07:00
PD-Team 3a22ab23c0
Merge pull request #938 from gano3s/master
Improvement of the regex in open redirection template
2021-02-26 01:20:40 +05:30
sandeep 5241e0f960 Update open-redirect.yaml 2021-02-26 01:16:45 +05:30
sandeep acd1ab4735 misc changes 2021-02-26 00:21:07 +05:30
Dhiyaneshwaran 2e3aa4355f
Merge pull request #18 from projectdiscovery/master
improved matcher
2021-02-25 23:42:45 +05:30
sandeep 9bcd36338e improved matcher 2021-02-25 23:38:40 +05:30
Dhiyaneshwaran b24a1eecae
Create wordpress-affiliatewp-allowed-products.yaml 2021-02-25 23:21:42 +05:30
sandeep 1355185b45 improved matcher 2021-02-25 23:04:21 +05:30
PD-Team 237b268e31
Merge pull request #937 from pikpikcu/patch-82
Create weiphp-path-traversal
2021-02-25 18:43:18 +05:30
sandeep 1dbd3b082b matcher update 2021-02-25 18:29:49 +05:30
PikPikcU 277f7c21d6
Delete weiphp-sql-injection.yaml 2021-02-25 12:37:44 +00:00
PikPikcU bf11f5889f
Update weiphp-sql-injection.yaml 2021-02-25 12:02:35 +00:00
sandeep 609ac0e098 Update rockmongo-xss.yaml 2021-02-25 17:16:33 +05:30
sandeep 3ea4c3a826 Update rockmongo-xss.yaml 2021-02-25 17:15:21 +05:30
PikPikcU 63a71afa62
Create rockmongo-xss.yaml 2021-02-25 11:28:40 +00:00
sandeep c2982994a4 Update weiphp-sql-injection.yaml 2021-02-25 16:36:57 +05:30
sandeep 30483cf1e5 Update weiphp-path-traversal.yaml 2021-02-25 16:18:18 +05:30
ganoes 8927253cb3 Improvement of the regex in open redirection template 2021-02-25 11:13:01 +01:00
PikPikcU 4a55ac7128
Update weiphp-sql-injection.yaml 2021-02-25 10:02:04 +00:00
PikPikcU e81b961873
Update weiphp-sql-injection.yaml 2021-02-25 09:51:58 +00:00
PikPikcU fe995933bc
Create weiphp-sql-injection.yaml 2021-02-25 09:49:18 +00:00
sandeep 48f55d25d0 Update weiphp-path-traversal.yaml 2021-02-25 15:03:56 +05:30
PikPikcU f0f11568c0
Update weiphp-path-traversal.yaml 2021-02-25 09:07:26 +00:00
PikPikcU b18c68674c
Create weiphp-path-traversal.yaml 2021-02-25 08:59:17 +00:00
PD-Team 9e9aa20646
Merge pull request #929 from pikpikcu/patch-80
zhiyuan-oa session leak
2021-02-24 23:24:28 +05:30
sandeep a0175f96c4 Update zhiyuan-oa-info-leak.yaml 2021-02-24 23:22:23 +05:30
sandeep 00abdb4732 Update yarn-resourcemanager-rce.yaml 2021-02-24 21:29:13 +05:30
sandeep 99b1ae2d46 Improved matcher 2021-02-24 21:28:48 +05:30
PikPikcU 2f39160e65
Create zhiyuan-oa-info-leak.yaml 2021-02-24 08:07:57 +00:00
PikPikcU b86a406d26
Create zhiyuan-oa-session-leak.yaml 2021-02-24 08:06:28 +00:00
Muhammad Daffa f6042d3d43
Update wordpress-accessible-wpconfig.yaml 2021-02-22 09:51:01 +07:00
sandeep cd2a3a7a77 Update dedecms-openredirect.yaml 2021-02-20 23:12:14 +05:30
PikPikcU d118e3e8cf
Create dedecms-openredirect.yaml 2021-02-21 00:35:47 +07:00
sandeep 6f74d31e0b few updates 2021-02-20 22:41:54 +05:30
PikPikcU 6ace5ab376
Create finereport-path-traversal.yaml 2021-02-20 23:36:48 +07:00
sandeep 5ffc1aa211 Update metinfo-lfi.yaml 2021-02-20 19:24:20 +05:30
PikPikcU 6e19a6eb45
Create metinfo-lfi.yaml 2021-02-20 07:25:43 +07:00
sandeep d77862ef7b adding tags 2021-02-19 13:51:21 +05:30
PikPikcU e537b279a0
Create cisco-webui-rce.yaml 2021-02-19 14:39:32 +07:00
sandeep b538a7f481 Update seacms-rce.yaml 2021-02-18 20:38:50 +05:30
PikPikcU 15bff234ef
Create seacms-rce.yaml 2021-02-18 20:05:35 +07:00
sandeep 0ca299e92b adding wp template and workflow 2021-02-17 17:33:03 +05:30
sandeep 86243622cc tag updates 2021-02-16 22:32:57 +05:30
sandeep 6d88f03e08 moving files around 2021-02-16 14:54:04 +05:30
sandeep a9769ed11b Update oracle-glassfish-lfi.yaml 2021-02-16 14:25:42 +05:30
PikPikcU b38e84957e
Update oracle-glassfish-lfi.yaml 2021-02-16 08:41:11 +00:00
PikPikcU 35e0b8e2f4
Create oracle-glassfish-lfi.yaml 2021-02-16 08:38:42 +00:00
PD-Team a772670227
Merge pull request #866 from pikpikcu/patch-66
Create cacti-weathermap-file-write
2021-02-16 02:19:45 +05:30
sandeep b4a9d2ec68 Update cacti-weathermap-file-write.yaml 2021-02-16 02:17:45 +05:30
PD-Team f165b4bef4
Merge pull request #867 from Mad-robot/master
Create Zebra_Form_XSS.yaml
2021-02-16 00:30:09 +05:30
sandeep 3bb6b81dc5 misc changes 2021-02-16 00:28:11 +05:30
Geeknik Labs 07eb454de6
Update open-redirect.yaml
Seems a bit rude to add a production website like test.com to a template like this will generate a ton of unexpected traffic for a company who might not be expecting it or appreciating it.
2021-02-15 17:42:57 +00:00
sandeep 55b6b33e93 misc changes 2021-02-15 21:29:12 +05:30
SaN ThosH 18fde04cb7
Update Zebra_Form_XSS.yaml 2021-02-15 17:54:22 +05:30
SaN ThosH 1655381ae6
Update Zebra_Form_XSS.yaml 2021-02-15 17:53:52 +05:30
SaN ThosH 68ffcca822
Update Zebra_Form_XSS.yaml 2021-02-15 17:42:09 +05:30
SaN ThosH 91768dc160
Create Zebra_Form_XSS.yaml 2021-02-15 16:13:31 +05:30
PikPikcU 3f3f9b9f43
Create samsung-wlan-ap-rce.yaml 2021-02-15 06:17:07 +00:00
PikPikcU 50c0d50d3d
Create samsung-wlan-ap-xss.yaml 2021-02-15 05:53:18 +00:00
PikPikcU ef6b416535
Create cacti-weathermap-file-write.yaml 2021-02-15 04:39:47 +00:00
PikPikcU 9daed142be
Create samsung-wlan-ap-lfi.yaml 2021-02-15 04:30:32 +00:00
sandeep eb50c32a64 Update rails6-xss.yaml 2021-02-15 04:27:45 +05:30
sandeep 4d8510a60d Update rails6-xss.yaml 2021-02-15 00:31:40 +05:30
PD-Team f577b9c91e
Merge pull request #860 from Mad-robot/master
Update rails6-xss.yaml
2021-02-15 00:17:02 +05:30
sandeep 6222b9fe49 Added working poc as comment 2021-02-15 00:15:07 +05:30
sandeep 58835cfc59 Update oa-tongda-path-traversal.yaml 2021-02-14 20:24:12 +05:30
SaN ThosH ccd53e0677
Update rails6-xss.yaml 2021-02-14 19:04:20 +05:30
PikPikcU 9362086705
Create oa-tongda-path-traversal.yaml 2021-02-14 12:22:51 +00:00
PD-Team 483161371b
Merge pull request #857 from afaq1337/patch-2
added new signatures for URL Redirect
2021-02-14 17:13:59 +05:30
sandeep 0c82bbb53c Update open-redirect.yaml 2021-02-14 17:12:34 +05:30
sandeep 0ee8b53fb4 payload updates 2021-02-14 17:11:51 +05:30
sandeep 0e5a07232f misc changes 2021-02-14 16:29:41 +05:30
PikPikcU 197bf2286e
Create powercreator-cms-rce.yaml 2021-02-14 08:40:45 +00:00
Afaq dea2fd28dc
update name 2021-02-14 13:35:57 +05:00
Afaq 01535dd36a
added new signatures for URL Redirect
Update double quotes with single quotes against escaping, and added new signatures
2021-02-14 13:29:18 +05:00
sandeep 768c05a9df Update rce-shellshock-user-agent.yaml 2021-02-13 10:25:02 +05:30
sandeep ec7a29957d Adding tags to vulnerabilities and workflows 2021-02-12 11:23:01 +05:30
sandeep 16f23c84be improved matcher 2021-02-12 10:29:05 +05:30
Khaled Mohamed e7c6731d1a
Update
Edit after update from Mohamed elbadry @melbadry9
2021-02-11 22:53:19 +02:00
sandeep 5c419acb32 misc updates 2021-02-12 02:03:38 +05:30
PikPikcU 82acc49390
Update and rename thinkcmf-shell-write.yaml to thinkcmf-rce.yaml 2021-02-11 17:49:03 +00:00
PikPikcU 29eda8d1ab
Create thinkcmf-shell-write.yaml 2021-02-11 17:31:25 +00:00
sandeep e6c31e6512 Update thinkcmf-lfi.yaml 2021-02-11 22:23:14 +05:30
PikPikcU 2b8c738e03
Create thinkcmf-lfi.yaml 2021-02-11 15:46:20 +00:00
sandeep aefbc1db67 misc changes 2021-02-10 22:07:17 +05:30
PikPikcU f27418b7ba
Added apache-flink-rce (#810) 2021-02-10 20:48:24 +05:30
Prince Chaddha e02cba08c8
Create jira-unauthenticated-projectcategories.yaml 2021-02-10 02:59:28 +05:30
Prince Chaddha 41cb45656c
Create jira-unauthenticated-adminprojects.yaml 2021-02-10 02:51:14 +05:30
Prince Chaddha 557f0113ff
Create jira-unauthenticated-resolutions.yaml (#830) 2021-02-10 02:35:12 +05:30
PD-Team 0a82b1920f Added tags to wordpress templates. 2021-02-05 14:53:55 +05:30
PD-Team 83fb22a81b
Merge pull request #801 from pikpikcu/patch-42
Adding sangfor-edr-rce
2021-02-03 17:30:11 +05:30
PD-Team 3a28f79400 Update chamilo-lms-xss.yaml 2021-02-03 16:58:43 +05:30
PikPikcU c21acfa7a0
Create sangfor-edr-rce.yaml 2021-02-03 04:40:07 +00:00
Geeknik Labs 26f1e7d857
Create chamilo-lms-xss.yaml 2021-02-01 20:54:21 +00:00
PD-Team fa732d4565
Merge pull request #787 from pikpikcu/patch-36
Create dlink-dir-850l-info-leak
2021-02-01 23:12:23 +05:30
PD-Team b476243f85 misc changes 2021-02-01 23:11:29 +05:30
PD-Team de3338ebb7 Update caucho-resin-info-disclosure.yaml 2021-02-01 23:03:11 +05:30
PD-Team fc3eb4e73e few updates 2021-02-01 23:02:39 +05:30
PD-Team c649ff4a85 Added key-cloak xss and admin panel 2021-02-01 22:17:31 +05:30
PikPikcU 3a2a99cd63
Create caucho-resin-information-disclosure.yaml 2021-02-01 15:43:29 +00:00
PD-Team 6101f8e537 misc update 2021-01-31 12:54:53 +05:30
PikPikcU ed4b717d65
Create wooyun-path-traversal.yaml 2021-01-30 21:37:05 +00:00
PD-Team f6ccec48ed Update CNVD-2020-62422.yaml 2021-01-30 18:33:26 +05:30
PikPikcU 64209dca7d
Create CNVD-2020-62422.yaml 2021-01-30 10:45:17 +00:00
PD-Team a887ebe289 few updates 2021-01-26 20:01:01 +05:30
PR3R00T 7f1abf1e4b
Update sonicwall-sslvpn-shellshock.yml 2021-01-26 10:45:15 +00:00
PR3R00T 1712d10086
Update sonicwall-sslvpn-shellshock.yml 2021-01-26 10:44:17 +00:00
PR3R00T 4782898579
Update sonicwall-sslvpn-shellshock.yml 2021-01-26 10:40:48 +00:00
PR3R00T f4529d02c5
Update sonicwall-sslvpn-shellshock.yml 2021-01-26 10:37:18 +00:00
PR3R00T abe3f04402
Update sonicwall-sslvpn-shellshock.yml 2021-01-26 10:34:17 +00:00
PR3R00T 45d26b875e
New Sonicwall 0day Exploit test 2021-01-26 10:20:46 +00:00
PD-Team c762044d29 updating incorrect file permissions 2021-01-21 23:28:32 +05:30
PD-Team a98c2c6bb1 moving files 2021-01-21 23:11:15 +05:30
PD-Team de09cbbd43 updating template 2021-01-21 20:17:20 +05:30
PD-Team 1a14ff8c44 syntax update 2021-01-19 12:33:48 +05:30
parrot 58ebf59035 Added ThinkPHP templates and signature. 2021-01-19 01:16:59 -03:00
PD-Team dc24595935 BaseURL updates 2021-01-14 20:11:56 +05:30
Khaled Mohamed 5c2eabbebc
Create openam-ldap-injection.yaml
reference: https://blog.cybercastle.io/ldap-injection-in-openam/

The vulnerability was found in the password reset feature that OpenAM provides. When a user tries to reset his password, he is asked to enter his username then the backend validates whether the user exists or not through an LDAP query before the password reset token is sent to the user’s email.
2021-01-13 23:36:19 +02:00
team-projectdiscovery 106da77fc3 Preparing for request clustering 2021-01-13 13:01:46 +05:30
team-projectdiscovery b5159893d0 removing duplicate template 2021-01-13 12:40:31 +05:30
team-projectdiscovery 0b4c49e485 misc 2021-01-11 13:24:57 +05:30
team-projectdiscovery c62dfd2b53 adding few from masters 2021-01-11 12:28:56 +05:30
team-projectdiscovery 1468d8a52c matcher updates 2021-01-11 12:14:22 +05:30
team-projectdiscovery b5dd30abf5 fixes 2021-01-11 04:09:54 +05:30
team-projectdiscovery b80ca7732d linting errors 2021-01-11 03:31:24 +05:30
team-projectdiscovery a52ffe5c4e fixes and updates 2021-01-10 19:45:36 +05:30
team-projectdiscovery a90d047991 Massive template checks addition 🎉 🎉 2021-01-10 18:41:25 +05:30
team-projectdiscovery 187e4a5feb moving more files around 2021-01-09 18:32:04 +05:30
team-projectdiscovery 95d784d9b7 moving folder/files around 2021-01-08 22:25:54 +05:30
team-projectdiscovery 9a1c93c1c0 Update thinkific-redirect.yaml 2020-12-29 11:30:30 +05:30
Gal Nagli c5838760fe
Create thinkific-redirect.yaml 2020-12-29 00:51:40 +02:00
team-projectdiscovery fb3b2551df Removing as this is same as cve-2020-11738 2020-12-23 19:31:29 +05:30
team-projectdiscovery 441c1d2c40 updated rails6-xss 2020-12-23 14:54:03 +05:30
PD-Team 280ad158a5
Merge pull request #682 from PR3R00T/patch-6
Linux appliance version of vmware-vcenter-lfi.yaml
2020-12-15 01:14:33 +05:30
team-projectdiscovery 6690a49299 Update vmware-vcenter-lfi-linux.yaml 2020-12-15 01:14:06 +05:30
team-projectdiscovery 961977a1d4 Update easy-wp-smtp-listing.yaml 2020-12-14 19:04:51 +05:30
PR3R00T 9d6d6bbd70
Linux appliance version of vmware-vcenter-lfi.yaml
Looking into the references in vmware-vcenter-lfi.yaml, Twitter comments also mentioned it affecting the Linux appliance version (VMWare PSC). 
I created this template and tested it on vulnerable PSCs.
2020-12-13 20:30:05 +00:00
PR3R00T 76e8315c3f
Create easy-wp-smtp-listing.yaml 2020-12-13 20:05:21 +00:00
team-projectdiscovery d0df82d928 Adding content type checks for XSS templates 2020-12-14 00:54:23 +05:30
Dwi Siswanto 0d103fe950 ✏️ Update description 2020-12-09 15:53:20 +07:00
Dwi Siswanto 711053cfa5 🔥 Add McAfee ePO RCE vulnerability 2020-12-09 15:33:35 +07:00
bauthard 9d51cec01e Reference update 2020-11-23 23:56:36 +05:30
bauthard beb578cdf0 Marker updates to payloads
Adding § marker to variable names to avoid any confusion with real data and variable name, supported from nuclei v2.2.0
2020-11-21 12:25:49 +05:30
Geeknik Labs bc398cf3e3
Update open-redirect.yaml
Add `langTo` parameter.
2020-11-16 17:02:48 +00:00
Geeknik Labs a2243cbf30
Update open-redirect.yaml
Add missing host to `RequestURI`. 👍🏻
2020-11-16 16:52:13 +00:00
bauthard 4f746684c8 Encoding updates 2020-11-10 19:43:51 +05:30
bauthard 377a7df758 Adding NUUO NVRmini2 3.0.8 - Remote Code Execution 2020-11-09 16:09:50 +05:30
bauthard e55d12c8de
Merge pull request #587 from dwisiswant0/add-vuln/wordpress-wpcourses-info-disclosure
Add wordpress-wpcourses-info-disclosure
2020-10-23 02:16:07 +05:30
bauthard c11b53eedb Update sassy-social-share.yaml 2020-10-23 02:08:55 +05:30
Dwi Siswanto 4e09270571 🔥 Add wordpress-wpcourses-info-disclosure 2020-10-20 23:46:12 +07:00
Robbie 6a1ade3566
Create sassy-social-share.yaml 2020-10-20 16:28:01 +01:00
bauthard ec50c8519e
Merge pull request #574 from dwisiswant0/add/vpms-auth-bypass
Add Vehicle Parking Management System 1.0 - Authentication Bypass
2020-10-16 13:23:21 +05:30
Dwi Siswanto 5885f7b7cc 🔥 Add VPMS Auth Bypass 2020-10-16 02:42:37 +07:00
Dwi Siswanto 8903773275 📝 Add more regex patterns 2020-10-16 02:32:52 +07:00
Dwi Siswanto c098675c01 🔥 Add ZMS Auth Bypass 2020-10-16 02:30:42 +07:00
Dwi Siswanto f899b78fa8 🔥 Add rConfig RCE 2020-10-16 00:26:11 +07:00
bauthard 29ec4777e2 Update vmware-vcenter-lfi.yaml 2020-10-13 21:34:12 +05:30
bauthard aa83f5e443 Update vmware-vcenter-lfi.yaml 2020-10-13 21:32:26 +05:30
Dwi Siswanto 7b662fbaee 🔨 Update regex pattern 2020-10-13 22:51:29 +07:00
Dwi Siswanto ac8c5c98b4 🔨 Using paths as payloads 2020-10-13 21:55:29 +07:00
Dwi Siswanto e0afe64ec1 📝 Remove additional matchers based on docs.vmware.com 2020-10-13 21:34:08 +07:00
Dwi Siswanto e238af244b 🔥 Add VMware vCenter Unauthenticated Arbitrary File Read 2020-10-13 21:24:30 +07:00
bauthard 1a01b49bd5 Removed host-header-injection
Removing as this template look for reflection and not HTTP interaction, that is also not possible to detect for now.
2020-10-12 21:19:32 +05:30
bauthard 901f8d4483
Rename Symantec-Messaging-Gateway.yaml to symantec-messaging-gateway.yaml 2020-10-08 16:01:14 +05:30
bauthard 072adb6681 template update 2020-10-08 03:49:59 +05:30
Hacker2202 4b42f6852a Add Oracle-EBS LFI 2020-10-07 21:59:39 +00:00
bauthard 1c602223fb template update 2020-10-06 19:38:59 +05:30
Robbie 53c296c49a
Create w3c-total-cache.yaml 2020-10-06 10:45:54 +01:00
bauthard 2ae545cab4 some updates 2020-10-02 22:28:16 +05:30
bauthard 864c0781b4
Merge pull request #394 from sushant-kamble/master
[fuzzing][wip] new template in vulnerability
2020-10-02 22:23:42 +05:30
bauthard 471daf1bfd Update arbitrary-file-read.yaml 2020-10-02 22:22:52 +05:30
mohammedshine bcf83e3191
Update open-redirect.yaml 2020-10-01 20:49:01 +05:30
bauthard 6045c00987 wordpress workflow update 2020-09-27 13:22:13 +05:30
bauthard debc3c846a Update wordpress-social-metrics-tracker.yaml 2020-09-27 13:14:52 +05:30
bauthard dae1c4af79 Update wordpress-social-metrics-tracker.yaml 2020-09-27 13:12:57 +05:30
Robbie 0a92a6acc4
Create wordpress-social-metrics-tracker.yaml 2020-09-26 09:20:15 +01:00
bauthard dbfa0fca2d severity updates 2020-09-20 18:27:43 +05:30
bauthard 2febdea3ec
Merge pull request #476 from al3xdelarge/master
Replace /etc/shadow by /etc/passwd
2020-09-17 14:04:13 +05:30
aron ac0df32184 Fix malformed yaml 2020-09-17 10:30:45 +02:00
aron 7140ca2430 Fix malformed yaml 2020-09-17 10:24:16 +02:00
aron 3deec15ad1 Fix malformed yaml 2020-09-17 10:23:00 +02:00
aron 7d434171fc Adapt matcher to passwd 2020-09-17 10:15:41 +02:00
aron 0f7b226f69 Replace shadow by passwd 2020-09-17 10:13:19 +02:00
bauthard a33439106d Update Symantec-Messaging-Gateway.yaml 2020-09-16 17:56:22 +05:30
Robbie 67bd041417
Create Symantec-Messaging-Gateway.yaml 2020-09-16 12:13:10 +01:00
Ice3man543 ffef121561 Normalized id fields to match schema regex 2020-09-16 00:55:55 +05:30
bauthard d0b47926dc
Merge pull request #453 from dwisiswant0/springboot/h2-db-rce
Add Spring Boot H2 Database RCE
2020-09-13 21:33:14 +05:30
Dwi Siswanto 9fbcc70b37 🔥 Add Spring Boot H2 Database RCE 2020-09-13 22:33:07 +07:00
flag007 0a49f1255e
Update open-redirect.yaml 2020-09-13 20:45:16 +08:00
bauthard 52b5f5bb13
Merge pull request #429 from random-robbie/patch-5
Create wordpress-emails-verification-for-woocommerce.yaml
2020-09-10 19:26:37 +05:30
Dwi Siswanto 74ca1daede ✏️ Replace em-dash with dash 2020-09-09 22:08:12 +07:00
bauthard 8e645bff19 Update wordpress-emails-verification-for-woocommerce.yaml 2020-09-08 23:57:06 +05:30
Robbie 31b049898e
Update wordpress-emails-verification-for-woocommerce.yaml 2020-09-08 12:25:55 +01:00
Robbie 07c84b347e
Create wordpress-emails-verification-for-woocommerce.yaml 2020-09-08 12:12:53 +01:00
PikPikcU 9c6f45a08a
Create mida-eframework-xss.yaml 2020-09-08 09:45:12 +00:00
bauthard 450df94e3d Update bullwark-momentum-series-directory-traversal.yaml 2020-09-07 02:16:06 +05:30
PikPikcU 67f72d11e6
Create bullwark-momentum-series-directory-traversal.yaml 2020-09-05 14:58:51 +00:00
un-fmunozs 21c8656c12 False positive on XSS templates
Encode XSS payload to prevent false positives when the Query string is returned AS IS by the server. Recent browsers will always send the parameters encoded.
2020-09-03 10:56:31 -05:00
sushant-kamble 25fd4da110 new template 2020-09-02 17:22:30 -05:00
Dwi Siswanto ca4dbf605b 🔡 Justifying id's 2020-09-01 09:25:25 +07:00
bauthard 9bf0b6dbaf uniform format 2020-09-01 00:04:29 +05:30
bauthard 6abc3c9429
Merge pull request #369 from projectdiscovery/wems-manager-xss
Create wems-manager-xss.yaml
2020-08-30 11:11:18 +05:30
bauthard 140716bac8 Create wems-manager-xss.yaml 2020-08-30 11:10:09 +05:30
bauthard 62cbf524aa
Merge pull request #368 from projectdiscovery/eclipse-help-system-xss
Create eclipse-help-system-xss.yaml
2020-08-30 10:39:19 +05:30
bauthard 01d055aa1f Update eclipse-help-system-xss.yaml 2020-08-30 10:38:28 +05:30
bauthard 5a860c63ed Create eclipse-help-system-xss.yaml 2020-08-30 10:35:28 +05:30
bauthard 1d8b3f71a0 Update sick-beard-xss.yaml 2020-08-29 02:33:17 +05:30
bauthard 99c83642fa Create sick-beard-xss.yaml 2020-08-29 02:25:56 +05:30
bauthard 747aa48d09
Merge pull request #345 from aqme/master
Add *description* property to nuclei-templates
2020-08-28 01:09:39 +05:30
toufik-airane 8cc901ced0
comment reference field 2020-08-27 21:05:33 +02:00
toufik-airane 146e114a3b
fix minor yamllint issues
Fix minor yamllint issues to move forward.
2020-08-25 22:18:58 +02:00
bauthard ddb9a608ff Update rce-via-java-deserialization.yaml 2020-08-26 01:22:50 +05:30
toufik-airane 79ccce2ae4
add few descriptions
add few descriptions and references on /vulnerabilities/ templates.
2020-08-25 21:43:43 +02:00
toufik-airane 9990d326e4
CRLF injection
update description
2020-08-25 18:46:19 +02:00
toufik-airane 79e826d782
CouchDB Admin Party
update description
2020-08-25 17:29:11 +02:00
Khaled Mohamed 532072c677
Update crlf-injection.yaml 2020-08-11 14:58:53 +02:00
Aron Molnar f4ebffa1bc
Improve shellshock payload 2020-08-06 10:03:58 +02:00
un-fmunozs 03eb473c7b Update rce-via-java-deserialization.yaml
Add rce-via-java-deserialization id
2020-08-05 22:57:52 -05:00
bauthard f5d35e3fad minor fixs 2020-08-01 02:18:24 +05:30
SaN ThosH 99d78127ea
Nginx virtual host traffic status module XSS
https://github.com/vozlt/nginx-module-vts/issues/174
2020-07-31 23:18:14 +05:30
bauthard b44f47c502 matcher updates 2020-07-31 23:12:34 +05:30
SaN ThosH a46612e7b7
Create tikiwiki-reflected-xss.yam 2020-07-31 22:55:41 +05:30
bauthard d6930042a9 trailing-spaces 2020-07-31 15:32:19 +05:30
bauthard 9be9a16bbc
Merge pull request #269 from eugui/patch-4
Update open-redirect.yaml
2020-07-28 21:16:58 +05:30
bauthard e23e6767fd updating template 2020-07-28 20:44:22 +05:30
d[-_-]b 318a78ebef
Update open-redirect.yaml 2020-07-28 14:29:36 +01:00
Alfie Njeru 6e8b732d57
Update oracle-ebs-bispgraph-file-access-vulnerability(rce).yaml 2020-07-27 12:37:21 +03:00
Alfie Njeru 5340a96e4c
Oracle EBS Bispgraph File Access Vulnerability
A test to check whether you can read the etc/password file on a vulnerable Oracle Enterprise Business Suite instance
2020-07-27 12:25:15 +03:00
bauthard 4651a012cd
Rename RCE-via-java-deserialization.yaml to rce-via-java-deserialization.yaml 2020-07-24 15:02:04 +05:30
bauthard 55ccaba797 Update RCE-via-java-deserialization.yaml 2020-07-24 14:59:46 +05:30
uhnysh 5e26af7cfc
Update RCE-via-java-deserialization.yaml 2020-07-24 14:54:31 +05:30
uhnysh 41f25f0fc2
rce via java deserialization 2020-07-24 14:45:31 +05:30
bauthard 0153c765a9 Update open-redirect.yaml 2020-07-21 13:32:10 +05:30
Ice3man543 ed4e9e7feb Fixed default condition OR to AND in false-positives 2020-07-08 17:08:57 +05:30
Harsh Bothra 3d7f039cbd
Rename ibm-infoprint-directory-traversal to ibm-infoprint-directory-traversal.yaml 2020-07-07 17:41:34 +05:30
Harsh Bothra 97db04d90e
Create ibm-infoprint-directory-traversal
IBM InfoPrint 4247-Z03 Impact Matrix Printer - Directory Traversal
2020-07-07 17:40:48 +05:30
Mohamed Elbadry 3381eed789
Update open-redirect.yaml 2020-07-06 16:21:43 +02:00
Mohamed Elbadry d2f024dc32
Update crlf-injection.yaml 2020-07-06 16:16:27 +02:00
Mohamed Elbadry e255561721
Update crlf-injection.yaml 2020-07-06 16:11:29 +02:00
bauthard 6d498a6054 syntax update 2020-07-06 13:57:46 +05:30
bauthard 991376c439
Merge pull request #174 from dwisiswant0/development
Adding Spring Boot Actuators (Jolokia) XXE
2020-07-02 23:07:34 +05:30
dw1 ecd295aff4 🔥 Add Springboot Actuators (Jolokia) XXE Vulnerability 2020-07-02 23:15:33 +07:00
organiccrap 2d8c78c263 updates 2020-07-02 21:53:41 +08:00
Ice3man e9c23dffe0
Merge pull request #126 from projectdiscovery/iceman-regex-fix
Regex issues fix by simplifying and fixing some edge cases
2020-06-22 08:36:29 -07:00
Manuel Bua 7df644ed6a Handle more spacing edge-cases, anchor at end of line 2020-06-22 13:15:01 +02:00
Manuel Bua 15fa8f2244 Switch to multiline matching to avoid false positives 2020-06-22 12:26:30 +02:00
Manuel Bua c7262c3ee7 Handle spaces in non-standard response headers 2020-06-22 10:55:52 +02:00
dudez 4ec258bd16
Handle protocol-relative URL in redirects 2020-06-22 10:02:43 +02:00
Manuel Bua c08676116c Handle some more edge cases 2020-06-21 23:04:37 +02:00
Aditya Soni 1ccc5d2b53
Update rce-shellshock-user-agent.yaml 2020-06-03 05:38:36 +05:30
Khaled Mohamed b390ffa076
Create rce-shellshock-user-agent.yaml 2020-05-28 17:20:00 +02:00
Ice3man 4480395e5c
Update open-redirect.yaml 2020-05-27 22:24:32 +05:30
Ice3man 1a558c820b
Update crlf-injection.yaml 2020-05-27 21:40:32 +05:30
Ice3man 0ae2fe3c85
Better regex for CRLF injection that catches whitespaces 2020-05-27 21:38:40 +05:30
Ice3man543 1758728197 Linting refactor to make yamllint happy 2020-05-25 17:22:12 +05:30
Fabian Affolter 3dfc2f99db
Update syntax 2020-05-25 10:24:39 +02:00
Fabian Affolter 4404138e70
Fix syntax 2020-05-25 00:19:21 +02:00
Pxmme 8b6bd2f717
Update crlf-injection.yaml 2020-05-24 14:22:35 +02:00
bauthard 6e495e41e7
Merge pull request #88 from Pxmme/master
Updating open redirect detection with regex + more payloads
2020-05-17 04:11:36 +05:30
Pxmme 6961c63659
Adding @ for Twitter handles cause Andi bitched about it 2020-05-16 23:39:47 +02:00
Pxmme 22c85b660f
Updating authors with Twitter handles + forgot Andi for giving me a few path based payloads 2020-05-16 23:32:21 +02:00
Pxmme 42e05c89b5
Forgot to add fisher who gave me the GET param list! 2020-05-16 23:28:20 +02:00
Pxmme 7c25948a33
Update open-redirect.yaml 2020-05-16 23:25:31 +02:00
Pxmme e33d72e4f2
Update and rename path-based-open-redirect-1.yaml to open-redirect.yaml 2020-05-16 23:25:16 +02:00
bauthard 0d5b682e94 updating cve names 2020-05-08 18:40:02 +00:00
Michael Blake 5caa7cecb9 Reduce false-positives for Moodle XSS 2020-05-07 21:50:17 -07:00
Nadino92 73d4a18752
CRLF injection
CRLF injection with normal encoding and unicode bypass encoding https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/CRLF%20Injection
2020-05-04 17:53:49 +02:00
Aditya Soni 4a1d217c9a
Create cached-aem-pages.yaml 2020-04-25 20:08:27 +05:30
bauthard f708589c91
updating template ID. 2020-04-22 15:24:04 +05:30
Mohamed Elbadry b9a7f2b384
Create x-forwarded-host-injection.yaml 2020-04-22 07:05:14 +02:00
Prince Chaddha 82f2a9dfa6
Update twig-php-ssti.yaml 2020-04-20 17:44:59 +05:30
bauthard 6ea37ba7e5
fixing the template. 2020-04-09 19:06:44 +05:30
bauthard c3af1e5cd2
fixing the format 2020-04-09 18:11:59 +05:30
bauthard 634db637af
Update and rename Moodle filter_jmol lfi.yaml to moodle-filter-jmol-lfi.yaml 2020-04-08 22:29:16 +05:30
bauthard 99f56328a5
Update and rename Moodle filter_jmol XSS.yaml to moodle-filter-jmol-xss.yaml 2020-04-08 22:22:17 +05:30
bauthard 1f53153ef3
Update and rename PDF Signer v3.0 - SSTI to RCE via CSRF Cookie.yaml to pdf-signer-ssti-to-rce.yaml 2020-04-08 22:20:31 +05:30
bauthard eee4ed9198
Update and rename WordPress Wordfence 7.4.6 XSS.yaml to wordpress-wordfence-xss.yaml 2020-04-08 22:19:00 +05:30
bauthard 27a44abdba
Update and rename WordPress duplicator Path Traversal.yaml to wordpress-duplicator-path-traversal.yaml 2020-04-08 22:17:56 +05:30
bauthard 27f29ab484
adding twig-php-ssti 2020-04-08 22:00:10 +05:30
bauthard 1431ca6265
Create discourse-xss.yaml 2020-04-08 21:40:51 +05:30
SaN ThosH e0a4f22bc0
Update WordPress duplicator Path Traversal.yaml 2020-04-08 18:58:11 +05:30
SaN ThosH 366688b5d8
Update WordPress Wordfence 7.4.6 XSS.yaml 2020-04-08 18:57:59 +05:30
SaN ThosH 15a27df85f
Update Moodle filter_jmol XSS.yaml 2020-04-08 18:57:52 +05:30
SaN ThosH 29a58d9465
Update and rename Moodle filter_jmol multiple vulnerabilities.yaml to Moodle filter_jmol lfi.yaml 2020-04-08 18:20:43 +05:30
SaN ThosH 1b346644e7
Create Moodle filter_jmol XSS.yaml 2020-04-08 18:18:06 +05:30
SaN ThosH f5eddff072
Create Moodle filter_jmol multiple vulnerabilities.yaml 2020-04-08 18:17:16 +05:30
SaN ThosH be72ce2889
Create PDF Signer v3.0 - SSTI to RCE via CSRF Cookie.yaml 2020-04-08 18:15:37 +05:30
SaN ThosH fb3b4ed44d
Create WordPress duplicator Path Traversal.yaml 2020-04-08 17:43:25 +05:30
SaN ThosH bd7a74ae84
Update WordPress Wordfence 7.4.6 XSS.yaml 2020-04-08 17:37:15 +05:30
SaN ThosH edc7a1ed8c
Create WordPress Wordfence 7.4.6 XSS.yaml 2020-04-08 17:36:42 +05:30
bauthard a3935196cf
more updates. 2020-04-06 17:58:53 +05:30
bauthard 1d75ccaa2c
updating the id and name for better understanding 2020-04-06 17:56:14 +05:30
MMrhassel 16ded6d47e
Create open-redirect.yaml 2020-04-06 14:12:30 +02:00