Commit Graph

313 Commits (bd340395f076483c15c885d84d9505eec1921fb9)

Author SHA1 Message Date
Noam Rathaus 47b2395031 Add description 2021-08-29 09:48:18 +03:00
forgedhallpass 296edfc37b Merge remote-tracking branch 'origin' into dynamic_attributes 2021-08-23 14:40:33 +03:00
sandeep 2aa54304ee Payloads positional update to keep the request format uniform 2021-08-22 23:39:33 +05:30
Sandeep Singh 357b478e52
Update and rename CVE-2017–4011.yaml to CVE-2017-4011.yaml 2021-08-21 02:30:02 +05:30
forgedhallpass 77103bc629 Satisfying the linter (all errors and warnings)
* whitespace modifications only
2021-08-19 17:44:46 +03:00
forgedhallpass 2a320412bf Misc (minor)
Related nuclei tickets:
* #259 - dynamic key-value field support for template information
* #940 - new infos in template
* #834
* RES-84
2021-08-19 17:25:01 +03:00
forgedhallpass f55d6b75e1 Removed pipe (|) character from references, because the structure requires it to be a string slice, not a string
Related nuclei tickets:
* #259 - dynamic key-value field support for template information
* #940 - new infos in template
* #834
* RES-84
2021-08-19 16:59:12 +03:00
forgedhallpass 7b29be739e Merge branch 'master' into dynamic_attributes 2021-08-19 16:23:26 +03:00
forgedhallpass 0b432b341b Added comments with URLs under the "references" field
Related nuclei tickets:
* #259 - dynamic key-value field support for template information
* #940 - new infos in template
* #834
* RES-84
2021-08-19 16:15:35 +03:00
forgedhallpass e68d15ab63 Fixed mistakes/typos in the templates.
Related nuclei tickets:
* #259 - dynamic key-value field support for template information
* #940 - new infos in template
* #834
* RES-84
2021-08-19 15:30:14 +03:00
forgedhallpass cdf9451158 Removed pipe (|) character from references, because the structure requires it to be a string slice, not a string
Related nuclei tickets:
* #259 - dynamic key-value field support for template information
* #940 - new infos in template
* #834
* RES-84
2021-08-18 14:44:27 +03:00
Prince Chaddha 3a030cca66
Update CVE-2017–4011.yaml 2021-08-17 17:01:34 +05:30
Geeknik Labs 9d8c364040
Create CVE-2017–4011.yaml 2021-08-16 15:45:09 -05:00
sandeep 07aa96ed15 Fixing CVE-2017-12629 2021-08-09 20:55:06 +05:30
Sandeep Singh 2ca144c36a
Merge pull request #2329 from pikpikcu/patch-245
Added AvantFAX
2021-08-06 21:41:40 +05:30
sandeep e75efd42da minor update 2021-08-06 21:39:24 +05:30
sandeep d60171ed9d Added additional matchers 2021-08-06 20:16:35 +05:30
mass0ma 9646633d30 Added CVE-2017-14651 Template 2021-08-05 16:59:36 +00:00
Prince Chaddha f63f7af8aa
Update CVE-2017-18024.yaml 2021-08-05 20:40:16 +05:30
PikPikcU 9ff9493341
Create CVE-2017-18024.yaml 2021-08-05 12:48:55 +07:00
r3dg33k dfcd364059 update to CVE-2017-5487, added extractor 2021-08-02 01:08:39 -04:00
Sandeep Singh c703d92c5b
Merge pull request #2222 from pikpikcu/patch-228
Add PhpCollab (unauthenticated) Arbitrary File Upload
2021-07-27 19:44:35 +05:30
sandeep b984f86d67 removing extra headers 2021-07-27 17:59:13 +05:30
sandeep d43a54ada1 Update CVE-2017-6090.yaml 2021-07-27 17:56:56 +05:30
sandeep bfc130dfbd Merge branch 'patch-228' of https://github.com/pikpikcu/nuclei-templates into pr/2222 2021-07-27 17:51:06 +05:30
sandeep 448aec1edb minor updates 2021-07-27 17:50:49 +05:30
PikPikcU 870339ebe1
Update CVE-2017-6090.yaml 2021-07-27 19:10:51 +07:00
Muhammad Daffa 590e6ae172
Create CVE-2017-15647.yaml 2021-07-27 18:36:29 +07:00
PikPikcU 315215aa02
Create CVE-2017-6090.yaml 2021-07-27 16:51:01 +07:00
sandeep 6ccc5f8792 matcher update to handle edge cases 2021-07-25 03:05:55 +05:30
Prince Chaddha cfd72afbc5
Update CVE-2017-9288.yaml 2021-07-19 11:30:44 +05:30
Prince Chaddha 70b1ba08d6
Update CVE-2017-18536.yaml 2021-07-19 11:29:58 +05:30
Prince Chaddha 63765c5693
Update CVE-2017-17451.yaml 2021-07-19 11:29:23 +05:30
Prince Chaddha df69924f5b
Update CVE-2017-17059.yaml 2021-07-19 11:15:37 +05:30
Prince Chaddha b47cf72dd0
Update CVE-2017-17043.yaml 2021-07-19 11:15:08 +05:30
sandeep 450c6b3690 Updated POC for CVE-2017-15944 2021-07-17 17:07:28 +05:30
Prince Chaddha 900347eeb4
Merge pull request #2044 from daffainfo/patch-72
Create CVE-2017-17043.yaml
2021-07-16 11:07:52 +05:30
Prince Chaddha a047cd77ff
Update CVE-2017-17043.yaml 2021-07-16 10:50:55 +05:30
Prince Chaddha ffb5edffd8
Merge pull request #2042 from daffainfo/patch-70
Create CVE-2017-17451.yaml
2021-07-16 10:49:33 +05:30
Prince Chaddha c7d0efa420
Merge pull request #2043 from daffainfo/patch-71
Create CVE-2017-17059.yaml
2021-07-16 10:49:20 +05:30
Prince Chaddha be7247bc77
Update CVE-2017-17059.yaml 2021-07-16 10:44:57 +05:30
Prince Chaddha 7ae1641822
Merge pull request #2041 from daffainfo/patch-69
Create CVE-2017-18536.yaml
2021-07-16 10:43:08 +05:30
Prince Chaddha f0d1da0d2e
Update CVE-2017-17451.yaml 2021-07-16 10:43:04 +05:30
Prince Chaddha a7f2472922
Update CVE-2017-18536.yaml 2021-07-16 10:41:33 +05:30
Prince Chaddha 4287359c29
Update CVE-2017-9288.yaml 2021-07-16 10:30:43 +05:30
Muhammad Daffa 03698a57ee
Create CVE-2017-9288.yaml 2021-07-16 11:28:40 +07:00
Muhammad Daffa 5be858f2d6
Create CVE-2017-17043.yaml 2021-07-16 11:27:01 +07:00
Muhammad Daffa 2a76b19a36
Create CVE-2017-17059.yaml 2021-07-16 11:25:24 +07:00
Muhammad Daffa d07faf8034
Create CVE-2017-17451.yaml 2021-07-16 11:22:53 +07:00
Muhammad Daffa e89607941c
Create CVE-2017-18536.yaml 2021-07-16 11:20:28 +07:00
Geeknik Labs fc35b4c56d
Update CVE-2017-5487.yaml
Fixes #1985
2021-07-13 18:58:52 +00:00
sandeep 3bbcb23cd0 Severity update as this directly doesn't pose any risk. 2021-07-11 13:39:21 +05:30
Geeknik Labs c8ba8e13ce
Create CVE-2017-16806.yaml 2021-07-06 19:50:32 +00:00
sandeep 36a0918092 fixes 2021-07-04 16:02:51 +05:30
sandeep 13a5215bda Update CVE-2017-9841.yaml 2021-07-04 15:50:15 +05:30
sandeep b137eb57d3 More edge cases
Only looking for DNS interaction is not reliable as few servers make DNS requests for host included in path or query parameter.
2021-07-04 00:41:57 +05:30
Sandeep Singh 52e0c861a1
Merge pull request #1733 from milo2012/master
Added CVE-2018-1000130/ CVE-2018-2628/ CVE-2018-2628/ CVE-2019-3401/ CVE-2020-1938/ oracle-bi-default-login/ jolokia-heap-disclosure
2021-07-02 18:27:45 +05:30
sandeep 16da6c9980 strict matchers 2021-07-02 18:20:58 +05:30
Keith 8490fe60ca Add CVE-2017-9822.yaml - DotNetNuke Cookie Deserialization Remote Code Execution (RCE) 2021-06-30 19:35:01 +08:00
Keith f78452e808 Add CVE-2017-9822.yaml - DotNetNuke Cookie Deserialization Remote Code Execution (RCE) 2021-06-30 19:32:59 +08:00
Prince Chaddha b46dc119e7
Update CVE-2017-12794.yaml 2021-06-29 10:07:07 +05:30
PikPikcU 9cc9a52db2
Create CVE-2017-12794.yaml 2021-06-24 15:49:12 +00:00
Geeknik Labs 988726f5c8
Create CVE-2017-15944.yaml
This fixes #1091. I changed line 20 from `part: body` to `part: header`.
2021-06-18 20:45:44 +00:00
sandeep 69ded42e3a Template rename / update 2021-06-10 21:57:07 +05:30
sandeep 8fa1dbc604 Minor updates 2021-06-09 21:37:22 +05:30
Dhiyaneshwaran 6c79bfa14d
Create CVE-2017-9140.yaml 2021-06-09 18:40:47 +05:30
Prince Chaddha 83ce809e8d Updated author names 2021-06-09 17:50:56 +05:30
sandeep 9045f0bb2a misc changes 2021-06-09 14:23:32 +05:30
SaN ThosH c5d4e5e400
Update CVE-2017-9506.yaml 2021-06-09 13:11:39 +05:30
Sandeep Singh 23a59704e9
Merge pull request #1585 from pikpikcu/patch-171
Add CVE-2017-14535
2021-06-01 11:07:56 +05:30
sandeep b021a0cf49 Misc changes 2021-06-01 11:06:13 +05:30
sandeep 2cc30c771a misc updates 2021-05-31 16:53:36 +05:30
PikPikcU b0eca52c4b
Create CVE-2017-14535.yaml 2021-05-31 09:46:53 +00:00
sandeep b7d103a740 Update CVE-2017-1000486.yaml 2021-05-28 10:27:21 +05:30
sandeep 450cf76976 Improved template 2021-05-28 10:25:48 +05:30
Moritz 0c0eaf114c Update CVE-2017-1000486.yaml file to pass Checks 2021-05-27 11:38:23 +02:00
Moritz 24bcb23857 Add Detection for PrimeFaces 5.x EL Injection (CVE-2017-1000486) 2021-05-27 10:17:31 +02:00
sandeep ff93978e09 Removing status matcher to avoid missing true positives results. 2021-05-12 02:04:56 +05:30
sandeep de70b699bc More references 2021-05-11 23:47:49 +05:30
sandeep 1c04ba5abc Additional matchers 2021-05-11 23:47:09 +05:30
Pina 79962222c5
cve-2017-12149 jboss deserialization rce 2021-05-11 12:07:05 +01:00
sandeep 1913076aef Update CVE-2017-7269.yaml 2021-05-09 22:50:07 +05:30
Geeknik Labs ce63f8ebea
Update CVE-2017-7269.yaml 2021-05-09 15:43:32 +00:00
Geeknik Labs f6dc6a1376
Update CVE-2017-7269.yaml 2021-05-09 15:16:07 +00:00
sandeep c0f5cf03ab tags update 2021-05-09 20:41:52 +05:30
Sandeep Singh f8ebcb9239
Merge pull request #1303 from projectdiscovery/oob-templates-update
OOB Template updates (WIP)
2021-05-05 00:01:55 +05:30
Sandeep Singh 81c7aac3ab
Merge pull request #1372 from projectdiscovery/CVE-2017-3506
Added CVE-2017-3506
2021-05-05 00:01:18 +05:30
Sandeep Singh 2080bfdab3
Merge pull request #1380 from projectdiscovery/cves/CVE-2017-12629
Added CVE-2017-12629
2021-05-05 00:00:43 +05:30
sandeep 641e125c79 improved payload 2021-05-02 18:51:04 +05:30
sandeep daff7a614c RAW requests 2021-04-27 16:55:09 +05:30
sandeep 7a2edf0085 Moving files around 2021-04-27 16:38:12 +05:30
sandeep 68b06c50a4 Update CVE-2017-3506.yaml 2021-04-26 21:16:27 +05:30
sandeep 8ca815d191 Update CVE-2017-3506.yaml 2021-04-26 15:20:04 +05:30
sandeep 6eae4191d6 Added CVE-2017-3506 2021-04-26 15:18:57 +05:30
sandeep c3379618ab matching against uploaded string in file 2021-04-23 22:02:27 +05:30
sandeep d9f32d0312 Update CVE-2017-15715.yaml 2021-04-23 21:48:57 +05:30
sandeep 6c3634a162 Update CVE-2017-15715.yaml 2021-04-23 19:27:38 +05:30
sandeep 7d0fea2bab making it unique for every new scans 2021-04-23 19:22:23 +05:30
Geeknik Labs 8fc4e54a36
Create CVE-2017-15715.yaml 2021-04-23 13:34:52 +00:00
Prince Chaddha 98dbbe4d0f
Merge pull request #1225 from projectdiscovery/princechaddha-patch-8
Create CVE-2017-8917.yaml
2021-04-21 23:57:11 +05:30
Prince Chaddha 2681015072
Merge pull request #1278 from projectdiscovery/princechaddha-patch-15
Create CVE-2017-5521.yaml
2021-04-21 23:42:18 +05:30
sandeep 9117c91bd0 Update CVE-2017-12635.yaml 2021-04-19 14:28:00 +05:30
sandeep 385aff0b7c Update CVE-2017-9506.yaml 2021-04-19 13:17:56 +05:30
Noam Rathaus b1f15e3c29 Not familar with the term "RPE" tried to look it up, can't find it, so I think this should be RCE 2021-04-19 08:31:33 +03:00
sandeep de4f25fce7 OOB Template updates (WIP) 2021-04-18 22:06:07 +05:30
Noam Rathaus 0ee0c0870f Description and References 2021-04-18 16:02:50 +03:00
Noam Rathaus 4beb5e8495 Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates 2021-04-18 16:00:42 +03:00
Noam Rathaus d26f311cdf Descriptions and references 2021-04-18 16:00:27 +03:00
Sandeep Singh 44c26e52d5
Merge pull request #1130 from pikpikcu/patch-132
Added CVE-2017-12542
2021-04-17 21:19:53 +05:30
sandeep 41d1d4258b Update CVE-2017-12542.yaml 2021-04-17 21:18:58 +05:30
Prince Chaddha 155987f7a7
Update CVE-2017-5521.yaml 2021-04-14 01:33:05 +05:30
Prince Chaddha 1073ba9234
Create CVE-2017-5521.yaml 2021-04-14 01:24:49 +05:30
PikPikcU f0a7b5da37
Update CVE-2017-12542.yaml 2021-04-10 23:48:05 +00:00
Prince Chaddha a3510d29a0
Create CVE-2017-7921.yaml 2021-04-07 22:30:37 +05:30
Prince Chaddha 0e07c2d618
Create CVE-2017-8917.yaml 2021-04-07 22:09:33 +05:30
sandeep 8fdfc64e54 misc tag updates 2021-04-06 12:16:11 +05:30
sandeep b273765752 minor changes 2021-04-01 13:28:30 +05:30
Geeknik Labs b25ba806dc
Update CVE-2017-17562.yaml 2021-03-29 20:04:26 +00:00
Geeknik Labs 7b3c6c12a6
Create CVE-2017-17562.yaml
WIP
2021-03-27 21:22:33 +00:00
sandeep 86ad55d66f Adding to workflow 2021-03-24 14:07:22 +05:30
Dwi Siswanto e49b4a7d8a ✏️ Add wordpress to tags 2021-03-23 19:57:15 +07:00
Dwi Siswanto 2e233a0aa2 🔨 Update matchers 2021-03-23 19:56:56 +07:00
Dwi Siswanto 53c0e1e954 🔥 Add CVE-2017-1000170 2021-03-23 19:56:42 +07:00
PikPikcU 832a39f418
Update CVE-2017-12542.yaml 2021-03-23 11:33:07 +00:00
PikPikcU 4244af34d2
Create CVE-2017-12542.yaml 2021-03-23 11:26:08 +00:00
sandeep ad84ecb792 tag improvements 2021-03-18 13:24:36 +05:30
sandeep a80bee81c9 Update CVE-2017-3881.yaml 2021-03-15 00:17:03 +05:30
Dwi Siswanto fac1e178a4 Restruct [lint] 2021-03-12 12:52:02 +07:00
sandeep c3ce5be9c6 Update CVE-2017-3881.yaml 2021-03-12 12:52:02 +07:00
Dwi Siswanto 0f3d09b753 🔨 Move port inside host 2021-03-12 12:52:02 +07:00
Dwi Siswanto be064a816e 🔥 Add CVE-2017-3881
Drafting this PoC, since network template is work in progress.
2021-03-12 12:52:02 +07:00
sandeep ed91c0813e more typos 2021-03-10 19:45:41 +05:30
sandeep cde0571f4b misc updates 2021-03-06 11:56:16 +05:30
Prince Chaddha 8e67a67b80
Merge pull request #909 from pikpikcu/patch-77
Add poc CVE Apache Struts2
2021-03-06 02:16:25 +05:30
Prince Chaddha 6c84f959f9 fixed trailing spaces 2021-03-06 02:14:21 +05:30
Prince Chaddha cc641d9946 removing few templates 2021-03-06 02:09:54 +05:30
sandeep e6adb1d743 improving matcher 2021-03-04 19:20:07 +05:30
sandeep b56eda03ba wip fix 2021-03-04 17:06:46 +05:30
PikPikcU 211ced6be6
Create CVE-2017-16877.yaml 2021-02-26 22:05:49 +07:00
sandeep 275ca9dbba updating overwrite 2021-02-25 14:37:22 +05:30
pussycat0x 7b45997a1c
Update CVE-2017-1000028.yaml 2021-02-25 12:04:10 +05:30
sandeep 088092540c Update CVE-2017-7269.yaml 2021-02-24 23:41:44 +05:30
aron 34cd2d060e Add CVE-2017-7269 2021-02-24 14:29:23 +01:00
PikPikcU dae21b4588
Fix Payloads 🛠 2021-02-23 01:42:08 +00:00
sandeep b6091f9090 improved matcher and tags update 2021-02-22 12:31:32 +05:30
sandeep 1707534f01 misc fixes 2021-02-22 01:48:07 +05:30
PikPikcU 2b8572d15e
Create CVE-2017-9791.yaml 2021-02-21 15:39:29 +00:00
PikPikcU 3e111595bf
Create CVE-2017-12611.yaml 2021-02-21 14:01:50 +00:00
PikPikcU fc14c602b6
Create CVE-2017-9805.yaml 2021-02-21 14:01:07 +00:00
sandeep 6d88f03e08 moving files around 2021-02-16 14:54:04 +05:30
sandeep 190986a7eb Update CVE-2017-12635.yaml 2021-02-15 22:42:13 +05:30
sandeep 41dc642f20 Update CVE-2017-12635.yaml 2021-02-15 22:36:29 +05:30
PikPikcU 123b9e32ea
Add Apache CouchDB(CVE-2017-12635) 2021-02-15 13:31:56 +00:00
PikPikcU 813f61f817
Create CVE-2017-12615 (#835)
* Create CVE-2017-12615.yaml
2021-02-10 15:14:26 +05:30
PD-Team 00d26c0608
Added tags to cves 😎 (#813)
* Added tags to cves 😎
2021-02-06 01:14:41 +05:30
PD-Team 048160aaec Update CVE-2017-10271.yaml 2021-02-05 01:18:05 +05:30
PD-Team 32506f90e8 Update CVE-2017-10271.yaml 2021-02-05 01:14:43 +05:30
PD-Team a8a5a8c4c0 updated poc 2021-02-05 01:13:23 +05:30
PD-Team dd76ae4c97 Update CVE-2017-10271.yaml 2021-02-04 14:33:17 +05:30
drset 7a21babcd4 Added template CVE-2017-10271 for Weblogic. Added Weblogic workflow. 2021-02-02 21:48:46 -03:00
team-projectdiscovery a52ffe5c4e fixes and updates 2021-01-10 19:45:36 +05:30
team-projectdiscovery 4f2a99345c cve id updates 2021-01-02 10:32:50 +05:30
team-projectdiscovery ba58677a74 moving cves to year based structure
easy for viewing / running templates based on years.
2021-01-02 09:52:04 +05:30