nuclei-templates

Commit Graph

Author	SHA1	Message	Date
sandeep	afcbe4cfe4	minor updates	2021-07-04 01:22:08 +05:30
Dhiyaneshwaran	127673455a	Update coldfusion-debug-xss.yaml	2021-07-02 20:55:33 +05:30
Dhiyaneshwaran	e259c3dd2f	Update jfrog-unauth-build-exposed.yaml	2021-07-02 20:53:02 +05:30
Dhiyaneshwaran	2787fc01b6	Update jfrog-unauth-build-exposed.yaml	2021-07-02 08:25:40 +05:30
Dhiyaneshwaran	2fa4382ef5	Create jfrog-unauth-build-exposed.yaml	2021-07-02 08:23:42 +05:30
Dhiyaneshwaran	453b09d3ff	Create coldfusion-debug-xss.yaml	2021-07-01 22:31:01 +05:30
GwanYeong Kim	c0ebf56f85	Create netgear-router-auth-bypass.yaml NETGEAR decided to use to check if a page has “.jpg”, “.gif” or “ess_” substrings, trying to match the entire URL. We can therefore access any page on the device, including those that require authentication, by appending a GET variable with the relevant substring (like “?.gif”). Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>	2021-07-01 14:39:10 +09:00
GwanYeong Kim	4d56d47c69	Create huawei-router-auth-bypass.yaml The default password of this router is the last 8 characters of the device's serial number which exist in the back of the device. Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>	2021-07-01 09:28:30 +09:00
Sandeep Singh	039a41e790	Merge pull request #1774 from pikpikcu/patch-185 Create huawei-hg659-lfi.yaml	2021-06-28 21:46:51 +05:30
sandeep	24a3fab9d3	Added missing condition	2021-06-26 19:35:52 +05:30
Sandeep Singh	e84c784fa2	Merge pull request #1689 from nrathaus/master CVE-2021-28164 and some fixes	2021-06-24 23:58:29 +05:30
PikPikcU	cb18f313fd	Create huawei-hg659-lfi.yaml	2021-06-24 15:41:18 +00:00
Prince Chaddha	bc7e8a80db	Merge pull request #1336 from projectdiscovery/princechaddha-patch-5 Create resin-inputfile-fileread.yaml	2021-06-24 02:32:40 +05:30
Prince Chaddha	ed4c5a415d	Merge pull request #1335 from projectdiscovery/princechaddha-patch-4 Create resin-viewfile-lfr.yaml	2021-06-24 02:28:47 +05:30
Prince Chaddha	c45ec90d5f	Update resin-inputfile-fileread.yaml	2021-06-24 02:28:18 +05:30
Prince Chaddha	b2114008ad	Merge pull request #1595 from pikpikcu/patch-173 Create jeewms-lfi	2021-06-24 02:24:41 +05:30
Prince Chaddha	1d581af4ec	Update jeewms-lfi.yaml	2021-06-22 18:28:52 +05:30
Noam Rathaus	01b77a7ed2	Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates	2021-06-17 16:54:18 +03:00
PikPikcU	9f8cae8ab5	Update tamronos-rce.yaml	2021-06-17 01:34:49 +00:00
PikPikcU	90bdede7dd	Create tamronos-rce.yaml	2021-06-17 01:31:59 +00:00
Noam Rathaus	3369c5a4dd	Reference	2021-06-13 11:55:20 +03:00
Noam Rathaus	b5bdac494b	Merge branch 'master' of https://github.com/nrathaus/nuclei-templates	2021-06-13 09:54:52 +03:00
Noam Rathaus	feb42e49b0	Reduce chances of FP	2021-06-13 09:53:47 +03:00
Noam Rathaus	513596d2e0	Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates	2021-06-13 09:05:57 +03:00
Prince Chaddha	98e49295b6	Merge pull request #1672 from DhiyaneshGeek/master CKAN DOM Based XSS , php-zerodium-backdoor-rce	2021-06-11 14:16:18 +05:30
Dhiyaneshwaran	771e55eca6	Create php-zerodium-backdoor-rce.yaml	2021-06-10 22:01:26 +05:30
Dhiyaneshwaran	fd70f535dd	Update ckan-dom-based-xss.yaml	2021-06-10 17:27:21 +05:30
Sandeep Singh	a4897080b2	Merge pull request #1668 from pikpikcu/patch-181 Create php-timeclock-xss	2021-06-10 14:57:05 +05:30
sandeep	b43c8f2c93	misc update	2021-06-10 14:53:31 +05:30
sandeep	083d32c05f	More validation	2021-06-10 14:37:26 +05:30
sandeep	0ebeff27a6	misc changes	2021-06-10 14:25:20 +05:30
Dhiyaneshwaran	5b2ec54d34	Create ckan-dom-based-xss.yaml	2021-06-10 13:37:33 +05:30
PikPikcU	a4e714718f	Create php-timeclock-xss.yaml	2021-06-10 07:29:19 +00:00
PikPikcU	c80690c829	Create mpsec-isg1000-lfi.yaml	2021-06-10 07:11:07 +00:00
Noam Rathaus	885aeadaa7	Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates	2021-06-09 16:07:06 +03:00
Prince Chaddha	83ce809e8d	Updated author names	2021-06-09 17:50:56 +05:30
sandeep	23cb4c4d9f	moving files around	2021-06-09 14:37:40 +05:30
Noam Rathaus	46e4d47d92	Another reference	2021-06-09 09:43:04 +03:00
Noam Rathaus	27db48cb53	Another vector	2021-06-09 09:42:41 +03:00
Noam Rathaus	1e0a542b21	New test	2021-06-09 09:07:03 +03:00
Noam Rathaus	8b0c5eaee3	Spelling	2021-06-06 10:35:09 +03:00
sandeep	5d63b1bb05	Fixing the condition	2021-06-04 21:33:01 +05:30
sandeep	1f6334671c	escape fix	2021-06-04 21:26:59 +05:30
PikPikcU	bc9a760d29	Create interlib-fileread.yaml	2021-06-04 02:54:55 +00:00
sandeep	0f0ff2ee1e	moving files around	2021-06-03 21:54:08 +05:30
Prince Chaddha	3202a0dd65	Merge pull request #1606 from nrathaus/master Description / Spelling	2021-06-02 13:10:50 +05:30
sandeep	2fe2c88872	Moving files around	2021-06-02 12:22:24 +05:30
Noam Rathaus	2d52259f70	Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates	2021-06-02 09:09:05 +03:00
sandeep	a5ccb5f893	strict matcher	2021-06-01 16:08:41 +05:30
PikPikcU	7f5dfedf55	Create jeewms-lfi.yaml	2021-06-01 09:08:45 +00:00
Sandeep Singh	2685f492ed	Merge pull request #1580 from pikpikcu/patch-167 Create ns-asg-file-read	2021-06-01 14:10:09 +05:30
sandeep	d5b9e4c7b6	Update ns-asg-file-read.yaml	2021-06-01 14:09:01 +05:30
Prince Chaddha	31341b547e	Update blue-ocean-excellence-lfi.yaml	2021-05-31 15:44:21 +05:30
PikPikcU	f944191e7a	Create blue-ocean-excellence-lfi.yaml	2021-05-31 09:29:51 +00:00
PikPikcU	65c73dbe34	Create hiboss-rce.yaml	2021-05-31 09:08:16 +00:00
PikPikcU	e56a64402c	Create ns-asg-file-read.yaml	2021-05-31 08:56:01 +00:00
sandeep	4edb345286	Merge branch 'patch-165' of https://github.com/pikpikcu/nuclei-templates into pr/1567	2021-05-31 14:20:30 +05:30
sandeep	2ad903dcf1	misc changes	2021-05-31 14:19:23 +05:30
PikPikcU	76886054ce	Create h3c-imc-rce.yaml	2021-05-31 05:53:21 +00:00
PikPikcU	5f4923ddce	Create hjtcloud-arbitrary-file-read.yaml	2021-05-31 05:38:23 +00:00
Noam Rathaus	81d1180769	Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates	2021-05-30 09:09:37 +03:00
sandeep	1644eb793a	misc changes	2021-05-28 11:12:36 +05:30
PikPikcU	b94ba82591	Update natshell-rce.yaml	2021-05-28 02:49:17 +07:00
PikPikcU	f1726d3a1f	Create natshell-rce.yaml	2021-05-27 14:59:33 +00:00
Noam Rathaus	b32eac85b1	Give description	2021-05-25 14:35:41 +03:00
sandeep	8676d8c23c	Added Maian Cart 3.8 preauth RCE template	2021-05-25 05:08:52 +05:30
sandeep	d7d86bbd95	More strict matcher	2021-05-20 23:15:01 +05:30
sandeep	e66ce65285	Adding Fanruan related templates	2021-05-20 22:56:55 +05:30
sandeep	f0879103d4	Improved matcher	2021-05-17 22:39:05 +05:30
sandeep	08ee1ad5ee	matcher update	2021-05-17 19:49:24 +05:30
PikPikcU	08001381c4	Create natshell-path-traversal.yaml	2021-05-17 08:14:20 +00:00
PikPikcU	04e1fb0ef8	Create flir-path-traversal.yaml	2021-05-16 04:54:40 +00:00
Prince Chaddha	21c1dc2c70	Merge pull request #1337 from projectdiscovery/princechaddha-patch-7 Create resin-cnnvd-200705-315.yaml	2021-05-16 02:33:31 +05:30
sandeep	fc66a9e076	Removing duplicate template	2021-05-11 23:48:36 +05:30
Prince Chaddha	b4b30c95ee	Update oa-v9-uploads-file.yaml	2021-05-10 13:23:08 +05:30
Noam Rathaus	8766b537dd	Add reference	2021-05-10 09:52:26 +03:00
Noam Rathaus	fa7567f68e	Its not really a regex	2021-05-10 09:35:36 +03:00
Noam Rathaus	4c201aa1dd	It is not just a file upload	2021-05-10 09:35:10 +03:00
Noam Rathaus	1e364a6cdb	Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates	2021-05-10 09:27:13 +03:00
Sandeep Singh	7fde950173	Merge pull request #1327 from projectdiscovery/showdoc-file-upload Adding Showdoc < 2.8.6 File Upload RCE	2021-05-10 01:36:45 +05:30
sandeep	1f8ff83353	tags update	2021-05-10 01:34:11 +05:30
sandeep	ccfb5ca4c4	regex update	2021-05-10 01:33:27 +05:30
Noam Rathaus	18dff7387c	Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates	2021-05-09 08:32:05 +03:00
sandeep	d950f72ff9	minor update	2021-05-07 14:56:40 +05:30
sandeep	0159c284e7	minor update	2021-05-07 14:53:34 +05:30
Noam Rathaus	253ede65c1	Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates	2021-05-06 15:16:27 +03:00
Dhiyaneshwaran	8274939810	Create kafdrop-xss.yaml	2021-05-05 23:51:53 +05:30
Dhiyaneshwaran	9944ef191f	Create joomla-lfi-com_fabrik.yaml	2021-05-05 23:48:57 +05:30
Prince Chaddha	e87baf2967	Merge pull request #1346 from projectdiscovery/princechaddha-patch-11 Create wuzhicms-sqli.yaml	2021-05-05 23:30:36 +05:30
Prince Chaddha	ae45a6b386	Merge pull request #1344 from projectdiscovery/princechaddha-patch-9 Create ueditor-file-upload.yaml	2021-05-05 23:29:11 +05:30
Noam Rathaus	e68777d20a	Alternative reference	2021-05-05 17:08:11 +03:00
Noam Rathaus	7f90af4d32	Reference is dead	2021-05-05 17:07:52 +03:00
Sandeep Singh	0520ad05d3	Merge pull request #1351 from projectdiscovery/princechaddha-patch-16 Create ecology-filedownload-directory-traversal.yaml	2021-05-05 17:56:59 +05:30
Sandeep Singh	d1f62765f9	Merge pull request #1409 from DhiyaneshGeek/master Gogs install exposure,Gloo UI Unauthentication	2021-05-05 17:54:37 +05:30
sandeep	ae13e5e44e	minor updates	2021-05-05 17:53:34 +05:30
sandeep	b10918510c	Adding strict matcher	2021-05-05 17:39:31 +05:30
Sandeep Singh	127ac5e37c	Merge pull request #962 from pikpikcu/patch-89 add hashicorp-consul-rce	2021-05-05 00:02:57 +05:30
sandeep	819e201ebd	Update concrete-xss.yaml	2021-05-04 13:36:54 +05:30
sandeep	052f1b3b7b	Adding concrete-xss	2021-05-04 13:36:16 +05:30
Dhiyaneshwaran	585b651592	Update gloo-unauth.yaml	2021-05-03 18:23:30 +05:30
Dhiyaneshwaran	a1fc27ca75	Create gloo-unauth.yaml	2021-05-03 18:14:44 +05:30
sandeep	acf5d41ef9	Minor update	2021-05-02 17:51:44 +05:30
sandeep	f9559b1e21	Update landray-oa-fileread.yaml	2021-05-02 13:58:47 +05:30
sandeep	a6df4754d4	Update landray-oa-fileread.yaml	2021-05-02 13:57:33 +05:30
PikPikcU	c5bdf6cbca	Create landray-oa-fileread.yaml	2021-05-02 04:42:37 +00:00
sandeep	cc9d4eddf1	Update rce-via-java-deserialization.yaml	2021-05-01 17:22:03 +05:30
Noam Rathaus	f898e4b539	Correct product name	2021-04-29 09:20:58 +03:00
Noam Rathaus	a7de9915c7	Removed self-reference	2021-04-29 08:58:02 +03:00
Noam Rathaus	91b6b1b175	Make references visible	2021-04-29 08:57:39 +03:00
Noam Rathaus	2860cdfb4a	Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates	2021-04-29 08:38:11 +03:00
sandeep	2920fa9bfb	matcher and payload update	2021-04-28 19:44:28 +05:30
Prince Chaddha	a55db7af44	Merge pull request #1332 from projectdiscovery/princechaddha-patch-2 Create WooYun-2015-148227.yaml	2021-04-28 18:51:07 +05:30
Noam Rathaus	ecb436df3e	Those aren't really regexes	2021-04-28 15:07:39 +03:00
Noam Rathaus	9ece07bf9a	Provide reference	2021-04-28 14:00:15 +03:00
Prince Chaddha	8d9d46e00a	Merge pull request #1362 from underfl0w/chamilo-lms-sqli Chamilo 1.11.14 LMS sql injection	2021-04-28 15:55:14 +05:30
Prince Chaddha	722e305878	Update chamilo-lms-sqli.yaml	2021-04-28 15:48:34 +05:30
sandeep	5f5430a7a4	Payload and matcher fix	2021-04-28 14:42:10 +05:30
sandeep	3adf607b6f	Matcher for DNS interaction	2021-04-27 16:24:39 +05:30
Prince Chaddha	eaf70d16ab	Merge pull request #1350 from projectdiscovery/princechaddha-patch-15 Create zcms-v3-sqli.yaml	2021-04-27 16:09:32 +05:30
Prince Chaddha	d705648dc4	Merge pull request #1343 from projectdiscovery/princechaddha-patch-8 Create spark-webui-unauth.yaml	2021-04-26 21:58:53 +05:30
Prince Chaddha	3079fce648	Update spark-webui-unauth.yaml	2021-04-26 21:57:46 +05:30
Prince Chaddha	f726562445	Update spark-webui-unauth.yaml	2021-04-26 21:56:13 +05:30
Prince Chaddha	487e2300e1	Merge pull request #1331 from projectdiscovery/princechaddha-patch-1 Create unauth-spark-api.yaml	2021-04-26 21:52:22 +05:30
Prince Chaddha	5fcba18d1e	Merge pull request #1349 from projectdiscovery/princechaddha-patch-14 Create xunchi-file-read.yaml	2021-04-26 21:06:27 +05:30
Prince Chaddha	ac29e9a622	Merge pull request #1348 from projectdiscovery/princechaddha-patch-13 Create xiuno-bbs-reinstallation.yaml	2021-04-26 21:05:39 +05:30
Prince Chaddha	4cc83776f3	Merge pull request #1352 from projectdiscovery/princechaddha-patch-17 Create ecology-springframework-directory-traversal.yaml	2021-04-26 20:48:30 +05:30
Noam Rathaus	2e1e0e932f	Product name	2021-04-26 09:07:57 +03:00
Noam Rathaus	19a4bbc844	Correct product name, and link to the Gitee	2021-04-26 09:03:24 +03:00
Noam Rathaus	3857469468	Add reference	2021-04-26 09:01:39 +03:00
Noam Rathaus	909a0ce4dd	Product seems to be called ectouch	2021-04-26 08:51:08 +03:00
Noam Rathaus	bb974381b5	add references	2021-04-26 08:48:16 +03:00
Jurjen de Jonge	b9ad93a3cd	Reverted back to old technique The ;INSERT method only seemed to work on my dev enviroment.	2021-04-24 22:15:57 +03:00
Jurjen de Jonge	5f264c9891	Updated chamilo-lms-sqli.yaml Uses SQL injection to insert data into the database, then checks to see if this data has been added;	2021-04-24 21:41:38 +03:00
Jurjen de Jonge	d4e8720797	Chamilo 1.11.14 LMS sql injection YAML file is now indented correctly	2021-04-24 19:35:29 +03:00
Jurjen de Jonge	2f7746fe3d	Chamilo 1.11.14 LMS sql injection	2021-04-24 19:11:58 +03:00
Prince Chaddha	71e25fa42d	Create ecology-springframework-directory-traversal.yaml	2021-04-23 18:52:08 +05:30
Prince Chaddha	85bc6464cb	Create ecology-filedownload-directory-traversal.yaml	2021-04-23 18:50:11 +05:30
Prince Chaddha	2aa7764e58	Create zcms-v3-sqli.yaml	2021-04-23 18:48:00 +05:30
Prince Chaddha	525475ea2e	Create xunchi-file-read.yaml	2021-04-23 18:45:02 +05:30
Prince Chaddha	3527ffcd5c	Update xiuno-bbs-reinstallation.yaml	2021-04-23 18:41:15 +05:30
Prince Chaddha	bfa6113b45	Create xiuno-bbs-reinstallation.yaml	2021-04-23 18:40:17 +05:30
Prince Chaddha	9341841862	Create wuzhicms-sqli.yaml	2021-04-23 18:26:43 +05:30
Prince Chaddha	bfae33ab72	Create ueditor-file-upload.yaml	2021-04-23 17:45:09 +05:30
Prince Chaddha	fcb93ad108	Create spark-webui-unauth.yaml	2021-04-23 17:37:19 +05:30
sandeep	f7875a24d6	Adding Apache Solr <= 8.8.1 Arbitrary File Read	2021-04-23 15:48:04 +05:30
Prince Chaddha	ed1f462a3c	Create resin-cnnvd-200705-315.yaml	2021-04-22 19:37:30 +05:30
Prince Chaddha	376e8ec590	Create resin-inputfile-fileread.yaml	2021-04-22 19:16:56 +05:30
Prince Chaddha	edbe48cdf7	Update resin-viewfile-lfr.yaml	2021-04-22 19:14:41 +05:30
Prince Chaddha	bafc6d146a	Update resin-viewfile-lfr.yaml	2021-04-22 19:13:46 +05:30
Prince Chaddha	175bd1780d	Create resin-viewfile-lfr.yaml	2021-04-22 14:46:29 +05:30

1 2 3 4 5 ...

401 Commits (edffa49ca48c8e140f793926e81d7bb8332da4b2)