Prince Chaddha
9a702c2c16
Create CVE-2021-34640.yaml
2022-02-05 00:49:25 +05:30
Prince Chaddha
d4b4e69752
Create CVE-2021-24510.yaml
2022-02-05 00:48:10 +05:30
Prince Chaddha
dbfa7efae0
Create CVE-2021-20792.yaml
2022-02-05 00:46:00 +05:30
sullo
8461d21658
Remove trailing spaces
2022-02-04 14:09:21 -05:00
Prince Chaddha
685495df91
Update CVE-2021-20158.yaml
2022-02-04 23:31:10 +05:30
GwanYeong Kim
fcc39f52ee
Create CVE-2021-20158.yaml
...
Trendnet AC2600 TEW-827DRU version 2.08B01 contains an authentication bypass vulnerability. It is possible for an unauthenticated, malicous actor to force the change of the admin password due to a hidden administrative command.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2022-02-05 01:29:16 +09:00
MostInterestingBotInTheWorld
811dc2d70e
Enhancement: cves/2021/CVE-2021-26855.yaml by mp
2022-02-04 11:13:25 -05:00
MostInterestingBotInTheWorld
163ae2f24e
Merge branch 'projectdiscovery:master' into dashboard
2022-02-04 09:19:12 -05:00
Prince Chaddha
480dea094b
Update CVE-2021-20150.yaml
2022-02-04 01:20:39 +05:30
Prince Chaddha
f846faa127
Update CVE-2021-20150.yaml
2022-02-04 01:13:30 +05:30
Prince Chaddha
d2e4be88e6
Update CVE-2021-20150.yaml
2022-02-04 01:13:00 +05:30
GwanYeong Kim
bc87c82d9b
Create CVE-2021-20150.yaml
...
Trendnet AC2600 TEW-827DRU version 2.08B01 improperly discloses information via redirection from the setup wizard. Authentication can be bypassed and a user may view information as Admin by manually browsing to the setup wizard and forcing it to redirect to the desired page.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2022-02-03 18:06:04 +09:00
Prince Chaddha
99931f2e0b
Merge pull request #3651 from dwisiswant0/add/CVE-2021-32853
...
Add CVE-2021-32853
2022-02-03 02:16:08 +05:30
Prince Chaddha
b023c8206e
Update CVE-2021-32853.yaml
2022-02-03 02:14:21 +05:30
Prince Chaddha
9f63a2f4fb
Update CVE-2021-32853.yaml
2022-02-03 02:06:26 +05:30
Prince Chaddha
110704dd3e
Update CVE-2021-32853.yaml
2022-02-03 02:01:24 +05:30
Prince Chaddha
6c39177ddc
Delete CVE-2021-32818.yaml
2022-02-03 01:11:45 +05:30
MostInterestingBotInTheWorld
0d1f876866
Enhancement: cves/2021/CVE-2021-37538.yaml by mp
2022-02-02 12:15:24 -05:00
Sandeep Singh
633205a001
Update CVE-2021-32853.yaml
2022-02-02 13:56:12 +05:30
Dwi Siswanto
940db2f928
Add CVE-2021-32853
2022-02-02 13:27:36 +07:00
Prince Chaddha
cf9821e3b1
Update CVE-2021-26247.yaml
2022-02-02 00:48:29 +05:30
GitHub Action
8868b0f56b
Auto Generated CVE annotations [Tue Feb 1 06:10:46 UTC 2022] 🤖
2022-02-01 06:10:46 +00:00
Dhiyaneshwaran
a5bd8630c8
Create CVE-2021-32818.yaml
2022-02-01 11:39:12 +05:30
GitHub Action
a18a19ff3c
Auto Generated CVE annotations [Tue Feb 1 06:06:15 UTC 2022] 🤖
2022-02-01 06:06:15 +00:00
Dhiyaneshwaran
bcc7113677
Create CVE-2021-26247.yaml
2022-02-01 11:34:51 +05:30
Prince Chaddha
8efaa0754e
Merge pull request #3633 from cckuailong/master
...
add CVE-2021-46005 (Sourcecodester Car Rental Management System 1.0 - Stored XSS)
2022-01-31 23:38:53 +05:30
Prince Chaddha
cd221355ee
Update CVE-2021-46005.yaml
2022-01-31 23:34:34 +05:30
Prince Chaddha
fb48b67f39
Update CVE-2021-46005.yaml
2022-01-31 23:29:36 +05:30
Roberto Nunes
9c4df9e91a
Create CVE-2021-25864.yaml ( #3631 )
...
* Create CVE-2021-25864.yaml
* moving template to cves folder
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-01-31 14:36:37 +05:30
Sandeep Singh
cfb6fff36d
removing trailing spaces
2022-01-29 19:24:58 +05:30
cckuailong
80b60ef829
add CVE-2021-46005
2022-01-29 21:22:44 +08:00
GitHub Action
7ce2191287
Auto Generated CVE annotations [Fri Jan 28 09:01:49 UTC 2022] 🤖
2022-01-28 09:01:49 +00:00
Prince Chaddha
850ae90f55
Update CVE-2021-45380.yaml
2022-01-28 10:59:21 +05:30
PikPikcU
4beabd88f9
Create CVE-2021-45380.yaml
2022-01-27 13:40:43 -05:00
GitHub Action
4bd8b86a3e
Auto Generated CVE annotations [Thu Jan 27 10:22:20 UTC 2022] 🤖
2022-01-27 10:22:20 +00:00
Sandeep Singh
53da8a8206
Added CVE-2021-21973 ( #3615 )
...
* Added CVE-2021-21973
* minor update
2022-01-27 15:50:44 +05:30
GitHub Action
3a1d847b57
Auto Generated CVE annotations [Wed Jan 26 17:59:10 UTC 2022] 🤖
2022-01-26 17:59:10 +00:00
Smaran Chand
0babc27b75
Added elFinder filemanger exposed ( #3602 )
...
* Added elFinder filemanger exposed
* Template name / id update + more reference
* template name update
* matcher update
* Modified the matcher.
* minor updates
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-01-26 23:27:45 +05:30
Sullo
9a8482172d
Remove:
...
- various nonstandard ascii chars in favor of the standard ones (mostly quotes)
- spaces after : in some files
2022-01-25 14:38:53 -05:00
GitHub Action
173f0ef2d3
Auto Generated CVE annotations [Tue Jan 25 16:51:00 UTC 2022] 🤖
2022-01-25 16:51:00 +00:00
Sandeep Singh
4401b9ebe9
Merge pull request #3599 from projectdiscovery/CVE-2021-24838
...
Added CVE-2021-24838
2022-01-25 22:19:30 +05:30
Sandeep Singh
494a80799c
Merge pull request #3600 from MostInterestingBotInTheWorld/dashboard
...
Enhancement: cves/2021/CVE-2021-29156.yaml by cs
2022-01-25 22:09:27 +05:30
sandeep
8c7ec49185
lint fix
2022-01-25 22:08:01 +05:30
sandeep
47e34dba46
Added CVE-2021-24838
2022-01-25 17:14:00 +05:30
Prince Chaddha
6a2ff6f09e
Update CVE-2021-39350.yaml
2022-01-25 17:08:01 +05:30
GwanYeong Kim
67b2955d98
Create CVE-2021-39350.yaml
...
The FV Flowplayer Video Player WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the player_id parameter found in the ~/view/stats.php file which allows attackers to inject arbitrary web scripts, in versions 7.5.0.727 - 7.5.2.727.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2022-01-25 17:31:13 +09:00
Prince Chaddha
25e3537212
Update CVE-2021-43810.yaml
2022-01-25 12:34:20 +05:30
GwanYeong Kim
c368e33117
Create CVE-2021-43810.yaml
...
Admidio is a free open source user management system for websites of organizations and groups. A cross-site scripting vulnerability is present in Admidio prior to version 4.0.12. The Reflected XSS vulnerability occurs because redirect.php does not properly validate the value of the url parameter. Through this vulnerability, an attacker is capable to execute malicious scripts. This issue is patched in version 4.0.12.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2022-01-25 13:55:34 +09:00
MostInterestingBotInTheWorld
44d23ef3eb
Enhancement: cves/2021/CVE-2021-29156.yaml by cs
2022-01-24 13:45:03 -05:00
GitHub Action
f882764c9b
Auto Generated CVE annotations [Mon Jan 24 07:12:56 UTC 2022] 🤖
2022-01-24 07:12:56 +00:00
Prince Chaddha
fa30e05f61
Merge pull request #3586 from V35HR4J/master
...
Create CVE-2021-39433.yaml
2022-01-24 12:40:15 +05:30
Prince Chaddha
03697ed21a
Update CVE-2021-39433.yaml
2022-01-24 12:28:03 +05:30
Veshraj Ghimire
df907cc2e3
Create CVE-2021-39433.yaml
2022-01-23 21:00:30 +05:45
Prince Chaddha
1d15a5464a
Update CVE-2021-24750.yaml
2022-01-23 14:51:25 +05:30
Prince Chaddha
3c9e02150d
Update CVE-2021-24750.yaml
2022-01-23 14:39:38 +05:30
Prince Chaddha
75184ca383
Update CVE-2021-24750.yaml
2022-01-23 14:38:12 +05:30
cckuailong
dad34d012c
add CVE-2021-24750
2022-01-23 13:17:20 +08:00
sandeep
2a8d8e1095
more updates
2022-01-22 23:27:52 +05:30
sandeep
6b14c6c6fc
CVE-2021-40438 update
2022-01-22 23:18:07 +05:30
Sandeep Singh
1b0c7f1b7f
CVE-2021-22205 update ( #3568 )
...
*moved cves/2021/CVE-2021-22205.yaml to vulnerabilities/gitlab/gitlab-rce.yaml
*template extension update + added missing severity + misc updates
2022-01-20 14:25:57 +05:30
Greg Johnson
e0a2d35a8d
add passive fingerprinting template for CVE-2021-22205 ( #3565 )
...
Co-authored-by: Greg Johnson (codeEmitter) <gjohnson@gitlab.com>
2022-01-20 14:12:37 +05:30
pussycat0x
650a38ffde
Qualcomm 4G LTE WiFi VoIP-Router ( #3555 )
...
* Add files via upload
* Auto Generated CVE annotations [Mon Jan 17 16:05:35 UTC 2022] 🤖
* Update CVE-2021-44528.yaml
* Update CVE-2021-45232.yaml
* Add files via upload
* removing duplicate template
* moving template around
* template fix
Co-authored-by: GitHub Action <action@github.com>
Co-authored-by: Prince Chaddha <prince@projectdiscovery.io>
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-01-19 13:33:34 +05:30
sandeep
e51d401214
template fix
2022-01-19 13:32:16 +05:30
sandeep
fd023b42a8
Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates into pr/3550
2022-01-19 13:25:06 +05:30
Roberto Nunes
2cadf76241
Create CVE-2021-32618.yaml ( #3546 )
...
* Create CVE-2021-32618.yaml
* Update and rename CVE-2021-32618.yaml to cves/2021/CVE-2021-32618.yaml
* matcher update
Co-authored-by: Prince Chaddha <prince@projectdiscovery.io>
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-01-18 12:51:00 +05:30
GitHub Action
2c250d66c7
Auto Generated CVE annotations [Tue Jan 18 05:22:01 UTC 2022] 🤖
2022-01-18 05:22:01 +00:00
Dwi Siswanto
b8dabfbcbb
Add CVE-2021-20038 ( #3542 )
...
* Add CVE-2021-20038
* misc: Update author
2022-01-18 10:50:14 +05:30
Prince Chaddha
bc5fba6fbf
Update CVE-2021-45232.yaml
2022-01-17 22:20:44 +05:30
Prince Chaddha
f988ad8ff4
Update CVE-2021-44528.yaml
2022-01-17 22:19:22 +05:30
GitHub Action
4f81203546
Auto Generated CVE annotations [Mon Jan 17 16:05:35 UTC 2022] 🤖
2022-01-17 16:05:35 +00:00
Patrick
1086ca1a30
added template for CVE-2021-42551 ( #3541 )
...
* added template for CVE-2021-42551
* Update CVE-2021-42551.yaml
* Update CVE-2021-42551.yaml
* unbricked CVE-2021-42551
* additional page specific matcher
Co-authored-by: Patrick <patrick.schmid@redguard.ch>
Co-authored-by: Prince Chaddha <prince@projectdiscovery.io>
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-01-16 19:01:29 +05:30
gy741
e5958c1364
Update tags ( #3538 )
2022-01-16 02:08:21 +05:30
GitHub Action
d5e2eb7d41
Auto Generated CVE annotations [Sat Jan 15 19:05:39 UTC 2022] 🤖
2022-01-15 19:05:39 +00:00
GitHub Action
bc3fa19859
Auto Generated CVE annotations [Thu Jan 13 05:21:21 UTC 2022] 🤖
2022-01-13 05:21:21 +00:00
Muhammad Daffa
64cf0fa4ba
Rename maian cart rce ( #3532 )
...
* Update and rename vulnerabilities/other/maian-cart-preauth-rce.yaml to cves/2021/CVE-2021-32172.yaml
* Update CVE-2021-32172.yaml
Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
2022-01-13 10:48:51 +05:30
sandeep
5c471a6168
removing duplicate template
2022-01-12 17:28:47 +05:30
Prince Chaddha
a53ae7b694
Merge pull request #3518 from gy741/rule-add-v85
...
Create CVE-2021-20167.yaml
2022-01-11 14:54:05 +05:30
GitHub Action
c40624e7d9
Auto Generated CVE annotations [Tue Jan 11 08:57:41 UTC 2022] 🤖
2022-01-11 08:57:41 +00:00
Prince Chaddha
70677b3b5a
Update CVE-2021–20837.yaml
2022-01-11 14:12:04 +05:30
Prince Chaddha
9afd4bcfd8
Update CVE-2021-20167.yaml
2022-01-11 13:57:07 +05:30
GwanYeong Kim
d772fd884b
Create CVE-2021-20167.yaml
...
This vulnerability uses a combination of CVE-2021-20166 and CVE-2021-20167. Netgear RAX43 version 1.0.3.96 contains a command injection and authbypass vulnerability. The readycloud cgi application is vulnerable to command injection in the name parameter. and The URL parsing functionality in the cgi-bin endpoint of the router containers a buffer overrun issue that can redirection control flow of the applicaiton.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2022-01-11 15:00:56 +09:00
PikPikcU
83e431802e
Create CVE-2021–20837.yaml
2022-01-10 21:44:31 -05:00
Roberto Nunes
484d77de7c
Create CVE-2021-39501.yaml ( #3501 )
...
* Create CVE-2021-39501.yaml
* moving template to cves directory
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-01-08 17:00:19 +05:30
GitHub Action
451313a0af
Auto Generated CVE annotations [Sat Jan 8 10:57:43 UTC 2022] 🤖
2022-01-08 10:57:43 +00:00
JAS-37
0c7d13d152
add CVE-2021-31862 template ( #3491 )
...
* add CVE-2021-31862 template
* updated matchers
* Added SysAid panel + workflow
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-01-07 13:28:38 +05:30
Aaron Chen
d0f71c6d1b
Update CVE-2021-31589.yaml ( #3489 )
2022-01-06 12:05:23 +05:30
Ahmed Aboul-Ela
f279bd78d1
Add CVE-2021-31589 ( #3486 )
...
* Add CVE-2021-31589
Committer: Ahmed Aboul-Ela <ahmed.aboul3la@gmail.com>
* lint fixes
* updated matchers
* Added metadata
* Added Bomgar Login Panel detection
* Added Bomgar workflow
* Added favicon detection
Co-authored-by: Ahmed Aboul-Ela <ahmed@secgeek.local>
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-01-05 18:39:53 +05:30
Prince Chaddha
a9ef4d2612
Merge pull request #3480 from gy741/rule-add-v81
...
Create CVE-2021-21881.yaml
2022-01-05 13:01:57 +05:30
Prince Chaddha
fefd3343eb
Update CVE-2021-21881.yaml
2022-01-05 13:00:40 +05:30
Prince Chaddha
616bea3a88
Update CVE-2021-21881.yaml
2022-01-05 12:59:27 +05:30
Pathtaga
e281e5bf88
Updated all templates tags with technologies ( #3478 )
...
* Updated tags for template sonicwall-email-security-detect.yaml
* Updated tags for template detect-sentry.yaml
* Updated tags for template kong-detect.yaml
* Updated tags for template openam-detect.yaml
* Updated tags for template shiro-detect.yaml
* Updated tags for template iplanet-web-server.yaml
* Updated tags for template graylog-api-browser.yaml
* Updated tags for template prtg-detect.yaml
* Updated tags for template node-red-detect.yaml
* Updated tags for template abyss-web-server.yaml
* Updated tags for template geo-webserver.yaml
* Updated tags for template autobahn-python-detect.yaml
* Updated tags for template default-lighttpd-page.yaml
* Updated tags for template microsoft-iis-8.yaml
* Updated tags for template lucee-detect.yaml
* Updated tags for template php-proxy-detect.yaml
* Updated tags for template jenkins-detect.yaml
* Updated tags for template cockpit-detect.yaml
* Updated tags for template csrfguard-detect.yaml
* Updated tags for template dwr-index-detect.yaml
* Updated tags for template netsweeper-webadmin-detect.yaml
* Updated tags for template weblogic-detect.yaml
* Updated tags for template s3-detect.yaml
* Updated tags for template tileserver-gl.yaml
* Updated tags for template springboot-actuator.yaml
* Updated tags for template terraform-detect.yaml
* Updated tags for template redmine-cli-detect.yaml
* Updated tags for template mrtg-detect.yaml
* Updated tags for template tableau-server-detect.yaml
* Updated tags for template magmi-detect.yaml
* Updated tags for template oidc-detect.yaml
* Updated tags for template tor-socks-proxy.yaml
* Updated tags for template synology-web-station.yaml
* Updated tags for template herokuapp-detect.yaml
* Updated tags for template gunicorn-detect.yaml
* Updated tags for template sql-server-reporting.yaml
* Updated tags for template google-bucket-service.yaml
* Updated tags for template kubernetes-mirantis.yaml
* Updated tags for template kubernetes-enterprise-manager.yaml
* Updated tags for template oracle-iplanet-web-server.yaml
* Updated tags for template dell-idrac7-detect.yaml
* Updated tags for template dell-idrac6-detect.yaml
* Updated tags for template dell-idrac9-detect.yaml
* Updated tags for template dell-idrac8-detect.yaml
* Updated tags for template apache-guacamole.yaml
* Updated tags for template aws-cloudfront-service.yaml
* Updated tags for template aws-bucket-service.yaml
* Updated tags for template nginx-linux-page.yaml
* Updated tags for template telerik-fileupload-detect.yaml
* Updated tags for template telerik-dialoghandler-detect.yaml
* Updated tags for template htaccess-config.yaml
* Updated tags for template microsoft-azure-error.yaml
* Updated tags for template detect-options-method.yaml
* Updated tags for template unpatched-coldfusion.yaml
* Updated tags for template moodle-changelog.yaml
* Updated tags for template detect-dns-over-https.yaml
* Updated tags for template CVE-2019-19134.yaml
* Updated tags for template CVE-2019-3929.yaml
* Updated tags for template CVE-2019-19908.yaml
* Updated tags for template CVE-2019-10475.yaml
* Updated tags for template CVE-2019-17382.yaml
* Updated tags for template CVE-2019-16332.yaml
* Updated tags for template CVE-2019-14974.yaml
* Updated tags for template CVE-2019-19368.yaml
* Updated tags for template CVE-2019-12725.yaml
* Updated tags for template CVE-2019-15501.yaml
* Updated tags for template CVE-2019-9733.yaml
* Updated tags for template CVE-2019-14322.yaml
* Updated tags for template CVE-2019-9955.yaml
* Updated tags for template CVE-2019-0230.yaml
* Updated tags for template CVE-2019-10232.yaml
* Updated tags for template CVE-2019-17506.yaml
* Updated tags for template CVE-2019-8449.yaml
* Updated tags for template CVE-2019-12593.yaml
* Updated tags for template CVE-2019-10092.yaml
* Updated tags for template CVE-2019-1821.yaml
* Updated tags for template CVE-2019-3401.yaml
* Updated tags for template CVE-2019-16662.yaml
* Updated tags for template CVE-2019-5418.yaml
* Updated tags for template CVE-2016-4975.yaml
* Updated tags for template CVE-2016-1000137.yaml
* Updated tags for template CVE-2016-7552.yaml
* Updated tags for template CVE-2016-10956.yaml
* Updated tags for template CVE-2016-1000146.yaml
* Updated tags for template CVE-2013-2251.yaml
* Updated tags for template CVE-2013-1965.yaml
* Updated tags for template CVE-2014-2323.yaml
* Updated tags for template CVE-2014-5111.yaml
* Updated tags for template CVE-2014-2962.yaml
* Updated tags for template CVE-2014-4561.yaml
* Updated tags for template CVE-2014-4558.yaml
* Updated tags for template CVE-2014-3120.yaml
* Updated tags for template CVE-2007-5728.yaml
* Updated tags for template CVE-2009-4679.yaml
* Updated tags for template CVE-2009-1558.yaml
* Updated tags for template CVE-2009-4202.yaml
* Updated tags for template CVE-2009-0932.yaml
* Updated tags for template CVE-2015-2068.yaml
* Updated tags for template CVE-2015-8813.yaml
* Updated tags for template CVE-2015-7450.yaml
* Updated tags for template CVE-2015-2067.yaml
* Updated tags for template CVE-2015-3306.yaml
* Updated tags for template CVE-2015-3337.yaml
* Updated tags for template CVE-2015-1427.yaml
* Updated tags for template CVE-2015-1503.yaml
* Updated tags for template CVE-2015-1880.yaml
* Updated tags for template CVE-2018-3810.yaml
* Updated tags for template CVE-2018-18069.yaml
* Updated tags for template CVE-2018-17246.yaml
* Updated tags for template CVE-2018-10141.yaml
* Updated tags for template CVE-2018-16341.yaml
* Updated tags for template CVE-2018-18777.yaml
* Updated tags for template CVE-2018-15138.yaml
* Updated tags for template CVE-2018-11784.yaml
* Updated tags for template CVE-2018-16299.yaml
* Updated tags for template CVE-2018-7251.yaml
* Updated tags for template CVE-2018-1273.yaml
* Updated tags for template CVE-2018-1271.yaml
* Updated tags for template CVE-2018-11759.yaml
* Updated tags for template CVE-2018-3167.yaml
* Updated tags for template CVE-2018-7490.yaml
* Updated tags for template CVE-2018-2628.yaml
* Updated tags for template CVE-2018-13380.yaml
* Updated tags for template CVE-2018-2893.yaml
* Updated tags for template CVE-2018-5316.yaml
* Updated tags for template CVE-2018-20985.yaml
* Updated tags for template CVE-2018-10818.yaml
* Updated tags for template CVE-2018-1000861.yaml
* Updated tags for template CVE-2018-0296.yaml
* Updated tags for template CVE-2018-19458.yaml
* Updated tags for template CVE-2018-3760.yaml
* Updated tags for template CVE-2018-12998.yaml
* Updated tags for template CVE-2018-9118.yaml
* Updated tags for template CVE-2018-1000130.yaml
* Updated tags for template CVE-2008-6668.yaml
* Updated tags for template CVE-2017-7269.yaml
* Updated tags for template CVE-2017-1000170.yaml
* Updated tags for template CVE-2017-16877.yaml
* Updated tags for template CVE-2017-1000486.yaml
* Updated tags for template CVE-2017-9822.yaml
* Updated tags for template CVE-2017-0929.yaml
* Updated tags for template CVE-2017-7921.yaml
* Updated tags for template CVE-2017-14535.yaml
* Updated tags for template CVE-2017-5521.yaml
* Updated tags for template CVE-2017-12637.yaml
* Updated tags for template CVE-2017-12635.yaml
* Updated tags for template CVE-2017-11610.yaml
* Updated tags for template CVE-2021-20114.yaml
* Updated tags for template CVE-2021-40856.yaml
* Updated tags for template CVE-2021-21972.yaml
* Updated tags for template CVE-2021-31602.yaml
* Updated tags for template CVE-2021-41773.yaml
* Updated tags for template CVE-2021-37704.yaml
* Updated tags for template CVE-2021-45046.yaml
* Updated tags for template CVE-2021-26084.yaml
* Updated tags for template CVE-2021-27931.yaml
* Updated tags for template CVE-2021-24291.yaml
* Updated tags for template CVE-2021-41648.yaml
* Updated tags for template CVE-2021-37216.yaml
* Updated tags for template CVE-2021-22005.yaml
* Updated tags for template CVE-2021-37573.yaml
* Updated tags for template CVE-2021-31755.yaml
* Updated tags for template CVE-2021-43287.yaml
* Updated tags for template CVE-2021-24274.yaml
* Updated tags for template CVE-2021-33564.yaml
* Updated tags for template CVE-2021-22145.yaml
* Updated tags for template CVE-2021-24237.yaml
* Updated tags for template CVE-2021-44848.yaml
* Updated tags for template CVE-2021-25646.yaml
* Updated tags for template CVE-2021-21816.yaml
* Updated tags for template CVE-2021-41649.yaml
* Updated tags for template CVE-2021-41291.yaml
* Updated tags for template CVE-2021-41293.yaml
* Updated tags for template CVE-2021-21801.yaml
* Updated tags for template CVE-2021-29156.yaml
* Updated tags for template CVE-2021-34370.yaml
* Updated tags for template CVE-2021-27132.yaml
* Updated tags for template CVE-2021-28151.yaml
* Updated tags for template CVE-2021-26812.yaml
* Updated tags for template CVE-2021-21985.yaml
* Updated tags for template CVE-2021-43778.yaml
* Updated tags for template CVE-2021-25281.yaml
* Updated tags for template CVE-2021-40539.yaml
* Updated tags for template CVE-2021-36749.yaml
* Updated tags for template CVE-2021-21234.yaml
* Updated tags for template CVE-2021-33221.yaml
* Updated tags for template CVE-2021-42013.yaml
* Updated tags for template CVE-2021-33807.yaml
* Updated tags for template CVE-2021-44228.yaml
* Updated tags for template CVE-2012-0896.yaml
* Updated tags for template CVE-2012-0991.yaml
* Updated tags for template CVE-2012-0392.yaml
* Updated tags for template CVE-2012-4940.yaml
* Updated tags for template CVE-2012-1226.yaml
* Updated tags for template CVE-2012-4878.yaml
* Updated tags for template CVE-2010-1304.yaml
* Updated tags for template CVE-2010-1217.yaml
* Updated tags for template CVE-2010-0759.yaml
* Updated tags for template CVE-2010-2307.yaml
* Updated tags for template CVE-2010-4231.yaml
* Updated tags for template CVE-2010-2861.yaml
* Updated tags for template CVE-2010-4282.yaml
* Updated tags for template CVE-2010-1302.yaml
* Updated tags for template CVE-2010-1461.yaml
* Updated tags for template CVE-2020-4463.yaml
* Updated tags for template CVE-2020-1943.yaml
* Updated tags for template CVE-2020-36289.yaml
* Updated tags for template CVE-2020-17518.yaml
* Updated tags for template CVE-2020-12800.yaml
* Updated tags for template CVE-2020-10770.yaml
* Updated tags for template CVE-2020-17506.yaml
* Updated tags for template CVE-2020-11547.yaml
* Updated tags for template CVE-2020-11034.yaml
* Updated tags for template CVE-2020-24589.yaml
* Updated tags for template CVE-2020-9054.yaml
* Updated tags for template CVE-2020-28976.yaml
* Updated tags for template CVE-2020-16952.yaml
* Updated tags for template CVE-2020-24312.yaml
* Updated tags for template CVE-2020-8512.yaml
* Updated tags for template CVE-2020-14179.yaml
* Updated tags for template CVE-2020-6308.yaml
* Updated tags for template CVE-2020-35846.yaml
* Updated tags for template CVE-2020-7318.yaml
* Updated tags for template CVE-2020-2140.yaml
* Updated tags for template CVE-2020-5410.yaml
* Updated tags for template CVE-2020-5777.yaml
* Updated tags for template CVE-2020-13700.yaml
* Updated tags for template CVE-2020-5775.yaml
* Updated tags for template CVE-2020-13167.yaml
* Updated tags for template CVE-2020-35848.yaml
* Updated tags for template CVE-2020-9484.yaml
* Updated tags for template CVE-2020-15505.yaml
* Updated tags for template CVE-2020-9047.yaml
* Updated tags for template CVE-2020-17519.yaml
* Updated tags for template CVE-2020-17505.yaml
* Updated tags for template CVE-2020-9376.yaml
* Updated tags for template CVE-2020-8497.yaml
* Updated tags for template CVE-2020-14092.yaml
* Updated tags for template CVE-2020-10148.yaml
* Updated tags for template CVE-2020-35847.yaml
* Updated tags for template CVE-2020-12116.yaml
* Updated tags for template CVE-2020-11930.yaml
* Updated tags for template CVE-2020-24186.yaml
* Updated tags for template CVE-2020-9496.yaml
* Updated tags for template CVE-2020-35489.yaml
* Updated tags for template CVE-2020-26413.yaml
* Updated tags for template CVE-2020-2096.yaml
* misc updates
* misc update
* more updates
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-01-05 01:04:16 +05:30
GwanYeong Kim
d572716df0
Create CVE-2021-21881.yaml
...
An OS command injection vulnerability exists in the Web Manager Wireless Network Scanner functionality of Lantronix PremierWave 2050 8.9.0.0R4. A specially-crafted HTTP request can lead to command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2022-01-04 23:14:12 +09:00
GitHub Action
86c11d1b40
Auto Generated CVE annotations [Tue Jan 4 11:55:25 UTC 2022] 🤖
2022-01-04 11:55:25 +00:00
pajoda
c45934891f
Create CVE-2021-36748.yaml ( #2446 )
...
* Create CVE-2021-36748.yaml
* Update indentation
* minor update
* Update CVE-2021-36748.yaml
* Additional unique matchers + easily readable syntax
* misc updates
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-01-04 17:23:56 +05:30
sandeep
6f3591f920
rseenet tags update
2022-01-01 12:28:32 +05:30
sandeep
7eba1c5a0a
added reference for rce
2021-12-31 17:53:27 +05:30
GitHub Action
e238128b1c
Auto Generated CVE annotations [Thu Dec 30 11:40:55 UTC 2021] 🤖
2021-12-30 11:40:55 +00:00
Sandeep Singh
de7bef1300
Added CVE-2021-42567 (Apereo CAS Reflected XSS) ( #3450 )
...
* Added CVE-2021-42567 (Apereo CAS Reflected XSS)
* Added login panel detection
2021-12-30 17:09:29 +05:30
Prince Chaddha
a94c5d62a1
Update CVE-2021-40859.yaml
2021-12-30 12:15:22 +05:30
Prince Chaddha
f3deec4325
Update CVE-2021-40859.yaml
2021-12-30 12:15:02 +05:30
Sandeep Singh
a10aff06e5
Merge branch 'master' into master
2021-12-29 21:28:30 +05:30
sandeep
8744282d5b
removing matcher to avoid false negative result.
2021-12-29 12:10:51 +05:30
东方有鱼名为咸
7a05f1b538
add CVE-2021-45232.yaml ( #3437 )
...
* Create CVE-2021-45232.yaml
* matcher fixes
* more reference
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2021-12-28 19:43:00 +05:30
GitHub Action
c33766a93f
Auto Generated CVE annotations [Fri Dec 24 13:38:52 UTC 2021] 🤖
2021-12-24 13:38:52 +00:00
Prince Chaddha
415f37a7a6
Update CVE-2021-27358.yaml
2021-12-24 19:02:18 +05:30
sandeep
f892a053a2
Added Grafana unauthenticated snapshot creation
2021-12-24 17:47:55 +05:30
sandeep
54e064767d
Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates
2021-12-23 21:46:10 +05:30
sandeep
99f5a47202
minor update
2021-12-23 21:40:28 +05:30
GitHub Action
132108f849
Auto Generated CVE annotations [Thu Dec 23 15:43:46 UTC 2021] 🤖
2021-12-23 15:43:46 +00:00
ImNightmaree
a76a9baaf4
Create CVE-2021-45046 ( #3378 )
...
* Create CVE-2021-45046
* Update and rename CVE-2021-45046 to CVE-2021-45046.yaml
* minor update
Co-authored-by: Prince Chaddha <prince@projectdiscovery.io>
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2021-12-23 21:11:50 +05:30
Mohamed Elbadry
d2d47bfcb0
Update CVE-2021-44228.yaml - Extract DNS interaction IP ( #3396 )
...
* Update CVE-2021-44228.yaml
* lint fix
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2021-12-22 18:17:30 +05:30
GitHub Action
d253ff84ef
Auto Generated CVE annotations [Wed Dec 22 06:47:35 UTC 2021] 🤖
2021-12-22 06:47:35 +00:00
pussycat0x
8a77db7919
unauthorized Puppet Node Manager ( #3388 )
...
* Add files via upload
* Update unauthorized-puppet-node-manager-detect.yaml
* Add files via upload
* Add files via upload
* Update CVE-2021-40859.yaml
* misc updates
* minor updates
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2021-12-22 12:16:05 +05:30
sandeep
df2418ce18
misc updates
2021-12-22 12:10:38 +05:30
pussycat0x
08d097a751
Update CVE-2021-40859.yaml
2021-12-22 09:33:06 +05:30
pussycat0x
4b6a46f06f
Add files via upload
2021-12-22 09:30:36 +05:30
GitHub Action
10ba4de0d7
Auto Generated CVE annotations [Tue Dec 21 12:32:40 UTC 2021] 🤖
2021-12-21 12:32:40 +00:00
Prince Chaddha
b622f5145d
Merge pull request #3383 from projectdiscovery/princechaddha-patch-2
...
Create CVE-2021-26085.yaml
2021-12-21 18:00:47 +05:30
GitHub Action
19bfb84638
Auto Generated CVE annotations [Tue Dec 21 11:06:14 UTC 2021] 🤖
2021-12-21 11:06:14 +00:00
GitHub Action
7fe5c23627
Auto Generated CVE annotations [Mon Dec 20 14:33:22 UTC 2021] 🤖
2021-12-20 14:33:22 +00:00
Prince Chaddha
b8ee43e27a
Create CVE-2021-26085.yaml
2021-12-20 15:20:14 +05:30
Prince Chaddha
ca6146a4af
Update CVE-2021-44228.yaml
2021-12-19 14:52:29 +05:30
Prince Chaddha
fc566d27a8
Create CVE-2021-45092.yaml ( #3372 )
...
* Create CVE-2021-45092.yaml
* Added Thinfinity Iframe Injection
Co-Authored-By: Daniel Mofer <7999779+danielmofer@users.noreply.github.com>
* Added Thinfinity VirtualUI User Enumeration
Co-Authored-By: Daniel Mofer <7999779+danielmofer@users.noreply.github.com>
* added missing tag
Co-Authored-By: Daniel Mofer <7999779+danielmofer@users.noreply.github.com>
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
Co-authored-by: Daniel Mofer <7999779+danielmofer@users.noreply.github.com>
2021-12-18 14:32:44 +05:30
Abhiram V
dd40419ea5
Updated CVE-2021-44228 with most common vulnerable headers ( #3334 )
...
* Updated with common headers which can be exploited
Reference : https://blog.qualys.com/vulnerabilities-threat-research/2021/12/10/apache-log4j2-zero-day-exploited-in-the-wild-log4shell
These headers are collected from above blog in Detecting the Vulnerability part
* fix: lint update
* Update CVE-2021-44228.yaml
* Update CVE-2021-44228.yaml
* Updated changed matchers and extractors regex according to v8.7.3 update
* payload updates for CVE-2021-44228
- more injection points
- a fixed regex to extract uppercase hostnames
- standardized payloads
- printed injection points
Source - https://twitter.com/0xceba/status/1471664540542648322
Co-Authored-By: 0xceba <44234156+0xceba@users.noreply.github.com>
Co-Authored-By: Abhiram V <61599526+Anon-Artist@users.noreply.github.com>
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
Co-authored-by: 0xceba <44234156+0xceba@users.noreply.github.com>
2021-12-18 10:51:45 +05:30
sandeep
b8fa0d5857
update: added more reference
2021-12-15 21:26:35 +05:30
Geeknik Labs
9c169bd682
Create CVE-2021-44528.yaml ( #3342 )
2021-12-15 20:43:07 +05:30
sandeep
c9ddd7a0ae
update: id + reference update
2021-12-14 21:07:46 +05:30
sandeep
34d4557dad
update: making it compatible with self-hosted interactsh server
2021-12-14 03:21:47 +05:30
Evan Rubinstein
dddb0bbb82
Added CVE-2021-24997 ( #3298 )
...
* Added CVE-39226
* Added CVE-39226
* Delete CVE-39226.yaml
* Renamed CVE-39226 to CVE-2021-39226
Fixed naming error
* Added Wp-Guppy-Information-Disclosure template
* Removed File
Found better descriptor
* Added CVE-2021-24997
Added WordPress Guppy Information Disclosure CVE
* Fixed CVE-2021-24997
Fixed YAML formatting
* Fixed Typo
URL Path had an extra double quote
* Auto Generated Templates Stats [Wed Dec 8 23:07:24 UTC 2021] 🤖
* Deleted Blank Space
* Update CVE-2021-24997.yaml
* Update CVE-2021-24997.yaml
* Update CVE-2021-24997.yaml
* Update CVE-2021-24997.yaml
* Added CVE-2021-43496
* Update CVE-2021-43496.yaml
* fix: syntax update
* Added New Vuln
* Update CVE-2021-24997.yaml
* Update CVE-2021-43496.yaml
* Update and rename hd-netowrk-realtime-monitor-system-LFI.yaml to hdnetwork-realtime-lfi.yaml
* fix: lints update
Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
Co-authored-by: GitHub Action <action@github.com>
Co-authored-by: Prince Chaddha <prince@projectdiscovery.io>
2021-12-14 02:22:26 +05:30
Nicolas
1411edf332
Updated CVE-2021-44228.yaml ( #3335 )
...
Co-authored-by: olacin <olacin@users.noreply.github.com>
2021-12-13 20:24:06 +05:30
5tr1x
5dc71681c5
Add X-Forwarded-For and Authentication headers
2021-12-11 15:43:22 -06:00
Mohamed Elbadry
33fbe53930
Create CVE-2021-44228.yaml ( #3319 )
...
* Create CVE-2021-44228.yaml
* fix: syntax fix
* update: added additional path based payload
* update: strict matcher + pulling hostname information of the system
* update: added path based payload
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2021-12-12 00:56:50 +05:30
GitHub Action
a19b941193
Auto Generated CVE annotations [Wed Dec 8 11:18:20 UTC 2021] 🤖
2021-12-08 11:18:20 +00:00
Sandeep Singh
2521cb62bf
Added CVE-2021-43798 ( #3296 )
...
* Added CVE-2021-43798
* updated with default plugin list
* Update grafana-file-read.yaml
2021-12-08 16:46:47 +05:30
Prince Chaddha
548980ae5b
Update CVE-2021-40856.yaml
2021-12-08 10:25:18 +05:30
GwanYeong Kim
48c6834de6
Create CVE-2021-40856.yaml
...
Inserting the prefix "/about/../" allows bypassing the authentication check for the web-based configuration management interface. This enables attackers to gain access to the login credentials used for authentication at the PBX, among other data.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-12-08 09:54:30 +09:00
sandeep
b8d068416f
update: added reference for CVE-2021-38314
2021-12-04 22:17:25 +05:30
sandeep
f64926808d
Added missing tag
2021-12-04 12:50:04 +05:30
GitHub Action
01cb3156ce
Auto Generated CVE annotations [Sat Dec 4 07:17:12 UTC 2021] 🤖
2021-12-04 07:17:12 +00:00
sandeep
d2d0d4bf8d
minor update to description
2021-12-04 12:44:08 +05:30
alph4byt3
09468dc0f8
Create CVE-2021-29490.yaml
2021-12-04 12:40:47 +05:30
alph4byt3
5180d138bf
Delete CVE-2021-29490
2021-12-04 12:40:47 +05:30
alph4byt3
41148c9f86
Create CVE-2021-29490
2021-12-04 12:40:47 +05:30
GitHub Action
ee1c16543d
Auto Generated CVE annotations [Fri Dec 3 09:17:18 UTC 2021] 🤖
2021-12-03 09:17:18 +00:00
Prince Chaddha
7a32fc3941
Update and rename CVE-2021-27310.yaml to cves/2021/CVE-2021-27310.yaml
2021-12-03 14:43:25 +05:30
Prince Chaddha
7bd27557d8
Merge pull request #3253 from projectdiscovery/pr-fix-1
...
Update CVE-2021-30213.yaml
2021-12-03 14:32:47 +05:30
Prince Chaddha
0ac3b4da59
Merge pull request #3252 from projectdiscovery/pr-fix
...
Update CVE-2021-27931.yaml
2021-12-03 14:32:06 +05:30
Prince Chaddha
10c0f1b22f
Update CVE-2021-30213.yaml
2021-12-03 14:31:08 +05:30
Prince Chaddha
04bb340596
Update CVE-2021-27931.yaml
2021-12-03 14:30:44 +05:30
Prince Chaddha
5a36367340
Merge branch 'master' into pr-fix-1
2021-12-03 13:49:27 +05:30