daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
14,485 Commits
17 Branches
0 Tags
165 MiB
Commit Graph

1792 Commits (b004e464dc056ad3f2e7a9c45c7f6fe79a3bb3a9)

Author SHA1 Message Date
Hassan Khan e667127067 Merge branch 'master' of https://github.com/Splint3r7/nuclei-templates 2022-03-30 10:42:37 +05:00
Hassan Khan df4bc6693d WordPress LFI 2022-03-30 10:42:22 +05:00
Hassan Khan 1da098f499 Will push again 2022-03-30 10:39:37 +05:00
Hassan Khan 1f815786c0 LFI Templates 2022-03-30 10:35:04 +05:00
Muhammad Daffa 10fe7186ca
Create admin-word-count-column-lfi.yaml 2022-03-29 19:59:12 +07:00
Muhammad Daffa 605bb41f03
Update amministrazione-aperta-lfi.yaml 2022-03-29 19:58:21 +07:00
Muhammad Daffa 613a5800ae
Create amministrazione-aperta-lfi.yaml 2022-03-29 19:55:33 +07:00
sandeep e82f14ee67 additional reference + path update 2022-03-28 22:28:04 +05:30
Sandeep Singh 5f28041069
Added Spring Boot Log4j Remote Code Injection (#3993) 
* Added Spring Boot Log4j Remote Code Injection

* minor improvements to CVE-2021-44228

* URI based payload update to catch injection point
 2022-03-28 01:46:50 +05:30
gy741 04ec5b6b6d
Create netgear-wac124-router-auth-bypass.yaml (#3986) 
* Create netgear-wac124-router-auth-bypass.yaml

This vulnerability allows network-adjacent attackers to bypass authentication on affected of WAC124, AC2000 routers. Authentication is not required to exploit this vulnerability.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>

* misc update

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
 2022-03-27 20:40:41 +05:30
东方有鱼名为咸 38a902317f
add springcloud-function-spel-rce (#3991) 
* add springcloud-function-spel-rce

* misc updates

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
 2022-03-27 20:17:28 +05:30
Sandeep Singh eeff6b26b8
more strict matchers (#3987) 2022-03-26 16:45:50 +05:30
Prince Chaddha 948ceb8b11
Create oracle-fatwire-lfi.yaml (#3975) 
* Create oracle-fatwire-lfi.yaml

* Update oracle-fatwire-lfi.yaml

* Update oracle-fatwire-lfi.yaml

Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
 2022-03-26 14:56:13 +05:30
MostInterestingBotInTheWorld eb23e6e44e
Dashboard Content Enhancements (#3980) 
Dashboard Content Enhancements
 2022-03-25 10:16:18 -04:00
MostInterestingBotInTheWorld 814d07fb7d
Dashboard Content Enhancements (#3961) 
* Enhancement: default-logins/viewpoint/trilithic-viewpoint-login.yaml by mp

* Enhancement: default-logins/visionhub/visionhub-default-login.yaml by mp

* Enhancement: default-logins/weblogic/weblogic-weak-login.yaml by mp

* Enhancement: default-logins/wifisky/wifisky-default-login.yaml by mp

* Enhancement: default-logins/wso2/wso2-default-login.yaml by mp

* Enhancement: default-logins/xerox/xerox7-default-login.yaml by mp

* Enhancement: default-logins/xxljob/xxljob-default-login.yaml by mp

* Enhancement: default-logins/zabbix/zabbix-default-login.yaml by mp

* Enhancement: default-logins/zmanda/zmanda-default-login.yaml by mp

* Enhancement: dns/azure-takeover-detection.yaml by mp

* Enhancement: dns/cname-fingerprint.yaml by mp

* Enhancement: dns/cname-service-detection.yaml by mp

* Enhancement: dns/detect-dangling-cname.yaml by mp

* Enhancement: dns/dns-waf-detect.yaml by mp

* Enhancement: default-logins/weblogic/weblogic-weak-login.yaml by mp

* Enhancement: default-logins/xxljob/xxljob-default-login.yaml by mp

* Enhancement: dns/dnssec-detection.yaml by mp

* Enhancement: dns/ec2-detection.yaml by mp

* Add CVSS/CWE

* Trailing space

* Linting error on comment indentation

* Typo

* Enhancement: dns/elasticbeantalk-takeover.yaml by mp

* Enhancement: cves/2020/CVE-2020-23517.yaml by mp

* Enhancement: dns/elasticbeantalk-takeover.yaml by mp

* Enhancement: dns/mx-fingerprint.yaml by mp

* Enhancement: dns/mx-service-detector.yaml by mp

* Enhancement: dns/nameserver-fingerprint.yaml by mp

* Enhancement: dns/ptr-fingerprint.yaml by mp

* Enhancement: dns/servfail-refused-hosts.yaml by mp

* Enhancement: dns/spoofable-spf-records-ptr.yaml by mp

* Enhancement: dns/txt-fingerprint.yaml by mp

* Enhancement: dns/worksites-detection.yaml by mp

* Enhancement: exposed-panels/3g-wireless-gateway.yaml by mp

* Enhancement: exposed-panels/acemanager-login.yaml by mp

* Enhancement: exposed-panels/acrolinx-dashboard.yaml by mp

* Enhancement: dns/mx-fingerprint.yaml by mp

* Enhancement: dns/mx-service-detector.yaml by mp

* Enhancement: dns/ptr-fingerprint.yaml by mp

* Enhancement: dns/servfail-refused-hosts.yaml by mp

* Enhancement: dns/spoofable-spf-records-ptr.yaml by mp

* Enhancement: cves/2021/CVE-2021-39501.yaml by mp

* Enhancement: cves/2021/CVE-2021-40323.yaml by mp

* Enhancement: cves/2021/CVE-2021-40539.yaml by mp

* Enhancement: cves/2021/CVE-2021-40542.yaml by mp

* Enhancement: cves/2021/CVE-2021-40856.yaml by mp

* Enhancement: cves/2021/CVE-2021-40859.yaml by mp

* Enhancement: cves/2021/CVE-2021-40323.yaml by mp

* Enhancement: cves/2021/CVE-2021-40539.yaml by mp

* Enhancement: cves/2010/CVE-2010-1875.yaml by mp

* Enhancement: exposed-panels/aims-password-portal.yaml by mp

* Enhancement: exposed-panels/airflow-panel.yaml by mp

* Enhancement: exposed-panels/akamai-cloudtest.yaml by mp

* Enhancement: exposed-panels/alfresco-detect.yaml by mp

* Enhancement: exposed-panels/alienvault-usm.yaml by mp

* Enhancement: exposed-panels/ambari-exposure.yaml by mp

* Enhancement: exposed-panels/amcrest-login.yaml by mp

* Enhancement: exposed-panels/ametys-admin-login.yaml by mp

* Enhancement: exposed-panels/ametys-admin-login.yaml by mp

* Enhancement: exposed-panels/alienvault-usm.yaml by mp

* Enhancement: exposed-panels/airflow-panel.yaml by mp

* Enhancement: exposed-panels/aims-password-portal.yaml by mp

* Enhancement: exposed-panels/ambari-exposure.yaml by mp

* Enhancement: cnvd/2021/CNVD-2021-17369.yaml by mp

* Enhancement: exposed-panels/apache/public-tomcat-manager.yaml by mp

* Enhancement: exposed-panels/apache/apache-apisix-panel.yaml by mp

* Enhancement: exposed-panels/ansible-tower-exposure.yaml by mp

* Enhancement: exposed-panels/ampps-panel.yaml by mp

* Enhancement: exposed-panels/ampps-admin-panel.yaml by mp

* Enhancement: exposed-panels/ametys-admin-login.yaml by mp

* Enhancement: cves/2010/CVE-2010-1878.yaml by mp

* Fix encoded chars

* trailing space

* Enhancement: cnvd/2021/CNVD-2021-15822.yaml by mp

* Enhancement: cnvd/2021/CNVD-2021-15822.yaml by mp

* Enhancement: cnvd/2021/CNVD-2021-15822.yaml by mp

* Enhancement: exposed-panels/apache/tomcat-pathnormalization.yaml by mp

* Enhancement: cves/2021/CVE-2021-40542.yaml by mp

* Enhancement: misconfiguration/horde-unauthenticated.yaml by mp

* Enhancement: misconfiguration/horde-unauthenticated.yaml by mp

* Enhancement: misconfiguration/horde-unauthenticated.yaml by mp

* Enhancement: cves/2021/CVE-2021-40542.yaml by mp

* Enhancement: exposed-panels/apiman-panel.yaml by mp

* Enhancement: cves/2010/CVE-2010-1873.yaml by mp

* Enhancement: exposed-panels/arcgis/arcgis-panel.yaml by mp

* Enhancement: exposed-panels/arcgis/arcgis-rest-api.yaml by mp

* Enhancement: exposed-panels/argocd-login.yaml by mp

* Enhancement: exposed-panels/atlassian-crowd-panel.yaml by mp

* Enhancement: exposed-panels/atvise-login.yaml by mp

* Enhancement: exposed-panels/avantfax-panel.yaml by mp

* Enhancement: exposed-panels/avatier-password-management.yaml by mp

* Enhancement: exposed-panels/axigen-webadmin.yaml by mp

* Enhancement: exposed-panels/axigen-webmail.yaml by mp

* Enhancement: exposed-panels/azkaban-web-client.yaml by mp

* Enhancement: exposed-panels/acunetix-panel.yaml by mp

* Enhancement: exposed-panels/adiscon-loganalyzer.yaml by mp

* Enhancement: exposed-panels/adminer-panel.yaml by mp

* Enhancement: cves/2010/CVE-2010-1870.yaml by mp

* Enhancement: exposed-panels/adminset-panel.yaml by mp

* Enhancement: exposed-panels/adobe/adobe-component-login.yaml by mp

* Enhancement: exposed-panels/adobe/adobe-connect-central-login.yaml by mp

* Enhancement: exposed-panels/adobe/adobe-experience-manager-login.yaml by mp

* Enhancement: exposed-panels/adobe/adobe-media-server.yaml by mp

* Enhancement: exposed-panels/advance-setup.yaml by mp

* Enhancement: exposed-panels/aerohive-netconfig-ui.yaml by mp

* Enhancement: exposed-panels/aims-password-mgmt-client.yaml by mp

* Enhancement: exposed-panels/aims-password-mgmt-client.yaml by mp

* Enhancement: exposed-panels/aims-password-portal.yaml by mp

* Enhancement: exposed-panels/airflow-panel.yaml by mp

* Enhancement: exposed-panels/airflow-panel.yaml by mp

* spacing issues

* Spacing

* HTML codes improperly interpreted
Relocate horde-unauthenticated.yaml to CVE-2005-3344.yaml

* Relocate horde-unauthenticated.yaml to CVE-2005-3344.yaml

* Enhancement: technologies/waf-detect.yaml by mp

* Enhancement: vulnerabilities/wordpress/wordpress-wpcourses-info-disclosure.yaml by mp

* Enhancement: vulnerabilities/wordpress/wordpress-wpcourses-info-disclosure.yaml by mp

* Enhancement: network/sap-router-info-leak.yaml by mp

* Enhancement: vulnerabilities/wordpress/wordpress-wpcourses-info-disclosure.yaml by mp

* Enhancement: network/sap-router-info-leak.yaml by mp

* Enhancement: network/exposed-adb.yaml by mp

* Enhancement: vulnerabilities/vmware/vrealize-operations-log4j-rce.yaml by mp

* Enhancement: vulnerabilities/vmware/vrealize-operations-log4j-rce.yaml by mp

* Enhancement: vulnerabilities/vmware/vrealize-operations-log4j-rce.yaml by mp

* Enhancement: vulnerabilities/vmware/vrealize-operations-log4j-rce.yaml by mp

* Enhancement: vulnerabilities/wordpress/wordpress-woocommerce-sqli.yaml by mp

* Enhancement: exposures/tokens/digitalocean/tugboat-config-exposure.yaml by mp

* Enhancement: exposed-panels/concrete5/concrete5-install.yaml by mp

* Enhancement: vulnerabilities/wordpress/wordpress-infinitewp-auth-bypass.yaml by mp

* indentation issue

* Character encoding issue fix

* Enhancement: default-logins/alibaba/canal-default-login.yaml by mp

* Enhancement: default-logins/alphaweb/alphaweb-default-login.yaml by mp

* Enhancement: default-logins/ambari/ambari-default-login.yaml by mp

* Enhancement: default-logins/apache/airflow-default-login.yaml by mp

* Enhancement: default-logins/apache/apisix-default-login.yaml by mp

* Enhancement: default-logins/apollo/apollo-default-login.yaml by mp

* Enhancement: default-logins/arl/arl-default-login.yaml by mp

* Enhancement: default-logins/digitalrebar/digitalrebar-default-login.yaml by mp

* Enhancement: default-logins/mantisbt/mantisbt-default-credential.yaml by mp

* Enhancement: default-logins/stackstorm/stackstorm-default-login.yaml by mp

* Enhancement: dns/caa-fingerprint.yaml by mp

* Enhancement: exposed-panels/active-admin-exposure.yaml by mp

* Enhancement: exposed-panels/activemq-panel.yaml by mp

* Enhancement: default-logins/ambari/ambari-default-login.yaml by mp

* Restore & stomped by dashboard

* Enhancement: cves/2010/CVE-2010-1653.yaml by mp

* Enhancement: cves/2021/CVE-2021-38751.yaml by mp

* Enhancement: cves/2021/CVE-2021-39320.yaml by mp

* Enhancement: cves/2021/CVE-2021-39322.yaml by mp

* Enhancement: cves/2021/CVE-2021-39327.yaml by mp

* Enhancement: cves/2021/CVE-2021-39350.yaml by mp

* Enhancement: cves/2021/CVE-2021-39433.yaml by mp

* Enhancement: cves/2021/CVE-2021-41192.yaml by mp

* Enhancement: cnvd/2021/CNVD-2021-15824.yaml by mp

* Enhancement: exposed-panels/ansible-semaphore-panel.yaml by mp

* Enhancement: exposed-panels/aviatrix-panel.yaml by mp

* Enhancement: cves/2022/CVE-2022-24288.yaml by mp

* Enhancement: cves/2022/CVE-2022-24990.yaml by mp

* Enhancement: cves/2022/CVE-2022-26159.yaml by mp

* Enhancement: default-logins/aem/aem-default-login.yaml by mp

* Enhancement: exposed-panels/blue-iris-login.yaml by mp

* Enhancement: exposed-panels/bigbluebutton-login.yaml by mp

* Enhancement: cves/2022/CVE-2022-24288.yaml by mp

* Enhancement: cves/2022/CVE-2022-24990.yaml by mp

* Enhancement: cves/2022/CVE-2022-26159.yaml by mp

* Enhancement: default-logins/aem/aem-default-login.yaml by mp

* Spacing issues
Add cve-id field

* fix & stomping

* Enhancement: cves/2016/CVE-2016-1000141.yaml by mp

* Enhancement: cves/2020/CVE-2020-24912.yaml by mp

* Enhancement: cves/2021/CVE-2021-35265.yaml by mp

* Enhancement: cves/2022/CVE-2022-0437.yaml by mp

* Enhancement: cves/2010/CVE-2010-1601.yaml by mp

* Enhancement: technologies/teradici-pcoip.yaml by mp

* Enhancement: vulnerabilities/other/unauth-hoteldruid-panel.yaml by mp

* Enhancement: cves/2010/CVE-2010-1475.yaml by mp

* Enhancement: cves/2010/CVE-2010-1535.yaml by mp

* Enhancement: exposed-panels/epson-web-control-detect.yaml by mp

* Enhancement: exposed-panels/epson-access-detect.yaml by mp

* Enhancement: cves/2020/CVE-2020-29453.yaml by mp

* Fix spacing

Co-authored-by: sullo <sullo@cirt.net>
 2022-03-25 17:15:10 +05:30
Prince Chaddha a69887bb85
Update wordpress-wp-cron.yaml 2022-03-25 12:09:19 +05:30
sandeep 52d58896a1 fixed len condition 2022-03-24 18:23:32 +05:30
Prince Chaddha 3253a2a723
Update wordpress-wp-cron.yaml 2022-03-24 16:56:50 +05:30
Prince Chaddha 8956a91f51
Update wordpress-wp-cron.yaml 2022-03-24 16:23:59 +05:30
Prince Chaddha ad8b1a77c3
Update wordpress-wp-cron.yaml 2022-03-24 16:20:45 +05:30
Prince Chaddha b494dd3f94
Update wordpress-wp-cron.yaml 2022-03-24 14:49:46 +05:30
Pathtaga 122c200f76 Added wp-cron.php wordpress template 2022-03-23 18:20:58 +01:00
Prince Chaddha 95d9b7f30c
Merge pull request #3953 from projectdiscovery/regex-update 
Updated "/etc/passwd" regex to avoid possible false positive results.
 2022-03-23 00:23:06 +05:30
sandeep ec99241f0e Updated "/etc/passwd" regex to avoid possible false positive results. 2022-03-22 13:31:31 +05:30
Sandeep Singh c513d88d0d
Merge branch 'master' into rule-add-v102 2022-03-22 13:23:38 +05:30
MostInterestingBotInTheWorld 9663595dd1
Dashboard Text Enhancements (#3948) 
Dashboard content enhancements
 2022-03-21 23:48:47 -04:00
Prince Chaddha 0adf4452f8
Merge pull request #3934 from Akokonunes/patch-130 
Create huawei-hg255s-lfi.yaml
 2022-03-21 16:47:27 +05:30
Prince Chaddha 66927bff20
Update tekon-info-leak.yaml 2022-03-21 16:36:39 +05:30
Prince Chaddha c8118bc79f
Update and rename huawei-hg255s-lfi.yaml to vulnerabilities/huawei/huawei-hg255s-lfi.yaml 2022-03-20 13:14:34 +05:30
Sandeep Singh ec2246ee22
added confluence metadata and minor matcher updates (#3929) 2022-03-19 16:12:08 +05:30
sandeep 218b87a384 removing duplicate template 2022-03-18 21:09:34 +05:30
Muhammad Daffa b17a49d4e4
Create CNVD-2021-28277.yaml (#3892) 
* Create CNVD-2021-28277.yaml

* misc update

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
 2022-03-18 20:35:35 +05:30
Sandeep Singh 5e1fb187e4
Added negative content type check (#3932) 2022-03-18 19:52:29 +05:30
GwanYeong Kim bb7dbc4f0c Create tekon-info-leak.yaml 
A vulnerability in Tekon allows remote unauthenticated users to disclose the Log of the remote device.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
 2022-03-18 19:38:44 +09:00
Prince Chaddha fd3a1efd51
Update cache-poisoning.yaml 2022-03-17 16:49:43 +05:30
Adam Crosser aa47b1d97b
Added 23 Nuclei Templates (#3909) 
* Added 23 Nuclei Templates

* Update cofense-vision-detection.yml

* Update sophos-mobile-panel-detection.yml

* Update cofense-vision-detection.yml

* Update httpbin-open-redirect.yml

* Update httpbin-xss.yml

* Update ansible-semaphore-panel.yml

* Rename ansible-semaphore-panel.yml to ansible-semaphore-panel.yaml

* Update and rename avatier_password_management.yml to avatier-password-management.yaml

* Update and rename buddy-panel.yml to buddy-panel.yaml

* Update and rename buildbot-panel.yml to buildbot-panel.yaml

* Update and rename cofense-vision-detection.yml to cofense-vision-panel.yaml

* Update and rename concourse-ci-panel.yml to concourse-ci-panel.yaml

* Update and rename drone-ci-panel.yml to drone-ci-panel.yaml

* Update and rename flowci-detection.yml to flowci-panel.yaml

* Update and rename gradle-enterprise-build-cache-detect.yml to gradle-cache-node-detect.yaml

* Update and rename exposed-panels/gradle-cache-node-detect.yaml to exposed-panels/gradle/gradle-cache-node-detect.yaml

* Update and rename exposed-panels/gradle-enterprise-panel.yml to exposed-panels/gradle/gradle-enterprise-panel.yaml

* Update and rename httpbin-detection.yml to httpbin-panel.yaml

* Update and rename leostream-detection.yml to leostream-panel.yaml

* Delete redash-detection.yml

* Update and rename sophos-mobile-panel-detection.yml to sophos-mobile-panel.yaml

* Update and rename splunk-enterprise-login-panel.yml to splunk-enterprise-panel.yaml

* Update splunk-enterprise-panel.yaml

* Update and rename stridercd-detection.yml to stridercd-panel.yaml

* Update and rename zuul-panel.yml to zuul-panel.yaml

* Update and rename zentral-detection.yml to zentral-panel.yaml

* Update and rename api-fastly.yml to api-fastly.yaml

* Update and rename api-gitlab.yml to api-gitlab.yaml

* Update and rename httpbin-xss.yml to httpbin-xss.yaml

* Update and rename httpbin-open-redirect.yml to httpbin-open-redirect.yaml

* Update and rename log4j-code42-rce.yml to code42-log4j-rce.yaml

* minor matcher fixes

* added missing hostname variable

* meta data update

Co-authored-by: Prince Chaddha <prince@projectdiscovery.io>
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
 2022-03-16 18:47:58 +05:30
Prince Chaddha 9b0c2bb854
Update dzs-zoomsounds-listing.yaml 2022-03-15 17:21:27 +05:30
sandeep 795dbfdecc Added Kiwi TCMS JSON-RPC misconfig 2022-03-13 17:50:38 +05:30
Prince Chaddha 713c8d87cf
Merge pull request #3877 from projectdiscovery/dixell-xweb500-file-write 
Create dixell-xweb500-file-write.yaml
 2022-03-11 16:34:36 +05:30
Prince Chaddha 5bd8cb0f89
Update and rename dixell-xweb500-file-write.yaml to dixell-xweb500-filewrite.yaml 2022-03-11 16:30:02 +05:30
Prince Chaddha 030c9484b9
Update and rename unisharp-laravel-file-manager.yaml to laravel-filemanager-lfi.yaml 2022-03-11 15:57:07 +05:30
Prince Chaddha b7cc60c53d
Update dixell-xweb500-file-write.yaml 2022-03-11 02:00:55 +05:30
Prince Chaddha d7b8f35d9f
Create unisharp-laravel-file-manager.yaml 2022-03-11 02:00:23 +05:30
Prince Chaddha a5713235f2
Create dixell-xweb500-file-write.yaml 2022-03-11 01:57:31 +05:30
MostInterestingBotInTheWorld 21d872d42c
Merge branch 'projectdiscovery:master' into dashboard 2022-03-07 08:10:22 -05:00
sandeep ac26863c5d template id/name update 2022-03-07 15:46:57 +05:30
Surya 1b814c3d07
Create vrealize-operations-tenant-app-log4j-rce.yaml 2022-03-07 04:43:20 -05:00
sullo 6378a1ab1a Update CVSS information and text content 2022-03-04 15:58:39 -05:00
sandeep 3a6c69df71 template name updates 2022-03-04 22:12:30 +05:30
MostInterestingBotInTheWorld 66f1023114
Merge branch 'projectdiscovery:master' into dashboard 2022-03-03 08:52:54 -05:00
MostInterestingBotInTheWorld d5556d3a75 Enhancement: default-logins/cobbler/cobbler-default-login.yaml by mp 2022-03-03 08:27:48 -05:00
Prince Chaddha a05b7d098e
Merge pull request #3819 from manasmbellani/cisco-ucm-uds-api-userenum 
Cisco UCM UDS API Unauthenticated User Enumeration
 2022-03-03 17:02:46 +05:30
Prince Chaddha 869638c91a
Update and rename exposures/apis/cisco-ucm-uds-api-username-enumeration.yaml to vulnerabilities/cisco/cucm-username-enumeration.yaml 2022-03-03 17:00:45 +05:30
Prince Chaddha b0e13cb19d
Merge pull request #3791 from pussycat0x/master 
New Template Added
 2022-03-03 16:44:20 +05:30
Prince Chaddha a55ae538d1
Update and rename wordpress-plugins-dzs-zoomsounds.yaml to dzs-zoomsounds-listing.yaml 2022-03-03 16:42:30 +05:30
Prince Chaddha 64670366a1
Update and rename wordpress-plugins-qards.yaml to wp-qards-listing.yaml 2022-03-03 16:41:00 +05:30
Sandeep Singh cf9e3f95c3
Merge pull request #3814 from projectdiscovery/gitlab-meta-update 
GitLab metadata update
 2022-03-02 21:20:55 +05:30
sandeep 0a7ad17939 added optional extractor 2022-03-02 21:15:47 +05:30
MostInterestingBotInTheWorld 83d58c326f Enhancement: vulnerabilities/other/accent-microcomputers-lfi.yaml by mp 2022-03-02 10:11:09 -05:00
MostInterestingBotInTheWorld 3f18fe8d0b Enhancement: vulnerabilities/other/accent-microcomputers-lfi.yaml by mp 2022-03-02 09:52:59 -05:00
MostInterestingBotInTheWorld 3b031c3693 Enhancement: vulnerabilities/other/74cms-sqli.yaml by mp 2022-03-02 09:43:09 -05:00
sandeep 6d32b81b2a GitLab metadata update 2022-03-02 13:05:29 +05:30
MostInterestingBotInTheWorld a330bb78bb
Merge branch 'master' into dashboard 2022-02-28 17:21:32 -05:00
Prince Chaddha c77aab2078
Merge pull request #3794 from gy741/rule-add-v98 
Create microweber-xss.yaml
 2022-03-01 02:50:09 +05:30
Prince Chaddha 44a9163e54
Update microweber-xss.yaml 2022-03-01 02:47:11 +05:30
Prince Chaddha db7352c0ed
Merge pull request #3792 from DhiyaneshGeek/master 
Create wp-adaptive-xss.yaml
 2022-03-01 02:35:54 +05:30
Prince Chaddha dc6712dbf7
Update wp-adaptive-xss.yaml 2022-03-01 02:30:16 +05:30
MostInterestingBotInTheWorld 84bb70b326 Enhancement: vulnerabilities/mobileiron/mobileiron-log4j-jndi-rce.yaml by cs 2022-02-28 14:44:36 -05:00
MostInterestingBotInTheWorld 420a995b14 Enhancement: vulnerabilities/other/unauth-spark-api.yaml by cs 2022-02-28 14:17:05 -05:00
pussycat0x 6c2c496bac
Add files via upload 2022-02-28 22:29:32 +05:30
MostInterestingBotInTheWorld 07422cead6 Enhancement: vulnerabilities/oracle/oracle-siebel-xss.yaml by cs 2022-02-28 11:32:08 -05:00
sullo 73c4e88830 Rename vulnerabilities/wordpress/easy-wp-smtp-listing.yaml to CVE-2020-35234.yaml 2022-02-28 11:25:50 -05:00
sullo aa96f25eaf Merge branch 'dashboard' of https://github.com/MostInterestingBotInTheWorld/nuclei-templates into dashboard 2022-02-28 11:24:56 -05:00
sullo ea1601f72f Remove in favor of vulnerabilities/wordpress/easy-wp-smtp-listing.yaml, which will also be moved to CVE-2020-35234.yaml 2022-02-28 11:22:57 -05:00
MostInterestingBotInTheWorld 8210121d21 Enhancement: vulnerabilities/wordpress/easy-wp-smtp-listing.yaml by cs 2022-02-28 11:22:38 -05:00
MostInterestingBotInTheWorld 8c4759d292 Enhancement: vulnerabilities/wordpress/easy-wp-smtp-listing.yaml by cs 2022-02-28 11:21:11 -05:00
MostInterestingBotInTheWorld 8bee0e5934 Enhancement: vulnerabilities/wordpress/easy-wp-smtp-listing.yaml by cs 2022-02-28 11:19:29 -05:00
MostInterestingBotInTheWorld f18404302a
Dashboard Text Enhancement (#3798) 
Dashboard text enhancements
 2022-02-28 09:09:26 -05:00
GwanYeong Kim 1368ea9fe7 Create microweber-xss.yaml 
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
 2022-02-28 16:17:51 +09:00
sandeep 8abb5bf2c0 misc updates 2022-02-27 21:36:08 +05:30
Dhiyaneshwaran ad01679036
Create wp-adaptive-xss.yaml 2022-02-27 21:20:50 +05:30
sandeep fd7ac70096 misc updates 2022-02-27 16:25:03 +05:30
sandeep c07bd54967 payload fix 2022-02-25 17:28:47 +05:30
pussycat0x c8984f9266
Update qards-ssrf.yaml 2022-02-23 23:07:18 +05:30
pussycat0x 89823d95c7
Update qards-ssrf.yaml 2022-02-23 23:04:21 +05:30
pussycat0x 84f65110bd
Update qards-ssrf.yaml 2022-02-23 23:02:04 +05:30
pussycat0x 4be2ec8a81
Update qards-ssrf.yaml 2022-02-23 22:57:52 +05:30
pussycat0x b42e933514
Update qards-ssrf.yaml 2022-02-23 22:56:20 +05:30
pussycat0x e706030d5e
Add files via upload 2022-02-23 22:52:14 +05:30
Prince Chaddha 402cda8a0a
Merge pull request #3747 from Akokonunes/patch-120 
Create otobo-open-redirect.yaml
 2022-02-23 17:35:55 +05:30
Prince Chaddha b86641d6df
Update and rename otobo-open-redirect.yaml to vulnerabilities/other/otobo-open-redirect.yaml 2022-02-23 17:07:41 +05:30
sandeep 736e7427d6 added missing tags 2022-02-22 19:53:43 +05:30
sandeep 12bcede1ac template id update 2022-02-22 18:53:25 +05:30
Prince Chaddha 22f35f3e23
Merge pull request #3730 from DhiyaneshGeek/master 
10 New Wordpress Template
 2022-02-22 14:47:20 +05:30
Prince Chaddha d5b600a2a1
Merge pull request #3727 from evanRubinsteinIT/pollbot-redirect 
Added pollbot-redirect
 2022-02-22 13:56:25 +05:30
Prince Chaddha 9c089cd567
Update my-chatbot-xss.yaml 2022-02-22 13:52:36 +05:30
Prince Chaddha cdd7768f2f
Update and rename wp-mthemeunus-lfi.yaml to mthemeunus-lfi.yaml 2022-02-22 13:51:29 +05:30
Prince Chaddha bf0daa2650
Update elex-woocommerce-xss.yaml 2022-02-22 13:50:29 +05:30
Prince Chaddha 9771206e69
Update and rename vulnerabilities/easy-facebook-likebox-xss.yaml to vulnerabilities/wordpress/easy-social-feed.yaml 2022-02-22 13:46:16 +05:30
Prince Chaddha e944791ddb
Update feedwordpress-xss.yaml 2022-02-22 13:42:49 +05:30
Prince Chaddha f0823ebe1e
Update wp-whmcs-xss.yaml 2022-02-22 13:37:05 +05:30
Prince Chaddha ca58bd4714
Update and rename wp-accessibility-helper-xss.yaml to accessibility-helper-xss.yaml 2022-02-22 13:20:05 +05:30
Prince Chaddha 4731194ac2
Update pollbot-redirect.yaml 2022-02-22 12:01:20 +05:30
Prince Chaddha 2fb5401ddb
Update pollbot-redirect.yaml 2022-02-22 11:48:32 +05:30
Prince Chaddha 0672c4dc7d
Update goip-1-lfi.yaml 2022-02-22 11:38:07 +05:30
Dhiyaneshwaran 4006546b5c
Create easy-facebook-likebox-xss.yaml 2022-02-19 17:08:31 +05:30
Dhiyaneshwaran cb4cf6a176
Create elex-woocommerce-xss.yaml 2022-02-19 17:01:47 +05:30
Dhiyaneshwaran 5241045485
Create my-chatbot-xss.yaml 2022-02-19 16:59:51 +05:30
Dhiyaneshwaran a13bb3fa4e
Create feedwordpress-xss.yaml 2022-02-19 16:48:05 +05:30
Dhiyaneshwaran 9981421aab
Create wp-accessibility-helper-xss.yaml 2022-02-19 16:43:05 +05:30
Dhiyaneshwaran 9f75abc6f6
Create wp-whmcs-xss.yaml 2022-02-19 16:38:30 +05:30
Dhiyaneshwaran 4a9922a66b
Create wp-mthemeunus-lfi.yaml 2022-02-19 16:31:43 +05:30
Evan Rubinstein 21a267d106
Updated Template 2022-02-18 10:48:34 -05:00
Evan Rubinstein a536bb5087
Added pollbot-redirect 2022-02-18 10:39:04 -05:00
GwanYeong Kim a2cec40a5d Create goip-1-lfi.yaml 
Input passed thru the 'content' or 'sidebar' GET parameter in 'frame.html' or 'frame.A100.html' not properly sanitized before being used to read files. This can be exploited by an unauthenticated attacker to read arbitrary files on the affected system.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
 2022-02-18 21:33:17 +09:00
sandeep 6c726a373f template fixes 2022-02-18 12:05:33 +05:30
Prince Chaddha 7addac9e51
Merge pull request #3708 from evanRubinsteinIT/master 
Added critical yshaadmin path traveral vulnerability
 2022-02-17 01:09:57 +05:30
MostInterestingBotInTheWorld e5e0e1ebf4
Dashboard Content Enhancements (#3711) 
* Enhancement: cves/2010/CVE-2010-1353.yaml by mp

* Enhancement: cves/2010/CVE-2010-1352.yaml by mp

* Enhancement: cves/2010/CVE-2010-1345.yaml by mp

* Enhancement: cves/2010/CVE-2010-1340.yaml by mp

* Enhancement: cves/2010/CVE-2010-1345.yaml by mp

* Enhancement: cves/2010/CVE-2010-1315.yaml by mp

* Enhancement: cves/2010/CVE-2010-1314.yaml by mp

* Enhancement: cves/2010/CVE-2010-1313.yaml by mp

* Enhancement: cves/2010/CVE-2010-1312.yaml by mp

* Enhancement: cves/2010/CVE-2010-1308.yaml by mp

* Enhancement: cves/2010/CVE-2010-1307.yaml by mp

* Enhancement: cves/2010/CVE-2010-1306.yaml by mp

* Enhancement: cves/2010/CVE-2010-1305.yaml by mp

* Enhancement: cves/2010/CVE-2010-1304.yaml by mp

* Enhancement: cves/2010/CVE-2010-1302.yaml by mp

* Enhancement: cves/2010/CVE-2010-1219.yaml by mp

* Enhancement: cves/2010/CVE-2010-1352.yaml by mp

* Enhancement: cves/2010/CVE-2010-1354.yaml by mp

* Enhancement: cves/2010/CVE-2010-1461.yaml by mp

* Enhancement: cves/2010/CVE-2010-1469.yaml by mp

* Enhancement: cves/2010/CVE-2010-1470.yaml by mp

* Enhancement: cves/2010/CVE-2010-1471.yaml by mp

* Enhancement: cves/2010/CVE-2010-1472.yaml by mp

* Enhancement: cves/2010/CVE-2010-1473.yaml by mp

* Enhancement: cves/2010/CVE-2010-1474.yaml by mp

* Enhancement: cves/2010/CVE-2010-1475.yaml by mp

* Enhancement: cves/2010/CVE-2010-1476.yaml by mp

* Enhancement: cves/2010/CVE-2010-1478.yaml by mp

* Enhancement: cves/2010/CVE-2010-1491.yaml by mp

* Enhancement: cves/2010/CVE-2010-1494.yaml by mp

* Enhancement: cves/2010/CVE-2010-1495.yaml by mp

* Enhancement: cves/2010/CVE-2010-1531.yaml by mp

* Enhancement: cves/2010/CVE-2010-1473.yaml by mp

* Enhancement: misconfiguration/proxy/metadata-alibaba.yaml by cs

* Enhancement: misconfiguration/proxy/metadata-openstack.yaml by cs

* Enhancement: misconfiguration/proxy/metadata-oracle.yaml by cs

* Enhancement: cves/2016/CVE-2016-4975.yaml by cs

* Enhancement: misconfiguration/proxy/metadata-openstack.yaml by cs

* Enhancement: misconfiguration/proxy/metadata-oracle.yaml by cs

* Enhancement: misconfiguration/proxy/metadata-openstack.yaml by cs

* Enhancement: misconfiguration/proxy/metadata-digitalocean.yaml by cs

* Enhancement: misconfiguration/proxy/metadata-alibaba.yaml by cs

* Enhancement: misconfiguration/proxy/metadata-hetzner.yaml by cs

* Enhancement: misconfiguration/proxy/metadata-aws.yaml by cs

* Enhancement: misconfiguration/proxy/metadata-google.yaml by cs

* Enhancement: misconfiguration/proxy/metadata-azure.yaml by cs

* Enhancement: misconfiguration/proxy/open-proxy-localhost.yaml by cs

* Enhancement: misconfiguration/proxy/open-proxy-internal.yaml by cs

* Enhancement: cves/2021/CVE-2021-1497.yaml by cs

* Spacing fixes and enhancement to CNVD-2019-01348.yaml

* Spacing fixes, and enhancement to CNVD-2019-01348.yaml

* Merge artifact

* Spacing

* Minor tags cleanup

* Enhancement: cves/2010/CVE-2010-1532.yaml by mp

* Enhancement: cves/2010/CVE-2010-1533.yaml by mp

* Enhancement: cves/2010/CVE-2010-1534.yaml by mp

* Enhancement: cves/2010/CVE-2010-1535.yaml by mp

* Enhancement: cves/2010/CVE-2010-1540.yaml by mp

* Enhancement: cves/2010/CVE-2010-1601.yaml by mp

* Enhancement: cves/2010/CVE-2010-1602.yaml by mp

* Enhancement: cves/2010/CVE-2010-1603.yaml by mp

* Enhancement: cves/2010/CVE-2010-1607.yaml by mp

* Enhancement: cves/2010/CVE-2010-1653.yaml by mp

* Enhancement: cves/2010/CVE-2010-1657.yaml by mp

* Enhancement: cves/2010/CVE-2010-1657.yaml by mp

* Enhancement: cves/2010/CVE-2010-1658.yaml by mp

* Enhancement: cves/2010/CVE-2010-1659.yaml by mp

* Enhancement: cves/2010/CVE-2010-1714.yaml by mp

* Enhancement: cves/2010/CVE-2010-1715.yaml by mp

* Enhancement: cves/2010/CVE-2010-1532.yaml by mp

* Enhancement: cves/2010/CVE-2010-1533.yaml by mp

* Enhancement: cves/2010/CVE-2010-1534.yaml by mp

* Enhancement: cves/2010/CVE-2010-1534.yaml by mp

* Enhancement: cves/2010/CVE-2010-1535.yaml by mp

* Enhancement: cves/2010/CVE-2010-1540.yaml by mp

* Enhancement: cves/2010/CVE-2010-1540.yaml by mp

* Enhancement: cves/2010/CVE-2010-1717.yaml by mp

* Enhancement: cves/2010/CVE-2010-1718.yaml by mp

* Enhancement: cves/2010/CVE-2010-1719.yaml by mp

* Enhancement: cves/2010/CVE-2010-1722.yaml by mp

* Enhancement: cves/2010/CVE-2010-1723.yaml by mp

* Enhancement: cves/2010/CVE-2010-1858.yaml by mp

* Enhancement: cves/2010/CVE-2010-1873.yaml by mp

* Enhancement: cves/2010/CVE-2010-1870.yaml by mp

* Enhancement: cves/2010/CVE-2010-1875.yaml by mp

* Enhancement: cves/2010/CVE-2010-1878.yaml by mp

* Enhancement: cves/2010/CVE-2010-1952.yaml by mp

* Enhancement: cves/2010/CVE-2010-1953.yaml by mp

* Enhancement: cves/2010/CVE-2010-1954.yaml by mp

* Enhancement: cves/2010/CVE-2010-1955.yaml by mp

* Enhancement: cves/2010/CVE-2010-1956.yaml by mp

* Information Enhancements

Co-authored-by: sullo <sullo@cirt.net>
 2022-02-16 04:17:54 +05:30
Sandeep Singh f705c2debd
removing duplicate template 2022-02-15 23:43:06 +05:30
Prince Chaddha 7bf3ac584c
Merge pull request #3695 from DhiyaneshGeek/master 
17 New Wordpress Templates
 2022-02-15 18:35:47 +05:30
Prince Chaddha be309f08e0
Update and rename yshaadmin-traversal.yaml to yishaadmin-lfi.yaml 2022-02-15 18:33:24 +05:30
Prince Chaddha 06b34a62f6
Update elementorpage-open-redirect.yaml 2022-02-15 18:25:04 +05:30
Prince Chaddha 4fb33627d4
Update and rename wp-cherry-lfi.yaml to cherry-lfi.yaml 2022-02-15 17:36:09 +05:30
Prince Chaddha e39e61ac5d
Update and rename wp-sniplets-xss.yaml to sniplets-xss.yaml 2022-02-15 17:35:52 +05:30
Prince Chaddha 5e6b000e40
Update and rename wp-sniplets-lfi.yaml to sniplets-lfi.yaml 2022-02-15 17:33:40 +05:30
Prince Chaddha a61b1da563
Update and rename wp-simple-image-manipulator-lfi.yaml to simple-image-manipulator-lfi.yaml 2022-02-15 17:26:32 +05:30
Prince Chaddha d73c5da442
Update and rename wp-hide-security-enhancer-lfi.yaml to hide-security-enhancer-lfi.yaml 2022-02-15 17:19:32 +05:30
Prince Chaddha 110a51a0f1
Update and rename wp-hb-audio-lfi.yaml to hb-audio-lfi.yaml 2022-02-15 17:09:31 +05:30
Prince Chaddha 19fe0f80be
Update wp-cherry-lfi.yaml 2022-02-15 16:59:08 +05:30
Prince Chaddha df3b03f2f9
Update webp-coverter-open-redirect.yaml 2022-02-15 16:52:00 +05:30
Prince Chaddha 6be4e7d1d3
Update shortcode-lfi.yaml 2022-02-15 16:48:20 +05:30
Prince Chaddha 196f4449d9
Update noptin-open-redirect.yaml 2022-02-15 16:44:37 +05:30
Prince Chaddha 5d259e4321
Update ninjaform-open-redirect.yaml 2022-02-15 16:40:56 +05:30
Prince Chaddha fea65848db
Update newsletter-open-redirect.yaml 2022-02-15 16:33:09 +05:30
Evan Rubinstein 22d14023a7
Update yshaadmin-traversal.yaml 2022-02-14 23:53:28 -05:00
Evan Rubinstein 5fcaefe315
Added yshaadmin path traversal vulnerability 2022-02-14 23:48:57 -05:00
Evan Rubinstein b9efa77da3
Merge branch 'projectdiscovery:master' into master 2022-02-14 23:47:10 -05:00
Prince Chaddha 2d745615c5
Update music-store-open-redirect.yaml 2022-02-15 03:10:01 +05:30
Prince Chaddha 94005a6d19
Update and rename eventticket-open-redirect.yaml to eventtickets-open-redirect.yaml 2022-02-15 02:58:41 +05:30
Prince Chaddha bf00922a03
Update elementorpage-open-redirect.yaml 2022-02-15 02:54:12 +05:30
Prince Chaddha f637184495
Update db-backup-lfi.yaml 2022-02-15 02:51:49 +05:30
Prince Chaddha 465eb0c54d
Update and rename churchope-application-lfi.yaml to churchope-lfi.yaml 2022-02-15 02:50:20 +05:30
Prince Chaddha 16193a60ee
Update candidate-application-lfi.yaml 2022-02-15 02:47:56 +05:30
Prince Chaddha 6c6b4e7270
Merge pull request #3700 from Akokonunes/patch-116 
Create kyocera-rx-ecosys-m2035dn-lfi.yaml
 2022-02-15 02:16:54 +05:30
Prince Chaddha 1f1b03ba67
Update and rename kyocera-rx-ecosys-m2035dn-lfi.yaml to vulnerabilities/other/kyocera-m2035dn-lfi.yaml 2022-02-15 02:10:30 +05:30
Prince Chaddha f8a52f9be2
Update nuuno-network-login.yaml (#3701) 
* Update nuuno-network-login.yaml

* Update panasonic-network-management.yaml

* Update cisco-network-config.yaml

* Update emerson-power-panel.yaml

* Update unifi-network-log4j-rce.yaml
 2022-02-14 19:53:51 +05:30
Dhiyaneshwaran da6691f067
Create wp-cherry-lfi.yaml 2022-02-12 23:48:31 +05:30
Dhiyaneshwaran 150da05a81
Create wp-hb-audio-lfi.yaml 2022-02-12 23:46:52 +05:30
Dhiyaneshwaran fc660ec0db
Create wp-simple-image-manipulator-lfi.yaml 2022-02-12 23:44:11 +05:30
Dhiyaneshwaran bcbe4dabff
Create wp-sniplets-xss.yaml 2022-02-12 23:40:42 +05:30