19517e8855
Create CVE-2018-16167.yaml
...
LogonTracer 1.2.0 and earlier allows remote attackers to execute arbitrary OS commands via unspecified vectors.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-08-10 14:30:22 +09:00
14d2dcd26b
reference
2021-08-09 16:35:43 +03:00
0b3a307294
Update CVE-2018-15517.yaml
2021-08-04 13:44:42 +05:30
8cc213cec1
Update CVE-2018-15745.yaml
2021-08-04 13:42:14 +05:30
812d4faca2
Create CVE-2018-15517.yaml
...
Using a web browser or script SSRF can be initiated against internal/external systems to conduct port scans by leveraging D LINKs MailConnect component. The MailConnect feature on D-Link Central WiFiManager CWM-100 1.03 r0098 devices is intended to check a connection to an SMTP server but actually allows outbound TCP to any port on any IP address, leading to SSRF, as demonstrated by an index.php/System/MailConnect/host/127.0.0.1/port/22/secure/ URI. This can undermine accountability of where scan or connections actually came from and or bypass the FW etc. This can be automated via script or using Web Browser.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-08-04 14:25:54 +09:00
adce7d2c39
Create CVE-2018-15745.yaml
...
Argus Surveillance DVR 4.0.0.0 devices allow Unauthenticated Directory Traversal, leading to File Disclosure via a ..%2F in the WEBACCOUNT.CGI RESULTPAGE parameter.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-08-04 14:16:24 +09:00
41b06a2ed7
Merge pull request #2216 from pikpikcu/patch-223
...
Add Zimbra XSS
2021-08-03 13:22:42 +05:30
c4acd62307
Update CVE-2018-14013.yaml
2021-08-03 13:13:57 +05:30
1c83792023
Merge pull request #2314 from daffainfo/patch-126
...
Create CVE-2018-20470.yaml
2021-08-03 13:08:36 +05:30
6e13d833ef
Create CVE-2018-19458.yaml
2021-08-03 06:20:58 +07:00
02d3258f2a
Create CVE-2018-20470.yaml
2021-08-03 06:19:42 +07:00
1939842ab6
Merge pull request #2219 from pikpikcu/patch-225
...
Add Dolibarr xss
2021-08-02 22:32:24 +05:30
f924e58b8e
Update CVE-2018-10095.yaml
2021-08-02 22:31:01 +05:30
dca1dd56b1
Merge pull request #2220 from pikpikcu/patch-226
...
Add Grav CMS XSS
2021-08-02 22:26:37 +05:30
e359b030f2
Update CVE-2018-5233.yaml
2021-08-02 22:25:21 +05:30
e896a8982d
misc updates
2021-08-02 12:53:35 +05:30
bc48231304
Merge pull request #2192 from gy741/rule-add-v41
...
Create CVE-2018-10818.yaml
2021-07-31 22:56:26 +05:30
620cd107c6
Update CVE-2018-10818.yaml
2021-07-31 22:55:55 +05:30
ab408ccd04
Create CVE-2018-5233.yaml
2021-07-27 16:03:59 +07:00
9e2de534a8
Create CVE-2018-10095.yaml
2021-07-27 15:49:19 +07:00
317a63ec9c
Create CVE-2018-14013.yaml
2021-07-27 14:34:36 +07:00
4029278d6c
Create CVE-2018-10818.yaml
...
The vulnerability (CVE-2018-10818) is a pre-auth remote command injection vulnerability found in the majority of LG NAS devices. You cannot simply log in with any random username and password. However, there lies a command injection vulnerability in the “password” parameter.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-07-27 02:27:13 +09:00
9c66387f0f
More CVEs Template
2021-07-26 22:48:45 +05:30
5fc3ae4ef4
Merge pull request #1872 from Vladimir-Ivanov-Git/CVE-2018-2392
...
CVE-2018-2392 SAP IGS XXE
2021-07-26 20:12:08 +05:30
0d2e18722a
Update CVE-2018-10822.yaml
2021-07-26 01:04:31 +05:30
9883f04092
Create CVE-2018-10822.yaml
2021-07-25 05:49:24 +07:00
6ccc5f8792
matcher update to handle edge cases
2021-07-25 03:05:55 +05:30
4db131a5d3
Update CVE-2018-20985.yaml
2021-07-22 19:01:00 +05:30
a0581944aa
Update CVE-2018-20985.yaml
2021-07-22 19:32:43 +07:00
7afafb1f4f
Added references
2021-07-22 15:37:50 +07:00
1c54875f24
Create CVE-2018-20985.yaml
2021-07-22 15:35:12 +07:00
f2c22f66b6
Update CVE-2018-3760.yaml
2021-07-20 17:28:29 +05:30
2b156573bd
Update CVE-2018-3760.yaml
2021-07-20 16:22:18 +07:00
4dbf36813d
removing duplicate template
2021-07-20 00:43:39 +05:30
6eee57115c
Merge pull request #2083 from projectdiscovery/fixing-xss-matchers
...
fixing-xss-matchers
2021-07-20 00:28:01 +05:30
ae24c38370
Merge pull request #2087 from daffainfo/patch-89
...
Add CVE-2018-16059
2021-07-20 00:25:31 +05:30
aa2c8d210b
Update CVE-2018-16059.yaml
2021-07-20 00:15:32 +05:30
ffce401c23
Update CVE-2018-16283.yaml
2021-07-19 18:22:19 +05:30
68efee3702
Merge branch 'projectdiscovery:master' into master
2021-07-19 19:48:57 +07:00
7a99c2db48
Rename to CVE-2018-16283
2021-07-19 19:47:31 +07:00
c22924c1ba
misc updates
2021-07-19 18:17:12 +05:30
5a5b5ea18e
Create CVE-2018-16059.yaml
2021-07-19 17:16:19 +07:00
fee3b0dbba
Update CVE-2018-5316.yaml
2021-07-19 11:32:30 +05:30
5923b1522e
Update CVE-2018-20462.yaml
2021-07-19 11:31:57 +05:30
1453b08a1d
Update CVE-2018-11709.yaml
2021-07-19 11:31:16 +05:30
304ab07b28
Update CVE-2018-12031.yaml
2021-07-16 17:42:00 +05:30
110a989ff1
Update CVE-2018-12031.yaml
2021-07-16 17:36:12 +05:30
4238febae3
Update CVE-2018-12031.yaml
2021-07-16 17:33:02 +05:30
134031c9aa
Update and rename cves/2020/CVE-2020-14461.yaml to cves/2018/CVE-2018-12031.yaml
2021-07-16 18:56:28 +07:00
84223eb0b8
Merge pull request #2033 from daffainfo/patch-67
...
Create CVE-2018-11709.yaml
2021-07-16 11:07:42 +05:30
247c964e78
Merge pull request #2034 from daffainfo/patch-68
...
Create CVE-2018-5316.yaml
2021-07-16 11:07:32 +05:30
f977df559c
Update CVE-2018-11709.yaml
2021-07-16 11:05:11 +05:30
da4b0d4da7
Update CVE-2018-20462.yaml
2021-07-16 11:01:29 +05:30
5bee8dd716
Create CVE-2018-5316.yaml
2021-07-16 00:16:27 +07:00
9d84281202
Create CVE-2018-11709.yaml
2021-07-16 00:14:42 +07:00
367f5d225d
Create CVE-2018-20462.yaml
2021-07-16 00:12:52 +07:00
f13d61c128
Update CVE-2018-9118.yaml
2021-07-15 17:41:16 +05:30
42fd30dfd8
Update and rename CVE-2018-9118.yaml to cves/2018/CVE-2018-9118.yaml
2021-07-15 17:40:37 +05:30
491b6f8e2b
Update CVE-2018-2392.yaml
2021-07-08 14:41:02 +05:30
05b2837a0a
Add CVE-2018-2392.yaml
2021-07-05 19:40:37 +03:00
52e0c861a1
Merge pull request #1733 from milo2012/master
...
Added CVE-2018-1000130/ CVE-2018-2628/ CVE-2018-2628/ CVE-2019-3401/ CVE-2020-1938/ oracle-bi-default-login/ jolokia-heap-disclosure
2021-07-02 18:27:45 +05:30
e2a0f93f79
misc updates
2021-07-02 18:24:31 +05:30
b3c580d290
Update CVE-2018-8715.yaml
2021-06-30 15:34:58 +05:30
1afa102620
Add CVE-2018-8715.yaml - AppWeb authentication bypass
2021-06-30 16:30:56 +08:00
54f40d8f2c
Update CVE-2018-13380.yaml
2021-06-29 02:17:42 +00:00
dd98451110
Update CVE-2018-16299.yaml
2021-06-25 12:45:04 +05:30
fca70dd2c7
Update and rename CVE-2018-16299.yaml to cves/2018/CVE-2018-16299.yaml
2021-06-25 12:43:55 +05:30
95b34330ed
Add CVE-2018-2893.yaml - Oracle WebLogic Server Deserialization RCE
2021-06-25 03:41:02 +08:00
4e888bf3e2
Add CVE-2018-2893.yaml - Oracle WebLogic Server Deserialization RCE
2021-06-25 03:38:53 +08:00
35cf8d1378
Merge pull request #1221 from projectdiscovery/princechaddha-patch-6
...
Create CVE-2018-9995.yaml
2021-06-24 02:33:20 +05:30
0fbbfdd364
Update CVE-2018-9995.yaml
2021-06-24 02:32:23 +05:30
6e139881ee
fix or operator
2021-06-23 00:33:06 +08:00
139aaf2ecf
Add CVE-2018-1000130.yaml - fix spaces
2021-06-22 20:35:17 +08:00
e84dc0e94c
Add CVE-2018-1000130.yaml - Jolokia Agent Proxy JNDI Code Injection
2021-06-22 20:32:30 +08:00
be89aed331
Update CVE-2018-2628.yaml
2021-06-21 14:26:53 +05:30
cb4d12cc8c
Moved to cves/2018
2021-06-21 14:20:20 +05:30
1465ad8c76
Merge pull request #1740 from Akokonunes/patch-9
...
Create CVE-2018-18775.yaml
2021-06-20 16:51:09 +05:30
a2623f5e9d
Update CVE-2018-18775.yaml
2021-06-20 16:49:24 +05:30
b874963894
moved to cves
2021-06-20 16:47:21 +05:30
00ad7ee3db
Moved to cves
2021-06-20 16:43:44 +05:30
112113437c
Moved template to cves folder
2021-06-18 16:58:27 +05:30
44a53f7090
Merge pull request #1636 from pdelteil/patch-6
...
Update CVE-2018-18069.yaml
2021-06-18 10:01:04 +05:30
0f590a867b
Update CVE-2018-18069.yaml
2021-06-17 22:20:02 +05:30
eeb88e4bd1
Update CVE-2018-18069.yaml
2021-06-17 22:13:32 +05:30
36bb1fff95
Update CVE-2018-18069.yaml
2021-06-17 22:11:00 +05:30
5c2a07d65e
Merge pull request #1684 from geeknik/patch-107
...
Create CVE-2018-16670.yaml
2021-06-16 02:01:36 +05:30
dbee289627
Merge pull request #1683 from geeknik/patch-106
...
Create CVE-2018-16668.yaml
2021-06-16 01:59:47 +05:30
6c48452767
Merge pull request #1682 from geeknik/patch-105
...
Create CVE-2018-16671.yaml
2021-06-16 01:58:32 +05:30
edf4a45ee4
Update CVE-2018-1000533.yaml
2021-06-15 16:38:28 +05:30
72d9357cf6
Update CVE-2018-1000533.yaml
2021-06-15 16:23:59 +05:30
3cfc921b71
Update CVE-2018-1000533.yaml
2021-06-15 15:31:36 +05:30
e970a09c53
Create CVE-2018-1000533.yaml
2021-06-15 07:28:10 +00:00
e83ba1b5ec
Create CVE-2018-16670.yaml
2021-06-11 12:11:36 +00:00
c451137ffc
Create CVE-2018-16668.yaml
2021-06-11 12:10:29 +00:00
210465a658
Create CVE-2018-16671.yaml
2021-06-11 12:09:29 +00:00
b17196ee18
Merge pull request #1679 from Mad-robot/master
...
Update CVE-2018-3167.yaml
2021-06-11 16:25:07 +05:30
bc4a0d37b1
Moving template to cves folder
2021-06-11 15:58:02 +05:30
a2e740148f
Update CVE-2018-3167.yaml
2021-06-11 13:21:20 +05:30
bfed8d5200
Update CVE-2018-3167.yaml
2021-06-11 13:19:46 +05:30
84341549c0
Update CVE-2018-3167.yaml
2021-06-11 13:18:36 +05:30
42ec1d5636
Update CVE-2018-3167.yaml
2021-06-11 13:14:15 +05:30
83ce809e8d
Updated author names
2021-06-09 17:50:56 +05:30
68642e226b
CVE-2018-1247 fix
2021-06-09 01:40:02 +05:30
39555505db
Update CVE-2018-18069.yaml
...
The matching condition are not enough. The payload input is not checked for reflection. This creates false positives like this one
nuclei -debug -t nuclei-templates/cves/2018/CVE-2018-18069.yaml -u https://empleo.gbtspain.com
2021-06-05 14:12:50 -04:00
fe1ab8385d
Update and rename exposures/logs/circarlife-system-log.yaml to cves/2018/CVE-2018-12634.yaml
2021-05-31 11:31:04 -05:00
a39f71eeff
Fixing CVE-2018-0296
2021-05-31 09:28:47 +05:30
d63b9e1cb8
Adding missing tags
2021-05-13 00:54:59 +05:30
f18a611286
Delete CVE-2018-0101.yaml
...
Temporarily removing as current matcher is not sufficient to match this accurately.
2021-05-09 17:12:50 +05:30
b2ffaa1c5b
Update CVE-2018-10141.yaml
2021-05-03 15:16:29 +05:30
e94b507722
moving files around
2021-05-03 15:16:08 +05:30
fb4020a894
Merge pull request #1245 from projectdiscovery/princechaddha-patch-13
...
Create CVE-2018-8770.yaml
2021-04-21 23:53:08 +05:30
bc4e678ed1
Merge pull request #1235 from projectdiscovery/princechaddha-patch-10
...
Create CVE-2018-17246.yaml
2021-04-21 23:43:01 +05:30
c2a990a0d9
CVE-2018-13379 traversal path is corrected
2021-04-21 02:15:12 +03:00
e72784eb53
Merge pull request #1249 from geeknik/patch-67
...
Create CVE-2018-2894.yaml
2021-04-13 18:10:38 +05:30
4196c94ac5
Update CVE-2018-2894.yaml
2021-04-13 18:08:13 +05:30
a4ffb88b17
Added CVE-2018-7422
2021-04-11 15:49:26 +05:30
32a3410ff8
Create CVE-2018-2894.yaml
2021-04-10 13:44:41 +00:00
abad438c3b
Create CVE-2018-8770.yaml
2021-04-10 03:40:04 +05:30
a4ab51f7de
Update CVE-2018-17246.yaml
2021-04-09 15:44:40 +05:30
0b746c97c2
Added additional check to avoid possible false positive
2021-04-09 13:13:36 +05:30
8e74c7f37a
Update CVE-2018-17246.yaml
2021-04-09 02:35:42 +05:30
bfc477e817
Create CVE-2018-17246.yaml
2021-04-09 02:31:08 +05:30
578ec0bac1
Create CVE-2018-9995.yaml
2021-04-07 18:03:31 +05:30
8fdfc64e54
misc tag updates
2021-04-06 12:16:11 +05:30
8d022bcbf7
Merge pull request #1058 from dwisiswant0/add/cves/2018/CVE-2018-0101
...
Add CVE-2018-0101
2021-04-01 14:02:28 +05:30
06827e41c9
Update CVE-2018-0101.yaml
2021-04-01 14:01:09 +05:30
b7efe0b3c9
minor fixes and improvements
2021-04-01 13:59:23 +05:30
2925d53ab9
Fix wrong identations
2021-03-28 02:09:26 +07:00
b804f5f676
Add more possible crash 5xx status codes
2021-03-28 02:07:23 +07:00
53d8ab8322
Using DSL type of matcher
2021-03-28 02:06:37 +07:00
e80e67a592
Using RAW requests
2021-03-28 02:06:04 +07:00
c25cb2500e
Create CVE-2018-11784.yaml
2021-03-18 16:22:01 +00:00
ad84ecb792
tag improvements
2021-03-18 13:24:36 +05:30
70ea0f089b
Create CVE-2018-7700.yaml
2021-03-15 08:15:21 +00:00
7252696ce9
Update CVE-2018-6910.yaml
2021-03-15 13:05:45 +05:30
e7d135049b
Update CVE-2018-6910.yaml
2021-03-15 13:04:20 +05:30
819d760b23
Update CVE-2018-6910.yaml
2021-03-15 13:02:01 +05:30
bfb330bea9
update reference
2021-03-15 06:59:55 +00:00
55a34e3963
Create CVE-2018-6910.yaml
2021-03-15 06:54:11 +00:00
28b0636f2d
syntax update
2021-03-12 17:32:16 +05:30
c35ed8a408
Merge branch 'master' into wordpress-cves
2021-03-12 17:25:27 +05:30
7571b1e149
Merge pull request #1055 from dwisiswant0/add/cves/2018/CVE-2018-1207
...
Add CVE-2018-1207
2021-03-12 02:22:09 +05:30
b7618db673
removing empty spaces
2021-03-12 01:46:35 +05:30
6c1abe9b5e
Add description
2021-03-11 18:22:34 +02:00
d8edcb99a8
Merge branch 'master' into CVE-2018-18778
2021-03-11 20:37:53 +05:30
ed91c0813e
more typos
2021-03-10 19:45:41 +05:30
2a8cb00525
Add matcher condition to 'or'
2021-03-10 20:33:23 +07:00
de3b1d27ea
added templates
2021-03-10 17:06:11 +05:30
b8bf230aaf
Add possible crash 5xx status codes
2021-03-10 15:47:38 +07:00
f0c941a02f
Add reference
2021-03-10 15:47:01 +07:00
7589706bfa
🔥 Add CVE-2018-0101
2021-03-10 15:46:40 +07:00
8009300120
Add missing description
2021-03-10 15:00:54 +07:00
0c389a8c2b
Add reference
2021-03-10 14:59:48 +07:00
67f790752e
🔥 Add CVE-2018-1207
2021-03-10 14:59:38 +07:00
8e67a67b80
Merge pull request #909 from pikpikcu/patch-77
...
Add poc CVE Apache Struts2
2021-03-06 02:16:25 +05:30
6c84f959f9
fixed trailing spaces
2021-03-06 02:14:21 +05:30
cc641d9946
removing few templates
2021-03-06 02:09:54 +05:30
c59c99a92e
Update CVE-2018-1335.yaml
2021-02-27 17:17:45 +05:30
0bdb8d0d32
Create CVE-2018-1335.yaml
2021-02-27 03:18:29 +00:00
ad8ebf7f0a
Adding CVE-2018-18778
2021-02-25 21:35:18 +05:30
df532f6762
Create CVE-2018-11776.yaml
2021-02-24 04:29:30 +00:00
dd0524ff9b
✏️ Update default path
2021-02-24 03:47:27 +07:00
18d1384c08
Update CVE-2018-1000861.yaml
2021-02-20 19:17:47 +05:30
e02d062fa4
Create CVE-2018-12613.yaml
2021-02-20 18:58:59 +07:00
74479c7309
Update CVE-2018-1000861
2021-02-20 18:11:15 +07:00
cc98318db2
Update CVE-2018-13380.yaml
...
now browsers automatically, encodes <, > characters.
2021-02-17 20:14:40 +05:30
6ef3f65af3
Update CVE-2018-7600.yaml
2021-02-15 22:39:32 +05:30
dded1a91f2
add CVE-2018-7600 drupal rce
2021-02-15 13:33:33 +00:00
00d26c0608
Added tags to cves 😎 ( #813 )
...
* Added tags to cves 😎
2021-02-06 01:14:41 +05:30
61b3540309
Update CVE-2018-3167.yaml
2021-02-04 13:42:34 +05:30
747e063c7b
Update CVE-2018-3167.yaml
2021-02-03 17:56:14 +00:00
4b93be2efe
Create CVE-2018-3167.yaml
2021-02-03 17:54:35 +00:00
947a045d9c
Update CVE-2018-14574.yaml
2021-02-02 19:12:49 +05:30
761b931fda
Create CVE-2018-14574.yaml
2021-02-01 13:26:05 +00:00
2c7a7a8b4d
Create CVE-2018-8033.yaml
2021-01-30 03:58:20 +00:00
dc24595935
BaseURL updates
2021-01-14 20:11:56 +05:30
a52ffe5c4e
fixes and updates
2021-01-10 19:45:36 +05:30
664a6f3b04
more cves 🔥
2021-01-09 20:15:11 +05:30
82b5a7f57b
misc changes
2021-01-02 10:30:39 +05:30
ba58677a74
moving cves to year based structure
...
easy for viewing / running templates based on years.
2021-01-02 09:52:04 +05:30
GwanYeong Kim
Noam Rathaus
Prince Chaddha
Prince Chaddha
Muhammad Daffa
sandeep
PikPikcU
Ivanov Vladimir
sandeep
Keith
Geeknik Labs
SaN ThosH
Philippe Delteil
Al-AizHashim
Dwi Siswanto
sandeep
VIPIN BIHARI