daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
1,652 Commits
17 Branches
0 Tags
165 MiB
Commit Graph

473 Commits (cdfb537623944565f9ee2559315c5d59966f3559)

Author SHA1 Message Date
Dwi Siswanto 43006913e1 🔥 Add CVE-2019-1653 2020-10-01 14:17:09 +07:00
akshansh 5affe9c250 updated cve-2019-9733 2020-10-01 12:44:05 +05:30
akshansh ffecf7ccc0 cve-2019-9733 2020-10-01 12:38:30 +05:30
Dwi Siswanto d91334f612 🔥 Add CVE-2020-12116 2020-10-01 13:55:32 +07:00
akshansh 02cffb6720 cve-2019-9733.yaml 2020-10-01 12:10:15 +05:30
Dwi Siswanto d7fa08cb67 🔥 Add CVE-2020-9047 2020-10-01 13:36:19 +07:00
Dwi Siswanto 6d9ae2b147 ✏️ Update part matchers 2020-10-01 13:12:30 +07:00
Dwi Siswanto 005fde3835 ✏️ Update severity 2020-10-01 13:11:28 +07:00
Dwi Siswanto fc14cc2a6c 🔥 Add CVE-2020-2551 2020-10-01 13:10:28 +07:00
Dwi Siswanto 0710cbe9ad 🔨 Sort paths 2020-10-01 12:39:33 +07:00
Dwi Siswanto 1a6c98f2c5 🔥 Add CVE-2020-2034 2020-10-01 12:37:52 +07:00
Dwi Siswanto a488f75bb1 🔥 Add CVE-2018-1273 2020-10-01 09:28:22 +07:00
bjhulst fd8fce4308
1st version 2020-09-30 23:36:12 +03:00
bauthard 5488ef6104 adding another matcher 2020-09-30 20:14:12 +05:30
x1m f273d2e6c5 Added CVE-2020-24312 2020-09-30 16:30:06 +02:00
bauthard 0153333b9b template update 2020-09-29 22:56:43 +05:30
bauthard fadb29e379
Merge pull request #503 from joeldeleep/master 
cve-2020-0618
 2020-09-29 01:03:47 +05:30
bauthard 9c592e45fd Update cve-2020-0618.yaml 2020-09-29 01:02:19 +05:30
joeldeleep 25a04ef0cf
Update cve-2020-0618.yaml 2020-09-28 07:31:06 +05:30
joeldeleep 13a3ee21f2
Delete CVE-2020-13379.yaml 2020-09-28 07:27:02 +05:30
joeldeleep 2f7c40d80d
Create cve-2020-0618.yaml 
The template only scans for the respective vulnerable url , it has to be manually verified .
 2020-09-28 07:22:37 +05:30
bauthard 0aee5a9715 remvoing cve-2017-7529 
This can be precisely checked only when Nginx version is known, otherwise it will produce false positives results, as such removing this template for the time being.
 2020-09-27 15:41:50 +05:30
bauthard a2d60bbd1e Removing cve-2020-13379 2020-09-27 13:59:33 +05:30
joeldeleep e53c03ab60
Update CVE-2020-13379.yaml 2020-09-27 12:49:42 +05:30
joeldeleep aa50c7370d
Update CVE-2020-13379.yaml 2020-09-27 12:44:17 +05:30
joeldeleep f83e33f78f
Update CVE-2020-13379.yaml 2020-09-27 12:37:03 +05:30
joeldeleep 3da6c533f0
Update CVE-2020-13379.yaml 
The old matching using status code 502 returned false positive when the endpoint is already having a bad gateway. Going through the report here 
https://hackerone.com/reports/878779 and video https://www.youtube.com/watch?v=NWHOmYbLrZ0 , the path has been rewritten and matched with respective image/jpeg as explained in the poc
 2020-09-27 11:58:57 +05:30
Dwi Siswanto 624bb0316a 🔥 Add CVE-2017-11444 2020-09-26 08:05:00 +07:00
bp0lr 0922fb623e added CVE-2019-15107 2020-09-25 09:30:58 -03:00
bp0lr ecddef3d6c added cve-2019-15107 2020-09-25 09:23:29 -03:00
bp0lr bee3e3839e added cve-2019-15107 2020-09-25 09:20:52 -03:00
root 114f83abc4 add CVE-2017-7615 2020-09-24 15:34:36 -03:00
bauthard c89904cc14 Update CVE-2020-14179.yaml 2020-09-24 23:32:55 +05:30
bauthard 23e5970714
Merge pull request #486 from dwisiswant0/add/CVE-2018-17431 
Add CVE-2018-17431
 2020-09-22 21:36:51 +05:30
bauthard ecc56a5140 matchers updates 2020-09-22 21:33:17 +05:30
x1m 76971fcea7 Added CVE-2020-14179 2020-09-22 17:44:12 +02:00
Dwi Siswanto 3740c58965 🔥 Add CVE-2018-17431 2020-09-22 21:41:13 +07:00
bauthard faf6b488a5
matcher update 2020-09-18 20:28:38 +05:30
bauthard cd8699a104 Update CVE-2019-6715.yaml 2020-09-17 22:09:30 +05:30
Robbie 5657004705
Update CVE-2019-6715.yaml 2020-09-17 16:51:35 +01:00
Robbie 296e18768b
Create CVE-2019-6715.yaml 2020-09-17 15:59:14 +01:00
Adam Jordan 5dc45f1fb1 Fix typo in cve-2019-14696.yaml and cve-2020-24223 2020-09-17 17:58:51 +08:00
bauthard 048ab54a98 Update CVE-2020-25540.yaml 2020-09-16 23:54:38 +05:30
Geeknik Labs 9ff599c333
Update CVE-2020-25540.yaml 2020-09-16 18:20:43 +00:00
Geeknik Labs 74a88ab411
Create CVE-2020-25540.yaml 
This is for testing against a Linux host as per https://www.exploit-db.com/exploits/48812. If someone else wants to update this to add the check for Windows, that would be swell.
 2020-09-16 18:17:57 +00:00
bauthard beed4568eb
Merge pull request #473 from CasperGN/fix-cve-2020-15920 
Correcting endpoint to contain /PDC/ajaxreq.php?
 2020-09-16 23:03:45 +05:30
Casper Guldbech Nielsen 63c0a78fc8 Correcting endpoint to contain /PDC/ajaxreq.php? 
Signed-off-by: Casper Guldbech Nielsen <whopsec@protonmail.com>
 2020-09-16 19:02:49 +02:00
Ice3man543 ffef121561 Normalized id fields to match schema regex 2020-09-16 00:55:55 +05:30
bauthard e8ef3b5759
Merge pull request #461 from dwisiswant0/add/CVE-2020-15129 
Add CVE-2020-15129
 2020-09-15 19:45:59 +05:30
Dwi Siswanto fa570b5560 ✏️ Add reference 2020-09-15 00:40:03 +07:00
Dwi Siswanto 19f9e5842a 🔨 Update status matcher 2020-09-15 00:39:24 +07:00
Dwi Siswanto e0f4437cdd 🔥 Add CVE-2020-15129 2020-09-15 00:31:40 +07:00
Dwi Siswanto f7d2851490 ✏️ Add descriptions 2020-09-14 14:26:39 +07:00
Dwi Siswanto 66f1789690 ⬇️ Delete payloads 2020-09-14 14:26:11 +07:00
Dwi Siswanto 4c29679877 ✏️ Update name 2020-09-14 14:25:01 +07:00
Dwi Siswanto 5fb87d81a2 🔥 Add CVE-2020-15505 2020-09-14 14:23:20 +07:00
PikPikcU 118df25b44
Create CVE-2019-16662.yaml 2020-09-11 13:25:48 +00:00
bauthard a1d9be6097
Update CVE-2018-16763.yaml 2020-09-11 16:20:03 +05:30
PikPikcU 73572d26de
Update CVE-2020-16139.yaml 2020-09-10 12:45:32 +00:00
PikPikcU 459bdf6922
Cisco 7937G Denial-of-Service Reboot Attack 🔥 2020-09-10 07:32:07 +00:00
Dwi Siswanto 1110db2ad4 🔨 Add matchers condition 2020-09-10 01:44:26 +07:00
bauthard 90de2070c4
Merge pull request #434 from CasperGN/master 
More templates to Lotus Domino + workflow to bind them together
 2020-09-09 22:40:33 +05:30
Casper Guldbech Nielsen ad3bab450d Based on metasploit regex 
Signed-off-by: Casper Guldbech Nielsen <whopsec@protonmail.com>
 2020-09-09 19:08:23 +02:00
Casper Guldbech Nielsen e984f1466f Adding word matcher which mimics public PoC exploits 
Signed-off-by: Casper Guldbech Nielsen <whopsec@protonmail.com>
 2020-09-09 16:53:16 +02:00
Casper Guldbech Nielsen 5f452f2969 And the last file 
Signed-off-by: Casper Guldbech Nielsen <whopsec@protonmail.com>
 2020-09-09 10:38:32 +02:00
Casper Guldbech Nielsen 7cf712bd49 Inclusion of stage- 1 detection of the old hashdump vuln. 
Signed-off-by: Casper Guldbech Nielsen <whopsec@protonmail.com>
 2020-09-09 10:11:50 +02:00
PikPikcU 061c4e5c1f
Create CVE-2018-19386.yaml 2020-09-09 01:45:42 +00:00
toufik-airane 0d0cb8c225
Fixed some spaces 2020-09-07 15:07:46 +02:00
toufik-airane 7dcba733f0
Removed original code 2020-09-07 15:07:13 +02:00
toufik-airane 1ba5ba68af
Moved some spaces 2020-09-07 15:06:14 +02:00
toufik-airane dd3ce36a87
Fix CVE-2017-7529.yaml matcher 
Submit a fix to resolve the issue
https://github.com/projectdiscovery/nuclei-templates/issues/424.
 2020-09-07 15:04:58 +02:00
PikPikcU 23e88269bb
Update CVE-2018-16763.yaml 2020-09-07 00:47:19 +00:00
bauthard 28d50c311f
Merge pull request #422 from pikpikcu/patch-18 
Add CVE-2018-16763 fuelCMS 1.4.1 - Remote Code Execution
 2020-09-07 02:28:38 +05:30
bauthard f9ee82f180 Update CVE-2018-16763.yaml 2020-09-07 02:25:49 +05:30
bauthard a2fe4e9932 few updates 2020-09-07 02:22:50 +05:30
PikPikcU 33643990de
Create CVE-2018-16763.yaml 2020-09-06 17:22:32 +00:00
PikPikcU 3a624136d4
Update CVE-2019-7256.yaml 2020-09-06 12:06:45 +00:00
PikPikcU 06c45b8a8d
Create CVE-2019-7256.yaml 2020-09-06 11:55:23 +00:00
bauthard cb5d5b9f0d Update CVE-2019-1010287.yaml 2020-09-05 13:10:46 +05:30
bauthard 6d67bb8d7b
Merge pull request #416 from pikpikcu/patch-15 
Add CVE-2019-12593 IIceWarp <=10.4.4 - Local File Inclusion
 2020-09-05 12:42:58 +05:30
bauthard 3839c683f4 Update CVE-2019-12593.yaml 2020-09-05 12:41:21 +05:30
PikPikcU 02a46f245e
Update CVE-2019-12593.yaml 2020-09-05 07:00:51 +00:00
PikPikcU 4d4ff8073c
Update CVE-2019-12593.yaml 2020-09-05 07:00:15 +00:00
bauthard 651396a50b
Merge pull request #413 from geeknik/patch-4 
Create sql-dump.yaml
 2020-09-05 12:28:38 +05:30
bauthard 148bb16fa7 Update CVE-2020-11034.yaml 2020-09-05 12:27:56 +05:30
PikPikcU d0b755c0e3
Create CVE-2019-12593.yaml 2020-09-05 06:49:58 +00:00
bauthard 798dbf01a4
Merge pull request #412 from geeknik/patch-2 
Create CVE-2019-11043.yaml
 2020-09-05 12:18:04 +05:30
bauthard 4450dec23c
Merge pull request #410 from pikpikcu/patch-13 
Add CVE-2019-14696 Open-Scool 3.0 - Cross Site Scripting
 2020-09-05 12:11:01 +05:30
bauthard 4b828d3a06 Update CVE-2019-14696.yaml 2020-09-05 12:10:16 +05:30
bauthard a5da5abd03
Merge pull request #409 from dwisiswant0/tpl/magmi-multiple-vulns 
Add Magmi Multiple Vulnerabilities
 2020-09-05 12:07:14 +05:30
bauthard 6dd5f429d9 updates 2020-09-05 12:04:18 +05:30
Geeknik Labs f663a946c6
Update CVE-2019-11043.yaml 2020-09-04 22:30:54 +00:00
Geeknik Labs b773cc9f0f
Create CVE-2019-11043.yaml 
PHP-FPM & nginx RCE (CVE-2019-11043)
 2020-09-04 22:28:41 +00:00
PikPikcU 6b64e78280
Solved escape character 2020-09-04 18:02:18 +00:00
PikPikcU 301135ad74
Update URL Encoding 2020-09-04 15:51:55 +00:00
PikPikcU cc1e0a3fef
Create CVE-2019-14696.yaml 2020-09-04 15:46:07 +00:00
Dwi Siswanto 8cce587aa8 📝 Remove trailing spaces 2020-09-04 20:34:53 +07:00
Dwi Siswanto 9036d1bdc9 ✏️ Update CVEs name 2020-09-04 20:25:30 +07:00
Dwi Siswanto 196cb1691b 🔥 Add CVE-2020-5776 2020-09-04 20:19:13 +07:00
Dwi Siswanto 5ce8c21fa1 🔥 Add CVE-2020-5777 2020-09-04 20:02:17 +07:00