Commit Graph

3303 Commits (b90d0b7e3e8015070bd60d2c7cb2565d5f5f95f2)

Author SHA1 Message Date
sandeep 2b38dce99c updated with improved matchers 2021-11-06 12:51:30 +05:30
sandeep 5fa10c4b64 cves update 2021-11-06 12:34:04 +05:30
Valerio Preti 41464ac737 create check for cve-2019-2578 2021-11-06 01:24:41 +01:00
Valerio Preti fe5385e932 create check for cve-2018-3238 2021-11-06 00:51:54 +01:00
Valerio Preti 69fc4c04c2 improve wcs cve-2018-2791 vulnerability check 2021-11-06 00:48:10 +01:00
sandeep 3e12441f6d matcher update 2021-11-06 03:56:14 +05:30
Prince Chaddha 371d3354b9
Create CVE-2016-3088.yaml 2021-11-06 00:42:00 +05:30
Prince Chaddha 46a1ecd36a
Merge pull request #3075 from Akokonunes/patch-67
Create CVE-2017-5982.yaml
2021-11-05 21:31:39 +05:30
Prince Chaddha e1cbedaaff
Rename CVE-2017-5982.yaml to cves/2017/CVE-2017-5982.yaml 2021-11-05 21:29:06 +05:30
Prince Chaddha 7558d674de
Merge pull request #3079 from pradeepch99/master
Update CVE-2021-36260.yaml
2021-11-05 21:28:35 +05:30
Prince Chaddha c1e8682918
Update CVE-2021-31602.yaml 2021-11-05 21:20:29 +05:30
GitHub Action c7baa07310 Auto Generated CVE annotations [Fri Nov 5 15:44:13 UTC 2021] 🤖 2021-11-05 15:44:13 +00:00
Prince Chaddha eef71d5cb8
Update CVE-2019-3929.yaml 2021-11-05 21:07:40 +05:30
Prince Chaddha 3c7d239415
Update CVE-2019-3929.yaml 2021-11-05 20:59:47 +05:30
Prince Chaddha 626b97e368
Create CVE-2019-3929.yaml 2021-11-05 20:58:18 +05:30
pussycat0x 70425f1be2
Update CVE-2021-31602.yaml 2021-11-05 14:11:44 +05:30
pussycat0x 802607241d
Update CVE-2021-31602.yaml 2021-11-05 13:59:09 +05:30
pussycat0x 153a00af52
Add files via upload 2021-11-05 13:45:21 +05:30
Pradeepch99 8c5987b2b2
Update CVE-2021-36260.yaml 2021-11-05 08:44:19 +05:30
sandeep 8eb67ca3f7 additional matcher 2021-11-05 04:48:10 +05:30
ImNightmaree 2fc9a1f850
Updates CVE-2017-10271
Partially resolves #609 - not all machines have HTTP connectivity, nslookup is native to Windows and Linux, and a good alternative.
2021-11-04 13:44:56 +00:00
Huy Nguyen 78189af295
Fix for potential false positives
See also following issue: https://github.com/projectdiscovery/nuclei-templates/issues/3065
2021-11-04 12:07:38 +01:00
ImNightmaree acc8d46849
Updates "whoami" regex
Fixes #3060
2021-11-03 17:43:48 +00:00
GitHub Action e70531ebca Auto Generated CVE annotations [Wed Nov 3 06:21:45 UTC 2021] 🤖 2021-11-03 06:21:45 +00:00
Prince Chaddha fd9e89e0db
Create CVE-2018-18570.yaml 2021-11-03 11:36:30 +05:30
GitHub Action ba5d199dbb Auto Generated CVE annotations [Tue Nov 2 20:23:01 UTC 2021] 🤖 2021-11-02 20:23:01 +00:00
sandeep 36bda42c27 misc update 2021-11-03 01:49:51 +05:30
Prince Chaddha 94c49907ce
Update CVE-2021-38704.yaml 2021-11-02 23:35:14 +05:30
Prince Chaddha 3541fb5754
Update CVE-2021-38704.yaml 2021-11-02 23:25:17 +05:30
Prince Chaddha 19ca42a3d6
Update CVE-2021-38704.yaml 2021-11-02 23:23:11 +05:30
Prince Chaddha 5e774b4e9b
Create CVE-2021-38704.yaml 2021-11-02 23:16:22 +05:30
forgedhallpass 5c3bbbb740 Update SSH user enum templates
SSH header structure:
SSH-protoversion-softwareversion[SPcomments]CRLF

see: https://datatracker.ietf.org/doc/html/rfc4253#section-4.2
2021-11-01 20:34:47 +02:00
Prince Chaddha c26924f7d8
Merge pull request #3037 from Akokonunes/patch-65
Create CVE-2019-16123.yaml
2021-11-01 14:34:18 +05:30
Prince Chaddha 95b6237e37
Update and rename CVE-2019-16123.yaml to cves/2019/CVE-2019-16123.yaml 2021-11-01 14:28:28 +05:30
Sandeep Singh c2a167939e
Merge pull request #3031 from gy741/rule-add-v70
Create CVE-2021-31682.yaml
2021-10-31 17:09:29 +05:30
sandeep fe6dbc8b4d misc update 2021-10-31 16:56:16 +05:30
sandeep 107679bd9a matcher + added version extractors 2021-10-30 19:26:12 +05:30
GitHub Action 4cc2a7a205 Auto Generated CVE annotations [Sat Oct 30 11:41:59 UTC 2021] 🤖 2021-10-30 11:41:59 +00:00
sandeep 8c3f98c767 fixed invalid template syntax 2021-10-30 16:47:35 +05:30
GwanYeong Kim 43629d5f49 Create CVE-2021-31682.yaml
The login portal for the Automated Logic WebCTRL/WebCTRL OEM web application contains a vulnerability that allows for reflected XSS attacks due to the operatorlocale GET parameter not being sanitized. This issue impacts versions 6.5 and below. This issue works by passing in a basic XSS payload to a vulnerable GET parameter that is reflected in the output without sanitization.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-10-30 19:36:29 +09:00
sandeep 9a7111c936 updating author details 2021-10-29 22:16:25 +05:30
sandeep 1fdf1ce10a name update 2021-10-29 21:36:05 +05:30
sandeep d6fbf8b35c misc updates 2021-10-29 21:33:59 +05:30
GitHub Action 4236ca70b5 Auto Generated CVE annotations [Fri Oct 29 12:45:06 UTC 2021] 🤖 2021-10-29 12:45:07 +00:00
Dhiyaneshwaran afbd8f0448
Create CVE-2021-20837.yaml 2021-10-29 18:13:32 +05:30
Sandeep Singh ba04bc0d3a
Merge pull request #3022 from projectdiscovery/CVE-2021-36260
Added Hikvision RCE (CVE-2021-36260)
2021-10-29 17:09:01 +05:30
GitHub Action b46d572636 Auto Generated CVE annotations [Fri Oct 29 10:29:18 UTC 2021] 🤖 2021-10-29 10:29:18 +00:00
Sandeep Singh fe19393cb0
Merge pull request #3011 from meme-lord/master
Added CVE-2017-0929 (DNN SSRF)
2021-10-29 15:57:35 +05:30
sandeep 4024822ddf misc updates 2021-10-29 15:56:24 +05:30
sandeep f635c80512 Adding metadata 2021-10-29 14:49:58 +05:30
sandeep a451cfb48a misc update 2021-10-29 14:24:20 +05:30
sandeep 8f4a90f33a Added Hikvision RCE (CVE-2021-36260) 2021-10-29 13:47:09 +05:30
Prince Chaddha 3aadf53a95
Merge pull request #3014 from Mad-robot/patch-2
Create CVE-2021-42566.yaml
2021-10-29 00:29:05 +05:30
Prince Chaddha e58e1ef96d
Update CVE-2021-42566.yaml 2021-10-29 00:25:45 +05:30
Prince Chaddha 7f9490d762
Update CVE-2021-42565.yaml 2021-10-29 00:25:12 +05:30
Prince Chaddha 263fb400e9
Update CVE-2021-42566.yaml 2021-10-29 00:22:29 +05:30
SaN ThosH ca73e75974
Create CVE-2021-42566.yaml 2021-10-27 20:13:56 +05:30
SaN ThosH 0675ba8c67
Update and rename CVE-2021-42566.yaml to CVE-2021-42565.yaml 2021-10-27 20:10:59 +05:30
SaN ThosH bbe3e7b542
Create CVE-2021-42566.yaml 2021-10-27 20:08:59 +05:30
Sandeep Singh 8ac7370a79
Merge pull request #3010 from nrathaus/master
Add description
2021-10-27 18:36:55 +05:30
sandeep 2d19236680 misc update 2021-10-27 18:21:06 +05:30
sandeep 6490a968b3 Added GitLab CE/EE Unauthenticated RCE using ExifTool (CVE-2021-22205) 2021-10-27 18:01:04 +05:30
GitHub Action 46321e321c Auto Generated CVE annotations [Wed Oct 27 12:05:42 UTC 2021] 🤖 2021-10-27 12:05:42 +00:00
meme-lord 70c90bba84 Added CVE-2017-0929 (DNN SSRF) 2021-10-27 13:03:45 +01:00
Noam Rathaus 376c63189d Add description 2021-10-27 14:07:22 +03:00
Chill3d e6d40037c5
Typo on rocketchat tag 2021-10-27 10:30:43 +02:00
GitHub Action 7ccaf4c07a Auto Generated CVE annotations [Tue Oct 26 18:33:18 UTC 2021] 🤖 2021-10-26 18:33:18 +00:00
Prince Chaddha c72328203a
Merge pull request #2994 from Akokonunes/patch-62
Create CVE-2015-5471.yaml
2021-10-27 00:01:40 +05:30
GitHub Action 2c6367720e Auto Generated CVE annotations [Tue Oct 26 18:30:55 UTC 2021] 🤖 2021-10-26 18:30:55 +00:00
Prince Chaddha 8178635b45
Update CVE-2015-5471.yaml 2021-10-26 23:58:12 +05:30
Prince Chaddha 4b3c46a773
Update CVE-2016-1000136.yaml 2021-10-26 23:51:04 +05:30
sandeep 1e9218db98 moving files around 2021-10-26 15:13:55 +05:30
sandeep 41e0b65e79 Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates into pr/2990 2021-10-26 15:03:54 +05:30
sandeep 2fa9791bdc misc update 2021-10-26 14:32:23 +05:30
sandeep 1986e1211d Adding condition between word matcher 2021-10-26 14:25:37 +05:30
Dwi Siswanto 9773130879 Remove blank lines 2021-10-26 15:31:41 +07:00
Dwi Siswanto bf7070dbc7 Add CVE-2021-42258 2021-10-26 15:26:22 +07:00
Muhammad Daffa f37ac4f60b
Create CVE-2016-1000136.yaml 2021-10-25 20:05:08 +07:00
Prince Chaddha 1db2405c25
Create CVE-2021-36749.yaml 2021-10-25 17:30:48 +05:30
GitHub Action ed4d1afd12 Auto Generated CVE annotations [Fri Oct 22 09:40:47 UTC 2021] 🤖 2021-10-22 09:40:47 +00:00
sandeep 41be58c633 misc update 2021-10-22 15:09:15 +05:30
Sandeep Singh b8aaf28eb6
Merge pull request #2901 from lethargynavigator/master
CVE-2020-24589 template
2021-10-21 22:27:25 +05:30
sandeep e7768bb348 misc update 2021-10-21 22:25:42 +05:30
lethargynavigator 15a8208fc6 full poc 2021-10-21 11:02:55 -04:00
GitHub Action 7cfaf6c7dd Auto Generated CVE annotations [Thu Oct 21 10:43:47 UTC 2021] 🤖 2021-10-21 10:43:47 +00:00
Prince Chaddha 9d80a9d0d9
Merge pull request #2929 from daffainfo/patch-239
Create CVE-2016-1000143.yaml
2021-10-21 16:12:25 +05:30
Prince Chaddha b39200b8e4
Update CVE-2021-33044.yaml 2021-10-21 15:47:46 +05:30
Philippe Delteil 56b0f60d5a
Update CVE-2021-41773.yaml
Fixes false positive due to IPS/ 

 'Request denied by WatchGuard Firewall.</p><p><b> Reason: </b> IPS detected for "WEB Apache HTTP Server Path traversal (CVE-2021-41773)"'
2021-10-21 00:57:23 -03:00
Sandeep Singh a21cec6362
Merge pull request #2844 from projectdiscovery/more-fixes
Changes to adopt v2.5.3 engine
2021-10-21 07:21:20 +05:30
Sandeep Singh df54ed28f7
Merge pull request #2942 from projectdiscovery/CVE-2019-2729
Added CVE-2019-2729 (Oracle WebLogic  RCE)
2021-10-21 05:42:29 +05:30
sandeep 323da341b2 Added CVE-2019-2729 (Oracle WebLogic RCE) 2021-10-21 05:37:30 +05:30
GitHub Action f05e7364ca Auto Generated CVE annotations [Wed Oct 20 22:40:20 UTC 2021] 🤖 2021-10-20 22:40:20 +00:00
Muhammad Daffa 8ac553e844
Create CVE-2016-1000143.yaml 2021-10-19 22:21:58 +07:00
Prince Chaddha 10ebb22fb8
Merge pull request #2910 from gy741/rule-add-v65
Create CVE-2021-20031.yaml
2021-10-19 18:23:40 +05:30
Prince Chaddha 181dda73ec
Update CVE-2021-33044.yaml 2021-10-19 17:44:06 +05:30
GwanYeong Kim 02655a9f22 Create CVE-2021-33044.yaml
The identity authentication bypass vulnerability found in some Dahua products during the login process. Attackers can bypass device identity authentication by constructing malicious data packets.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-10-19 12:50:07 +09:00
sandeep 3175b12b22 Additional matcher 2021-10-19 03:19:32 +05:30
sandeep 33badb66d1 oob tags update 2021-10-19 02:10:26 +05:30
Prince Chaddha 2d83f055b4
Merge pull request #2908 from DhiyaneshGeek/master
CVE-2020-10770
2021-10-18 21:06:32 +05:30
Prince Chaddha fc81dd3b24
Update CVE-2020-10770.yaml 2021-10-18 21:03:29 +05:30
Prince Chaddha 9e37e202bd
Update CVE-2021-20031.yaml 2021-10-18 20:55:47 +05:30
Prince Chaddha 6346c6e93a
Update CVE-2021-20031.yaml 2021-10-18 20:52:36 +05:30
GitHub Action d2d4d01846 Auto Generated CVE annotations [Mon Oct 18 15:19:41 UTC 2021] 🤖 2021-10-18 15:19:41 +00:00
Prince Chaddha 09d4e1ea28
Merge pull request #2912 from wisnupramoedya/patch-2
Create CVE-2018-10823.yaml
2021-10-18 20:48:20 +05:30
Prince Chaddha 1753507a39
Merge pull request #2911 from wisnupramoedya/patch-1
Create CVE-2018-10093.yaml
2021-10-18 20:47:51 +05:30
GitHub Action 0762d645fb Auto Generated CVE annotations [Mon Oct 18 15:16:57 UTC 2021] 🤖 2021-10-18 15:16:57 +00:00
Prince Chaddha 868264f839
Update CVE-2018-10823.yaml 2021-10-18 20:46:01 +05:30
Prince Chaddha 9f30aa203b
Merge pull request #2913 from wisnupramoedya/patch-3
Create CVE-2018-13980.yaml
2021-10-18 20:45:06 +05:30
GitHub Action 79656346cd Auto Generated CVE annotations [Mon Oct 18 15:14:58 UTC 2021] 🤖 2021-10-18 15:14:58 +00:00
Wisnu Pramoedya cf1b818d5b
Create CVE-2018-12054.yaml 2021-10-18 20:04:38 +07:00
Wisnu Pramoedya 89f9d65d7d
Create CVE-2018-13980.yaml 2021-10-18 20:00:57 +07:00
Wisnu Pramoedya 7d007d29f0
Create CVE-2018-10823.yaml 2021-10-18 19:56:22 +07:00
Wisnu Pramoedya 98d8a15123
Create CVE-2018-10093.yaml 2021-10-18 19:44:09 +07:00
GwanYeong Kim c7fc202ef1 Create CVE-2021-20031.yaml
A Host Header Injection vulnerability may allow an attacker to spoof a particular Host header, allowing the attacker to render arbitrary links that point to a malicious website with poisoned Host header webpages. An issue was discovered in Sonicwall NAS, SonicWall Analyzer version 8.5.0 (may be affected on other versions too). The values of the 'Host' headers are implicitly set as trusted while this should be forbidden, leading to potential host header injection attack and also the affected hosts can be used for domain fronting. This means affected hosts can be used by attackers to hide behind during various other attack

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-10-18 08:24:29 +09:00
sandeep a614391d3f Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates into more-fixes 2021-10-18 03:14:44 +05:30
GitHub Action e8218febf5 Auto Generated CVE annotations [Sun Oct 17 16:03:20 UTC 2021] 🤖 2021-10-17 16:03:20 +00:00
Dhiyaneshwaran a9eca98f7f
Update CVE-2020-10770.yaml 2021-10-17 21:31:55 +05:30
Dhiyaneshwaran 9c8d006dbe
Create CVE-2020-10770.yaml 2021-10-17 21:29:45 +05:30
GitHub Action dfc4a64fdc Auto Generated CVE annotations [Sun Oct 17 11:26:16 UTC 2021] 🤖 2021-10-17 11:26:16 +00:00
Prince Chaddha bd2e856174
Merge pull request #2902 from Akokonunes/patch-57
Create CVE-2015-4694.yaml
2021-10-17 16:55:03 +05:30
Prince Chaddha 39ab764bfa
Update CVE-2015-4694.yaml 2021-10-17 08:03:02 +05:30
Prince Chaddha d461c1f77c
Update and rename CVE-2015-4694.yaml to cves/2015/CVE-2015-4694.yaml 2021-10-17 08:01:28 +05:30
GitHub Action dc22f77a50 Auto Generated CVE annotations [Sun Oct 17 02:21:14 UTC 2021] 🤖 2021-10-17 02:21:14 +00:00
lethargynavigator 2871cc6b02 CVE-2020-24589 template 2021-10-15 20:37:03 -04:00
Philippe Delteil 794dfb0bbe
Update CVE-2019-6340.yaml
Solves cases when the source code contains only uid= and gid=  (e.g. https://account.mail.ru)

``nuclei -debug -t ~/nuclei-templates/cves/2019/CVE-2019-6340.yaml -u https://account.mail.ru``
2021-10-15 04:01:39 -03:00
GitHub Action 1833c3de19 Auto Generated CVE annotations [Thu Oct 14 20:34:25 UTC 2021] 🤖 2021-10-14 20:34:25 +00:00
sandeep 1ef07b6ad9 Added CVE-2021-40438 2021-10-15 01:29:52 +05:30
sandeep 42cc6d9507 Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates into more-fixes 2021-10-14 23:51:16 +05:30
sandeep 46fafc5a16 Merge branch 'master' of https://github.com/nrathaus/nuclei-templates into pr/2893 2021-10-14 20:11:47 +05:30
sandeep ac9cbb54b0 tags update 2021-10-14 20:10:59 +05:30
GitHub Action b025811dd2 Auto Generated CVE annotations [Thu Oct 14 14:40:51 UTC 2021] 🤖 2021-10-14 14:40:51 +00:00
sandeep 58ebf6b043 Merge branch 'master' of https://github.com/nrathaus/nuclei-templates into pr/2893 2021-10-14 20:09:00 +05:30
sandeep aad97c084c misc update 2021-10-14 20:08:44 +05:30
GitHub Action e8a32dbbf7 Auto Generated CVE annotations [Thu Oct 14 14:37:07 UTC 2021] 🤖 2021-10-14 14:37:07 +00:00
sandeep f9f4e3327e moving files around 2021-10-14 20:05:25 +05:30
Prince Chaddha 83dd71fe27
Merge pull request #2890 from pdelteil/patch-71
Update CVE-2021-41773.yaml
2021-10-14 16:25:15 +05:30
GitHub Action e1adf856e4 Auto Generated CVE annotations [Thu Oct 14 10:52:45 UTC 2021] 🤖 2021-10-14 10:52:45 +00:00
Philippe Delteil 742677870a
Update CVE-2021-41773.yaml
shodan query added
2021-10-14 03:52:10 -03:00
Prince Chaddha 1e4fae76a3
Update CVE-2021-40978.yaml 2021-10-14 09:23:48 +05:30
PikPikcU b22eb1ba01
Create CVE-2021-40978.yaml 2021-10-14 08:37:46 +07:00
GitHub Action 708adea285 Auto Generated CVE annotations [Wed Oct 13 08:57:56 UTC 2021] 🤖 2021-10-13 08:57:56 +00:00
Sandeep Singh 9273a765c0
Merge branch 'master' into more-fixes 2021-10-13 13:48:52 +05:30
Noam Rathaus 452b4c10ea Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates 2021-10-12 15:45:23 +03:00
Prince Chaddha 58e277f87d
Update CVE-2017-12544.yaml 2021-10-12 10:30:56 +05:30
Divya 2a6acf66e7
Add CVE-2017-12544.yaml
Template for HPE System Management XSS (CVE-2017-12544)
2021-10-12 00:08:39 -04:00
Prince Chaddha ca5c28faa2
Merge pull request #2874 from daffainfo/patch-237
Create CVE-2015-2067.yaml
2021-10-11 18:27:34 +05:30
Prince Chaddha 2d3c3a1382
Update CVE-2015-2068.yaml 2021-10-11 17:35:38 +05:30
Prince Chaddha c8d7f08e3c
Update CVE-2015-2068.yaml 2021-10-11 17:33:46 +05:30
Prince Chaddha dace44b3af
Update CVE-2015-2068.yaml 2021-10-11 17:32:29 +05:30
Muhammad Daffa 13fe132913
Create CVE-2015-2068.yaml 2021-10-11 18:28:08 +07:00
GitHub Action d7cd9a21de Auto Generated CVE annotations [Mon Oct 11 11:27:30 UTC 2021] 🤖 2021-10-11 11:27:30 +00:00
Muhammad Daffa 7cd433faf9
Create CVE-2015-2067.yaml 2021-10-11 18:24:36 +07:00
Prince Chaddha b9a2afe546
Update CVE-2018-9205.yaml 2021-10-11 16:53:15 +05:30
Muhammad Daffa 55caa61c96
Create CVE-2018-9205.yaml 2021-10-11 18:22:14 +07:00
GitHub Action 5cf090ddec Auto Generated CVE annotations [Sun Oct 10 22:40:30 UTC 2021] 🤖 2021-10-10 22:40:30 +00:00
Sandeep Singh 966e3d0947
Merge pull request #2866 from Akokonunes/patch-53
Create lotus-core-cms-lfi.yaml
2021-10-11 04:09:11 +05:30
sandeep d76884c109 moving files around 2021-10-11 04:07:10 +05:30
Noam Rathaus 59a6cef7fb Missing 'a' 2021-10-10 16:07:15 +03:00
sandeep 665e3f15e5 dynamic match 2021-10-10 18:27:15 +05:30
sandeep 5072932509 more updates 2021-10-10 06:43:30 +05:30
sandeep 9b1c57506b Updating CVE-2021-41773 / CVE-2021-42013 to include RCE check 2021-10-10 06:00:43 +05:30
Sandeep Singh 0b0a3f8cb3
Merge pull request #2862 from pdelteil/patch-69
Update CVE-2014-2383.yaml
2021-10-09 16:38:02 +05:30
Sandeep Singh 0c92eb7fa2
Update CVE-2014-2383.yaml 2021-10-09 16:37:50 +05:30
Philippe Delteil a1fabc1fd8
Update CVE-2014-2383.yaml 2021-10-09 02:16:16 -03:00
Philippe Delteil 6e12239302
Update CVE-2017-7615.yaml 2021-10-09 02:15:09 -03:00
Sandeep Singh 6800183f43
Merge pull request #2856 from projectdiscovery/CVE-2019-18818-fix
Added missing condition for CVE-2019-18818
2021-10-08 19:30:56 +05:30
sandeep 1bdafa4474 Added missing condition for CVE-2019-18818 2021-10-08 19:28:24 +05:30
GitHub Action 462a599f56 Auto Generated CVE annotations [Fri Oct 8 13:57:22 UTC 2021] 🤖 2021-10-08 13:57:22 +00:00
Sandeep Singh b58e2973ca
Merge pull request #2855 from geeknik/patch-34
Create CVE-2021-39327.yaml
2021-10-08 19:25:53 +05:30
sandeep 0e51fefd4b misc update 2021-10-08 19:23:59 +05:30
GitHub Action 87c57ed4ac Auto Generated CVE annotations [Fri Oct 8 13:40:21 UTC 2021] 🤖 2021-10-08 13:40:21 +00:00
Geeknik Labs 9e913ddb8e
Update CVE-2021-39327.yaml 2021-10-08 08:36:01 -05:00
Geeknik Labs cc38e20d14
Create CVE-2021-39327.yaml 2021-10-08 08:31:41 -05:00
sandeep b2fec03884 misc update 2021-10-08 02:42:44 +05:30
Naveen Sunkavally dce764380c yaml typo 2021-10-07 15:36:29 -04:00
Naveen Sunkavally 9384dd235e template for CVE-2021-42013.yaml 2021-10-07 14:17:29 -04:00
SaN ThosH a04df98f6f
Update CVE-2021-41878.yaml 2021-10-07 08:26:09 +05:30
sandeep 53fc9bcb3f misc fixes 2021-10-07 05:23:20 +05:30
Prince Chaddha 590e7d128b
Update CVE-2021-41878.yaml 2021-10-06 23:57:24 +05:30
Prince Chaddha f0c69c4d83
Update CVE-2021-41878.yaml 2021-10-06 23:56:54 +05:30
Prince Chaddha b204eedff5
Update CVE-2021-41467.yaml 2021-10-06 23:55:26 +05:30
SaN ThosH 7f9bb46eb8
Create CVE-2021-41878.yaml 2021-10-06 13:52:02 +05:30
SaN ThosH b38a29fcce
Create CVE-2021-41467.yaml 2021-10-06 12:41:01 +05:30
sandeep 8f58d37f3a Added missing condition 2021-10-05 23:42:16 +05:30
sandeep 937ff9f7ee misc update 2021-10-05 22:00:59 +05:30
Prince Chaddha 796ccd1d9d
Update CVE-2021-41773.yaml 2021-10-05 20:36:02 +05:30
sandeep 311f1b006c more sources 2021-10-05 20:33:10 +05:30
sandeep 876a83371f misc update 2021-10-05 20:32:16 +05:30
Muhammad Daffa 47720d5da6
Create CVE-2021-41773.yaml 2021-10-05 21:49:36 +07:00
Prince Chaddha 03f81f91cc
Merge pull request #2796 from daffainfo/patch-231
Create CVE-2012-0896.yaml
2021-10-05 17:50:10 +05:30
Prince Chaddha 223d49db9c
Merge pull request #2786 from geeknik/patch-29
Create CVE-2021-41826.yaml
2021-10-05 09:34:43 +05:30
meme-lord 98f51394a7
Update CVE-2021-38314.yaml
Added my blog post on how to PoC it to the references
2021-10-04 18:20:43 +01:00
Prince Chaddha ed07a99242
Update CVE-2021-41826.yaml 2021-10-04 22:20:00 +05:30
Prince Chaddha 5ede21e686
Merge pull request #2810 from gy741/rule-add-v64
Create CVE-2021-1499.yaml
2021-10-04 21:38:21 +05:30
Prince Chaddha 9c89100c2d
Update CVE-2021-1499.yaml 2021-10-04 21:36:06 +05:30
Prince Chaddha 5620395c94
Update CVE-2021-1499.yaml 2021-10-04 20:09:39 +05:30
Prince Chaddha 7182361020
Merge pull request #2814 from daffainfo/patch-234
Create CVE-2021-41649.yaml
2021-10-04 19:39:12 +05:30
Prince Chaddha c8f24c940c
Merge pull request #2813 from daffainfo/patch-233
Create CVE-2021-41648.yaml
2021-10-04 19:38:49 +05:30
Prince Chaddha 8492360296
Update CVE-2021-41648.yaml 2021-10-04 19:34:16 +05:30
Prince Chaddha 0f5d9ac24d
Update CVE-2021-41649.yaml 2021-10-04 19:32:07 +05:30
GitHub Action 937db784ee Auto Generated CVE annotations [Sun Oct 3 20:44:21 UTC 2021] 🤖 2021-10-03 20:44:21 +00:00
sandeep 6ab5ea4a63 Update CVE-2021-33357.yaml 2021-10-04 02:10:33 +05:30
sandeep 23c1cf45ce Added working payload 2021-10-04 02:07:21 +05:30
sandeep b2fa48e6a4 Update CVE-2021-33357.yaml 2021-10-03 22:41:42 +05:30
PikPikcU 90b924199d
Create CVE-2021-33357.yaml 2021-10-03 19:37:22 +07:00
Muhammad Daffa c64937c70e
Update and rename CVE-2021-41648.yaml to CVE-2021-41649.yaml 2021-10-03 17:46:22 +07:00
Muhammad Daffa c6fbeaebc5
Create CVE-2021-41648.yaml 2021-10-02 22:22:04 +07:00
Muhammad Daffa 670e3fe100
Create CVE-2021-41648.yaml 2021-10-02 22:16:40 +07:00
Sandeep Singh f033458524
misc update 2021-10-02 18:02:45 +05:30
GitHub Action ed2c42e833 Auto Generated CVE annotations [Sat Oct 2 12:30:44 UTC 2021] 🤖 2021-10-02 12:30:44 +00:00
Sandeep Singh ada6fcef43
Update CVE-2020-2036.yaml 2021-10-02 17:56:42 +05:30
GwanYeong Kim 1b3807a94d Create CVE-2021-1499.yaml
A vulnerability in the web-based management interface of Cisco HyperFlex HX Data Platform could allow an unauthenticated, remote attacker to upload files to an affected device. This vulnerability is due to missing authentication for the upload function. An attacker could exploit this vulnerability by sending a specific HTTP request to an affected device. A successful exploit could allow the attacker to upload files to the affected device with the permissions of the tomcat8 user.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-10-02 16:33:51 +09:00
Philippe Delteil 8185a0e9c0
Update CVE-2020-2036.yaml 2021-10-02 03:24:29 -03:00
sandeep aec246bf5b Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates into CVE-2021-1497 2021-10-02 05:18:04 +05:30
Sandeep Singh dcfc4fb9a3
Merge pull request #2800 from daffainfo/patch-232
Create CVE-2021-40960.yaml
2021-10-02 04:55:06 +05:30
GitHub Action fa947061ee Auto Generated CVE annotations [Fri Oct 1 23:05:32 UTC 2021] 🤖 2021-10-01 23:05:32 +00:00
sandeep 2f99b4165a misc update 2021-10-02 04:33:14 +05:30
Jackson Rolf 2b477061e8 Added CVE-2018-0127 template. 2021-10-01 15:30:31 -04:00
Muhammad Daffa 3af984c55d
Create CVE-2021-40960.yaml 2021-10-01 21:52:29 +07:00
Muhammad Daffa dddbd4f015
Create CVE-2012-0896.yaml 2021-10-01 18:02:42 +07:00
Sullo fe5fdf989e Merge branch 'cves-cleanup' of https://github.com/projectdiscovery/nuclei-templates into cves-cleanup 2021-09-30 17:16:34 -04:00
Sullo 1bc4c2dffb add cve classification 2021-09-30 17:16:15 -04:00
Sandeep Singh 974493daaa
Update CVE-2016-4975.yaml 2021-10-01 01:34:54 +05:30
Sandeep Singh 1c9238b972
Rename CVE-2016-4975.yml to CVE-2016-4975.yaml 2021-10-01 01:33:50 +05:30
Sullo 9f04b0abd8 Fix field names vs values 2021-09-30 15:56:52 -04:00
Sullo f1f6fbe26f Move deprecated-sshv1-detection.yaml to 2001/CVE-2001-1473.yaml 2021-09-30 15:49:47 -04:00
Sullo 0c4dd95bf6 Move openssh5.3-detect.yaml to cves/2016/CVE-2016-6210.yaml 2021-09-30 15:43:00 -04:00
Sullo 7adfd01163 Moving listserv_maestro_rce.yaml to cves folder 2021-09-30 15:39:45 -04:00
Sullo 3c012b137d Break CVE-2016-4975 into its own template 2021-09-30 15:35:17 -04:00
sullo c0003f8731
Update CVE-2020-29453.yaml 2021-09-30 14:27:12 -04:00
sullo 784d9560be
Fix CVSS score
incorrectly changed cvss score
2021-09-30 14:26:37 -04:00
Geeknik Labs 5c802b1772
Create CVE-2021-41826.yaml
Add CVE-2021-41826, PlaceOS 1.2109.1 - Open Redirection
2021-09-30 12:19:17 -05:00
Sullo c9a374bed5 renamed: simple-employee-rce.yaml -> ../../cves/2019/CVE-2019-20183.yaml 2021-09-30 13:06:46 -04:00
Sullo 3878138bfe * Added Host headers where needed (validated via disclosures/posts)
* Added CVE simple-employee-rce.yaml
2021-09-30 12:52:05 -04:00
sullo 66cad3ff35 Revert "* Added CVE info & moved simple-employee-rce.yaml to cves/2019/CVE-2019-20183.yaml"
incorrect push to master repo

This reverts commit 7191aee570.
2021-09-30 12:25:22 -04:00
Sullo 7191aee570 * Added CVE info & moved simple-employee-rce.yaml to cves/2019/CVE-2019-20183.yaml
* Added missing {{Hostname}} to some raw requests (confirmed that hostname is allowed in exploits)
* Minor cleanup in the modified plugins
2021-09-30 12:20:54 -04:00
sullo e75b8dd660
Merge branch 'projectdiscovery:master' into master 2021-09-30 11:39:38 -04:00
GitHub Action c139eab58f Auto Generated CVE annotations [Thu Sep 30 10:40:57 UTC 2021] 🤖 2021-09-30 10:40:57 +00:00
Prince Chaddha e432ffe3cf
Merge pull request #2772 from pikpikcu/patch-291
Create CVE-2021-41381.yaml
2021-09-30 16:09:11 +05:30
Prince Chaddha 1a4635eaff
Update CVE-2021-41381.yaml 2021-09-30 15:58:53 +05:30
GitHub Action 61e41f9997 Auto Generated CVE annotations [Thu Sep 30 10:24:26 UTC 2021] 🤖 2021-09-30 10:24:26 +00:00
Prince Chaddha 5a94410f04
Update CVE-2021-40870.yaml 2021-09-30 15:50:41 +05:30
PikPikcU 8060293ebe
Create CVE-2021-40870.yaml 2021-09-30 13:57:47 +07:00
PikPikcU 006d368aca
Create CVE-2021-41381.yaml 2021-09-30 13:30:48 +07:00
Sandeep Singh a565228acf
Merge pull request #2754 from daffainfo/master
Adding daffainfo templates
2021-09-30 04:21:45 +05:30
sullo a4563e5909 Add check for CVE-2021-1497 2021-09-29 17:49:02 -04:00
sullo 715c8de5c0 Changed CVE-2021-1497 to CVE-2021-1498 per original advisory. Added ref to original advisory. 2021-09-29 13:05:43 -04:00
sullo 6b5d52084d Update cvss/severity for CVE-2020-29453 2021-09-29 10:35:52 -04:00
TheConciergeDev 6011701507
renamed file
the second dash was a unicode value -> "\u2013" instead
2021-09-29 11:18:09 +02:00
Prince Chaddha aac4c689b5
Update CVE-2021-24276.yaml 2021-09-29 00:24:48 +05:30