33badb66d1
oob tags update
2021-10-19 02:10:26 +05:30
087bbd2263
Add description
2021-10-17 15:54:19 +03:00
0fd1574fe2
Add description
2021-10-17 15:52:26 +03:00
c1b42bcc55
Add description
2021-10-17 15:50:52 +03:00
5385191a9d
Update microstrategy-ssrf.yaml
2021-10-17 07:46:32 +05:30
274f3f941a
Update microstrategy-ssrf.yaml
2021-10-16 17:19:30 -03:00
aad97c084c
misc update
2021-10-14 20:08:44 +05:30
f9f4e3327e
moving files around
2021-10-14 20:05:25 +05:30
adfbed9d51
lint fix
2021-10-14 19:50:43 +05:30
558272470e
Merge branch 'master' of https://github.com/nrathaus/nuclei-templates into pr/2893
2021-10-14 19:32:03 +05:30
a313e27f6e
misc update
2021-10-14 19:31:57 +05:30
4532646b44
Description
2021-10-14 16:35:40 +03:00
d803f91971
Add description
2021-10-14 16:34:15 +03:00
dbb28d586a
Add description
2021-10-14 16:32:34 +03:00
5a00c6841d
Working link
2021-10-14 16:32:15 +03:00
75f96128d5
Better description
2021-10-14 16:31:27 +03:00
16dd5c6e8e
More reference
2021-10-14 16:30:44 +03:00
09de143099
Add CVE
2021-10-14 16:30:14 +03:00
6eaff09b16
Add description
2021-10-14 16:29:51 +03:00
a6800e0e1a
Add description
2021-10-14 16:28:41 +03:00
5618e8eaa9
Better description
2021-10-14 16:27:26 +03:00
e3071a4f26
Added description
2021-10-14 16:10:54 +03:00
eef7ba6cd4
Spelling
2021-10-14 16:07:39 +03:00
083ca2805a
Add description
2021-10-14 16:07:18 +03:00
2946782493
Fix name
2021-10-14 16:06:20 +03:00
3322a4becc
Previous reference is no longer available
2021-10-14 16:05:47 +03:00
67a6e574a0
Add description
2021-10-14 16:04:37 +03:00
4b603769c5
Add vendor CERT advisory/cve
2021-10-14 15:59:38 +03:00
39ebcc13a3
Add description
2021-10-14 15:55:59 +03:00
18e6257e33
description
2021-10-14 15:54:28 +03:00
2e9613d75b
Improve description
2021-10-13 12:01:33 +03:00
d5038b7520
Add description
2021-10-13 12:00:55 +03:00
ab008edc5b
Add description
2021-10-13 12:00:39 +03:00
b86a987030
Dead link
2021-10-13 12:00:36 +03:00
a3608c32f4
Add description
2021-10-13 11:56:10 +03:00
6205415bbd
Update keycloak-xss.yaml
...
Updating severity as this XSS is not exploitable directly.
2021-10-09 08:46:17 +05:30
95305667c0
Merge pull request #2852 from pdelteil/patch-65
...
Update qcubed-xss.yaml
2021-10-08 19:14:41 +05:30
6a00b9245c
Update qcubed-xss.yaml
2021-10-08 19:14:26 +05:30
de0a0ff3c1
misc update
2021-10-08 19:10:03 +05:30
60a3b6f4a4
Update qcubed-xss.yaml
2021-10-08 03:46:49 -03:00
888c703a3c
Update pmb-directory-traversal.yaml
2021-10-08 03:33:40 -03:00
8dfa5ce9b4
Added Lucee Unauthenticated Reflected XSS
2021-10-06 16:38:23 +05:30
47853b869b
Update metinfo-lfi.yaml
2021-10-02 17:57:59 +05:30
f43b256e6e
Update metinfo-lfi.yaml
2021-10-02 17:57:33 +05:30
8fc91de606
Update metinfo-lfi.yaml
2021-10-02 03:42:22 -03:00
58fd372498
Update and rename qihang-media-web-lfi.yaml to qihang-media-lfi.yaml
2021-10-01 16:28:20 +05:30
ea71661d79
Update and rename qihang-media-web-credentials-disclosure.yaml to qihang-media-disclosure.yaml
2021-10-01 16:26:25 +05:30
f750bf5ba5
Create qihang-media-web-credentials-disclosure.yaml
...
The application suffers from clear-text credentials disclosure vulnerability that allows an unauthenticated attacker to issue a request to an unprotected directory that hosts an XML file /xml/User/User.xml and obtain administrative login information that allows for a successful authentication bypass attack.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-10-01 15:42:48 +09:00
90138f44d1
Create qihang-media-web-lfi.yaml
...
The application suffers from an unauthenticated file disclosure vulnerability when input passed thru the filename parameter when using the download action or thru path parameter when using the getAll action is not properly verified before being used. This can be exploited to disclose contents of files and directories from local resources.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-10-01 15:35:12 +09:00
c9a374bed5
renamed: simple-employee-rce.yaml -> ../../cves/2019/CVE-2019-20183.yaml
2021-09-30 13:06:46 -04:00
sandeep
Noam Rathaus
Prince Chaddha
Philippe Delteil
GwanYeong Kim
Sullo