daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
nuclei-templates/vulnerabilities/other
History
GwanYeong Kim 27eef8c1a9 Create zhiyuan-file-upload.yaml 
Zhiyuan OA is a set of office coordinating management software. Recently, Qianxin CERT monitors the relevant vulnerability information of the long OA. Since there is an unauthorized access in some interfaces, and some functions are insufficient, the attacker can upload malicious script files without logging in, so that there is no need to log in. Zhiyuan OA official has provided patches for this vulnerability. In view of the large vulnerability harm, it is recommended that users apply patch updates as soon as possible.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
 		2021-08-02 11:07:14 +09:00
..
74cms-sqli.yaml Create 74cms-sqli.yaml 2021-04-06 23:59:29 +05:30
WooYun-2015-148227.yaml Create WooYun-2015-148227.yaml 2021-04-22 14:29:47 +05:30
acme-xss.yaml misc tag updates 2021-04-06 12:16:11 +05:30
aspnuke-openredirect.yaml misc tag updates 2021-04-06 12:16:11 +05:30
bitrix-open-redirect.yaml Update bitrix-open-redirect.yaml 2021-07-29 00:13:15 +05:30
blue-ocean-excellence-lfi.yaml Update blue-ocean-excellence-lfi.yaml 2021-05-31 15:44:21 +05:30
bullwark-momentum-lfi.yaml Merge branch 'master' into patch-4 2021-03-15 00:30:30 +05:30
cacti-weathermap-file-write.yaml Update cacti-weathermap-file-write.yaml 2021-02-16 02:17:45 +05:30
chamilo-lms-sqli.yaml matcher and payload update 2021-04-28 19:44:28 +05:30
chamilo-lms-xss.yaml Payload and matcher fix 2021-04-28 14:42:10 +05:30
ckan-dom-based-xss.yaml Update ckan-dom-based-xss.yaml 2021-06-10 17:27:21 +05:30
clockwatch-enterprise-rce.yaml Update clockwatch-enterprise-rce.yaml 2021-07-08 14:20:18 +05:30
coldfusion-debug-xss.yaml Update coldfusion-debug-xss.yaml 2021-07-22 19:44:57 -04:00
concrete-xss.yaml Improved matcher 2021-05-17 22:39:05 +05:30
core-chuangtian-cloud-rce.yaml matcher improvements 2021-04-14 01:53:24 +05:30
couchdb-adminparty.yaml Adding tags to vulnerabilities and workflows 2021-02-12 11:23:01 +05:30
dedecms-carbuyaction-fileinclude.yaml Update dedecms-carbuyaction-fileinclude.yaml 2021-07-21 18:26:36 +05:30
dedecms-membergroup-sqli.yaml Update dedecms-membergroup-sqli.yaml 2021-07-21 18:34:37 +05:30
dedecms-openredirect.yaml Update dedecms-openredirect.yaml 2021-02-20 23:12:14 +05:30
discourse-xss.yaml xss matchers update 2021-03-04 21:32:34 +05:30
dlink-850L-info-leak.yaml Adding tags to vulnerabilities and workflows 2021-02-12 11:23:01 +05:30
duomicms-sql-injection.yaml more typos 2021-03-10 19:45:41 +05:30
ecology-filedownload-directory-traversal.yaml Create ecology-filedownload-directory-traversal.yaml 2021-04-23 18:50:11 +05:30
ecology-springframework-directory-traversal.yaml Create ecology-springframework-directory-traversal.yaml 2021-04-23 18:52:08 +05:30
empirecms-xss.yaml Update empirecms-xss.yaml 2021-04-05 22:13:16 +05:30
erp-nc-directory-traversal.yaml matcher improvements 2021-04-14 01:53:24 +05:30
etouch-v2-sqli.yaml Product seems to be called ectouch 2021-04-26 08:51:08 +03:00
eyou-email-rce.yaml matcher update to handle edge cases 2021-07-25 03:05:55 +05:30
fanruanoa2012-disclosure.yaml Spelling 2021-06-06 10:35:09 +03:00
feifeicms-lfr.yaml Correct product name, and link to the Gitee 2021-04-26 09:03:24 +03:00
finereport-path-traversal.yaml Product name 2021-04-26 09:07:57 +03:00
flir-path-traversal.yaml matcher update to handle edge cases 2021-07-25 03:05:55 +05:30
gloo-unauth.yaml minor updates 2021-05-05 17:53:34 +05:30
h3c-imc-rce.yaml matcher update to handle edge cases 2021-07-25 03:05:55 +05:30
hashicorp-consul-rce.yaml Minor update 2021-05-02 17:51:44 +05:30
hasura-graphql-ssrf.yaml Update hasura-graphql-ssrf.yaml 2021-07-13 15:58:06 +05:30
hiboss-rce.yaml matcher update to handle edge cases 2021-07-25 03:05:55 +05:30
hjtcloud-arbitrary-file-read.yaml matcher update to handle edge cases 2021-07-25 03:05:55 +05:30
hjtcloud-rest-arbitrary-file-read.yaml strict matcher 2021-06-01 16:08:41 +05:30
huawei-hg659-lfi.yaml matcher update to handle edge cases 2021-07-25 03:05:55 +05:30
huawei-router-auth-bypass.yaml Update huawei-router-auth-bypass.yaml 2021-07-06 23:32:45 +05:30
huijietong-cloud-fileread.yaml matcher update to handle edge cases 2021-07-25 03:05:55 +05:30
icewarp-webclient-rce.yaml Update icewarp-webclient-rce.yaml 2021-07-10 09:18:32 +05:30
interlib-fileread.yaml matcher update to handle edge cases 2021-07-25 03:05:55 +05:30
jeewms-lfi.yaml matcher update to handle edge cases 2021-07-25 03:05:55 +05:30
jfrog-unauth-build-exposed.yaml Added missing matcher 2021-07-04 01:26:41 +05:30
joomla-com-fabrik-lfi.yaml minor update 2021-05-07 14:53:34 +05:30
kafdrop-xss.yaml Give description 2021-05-25 14:35:41 +03:00
kevinlab-bems-backdoor.yaml Update kevinlab-bems-backdoor.yaml 2021-07-24 12:07:27 +05:30
kevinlab-bems-sqli.yaml Update kevinlab-bems-sqli.yaml 2021-07-24 12:10:46 +05:30
keycloak-xss.yaml Adding tags to vulnerabilities and workflows 2021-02-12 11:23:01 +05:30
landray-oa-fileread.yaml matcher update to handle edge cases 2021-07-25 03:05:55 +05:30
lotuscms-rce.yaml minor updates 2021-07-04 17:09:45 +05:30
maccmsv10-backdoor.yaml Create maccmsv10-backdoor.yaml 2021-04-10 03:30:22 +05:30
magicflow-lfi.yaml matcher update to handle edge cases 2021-07-25 03:05:55 +05:30
maian-cart-preauth-rce.yaml Added missing condition 2021-06-26 19:35:52 +05:30
mcafee-epo-rce.yaml Adding tags to vulnerabilities and workflows 2021-02-12 11:23:01 +05:30
metinfo-lfi.yaml Update metinfo-lfi.yaml 2021-02-20 19:24:20 +05:30
microstrategy-ssrf.yaml Adding tags to vulnerabilities and workflows 2021-02-12 11:23:01 +05:30
mida-eframework-xss.yaml Adding tags to vulnerabilities and workflows 2021-02-12 11:23:01 +05:30
mirai-unknown-rce.yaml Create mirai-unknown-rce.yaml 2021-07-18 22:44:29 +09:00
mpsec-lfi.yaml matcher update to handle edge cases 2021-07-25 03:05:55 +05:30
myucms-lfr.yaml matcher update to handle edge cases 2021-07-25 03:05:55 +05:30
natshell-path-traversal.yaml matcher update 2021-05-17 19:49:24 +05:30
natshell-rce.yaml misc changes 2021-05-28 11:12:36 +05:30
netgear-router-auth-bypass.yaml Create netgear-router-auth-bypass.yaml 2021-07-01 14:39:10 +09:00
netgear-wnap320-rce.yaml Update netgear-wnap320-rce.yaml 2021-07-26 13:38:38 +05:30
nginx-merge-slashes-path-traversal.yaml matcher update to handle edge cases 2021-07-25 03:05:55 +05:30
nginx-module-vts-xss.yaml Adding tags to vulnerabilities and workflows 2021-02-12 11:23:01 +05:30
ns-asg-file-read.yaml matcher update to handle edge cases 2021-07-25 03:05:55 +05:30
nuuo-file-inclusion.yaml Create nuuo-file-inclusion.yaml 2021-04-14 01:57:44 +05:30
nuuo-nvrmini2-rce.yaml Its not really a regex 2021-05-10 09:35:36 +03:00
oa-tongda-path-traversal.yaml Update rails6-xss.yaml 2021-02-15 04:27:45 +05:30
oa-v9-uploads-file.yaml Update oa-v9-uploads-file.yaml 2021-05-10 13:23:08 +05:30
odoo-cms-redirect.yaml Moving files around 2021-06-02 12:22:24 +05:30
opensns-rce.yaml Update opensns-rce.yaml 2021-07-07 18:30:48 +05:30
optilink-ont1gew-gpon-rce.yaml Rename optiLink-ont1gew-gpon-rce.yaml to optilink-ont1gew-gpon-rce.yaml 2021-07-15 23:15:45 +05:30
parentlink-xss.yaml few updates 2021-03-14 17:07:52 +05:30
pdf-signer-ssti-to-rce.yaml matcher update to handle edge cases 2021-07-25 03:05:55 +05:30
php-timeclock-xss.yaml misc update 2021-06-10 14:53:31 +05:30
php-zerodium-backdoor-rce.yaml Create php-zerodium-backdoor-rce.yaml 2021-06-10 22:01:26 +05:30
pmb-local-file-disclosure.yaml Create pmb-local-file-disclosure.yaml 2021-03-12 22:42:45 +05:30
powercreator-cms-rce.yaml Alternative reference 2021-05-05 17:08:11 +03:00
qcubed-xss.yaml Update qcubed-xss.yaml 2021-07-27 11:57:30 +05:30
qi-anxin-netkang-next-generation-firewall-rce.yaml matcher update to handle edge cases 2021-07-25 03:05:55 +05:30
rce-shellshock-user-agent.yaml matcher update to handle edge cases 2021-07-25 03:05:55 +05:30
rconfig-rce.yaml Adding tags to vulnerabilities and workflows 2021-02-12 11:23:01 +05:30
resin-cnnvd-200705-315.yaml Create resin-cnnvd-200705-315.yaml 2021-04-22 19:37:30 +05:30
resin-inputfile-fileread.yaml Update resin-inputfile-fileread.yaml 2021-06-24 02:28:18 +05:30
resin-viewfile-lfr.yaml Update resin-viewfile-lfr.yaml 2021-04-22 19:14:41 +05:30
rockmongo-xss.yaml Update rockmongo-xss.yaml 2021-02-25 17:16:33 +05:30
ruijie-networks-lfi.yaml Create ruijie-networks-lfi.yaml 2021-03-01 10:21:32 +00:00
ruijie-networks-rce.yaml matcher update to handle edge cases 2021-07-25 03:05:55 +05:30
sangfor-edr-auth-bypass.yaml Update sangfor-edr-auth-bypass.yaml 2021-07-21 18:14:42 +05:30
sangfor-edr-rce.yaml matcher update to handle edge cases 2021-07-25 03:05:55 +05:30
seacms-rce.yaml Update seacms-rce.yaml 2021-02-18 20:38:50 +05:30
showdoc-file-upload-rce.yaml Payload + matcher update 2021-07-17 23:02:43 +05:30
sick-beard-xss.yaml Adding tags to vulnerabilities and workflows 2021-02-12 11:23:01 +05:30
simple-employee-rce.yaml matcher update to handle edge cases 2021-07-25 03:05:55 +05:30
sonicwall-sslvpn-shellshock.yaml matcher update to handle edge cases 2021-07-25 03:05:55 +05:30
spark-webui-unauth.yaml Update spark-webui-unauth.yaml 2021-04-26 21:57:46 +05:30
symantec-messaging-gateway.yaml Updated author names 2021-06-09 17:50:56 +05:30
tamronos-rce.yaml matcher update to handle edge cases 2021-07-25 03:05:55 +05:30
thinkific-redirect.yaml Adding tags to vulnerabilities and workflows 2021-02-12 11:23:01 +05:30
tikiwiki-reflected-xss.yaml Adding tags to vulnerabilities and workflows 2021-02-12 11:23:01 +05:30
tpshop-directory-traversal.yaml Correct product name 2021-04-29 09:20:58 +03:00
turbocrm-xss.yaml minor update 2021-04-11 17:24:54 +05:30
twig-php-ssti.yaml Adding tags to vulnerabilities and workflows 2021-02-12 11:23:01 +05:30
ueditor-file-upload.yaml Create ueditor-file-upload.yaml 2021-04-23 17:45:09 +05:30
unauth-spark-api.yaml Update unauth-spark-api.yaml 2021-04-22 14:23:08 +05:30
viewlinc-crlf-injection.yaml Update viewlinc-crlf-injection.yaml 2021-03-16 14:05:20 +05:30
visual-tools-dvr-rce.yaml Update visual-tools-dvr-rce.yaml 2021-07-23 20:46:49 +05:30
vpms-auth-bypass.yaml Those aren't really regexes 2021-04-28 15:07:39 +03:00
webui-rce.yaml adding tags 2021-02-19 13:51:21 +05:30
wems-manager-xss.yaml Removed self-reference 2021-04-29 08:58:02 +03:00
wooyun-path-traversal.yaml Adding tags to vulnerabilities and workflows 2021-02-12 11:23:01 +05:30
wuzhicms-sqli.yaml Create wuzhicms-sqli.yaml 2021-04-23 18:26:43 +05:30
xdcms-sqli.yaml Create xdcms-sqli.yaml 2021-03-21 10:15:44 +00:00
yapi-rce.yaml matcher update to handle edge cases 2021-07-25 03:05:55 +05:30
yarn-resourcemanager-rce.yaml misc tag updates 2021-04-06 12:16:11 +05:30
zcms-v3-sqli.yaml Create zcms-v3-sqli.yaml 2021-04-23 18:48:00 +05:30
zhiyuan-file-upload.yaml Create zhiyuan-file-upload.yaml 2021-08-02 11:07:14 +09:00
zhiyuan-oa-info-leak.yaml Update zhiyuan-oa-info-leak.yaml 2021-02-24 23:22:23 +05:30
zhiyuan-oa-session-leak.yaml Create zhiyuan-oa-session-leak.yaml 2021-02-24 08:06:28 +00:00
zms-auth-bypass.yaml Adding tags to vulnerabilities and workflows 2021-02-12 11:23:01 +05:30