daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
13,487 Commits
17 Branches
0 Tags
165 MiB
Commit Graph

3995 Commits (e615d6f930927f6758300789997ef19326f81934)

Author SHA1 Message Date
MostInterestingBotInTheWorld 814d07fb7d
Dashboard Content Enhancements (#3961) 
* Enhancement: default-logins/viewpoint/trilithic-viewpoint-login.yaml by mp

* Enhancement: default-logins/visionhub/visionhub-default-login.yaml by mp

* Enhancement: default-logins/weblogic/weblogic-weak-login.yaml by mp

* Enhancement: default-logins/wifisky/wifisky-default-login.yaml by mp

* Enhancement: default-logins/wso2/wso2-default-login.yaml by mp

* Enhancement: default-logins/xerox/xerox7-default-login.yaml by mp

* Enhancement: default-logins/xxljob/xxljob-default-login.yaml by mp

* Enhancement: default-logins/zabbix/zabbix-default-login.yaml by mp

* Enhancement: default-logins/zmanda/zmanda-default-login.yaml by mp

* Enhancement: dns/azure-takeover-detection.yaml by mp

* Enhancement: dns/cname-fingerprint.yaml by mp

* Enhancement: dns/cname-service-detection.yaml by mp

* Enhancement: dns/detect-dangling-cname.yaml by mp

* Enhancement: dns/dns-waf-detect.yaml by mp

* Enhancement: default-logins/weblogic/weblogic-weak-login.yaml by mp

* Enhancement: default-logins/xxljob/xxljob-default-login.yaml by mp

* Enhancement: dns/dnssec-detection.yaml by mp

* Enhancement: dns/ec2-detection.yaml by mp

* Add CVSS/CWE

* Trailing space

* Linting error on comment indentation

* Typo

* Enhancement: dns/elasticbeantalk-takeover.yaml by mp

* Enhancement: cves/2020/CVE-2020-23517.yaml by mp

* Enhancement: dns/elasticbeantalk-takeover.yaml by mp

* Enhancement: dns/mx-fingerprint.yaml by mp

* Enhancement: dns/mx-service-detector.yaml by mp

* Enhancement: dns/nameserver-fingerprint.yaml by mp

* Enhancement: dns/ptr-fingerprint.yaml by mp

* Enhancement: dns/servfail-refused-hosts.yaml by mp

* Enhancement: dns/spoofable-spf-records-ptr.yaml by mp

* Enhancement: dns/txt-fingerprint.yaml by mp

* Enhancement: dns/worksites-detection.yaml by mp

* Enhancement: exposed-panels/3g-wireless-gateway.yaml by mp

* Enhancement: exposed-panels/acemanager-login.yaml by mp

* Enhancement: exposed-panels/acrolinx-dashboard.yaml by mp

* Enhancement: dns/mx-fingerprint.yaml by mp

* Enhancement: dns/mx-service-detector.yaml by mp

* Enhancement: dns/ptr-fingerprint.yaml by mp

* Enhancement: dns/servfail-refused-hosts.yaml by mp

* Enhancement: dns/spoofable-spf-records-ptr.yaml by mp

* Enhancement: cves/2021/CVE-2021-39501.yaml by mp

* Enhancement: cves/2021/CVE-2021-40323.yaml by mp

* Enhancement: cves/2021/CVE-2021-40539.yaml by mp

* Enhancement: cves/2021/CVE-2021-40542.yaml by mp

* Enhancement: cves/2021/CVE-2021-40856.yaml by mp

* Enhancement: cves/2021/CVE-2021-40859.yaml by mp

* Enhancement: cves/2021/CVE-2021-40323.yaml by mp

* Enhancement: cves/2021/CVE-2021-40539.yaml by mp

* Enhancement: cves/2010/CVE-2010-1875.yaml by mp

* Enhancement: exposed-panels/aims-password-portal.yaml by mp

* Enhancement: exposed-panels/airflow-panel.yaml by mp

* Enhancement: exposed-panels/akamai-cloudtest.yaml by mp

* Enhancement: exposed-panels/alfresco-detect.yaml by mp

* Enhancement: exposed-panels/alienvault-usm.yaml by mp

* Enhancement: exposed-panels/ambari-exposure.yaml by mp

* Enhancement: exposed-panels/amcrest-login.yaml by mp

* Enhancement: exposed-panels/ametys-admin-login.yaml by mp

* Enhancement: exposed-panels/ametys-admin-login.yaml by mp

* Enhancement: exposed-panels/alienvault-usm.yaml by mp

* Enhancement: exposed-panels/airflow-panel.yaml by mp

* Enhancement: exposed-panels/aims-password-portal.yaml by mp

* Enhancement: exposed-panels/ambari-exposure.yaml by mp

* Enhancement: cnvd/2021/CNVD-2021-17369.yaml by mp

* Enhancement: exposed-panels/apache/public-tomcat-manager.yaml by mp

* Enhancement: exposed-panels/apache/apache-apisix-panel.yaml by mp

* Enhancement: exposed-panels/ansible-tower-exposure.yaml by mp

* Enhancement: exposed-panels/ampps-panel.yaml by mp

* Enhancement: exposed-panels/ampps-admin-panel.yaml by mp

* Enhancement: exposed-panels/ametys-admin-login.yaml by mp

* Enhancement: cves/2010/CVE-2010-1878.yaml by mp

* Fix encoded chars

* trailing space

* Enhancement: cnvd/2021/CNVD-2021-15822.yaml by mp

* Enhancement: cnvd/2021/CNVD-2021-15822.yaml by mp

* Enhancement: cnvd/2021/CNVD-2021-15822.yaml by mp

* Enhancement: exposed-panels/apache/tomcat-pathnormalization.yaml by mp

* Enhancement: cves/2021/CVE-2021-40542.yaml by mp

* Enhancement: misconfiguration/horde-unauthenticated.yaml by mp

* Enhancement: misconfiguration/horde-unauthenticated.yaml by mp

* Enhancement: misconfiguration/horde-unauthenticated.yaml by mp

* Enhancement: cves/2021/CVE-2021-40542.yaml by mp

* Enhancement: exposed-panels/apiman-panel.yaml by mp

* Enhancement: cves/2010/CVE-2010-1873.yaml by mp

* Enhancement: exposed-panels/arcgis/arcgis-panel.yaml by mp

* Enhancement: exposed-panels/arcgis/arcgis-rest-api.yaml by mp

* Enhancement: exposed-panels/argocd-login.yaml by mp

* Enhancement: exposed-panels/atlassian-crowd-panel.yaml by mp

* Enhancement: exposed-panels/atvise-login.yaml by mp

* Enhancement: exposed-panels/avantfax-panel.yaml by mp

* Enhancement: exposed-panels/avatier-password-management.yaml by mp

* Enhancement: exposed-panels/axigen-webadmin.yaml by mp

* Enhancement: exposed-panels/axigen-webmail.yaml by mp

* Enhancement: exposed-panels/azkaban-web-client.yaml by mp

* Enhancement: exposed-panels/acunetix-panel.yaml by mp

* Enhancement: exposed-panels/adiscon-loganalyzer.yaml by mp

* Enhancement: exposed-panels/adminer-panel.yaml by mp

* Enhancement: cves/2010/CVE-2010-1870.yaml by mp

* Enhancement: exposed-panels/adminset-panel.yaml by mp

* Enhancement: exposed-panels/adobe/adobe-component-login.yaml by mp

* Enhancement: exposed-panels/adobe/adobe-connect-central-login.yaml by mp

* Enhancement: exposed-panels/adobe/adobe-experience-manager-login.yaml by mp

* Enhancement: exposed-panels/adobe/adobe-media-server.yaml by mp

* Enhancement: exposed-panels/advance-setup.yaml by mp

* Enhancement: exposed-panels/aerohive-netconfig-ui.yaml by mp

* Enhancement: exposed-panels/aims-password-mgmt-client.yaml by mp

* Enhancement: exposed-panels/aims-password-mgmt-client.yaml by mp

* Enhancement: exposed-panels/aims-password-portal.yaml by mp

* Enhancement: exposed-panels/airflow-panel.yaml by mp

* Enhancement: exposed-panels/airflow-panel.yaml by mp

* spacing issues

* Spacing

* HTML codes improperly interpreted
Relocate horde-unauthenticated.yaml to CVE-2005-3344.yaml

* Relocate horde-unauthenticated.yaml to CVE-2005-3344.yaml

* Enhancement: technologies/waf-detect.yaml by mp

* Enhancement: vulnerabilities/wordpress/wordpress-wpcourses-info-disclosure.yaml by mp

* Enhancement: vulnerabilities/wordpress/wordpress-wpcourses-info-disclosure.yaml by mp

* Enhancement: network/sap-router-info-leak.yaml by mp

* Enhancement: vulnerabilities/wordpress/wordpress-wpcourses-info-disclosure.yaml by mp

* Enhancement: network/sap-router-info-leak.yaml by mp

* Enhancement: network/exposed-adb.yaml by mp

* Enhancement: vulnerabilities/vmware/vrealize-operations-log4j-rce.yaml by mp

* Enhancement: vulnerabilities/vmware/vrealize-operations-log4j-rce.yaml by mp

* Enhancement: vulnerabilities/vmware/vrealize-operations-log4j-rce.yaml by mp

* Enhancement: vulnerabilities/vmware/vrealize-operations-log4j-rce.yaml by mp

* Enhancement: vulnerabilities/wordpress/wordpress-woocommerce-sqli.yaml by mp

* Enhancement: exposures/tokens/digitalocean/tugboat-config-exposure.yaml by mp

* Enhancement: exposed-panels/concrete5/concrete5-install.yaml by mp

* Enhancement: vulnerabilities/wordpress/wordpress-infinitewp-auth-bypass.yaml by mp

* indentation issue

* Character encoding issue fix

* Enhancement: default-logins/alibaba/canal-default-login.yaml by mp

* Enhancement: default-logins/alphaweb/alphaweb-default-login.yaml by mp

* Enhancement: default-logins/ambari/ambari-default-login.yaml by mp

* Enhancement: default-logins/apache/airflow-default-login.yaml by mp

* Enhancement: default-logins/apache/apisix-default-login.yaml by mp

* Enhancement: default-logins/apollo/apollo-default-login.yaml by mp

* Enhancement: default-logins/arl/arl-default-login.yaml by mp

* Enhancement: default-logins/digitalrebar/digitalrebar-default-login.yaml by mp

* Enhancement: default-logins/mantisbt/mantisbt-default-credential.yaml by mp

* Enhancement: default-logins/stackstorm/stackstorm-default-login.yaml by mp

* Enhancement: dns/caa-fingerprint.yaml by mp

* Enhancement: exposed-panels/active-admin-exposure.yaml by mp

* Enhancement: exposed-panels/activemq-panel.yaml by mp

* Enhancement: default-logins/ambari/ambari-default-login.yaml by mp

* Restore & stomped by dashboard

* Enhancement: cves/2010/CVE-2010-1653.yaml by mp

* Enhancement: cves/2021/CVE-2021-38751.yaml by mp

* Enhancement: cves/2021/CVE-2021-39320.yaml by mp

* Enhancement: cves/2021/CVE-2021-39322.yaml by mp

* Enhancement: cves/2021/CVE-2021-39327.yaml by mp

* Enhancement: cves/2021/CVE-2021-39350.yaml by mp

* Enhancement: cves/2021/CVE-2021-39433.yaml by mp

* Enhancement: cves/2021/CVE-2021-41192.yaml by mp

* Enhancement: cnvd/2021/CNVD-2021-15824.yaml by mp

* Enhancement: exposed-panels/ansible-semaphore-panel.yaml by mp

* Enhancement: exposed-panels/aviatrix-panel.yaml by mp

* Enhancement: cves/2022/CVE-2022-24288.yaml by mp

* Enhancement: cves/2022/CVE-2022-24990.yaml by mp

* Enhancement: cves/2022/CVE-2022-26159.yaml by mp

* Enhancement: default-logins/aem/aem-default-login.yaml by mp

* Enhancement: exposed-panels/blue-iris-login.yaml by mp

* Enhancement: exposed-panels/bigbluebutton-login.yaml by mp

* Enhancement: cves/2022/CVE-2022-24288.yaml by mp

* Enhancement: cves/2022/CVE-2022-24990.yaml by mp

* Enhancement: cves/2022/CVE-2022-26159.yaml by mp

* Enhancement: default-logins/aem/aem-default-login.yaml by mp

* Spacing issues
Add cve-id field

* fix & stomping

* Enhancement: cves/2016/CVE-2016-1000141.yaml by mp

* Enhancement: cves/2020/CVE-2020-24912.yaml by mp

* Enhancement: cves/2021/CVE-2021-35265.yaml by mp

* Enhancement: cves/2022/CVE-2022-0437.yaml by mp

* Enhancement: cves/2010/CVE-2010-1601.yaml by mp

* Enhancement: technologies/teradici-pcoip.yaml by mp

* Enhancement: vulnerabilities/other/unauth-hoteldruid-panel.yaml by mp

* Enhancement: cves/2010/CVE-2010-1475.yaml by mp

* Enhancement: cves/2010/CVE-2010-1535.yaml by mp

* Enhancement: exposed-panels/epson-web-control-detect.yaml by mp

* Enhancement: exposed-panels/epson-access-detect.yaml by mp

* Enhancement: cves/2020/CVE-2020-29453.yaml by mp

* Fix spacing

Co-authored-by: sullo <sullo@cirt.net>
 2022-03-25 17:15:10 +05:30
GitHub Action 83ecf7060b Auto Generated CVE annotations [Wed Mar 23 10:44:27 UTC 2022] 🤖 2022-03-23 10:44:27 +00:00
Sandeep Singh 8c12450b09
Added CVE-2021-42063 (#3956) 2022-03-23 16:13:38 +05:30
Prince Chaddha ca54dd0026
Merge pull request #3946 from bartutku/CVE-2021-41691 
CVE-2021-41691
 2022-03-23 13:17:18 +05:30
sandeep ec99241f0e Updated "/etc/passwd" regex to avoid possible false positive results. 2022-03-22 13:31:31 +05:30
Sandeep Singh 21c2c0cd2c
lint update 2022-03-22 13:04:29 +05:30
Prince Chaddha bc30daa9fb
Update CVE-2021-41691.yaml 2022-03-22 12:38:45 +05:30
Prince Chaddha 75845a7b6e
Merge pull request #3951 from z3dc0ps/master 
changed 'burpcollaborator.net' to "{{interactsh-url}}"
 2022-03-22 11:35:52 +05:30
Prince Chaddha 063d6ad7eb
Update CVE-2020-5412.yaml 2022-03-22 11:32:56 +05:30
Prince Chaddha 4e75bb7162
Update CVE-2019-9978.yaml 2022-03-22 11:32:49 +05:30
Prince Chaddha 2d8bc7577a
Update CVE-2020-5412.yaml 2022-03-22 11:25:29 +05:30
Prince Chaddha 3517bab6cc
Update CVE-2019-9978.yaml 2022-03-22 11:24:50 +05:30
MostInterestingBotInTheWorld 9663595dd1
Dashboard Text Enhancements (#3948) 
Dashboard content enhancements
 2022-03-21 23:48:47 -04:00
z3dc0ps 1e96305cf2
Update CVE-2017-9805.yaml 2022-03-22 01:47:31 +05:30
z3dc0ps 8f37ae4a2f
Update CVE-2021-21315.yaml 2022-03-22 01:46:15 +05:30
z3dc0ps d2afc026eb
Update CVE-2020-5412.yaml 2022-03-22 01:45:11 +05:30
z3dc0ps c87ed3f66f
Update CVE-2019-9978.yaml 2022-03-22 00:40:24 +05:30
bartutku 9fb6c93947 CVE-2021-41691 2022-03-21 16:49:56 +03:00
bartutku df61805ee8 CVE-2021-41691 2022-03-21 16:46:15 +03:00
GitHub Action 412ff87c82 Auto Generated CVE annotations [Mon Mar 21 12:21:54 UTC 2022] 🤖 2022-03-21 12:21:54 +00:00
PikPikcU adbf3eca22
Create CVE-2022-0437 (#3673) 
* Create CVE-2022-0437.yaml

* request + matcher update

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
 2022-03-21 17:51:11 +05:30
Markus 9e43f3cc18
[false-positive] WordPress Contact Form 7 Plugin - Unrestricted File Upload (#3825) 
* Update CVE-2020-35489.yaml

Fix for the false positives mentioned in #3816

* Update CVE-2020-35489.yaml

Fix for the false positives mentioned in #3816

* misc update

* version comparison with new helper function

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
 2022-03-21 17:48:01 +05:30
GitHub Action 3f3ba47aaa Auto Generated CVE annotations [Mon Mar 21 12:12:32 UTC 2022] 🤖 2022-03-21 12:12:32 +00:00
Prince Chaddha d42c946e20
Merge pull request #3907 from gy741/rule-add-v101 
Create CVE-2020-17456.yaml
 2022-03-21 17:41:48 +05:30
Prince Chaddha f4fdbbf415
Update and rename CVE-2020-27467.yaml to cves/2020/CVE-2020-27467.yaml 2022-03-21 16:56:48 +05:30
GitHub Action 6b562eb6f7 Auto Generated CVE annotations [Sun Mar 20 07:45:32 UTC 2022] 🤖 2022-03-20 07:45:32 +00:00
darkc0d37 36ff44ab40
Ivanti EPM CSA Code Injection(CVE-2021-44529) (#3937) 
* Added CVE-2021-44529

* Added CVE-2021-44529

* Added CVE-2021-44529

* metadata updates

* contributors update

Co-authored-by: Tirtha Mandal <darkc0d3@Tirthas-MacBook-Pro.local>
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
 2022-03-20 13:14:37 +05:30
Sandeep Singh ec2246ee22
added confluence metadata and minor matcher updates (#3929) 2022-03-19 16:12:08 +05:30
sandeep a97dccb54a additional matcher update 2022-03-19 16:10:43 +05:30
Dwi Siswanto 1878c50193
Add Pascom advisories (#3862) 
* pascom: Add CVE-2021-45967

* pascom: Add CVE-2021-45968
 2022-03-19 16:09:09 +05:30
Xeldax 10b23118aa
add airflow cve-2022-24288 (#3873) 
* add airflow cve-2022-24288

* lint update

* template request + matcher + metadata update

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
 2022-03-19 15:59:17 +05:30
sandeep dd2322c7f2 tags update 2022-03-19 15:15:41 +05:30
GitHub Action 145620c09c Auto Generated CVE annotations [Sat Mar 19 09:06:25 UTC 2022] 🤖 2022-03-19 09:06:25 +00:00
cckuailong 9fe955392a
add CVE-2021-41282 (#3844) 
* add CVE-2021-41282

* tags update

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
 2022-03-19 14:35:40 +05:30
sandeep a3a709045a tag update 2022-03-19 14:25:34 +05:30
cckuailong 5b787f0260
add CVE-2021-35587 (#3872) 
* add CVE-2021-35587

* fix verbose space

* misc updates

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
 2022-03-19 14:24:33 +05:30
Roberto Nunes 66fadd57ad
Create CVE-2021-34805.yaml (#3919) 
* Create CVE-2021-34805.yaml

* misc fixes

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
 2022-03-19 14:18:46 +05:30
sandeep 218b87a384 removing duplicate template 2022-03-18 21:09:34 +05:30
Podalirius 4c66d04cf1
Added template for CVE-2022-26159 (#3923) 
* Added template for CVE-2022-26159

* path + matcher update

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
 2022-03-18 14:58:35 +05:30
Philippe Delteil be3d2d42f1
Update CVE-2018-5230.yaml (#3928) 
* Update CVE-2018-5230.yaml

Solves a false positive when the requests triggers a file download 

nuclei -debug -t nuclei-templates/cves/2018/CVE-2018-5230.yaml -u https://get-jama.replicated.com

* matcher fixes

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
 2022-03-18 12:55:28 +05:30
MostInterestingBotInTheWorld 056323ec5a
Dashboard Text Enhancements (#3927) 
Dashboard text enhancements
 2022-03-17 13:01:45 -04:00
gilfoyle97 0fa555567a
Request: Fix CVE-2021-21234 (#3920) 
* Fixed CVE-2019-9670

* more strict matchers

* Fix CVE-2021-21234

* more strict matcher

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
 2022-03-17 14:59:53 +05:30
gilfoyle97 5a25fe8e0f
Fixed CVE-2019-9670 (#3918) 
* Fixed CVE-2019-9670

* more strict matchers

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
 2022-03-17 13:36:15 +05:30
Prince Chaddha 4c1b01bfc3
Update CVE-2020-17456.yaml 2022-03-15 16:36:08 +05:30
GwanYeong Kim ec174819c4 Create CVE-2020-17456.yaml 
SEOWON INTECH SLC-130 And SLR-120S devices allow Remote Code Execution via the ipAddr parameter to the system_log.cgi page.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
 2022-03-15 19:13:50 +09:00
sandeep 0edbae8e45 limit the matcher / extractor scope to location header 2022-03-15 11:46:47 +05:30
sandeep 2bff343eda more strict matchers for CVE-2022-23779 2022-03-15 02:03:06 +05:30
Prince Chaddha 913a1ab64e
Merge pull request #3894 from Akokonunes/patch-127 
Create CVE-2018-12300.yaml
 2022-03-15 00:48:39 +05:30
GitHub Action 13df485fff Auto Generated CVE annotations [Mon Mar 14 19:05:47 UTC 2022] 🤖 2022-03-14 19:05:47 +00:00
Prince Chaddha b68f2afd70
Merge pull request #3898 from projectdiscovery/CVE-2018-12296 
Create CVE-2018-12296.yaml
 2022-03-15 00:35:07 +05:30