453841f7d6
ssrf
2023-03-05 16:33:31 +08:00
2be3e16516
Change to CVSSv3.1
2023-03-03 11:50:58 -05:00
2a7b69bab3
Match severity with CVSS
2023-03-03 10:27:54 -05:00
73bdedf50a
Merge pull request #6815 from JorianWoltjer/main
...
Reduce false-positives in Open Redirect regexes
2023-03-03 17:19:14 +05:30
9a8397c2f3
Merge branch 'projectdiscovery:main' into dashboard
2023-03-02 16:08:27 -05:00
f42443a761
Add missing cves
...
Cleanup a poor quality template
Rename/relocate ruijie from password leak to RCE
2023-03-02 16:07:26 -05:00
8b43d840f8
misc
2023-03-03 00:36:32 +05:30
367a2434b3
Fix FP
2023-03-03 00:33:52 +05:30
06e9e06961
Add open-directed improvement to more templates
2023-03-01 19:22:21 +01:00
71fd3bf973
Reduce false-positives in open-redirect regexes
2023-03-01 09:39:14 +01:00
4a363a8511
Auto Generated CVE annotations [Sun Feb 26 13:23:33 UTC 2023] 🤖
2023-02-26 13:23:33 +00:00
b95666fb6c
filename -update
2023-02-24 11:15:54 +05:30
9b4f78e67b
reference &metadata -update
2023-02-22 22:57:33 +05:30
7c512ee0aa
Merge pull request #6641 from nodauf/patch-1
...
Add new payload for CORS
2023-02-21 13:32:35 +05:30
75055f7ceb
Auto Generated CVE annotations [Mon Feb 20 18:22:21 UTC 2023] 🤖
2023-02-20 18:22:21 +00:00
8a1b8d516c
Merge pull request #6752 from projectdiscovery/nextjs-redirect
...
Create nextjs-redirect.yaml
2023-02-20 23:35:51 +05:30
1b9a33bf17
Merge pull request #6759 from MariamTariq404/main
...
seatreg-open-redirect.yaml
2023-02-20 23:04:46 +05:30
f1479b1441
updated name,matchers
2023-02-20 22:50:25 +05:30
5d3d1b4c6d
moving around directory
2023-02-20 15:49:16 +05:30
3e6198f6fa
Fixing metersphere-plugin-rce template ( #6758 )
...
* Fixing metersphere-plugin-rce template
* Update metersphere-plugin-rce.yaml
* Fixed the filename in Content-Disposition header
---------
Co-authored-by: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com>
2023-02-19 17:53:06 +05:30
3327727379
add templates: thinkphp6_arbitrary_write
2023-02-17 07:25:24 -05:00
b56027ff24
Create nextjs-redirect.yaml
2023-02-16 16:26:36 +05:30
708c42181e
Merge pull request #6676 from galoget/main
...
Added template for Ruijie Password Hashes Leakage
2023-02-15 14:04:11 +05:30
749480c23c
Delete ruijie-password-hashes-leak.yaml
2023-02-14 19:47:22 +05:30
fa5f1f5d8d
template update
2023-02-14 19:46:56 +05:30
8d26b3fea5
Improve Keycloak templates
2023-02-10 22:01:43 +01:00
8321b40726
Fix a typo in hashicorp-consul-rce.yaml
2023-02-10 11:24:24 +01:00
c661f7c531
fix-false-positive-can-xss
2023-02-10 00:28:16 +05:30
e812da36fb
Merge pull request #6677 from imhunterand/patch-2
...
Update open-redirect.yaml
2023-02-07 10:22:19 +05:30
b8e613ff03
change from google.com -> evil.com
2023-02-07 10:19:11 +05:30
fee8ede5fa
Merge branch 'main' into dashboard
2023-02-07 02:04:58 +05:30
818b243e3e
updated metadata
2023-02-07 01:48:48 +05:30
d19938ba8a
Update open-redirect.yaml
2023-02-05 20:49:10 +07:00
7e99d7e03b
Added template for Ruijie Password Hashes Leakage, Fix trailing spaces
2023-02-05 07:08:15 -05:00
a2c360113f
Added template for Ruijie Password Hashes Leakage
2023-02-05 06:58:07 -05:00
59077b2ddc
Create avaya-aura-xss.yaml
2023-02-03 23:56:05 +05:30
3d7732e3b8
Update avaya-aura-rce.yaml
2023-02-03 23:45:34 +05:30
2b234ce699
Create avaya-aura-rce.yaml
2023-02-03 23:44:11 +05:30
29ad9bc9e9
Syntax fixes
2023-02-02 16:51:33 -05:00
6a50f45f96
Add new payload for CORS
2023-01-30 15:21:39 +01:00
a852c35c15
Enhancement: vulnerabilities/generic/generic-j2ee-lfi.yaml by mp
2023-01-29 14:29:20 -05:00
e9b37518bb
Enhancement: vulnerabilities/generic/generic-j2ee-lfi.yaml by mp
2023-01-29 14:24:06 -05:00
d199a8c18b
Merge branch 'main' into dashboard
2023-01-27 07:31:06 -08:00
7521dda0f6
Severities and relocations
2023-01-27 09:57:27 -05:00
af71446887
Merge pull request #6597 from tess-ss/patch-113
...
Create vmware-cloud-reflected-xss.yaml
2023-01-25 18:55:26 +05:30
521c875436
added-meta-data
2023-01-25 16:15:20 +05:30
693e1e3daa
Dashboard Content Enhancements ( #6613 )
...
Dashboard Content Enhancements
2023-01-24 08:21:18 -08:00
d51bacf769
Merge branch 'main' into dashboard
2023-01-24 08:15:56 -08:00
8a581f5790
changed dork -> query
2023-01-24 15:32:50 +05:30
2f3e0a3112
fixed trailing spaces
2023-01-24 13:01:15 +05:30
e9e29939f7
Fixing: severity mismatches, trailing spaces, other cleanups
2023-01-23 22:06:12 -08:00
8fd50b3632
Auto Generated CVE annotations [Mon Jan 23 22:30:31 UTC 2023] 🤖
2023-01-23 22:30:31 +00:00
0d6fbd237f
Dashboard Content Enhancements ( #6598 )
...
Dashboard Content Enhancements
2023-01-23 14:14:23 -08:00
ea6cbbf438
Merge branch 'main' into dashboard
2023-01-23 15:20:38 -05:00
8a3eeea516
Fixing spelling, -dorks, and some severity mismatches
2023-01-23 15:11:25 -05:00
7d98d173ad
Create vmware-cloud-reflected-xss.yaml
2023-01-23 13:39:37 -05:00
5addb51f6d
Auto Generated CVE annotations [Mon Jan 23 10:36:01 UTC 2023] 🤖
2023-01-23 10:36:01 +00:00
2ccee035fb
Merge pull request #6586 from cryptoconman/patch-122
...
Create slims-xss.yaml
2023-01-23 15:57:03 +05:30
398bb21665
Merge pull request #6585 from cryptoconman/patch-121
...
Create alms-xss
2023-01-23 15:28:30 +05:30
095df8edcc
updated matchers
2023-01-23 15:24:33 +05:30
f60dcf0f19
added text/html header
2023-01-23 15:17:20 +05:30
68861082fc
Merge pull request #6587 from cryptoconman/patch-123
...
Create tikiwiki-xss.yaml
2023-01-23 15:04:02 +05:30
f7da6d8b33
Auto Generated CVE annotations [Mon Jan 23 07:48:36 UTC 2023] 🤖
2023-01-23 07:48:36 +00:00
9aa77a4e09
updated matchers
2023-01-23 13:08:09 +05:30
243b12571c
matcher-update
...
added additional data to keep the template uniform
2023-01-23 10:57:54 +05:30
74b188e8e0
added-stop-first-match
2023-01-23 10:21:13 +05:30
e39f508e51
fix-matcher
2023-01-23 10:20:26 +05:30
ed200ecad8
fixed-formatting
2023-01-23 09:52:06 +05:30
e0c253202e
Create sound4-disclosure.yaml
2023-01-23 01:54:11 +05:30
86c69575b3
Create tikiwiki-xss.yaml
2023-01-23 00:58:22 +05:30
7480a83529
Create slims-xss.yaml
2023-01-23 00:30:48 +05:30
ea6e61448d
Create alms-xss
2023-01-23 00:02:57 +05:30
a071c03a22
Merge branch 'patch-360' of https://github.com/pikpikcu/nuclei-templates
2023-01-20 18:47:21 +05:30
c10f665af5
updated id, name, path and description
2023-01-18 12:48:27 +05:30
643700ca28
Dashboard Content Enhancements ( #6526 )
...
Dashboard Content Enhancements
2023-01-16 12:41:15 -05:00
63b54672b0
Update and rename vulnerabilities/thinkphp/thinkphp6-lang-lfi.yaml to cves/2022/CVE-2022-47945.yaml
2023-01-16 00:19:02 +07:00
c3bc305f3f
Auto Generated CVE annotations [Sun Jan 15 06:48:30 UTC 2023] 🤖
2023-01-15 06:48:30 +00:00
4f22547b0f
Merge pull request #6511 from projectdiscovery/elastic-log4j-fix-fp
...
Update elasticsearch5-log4j-rce.yaml
2023-01-15 11:58:55 +05:30
8f99b72676
Update apache-solr-log4j-rce.yaml
2023-01-11 12:04:21 +05:30
60ecd5c167
Update elasticsearch5-log4j-rce.yaml
2023-01-11 11:53:35 +05:30
6a0fc2e6c8
Merge pull request #6421 from projectdiscovery/sni-addition
...
Sni Addition
2023-01-10 17:25:52 +05:30
09504ab427
Wrong part name ( #6482 )
...
Part name should be "header" instead "location"
2023-01-08 00:30:41 +05:30
a89d7e99ba
Dashboard Content Enhancements ( #6469 )
...
Dashboard Content Enhancements
2023-01-05 09:57:06 -05:00
997d941552
Auto Generated CVE annotations [Thu Jan 5 11:21:19 UTC 2023] 🤖
2023-01-05 11:21:19 +00:00
8d0acc447a
Update digital-ocean-ssrf.yaml
2022-12-23 23:27:17 +05:30
a9d8abe0ec
Update amazon-ec2-ssrf.yaml
2022-12-23 23:26:07 +05:30
ed26f07765
minor-update
2022-12-23 15:00:52 +05:30
b0ca4271d7
Create thinkphp6-lang-lfi.yaml
2022-12-23 12:55:38 +05:30
4f99d40e0e
Merge pull request #6393 from projectdiscovery/digital-ocean-ssrf
...
Create digital-ocean-ssrf.yaml
2022-12-22 11:15:54 +05:30
2ed7357a2a
Merge pull request #6385 from projectdiscovery/amazon-ec2-ssrf
...
Create amazon-ec2-ssrf.yaml (IWCON)
2022-12-22 11:09:23 +05:30
916d86ecb5
Update digital-ocean-ssrf.yaml
2022-12-22 11:06:01 +05:30
cacf0ef565
Update amazon-ec2-ssrf.yaml
2022-12-22 11:03:37 +05:30
ab7f19491b
Create digital-ocean-ssrf.yaml
2022-12-20 10:51:20 +05:30
dece342c21
Update amazon-ec2-ssrf.yaml
2022-12-18 22:23:05 +05:30
6b45d0be7a
Create amazon-ec2-ssrf.yaml
2022-12-18 19:53:30 +05:30
1b4413709e
updated-tag
2022-12-16 23:18:35 +05:30
d668920669
Update unauth-lfd-zhttpd.yaml
2022-12-16 08:41:31 +05:30
87d7bde9df
Update unauth-lfd-zhttpd.yaml
2022-12-16 00:42:12 +05:30
13f9a338d3
minor-update-fix-fp
2022-12-16 00:31:01 +05:30
33afc71bb2
fucking yamllint doing me over
2022-12-15 13:40:38 +00:00
ee562e420d
Create zyxel-exportlog-lfd.yaml
2022-12-15 13:32:26 +00:00
03c2ef2391
Dashboard Content Enhancements ( #6358 )
...
Dashboard Content Enhancements
2022-12-13 15:36:48 -05:00
4cfacf2028
Merge pull request #6337 from pect0ral/master
...
Added Profile header for additional WAP coverage on CJServer hosts
2022-12-12 23:16:01 +05:30
74eba669f3
Update qibocms-file-download.yaml
2022-12-12 22:48:05 +05:30
27a5c1b9c1
Update qibocms-file-download.yaml
2022-12-12 22:42:18 +05:30
e5398d06d1
Update qibocms-file-download.yaml
2022-12-12 22:40:15 +05:30
221b253406
Create qibocms-file-download.yaml
2022-12-12 21:06:09 +05:30
1574d7d589
VMware NSX Manager XStream Pre-authenticated RCE ( #6295 )
...
* Added CVE-2022-37042 Template
* misc updates
* Added vmware-nsx-stream-rce Template
* Update vmware-nsx-stream-rce.yaml
* misc update
* added fofa query
* Update and rename vulnerabilities/vmware/vmware-nsx-stream-rce.yaml to cves/2021/CVE-2021-39144.yaml
* Update CVE-2021-39144.yaml
* Update CVE-2021-39144.yaml
* Update and rename cves/2021/CVE-2021-39144.yaml to vulnerabilities/vmware/vmware-nsx-stream-rce.yaml
* Update vmware-nsx-stream-rce.yaml
* Update vmware-nsx-stream-rce.yaml
* format update
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
Co-authored-by: Dhiyaneshwaran <leedhiyanesh@gmail.com>
Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
2022-12-11 15:49:35 +05:30
2e9ba680a7
Added Profile header for additional WAP coverage on CJServer hosts
2022-12-10 17:42:58 -05:00
ec5168def8
fix: redirect template update ( #6329 )
2022-12-10 20:12:59 +05:30
e1965b05b2
Merge pull request #6258 from SleepingBag945/new-template-nps-auth-bypass
...
Added nps-auth-bypass
2022-12-09 14:35:35 +05:30
4de98de0c2
Update nps-auth-bypass.yaml
2022-12-09 14:33:49 +05:30
5b7b5aa86c
Update grafana-file-read.yaml
...
Add CVE to metadata.
2022-12-08 22:38:53 +01:00
f29e0c8c4b
Merge pull request #6201 from pdelteil/patch-117
...
Update apache-solr-file-read.yaml
2022-12-08 14:53:37 +05:30
c5d280b359
Update apache-solr-file-read.yaml
2022-12-08 14:42:36 +05:30
457974c2de
Update grafana-file-read.yaml
2022-12-08 13:42:47 +05:30
eb36eedb10
Update grafana-file-read.yaml
2022-12-08 11:13:26 +05:30
d38ddd1804
Add space and remove tag from non-loading Grafana template
2022-12-08 11:40:13 +11:00
e2429ca6a4
Merge pull request #6256 from c3l3si4n/master
...
added Reflected XSS for ZendFramework1
2022-12-07 23:02:48 +05:30
a033b96ceb
Update zend-v1-xss.yaml
2022-12-07 19:22:26 +05:30
f417ca8a2b
Update zend-v1-xss.yaml
2022-12-07 18:23:56 +05:30
972bafe93e
Auto Generated CVE annotations [Wed Dec 7 09:42:26 UTC 2022] 🤖
2022-12-07 09:42:26 +00:00
b48c05dc27
Added Template Checksum generator ( #6283 )
...
* Added Template Checksum generator
* fixed lint errors
2022-12-07 14:54:33 +05:30
4500d5e374
Rename wp-related-post-xss to wp-related-post-xss.yaml
2022-12-07 14:41:03 +05:30
948f05204c
Update nps-auth-bypass.yaml
2022-12-07 10:55:13 +05:30
9cfebe489b
Update nps-auth-bypass.yaml
2022-12-07 10:49:50 +05:30
b04feae9ca
Update zend-v1-xss.yaml
2022-12-06 14:31:05 +05:30
af11412622
Added nps-auth-bypass
2022-12-06 16:52:23 +08:00
84a48a61ad
added XSS for ZendFramework1
2022-12-06 05:13:46 -03:00
61d8f37cca
Update open-redirect.yaml
2022-12-02 13:03:13 +05:30
11b94a1f5a
Update apache-solr-file-read.yaml
2022-12-02 09:32:17 +05:30
fd270d85f6
Update apache-solr-file-read.yaml
2022-12-02 09:31:15 +05:30
c8b5033ccc
Update apache-solr-file-read.yaml
2022-12-02 09:21:51 +05:30
0384b0d51d
Update apache-solr-file-read.yaml
2022-12-02 09:13:23 +05:30
a37abb4401
Update apache-solr-file-read.yaml
2022-12-02 09:12:05 +05:30
843264155b
Update apache-solr-file-read.yaml
...
1. The added GET request triggers a file local read on Windows OS.
2. Matcher added to the Response trigger by 1.
3. Matcher for other cases (Errors, ie. not found path)
2022-12-01 18:51:21 -05:00
a7dfed84ef
Merge pull request #6159 from arafatansari/patch-112
...
Create wp-related-post-xss
2022-12-01 12:53:45 +05:30
46dcb9ee92
Update wp-related-post-xss
2022-11-29 19:09:35 +05:30
e5a63cf26a
Merge pull request #6174 from pdelteil/patch-111
...
Rename tikiwiki-json-rpc.yaml to kiwitcms-json-rpc.yaml
2022-11-29 11:32:03 +05:30
0cc2b7b562
Merge pull request #6173 from pdelteil/patch-110
...
Update nuuo-nvrmini2-rce.yaml
2022-11-29 11:28:26 +05:30
8dfea46220
Merge pull request #6176 from pdelteil/patch-113
...
Rename vulnerabilities/other/devalcms-xss.yaml to cves/2008/CVE-2008-…
2022-11-29 11:25:35 +05:30
516f3fc0c0
Merge pull request #6172 from pdelteil/patch-109
...
Rename icewarp-openredirects.yaml to icewarp-open-redirect.yaml
2022-11-29 11:16:40 +05:30
688b56b5df
Rename vulnerabilities/other/devalcms-xss.yaml to cves/2008/CVE-2008-6982.yaml
2022-11-29 00:38:16 -05:00
8b4e280c02
Rename tikiwiki-json-rpc.yaml to kiwitcms-json-rpc.yaml
...
- Incorrect file name (tikiwiki vs Kiwi TCMS).
- Matching filename + id.
2022-11-29 00:28:22 -05:00
9c2c3d964b
Update nuuo-nvrmini2-rce.yaml
...
filename + id matching
2022-11-29 00:24:14 -05:00
3458bcabd9
Rename icewarp-openredirects.yaml to icewarp-open-redirect.yaml
...
id + filename matching
2022-11-29 00:22:34 -05:00
5bdb492bac
Update comtrend-password-exposure.yaml
...
Corrected typo -> match id with filename.
2022-11-29 00:16:28 -05:00
9f60094d84
Auto Generated CVE annotations [Mon Nov 28 08:04:24 UTC 2022] 🤖
2022-11-28 08:04:24 +00:00
e93a5a87f6
Create wp-related-post-xss
2022-11-27 12:41:16 +05:30
335f78adc0
Merge pull request #6137 from projectdiscovery/wptouch-xss
...
Create wptouch-xss.yaml
2022-11-26 22:16:14 +05:30
pwnhxl
sullo
Dhiyaneshwaran
MostInterestingBotInTheWorld
Prince Chaddha
Jorian Woltjer
GitHub Action
pussycat0x
Ritik Chaddha
Rahul Maini
arliya
Thibault Soubiran
brightio
ANDRI
galoget
nodauf
Arman
Cryptoc0nman
Prince Chaddha
PikPikcU
Emre Kara
EvergreenCartoons
Abhinav Gaur
M4rtin Hsu
Mike Piekarski
Sandeep Singh
Joshua Rogers
Joshua Rogers
SleepingBag945
Celesian
Philippe Delteil
Arafat Ansari