f750bf5ba5
Create qihang-media-web-credentials-disclosure.yaml
...
The application suffers from clear-text credentials disclosure vulnerability that allows an unauthenticated attacker to issue a request to an unprotected directory that hosts an XML file /xml/User/User.xml and obtain administrative login information that allows for a successful authentication bypass attack.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-10-01 15:42:48 +09:00
90138f44d1
Create qihang-media-web-lfi.yaml
...
The application suffers from an unauthenticated file disclosure vulnerability when input passed thru the filename parameter when using the download action or thru path parameter when using the getAll action is not properly verified before being used. This can be exploited to disclose contents of files and directories from local resources.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-10-01 15:35:12 +09:00
c4e6e7a8a0
Merge pull request #2788 from projectdiscovery/cves-cleanup
...
Cves cleanup
2021-10-01 04:57:22 +05:30
fe5fdf989e
Merge branch 'cves-cleanup' of https://github.com/projectdiscovery/nuclei-templates into cves-cleanup
2021-09-30 17:16:34 -04:00
1bc4c2dffb
add cve classification
2021-09-30 17:16:15 -04:00
974493daaa
Update CVE-2016-4975.yaml
2021-10-01 01:34:54 +05:30
1c9238b972
Rename CVE-2016-4975.yml to CVE-2016-4975.yaml
2021-10-01 01:33:50 +05:30
93c2fafc77
Auto README Update [Thu Sep 30 19:57:24 UTC 2021] 🤖
2021-09-30 19:57:24 +00:00
278367597e
Auto Generated Templates Stats [Thu Sep 30 19:57:03 UTC 2021] 🤖
2021-09-30 19:57:03 +00:00
9f04b0abd8
Fix field names vs values
2021-09-30 15:56:52 -04:00
f1f6fbe26f
Move deprecated-sshv1-detection.yaml to 2001/CVE-2001-1473.yaml
2021-09-30 15:49:47 -04:00
a28eb3f3e9
Add information for CVE-2001-1473
2021-09-30 15:48:27 -04:00
0c4dd95bf6
Move openssh5.3-detect.yaml to cves/2016/CVE-2016-6210.yaml
2021-09-30 15:43:00 -04:00
37920b7a88
Add CVE information
2021-09-30 15:42:07 -04:00
7adfd01163
Moving listserv_maestro_rce.yaml to cves folder
2021-09-30 15:39:45 -04:00
d34e6c1145
Add information for CVE-2010-1870
2021-09-30 15:38:59 -04:00
3c012b137d
Break CVE-2016-4975 into its own template
2021-09-30 15:35:17 -04:00
8b15ed3268
Merge pull request #2784 from sullo/master
...
Adding Host headers to some raw requests. Added a CVE.
2021-09-30 23:58:44 +05:30
c0003f8731
Update CVE-2020-29453.yaml
2021-09-30 14:27:12 -04:00
784d9560be
Fix CVSS score
...
incorrectly changed cvss score
2021-09-30 14:26:37 -04:00
c9a374bed5
renamed: simple-employee-rce.yaml -> ../../cves/2019/CVE-2019-20183.yaml
2021-09-30 13:06:46 -04:00
28def083f6
Merge branch 'master' of https://github.com/sullo/nuclei-templates
...
Fix typo for cvss
2021-09-30 13:03:09 -04:00
3878138bfe
* Added Host headers where needed (validated via disclosures/posts)
...
* Added CVE simple-employee-rce.yaml
2021-09-30 12:52:05 -04:00
3f6e40e264
Merge branch 'projectdiscovery:master' into master
2021-09-30 12:31:45 -04:00
66cad3ff35
Revert "* Added CVE info & moved simple-employee-rce.yaml to cves/2019/CVE-2019-20183.yaml"
...
incorrect push to master repo
This reverts commit 7191aee570
2021-09-30 12:25:22 -04:00
7191aee570
* Added CVE info & moved simple-employee-rce.yaml to cves/2019/CVE-2019-20183.yaml
...
* Added missing {{Hostname}} to some raw requests (confirmed that hostname is allowed in exploits)
* Minor cleanup in the modified plugins
2021-09-30 12:20:54 -04:00
e75b8dd660
Merge branch 'projectdiscovery:master' into master
2021-09-30 11:39:38 -04:00
b622d3b9ff
Merge pull request #2780 from projectdiscovery/workflow-fixes
...
workflow path fixes
2021-09-30 20:54:13 +05:30
0904662e59
workflow path fixes
2021-09-30 20:51:24 +05:30
665fabdced
Merge pull request #2778 from projectdiscovery/csrfguard
...
OWASP CSRF Guard detection
2021-09-30 20:46:35 +05:30
653a3ac3ad
Added tags
2021-09-30 20:45:04 +05:30
68ab23eb62
misc update
2021-09-30 20:41:48 +05:30
f3c65a61c2
Merge pull request #2779 from projectdiscovery/thinkcmf-fixes
...
Added more unique matchers
2021-09-30 20:25:33 +05:30
e90e3b49bc
Added more unique matchers
2021-09-30 20:22:53 +05:30
5ee5fb19a2
Correct template reference to airflow-default-login.yaml from airflow-default-credentials.yaml
2021-09-30 17:16:37 +03:00
6f6161838b
Auto README Update [Thu Sep 30 14:10:07 UTC 2021] 🤖
2021-09-30 14:10:07 +00:00
a67c2b9dad
Merge remote-tracking branch 'origin/master' into csrfguard
2021-09-30 17:09:41 +03:00
be39b6511b
OWASP CSRFGuard detection
2021-09-30 17:08:43 +03:00
f1b16d8698
Merge pull request #2777 from projectdiscovery/thinkphp-fix
...
Added thinkphp keyword from response to avoid false positive
2021-09-30 18:40:56 +05:30
309b53154e
workflow update
2021-09-30 18:40:13 +05:30
fe410f6de6
Auto Generated Templates Stats [Thu Sep 30 13:05:52 UTC 2021] 🤖
2021-09-30 13:05:52 +00:00
88f6bba576
Added thinkphp keyword from response to avoid false positive
2021-09-30 18:35:14 +05:30
5114232192
Auto README Update [Thu Sep 30 12:45:10 UTC 2021] 🤖
2021-09-30 12:45:10 +00:00
89fed95bce
Merge pull request #2770 from pikpikcu/patch-290
...
Create wazuh-detected
2021-09-30 17:49:36 +05:30
f2fa253ddd
Delete wazuh-detected.yaml
2021-09-30 17:46:02 +05:30
afd20497f7
Update and rename yzmcms-detected.yaml to yzmcms-detect.yaml
2021-09-30 17:45:49 +05:30
5623d05953
Merge pull request #2775 from projectdiscovery/fatpipe-detect
...
Create fatpipe-mpvpn-detect.yaml
2021-09-30 17:37:21 +05:30
0eb0123532
Update fatpipe-mpvpn-detect.yaml
2021-09-30 17:35:59 +05:30
769e7c4b43
Create fatpipe-warp-detect.yaml
2021-09-30 17:35:28 +05:30
c5c2ed1919
Auto Generated Templates Stats [Thu Sep 30 12:05:00 UTC 2021] 🤖
2021-09-30 12:05:00 +00:00
GwanYeong Kim
Sandeep Singh
Sullo
GitHub Action
Sullo
forgedhallpass
Prince Chaddha
Prince Chaddha