.. |
74cms-sqli.yaml
|
Create 74cms-sqli.yaml
|
2021-04-06 23:59:29 +05:30 |
WooYun-2015-148227.yaml
|
Create WooYun-2015-148227.yaml
|
2021-04-22 14:29:47 +05:30 |
acme-xss.yaml
|
Update Severity
|
2021-09-20 12:11:56 +07:00 |
aspnuke-openredirect.yaml
|
misc tag updates
|
2021-04-06 12:16:11 +05:30 |
bems-api-lfi.yaml
|
Update and rename longjing-technology-bems-api-lfi.yaml to bems-api-lfi.yaml
|
2021-08-03 19:55:25 +05:30 |
beward-ipcamera-disclosure.yaml
|
Removed pipe (|) character from references, because the structure requires it to be a string slice, not a string
|
2021-08-19 16:59:12 +03:00 |
bitrix-open-redirect.yaml
|
misc update
|
2021-10-14 19:31:57 +05:30 |
blue-ocean-excellence-lfi.yaml
|
Update blue-ocean-excellence-lfi.yaml
|
2021-05-31 15:44:21 +05:30 |
buffalo-config-injection.yaml
|
Satisfying the linter (all errors and warnings)
|
2021-08-19 17:44:46 +03:00 |
bullwark-momentum-lfi.yaml
|
Metadata attribute update
|
2021-09-16 21:24:33 +05:30 |
cacti-weathermap-file-write.yaml
|
Coverage for all templates using tags
|
2021-09-09 19:08:13 +05:30 |
caucho-resin-info-disclosure.yaml
|
Coverage for all templates using tags
|
2021-09-09 19:08:13 +05:30 |
chamilo-lms-sqli.yaml
|
matcher and payload update
|
2021-04-28 19:44:28 +05:30 |
chamilo-lms-xss.yaml
|
Payload and matcher fix
|
2021-04-28 14:42:10 +05:30 |
ckan-dom-based-xss.yaml
|
Update ckan-dom-based-xss.yaml
|
2021-06-10 17:27:21 +05:30 |
clockwatch-enterprise-rce.yaml
|
Update clockwatch-enterprise-rce.yaml
|
2021-07-08 14:20:18 +05:30 |
coldfusion-debug-xss.yaml
|
Description
|
2021-08-02 14:30:22 +03:00 |
commax-biometric-auth-bypass.yaml
|
Better description
|
2021-10-14 16:27:26 +03:00 |
commax-credentials-disclosure.yaml
|
Update and rename commax-cctv-rtsp-credentials-disclosure.yaml to commax-credentials-disclosure.yaml
|
2021-09-25 11:32:31 +05:30 |
comtrend-password-exposure.yaml
|
Add description
|
2021-10-17 15:50:52 +03:00 |
concrete-xss.yaml
|
Satisfying the linter (all errors and warnings)
|
2021-08-19 17:44:46 +03:00 |
core-chuangtian-cloud-rce.yaml
|
removed extra headers not required for template
|
2021-09-08 17:47:19 +05:30 |
couchdb-adminparty.yaml
|
removed extra headers not required for template
|
2021-09-08 17:47:19 +05:30 |
cs-cart-unauthenticated-lfi.yaml
|
moving files around
|
2021-09-22 18:09:43 +05:30 |
dedecms-carbuyaction-fileinclude.yaml
|
Add description
|
2021-10-14 16:28:41 +03:00 |
dedecms-membergroup-sqli.yaml
|
Add description
|
2021-10-14 15:55:59 +03:00 |
dedecms-openredirect.yaml
|
Update dedecms-openredirect.yaml
|
2021-02-20 23:12:14 +05:30 |
discourse-xss.yaml
|
xss matchers update
|
2021-03-04 21:32:34 +05:30 |
dlink-850L-info-leak.yaml
|
Satisfying the linter (all errors and warnings)
|
2021-08-19 17:44:46 +03:00 |
duomicms-sql-injection.yaml
|
more typos
|
2021-03-10 19:45:41 +05:30 |
ecology-filedownload-directory-traversal.yaml
|
Create ecology-filedownload-directory-traversal.yaml
|
2021-04-23 18:50:11 +05:30 |
ecology-springframework-directory-traversal.yaml
|
Create ecology-springframework-directory-traversal.yaml
|
2021-04-23 18:52:08 +05:30 |
empirecms-xss.yaml
|
Update empirecms-xss.yaml
|
2021-04-05 22:13:16 +05:30 |
erp-nc-directory-traversal.yaml
|
matcher improvements
|
2021-04-14 01:53:24 +05:30 |
etouch-v2-sqli.yaml
|
Fixed mistakes/typos in the templates.
|
2021-08-19 15:30:14 +03:00 |
ewebs-arbitrary-file-reading.yaml
|
Add description
|
2021-10-17 15:52:26 +03:00 |
eyelock-nano-lfd.yaml
|
Updates across many templates for clarity, spelling, and grammar.
|
2021-09-05 17:13:45 -04:00 |
eyou-email-rce.yaml
|
removed extra headers not required for template
|
2021-09-08 17:47:19 +05:30 |
fanruanoa2012-disclosure.yaml
|
Spelling
|
2021-06-06 10:35:09 +03:00 |
fatpipe-auth-bypass.yaml
|
Update and rename fatpipe-networks-warp-auth-bypass.yaml to fatpipe-auth-bypass.yaml
|
2021-09-30 17:18:21 +05:30 |
fatpipe-backdoor.yaml
|
Better description
|
2021-10-14 16:31:27 +03:00 |
feifeicms-lfr.yaml
|
Removed pipe (|) character from references, because the structure requires it to be a string slice, not a string
|
2021-08-18 14:44:27 +03:00 |
finereport-path-traversal.yaml
|
Product name
|
2021-04-26 09:07:57 +03:00 |
flir-path-traversal.yaml
|
matcher update to handle edge cases
|
2021-07-25 03:05:55 +05:30 |
geovision-geowebserver-lfi.yaml
|
Previous reference is no longer available
|
2021-10-14 16:05:47 +03:00 |
geovision-geowebserver-xss.yaml
|
Add description
|
2021-10-14 16:32:34 +03:00 |
gloo-unauth.yaml
|
removed extra headers not required for template
|
2021-09-08 17:47:19 +05:30 |
gsoap-lfi.yaml
|
Update gsoap-lfi.yaml
|
2021-09-06 17:34:51 +05:30 |
h3c-imc-rce.yaml
|
Spelling
|
2021-10-14 16:07:39 +03:00 |
hashicorp-consul-rce.yaml
|
removed extra headers not required for template
|
2021-09-08 17:47:19 +05:30 |
hasura-graphql-psql-exec.yaml
|
Add description
|
2021-10-14 16:34:15 +03:00 |
hasura-graphql-ssrf.yaml
|
removed extra headers not required for template
|
2021-09-08 17:47:19 +05:30 |
hiboss-rce.yaml
|
Description
|
2021-10-14 16:35:40 +03:00 |
hjtcloud-arbitrary-file-read.yaml
|
removed extra headers not required for template
|
2021-09-08 17:47:19 +05:30 |
hjtcloud-rest-arbitrary-file-read.yaml
|
strict matcher
|
2021-06-01 16:08:41 +05:30 |
homeautomation-v3-openredirect.yaml
|
Add description
|
2021-10-17 15:54:19 +03:00 |
huawei-hg659-lfi.yaml
|
Removed pipe (|) character from references, because the structure requires it to be a string slice, not a string
|
2021-08-18 14:44:27 +03:00 |
huawei-router-auth-bypass.yaml
|
removed extra headers not required for template
|
2021-09-08 17:47:19 +05:30 |
huijietong-cloud-fileread.yaml
|
matcher update to handle edge cases
|
2021-07-25 03:05:55 +05:30 |
icewarp-webclient-rce.yaml
|
Update icewarp-webclient-rce.yaml
|
2021-07-10 09:18:32 +05:30 |
interlib-fileread.yaml
|
matcher update to handle edge cases
|
2021-07-25 03:05:55 +05:30 |
jeewms-lfi.yaml
|
removed extra headers not required for template
|
2021-09-08 17:47:19 +05:30 |
jfrog-unauth-build-exposed.yaml
|
removed extra headers not required for template
|
2021-09-08 17:47:19 +05:30 |
joomla-com-fabrik-lfi.yaml
|
minor update
|
2021-05-07 14:53:34 +05:30 |
kafdrop-xss.yaml
|
Give description
|
2021-05-25 14:35:41 +03:00 |
karel-ip-phone-lfi.yaml
|
lint fix
|
2021-10-14 19:50:43 +05:30 |
kevinlab-bems-backdoor.yaml
|
removed extra headers not required for template
|
2021-09-08 17:47:19 +05:30 |
kevinlab-bems-sqli.yaml
|
removed extra headers not required for template
|
2021-09-08 17:47:19 +05:30 |
kevinlab-hems-backdoor.yaml
|
Updates across many templates for clarity, spelling, and grammar.
|
2021-09-05 17:13:45 -04:00 |
keycloak-xss.yaml
|
Update keycloak-xss.yaml
|
2021-10-09 08:46:17 +05:30 |
landray-oa-fileread.yaml
|
removed extra headers not required for template
|
2021-09-08 17:47:19 +05:30 |
lotuscms-rce.yaml
|
minor updates
|
2021-07-04 17:09:45 +05:30 |
lucee-xss.yaml
|
Added Lucee Unauthenticated Reflected XSS
|
2021-10-06 16:38:23 +05:30 |
luftguitar-arbitrary-file-upload.yaml
|
Update luftguitar-arbitrary-file-upload.yaml
|
2021-09-18 14:32:13 +05:30 |
maccmsv10-backdoor.yaml
|
Create maccmsv10-backdoor.yaml
|
2021-04-10 03:30:22 +05:30 |
magicflow-lfi.yaml
|
matcher update to handle edge cases
|
2021-07-25 03:05:55 +05:30 |
maian-cart-preauth-rce.yaml
|
removed extra headers not required for template
|
2021-09-08 17:47:19 +05:30 |
mcafee-epo-rce.yaml
|
Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates into pr/2481
|
2021-09-03 14:55:30 +05:30 |
metinfo-lfi.yaml
|
Update metinfo-lfi.yaml
|
2021-10-02 17:57:59 +05:30 |
microstrategy-ssrf.yaml
|
Update microstrategy-ssrf.yaml
|
2021-10-17 07:46:32 +05:30 |
mida-eframework-xss.yaml
|
removed extra headers not required for template
|
2021-09-08 17:47:19 +05:30 |
minimouse-lfi.yaml
|
Update and rename minimouse-lfi.yaml to vulnerabilities/other/minimouse-lfi.yaml
|
2021-09-06 14:44:39 +05:30 |
mirai-unknown-rce.yaml
|
* Added Host headers where needed (validated via disclosures/posts)
|
2021-09-30 12:52:05 -04:00 |
mpsec-lfi.yaml
|
matcher update to handle edge cases
|
2021-07-25 03:05:55 +05:30 |
ms-exchange-server-reflected-xss.yaml
|
Satisfying the linter (all errors and warnings)
|
2021-08-19 17:44:46 +03:00 |
myucms-lfr.yaml
|
matcher update to handle edge cases
|
2021-07-25 03:05:55 +05:30 |
natshell-path-traversal.yaml
|
matcher update
|
2021-05-17 19:49:24 +05:30 |
natshell-rce.yaml
|
misc changes
|
2021-05-28 11:12:36 +05:30 |
netgear-router-auth-bypass.yaml
|
removed extra headers not required for template
|
2021-09-08 17:47:19 +05:30 |
netgear-router-exposure.yaml
|
Vendor writes it as "NETGEAR"
|
2021-08-29 09:39:06 +03:00 |
netgear-wnap320-rce.yaml
|
removed extra headers not required for template
|
2021-09-08 17:47:19 +05:30 |
netis-info-leak.yaml
|
Add description
|
2021-10-13 11:56:10 +03:00 |
nginx-merge-slashes-path-traversal.yaml
|
Add description
|
2021-10-13 12:00:39 +03:00 |
nginx-module-vts-xss.yaml
|
Adding tags to vulnerabilities and workflows
|
2021-02-12 11:23:01 +05:30 |
ns-asg-file-read.yaml
|
matcher update to handle edge cases
|
2021-07-25 03:05:55 +05:30 |
nuuo-file-inclusion.yaml
|
Create nuuo-file-inclusion.yaml
|
2021-04-14 01:57:44 +05:30 |
nuuo-nvrmini2-rce.yaml
|
Removed pipe (|) character from references, because the structure requires it to be a string slice, not a string
|
2021-08-18 14:44:27 +03:00 |
oa-tongda-path-traversal.yaml
|
removed extra headers not required for template
|
2021-09-08 17:47:19 +05:30 |
oa-v9-uploads-file.yaml
|
removed extra headers not required for template
|
2021-09-08 17:47:19 +05:30 |
odoo-cms-redirect.yaml
|
Moving files around
|
2021-06-02 12:22:24 +05:30 |
opensis-lfi.yaml
|
Improve description
|
2021-10-13 12:01:33 +03:00 |
opensns-rce.yaml
|
Satisfying the linter (all errors and warnings)
|
2021-08-19 17:44:46 +03:00 |
openvpn-hhi.yaml
|
Update openvpn-hhi.yaml
|
2021-09-06 17:15:30 +05:30 |
optilink-ont1gew-gpon-rce.yaml
|
removed extra headers not required for template
|
2021-09-08 17:47:19 +05:30 |
parentlink-xss.yaml
|
few updates
|
2021-03-14 17:07:52 +05:30 |
pdf-signer-ssti-to-rce.yaml
|
matcher update to handle edge cases
|
2021-07-25 03:05:55 +05:30 |
php-timeclock-xss.yaml
|
misc update
|
2021-06-10 14:53:31 +05:30 |
php-zerodium-backdoor-rce.yaml
|
Update Severity
|
2021-09-18 21:07:47 +07:00 |
phpwiki-lfi.yaml
|
Rename phpwiki-lfi.yaml to vulnerabilities/other/phpwiki-lfi.yaml
|
2021-09-09 15:01:35 +05:30 |
pmb-directory-traversal.yaml
|
misc update
|
2021-10-08 19:10:03 +05:30 |
pmb-local-file-disclosure.yaml
|
Coverage for all templates using tags
|
2021-09-09 19:08:13 +05:30 |
powercreator-cms-rce.yaml
|
removed extra headers not required for template
|
2021-09-08 17:47:19 +05:30 |
processmaker-lfi.yaml
|
Update processmaker-lfi.yaml
|
2021-08-31 14:08:11 +05:30 |
qcubed-xss.yaml
|
Update qcubed-xss.yaml
|
2021-10-08 19:14:26 +05:30 |
qi-anxin-netkang-next-generation-firewall-rce.yaml
|
removed extra headers not required for template
|
2021-09-08 17:47:19 +05:30 |
qihang-media-disclosure.yaml
|
Update and rename qihang-media-web-credentials-disclosure.yaml to qihang-media-disclosure.yaml
|
2021-10-01 16:26:25 +05:30 |
qihang-media-lfi.yaml
|
Update and rename qihang-media-web-lfi.yaml to qihang-media-lfi.yaml
|
2021-10-01 16:28:20 +05:30 |
rce-shellshock-user-agent.yaml
|
removed extra headers not required for template
|
2021-09-08 17:47:19 +05:30 |
rconfig-rce.yaml
|
removed extra headers not required for template
|
2021-09-08 17:47:19 +05:30 |
resin-cnnvd-200705-315.yaml
|
Removed pipe (|) character from references, because the structure requires it to be a string slice, not a string
|
2021-08-18 14:44:27 +03:00 |
resin-inputfile-fileread.yaml
|
Add reference
|
2021-08-09 16:10:10 +03:00 |
resin-viewfile-lfr.yaml
|
Removed pipe (|) character from references, because the structure requires it to be a string slice, not a string
|
2021-08-18 14:44:27 +03:00 |
rockmongo-xss.yaml
|
Update rockmongo-xss.yaml
|
2021-02-25 17:16:33 +05:30 |
ruijie-eg-rce.yaml
|
removed extra headers not required for template
|
2021-09-08 17:47:19 +05:30 |
ruijie-networks-lfi.yaml
|
Create ruijie-networks-lfi.yaml
|
2021-03-01 10:21:32 +00:00 |
ruijie-networks-rce.yaml
|
removed extra headers not required for template
|
2021-09-08 17:47:19 +05:30 |
sangfor-edr-auth-bypass.yaml
|
Update sangfor-edr-auth-bypass.yaml
|
2021-07-21 18:14:42 +05:30 |
sangfor-edr-rce.yaml
|
matcher update to handle edge cases
|
2021-07-25 03:05:55 +05:30 |
sap-redirect.yaml
|
tag update
|
2021-08-07 15:00:29 +05:30 |
sar2html-rce.yaml
|
removed extra headers not required for template
|
2021-09-08 17:47:19 +05:30 |
seacms-rce.yaml
|
Update seacms-rce.yaml
|
2021-02-18 20:38:50 +05:30 |
showdoc-file-upload-rce.yaml
|
removed extra headers not required for template
|
2021-09-08 17:47:19 +05:30 |
sick-beard-xss.yaml
|
Metadata attribute update
|
2021-09-16 21:24:33 +05:30 |
solar-log-authbypass.yaml
|
Create solar-log-authbypass.yaml
|
2021-08-17 18:02:41 +05:30 |
sonicwall-sslvpn-shellshock.yaml
|
removed extra headers not required for template
|
2021-09-08 17:47:19 +05:30 |
spark-webui-unauth.yaml
|
misc updates
|
2021-08-02 12:53:35 +05:30 |
symantec-messaging-gateway.yaml
|
Updated author names
|
2021-06-09 17:50:56 +05:30 |
tamronos-rce.yaml
|
matcher update to handle edge cases
|
2021-07-25 03:05:55 +05:30 |
thinkific-redirect.yaml
|
Update thinkific-redirect.yaml
|
2021-08-24 14:56:21 +07:00 |
tikiwiki-reflected-xss.yaml
|
Update tikiwiki-reflected-xss.yaml
|
2021-08-02 21:44:48 +05:30 |
tpshop-directory-traversal.yaml
|
Correct product name
|
2021-04-29 09:20:58 +03:00 |
turbocrm-xss.yaml
|
minor update
|
2021-04-11 17:24:54 +05:30 |
twig-php-ssti.yaml
|
Update twig-php-ssti.yaml
|
2021-08-16 15:30:23 -05:00 |
ueditor-file-upload.yaml
|
Removed pipe (|) character from references, because the structure requires it to be a string slice, not a string
|
2021-08-18 14:44:27 +03:00 |
unauth-hoteldruid-panel.yaml
|
Update unauth-hoteldruid-panel.yaml
|
2021-08-24 16:46:24 +05:30 |
unauth-spark-api.yaml
|
Update unauth-spark-api.yaml
|
2021-04-22 14:23:08 +05:30 |
viewlinc-crlf-injection.yaml
|
Update viewlinc-crlf-injection.yaml
|
2021-03-16 14:05:20 +05:30 |
visual-tools-dvr-rce.yaml
|
Removed pipe (|) character from references, because the structure requires it to be a string slice, not a string
|
2021-08-18 14:44:27 +03:00 |
vpms-auth-bypass.yaml
|
Coverage for all templates using tags
|
2021-09-09 19:08:13 +05:30 |
webui-rce.yaml
|
adding tags
|
2021-02-19 13:51:21 +05:30 |
wems-manager-xss.yaml
|
Removed pipe (|) character from references, because the structure requires it to be a string slice, not a string
|
2021-08-18 14:44:27 +03:00 |
wooyun-path-traversal.yaml
|
Satisfying the linter (all errors and warnings)
|
2021-08-19 17:44:46 +03:00 |
wuzhicms-sqli.yaml
|
Create wuzhicms-sqli.yaml
|
2021-04-23 18:26:43 +05:30 |
xdcms-sqli.yaml
|
Create xdcms-sqli.yaml
|
2021-03-21 10:15:44 +00:00 |
yapi-rce.yaml
|
removed extra headers not required for template
|
2021-09-08 17:47:19 +05:30 |
yarn-resourcemanager-rce.yaml
|
misc tag updates
|
2021-04-06 12:16:11 +05:30 |
zcms-v3-sqli.yaml
|
Create zcms-v3-sqli.yaml
|
2021-04-23 18:48:00 +05:30 |
zhiyuan-file-upload.yaml
|
Create zhiyuan-file-upload.yaml
|
2021-08-02 11:07:14 +09:00 |
zhiyuan-oa-info-leak.yaml
|
Update zhiyuan-oa-info-leak.yaml
|
2021-02-24 23:22:23 +05:30 |
zhiyuan-oa-session-leak.yaml
|
Create zhiyuan-oa-session-leak.yaml
|
2021-02-24 08:06:28 +00:00 |
zimbra-preauth-ssrf.yaml
|
removed extra headers not required for template
|
2021-09-08 17:47:19 +05:30 |
zms-auth-bypass.yaml
|
Coverage for all templates using tags
|
2021-09-09 19:08:13 +05:30 |