Prince Chaddha
fa30e05f61
Merge pull request #3586 from V35HR4J/master
...
Create CVE-2021-39433.yaml
2022-01-24 12:40:15 +05:30
Prince Chaddha
03697ed21a
Update CVE-2021-39433.yaml
2022-01-24 12:28:03 +05:30
Veshraj Ghimire
df907cc2e3
Create CVE-2021-39433.yaml
2022-01-23 21:00:30 +05:45
Prince Chaddha
1d15a5464a
Update CVE-2021-24750.yaml
2022-01-23 14:51:25 +05:30
Prince Chaddha
3c9e02150d
Update CVE-2021-24750.yaml
2022-01-23 14:39:38 +05:30
Prince Chaddha
75184ca383
Update CVE-2021-24750.yaml
2022-01-23 14:38:12 +05:30
cckuailong
dad34d012c
add CVE-2021-24750
2022-01-23 13:17:20 +08:00
sandeep
2a8d8e1095
more updates
2022-01-22 23:27:52 +05:30
sandeep
6b14c6c6fc
CVE-2021-40438 update
2022-01-22 23:18:07 +05:30
Sandeep Singh
1b0c7f1b7f
CVE-2021-22205 update ( #3568 )
...
*moved cves/2021/CVE-2021-22205.yaml to vulnerabilities/gitlab/gitlab-rce.yaml
*template extension update + added missing severity + misc updates
2022-01-20 14:25:57 +05:30
Greg Johnson
e0a2d35a8d
add passive fingerprinting template for CVE-2021-22205 ( #3565 )
...
Co-authored-by: Greg Johnson (codeEmitter) <gjohnson@gitlab.com>
2022-01-20 14:12:37 +05:30
pussycat0x
650a38ffde
Qualcomm 4G LTE WiFi VoIP-Router ( #3555 )
...
* Add files via upload
* Auto Generated CVE annotations [Mon Jan 17 16:05:35 UTC 2022] 🤖
* Update CVE-2021-44528.yaml
* Update CVE-2021-45232.yaml
* Add files via upload
* removing duplicate template
* moving template around
* template fix
Co-authored-by: GitHub Action <action@github.com>
Co-authored-by: Prince Chaddha <prince@projectdiscovery.io>
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-01-19 13:33:34 +05:30
sandeep
e51d401214
template fix
2022-01-19 13:32:16 +05:30
sandeep
fd023b42a8
Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates into pr/3550
2022-01-19 13:25:06 +05:30
Roberto Nunes
2cadf76241
Create CVE-2021-32618.yaml ( #3546 )
...
* Create CVE-2021-32618.yaml
* Update and rename CVE-2021-32618.yaml to cves/2021/CVE-2021-32618.yaml
* matcher update
Co-authored-by: Prince Chaddha <prince@projectdiscovery.io>
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-01-18 12:51:00 +05:30
GitHub Action
2c250d66c7
Auto Generated CVE annotations [Tue Jan 18 05:22:01 UTC 2022] 🤖
2022-01-18 05:22:01 +00:00
Dwi Siswanto
b8dabfbcbb
Add CVE-2021-20038 ( #3542 )
...
* Add CVE-2021-20038
* misc: Update author
2022-01-18 10:50:14 +05:30
Prince Chaddha
bc5fba6fbf
Update CVE-2021-45232.yaml
2022-01-17 22:20:44 +05:30
Prince Chaddha
f988ad8ff4
Update CVE-2021-44528.yaml
2022-01-17 22:19:22 +05:30
GitHub Action
4f81203546
Auto Generated CVE annotations [Mon Jan 17 16:05:35 UTC 2022] 🤖
2022-01-17 16:05:35 +00:00
Patrick
1086ca1a30
added template for CVE-2021-42551 ( #3541 )
...
* added template for CVE-2021-42551
* Update CVE-2021-42551.yaml
* Update CVE-2021-42551.yaml
* unbricked CVE-2021-42551
* additional page specific matcher
Co-authored-by: Patrick <patrick.schmid@redguard.ch>
Co-authored-by: Prince Chaddha <prince@projectdiscovery.io>
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-01-16 19:01:29 +05:30
gy741
e5958c1364
Update tags ( #3538 )
2022-01-16 02:08:21 +05:30
GitHub Action
d5e2eb7d41
Auto Generated CVE annotations [Sat Jan 15 19:05:39 UTC 2022] 🤖
2022-01-15 19:05:39 +00:00
GitHub Action
bc3fa19859
Auto Generated CVE annotations [Thu Jan 13 05:21:21 UTC 2022] 🤖
2022-01-13 05:21:21 +00:00
Muhammad Daffa
64cf0fa4ba
Rename maian cart rce ( #3532 )
...
* Update and rename vulnerabilities/other/maian-cart-preauth-rce.yaml to cves/2021/CVE-2021-32172.yaml
* Update CVE-2021-32172.yaml
Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
2022-01-13 10:48:51 +05:30
sandeep
5c471a6168
removing duplicate template
2022-01-12 17:28:47 +05:30
Prince Chaddha
a53ae7b694
Merge pull request #3518 from gy741/rule-add-v85
...
Create CVE-2021-20167.yaml
2022-01-11 14:54:05 +05:30
GitHub Action
c40624e7d9
Auto Generated CVE annotations [Tue Jan 11 08:57:41 UTC 2022] 🤖
2022-01-11 08:57:41 +00:00
Prince Chaddha
70677b3b5a
Update CVE-2021–20837.yaml
2022-01-11 14:12:04 +05:30
Prince Chaddha
9afd4bcfd8
Update CVE-2021-20167.yaml
2022-01-11 13:57:07 +05:30
GwanYeong Kim
d772fd884b
Create CVE-2021-20167.yaml
...
This vulnerability uses a combination of CVE-2021-20166 and CVE-2021-20167. Netgear RAX43 version 1.0.3.96 contains a command injection and authbypass vulnerability. The readycloud cgi application is vulnerable to command injection in the name parameter. and The URL parsing functionality in the cgi-bin endpoint of the router containers a buffer overrun issue that can redirection control flow of the applicaiton.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2022-01-11 15:00:56 +09:00
PikPikcU
83e431802e
Create CVE-2021–20837.yaml
2022-01-10 21:44:31 -05:00
Roberto Nunes
484d77de7c
Create CVE-2021-39501.yaml ( #3501 )
...
* Create CVE-2021-39501.yaml
* moving template to cves directory
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-01-08 17:00:19 +05:30
GitHub Action
451313a0af
Auto Generated CVE annotations [Sat Jan 8 10:57:43 UTC 2022] 🤖
2022-01-08 10:57:43 +00:00
JAS-37
0c7d13d152
add CVE-2021-31862 template ( #3491 )
...
* add CVE-2021-31862 template
* updated matchers
* Added SysAid panel + workflow
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-01-07 13:28:38 +05:30
Aaron Chen
d0f71c6d1b
Update CVE-2021-31589.yaml ( #3489 )
2022-01-06 12:05:23 +05:30
Ahmed Aboul-Ela
f279bd78d1
Add CVE-2021-31589 ( #3486 )
...
* Add CVE-2021-31589
Committer: Ahmed Aboul-Ela <ahmed.aboul3la@gmail.com>
* lint fixes
* updated matchers
* Added metadata
* Added Bomgar Login Panel detection
* Added Bomgar workflow
* Added favicon detection
Co-authored-by: Ahmed Aboul-Ela <ahmed@secgeek.local>
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-01-05 18:39:53 +05:30
Prince Chaddha
a9ef4d2612
Merge pull request #3480 from gy741/rule-add-v81
...
Create CVE-2021-21881.yaml
2022-01-05 13:01:57 +05:30
Prince Chaddha
fefd3343eb
Update CVE-2021-21881.yaml
2022-01-05 13:00:40 +05:30
Prince Chaddha
616bea3a88
Update CVE-2021-21881.yaml
2022-01-05 12:59:27 +05:30
Pathtaga
e281e5bf88
Updated all templates tags with technologies ( #3478 )
...
* Updated tags for template sonicwall-email-security-detect.yaml
* Updated tags for template detect-sentry.yaml
* Updated tags for template kong-detect.yaml
* Updated tags for template openam-detect.yaml
* Updated tags for template shiro-detect.yaml
* Updated tags for template iplanet-web-server.yaml
* Updated tags for template graylog-api-browser.yaml
* Updated tags for template prtg-detect.yaml
* Updated tags for template node-red-detect.yaml
* Updated tags for template abyss-web-server.yaml
* Updated tags for template geo-webserver.yaml
* Updated tags for template autobahn-python-detect.yaml
* Updated tags for template default-lighttpd-page.yaml
* Updated tags for template microsoft-iis-8.yaml
* Updated tags for template lucee-detect.yaml
* Updated tags for template php-proxy-detect.yaml
* Updated tags for template jenkins-detect.yaml
* Updated tags for template cockpit-detect.yaml
* Updated tags for template csrfguard-detect.yaml
* Updated tags for template dwr-index-detect.yaml
* Updated tags for template netsweeper-webadmin-detect.yaml
* Updated tags for template weblogic-detect.yaml
* Updated tags for template s3-detect.yaml
* Updated tags for template tileserver-gl.yaml
* Updated tags for template springboot-actuator.yaml
* Updated tags for template terraform-detect.yaml
* Updated tags for template redmine-cli-detect.yaml
* Updated tags for template mrtg-detect.yaml
* Updated tags for template tableau-server-detect.yaml
* Updated tags for template magmi-detect.yaml
* Updated tags for template oidc-detect.yaml
* Updated tags for template tor-socks-proxy.yaml
* Updated tags for template synology-web-station.yaml
* Updated tags for template herokuapp-detect.yaml
* Updated tags for template gunicorn-detect.yaml
* Updated tags for template sql-server-reporting.yaml
* Updated tags for template google-bucket-service.yaml
* Updated tags for template kubernetes-mirantis.yaml
* Updated tags for template kubernetes-enterprise-manager.yaml
* Updated tags for template oracle-iplanet-web-server.yaml
* Updated tags for template dell-idrac7-detect.yaml
* Updated tags for template dell-idrac6-detect.yaml
* Updated tags for template dell-idrac9-detect.yaml
* Updated tags for template dell-idrac8-detect.yaml
* Updated tags for template apache-guacamole.yaml
* Updated tags for template aws-cloudfront-service.yaml
* Updated tags for template aws-bucket-service.yaml
* Updated tags for template nginx-linux-page.yaml
* Updated tags for template telerik-fileupload-detect.yaml
* Updated tags for template telerik-dialoghandler-detect.yaml
* Updated tags for template htaccess-config.yaml
* Updated tags for template microsoft-azure-error.yaml
* Updated tags for template detect-options-method.yaml
* Updated tags for template unpatched-coldfusion.yaml
* Updated tags for template moodle-changelog.yaml
* Updated tags for template detect-dns-over-https.yaml
* Updated tags for template CVE-2019-19134.yaml
* Updated tags for template CVE-2019-3929.yaml
* Updated tags for template CVE-2019-19908.yaml
* Updated tags for template CVE-2019-10475.yaml
* Updated tags for template CVE-2019-17382.yaml
* Updated tags for template CVE-2019-16332.yaml
* Updated tags for template CVE-2019-14974.yaml
* Updated tags for template CVE-2019-19368.yaml
* Updated tags for template CVE-2019-12725.yaml
* Updated tags for template CVE-2019-15501.yaml
* Updated tags for template CVE-2019-9733.yaml
* Updated tags for template CVE-2019-14322.yaml
* Updated tags for template CVE-2019-9955.yaml
* Updated tags for template CVE-2019-0230.yaml
* Updated tags for template CVE-2019-10232.yaml
* Updated tags for template CVE-2019-17506.yaml
* Updated tags for template CVE-2019-8449.yaml
* Updated tags for template CVE-2019-12593.yaml
* Updated tags for template CVE-2019-10092.yaml
* Updated tags for template CVE-2019-1821.yaml
* Updated tags for template CVE-2019-3401.yaml
* Updated tags for template CVE-2019-16662.yaml
* Updated tags for template CVE-2019-5418.yaml
* Updated tags for template CVE-2016-4975.yaml
* Updated tags for template CVE-2016-1000137.yaml
* Updated tags for template CVE-2016-7552.yaml
* Updated tags for template CVE-2016-10956.yaml
* Updated tags for template CVE-2016-1000146.yaml
* Updated tags for template CVE-2013-2251.yaml
* Updated tags for template CVE-2013-1965.yaml
* Updated tags for template CVE-2014-2323.yaml
* Updated tags for template CVE-2014-5111.yaml
* Updated tags for template CVE-2014-2962.yaml
* Updated tags for template CVE-2014-4561.yaml
* Updated tags for template CVE-2014-4558.yaml
* Updated tags for template CVE-2014-3120.yaml
* Updated tags for template CVE-2007-5728.yaml
* Updated tags for template CVE-2009-4679.yaml
* Updated tags for template CVE-2009-1558.yaml
* Updated tags for template CVE-2009-4202.yaml
* Updated tags for template CVE-2009-0932.yaml
* Updated tags for template CVE-2015-2068.yaml
* Updated tags for template CVE-2015-8813.yaml
* Updated tags for template CVE-2015-7450.yaml
* Updated tags for template CVE-2015-2067.yaml
* Updated tags for template CVE-2015-3306.yaml
* Updated tags for template CVE-2015-3337.yaml
* Updated tags for template CVE-2015-1427.yaml
* Updated tags for template CVE-2015-1503.yaml
* Updated tags for template CVE-2015-1880.yaml
* Updated tags for template CVE-2018-3810.yaml
* Updated tags for template CVE-2018-18069.yaml
* Updated tags for template CVE-2018-17246.yaml
* Updated tags for template CVE-2018-10141.yaml
* Updated tags for template CVE-2018-16341.yaml
* Updated tags for template CVE-2018-18777.yaml
* Updated tags for template CVE-2018-15138.yaml
* Updated tags for template CVE-2018-11784.yaml
* Updated tags for template CVE-2018-16299.yaml
* Updated tags for template CVE-2018-7251.yaml
* Updated tags for template CVE-2018-1273.yaml
* Updated tags for template CVE-2018-1271.yaml
* Updated tags for template CVE-2018-11759.yaml
* Updated tags for template CVE-2018-3167.yaml
* Updated tags for template CVE-2018-7490.yaml
* Updated tags for template CVE-2018-2628.yaml
* Updated tags for template CVE-2018-13380.yaml
* Updated tags for template CVE-2018-2893.yaml
* Updated tags for template CVE-2018-5316.yaml
* Updated tags for template CVE-2018-20985.yaml
* Updated tags for template CVE-2018-10818.yaml
* Updated tags for template CVE-2018-1000861.yaml
* Updated tags for template CVE-2018-0296.yaml
* Updated tags for template CVE-2018-19458.yaml
* Updated tags for template CVE-2018-3760.yaml
* Updated tags for template CVE-2018-12998.yaml
* Updated tags for template CVE-2018-9118.yaml
* Updated tags for template CVE-2018-1000130.yaml
* Updated tags for template CVE-2008-6668.yaml
* Updated tags for template CVE-2017-7269.yaml
* Updated tags for template CVE-2017-1000170.yaml
* Updated tags for template CVE-2017-16877.yaml
* Updated tags for template CVE-2017-1000486.yaml
* Updated tags for template CVE-2017-9822.yaml
* Updated tags for template CVE-2017-0929.yaml
* Updated tags for template CVE-2017-7921.yaml
* Updated tags for template CVE-2017-14535.yaml
* Updated tags for template CVE-2017-5521.yaml
* Updated tags for template CVE-2017-12637.yaml
* Updated tags for template CVE-2017-12635.yaml
* Updated tags for template CVE-2017-11610.yaml
* Updated tags for template CVE-2021-20114.yaml
* Updated tags for template CVE-2021-40856.yaml
* Updated tags for template CVE-2021-21972.yaml
* Updated tags for template CVE-2021-31602.yaml
* Updated tags for template CVE-2021-41773.yaml
* Updated tags for template CVE-2021-37704.yaml
* Updated tags for template CVE-2021-45046.yaml
* Updated tags for template CVE-2021-26084.yaml
* Updated tags for template CVE-2021-27931.yaml
* Updated tags for template CVE-2021-24291.yaml
* Updated tags for template CVE-2021-41648.yaml
* Updated tags for template CVE-2021-37216.yaml
* Updated tags for template CVE-2021-22005.yaml
* Updated tags for template CVE-2021-37573.yaml
* Updated tags for template CVE-2021-31755.yaml
* Updated tags for template CVE-2021-43287.yaml
* Updated tags for template CVE-2021-24274.yaml
* Updated tags for template CVE-2021-33564.yaml
* Updated tags for template CVE-2021-22145.yaml
* Updated tags for template CVE-2021-24237.yaml
* Updated tags for template CVE-2021-44848.yaml
* Updated tags for template CVE-2021-25646.yaml
* Updated tags for template CVE-2021-21816.yaml
* Updated tags for template CVE-2021-41649.yaml
* Updated tags for template CVE-2021-41291.yaml
* Updated tags for template CVE-2021-41293.yaml
* Updated tags for template CVE-2021-21801.yaml
* Updated tags for template CVE-2021-29156.yaml
* Updated tags for template CVE-2021-34370.yaml
* Updated tags for template CVE-2021-27132.yaml
* Updated tags for template CVE-2021-28151.yaml
* Updated tags for template CVE-2021-26812.yaml
* Updated tags for template CVE-2021-21985.yaml
* Updated tags for template CVE-2021-43778.yaml
* Updated tags for template CVE-2021-25281.yaml
* Updated tags for template CVE-2021-40539.yaml
* Updated tags for template CVE-2021-36749.yaml
* Updated tags for template CVE-2021-21234.yaml
* Updated tags for template CVE-2021-33221.yaml
* Updated tags for template CVE-2021-42013.yaml
* Updated tags for template CVE-2021-33807.yaml
* Updated tags for template CVE-2021-44228.yaml
* Updated tags for template CVE-2012-0896.yaml
* Updated tags for template CVE-2012-0991.yaml
* Updated tags for template CVE-2012-0392.yaml
* Updated tags for template CVE-2012-4940.yaml
* Updated tags for template CVE-2012-1226.yaml
* Updated tags for template CVE-2012-4878.yaml
* Updated tags for template CVE-2010-1304.yaml
* Updated tags for template CVE-2010-1217.yaml
* Updated tags for template CVE-2010-0759.yaml
* Updated tags for template CVE-2010-2307.yaml
* Updated tags for template CVE-2010-4231.yaml
* Updated tags for template CVE-2010-2861.yaml
* Updated tags for template CVE-2010-4282.yaml
* Updated tags for template CVE-2010-1302.yaml
* Updated tags for template CVE-2010-1461.yaml
* Updated tags for template CVE-2020-4463.yaml
* Updated tags for template CVE-2020-1943.yaml
* Updated tags for template CVE-2020-36289.yaml
* Updated tags for template CVE-2020-17518.yaml
* Updated tags for template CVE-2020-12800.yaml
* Updated tags for template CVE-2020-10770.yaml
* Updated tags for template CVE-2020-17506.yaml
* Updated tags for template CVE-2020-11547.yaml
* Updated tags for template CVE-2020-11034.yaml
* Updated tags for template CVE-2020-24589.yaml
* Updated tags for template CVE-2020-9054.yaml
* Updated tags for template CVE-2020-28976.yaml
* Updated tags for template CVE-2020-16952.yaml
* Updated tags for template CVE-2020-24312.yaml
* Updated tags for template CVE-2020-8512.yaml
* Updated tags for template CVE-2020-14179.yaml
* Updated tags for template CVE-2020-6308.yaml
* Updated tags for template CVE-2020-35846.yaml
* Updated tags for template CVE-2020-7318.yaml
* Updated tags for template CVE-2020-2140.yaml
* Updated tags for template CVE-2020-5410.yaml
* Updated tags for template CVE-2020-5777.yaml
* Updated tags for template CVE-2020-13700.yaml
* Updated tags for template CVE-2020-5775.yaml
* Updated tags for template CVE-2020-13167.yaml
* Updated tags for template CVE-2020-35848.yaml
* Updated tags for template CVE-2020-9484.yaml
* Updated tags for template CVE-2020-15505.yaml
* Updated tags for template CVE-2020-9047.yaml
* Updated tags for template CVE-2020-17519.yaml
* Updated tags for template CVE-2020-17505.yaml
* Updated tags for template CVE-2020-9376.yaml
* Updated tags for template CVE-2020-8497.yaml
* Updated tags for template CVE-2020-14092.yaml
* Updated tags for template CVE-2020-10148.yaml
* Updated tags for template CVE-2020-35847.yaml
* Updated tags for template CVE-2020-12116.yaml
* Updated tags for template CVE-2020-11930.yaml
* Updated tags for template CVE-2020-24186.yaml
* Updated tags for template CVE-2020-9496.yaml
* Updated tags for template CVE-2020-35489.yaml
* Updated tags for template CVE-2020-26413.yaml
* Updated tags for template CVE-2020-2096.yaml
* misc updates
* misc update
* more updates
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-01-05 01:04:16 +05:30
GwanYeong Kim
d572716df0
Create CVE-2021-21881.yaml
...
An OS command injection vulnerability exists in the Web Manager Wireless Network Scanner functionality of Lantronix PremierWave 2050 8.9.0.0R4. A specially-crafted HTTP request can lead to command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2022-01-04 23:14:12 +09:00
GitHub Action
86c11d1b40
Auto Generated CVE annotations [Tue Jan 4 11:55:25 UTC 2022] 🤖
2022-01-04 11:55:25 +00:00
pajoda
c45934891f
Create CVE-2021-36748.yaml ( #2446 )
...
* Create CVE-2021-36748.yaml
* Update indentation
* minor update
* Update CVE-2021-36748.yaml
* Additional unique matchers + easily readable syntax
* misc updates
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-01-04 17:23:56 +05:30
sandeep
6f3591f920
rseenet tags update
2022-01-01 12:28:32 +05:30
sandeep
7eba1c5a0a
added reference for rce
2021-12-31 17:53:27 +05:30
GitHub Action
e238128b1c
Auto Generated CVE annotations [Thu Dec 30 11:40:55 UTC 2021] 🤖
2021-12-30 11:40:55 +00:00
Sandeep Singh
de7bef1300
Added CVE-2021-42567 (Apereo CAS Reflected XSS) ( #3450 )
...
* Added CVE-2021-42567 (Apereo CAS Reflected XSS)
* Added login panel detection
2021-12-30 17:09:29 +05:30
Prince Chaddha
a94c5d62a1
Update CVE-2021-40859.yaml
2021-12-30 12:15:22 +05:30
Prince Chaddha
f3deec4325
Update CVE-2021-40859.yaml
2021-12-30 12:15:02 +05:30
Sandeep Singh
a10aff06e5
Merge branch 'master' into master
2021-12-29 21:28:30 +05:30
sandeep
8744282d5b
removing matcher to avoid false negative result.
2021-12-29 12:10:51 +05:30
东方有鱼名为咸
7a05f1b538
add CVE-2021-45232.yaml ( #3437 )
...
* Create CVE-2021-45232.yaml
* matcher fixes
* more reference
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2021-12-28 19:43:00 +05:30
GitHub Action
c33766a93f
Auto Generated CVE annotations [Fri Dec 24 13:38:52 UTC 2021] 🤖
2021-12-24 13:38:52 +00:00
Prince Chaddha
415f37a7a6
Update CVE-2021-27358.yaml
2021-12-24 19:02:18 +05:30
sandeep
f892a053a2
Added Grafana unauthenticated snapshot creation
2021-12-24 17:47:55 +05:30
sandeep
54e064767d
Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates
2021-12-23 21:46:10 +05:30
sandeep
99f5a47202
minor update
2021-12-23 21:40:28 +05:30
GitHub Action
132108f849
Auto Generated CVE annotations [Thu Dec 23 15:43:46 UTC 2021] 🤖
2021-12-23 15:43:46 +00:00
ImNightmaree
a76a9baaf4
Create CVE-2021-45046 ( #3378 )
...
* Create CVE-2021-45046
* Update and rename CVE-2021-45046 to CVE-2021-45046.yaml
* minor update
Co-authored-by: Prince Chaddha <prince@projectdiscovery.io>
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2021-12-23 21:11:50 +05:30
Mohamed Elbadry
d2d47bfcb0
Update CVE-2021-44228.yaml - Extract DNS interaction IP ( #3396 )
...
* Update CVE-2021-44228.yaml
* lint fix
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2021-12-22 18:17:30 +05:30
GitHub Action
d253ff84ef
Auto Generated CVE annotations [Wed Dec 22 06:47:35 UTC 2021] 🤖
2021-12-22 06:47:35 +00:00
pussycat0x
8a77db7919
unauthorized Puppet Node Manager ( #3388 )
...
* Add files via upload
* Update unauthorized-puppet-node-manager-detect.yaml
* Add files via upload
* Add files via upload
* Update CVE-2021-40859.yaml
* misc updates
* minor updates
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2021-12-22 12:16:05 +05:30
sandeep
df2418ce18
misc updates
2021-12-22 12:10:38 +05:30
pussycat0x
08d097a751
Update CVE-2021-40859.yaml
2021-12-22 09:33:06 +05:30
pussycat0x
4b6a46f06f
Add files via upload
2021-12-22 09:30:36 +05:30
GitHub Action
10ba4de0d7
Auto Generated CVE annotations [Tue Dec 21 12:32:40 UTC 2021] 🤖
2021-12-21 12:32:40 +00:00
Prince Chaddha
b622f5145d
Merge pull request #3383 from projectdiscovery/princechaddha-patch-2
...
Create CVE-2021-26085.yaml
2021-12-21 18:00:47 +05:30
GitHub Action
19bfb84638
Auto Generated CVE annotations [Tue Dec 21 11:06:14 UTC 2021] 🤖
2021-12-21 11:06:14 +00:00
GitHub Action
7fe5c23627
Auto Generated CVE annotations [Mon Dec 20 14:33:22 UTC 2021] 🤖
2021-12-20 14:33:22 +00:00
Prince Chaddha
b8ee43e27a
Create CVE-2021-26085.yaml
2021-12-20 15:20:14 +05:30
Prince Chaddha
ca6146a4af
Update CVE-2021-44228.yaml
2021-12-19 14:52:29 +05:30
Prince Chaddha
fc566d27a8
Create CVE-2021-45092.yaml ( #3372 )
...
* Create CVE-2021-45092.yaml
* Added Thinfinity Iframe Injection
Co-Authored-By: Daniel Mofer <7999779+danielmofer@users.noreply.github.com>
* Added Thinfinity VirtualUI User Enumeration
Co-Authored-By: Daniel Mofer <7999779+danielmofer@users.noreply.github.com>
* added missing tag
Co-Authored-By: Daniel Mofer <7999779+danielmofer@users.noreply.github.com>
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
Co-authored-by: Daniel Mofer <7999779+danielmofer@users.noreply.github.com>
2021-12-18 14:32:44 +05:30
Abhiram V
dd40419ea5
Updated CVE-2021-44228 with most common vulnerable headers ( #3334 )
...
* Updated with common headers which can be exploited
Reference : https://blog.qualys.com/vulnerabilities-threat-research/2021/12/10/apache-log4j2-zero-day-exploited-in-the-wild-log4shell
These headers are collected from above blog in Detecting the Vulnerability part
* fix: lint update
* Update CVE-2021-44228.yaml
* Update CVE-2021-44228.yaml
* Updated changed matchers and extractors regex according to v8.7.3 update
* payload updates for CVE-2021-44228
- more injection points
- a fixed regex to extract uppercase hostnames
- standardized payloads
- printed injection points
Source - https://twitter.com/0xceba/status/1471664540542648322
Co-Authored-By: 0xceba <44234156+0xceba@users.noreply.github.com>
Co-Authored-By: Abhiram V <61599526+Anon-Artist@users.noreply.github.com>
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
Co-authored-by: 0xceba <44234156+0xceba@users.noreply.github.com>
2021-12-18 10:51:45 +05:30
sandeep
b8fa0d5857
update: added more reference
2021-12-15 21:26:35 +05:30
Geeknik Labs
9c169bd682
Create CVE-2021-44528.yaml ( #3342 )
2021-12-15 20:43:07 +05:30
sandeep
c9ddd7a0ae
update: id + reference update
2021-12-14 21:07:46 +05:30
sandeep
34d4557dad
update: making it compatible with self-hosted interactsh server
2021-12-14 03:21:47 +05:30
Evan Rubinstein
dddb0bbb82
Added CVE-2021-24997 ( #3298 )
...
* Added CVE-39226
* Added CVE-39226
* Delete CVE-39226.yaml
* Renamed CVE-39226 to CVE-2021-39226
Fixed naming error
* Added Wp-Guppy-Information-Disclosure template
* Removed File
Found better descriptor
* Added CVE-2021-24997
Added WordPress Guppy Information Disclosure CVE
* Fixed CVE-2021-24997
Fixed YAML formatting
* Fixed Typo
URL Path had an extra double quote
* Auto Generated Templates Stats [Wed Dec 8 23:07:24 UTC 2021] 🤖
* Deleted Blank Space
* Update CVE-2021-24997.yaml
* Update CVE-2021-24997.yaml
* Update CVE-2021-24997.yaml
* Update CVE-2021-24997.yaml
* Added CVE-2021-43496
* Update CVE-2021-43496.yaml
* fix: syntax update
* Added New Vuln
* Update CVE-2021-24997.yaml
* Update CVE-2021-43496.yaml
* Update and rename hd-netowrk-realtime-monitor-system-LFI.yaml to hdnetwork-realtime-lfi.yaml
* fix: lints update
Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
Co-authored-by: GitHub Action <action@github.com>
Co-authored-by: Prince Chaddha <prince@projectdiscovery.io>
2021-12-14 02:22:26 +05:30
Nicolas
1411edf332
Updated CVE-2021-44228.yaml ( #3335 )
...
Co-authored-by: olacin <olacin@users.noreply.github.com>
2021-12-13 20:24:06 +05:30
5tr1x
5dc71681c5
Add X-Forwarded-For and Authentication headers
2021-12-11 15:43:22 -06:00
Mohamed Elbadry
33fbe53930
Create CVE-2021-44228.yaml ( #3319 )
...
* Create CVE-2021-44228.yaml
* fix: syntax fix
* update: added additional path based payload
* update: strict matcher + pulling hostname information of the system
* update: added path based payload
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2021-12-12 00:56:50 +05:30
GitHub Action
a19b941193
Auto Generated CVE annotations [Wed Dec 8 11:18:20 UTC 2021] 🤖
2021-12-08 11:18:20 +00:00
Sandeep Singh
2521cb62bf
Added CVE-2021-43798 ( #3296 )
...
* Added CVE-2021-43798
* updated with default plugin list
* Update grafana-file-read.yaml
2021-12-08 16:46:47 +05:30
Prince Chaddha
548980ae5b
Update CVE-2021-40856.yaml
2021-12-08 10:25:18 +05:30
GwanYeong Kim
48c6834de6
Create CVE-2021-40856.yaml
...
Inserting the prefix "/about/../" allows bypassing the authentication check for the web-based configuration management interface. This enables attackers to gain access to the login credentials used for authentication at the PBX, among other data.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-12-08 09:54:30 +09:00
sandeep
b8d068416f
update: added reference for CVE-2021-38314
2021-12-04 22:17:25 +05:30
sandeep
f64926808d
Added missing tag
2021-12-04 12:50:04 +05:30
GitHub Action
01cb3156ce
Auto Generated CVE annotations [Sat Dec 4 07:17:12 UTC 2021] 🤖
2021-12-04 07:17:12 +00:00
sandeep
d2d0d4bf8d
minor update to description
2021-12-04 12:44:08 +05:30
alph4byt3
09468dc0f8
Create CVE-2021-29490.yaml
2021-12-04 12:40:47 +05:30
alph4byt3
5180d138bf
Delete CVE-2021-29490
2021-12-04 12:40:47 +05:30
alph4byt3
41148c9f86
Create CVE-2021-29490
2021-12-04 12:40:47 +05:30
GitHub Action
ee1c16543d
Auto Generated CVE annotations [Fri Dec 3 09:17:18 UTC 2021] 🤖
2021-12-03 09:17:18 +00:00
Prince Chaddha
7a32fc3941
Update and rename CVE-2021-27310.yaml to cves/2021/CVE-2021-27310.yaml
2021-12-03 14:43:25 +05:30
Prince Chaddha
7bd27557d8
Merge pull request #3253 from projectdiscovery/pr-fix-1
...
Update CVE-2021-30213.yaml
2021-12-03 14:32:47 +05:30
Prince Chaddha
0ac3b4da59
Merge pull request #3252 from projectdiscovery/pr-fix
...
Update CVE-2021-27931.yaml
2021-12-03 14:32:06 +05:30
Prince Chaddha
10c0f1b22f
Update CVE-2021-30213.yaml
2021-12-03 14:31:08 +05:30
Prince Chaddha
04bb340596
Update CVE-2021-27931.yaml
2021-12-03 14:30:44 +05:30
Prince Chaddha
5a36367340
Merge branch 'master' into pr-fix-1
2021-12-03 13:49:27 +05:30
Prince Chaddha
3cade85cc8
Merge branch 'master' into pr-fix
2021-12-03 13:23:33 +05:30
GitHub Action
6731cb176b
Auto Generated CVE annotations [Fri Dec 3 07:23:34 UTC 2021] 🤖
2021-12-03 07:23:34 +00:00
Prince Chaddha
ccca1add3f
Update CVE-2021-30213.yaml
2021-12-03 12:53:01 +05:30
Prince Chaddha
e53cdde0c0
Merge pull request #3199 from alph4byt3/alph4byt3-patch-1
...
Create CVE-2021-30213.yaml
2021-12-03 12:52:11 +05:30
GitHub Action
5afe45cba5
Auto Generated CVE annotations [Fri Dec 3 07:19:34 UTC 2021] 🤖
2021-12-03 07:19:34 +00:00
Prince Chaddha
636a82effd
Update CVE-2021-27931.yaml
2021-12-03 12:48:47 +05:30
Prince Chaddha
025475d950
Merge pull request #3251 from projectdiscovery/pr-fix
...
Update and rename CVE-2021-40542.yaml to cves/2021/CVE-2021-40542.yaml
2021-12-03 12:48:01 +05:30
Prince Chaddha
bac5f0f843
Merge pull request #3206 from alph4byt3/patch-1
...
Create CVE-2021-27931.yaml
2021-12-03 12:47:18 +05:30
Prince Chaddha
0457cbd6b2
Update and rename CVE-2021-40542.yaml to cves/2021/CVE-2021-40542.yaml
2021-12-03 12:42:37 +05:30
sandeep
1dabef2e6f
Revert "CVE update - CVE-2021-22049"
...
This reverts commit 70128c2587
.
2021-12-02 01:34:29 +05:30
sandeep
70128c2587
CVE update - CVE-2021-22049
2021-12-02 01:31:41 +05:30
sandeep
814bf92a00
File name update - CVE-2021-39226
2021-12-02 01:14:10 +05:30
Sandeep Singh
19fcafa546
CVE-2021-39226 ( #3241 )
...
* Added CVE-39226
Co-Authored-By: Evan Rubinstein <70485623+evanRubinsteinIT@users.noreply.github.com>
Co-authored-by: Evan Rubinstein <70485623+evanRubinsteinIT@users.noreply.github.com>
2021-12-02 01:07:40 +05:30
sullo
854b464b1d
Add remediation information to CVE-2021-40539 and CVE-2021-44427 ( #3237 )
...
* Added remediation to CVE-2021-40539
* Added remediation to CVE-2021-44427
Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
2021-12-01 22:23:24 +05:30
Prince Chaddha
c9b6c8e463
Merge pull request #3235 from cckuailong/master
...
add CVE-2021-43778.yaml
2021-12-01 19:21:08 +05:30
Prince Chaddha
93f9f3ccac
Update CVE-2021-43778.yaml
2021-12-01 19:19:10 +05:30
GitHub Action
d3649d4f43
Auto Generated CVE annotations [Wed Dec 1 13:42:24 UTC 2021] 🤖
2021-12-01 13:42:24 +00:00
cckuailong
2a8ca5d836
add CVE-2021-43778.yaml
2021-12-01 15:04:29 +08:00
GitHub Action
fb048c7972
Auto Generated CVE annotations [Tue Nov 30 18:51:32 UTC 2021] 🤖
2021-11-30 18:51:32 +00:00
Sandeep Singh
eb5a6ab341
Added CVE-2021-41266 ( #3229 )
...
Co-Authored-By: Lenin Alevski <1795553+Alevsk@users.noreply.github.com>
2021-12-01 00:19:41 +05:30
Prince Chaddha
d484fed316
Merge pull request #3224 from xShuden/master
...
Create CVE-2021-44427.yaml
2021-11-30 21:55:47 +04:00
Prince Chaddha
f6a952d4be
Update CVE-2021-44427.yaml
2021-11-30 23:23:31 +05:30
Prince Chaddha
ae078ecd51
Merge pull request #3223 from gy741/rule-add-v74
...
Create CVE-2021-41653.yaml
2021-11-30 20:54:55 +04:00
Prince Chaddha
0b82e570d1
Update CVE-2021-41653.yaml
2021-11-30 22:22:16 +05:30
Aaron Chen
38f147a716
create CVE-2021-41951 ( #3202 )
...
Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
2021-11-30 22:19:12 +05:30
Sandeep Singh
949cd0d5a6
CVE 2021 41951 ( #3226 )
...
* create CVE-2021-41951
Co-authored-by: Aaron Chen <aaronchen.lisp@gmail.com>
2021-11-30 22:15:32 +05:30
Furkan Sayım
3ae4c1b484
Create CVE-2021-44427.yaml
2021-11-30 16:56:38 +01:00
GwanYeong Kim
3dd0c78fff
Create CVE-2021-41653.yaml
...
The PING function on the TP-Link TL-WR840N EU v5 router with firmware through TL-WR840N(EU)_V5_171211 is vulnerable to remote code execution via a crafted payload in an IP address input field.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-11-30 14:35:25 +09:00
forgedhallpass
7ef4f90cf0
feat: CVE-2021-22053 ( #3220 )
...
* feat: CVE-2021-22053
2021-11-29 18:42:08 +05:30
GitHub Action
302227a09d
Auto Generated CVE annotations [Sun Nov 28 20:31:30 UTC 2021] 🤖
2021-11-28 20:31:30 +00:00
sandeep
d00dea3f6b
removed unwanted headers
2021-11-29 00:05:36 +05:30
sandeep
685c46640e
Added Apache Airflow - Unauthenticated variable Import
2021-11-28 23:47:12 +05:30
sandeep
63b23a4848
Added additional reference
2021-11-28 17:22:02 +05:30
sandeep
7345869864
Added additional matcher
2021-11-27 10:04:24 +05:30
rotemr
0595a1dcf1
Add template for CVE-2021-24278
2021-11-27 01:32:48 +02:00
alph4byt3
3c1ae20146
Create CVE-2021-27931.yaml
2021-11-25 17:39:09 +02:00
alph4byt3
f2ff7a1a7e
Create CVE-2021-30213.yaml
2021-11-24 17:43:59 +02:00
GitHub Action
2e3c57379f
Auto Generated CVE annotations [Tue Nov 23 03:59:46 UTC 2021] 🤖
2021-11-23 03:59:46 +00:00
Prince Chaddha
e787e67010
Update CVE-2021-43495.yaml
2021-11-23 07:46:15 +04:00
PikPikcU
05a366d141
Create CVE-2021-43495.yaml
2021-11-23 08:30:30 +07:00
sandeep
a175effdc4
Added few additional information
2021-11-20 17:19:24 +05:30
GitHub Action
440a0e7114
Auto Generated CVE annotations [Thu Nov 18 20:31:47 UTC 2021] 🤖
2021-11-18 20:31:47 +00:00
sandeep
a7594322a3
removed spaces
2021-11-19 01:40:36 +05:30
sandeep
cf34d5b0ee
Added Apache ShenYu Admin JWT authentication bypass (CVE-2021-37580)
2021-11-19 01:38:23 +05:30
Bourne Haber
ff16039083
Change word -> regex for type 'regex'
2021-11-16 23:51:30 +05:30
sandeep
b2aa8f9f5b
misc updates
2021-11-13 23:01:53 +05:30
sandeep
b0860f2275
Template update to confirm RCE
2021-11-13 16:36:43 +05:30
sandeep
0e9faf2419
misc updates
2021-11-13 00:37:40 +05:30
GitHub Action
d77afde6f2
Auto Generated CVE annotations [Fri Nov 12 19:00:28 UTC 2021] 🤖
2021-11-12 19:00:28 +00:00
sandeep
e649bcc493
template fix
2021-11-13 00:29:04 +05:30
Sandeep Singh
e50e82d61b
Merge pull request #3129 from httpvoid/master
...
Add CVE-2021-41349
2021-11-13 00:28:42 +05:30
rootxharsh
29bcd6b821
Add CVE-2021-41349
2021-11-12 23:55:15 +05:30
sandeep
ca0b7890dc
misc update
2021-11-11 14:35:58 +05:30
Sandeep Singh
c0d875c623
Update CVE-2021-42237.yaml
2021-11-11 14:32:24 +05:30
Prince Chaddha
e396e30ac5
Merge branch 'master' into master
2021-11-11 11:19:57 +05:30
Prince Chaddha
a6039654a1
Update CVE-2021-31602.yaml
2021-11-11 11:17:25 +05:30
Prince Chaddha
7a08bde65d
Update CVE-2021-42237.yaml
2021-11-11 11:16:37 +05:30
GitHub Action
206b056506
Auto Generated CVE annotations [Thu Nov 11 05:29:39 UTC 2021] 🤖
2021-11-11 05:29:39 +00:00
GitHub Action
2cfad99d03
Auto Generated CVE annotations [Wed Nov 10 16:04:38 UTC 2021] 🤖
2021-11-10 16:04:38 +00:00
sandeep
cb74944f43
misc updates
2021-11-08 15:45:54 +05:30
GitHub Action
268f6c7c86
Auto Generated CVE annotations [Mon Nov 8 06:51:55 UTC 2021] 🤖
2021-11-08 06:51:55 +00:00
GitHub Action
2f7b3d7e00
Auto Generated CVE annotations [Sat Nov 6 22:43:41 UTC 2021] 🤖
2021-11-06 22:43:41 +00:00
sandeep
2beb8767ff
Added CVE-2021-41174
2021-11-07 04:08:43 +05:30
Sandeep Singh
cd59d38e3d
Merge pull request #3083 from pussycat0x/master
...
Pentaho <= 9.1 Authentication Bypass of Spring APIs
2021-11-06 16:52:44 +05:30
sandeep
0963b5f289
Added stop-at-first-match
2021-11-06 16:52:33 +05:30
sandeep
1d4ff44b88
misc update
2021-11-06 16:51:03 +05:30
sandeep
5fa10c4b64
cves update
2021-11-06 12:34:04 +05:30
sandeep
3e12441f6d
matcher update
2021-11-06 03:56:14 +05:30
Prince Chaddha
c1e8682918
Update CVE-2021-31602.yaml
2021-11-05 21:20:29 +05:30
pussycat0x
70425f1be2
Update CVE-2021-31602.yaml
2021-11-05 14:11:44 +05:30
pussycat0x
802607241d
Update CVE-2021-31602.yaml
2021-11-05 13:59:09 +05:30
pussycat0x
153a00af52
Add files via upload
2021-11-05 13:45:21 +05:30
Pradeepch99
8c5987b2b2
Update CVE-2021-36260.yaml
2021-11-05 08:44:19 +05:30
ImNightmaree
acc8d46849
Updates "whoami" regex
...
Fixes #3060
2021-11-03 17:43:48 +00:00
GitHub Action
ba5d199dbb
Auto Generated CVE annotations [Tue Nov 2 20:23:01 UTC 2021] 🤖
2021-11-02 20:23:01 +00:00
sandeep
36bda42c27
misc update
2021-11-03 01:49:51 +05:30
Prince Chaddha
94c49907ce
Update CVE-2021-38704.yaml
2021-11-02 23:35:14 +05:30
Prince Chaddha
3541fb5754
Update CVE-2021-38704.yaml
2021-11-02 23:25:17 +05:30
Prince Chaddha
19ca42a3d6
Update CVE-2021-38704.yaml
2021-11-02 23:23:11 +05:30
Prince Chaddha
5e774b4e9b
Create CVE-2021-38704.yaml
2021-11-02 23:16:22 +05:30
Sandeep Singh
c2a167939e
Merge pull request #3031 from gy741/rule-add-v70
...
Create CVE-2021-31682.yaml
2021-10-31 17:09:29 +05:30
sandeep
fe6dbc8b4d
misc update
2021-10-31 16:56:16 +05:30
GitHub Action
4cc2a7a205
Auto Generated CVE annotations [Sat Oct 30 11:41:59 UTC 2021] 🤖
2021-10-30 11:41:59 +00:00
sandeep
8c3f98c767
fixed invalid template syntax
2021-10-30 16:47:35 +05:30
GwanYeong Kim
43629d5f49
Create CVE-2021-31682.yaml
...
The login portal for the Automated Logic WebCTRL/WebCTRL OEM web application contains a vulnerability that allows for reflected XSS attacks due to the operatorlocale GET parameter not being sanitized. This issue impacts versions 6.5 and below. This issue works by passing in a basic XSS payload to a vulnerable GET parameter that is reflected in the output without sanitization.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-10-30 19:36:29 +09:00
sandeep
9a7111c936
updating author details
2021-10-29 22:16:25 +05:30
sandeep
1fdf1ce10a
name update
2021-10-29 21:36:05 +05:30
sandeep
d6fbf8b35c
misc updates
2021-10-29 21:33:59 +05:30
GitHub Action
4236ca70b5
Auto Generated CVE annotations [Fri Oct 29 12:45:06 UTC 2021] 🤖
2021-10-29 12:45:07 +00:00
Dhiyaneshwaran
afbd8f0448
Create CVE-2021-20837.yaml
2021-10-29 18:13:32 +05:30
Sandeep Singh
ba04bc0d3a
Merge pull request #3022 from projectdiscovery/CVE-2021-36260
...
Added Hikvision RCE (CVE-2021-36260)
2021-10-29 17:09:01 +05:30
GitHub Action
b46d572636
Auto Generated CVE annotations [Fri Oct 29 10:29:18 UTC 2021] 🤖
2021-10-29 10:29:18 +00:00
sandeep
f635c80512
Adding metadata
2021-10-29 14:49:58 +05:30
sandeep
a451cfb48a
misc update
2021-10-29 14:24:20 +05:30
sandeep
8f4a90f33a
Added Hikvision RCE (CVE-2021-36260)
2021-10-29 13:47:09 +05:30
Prince Chaddha
3aadf53a95
Merge pull request #3014 from Mad-robot/patch-2
...
Create CVE-2021-42566.yaml
2021-10-29 00:29:05 +05:30
Prince Chaddha
e58e1ef96d
Update CVE-2021-42566.yaml
2021-10-29 00:25:45 +05:30
Prince Chaddha
7f9490d762
Update CVE-2021-42565.yaml
2021-10-29 00:25:12 +05:30
Prince Chaddha
263fb400e9
Update CVE-2021-42566.yaml
2021-10-29 00:22:29 +05:30
SaN ThosH
ca73e75974
Create CVE-2021-42566.yaml
2021-10-27 20:13:56 +05:30