v9.9.1

🔥 Release Highlights 🔥

• [CVE-2024-37032] Ollama - Remote Code Execution (@kaks3c) [critical] 🔥
• [CVE-2024-36991] Splunk Enterprise - Local File Inclusion (@dhiyaneshdk) [high] 🔥
• [CVE-2024-36401] GeoServer RCE in Evaluating Property Name Expressions (@dhiyaneshdk) [critical] 🔥
• [CVE-2024-34102] Adobe Commerce & Magento - CosmicSting (@dhiyaneshdk) [critical] 🔥
• [CVE-2024-33113] D-LINK DIR-845L bsc_sms_inbox.php file - Information Disclosure (@pussycat0x) [medium] 🔥
• [CVE-2024-29972] Zyxel NAS326 Firmware < V5.21(AAZF.17)C0 - NsaRescueAngel Backdoor Account (@gy741) [critical] 🔥
• [CVE-2024-6028] Quiz Maker <= 6.5.8.3 - SQL Injection (@s4e-garage) [critical] 🔥
• [CVE-2023-52251] Kafka UI 0.7.1 Command Injection (@yhy0, @iamnoooob) [high] 🔥
• [CVE-2020-10189] ManageEngine Desktop Central Java Deserialization (@king-alexander) [critical] 🔥

What's Changed

New Templates Added: 75 | CVEs Added: 29 | First-time contributions: 5

• [CVE-2024-37881] SiteGuard WP Plugin <= 1.7.6 - Login Page Disclosure (@s4e-garage) [medium]
• [CVE-2024-37152] Argo CD Unauthenticated Access to sensitive setting (@dhiyaneshdk) [medium]
• [CVE-2024-37032] Ollama - Remote Code Execution (@kaks3c) [critical] 🔥
• [CVE-2024-36991] Splunk Enterprise - Local File Inclusion (@dhiyaneshdk) [high] 🔥
• [CVE-2024-36401] GeoServer RCE in Evaluating Property Name Expressions (@dhiyaneshdk) [critical] 🔥
• [CVE-2024-34102] Adobe Commerce & Magento - CosmicSting (@dhiyaneshdk) [critical] 🔥
• [CVE-2024-33610] Sharp Multifunction Printers - Cookie Exposure (@gy741) [medium]
• [CVE-2024-33605] Sharp Multifunction Printers - Directory Listing (@gy741) [high]
• [CVE-2024-33113] D-LINK DIR-845L bsc_sms_inbox.php file - Information Disclosure (@pussycat0x) [medium] 🔥
• [CVE-2024-32709] WP-Recall <= 16.26.5 - SQL Injection (@s4e-garage) [critical]
• [CVE-2024-29972] Zyxel NAS326 Firmware < V5.21(AAZF.17)C0 - NsaRescueAngel Backdoor Account (@gy741) [critical] 🔥
• [CVE-2024-27292] Docassemble - Local File Inclusion (@johnk3r) [high]
• [CVE-2024-25852] Linksys RE7000 - Command Injection (@s4e-garage) [high]
• [CVE-2024-6188] TrakSYS 11.x.x - Sensitive Data Exposure (@s4e-garage) [medium]
• [CVE-2024-6028] Quiz Maker <= 6.5.8.3 - SQL Injection (@s4e-garage) [critical] 🔥
• [CVE-2024-5947] Deep Sea Electronics DSE855 - Authentication Bypass (@s4e-garage) [medium]
• [CVE-2024-5522] WordPress HTML5 Video Player < 2.5.27 - SQL Injection (@JohnDoeAnonITA) [critical]
• [CVE-2024-5084] Hash Form <= 1.1.0 - Arbitrary File Upload (@s4e-garage) [critical]
• [CVE-2024-4836] Edito CMS - Sensitive Data Leak (@s4e-garage) [high]
• [CVE-2024-4434] LearnPress WordPress LMS Plugin <= 4.2.6.5 - SQL Injection (@s4e-garage) [critical]
• [CVE-2023-52251] Kafka UI 0.7.1 Command Injection (@yhy0, @iamnoooob) [high] 🔥
• [CVE-2023-47117] Label Studio - Sensitive Information Exposure (@iamnoooob, @rootxharsh, @pdresearch) [high]
• [CVE-2023-41599] JFinalCMS v5.0.0 - Directory Traversal (@pussycat0x) [medium]
• [CVE-2023-35161] XWiki >= 6.2-milestone-1 - Cross-Site Scripting (@ritikchaddha) [medium]
• [CVE-2023-35160] XWiki >= 2.5-milestone-2 - Cross-Site Scripting (@ritikchaddha) [medium]
• [CVE-2023-35159] XWiki >= 3.4-milestone-1 - Cross-Site Scripting (@ritikchaddha) [medium]
• [CVE-2023-35156] XWiki >= 6.0-rc-1 - Cross-Site Scripting (@ritikchaddha) [medium]
• [CVE-2023-3380] WAVLINK WN579X3 - Remote Command Execution (@pussycat0x) [critical]
• [CVE-2020-10189] ManageEngine Desktop Central Java Deserialization (@king-alexander) [critical] 🔥
• [CNVD-2023-03903] EduSoho < v22.4.7 - Local File Inclusion (@s4e-garage) [high]
• [CNVD-2021-64035] Leadsec VPN - Arbitrary File Read (@xiaoWangSec) [high]
• [spring4shell-CVE-2022-22965] Spring Framework RCE via Data Binding on JDK 9+ (@dhiyaneshdk, @ritikchaddha) [critical] 🔥
• [csv-injection] CSV Injection Detection (@dhiyaneshdk, @ritikchaddha) [medium]
• [xinclude-injection] XInclude Injection - Detection (@dhiyaneshdk, @ritikchaddha) [high]
• [apache-apollo-default-login] Apache Apollo - Default Login (@ritikchaddha) [high]
• [caprover-default-login] Caprover - Default Login (@ritikchaddha) [high]
• [dialogic-xms-default-login] Dialogic XMS Admin Console - Default Login (@ritikchaddha) [high]
• [jeedom-default-login] Jeedom - Default Login (@ritikchaddha) [high]
• [ruijie-nbr-default-login] Ruijie NBR Series Routers - Default Login (@pussycat0x) [high]
• [apache-apollo-panel] Apache Apollo Panel - Detect (@ritikchaddha) [info]
• [dialogic-xms-console] Dialogic XMS Admin Console - Detect (@ritikchaddha) [info]
• [endpoint-protector-panel] Endpoint Protector Login Panel - Detect (@pussycat0x) [info]
• [label-studio-panel] Label Studio - Login Panel (@dhiyaneshdk) [info]
• [sql-server-dump] SQL Server - Dump Files (@userdehghani) [medium]
• [apache-pinot-config] Apache Pinot - Exposure (@icarot) [medium]
• [filestash-admin-config] Filestash Admin Password Configuration (@dhiyaneshdk) [high]
• [neo4j-neodash-config] Neo4j Neodash Config - Exposure (@icarot) [medium]
• [jwk-json-leak] JSON Web Key File - Exposure (@mohsen Yaghoubi) [low]
• [coolify-register-account] Coolify Register User Account - Enabled (@dhiyaneshdk) [medium]
• [forgejo-repo-exposure] Forgejo Repositories - Exposure (@dhiyaneshdk) [medium]
• [kodbox-installer] Kodbox Installation Page - Exposure (@dhiyaneshdk) [high]
• [piwigo-installer] Piwigo Installation Page - Exposure (@dhiyaneshdk) [high]
• [poste-io-installer] Poste.io - Installer (@dhiyaneshdk) [high]
• [subrion-installer] Subrion CMS Web Installer - Exposure (@ritikchaddha) [high]
• [label-studio-signup] Label Studio - Sign-up Detect (@dhiyaneshdk) [unknown]
• [laragon-phpinfo] Laragon - phpinfo Disclosure (@dhiyaneshdk) [low]
• [seq-dashboard-unauth] Seq Dashboard - Unauthenticated (@dhiyaneshdk) [high]
• [apache-cloudstack-detect] Apache CloudStack - Detect (@pussycat0x) [info]
• [apache-pinot-detect] Apache Pinot - Detect (@icarot) [info]
• [neo4j-neodash-detect] Neo4j Neodash - Detect (@icarot) [info]
• [wordpress-chaty] Floating Chat Widget' Contact Chat Icons, Telegram Chat, Line Messenger, WeChat, Email, SMS, Call Button – Chaty Detection (@ricardomaia) [info]
• [polyfill-backdoor] Polyfill.io - Detection (@kazet) [low]
• [hjsoft-hcm-lfi] Hongjing HCM - Local File Inclusion (@s4e-garage) [high]
• [hjsoft-hcm-sqli] Hongjing HCM - Sql Injection (@s4e-garage) [high]
• [hjsoft-hcm-tb-sqli] Hongjing HCM - Time-Based Sql Injection (@s4e-garage) [high]
• [jinhe-oa-c6-upload-lfi] Jinhe OA_C6_UploadFileDownLoadnew - Arbitrary File Read (@pussycat0x) [high]
• [next-js-cache-poisoning] Next.js Cache Poisoning (@Ice3man543) [high]
• [azon-dominator-sqli] Azon Dominator - SQL Injection (@s4e-garage) [high]
• [bagisto-csti] Bagisto 2.1.2 Client-Side Template Injection (@s4e-garage) [medium]
• [crocus-lfi] Crocus system Service.do - Arbitrary File Read (@pussycat0x) [high]
• [enjoyrmis-sqli] EnjoyRMIS - SQL Injection (@s4e-garage) [high]
• [h3c-cnsss-arbitrary-file-upload] H3C CNSSS - Arbitrary File Upload (@s4e-garage) [critical]
• [pingsheng-electronic-sqli] Pingsheng Electronic Reservoir Supervision Platform - Sql Injection (@s4e-garage) [high]
• [sharp-printers-lfi] Sharp Multifunction Printers - Local File Inclusion (@gy741) [high]
• [ldap-metadata] LDAP Metadata - Enumeration (@pussycat0x) [info]

New Contributors

• @yhy0 made their first contribution in #9345
• @JohnDoeAnonITA made their first contribution in #10137
• @zeroc00I made their first contribution in #10171
• @IPv4v6 made their first contribution in #10212
• @BitThr3at made their first contribution in #10224

Full Changelog: v9.9.0...v9.9.1

v9.9.0 - Kubernetes Cluster Security 🎉

🔥 Release Highlights 🔥

We are expanding the Nuclei Templates to include a specialized set of security checks dedicated to Kubernetes environments. This initiative will cover various Kubernetes components such as Pods, Deployments, StatefulSets, Services, and Network Policies. The new templates will focus on common misconfigurations, compliance issues, and adherence to industry best practices, utilizing the enhanced capabilities like flow, code & javascript protocol.

The addition of these Kubernetes-specific templates will enable security teams to perform in-depth security assessments of Kubernetes clusters, identifying critical misconfigurations and vulnerabilities. Additionally, this update will support customizable checks that align with unique operational needs, helping teams efficiently detect and address security gaps in their Kubernetes setups.

We invite contributors and reviewers to offer their insights and suggestions to refine and advance the development of these Kubernetes security templates. You can read more about it in this blog post.

Other Highlights

• [CVE-2024-32113] Apache OFBiz Directory Traversal - Remote Code Execution (@dhiyaneshdk) [high] 🔥
• [CVE-2024-31982] XWiki < 4.10.20 - Remote code execution (@ritikchaddha) [critical] 🔥
• [CVE-2024-29973] Zyxel NAS326 Firmware < V5.21(AAZF.17)C0 - Command Injection (@ritikchaddha) [critical] 🔥
• [CVE-2024-29895] Cacti cmd_realtime.php - Command Injection (@pussycat0x) [critical] 🔥
• [CVE-2024-29824] Ivanti EPM - Remote Code Execution (@dhiyaneshdk) [critical] 🔥
• [CVE-2024-28995] SolarWinds Serv-U - Directory Traversal (@dhiyaneshdk) [high] 🔥
• [CVE-2024-23692] Rejetto HTTP File Server - Template injection (@johnk3r) [critical] 🔥
• [CVE-2023-51449] Gradio Hugging Face - Local File Inclusion (@nvn1729) [high] 🔥
• [CVE-2023-50719] XWiki < 4.10.15 - Sensitive Information Disclosure (@ritikchaddha) [high] 🔥
• [CVE-2023-43472] MLFlow < 2.8.1 - Sensitive Information Disclosure (@ritikchaddha) [high] 🔥

What's Changed

New Templates Added: 164 | CVEs Added: 41 | First-time contributions: 4

• [CVE-2024-37393] SecurEnvoy Two Factor Authentication - LDAP Injection (s4e-garage) [critical]
• [CVE-2024-36837] CRMEB v.5.2.2 - SQL Injection (@dhiyaneshdk) [high]
• [CVE-2024-36527] Puppeteer Renderer - Directory Traversal (@Stux) [medium]
• [CVE-2024-36412] SuiteCRM - SQL Injection (s4e-garage) [critical]
• [CVE-2024-34982] LyLme-Spage - Arbitary File Upload (@dhiyaneshdk) [high]
• [CVE-2024-32113] Apache OFBiz Directory Traversal - Remote Code Execution (@dhiyaneshdk) [high] 🔥
• [CVE-2024-31982] XWiki < 4.10.20 - Remote code execution (@ritikchaddha) [critical] 🔥
• [CVE-2024-31750] F-logic DataCube3 - SQL Injection (@dhiyaneshdk) [high]
• [CVE-2024-29973] Zyxel NAS326 Firmware < V5.21(AAZF.17)C0 - Command Injection (@ritikchaddha) [critical] 🔥
• [CVE-2024-29895] Cacti cmd_realtime.php - Command Injection (@pussycat0x) [critical] 🔥
• [CVE-2024-29824] Ivanti EPM - Remote Code Execution (@dhiyaneshdk) [critical] 🔥
• [CVE-2024-28995] SolarWinds Serv-U - Directory Traversal (@dhiyaneshdk) [high] 🔥
• [CVE-2024-27718] Smart s200 Management Platform v.S200 - SQL Injection (@dhiyaneshdk) [high]
• [CVE-2024-24565] CrateDB Database - Arbitrary File Read (@dhiyaneshdk) [medium]
• [CVE-2024-24112] Exrick XMall - SQL Injection (@dhiyaneshdk) [critical]
• [CVE-2024-23692] Rejetto HTTP File Server - Template injection (@johnk3r) [critical] 🔥
• [CVE-2024-21650] XWiki < 4.10.20 - Remote code execution (@ritikchaddha) [critical]
• [CVE-2024-4443] Business Directory Plugin <= 6.4.2 - SQL Injection (s4e-garage) [critical]
• [CVE-2024-3922] Dokan Pro <= 3.10.3 - SQL Injection (s4e-garage) [critical]
• [CVE-2024-3552] Web Directory Free < 1.7.0 - SQL Injection (s4e-garage) [critical]
• [CVE-2024-3274] D-LINK DNS-320L,DNS-320LW and DNS-327L - Information Disclosure (@dhiyaneshdk) [medium]
• [CVE-2024-2621] Fujian Kelixin Communication - Command Injection (@dhiyaneshdk) [medium]
• [CVE-2024-1728] Gradio > 4.19.1 UploadButton - Path Traversal (@isacaya) [high]
• [CVE-2024-0939] Smart S210 Management Platform - Arbitary File Upload (@dhiyaneshdk) [critical]
• [CVE-2024-0250] Analytics Insights for Google Analytics 4 < 6.3 - Open Redirect (s4e-garage) [medium]
• [CVE-2023-51449] Gradio Hugging Face - Local File Inclusion (@nvn1729) [high] 🔥
• [CVE-2023-50720] XWiki < 4.10.15 - Email Disclosure (@ritikchaddha) [medium]
• [CVE-2023-50719] XWiki < 4.10.15 - Sensitive Information Disclosure (@ritikchaddha) [high] 🔥
• [CVE-2023-48241] XWiki < 4.10.15 - Information Disclosure (@ritikchaddha) [high]
• [CVE-2023-46732] XWiki < 14.10.14 - Cross-Site Scripting (@ritikchaddha) [medium]
• [CVE-2023-45136] XWiki < 14.10.14 - Cross-Site Scripting (@ritikchaddha) [medium]
• [CVE-2023-43472] MLFlow < 2.8.1 - Sensitive Information Disclosure (@ritikchaddha) [high] 🔥
• [CVE-2023-38194] SuperWebMailer - Cross-Site Scripting (@ritikchaddha) [medium]
• [CVE-2023-37645] EyouCms v1.6.3 - Information Disclosure (@pussycat0x) [medium]
• [CVE-2023-32068] XWiki - Open Redirect (@ritikchaddha) [medium]
• [CVE-2023-6786] Payment Gateway for Telcell < 2.0.4 - Open Redirect (s4e-garage) [medium]
• [CVE-2023-6505] Prime Mover < 1.9.3 - Sensitive Data Exposure (s4e-garage) [high]
• [CVE-2021-43831] Gradio < 2.5.0 - Arbitrary File Read (@isacaya) [high]
• [CVE-2021-38147] Wipro Holmes Orchestrator 20.4.1 - Information Disclosure (s4e-garage) [high]
• [CVE-2021-38146] Wipro Holmes Orchestrator 20.4.1 - Arbitrary File Download (s4e-garage) [high]
• [CVE-2021-4436] 3DPrint Lite < 1.9.1.5 - Arbitrary File Upload (s4e-garage) [critical]
• [sns-public-subscribe-access] Public Subscription Access of SNS Topics via Policy (@Ritesh_Gohil(#L4stPL4Y3R)) [high]
• [k8s-cpu-limits-not-set] CPU limits not set in Deployments (@princechaddha) [medium]
• [k8s-cpu-requests-not-set] CPU Requests not set in Deployments (@princechaddha) [medium]
• [k8s-default-namespace-used] Default Namespace Usage in Deployments (@princechaddha) [high]
• [k8s-host-ports-check] Host ports should not be used (@princechaddha) [medium]
• [k8s-image-pull-policy-always] Image Pull Policy set to Always (@princechaddha) [low]
• [k8s-image-tag-not-fixed] Image Tag should be fixed - not latest or blank (@princechaddha) [low]
• [k8s-liveness-probe-not-configured] Liveness Probe Not Configured in Deployments (@princechaddha) [medium]
• [k8s-memory-limits-not-set] Memory limits not set in Deployments (@princechaddha) [medium]
• [k8s-memory-requests-not-set] Memory requests not set in Deployments (@princechaddha) [medium]
• [minimize-added-capabilities] Minimize container added capabilities (@princechaddha) [high]
• [k8s-privileged-containers] Privileged Containers Found in Deployments (@princechaddha) [critical]
• [k8s-readiness-probe-not-set] Readiness Probes not set in Deployments (@princechaddha) [medium]
• [k8s-root-container-admission] Minimize the admission of root containers (@princechaddha) [critical]
• [k8s-seccomp-profile-set] Set appropriate seccomp profile (@princechaddha) [medium]
• [kubernetes-code-env] Kubernetes Cluster Validation (@princechaddha) [info]
• [k8s-netpol-egress-rules] Network policies define egress rules (@princechaddha) [medium]
• [k8s-netpol-namespace] Network Policies specify namespace (@princechaddha) [medium]
• [k8s-network-ingress-rules] Define network ingress rules (@princechaddha) [medium]
• [k8s-allow-privilege-escalation-set] Containers run with allowPrivilegeEscalation enabled (@princechaddha) [critical]
• [k8s-containers-share-host-ipc] Containers sharing host IPC namespace (@princechaddha) [critical]
• [k8s-host-network-namespace-shared] Host Network Namespace Sharing (@princechaddha) [high]
• [k8s-host-pid-namespace-sharing] Host PID Namespace Sharing (@princechaddha) [critical]
• [k8s-readonly-fs] Enforce Read-Only Filesystem for Containers (@princechaddha) [critical]
• [k8s-readonly-rootfs] Pods with read-only root filesystem (@princechaddha) [medium]
• [k8s-root-user-id] Pods run with root user ID (@princechaddha) [low]
• [audit-log-path-set] Ensure audit-log-path set (@princechaddha) [medium]
• [k8s-enc-prov-conf] Ensure that encryption providers are configured (@princechaddha) [medium]
• [k8s-etcd-cafile-set] Ensure etcd-cafile argument set (@princechaddha) [medium]
• [k8s-etcd-files-set] Ensure etcd cert and key set (@princechaddha) [medium]
• [k8s-ns-usage-check] Ensure namespaces are utilized (@princechaddha) [info]
• [k8s-svc-acct-issuer-set] Checks if service-account-issuer is correctly configured (@princechaddha) [medium]
• [k8s-svc-acct-key] Ensure service-account-key-file set (@princechaddha) [medium]
• [k8s-svc-acct-lookup-set] Ensure service-account-lookup set (@princechaddha) [medium]
• [k8s-tls-config-set] Ensure TLS config appropriately set (@princechaddha) [medium]
• [time-based-sqli] Time-Based Blind SQL Injection (@0xKayala) [critical]
• [anthem-deeppanda-malware-hash] Anthem DeepPanda Trojan Kakfum Malware Hash - Detect (@pussycat0x) [info]
• [applejeus-malware-hash] AppleJeus Malware Hash - Detect (@pussycat0x) [info]
• [avburner-malware-hash] AVBurner Malware Hash - Detect (@pussycat0x) [info]
• [backwash-malware-hash] Backwash Malware Hash - Detect (@pussycat0x) [info]
• [blackenergy-driver-amdide-hash] Blackenergy-Driver Amdide Hash - Detect (@pussycat0x) [info]
• [blackenergy-driver-malware-hash] BlackEnergy Driver USBMDM Malware Hash - Detect (@pussycat0x) [info]
• [blackenergy-killdisk-malware-hash] BlackEnergy KillDisk Malware Hash - Detect (@pussycat0x) [info]
• [blackenergy-ssh-malware-hash] BlackEnergy BackdoorPass DropBear SSH Malware Hash - Detect (@pussycat0x) [info]
• [blackenergy-vbs-malware-hash] BlackEnergy VBS Agent Malware Hash - Detect (@pussycat0x) [info]
• [bluelight-malware-hash] bluelight Malware ...

Added CVE-2024-4577 + Bug fixes

🔥 Release Highlights 🔥

[CVE-2024-4577] PHP CGI - Argument Injection (@hüseyin TINTAŞ, @sw0rk17, @s4e-garage, @pdresearch) [critical]

What's Changed

• Lorex Favicon Hash by @rxerium in #10001
• add cve-2024-4577 by @Kazgangap in #9997

Full Changelog: v9.8.8...v9.8.9

v9.8.8

🔥 Release Highlights 🔥

• [CVE-2024-27348] Apache HugeGraph-Server - Remote Command Execution (@dhiyaneshdk) [high] 🔥
• [CVE-2024-24919] Check Point Quantum Gateway - Information Disclosure (@johnk3r) [high] 🔥
• [CVE-2024-21683] Atlassian Confluence Data Center and Server - Remote Code Execution (@pdresearch) [high] 🔥
• [CVE-2024-4358] Progress Telerik Report Server - Authentication Bypass (@dhiyaneshdk) [critical] 🔥
• [CVE-2024-3495] Wordpress Country State City Dropdown <=2.7.2 - SQL Injection (@apple) [critical] 🔥

What's Changed

New Templates Added: 77 | CVEs Added: 17 | First-time contributions: 8

• [CVE-2024-34470] HSC Mailinspector 5.2.17-3 through 5.2.18 - Local File Inclusion (@topscoder) [high]
• [CVE-2024-27348] Apache HugeGraph-Server - Remote Command Execution (@dhiyaneshdk) [high] 🔥
• [CVE-2024-25723] ZenML ZenML Server - Improper Authentication (@david Botelho Mariano) [critical]
• [CVE-2024-24919] Check Point Quantum Gateway - Information Disclosure (@johnk3r) [high] 🔥
• [CVE-2024-21683] Atlassian Confluence Data Center and Server - Remote Code Execution (@pdresearch) [high] 🔥
• [CVE-2024-5230] FleetCart 4.1.1 - Information Disclosure (@SecurityForEveryone) [medium]
• [CVE-2024-4358] Progress Telerik Report Server - Authentication Bypass (@dhiyaneshdk) [critical] 🔥
• [CVE-2024-3822] Base64 Encoder/Decoder <= 0.9.2 - Cross-Site Scripting (@omranisecurity) [medium]
• [CVE-2024-3495] Wordpress Country State City Dropdown <=2.7.2 - SQL Injection (@apple) [critical] 🔥
• [CVE-2024-1380] Relevanssi (A Better Search) <= 4.22.0 - Query Log Export (@flx) [medium]
• [CVE-2023-48084] Nagios XI < 5.11.3 - SQL Injection (@ritikchaddha) [critical]
• [CVE-2023-35162] XWiki < 14.10.5 - Cross-Site Scripting (@ritikchaddha) [medium]
• [CVE-2023-3077] MStore API < 3.9.8 - SQL Injection (@dhiyaneshdk) [critical]
• [CVE-2023-2059] DedeCMS 5.7.87 - Directory Traversal (@pussycat0x) [medium]
• [CVE-2022-34534] Digital Watchdog DW Spectrum Server 4.2.0.32842 - Information Disclosure (@ritikchaddha) [high]
• [CVE-2022-1580] Site Offline WP Plugin < 1.5.3 - Authorization Bypass (@Kazgangap) [medium]
• [CVE-2022-0666] Microweber < 1.2.11 - CRLF Injection (@ritikchaddha) [high]
• [sns-topic-public-accessible] Public Access of SNS Topics via Policy (@Ritesh_Gohil(#L4stPL4Y3R)) [high]
• [webpack-sourcemap] Webpack Sourcemap (@Lucky0x0D, @PulseSecurity.co.nz) [low]
• [CNVD-2024-15077] AJ-Report Open Source Data Screen - Remote Code Execution (@pussycat0x) [high]
• [ampjuke-default-login] AmpJuke - Default Login (@ritikchaddha) [high]
• [cambium-networks-default-login] Canopy 5.7GHz Access Point - Default Login (@defektive) [high]
• [digital-watchdog-default-login] Digital Watchdog - Default Login (@omranisecurity) [high]
• [busybox-repository-browser] Busybox Repository Browser - Detect (@ritikchaddha) [info]
• [cisco-firepower-panel] Cisco Firepower Management Center login - Detect (@charles D) [info]
• [cox-business-panel] Cox Business Dominion Gateway Login Panel - Detect (@dhiyaneshdk) [info]
• [digital-watchdog-panel] Digital Watchdog - Detect (@ritikchaddha) [info]
• [f5-admin-interface] F5 Admin Interface - Detect (@drewvravick) [info]
• [fortisiem-panel] FortiSIEM Login Panel - Detect (@pussycat0x) [info]
• [oracle-access-management] Oracle Access Management Login Panel - Detect (@righettod) [info]
• [oracle-peoplesoft-panel] Oracle PeopleSoft Login Panel - Detect (@idealphase, @righettod) [info]
• [vrealize-hyperic-panel] vRealize Hyperic Login Panel - Detect (@charles D) [info]
• [wechat-corpsecret-key] Enterprise WeChat Corpsecret Key (@N0el4kLs) [info]
• [netgear-boarddataww-rce] Netgear Devices boardDataWW.php - Unauth RCE (@pussycat0x) [critical]
• [directory-listing] Directory Listing Enabled (@themiddle) [low]
• [dont-panic-traceback] DON'T PANIC Traceback (@ritikchaddha) [low]
• [cowboy-detect] Cowboy - Detect (@Sechunt3r) [info]
• [gabia-server-detect] Gabia Server - Detection (@jadu101) [info]
• [gotweb-detect] GotWeb Detect (@lu4nx) [info]
• [sparklighter-detect] Spark Lighter Detection (@icarot) [info]
• [aquatronica-info-leak] Aquatronica Control System 5.1.6 - Information Disclosure (@SecurityForEveryone) [high]
• [array-vpn-lfi] Array VPN - Arbitrary File Reading Vulnerability (@pussycat0x) [high]
• [cerio-dt-rce] CERIO-DT Interface - Command Execution (@pussycat0x) [critical]
• [easycvr-info-leak] EasyCVR video management - Users Information Exposure (@pussycat0x) [high]
• [proftpd-backdoor] ProFTPd-1.3.3c - Backdoor Command Execution (@pussycat0x) [critical]
• [samba-detect] Samba - Detection (@pussycat0x) [info]
• [rsync-list-modules] Rsync List Modules - Enumeration (@pussycat0x) [low]
• [bitvise-detect] SSH Bitvise Service - Detect (@abdullahisik) [info]
• [activecollab-installer] ActiveCollab Installation Page - Exposure (@dhiyaneshdk) [high]
• [call-com-installer] Call.com Setup Page - Exposure (@dhiyaneshdk) [high]
• [cms-made-simple-installer] CMS Made Simple Installation Page - Exposure (@dhiyaneshdk) [high]
• [confluence-installer] Confluence Installation Page - Exposure (@dhiyaneshdk) [high]
• [cubebackup-setup-installer] CubeBackup Setup Page - Exposure (@dhiyaneshdk) [high]
• [easy-wi-installer] Easy-WI Installation Page - Exposure (@dhiyaneshdk) [high]
• [ejbca-enterprise-installer] EJBCA Enterprise Cloud Configuration Wizard - Exposure (@dhiyaneshdk) [high]
• [flarum-installer] Flarum Installation Page - Exposure (@dhiyaneshdk) [high]
• [fleetcart-installer] FleetCart Installation Page - Exposure (@dhiyaneshdk) [high]
• [glpi-installer] GLPI Installation Page - Exposure (@dhiyaneshdk) [high]
• [invicti-enterprise-installer] Invicti Enterprise Installation Page - Exposure (@dhiyaneshdk) [high]
• [invoice-ninja-installer] Invoice Ninja Setup Page - Exposure (@dhiyaneshdk) [high]
• [jfa-go-installer] jfa-go Setup Page - Exposure (@dhiyaneshdk) [high]
• [justfans-installer] JustFans Installation Page - Exposure (@dhiyaneshdk) [high]
• [librenms-installer] LibreNMS Installation Page - Exposure (@dhiyaneshdk) [high]
• [mura-cms-setup-installer] Mura CMS Setup Page - Exposure (@dhiyaneshdk) [high]
• [onlyoffice-installer] OnlyOffice Wizard Page - Exposure (@dhiyaneshdk) [high]
• [openemr-setup-installer] OpenEMR Setup Installation Page - Exposure (@dhiyaneshdk) [high]
• [orchard-installer] Orchard Setup Wizard - Exposure (@dhiyaneshdk) [high]
• [pandora-fms-installer] Pandora FMS Installation Page - Exposure (@dhiyaneshdk) [high]
• [profittrailer-installer] ProfitTrailer Setup Page - Exposure (@dhiyaneshdk) [high]
• [projectsend-installer] ProjectSend Installation Page - Exposure (@dhiyaneshdk) [high]
• [snipe-it-installer] Snipe-IT Setup Page - Exposure (@dhiyaneshdk) [high]
• [stackposts-installer] StackPosts Installation Page - Exposure (@dhiyaneshdk) [high]
• [tastyigniter-installer] TastyIgniter Setup Page - Exposure (@dhiyaneshdk) [high]
• [ubersmith-installer] Ubersmith Setup Page - Exposure (@dhiyaneshdk) [high]
• [uvdesk-helpdesk-installer] UVDesk Helpdesk Installation Page - Exposure (@dhiyaneshdk) [high]
• [virtual-smartzone-installer] Virtual SmartZone Setup Wizard - Exposure (@dhiyaneshdk) [high]
• [wowonder-installer] WoWonder Installation Page - Exposure (@dhiyaneshdk) [high]

New Contributors

• @defektive made their first contribution in #9845
• @N0el4kLs made their first contribution in #9867
• @moyue83 made their first contribution in #9929
• @isikabdullah44 made their first contribution in #9850
• @Dev0psSec made their first contribution in #9967
• @icarot made their first contribution in #9827
• @pdteamx made their first contribution in #9978
• @L4stPL4Y3R made their first contribution in #9988

Full Changelog: v9.8.7...v9.8.8

v9.8.7

🔥 Release Highlights 🔥

• [CVE-2024-0200] Github Enterprise - Authenticated RCE (@iamnoooob, @rootxharsh, @pdresearch) [critical] 🔥
• [CVE-2024-4956] Sonatype Nexus Repository Manager 3 - Local File Inclusion (@ritikchaddha) [high] 🔥
• [CVE-2024-0195] SpiderFlow Crawler Platform - Remote Code Execution (@pussycat0x) [critical] 🔥
• [CVE-2023-43374] Hoteldruid v3.0.5 - SQL Injection (@ritikchaddha) [critical] 🔥

What's Changed

New Templates Added: 62 | CVEs Added: 16 | First-time contributions: 3

• [CVE-2024-33288] Prison Management System - SQL Injection Authentication Bypass (@Kazgangap) [high]
• [CVE-2024-4956] Sonatype Nexus Repository Manager 3 - Local File Inclusion (@ritikchaddha) [high] 🔥
• [CVE-2024-3097] NextGEN Gallery <= 3.59 - Missing Authorization to Unauth Information Disclosure (@DhiyanesDK) [medium]
• [CVE-2024-1561] Gradio Applications - Local File Read (@diablo) [high]
• [CVE-2024-0200] Github Enterprise - Authenticated RCE (@iamnoooob, @rootxharsh, @pdresearch) [critical] 🔥
• [CVE-2024-0195] SpiderFlow Crawler Platform - Remote Code Execution (@pussycat0x) [critical] 🔥
• [CVE-2023-45855] qdPM 9.2 - Directory Traversal (@dhiyaneshdk) [high]
• [CVE-2023-44813] mooSocial v.3.1.8 - Cross-Site Scripting (@ritikchaddha) [medium]
• [CVE-2023-43374] Hoteldruid v3.0.5 - SQL Injection (@ritikchaddha) [critical] 🔥
• [CVE-2023-36347] POS Codekop v2.0 - Broken Authentication (@princechaddha) [high]
• [CVE-2023-36284] QloApps 1.6.0 - SQL Injection (@ritikchaddha) [high]
• [CVE-2023-35158] XWiki - Cross-Site Scripting (@ritikchaddha) [medium]
• [CVE-2023-29827] Embedded JavaScript(EJS) 3.1.6 - Template Injection (@ritikchaddha) [critical]
• [CVE-2023-6065] Quttera Web Malware Scanner <= 3.4.1.48 - Sensitive Data Exposure (@Kazgangap) [medium]
• [CVE-2023-5991] Hotel Booking Lite < 4.8.5 - Arbitrary File Download & Deletion (@Kazgangap) [critical]
• [CVE-2023-4542] D-Link DAR-8000-10 - Command Injection (@pussycat0x) [critical]
• [CNVD-2017-06001] Dahua DSS - SQL Injection (@napgh0st, @ritikchaddha) [high]
• [softether-vpn-default-login] SoftEther VPN Admin Console - Default Login (@bhutch) [high]
• [ackee-panel] Ackee Panel - Detect (@userdehghani) [info]
• [craftercms-panel] CrafterCMS Login Panel - Detect (@righettod) [info]
• [easyvista-panel] EasyVista Login Panel - Detect (@righettod) [info]
• [f5-next-central-manager] F5 Next Central Manager Panel - Detect (@EgemenKochisarli) [info]
• [ghost-panel] Ghost Panel - Detect (@userdehghani) [info]
• [matomo-panel] Matomo Panel - Detect (@Arr0way, @userdehghani) [info]
• [microfocus-lifecycle-panel] Micro Focus Application Lifecycle Management - Panel (@righettod) [info]
• [n8n-panel] n8n Panel - Detect (@userdehghani) [info]
• [nocodb-panel] NocoDB Panel - Detect (@userdehghani) [info]
• [oracle-ebusiness-panel] Oracle E-Business Suite Login Panel - Detect (@righettod) [info]
• [pocketbase-panel] PocketBase Panel - Detect (@userdehghani) [info]
• [qlikview-accesspoint-panel] QlikView AccessPoint Login Panel - Detect (@righettod) [info]
• [tiny-rss-panel] Tiny RSS Panel - Detect (@userdehghani) [info]
• [unleash-panel] Unleash Panel - Detect (@userdehghani) [info]
• [tpot-honeypot-detect] T-Pot Honeypot - Detect (@rxerium) [info]
• [imgproxy-unauth] Imgproxy Unauthorized Access (@userdehghani) [low]
• [custom-xoops-installer] XOOPS Custom - Installation (@dhiyaneshdk) [high]
• [easy-viserlabs-installer] Easy Installer by ViserLab - Exposure (@dhiyaneshdk) [high]
• [forgejo-installer] Forgejo Installation Page - Exposure (@dhiyaneshdk) [high]
• [froxlor-installer] Froxlor Server Management - Installer (@dhiyaneshdk) [high]
• [growi-installer] GROWI Installer - Exposure (@dhiyaneshdk) [high]
• [ids-skills-installer] IDP Skills Installer - Exposure (@dhiyaneshdk) [high]
• [moosocial-installer] mooSocial Installation - Exposure (@ritikchaddha) [high]
• [octoprint-installer] OctoPrint Installation Page - Exposure (@dhiyaneshdk) [high]
• [openfire-setup] Openfire Setup - Exposure (@dhiyaneshdk) [high]
• [phpmyfaq-installer] phpMyFAQ Installation - Exposure (@ritikchaddha) [high]
• [qloapps-installer] QloApps - Installation (@ritikchaddha) [high]
• [trilium-notes-installer] Trilium Notes Installer - Exposure (@dhiyaneshdk) [high]
• [wiki-js-installer] Wiki.js Setup - Exposure (@dhiyaneshdk) [high]
• [xbackbone-installer] XBackBone Installer - Exposure (@dhiyaneshdk) [high]
• [unigui-server-monitor-exposure] UniGUI Server Monitor Panel - Exposure (@serrapa) [low]
• [apache-answer-detect] Apache Answer - Detection (@omranisecurity) [info]
• [boa-web-server] Boa Web Server - Detect (@johnk3r) [info]
• [craftercms-detect] CrafterCMS - Detect (@righettod) [info]
• [imgproxy-detect] Imgproxy Detect (@userdehghani) [info]
• [meilisearch-detect] Meilisearch - Detect (@userdehghani) [info]
• [microfocus-iprint-detect] Micro Focus iPrint Appliance - Detect (@righettod) [info]
• [statamic-detect] Statamic - Detect (@geeknik) [info]
• [tinyproxy-detect] Tinyproxy - Detect (@bhutch) [info]
• [uni-gui-framework] UniGUI Framework - Detect (@serrapa) [info]
• [wp-bricks-builder-theme] WordPress Bricks Builder Theme Version (@Anonymous) [info]
• [castel-digital-sqli] Castel Digital - Authentication Bypass (@Kazgangap) [high]
• [tendat-credential] Tendat Router Credential - Exposure (@pussycat0x) [high]
• [checkpoint-firewall-enum] Check Point Firewall - Detect (@pussycat0x) [info]

New Contributors

• @x676f64 made their first contribution in #9690
• @Ahsraeisi made their first contribution in #9793
• @jmac774 made their first contribution in #9844

Full Changelog: v9.8.6...v9.8.7

v9.8.6

🔥 Release Highlights 🔥

• http/cves/2024/CVE-2024-23917.yaml by @iamnoooob,@rootxharsh,@pdresearch 🔥
• http/cves/2024/CVE-2024-27956.yaml by @dhiyaneshdk 🔥
• http/cves/2024/CVE-2024-2876.yaml by @iamnoooob,@rootxharsh,@pdresearch 🔥
• http/cves/2024/CVE-2024-3136.yaml by @iamnoooob,@rootxharsh,@pdresearch 🔥
• http/cves/2024/CVE-2024-31848.yaml by @pussycat0x 🔥
• http/cves/2024/CVE-2024-4040.yaml by @dhiyaneshdk,@pussycat0x 🔥
• http/cves/2023/CVE-2023-2227.yaml by @ritikchaddha,@princechaddha 🔥
• http/cves/2023/CVE-2023-31446.yaml by @dhiyaneshdk 🔥
• http/cves/2023/CVE-2023-43208.yaml by @princechaddha 🔥
• http/cves/2023/CVE-2023-6989.yaml by @Kazgangap 🔥
• http/cves/2019/CVE-2019-7139.yaml by @mastercho 🔥

What's Changed

New Templates Added: 65 | CVEs Added: 41 | First-time contributions: 3

• http/cves/2024/CVE-2024-0235.yaml by @princechaddha
• http/cves/2024/CVE-2024-0881.yaml by @Kazgangap
• http/cves/2024/CVE-2024-1183.yaml by @dhiyaneshdk
• http/cves/2024/CVE-2024-22927.yaml by @ritikchaddha
• http/cves/2024/CVE-2024-2340.yaml by @t3l3machus
• http/cves/2024/CVE-2024-23917.yaml by @iamnoooob,@rootxharsh,@pdresearch 🔥
• http/cves/2024/CVE-2024-24131.yaml by @dhiyaneshdk
• http/cves/2024/CVE-2024-27956.yaml by @dhiyaneshdk 🔥
• http/cves/2024/CVE-2024-2876.yaml by @iamnoooob,@rootxharsh,@pdresearch 🔥
• http/cves/2024/CVE-2024-3136.yaml by @iamnoooob,@rootxharsh,@pdresearch 🔥
• http/cves/2024/CVE-2024-31621.yaml by @dhiyaneshdk
• http/cves/2024/CVE-2024-31848.yaml by @pussycat0x 🔥
• http/cves/2024/CVE-2024-31849.yaml by @dhiyaneshdk
• http/cves/2024/CVE-2024-31850.yaml by @dhiyaneshdk
• http/cves/2024/CVE-2024-31851.yaml by @dhiyaneshdk
• http/cves/2024/CVE-2024-32399.yaml by @dhiyaneshdk
• http/cves/2024/CVE-2024-32640.yaml by @iamnoooob,@rootxharsh,@pdresearch
• http/cves/2024/CVE-2024-32651.yaml by @edoardottt
• http/cves/2024/CVE-2024-33575.yaml by @Kazgangap
• http/cves/2024/CVE-2024-33724.yaml by @Kazgangap
• http/cves/2024/CVE-2024-4040.yaml by @dhiyaneshdk,@pussycat0x 🔥
• http/cves/2024/CVE-2024-4348.yaml by @Kazgangap
• http/cves/2023/CVE-2023-1892.yaml by @ritikchaddha,@princechaddha
• http/cves/2023/CVE-2023-2227.yaml by @ritikchaddha,@princechaddha 🔥
• http/cves/2023/CVE-2023-27032.yaml by @mastercho
• http/cves/2023/CVE-2023-2948.yaml by @ritikchaddha,@princechaddha
• http/cves/2023/CVE-2023-2949.yaml by @ritikchaddha,@princechaddha
• http/cves/2023/CVE-2023-31446.yaml by @dhiyaneshdk 🔥
• http/cves/2023/CVE-2023-32077.yaml by @iamnoooob,@rootxharsh,@pdresearch
• http/cves/2023/CVE-2023-38964.yaml by @ritikchaddha
• http/cves/2023/CVE-2023-43208.yaml by @princechaddha 🔥
• http/cves/2023/CVE-2023-44812.yaml by @ritikchaddha
• http/cves/2023/CVE-2023-4521.yaml by @princechaddha
• http/cves/2023/CVE-2023-45375.yaml by @mastercho
• http/cves/2023/CVE-2023-46347.yaml by @mastercho
• http/cves/2023/CVE-2023-4973.yaml by @ritikchaddha,@princechaddha
• http/cves/2023/CVE-2023-5003.yaml by @Kazgangap
• http/cves/2023/CVE-2023-6389.yaml by @Kazgangap
• http/cves/2023/CVE-2023-6989.yaml by @Kazgangap 🔥
• http/cves/2019/CVE-2019-7139.yaml by @mastercho 🔥
• http/cves/2015/CVE-2015-4455.yaml by @mastercho
• http/vulnerabilities/citrix/citrix-oob-memory-read.yaml by @Ice3man
• http/vulnerabilities/prestashop/prestashop-cartabandonmentpro-file-upload.yaml by @mastercho
• http/vulnerabilities/titan/titannit-web-rce.yaml by @dhiyaneshdk
• http/vulnerabilities/vbulletin/vbulletin-search-sqli.yaml by @mastercho
• http/default-logins/crushftp/crushftp-anonymous-login.yaml by @pussycat0x
• http/default-logins/crushftp/crushftp-default-login.yaml by @pussycat0x
• http/default-logins/soplanning/soplanning-default-login.yaml by @Kazgangap
• http/misconfiguration/installer/eyoucms-installer.yaml by @ritikchaddha
• http/misconfiguration/installer/sabnzbd-installer.yaml by @dhiyaneshdk
• http/misconfiguration/microsoft/ms-exchange-local-domain.yaml by @userdehghani
• http/misconfiguration/titannit-web-exposure.yaml by @dhiyaneshdk
• http/takeovers/squadcast-takeover.yaml by @philippedelteil
• http/exposed-panels/bmc/bmc-remedy-sso-panel.yaml by @righettod
• http/exposed-panels/bonobo-server-panel.yaml by @bhutch
• http/exposed-panels/cassia-bluetooth-gateway-panel.yaml by @dhiyaneshdk
• http/exposed-panels/cyberchef-panel.yaml by @rxerium
• http/exposed-panels/femtocell-panel.yaml by @dhiyaneshdk
• http/exposed-panels/monitorr-panel.yaml by @ritikchaddha
• http/exposed-panels/openwebui-panel.yaml by @rxerium
• http/exposed-panels/teamforge-panel.yaml by @lstatro
• http/exposed-panels/tixeo-panel.yaml by @righettod
• http/exposed-panels/umami-panel.yaml by @userdehghani
• network/detection/aix-websm-detect.yaml by @righettod
• network/detection/bluecoat-telnet-proxy-detect.yaml by @righettod

New Contributors

• @theMiddleBlue made their first contribution in #9637
• @userdehghani made their first contribution in #9666
• @jason3e7 made their first contribution in #9731

Full Changelog: v9.8.5...v9.8.6

v9.8.5 - AWS Cloud Config Review

🔥 Release Highlights 🔥

We're excited to share about Nuclei-Templates v9.8.5! This new version includes newly added AWS cloud config review templates.
These templates can be used by companies or pentesters for identifying misconfigurations in the AWS cloud environment.

Similarly by leveraging aws code templates, security teams will be able to write their own checks for identifying misconfigurations that are specific to their particular workflows. This will enable them to effectively identify and remediate potential security issues within AWS environments.

To use cloud configuration review templates, first we need set up the environment. This setup is similar to using the aws-cli, where you either add aws_access_key_id and aws_secret_access_key to the ~/.aws/credentials file or export them as environment variables.

nuclei -id aws-code-env -code

We've also introduced the concept of profiles, which allow users to run a specific set of templates tailored for a particular use case. For running AWS templates, we have a profile named aws-cloud-config.

Now you're all set to run the templates!

nuclei -config ~/nuclei-templates/profiles/aws-cloud-config.yml -cloud-upload

What's Changed

New Templates Added: 142 | CVEs Added: 10 | First-time contributions: 6

• http/cves/2024/CVE-2024-26331.yaml by @carsonchan12345 🔥
• http/cves/2024/CVE-2024-3400.yaml by @Salts,@parthmalhotra 🔥
• http/cves/2024/CVE-2024-3273.yaml by @pussycat0x 🔥
• code/cves/2024/CVE-2024-3094.yaml by @pdteam 🔥
• http/cves/2024/CVE-2024-2879.yaml by @d4ly 🔥
• http/cves/2024/CVE-2024-2389.yaml by @pdresearch,@parthmalhotra 🔥
• http/cves/2024/CVE-2024-0337.yaml by @Kazgangap
• javascript/cves/2023/CVE-2023-48795.yaml by @pussycat0x
• http/cves/2022/CVE-2022-24627.yaml by @geeknik
• http/cves/2022/CVE-2022-0424.yaml by @Kazgangap
• http/vulnerabilities/other/opencart-core-sqli.yaml by @Kazgangap
• http/vulnerabilities/other/quick-cms-sqli.yaml by @Kazgangap
• http/vulnerabilities/other/user-management-system-sqli.yaml by @f0xy
• cloud/aws/acm/acm-cert-expired.yaml by @princechaddha
• cloud/aws/acm/acm-cert-renewal-30days.yaml by @princechaddha
• cloud/aws/acm/acm-cert-renewal-45days.yaml by @princechaddha
• cloud/aws/acm/acm-cert-validation.yaml by @princechaddha
• cloud/aws/acm/acm-wildcard-cert.yaml by @princechaddha
• cloud/aws/aws-code-env.yaml by @princechaddha
• cloud/aws/cloudtrail/cloudtrail-data-events.yaml by @princechaddha
• cloud/aws/cloudtrail/cloudtrail-disabled.yaml by @princechaddha
• cloud/aws/cloudtrail/cloudtrail-dup-logs.yaml by @princechaddha
• cloud/aws/cloudtrail/cloudtrail-global-disabled.yaml by @princechaddha
• cloud/aws/cloudtrail/cloudtrail-integrated-cloudwatch.yaml by @princechaddha
• cloud/aws/cloudtrail/cloudtrail-log-integrity.yaml by @princechaddha
• cloud/aws/cloudtrail/cloudtrail-logs-not-encrypted.yaml by @princechaddha
• cloud/aws/cloudtrail/cloudtrail-mfa-delete.yaml by @princechaddha
• cloud/aws/cloudtrail/cloudtrail-mgmt-events.yaml by @princechaddha
• cloud/aws/cloudtrail/cloudtrail-public-buckets.yaml by @princechaddha
• cloud/aws/cloudtrail/cloudtrail-s3-bucket-logging.yaml by @princechaddha
• cloud/aws/cloudtrail/s3-object-lock-not-enabled.yaml by @princechaddha
• cloud/aws/cloudwatch/cw-alarm-action-set.yaml by @princechaddha
• cloud/aws/cloudwatch/cw-alarms-actions.yaml by @princechaddha
• cloud/aws/ec2/ec2-imdsv2.yaml by @princechaddha
• cloud/aws/ec2/ec2-public-ip.yaml by @princechaddha
• cloud/aws/ec2/ec2-sg-egress-open.yaml by @princechaddha
• cloud/aws/ec2/ec2-sg-ingress.yaml by @princechaddha
• cloud/aws/ec2/ec2-unrestricted-cifs.yaml by @princechaddha
• cloud/aws/ec2/ec2-unrestricted-dns.yaml by @princechaddha
• cloud/aws/ec2/ec2-unrestricted-ftp.yaml by @princechaddha
• cloud/aws/ec2/ec2-unrestricted-http.yaml by @princechaddha
• cloud/aws/ec2/ec2-unrestricted-https.yaml by @princechaddha
• cloud/aws/ec2/ec2-unrestricted-icmp.yaml by @princechaddha
• cloud/aws/ec2/ec2-unrestricted-memcached.yaml by @princechaddha
• cloud/aws/ec2/ec2-unrestricted-mongodb.yaml by @princechaddha
• cloud/aws/ec2/ec2-unrestricted-mssql.yaml by @princechaddha
• cloud/aws/ec2/ec2-unrestricted-mysql.yaml by @princechaddha
• cloud/aws/ec2/ec2-unrestricted-netbios.yaml by @princechaddha
• cloud/aws/ec2/ec2-unrestricted-opensearch.yaml by @princechaddha
• cloud/aws/ec2/ec2-unrestricted-oracle.yaml by @princechaddha
• cloud/aws/ec2/ec2-unrestricted-pgsql.yaml by @princechaddha
• cloud/aws/ec2/ec2-unrestricted-rdp.yaml by @princechaddha
• cloud/aws/ec2/ec2-unrestricted-redis.yaml by @princechaddha
• cloud/aws/ec2/ec2-unrestricted-smtp.yaml by @princechaddha
• cloud/aws/ec2/ec2-unrestricted-ssh.yaml by @princechaddha
• cloud/aws/ec2/ec2-unrestricted-telnet.yaml by @princechaddha
• cloud/aws/ec2/publicly-shared-ami.yaml by @princechaddha
• cloud/aws/ec2/unencrypted-aws-ami.yaml by @princechaddha
• cloud/aws/iam/iam-access-analyzer.yaml by @princechaddha
• cloud/aws/iam/iam-expired-ssl.yaml by @princechaddha
• cloud/aws/iam/iam-full-admin-privileges.yaml by @princechaddha
• cloud/aws/iam/iam-key-rotation-90days.yaml by @princechaddha
• cloud/aws/iam/iam-mfa-enable.yaml by @princechaddha
• cloud/aws/iam/iam-password-policy.yaml by @princechaddha
• cloud/aws/iam/iam-root-mfa.yaml by @princechaddha
• cloud/aws/iam/iam-ssh-keys-rotation.yaml by @princechaddha
• cloud/aws/iam/iam-unapproved-policy.yaml by @princechaddha
• cloud/aws/iam/iam-user-password-change.yaml by @princechaddha
• cloud/aws/iam/ssl-cert-renewal.yaml by @princechaddha
• cloud/aws/rds/aurora-copy-tags-snap.yaml by @princechaddha
• cloud/aws/rds/aurora-delete-protect.yaml by @princechaddha
• cloud/aws/rds/iam-db-auth.yaml by @princechaddha
• cloud/aws/rds/rds-backup-enable.yaml by @princechaddha
• cloud/aws/rds/rds-deletion-protection.yaml by @princechaddha
• cloud/aws/rds/rds-encryption-check.yaml by @princechaddha
• cloud/aws/rds/rds-event-notify.yaml by @princechaddha
• cloud/aws/rds/rds-event-sub-enable.yaml by @princechaddha
• cloud/aws/rds/rds-event-sub.yaml by @princechaddha
• cloud/aws/rds/rds-gp-ssd-usage.yaml by @princechaddha
• cloud/aws/rds/rds-public-snapshot.yaml by @princechaddha
• cloud/aws/rds/rds-public-subnet.yaml by @princechaddha
• cloud/aws/rds/rds-ri-payment-fail.yaml by @princechaddha
• cloud/aws/rds/rds-snapshot-encryption.yaml by @princechaddha
• cloud/aws/s3/s3-access-logging.yaml by @princechaddha
• cloud/aws/s3/s3-auth-fullcontrol.yaml by @princechaddha
• cloud/aws/s3/s3-bucket-key.yaml by @princechaddha
• cloud/aws/s3/s3-bucket-policy-public-access.yaml by @princechaddha
• cloud/aws/s3/s3-mfa-delete-check.yaml by @princechaddha
• cloud/aws/s3/s3-public-read-acp.yaml by @princechaddha
• cloud/aws/s3/s3-public-read.yaml by @princechaddha
• cloud/aws/s3/s3-public-write-acp.yaml by @princechaddha
• cloud/aws/s3/s3-public-write.yaml by @princechaddha
• cloud/aws/s3/s3-server-side-encryption.yaml by @princechaddha
• cloud/aws/s3/s3-versioning.yaml by @princechaddha
• cloud/aws/vpc/nacl-open-inbound.yaml by @princechaddha
• cloud/aws/vpc/nacl-outbound-restrict.yaml by @princechaddha
• cloud/aws/vpc/nat-gateway-usage.yaml by @princechaddha
• cloud/aws/vpc/unrestricted-admin-ports.yaml by @princechaddha
• cloud/aws/vpc/vpc-endpoint-exposed.yaml by @princechaddha
• cloud/aws/vpc/vpc-endpoints-not-deployed.yaml by @princechaddha
• cloud/aws/vpc/vpc-flowlogs-not-enabled.yaml by @princechaddha
• cloud/aws/vpc/vpn-tunnel-down.yaml by @princechaddha
• http/misconfiguration/apple-cups-exposure.yaml by @dhiyaneshdk
• http/misconfiguration/dlink-unauth-cgi-script.yaml by @pussycat0x
• http/misconfiguration/helm-dashboard-exposure.yaml by @dhiyaneshdk
• http/misconfiguration/installer/phpipam-installer.yaml by @dhiyaneshdk
• http/misconfiguration/intelbras-dvr-unauth.yaml by @pussycat0x
• http/misconfiguration/sentinel-license-monitor.yaml by @dhiyaneshdk
• http/misconfiguration/thanos-prometheus-exposure.yaml by @dhiyaneshdk
• http/default-logins/allnet/allnet-default-login.yaml by @ritikchaddha
• http/default-logins/asus/asus-rtn16-default-login.yaml by @ritikchaddha
• http/default-logins/asus/asus-wl500g-default-login.yaml by @ritikchaddha
• http/default-logins/asus/asus-wl520GU-default-login.yaml by @ritikchaddha
• http/default-logins/barco-clickshare-default-login.yaml by @ritikchaddha
• http/exposed-panels/akhq-panel.yaml by @dhiyaneshdk
• http/exposed-panels/algonomia-panel.yaml by @righettod
• http/exposed-panels/beyondtrust-priv-panel.yaml by @righettod
• http/exposed-panels/chemotargets-clarityvista-panel.yaml by @righettod
• http/exposed-panels/mitel-micollab-panel.yaml by @righettod
• http/exposed-panels/mitric-checker-panel.yaml by @righettod
• http/exposed-panels/ni-web-based-panel.yaml by @dhiyaneshdk
• http/exposed-panels/ollama-llm-panel.yaml by @pbuff07
• http/exposed-panels/outsystems-servicecenter-panel.yaml by @righettod
• http/exposed-panels/powerchute-network-panel.yaml by @dhiyaneshdk
• http/exposed-panels/rtm-web-panel.yaml by @dhiyaneshdk
• http/exposed-panels/suprema-biostar-panel.yaml by @ritikchaddha
• http/exposed-panels/tibco-spotfire-panel.yaml by @righettod
• http/exposed-panels/uipath-orchestrator-panel.yaml by @righettod
• http/exposed-panels/urbackup-panel.yaml by @dhiyaneshdk
• http/exposed-panels/zenml-dashboard-panel.yaml by @dhiyaneshdk
• http/exposures/apis/aspnet-soap-webservices-asmx.yaml by @righettod
• http/exposures/apis/redfish-api.yaml by @righettod
• http/exposures/files/ht-deployment.yaml by @Michal-Mikolas
• http/takeovers/gohire-takeover.yaml by @philippedelteil
• http/takeovers/helpdocs-takeover.yaml by @philippedelteil
• http/takeovers/softr-takeover.yaml by @philippedelteil
• http/takeovers/uptime-takeover.yaml by @philippedelteil
• http/technologies/citrix-xenmobile-version.yaml by @pu...

v9.8.1

What's Changed

New Templates Added: 77 | CVEs Added: 29 | First-time contributions: 6

• http/cves/2024/CVE-2024-20767.yaml by @iamnoooob,@rootxharsh,@pdresearch
• http/cves/2024/CVE-2024-27564.yaml by @dhiyaneshdk
• http/cves/2024/CVE-2024-28255.yaml by @dhiyaneshdk,@Iamnooob
• http/cves/2024/CVE-2024-28734.yaml by @Kazgangap
• http/cves/2024/CVE-2024-29059.yaml by @iamnoooob,@rootxharsh,@dhiyaneshdk,@pdresearch
• http/cves/2024/CVE-2024-29269.yaml by @ritikchaddha
• http/cves/2023/CVE-2023-0159.yaml by @c4sper0
• http/cves/2023/CVE-2023-0678.yaml by @princechaddha,@ritikchaddha
• http/cves/2023/CVE-2023-34993.yaml by @dwisiswant0
• http/cves/2023/CVE-2023-47218.yaml by @ritikchaddha
• http/cves/2022/CVE-2022-29013.yaml by @dhiyaneshdk
• http/cves/2022/CVE-2022-32430.yaml by @dhiyaneshdk
• http/cves/2022/CVE-2022-41412.yaml by @null_hypothesis
• http/cves/2021/CVE-2021-46418.yaml by @dhiyaneshdk
• http/cves/2021/CVE-2021-46419.yaml by @dhiyaneshdk
• http/cves/2019/CVE-2019-9632.yaml by @pdteam
• http/cves/2018/CVE-2018-10735.yaml by @dhiyaneshdk
• http/cves/2018/CVE-2018-10736.yaml by @dhiyaneshdk
• http/cves/2018/CVE-2018-10737.yaml by @dhiyaneshdk
• http/cves/2018/CVE-2018-10738.yaml by @dhiyaneshdk
• http/cves/2018/CVE-2018-6605.yaml by @dhiyaneshdk
• http/cves/2018/CVE-2018-7314.yaml by @dhiyaneshdk
• http/cves/2016/CVE-2016-5674.yaml by @dhiyaneshdk
• dast/cves/2018/CVE-2018-19518.yaml by @princechaddha
• dast/cves/2021/CVE-2021-45046.yaml by @princechaddha
• dast/cves/2022/CVE-2022-34265.yaml by @princechaddha
• dast/cves/2022/CVE-2022-42889.yaml by @MorDavid,@princechaddha
• dast/vulnerabilities/cmdi/blind-oast-polyglots.yaml by @pdteam,@geeknik
• dast/vulnerabilities/cmdi/ruby-open-rce.yaml by @pdteam
• dast/vulnerabilities/crlf/cookie-injection.yaml by @pdteam
• dast/vulnerabilities/crlf/crlf-injection.yaml by @pdteam
• dast/vulnerabilities/csti/angular-client-side-template-injection.yaml by @theamanrawat
• dast/vulnerabilities/lfi/lfi-keyed.yaml by @pwnhxl
• dast/vulnerabilities/lfi/linux-lfi-fuzz.yaml by @dhiyaneshdk
• dast/vulnerabilities/lfi/windows-lfi-fuzz.yaml by @pussycat0x
• dast/vulnerabilities/redirect/open-redirect.yaml by @princechaddha
• dast/vulnerabilities/rfi/generic-rfi.yaml by @m4lwhere
• dast/vulnerabilities/sqli/sqli-error-based.yaml by @geeknik,@pdteam
• dast/vulnerabilities/ssrf/blind-ssrf.yaml by @pdteam
• dast/vulnerabilities/ssrf/response-ssrf.yaml by @pdteam,@pwnhxl,@j4vaovo
• dast/vulnerabilities/ssti/reflection-ssti.yaml by @pdteam
• dast/vulnerabilities/xss/dom-xss.yaml by @theamanrawat
• dast/vulnerabilities/xss/reflected-xss.yaml by @pdteam
• dast/vulnerabilities/xxe/generic-xxe.yaml by @pwnhxl
• http/vulnerabilities/dahua/dahua-eims-rce.yaml by @dhiyaneshdk
• http/vulnerabilities/huatian/huatian-oa-sqli.yaml by @ritikchaddha
• http/vulnerabilities/landray/landray-eis-sqli.yaml by @dhiyaneshdk
• http/vulnerabilities/other/voyager-lfi.yaml by @mammad_rahimzada
• javascript/cves/2012/CVE-2012-2122.yaml by @pussycat0x
• javascript/cves/2019/CVE-2019-9193.yaml by @pussycat0x
• javascript/enumeration/minecraft-enum.yaml by @pussycat0x
• javascript/enumeration/pgsql/pgsql-default-db.yaml by @pussycat0x
• javascript/enumeration/pgsql/pgsql-file-read.yaml by @pussycat0x
• javascript/enumeration/pgsql/pgsql-list-database.yaml by @pussycat0x
• javascript/enumeration/pgsql/pgsql-list-password-hashes.yaml by @pussycat0x
• javascript/enumeration/pgsql/pgsql-list-users.yaml by @pussycat0x
• javascript/enumeration/pgsql/pgsql-version-detect.yaml by @pussycat0x
• javascript/misconfiguration/pgsql/pgsql-extensions-rce.yaml by @pussycat0x
• javascript/misconfiguration/pgsql/postgresql-empty-password.yaml by @pussycat0x
• javascript/udp/detection/tftp-detect.yaml by @pussycat0x
• http/default-logins/3com/3Com-wireless-default-login.yaml by @ritikchaddha
• http/default-logins/3ware-default-login.yaml by @ritikchaddha
• http/default-logins/next-terminal/next-terminal-default-login.yaml by @ritikchaddha
• http/exposed-panels/amprion-gridloss-panel.yaml by @righettod
• http/exposed-panels/safenet-authentication-panel.yaml by @righettod
• http/exposed-panels/syfadis-xperience-panel.yaml by @righettod
• http/exposures/configs/deployment-ini.yaml by @michal Mikolas (nanuqcz)
• http/miscellaneous/form-detection.yaml by @pdteam
• http/misconfiguration/https-to-http-redirect.yaml by @kazet
• http/technologies/celebrus-detect.yaml by @righettod
• http/technologies/privatebin-detect.yaml by @righettod
• http/technologies/simplesamlphp-detect.yaml by @righettod
• http/technologies/yourls-detect.yaml by @lstatro
• network/c2/darkcomet-trojan.yaml by @pussycat0x
• network/c2/darktrack-rat-trojan.yaml by @pussycat0x
• network/c2/orcus-rat-trojan.yaml by @pussycat0x
• network/c2/xtremerat-trojan.yaml by @pussycat0x

New Contributors

• @omkar7505 made their first contribution in #9407
• @lstatro made their first contribution in #9473
• @null-hyp0thesis made their first contribution in #9497
• @memmedrehimzade made their first contribution in #9463
• @denandz made their first contribution in #9480
• @hossamshady11 made their first contribution in #9514

Full Changelog: v9.8.0...v9.8.1

v9.8.0 - Catch 'Em All: Network Vulnerabilities

🔥 Release Highlights 🔥

We're thrilled to share that with the launch of Nuclei Templates version 9.8.0, we've broadened our scope in network security checks. Our template library now boasts over 8,000 entries, encompassing more than 7,202 templates for web applications. This collection includes 2,200 web-related CVEs and features more than 850 templates aimed at identifying web vulnerabilities.

With the help of active community contributions, we have been adding all the latest web CVEs and vulnerabilities in the wild. While we continue to do so, we are focused on expanding our template offerings to include network vulnerabilities, providing the most comprehensive scanning.

With this release, we're inviting contributors to aid us in enriching our network vulnerability detection, facilitated by the new JS protocol. This makes it simpler to incorporate network checks through the newly introduced JS modules. For guidance on crafting JS templates, check out our documentation here.

Next, we are aiming to expand coverage of LDAP and Kerberos related checks. We are looking forward to getting more contributions from the community

What's Changed

New Templates Added: 85 | CVEs Added: 8 | First-time contributions: 5

• http/cves/2023/CVE-2023-49785.yaml by @high 🔥
• http/cves/2023/CVE-2023-5830.yaml by @mbb5546
• http/cves/2023/CVE-2023-5914.yaml by @dhiyaneshdk
• http/cves/2023/CVE-2023-6114.yaml by @dhiyaneshdk
• http/cves/2023/CVE-2023-6567.yaml by @iamnoooob,@rootxharsh,@pdresearch 🔥
• http/cves/2024/CVE-2024-1212.yaml by @dhiyaneshdk 🔥
• http/cves/2024/CVE-2024-1698.yaml by @dhiyaneshdk
• http/cves/2024/CVE-2024-27954.yaml by @iamnoooob,@rootxharsh,@pdresearch 🔥
• javascript/audit/mysql/mysql-load-file.yaml by @pussycat0x
• javascript/enumeration/mysql/mysql-default-login.yaml by @dhiyaneshdk,@pussycat0x,@ritikchaddha
• javascript/enumeration/mysql/mysql-info.yaml by @pussycat0x
• javascript/enumeration/mysql/mysql-show-databases.yaml by @dhiyaneshdk
• javascript/enumeration/mysql/mysql-show-variables.yaml by @dhiyaneshdk
• javascript/enumeration/mysql/mysql-user-enum.yaml by @pussycat0x
• javascript/enumeration/pop3/pop3-capabilities-enum.yaml by @pussycat0x
• javascript/enumeration/redis/redis-info.yaml by @dhiyaneshdk
• javascript/enumeration/redis/redis-require-auth.yaml by @dhiyaneshdk
• javascript/enumeration/rsync/rsync-version.yaml by @dhiyaneshdk
• javascript/enumeration/smb/smb-default-creds.yaml by @pussycat0x
• javascript/enumeration/smb/smb-enum-domains.yaml by @dhiyaneshdk
• javascript/enumeration/smb/smb-os-detect.yaml by @pussycat0x
• javascript/enumeration/smb/smb-version-detect.yaml by @pussycat0x
• javascript/enumeration/smb/smb2-server-time.yaml by @dhiyaneshdk
• javascript/misconfiguration/mysql/mysql-empty-password.yaml by @dhiyaneshdk
• http/vulnerabilities/esafenet/esafenet-mysql-fileread.yaml by @dhiyaneshdk
• http/vulnerabilities/idoc/idocview-2word-fileupload.yaml by @dhiyaneshdk
• http/vulnerabilities/idoc/idocview-lfi.yaml by @dhiyaneshdk
• http/vulnerabilities/landray/landray-eis-ws-infoleak.yaml by @fur1na
• http/vulnerabilities/other/office365-indexs-fileread.yaml by @dhiyaneshdk
• http/vulnerabilities/other/ups-network-lfi.yaml by @Kazgangap
• http/default-logins/ispconfig-default-login.yaml by @pussycat0x
• http/misconfiguration/installer/posteio-installer.yaml by @ritikchaddha
• http/exposures/files/generic-db.yaml by @michal Mikolas (nanuqcz)
• http/exposed-panels/bynder-panel.yaml by @righettod
• http/exposed-panels/c2/ares-rat-c2.yaml by @pussycat0x
• http/exposed-panels/c2/caldera-c2.yaml by @pussycat0x
• http/exposed-panels/c2/hack5-cloud-c2.yaml by @pussycat0x
• http/exposed-panels/c2/pupyc2.yaml by @pussycat0x
• http/exposed-panels/c2/supershell-c2.yaml by @pussycat0x
• http/exposed-panels/cisco/cisco-expressway-panel.yaml by @righettod
• http/exposed-panels/emqx-panel.yaml by @righettod
• http/exposed-panels/fortinet/forticlientems-panel.yaml by @h4sh5
• http/exposed-panels/fortinet/fortiwlm-panel.yaml by @EgemenKochisarli
• http/exposed-panels/neocase-hrportal-panel.yaml by @righettod
• http/exposed-panels/osnexus-panel.yaml by @charles D.
• http/exposed-panels/posteio-admin-panel.yaml by @ritikchaddha
• http/exposed-panels/skeepers-panel.yaml by @righettod
• http/exposed-panels/softether-vpn-panel.yaml by @bhutch
• network/detection/wing-ftp-detect.yaml by @ritikchaddha
• ssl/c2/venomrat.yaml by @pussycat0x
• http/osint/phishing/kakao-login-phish.yaml by @hahwul
• http/osint/phishing/naver-login-phish.yaml by @hahwul
• http/technologies/directus-detect.yaml by @ricardomaia
• http/technologies/microsoft/aspnet-version-detect.yaml by @Lucky0x0D,@PulseSecurity.co.nz
• http/technologies/microsoft/aspnetmvc-version-disclosure.yaml by @Lucky0x0D,@PulseSecurity.co.nz
• http/technologies/wing-ftp-service-detect.yaml by @ritikchaddha
• dns/soa-detect.yaml by @rxerium
• dns/spf-record-detect.yaml by @rxerium
• dns/txt-service-detect.yaml by @rxerium
• file/keys/dependency/dependency-track.yaml by @dhiyaneshdk
• file/keys/docker/dockerhub-pat.yaml by @dhiyaneshdk
• file/keys/doppler/doppler-audit.yaml by @dhiyaneshdk
• file/keys/doppler/doppler-cli.yaml by @dhiyaneshdk
• file/keys/doppler/doppler-scim.yaml by @dhiyaneshdk
• file/keys/doppler/doppler-service-account.yaml by @dhiyaneshdk
• file/keys/doppler/doppler-service.yaml by @dhiyaneshdk
• file/keys/dropbox/dropbox-access.yaml by @dhiyaneshdk
• file/keys/huggingface/huggingface-user-access.yaml by @dhiyaneshdk
• file/keys/linkedin/linkedin-client.yaml by @dhiyaneshdk
• file/keys/linkedin/linkedin-secret.yaml by @dhiyaneshdk
• file/keys/newrelic/newrelic-api-service.yaml by @dhiyaneshdk
• file/keys/newrelic/newrelic-license-non.yaml by @dhiyaneshdk
• file/keys/newrelic/newrelic-license.yaml by @dhiyaneshdk
• file/keys/odbc/odbc-connection.yaml by @dhiyaneshdk
• file/keys/okta/okta-api.yaml by @dhiyaneshdk
• file/keys/particle/particle-access.yaml by @dhiyaneshdk
• file/keys/react/reactapp-password.yaml by @dhiyaneshdk
• file/keys/react/reactapp-username.yaml by @dhiyaneshdk
• file/keys/salesforce/salesforce-access.yaml by @dhiyaneshdk
• file/keys/thingsboard/thingsboard-access.yaml by @dhiyaneshdk
• file/keys/truenas/truenas-api.yaml by @dhiyaneshdk
• file/keys/twitter/twitter-client.yaml by @dhiyaneshdk
• file/keys/twitter/twitter-secret.yaml by @dhiyaneshdk,@gaurang,@daffainfo
• file/keys/wireguard/wireguard-preshared.yaml by @dhiyaneshdk
• file/keys/wireguard/wireguard-private.yaml by @dhiyaneshdk

B636160776167737022757F6025667965636562702C6C6967702275667275637024627F636379644022757F602E6F602C656E6E61686360237564716C607D65647D29656C63657E60256864702E6960222C6C61402D654720286364716342202567616373756D602F64702E6F63727560702473727966602568645 🐛

New Contributors

• @EgemenKochisarli made their first contribution in #9353
• @s-kali made their first contribution in #9357
• @Facucuervo87 made their first contribution in #9254
• @h4sh5 made their first contribution in #9350
• @Kazgangap made their first contribution in #9395

Full Changelog: v9.7.8...v9.8.0

v9.7.8 - Fishing for Phishing

🔥 Release Highlights 🔥

In our latest release, we are thrilled to announce new addition of 120+ OSINT - Phishing Detection templates, thanks to the contributions of our community member @rxerium. These templates are accessible at Phishing Detection templates.

These templates are specifically added to help OSINT analysts, threat researchers, and security professionals in discovering and studying phishing campaigns therefore, we have added them to the OSINT scan profile here. Users can execute the OSINT scan configuration profile with nuclei -u <host> -config ~/nuclei-templates/config/osint.yml

Please note that these templates are not included in the default run. To use them, users can simply include them in the scan using nuclei -u <host> -tags phishing -itags phishing.

By identifying and analyzing phishing sites, OSINT analysts can discover patterns, monitor the activities of threat actors, and collect data essential for broader security research or investigative journalism. This makes it a valuable addition to the OSINT toolkit.

What's Changed

New Templates Added: 126

• http/cves/2023/CVE-2023-43187.yaml by @0xParth
• http/cves/2023/CVE-2023-5089.yaml by @JPG0mez
• http/vulnerabilities/chanjet-tplus/chanjet-tplus-unauth-passreset.yaml by @0xr2r
• http/exposed-panels/atlassian-bamboo-panel.yaml by @righettod
• http/exposed-panels/cleanweb-panel.yaml by @righettod
• http/exposed-panels/eset-protect-panel.yaml by @charles D.
• http/exposed-panels/graylog-panel.yaml by @righettod
• http/exposed-panels/lockself-panel.yaml by @righettod
• http/exposed-panels/moodle-workplace-panel.yaml by @righettod
• http/exposed-panels/nexus-panel.yaml by @righettod
• http/exposed-panels/pahtool-panel.yaml by @righettod
• http/technologies/hcpanywhere-detect.yaml by @righettod
• http/technologies/admiralcloud-detect.yaml by @righettod
• http/osint/phishing/1password-phish.yaml by @rxerium
• http/osint/phishing/adobe-phish.yaml by @rxerium
• http/osint/phishing/aliexpress-phish.yaml by @rxerium
• http/osint/phishing/amazon-phish.yaml by @rxerium
• http/osint/phishing/amazon-web-services-phish.yaml by @rxerium
• http/osint/phishing/american-express-phish.yaml by @rxerium
• http/osint/phishing/anydesk-phish.yaml by @rxerium
• http/osint/phishing/avast-phish.yaml by @rxerium
• http/osint/phishing/avg-phish.yaml by @rxerium
• http/osint/phishing/bank-of-america-phish.yaml by @rxerium
• http/osint/phishing/battlenet-phish.yaml by @rxerium
• http/osint/phishing/bestbuy-phish.yaml by @rxerium
• http/osint/phishing/bitdefender-phish.yaml by @rxerium
• http/osint/phishing/bitwarden-phish.yaml by @rxerium
• http/osint/phishing/blender-phish.yaml by @rxerium
• http/osint/phishing/booking-phish.yaml by @rxerium
• http/osint/phishing/box-storage-phish.yaml by @rxerium
• http/osint/phishing/brave-phish.yaml by @rxerium
• http/osint/phishing/brighthr-phish.yaml by @rxerium
• http/osint/phishing/ccleaner-phish.yaml by @rxerium
• http/osint/phishing/chase-phish.yaml by @rxerium
• http/osint/phishing/chrome-phish.yaml by @rxerium
• http/osint/phishing/costa-phish.yaml by @rxerium
• http/osint/phishing/dashlane-phish.yaml by @rxerium
• http/osint/phishing/deezer-phish.yaml by @rxerium
• http/osint/phishing/deliveroo-phish.yaml by @rxerium
• http/osint/phishing/digital-ocean-phish.yaml by @rxerium
• http/osint/phishing/discord-phish.yaml by @rxerium
• http/osint/phishing/disneyplus-phish.yaml by @rxerium
• http/osint/phishing/dropbox-phish.yaml by @rxerium
• http/osint/phishing/duckduckgo-phish.yaml by @rxerium
• http/osint/phishing/ebay-phish.yaml by @rxerium
• http/osint/phishing/edge-phish.yaml by @rxerium
• http/osint/phishing/ee-mobile-phish.yaml by @rxerium
• http/osint/phishing/eset-phish.yaml by @rxerium
• http/osint/phishing/evernote-phish.yaml by @rxerium
• http/osint/phishing/facebook-phish.yaml by @rxerium
• http/osint/phishing/figma-phish.yaml by @rxerium
• http/osint/phishing/filezilla-phish.yaml by @rxerium
• http/osint/phishing/firefox-phish.yaml by @rxerium
• http/osint/phishing/gimp-phish.yaml by @rxerium
• http/osint/phishing/github-phish.yaml by @rxerium
• http/osint/phishing/google-phish.yaml by @rxerium
• http/osint/phishing/icloud-phish.yaml by @rxerium
• http/osint/phishing/instagram-phish.yaml by @rxerium
• http/osint/phishing/kaspersky-phish.yaml by @rxerium
• http/osint/phishing/kayak-phish.yaml by @rxerium
• http/osint/phishing/keepass-phish.yaml by @rxerium
• http/osint/phishing/keepersecurity-phish.yaml by @rxerium
• http/osint/phishing/keybase-phish.yaml by @rxerium
• http/osint/phishing/lastpass-phish.yaml by @rxerium
• http/osint/phishing/libre-office-phish.yaml by @rxerium
• http/osint/phishing/linkedin-phish.yaml by @rxerium
• http/osint/phishing/malwarebytes-phish.yaml by @rxerium
• http/osint/phishing/mcafee-phish.yaml by @rxerium
• http/osint/phishing/mega-phish.yaml by @rxerium
• http/osint/phishing/messenger-phish.yaml by @rxerium
• http/osint/phishing/microcenter-phish.yaml by @rxerium
• http/osint/phishing/microsoft-phish.yaml by @rxerium
• http/osint/phishing/microsoft-teams-phish.yaml by @rxerium
• http/osint/phishing/netflix-phish.yaml by @rxerium
• http/osint/phishing/nordpass-phish.yaml by @rxerium
• http/osint/phishing/norton-phish.yaml by @rxerium
• http/osint/phishing/notion-phish.yaml by @rxerium
• http/osint/phishing/o2-mobile-phish.yaml by @rxerium
• http/osint/phishing/openai-phish.yaml by @rxerium
• http/osint/phishing/opera-phish.yaml by @rxerium
• http/osint/phishing/paramountplus-phish.yaml by @rxerium
• http/osint/phishing/paypal-phish.yaml by @rxerium
• http/osint/phishing/pcloud-phish.yaml by @rxerium
• http/osint/phishing/pintrest-phish.yaml by @rxerium
• http/osint/phishing/plusnet-phish.yaml by @rxerium
• http/osint/phishing/proton-phish.yaml by @rxerium
• http/osint/phishing/putty-phish.yaml by @rxerium
• http/osint/phishing/python-phish.yaml by @rxerium
• http/osint/phishing/quora-phish.yaml by @rxerium
• http/osint/phishing/reddit-phish.yaml by @rxerium
• http/osint/phishing/roblox-phish.yaml by @rxerium
• http/osint/phishing/roboform-phish.yaml by @rxerium
• http/osint/phishing/royal-mail-phish.yaml by @rxerium
• http/osint/phishing/samsung-phish.yaml by @rxerium
• http/osint/phishing/signal-phish.yaml by @rxerium
• http/osint/phishing/sky-phish.yaml by @rxerium
• http/osint/phishing/skype-phish.yaml by @rxerium
• http/osint/phishing/skyscanner-phish.yaml by @rxerium
• http/osint/phishing/slack-phish.yaml by @rxerium
• http/osint/phishing/sophos-phish.yaml by @rxerium
• http/osint/phishing/spotify-phish.yaml by @rxerium
• http/osint/phishing/steam-phish.yaml by @rxerium
• http/osint/phishing/sync-storage-phish.yaml by @rxerium
• http/osint/phishing/target-phish.yaml by @rxerium
• http/osint/phishing/teamviewer-phish.yaml by @rxerium
• http/osint/phishing/telegram-phish.yaml by @rxerium
• http/osint/phishing/three-mobile-phish.yaml by @rxerium
• http/osint/phishing/thunderbird-phish.yaml by @rxerium
• http/osint/phishing/ticketmaster-phish.yaml by @rxerium
• http/osint/phishing/tiktok-phish.yaml by @rxerium
• http/osint/phishing/trading212-phish.yaml by @rxerium
• http/osint/phishing/trend-micro-phish.yaml by @rxerium
• http/osint/phishing/trip-phish.yaml by @rxerium
• http/osint/phishing/twitch-phish.yaml by @rxerium
• http/osint/phishing/uber-phish.yaml by @rxerium
• http/osint/phishing/visual-studio-code-phish.yaml by @rxerium
• http/osint/phishing/vlc-player-phish.yaml by @rxerium
• http/osint/phishing/vodafone-phish.yaml by @rxerium
• http/osint/phishing/vultr-phish.yaml by @rxerium
• http/osint/phishing/walmart-phish.yaml by @rxerium
• http/osint/phishing/wetransfer-phish.yaml by @rxerium
• http/osint/phishing/whatsapp-phish.yaml by @rxerium
• http/osint/phishing/wikipedia-phish.yaml by @rxerium
• http/osint/phishing/winscp-phish.yaml by @rxerium
• http/osint/phishing/yahoo-phish.yaml by @rxerium
• http/osint/phishing/zoom-phish.yaml by @rxerium

New Contributors

• @Sandr0x00 made their first contribution in #9297
• @0xParth made their first contribution in #9294

Full Changelog: v9.7.7...v9.7.8