daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
11,446 Commits
17 Branches
0 Tags
165 MiB
Commit Graph

11446 Commits (ccb036e2c21eb49a8f9bf9cff8dadc347b330c7b)

Author SHA1 Message Date
Prince Chaddha ccb036e2c2
Merge pull request #3349 from daffainfo/patch-281 
Create api-web3storage
 2021-12-18 15:37:19 +05:30
Prince Chaddha a58edb1387
Update api-web3storage.yaml 2021-12-18 15:32:58 +05:30
Prince Chaddha 7f8f2dd12b
Merge pull request #3351 from daffainfo/patch-282 
Create api-bitrise.yaml
 2021-12-18 15:14:13 +05:30
Prince Chaddha dcf3f57bdf
Merge pull request #3373 from projectdiscovery/princechaddha-patch-2 
Create global-domains-xss.yaml
 2021-12-18 15:02:06 +05:30
Ganoes 5f271045d1
CVE-2016-6210 - Fix typo in the regex (#3365) 
* CVE-2016-6210 - Fix typo in the regex

* minor variable update

Co-authored-by: ganoes <karel.rozhon@etnetera.cz>
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
 2021-12-18 14:58:35 +05:30
Prince Chaddha 71027cbc79
Merge pull request #3357 from Akokonunes/patch-90 
Create global-domains-lfi.yaml
 2021-12-18 14:52:35 +05:30
Prince Chaddha 3b067a1aca
Create global-domains-xss.yaml 2021-12-18 14:51:08 +05:30
Prince Chaddha 0f40857119
Update and rename global-domains-lfi.yaml to vulnerabilities/other/global-domains-lfi.yaml 2021-12-18 14:43:28 +05:30
Prince Chaddha 74af195444
Merge pull request #3352 from projectdiscovery/princechaddha-patch-2 
Create emerson-power-panel.yaml
 2021-12-18 14:34:07 +05:30
Prince Chaddha 9a4941d995
Merge pull request #3356 from Akokonunes/patch-89 
Create groupoffice-lfi.yaml
 2021-12-18 14:33:42 +05:30
Prince Chaddha 7b39972bfd
Merge pull request #3367 from gy741/rule-add-v80 
Create oliver-library-server-lfi.yaml
 2021-12-18 14:33:23 +05:30
Prince Chaddha fc566d27a8
Create CVE-2021-45092.yaml (#3372) 
* Create CVE-2021-45092.yaml

* Added Thinfinity Iframe Injection

Co-Authored-By: Daniel Mofer <7999779+danielmofer@users.noreply.github.com>

* Added Thinfinity VirtualUI User Enumeration

Co-Authored-By: Daniel Mofer <7999779+danielmofer@users.noreply.github.com>

* added missing tag

Co-Authored-By: Daniel Mofer <7999779+danielmofer@users.noreply.github.com>

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
Co-authored-by: Daniel Mofer <7999779+danielmofer@users.noreply.github.com>
 2021-12-18 14:32:44 +05:30
Prince Chaddha d911551318
Merge pull request #3358 from Akokonunes/patch-91 
Create asanhamayesh-cms-lfi.yaml
 2021-12-18 14:32:12 +05:30
Prince Chaddha c6521085b7
Update groupoffice-lfi.yaml 2021-12-18 14:32:09 +05:30
Prince Chaddha 4747277a4e
Update and rename asanhamayesh-cms-lfi.yaml to vulnerabilities/other/asanhamayesh-lfi.yaml 2021-12-18 14:28:39 +05:30
Prince Chaddha 35faabd29f
Update and rename groupoffice-lfi.yaml to vulnerabilities/other/groupoffice-lfi.yaml 2021-12-18 14:26:46 +05:30
Prince Chaddha 8afbfdc8dc
Update and rename oliver-library-server-lfi.yaml to oliver-library-lfi.yaml 2021-12-18 14:23:57 +05:30
Prince Chaddha bf545ef3ac
Merge pull request #3370 from projectdiscovery/princechaddha-patch-3 
Create thinfinity-virtualui-panel.yaml
 2021-12-18 13:49:38 +05:30
Prince Chaddha ede770acb0
Create thinfinity-virtualui-panel.yaml 2021-12-18 13:36:12 +05:30
Prince Chaddha e89d19e115
Merge pull request #3369 from projectdiscovery/princechaddha-patch-3 
Create emessage-panel.yaml
 2021-12-18 13:29:47 +05:30
Prince Chaddha 88e02c99c2
Create emessage-panel.yaml 2021-12-18 13:27:58 +05:30
Prince Chaddha edd56d1189 Revert "Create emessage-panel.yaml" 
This reverts commit d530c00864.
 2021-12-18 13:27:07 +05:30
Prince Chaddha d530c00864
Create emessage-panel.yaml 2021-12-18 13:25:44 +05:30
Sandeep Singh 32c7a10b29
Added separate wordpress detection + version extractor (#3368) 2021-12-18 12:49:47 +05:30
Abhiram V dd40419ea5
Updated CVE-2021-44228 with most common vulnerable headers (#3334) 
* Updated with common headers which can be exploited

Reference : https://blog.qualys.com/vulnerabilities-threat-research/2021/12/10/apache-log4j2-zero-day-exploited-in-the-wild-log4shell
These headers are collected from above blog in Detecting the Vulnerability part

* fix: lint update

* Update CVE-2021-44228.yaml

* Update CVE-2021-44228.yaml

* Updated changed matchers and extractors regex according to v8.7.3 update

* payload updates for CVE-2021-44228

- more injection points
- a fixed regex to extract uppercase hostnames
- standardized payloads
- printed injection points

Source - https://twitter.com/0xceba/status/1471664540542648322

Co-Authored-By: 0xceba <44234156+0xceba@users.noreply.github.com>
Co-Authored-By: Abhiram V <61599526+Anon-Artist@users.noreply.github.com>

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
Co-authored-by: 0xceba <44234156+0xceba@users.noreply.github.com>
 2021-12-18 10:51:45 +05:30
GwanYeong Kim 4fdb934da0 Create oliver-library-server-lfi.yaml 
An arbitrary file download vulnerability in Oliver v5 Library Server Versions < 8.00.008.053 via the FileServlet function allows for arbitrary file download by an attacker using unsanitized user supplied input.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
 2021-12-18 10:55:28 +09:00
meme-lord 09324d1be7
Added MobileIron log4j template (#3355) 
* Added MobileIron log4j

* misc updates

Co-authored-by: meme-lord <17912559+meme-lord@users.noreply.github.com>
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
 2021-12-16 22:37:32 +05:30
Roberto Nunes d4e38b00e3
Create asanhamayesh-cms-lfi.yaml 2021-12-16 21:56:43 +09:00
Roberto Nunes 6eda7233d6
Create global-domains-lfi.yaml 2021-12-16 21:54:56 +09:00
Roberto Nunes 3688b5d434
Create groupoffice-lfi.yaml 2021-12-16 21:49:30 +09:00
Prince Chaddha 85c8b47b62
Create emerson-power-panel.yaml 2021-12-16 11:48:07 +05:30
Muhammad Daffa c642f24d51
Create api-bitrise.yaml 2021-12-15 23:48:17 +07:00
Prince Chaddha fbf0b448be
Merge pull request #3350 from projectdiscovery/princechaddha-patch-2 
Create casemanager-panel.yaml
 2021-12-15 22:16:13 +05:30
Prince Chaddha 8176e88aa2
Create casemanager-panel.yaml 2021-12-15 22:14:37 +05:30
Prince Chaddha 4b6897576d Revert "Create casemanager-panel.yaml" 
This reverts commit 5c2b2bce23.
 2021-12-15 22:13:10 +05:30
Prince Chaddha 5c2b2bce23
Create casemanager-panel.yaml 2021-12-15 22:12:37 +05:30
Prince Chaddha 86d6051ee9
Merge pull request #3345 from daffainfo/patch-280 
Create api-quip.yaml
 2021-12-15 22:03:10 +05:30
Prince Chaddha 5629406b9c
Update api-quip.yaml 2021-12-15 22:00:22 +05:30
Prince Chaddha 18f8877fdd
Merge pull request #3343 from daffainfo/patch-278 
Create api-pastebin.yaml
 2021-12-15 21:56:10 +05:30
Prince Chaddha 6fa183338a
Merge pull request #3344 from daffainfo/patch-279 
Create api-pinata.yaml
 2021-12-15 21:55:58 +05:30
Muhammad Daffa e5a139960a
Rename api-web3storage to api-web3storage.yaml 2021-12-15 23:01:06 +07:00
Muhammad Daffa cadfba73be
Create api-web3storage 2021-12-15 22:59:48 +07:00
sandeep b8fa0d5857 update: added more reference 2021-12-15 21:26:35 +05:30
sandeep 39a71c641a update: added more reference 2021-12-15 21:20:18 +05:30
Prince Chaddha f1a27bdf47
Update api-pastebin.yaml 2021-12-15 21:18:12 +05:30
Evan Rubinstein 11fe2fdfee
Added apache-solr-log4j RCE (#3336) 
* update: added apache-solr-log4j-rce

Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
Co-authored-by: GitHub Action <action@github.com>
 2021-12-15 21:15:43 +05:30
Sandeep Singh 5be1bc1ae7
Added Initial SSL Templates (#3339) 2021-12-15 20:43:36 +05:30
Geeknik Labs 9c169bd682
Create CVE-2021-44528.yaml (#3342) 2021-12-15 20:43:07 +05:30
Adam Crosser 937205ec38
Added Templates for DefectDojo and Yopass (#3346) 
* Added Templates for DefectDojo and Yopass

* Update defectdojo-exposure.yaml

* Update yopass-exposure.yaml

* update: added metadata

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
 2021-12-15 13:16:08 +05:30
Muhammad Daffa f0198a5b84
Create api-quip.yaml 2021-12-15 09:26:16 +07:00