Commit Graph

146 Commits (b998c8be289c6c112404067633d51965653cd9a7)

Author SHA1 Message Date
MostInterestingBotInTheWorld 301fddaeb0
Dashboard Content Enhancements (#6965)
* Add description and enhance one where the UI failed to save properly.
dos2unix on a template

* Change cvedetails link to nvd

* make severities match

* Enhancement: cves/2015/CVE-2015-2863.yaml by md

* Enhancement: cves/2017/CVE-2017-14524.yaml by md

* Enhancement: cves/2017/CVE-2017-5638.yaml by md

* Enhancement: cves/2019/CVE-2019-16759.yaml by md

* Enhancement: cves/2021/CVE-2021-22986.yaml by md

* Enhancement: cves/2021/CVE-2021-24145.yaml by md

* Enhancement: cves/2021/CVE-2021-24145.yaml by md

* Enhancement: cves/2021/CVE-2021-24155.yaml by md

* Enhancement: cves/2021/CVE-2021-24145.yaml by md

* Enhancement: cves/2021/CVE-2021-24145.yaml by md

* Enhancement: cves/2021/CVE-2021-24347.yaml by md

* Enhancement: cves/2021/CVE-2021-25003.yaml by md

* Enhancement: cves/2021/CVE-2021-25296.yaml by md

* Enhancement: cves/2021/CVE-2021-25297.yaml by md

* Enhancement: cves/2021/CVE-2021-25296.yaml by md

* Enhancement: cves/2021/CVE-2021-25297.yaml by md

* Enhancement: cves/2021/CVE-2021-25298.yaml by md

* Enhancement: cves/2021/CVE-2021-25297.yaml by md

* Enhancement: cves/2021/CVE-2021-28151.yaml by md

* Enhancement: cves/2021/CVE-2021-30128.yaml by md

* Enhancement: cves/2022/CVE-2022-0824.yaml by md

* Enhancement: cves/2022/CVE-2022-0824.yaml by md

* Enhancement: cves/2022/CVE-2022-0885.yaml by md

* Enhancement: cves/2022/CVE-2022-21587.yaml by md

* Enhancement: cves/2022/CVE-2022-2314.yaml by md

* Enhancement: cves/2022/CVE-2022-24816.yaml by md

* Enhancement: cves/2022/CVE-2022-31499.yaml by md

* Enhancement: cves/2022/CVE-2022-21587.yaml by md

* Enhancement: cves/2021/CVE-2021-24155.yaml by md

* Enhancement: cves/2017/CVE-2017-5638.yaml by md

* Enhancement: cves/2015/CVE-2015-2863.yaml by md

* Enhancement: cves/2022/CVE-2022-33901.yaml by md

* Enhancement: cves/2022/CVE-2022-2314.yaml by md

* Enhancement: cves/2022/CVE-2022-33901.yaml by md

* Enhancement: cves/2022/CVE-2022-34753.yaml by md

* Enhancement: cves/2022/CVE-2022-39952.yaml by md

* Enhancement: cves/2022/CVE-2022-4060.yaml by md

* Enhancement: cves/2022/CVE-2022-44877.yaml by md

* Enhancement: cves/2023/CVE-2023-0669.yaml by md

* Enhancement: cves/2023/CVE-2023-26255.yaml by md

* Enhancement: cves/2023/CVE-2023-26256.yaml by md

* Enhancement: exposures/files/salesforce-credentials.yaml by md

* Enhancement: misconfiguration/hadoop-unauth-rce.yaml by md

* Enhancement: misconfiguration/installer/nopcommerce-installer.yaml by md

* Enhancement: network/backdoor/backdoored-zte.yaml by md

* Enhancement: network/detection/ibm-d2b-database-server.yaml by md

* Enhancement: network/detection/ibm-d2b-database-server.yaml by md

* Enhancement: technologies/oracle/oracle-atg-commerce.yaml by md

* Enhancement: token-spray/api-abuseipdb.yaml by md

* Enhancement: token-spray/api-abuseipdb.yaml by md

* Enhancement: token-spray/api-dbt.yaml by md

* Enhancement: vulnerabilities/avaya/avaya-aura-rce.yaml by md

* Enhancement: vulnerabilities/avaya/avaya-aura-xss.yaml by md

* Enhancement: vulnerabilities/cisco/cisco-cloudcenter-suite-rce.yaml by md

* Enhancement: vulnerabilities/froxlor-xss.yaml by md

* Enhancement: vulnerabilities/jamf/jamf-log4j-jndi-rce.yaml by md

* Enhancement: vulnerabilities/mobileiron/mobileiron-log4j-jndi-rce.yaml by md

* Enhancement: vulnerabilities/jamf/jamf-log4j-jndi-rce.yaml by md

* Enhancement: vulnerabilities/opencpu/opencpu-rce.yaml by md

* Enhancement: vulnerabilities/other/academy-lms-xss.yaml by md

* Enhancement: vulnerabilities/other/caucho-resin-info-disclosure.yaml by md

* Enhancement: vulnerabilities/other/ckan-dom-based-xss.yaml by md

* Enhancement: vulnerabilities/other/couchdb-adminparty.yaml by md

* Enhancement: vulnerabilities/other/graylog-log4j.yaml by md

* Enhancement: vulnerabilities/mobileiron/mobileiron-log4j-jndi-rce.yaml by md

* Initial cleanups for syntax errors

* dashboard gremlins

* Add log4j back to name

* Enhancement: exposures/files/salesforce-credentials.yaml by cs

* Enhancement: misconfiguration/installer/nopcommerce-installer.yaml by cs

* Enhancement: network/backdoor/backdoored-zte.yaml by cs

* Enhancement: vulnerabilities/other/couchdb-adminparty.yaml by cs

* Sev and other info tweaks

* Merge conflict

---------

Co-authored-by: sullo <sullo@cirt.net>
2023-03-27 23:16:47 +05:30
Jorian Woltjer 71fd3bf973 Reduce false-positives in open-redirect regexes 2023-03-01 09:39:14 +01:00
Prince Chaddha 7c512ee0aa
Merge pull request #6641 from nodauf/patch-1
Add new payload for CORS
2023-02-21 13:32:35 +05:30
Dhiyaneshwaran e812da36fb
Merge pull request #6677 from imhunterand/patch-2
Update open-redirect.yaml
2023-02-07 10:22:19 +05:30
Dhiyaneshwaran b8e613ff03
change from google.com -> evil.com 2023-02-07 10:19:11 +05:30
ANDRI d19938ba8a
Update open-redirect.yaml 2023-02-05 20:49:10 +07:00
sullo 29ad9bc9e9 Syntax fixes 2023-02-02 16:51:33 -05:00
nodauf 6a50f45f96
Add new payload for CORS 2023-01-30 15:21:39 +01:00
MostInterestingBotInTheWorld a852c35c15 Enhancement: vulnerabilities/generic/generic-j2ee-lfi.yaml by mp 2023-01-29 14:29:20 -05:00
MostInterestingBotInTheWorld e9b37518bb Enhancement: vulnerabilities/generic/generic-j2ee-lfi.yaml by mp 2023-01-29 14:24:06 -05:00
MostInterestingBotInTheWorld 0d6fbd237f
Dashboard Content Enhancements (#6598)
Dashboard Content Enhancements
2023-01-23 14:14:23 -08:00
sullo 8a3eeea516 Fixing spelling, -dorks, and some severity mismatches 2023-01-23 15:11:25 -05:00
Emre Kara 09504ab427
Wrong part name (#6482)
Part name should be "header" instead "location"
2023-01-08 00:30:41 +05:30
Mike Piekarski 2e9ba680a7 Added Profile header for additional WAP coverage on CJServer hosts 2022-12-10 17:42:58 -05:00
Sandeep Singh ec5168def8
fix: redirect template update (#6329) 2022-12-10 20:12:59 +05:30
Prince Chaddha 61d8f37cca
Update open-redirect.yaml 2022-12-02 13:03:13 +05:30
GitHub Action 8297d3d8b4 Auto Generated CVE annotations [Tue Nov 22 04:51:59 UTC 2022] 🤖 2022-11-22 04:51:59 +00:00
Philippe Delteil 1028e0f889
Update crlf-injection.yaml
added hackerone report as reference.
2022-11-21 23:14:21 -05:00
MostInterestingBotInTheWorld 0b1a79f39d
Dashboard Content Enhancements (#5704)
Dashboard Content Enhancements
2022-10-19 17:11:27 -04:00
Sandeep Singh 712264db7e
Using "host-redirects" instead of "redirects" to avoid scanning 3rd party / out of scope hosts. (#5491) 2022-10-08 02:57:25 +05:30
MostInterestingBotInTheWorld 529582c200
Dashboard Content Enhancements (#5455)
Dashboard Content Enhancements
2022-09-23 13:53:08 -04:00
st0fm 34a9d5d4ee
fix [WRN] [cors-misconfig] unresolved variables found: path (#5435)
* fix [WRN] [cors-misconfig] Could not make http request for..  unresolved variables found: path

* Additional path fix

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-09-22 11:40:37 +05:30
MostInterestingBotInTheWorld 3bc2e26e40
Dashboard Content Enhancements (#5372)
Dashboard Content Enhancements
2022-09-16 15:50:10 -04:00
Prince Chaddha 86d7f1b84a
Merge branch 'master' into patch-1 2022-09-12 16:56:13 +05:30
MostInterestingBotInTheWorld 554c11c57b
Dashboard Content Enhancements (#5324)
Dashboard Content Enhancements
* dos2nix on several templates
* replacing some cvedetails links with NIST
2022-09-08 09:28:46 -04:00
Prince Chaddha b0aaf21c36
Merge pull request #5266 from projectdiscovery/update-generic-linux-lfi
Update generic-linux-lfi.yaml
2022-09-02 10:22:44 +05:30
Prince Chaddha f0d0eff9ca
Update generic-linux-lfi.yaml 2022-09-02 01:48:37 +05:30
Dhiyaneshwaran 5e0f3a4229
Update generic-linux-lfi.yaml 2022-09-02 01:42:47 +05:30
Ritik Chaddha 471ae0fdce
Update generic-windows-lfi.yaml 2022-09-01 14:10:45 +05:30
Ritik Chaddha 3a939783b8
Update generic-windows-lfi.yaml 2022-08-31 23:12:58 +05:30
Ritik Chaddha b34b02ebd4 Revert "Update generic-windows-lfi.yaml"
This reverts commit a3076a43ac.
2022-08-31 23:11:07 +05:30
Ritik Chaddha 8c20c20328 Revert "Revert "Update generic-windows-lfi.yaml""
This reverts commit 2d626ef0fe.
2022-08-31 23:09:04 +05:30
Ritik Chaddha 2d626ef0fe Revert "Update generic-windows-lfi.yaml"
This reverts commit a3076a43ac.
2022-08-31 23:08:24 +05:30
Ritik Chaddha a3076a43ac
Update generic-windows-lfi.yaml 2022-08-31 23:05:41 +05:30
Dhiyaneshwaran 2dea6ed916
Update generic-linux-lfi.yaml 2022-08-31 22:03:32 +05:30
Dhiyaneshwaran 234b6a417a
Update generic-linux-lfi.yaml 2022-08-31 22:01:15 +05:30
its0x08 d634bb63d7 chore: Add reference to the template 2022-08-31 00:02:32 +02:00
GitHub Action bc21497f99 Auto Generated CVE annotations [Sat Aug 27 04:41:18 UTC 2022] 🤖 2022-08-27 04:41:18 +00:00
Prince Chaddha 7129ad3f4a
Update generic-j2ee-lfi.yaml 2022-08-09 02:36:13 -07:00
Prince Chaddha 9dc980ad64
Update generic-j2ee-lfi.yaml 2022-08-09 02:09:46 -07:00
Ritik Chaddha 6106342ddf
Update generic-j2ee-lfi.yaml 2022-08-08 12:05:51 +05:30
Dhiyaneshwaran 6d7316db73
Update generic-j2ee-lfi.yaml 2022-08-07 20:50:32 +05:30
Dhiyaneshwaran d02893bba3
Update generic-j2ee-lfi.yaml 2022-08-07 20:47:49 +05:30
David Fegyver 8590b47416
Added generic J2EE LFI scan 2022-08-07 15:31:31 +02:00
MostInterestingBotInTheWorld c5a7d79f5a
Dashboard Content Enhancements (#4819)
Dashboard Content Enhancements
2022-07-26 09:45:11 -04:00
Prince Chaddha db5029fc61
Update cors-misconfig.yaml 2022-07-02 15:50:54 +05:30
Alexander Sennhauser 9e874954c0 use path for CORS GET request
This allows to test endpoints which do not end with a single slash (i.e. '/')
by specifying the path as a variable (e.g. -var Path=/v1/test).
2022-06-30 15:04:02 +02:00
Krishna Agarwal 75c6c22a27
Added URL encoded payload (#4664) 2022-06-25 12:38:56 +05:30
Prince Chaddha 7ada510859
Fixed possible FPs in open redirect templates (#4544)
* Fixed possible FPs in open redirect templates

We have replaced example.com with interact.sh since few domains redirect to example.com, which results in FP results.

* updated example domain

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-06-06 16:10:15 +05:30
Prince Chaddha 334a4d03f4
Update cache-poisoning.yaml (#4418)
* Update cache-poisoning.yaml

* added identifier to headers

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-05-17 14:31:33 +05:30