daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
488 Commits
17 Branches
0 Tags
165 MiB
Commit Graph

112 Commits (b8f26dd6ba3a90a93c5f0ab7bf99286be6b287c8)

Author SHA1 Message Date
bauthard 906e6e918d
Update CVE-2017-7529.yaml 2020-06-30 16:54:48 +05:30
Harsh Bothra dbaa71a763
Create CVE-2017-7529.yaml 
Remote Integer Overflow in Nginx allows an attacker to extract sensitive information from memory buffer by triggering specially crafted requests.
 2020-06-30 16:44:33 +05:30
bauthard 2f59c74b28
Update CVE-2019-8449.yaml 2020-06-30 16:31:20 +05:30
bauthard fc95489690
Update CVE-2019-8449.yaml 2020-06-30 16:13:35 +05:30
Harsh Bothra d6027b67d2
Create CVE-2019-8449.yaml 
CVE-2019-8449 which allows an Unauthenticated Attacker to enumerate all the users and their information such as Username, Avatars, Emails, Keys, etc.
Reference - https://www.doyler.net/security-not-included/more-jira-enumeration
 2020-06-30 16:06:15 +05:30
bauthard ba30333045
updating trailing space 2020-06-30 15:55:45 +05:30
Harsh Bothra 53a47cc1bc
Create CVE-2018-11409.yaml 
CVE-2018-11409  allows an unauthenticated user to get sensitive information such as license key from a Splunk instance by appending /__raw/services/server/info/server-info?output_mode=json to a query.
 2020-06-30 15:49:43 +05:30
bauthard b9ea4ecaf3
Update CVE-2020-12720.yaml 2020-06-30 02:04:13 +05:30
bauthard c718848a88
Update CVE-2020-8512.yaml 2020-06-30 01:59:13 +05:30
bauthard 01378933c6
Update CVE-2020-12720.yaml 2020-06-29 19:25:45 +05:30
bauthard 75e2166cc5
updating CVE-2020-12720 2020-06-29 19:24:56 +05:30
bauthard 084a745600 added CVE-2020-8512 2020-06-26 09:14:54 +05:30
bauthard 2d56871bd0
Update CVE-2019-3799.yaml 2020-06-23 03:22:51 +05:30
bauthard 2d8efb04ba
Update CVE-2018-20824.yaml 2020-06-23 03:21:54 +05:30
bauthard d8a79274ae
Update CVE-2018-19439.yaml 2020-06-23 03:17:00 +05:30
bauthard b7103a2197 Pushing newly added cves 2020-06-22 19:05:37 +05:30
bauthard 32d9373273
adding more path with recent PR 2020-06-22 03:50:29 +05:30
bauthard 3b3ab42984
Merge pull request #144 from maverickNerd/master 
Add directory traversal CVE-2020-5410 affecting Spring Cloud Config
 2020-06-18 16:48:30 +05:30
Sachin Grover 68450463c2 Add directory traversal CVE-2020-5410 affecting Spring Cloud Config Server 2020-06-18 10:16:29 +00:00
bauthard 48e9534630
Removing CVE-2020-7473 
I will try to find a more stable syntax and will add it again.
 2020-06-18 00:00:00 +05:30
Sachin Grover fea47dd3f5 Add CVE-2018-1000129 and version detection is enabled for port 8080 also 2020-06-17 09:18:49 +00:00
Aditya Soni d72794b4d8
Create CVE-2018-1271.yaml 2020-06-03 06:23:25 +05:30
Fabian Affolter d3b7f6b54c
Update syntax 2020-05-25 09:49:06 +02:00
bauthard 5d5647b05e updated CVE-2019-5418 2020-05-24 03:55:32 +00:00
bauthard 999fbd9daf
updating severity 2020-05-24 09:20:13 +05:30
Andrea c0bf01de1a improve wp cve admin 2020-05-23 10:09:09 +02:00
Andrea 4132f3d7af Merge remote-tracking branch 'upstream/master' 2020-05-23 10:08:02 +02:00
bauthard 7a6e1d181b
added CVE-2020-12720 vBulletin SQLI 2020-05-22 03:24:16 +05:30
bauthard 4a33940a37
Added CVE-2020-12720 vBulletin SQLI 2020-05-22 03:17:20 +05:30
Regala 03e957b0df
Update CVE-2020-7473.yaml 2020-05-19 13:55:49 +01:00
Regala a2433d86a4
Update CVE-2020-7473.yaml 
Updated to support 2xx and 3xx status code, as well as accepting redirects just in case.
 2020-05-19 11:45:31 +01:00
Regala 5316f5dbcc
Update CVE-2020-7473.yaml 
This is to avoid false positives. I think it would be better to only match 2xx and 3xx status code (don't know if nuclei supports this terminology)
 2020-05-18 11:14:04 +01:00
bauthard 601b3c086d
Merge pull request #87 from 73735/front-page-misconfig.yaml 
Add front-page-misconfig.yaml
 2020-05-16 15:38:39 +05:30
João Teles 7a37488076
Update CVE-2020-7473.yaml 
Ready guys. Now the template will check for size. I didn't implement the "HEAD" method because the nuclei is not supported.
 2020-05-15 20:59:23 -03:00
Nadino92 7b88d4258e adding 2 cves and crxde 2020-05-14 19:54:02 +02:00
bauthard 0d5b682e94 updating cve names 2020-05-08 18:40:02 +00:00
Andrea fc797a94e1 fix crash for {{ 2020-05-08 18:31:59 +02:00
Michael Blake 339ac74114 Prevent false-positives for CVE-2019-19368 2020-05-07 21:47:47 -07:00
Michael Blake fe2efe6124 CVE-2019-14974 check and severity update 2020-05-07 21:45:25 -07:00
Joao Teles d22d0745d2 Add CVE-2020-7473.yaml 2020-05-07 10:15:25 -03:00
organiccrap 413c126c29 pending pull 2020-04-22 14:42:01 +08:00
Prince Chaddha dc58dc9f0d
Update CVE-2018-1247.yaml 2020-04-20 17:49:55 +05:30
bauthard 01d665867f
Update CVE-2019-8903.yaml 2020-04-15 17:38:14 +05:30
bauthard 7a676dc859
Update CVE-2020-5284.yaml 2020-04-15 17:36:26 +05:30
bauthard 1c6ae2caeb
Update CVE-2019-10475.yaml 2020-04-10 02:24:19 +05:30
bauthard 8314cf90b7
fixing the template 2020-04-10 02:15:42 +05:30
bauthard 4d5bdb15e4
updating temp 2020-04-10 01:51:15 +05:30
bauthard 50b1085603
updating matchers 2020-04-09 20:09:41 +05:30
bauthard 84c9d6581b
fixing the template 2020-04-09 18:32:30 +05:30
bauthard cf61253752
Rename uWSGI PHP Plugin Directory Traversal.yaml to CVE-2018-7490.yaml 2020-04-08 22:15:03 +05:30