sandeep
03cd55a33f
severity update based on poc
...
We will update this again as per assigned CVE which is not available right now?
2021-08-17 15:02:47 +05:30
sandeep
4a5137b742
more tags
2021-08-17 15:00:30 +05:30
sandeep
e8c3a1f9c7
Additional matchers update
2021-08-17 15:00:05 +05:30
Sanyam Chawla
5072dbbcbb
Create ms-exchange-server-reflected-xss.yaml
2021-08-17 13:55:38 +05:30
Geeknik Labs
3b9fb75fcb
Update twig-php-ssti.yaml
...
Another FP fix
2021-08-16 15:30:23 -05:00
Geeknik Labs
d52c97c569
Update twig-php-ssti.yaml
...
False positive fix
2021-08-16 15:28:13 -05:00
Prince Chaddha
970bdb3ac7
Update pmb-directory-traversal.yaml
2021-08-16 16:43:47 +05:30
Prince Chaddha
d45887f9f9
Delete node-nunjucks-ssti.yaml
2021-08-16 16:41:58 +05:30
Prince Chaddha
d3a379e112
Update eyelock-nano-lfd.yaml
2021-08-16 16:40:42 +05:30
Prince Chaddha
af4f29ab03
Update beward-ipcamera-disclosure.yaml
2021-08-16 16:37:34 +05:30
Prince Chaddha
4e498a6478
Create pmb-directory-traversal.yaml
2021-08-16 16:14:02 +05:30
Prince Chaddha
451823f887
Create node-nunjucks-ssti.yaml
2021-08-16 16:13:27 +05:30
Prince Chaddha
c6927262eb
Create eyelock-nano-lfd.yaml
2021-08-16 16:12:45 +05:30
Prince Chaddha
232b187a40
Create beward-ipcamera-disclosure.yaml
2021-08-16 16:11:44 +05:30
Prince Chaddha
7bce4fbb26
Update netis-info-leak.yaml
2021-08-14 16:00:00 +05:30
Prince Chaddha
edffa49ca4
Update netis-info-leak.yaml
2021-08-14 15:53:30 +05:30
GwanYeong Kim
5b81af7ab4
Create netis-info-leak.yaml
...
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-08-13 13:34:28 +09:00
sandeep
df65ba694b
Update ewebs-arbitrary-file-reading.yaml
2021-08-12 18:19:22 +05:30
PikPikcU
65ed503022
Create ewebs-arbitrary-file-reading.yaml
2021-08-12 18:41:02 +07:00
Sandeep Singh
5ca0a70f3e
Merge pull request #2372 from projectdiscovery/buffalo
...
Added CVE-2021-20090 / CVE-2021-20091 / CVE-2021-20092
2021-08-12 16:07:45 +05:30
Prince Chaddha
cfc534af89
Update sar2html-rce.yaml
2021-08-12 15:03:49 +05:30
sandeep
98a07bd594
Added unauth config injection
2021-08-12 14:12:20 +05:30
GwanYeong Kim
0d2b53e71d
Create sar2html-rce.yaml
...
SAR2HTML could allow a remote attacker to execute arbitrary commands on the system, caused by a commend injection flaw in the index.php script. By sending specially-crafted commands, an attacker could exploit this vulnerability to execute arbitrary commands on the system.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-08-11 14:11:25 +09:00
Noam Rathaus
a806149864
Spelling
2021-08-09 16:31:00 +03:00
Noam Rathaus
864b209cc1
Add reference
2021-08-09 16:10:10 +03:00
Noam Rathaus
3651410d37
Provide description
2021-08-09 16:08:19 +03:00
Sandeep Singh
210c57768d
Merge pull request #2193 from gy741/rule-add-v42
...
Create kevinlab-hems-backdoor.yaml
2021-08-08 13:56:56 +05:30
sandeep
a7dcd3f317
added more tags
2021-08-08 00:27:18 +05:30
sandeep
3b6d6322ea
Additional matcher
2021-08-08 00:22:55 +05:30
sandeep
e690901c86
minor update
2021-08-08 00:20:56 +05:30
sandeep
ca9efec5c0
tag update
2021-08-07 15:00:29 +05:30
Dhiyaneshwaran
afcbd374a9
Create sap-redirect.yaml
2021-08-07 11:31:58 +05:30
sandeep
5cddd4312b
Adding additional steps to make it work
2021-08-06 23:30:34 +05:30
PikPikcU
57624f3d25
Create ruijie-eg-rce.yaml
2021-08-06 17:04:32 +07:00
Prince Chaddha
3395eff8a0
Merge pull request #2316 from gy741/rule-add-v49
...
Create CVE-2020-7796.yaml
2021-08-03 19:57:45 +05:30
Prince Chaddha
c581a94bf4
Merge pull request #2318 from gy741/rule-add-v50
...
Create longjing-technology-bems-api-lfi.yaml
2021-08-03 19:56:57 +05:30
Prince Chaddha
28d568b88c
Update and rename longjing-technology-bems-api-lfi.yaml to bems-api-lfi.yaml
2021-08-03 19:55:25 +05:30
Prince Chaddha
23bc448b1b
Merge pull request #2199 from pikpikcu/patch-208
...
Add OpenSIS POC
2021-08-03 19:53:32 +05:30
GwanYeong Kim
5fb6332bd9
Create longjing-technology-bems-api-lfi.yaml
...
The application suffers from an unauthenticated arbitrary file download vulnerability. Input passed through the fileName parameter through downloads endpoint is not properly verified before being used to download files. This can be exploited to disclose the contents of arbitrary and sensitive files through directory traversal attacks.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-08-03 21:52:14 +09:00
Prince Chaddha
ea1ae20a82
Create zimbra-preauth-ssrf.yaml
2021-08-03 12:52:56 +05:30
Prince Chaddha
2491a6a4b7
Merge pull request #2227 from Udyz/patch-5
...
Create hasura-graphql-sql-exec.yaml
2021-08-02 22:25:31 +05:30
Prince Chaddha
4e976706b8
Update hasura-graphql-psql-exec.yaml
2021-08-02 22:18:41 +05:30
Prince Chaddha
204cf337c8
Update hasura-graphql-psql-exec.yaml
2021-08-02 22:15:52 +05:30
Prince Chaddha
6102421e22
Update hasura-graphql-ssrf.yaml
2021-08-02 22:03:12 +05:30
Prince Chaddha
03077a9ca2
Update tikiwiki-reflected-xss.yaml
2021-08-02 21:44:48 +05:30
Noam Rathaus
493acb8afe
Description
2021-08-02 14:30:22 +03:00
sandeep
e896a8982d
misc updates
2021-08-02 12:53:35 +05:30
GwanYeong Kim
27eef8c1a9
Create zhiyuan-file-upload.yaml
...
Zhiyuan OA is a set of office coordinating management software. Recently, Qianxin CERT monitors the relevant vulnerability information of the long OA. Since there is an unauthorized access in some interfaces, and some functions are insufficient, the attacker can upload malicious script files without logging in, so that there is no need to log in. Zhiyuan OA official has provided patches for this vulnerability. In view of the large vulnerability harm, it is recommended that users apply patch updates as soon as possible.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-08-02 11:07:14 +09:00
Prince Chaddha
49efd9fa07
Update bitrix-open-redirect.yaml
2021-07-29 00:13:15 +05:30
PikPikcU
783550d003
Update bitrix-open-redirect.yaml
2021-07-28 08:38:48 +07:00
PikPikcU
72fcdc20bf
Create bitrix-open-redirect.yaml
2021-07-28 08:37:25 +07:00
lulz
0c68ef5f66
Rename raw-psql-warp.yaml to hasura-graphql-psql-exec.yaml
2021-07-27 23:25:36 +07:00
lulz
0706823399
Update raw-psql-warp.yaml
2021-07-27 23:23:55 +07:00
lulz
5c931f8d00
Update raw-psql-warp.yaml
2021-07-27 22:12:41 +07:00
lulz
2219ab607e
Create raw-psql-warp.yaml
2021-07-27 21:57:59 +07:00
Prince Chaddha
9f28ff8f9b
Update qcubed-xss.yaml
2021-07-27 11:57:30 +05:30
PikPikcU
a2fc63b7ac
Create qcubed-xss.yaml
2021-07-27 13:06:30 +07:00
PikPikcU
72c038bbf1
Update opensis-lfi.yaml
2021-07-27 08:07:21 +07:00
PikPikcU
29e399df87
Create opensis-lfi.yaml
2021-07-27 07:43:02 +07:00
GwanYeong Kim
eadc9b4dac
Create kevinlab-hems-backdoor.yaml
...
The HEMS solution has an undocumented backdoor account and these sets of credentials are never exposed to the end-user and cannot be changed through any normal operation of the solution thru the RMI. Attacker could exploit this vulnerability by logging in using the backdoor account with highest privileges for administration and gain full system control. The backdoor user cannot be seen in the users settings in the admin panel and it also uses an undocumented privilege level (admin_pk=1) which allows full availability of the features that the HEMS is offering remotely.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-07-27 02:48:31 +09:00
Prince Chaddha
833ae4ae48
Merge pull request #1083 from pikpikcu/patch-123
...
Create dedecms-membergroup-sqli
2021-07-26 18:02:27 +05:30
Prince Chaddha
86989129d1
Update netgear-wnap320-rce.yaml
2021-07-26 13:38:38 +05:30
GwanYeong Kim
c72190c4bf
Create netgear-wnap320-rce.yaml
...
vulnerabilities in the web-based management interface of Netgear WNAP320 Access Point could allow an authenticated, remote attacker to perform command injection attacks against an affected device.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-07-26 08:35:22 +09:00
sandeep
6ccc5f8792
matcher update to handle edge cases
2021-07-25 03:05:55 +05:30
Prince Chaddha
2c0aa783c4
Merge pull request #2148 from gy741/rule-add-v34
...
Add KevinLAB BEMS 1.0 Multiple Vulnerabilities
2021-07-24 15:37:48 +05:30
Prince Chaddha
bf7c0d3a63
Merge pull request #2122 from gy741/rule-add-v33
...
Create magicflow-lfi.yaml
2021-07-24 12:13:59 +05:30
Prince Chaddha
ac45802ef5
Update kevinlab-bems-sqli.yaml
2021-07-24 12:10:46 +05:30
Prince Chaddha
2631f55550
Update kevinlab-bems-backdoor.yaml
2021-07-24 12:07:27 +05:30
Prince Chaddha
9a46592f71
Update kevinlab-bems-sqli.yaml
2021-07-24 11:59:35 +05:30
Prince Chaddha
87b4c2e98b
Update kevinlab-bems-sqli.yaml
2021-07-24 11:47:05 +05:30
Sandeep Singh
4b444af3c4
Merge pull request #2125 from DhiyaneshGeek/master
...
17 New Templates Added
2021-07-24 03:26:09 +05:30
sandeep
9617bc5815
matcher update
2021-07-24 03:25:22 +05:30
sandeep
47ea40bc55
Update kevinlab-bems-backdoor.yaml
2021-07-24 03:17:53 +05:30
Sandeep Singh
b346584002
Update vulnerabilities/other/nginx-merge-slashes-path-traversal.yaml
...
Co-authored-by: Toufik Airane <toufik.airane@appsectribe.com>
2021-07-24 00:25:13 +05:30
Sandeep Singh
1909e3f628
Update vulnerabilities/other/nginx-merge-slashes-path-traversal.yaml
...
Co-authored-by: Toufik Airane <toufik.airane@appsectribe.com>
2021-07-24 00:24:37 +05:30
Prince Chaddha
ca49fb21c7
Merge pull request #2154 from pdelteil/patch-25
...
Update coldfusion-debug-xss.yaml
2021-07-23 20:54:31 +05:30
Prince Chaddha
2dfa3d2e82
Update visual-tools-dvr-rce.yaml
2021-07-23 20:46:49 +05:30
Prince Chaddha
1dd4e3c846
Update visual-tools-dvr-rce.yaml
2021-07-23 15:15:23 +05:30
GwanYeong Kim
2c77510faa
Create visual-tools-dvr-rce.yaml
...
vulnerabilities in the web-based management interface of Visual Tools DVR VX16 4.2.28.0 could allow an authenticated, remote attacker to perform command injection attacks against an affected device.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-07-23 08:47:29 +09:00
Philippe Delteil
abacdafb4f
Update coldfusion-debug-xss.yaml
...
The term adobe is more general than coldfusion. Since Coldfusion is a product of Adobe.
2021-07-22 19:44:57 -04:00
GwanYeong Kim
69db0862ee
Create kevinlab-bems-backdoor.yaml
...
The BEMS solution has an undocumented backdoor account and these sets of credentials are never exposed to the end-user and cannot be changed through any normal operation of the solution thru the RMI. Attacker could exploit this vulnerability by logging in using the backdoor account with highest privileges for administration and gain full system control. The backdoor user cannot be seen in the users settings in the admin panel and it also uses an undocumented privilege level (admin_pk=1) which allows full availability of the features that the BEMS is offering remotely.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-07-22 22:13:00 +09:00
GwanYeong Kim
a4ec6a2b11
Create kevinlab-bems-sqli.yaml
...
The application suffers from an unauthenticated SQL Injection vulnerability. Input passed through 'input_id' POST parameter in '/http/index.php' is not properly sanitised before being returned to the user or used in SQL queries.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-07-22 21:46:18 +09:00
Prince Chaddha
111da22943
Update dedecms-membergroup-sqli.yaml
2021-07-21 18:34:37 +05:30
Prince Chaddha
403a73d1c7
Merge pull request #1085 from pikpikcu/patch-125
...
Create dedecms-carbuyaction-fileinclude.yaml
2021-07-21 18:27:45 +05:30
Prince Chaddha
f5fc07dd72
Merge pull request #1581 from pikpikcu/patch-168
...
Create hiboss-rce
2021-07-21 18:27:38 +05:30
Prince Chaddha
08541f08c4
Update dedecms-carbuyaction-fileinclude.yaml
2021-07-21 18:26:36 +05:30
Prince Chaddha
00ce088daf
Merge pull request #1334 from projectdiscovery/princechaddha-patch-3
...
Create sangfor-edr-auth-bypass.yaml
2021-07-21 18:18:08 +05:30
Prince Chaddha
8d953c45ea
Update sangfor-edr-auth-bypass.yaml
2021-07-21 18:14:42 +05:30
Prince Chaddha
da1ef3b031
Merge pull request #1568 from pikpikcu/patch-166
...
Create h3c-imc-rce
2021-07-21 18:11:11 +05:30
Dhiyaneshwaran
08f160f0e2
Create nginx-merge-slashes-path-traversal.yaml
2021-07-21 13:46:40 +05:30
GwanYeong Kim
16750fd9a2
Create magicflow-lfi.yaml
...
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-07-21 14:18:00 +09:00
GwanYeong Kim
19fa522fec
Create mirai-unknown-rce.yaml
...
The unknown exploit targets the login CGI script, where a key parameter is not properly sanitized leading to a command injection.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-07-18 22:44:29 +09:00
sandeep
63ae086b67
Payload + matcher update
2021-07-17 23:02:43 +05:30
Prince Chaddha
33a0ede229
Merge pull request #2009 from gy741/rule-add-v24
...
Create CVE-2020-26919, CVE-2020-25506, OptiLink ONT1GEW GPON RCE, CVE-2021-31755
2021-07-16 18:04:52 +05:30
Sandeep Singh
9286c79bc1
Rename optiLink-ont1gew-gpon-rce.yaml to optilink-ont1gew-gpon-rce.yaml
2021-07-15 23:15:45 +05:30
sandeep
6bf13454ae
Update optiLink-ont1gew-gpon-rce.yaml
2021-07-15 23:15:22 +05:30
sandeep
642f71278d
Added Yapi RCE
2021-07-15 22:11:22 +05:30
GwanYeong Kim
1eb999ce02
Create optiLink-ont1gew-gpon-rce.yaml
...
vulnerabilities in the web-based management interface of OptiLink could allow an authenticated, remote attacker to perform command injection attacks against an affected device.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-07-15 14:57:34 +09:00
Prince Chaddha
5182b88b54
Merge pull request #1871 from projectdiscovery/huijietong-cloud-fileread
...
Create huijietong-cloud-fileread.yaml
2021-07-14 19:27:43 +05:30
sandeep
c8c49c5046
Update hasura-graphql-ssrf.yaml
2021-07-13 15:58:06 +05:30
sandeep
5fe872788f
minor update
2021-07-13 15:57:10 +05:30
Prince Chaddha
4ef8ed8e97
Create hasura-graphql-ssrf.yaml
2021-07-12 20:49:09 +05:30
Prince Chaddha
a0d643561f
Update icewarp-webclient-rce.yaml
2021-07-10 09:18:32 +05:30
GwanYeong Kim
ef74a354ca
Create icewarp-webclient-rce.yaml
...
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-07-09 13:52:28 +09:00
Prince Chaddha
808712f772
Update clockwatch-enterprise-rce.yaml
2021-07-08 14:20:18 +05:30
Prince Chaddha
6e6d383b6c
Update clockwatch-enterprise-rce.yaml
2021-07-08 14:00:27 +05:30
Prince Chaddha
7695526e13
Update clockwatch-enterprise-rce.yaml
2021-07-08 14:00:01 +05:30
GwanYeong Kim
a722b9fff6
Create clockwatch-enterprise-rce.yaml
...
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-07-08 13:18:31 +09:00
sandeep
edc0f1a775
Update opensns-rce.yaml
2021-07-07 18:30:48 +05:30
sandeep
9588eadaed
minor updates
2021-07-07 18:30:15 +05:30
GwanYeong Kim
c3cbee2794
Create opensns-rce.yaml
...
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-07-07 18:49:36 +09:00
Sandeep Singh
f683e0bade
Merge pull request #1837 from gy741/rule-add-v10
...
Create huawei-router-auth-bypass.yaml
2021-07-06 23:33:47 +05:30
sandeep
cc4244d36c
Update huawei-router-auth-bypass.yaml
2021-07-06 23:32:45 +05:30
Prince Chaddha
7c06dfaf70
Create huijietong-cloud-fileread.yaml
2021-07-05 21:59:12 +05:30
Prince Chaddha
f55aef6a1b
Merge pull request #1839 from gy741/rule-add-v11
...
Create netgear-router-auth-bypass.yaml
2021-07-05 21:46:00 +05:30
sandeep
457ce76e34
minor updates
2021-07-04 17:09:45 +05:30
PikPikcU
ecdd86167a
Create lotuscms-rce.yaml
2021-07-04 11:11:19 +00:00
sandeep
d50459eb9b
Added missing matcher
2021-07-04 01:26:41 +05:30
sandeep
afcbe4cfe4
minor updates
2021-07-04 01:22:08 +05:30
Dhiyaneshwaran
127673455a
Update coldfusion-debug-xss.yaml
2021-07-02 20:55:33 +05:30
Dhiyaneshwaran
e259c3dd2f
Update jfrog-unauth-build-exposed.yaml
2021-07-02 20:53:02 +05:30
Dhiyaneshwaran
2787fc01b6
Update jfrog-unauth-build-exposed.yaml
2021-07-02 08:25:40 +05:30
Dhiyaneshwaran
2fa4382ef5
Create jfrog-unauth-build-exposed.yaml
2021-07-02 08:23:42 +05:30
Dhiyaneshwaran
453b09d3ff
Create coldfusion-debug-xss.yaml
2021-07-01 22:31:01 +05:30
GwanYeong Kim
c0ebf56f85
Create netgear-router-auth-bypass.yaml
...
NETGEAR decided to use to check if a page has “.jpg”, “.gif” or “ess_” substrings, trying to match the entire URL. We can therefore access any page on the device, including those that require authentication, by appending a GET variable with the relevant substring (like “?.gif”).
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-07-01 14:39:10 +09:00
GwanYeong Kim
4d56d47c69
Create huawei-router-auth-bypass.yaml
...
The default password of this router is the last 8 characters of the
device's serial number which exist in the back of the device.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-07-01 09:28:30 +09:00
Sandeep Singh
039a41e790
Merge pull request #1774 from pikpikcu/patch-185
...
Create huawei-hg659-lfi.yaml
2021-06-28 21:46:51 +05:30
sandeep
24a3fab9d3
Added missing condition
2021-06-26 19:35:52 +05:30
Sandeep Singh
e84c784fa2
Merge pull request #1689 from nrathaus/master
...
CVE-2021-28164 and some fixes
2021-06-24 23:58:29 +05:30
PikPikcU
cb18f313fd
Create huawei-hg659-lfi.yaml
2021-06-24 15:41:18 +00:00
Prince Chaddha
bc7e8a80db
Merge pull request #1336 from projectdiscovery/princechaddha-patch-5
...
Create resin-inputfile-fileread.yaml
2021-06-24 02:32:40 +05:30
Prince Chaddha
ed4c5a415d
Merge pull request #1335 from projectdiscovery/princechaddha-patch-4
...
Create resin-viewfile-lfr.yaml
2021-06-24 02:28:47 +05:30
Prince Chaddha
c45ec90d5f
Update resin-inputfile-fileread.yaml
2021-06-24 02:28:18 +05:30
Prince Chaddha
b2114008ad
Merge pull request #1595 from pikpikcu/patch-173
...
Create jeewms-lfi
2021-06-24 02:24:41 +05:30
Prince Chaddha
1d581af4ec
Update jeewms-lfi.yaml
2021-06-22 18:28:52 +05:30
Noam Rathaus
01b77a7ed2
Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates
2021-06-17 16:54:18 +03:00
PikPikcU
9f8cae8ab5
Update tamronos-rce.yaml
2021-06-17 01:34:49 +00:00
PikPikcU
90bdede7dd
Create tamronos-rce.yaml
2021-06-17 01:31:59 +00:00
Noam Rathaus
3369c5a4dd
Reference
2021-06-13 11:55:20 +03:00
Noam Rathaus
b5bdac494b
Merge branch 'master' of https://github.com/nrathaus/nuclei-templates
2021-06-13 09:54:52 +03:00
Noam Rathaus
feb42e49b0
Reduce chances of FP
2021-06-13 09:53:47 +03:00
Noam Rathaus
513596d2e0
Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates
2021-06-13 09:05:57 +03:00
Prince Chaddha
98e49295b6
Merge pull request #1672 from DhiyaneshGeek/master
...
CKAN DOM Based XSS , php-zerodium-backdoor-rce
2021-06-11 14:16:18 +05:30
Dhiyaneshwaran
771e55eca6
Create php-zerodium-backdoor-rce.yaml
2021-06-10 22:01:26 +05:30
Dhiyaneshwaran
fd70f535dd
Update ckan-dom-based-xss.yaml
2021-06-10 17:27:21 +05:30
Sandeep Singh
a4897080b2
Merge pull request #1668 from pikpikcu/patch-181
...
Create php-timeclock-xss
2021-06-10 14:57:05 +05:30
sandeep
b43c8f2c93
misc update
2021-06-10 14:53:31 +05:30
sandeep
083d32c05f
More validation
2021-06-10 14:37:26 +05:30
sandeep
0ebeff27a6
misc changes
2021-06-10 14:25:20 +05:30
Dhiyaneshwaran
5b2ec54d34
Create ckan-dom-based-xss.yaml
2021-06-10 13:37:33 +05:30
PikPikcU
a4e714718f
Create php-timeclock-xss.yaml
2021-06-10 07:29:19 +00:00
PikPikcU
c80690c829
Create mpsec-isg1000-lfi.yaml
2021-06-10 07:11:07 +00:00
Noam Rathaus
885aeadaa7
Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates
2021-06-09 16:07:06 +03:00
Prince Chaddha
83ce809e8d
Updated author names
2021-06-09 17:50:56 +05:30
sandeep
23cb4c4d9f
moving files around
2021-06-09 14:37:40 +05:30
Noam Rathaus
46e4d47d92
Another reference
2021-06-09 09:43:04 +03:00
Noam Rathaus
27db48cb53
Another vector
2021-06-09 09:42:41 +03:00
Noam Rathaus
1e0a542b21
New test
2021-06-09 09:07:03 +03:00
Noam Rathaus
8b0c5eaee3
Spelling
2021-06-06 10:35:09 +03:00
sandeep
5d63b1bb05
Fixing the condition
2021-06-04 21:33:01 +05:30
sandeep
1f6334671c
escape fix
2021-06-04 21:26:59 +05:30
PikPikcU
bc9a760d29
Create interlib-fileread.yaml
2021-06-04 02:54:55 +00:00
sandeep
0f0ff2ee1e
moving files around
2021-06-03 21:54:08 +05:30
Prince Chaddha
3202a0dd65
Merge pull request #1606 from nrathaus/master
...
Description / Spelling
2021-06-02 13:10:50 +05:30
sandeep
2fe2c88872
Moving files around
2021-06-02 12:22:24 +05:30
Noam Rathaus
2d52259f70
Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates
2021-06-02 09:09:05 +03:00
sandeep
a5ccb5f893
strict matcher
2021-06-01 16:08:41 +05:30
PikPikcU
7f5dfedf55
Create jeewms-lfi.yaml
2021-06-01 09:08:45 +00:00
Sandeep Singh
2685f492ed
Merge pull request #1580 from pikpikcu/patch-167
...
Create ns-asg-file-read
2021-06-01 14:10:09 +05:30
sandeep
d5b9e4c7b6
Update ns-asg-file-read.yaml
2021-06-01 14:09:01 +05:30
Prince Chaddha
31341b547e
Update blue-ocean-excellence-lfi.yaml
2021-05-31 15:44:21 +05:30
PikPikcU
f944191e7a
Create blue-ocean-excellence-lfi.yaml
2021-05-31 09:29:51 +00:00
PikPikcU
65c73dbe34
Create hiboss-rce.yaml
2021-05-31 09:08:16 +00:00
PikPikcU
e56a64402c
Create ns-asg-file-read.yaml
2021-05-31 08:56:01 +00:00
sandeep
4edb345286
Merge branch 'patch-165' of https://github.com/pikpikcu/nuclei-templates into pr/1567
2021-05-31 14:20:30 +05:30
sandeep
2ad903dcf1
misc changes
2021-05-31 14:19:23 +05:30
PikPikcU
76886054ce
Create h3c-imc-rce.yaml
2021-05-31 05:53:21 +00:00
PikPikcU
5f4923ddce
Create hjtcloud-arbitrary-file-read.yaml
2021-05-31 05:38:23 +00:00
Noam Rathaus
81d1180769
Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates
2021-05-30 09:09:37 +03:00
sandeep
1644eb793a
misc changes
2021-05-28 11:12:36 +05:30
PikPikcU
b94ba82591
Update natshell-rce.yaml
2021-05-28 02:49:17 +07:00
PikPikcU
f1726d3a1f
Create natshell-rce.yaml
2021-05-27 14:59:33 +00:00
Noam Rathaus
b32eac85b1
Give description
2021-05-25 14:35:41 +03:00
sandeep
8676d8c23c
Added Maian Cart 3.8 preauth RCE template
2021-05-25 05:08:52 +05:30
sandeep
d7d86bbd95
More strict matcher
2021-05-20 23:15:01 +05:30
sandeep
e66ce65285
Adding Fanruan related templates
2021-05-20 22:56:55 +05:30
sandeep
f0879103d4
Improved matcher
2021-05-17 22:39:05 +05:30
sandeep
08ee1ad5ee
matcher update
2021-05-17 19:49:24 +05:30
PikPikcU
08001381c4
Create natshell-path-traversal.yaml
2021-05-17 08:14:20 +00:00
PikPikcU
04e1fb0ef8
Create flir-path-traversal.yaml
2021-05-16 04:54:40 +00:00
Prince Chaddha
21c1dc2c70
Merge pull request #1337 from projectdiscovery/princechaddha-patch-7
...
Create resin-cnnvd-200705-315.yaml
2021-05-16 02:33:31 +05:30
sandeep
fc66a9e076
Removing duplicate template
2021-05-11 23:48:36 +05:30
Prince Chaddha
b4b30c95ee
Update oa-v9-uploads-file.yaml
2021-05-10 13:23:08 +05:30
Noam Rathaus
8766b537dd
Add reference
2021-05-10 09:52:26 +03:00
Noam Rathaus
fa7567f68e
Its not really a regex
2021-05-10 09:35:36 +03:00
Noam Rathaus
4c201aa1dd
It is not just a file upload
2021-05-10 09:35:10 +03:00
Noam Rathaus
1e364a6cdb
Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates
2021-05-10 09:27:13 +03:00
Sandeep Singh
7fde950173
Merge pull request #1327 from projectdiscovery/showdoc-file-upload
...
Adding Showdoc < 2.8.6 File Upload RCE
2021-05-10 01:36:45 +05:30
sandeep
1f8ff83353
tags update
2021-05-10 01:34:11 +05:30
sandeep
ccfb5ca4c4
regex update
2021-05-10 01:33:27 +05:30