daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
nuclei-templates/vulnerabilities/other
History
gy741 04ec5b6b6d
Create netgear-wac124-router-auth-bypass.yaml (#3986) 
* Create netgear-wac124-router-auth-bypass.yaml

This vulnerability allows network-adjacent attackers to bypass authentication on affected of WAC124, AC2000 routers. Authentication is not required to exploit this vulnerability.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>

* misc update

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
 		2022-03-27 20:40:41 +05:30
..
74cms-sqli.yaml Enhancement: default-logins/cobbler/cobbler-default-login.yaml by mp 2022-03-03 08:27:48 -05:00
accent-microcomputers-lfi.yaml Enhancement: vulnerabilities/other/accent-microcomputers-lfi.yaml by mp 2022-03-02 10:11:09 -05:00
acme-xss.yaml Update Severity 2021-09-20 12:11:56 +07:00
antsword-backdoor.yaml Update antsword-backdoor.yaml 2022-02-01 01:52:39 +05:30
asanhamayesh-lfi.yaml Updated all templates tags with technologies (#3478) 2022-01-05 01:04:16 +05:30
aspnuke-openredirect.yaml misc tag updates 2021-04-06 12:16:11 +05:30
bems-api-lfi.yaml Updated "/etc/passwd" regex to avoid possible false positive results. 2022-03-22 13:31:31 +05:30
beward-ipcamera-disclosure.yaml Removed pipe (|) character from references, because the structure requires it to be a string slice, not a string 2021-08-19 16:59:12 +03:00
bitrix-open-redirect.yaml misc update 2021-10-14 19:31:57 +05:30
blue-ocean-excellence-lfi.yaml Update blue-ocean-excellence-lfi.yaml 2021-05-31 15:44:21 +05:30
buffalo-config-injection.yaml Satisfying the linter (all errors and warnings) 2021-08-19 17:44:46 +03:00
bullwark-momentum-lfi.yaml Updated "/etc/passwd" regex to avoid possible false positive results. 2022-03-22 13:31:31 +05:30
cacti-weathermap-file-write.yaml Coverage for all templates using tags 2021-09-09 19:08:13 +05:30
caucho-resin-info-disclosure.yaml Updated all templates tags with technologies (#3478) 2022-01-05 01:04:16 +05:30
chamilo-lms-sqli.yaml matcher and payload update 2021-04-28 19:44:28 +05:30
chamilo-lms-xss.yaml Payload and matcher fix 2021-04-28 14:42:10 +05:30
ckan-dom-based-xss.yaml Update ckan-dom-based-xss.yaml 2021-06-10 17:27:21 +05:30
clockwatch-enterprise-rce.yaml Network template updates & fixes (#3497) 2022-01-07 12:58:37 +05:30
coldfusion-debug-xss.yaml Description 2021-08-02 14:30:22 +03:00
commax-biometric-auth-bypass.yaml Better description 2021-10-14 16:27:26 +03:00
commax-credentials-disclosure.yaml Update and rename commax-cctv-rtsp-credentials-disclosure.yaml to commax-credentials-disclosure.yaml 2021-09-25 11:32:31 +05:30
comtrend-password-exposure.yaml Updated all templates tags with technologies (#3478) 2022-01-05 01:04:16 +05:30
concrete-xss.yaml Satisfying the linter (all errors and warnings) 2021-08-19 17:44:46 +03:00
core-chuangtian-cloud-rce.yaml removed extra headers not required for template 2021-09-08 17:47:19 +05:30
couchdb-adminparty.yaml removed extra headers not required for template 2021-09-08 17:47:19 +05:30
cs-cart-unauthenticated-lfi.yaml Add description 2021-10-19 12:56:40 +03:00
dedecms-carbuyaction-fileinclude.yaml Add description 2021-10-14 16:28:41 +03:00
dedecms-membergroup-sqli.yaml Add description 2021-10-14 15:55:59 +03:00
dedecms-openredirect.yaml Update dedecms-openredirect.yaml 2021-02-20 23:12:14 +05:30
dicoogle-pacs-lfi.yaml Update and rename dicoogle-pacs-lfi.yaml to vulnerabilities/other/dicoogle-pacs-lfi.yaml 2021-12-24 19:23:04 +05:30
discourse-xss.yaml xss matchers update 2021-03-04 21:32:34 +05:30
dixell-xweb500-filewrite.yaml Update and rename dixell-xweb500-file-write.yaml to dixell-xweb500-filewrite.yaml 2022-03-11 16:30:02 +05:30
dlink-850L-info-leak.yaml Satisfying the linter (all errors and warnings) 2021-08-19 17:44:46 +03:00
duomicms-sql-injection.yaml more typos 2021-03-10 19:45:41 +05:30
ecology-filedownload-directory-traversal.yaml Create ecology-filedownload-directory-traversal.yaml 2021-04-23 18:50:11 +05:30
ecology-springframework-directory-traversal.yaml Create ecology-springframework-directory-traversal.yaml 2021-04-23 18:52:08 +05:30
ecshop-sqli.yaml Add description 2021-11-23 12:09:00 +02:00
eibiz-lfi.yaml Update and rename eibiz-server-3-8-0-lfi.yaml to vulnerabilities/other/eibiz-lfi.yaml 2021-11-18 21:52:30 +05:30
empirecms-xss.yaml Update empirecms-xss.yaml 2021-04-05 22:13:16 +05:30
erp-nc-directory-traversal.yaml matcher improvements 2021-04-14 01:53:24 +05:30
etouch-v2-sqli.yaml Fixed mistakes/typos in the templates. 2021-08-19 15:30:14 +03:00
ewebs-arbitrary-file-reading.yaml Add description 2021-10-17 15:52:26 +03:00
eyelock-nano-lfd.yaml Updates across many templates for clarity, spelling, and grammar. 2021-09-05 17:13:45 -04:00
eyou-email-rce.yaml Updated "/etc/passwd" regex to avoid possible false positive results. 2022-03-22 13:31:31 +05:30
fanruanoa2012-disclosure.yaml Spelling 2021-06-06 10:35:09 +03:00
fatpipe-auth-bypass.yaml Update and rename fatpipe-networks-warp-auth-bypass.yaml to fatpipe-auth-bypass.yaml 2021-09-30 17:18:21 +05:30
fatpipe-backdoor.yaml Better description 2021-10-14 16:31:27 +03:00
feifeicms-lfr.yaml Removed pipe (|) character from references, because the structure requires it to be a string slice, not a string 2021-08-18 14:44:27 +03:00
finereport-path-traversal.yaml Product name 2021-04-26 09:07:57 +03:00
flir-path-traversal.yaml Updated "/etc/passwd" regex to avoid possible false positive results. 2022-03-22 13:31:31 +05:30
geovision-geowebserver-lfi.yaml Previous reference is no longer available 2021-10-14 16:05:47 +03:00
geovision-geowebserver-xss.yaml Add description 2021-10-14 16:32:34 +03:00
global-domains-lfi.yaml Updated all templates tags with technologies (#3478) 2022-01-05 01:04:16 +05:30
global-domains-xss.yaml Create global-domains-xss.yaml 2021-12-18 14:51:08 +05:30
gloo-unauth.yaml removed extra headers not required for template 2021-09-08 17:47:19 +05:30
goip-1-lfi.yaml payload fix 2022-02-25 17:28:47 +05:30
groupoffice-lfi.yaml Updated all templates tags with technologies (#3478) 2022-01-05 01:04:16 +05:30
gsoap-lfi.yaml Update gsoap-lfi.yaml 2021-09-06 17:34:51 +05:30
h3c-imc-rce.yaml Fixed h3c-imc-rce.yaml (#3401) 2021-12-23 20:23:42 +05:30
hashicorp-consul-rce.yaml oob tags update 2021-10-19 02:10:26 +05:30
hasura-graphql-psql-exec.yaml Updated all templates tags with technologies (#3478) 2022-01-05 01:04:16 +05:30
hasura-graphql-ssrf.yaml Updated all templates tags with technologies (#3478) 2022-01-05 01:04:16 +05:30
hiboss-rce.yaml Updated "/etc/passwd" regex to avoid possible false positive results. 2022-03-22 13:31:31 +05:30
hjtcloud-arbitrary-file-read.yaml removed extra headers not required for template 2021-09-08 17:47:19 +05:30
hjtcloud-rest-arbitrary-file-read.yaml strict matcher 2021-06-01 16:08:41 +05:30
homeautomation-v3-openredirect.yaml Add description 2021-10-17 15:54:19 +03:00
hrsale-unauthenticated-lfi.yaml Rename hrsale-unauthenticated-lfi.yaml to vulnerabilities/other/hrsale-unauthenticated-lfi.yaml 2021-11-13 23:37:32 +05:30
huawei-hg659-lfi.yaml Updated "/etc/passwd" regex to avoid possible false positive results. 2022-03-22 13:31:31 +05:30
huawei-router-auth-bypass.yaml removed extra headers not required for template 2021-09-08 17:47:19 +05:30
huijietong-cloud-fileread.yaml Updated "/etc/passwd" regex to avoid possible false positive results. 2022-03-22 13:31:31 +05:30
icewarp-webclient-rce.yaml Update icewarp-webclient-rce.yaml 2021-07-10 09:18:32 +05:30
interlib-fileread.yaml Updated "/etc/passwd" regex to avoid possible false positive results. 2022-03-22 13:31:31 +05:30
java-melody-xss.yaml Update and rename vulnerabilities/JavaMelody/java-melody-xss.yaml to vulnerabilities/other/java-melody-xss.yaml 2022-01-24 13:15:23 +05:30
jeewms-lfi.yaml Updated "/etc/passwd" regex to avoid possible false positive results. 2022-03-22 13:31:31 +05:30
jfrog-unauth-build-exposed.yaml removed extra headers not required for template 2021-09-08 17:47:19 +05:30
jinfornet-jreport-lfi.yaml Update and rename jinfornet-jreport-lfi.yaml to vulnerabilities/other/jinfornet-jreport-lfi.yaml 2022-01-03 10:01:12 +05:30
joomla-com-fabrik-lfi.yaml minor update 2021-05-07 14:53:34 +05:30
kafdrop-xss.yaml Give description 2021-05-25 14:35:41 +03:00
karel-ip-phone-lfi.yaml lint fix 2021-10-14 19:50:43 +05:30
kevinlab-bems-backdoor.yaml Updated all templates tags with technologies (#3478) 2022-01-05 01:04:16 +05:30
kevinlab-bems-sqli.yaml removed extra headers not required for template 2021-09-08 17:47:19 +05:30
kevinlab-hems-backdoor.yaml Updates across many templates for clarity, spelling, and grammar. 2021-09-05 17:13:45 -04:00
keycloak-xss.yaml Update keycloak-xss.yaml 2021-10-09 08:46:17 +05:30
kyocera-m2035dn-lfi.yaml Update and rename kyocera-rx-ecosys-m2035dn-lfi.yaml to vulnerabilities/other/kyocera-m2035dn-lfi.yaml 2022-02-15 02:10:30 +05:30
laravel-filemanager-lfi.yaml Updated "/etc/passwd" regex to avoid possible false positive results. 2022-03-22 13:31:31 +05:30
lotuscms-rce.yaml minor updates 2021-07-04 17:09:45 +05:30
lucee-xss.yaml Add description 2021-10-19 13:17:58 +03:00
luftguitar-arbitrary-file-upload.yaml Add description 2021-10-19 13:03:41 +03:00
maccmsv10-backdoor.yaml Add description 2021-10-26 15:22:21 +03:00
magicflow-lfi.yaml Updated "/etc/passwd" regex to avoid possible false positive results. 2022-03-22 13:31:31 +05:30
mcafee-epo-rce.yaml Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates into pr/2481 2021-09-03 14:55:30 +05:30
metinfo-lfi.yaml Add description 2021-10-26 15:27:16 +03:00
microstrategy-ssrf.yaml Update microstrategy-ssrf.yaml 2021-10-17 07:46:32 +05:30
microweber-xss.yaml Update microweber-xss.yaml 2022-03-01 02:47:11 +05:30
mida-eframework-xss.yaml removed extra headers not required for template 2021-09-08 17:47:19 +05:30
minimouse-lfi.yaml Add description 2021-10-19 13:10:29 +03:00
mirai-unknown-rce.yaml oob tags update 2021-10-19 02:10:26 +05:30
mpsec-lfi.yaml matcher update to handle edge cases 2021-07-25 03:05:55 +05:30
ms-exchange-server-reflected-xss.yaml Update tags (#3530) 2022-01-13 10:49:53 +05:30
myucms-lfr.yaml matcher update to handle edge cases 2021-07-25 03:05:55 +05:30
natshell-path-traversal.yaml matcher update 2021-05-17 19:49:24 +05:30
natshell-rce.yaml misc changes 2021-05-28 11:12:36 +05:30
netgear-router-auth-bypass.yaml Remove: 2022-01-25 14:38:53 -05:00
netgear-router-exposure.yaml Updated all templates tags with technologies (#3478) 2022-01-05 01:04:16 +05:30
netgear-wac124-router-auth-bypass.yaml Create netgear-wac124-router-auth-bypass.yaml (#3986) 2022-03-27 20:40:41 +05:30
netgear-wnap320-rce.yaml oob tags update 2021-10-19 02:10:26 +05:30
netis-info-leak.yaml Add description 2021-10-13 11:56:10 +03:00
nginx-merge-slashes-path-traversal.yaml Add description 2021-10-13 12:00:39 +03:00
nginx-module-vts-xss.yaml Updated all templates tags with technologies (#3478) 2022-01-05 01:04:16 +05:30
ns-asg-file-read.yaml Updated "/etc/passwd" regex to avoid possible false positive results. 2022-03-22 13:31:31 +05:30
nuuo-file-inclusion.yaml fixed invalid template syntax 2021-10-30 16:47:35 +05:30
nuuo-nvrmini2-rce.yaml Updated all templates tags with technologies (#3478) 2022-01-05 01:04:16 +05:30
oa-tongda-path-traversal.yaml removed extra headers not required for template 2021-09-08 17:47:19 +05:30
oa-v9-uploads-file.yaml removed extra headers not required for template 2021-09-08 17:47:19 +05:30
odoo-cms-redirect.yaml Moving files around 2021-06-02 12:22:24 +05:30
oliver-library-lfi.yaml Update and rename oliver-library-server-lfi.yaml to oliver-library-lfi.yaml 2021-12-18 14:23:57 +05:30
opensis-lfi.yaml Improve description 2021-10-13 12:01:33 +03:00
opensns-rce.yaml Add description 2021-10-26 15:27:57 +03:00
openvpn-hhi.yaml Add description 2021-10-19 13:17:58 +03:00
optilink-ont1gew-gpon-rce.yaml Update tags (#3538) 2022-01-16 02:08:21 +05:30
oracle-fatwire-lfi.yaml Create oracle-fatwire-lfi.yaml (#3975) 2022-03-26 14:56:13 +05:30
otobo-open-redirect.yaml Update and rename otobo-open-redirect.yaml to vulnerabilities/other/otobo-open-redirect.yaml 2022-02-23 17:07:41 +05:30
pacsone-server-lfi.yaml Update and rename pacsone-server-6-6-2-lfi.yaml to vulnerabilities/other/pacsone-server-lfi.yaml 2021-12-21 17:32:19 +05:30
parentlink-xss.yaml few updates 2021-03-14 17:07:52 +05:30
pdf-signer-ssti-to-rce.yaml Updated all templates tags with technologies (#3478) 2022-01-05 01:04:16 +05:30
php-timeclock-xss.yaml misc update 2021-06-10 14:53:31 +05:30
php-zerodium-backdoor-rce.yaml Add description 2021-10-27 14:05:11 +03:00
phpwiki-lfi.yaml Updated all templates tags with technologies (#3478) 2022-01-05 01:04:16 +05:30
pmb-directory-traversal.yaml Updated "/etc/passwd" regex to avoid possible false positive results. 2022-03-22 13:31:31 +05:30
pmb-local-file-disclosure.yaml Coverage for all templates using tags 2021-09-09 19:08:13 +05:30
pollbot-redirect.yaml Update pollbot-redirect.yaml 2022-02-22 12:01:20 +05:30
powercreator-cms-rce.yaml removed extra headers not required for template 2021-09-08 17:47:19 +05:30
processmaker-lfi.yaml Updated "/etc/passwd" regex to avoid possible false positive results. 2022-03-22 13:31:31 +05:30
qcubed-xss.yaml Add description 2021-10-21 14:13:53 +03:00
qi-anxin-netkang-next-generation-firewall-rce.yaml Updated "/etc/passwd" regex to avoid possible false positive results. 2022-03-22 13:31:31 +05:30
qihang-media-disclosure.yaml Update and rename qihang-media-web-credentials-disclosure.yaml to qihang-media-disclosure.yaml 2021-10-01 16:26:25 +05:30
qihang-media-lfi.yaml Updated all templates tags with technologies (#3478) 2022-01-05 01:04:16 +05:30
rconfig-rce.yaml Add description 2021-10-27 14:06:15 +03:00
resin-cnnvd-200705-315.yaml Removed pipe (|) character from references, because the structure requires it to be a string slice, not a string 2021-08-18 14:44:27 +03:00
resin-inputfile-fileread.yaml Add reference 2021-08-09 16:10:10 +03:00
resin-viewfile-lfr.yaml Removed pipe (|) character from references, because the structure requires it to be a string slice, not a string 2021-08-18 14:44:27 +03:00
rockmongo-xss.yaml Add description 2021-10-26 15:22:21 +03:00
ruijie-eg-rce.yaml Updated "/etc/passwd" regex to avoid possible false positive results. 2022-03-22 13:31:31 +05:30
ruijie-networks-lfi.yaml Add description 2021-10-26 15:22:21 +03:00
ruijie-networks-rce.yaml Updated "/etc/passwd" regex to avoid possible false positive results. 2022-03-22 13:31:31 +05:30
sangfor-edr-auth-bypass.yaml Updated all templates tags with technologies (#3478) 2022-01-05 01:04:16 +05:30
sangfor-edr-rce.yaml Updated "/etc/passwd" regex to avoid possible false positive results. 2022-03-22 13:31:31 +05:30
sap-redirect.yaml Add description 2021-10-25 09:58:59 +03:00
sar2html-rce.yaml oob tags update 2021-10-19 02:10:26 +05:30
seacms-rce.yaml Add description 2021-10-26 15:29:20 +03:00
seowon-router-rce.yaml Updated "/etc/passwd" regex to avoid possible false positive results. 2022-03-22 13:31:31 +05:30
servicenow-helpdesk-credential.yaml Added ServiceNow Helpdesk Credential Exposure (#3371) 2021-12-19 23:42:01 +05:30
showdoc-file-upload-rce.yaml removed extra headers not required for template 2021-09-08 17:47:19 +05:30
sick-beard-xss.yaml metadata update 2021-10-22 23:23:25 +05:30
sl-studio-lfi.yaml Update sl-studio-lfi.yaml 2021-12-29 09:20:13 +05:30
sofneta-mecdream-pacs-lfi.yaml Update and rename sofneta-mecdream-pacs-server-lfi.yaml to sofneta-mecdream-pacs-lfi.yaml 2022-01-03 10:21:00 +05:30
solar-log-authbypass.yaml Fix description 2021-10-26 12:45:16 +03:00
sonicwall-sslvpn-shellshock.yaml Updated "/etc/passwd" regex to avoid possible false positive results. 2022-03-22 13:31:31 +05:30
spark-webui-unauth.yaml fixed invalid template syntax 2021-10-30 16:47:35 +05:30
sponip-network-system-ping-rce.yaml Updated all templates tags with technologies (#3478) 2022-01-05 01:04:16 +05:30
symantec-messaging-gateway.yaml Updated all templates tags with technologies (#3478) 2022-01-05 01:04:16 +05:30
tamronos-rce.yaml Updated "/etc/passwd" regex to avoid possible false positive results. 2022-03-22 13:31:31 +05:30
tekon-info-leak.yaml Update tekon-info-leak.yaml 2022-03-21 16:36:39 +05:30
thinkific-redirect.yaml Update thinkific-redirect.yaml 2021-08-24 14:56:21 +07:00
thruk-xss.yaml Update thruk-xss.yaml 2021-12-09 21:58:15 +05:30
tikiwiki-json-rpc.yaml Added Kiwi TCMS JSON-RPC misconfig 2022-03-13 17:50:38 +05:30
tikiwiki-reflected-xss.yaml Update tikiwiki-reflected-xss.yaml 2021-08-02 21:44:48 +05:30
tpshop-directory-traversal.yaml Correct product name 2021-04-29 09:20:58 +03:00
turbocrm-xss.yaml Add description 2021-10-27 14:04:00 +03:00
twig-php-ssti.yaml Added skip-variables-check for SSTI template 2021-11-09 22:16:37 +05:30
ueditor-file-upload.yaml Add description 2021-10-25 12:58:22 +03:00
unauth-hoteldruid-panel.yaml Dashboard Content Enhancements (#3980) 2022-03-25 10:16:18 -04:00
unauth-spark-api.yaml Enhancement: vulnerabilities/other/unauth-spark-api.yaml by cs 2022-02-28 14:17:05 -05:00
unifi-network-log4j-rce.yaml Update nuuno-network-login.yaml (#3701) 2022-02-14 19:53:51 +05:30
vanguard-post-xss.yaml Update vanguard-post-xss.yaml 2021-11-05 21:36:53 +05:30
viewlinc-crlf-injection.yaml Add description 2021-10-25 12:57:40 +03:00
visual-tools-dvr-rce.yaml Updated "/etc/passwd" regex to avoid possible false positive results. 2022-03-22 13:31:31 +05:30
vpms-auth-bypass.yaml Add description 2021-10-25 12:56:03 +03:00
watchguard-credentials-disclosure.yaml Update and rename watchguard-fireware-ad-helper-component-credentials-disclosure.yaml to watchguard-credentials-disclosure.yaml 2021-12-09 21:05:13 +05:30
webui-rce.yaml Add description 2021-10-25 12:54:49 +03:00
wems-manager-xss.yaml Add description 2021-10-25 12:59:08 +03:00
wooyun-2015-148227.yaml Renames vulnerabilities/other/WooYun2015-148227 (#3488) 2022-01-06 12:00:31 +05:30
wooyun-path-traversal.yaml Updated all templates tags with technologies (#3478) 2022-01-05 01:04:16 +05:30
wuzhicms-sqli.yaml Create wuzhicms-sqli.yaml 2021-04-23 18:26:43 +05:30
xdcms-sqli.yaml Create xdcms-sqli.yaml 2021-03-21 10:15:44 +00:00
xerox-efi-lfi.yaml Update xerox-efi-lfi.yaml 2022-01-10 12:07:06 +05:30
yapi-rce.yaml Add description 2021-10-26 15:26:10 +03:00
yarn-resourcemanager-rce.yaml Add description 2021-10-26 15:25:34 +03:00
yishaadmin-lfi.yaml Updated "/etc/passwd" regex to avoid possible false positive results. 2022-03-22 13:31:31 +05:30
zcms-v3-sqli.yaml Create zcms-v3-sqli.yaml 2021-04-23 18:48:00 +05:30
zhiyuan-file-upload.yaml Cleanup some dashboard artifacts 2022-02-04 14:02:53 -05:00
zhiyuan-oa-info-leak.yaml Update zhiyuan-oa-info-leak.yaml 2021-02-24 23:22:23 +05:30
zhiyuan-oa-session-leak.yaml Add description 2021-10-26 15:24:26 +03:00
zimbra-preauth-ssrf.yaml Add description 2021-10-26 15:23:43 +03:00
zms-auth-bypass.yaml Add description 2021-10-26 15:23:43 +03:00