Sandeep Singh
b59ff42aaf
additional reference to cves templates ( #4395 )
...
* additional reference to cves templates
* Update CVE-2006-1681.yaml
* Update CVE-2009-3318.yaml
* Update CVE-2009-4223.yaml
* Update CVE-2010-0942.yaml
* Update CVE-2010-0944.yaml
* Update CVE-2010-0972.yaml
* Update CVE-2010-1304.yaml
* Update CVE-2010-1308.yaml
* Update CVE-2010-1313.yaml
* Update CVE-2010-1461.yaml
* Update CVE-2010-1470.yaml
* Update CVE-2010-1471.yaml
* Update CVE-2010-1472.yaml
* Update CVE-2010-1474.yaml
* removed duplicate references
* misc fix
Co-authored-by: Prince Chaddha <prince@projectdiscovery.io>
Co-authored-by: Prince Chaddha <cyberbossprince@gmail.com>
2022-05-17 14:48:12 +05:30
forgedhallpass
209538baa6
refactor: Description field uniformization
...
* info field reorder
* reference values refactored to list
* added new lines after the id and before the protocols
* removed extra new lines
* split really long descriptions to multiple lines (part 1)
* other minor fixes
2022-04-22 13:38:41 +03:00
MostInterestingBotInTheWorld
a24ef794b7
Dashboard Content Enhancements ( #4031 )
...
Dashboard Content Enhancements
2022-04-07 09:53:15 -04:00
sandeep
ec99241f0e
Updated "/etc/passwd" regex to avoid possible false positive results.
2022-03-22 13:31:31 +05:30
gilfoyle97
0fa555567a
Request: Fix CVE-2021-21234 ( #3920 )
...
* Fixed CVE-2019-9670
* more strict matchers
* Fix CVE-2021-21234
* more strict matcher
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-03-17 14:59:53 +05:30
MostInterestingBotInTheWorld
9b82c296e1
Dashboard Enhancements ( #3722 )
...
* Enhancement: cves/2021/CVE-2021-1497.yaml by cs
* Enhancement: cves/2010/CVE-2010-1957.yaml by mp
* Enhancement: cves/2010/CVE-2010-1977.yaml by mp
* Enhancement: cves/2010/CVE-2010-1979.yaml by mp
* Enhancement: cves/2010/CVE-2010-1980.yaml by mp
* Enhancement: cves/2010/CVE-2010-1981.yaml by mp
* Enhancement: cves/2010/CVE-2010-1982.yaml by mp
* Enhancement: cves/2010/CVE-2010-1983.yaml by mp
* Enhancement: cves/2010/CVE-2010-2033.yaml by mp
* Enhancement: cves/2010/CVE-2010-2034.yaml by mp
* Enhancement: cves/2010/CVE-2010-2035.yaml by mp
* Enhancement: cves/2010/CVE-2010-2036.yaml by mp
* Enhancement: cves/2010/CVE-2010-2037.yaml by mp
* Enhancement: cves/2010/CVE-2010-2045.yaml by mp
* Enhancement: cves/2010/CVE-2010-2050.yaml by mp
* Enhancement: cves/2010/CVE-2010-2122.yaml by mp
* Enhancement: cves/2010/CVE-2010-1980.yaml by mp
* Enhancement: cves/2010/CVE-2010-1981.yaml by mp
* Enhancement: cves/2010/CVE-2010-1982.yaml by mp
* Enhancement: cves/2010/CVE-2010-2035.yaml by mp
* Enhancement: cves/2010/CVE-2010-2128.yaml by mp
* Enhancement: cves/2010/CVE-2010-2259.yaml by mp
* Enhancement: cves/2010/CVE-2010-2307.yaml by mp
* Enhancement: cves/2010/CVE-2010-2507.yaml by mp
* Enhancement: cves/2010/CVE-2010-2680.yaml by mp
* Enhancement: cves/2010/CVE-2010-2682.yaml by mp
* Enhancement: cves/2010/CVE-2010-2857.yaml by mp
* Enhancement: cves/2010/CVE-2010-2861.yaml by mp
* Enhancement: cves/2010/CVE-2010-2918.yaml by mp
* Enhancement: cves/2010/CVE-2010-2920.yaml by mp
* Enhancement: cves/2010/CVE-2010-3203.yaml by mp
* Enhancement: cves/2010/CVE-2010-3426.yaml by mp
* Enhancement: cves/2010/CVE-2010-4617.yaml by mp
* Enhancement: cves/2010/CVE-2010-4231.yaml by mp
* Enhancement: cves/2010/CVE-2010-4282.yaml by mp
* Enhancement: cves/2010/CVE-2010-4282.yaml by mp
* Enhancement: cves/2010/CVE-2010-4617.yaml by mp
* Enhancement: cves/2010/CVE-2010-4719.yaml by mp
* Enhancement: cves/2010/CVE-2010-4769.yaml by mp
* Enhancement: cves/2010/CVE-2010-4977.yaml by mp
* Enhancement: cves/2010/CVE-2010-5028.yaml by mp
* Enhancement: cves/2010/CVE-2010-5278.yaml by mp
* Enhancement: cves/2010/CVE-2010-5286.yaml by mp
* Enhancement: cves/2011/CVE-2011-0049.yaml by mp
* Enhancement: cves/2011/CVE-2011-1669.yaml by mp
* Enhancement: cves/2011/CVE-2011-2744.yaml by mp
* Enhancement: cves/2000/CVE-2000-0114.yaml by mp
* Enhancement: cves/2011/CVE-2011-3315.yaml by mp
* Enhancement: cves/2011/CVE-2011-4336.yaml by mp
* Enhancement: cves/2011/CVE-2011-4618.yaml by mp
* Enhancement: cves/2011/CVE-2011-4624.yaml by mp
* Enhancement: cves/2011/CVE-2011-4804.yaml by mp
* Enhancement: cves/2011/CVE-2011-0049.yaml by mp
* Enhancement: cves/2011/CVE-2011-2780.yaml by mp
* Enhancement: cves/2011/CVE-2011-2780.yaml by mp
* Enhancement: cves/2012/CVE-2012-1823.yaml by mp
* Enhancement: cves/2012/CVE-2012-0392.yaml by mp
* Enhancement: cves/2012/CVE-2012-1226.yaml by mp
* Enhancement: cves/2012/CVE-2012-0996.yaml by mp
* Enhancement: cves/2021/CVE-2021-39226.yaml by cs
* Enhancement: cves/2021/CVE-2021-27358.yaml by cs
* Enhancement: cves/2021/CVE-2021-43798.yaml by cs
* Enhancement: cves/2021/CVE-2021-43798.yaml by cs
* Enhancement: cves/2021/CVE-2021-43798.yaml by cs
* Enhancement: cves/2012/CVE-2012-1835.yaml by mp
* Enhancement: cves/2012/CVE-2012-0901.yaml by mp
* Enhancement: cves/2011/CVE-2011-5265.yaml by mp
* Enhancement: cves/2011/CVE-2011-5181.yaml by mp
* Enhancement: cves/2011/CVE-2011-5179.yaml by mp
* Enhancement: cves/2011/CVE-2011-5107.yaml by mp
* Enhancement: cves/2011/CVE-2011-5106.yaml by mp
* Enhancement: cves/2011/CVE-2011-4926.yaml by mp
* Enhancement: cves/2012/CVE-2012-0991.yaml by mp
* Enhancement: cves/2012/CVE-2012-0981.yaml by mp
* Enhancement: cves/2012/CVE-2012-0896.yaml by mp
* Enhancement: cves/2012/CVE-2012-0392.yaml by mp
* Enhancement: cves/2012/CVE-2012-0392.yaml by mp
Fix "too few spaces before comment" lint errors
Co-authored-by: sullo <sullo@cirt.net>
2022-02-21 13:33:16 -05:00
Pathtaga
e281e5bf88
Updated all templates tags with technologies ( #3478 )
...
* Updated tags for template sonicwall-email-security-detect.yaml
* Updated tags for template detect-sentry.yaml
* Updated tags for template kong-detect.yaml
* Updated tags for template openam-detect.yaml
* Updated tags for template shiro-detect.yaml
* Updated tags for template iplanet-web-server.yaml
* Updated tags for template graylog-api-browser.yaml
* Updated tags for template prtg-detect.yaml
* Updated tags for template node-red-detect.yaml
* Updated tags for template abyss-web-server.yaml
* Updated tags for template geo-webserver.yaml
* Updated tags for template autobahn-python-detect.yaml
* Updated tags for template default-lighttpd-page.yaml
* Updated tags for template microsoft-iis-8.yaml
* Updated tags for template lucee-detect.yaml
* Updated tags for template php-proxy-detect.yaml
* Updated tags for template jenkins-detect.yaml
* Updated tags for template cockpit-detect.yaml
* Updated tags for template csrfguard-detect.yaml
* Updated tags for template dwr-index-detect.yaml
* Updated tags for template netsweeper-webadmin-detect.yaml
* Updated tags for template weblogic-detect.yaml
* Updated tags for template s3-detect.yaml
* Updated tags for template tileserver-gl.yaml
* Updated tags for template springboot-actuator.yaml
* Updated tags for template terraform-detect.yaml
* Updated tags for template redmine-cli-detect.yaml
* Updated tags for template mrtg-detect.yaml
* Updated tags for template tableau-server-detect.yaml
* Updated tags for template magmi-detect.yaml
* Updated tags for template oidc-detect.yaml
* Updated tags for template tor-socks-proxy.yaml
* Updated tags for template synology-web-station.yaml
* Updated tags for template herokuapp-detect.yaml
* Updated tags for template gunicorn-detect.yaml
* Updated tags for template sql-server-reporting.yaml
* Updated tags for template google-bucket-service.yaml
* Updated tags for template kubernetes-mirantis.yaml
* Updated tags for template kubernetes-enterprise-manager.yaml
* Updated tags for template oracle-iplanet-web-server.yaml
* Updated tags for template dell-idrac7-detect.yaml
* Updated tags for template dell-idrac6-detect.yaml
* Updated tags for template dell-idrac9-detect.yaml
* Updated tags for template dell-idrac8-detect.yaml
* Updated tags for template apache-guacamole.yaml
* Updated tags for template aws-cloudfront-service.yaml
* Updated tags for template aws-bucket-service.yaml
* Updated tags for template nginx-linux-page.yaml
* Updated tags for template telerik-fileupload-detect.yaml
* Updated tags for template telerik-dialoghandler-detect.yaml
* Updated tags for template htaccess-config.yaml
* Updated tags for template microsoft-azure-error.yaml
* Updated tags for template detect-options-method.yaml
* Updated tags for template unpatched-coldfusion.yaml
* Updated tags for template moodle-changelog.yaml
* Updated tags for template detect-dns-over-https.yaml
* Updated tags for template CVE-2019-19134.yaml
* Updated tags for template CVE-2019-3929.yaml
* Updated tags for template CVE-2019-19908.yaml
* Updated tags for template CVE-2019-10475.yaml
* Updated tags for template CVE-2019-17382.yaml
* Updated tags for template CVE-2019-16332.yaml
* Updated tags for template CVE-2019-14974.yaml
* Updated tags for template CVE-2019-19368.yaml
* Updated tags for template CVE-2019-12725.yaml
* Updated tags for template CVE-2019-15501.yaml
* Updated tags for template CVE-2019-9733.yaml
* Updated tags for template CVE-2019-14322.yaml
* Updated tags for template CVE-2019-9955.yaml
* Updated tags for template CVE-2019-0230.yaml
* Updated tags for template CVE-2019-10232.yaml
* Updated tags for template CVE-2019-17506.yaml
* Updated tags for template CVE-2019-8449.yaml
* Updated tags for template CVE-2019-12593.yaml
* Updated tags for template CVE-2019-10092.yaml
* Updated tags for template CVE-2019-1821.yaml
* Updated tags for template CVE-2019-3401.yaml
* Updated tags for template CVE-2019-16662.yaml
* Updated tags for template CVE-2019-5418.yaml
* Updated tags for template CVE-2016-4975.yaml
* Updated tags for template CVE-2016-1000137.yaml
* Updated tags for template CVE-2016-7552.yaml
* Updated tags for template CVE-2016-10956.yaml
* Updated tags for template CVE-2016-1000146.yaml
* Updated tags for template CVE-2013-2251.yaml
* Updated tags for template CVE-2013-1965.yaml
* Updated tags for template CVE-2014-2323.yaml
* Updated tags for template CVE-2014-5111.yaml
* Updated tags for template CVE-2014-2962.yaml
* Updated tags for template CVE-2014-4561.yaml
* Updated tags for template CVE-2014-4558.yaml
* Updated tags for template CVE-2014-3120.yaml
* Updated tags for template CVE-2007-5728.yaml
* Updated tags for template CVE-2009-4679.yaml
* Updated tags for template CVE-2009-1558.yaml
* Updated tags for template CVE-2009-4202.yaml
* Updated tags for template CVE-2009-0932.yaml
* Updated tags for template CVE-2015-2068.yaml
* Updated tags for template CVE-2015-8813.yaml
* Updated tags for template CVE-2015-7450.yaml
* Updated tags for template CVE-2015-2067.yaml
* Updated tags for template CVE-2015-3306.yaml
* Updated tags for template CVE-2015-3337.yaml
* Updated tags for template CVE-2015-1427.yaml
* Updated tags for template CVE-2015-1503.yaml
* Updated tags for template CVE-2015-1880.yaml
* Updated tags for template CVE-2018-3810.yaml
* Updated tags for template CVE-2018-18069.yaml
* Updated tags for template CVE-2018-17246.yaml
* Updated tags for template CVE-2018-10141.yaml
* Updated tags for template CVE-2018-16341.yaml
* Updated tags for template CVE-2018-18777.yaml
* Updated tags for template CVE-2018-15138.yaml
* Updated tags for template CVE-2018-11784.yaml
* Updated tags for template CVE-2018-16299.yaml
* Updated tags for template CVE-2018-7251.yaml
* Updated tags for template CVE-2018-1273.yaml
* Updated tags for template CVE-2018-1271.yaml
* Updated tags for template CVE-2018-11759.yaml
* Updated tags for template CVE-2018-3167.yaml
* Updated tags for template CVE-2018-7490.yaml
* Updated tags for template CVE-2018-2628.yaml
* Updated tags for template CVE-2018-13380.yaml
* Updated tags for template CVE-2018-2893.yaml
* Updated tags for template CVE-2018-5316.yaml
* Updated tags for template CVE-2018-20985.yaml
* Updated tags for template CVE-2018-10818.yaml
* Updated tags for template CVE-2018-1000861.yaml
* Updated tags for template CVE-2018-0296.yaml
* Updated tags for template CVE-2018-19458.yaml
* Updated tags for template CVE-2018-3760.yaml
* Updated tags for template CVE-2018-12998.yaml
* Updated tags for template CVE-2018-9118.yaml
* Updated tags for template CVE-2018-1000130.yaml
* Updated tags for template CVE-2008-6668.yaml
* Updated tags for template CVE-2017-7269.yaml
* Updated tags for template CVE-2017-1000170.yaml
* Updated tags for template CVE-2017-16877.yaml
* Updated tags for template CVE-2017-1000486.yaml
* Updated tags for template CVE-2017-9822.yaml
* Updated tags for template CVE-2017-0929.yaml
* Updated tags for template CVE-2017-7921.yaml
* Updated tags for template CVE-2017-14535.yaml
* Updated tags for template CVE-2017-5521.yaml
* Updated tags for template CVE-2017-12637.yaml
* Updated tags for template CVE-2017-12635.yaml
* Updated tags for template CVE-2017-11610.yaml
* Updated tags for template CVE-2021-20114.yaml
* Updated tags for template CVE-2021-40856.yaml
* Updated tags for template CVE-2021-21972.yaml
* Updated tags for template CVE-2021-31602.yaml
* Updated tags for template CVE-2021-41773.yaml
* Updated tags for template CVE-2021-37704.yaml
* Updated tags for template CVE-2021-45046.yaml
* Updated tags for template CVE-2021-26084.yaml
* Updated tags for template CVE-2021-27931.yaml
* Updated tags for template CVE-2021-24291.yaml
* Updated tags for template CVE-2021-41648.yaml
* Updated tags for template CVE-2021-37216.yaml
* Updated tags for template CVE-2021-22005.yaml
* Updated tags for template CVE-2021-37573.yaml
* Updated tags for template CVE-2021-31755.yaml
* Updated tags for template CVE-2021-43287.yaml
* Updated tags for template CVE-2021-24274.yaml
* Updated tags for template CVE-2021-33564.yaml
* Updated tags for template CVE-2021-22145.yaml
* Updated tags for template CVE-2021-24237.yaml
* Updated tags for template CVE-2021-44848.yaml
* Updated tags for template CVE-2021-25646.yaml
* Updated tags for template CVE-2021-21816.yaml
* Updated tags for template CVE-2021-41649.yaml
* Updated tags for template CVE-2021-41291.yaml
* Updated tags for template CVE-2021-41293.yaml
* Updated tags for template CVE-2021-21801.yaml
* Updated tags for template CVE-2021-29156.yaml
* Updated tags for template CVE-2021-34370.yaml
* Updated tags for template CVE-2021-27132.yaml
* Updated tags for template CVE-2021-28151.yaml
* Updated tags for template CVE-2021-26812.yaml
* Updated tags for template CVE-2021-21985.yaml
* Updated tags for template CVE-2021-43778.yaml
* Updated tags for template CVE-2021-25281.yaml
* Updated tags for template CVE-2021-40539.yaml
* Updated tags for template CVE-2021-36749.yaml
* Updated tags for template CVE-2021-21234.yaml
* Updated tags for template CVE-2021-33221.yaml
* Updated tags for template CVE-2021-42013.yaml
* Updated tags for template CVE-2021-33807.yaml
* Updated tags for template CVE-2021-44228.yaml
* Updated tags for template CVE-2012-0896.yaml
* Updated tags for template CVE-2012-0991.yaml
* Updated tags for template CVE-2012-0392.yaml
* Updated tags for template CVE-2012-4940.yaml
* Updated tags for template CVE-2012-1226.yaml
* Updated tags for template CVE-2012-4878.yaml
* Updated tags for template CVE-2010-1304.yaml
* Updated tags for template CVE-2010-1217.yaml
* Updated tags for template CVE-2010-0759.yaml
* Updated tags for template CVE-2010-2307.yaml
* Updated tags for template CVE-2010-4231.yaml
* Updated tags for template CVE-2010-2861.yaml
* Updated tags for template CVE-2010-4282.yaml
* Updated tags for template CVE-2010-1302.yaml
* Updated tags for template CVE-2010-1461.yaml
* Updated tags for template CVE-2020-4463.yaml
* Updated tags for template CVE-2020-1943.yaml
* Updated tags for template CVE-2020-36289.yaml
* Updated tags for template CVE-2020-17518.yaml
* Updated tags for template CVE-2020-12800.yaml
* Updated tags for template CVE-2020-10770.yaml
* Updated tags for template CVE-2020-17506.yaml
* Updated tags for template CVE-2020-11547.yaml
* Updated tags for template CVE-2020-11034.yaml
* Updated tags for template CVE-2020-24589.yaml
* Updated tags for template CVE-2020-9054.yaml
* Updated tags for template CVE-2020-28976.yaml
* Updated tags for template CVE-2020-16952.yaml
* Updated tags for template CVE-2020-24312.yaml
* Updated tags for template CVE-2020-8512.yaml
* Updated tags for template CVE-2020-14179.yaml
* Updated tags for template CVE-2020-6308.yaml
* Updated tags for template CVE-2020-35846.yaml
* Updated tags for template CVE-2020-7318.yaml
* Updated tags for template CVE-2020-2140.yaml
* Updated tags for template CVE-2020-5410.yaml
* Updated tags for template CVE-2020-5777.yaml
* Updated tags for template CVE-2020-13700.yaml
* Updated tags for template CVE-2020-5775.yaml
* Updated tags for template CVE-2020-13167.yaml
* Updated tags for template CVE-2020-35848.yaml
* Updated tags for template CVE-2020-9484.yaml
* Updated tags for template CVE-2020-15505.yaml
* Updated tags for template CVE-2020-9047.yaml
* Updated tags for template CVE-2020-17519.yaml
* Updated tags for template CVE-2020-17505.yaml
* Updated tags for template CVE-2020-9376.yaml
* Updated tags for template CVE-2020-8497.yaml
* Updated tags for template CVE-2020-14092.yaml
* Updated tags for template CVE-2020-10148.yaml
* Updated tags for template CVE-2020-35847.yaml
* Updated tags for template CVE-2020-12116.yaml
* Updated tags for template CVE-2020-11930.yaml
* Updated tags for template CVE-2020-24186.yaml
* Updated tags for template CVE-2020-9496.yaml
* Updated tags for template CVE-2020-35489.yaml
* Updated tags for template CVE-2020-26413.yaml
* Updated tags for template CVE-2020-2096.yaml
* misc updates
* misc update
* more updates
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-01-05 01:04:16 +05:30
Ice3man543
e9f728c321
Added cve annotations + severity adjustments
2021-09-10 16:56:40 +05:30
Prince Chaddha
8361cbe8c3
Update CVE-2021-21234.yaml
2021-08-24 15:19:47 +05:30
Prince Chaddha
bdd2f700be
Update CVE-2021-21234.yaml
2021-08-24 14:16:14 +05:30
PikPikcU
63e208e3d7
Update CVE-2021-21234.yaml
2021-08-24 14:47:25 +07:00
sandeep
6ccc5f8792
matcher update to handle edge cases
2021-07-25 03:05:55 +05:30
Prince Chaddha
2d40d90715
Update CVE-2021-21234.yaml
2021-06-25 12:53:22 +05:30
GwanYeong Kim
cc0dd04ac2
Create CVE-2021-21234.yaml
...
spring-boot-actuator-logview in a library that adds a simple logfile viewer as spring boot actuator endpoint. It is maven package "eu.hinsch:spring-boot-actuator-logview". In spring-boot-actuator-logview before version 0.2.13 there is a directory traversal vulnerability. The nature of this library is to expose a log file directory via admin (spring boot actuator) HTTP endpoints. Both the filename to view and a base folder (relative to the logging folder root) can be specified via request parameters. While the filename parameter was checked to prevent directory traversal exploits (so that `filename=../somefile` would not work), the base folder parameter was not sufficiently checked, so that `filename=somefile&base=../` could access a file outside the logging base directory). The vulnerability has been patched in release 0.2.13. Any users of 0.2.12 should be able to update without any issues as there are no other changes in that release. There is no workaround to fix the vulnerability other than updating or removing the dependency. However, removing read access of the user the application is run with to any directory not required for running the application can limit the impact. Additionally, access to the logview endpoint can be limited by deploying the application behind a reverse proxy.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-06-24 14:36:45 +09:00