Commit Graph

2745 Commits (f1749c5393bd2641bf6c395d23d11a8639fc60cc)

Author SHA1 Message Date
Dhiyaneshwaran 82a860e347
Update core-chuangtian-cloud-rce.yaml 2022-09-01 00:56:04 +05:30
Dhiyaneshwaran 00b623d6a3
Update zhiyuan-file-upload.yaml 2022-09-01 00:45:27 +05:30
Dhiyaneshwaran 1ae6897871
Update oa-v9-uploads-file.yaml 2022-09-01 00:41:57 +05:30
Prince Chaddha 3f7a72b318
Update wordpress-accessible-wpconfig.yaml 2022-09-01 00:05:57 +05:30
Ritik Chaddha 3a939783b8
Update generic-windows-lfi.yaml 2022-08-31 23:12:58 +05:30
Ritik Chaddha b34b02ebd4 Revert "Update generic-windows-lfi.yaml"
This reverts commit a3076a43ac.
2022-08-31 23:11:07 +05:30
Ritik Chaddha 8c20c20328 Revert "Revert "Update generic-windows-lfi.yaml""
This reverts commit 2d626ef0fe.
2022-08-31 23:09:04 +05:30
Ritik Chaddha 2d626ef0fe Revert "Update generic-windows-lfi.yaml"
This reverts commit a3076a43ac.
2022-08-31 23:08:24 +05:30
Ritik Chaddha a3076a43ac
Update generic-windows-lfi.yaml 2022-08-31 23:05:41 +05:30
Dhiyaneshwaran 2dea6ed916
Update generic-linux-lfi.yaml 2022-08-31 22:03:32 +05:30
Dhiyaneshwaran 234b6a417a
Update generic-linux-lfi.yaml 2022-08-31 22:01:15 +05:30
its0x08 d634bb63d7 chore: Add reference to the template 2022-08-31 00:02:32 +02:00
0x08 0ea1df844a
fix: Update the template to avoid false positives
While testing I got a false positive. The `phpinfo();` was one `index.php` and any parameter appended did not affect the output. So I got a false positive because the template tests for `phpinfo();`. So I propose that the test string is updated to something random and if there is execution the string will show on the output.
2022-08-31 00:03:36 +03:00
MostInterestingBotInTheWorld 36cf9b2f61
Dashboard Enhancements + Severity Matching (#5245)
Dashboard Enhancements + Severity Matching
2022-08-29 16:21:30 -04:00
GitHub Action bc21497f99 Auto Generated CVE annotations [Sat Aug 27 04:41:18 UTC 2022] 🤖 2022-08-27 04:41:18 +00:00
Prince Chaddha 9838347cc3
Merge pull request #5027 from akincibor/wp-enhancement
Update Wordpress templates: typo, cve-id, ref & remove dupe
2022-08-25 14:12:13 +05:30
Prince Chaddha 15dbade56b
Merge pull request #5191 from arafatansari/patch-70
Create gnuboard5-rxss.yaml
2022-08-25 12:39:34 +05:30
Prince Chaddha ff82f4311d
Rename vulnerabilities/other/gnuboard5-rxss.yaml to vulnerabilities/gnuboard/gnuboard5-rxss.yaml 2022-08-25 12:27:51 +05:30
Prince Chaddha 409b655062
Rename vulnerabilities/other/gnuboard-sms-xss.yaml to vulnerabilities/gnuboard/gnuboard-sms-xss.yaml 2022-08-25 11:58:06 +05:30
Prince Chaddha 080906ab35
Update and rename vulnerabilities/other/gnuboard5-xss.yaml to vulnerabilities/gnuboard/gnuboard5-xss.yaml 2022-08-25 11:57:28 +05:30
Ritik Chaddha 3497197092
Update gnuboard5-rxss.yaml 2022-08-24 12:29:34 +05:30
Ritik Chaddha f7e6c4d03d
Update gnuboard5-xss.yaml 2022-08-24 12:23:48 +05:30
Arafat Ansari f5a80bcfe3
Create gnuboard5-rxss.yaml 2022-08-24 00:36:54 +05:30
Arafat Ansari 7dfd3a4edd
Create gnuboard5-xss.yaml 2022-08-24 00:21:46 +05:30
HJLee 660e8d3214 Modify spacing between id and info 2022-08-22 16:17:05 +09:00
Prince Chaddha 6bded3407c
Merge pull request #5117 from projectdiscovery/thruk-xss
Update thruk-xss.yaml
2022-08-16 18:03:41 -07:00
Prince Chaddha 486845f91f
Update thruk-xss.yaml 2022-08-17 05:00:25 +04:00
Prince Chaddha d90538043f
Merge pull request #5104 from djoevanka/patch-1
Added concrete-xss
2022-08-15 15:23:44 -07:00
Prince Chaddha 7269960168
Delete concrete-xss.yaml 2022-08-15 15:05:45 -07:00
Prince Chaddha 9f5ebd2182
Update concrete-xss.yaml 2022-08-15 14:55:19 -07:00
Ritik Chaddha 962bd2a744
Update thruk-xss.yaml 2022-08-15 14:27:04 +05:30
djojoe 5a3a34e4e2
Create concrete-xss.yaml 2022-08-14 20:18:48 +07:00
Prince Chaddha 0bdb85d570
Merge pull request #5091 from arafatansari/patch-52
Create dzzoffice-xss.yaml
2022-08-13 21:45:36 -07:00
Prince Chaddha 3b5c473606
Merge pull request #5081 from arafatansari/patch-51
Create kavita-lfi.yaml
2022-08-12 16:33:40 -07:00
Prince Chaddha 000c7c42d6
Update kavita-lfi.yaml 2022-08-12 16:23:16 -07:00
Prince Chaddha 338271dd97
Update and rename reddittoprss-xss.yaml to reddittop-rss-xss.yaml 2022-08-12 16:16:37 -07:00
Ritik Chaddha 12a76141a2
Update dzzoffice-xss.yaml 2022-08-13 00:37:24 +05:30
Arafat Ansari dc778f626a
Create dzzoffice-xss.yaml 2022-08-12 23:41:26 +05:30
Ritik Chaddha 5c867517d0
Update kavita-lfi.yaml 2022-08-12 16:14:39 +05:30
Ritik Chaddha aa8da9ab43
Update reddittoprss-xss.yaml 2022-08-12 15:55:22 +05:30
Arafat Ansari 6b6e82d232
Create kavita-lfi.yaml 2022-08-12 12:41:00 +05:30
Arafat Ansari 4b007e87d2
Create reddittoprss-xss.yaml 2022-08-12 12:39:23 +05:30
Prince Chaddha 9f4e720ba5
Merge pull request #4991 from projectdiscovery/log4j
Log4j
2022-08-10 09:56:15 -07:00
Prince Chaddha b67e15d02e
Update vmware-operation-manager-log4j.yaml 2022-08-10 09:41:22 -07:00
Prince Chaddha 1623e617b9
Update vmware-nsx-log4j.yaml 2022-08-10 09:41:02 -07:00
Prince Chaddha 39b7f16853
Update vmware-hcx-log4j.yaml 2022-08-10 09:40:49 -07:00
Prince Chaddha ea0315c4f2
Update rundeck-log4j.yaml 2022-08-10 09:40:35 -07:00
Prince Chaddha df1984890a
Update metabase-log4j.yaml 2022-08-10 09:40:16 -07:00
Prince Chaddha 2836673718
Update jamf-pro-log4j.yaml 2022-08-10 09:40:00 -07:00
Prince Chaddha 8a17b91ddd
Update graylog-log4j.yaml 2022-08-10 09:39:30 -07:00
Prince Chaddha 064b49d115
Update cisco-vmanage-log4j.yaml 2022-08-10 09:39:00 -07:00
Prince Chaddha 66c68c63a4
Update cisco-unified-communications-log4j.yaml 2022-08-10 09:38:46 -07:00
Prince Chaddha c7b77ae818
Update vmware-operation-manager-log4j.yaml 2022-08-10 09:37:38 -07:00
Prince Chaddha fadf1ba975
Merge pull request #5005 from projectdiscovery/wp-blogroll-fun-xss
Create wp-blogroll-fun-xss.yaml
2022-08-10 09:35:43 -07:00
Prince Chaddha 6899066085
Update wp-blogroll-fun-xss.yaml 2022-08-10 09:32:23 -07:00
Ritik Chaddha 98f75b6390
Update and rename vulnerabilities/wordpress/wp-church-admin-xss.yaml to cves/2015/CVE-2015-4127.yaml 2022-08-10 15:01:50 +05:30
Ritik Chaddha 0ba0e74aa1
Update wp-ambience-xss.yaml 2022-08-10 14:50:05 +05:30
Ritik Chaddha 0bbe2ff881
Update wordpress-zebra-form-xss.yaml 2022-08-10 14:48:17 +05:30
Ritik Chaddha 9f0b259e75
Update wordpress-social-metrics-tracker.yaml 2022-08-10 14:45:01 +05:30
Ritik Chaddha 37c98909c9
Update w3c-total-cache-ssrf.yaml 2022-08-10 14:43:01 +05:30
Ritik Chaddha 0ebe9f0b8f
Update sassy-social-share.yaml 2022-08-10 14:38:35 +05:30
Ritik Chaddha d817811a58
Update nativechurch-wp-theme-lfd.yaml 2022-08-10 14:36:49 +05:30
Ritik Chaddha 61f94b90d8
Update eatery-restaurant-open-redirect.yaml 2022-08-10 14:32:39 +05:30
Ritik Chaddha 62f10760af
Update brandfolder-open-redirect.yaml 2022-08-10 14:27:59 +05:30
Ritik Chaddha 33d108ee76
Update advanced-access-manager-lfi.yaml 2022-08-10 14:19:57 +05:30
Ritik Chaddha 4c9182c73e
Update ad-widget-lfi.yaml 2022-08-10 14:18:06 +05:30
Ritik Chaddha 88f642a48a
Update wp-woocommerce-email-verification.yaml 2022-08-10 14:00:37 +05:30
Ritik Chaddha 8377f56550
Update wp-woocommerce-file-download.yaml 2022-08-10 13:58:11 +05:30
Prince Chaddha 518d92e567
Rename vulnerabilities/wordpress/wp-install.yaml to exposed-panels/wordpress/wp-install.yaml 2022-08-09 14:39:07 -07:00
Prince Chaddha 19b9eae7fe
Merge pull request #5018 from scent2d/CVE-2020-8772
Create CVE-2020-8772.yaml
2022-08-09 12:18:44 -07:00
Prince Chaddha 5dff73aec8
Merge pull request #5059 from pikpikcu/patch-335
Added webp server LFI
2022-08-09 12:02:17 -07:00
Prince Chaddha 60406e102f
Merge pull request #5055 from arafatansari/patch-48
Create yeswiki-sql.yaml
2022-08-09 11:47:41 -07:00
Prince Chaddha c69d94c158
Update yeswiki-sql.yaml 2022-08-09 11:43:33 -07:00
Prince Chaddha 473dbce6e6
Update yeswiki-sql.yaml 2022-08-09 11:41:09 -07:00
Prince Chaddha 6acbc4ed00
Merge pull request #5054 from arafatansari/patch-47
Create yeswiki-xss2.yaml
2022-08-09 11:38:41 -07:00
Prince Chaddha 8cf741bc67
Update yeswiki-stored-xss.yaml 2022-08-09 11:36:59 -07:00
Ritik Chaddha 9cde49ec96
Update webp-server-go-lfi.yaml 2022-08-09 16:25:59 +05:30
PikPikcU 9328ba3ee4
Create webp-server-go-lfi.yaml 2022-08-09 06:15:24 -04:00
Prince Chaddha b3e8664e2c
Merge pull request #5053 from arafatansari/patch-46
Create yeswiki-xss.yaml
2022-08-09 02:50:21 -07:00
Prince Chaddha 9ec1e497b3
Update yeswiki-xss.yaml 2022-08-09 02:47:08 -07:00
Prince Chaddha 7129ad3f4a
Update generic-j2ee-lfi.yaml 2022-08-09 02:36:13 -07:00
Prince Chaddha ef71f15309
Merge pull request #5050 from pussycat0x/master
CVE-2019-10692
2022-08-09 02:20:37 -07:00
Prince Chaddha c03b7f8448
Merge pull request #5038 from davidfegyver/j2ee-generic-lfi
Added generic J2EE LFI scan
2022-08-09 02:12:01 -07:00
Prince Chaddha 9dc980ad64
Update generic-j2ee-lfi.yaml 2022-08-09 02:09:46 -07:00
Ritik Chaddha 0590cc3c23
Update and rename yeswiki-xss2.yaml to yeswiki-stored-xss.yaml 2022-08-09 12:57:50 +05:30
Ritik Chaddha ca6611c9cf
Update yeswiki-sql.yaml 2022-08-09 12:02:17 +05:30
Dhiyaneshwaran 5c8f9cfdcf
Update yeswiki-xss.yaml 2022-08-09 07:40:54 +05:30
Arafat Ansari c0374e5993
Create yeswiki-sql.yaml 2022-08-09 02:41:34 +05:30
Arafat Ansari 8ec7755930
Create yeswiki-xss2.yaml 2022-08-09 02:40:20 +05:30
Arafat Ansari 0af2f4de1c
Create yeswiki-xss.yaml 2022-08-09 02:38:54 +05:30
Prince Chaddha 02e7097db5
Merge pull request #5041 from projectdiscovery/liferay-resource-leak
Create liferay-resource-leak.yaml
2022-08-08 13:08:22 -07:00
Prince Chaddha a7d1ffbefd
Update and rename misconfiguration/liferay-resource-leak.yaml to vulnerabilities/j2ee/liferay-resource-leak.yaml 2022-08-08 13:05:34 -07:00
Prince Chaddha bfaf4f5b6d Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates into pr/4738 2022-08-08 11:28:46 -07:00
Ritik Chaddha 3ca2ec0945
Update CVE-2019-10692.yaml 2022-08-08 19:11:01 +05:30
Ritik Chaddha 3964e22f69
Update CVE-2019-10692.yaml 2022-08-08 19:08:44 +05:30
pussycat0x 383ed21913
Add files via upload 2022-08-08 18:36:30 +05:30
Ritik Chaddha 6106342ddf
Update generic-j2ee-lfi.yaml 2022-08-08 12:05:51 +05:30
Dhiyaneshwaran 6d7316db73
Update generic-j2ee-lfi.yaml 2022-08-07 20:50:32 +05:30
Dhiyaneshwaran d02893bba3
Update generic-j2ee-lfi.yaml 2022-08-07 20:47:49 +05:30
David Fegyver 8590b47416
Added generic J2EE LFI scan 2022-08-07 15:31:31 +02:00
Prince Chaddha 3950e8304c
Update wp-blogroll-fun-xss.yaml 2022-08-06 10:36:51 -07:00
Akincibor db12feeead Update Wordpress templates: typo, cve-id, ref & remove dupe 2022-08-06 19:19:49 +02:00
Akincibor db692605d4 Update Wordpress templates: typo, cve-id, ref & remove dupe 2022-08-06 18:54:58 +02:00
Ritik Chaddha 001868f981
Update inspur-clusterengine-v4-sysshell-rce.yaml 2022-08-06 22:11:58 +05:30
Prince Chaddha 9e4645961c
Delete wordpress-infinitewp-auth-bypass.yaml 2022-08-06 00:09:02 -07:00
MostInterestingBotInTheWorld b2e886f09b
Dashboard Content Enhancements (#5009)
Dashboard Content Enhancements
2022-08-05 09:57:51 -04:00
pussycat0x e9974fe5ad
Delete wp-revslider-release-log-detect.yaml 2022-08-05 18:46:53 +05:30
Prince Chaddha 708649c943
Merge pull request #5008 from projectdiscovery/omnia-mpx-lfi
Update omnia-mpx-lfi.yaml
2022-08-05 07:58:42 +04:00
Prince Chaddha 3ef2eea48f
Merge pull request #5004 from projectdiscovery/wp-avchat-3-xss
Create wp-avchat-3-xss.yaml
2022-08-05 07:57:58 +04:00
Prince Chaddha ae02b5bb2b
Update omnia-mpx-lfi.yaml 2022-08-05 07:57:03 +04:00
Prince Chaddha e2d0cfed57
Update and rename wp-avchat-3-xss.yaml to avchat-video-chat-xss.yaml 2022-08-05 07:54:15 +04:00
Prince Chaddha 5538c251dd
Update and rename wp-athlon-manage-calameo-publications-xss.yaml to calameo-publications-xss.yaml 2022-08-05 07:48:41 +04:00
Ritik Chaddha a73b7924f0
Update omnia-mpx-lfi.yaml 2022-08-04 23:53:04 +05:30
Ritik Chaddha 5d7f87b2ab Revert "Update omnia-mpx-lfi.yaml"
This reverts commit 03ae109555.
2022-08-04 23:52:03 +05:30
Ritik Chaddha 03ae109555
Update omnia-mpx-lfi.yaml 2022-08-04 23:47:18 +05:30
Dhiyaneshwaran 738df35bfc
Create wp-blogroll-fun-xss.yaml 2022-08-04 22:23:16 +05:30
Dhiyaneshwaran 9128955363
Delete wp-blogroll-fun-xss.yaml 2022-08-04 22:22:52 +05:30
Dhiyaneshwaran aa4bec9d62
Create wp-blogroll-fun-xss.yaml 2022-08-04 22:21:53 +05:30
Dhiyaneshwaran 404f1d56eb
Create wp-avchat-3-xss.yaml 2022-08-04 22:10:29 +05:30
Dhiyaneshwaran 94dcb8f006
Create wp-athlon-manage-calameo-publications-xss.yaml 2022-08-04 22:01:49 +05:30
Dhiyaneshwaran 4bc8d0fa91
Delete wp-athlon-manage-calameo-publications-xss.yaml 2022-08-04 22:01:14 +05:30
Dhiyaneshwaran a02733dcbc
Create wp-athlon-manage-calameo-publications-xss.yaml 2022-08-04 21:55:50 +05:30
Prince Chaddha 3c7f0847aa
Merge pull request #4913 from Akokonunes/patch-170
Create crystal-live-http-server-lfi.yaml
2022-08-04 20:27:25 +05:30
Prince Chaddha eee45f4897
Update and rename crystal-live-http-server-lfi.yaml to crystal-live-server-lfi.yaml 2022-08-04 18:55:57 +04:00
Prince Chaddha 64f3b3aac5
Merge pull request #4992 from projectdiscovery/microweber-stored-xss
Delete microweber-stored-xss.yaml
2022-08-04 19:52:29 +05:30
Prince Chaddha 53a2f6b0f9
Merge pull request #4979 from arafatansari/patch-37
Create mpx-lfi.yaml
2022-08-03 19:03:32 +05:30
Prince Chaddha fe631c7d8b
Merge pull request #4982 from projectdiscovery/solarview-compact-xss
Create solarview-compact-xss.yaml
2022-08-03 19:03:21 +05:30
Dhiyaneshwaran b548f03918
Create vmware-operation-manager-log4j.yaml 2022-08-03 18:47:13 +05:30
Dhiyaneshwaran 6d8a1762da
Create vmware-nsx-log4j.yaml 2022-08-03 18:46:40 +05:30
Dhiyaneshwaran b91aa0fb7c
Create vmware-hcx-log4j.yaml 2022-08-03 18:46:12 +05:30
Dhiyaneshwaran 2e17f180a9
Create rundeck-log4j.yaml 2022-08-03 18:45:34 +05:30
Dhiyaneshwaran 8c3f59485a
Create metabase-log4j.yaml 2022-08-03 18:44:49 +05:30
Dhiyaneshwaran cdde4d5053
Create jamf-pro-log4j.yaml 2022-08-03 18:44:10 +05:30
Dhiyaneshwaran 111e9319f1
Create graylog-log4j.yaml 2022-08-03 18:43:22 +05:30
Dhiyaneshwaran ad5c44ee6a
Create cisco-vmanage-log4j.yaml 2022-08-03 18:42:29 +05:30
Ritik Chaddha 82a0ff9b0b
Delete microweber-stored-xss.yaml 2022-08-03 18:42:24 +05:30
Dhiyaneshwaran 21340d3862
Create cisco-unified-communications-log4j.yaml 2022-08-03 18:40:21 +05:30
Prince Chaddha 78e60a784f
Rename vulnerabilities/other/royalevent/royalevent-stored-xss.yaml to vulnerabilities/royalevent/royalevent-stored-xss.yaml 2022-08-03 18:35:05 +05:30
Prince Chaddha cfeb72ac56
Rename vulnerabilities/other/royalevent/royalevent-management-xss.yaml to vulnerabilities/royalevent/royalevent-management-xss.yaml 2022-08-03 18:34:58 +05:30
Ritik Chaddha 2253fdcdab
Create solarview-compact-xss.yaml 2022-08-02 20:47:11 +05:30
Ritik Chaddha 3a75420965
Update and rename mpx-lfi.yaml to omnia-mpx-lfi.yaml 2022-08-02 18:31:57 +05:30
Arafat Ansari b74d093f74
Create mpx-lfi.yaml 2022-08-02 18:19:05 +05:30
Dhiyaneshwaran cacc097e08
Update crystal-live-http-server-lfi.yaml 2022-08-02 15:51:33 +05:30
Dhiyaneshwaran a7ffb8182b
Update crystal-live-http-server-lfi.yaml 2022-08-02 15:49:21 +05:30
Dhiyaneshwaran c729e73abe
Update and rename crystal-live-http-server-lfi.yaml to vulnerabilities/other/crystal-live-http-server-lfi.yaml 2022-08-02 15:40:20 +05:30
Dhiyaneshwaran b103fb9ef0
Update wp-revslider-release-log-detect.yaml 2022-08-02 15:00:54 +05:30
Dhiyaneshwaran 0963069a3c
Update and rename wp-revslider-release_log-detect.yaml to wp-revslider-release-log-detect.yaml 2022-08-02 14:47:17 +05:30
pussycat0x 76a55fc884
Add files via upload 2022-08-02 11:48:19 +05:30
Prince Chaddha 4a37bf0a2d
Merge pull request #4881 from arafatansari/patch-19
Create ems-sqli.yaml
2022-08-01 11:13:23 +05:30
Prince Chaddha 4c51fe5c08
Update carrental-xss.yaml 2022-08-01 10:51:34 +05:30
Dhiyaneshwaran 0f182e5102
Update carrental-xss.yaml 2022-08-01 05:40:27 +05:30
Arafat Ansari 4397a352f8
Create carrental-xss.yaml 2022-08-01 02:39:55 +05:30
Prince Chaddha f5b3587750
Merge pull request #4917 from amit-jd/amit-patch-7
Create stored-xss-mwb
2022-07-31 10:02:34 +05:30
Prince Chaddha 8d4a74484c
Rename stored-xss-mwb.yaml to microweber-stored-xss.yaml 2022-07-30 14:02:12 +05:30
Prince Chaddha 3916a596b5
Merge pull request #4890 from projectdiscovery/goanywhere-log4j-rce
Added goanywhere-log4j-rce
2022-07-30 13:58:47 +05:30
Ritik Chaddha b78a6b9a85
Update ems-sqli.yaml 2022-07-30 12:16:47 +05:30
Prince Chaddha 92e61df0e6
Update goanywhere-mft-log4j-rce.yaml 2022-07-30 11:05:23 +05:30
MostInterestingBotInTheWorld 8c3ab6c654
Dashboard Content Enhancements (#4943)
Dashboard Content Enhancements
2022-07-29 10:04:23 -04:00
Ritik Chaddha 06adbe6447 Update springboot-actuators-jolokia-xxe.yaml 2022-07-28 14:05:26 +05:30
MostInterestingBotInTheWorld 690da7dd94
Dashboard Content Enhancements (#4927)
Dashboard Content Enhancements
2022-07-27 16:17:31 -04:00
Ritik Chaddha efcd51e82c
Create analytify-plugin-xss.yaml 2022-07-27 16:46:12 +05:30
Ritik Chaddha c28e6fa3ea
Update and rename goanywhere-log4j-rce.yaml to goanywhere-mft-log4j-rce.yaml 2022-07-27 14:21:59 +05:30
Ritik Chaddha a9afe92229
Update stored-xss-mwb.yaml 2022-07-27 13:18:58 +05:30
Ritik Chaddha 4fc4fa5050
Update stored-xss-mwb.yaml 2022-07-27 13:16:49 +05:30
amit-jd 66ad97de7c
Update stored-xss-mwb.yaml 2022-07-27 13:01:23 +05:30
amit-jd 38278e0211
Update stored-xss-mwb.yaml 2022-07-27 12:59:11 +05:30
amit-jd 38eba0637e
Update stored-xss-mwb.yaml 2022-07-27 12:09:06 +05:30
amit-jd 711bad8a91
Update stored-xss-mwb.yaml 2022-07-27 11:50:07 +05:30
MostInterestingBotInTheWorld c5a7d79f5a
Dashboard Content Enhancements (#4819)
Dashboard Content Enhancements
2022-07-26 09:45:11 -04:00
amit-jd 4968037238
Create stored-xss-mwb 2022-07-26 19:00:38 +05:30
PikPikcU 731c02429a
Create weiphp-sql-injection (#941)
* Create weiphp-sql-injection.yaml

* Update weiphp-sql-injection.yaml

* Update weiphp-sql-injection.yaml

Co-authored-by: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com>
2022-07-26 17:28:08 +05:30
Prince Chaddha f94c44a51a
Merge pull request #3263 from projectdiscovery/jexboss-backdoor
Added Jexboss Backdoor Webshell
2022-07-26 12:46:15 +05:30
Prince Chaddha 6a24e37b31
Update jexboss-backdoor.yaml 2022-07-26 12:29:48 +05:30
Prince Chaddha d07b944d90
Merge pull request #4882 from arafatansari/patch-20
Create cvms-sqli.yaml
2022-07-26 10:43:07 +05:30
Prince Chaddha 6c8e1772fa
Update cvms-sqli.yaml 2022-07-26 10:19:24 +05:30
Prince Chaddha 3ef173ca7f
Update zms-sqli.yaml 2022-07-26 10:16:30 +05:30
Ritik Chaddha d73f42e715
Update zms-sqli.yaml 2022-07-26 10:05:07 +05:30
Ritik Chaddha e4e2f4cf00
Update zms-sqli.yaml 2022-07-25 23:55:18 +05:30
Arafat Ansari f5295fa474
Update zms-sqli.yaml 2022-07-25 23:50:46 +05:30
Arafat Ansari 2e6ea14451
Create zms-sqli.yaml 2022-07-25 23:47:14 +05:30
Ritik Chaddha 0831a9d488
Update cvms-sqli.yaml 2022-07-25 23:41:06 +05:30
Ritik Chaddha 43c389c42a
Update cvms-sqli.yaml 2022-07-25 23:39:57 +05:30
Prince Chaddha f0b5e19833
Merge pull request #4163 from ritikchaddha/patch-34
Create zzcms-xss.yaml
2022-07-24 21:26:23 +05:30
Prince Chaddha ac96218aae
Update zzcms-xss.yaml 2022-07-24 21:16:05 +05:30
Ritik Chaddha 8c6cc9b9eb
Update zzcms-xss.yaml 2022-07-24 19:13:49 +05:30
sandeep 7379d35162 addition signup path + template fix 2022-07-23 18:37:43 +05:30
Ritik Chaddha 9d8af2ac47
Update goanywhere-log4j-rce.yaml 2022-07-22 23:41:57 +05:30
Prince Chaddha 53ca3cf256
Merge pull request #4870 from arafatansari/patch-16
Create loancms-sqli.yaml
2022-07-22 12:40:16 +05:30
Ritik Chaddha e79fa7e245
Update loancms-sqli.yaml 2022-07-22 12:15:21 +05:30
sandeep 1ea058b576 added goanywhere-log4j-rce 2022-07-22 07:12:43 +05:30
Ritik Chaddha 42470ac90c
Update loancms-sqli.yaml 2022-07-21 16:36:05 +05:30
Prince Chaddha de5b654312
Merge pull request #4883 from arafatansari/patch-21
Create alumni-sqli.yaml
2022-07-21 16:29:38 +05:30
Prince Chaddha daf917a751
Update alumni-management-sqli.yaml 2022-07-21 16:20:17 +05:30
Ritik Chaddha 268a9f0a39
Update and rename alumni-sqli.yaml to alumni-management-sqli.yaml 2022-07-21 16:17:53 +05:30
Prince Chaddha 3035ea903c
Merge pull request #4868 from arafatansari/patch-15
Create devalcms-xss.yaml
2022-07-21 15:20:18 +05:30
Prince Chaddha 47c8fdd8fc
Update loancms-sqli.yaml 2022-07-21 15:17:40 +05:30
Prince Chaddha b4be125f85
Merge pull request #4872 from arafatansari/patch-17
Create onlinecms-xss.yaml
2022-07-21 15:10:36 +05:30
Prince Chaddha 04a0949573
Update and rename onlinecms-xss.yaml to onlinefarm-management-xss.yaml 2022-07-21 15:06:42 +05:30
Prince Chaddha 66786b8aaa
Merge pull request #4874 from arafatansari/patch-18
Create surrealtodo-lfi.yaml
2022-07-21 14:17:03 +05:30
Ritik Chaddha 77ab5e2cbd
Update dedecms-rce.yaml 2022-07-21 14:02:18 +05:30
Ritik Chaddha 8823370bdf
Create dedecms-rce.yaml 2022-07-21 13:52:11 +05:30
Prince Chaddha 5baf2a4bf2
Update and rename opencti-lfi.yaml to vulnerabilities/other/opencti-lfi.yaml 2022-07-21 13:18:27 +05:30
Arafat Ansari 467d8ecc6a
Create alumni-sqli.yaml 2022-07-21 13:16:42 +05:30
Arafat Ansari 91f907e3b1
Create cvms-sqli.yaml 2022-07-21 12:57:46 +05:30
Arafat Ansari 2fd7baf1bf
Create ems-sqli.yaml 2022-07-21 12:39:06 +05:30
Ritik Chaddha 9e829668a4
Update onlinecms-xss.yaml 2022-07-20 23:52:19 +05:30
Arafat Ansari acc357f591
Update onlinecms-xss.yaml 2022-07-20 23:43:48 +05:30
Ritik Chaddha d88160b8d5
Update surrealtodo-lfi.yaml 2022-07-20 23:21:03 +05:30
Ritik Chaddha 14e430b3df
Update surrealtodo-lfi.yaml 2022-07-20 23:20:37 +05:30
Arafat Ansari 9f28a9c8e3
Create surrealtodo-lfi.yaml 2022-07-20 23:14:17 +05:30
Arafat Ansari ef1a1f0f44
Create onlinecms-xss.yaml 2022-07-20 22:14:07 +05:30
Ritik Chaddha bd0c9a9163
Update loancms-sqli.yaml 2022-07-20 18:11:03 +05:30
Ritik Chaddha 8bca76cf6d
Update loancms-sqli.yaml 2022-07-20 18:08:25 +05:30
Arafat Ansari 2d71d7a288
Create loancms-sqli.yaml 2022-07-20 16:37:42 +05:30
Ritik Chaddha 4b6aa7df81
Update devalcms-xss.yaml 2022-07-20 14:42:25 +05:30
Arafat Ansari 289f1731bb
Update devalcms-xss.yaml 2022-07-20 14:37:43 +05:30
Arafat Ansari 0f209ca08c
Update devalcms-xss.yaml 2022-07-20 14:31:44 +05:30
Arafat Ansari 9304c58b2c
Create devalcms-xss.yaml 2022-07-20 14:26:54 +05:30
Prince Chaddha 8279d7b4e7
Merge pull request #4854 from arafatansari/patch-14
Create eris-xss.yaml
2022-07-19 14:58:37 +05:30
Ritik Chaddha cba12fe78d
Update eris-xss.yaml 2022-07-19 14:25:14 +05:30
Arafat Ansari 920ee7ea97
Update eris-xss.yaml 2022-07-18 21:59:07 +05:30
Prince Chaddha b7b317dc02
Merge pull request #4461 from gy741/rule-add-v113
Create cisco-rv-series-rce.yaml
2022-07-18 20:52:16 +05:30
Prince Chaddha 099e9ede6e
Update cisco-rv-series-rce.yaml 2022-07-18 20:49:58 +05:30
Arafat Ansari d004cb9b65
Create eris-xss.yaml 2022-07-18 18:14:09 +05:30
Prince Chaddha 38b1247fcf
Update cisco-rv-series-rce.yaml 2022-07-18 15:22:26 +05:30
Prince Chaddha 279a418e17
Merge pull request #4836 from gy741/v119
Create carel-bacnet-gateway-directory-traversal.yaml
2022-07-18 14:15:54 +05:30
Prince Chaddha 1318dbbae8
Update and rename carel-bacnet-gateway-directory-traversal.yaml to carel-bacnet-gateway-traversal.yaml 2022-07-18 13:47:02 +05:30
Prince Chaddha 22e47c889b
Merge pull request #4847 from ritikchaddha/Update-metadata-query
Log4j templates enhancement
2022-07-18 12:15:49 +05:30
Ritik Chaddha 08bf44add6 Update apache-ofbiz-log4j-rce.yaml 2022-07-18 12:04:47 +05:30
Ritik Chaddha 4a6ef1b3b0 Update apache-solr-log4j-rce.yaml 2022-07-18 12:04:43 +05:30
Ritik Chaddha 73c9a981ac Update jamf-log4j-jndi-rce.yaml 2022-07-18 12:04:40 +05:30
Ritik Chaddha 6f6eb47953 Update mobileiron-log4j-jndi-rce.yaml 2022-07-18 12:04:37 +05:30
Ritik Chaddha a1409f1f2a Update unifi-network-log4j-rce.yaml 2022-07-18 12:04:32 +05:30
Ritik Chaddha 3b2e9d617b Update vmware-horizon-log4j-jndi-rce.yaml 2022-07-18 12:04:27 +05:30
Ritik Chaddha d516bf58d9 Update vmware-vcenter-log4j-jndi-rce.yaml 2022-07-18 12:04:24 +05:30
Ritik Chaddha 5f24480409 Update vrealize-operations-log4j-rce.yaml 2022-07-18 12:04:22 +05:30
Prince Chaddha 851c7ef71d
Update mobileiron-log4j-jndi-rce.yaml 2022-07-17 09:23:02 +05:30
Ritik Chaddha 633c7ccbee Update apache-ofbiz-log4j-rce.yaml 2022-07-16 22:38:08 +05:30
Ritik Chaddha a312af919a Update apache-solr-log4j-rce.yaml 2022-07-16 22:38:06 +05:30
Ritik Chaddha e065e78756 Update code42-log4j-rce.yaml 2022-07-16 22:38:04 +05:30
Ritik Chaddha f0ef7c981b Update jamf-log4j-jndi-rce.yaml 2022-07-16 22:38:02 +05:30
Ritik Chaddha aa631b6a04 Update mobileiron-log4j-jndi-rce.yaml 2022-07-16 22:37:18 +05:30
Ritik Chaddha 928abe95cc Update unifi-network-log4j-rce.yaml 2022-07-16 22:37:16 +05:30
Ritik Chaddha ab67da1487 Update springboot-log4j-rce.yaml 2022-07-16 22:37:13 +05:30
Ritik Chaddha b5818db94c Update vmware-horizon-log4j-jndi-rce.yaml 2022-07-16 22:35:40 +05:30
Ritik Chaddha 4add304837 Update vmware-vcenter-log4j-jndi-rce.yaml 2022-07-16 22:35:37 +05:30
Ritik Chaddha 10ad3459b6 Update vrealize-operations-log4j-rce.yaml 2022-07-16 22:35:27 +05:30
Prince Chaddha c7b482532d
Update elasticsearch5-log4j-rce.yaml 2022-07-16 18:04:04 +05:30
Ritik Chaddha 236912a8fa
Create elasticsearch5-log4j-rce.yaml 2022-07-16 12:21:07 +05:30
GwanYeong Kim 549c969d5f Create carel-bacnet-gateway-directory-traversal.yaml
The device suffers from an unauthenticated arbitrary file disclosure vulnerability. Input passed through the 'file' GET parameter through the 'logdownload.cgi' Bash script is not properly verified before being used to download log files. This can be exploited to disclose the contents of arbitrary and sensitive files via directory traversal attacks.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2022-07-16 10:59:44 +09:00
Prince Chaddha 67df84f78a
Update vmware-siterecovery-log4j-rce.yaml 2022-07-15 17:09:23 +05:30
Prince Chaddha 8d163b4730
Merge pull request #4832 from projectdiscovery/vmware-log4j-rce
Create vmware-log4j-rce.yaml
2022-07-15 16:09:14 +05:30
Prince Chaddha 7670b03504
Update and rename vmware-log4j-rce.yaml to vmware-siterecovery-log4j-rce.yaml 2022-07-15 16:04:49 +05:30
Prince Chaddha 9241b0d568
Update opennms-log4j-jndi-rce.yaml 2022-07-15 15:46:29 +05:30
Prince Chaddha 69f0e7675a
Update opennms-log4j-jndi-rce.yaml 2022-07-15 10:23:51 +05:30
Ritik Chaddha a508c28178
Create vmware-log4j-rce.yaml 2022-07-14 23:00:42 +05:30
Ritik Chaddha 918a56d516
Update opennms-log4j-jndi-rce.yaml 2022-07-14 19:48:13 +05:30
Ritik Chaddha 1c66b826b3
Update opennms-log4j-jndi-rce.yaml 2022-07-14 19:46:46 +05:30
johnk3r 35d13abbb0
Create opennms-log4j-jndi-rce.yaml 2022-07-14 10:31:10 -03:00
Ritik Chaddha cf2d464bee Update icewarp-webclient-rce.yaml 2022-07-10 15:07:19 +05:30
Ritik Chaddha 2863e385a3 Update opensis-lfi.yaml 2022-07-10 15:07:18 +05:30
Prince Chaddha 0f7699ef22
Merge pull request #4783 from uomogrande/icewarp-openredirects
Added icewarp-openredirects Template
2022-07-09 22:20:56 +05:30
Prince Chaddha 7789261fce
Update icewarp-openredirects.yaml 2022-07-09 22:11:36 +05:30
Prince Chaddha 58bd909659
Create members-list-xss.yaml 2022-07-09 18:42:35 +05:30
Ritik Chaddha fd9fb82a61
Update icewarp-openredirects.yaml 2022-07-09 14:55:04 +05:30
Ritik Chaddha 29acb27dc6
Update icewarp-openredirects.yaml 2022-07-09 14:52:47 +05:30
uomogrande 2a7c7f816a Added icewarp-openredirects Template 2022-07-08 12:58:41 +02:00
Ritik Chaddha 643911cbb6 Update dedecms-membergroup-sqli.yaml 2022-07-07 15:45:54 +05:30
Ritik Chaddha 9953dd2201 Update grafana-file-read.yaml 2022-07-07 15:45:51 +05:30
Prince Chaddha cc772eb97a
Update and rename Drupal-avatar-xss.yaml to drupal-avatar-xss.yaml 2022-07-06 23:15:18 +05:30
Ritik Chaddha f7b10ecf9f
Create Drupal-avatar-xss.yaml 2022-07-06 23:10:05 +05:30
Prince Chaddha 78304fd30b
Merge pull request #4762 from projectdiscovery/curcy-xss
Create curcy-xss.yaml
2022-07-06 16:32:05 +05:30
Prince Chaddha 68eb6586c3
Merge pull request #4764 from projectdiscovery/clearfy-cache-xss
Create clearfy-cache-xss.yaml
2022-07-06 16:31:43 +05:30
Prince Chaddha 81ef0bdbcf
Merge pull request #4765 from projectdiscovery/checkout-fields-manager-xss
Create checkout-fields-manager-xss.yaml
2022-07-06 16:31:22 +05:30
Prince Chaddha edf09d30b6
Create 404-to-301-xss.yaml 2022-07-06 16:16:17 +05:30
Prince Chaddha 11dda1d89e
Create checkout-fields-manager-xss.yaml 2022-07-06 16:12:13 +05:30
Prince Chaddha 154f19ed6d
Create clearfy-cache-xss.yaml 2022-07-06 16:04:32 +05:30
Prince Chaddha 2b1284f34c
Create curcy-xss.yaml 2022-07-06 15:52:41 +05:30
Prince Chaddha 5692419f40
Merge pull request #4760 from projectdiscovery/modula-image-gallery-xss
Create modula-image-gallery-xss.yaml
2022-07-06 15:38:05 +05:30
Prince Chaddha 7bd3b7ffec
Update shortpixel-image-optimizer-xss.yaml 2022-07-06 15:37:10 +05:30
Prince Chaddha 6adcefe3ac
Update modula-image-gallery-xss.yaml 2022-07-06 15:36:43 +05:30
Prince Chaddha 865cced275
Merge pull request #4759 from projectdiscovery/shortpixel-image-optimizer-xss
Create shortpixel-image-optimizer-xss.yaml
2022-07-06 15:35:19 +05:30
Prince Chaddha 6a0c3c9892
Create modula-image-gallery-xss.yaml 2022-07-06 15:32:14 +05:30
Prince Chaddha 0509c8c372
Update woocommerce-pdf-invoices-xss.yaml 2022-07-06 15:31:47 +05:30
Prince Chaddha 85976d219f
Update shortpixel-image-optimizer-xss.yaml 2022-07-06 15:31:26 +05:30
Prince Chaddha 067658568e
Create shortpixel-image-optimizer-xss.yaml 2022-07-06 15:26:41 +05:30
Prince Chaddha 9353c41e78
Update woocommerce-pdf-invoices-xss.yaml 2022-07-06 15:25:31 +05:30
Prince Chaddha fac95562b9
Update woocommerce-pdf-invoices-xss.yaml 2022-07-06 15:19:30 +05:30
Prince Chaddha daca40f05e
Create woocommerce-pdf-invoices-xss.yaml 2022-07-06 15:13:25 +05:30
Bojan Zdrnja 056ef1ba38
Update jenkins-script.yaml (#4752)
* Update jenkins-script.yaml

The Jenkins console (with the latest version) in the response body does not contain Scriptconsole, but contains "Script Console".

* additional matcher update

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-07-06 02:39:28 +05:30
Ritik Chaddha ab4b46a0e5
Create elFinder-path-traversal.yaml 2022-07-05 08:40:51 +05:30
Prince Chaddha 1bd96f8902
Update and rename misconfiguration/vulnerabilities/other/umbraco-base-ssrf.yaml to vulnerabilities/other/umbraco-base-ssrf.yaml 2022-07-05 08:23:51 +05:30
Ritik Chaddha f55d13f03b Update jira-unauthenticated-user-picker.yaml 2022-07-04 18:48:18 +05:30
Ritik Chaddha f575393fcb Update jira-unauthenticated-screens.yaml 2022-07-04 18:48:16 +05:30
Ritik Chaddha 89d1dc600b Update jira-unauthenticated-resolutions.yaml 2022-07-04 18:48:14 +05:30
Ritik Chaddha 0ccac6cf52 Update jira-unauthenticated-projects.yaml 2022-07-04 18:48:12 +05:30
Ritik Chaddha b94e52a340 Update jira-unauthenticated-projectcategories.yaml 2022-07-04 18:48:10 +05:30
Ritik Chaddha cfc4ce1ee5 Update jira-unauthenticated-installed-gadgets.yaml 2022-07-04 18:48:08 +05:30
Ritik Chaddha 2b5f222a01 Update jira-unauthenticated-dashboards.yaml 2022-07-04 18:48:06 +05:30
Ritik Chaddha cad9b674dc Update jira-unauthenticated-adminprojects.yaml 2022-07-04 18:48:04 +05:30
Ritik Chaddha e855d0d067 Update jira-service-desk-signup.yaml 2022-07-04 18:48:00 +05:30
Prince Chaddha 1dccc86c88
Create wp-insert-php-xss.yaml 2022-07-04 17:31:46 +05:30
Prince Chaddha 255b2cf91d Revert "Create wp-insert-php-xss.yaml"
This reverts commit 415ba61d73.
2022-07-04 17:30:26 +05:30
Prince Chaddha 415ba61d73
Create wp-insert-php-xss.yaml 2022-07-04 17:29:53 +05:30
Prince Chaddha 84aedb39bc
Merge pull request #4736 from ritikchaddha/Update-shodan/fofa-links-to-search-query
Update shodan/fofa links to query
2022-07-04 16:56:06 +05:30
Arm!tage 1e7f5d7bed
Classify (#4735)
* Auto Generated CVE annotations [Sun May 15 12:16:57 UTC 2022] 🤖

* Auto Generated CVE annotations [Mon Jun  6 03:02:54 UTC 2022] 🤖

* classify these templates

* misc update

Co-authored-by: GitHub Action <action@github.com>
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-07-04 14:17:10 +05:30
Ritik Chaddha 2a4070fc15 Update shodan/fofa links to query 2022-07-04 14:16:15 +05:30
Prince Chaddha db5029fc61
Update cors-misconfig.yaml 2022-07-02 15:50:54 +05:30
Prince Chaddha 79051fe0e7
Merge pull request #4712 from conitrade/hotfix/cors-path
use path for CORS GET request
2022-07-02 15:48:48 +05:30
Prince Chaddha 123746b30e
Update and rename sym404.yaml to wp-sym404.yaml 2022-07-02 09:22:28 +05:30
Prince Chaddha 66cb988803
Update wp-all-export-xss.yaml 2022-07-01 23:56:05 +05:30
Prince Chaddha f5fe9bd9c0
Create wp-all-export-xss.yaml 2022-07-01 23:54:26 +05:30
Prince Chaddha 3a2f976390
Merge pull request #4720 from ritikchaddha/patch-96
Create siteminder-dom-based-xss.yaml
2022-07-01 19:03:05 +05:30
Prince Chaddha 529ad9f336
Update siteminder-dom-xss.yaml 2022-07-01 19:01:25 +05:30
Prince Chaddha 03b780fdf3
Update and rename siteminder-dom-based-xss.yaml to siteminder-dom-xss.yaml 2022-07-01 18:59:21 +05:30
sullo 0db06d6b15
Dead Site Removal (#4641)
* Deleted buffalo-config-injection.yaml
Add reference from buffalo-config-injection.yaml to CVE-2021-20091.yaml

* Delete vulnerabilities/other/buffalo-config-injection.yaml

* Link cleanups

* Change links to Secunia to point to archive.org

* Additonal link cleanup

* replace securitytracker.com links with archive.org links
2022-07-01 15:32:07 +05:30
Ritik Chaddha da535f4c0c
Create siteminder-dom-based-xss.yaml 2022-07-01 14:10:29 +05:30
Alexander Sennhauser 9e874954c0 use path for CORS GET request
This allows to test endpoints which do not end with a single slash (i.e. '/')
by specifying the path as a variable (e.g. -var Path=/v1/test).
2022-06-30 15:04:02 +02:00
Prince Chaddha 42bcf03924
Merge pull request #4710 from ritikchaddha/patch-92
Create parallels-hsphere-xss.yaml
2022-06-30 18:02:29 +05:30
Sandeep Singh 6f6909cb38
template syntax fixes (#4711) 2022-06-30 16:49:17 +05:30
Ritik Chaddha d7e182c693
Update parallels-hsphere-xss.yaml 2022-06-30 16:30:01 +05:30
Ritik Chaddha 4c862b96cf
Create parallels-hsphere-xss.yaml 2022-06-30 16:23:38 +05:30
Ritik Chaddha 4f913c95aa
Update dedecms-membergroup-sqli.yaml 2022-06-30 09:22:06 +05:30
Ritik Chaddha b7d0d6f21a
Update zcms-v3-sqli.yaml 2022-06-30 08:50:00 +05:30
Ritik Chaddha d81a48e31e
Update xdcms-sqli.yaml 2022-06-30 08:48:00 +05:30
Ritik Chaddha 28e6e03fc5
Update wuzhicms-sqli.yaml 2022-06-30 08:46:19 +05:30
Ritik Chaddha be8560b788
Update seacms-sqli.yaml 2022-06-30 08:43:38 +05:30
Ritik Chaddha 9ecfdf9a0a
Update etouch-v2-sqli.yaml 2022-06-30 08:35:53 +05:30
Ritik Chaddha 967628302d
Update phpok-sqli.yaml 2022-06-30 08:32:35 +05:30
Ritik Chaddha 8ddb1d70da
Update yonyou-u8-oa-sqli.yaml 2022-06-30 08:32:02 +05:30
Ritik Chaddha 9b793127c3
Update phpok-sqli.yaml 2022-06-30 08:31:16 +05:30
Ritik Chaddha 5729e6486a
Update finecms-sqli.yaml 2022-06-30 08:30:16 +05:30
Ritik Chaddha b1f9fc94d6
Update 74cms-sqli.yaml 2022-06-30 08:29:32 +05:30
Ritik Chaddha f1a0cc6cc5
Update duomicms-sql-injection.yaml 2022-06-30 08:24:58 +05:30
Ritik Chaddha 8ab77083cc
Update duomicms-sql-injection.yaml 2022-06-30 08:18:22 +05:30
sandeep a5e29b684a lint fixes 2022-06-28 19:20:23 +05:30
Ritik Chaddha bd3cfa7e4a
Update duomicms-sql-injection.yaml 2022-06-28 18:29:31 +05:30
Ritik Chaddha 29d7c43cdb
Update 74cms-sqli.yaml 2022-06-28 15:23:44 +05:30
Ritik Chaddha 51aadcdb36
Update yonyou-u8-oa-sqli.yaml 2022-06-28 15:14:07 +05:30
Ritik Chaddha 913f3239ab
Update finecms-sqli.yaml 2022-06-28 14:57:21 +05:30
Ritik Chaddha 8234a29c97
Update phpok-sqli.yaml 2022-06-28 14:22:58 +05:30
Prince Chaddha a55edcdca4
Create wpify-woo-czech-xss.yaml 2022-06-28 08:00:31 +05:30
Prince Chaddha 17e1643c64 Revert "Create wpify-woo-czech-xss.yaml"
This reverts commit 6d44b2ee90.
2022-06-28 07:59:11 +05:30
Prince Chaddha 6d44b2ee90
Create wpify-woo-czech-xss.yaml 2022-06-28 07:57:59 +05:30
Prince Chaddha 3f4a9f8783
Merge pull request #4667 from projectdiscovery/new-user-approve-xss
Create new-user-approve-xss.yaml
2022-06-25 14:54:51 +05:30
Prince Chaddha aee8f69c5a
Merge pull request #4663 from ritikchaddha/patch-89
Added reference sym404.yaml
2022-06-25 14:14:34 +05:30
Prince Chaddha 0c4c64ed5c
Create new-user-approve-xss.yaml 2022-06-25 14:11:05 +05:30
Krishna Agarwal 75c6c22a27
Added URL encoded payload (#4664) 2022-06-25 12:38:56 +05:30
Ritik Chaddha 101b139dfd
Update sym404.yaml 2022-06-25 01:02:35 +05:30
Prince Chaddha c49c2abeeb
Merge pull request #4657 from DhiyaneshGeek/master
Create sym404.yaml
2022-06-25 00:39:59 +05:30
Prince Chaddha 4880b0fa67
Update sym404.yaml 2022-06-25 00:36:26 +05:30
Prince Chaddha 74463d0e9f
Merge pull request #4652 from ritikchaddha/patch-85
Create royalevent-stored-xss.yaml
2022-06-25 00:16:05 +05:30
Prince Chaddha de213e905d
Update sym404.yaml 2022-06-25 00:15:02 +05:30
Dhiyaneshwaran 5b0461286c
Update sym404.yaml 2022-06-24 15:25:56 +01:00
Prince Chaddha 5376bf09d3
Update and rename royalevent-management-xss.yaml to royalevent-stored-xss.yaml 2022-06-24 00:15:44 +05:30
Prince Chaddha 59b74c82bd
Merge pull request #4651 from ritikchaddha/patch-84
Create royalevent-management-xss.yaml
2022-06-24 00:11:37 +05:30
Prince Chaddha 98034728fc
Update and rename vulnerabilities/other/royalevent-management-xss.yaml to vulnerabilities/other/royalevent/royalevent-management-xss.yaml 2022-06-24 00:10:24 +05:30
Prince Chaddha 4338eea2ec
Rename vulnerabilities/other/royalevent-management-xss.yaml to vulnerabilities/other/royalevent/royalevent-management-xss.yaml 2022-06-24 00:09:06 +05:30
Prince Chaddha a66f548304
Update royalevent-management-xss.yaml 2022-06-24 00:05:48 +05:30
Dhiyaneshwaran f348eae9d1
Create sym404.yaml 2022-06-23 17:39:44 +01:00
Ritik Chaddha cc07d2cb75
Update finecms-sqli.yaml 2022-06-23 18:28:06 +05:30
Ritik Chaddha 679bc9198e
Create royalevent-management-xss.yaml 2022-06-23 13:00:43 +05:30
Ritik Chaddha 103861f588
Create royalevent-management-xss.yaml 2022-06-23 12:38:09 +05:30
Prince Chaddha 493ea898ea Merge branch 'Update-metadata-query' of https://github.com/ritikchaddha/nuclei-templates into ritikchaddha-Update-metadata-query 2022-06-16 10:03:41 +05:30
Ritik Chaddha 0e7a1483c8 Update magento-2-exposed-api.yaml 2022-06-16 01:29:46 +05:30
Ritik Chaddha 0c0adb758c Update magento-unprotected-dev-files.yaml 2022-06-16 01:27:39 +05:30
Ritik Chaddha c3340b5e33 Update magento-cacheleak.yaml 2022-06-16 01:27:37 +05:30
Ritik Chaddha 9b247d6fa6
Create finecms-sqli.yaml 2022-06-10 19:28:24 +05:30
Prince Chaddha a44e87a683
Update and rename orbiteam-bscw-server-unauthenticated-lfi.yaml to vulnerabilities/other/orbiteam-bscw-server-lfi.yaml 2022-06-10 18:37:39 +05:30
MostInterestingBotInTheWorld b883737198
Dashboard Content Enhancements (#4567)
Dashboard Content Enhancements
2022-06-09 16:35:21 -04:00
Aaron Chen 5aa779a068
Fix templates: change alert(xss) to alert(/xss/) (#4564) 2022-06-09 10:11:03 +05:30
Arm!tage 3401689a2b
classify eyou, seeyon, tonged, weaver, dedecms, yonyou (#4557)
* Auto Generated CVE annotations [Sun May 15 12:16:57 UTC 2022] 🤖

* Auto Generated CVE annotations [Mon Jun  6 03:02:54 UTC 2022] 🤖

* create tongda directory and put templates in

* create weaver directory and put templates in

* create seeyon directory and put templates in

* create yonyou directory and put templates in

* create dedecms directory and put templates in

* create eyou directory and put templates in

* misc update

Co-authored-by: GitHub Action <action@github.com>
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-06-08 13:31:29 +05:30
sullo 9bb6b91ba3
Remove Links for Dead sites (#4554)
* Deleted buffalo-config-injection.yaml
Add reference from buffalo-config-injection.yaml to CVE-2021-20091.yaml

* Delete vulnerabilities/other/buffalo-config-injection.yaml

* Remove/replace links to dead sites:
* archives.neohapsis.com
* osvdb.org
* securityfocus.com
2022-06-08 02:20:59 +05:30
sullo 50fbea791c
buffalo-config-injection.yaml is a duplicate of CVE-2021-20091.yaml (#4547)
* Deleted buffalo-config-injection.yaml
Add reference from buffalo-config-injection.yaml to CVE-2021-20091.yaml

* Delete vulnerabilities/other/buffalo-config-injection.yaml
2022-06-06 20:32:33 +05:30
sandeep 606344bfad template id + file update 2022-06-06 16:23:02 +05:30
Prince Chaddha 7ada510859
Fixed possible FPs in open redirect templates (#4544)
* Fixed possible FPs in open redirect templates

We have replaced example.com with interact.sh since few domains redirect to example.com, which results in FP results.

* updated example domain

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-06-06 16:10:15 +05:30
Prince Chaddha 01080a3aed
Update phpok-sqli.yaml 2022-06-05 17:09:00 +05:30
Prince Chaddha 51cdbeaf6a
Merge pull request #4535 from ritikchaddha/patch-70
Update and rename cves/2020/CVE-2020-22210.yaml to vulnerabilities/ot…
2022-06-05 15:48:17 +05:30
Ritik Chaddha 914aa45704
Update and rename cves/2020/CVE-2020-22210.yaml to vulnerabilities/other/74cms-sqli.yaml 2022-06-05 15:04:44 +05:30
Ritik Chaddha 0780108196
Update phpok-sqli.yaml 2022-06-05 14:06:26 +05:30
Ritik Chaddha 49d7a23320
Create phpok-sqli.yaml 2022-06-05 14:01:28 +05:30
MostInterestingBotInTheWorld 5da580f9c2
Dashboard Content Enhancements (#4519)
Dashboard Content Enhancements
2022-06-03 15:12:31 -04:00
Prince Chaddha 85050febf7
Update unauth-message-read.yaml 2022-06-01 18:51:48 +05:30
Alexandre ZANNI 047a7231a3
add ref + rem 2022-06-01 13:44:10 +02:00
sullo 88c150d2e0
Remove blank cve-id fields from templates. (#4516)
* Remove blank cve-id fields from templates.
Add cve-id to CVE-2022-0776.yaml

* Fix classification spelling
2022-05-31 20:04:35 +05:30
Prince Chaddha ecc12ec58f
Merge pull request #4496 from MostInterestingBotInTheWorld/dashboard
Dashboard Content Enhancements
2022-05-31 15:24:07 +05:30
Prince Chaddha bbc9bd2a84
Update nuuo-nvrmini2-rce.yaml 2022-05-31 14:52:46 +05:30
Prince Chaddha c4aec5a0d1
Update oa-tongda-path-traversal.yaml 2022-05-31 14:51:16 +05:30
Prince Chaddha 683b511766
Update opensns-rce.yaml 2022-05-31 14:49:47 +05:30
Prince Chaddha 35e1863cda
Update oracle-fatwire-lfi.yaml 2022-05-31 14:48:35 +05:30
Prince Chaddha 630a29f710
Update php-zerodium-backdoor-rce.yaml 2022-05-31 14:48:05 +05:30
Prince Chaddha 927b557f16
Update powercreator-cms-rce.yaml 2022-05-31 14:47:10 +05:30
Prince Chaddha 39c25f539b
Update qi-anxin-netkang-next-generation-firewall-rce.yaml 2022-05-31 14:44:03 +05:30
Prince Chaddha e5eeae4afb
Update qihang-media-disclosure.yaml 2022-05-31 14:42:37 +05:30
Prince Chaddha 21cb387113
Update sar2html-rce.yaml 2022-05-31 14:41:26 +05:30
Prince Chaddha a0d74ba5e8
Update seowon-router-rce.yaml 2022-05-31 14:40:43 +05:30
Prince Chaddha 2d03dfdf85
Update showdoc-file-upload-rce.yaml 2022-05-31 14:38:36 +05:30
Prince Chaddha f46b4f6fb0
Update sonicwall-sslvpn-shellshock.yaml 2022-05-31 14:36:41 +05:30
Prince Chaddha cbed893fe9
Update sponip-network-system-ping-rce.yaml 2022-05-31 14:36:06 +05:30
Prince Chaddha e1d05486a8
Update rusty-joomla.yaml 2022-05-31 14:34:37 +05:30
Prince Chaddha 66fe14e8a0
Update metersphere-plugin-rce.yaml 2022-05-31 14:33:16 +05:30
Prince Chaddha 236a91ffd6
Update oracle-ebs-bispgraph-file-access.yaml 2022-05-31 14:32:35 +05:30
Prince Chaddha 399f4d1434
Update clockwatch-enterprise-rce.yaml 2022-05-31 14:31:19 +05:30
Prince Chaddha 9a4a006909
Update commax-biometric-auth-bypass.yaml 2022-05-31 14:30:59 +05:30
Prince Chaddha c4e9ddf1f0
Update commax-credentials-disclosure.yaml 2022-05-31 14:30:21 +05:30
Prince Chaddha 2919dc1469
Update icewarp-webclient-rce.yaml 2022-05-31 14:29:38 +05:30
Prince Chaddha fbf8533896
Update kevinlab-bems-backdoor.yaml 2022-05-31 14:29:07 +05:30
Prince Chaddha 18f573cc0d
Update kevinlab-hems-backdoor.yaml 2022-05-31 14:28:02 +05:30
Prince Chaddha 59f524e539
Update lotuscms-rce.yaml 2022-05-31 14:26:43 +05:30
Prince Chaddha 59a7391451
Update maccmsv10-backdoor.yaml 2022-05-31 14:26:02 +05:30
Prince Chaddha 32b085c52a
Update magicflow-lfi.yaml 2022-05-31 14:25:40 +05:30
Prince Chaddha cd9188a2d9
Update mirai-unknown-rce.yaml 2022-05-31 14:23:16 +05:30
Prince Chaddha 636dec14ab
Update natshell-rce.yaml 2022-05-31 14:22:28 +05:30
Prince Chaddha ff002c5b1b
Update netgear-router-exposure.yaml 2022-05-31 14:21:09 +05:30
Prince Chaddha 8dd9e07f80
Update apache-ofbiz-log4j-rce.yaml 2022-05-31 14:14:19 +05:30
Prince Chaddha 0d4b2cfd10
Update apache-solr-log4j-rce.yaml 2022-05-31 14:13:47 +05:30
Prince Chaddha ad4509d33b
Update code42-log4j-rce.yaml 2022-05-31 14:13:20 +05:30
Prince Chaddha 3106c22125
Update fastjson-1-2-68-rce.yaml 2022-05-31 14:12:39 +05:30
Prince Chaddha 4c90184054
Update jamf-log4j-jndi-rce.yaml 2022-05-31 14:12:11 +05:30
Prince Chaddha 03993005fb
Update jenkins-script.yaml 2022-05-31 14:11:09 +05:30
Prince Chaddha ebab53c7be
Update rusty-joomla.yaml 2022-05-31 14:09:58 +05:30
Prince Chaddha 7be57dbf17
Update dotnetcms-sqli.yaml 2022-05-30 22:56:35 +05:30
MostInterestingBotInTheWorld 8712d2b6c5 Enhancement: vulnerabilities/other/icewarp-webclient-rce.yaml by mp 2022-05-30 13:26:21 -04:00
MostInterestingBotInTheWorld 75e1c543c0 Enhancement: vulnerabilities/other/kevinlab-bems-backdoor.yaml by mp 2022-05-30 13:25:21 -04:00
MostInterestingBotInTheWorld eb1647611f Enhancement: vulnerabilities/other/kevinlab-hems-backdoor.yaml by mp 2022-05-30 13:22:21 -04:00
MostInterestingBotInTheWorld d4543f05a3 Enhancement: vulnerabilities/other/sar2html-rce.yaml by mp 2022-05-30 13:19:43 -04:00
MostInterestingBotInTheWorld e37d064294 Enhancement: vulnerabilities/other/oa-tongda-path-traversal.yaml by mp 2022-05-30 13:13:35 -04:00
MostInterestingBotInTheWorld 35fb337708 Enhancement: vulnerabilities/other/netgear-router-exposure.yaml by mp 2022-05-30 13:12:49 -04:00
MostInterestingBotInTheWorld d4529ca918 Enhancement: vulnerabilities/other/maccmsv10-backdoor.yaml by mp 2022-05-30 13:11:43 -04:00
MostInterestingBotInTheWorld 57348a8841 Enhancement: vulnerabilities/other/lotuscms-rce.yaml by mp 2022-05-30 13:10:32 -04:00
MostInterestingBotInTheWorld 3db25f4ee3 Enhancement: vulnerabilities/other/sponip-network-system-ping-rce.yaml by mp 2022-05-30 12:24:46 -04:00
MostInterestingBotInTheWorld 84df3a4c02 Enhancement: vulnerabilities/other/sonicwall-sslvpn-shellshock.yaml by mp 2022-05-30 12:23:29 -04:00
MostInterestingBotInTheWorld 9a6f0ae3a8 Enhancement: vulnerabilities/other/showdoc-file-upload-rce.yaml by mp 2022-05-30 12:22:09 -04:00
MostInterestingBotInTheWorld 87ac93b918 Enhancement: vulnerabilities/other/seowon-router-rce.yaml by mp 2022-05-30 12:21:04 -04:00
MostInterestingBotInTheWorld 10a9317b22 Enhancement: vulnerabilities/other/sar2html-rce.yaml by mp 2022-05-30 12:19:44 -04:00
MostInterestingBotInTheWorld a8e014d313 Enhancement: vulnerabilities/other/sangfor-ba-rce.yaml by mp 2022-05-30 12:18:15 -04:00
MostInterestingBotInTheWorld 805882fa88 Enhancement: vulnerabilities/other/qihang-media-disclosure.yaml by mp 2022-05-30 12:17:42 -04:00
MostInterestingBotInTheWorld 1ef6598da0 Enhancement: vulnerabilities/other/qi-anxin-netkang-next-generation-firewall-rce.yaml by mp 2022-05-30 12:16:18 -04:00
MostInterestingBotInTheWorld ec9771943b Enhancement: vulnerabilities/other/powercreator-cms-rce.yaml by mp 2022-05-30 12:15:22 -04:00
MostInterestingBotInTheWorld 07fb89712d Enhancement: vulnerabilities/other/php-zerodium-backdoor-rce.yaml by mp 2022-05-30 12:12:27 -04:00
MostInterestingBotInTheWorld 7a980959d2 Enhancement: vulnerabilities/other/oracle-fatwire-lfi.yaml by mp 2022-05-30 11:04:24 -04:00
MostInterestingBotInTheWorld 3a2ddad627 Enhancement: vulnerabilities/other/opensns-rce.yaml by mp 2022-05-30 10:36:52 -04:00
MostInterestingBotInTheWorld 69702aa586 Enhancement: vulnerabilities/other/oa-tongda-path-traversal.yaml by mp 2022-05-30 10:36:06 -04:00
MostInterestingBotInTheWorld 480c2fca93 Enhancement: vulnerabilities/other/nuuo-nvrmini2-rce.yaml by mp 2022-05-30 10:12:35 -04:00
MostInterestingBotInTheWorld 03a8417f7c Enhancement: vulnerabilities/other/netgear-router-exposure.yaml by mp 2022-05-30 10:10:54 -04:00
MostInterestingBotInTheWorld 062c170d10 Enhancement: vulnerabilities/other/natshell-rce.yaml by mp 2022-05-30 10:05:52 -04:00
MostInterestingBotInTheWorld b004ffeb68 Enhancement: vulnerabilities/other/mirai-unknown-rce.yaml by mp 2022-05-30 10:04:12 -04:00
MostInterestingBotInTheWorld 4768876a28 Enhancement: vulnerabilities/other/magicflow-lfi.yaml by mp 2022-05-30 09:57:24 -04:00
Ritik Chaddha 9aac455f6c
Update dotnetcms-sqli.yaml 2022-05-30 19:20:44 +05:30
MostInterestingBotInTheWorld 5cee74ec5c Enhancement: vulnerabilities/other/maccmsv10-backdoor.yaml by mp 2022-05-30 09:48:06 -04:00