daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
20,086 Commits
17 Branches
0 Tags
165 MiB
Commit Graph

1110 Commits (ee113db71015b1f8383ede0ed57125a5de95f76b)

Author SHA1 Message Date
Prince Chaddha de5b654312
Merge pull request #4883 from arafatansari/patch-21 
Create alumni-sqli.yaml
 2022-07-21 16:29:38 +05:30
Prince Chaddha daf917a751
Update alumni-management-sqli.yaml 2022-07-21 16:20:17 +05:30
Ritik Chaddha 268a9f0a39
Update and rename alumni-sqli.yaml to alumni-management-sqli.yaml 2022-07-21 16:17:53 +05:30
Prince Chaddha 3035ea903c
Merge pull request #4868 from arafatansari/patch-15 
Create devalcms-xss.yaml
 2022-07-21 15:20:18 +05:30
Prince Chaddha 47c8fdd8fc
Update loancms-sqli.yaml 2022-07-21 15:17:40 +05:30
Prince Chaddha b4be125f85
Merge pull request #4872 from arafatansari/patch-17 
Create onlinecms-xss.yaml
 2022-07-21 15:10:36 +05:30
Prince Chaddha 04a0949573
Update and rename onlinecms-xss.yaml to onlinefarm-management-xss.yaml 2022-07-21 15:06:42 +05:30
Prince Chaddha 66786b8aaa
Merge pull request #4874 from arafatansari/patch-18 
Create surrealtodo-lfi.yaml
 2022-07-21 14:17:03 +05:30
Prince Chaddha 5baf2a4bf2
Update and rename opencti-lfi.yaml to vulnerabilities/other/opencti-lfi.yaml 2022-07-21 13:18:27 +05:30
Arafat Ansari 467d8ecc6a
Create alumni-sqli.yaml 2022-07-21 13:16:42 +05:30
Arafat Ansari 91f907e3b1
Create cvms-sqli.yaml 2022-07-21 12:57:46 +05:30
Arafat Ansari 2fd7baf1bf
Create ems-sqli.yaml 2022-07-21 12:39:06 +05:30
Ritik Chaddha 9e829668a4
Update onlinecms-xss.yaml 2022-07-20 23:52:19 +05:30
Arafat Ansari acc357f591
Update onlinecms-xss.yaml 2022-07-20 23:43:48 +05:30
Ritik Chaddha d88160b8d5
Update surrealtodo-lfi.yaml 2022-07-20 23:21:03 +05:30
Ritik Chaddha 14e430b3df
Update surrealtodo-lfi.yaml 2022-07-20 23:20:37 +05:30
Arafat Ansari 9f28a9c8e3
Create surrealtodo-lfi.yaml 2022-07-20 23:14:17 +05:30
Arafat Ansari ef1a1f0f44
Create onlinecms-xss.yaml 2022-07-20 22:14:07 +05:30
Ritik Chaddha bd0c9a9163
Update loancms-sqli.yaml 2022-07-20 18:11:03 +05:30
Ritik Chaddha 8bca76cf6d
Update loancms-sqli.yaml 2022-07-20 18:08:25 +05:30
Arafat Ansari 2d71d7a288
Create loancms-sqli.yaml 2022-07-20 16:37:42 +05:30
Ritik Chaddha 4b6aa7df81
Update devalcms-xss.yaml 2022-07-20 14:42:25 +05:30
Arafat Ansari 289f1731bb
Update devalcms-xss.yaml 2022-07-20 14:37:43 +05:30
Arafat Ansari 0f209ca08c
Update devalcms-xss.yaml 2022-07-20 14:31:44 +05:30
Arafat Ansari 9304c58b2c
Create devalcms-xss.yaml 2022-07-20 14:26:54 +05:30
Prince Chaddha 8279d7b4e7
Merge pull request #4854 from arafatansari/patch-14 
Create eris-xss.yaml
 2022-07-19 14:58:37 +05:30
Ritik Chaddha cba12fe78d
Update eris-xss.yaml 2022-07-19 14:25:14 +05:30
Arafat Ansari 920ee7ea97
Update eris-xss.yaml 2022-07-18 21:59:07 +05:30
Prince Chaddha b7b317dc02
Merge pull request #4461 from gy741/rule-add-v113 
Create cisco-rv-series-rce.yaml
 2022-07-18 20:52:16 +05:30
Prince Chaddha 099e9ede6e
Update cisco-rv-series-rce.yaml 2022-07-18 20:49:58 +05:30
Arafat Ansari d004cb9b65
Create eris-xss.yaml 2022-07-18 18:14:09 +05:30
Prince Chaddha 38b1247fcf
Update cisco-rv-series-rce.yaml 2022-07-18 15:22:26 +05:30
Prince Chaddha 279a418e17
Merge pull request #4836 from gy741/v119 
Create carel-bacnet-gateway-directory-traversal.yaml
 2022-07-18 14:15:54 +05:30
Prince Chaddha 1318dbbae8
Update and rename carel-bacnet-gateway-directory-traversal.yaml to carel-bacnet-gateway-traversal.yaml 2022-07-18 13:47:02 +05:30
Prince Chaddha 22e47c889b
Merge pull request #4847 from ritikchaddha/Update-metadata-query 
Log4j templates enhancement
 2022-07-18 12:15:49 +05:30
Ritik Chaddha a1409f1f2a Update unifi-network-log4j-rce.yaml 2022-07-18 12:04:32 +05:30
Ritik Chaddha 928abe95cc Update unifi-network-log4j-rce.yaml 2022-07-16 22:37:16 +05:30
Prince Chaddha c7b482532d
Update elasticsearch5-log4j-rce.yaml 2022-07-16 18:04:04 +05:30
Ritik Chaddha 236912a8fa
Create elasticsearch5-log4j-rce.yaml 2022-07-16 12:21:07 +05:30
GwanYeong Kim 549c969d5f Create carel-bacnet-gateway-directory-traversal.yaml 
The device suffers from an unauthenticated arbitrary file disclosure vulnerability. Input passed through the 'file' GET parameter through the 'logdownload.cgi' Bash script is not properly verified before being used to download log files. This can be exploited to disclose the contents of arbitrary and sensitive files via directory traversal attacks.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
 2022-07-16 10:59:44 +09:00
Prince Chaddha 67df84f78a
Update vmware-siterecovery-log4j-rce.yaml 2022-07-15 17:09:23 +05:30
Prince Chaddha 8d163b4730
Merge pull request #4832 from projectdiscovery/vmware-log4j-rce 
Create vmware-log4j-rce.yaml
 2022-07-15 16:09:14 +05:30
Prince Chaddha 7670b03504
Update and rename vmware-log4j-rce.yaml to vmware-siterecovery-log4j-rce.yaml 2022-07-15 16:04:49 +05:30
Prince Chaddha 9241b0d568
Update opennms-log4j-jndi-rce.yaml 2022-07-15 15:46:29 +05:30
Prince Chaddha 69f0e7675a
Update opennms-log4j-jndi-rce.yaml 2022-07-15 10:23:51 +05:30
Ritik Chaddha a508c28178
Create vmware-log4j-rce.yaml 2022-07-14 23:00:42 +05:30
Ritik Chaddha 918a56d516
Update opennms-log4j-jndi-rce.yaml 2022-07-14 19:48:13 +05:30
Ritik Chaddha 1c66b826b3
Update opennms-log4j-jndi-rce.yaml 2022-07-14 19:46:46 +05:30
johnk3r 35d13abbb0
Create opennms-log4j-jndi-rce.yaml 2022-07-14 10:31:10 -03:00
Ritik Chaddha cf2d464bee Update icewarp-webclient-rce.yaml 2022-07-10 15:07:19 +05:30
Ritik Chaddha 2863e385a3 Update opensis-lfi.yaml 2022-07-10 15:07:18 +05:30
Prince Chaddha 0f7699ef22
Merge pull request #4783 from uomogrande/icewarp-openredirects 
Added icewarp-openredirects Template
 2022-07-09 22:20:56 +05:30
Prince Chaddha 7789261fce
Update icewarp-openredirects.yaml 2022-07-09 22:11:36 +05:30
Ritik Chaddha fd9fb82a61
Update icewarp-openredirects.yaml 2022-07-09 14:55:04 +05:30
Ritik Chaddha 29acb27dc6
Update icewarp-openredirects.yaml 2022-07-09 14:52:47 +05:30
uomogrande 2a7c7f816a Added icewarp-openredirects Template 2022-07-08 12:58:41 +02:00
Ritik Chaddha ab4b46a0e5
Create elFinder-path-traversal.yaml 2022-07-05 08:40:51 +05:30
Prince Chaddha 1bd96f8902
Update and rename misconfiguration/vulnerabilities/other/umbraco-base-ssrf.yaml to vulnerabilities/other/umbraco-base-ssrf.yaml 2022-07-05 08:23:51 +05:30
Prince Chaddha 84aedb39bc
Merge pull request #4736 from ritikchaddha/Update-shodan/fofa-links-to-search-query 
Update shodan/fofa links to query
 2022-07-04 16:56:06 +05:30
Arm!tage 1e7f5d7bed
Classify (#4735) 
* Auto Generated CVE annotations [Sun May 15 12:16:57 UTC 2022] 🤖

* Auto Generated CVE annotations [Mon Jun  6 03:02:54 UTC 2022] 🤖

* classify these templates

* misc update

Co-authored-by: GitHub Action <action@github.com>
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
 2022-07-04 14:17:10 +05:30
Ritik Chaddha 2a4070fc15 Update shodan/fofa links to query 2022-07-04 14:16:15 +05:30
Prince Chaddha 3a2f976390
Merge pull request #4720 from ritikchaddha/patch-96 
Create siteminder-dom-based-xss.yaml
 2022-07-01 19:03:05 +05:30
Prince Chaddha 529ad9f336
Update siteminder-dom-xss.yaml 2022-07-01 19:01:25 +05:30
Prince Chaddha 03b780fdf3
Update and rename siteminder-dom-based-xss.yaml to siteminder-dom-xss.yaml 2022-07-01 18:59:21 +05:30
sullo 0db06d6b15
Dead Site Removal (#4641) 
* Deleted buffalo-config-injection.yaml
Add reference from buffalo-config-injection.yaml to CVE-2021-20091.yaml

* Delete vulnerabilities/other/buffalo-config-injection.yaml

* Link cleanups

* Change links to Secunia to point to archive.org

* Additonal link cleanup

* replace securitytracker.com links with archive.org links
 2022-07-01 15:32:07 +05:30
Ritik Chaddha da535f4c0c
Create siteminder-dom-based-xss.yaml 2022-07-01 14:10:29 +05:30
Prince Chaddha 42bcf03924
Merge pull request #4710 from ritikchaddha/patch-92 
Create parallels-hsphere-xss.yaml
 2022-06-30 18:02:29 +05:30
Sandeep Singh 6f6909cb38
template syntax fixes (#4711) 2022-06-30 16:49:17 +05:30
Ritik Chaddha d7e182c693
Update parallels-hsphere-xss.yaml 2022-06-30 16:30:01 +05:30
Ritik Chaddha 4c862b96cf
Create parallels-hsphere-xss.yaml 2022-06-30 16:23:38 +05:30
Ritik Chaddha b7d0d6f21a
Update zcms-v3-sqli.yaml 2022-06-30 08:50:00 +05:30
Ritik Chaddha d81a48e31e
Update xdcms-sqli.yaml 2022-06-30 08:48:00 +05:30
Ritik Chaddha 28e6e03fc5
Update wuzhicms-sqli.yaml 2022-06-30 08:46:19 +05:30
Ritik Chaddha be8560b788
Update seacms-sqli.yaml 2022-06-30 08:43:38 +05:30
Ritik Chaddha 9ecfdf9a0a
Update etouch-v2-sqli.yaml 2022-06-30 08:35:53 +05:30
Ritik Chaddha 967628302d
Update phpok-sqli.yaml 2022-06-30 08:32:35 +05:30
Ritik Chaddha 8ddb1d70da
Update yonyou-u8-oa-sqli.yaml 2022-06-30 08:32:02 +05:30
Ritik Chaddha 9b793127c3
Update phpok-sqli.yaml 2022-06-30 08:31:16 +05:30
Ritik Chaddha 5729e6486a
Update finecms-sqli.yaml 2022-06-30 08:30:16 +05:30
Ritik Chaddha b1f9fc94d6
Update 74cms-sqli.yaml 2022-06-30 08:29:32 +05:30
Ritik Chaddha f1a0cc6cc5
Update duomicms-sql-injection.yaml 2022-06-30 08:24:58 +05:30
Ritik Chaddha 8ab77083cc
Update duomicms-sql-injection.yaml 2022-06-30 08:18:22 +05:30
sandeep a5e29b684a lint fixes 2022-06-28 19:20:23 +05:30
Ritik Chaddha bd3cfa7e4a
Update duomicms-sql-injection.yaml 2022-06-28 18:29:31 +05:30
Ritik Chaddha 29d7c43cdb
Update 74cms-sqli.yaml 2022-06-28 15:23:44 +05:30
Ritik Chaddha 51aadcdb36
Update yonyou-u8-oa-sqli.yaml 2022-06-28 15:14:07 +05:30
Ritik Chaddha 913f3239ab
Update finecms-sqli.yaml 2022-06-28 14:57:21 +05:30
Ritik Chaddha 8234a29c97
Update phpok-sqli.yaml 2022-06-28 14:22:58 +05:30
Prince Chaddha 74463d0e9f
Merge pull request #4652 from ritikchaddha/patch-85 
Create royalevent-stored-xss.yaml
 2022-06-25 00:16:05 +05:30
Prince Chaddha 5376bf09d3
Update and rename royalevent-management-xss.yaml to royalevent-stored-xss.yaml 2022-06-24 00:15:44 +05:30
Prince Chaddha 59b74c82bd
Merge pull request #4651 from ritikchaddha/patch-84 
Create royalevent-management-xss.yaml
 2022-06-24 00:11:37 +05:30
Prince Chaddha 98034728fc
Update and rename vulnerabilities/other/royalevent-management-xss.yaml to vulnerabilities/other/royalevent/royalevent-management-xss.yaml 2022-06-24 00:10:24 +05:30
Prince Chaddha 4338eea2ec
Rename vulnerabilities/other/royalevent-management-xss.yaml to vulnerabilities/other/royalevent/royalevent-management-xss.yaml 2022-06-24 00:09:06 +05:30
Prince Chaddha a66f548304
Update royalevent-management-xss.yaml 2022-06-24 00:05:48 +05:30
Ritik Chaddha cc07d2cb75
Update finecms-sqli.yaml 2022-06-23 18:28:06 +05:30
Ritik Chaddha 679bc9198e
Create royalevent-management-xss.yaml 2022-06-23 13:00:43 +05:30
Ritik Chaddha 103861f588
Create royalevent-management-xss.yaml 2022-06-23 12:38:09 +05:30
Ritik Chaddha 9b247d6fa6
Create finecms-sqli.yaml 2022-06-10 19:28:24 +05:30
Prince Chaddha a44e87a683
Update and rename orbiteam-bscw-server-unauthenticated-lfi.yaml to vulnerabilities/other/orbiteam-bscw-server-lfi.yaml 2022-06-10 18:37:39 +05:30
MostInterestingBotInTheWorld b883737198
Dashboard Content Enhancements (#4567) 
Dashboard Content Enhancements
 2022-06-09 16:35:21 -04:00
Aaron Chen 5aa779a068
Fix templates: change alert(xss) to alert(/xss/) (#4564) 2022-06-09 10:11:03 +05:30
Arm!tage 3401689a2b
classify eyou, seeyon, tonged, weaver, dedecms, yonyou (#4557) 
* Auto Generated CVE annotations [Sun May 15 12:16:57 UTC 2022] 🤖

* Auto Generated CVE annotations [Mon Jun  6 03:02:54 UTC 2022] 🤖

* create tongda directory and put templates in

* create weaver directory and put templates in

* create seeyon directory and put templates in

* create yonyou directory and put templates in

* create dedecms directory and put templates in

* create eyou directory and put templates in

* misc update

Co-authored-by: GitHub Action <action@github.com>
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
 2022-06-08 13:31:29 +05:30
sullo 50fbea791c
buffalo-config-injection.yaml is a duplicate of CVE-2021-20091.yaml (#4547) 
* Deleted buffalo-config-injection.yaml
Add reference from buffalo-config-injection.yaml to CVE-2021-20091.yaml

* Delete vulnerabilities/other/buffalo-config-injection.yaml
 2022-06-06 20:32:33 +05:30
Prince Chaddha 7ada510859
Fixed possible FPs in open redirect templates (#4544) 
* Fixed possible FPs in open redirect templates

We have replaced example.com with interact.sh since few domains redirect to example.com, which results in FP results.

* updated example domain

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
 2022-06-06 16:10:15 +05:30
Prince Chaddha 01080a3aed
Update phpok-sqli.yaml 2022-06-05 17:09:00 +05:30
Prince Chaddha 51cdbeaf6a
Merge pull request #4535 from ritikchaddha/patch-70 
Update and rename cves/2020/CVE-2020-22210.yaml to vulnerabilities/ot…
 2022-06-05 15:48:17 +05:30
Ritik Chaddha 914aa45704
Update and rename cves/2020/CVE-2020-22210.yaml to vulnerabilities/other/74cms-sqli.yaml 2022-06-05 15:04:44 +05:30
Ritik Chaddha 0780108196
Update phpok-sqli.yaml 2022-06-05 14:06:26 +05:30
Ritik Chaddha 49d7a23320
Create phpok-sqli.yaml 2022-06-05 14:01:28 +05:30
MostInterestingBotInTheWorld 5da580f9c2
Dashboard Content Enhancements (#4519) 
Dashboard Content Enhancements
 2022-06-03 15:12:31 -04:00
sullo 88c150d2e0
Remove blank cve-id fields from templates. (#4516) 
* Remove blank cve-id fields from templates.
Add cve-id to CVE-2022-0776.yaml

* Fix classification spelling
 2022-05-31 20:04:35 +05:30
Prince Chaddha ecc12ec58f
Merge pull request #4496 from MostInterestingBotInTheWorld/dashboard 
Dashboard Content Enhancements
 2022-05-31 15:24:07 +05:30
Prince Chaddha bbc9bd2a84
Update nuuo-nvrmini2-rce.yaml 2022-05-31 14:52:46 +05:30
Prince Chaddha c4aec5a0d1
Update oa-tongda-path-traversal.yaml 2022-05-31 14:51:16 +05:30
Prince Chaddha 683b511766
Update opensns-rce.yaml 2022-05-31 14:49:47 +05:30
Prince Chaddha 35e1863cda
Update oracle-fatwire-lfi.yaml 2022-05-31 14:48:35 +05:30
Prince Chaddha 630a29f710
Update php-zerodium-backdoor-rce.yaml 2022-05-31 14:48:05 +05:30
Prince Chaddha 927b557f16
Update powercreator-cms-rce.yaml 2022-05-31 14:47:10 +05:30
Prince Chaddha 39c25f539b
Update qi-anxin-netkang-next-generation-firewall-rce.yaml 2022-05-31 14:44:03 +05:30
Prince Chaddha e5eeae4afb
Update qihang-media-disclosure.yaml 2022-05-31 14:42:37 +05:30
Prince Chaddha 21cb387113
Update sar2html-rce.yaml 2022-05-31 14:41:26 +05:30
Prince Chaddha a0d74ba5e8
Update seowon-router-rce.yaml 2022-05-31 14:40:43 +05:30
Prince Chaddha 2d03dfdf85
Update showdoc-file-upload-rce.yaml 2022-05-31 14:38:36 +05:30
Prince Chaddha f46b4f6fb0
Update sonicwall-sslvpn-shellshock.yaml 2022-05-31 14:36:41 +05:30
Prince Chaddha cbed893fe9
Update sponip-network-system-ping-rce.yaml 2022-05-31 14:36:06 +05:30
Prince Chaddha 399f4d1434
Update clockwatch-enterprise-rce.yaml 2022-05-31 14:31:19 +05:30
Prince Chaddha 9a4a006909
Update commax-biometric-auth-bypass.yaml 2022-05-31 14:30:59 +05:30
Prince Chaddha c4e9ddf1f0
Update commax-credentials-disclosure.yaml 2022-05-31 14:30:21 +05:30
Prince Chaddha 2919dc1469
Update icewarp-webclient-rce.yaml 2022-05-31 14:29:38 +05:30
Prince Chaddha fbf8533896
Update kevinlab-bems-backdoor.yaml 2022-05-31 14:29:07 +05:30
Prince Chaddha 18f573cc0d
Update kevinlab-hems-backdoor.yaml 2022-05-31 14:28:02 +05:30
Prince Chaddha 59f524e539
Update lotuscms-rce.yaml 2022-05-31 14:26:43 +05:30
Prince Chaddha 59a7391451
Update maccmsv10-backdoor.yaml 2022-05-31 14:26:02 +05:30
Prince Chaddha 32b085c52a
Update magicflow-lfi.yaml 2022-05-31 14:25:40 +05:30
Prince Chaddha cd9188a2d9
Update mirai-unknown-rce.yaml 2022-05-31 14:23:16 +05:30
Prince Chaddha 636dec14ab
Update natshell-rce.yaml 2022-05-31 14:22:28 +05:30
Prince Chaddha ff002c5b1b
Update netgear-router-exposure.yaml 2022-05-31 14:21:09 +05:30
Prince Chaddha 7be57dbf17
Update dotnetcms-sqli.yaml 2022-05-30 22:56:35 +05:30
MostInterestingBotInTheWorld 8712d2b6c5 Enhancement: vulnerabilities/other/icewarp-webclient-rce.yaml by mp 2022-05-30 13:26:21 -04:00
MostInterestingBotInTheWorld 75e1c543c0 Enhancement: vulnerabilities/other/kevinlab-bems-backdoor.yaml by mp 2022-05-30 13:25:21 -04:00
MostInterestingBotInTheWorld eb1647611f Enhancement: vulnerabilities/other/kevinlab-hems-backdoor.yaml by mp 2022-05-30 13:22:21 -04:00
MostInterestingBotInTheWorld d4543f05a3 Enhancement: vulnerabilities/other/sar2html-rce.yaml by mp 2022-05-30 13:19:43 -04:00
MostInterestingBotInTheWorld e37d064294 Enhancement: vulnerabilities/other/oa-tongda-path-traversal.yaml by mp 2022-05-30 13:13:35 -04:00
MostInterestingBotInTheWorld 35fb337708 Enhancement: vulnerabilities/other/netgear-router-exposure.yaml by mp 2022-05-30 13:12:49 -04:00
MostInterestingBotInTheWorld d4529ca918 Enhancement: vulnerabilities/other/maccmsv10-backdoor.yaml by mp 2022-05-30 13:11:43 -04:00
MostInterestingBotInTheWorld 57348a8841 Enhancement: vulnerabilities/other/lotuscms-rce.yaml by mp 2022-05-30 13:10:32 -04:00
MostInterestingBotInTheWorld 3db25f4ee3 Enhancement: vulnerabilities/other/sponip-network-system-ping-rce.yaml by mp 2022-05-30 12:24:46 -04:00
MostInterestingBotInTheWorld 84df3a4c02 Enhancement: vulnerabilities/other/sonicwall-sslvpn-shellshock.yaml by mp 2022-05-30 12:23:29 -04:00
MostInterestingBotInTheWorld 9a6f0ae3a8 Enhancement: vulnerabilities/other/showdoc-file-upload-rce.yaml by mp 2022-05-30 12:22:09 -04:00
MostInterestingBotInTheWorld 87ac93b918 Enhancement: vulnerabilities/other/seowon-router-rce.yaml by mp 2022-05-30 12:21:04 -04:00