daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
8,722 Commits
17 Branches
0 Tags
165 MiB
Commit Graph

2578 Commits (d01835f36fdc93d5dcb777a143aed82712d730dd)

Author SHA1 Message Date
forgedhallpass f55d6b75e1 Removed pipe (|) character from references, because the structure requires it to be a string slice, not a string 
Related nuclei tickets:
* #259 - dynamic key-value field support for template information
* #940 - new infos in template
* #834
* RES-84
 2021-08-19 16:59:12 +03:00
forgedhallpass 7b29be739e Merge branch 'master' into dynamic_attributes 2021-08-19 16:23:26 +03:00
forgedhallpass ffaff64565 Changes fixes/around dynamic attributes ("additional-fields") 
Related nuclei tickets:
* #259 - dynamic key-value field support for template information
* #940 - new infos in template
* #834
* RES-84
 2021-08-19 16:17:27 +03:00
forgedhallpass 0b432b341b Added comments with URLs under the "references" field 
Related nuclei tickets:
* #259 - dynamic key-value field support for template information
* #940 - new infos in template
* #834
* RES-84
 2021-08-19 16:15:35 +03:00
forgedhallpass e68d15ab63 Fixed mistakes/typos in the templates. 
Related nuclei tickets:
* #259 - dynamic key-value field support for template information
* #940 - new infos in template
* #834
* RES-84
 2021-08-19 15:30:14 +03:00
Prince Chaddha 3a8b5df438
Update CVE-2020-25223.yaml 2021-08-19 16:35:50 +05:30
GwanYeong Kim 673fe80660 Create CVE-2020-25223.yaml 
A remote code execution vulnerability exists in the WebAdmin of Sophos SG UTM before v9.705 MR5, v9.607 MR7, and v9.511 MR11

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
 2021-08-19 18:37:59 +09:00
Prince Chaddha bb1825eeaa
Merge pull request #2435 from daffainfo/patch-161 
Create CVE-2010-1657.yaml
 2021-08-19 14:11:10 +05:30
Muhammad Daffa a60a9528e3
Create CVE-2010-2033.yaml 2021-08-19 08:29:39 +07:00
Muhammad Daffa 935430d100
Create CVE-2010-1657.yaml 2021-08-19 08:25:16 +07:00
Dwi Siswanto 33ec4eddbf Update regEx matcher 2021-08-19 06:39:09 +07:00
Dwi Siswanto 09cf9f35eb Update matcher using regex instead 2021-08-18 20:54:49 +07:00
forgedhallpass cdf9451158 Removed pipe (|) character from references, because the structure requires it to be a string slice, not a string 
Related nuclei tickets:
* #259 - dynamic key-value field support for template information
* #940 - new infos in template
* #834
* RES-84
 2021-08-18 14:44:27 +03:00
forgedhallpass 4c920b2552 Rename "references" to "reference" to match the expected template info structure 
Related nuclei tickets:
* #259 - dynamic key-value field support for template information
* #940 - new infos in template
* #834
* RES-84
 2021-08-18 14:29:20 +03:00
Muhammad Daffa 47e657e158
Create CVE-2010-1875.yaml 2021-08-18 17:51:05 +07:00
Muhammad Daffa 93fa26376f
Create CVE-2010-1495.yaml 2021-08-18 17:44:40 +07:00
Prince Chaddha f021817d65
Update CVE-2021-38702.yaml 2021-08-17 22:06:37 +05:30
Geeknik Labs 888c9a4573
Create CVE-2021-38702.yaml 2021-08-17 08:11:02 -05:00
Prince Chaddha 7bb40042a3
Update CVE-2021-38751.yaml 2021-08-17 17:13:45 +05:30
Prince Chaddha ec9b83bd1f
Update CVE-2021-38751.yaml 2021-08-17 17:12:51 +05:30
Prince Chaddha 9f9e055f73
Merge pull request #2417 from gy741/rule-add-v56 
Create CVE-2021-32030.yaml
 2021-08-17 17:09:16 +05:30
Prince Chaddha beb11d77e3
Update CVE-2021-32030.yaml 2021-08-17 17:05:12 +05:30
Prince Chaddha e1e03449fa
Merge pull request #2421 from geeknik/patch-20 
Create CVE-2017–4011.yaml
 2021-08-17 17:04:11 +05:30
Prince Chaddha 3a030cca66
Update CVE-2017–4011.yaml 2021-08-17 17:01:34 +05:30
Prince Chaddha fc0e203f2a
Merge pull request #2422 from daffainfo/patch-157 
Create CVE-2010-1722.yaml
 2021-08-17 16:58:58 +05:30
Muhammad Daffa 09189f7cfb
Create CVE-2010-1953.yaml 2021-08-17 07:16:08 +07:00
Muhammad Daffa 61d1543cc5
Create CVE-2010-1722.yaml 2021-08-17 07:09:28 +07:00
Geeknik Labs 9d8c364040
Create CVE-2017–4011.yaml 2021-08-16 15:45:09 -05:00
Dwi Siswanto 8fa76f68f6 Add CVE-2021-38751 2021-08-17 02:18:49 +07:00
Prince Chaddha 0db2272164
Merge pull request #2402 from pikpikcu/patch-256 
Create CVE-2019-16313
 2021-08-16 16:48:14 +05:30
GwanYeong Kim c11328da0b Create CVE-2021-32030.yaml 
The administrator application on ASUS GT-AC2900 devices before 3.0.0.4.386.42643 allows authentication bypass when processing remote input from an unauthenticated user, leading to unauthorized access to the administrator interface. This relates to handle_request in router/httpd/httpd.c and auth_check in web_hook.o. An attacker-supplied value of '\0' matches the device's default value of '\0' in some situations.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
 2021-08-16 20:13:22 +09:00
Prince Chaddha f0acc877a8
Update CVE-2019-16313.yaml 2021-08-16 15:50:28 +05:30
Prince Chaddha 69cef4d64d
Merge pull request #2405 from daffainfo/patch-152 
Create CVE-2010-1474.yaml
 2021-08-16 14:17:30 +05:30
Prince Chaddha 9e947cddc0
Merge pull request #2406 from daffainfo/patch-153 
Create CVE-2010-1602.yaml
 2021-08-16 14:16:37 +05:30
Prince Chaddha 71cc5a923d
Merge pull request #2412 from daffainfo/patch-154 
Create CVE-2008-6172.yaml
 2021-08-16 14:02:21 +05:30
Prince Chaddha 10640742db
Update CVE-2008-6172.yaml 2021-08-16 14:01:20 +05:30
Prince Chaddha 64218ed6bc
Merge pull request #2413 from daffainfo/patch-155 
Create CVE-2010-0943.yaml
 2021-08-16 14:00:13 +05:30
Prince Chaddha 272dec095d
Update CVE-2021-33807.yaml 2021-08-16 13:55:31 +05:30
Muhammad Daffa b426441cf4
Update CVE-2021-33807.yaml 2021-08-16 06:47:56 +07:00
Muhammad Daffa fa8c120f90
Create CVE-2021-33807.yaml 2021-08-16 06:47:24 +07:00
Muhammad Daffa 168140eef5
Create CVE-2010-0943.yaml 2021-08-16 06:28:46 +07:00
Muhammad Daffa 63dcc9dd49
Create CVE-2008-6172.yaml 2021-08-16 06:23:06 +07:00
Muhammad Daffa 7a58d43dbb
Create CVE-2010-1602.yaml 2021-08-15 06:25:02 +07:00
Muhammad Daffa 1c2c5e6e69
Create CVE-2010-1474.yaml 2021-08-15 06:18:04 +07:00
sandeep e9e84a4b36 minor update 2021-08-15 00:57:33 +05:30
pajoda b15ed3324c
Include path for unpatched old versions 2021-08-14 19:18:15 +00:00
pajoda 5d3d6ca911
Maintain matcher and extractor consistency 2021-08-14 18:56:37 +00:00
pajoda c9fa891245
Improve template metadata 2021-08-14 16:34:59 +00:00
pajoda 180219cc63
Add CVE-2021-37704 template 2021-08-14 16:22:35 +00:00
PikPikcU 73f37aa7c5
Create CVE-2019-16313.yaml 2021-08-14 18:37:50 +07:00
PikPikcU 45a46dad92
Update CVE-2019-20085.yaml 2021-08-14 18:22:17 +07:00
Prince Chaddha 27e113eab1
Merge pull request #2391 from daffainfo/patch-149 
Create CVE-2010-1955.yaml
 2021-08-14 16:06:16 +05:30
Prince Chaddha 09e48ac8b4
Merge pull request #2396 from geeknik/patch-18 
Create CVE-2021-37573.yaml
 2021-08-14 14:43:11 +05:30
Prince Chaddha b5123f5abe
Update CVE-2021-37573.yaml 2021-08-14 14:40:52 +05:30
Prince Chaddha 12a87fbce1
Merge pull request #2398 from daffainfo/patch-150 
Create CVE-2010-5278.yaml
 2021-08-14 14:13:09 +05:30
Prince Chaddha 6fcc70e8d4
Update CVE-2010-5278.yaml 2021-08-14 14:12:19 +05:30
Prince Chaddha 18a65bb606
Merge pull request #2399 from daffainfo/patch-151 
Create CVE-2010-1353.yaml
 2021-08-14 14:09:44 +05:30
Prince Chaddha 4c811a4dc2
Update CVE-2021-3017.yaml 2021-08-14 14:03:43 +05:30
Prince Chaddha 09284afb09
Update CVE-2021-3017.yaml 2021-08-14 13:58:04 +05:30
Prince Chaddha 916d421b98
Update CVE-2021-3017.yaml 2021-08-14 13:56:56 +05:30
PikPikcU 29e8c790fc
Create CVE-2021-3017.yaml 2021-08-14 13:32:59 +07:00
Muhammad Daffa 439b20cb42
Create CVE-2010-1353.yaml 2021-08-14 08:37:46 +07:00
Muhammad Daffa 1a2d30d207
Create CVE-2010-5278.yaml 2021-08-14 08:36:29 +07:00
Geeknik Labs 344fba3089
Update CVE-2021-37573.yaml 2021-08-13 17:17:35 -05:00
Geeknik Labs eed8e2e573
Update CVE-2021-37573.yaml 2021-08-13 17:17:18 -05:00
Geeknik Labs 1ea3dfe3b7
Create CVE-2021-37573.yaml 2021-08-13 17:14:13 -05:00
Sandeep Singh 99b6aa8840
Merge pull request #2390 from daffainfo/patch-148 
Create CVE-2008-4668.yaml
 2021-08-13 17:08:12 +05:30
SaN ThosH 035ee06740
Update CVE-2021-35464.yaml 2021-08-13 16:22:36 +05:30
Muhammad Daffa b6ff5d4f14
Create CVE-2010-1955.yaml 2021-08-13 06:23:04 +07:00
Muhammad Daffa 5d5adbfea8
Create CVE-2008-4668.yaml 2021-08-13 06:20:38 +07:00
sandeep a8a292bd1e minor update 2021-08-12 23:10:24 +05:30
sandeep c537e2ccd4 minor update 2021-08-12 22:09:42 +05:30
Sandeep Singh a0275a9aeb
Merge pull request #2370 from evait-security/master 
add ProxyShell detection template
 2021-08-12 22:08:59 +05:30
sandeep b69cd23cf4 minor updates 2021-08-12 21:24:09 +05:30
sandeep f3a758c461 removing extra headers 2021-08-12 18:42:02 +05:30
sandeep 189f62a96f Update CVE-2019-7238.yaml 2021-08-12 18:21:19 +05:30
PikPikcU 1d8ed811d3
Create CVE-2019-7238.yaml 2021-08-12 19:30:35 +07:00
Sandeep Singh 5ca0a70f3e
Merge pull request #2372 from projectdiscovery/buffalo 
Added CVE-2021-20090 / CVE-2021-20091 / CVE-2021-20092
 2021-08-12 16:07:45 +05:30
Prince Chaddha 781998fce8
Merge pull request #2359 from pdelteil/patch-37 
Update CVE-2019-12616.yaml
 2021-08-12 15:10:02 +05:30
Prince Chaddha d2fdd5096d
Update CVE-2019-12616.yaml 2021-08-12 15:07:48 +05:30
Prince Chaddha d880626d43
Merge pull request #2376 from daffainfo/patch-145 
Create CVE-2016-1000139.yaml
 2021-08-12 15:04:07 +05:30
Prince Chaddha 283888f13b
Update CVE-2016-1000139.yaml 2021-08-12 14:58:59 +05:30
Prince Chaddha 84dfe61181
Merge pull request #2382 from daffainfo/patch-146 
Create CVE-2018-16288.yaml
 2021-08-12 14:39:44 +05:30
sandeep a69a8718c7 removing extra headers 2021-08-12 14:11:49 +05:30
Muhammad Daffa bff5851698
Create CVE-2010-0944.yaml 2021-08-12 09:42:36 +07:00
Muhammad Daffa 76e6fbcf8e
Create CVE-2018-16288.yaml 2021-08-12 09:41:00 +07:00
Prince Chaddha 015bb2efbe
Merge pull request #2368 from gy741/rule-add-v53 
Create CVE-2018-16167.yaml
 2021-08-12 01:07:32 +05:30
Prince Chaddha a9b4789119
Merge pull request #2362 from daffainfo/patch-142 
Create CVE-2008-4764.yaml
 2021-08-12 00:54:27 +05:30
Prince Chaddha b2966dc487
Merge pull request #2361 from daffainfo/patch-141 
Create CVE-2014-4940.yaml
 2021-08-12 00:51:10 +05:30
Prince Chaddha 6d3e183ea6
Update CVE-2014-4940.yaml 2021-08-12 00:44:20 +05:30
Prince Chaddha 8239b51c5a
Merge pull request #2360 from daffainfo/patch-140 
Create CVE-2010-1983.yaml
 2021-08-12 00:39:15 +05:30
sandeep 7c076d7e0e Added CVE-2021-20092 2021-08-11 18:28:37 +05:30
sandeep b64f472b91 Added CVE-2021-20091 2021-08-11 17:58:20 +05:30
sandeep 76d184331c minor update 2021-08-11 17:57:58 +05:30
Prince Chaddha 6096bc4db7
Update CVE-2019-12616.yaml 2021-08-11 16:38:30 +05:30
Prince Chaddha bfe2cc6607
Merge pull request #2353 from daffainfo/patch-139 
Create CVE-2010-1979.yaml
 2021-08-11 13:01:47 +05:30
Prince Chaddha eac5b036f8
Merge pull request #2352 from daffainfo/patch-138 
Create CVE-2016-1000146.yaml
 2021-08-11 13:01:38 +05:30
Prince Chaddha f088bae396
Update CVE-2016-1000146.yaml 2021-08-11 12:58:48 +05:30
Muhammad Daffa 74719fb87b
Create CVE-2016-1000139.yaml 2021-08-11 12:38:45 +07:00
sandeep 74a17976a8 Update CVE-2021-20090.yaml 2021-08-10 22:23:57 +05:30
sandeep d84eb0fd7e Added CVE-2021-20090 2021-08-10 22:21:46 +05:30
sandeep 63431349aa minor update 2021-08-10 20:13:14 +05:30
Paul Werther 36e43b66ec follow redirect, compare body instead of status code, eliminate false positives 2021-08-10 10:53:58 +02:00
Paul Werther ff558bd94e add second url for more stable detection 2021-08-10 10:17:37 +02:00
Paul Werther 99d41391e7 add ProxyShell detection template 2021-08-10 09:59:06 +02:00
GwanYeong Kim 19517e8855 Create CVE-2018-16167.yaml 
LogonTracer 1.2.0 and earlier allows remote attackers to execute arbitrary OS commands via unspecified vectors.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
 2021-08-10 14:30:22 +09:00
Geeknik Labs d6bd06a878
Update CVE-2020-24312.yaml 
Fixes a false positive.
 2021-08-09 20:43:58 -05:00
Muhammad Daffa f74f45cd9d
Create CVE-2008-4764.yaml 2021-08-10 06:13:01 +07:00
Muhammad Daffa a17ffba4c5
Create CVE-2014-4940.yaml 2021-08-10 06:05:56 +07:00
Muhammad Daffa ce351cf896
Create CVE-2010-1983.yaml 2021-08-10 05:58:47 +07:00
Philippe Delteil 8c1050256f
Update CVE-2019-12616.yaml 
I don't know why the matcher was changed. The matcher phpmyadmin.net doesn't work in my test cases.
 2021-08-09 17:35:43 -04:00
sandeep 4f0a3510fa matcher update 2021-08-09 23:51:31 +05:30
sandeep 8c48ca97d2 matcher + payload + regex updates 2021-08-09 21:58:28 +05:30
sandeep c0db649278 Added CVE-2019-0193 - Apache Solr - DataImportHandler RCE 2021-08-09 21:57:30 +05:30
sandeep 07aa96ed15 Fixing CVE-2017-12629 2021-08-09 20:55:06 +05:30
Noam Rathaus 14d2dcd26b reference 2021-08-09 16:35:43 +03:00
Muhammad Daffa e3661a1c2d
Create CVE-2010-1979.yaml 2021-08-09 06:22:49 +07:00
Muhammad Daffa 911570d0b3
Create CVE-2016-1000146.yaml 2021-08-09 06:17:34 +07:00
sandeep 28f1036194 minor update 2021-08-08 22:57:07 +05:30
Sandeep Singh aa29e9e618
Merge pull request #2345 from daffainfo/patch-137 
Create CVE-2013-5979.yaml
 2021-08-08 20:24:21 +05:30
Sandeep Singh e411a39d7e
Merge pull request #2344 from daffainfo/patch-136 
Create CVE-2010-2259.yaml
 2021-08-08 20:18:09 +05:30
sandeep 63595cad63 Update CVE-2019-12616.yaml 2021-08-08 12:20:47 +05:30
sandeep 5d51c6235d Update CVE-2019-12616.yaml 2021-08-08 12:20:24 +05:30
Philippe Delteil 78cca01d07
Update CVE-2019-12616.yaml 
regex matching condition to match all vulnerable versions. 
With 401 we could find instances behind htaccess protection. 
Added a version extractor also.
 2021-08-07 18:59:05 -04:00
Muhammad Daffa 9624b5467f
Create CVE-2013-5979.yaml 2021-08-08 00:21:15 +07:00
Muhammad Daffa edbe11772a
Create CVE-2010-2259.yaml 2021-08-08 00:19:03 +07:00
Prince Chaddha bc236580ee
Merge pull request #1856 from Akokonunes/patch-15 
Create CVE-2019-9618.yaml
 2021-08-07 19:55:08 +05:30
Prince Chaddha d063dbfe7b
Merge pull request #2338 from geeknik/patch-9 
Create CVE-2005-4385.yaml
 2021-08-07 19:42:20 +05:30
Prince Chaddha 1f83d63bb1
Merge pull request #2337 from geeknik/patch-8 
Create CVE-2008-6668.yaml
 2021-08-07 15:06:36 +05:30
Prince Chaddha d78a3cb629
Update CVE-2005-4385.yaml 2021-08-07 15:06:29 +05:30
Prince Chaddha 28da3e5e3d
Update CVE-2008-6668.yaml 2021-08-07 15:05:07 +05:30
Prince Chaddha ce0a873337
Merge pull request #2339 from geeknik/patch-14 
Create CVE-2006-1681.yaml
 2021-08-07 14:52:59 +05:30
Prince Chaddha 1b28477a9a
Update CVE-2006-1681.yaml 2021-08-07 14:40:24 +05:30
Prince Chaddha b030d433dc
Update CVE-2006-1681.yaml 2021-08-07 14:40:03 +05:30
Prince Chaddha 8b94298c81
Merge pull request #2341 from daffainfo/patch-135 
Create CVE-2016-2389.yaml
 2021-08-07 12:36:38 +05:30
Prince Chaddha 881936676b
Update CVE-2011-4804.yaml 2021-08-07 12:28:08 +05:30
Prince Chaddha 335b7ce0a0
Update CVE-2016-2389.yaml 2021-08-07 12:27:03 +05:30
Muhammad Daffa 9039bef1dd
Create CVE-2016-2389.yaml 2021-08-07 00:35:56 +07:00
Muhammad Daffa 8be55281c4
Create CVE-2011-4804.yaml 2021-08-07 00:34:28 +07:00
Geeknik Labs 12c2c849b9
Create CVE-2006-1681.yaml 2021-08-06 11:58:00 -05:00
Geeknik Labs dfce16a682
Create CVE-2005-4385.yaml 2021-08-06 11:35:36 -05:00
Sandeep Singh eee5d8b22e
Merge pull request #2334 from daffainfo/patch-133 
Create CVE-2014-5368.yaml
 2021-08-06 21:57:54 +05:30
Geeknik Labs b4573b1392
Create CVE-2008-6668.yaml 2021-08-06 11:24:01 -05:00
Sandeep Singh 7bd7a40793
Merge pull request #2333 from daffainfo/patch-132 
Create CVE-2010-2682.yaml
 2021-08-06 21:45:42 +05:30
Sandeep Singh 2ca144c36a
Merge pull request #2329 from pikpikcu/patch-245 
Added AvantFAX
 2021-08-06 21:41:40 +05:30
sandeep e75efd42da minor update 2021-08-06 21:39:24 +05:30
sandeep b59341b273 minor update 2021-08-06 21:23:46 +05:30
sandeep d60171ed9d Added additional matchers 2021-08-06 20:16:35 +05:30
Muhammad Daffa 03a67a3738
Create CVE-2014-5368.yaml 2021-08-06 06:09:11 +07:00
Muhammad Daffa 79d29e355b
Create CVE-2010-2682.yaml 2021-08-06 06:06:54 +07:00
mass0ma 9646633d30 Added CVE-2017-14651 Template 2021-08-05 16:59:36 +00:00
Prince Chaddha f63f7af8aa
Update CVE-2017-18024.yaml 2021-08-05 20:40:16 +05:30
Sandeep Singh 105a093c91
Merge pull request #2328 from daffainfo/patch-130 
Create CVE-2010-4617.yaml
 2021-08-05 13:29:38 +05:30
sandeep 34f905286a moving files around 2021-08-05 12:52:50 +05:30
PikPikcU 9ff9493341
Create CVE-2017-18024.yaml 2021-08-05 12:48:55 +07:00
Muhammad Daffa 9feedb27af
Create CVE-2010-4617.yaml 2021-08-05 08:36:32 +07:00
sandeep 40f3693456 Added page specific matcher 2021-08-04 21:32:50 +05:30
Prince Chaddha c7871dc7a6
Merge pull request #2021 from daffainfo/patch-59 
Create CVE-2021-24235.yaml
 2021-08-04 20:02:01 +05:30
Prince Chaddha 98e5c69560
Update CVE-2021-24235.yaml 2021-08-04 20:00:11 +05:30
Prince Chaddha fc0085797b
Merge pull request #2321 from daffainfo/patch-129 
Create CVE-2015-2807.yaml
 2021-08-04 14:10:46 +05:30
Prince Chaddha ca92425071
Update CVE-2015-2807.yaml 2021-08-04 14:07:35 +05:30
Prince Chaddha 2dec4a0326
Merge pull request #2320 from daffainfo/patch-128 
Create CVE-2015-9414.yaml
 2021-08-04 14:06:00 +05:30
Prince Chaddha 80f52746e3
Update CVE-2015-9414.yaml 2021-08-04 14:03:38 +05:30
Prince Chaddha 325c8a53f6
Merge pull request #2322 from gy741/rule-add-v51 
Create CVE-2018-15745.yaml, CVE-2018-15517.yaml
 2021-08-04 13:46:10 +05:30
Prince Chaddha 0b3a307294
Update CVE-2018-15517.yaml 2021-08-04 13:44:42 +05:30
Prince Chaddha 8cc213cec1
Update CVE-2018-15745.yaml 2021-08-04 13:42:14 +05:30
sandeep 515d469506 strict matchers 2021-08-04 12:10:24 +05:30
GwanYeong Kim 812d4faca2 Create CVE-2018-15517.yaml 
Using a web browser or script SSRF can be initiated against internal/external systems to conduct port scans by leveraging D LINKs MailConnect component. The MailConnect feature on D-Link Central WiFiManager CWM-100 1.03 r0098 devices is intended to check a connection to an SMTP server but actually allows outbound TCP to any port on any IP address, leading to SSRF, as demonstrated by an index.php/System/MailConnect/host/127.0.0.1/port/22/secure/ URI. This can undermine accountability of where scan or connections actually came from and or bypass the FW etc. This can be automated via script or using Web Browser.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
 2021-08-04 14:25:54 +09:00
GwanYeong Kim adce7d2c39 Create CVE-2018-15745.yaml 
Argus Surveillance DVR 4.0.0.0 devices allow Unauthenticated Directory Traversal, leading to File Disclosure via a ..%2F in the WEBACCOUNT.CGI RESULTPAGE parameter.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
 2021-08-04 14:16:24 +09:00
Muhammad Daffa 1d888e8b4e
Create CVE-2015-2807.yaml 2021-08-04 00:09:09 +07:00
Muhammad Daffa e9313b15be
Create CVE-2015-9414.yaml 2021-08-04 00:07:14 +07:00
Sandeep Singh 5965a3e44c
Merge pull request #2319 from dwisiswant0/add/CVE-2021-37216 
Add CVE-2021-37216
 2021-08-03 20:40:52 +05:30
Prince Chaddha a4628d1f58
Merge pull request #2195 from daffainfo/patch-107 
Create CVE-2016-1000153.yaml
 2021-08-03 20:34:28 +05:30
Prince Chaddha cc715bd005
Merge pull request #2196 from daffainfo/patch-108 
Create CVE-2016-1000155.yaml
 2021-08-03 20:33:18 +05:30
Prince Chaddha a5f74e0484
Update CVE-2016-1000153.yaml 2021-08-03 20:33:02 +05:30
Prince Chaddha e6ea819b9c
Update CVE-2016-1000155.yaml 2021-08-03 20:31:20 +05:30
sandeep a3347504fe minor update 2021-08-03 20:18:40 +05:30
sandeep 1b5420bc4b updated matcher 2021-08-03 20:14:14 +05:30
Prince Chaddha 62bcd6932d
Merge pull request #2198 from gy741/rule-add-v43 
Create CVE-2021-32305.yaml
 2021-08-03 20:02:32 +05:30
Dwi Siswanto f59905ced2 Add CVE-2021-37216 2021-08-03 21:31:33 +07:00
Prince Chaddha 3395eff8a0
Merge pull request #2316 from gy741/rule-add-v49 
Create CVE-2020-7796.yaml
 2021-08-03 19:57:45 +05:30
Prince Chaddha 23bc448b1b
Merge pull request #2199 from pikpikcu/patch-208 
Add OpenSIS POC
 2021-08-03 19:53:32 +05:30
Prince Chaddha b927288f30
Update CVE-2020-6637.yaml 2021-08-03 19:25:06 +05:30
Muhammad Daffa 63cda4e1ef
Update CVE-2021-24235.yaml 2021-08-03 14:58:19 +07:00
Prince Chaddha 107c3594bf
Update CVE-2020-6637.yaml 2021-08-03 13:24:31 +05:30
Prince Chaddha 41b06a2ed7
Merge pull request #2216 from pikpikcu/patch-223 
Add Zimbra XSS
 2021-08-03 13:22:42 +05:30
Prince Chaddha c4acd62307
Update CVE-2018-14013.yaml 2021-08-03 13:13:57 +05:30
Prince Chaddha 1c83792023
Merge pull request #2314 from daffainfo/patch-126 
Create CVE-2018-20470.yaml
 2021-08-03 13:08:36 +05:30
sandeep 3c03e28e55 Update CVE-2020-7796.yaml 2021-08-03 12:50:22 +05:30
sandeep d8007437ae Update CVE-2020-7796.yaml 2021-08-03 12:50:10 +05:30
Prince Chaddha b02ea3266b
Update CVE-2020-7796.yaml 2021-08-03 12:47:55 +05:30
Prince Chaddha 9620f4616e
Update CVE-2020-7796.yaml 2021-08-03 12:42:56 +05:30
GwanYeong Kim 9c16967fa5 Create CVE-2020-7796.yaml 
Zimbra Collaboration Suite (ZCS) before 8.8.15 Patch 7 allows SSRF when WebEx zimlet is installed and zimlet JSP is enabled.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
 2021-08-03 09:31:23 +09:00
Muhammad Daffa 6e13d833ef
Create CVE-2018-19458.yaml 2021-08-03 06:20:58 +07:00
Muhammad Daffa 02d3258f2a
Create CVE-2018-20470.yaml 2021-08-03 06:19:42 +07:00
sandeep e2b20b8f01 Adding metadata 2021-08-02 23:16:05 +05:30
Sandeep Singh 249c39af51
Merge pull request #2299 from httpvoid/master 
Add CVE-2021-29484 - Ghost CMS DOM XSS
 2021-08-02 23:13:22 +05:30
Harsh Jaiswal 3f8e3ce2d0
Update cves/2021/CVE-2021-29484.yaml 
Co-authored-by: Toufik Airane <toufik.airane@appsectribe.com>
 2021-08-02 23:05:35 +05:30
Prince Chaddha 1939842ab6
Merge pull request #2219 from pikpikcu/patch-225 
Add Dolibarr xss
 2021-08-02 22:32:24 +05:30
Prince Chaddha f924e58b8e
Update CVE-2018-10095.yaml 2021-08-02 22:31:01 +05:30
Prince Chaddha dca1dd56b1
Merge pull request #2220 from pikpikcu/patch-226 
Add Grav CMS XSS
 2021-08-02 22:26:37 +05:30
Prince Chaddha e359b030f2
Update CVE-2018-5233.yaml 2021-08-02 22:25:21 +05:30
Prince Chaddha df1348ee5c
Merge pull request #2232 from daffainfo/patch-112 
Create CVE-2014-8799.yaml
 2021-08-02 22:00:52 +05:30
Prince Chaddha f93858622d
Update CVE-2014-8799.yaml 2021-08-02 21:59:27 +05:30
Sandeep Singh 18722cd4f4
Merge pull request #2311 from gy741/rule-add-v48 
Create CVE-2020-27361.yaml
 2021-08-02 21:56:57 +05:30
Prince Chaddha 347a850911
Merge pull request #2233 from pikpikcu/patch-232 
Add Tiki Wiki CMS Groupware XSS
 2021-08-02 21:48:20 +05:30
GwanYeong Kim 8627aadce0 Create CVE-2020-27361.yaml 
An issue exists within Akkadian Provisioning Manager 4.50.02 which allows attackers to view sensitive information within the /pme subdirectories.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
 2021-08-03 01:17:48 +09:00
Prince Chaddha 7d0e2be80a
Update CVE-2011-4336.yaml 2021-08-02 21:47:19 +05:30
Prince Chaddha 7aa7401f3a
Merge pull request #2278 from gy741/rule-add-v44 
Create CVE-2021-21816.yaml
 2021-08-02 21:17:00 +05:30
sandeep a1d73379aa Added CVE-2021-27561 2021-08-02 18:25:13 +05:30
Prince Chaddha c670df2925
Update CVE-2021-21816.yaml 2021-08-02 17:57:09 +05:30
Prince Chaddha 5c7a745e04
Merge pull request #2298 from gy741/rule-add-v47 
Create CVE-2021-3297.yaml
 2021-08-02 17:18:29 +05:30
Prince Chaddha 8810d6fd64
Merge pull request #2294 from daffainfo/patch-123 
Create CVE-2016-1000148.yaml
 2021-08-02 17:18:22 +05:30
Prince Chaddha fb0c113fb6
Merge pull request #2281 from daffainfo/patch-121 
Create CVE-2016-10993.yaml
 2021-08-02 17:18:07 +05:30
Prince Chaddha 434b69608a
Update CVE-2016-10993.yaml 2021-08-02 17:16:58 +05:30
Prince Chaddha a3cba3b1e1
Merge pull request #2280 from daffainfo/patch-120 
Create CVE-2020-35598.yaml
 2021-08-02 17:14:38 +05:30
Prince Chaddha e4817b6e19
Merge pull request #2282 from daffainfo/patch-122 
Create CVE-2012-4253.yaml
 2021-08-02 17:13:52 +05:30
Prince Chaddha 27f96f96c4
Update CVE-2021-3297.yaml 2021-08-02 17:12:42 +05:30
Prince Chaddha 2c0ecb01b3
Update CVE-2021-3297.yaml 2021-08-02 17:09:52 +05:30
Prince Chaddha bae8422cfb
Update CVE-2021-3297.yaml 2021-08-02 17:06:07 +05:30
Noam Rathaus 37608a954c Description 2021-08-02 12:56:17 +03:00
Noam Rathaus 6950d325e6 Update description 2021-08-02 12:55:21 +03:00
rootxharsh 6f2d74337e Add CVE-2021-29484.yaml 2021-08-02 13:28:24 +05:30
GwanYeong Kim bfa043e51f Create CVE-2021-3297.yaml 
On Zyxel NBG2105 V1.00(AAGU.2)C0 devices, setting the login cookie to 1 provides administrator access.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
 2021-08-02 16:35:38 +09:00
Prince Chaddha 1d58b2abd2
Merge pull request #2295 from daffainfo/patch-124 
Create CVE-2016-1000149.yaml
 2021-08-02 12:57:51 +05:30
Prince Chaddha 0757721d24
Update CVE-2016-1000149.yaml 2021-08-02 12:56:49 +05:30
Prince Chaddha 0c7025f30d
Update CVE-2016-1000148.yaml 2021-08-02 12:55:51 +05:30
sandeep 02dc911dc9 Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates 2021-08-02 12:53:44 +05:30
sandeep e896a8982d misc updates 2021-08-02 12:53:35 +05:30
r3dg33k dfcd364059 update to CVE-2017-5487, added extractor 2021-08-02 01:08:39 -04:00
Muhammad Daffa 6347e02b91
Create CVE-2016-1000149.yaml 2021-08-02 06:10:17 +07:00
Muhammad Daffa 54f927329d
Create CVE-2016-1000148.yaml 2021-08-02 06:09:14 +07:00
Sandeep Singh 81572ce596
Merge pull request #2292 from geeknik/patch-4 
Update CVE-2021-31581.yaml
 2021-08-02 02:09:32 +05:30
Sandeep Singh b04dc13dcd
Update CVE-2021-31581.yaml 2021-08-02 02:08:28 +05:30
sandeep a24977aab9 Update CVE-2020-6637.yaml 2021-08-02 01:42:01 +05:30
Sandeep Singh d416aea142
Merge pull request #2279 from gy741/rule-add-v45 
Create CVE-2021-36380.yaml
 2021-08-02 01:36:56 +05:30
sandeep ebf1653d65 Update CVE-2021-36380.yaml 2021-08-02 01:33:10 +05:30
Sandeep Singh 454e11f6c4
Merge pull request #2271 from pikpikcu/patch-240 
Update JIRA SSRF
 2021-08-02 01:31:27 +05:30
sandeep f5982c5d28 Update CVE-2019-8451.yaml 2021-08-02 01:30:00 +05:30
sandeep 5023dd6f9c Update CVE-2019-8451.yaml 2021-08-02 01:27:40 +05:30
Sandeep Singh c7778257c3
Update CVE-2019-8451.yaml 2021-08-02 01:22:49 +05:30
Sandeep Singh 56d3a2f1bd
Merge pull request #2284 from pikpikcu/patch-242 
Update CVE-2019-0221
 2021-08-02 01:17:36 +05:30
Sandeep Singh 76fb40314a
Merge pull request #2277 from pikpikcu/patch-241 
Update CVE-2021-3223
 2021-08-02 01:15:39 +05:30
sandeep 5c22441bac Update CVE-2021-3223.yaml 2021-08-02 01:11:43 +05:30
Geeknik Labs 9cbb151600
Update CVE-2021-31581.yaml 
Fixes https://github.com/projectdiscovery/nuclei-templates/issues/2285. 👍🏻
 2021-08-01 10:59:39 -05:00
Noam Rathaus 03dfb4bff6 More references 2021-08-01 09:16:33 +03:00
Noam Rathaus 3de7af6018 Better reference 2021-08-01 09:14:14 +03:00
Noam Rathaus ac70ba03c7 description and reference 2021-08-01 09:12:12 +03:00
Noam Rathaus 21b17993be Better references 2021-08-01 09:10:14 +03:00
Noam Rathaus 9dc30c37a2 Description and reference 2021-08-01 08:57:40 +03:00