Commit Graph

6518 Commits (dad7cac46544ee3ba639c2c274744b95cab13889)

Author SHA1 Message Date
sandeep 7a1ac536d0 Additional matchers 2021-07-10 21:48:38 +05:30
GitHub Action 4874ca4dcd Auto Update README [Sat Jul 10 15:55:14 UTC 2021] 🤖 2021-07-10 15:55:14 +00:00
Sandeep Singh 97023903a0
Merge pull request #1918 from gy741/rule-add-v19
Create Hongdian Vulnerability
2021-07-10 21:24:56 +05:30
GitHub Action 67c60b057e Auto Update README [Sat Jul 10 15:25:30 UTC 2021] 🤖 2021-07-10 15:25:30 +00:00
Sandeep Singh 5ca472b43e
Merge pull request #1880 from gy741/rule-add-v13
Create CVE-2021-1497.yaml
2021-07-10 20:55:14 +05:30
sandeep 1cd29628aa more reference 2021-07-10 20:54:04 +05:30
sandeep 7f37050361 Added HTTP check 2021-07-10 20:53:23 +05:30
sandeep dd9e85a29c Added missing condition 2021-07-10 20:47:20 +05:30
sandeep 1e8aa5288f Update CVE-2021-1497.yaml 2021-07-10 20:45:00 +05:30
GitHub Action 984338b657 Auto Update README [Sat Jul 10 14:58:30 UTC 2021] 🤖 2021-07-10 14:58:30 +00:00
Sandeep Singh c247dc15ed
Merge pull request #1919 from deFr0ggy/master
LabTech Login Panel - Exposed-Panels
2021-07-10 20:28:14 +05:30
Sandeep Singh cc8337e878
typos update 2021-07-10 20:25:51 +05:30
Frog Man 4133bf25e3
Added the suggested changes.
Added the suggested changes.
2021-07-10 19:46:05 +05:00
Frog Man c52e666707
Add files via upload 2021-07-10 19:05:54 +05:00
sandeep 767f173f88 minor updates 2021-07-10 18:45:09 +05:30
GwanYeong Kim 3bf1c929ed Create Hongdian Vulnerability
CVE-2021-28149 : Hongdian H8922 3.0.5 devices allow Directory Traversal. The /log_download.cgi log export handler does not validate user input and allows a remote attacker with minimal privileges to download any file from the device by substituting ../ (e.g., ../../etc/passwd) This can be carried out with a web browser by changing the file name accordingly. Upon visiting log_download.cgi?type=../../etc/passwd and logging in, the web server will allow a download of the contents of the /etc/passwd file.

CVE-2021-28150 : Hongdian H8922 3.0.5 devices allow the unprivileged guest user to read cli.conf (with the administrator password and other sensitive data) via /backup2.cgi.

CVE-2021-28151 : Hongdian H8922 3.0.5 devices allow OS command injection via shell metacharacters into the ip-address (aka Destination) field to the tools.cgi ping command, which is accessible with the username guest and password guest.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-07-10 21:16:35 +09:00
Sandeep Singh 86fab87fdd
Merge pull request #1885 from Mah3Sec/master
git-logs
2021-07-10 15:12:25 +05:30
Sandeep Singh 72781f8dfa
Merge branch 'master' into master 2021-07-10 15:07:33 +05:30
GitHub Action c4e6110a44 Auto Update README [Sat Jul 10 09:36:01 UTC 2021] 🤖 2021-07-10 09:36:01 +00:00
Prince Chaddha c5407b87fc
Merge pull request #1897 from abison1/patch-1
Create ceros-takeover.yaml
2021-07-10 15:05:43 +05:30
Prince Chaddha 1c982979e4
Update ceros-takeover.yaml 2021-07-10 15:03:54 +05:30
Prince Chaddha 152ef6f809
Update ceros-takeover.yaml 2021-07-10 14:56:54 +05:30
GitHub Action 93225ca26d Auto Update README [Sat Jul 10 08:38:42 UTC 2021] 🤖 2021-07-10 08:38:42 +00:00
sandeep 89029e1aa7 Moving PR template to root 2021-07-10 14:08:20 +05:30
Sandeep Singh b014a621ef
Merge pull request #1917 from projectdiscovery/RCE_CEHCK_CVE-2021-3129
Updated complete RCE chain (CVE-2021-3129)
2021-07-10 14:00:53 +05:30
sandeep c2f87a94c6 Added complete RCE chain 2021-07-10 13:42:09 +05:30
GitHub Action 6688aaca61 Auto Update README [Sat Jul 10 03:54:03 UTC 2021] 🤖 2021-07-10 03:54:03 +00:00
Prince Chaddha ba90f28231
Merge pull request #1909 from gy741/rule-add-v17
Create icewarp-webclient-rce.yaml
2021-07-10 09:23:50 +05:30
Prince Chaddha a0d643561f
Update icewarp-webclient-rce.yaml 2021-07-10 09:18:32 +05:30
GitHub Action 86c78897cc Auto Update README [Sat Jul 10 03:30:19 UTC 2021] 🤖 2021-07-10 03:30:19 +00:00
Prince Chaddha fdc2275d6d
Merge pull request #1916 from geeknik/patch-2
Create checkpoint-panel.yaml
2021-07-10 09:00:03 +05:30
Prince Chaddha 0246f73534
Update checkpoint-panel.yaml 2021-07-10 08:56:21 +05:30
Geeknik Labs 0e09bc183d
Create checkpoint-panel.yaml
Fixes #1915.
2021-07-10 03:08:30 +00:00
Sandeep Singh ad1c273261
Merge pull request #1900 from pdelteil/patch-20
Update openam-detection.yaml
2021-07-10 01:38:47 +05:30
sandeep 6c11d0714f Update openam-detection.yaml 2021-07-10 01:36:54 +05:30
GitHub Action d4cdafefdb Auto Update README [Fri Jul 9 20:04:52 UTC 2021] 🤖 2021-07-09 20:04:52 +00:00
Sandeep Singh c06a347ac4
Merge pull request #1908 from gy741/rule-add-v16
Create stem-audio-table-private-keys.yaml
2021-07-10 01:34:37 +05:30
Sandeep Singh 9156e33229
Added tags and updated matcher 2021-07-10 01:31:10 +05:30
GitHub Action 7832d4f58b Auto Update README [Fri Jul 9 19:59:10 UTC 2021] 🤖 2021-07-09 19:59:11 +00:00
Sandeep Singh 7cd5c6abbf
Merge pull request #1906 from pdelteil/patch-21
Create jira-unauthenticated-installed-gadgets.yaml
2021-07-10 01:28:52 +05:30
Sandeep Singh c36a62a120
Update jira-unauthenticated-installed-gadgets.yaml 2021-07-10 01:28:30 +05:30
Sandeep Singh 3f46e48426
Update jira-unauthenticated-installed-gadgets.yaml 2021-07-10 01:26:45 +05:30
GitHub Action 7e9af4c053 Auto Update README [Fri Jul 9 19:48:54 UTC 2021] 🤖 2021-07-09 19:48:54 +00:00
Sandeep Singh 3a1bdca14c
Merge pull request #1914 from gboddin/open-mjpg-streamer
Added open-mjpg-streamer
2021-07-10 01:18:38 +05:30
sandeep 5d0db35b67 filename and matcher update 2021-07-10 01:17:38 +05:30
Gregory Boddin eb31f87e0a [fix] Added open-mjpg-streamer 2021-07-09 21:13:23 +02:00
sandeep a35c34127c Added content length condition 2021-07-10 00:40:09 +05:30
Gregory Boddin ce7531e654 Added open-mjpg-streamer 2021-07-09 21:06:45 +02:00
GitHub Action ddc0ccac40 Auto Update README [Fri Jul 9 17:23:03 UTC 2021] 🤖 2021-07-09 17:23:03 +00:00
Sandeep Singh 684761587d
Merge pull request #1913 from projectdiscovery/exposed-gitignore
Added exposed-gitignore
2021-07-09 22:52:44 +05:30