Releases: projectdiscovery/nuclei-templates
Releases · projectdiscovery/nuclei-templates
v9.5.6
What's Changed
- Added CVE-2023-36934 (MOVEit Transfer - SQL Injection) by @iamnoooob @rootxharsh in #7650
- Added CVE-2022-46073 (Helmet Store Showroom - XSS) by @harsh2403 in #7580
- Added Sunbird DCIM Detection by @bhutch in #7643
Full Changelog: v9.5.5...v9.5.6
Contributors
bhutch, rootxharsh, and 2 other contributors
Assets 2
v9.5.5
What's Changed
🔥 Highlights of this release:
[CVE-2023-30777] Advanced Custom Fields < 6.1.6 - Cross-Site Scripting (@r3y3r53) [medium] 🔥
[CVE-2023-28121] WooCommerce Payments - Unauthorized Admin Access (@dhiyaneshdk) [critical] 🔥
[CVE-2023-2822] Ellucian Ethos Identity CAS - Cross-Site Scripting (@guax1) [medium] 🔥
[CVE-2023-0297] PyLoad 0.5.0 - Pre-auth Remote Code Execution (RCE) (@MrHarshvardhan,@dhiyaneshdk) [critical] 🔥
[CVE-2022-4295] Show all comments < 7.0.1 - Cross-Site Scripting (@r3y3r53) [medium] 🔥
New Templates Added: 90
New CVEs Added: 41
- http/cves/2023/CVE-2023-36346.yaml by @r3Y3r53
- http/cves/2023/CVE-2023-36289.yaml by @theamanrawat
- http/cves/2023/CVE-2023-36287.yaml by @theamanrawat
- http/cves/2023/CVE-2023-33439.yaml by @harsh
- http/cves/2023/CVE-2023-30777.yaml by @r3Y3r53 🔥
- http/cves/2023/CVE-2023-30256.yaml by @theamanrawat
- http/cves/2023/CVE-2023-2822.yaml by @Guax1 🔥
- http/cves/2023/CVE-2023-28121.yaml by @dhiyaneshdk 🔥
- http/cves/2023/CVE-2023-2272.yaml by @r3Y3r53
- http/cves/2023/CVE-2023-2252.yaml by @r3Y3r53
- http/cves/2023/CVE-2023-2023.yaml by @r3Y3r53
- http/cves/2023/CVE-2023-1890.yaml by @r3Y3r53
- http/cves/2023/CVE-2023-1835.yaml by @r3Y3r53
- http/cves/2023/CVE-2023-1730.yaml by @theamanrawat
- http/cves/2023/CVE-2023-0514.yaml by @r3Y3r53
- http/cves/2023/CVE-2023-0297.yaml by @MrHarshvardhan, @dhiyaneshdk 🔥
- http/cves/2022/CVE-2022-44952.yaml by @r3Y3r53
- http/cves/2022/CVE-2022-44951.yaml by @r3Y3r53
- http/cves/2022/CVE-2022-44950.yaml by @r3Y3r53
- http/cves/2022/CVE-2022-44949.yaml by @r3Y3r53
- http/cves/2022/CVE-2022-44948.yaml by @r3Y3r53
- http/cves/2022/CVE-2022-44947.yaml by @r3Y3r53
- http/cves/2022/CVE-2022-44946.yaml by @r3Y3r53
- http/cves/2022/CVE-2022-44944.yaml by @r3Y3r53
- http/cves/2022/CVE-2022-43185.yaml by @r3Y3r53
- http/cves/2022/CVE-2022-43170.yaml by @r3Y3r53
- http/cves/2022/CVE-2022-43169.yaml by @r3Y3r53
- http/cves/2022/CVE-2022-43167.yaml by @r3Y3r53
- http/cves/2022/CVE-2022-43166.yaml by @r3Y3r53
- http/cves/2022/CVE-2022-43165.yaml by @r3Y3r53
- http/cves/2022/CVE-2022-43164.yaml by @r3Y3r53
- http/cves/2022/CVE-2022-4295.yaml by @r3Y3r53 🔥
- http/cves/2020/CVE-2020-35987.yaml by @r3Y3r53
- http/cves/2020/CVE-2020-35986.yaml by @r3Y3r53
- http/cves/2020/CVE-2020-35985.yaml by @r3Y3r53
- http/cves/2020/CVE-2020-35984.yaml by @r3Y3r53
- http/cves/2020/CVE-2020-19515.yaml by @theamanrawat
- http/cves/2019/CVE-2019-8390.yaml by @theamanrawat
- http/cves/2019/CVE-2019-14789.yaml by @r3Y3r53
- http/cves/2018/CVE-2018-6530.yaml by @gy741
- http/cves/2012/CVE-2012-5321.yaml by @ctflearner
- http/cnvd/2022/CNVD-2022-86535.yaml by @arliya,@ritikchaddha
- http/vulnerabilities/other/sitemap-sql-injection.yaml by @aravind
- http/vulnerabilities/wordpress/contus-video-gallery-sqli.yaml by @theamanrawat
- http/vulnerabilities/wordpress/leaguemanager-sql-injection.yaml by @theamanrawat
- http/vulnerabilities/wordpress/notificationx-sqli.yaml by @theamanrawat
- http/vulnerabilities/wordpress/zero-spam-sql-injection.yaml by @theamanrawat
- http/default-logins/esafenet-cdg-default-login.yaml by @chesterblue
- http/default-logins/leostream/leostream-default-login.yaml by @bhutch
- http/default-logins/pyload/pyload-default-login.yaml by @dhiyaneshdk
- http/misconfiguration/proxy/open-proxy-external.yaml by @gtrrnr
- http/misconfiguration/unauth-temporal-web-ui.yaml by @ggranjus
- network/misconfig/apache-dubbo-unauth.yaml by @j4vaovo
- network/misconfig/apache-rocketmq-broker-unauth.yaml by @j4vaovo
- http/exposures/configs/collibra-properties.yaml by @0xpugazh
- http/exposures/files/pnpm-lock.yaml by @noraj
- http/exposures/tokens/adafruit/adafruit-api-key.yaml by @dhiyaneshdk
- http/exposures/tokens/adobe/adobe-client-id.yaml by @dhiyaneshdk
- http/exposures/tokens/airtable/airtable-api-key.yaml by @dhiyaneshdk
- http/exposures/tokens/algolia/algolia-api-key.yaml by @dhiyaneshdk
- http/exposures/tokens/alibaba/alibaba-accesskey-id.yaml by @dhiyaneshdk
- http/exposures/tokens/alibaba/alibaba-secretkey-id.yaml by @dhiyaneshdk
- http/exposures/tokens/asana/asana-client-id.yaml by @dhiyaneshdk
- http/exposures/tokens/asana/asana-client-secret.yaml by @dhiyaneshdk
- http/exposures/tokens/atlassian-token.yaml by @dhiyaneshdk
- http/exposed-panels/arangodb-web-Interface.yaml by @pussycat0x
- http/exposed-panels/arcserve-panel.yaml by @dhiyaneshdk
- http/exposed-panels/c2/hookbot-rat.yaml by @pussycat0x
- http/exposed-panels/c2/mystic-stealer.yaml by @pussycat0x
- http/exposed-panels/cloudpanel-login.yaml by @dhiyaneshdk
- http/exposed-panels/dell-idrac.yaml by @kazet
- http/exposed-panels/efak-login-panel.yaml by @irshad ahamed
- http/exposed-panels/pritunl-panel.yaml by @irshad ahamed
- http/exposed-panels/pyload-panel.yaml by @dhiyaneshdk
- http/exposed-panels/qdpm-login-panel.yaml by @theamanrawat
- http/exposed-panels/shell-box.yaml by @irshad ahamed
- http/exposed-panels/untangle-admin-login.yaml by @irshad ahamed
- http/exposed-panels/uptime-kuma-panel.yaml by @irshad ahamed
- file/keys/adafruit-key.yaml by @dhiyaneshdk
- file/keys/adobe/adobe-client.yaml by @dhiyaneshdk
- file/keys/airtable-key.yaml by @dhiyaneshdk
- file/keys/algolia-key.yaml by @dhiyaneshdk
- file/keys/alibaba/alibaba-key-id.yaml by @dhiyaneshdk
- file/keys/alibaba/alibaba-secret-id.yaml by @dhiyaneshdk
- file/keys/asana/asana-clientid.yaml by @dhiyaneshdk
- file/keys/asana/asana-clientsecret.yaml by @dhiyaneshdk
- file/keys/atlassian/atlassian-api-token.yaml by @dhiyaneshdk
- file/webshell/asp-webshell.yaml by @lu4nx
- file/webshell/jsp-webshell.yaml by @lu4nx
- file/webshell/php-webshell.yaml by @lu4nx
New Contributors
- @ghoeffner made their first contribution in #7603
- @mosesrenegade made their first contribution in #7604
- @ErikOwen made their first contribution in #7344
- @Marcuccio made their first contribution in #7614
- @Armandhe-China made their first contribution in #6405
- @aravindb26 made their first contribution in #7372
Full Changelog: v9.5.4...v9.5.5
Contributors
aravind, mosesrenegade, and 23 other contributors
Assets 2
v9.5.4
What's Changed
New Templates Added : 51
New CVEs Added: 26
- http/cves/2023/CVE-2023-35844.yaml by @dwisiswant0 🔥
- http/cves/2023/CVE-2023-35843.yaml by @dwisiswant0
- http/cves/2023/CVE-2023-34843.yaml by @dhiyaneshdk
- http/cves/2023/CVE-2023-34659.yaml by @ritikchaddha
- http/cves/2023/CVE-2023-34599.yaml by @ritikchaddha
- http/cves/2023/CVE-2023-34598.yaml by @dhiyaneshdk
- http/cves/2023/CVE-2023-34537.yaml by @harsh
- http/cves/2023/CVE-2023-33510.yaml by @dhiyaneshdk
- http/cves/2023/CVE-2023-31548.yaml by @harsh
- http/cves/2023/CVE-2023-30019.yaml by @dhiyaneshdk
- http/cves/2023/CVE-2023-27372.yaml by @dhiyaneshdk,@nuts7 🔥
- http/cves/2023/CVE-2023-26843.yaml by @harsh
- http/cves/2023/CVE-2023-26842.yaml by @harsh
- http/cves/2023/CVE-2023-25346.yaml by @harsh
- http/cves/2023/CVE-2023-24488.yaml by @johnk3r 🔥
- http/cves/2023/CVE-2023-20889.yaml by @iamnoooob,@rootxharsh,@pdresearch
- http/cves/2023/CVE-2023-20888.yaml by @iamnoooob,@rootxharsh,@pdresearch
- http/cves/2023/CVE-2023-1496.yaml by @pdteam
- http/cves/2023/CVE-2023-1454.yaml by @dhiyaneshdk 🔥
- http/cves/2023/CVE-2023-0563.yaml by @harsh
- http/cves/2023/CVE-2023-0562.yaml by @harsh
- http/cves/2023/CVE-2023-0527.yaml by @harsh
- http/cves/2023/CVE-2023-0126.yaml by @tess
- http/cves/2022/CVE-2022-40022.yaml by @dhiyaneshdk
- http/cves/2021/CVE-2021-46704.yaml by @dhiyaneshdk
- http/cves/2012/CVE-2012-6499.yaml by @ctflearner
- http/cnvd/2020/CNVD-2020-63964.yaml by @brucelsone
- http/vulnerabilities/hikvision-ivms-file-upload-rce.yaml by @brucelsone
- http/vulnerabilities/kkfileview-ssrf.yaml by @arm!tage
- http/vulnerabilities/vbulletin/arcade-php-sqli.yaml by @mastercho
- http/misconfiguration/codeigniter-errorpage.yaml by @j4vaovo
- http/misconfiguration/genieacs-default-jwt.yaml by @dhiyaneshdk,@pussycat0x
- http/misconfiguration/grav-register-admin.yaml by @dhiyaneshdk
- http/misconfiguration/installer/spip-install.yaml by @dhiyaneshdk
- http/misconfiguration/odoo-unprotected-database.yaml by @pdteam
- network/enumeration/psql-user-enum.yaml by @pussycat0x
- network/misconfig/unauth-psql.yaml by @pussycat0x
- http/exposed-panels/axxon-client-panel.yaml by @irshadahamed
- http/exposed-panels/jsherp-boot-panel.yaml by @dhiyaneshdk
- http/exposed-panels/openbullet2-panel.yaml by @mastercho
- http/exposed-panels/syncserver-panel.yaml by @dhiyaneshdk
- http/exposed-panels/wd-mycloud-panel.yaml by @dhiyaneshdk
- http/exposures/configs/aws-config.yaml by @m4lwhere
- http/exposures/configs/aws-credentials.yaml by @m4lwhere
- http/technologies/wordpress/plugins/wp-rollback.yaml by @ricardomaia
- file/nodejs/admzip-path-overwrite.yaml by @me_dheeraj (https://twitter.com/Dheerajmadhukar)
- file/nodejs/express-lfr.yaml by @me_dheeraj (https://twitter.com/Dheerajmadhukar)
- file/nodejs/generic-path-traversal.yaml by @me_dheeraj (https://twitter.com/Dheerajmadhukar)
- file/nodejs/tar-path-overwrite.yaml by @me_dheeraj (https://twitter.com/Dheerajmadhukar)
- file/nodejs/xss-serialize-javascript.yaml by @me_dheeraj (https://twitter.com/Dheerajmadhukar)
- file/nodejs/zip-path-overwrite.yaml by @me_dheeraj (https://twitter.com/Dheerajmadhukar)
New Contributors
- @m4lwhere made their first contribution in #7272
- @harsh2403 made their first contribution in #7530
- @vershinind made their first contribution in #7232
Full Changelog: v9.5.3...v9.5.4
Contributors
ricardomaia, johnk3r, and 18 other contributors
Assets 2
v9.5.3
🔥 Highlights of this release:
✅ [CVE-2023-34362] MOVEit Transfer - Remote Code Execution (@princechaddha,@rootxharsh,@ritikchaddha,@pdresearch) [critical]
✅ [CVE-2023-34960] Chamilo Command Injection (@dhiyaneshdk) [high]
✅ [CVE-2023-33246] RocketMQ <= 5.1.0 - Remote Code Execution (@iamnoooob,@rootxharsh,@pdresearch) [critical]
✅ [CVE-2023-25157] GeoServer OGC Filter - SQL Injection (@ritikchaddha,@dhiyaneshdk,@iamnoooob,@rootxharsh) [critical]
✅ [CVE-2023-23333] SolarView Compact 6.00 - OS Command Injection (@Mr-xn) [critical]
✅ [CVE-2023-20887] VMware VRealize Network Insight - Remote Code Execution (@sinsinology) [critical]
✅ [CVE-2022-23544] MeterSphere < 2.5.0 SSRF (@j4vaovo) [medium]
✅ [CVE-2022-24706] CouchDB Erlang Distribution - Remote Command Execution (@Mzack9999,@pussycat0x) [critical]
✅ [CVE-2017-12617] Apache Tomcat - Remote Code Execution (@pussycat0x) [high]
✅ [CVE-2016-6195] vBulletin <= 4.2.3 - SQL Injection (@mastercho) [high]
What's Changed
New Templates Added: 62
New CVEs Added: 28
- http/cves/2023/CVE-2023-34960.yaml by @dhiyaneshdk 🔥
- http/cves/2023/CVE-2023-34362.yaml by @princechaddha,@rootxharsh,@ritikchaddha,@pdresearch 🔥
- http/cves/2023/CVE-2023-33568.yaml by @dhiyaneshdk
- http/cves/2023/CVE-2023-25157.yaml by @ritikchaddha,@dhiyaneshdk,@iamnoooob,@rootxharsh 🔥
- http/cves/2023/CVE-2023-24243.yaml by @ritikchaddha
- http/cves/2023/CVE-2023-23333.yaml by @Mr-xn 🔥
- http/cves/2023/CVE-2023-20887.yaml by @sinsinology 🔥
- http/cves/2023/CVE-2023-0630.yaml by @dhiyaneshdk
- http/cves/2022/CVE-2022-23544.yaml by @j4vaovo 🔥
- http/cves/2022/CVE-2022-0869.yaml by @ctflearner
- http/cves/2021/CVE-2021-44138.yaml by carrot2
- http/cves/2021/CVE-2021-24647.yaml by @dhiyaneshdk
- http/cves/2019/CVE-2019-1943.yaml by @bhutch
- http/cves/2019/CVE-2019-10098.yaml by @ctflearner
- http/cves/2017/CVE-2017-12617.yaml by @pussycat0x 🔥
- http/cves/2016/CVE-2016-6195.yaml by @mastercho 🔥
- http/cves/2013/CVE-2013-2621.yaml by @ctflearner
- http/cves/2012/CVE-2012-4982.yaml by @ctflearner
- http/cves/2011/CVE-2011-5252.yaml by @ctflearner
- http/cves/2010/CVE-2010-1586.yaml by @ctflearner
- http/cves/2009/CVE-2009-0347.yaml by @ctflearner
- http/cves/2008/CVE-2008-7269.yaml by @ctflearner
- http/cves/2008/CVE-2008-1547.yaml by @ctflearner
- http/cves/2005/CVE-2005-3634.yaml by @ctflearner
- http/cves/2004/CVE-2004-1965.yaml by @ctflearner
- http/cves/2001/CVE-2001-0537.yaml by @dhiyaneshdk
- network/cves/2022/CVE-2022-24706.yaml by @Mzack9999,@pussycat0x 🔥
- network/cves/2023/CVE-2023-33246.yaml by @iamnoooob,@rootxharsh,@pdresearch 🔥
- http/vulnerabilities/nuxt/nuxt-js-lfi.yaml by @dhiyaneshdk
- http/vulnerabilities/nuxt/nuxt-js-semi-lfi.yaml by @dhiyaneshdk
- http/vulnerabilities/nuxt/nuxt-js-xss.yaml by @dhiyaneshdk
- http/vulnerabilities/other/epp-server-lfi.yaml by @dhiyaneshdk
- http/misconfiguration/bravia-signage.yaml by @dhiyaneshdk
- http/misconfiguration/symfony-fragment.yaml by Palanichamy_perumal,TechbrunchFR
- http/default-logins/riello/netman-default-login.yaml by @mabdullah22
- http/exposed-panels/c2/brute-ratel-c4.yaml by @pussycat0x
- http/exposed-panels/c2/empire-c2.yaml by @pussycat0x
- http/exposed-panels/c2/evilginx.yaml by @pussycat0x
- http/exposed-panels/c2/nh-c2.yaml by @pussycat0
- http/exposed-panels/c2/viper-c2.yaml by @pussycat0x
- http/exposed-panels/cryptobox-panel.yaml by @righettod
- http/exposed-panels/iclock-admin-panel.yaml by @deFr0ggy
- http/exposed-panels/rancher-dashboard.yaml by @ritikchaddha
- http/miscellaneous/crypto-mining-malware.yaml by @geeknik
- ssl/c2/asyncrat-c2.yaml by @johnk3r
- ssl/c2/bitrat-c2.yaml by @pussycat0x
- ssl/c2/covenant-c2-ssl.yaml by @pussycat0x
- ssl/c2/dcrat-server-c2.yaml by @pussycat0x
- ssl/c2/gozi-malware.yaml by @pussycat0x
- ssl/c2/icedid.yaml by @pussycat0x
- ssl/c2/orcus-rat-c2.yaml by @pussycat0x
- ssl/c2/posh-c2.yaml by @pussycat0x
- ssl/c2/quasar-rat-c2.yaml by @johnk3r,@pussycat0x
- ssl/c2/shadowpad-c2.yaml by @pussycat0x
- http/technologies/magento-eol.yaml by @dogancanbakir
- http/technologies/magento-version-detect.yaml by @sullo,@dogancanbakir
- http/technologies/openproject-detect.yaml by @ricardomaia
- http/technologies/phplist-detect.yaml by @ricardomaia
- http/technologies/wordpress/plugins/breeze.yaml by @ricardomaia
- http/technologies/wordpress/plugins/fast-indexing-api.yaml by @ricardomaia
- http/osint/facebook-page.yaml by @gpiechnik2
- http/osint/stackoverflow.yaml by @lu4nx
New Contributors
- @6mile made their first contribution in #7367
- @impalanichamy made their first contribution in #7121
- @ctflearner made their first contribution in #7381
- @carr0t2 made their first contribution in #7369
- @sinsinology made their first contribution in #7405
- @gpiechnik2 made their first contribution in #7396
- @mabdullah22 made their first contribution in #7390
- @AgnellusX1 made their first contribution in #7416
Full Changelog: v9.5.2...v9.5.3
Contributors
geeknik, ricardomaia, and 25 other contributors
Assets 2
v9.5.2 [Credential Stuffing Templates]
🔥 Highlights of this release:
This release adds a collection of credential-stuffing templates for both cloud and self-hosted services. These templates can be used for automating the identification and prevention of credential stuffing attempts across your organization's websites and applications.
Credential Stuffing Templates:
- http/credential-stuffing/cloud/atechmedia-codebase-login-check.yaml by @parthmalhotra,@pdresearch
- http/credential-stuffing/cloud/atlassian-login-check.yaml by @parthmalhotra,@pdresearch
- http/credential-stuffing/cloud/avnil-pdf-generator-check.yaml by @parthmalhotra,@pdresearch
- http/credential-stuffing/cloud/chefio-login-check.yaml by @parthmalhotra,@pdresearch
- http/credential-stuffing/cloud/codepen-login-check.yaml by @parthmalhotra,@pdresearch
- http/credential-stuffing/cloud/datadog-login-check.yaml by @parthmalhotra,@pdresearch
- http/credential-stuffing/cloud/docker-hub-login-check.yaml by @parthmalhotra,@pdresearch
- http/credential-stuffing/cloud/gitea-login-check.yaml by @parthmalhotra,@pdresearch
- http/credential-stuffing/cloud/github-login-check.yaml by @parthmalhotra,@pdresearch
- http/credential-stuffing/cloud/postman-login-check.yaml by @parthmalhotra,@pdresearch
- http/credential-stuffing/cloud/pulmi-login-check.yaml by @parthmalhotra,@pdresearch
- http/credential-stuffing/self-hosted/gitlab-login-check-self-hosted.yaml by @parthmalhotra,@pdresearch
- http/credential-stuffing/self-hosted/grafana-login-check.yaml by @parthmalhotra,@pdresearch
- http/credential-stuffing/self-hosted/jira-login-check.yaml by @parthmalhotra,@pdresearch
What's Changed
New Templates Added : 44
New CVEs Added: 29
- http/cves/2023/CVE-2023-32315.yaml by @vsh00t 🔥
- http/cves/2023/CVE-2023-29623.yaml by @theamanrawat
- http/cves/2023/CVE-2023-29622.yaml by @theamanrawat
- http/cves/2023/CVE-2023-2130.yaml by @theamanrawat
- http/cves/2023/CVE-2023-2122.yaml by @r3Y3r53
- http/cves/2023/CVE-2023-1362.yaml by @ctflearner
- http/cves/2023/CVE-2023-0948.yaml by @r3Y3r53
- http/cves/2022/CVE-2022-31984.yaml by @theamanrawat 🔥
- http/cves/2022/CVE-2022-31983.yaml by @theamanrawat
- http/cves/2022/CVE-2022-31982.yaml by @theamanrawat
- http/cves/2022/CVE-2022-31981.yaml by @theamanrawat
- http/cves/2022/CVE-2022-31980.yaml by @theamanrawat
- http/cves/2022/CVE-2022-31978.yaml by @theamanrawat
- http/cves/2022/CVE-2022-31977.yaml by @theamanrawat
- http/cves/2022/CVE-2022-31976.yaml by @theamanrawat
- http/cves/2022/CVE-2022-31975.yaml by @theamanrawat
- http/cves/2022/CVE-2022-31974.yaml by @theamanrawat
- http/cves/2022/CVE-2022-31879.yaml by @theamanrawat
- http/cves/2022/CVE-2022-28023.yaml by @theamanrawat
- http/cves/2022/CVE-2022-28022.yaml by @theamanrawat
- http/cves/2021/CVE-2021-43725.yaml by @theamanrawat
- http/cves/2021/CVE-2021-40973.yaml by @theamanrawat
- http/cves/2021/CVE-2021-40972.yaml by @theamanrawat
- http/cves/2021/CVE-2021-40971.yaml by @theamanrawat
- http/cves/2021/CVE-2021-40970.yaml by @theamanrawat
- http/cves/2021/CVE-2021-40969.yaml by @theamanrawat
- http/cves/2021/CVE-2021-40968.yaml by @theamanrawat
- http/cves/2021/CVE-2021-27124.yaml by @theamanrawat
- http/cves/2021/CVE-2021-24731.yaml by @theamanrawat
- http/exposed-panels/spotweb-login-panel.yaml by @theamanrawat
- http/credential-stuffing/cloud/atechmedia-codebase-login-check.yaml by @parthmalhotra,@pdresearch
- http/credential-stuffing/cloud/atlassian-login-check.yaml by @parthmalhotra,@pdresearch
- http/credential-stuffing/cloud/avnil-pdf-generator-check.yaml by @parthmalhotra,@pdresearch
- http/credential-stuffing/cloud/chefio-login-check.yaml by @parthmalhotra,@pdresearch
- http/credential-stuffing/cloud/codepen-login-check.yaml by @parthmalhotra,@pdresearch
- http/credential-stuffing/cloud/datadog-login-check.yaml by @parthmalhotra,@pdresearch
- http/credential-stuffing/cloud/docker-hub-login-check.yaml by @parthmalhotra,@pdresearch
- http/credential-stuffing/cloud/gitea-login-check.yaml by @parthmalhotra,@pdresearch
- http/credential-stuffing/cloud/github-login-check.yaml by @parthmalhotra,@pdresearch
- http/credential-stuffing/cloud/postman-login-check.yaml by @parthmalhotra,@pdresearch
- http/credential-stuffing/cloud/pulmi-login-check.yaml by @parthmalhotra,@pdresearch
- http/credential-stuffing/self-hosted/gitlab-login-check-self-hosted.yaml by @parthmalhotra,@pdresearch
- http/credential-stuffing/self-hosted/grafana-login-check.yaml by @parthmalhotra,@pdresearch
- http/credential-stuffing/self-hosted/jira-login-check.yaml by @parthmalhotra,@pdresearch
New Contributors
Full Changelog: v9.5.1...v9.5.2
Contributors
Ameston, parthmalhotra, and 3 other contributors
Assets 2
v9.5.1
🔥 Highlights of this release:
✅ [CVE-2023-32243] WordPress Elementor Lite 5.7.1 - Arbitrary Password Reset (@dhiyaneshdk) [critical]
✅ [CVE-2023-29923] PowerJob <=4.3.2 - Unauthenticated Access (@For3stCo1d) [medium]
✅ [CVE-2023-25717] Ruckus Wireless Admin - Remote Code Execution (@parthmalhotra,@pdresearch) [critical]
✅ [CVE-2023-2825] GitLab 16.0.0 - Path Traversal (@dhiyaneshdk,@rootxharsh,@iamnoooob,@pdresearch) [critical]
✅ [CVE-2023-2732] MStore API <= 3.9.2 - Authentication Bypass (@dhiyaneshdk) [critical]
✅ [CVE-2021-39165] Cachet <=2.3.18 - SQL Injection (@tess) [high]
✅ [CVE-2020-29583] ZyXel USG - Hardcoded Credentials (@canberbamber) [critical]
✅ [CVE-2020-1956] Apache Kylin 3.0.1 - Command Injection (@iamnoooob,@rootxharsh,@pdresearch) [high]
✅ [CVE-2016-3510] Oracle WebLogic Server - Remote Code Execution (@iamnoooob,@rootxharsh,@pdresearch) [critical]
What's Changed
New Templates Added: 56
New CVEs Added: 23
- http/cves/2023/CVE-2023-32243.yaml by @dhiyaneshdk 🔥
- http/cves/2023/CVE-2023-29923.yaml by @For3stCo1d 🔥
- http/cves/2023/CVE-2023-29919.yaml by @For3stCo1d
- http/cves/2023/CVE-2023-29887.yaml by @ctflearner
- http/cves/2023/CVE-2023-27482.yaml by @dhiyaneshdk
- http/cves/2023/CVE-2023-25717.yaml by @parthmalhotra,@pdresearch 🔥
- http/cves/2023/CVE-2023-2825.yaml by @dhiyaneshdk,@rootxharsh,@iamnoooob,@pdresearch 🔥
- http/cves/2023/CVE-2023-2780.yaml by @iamnoooob,@pdresearch
- http/cves/2023/CVE-2023-2732.yaml by @dhiyaneshdk 🔥
- http/cves/2023/CVE-2023-2356.yaml by @Co5mos
- http/cves/2023/CVE-2023-1434.yaml by @dhiyaneshdk
- http/cves/2022/CVE-2022-22733.yaml by @zeyad Azima
- http/cves/2022/CVE-2022-2733.yaml by @ctflearner
- http/cves/2021/CVE-2021-39165.yaml by @tess 🔥
- http/cves/2021/CVE-2021-37305.yaml by @ritikchaddha
- http/cves/2021/CVE-2021-37304.yaml by @ritikchaddha
- http/cves/2021/CVE-2021-24435.yaml by @xcapri,@ritikchaddha
- http/cves/2020/CVE-2020-29583.yaml by @canberbamber 🔥
- http/cves/2020/CVE-2020-1956.yaml by @iamnoooob,@rootxharsh,@pdresearch 🔥
- http/cves/2016/CVE-2016-4437.yaml by @iamnoooob,@rootxharsh,@pdresearch
- network/cves/2020/CVE-2020-11981.yaml by @pussycat0x
- network/cves/2017/CVE-2017-5645.yaml by @princechaddha
- network/cves/2016/CVE-2016-3510.yaml by @iamnoooob,@rootxharsh,@pdresearch 🔥
- http/cnvd/2023/CNVD-2023-12632.yaml by @daffainfo
- http/vulnerabilities/avtech/avtech-auth-bypass.yaml by @ritikchaddha
- http/vulnerabilities/avtech/avtech-dvr-ssrf.yaml by @ritikchaddha
- http/vulnerabilities/avtech/avtech-unauth-file-download.yaml by @ritikchaddha
- http/vulnerabilities/avtech/avtech-verification-bypass.yaml by @ritikchaddha
- http/vulnerabilities/weaver/ecology/ecology-mysql-config.yaml by @ritikchaddha
- http/vulnerabilities/zyxel/unauth-ztp-ping.yaml by @DMartyn
- http/misconfiguration/aem/aem-secrets.yaml by @boobooHQ,@j3ssie
- http/misconfiguration/ibm-websphere-xml.yaml by @r3nz0
- http/misconfiguration/sitecore-lfi.yaml by @dhiyaneshdk
- http/misconfiguration/teslamate-unauth-access.yaml by @For3stCo1d
- http/exposures/apis/jeecg-boot-swagger.yaml by @ritikchaddha
- http/exposures/configs/blazor-boot.yaml by @freakyclown
- http/exposures/configs/config-properties.yaml by @j4vaovo,@dhiyaneshdk
- http/exposures/tokens/azure/azure-connection.yaml by @dhiyaneshdk
- http/exposures/tokens/digitalocean/digital-ocean-personal-token.yaml by @dhiyaneshdk
- http/exposures/tokens/digitalocean/digitalocean-app-token.yaml by @dhiyaneshdk
- http/exposures/tokens/digitalocean/digitalocean-refresh.yaml by @dhiyaneshdk
- http/exposures/tokens/figma/figma-personal-token.yaml by @dhiyaneshdk
- http/exposed-panels/axway-api-manager-panel.yaml by @johnk3r
- http/exposed-panels/fortinet/fortinet-fortiddos-panel.yaml by @johnk3r
- http/exposed-panels/interactsoftware-interact.yaml by @righettod
- http/exposed-panels/isams-panel.yaml by @righettod
- http/exposed-panels/odoo-panel.yaml by @dhiyaneshdk
- http/exposed-panels/repetier-server-panel.yaml by @ritikchaddha
- http/exposed-panels/sauter-moduwebvision-panel.yaml by @righettod
- http/exposed-panels/shardingsphere-panel.yaml by @dhiyaneshdk
- ssl/insecure-cipher-suite-detect.yaml by @pussycat0x
- file/keys/azure/azure-connection-string.yaml by @dhiyaneshdk
- file/keys/digitalocean/digitalocean-access-token.yaml by @dhiyaneshdk
- file/keys/digitalocean/digitalocean-personal-access.yaml by @dhiyaneshdk
- file/keys/digitalocean/digitalocean-refresh-token.yaml by @dhiyaneshdk
- file/keys/figma-access-token.yaml by @dhiyaneshdk
New Contributors
- @ricardojba made their first contribution in #7221
- @PR05A1C made their first contribution in #7250
- @Zeyad-Azima made their first contribution in #7212
- @MillerMedia made their first contribution in #7264
- @waltersagehorn-praetorian made their first contribution in #7282
- @jub0bs made their first contribution in #7266
- @dm-ct made their first contribution in #7174
- @xcapri made their first contribution in #5615
- @mastercho made their first contribution in #7124
- @ruben-condor made their first contribution in #7304
Full Changelog: v9.5.0...v9.5.1
Contributors
freakyclown, zeyad, and 27 other contributors
Assets 2
Nuclei Templates v9.5.0 (breaking changes)
Release Highlight:
- Nuclei Templates Refactoring: organized and categorized directory structure for improved management of nuclei templates.
- Enhanced CVE Templates: more comprehensive vulnerability analysis with added information like CPE and EPSS Score.
- Template Metadata: auto-generated
max-requestcounter to each template, allowing easy filtering and visibility of maximum request. - Log4j Templates Update: updated templates addressing potential false positives related to Log4j.
- KEV & Trending CVEs: a curated selection of noteworthy Known Exploited Vulnerabilities (KEV) and Trending CVEs, highlighted with 🔥.
See nuclei-templates v9.5.0, projectdiscovery/nuclei#3648, https://blog.projectdiscovery.io/nuclei-template-v9-5-0-update/ for more details.
New Templates Added : 61
- http/cves/2023/CVE-2023-32235.yaml by @j3ssie 🔥
- http/cves/2023/CVE-2023-31059.yaml by @parthmalhotra,@pdresearch
- http/cves/2023/CVE-2023-30212.yaml by @theamanrawat
- http/cves/2023/CVE-2023-30210.yaml by @theamanrawat
- http/cves/2023/CVE-2023-29922.yaml by @Co5mos
- http/cves/2023/CVE-2023-29489.yaml by @dhiyaneshdk
- http/cves/2023/CVE-2023-27524.yaml by @dhiyaneshdk,@0xf4n9x
- http/cves/2023/CVE-2023-27350.yaml by @rootxharsh,@iamnoooob,@pdresearch 🔥
- http/cves/2023/CVE-2023-26360.yaml by @dhiyaneshdk 🔥
- http/cves/2023/CVE-2023-25135.yaml by @iamnoooob,@rootxharsh,@pdresearch 🔥
- http/cves/2023/CVE-2023-20864.yaml by @rootxharsh,@iamnoooob,@pdresearch 🔥
- http/cves/2023/CVE-2023-1671.yaml by @Co5mos 🔥
- http/cves/2023/CVE-2023-1020.yaml by @theamanrawat
- http/cves/2022/CVE-2022-46020.yaml by @theamanrawat
- http/cves/2022/CVE-2022-45038.yaml by @theamanrawat
- http/cves/2022/CVE-2022-45037.yaml by @theamanrawat
- http/cves/2022/CVE-2022-4328.yaml by @theamanrawat
- http/cves/2022/CVE-2022-42096.yaml by @theamanrawat
- http/cves/2022/CVE-2022-42095.yaml by @theamanrawat
- http/cves/2022/CVE-2022-3980.yaml by dabla
- http/cves/2022/CVE-2022-27985.yaml by @theamanrawat
- http/cves/2022/CVE-2022-27984.yaml by @theamanrawat
- http/cves/2022/CVE-2022-24716.yaml by @dhiyaneshdk 🔥
- http/cves/2022/CVE-2022-24266.yaml by @theamanrawat
- http/cves/2022/CVE-2022-24265.yaml by @theamanrawat
- http/cves/2022/CVE-2022-24264.yaml by @theamanrawat
- http/cves/2021/CVE-2021-44228.yaml by @melbadry9
- http/cves/2021/CVE-2021-30175.yaml by @edoardottt
- http/cves/2021/CVE-2021-27320.yaml by @theamanrawat
- http/cves/2021/CVE-2021-27319.yaml by @theamanrawat
- http/cves/2021/CVE-2021-27316.yaml by @theamanrawat
- http/cves/2021/CVE-2021-27315.yaml by @theamanrawat
- http/cves/2021/CVE-2021-27314.yaml by @theamanrawat
- http/cves/2020/CVE-2020-27481.yaml by @edoardottt
- http/cves/2019/CVE-2019-3398.yaml by @rootxharsh,@iamnoooob,@pdresearch
- http/cves/2017/CVE-2017-17731.yaml by @j4vaovo
- http/vulnerabilities/apache/apache-druid-kafka-connect-rce.yaml by @j4vaovo
- http/vulnerabilities/generic/generic-env.yaml by @kazet
- http/vulnerabilities/wordpress/advanced-booking-calendar-sqli.yaml by @theamanrawat
- http/vulnerabilities/wordpress/wp-autosuggest-sql-injection.yaml by @theamanrawat
- http/vulnerabilities/wordpress/wpml-xss.yaml by @bugvsme
- http/misconfiguration/apache/apache-zeppelin-unauth.yaml by @j4vaovo
- http/default-logins/powerjob-default-login.yaml by @j4vaovo
- http/default-logins/umami/umami-default-login.yaml by @barthy.koeln
- http/exposures/configs/platformio-ini.yaml by @dhiyaneshdk
- http/exposures/logs/nginx-shards.yaml by @dhiyaneshdk
- http/exposures/tokens/postman/postman-key.yaml by @dhiyaneshdk
- http/exposed-panels/eclipse-birt-panel.yaml by Shiva (Strobes Security)
- http/exposed-panels/jedox-web-panel.yaml by Team Syslifters
- http/exposed-panels/oracle-opera-login.yaml by @dhiyaneshdk
- http/exposed-panels/papercut-ng-panel.yaml by @ritikchaddha
- http/exposed-panels/proxmox-panel.yaml by @lum8rjack
- http/exposed-panels/red-lion-panel.yaml by @ritikchaddha
- http/exposed-panels/sophos-web-appliance.yaml by @dhiyaneshdk
- network/enumeration/smtp-commands-enum.yaml by @pussycat0x
- network/enumeration/smtp/smtp-user-enum.yaml by @pussycat0x
- http/fuzzing/ssrf-via-proxy.yaml by @geeknik,@petergrifin
- http/fuzzing/waf-fuzz.yaml by @dwisiswant0,@lu4nx,@Myst7ic
- http/osint/mail-archive.yaml by @lu4nx
- http/technologies/wordpress/plugins/gdpr-cookie-compliance.yaml by @ricardomaia
- file/keys/postman-api-key.yaml by @dhiyaneshdk
- headless/technologies/sap-spartacus.yaml by @TechbrunchFR
New Contributors
- @lum8rjack made their first contribution in #7110
- @barthy-koeln made their first contribution in #7164
- @mlec1 made their first contribution in #6967
- @ViCrack made their first contribution in #7182
- @j3ssie made their first contribution in #7188
- @chucklesb made their first contribution in #7195
- @david-bla made their first contribution in #7203
- @avisscr made their first contribution in #7172
Full Changelog: v9.4.3...v9.4.4
Contributors
geeknik, kazet, and 23 other contributors
Assets 2
v9.4.3
What's Changed
New Templates Added: 55
- cves/2023/CVE-2023-29084.yaml by @rootxharsh,@iamnoooob,@pdresearch 🔥
- cves/2023/CVE-2023-27179.yaml by @theamanrawat
- cves/2023/CVE-2023-27159.yaml by @dhiyaneshdk
- cves/2023/CVE-2023-27008.yaml by @r3Y3r53
- cves/2023/CVE-2023-22897.yaml by @dhiyaneshdk 🔥
- cves/2023/CVE-2023-22620.yaml by @dhiyaneshdk 🔥
- cves/2023/CVE-2023-0099.yaml by @r3Y3r53
- cves/2022/CVE-2022-42094.yaml by @theamanrawat
- cves/2022/CVE-2022-41441.yaml by @r3Y3r53
- cves/2022/CVE-2022-38467.yaml by @r3Y3r53
- cves/2022/CVE-2022-38296.yaml by @theamanrawat
- cves/2022/CVE-2022-38295.yaml by @theamanrawat
- cves/2022/CVE-2022-37191.yaml by @theamanrawat
- cves/2022/CVE-2022-37190.yaml by @theamanrawat
- cves/2022/CVE-2022-28032.yaml by @theamanrawat
- cves/2022/CVE-2022-27926.yaml by @rootxharsh,@iamnoooob,@pdresearch 🔥
- cves/2022/CVE-2022-25497.yaml by @theamanrawat
- cves/2022/CVE-2022-25489.yaml by @theamanrawat
- cves/2022/CVE-2022-25488.yaml by @theamanrawat
- cves/2022/CVE-2022-25487.yaml by @theamanrawat 🔥
- cves/2022/CVE-2022-25486.yaml by @theamanrawat
- cves/2022/CVE-2022-25485.yaml by @theamanrawat
- cves/2022/CVE-2022-24223.yaml by @theamanrawat
- cves/2022/CVE-2022-4321.yaml by @r3Y3r53
- cves/2022/CVE-2022-3062.yaml by @r3Y3r53
- cves/2022/CVE-2022-2219.yaml by @r3Y3r53
- cves/2022/CVE-2022-1903.yaml by @theamanrawat
- cves/2022/CVE-2022-0864.yaml by @dhiyaneshdk
- cves/2022/CVE-2022-0846.yaml by @theamanrawat
- cves/2022/CVE-2022-0773.yaml by @theamanrawat
- cves/2022/CVE-2022-0769.yaml by @theamanrawat
- cves/2022/CVE-2022-0747.yaml by @theamanrawat
- cves/2021/CVE-2021-35250.yaml by @johnk3r,@pdteam 🔥
- cves/2021/CVE-2021-25078.yaml by @r3Y3r53
- cves/2020/CVE-2020-10199.yaml by @rootxharsh,@iamnoooob,@pdresearch 🔥
- cves/2017/CVE-2017-16894.yaml by @j4vaovo
- vulnerabilities/generic/cache-poisoning-xss.yaml by @melbadry9,@xElkomy,@akincibor
- vulnerabilities/huawei/huawei-firewall-lfi.yaml by @taielab
- vulnerabilities/others/universal-media-xss.yaml by @r3Y3r53
- vulnerabilities/wordpress/ldap-wp-login-xss.yaml by @r3Y3r53
- default-logins/trassir/trassir-default-login.yaml by @gtrrnr,@metascan
- exposures/logs/yii-error-page.yaml by @dhiyaneshdk
- misconfiguration/apollo-adminservice-unauth.yaml by @j4vaovo
- misconfiguration/default-spx-key.yaml by @vagnerd
- misconfiguration/sql-server-report-viewer.yaml by @kazet
- misconfiguration/thinkphp-errors.yaml by @j4vaovo
- exposed-panels/appwrite-panel.yaml by @ritikchaddha
- exposed-panels/aspect-control-panel.yaml by @JustaAcat
- network/detection/msmq-detect.yaml by @bhutch
- network/enumeration/beanstalk-service.yaml by @pussycat0x
- osint/hashnode.yaml by @cheesymoon
- osint/imgbb.yaml by @cheesymoon
- osint/rubygems.yaml by @cheesymoon
- technologies/default-apache-shiro.yaml by @dhiyaneshdk
- technologies/switch-protocol.yaml by @pdteam
New Contributors
- @gtrrnr made their first contribution in #7023
- @kimcy7316 made their first contribution in #5316
- @bhutch made their first contribution in #7091
- @dogancanbakir made their first contribution in #7060
Full Changelog: v9.4.2...v9.4.3
Contributors
kazet, bhutch, and 19 other contributors
Assets 2
v9.4.2
What's Changed
New Templates Added: 78
- cves/2023/CVE-2023-24737.yaml by @r3Y3r53
- cves/2023/CVE-2023-24735.yaml by @r3Y3r53
- cves/2023/CVE-2023-24733.yaml by @r3Y3r53
- cves/2023/CVE-2023-24657.yaml by @r3Y3r53
- cves/2023/CVE-2023-24367.yaml by @r3Y3r53
- cves/2023/CVE-2023-24278.yaml by @r3Y3r53
- cves/2023/CVE-2023-1177.yaml by @iamnoooob,@pdresearch
- cves/2023/CVE-2023-1080.yaml by @r3Y3r53
- cves/2023/CVE-2023-0968.yaml by @r3Y3r53
- cves/2023/CVE-2023-0942.yaml by @r3Y3r53
- cves/2023/CVE-2023-0552.yaml by @r3Y3r53
- cves/2022/CVE-2022-48012.yaml by @r3Y3r53
- cves/2022/CVE-2022-46934.yaml by @r3Y3r53
- cves/2022/CVE-2022-45835.yaml by @theamanrawat
- cves/2022/CVE-2022-43769.yaml by @dwbzn
- cves/2022/CVE-2022-43140.yaml by @Co5mos
- cves/2022/CVE-2022-25125.yaml by @Co5mos
- cves/2022/CVE-2022-23898.yaml by @Co5mos
- cves/2022/CVE-2022-21661.yaml by @marcio Mendes
- cves/2022/CVE-2022-4140.yaml by @theamanrawat
- cves/2022/CVE-2022-3982.yaml by @theamanrawat
- cves/2022/CVE-2022-2756.yaml by @theamanrawat
- cves/2022/CVE-2022-2627.yaml by @ramondunker
- cves/2022/CVE-2022-2462.yaml by @dwisiswant0
- cves/2022/CVE-2022-1058.yaml by @theamanrawat
- cves/2022/CVE-2022-0827.yaml by @theamanrawat
- cves/2022/CVE-2022-0212.yaml by @theamanrawat
- cves/2021/CVE-2021-39152.yaml by @pwnhxl
- cves/2021/CVE-2021-39146.yaml by @pwnhxl
- cves/2021/CVE-2021-39144.yaml by @pwnhxl
- cves/2021/CVE-2021-39141.yaml by @pwnhxl
- cves/2021/CVE-2021-29505.yaml by @pwnhxl
- cves/2021/CVE-2021-24666.yaml by @theamanrawat
- cves/2021/CVE-2021-24351.yaml by @MAXIMUS Decimus
- cves/2021/CVE-2021-24239.yaml by @r3Y3r53
- cves/2021/CVE-2021-22502.yaml by @pikpikcu
- cves/2021/CVE-2021-21351.yaml by @pwnhxl
- cves/2021/CVE-2021-21345.yaml by @pwnhxl
- cves/2020/CVE-2020-26258.yaml by @pwnhxl
- cves/2020/CVE-2020-26217.yaml by @pwnhxl
- cves/2020/CVE-2020-13379.yaml by Joshua Rogers
- cves/2019/CVE-2019-15043.yaml by Joshua Rogers
- cves/2019/CVE-2019-12990.yaml by @gy741
- cves/2019/CVE-2019-12988.yaml by @gy741
- cves/2019/CVE-2019-12987.yaml by @gy741
- cves/2019/CVE-2019-12986.yaml by @gy741
- cves/2019/CVE-2019-12985.yaml by @gy741
- cves/2017/CVE-2017-9416.yaml by @Co5mos
- cves/2015/CVE-2015-2196.yaml by @theamanrawat
- cves/2014/CVE-2014-6287.yaml by @j4vaovo
- cves/2013/CVE-2013-7285.yaml by @pwnhxl
- cnvd/2020/CNVD-2020-26585.yaml by @pikpikcu,@Co5mos
- vulnerabilities/cisco/cisco-cloudcenter-suite-rce.yaml by @pwnhxl
- vulnerabilities/other/pmb-xss.yaml by @r3Y3r53
- vulnerabilities/wordpress/watu-xss.yaml by @r3Y3r53
- misconfiguration/cluster-panel.yaml by @tess
- misconfiguration/jupyter-lab-unauth.yaml by @j4vaovo
- misconfiguration/kubernetes/unauth-etcd-server.yaml by sharath,@pussycat0x
- misconfiguration/laravel-horizon-unauth.yaml by @vagnerd
- misconfiguration/mlflow-unauth.yaml by @pussycat0x
- default-logins/adminer-default-login.yaml by @j4vaovo
- exposed-panels/arcgis/arcgis-services.yaml by @HeeresS
- exposed-panels/arcgis/arcgis-tokens.yaml by @HeeresS
- exposed-panels/fortinet/fortinet-fortimanager-panel.yaml by @johnk3r
- exposed-panels/hestia-panel.yaml by @JustaAcat
- exposed-panels/i-mscp-panel.yaml by @JustaAcat
- exposed-panels/seagate-nas-login.yaml by @JustaAcat
- exposed-panels/sonic-wall-login.yaml by @JustaAcat
- exposed-panels/web-viewer-panel.yaml by @JustaAcat
- exposures/logs/opentsdb-status.yaml by @pussycat0x
- network/enumeration/kafka-topics-list.yaml by @pussycat0x
- ssl/kubernetes-fake-certificate.yaml by @kchason
- file/keys/github/github-outdated-key.yaml by @naglis
- technologies/cvsweb-detect.yaml by @lu4nx
- technologies/kubernetes/etcd/etcd-version.yaml by @pussycat0x
- technologies/openai-plugin.yaml by pdteam
- technologies/sitecore-cms.yaml by RandomDhiraj
- technologies/wordpress/plugins/host-webfonts-local.yaml by @ricardomaia
New Contributors
- @Co5mos made their first contribution in #6964
- @naglis made their first contribution in #6954
- @Marcio861 made their first contribution in #6952
- @j4vaovo made their first contribution in #6949
- @kchason made their first contribution in #6958
- @RootUp made their first contribution in #6953
- @Wade618 made their first contribution in #6960
- @JustaAcat made their first contribution in #6987
- @HeeresS made their first contribution in #6986
- @ramondunker made their first contribution in #6107
- @dwbzn made their first contribution in #7028
Full Changelog: v9.4.1...v9.4.2
Contributors
marcio, naglis, and 23 other contributors
Assets 2
v9.4.1
What's Changed
New Templates Added : 69
- cves/2023/CVE-2023-28432.yaml by @Mr-xn 🔥
- cves/2023/CVE-2023-28343.yaml by @pikpikcu 🔥
- cves/2023/CVE-2023-27587.yaml by @vagnerd
- cves/2023/CVE-2023-27292.yaml by @r3Y3r53
- cves/2023/CVE-2023-0261.yaml by @theamanrawat
- cves/2023/CVE-2023-0236.yaml by @r3Y3r53
- cves/2022/CVE-2022-31854.yaml by @theamanrawat
- cves/2022/CVE-2022-26833.yaml by @true13
- cves/2022/CVE-2022-4325.yaml by @r3Y3r53
- cves/2022/CVE-2022-4320.yaml by @r3Y3r53
- cves/2022/CVE-2022-4117.yaml by @theamanrawat
- cves/2022/CVE-2022-3933.yaml by @r3Y3r53
- cves/2022/CVE-2022-3908.yaml by @theamanrawat
- cves/2022/CVE-2022-3800.yaml by @JC175
- cves/2022/CVE-2022-1398.yaml by @theamanrawat
- cves/2022/CVE-2022-1329.yaml by @theamanrawat 🔥
- cves/2022/CVE-2022-0415.yaml by @theamanrawat
- cves/2022/CVE-2022-0206.yaml by @r3Y3r53
- cves/2021/CVE-2021-28419.yaml by @theamanrawat
- cves/2021/CVE-2021-24970.yaml by @r3Y3r53
- cves/2021/CVE-2021-24862.yaml by @theamanrawat
- cves/2021/CVE-2021-24452.yaml by @theamanrawat
- cves/2021/CVE-2021-24436.yaml by @theamanrawat
- cves/2020/CVE-2020-11530.yaml by @theamanrawat
- cves/2020/CVE-2020-14144.yaml by @theamanrawat
- cves/2020/CVE-2020-15867.yaml by @theamanrawat
- cves/2020/CVE-2020-7107.yaml by @theamanrawat
- vulnerabilities/gitea/gitea-rce.yaml by @theamanrawat
- vulnerabilities/splash/splash-render-ssrf.yaml by @pwnhxl
- exposed-panels/c2/cobalt-strike-c2.yaml by @pussycat0x
- misconfiguration/httponly-cookie-detect.yaml by Mr. Bobo HP
- misconfiguration/installer/gogs-installer.yaml by @dhiyaneshdk
- misconfiguration/nacos-authentication-bypass.yaml by @Esonhugh
- misconfiguration/unauth-apache-kafka-ui.yaml by @theamanrawat
- token-spray/api-networksdb.yaml by @0xpugazh
- ssl/untrusted-root-certificate.yaml by @pussycat0x
- file/audit/pfsense/configure-dns-server.yaml by @pussycat0x
- file/audit/pfsense/configure-session-timeout.yaml by @pussycat0x
- file/audit/pfsense/enable-https-protocol.yaml by @pussycat0x
- file/audit/pfsense/password-protected-consolemenu.yaml by @pussycat0x
- file/keys/adobe-secret.yaml by @dhiyaneshdk
- file/keys/age/age-identity-secret-key.yaml by @dhiyaneshdk
- file/keys/age/age-recipient-public-key.yaml by @dhiyaneshdk
- file/keys/amazon/amazon-account-id.yaml by @dhiyaneshdk
- file/keys/amazon/amazon-session-token.yaml by @dhiyaneshdk
- file/keys/code-climate-token.yaml by @dhiyaneshdk
- file/keys/cratesio-api-key.yaml by @dhiyaneshdk
- file/keys/facebook/fb-access-token.yaml by @dhiyaneshdk
- file/keys/gitlab/gitlab-personal-accesstoken.yaml by @dhiyaneshdk
- file/keys/gitlab/gitlab-pipeline-triggertoken.yaml by @dhiyaneshdk
- file/keys/gitlab/gitlab-runner-regtoken.yaml by @dhiyaneshdk
- file/keys/google/google-clientid.yaml by @dhiyaneshdk
- file/keys/google/google-oauth-clientsecret.yaml by @dhiyaneshdk
- file/keys/heroku-key.yaml by @dhiyaneshdk
- file/keys/jenkins-token.yaml by @dhiyaneshdk
- file/keys/newrelic/newrelic-pixie-apikey.yaml by @dhiyaneshdk
- file/keys/newrelic/newrelic-pixie-deploykey.yaml by @dhiyaneshdk
- file/keys/npm-accesstoken.yaml by @dhiyaneshdk
- file/keys/nuget-key.yaml by @dhiyaneshdk
- file/keys/openai-key.yaml by @dhiyaneshdk
- file/keys/pypi-token.yaml by @dhiyaneshdk
- file/keys/rubygems-key.yaml by @dhiyaneshdk
- file/keys/sauce-access-token.yaml by @dhiyaneshdk
- file/keys/segment-public-api.yaml by @dhiyaneshdk
- file/keys/shopify-public-access.yaml by @dhiyaneshdk
- file/keys/telegram-token.yaml by @dhiyaneshdk
- technologies/icecast-mediaserver-detect.yaml by @pussycat0x
- technologies/splash-rendering-service.yaml by @pussycat0x
- technologies/thinkphp-detect.yaml by @pwnhxl
New Contributors
- @vagnerd made their first contribution in #6903
- @Esonhugh made their first contribution in #6912
- @kazet made their first contribution in #6931
- @JC175 made their first contribution in #6772
- @ThePirateWhoSmellsOfSunflowers made their first contribution in #6939
- @sl4x0 made their first contribution in #6943
- @MrHarshvardhan made their first contribution in #6756
Full Changelog: v9.4.0...v9.4.1
Contributors
kazet, vagnerd, and 12 other contributors