daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
1,652 Commits
17 Branches
0 Tags
165 MiB
Commit Graph

473 Commits (cdfb537623944565f9ee2559315c5d59966f3559)

Author SHA1 Message Date
Dwi Siswanto 19f9e5842a 🔨 Update status matcher 2020-09-15 00:39:24 +07:00
Dwi Siswanto e0f4437cdd 🔥 Add CVE-2020-15129 2020-09-15 00:31:40 +07:00
Dwi Siswanto f7d2851490 ✏️ Add descriptions 2020-09-14 14:26:39 +07:00
Dwi Siswanto 66f1789690 ⬇️ Delete payloads 2020-09-14 14:26:11 +07:00
Dwi Siswanto 4c29679877 ✏️ Update name 2020-09-14 14:25:01 +07:00
Dwi Siswanto 5fb87d81a2 🔥 Add CVE-2020-15505 2020-09-14 14:23:20 +07:00
PikPikcU 118df25b44
Create CVE-2019-16662.yaml 2020-09-11 13:25:48 +00:00
bauthard a1d9be6097
Update CVE-2018-16763.yaml 2020-09-11 16:20:03 +05:30
PikPikcU 73572d26de
Update CVE-2020-16139.yaml 2020-09-10 12:45:32 +00:00
PikPikcU 459bdf6922
Cisco 7937G Denial-of-Service Reboot Attack 🔥 2020-09-10 07:32:07 +00:00
Dwi Siswanto 1110db2ad4 🔨 Add matchers condition 2020-09-10 01:44:26 +07:00
bauthard 90de2070c4
Merge pull request #434 from CasperGN/master 
More templates to Lotus Domino + workflow to bind them together
 2020-09-09 22:40:33 +05:30
Casper Guldbech Nielsen ad3bab450d Based on metasploit regex 
Signed-off-by: Casper Guldbech Nielsen <whopsec@protonmail.com>
 2020-09-09 19:08:23 +02:00
Casper Guldbech Nielsen e984f1466f Adding word matcher which mimics public PoC exploits 
Signed-off-by: Casper Guldbech Nielsen <whopsec@protonmail.com>
 2020-09-09 16:53:16 +02:00
Casper Guldbech Nielsen 5f452f2969 And the last file 
Signed-off-by: Casper Guldbech Nielsen <whopsec@protonmail.com>
 2020-09-09 10:38:32 +02:00
Casper Guldbech Nielsen 7cf712bd49 Inclusion of stage- 1 detection of the old hashdump vuln. 
Signed-off-by: Casper Guldbech Nielsen <whopsec@protonmail.com>
 2020-09-09 10:11:50 +02:00
PikPikcU 061c4e5c1f
Create CVE-2018-19386.yaml 2020-09-09 01:45:42 +00:00
toufik-airane 0d0cb8c225
Fixed some spaces 2020-09-07 15:07:46 +02:00
toufik-airane 7dcba733f0
Removed original code 2020-09-07 15:07:13 +02:00
toufik-airane 1ba5ba68af
Moved some spaces 2020-09-07 15:06:14 +02:00
toufik-airane dd3ce36a87
Fix CVE-2017-7529.yaml matcher 
Submit a fix to resolve the issue
https://github.com/projectdiscovery/nuclei-templates/issues/424.
 2020-09-07 15:04:58 +02:00
PikPikcU 23e88269bb
Update CVE-2018-16763.yaml 2020-09-07 00:47:19 +00:00
bauthard 28d50c311f
Merge pull request #422 from pikpikcu/patch-18 
Add CVE-2018-16763 fuelCMS 1.4.1 - Remote Code Execution
 2020-09-07 02:28:38 +05:30
bauthard f9ee82f180 Update CVE-2018-16763.yaml 2020-09-07 02:25:49 +05:30
bauthard a2fe4e9932 few updates 2020-09-07 02:22:50 +05:30
PikPikcU 33643990de
Create CVE-2018-16763.yaml 2020-09-06 17:22:32 +00:00
PikPikcU 3a624136d4
Update CVE-2019-7256.yaml 2020-09-06 12:06:45 +00:00
PikPikcU 06c45b8a8d
Create CVE-2019-7256.yaml 2020-09-06 11:55:23 +00:00
bauthard cb5d5b9f0d Update CVE-2019-1010287.yaml 2020-09-05 13:10:46 +05:30
bauthard 6d67bb8d7b
Merge pull request #416 from pikpikcu/patch-15 
Add CVE-2019-12593 IIceWarp <=10.4.4 - Local File Inclusion
 2020-09-05 12:42:58 +05:30
bauthard 3839c683f4 Update CVE-2019-12593.yaml 2020-09-05 12:41:21 +05:30
PikPikcU 02a46f245e
Update CVE-2019-12593.yaml 2020-09-05 07:00:51 +00:00
PikPikcU 4d4ff8073c
Update CVE-2019-12593.yaml 2020-09-05 07:00:15 +00:00
bauthard 651396a50b
Merge pull request #413 from geeknik/patch-4 
Create sql-dump.yaml
 2020-09-05 12:28:38 +05:30
bauthard 148bb16fa7 Update CVE-2020-11034.yaml 2020-09-05 12:27:56 +05:30
PikPikcU d0b755c0e3
Create CVE-2019-12593.yaml 2020-09-05 06:49:58 +00:00
bauthard 798dbf01a4
Merge pull request #412 from geeknik/patch-2 
Create CVE-2019-11043.yaml
 2020-09-05 12:18:04 +05:30
bauthard 4450dec23c
Merge pull request #410 from pikpikcu/patch-13 
Add CVE-2019-14696 Open-Scool 3.0 - Cross Site Scripting
 2020-09-05 12:11:01 +05:30
bauthard 4b828d3a06 Update CVE-2019-14696.yaml 2020-09-05 12:10:16 +05:30
bauthard a5da5abd03
Merge pull request #409 from dwisiswant0/tpl/magmi-multiple-vulns 
Add Magmi Multiple Vulnerabilities
 2020-09-05 12:07:14 +05:30
bauthard 6dd5f429d9 updates 2020-09-05 12:04:18 +05:30
Geeknik Labs f663a946c6
Update CVE-2019-11043.yaml 2020-09-04 22:30:54 +00:00
Geeknik Labs b773cc9f0f
Create CVE-2019-11043.yaml 
PHP-FPM & nginx RCE (CVE-2019-11043)
 2020-09-04 22:28:41 +00:00
PikPikcU 6b64e78280
Solved escape character 2020-09-04 18:02:18 +00:00
PikPikcU 301135ad74
Update URL Encoding 2020-09-04 15:51:55 +00:00
PikPikcU cc1e0a3fef
Create CVE-2019-14696.yaml 2020-09-04 15:46:07 +00:00
Dwi Siswanto 8cce587aa8 📝 Remove trailing spaces 2020-09-04 20:34:53 +07:00
Dwi Siswanto 9036d1bdc9 ✏️ Update CVEs name 2020-09-04 20:25:30 +07:00
Dwi Siswanto 196cb1691b 🔥 Add CVE-2020-5776 2020-09-04 20:19:13 +07:00
Dwi Siswanto 5ce8c21fa1 🔥 Add CVE-2020-5777 2020-09-04 20:02:17 +07:00
bauthard 9fd85c7bba
Merge pull request #407 from pikpikcu/patch-12 
Add CVE-2019-1010287 Timesheet  Cross Site Scripting
 2020-09-04 17:25:11 +05:30
bauthard 243eb9b04e
Merge pull request #405 from pikpikcu/patch-11 
Add CVE-2020-11034 - GLPI v.9.4.6 - Open redirect
 2020-09-04 17:15:34 +05:30
bauthard 6f3992305e
Merge pull request #403 from pikpikcu/patch-10 
Add CVE-2017-14537 trixbox 2.8.0 - directory-traversal
 2020-09-04 17:10:36 +05:30
bauthard 4547aeb6bb Update CVE-2017-14537.yaml 2020-09-04 17:09:45 +05:30
PikPikcU 089cf671eb
Create CVE-2019-1010287.yaml 2020-09-04 10:01:06 +00:00
PikPikcU 216def75b4
Update CVE-2020-11034.yaml 2020-09-04 07:25:27 +00:00
PikPikcU 26aeaaa5a4
GLPI v.9.4.6 - Open redirect Detection 2020-09-04 07:16:47 +00:00
un-fmunozs 07d10d6e50 Fix encoding for XSS payloads 
Prevent false positives encoding the xss payloads, and remove from the match data that was not injected.
 2020-09-04 00:55:13 -05:00
PikPikcU de779e3de1
Create CVE-2017-14537.yaml 2020-09-04 04:26:20 +00:00
bauthard 39cfec87ae Update CVE-2019-17558.yaml 2020-09-03 22:44:42 +05:30
PikPikcU 6d1789ff76
Create CVE-2019-17558.yaml 2020-09-03 16:13:34 +00:00
PikPikcU d78a56514a
Create CVE-2019-12461.yaml 2020-09-03 12:37:18 +00:00
bauthard a3f96907fe Update CVE-2017-7391.yaml 2020-09-03 09:12:43 +05:30
PikPikcU df52790318
Create CVE-2017-7391.yaml 2020-09-03 03:32:29 +00:00
bauthard 4b8fb4774f
Merge pull request #391 from dwisiswant0/cve/CVE-2020-15920 
Add CVE-2020-15920
 2020-09-02 12:40:21 +05:30
Dwi Siswanto 455a98f771 🔥 Add CVE-2020-15920 2020-09-02 01:38:31 +07:00
bauthard b08882d0fe Update CVE-2020-24223.yaml 2020-09-02 00:01:57 +05:30
PikPikcU 4fca8d598f
Update CVE-2020-24223.yaml 2020-09-01 18:23:35 +00:00
PikPikcU e82474224e
Create CVE-2020-24223.yaml 2020-09-01 18:16:14 +00:00
bauthard 5e1d63fa5f Update CVE-2019-16278.yaml 2020-09-01 23:29:32 +05:30
bauthard 8d1b5caf39 Update CVE-2019-16278.yaml 2020-09-01 23:28:20 +05:30
PikPikcU cc3affd053
Update CVE-2019-16278.yaml 2020-09-01 16:10:27 +00:00
PikPikcU 4d4343cc54
Create CVE-2019-16278.yaml 2020-09-01 15:59:30 +00:00
bauthard b1f2a9ebe8
Merge pull request #386 from dwisiswant0/cve/CVE-2020-5412 
Add CVE-2020-5412
 2020-09-01 19:03:46 +05:30
bauthard cd3c9f56c3 Update CVE-2020-5412.yaml 2020-09-01 19:02:57 +05:30
Dwi Siswanto 92720cbc20 ✏️ Update template name 2020-09-01 20:26:37 +07:00
Dwi Siswanto bfee8d6679 ♨️ Update severity 2020-09-01 20:25:49 +07:00
Dwi Siswanto c43cac170c 🔥 Add CVE-2020-5412 2020-09-01 20:24:39 +07:00
bauthard 23de5c8b44
Merge pull request #384 from ohlinge/master 
Fix bug about CVE-2018-1000129
 2020-09-01 18:42:45 +05:30
PikPikcU d7a44ae025
Update CVE-2020-7209.yaml 2020-09-01 13:08:31 +00:00
0h1in9e d1d679e04c
Merge branch 'master' into master 2020-09-01 20:49:15 +08:00
ohlinge 27fd87ce24 Fix bug about CVE-2018-1000129 2020-09-01 20:42:12 +08:00
bauthard 9bf0b6dbaf uniform format 2020-09-01 00:04:29 +05:30
bauthard 1dd5658717 Update CVE-2020-2140.yaml 2020-08-31 13:09:38 +05:30
bauthard dfc487caba Update CVE-2020-2140.yaml 2020-08-31 13:08:04 +05:30
Gabriel Geraldino 72a2b1ec29
Delete CVE-2019-7238.yaml 2020-08-30 15:08:56 -03:00
Gabriel Geraldino 5fa09b15cc
Create CVE-2019-7238.yaml 2020-08-30 15:03:30 -03:00
Gabriel Geraldino 635446eb26
Create CVE-2020-2140.yaml 2020-08-30 14:42:46 -03:00
bauthard f4f36ec0c6 Update CVE-2018-1000129.yaml 2020-08-30 18:49:02 +05:30
bauthard 4667c44bb0
Merge pull request #365 from projectdiscovery/CVE-2017-7529-fix 
drafting CVE-2017-7529
 2020-08-30 10:42:18 +05:30
Dwi Siswanto f40edfcbb8 🔨 Add 'and' condition 2020-08-30 12:04:34 +07:00
Dwi Siswanto a850c41aa1 🔨 Add server matcher 2020-08-30 11:58:14 +07:00
bauthard 3558952c03
Merge pull request #353 from flag007/patch-3 
Update CVE-2018-1000129.yaml
 2020-08-30 10:03:58 +05:30
bauthard 3ff2f585c5 Update CVE-2018-1000129.yaml 2020-08-30 10:02:59 +05:30
bauthard 4f9de168af drafting cve 2020-08-30 09:57:07 +05:30
bauthard efaecb5df5 CVE-2017-7529 to draft 2020-08-30 09:54:06 +05:30
bauthard 53f7438d58 Update CVE-2017-5638.yaml 2020-08-30 09:44:52 +05:30
bauthard 374d6c54b0 Update CVE-2017-7529.yaml 2020-08-29 10:20:04 +05:30
bauthard 747aa48d09
Merge pull request #345 from aqme/master 
Add *description* property to nuclei-templates
 2020-08-28 01:09:39 +05:30
toufik-airane 0896fc82f9
fix minor issue 
fix issue from yamllint.
 2020-08-27 18:19:24 +02:00
flag007 10bc6dbef6
Update CVE-2018-1000129.yaml 
A single svg is prone to false positives, let me update the payload
 2020-08-27 20:32:15 +08:00
flag007 2113093014
Update CVE-2018-1000129.yaml 
There are two problems with this payload, / means the path, add it cannot be detected correctly, in addition, it should not be url-encoded
 2020-08-27 20:27:47 +08:00
SaN ThosH c76c05af44
Update CVE-2018-2791.yaml 2020-08-26 13:04:18 +05:30
SaN ThosH 0856415d43
Update CVE-2018-2791.yaml 2020-08-26 13:01:07 +05:30
chajer 58d0e08739 description 2020-08-26 00:52:00 +02:00
chajer 32f77c4632 The avatar feature 2020-08-26 00:43:40 +02:00
chajer a0094cb3bc description bugs 2020-08-26 00:22:08 +02:00
chajer d1e45e084e add desc 2020-08-26 00:15:20 +02:00
chajer f20cdfcb69 add some descr 2020-08-25 23:51:04 +02:00
chajer 7fd89d3550 add 2020-08-25 23:35:37 +02:00
chajer 085f9c4a34 add descru 2020-08-25 23:23:46 +02:00
toufik-airane 146e114a3b
fix minor yamllint issues 
Fix minor yamllint issues to move forward.
 2020-08-25 22:18:58 +02:00
Jawad Moustadif 18b36a4cd6
Update CVE-2017-10075.yaml 
add oracle xss descri
 2020-08-25 19:27:30 +02:00
chajer e767c37070 xss oracle cmt 2020-08-25 19:22:18 +02:00
Dwi Siswanto fb9c909e5c 🔨 Add word matcher & enable redirects 2020-08-24 11:39:40 +07:00
Dwi Siswanto cd22d83f94 🔨 Add content-type matcher CVE-2020-5284 2020-08-24 11:34:40 +07:00
Dwi Siswanto b2828c3a44 🔨 Fix false-positive CVE-2019-9978 2020-08-24 09:08:46 +07:00
bauthard 0a82cb787d
Merge pull request #339 from aringo/master 
CVE-2020-5902 added hsqldb bypass
 2020-08-23 14:43:03 +05:30
bauthard fc0a1ba15d
Merge pull request #338 from correkthorse/cve/2020-8163 
Create CVE-2020-8163.yaml
 2020-08-23 14:19:20 +05:30
ringo 986a49f6d1 CVE-2020-5902 added hsqldb bypass 2020-08-22 19:37:43 -05:00
Tim Koopmans 03c0feee77
Create CVE-2020-8163.yaml 
details of CVE at https://correkt.horse/ruby/2020/08/22/CVE-2020-8163/
 2020-08-23 07:47:58 +10:00
bauthard 26fc8b5a23 updating PR 2020-08-21 00:31:07 +05:30
Dwi Siswanto 4fd07d906c 🔨 Move name to matchers to chain with workflow - CVE-2020-17506 2020-08-20 22:49:36 +07:00
Dwi Siswanto 8b9b0d2747 🔥 Add CVE-2020-17505 2020-08-20 22:38:14 +07:00
Dwi Siswanto 20ea5091d1 🔥 Add CVE-2020-17506 2020-08-20 22:11:34 +07:00
Robbie 394d2e37cf
Create CVE-2017-14849.yaml 2020-08-19 16:34:31 +01:00
bauthard e734a23381 Update CVE-2019-11248.yaml 2020-08-19 20:14:59 +05:30
bauthard 2b5e991df2 cve update 2020-08-19 20:12:29 +05:30
0xceeb f466050ac1
Create 2019-11248.yaml 2020-08-19 20:03:23 +05:30
bauthard 0cd106838f Update CVE-2017-5638.yaml 2020-08-19 19:25:42 +05:30
Robbie 7a45a9deef
Create CVE-2017-5638.yaml 2020-08-19 14:13:31 +01:00
Dwi Siswanto de04f9d30a 🔨 Add some ports & extractors 2020-08-18 07:20:02 +07:00
Dwi Siswanto f6a35bb11d 🔨 Convert payload to sniper attack for cross-platform exploit 2020-08-18 07:03:51 +07:00
Dwi Siswanto 3cfbf7edf8 🔨 CVE-2020-7961 - Fix payload that can't execute in Windows platform 2020-08-18 04:46:19 +07:00
un-fmunozs a7e79e8dc9 Update CVE-2019-9978.yaml 
Typo
 2020-08-17 01:02:37 -05:00
Dwi Siswanto 049d7d9b04 🔥 Add CVE-2019-2725 2020-08-16 23:33:49 +07:00
Dwi Siswanto 7747dd475a 🔥 Add CVE-2019-11580 2020-08-16 22:54:45 +07:00
Dwi Siswanto 3d6f52fbbf 🔥 Add CVE-2019-6112 2020-08-16 22:22:28 +07:00
Dwi Siswanto 505e77400a 🔨 Add multi-request because by default OFBiz doesn't run directly through port 80 (except it build with Docker image) 2020-08-16 08:14:03 +07:00
Dwi Siswanto 0c89ba4dae 🔥 Add CVE-2020-9496 2020-08-16 07:52:06 +07:00
bauthard d57f734d54
Merge pull request #309 from dwisiswant0/tpl/add-cves 
Add CVE-2019-7609
 2020-08-16 02:08:06 +05:30
bauthard b994bc6435 Update CVE-2019-7609.yaml 2020-08-16 02:07:25 +05:30
bauthard 2796981df2
Merge pull request #311 from Pxmme/master 
Create CVE-2020-13379.yaml
 2020-08-16 02:05:21 +05:30
bauthard afe7ba568d Update CVE-2020-13379.yaml 2020-08-16 02:04:11 +05:30
Pxmme 37891375e1
Create CVE-2020-13379.yaml 
lol DoS is fun
 2020-08-15 22:14:07 +02:00
Dwi Siswanto 64cbf896de 🔥 Add CVE-2019-7609 2020-08-16 01:10:27 +07:00
Dwi Siswanto 5eac34b513 🔨 Fix false-positive 2020-08-15 15:04:58 +07:00
bauthard 96093904ad Update CVE-2019-19985.yaml 2020-08-12 23:14:53 +05:30
SaN ThosH dc627f2d97
Update CVE-2019-19985.yaml 2020-08-12 23:10:09 +05:30
SaN ThosH 5e8411900f
Update CVE-2019-19985.yaml 
Fixing false positives
previously shown vulnerable for 
https://books.apple.com/wp-admin/admin.php?page=download_report&report=users&status=all

Originally vulnerable
https://www.yacht-charter.co.uk/wp-admin/admin.php?page=download_report&report=users&status=all
 2020-08-12 23:09:50 +05:30