Commit Graph

286 Commits (b75c2dde67670e76e9a77b9802063c0d830f36a7)

Author SHA1 Message Date
sandeep 9c66387f0f More CVEs Template 2021-07-26 22:48:45 +05:30
sandeep b990243906 uniform tags 2021-07-26 14:25:43 +05:30
sandeep 6ccc5f8792 matcher update to handle edge cases 2021-07-25 03:05:55 +05:30
Muhammad Daffa 3d90fd1047
Fix wrong regex matcher 2021-07-24 17:10:02 +07:00
sandeep e97e2a4f2a Template update 2021-07-24 06:22:48 +05:30
Sandeep Singh 4b444af3c4
Merge pull request #2125 from DhiyaneshGeek/master
17 New Templates Added
2021-07-24 03:26:09 +05:30
sandeep 7d72783090 WIP improvements 2021-07-22 16:32:37 +05:30
sandeep 938fdeec8f Added CVE-2021-34429 and fixed related templates 2021-07-22 15:23:19 +05:30
Dhiyaneshwaran 8d8f39c26f
Create CVE-2021-32820.yaml 2021-07-21 10:40:13 +05:30
Prince Chaddha 7020d17f13
Merge pull request #2107 from daffainfo/patch-90
Create CVE-2021-23241.yaml
2021-07-20 17:26:37 +05:30
sandeep 8f8105bb99 Update CVE-2021-23241.yaml 2021-07-20 16:00:00 +05:30
Prince Chaddha 41c9c3e3f9
Update CVE-2021-23241.yaml 2021-07-20 14:25:37 +05:30
Prince Chaddha 86a7fad73a
Update CVE-2021-23241.yaml 2021-07-20 14:23:39 +05:30
Prince Chaddha 1fc173982d
Update CVE-2021-21479.yaml 2021-07-20 14:22:31 +05:30
Muhammad Daffa c63bb91bdb
Create CVE-2021-23241.yaml 2021-07-20 15:52:10 +07:00
Prince Chaddha 94511129f6
Merge pull request #2076 from dwisiswant0/GHSL-2020-227
Server-Side Template Injection leading to unauthenticated Remote Code Execution in SCIMono - CVE-2021-21479
2021-07-20 14:20:31 +05:30
Prince Chaddha d738d2c9a3
Update CVE-2021-21479.yaml 2021-07-20 14:18:21 +05:30
Prince Chaddha b10b8a61b8
Update CVE-2021-21479.yaml 2021-07-20 14:16:30 +05:30
Prince Chaddha 0af69ac0fd
Update CVE-2021-21479.yaml 2021-07-20 14:15:45 +05:30
Muhammad Daffa 21809132da
Renamed to CVE-2021-24340.yaml 2021-07-20 13:36:04 +07:00
Prince Chaddha eb15971f16
Merge pull request #2096 from geeknik/patch-4
Create CVE-2021-26475.yaml
2021-07-20 11:53:45 +05:30
Sandeep Singh 6eee57115c
Merge pull request #2083 from projectdiscovery/fixing-xss-matchers
fixing-xss-matchers
2021-07-20 00:28:01 +05:30
sandeep 9d19d5fb5b description update 2021-07-20 00:12:01 +05:30
sandeep 13d26d8c6d moving files around 2021-07-20 00:10:30 +05:30
Geeknik Labs 39acc90454
Create CVE-2021-26475.yaml
CVE-2021-26475 -- EPrints 3.4.2 exposes a reflected XSS opportunity in the via a cgi/cal URI.
2021-07-19 08:34:21 -05:00
sandeep eec253fdd8 minor update 2021-07-19 16:53:47 +05:30
Prince Chaddha 707083438e
Update CVE-2021-24389.yaml 2021-07-19 11:37:51 +05:30
Prince Chaddha 751f4e099c
Update CVE-2021-24335.yaml 2021-07-19 11:37:18 +05:30
Prince Chaddha c8ee50bd9b
Update CVE-2021-24320.yaml 2021-07-19 11:36:45 +05:30
Prince Chaddha 06a82e2c78
Update CVE-2021-24298.yaml 2021-07-19 11:36:11 +05:30
Suman Kar 77fd227376
Update CVE-2021-24498.yaml 2021-07-19 10:45:58 +05:30
Suman Kar 556a94136b Calendar Event Multi View < 1.4.01 - Unauthenticated Reflected Cross-Site Scripting (XSS) 2021-07-19 10:40:50 +05:30
Sandeep Singh f9c8314092
Merge pull request #2077 from gy741/rule-add-v27
Create Advantech R-SeeNet Multiple Reflected XSS vulnerabilities
2021-07-18 23:17:40 +05:30
sandeep c56680cef3 Additional matcher 2021-07-18 23:14:19 +05:30
Sandeep Singh 9971674b36
Update CVE-2021-21479.yaml 2021-07-18 22:54:34 +05:30
sandeep 3088fb5431 Removing CVE-2021-24213
As per blog - https://bentl.ee/posts/cve-givewp/

> This vulnerability requires user interaction from an admin in order to be exploited.
2021-07-18 22:39:37 +05:30
sandeep 76e95ac1e5 Minor improvements 2021-07-18 22:36:15 +05:30
Dhiyaneshwaran 22fa4de8d8
Update CVE-2021-21307.yaml 2021-07-18 19:33:28 +05:30
Dhiyaneshwaran e692d81999
Update CVE-2021-21307.yaml 2021-07-18 19:24:46 +05:30
Dhiyaneshwaran 0a8d2ffdcc
Create CVE-2021-21307.yaml 2021-07-18 19:19:19 +05:30
GwanYeong Kim 4414ff60db Create Advantech R-SeeNet Multiple Reflected XSS vulnerabilities
This vulnerability is present in device_graph_page.php script, which is a part of the Advantech R-SeeNet web applications. A specially crafted URL by an attacker and visited by a victim can lead to arbitrary JavaScript code execution.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-07-18 22:12:01 +09:00
Dhiyaneshwaran 0a01f0cd79
Create CVE-2021-24213.yaml 2021-07-18 16:44:57 +05:30
Dwi Siswanto e4b2316bf0 Add CVE-2021-21479 2021-07-18 11:11:56 +07:00
Prince Chaddha 33a0ede229
Merge pull request #2009 from gy741/rule-add-v24
Create CVE-2020-26919, CVE-2020-25506, OptiLink ONT1GEW GPON RCE, CVE-2021-31755
2021-07-16 18:04:52 +05:30
Prince Chaddha 456f5d6b15
Merge pull request #2014 from daffainfo/patch-57
Create CVE-2021-24320.yaml
2021-07-15 14:51:34 +05:30
Prince Chaddha d00d4f37f5
Update CVE-2021-24320.yaml 2021-07-15 14:43:35 +05:30
Prince Chaddha 39def9b6e1
Merge pull request #2008 from daffainfo/patch-53
Create CVE-2021-24335.yaml
2021-07-15 14:35:27 +05:30
Prince Chaddha d73599eb3c
Merge pull request #2006 from daffainfo/patch-51
Create CVE-2021-24389.yaml
2021-07-15 14:32:09 +05:30
Prince Chaddha 799e7109c3
Update CVE-2021-24389.yaml 2021-07-15 14:30:23 +05:30
Prince Chaddha 7a1e276d7b
Update CVE-2021-24335.yaml 2021-07-15 14:27:55 +05:30