daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
7,562 Commits
17 Branches
0 Tags
165 MiB
Commit Graph

7562 Commits (cdf945115842789beba149c7adca557100404405)

Author SHA1 Message Date
Sandeep Singh bc44e8a1f5
Merge pull request #2132 from pikpikcu/patch-204 
Create bedita-detect.yaml
 2021-07-26 01:29:06 +05:30
Sandeep Singh 93a710982d
Update bedita-detect.yaml 2021-07-26 01:26:55 +05:30
Sandeep Singh 5441d97bea
Merge pull request #2131 from geeknik/patch-8 
Create wp-app-log.yaml
 2021-07-26 01:22:37 +05:30
Sandeep Singh d43b57b56a
Update wp-app-log.yaml 2021-07-26 01:21:43 +05:30
Sandeep Singh 130f3576b6
Merge pull request #2130 from geeknik/patch-7 
Create cold-fusion-cfcache-map.yaml
 2021-07-26 01:17:15 +05:30
Sandeep Singh 037c531d58
Update cold-fusion-cfcache-map.yaml 2021-07-26 01:15:39 +05:30
Sandeep Singh 85d5a2c46a
Merge pull request #2094 from gy741/rule-add-v29 
Create iptime-default-login.yaml
 2021-07-26 01:11:58 +05:30
Sandeep Singh b905a91cdc
Merge pull request #2129 from geeknik/patch-6 
Update shell-history.yaml
 2021-07-26 01:08:46 +05:30
Sandeep Singh d14150a8e4
Merge pull request #2172 from daffainfo/patch-104 
Create CVE-2018-10822.yaml
 2021-07-26 01:06:16 +05:30
Sandeep Singh 0d2e18722a
Update CVE-2018-10822.yaml 2021-07-26 01:04:31 +05:30
Sandeep Singh 91055c2b65
Merge pull request #2174 from gy741/rule-add-v38 
Create CVE-2020-5307.yaml
 2021-07-26 01:02:25 +05:30
Sandeep Singh 758f27dd15
Merge pull request #2178 from geeknik/patch-14 
Update exposed-gitignore.yaml
 2021-07-26 00:41:55 +05:30
sandeep c9f5f01bb9 minor update 2021-07-26 00:39:16 +05:30
Geeknik Labs 41c41abdb7
Update exposed-gitignore.yaml 
Fixes the issue here: https://github.com/projectdiscovery/nuclei-templates/issues/1898#issuecomment-886237512
 2021-07-25 18:29:28 +00:00
pussycat0x add1d76b09
Port update 2021-07-25 23:28:54 +05:30
Sandeep Singh 7af0c9c8b0
Merge pull request #2171 from pussycat0x/master 
HP Data Protector A.09.00 - Arbitrary Command Execution
 2021-07-25 22:15:09 +05:30
sandeep 4658f7ffcc moving files around 2021-07-25 22:11:36 +05:30
sandeep 355dc8e39b typo update 2021-07-25 19:38:25 +05:30
Sandeep Singh c4fa0a9715
Merge pull request #2175 from shelld3v/patch-5 
Fix false positive
 2021-07-25 15:25:02 +05:30
sandeep bb8a22401b Separating service detection + SSRF detection 2021-07-25 15:22:09 +05:30
Pham Sy Minh cff60a04b5
Fix false positive 2021-07-25 12:14:24 +07:00
GwanYeong Kim b9fadff659 Create CVE-2020-5307.yaml 
PHPGurukul Dairy Farm Shop Management System 1.0 is vulnerable to SQL injection, as demonstrated by the username parameter in index.php, the category and CategoryCode parameters in add-category.php, the CompanyName parameter in add-company.php, and the ProductName and ProductPrice parameters in add-product.php.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
 2021-07-25 11:50:53 +09:00
Muhammad Daffa 9883f04092
Create CVE-2018-10822.yaml 2021-07-25 05:49:24 +07:00
Sandeep Singh 3abd2ec8fc
Merge pull request #2165 from daffainfo/patch-103 
Fix wrong regex matcher
 2021-07-25 04:02:12 +05:30
sandeep 6ccc5f8792 matcher update to handle edge cases 2021-07-25 03:05:55 +05:30
pussycat0x a9fdbe851e
Update CVE-2016-2004.yaml 2021-07-25 02:19:36 +05:30
pussycat0x ac814bc151
Add files via upload 2021-07-25 02:11:44 +05:30
Sandeep Singh 59f41e872b
Merge pull request #2166 from pdelteil/patch-29 
Create redcap-detector.yaml
 2021-07-25 01:59:17 +05:30
Sandeep Singh 121918945e
Update redcap-detector.yaml 2021-07-25 01:54:18 +05:30
Geeknik Labs 7afc39cb32
Create development-logs.yaml 2021-07-24 14:29:43 -05:00
Geeknik Labs e428dc6454
Create production-logs.yaml 2021-07-24 14:28:33 -05:00
Geeknik Labs a26ded0a06
Create pagespeed-global-admin.yaml 2021-07-24 14:26:30 -05:00
Geeknik Labs 2893fefd28
Create lutron-iot-default-login.yaml 2021-07-24 14:22:54 -05:00
Philippe Delteil 697b7cf01f
Create redcap-detector.yaml 
Tests:

https://redcap.inca.gov.br/
https://redcap.icb.udec.cl/
https://redcap.cens.cl
https://redcap.ufro.cl
 2021-07-24 15:17:07 -04:00
Muhammad Daffa 3d90fd1047
Fix wrong regex matcher 2021-07-24 17:10:02 +07:00
Prince Chaddha 2c0aa783c4
Merge pull request #2148 from gy741/rule-add-v34 
Add KevinLAB BEMS 1.0 Multiple Vulnerabilities
 2021-07-24 15:37:48 +05:30
GwanYeong Kim d151d60ced Update favicon-detection.yaml 
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
 2021-07-24 16:38:03 +09:00
GwanYeong Kim aae443949f Create targa-camera-ssrf.yaml 
Unauthenticated Server-Side Request Forgery (SSRF) vulnerability exists in the Selea ANPR camera within several functionalities. The application parses user supplied data in the POST JSON parameters 'ipnotify_address' and 'url' to construct an image request or check DNS for IP notification. Since no validation is carried out on the parameters, an attacker can specify an external domain and force the application to make an HTTP request to an arbitrary destination host. This can be used by an external attacker for example to bypass firewalls and initiate a service and network enumeration on the internal network through the affected application.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
 2021-07-24 16:02:58 +09:00
GwanYeong Kim 5778ee8eda Create targa-camera-lfi.yaml 
The ANPR camera suffers from an unauthenticated arbitrary file disclosure vulnerability. Input passed through the Download Archive in Storage page using get_file.php script is not properly verified before being used to download files. This can be exploited to disclose the contents of arbitrary and sensitive files via directory traversal attacks and aid the attacker to disclose clear-text credentials resulting in authentication bypass.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
 2021-07-24 15:54:02 +09:00
Prince Chaddha f32521ad9d
Merge pull request #2113 from daffainfo/patch-92 
Create CVE-2020-29227.yaml
 2021-07-24 12:22:54 +05:30
Prince Chaddha af4081d0ec
Update CVE-2020-29227.yaml 2021-07-24 12:17:56 +05:30
Prince Chaddha 956eb6691f
Update CVE-2020-29227.yaml 2021-07-24 12:16:30 +05:30
Prince Chaddha f40aca136b
Update CVE-2020-29227.yaml 2021-07-24 12:15:24 +05:30
Prince Chaddha bf7c0d3a63
Merge pull request #2122 from gy741/rule-add-v33 
Create magicflow-lfi.yaml
 2021-07-24 12:13:59 +05:30
Prince Chaddha ac45802ef5
Update kevinlab-bems-sqli.yaml 2021-07-24 12:10:46 +05:30
Prince Chaddha 2631f55550
Update kevinlab-bems-backdoor.yaml 2021-07-24 12:07:27 +05:30
Prince Chaddha 9a46592f71
Update kevinlab-bems-sqli.yaml 2021-07-24 11:59:35 +05:30
Prince Chaddha 87b4c2e98b
Update kevinlab-bems-sqli.yaml 2021-07-24 11:47:05 +05:30
Prince Chaddha 406dee74e8
Update kevinlab-device-detect.yaml 2021-07-24 11:42:39 +05:30
Prince Chaddha 677c8b97dd
Merge pull request #2156 from gy741/rule-add-v36 
Create CVE-2020-13117.yaml
 2021-07-24 11:40:54 +05:30