-
Notifications
You must be signed in to change notification settings - Fork 121
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
18,276 changed files
with
1,060,742 additions
and
0 deletions.
The diff you're trying to view is too large. We only load the first 3000 changed files.
There are no files selected for viewing
58 changes: 58 additions & 0 deletions
58
nuclei-templates/2013/CVE-2013-0291-82ee51f84315a8f0151d8f4e4cbb00b8.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,58 @@ | ||
| id: CVE-2013-0291-82ee51f84315a8f0151d8f4e4cbb00b8 | ||
|
|
||
| info: | ||
| name: > | ||
| NextGEN Gallery Plugin <= 0.96 - Cross-Site Scripting | ||
| author: topscoder | ||
| severity: high | ||
| description: > | ||
| reference: | ||
| - https://www.wordfence.com/threat-intel/vulnerabilities/id/f7ff27af-2b78-4214-9232-042357287ba8?source=api-scan | ||
| classification: | ||
| cvss-metrics: | ||
| cvss-score: | ||
| cve-id: CVE-2013-0291 | ||
| metadata: | ||
| fofa-query: "wp-content/plugins/UNKNOWN-CVE-2013-0291-DELETEME/" | ||
| google-query: inurl:"/wp-content/plugins/UNKNOWN-CVE-2013-0291-DELETEME/" | ||
| shodan-query: 'vuln:CVE-2013-0291' | ||
| tags: cve,wordpress,wp-plugin,UNKNOWN-CVE-2013-0291-DELETEME,high | ||
|
|
||
| http: | ||
| - method: GET | ||
| redirects: true | ||
| max-redirects: 3 | ||
| path: | ||
| - "{{BaseURL}}/wp-content/plugins/UNKNOWN-CVE-2013-0291-DELETEME/readme.txt" | ||
|
|
||
| extractors: | ||
| - type: regex | ||
| name: version | ||
| part: body | ||
| group: 1 | ||
| internal: true | ||
| regex: | ||
| - "(?mi)Stable tag: ([0-9.]+)" | ||
|
|
||
| - type: regex | ||
| name: version | ||
| part: body | ||
| group: 1 | ||
| regex: | ||
| - "(?mi)Stable tag: ([0-9.]+)" | ||
|
|
||
| matchers-condition: and | ||
| matchers: | ||
| - type: status | ||
| status: | ||
| - 200 | ||
|
|
||
| - type: word | ||
| words: | ||
| - "UNKNOWN-CVE-2013-0291-DELETEME" | ||
| part: body | ||
|
|
||
| - type: dsl | ||
| dsl: | ||
| - compare_versions(version, '<= 0.96') |
58 changes: 58 additions & 0 deletions
58
nuclei-templates/2014/CVE-2014-4663-42c8a5445d70abc166f93c14f3500712.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,58 @@ | ||
| id: CVE-2014-4663-42c8a5445d70abc166f93c14f3500712 | ||
|
|
||
| info: | ||
| name: > | ||
| Multiple Themes (Various Versions) - Cross-Site Request Forgery to Notice Dismissal | ||
| author: topscoder | ||
| severity: medium | ||
| description: > | ||
| reference: | ||
| - https://www.wordfence.com/threat-intel/vulnerabilities/id/3b007d8a-3096-42f3-a7be-e0e0d3addf0b?source=api-scan | ||
| classification: | ||
| cvss-metrics: | ||
| cvss-score: | ||
| cve-id: CVE-2014-4663 | ||
| metadata: | ||
| fofa-query: "wp-content/themes/panoramic/" | ||
| google-query: inurl:"/wp-content/themes/panoramic/" | ||
| shodan-query: 'vuln:CVE-2014-4663' | ||
| tags: cve,wordpress,wp-theme,panoramic,medium | ||
|
|
||
| http: | ||
| - method: GET | ||
| redirects: true | ||
| max-redirects: 3 | ||
| path: | ||
| - "{{BaseURL}}/wp-content/themes/panoramic/style.css" | ||
|
|
||
| extractors: | ||
| - type: regex | ||
| name: version | ||
| part: body | ||
| group: 1 | ||
| internal: true | ||
| regex: | ||
| - "(?mi)Version: ([0-9.]+)" | ||
|
|
||
| - type: regex | ||
| name: version | ||
| part: body | ||
| group: 1 | ||
| regex: | ||
| - "(?mi)Version: ([0-9.]+)" | ||
|
|
||
| matchers-condition: and | ||
| matchers: | ||
| - type: status | ||
| status: | ||
| - 200 | ||
|
|
||
| - type: word | ||
| words: | ||
| - "panoramic" | ||
| part: body | ||
|
|
||
| - type: dsl | ||
| dsl: | ||
| - compare_versions(version, '< 1.1.57') |
58 changes: 58 additions & 0 deletions
58
nuclei-templates/2015/CVE-2015-10099-045a374dcc4037ebae609408d4fe7a62.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,58 @@ | ||
| id: CVE-2015-10099-045a374dcc4037ebae609408d4fe7a62 | ||
|
|
||
| info: | ||
| name: > | ||
| CP Appointment Calendar <= 1.1.5 - Unauthenticated SQL Injection | ||
| author: topscoder | ||
| severity: critical | ||
| description: > | ||
| reference: | ||
| - https://www.wordfence.com/threat-intel/vulnerabilities/id/948d40f5-2c87-4439-b4ef-3e02c397bf0f?source=api-scan | ||
| classification: | ||
| cvss-metrics: | ||
| cvss-score: | ||
| cve-id: CVE-2015-10099 | ||
| metadata: | ||
| fofa-query: "wp-content/plugins/UNKNOWN-CVE-2015-10099-1/" | ||
| google-query: inurl:"/wp-content/plugins/UNKNOWN-CVE-2015-10099-1/" | ||
| shodan-query: 'vuln:CVE-2015-10099' | ||
| tags: cve,wordpress,wp-plugin,UNKNOWN-CVE-2015-10099-1,critical | ||
|
|
||
| http: | ||
| - method: GET | ||
| redirects: true | ||
| max-redirects: 3 | ||
| path: | ||
| - "{{BaseURL}}/wp-content/plugins/UNKNOWN-CVE-2015-10099-1/readme.txt" | ||
|
|
||
| extractors: | ||
| - type: regex | ||
| name: version | ||
| part: body | ||
| group: 1 | ||
| internal: true | ||
| regex: | ||
| - "(?mi)Stable tag: ([0-9.]+)" | ||
|
|
||
| - type: regex | ||
| name: version | ||
| part: body | ||
| group: 1 | ||
| regex: | ||
| - "(?mi)Stable tag: ([0-9.]+)" | ||
|
|
||
| matchers-condition: and | ||
| matchers: | ||
| - type: status | ||
| status: | ||
| - 200 | ||
|
|
||
| - type: word | ||
| words: | ||
| - "UNKNOWN-CVE-2015-10099-1" | ||
| part: body | ||
|
|
||
| - type: dsl | ||
| dsl: | ||
| - compare_versions(version, '<= 1.1.5') |
58 changes: 58 additions & 0 deletions
58
nuclei-templates/2015/CVE-2015-10100-e1b0f6560fbae95c0c8c368c89e53632.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,58 @@ | ||
| id: CVE-2015-10100-e1b0f6560fbae95c0c8c368c89e53632 | ||
|
|
||
| info: | ||
| name: > | ||
| Dynamic Widgets <= 1.5.10 - Authenticated SQL Injection | ||
| author: topscoder | ||
| severity: low | ||
| description: > | ||
| reference: | ||
| - https://www.wordfence.com/threat-intel/vulnerabilities/id/8c5a6fcb-72f0-4188-b883-d1dcaf1d13ff?source=api-scan | ||
| classification: | ||
| cvss-metrics: | ||
| cvss-score: | ||
| cve-id: CVE-2015-10100 | ||
| metadata: | ||
| fofa-query: "wp-content/plugins/UNKNOWN-CVE-2015-10100-1/" | ||
| google-query: inurl:"/wp-content/plugins/UNKNOWN-CVE-2015-10100-1/" | ||
| shodan-query: 'vuln:CVE-2015-10100' | ||
| tags: cve,wordpress,wp-plugin,UNKNOWN-CVE-2015-10100-1,low | ||
|
|
||
| http: | ||
| - method: GET | ||
| redirects: true | ||
| max-redirects: 3 | ||
| path: | ||
| - "{{BaseURL}}/wp-content/plugins/UNKNOWN-CVE-2015-10100-1/readme.txt" | ||
|
|
||
| extractors: | ||
| - type: regex | ||
| name: version | ||
| part: body | ||
| group: 1 | ||
| internal: true | ||
| regex: | ||
| - "(?mi)Stable tag: ([0-9.]+)" | ||
|
|
||
| - type: regex | ||
| name: version | ||
| part: body | ||
| group: 1 | ||
| regex: | ||
| - "(?mi)Stable tag: ([0-9.]+)" | ||
|
|
||
| matchers-condition: and | ||
| matchers: | ||
| - type: status | ||
| status: | ||
| - 200 | ||
|
|
||
| - type: word | ||
| words: | ||
| - "UNKNOWN-CVE-2015-10100-1" | ||
| part: body | ||
|
|
||
| - type: dsl | ||
| dsl: | ||
| - compare_versions(version, '<= 1.5.10') |
58 changes: 58 additions & 0 deletions
58
nuclei-templates/2015/CVE-2015-10122-da3f0f16feb56d7497b76972109fd5c9.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,58 @@ | ||
| id: CVE-2015-10122-da3f0f16feb56d7497b76972109fd5c9 | ||
|
|
||
| info: | ||
| name: > | ||
| WP Donate <= 1.4 - Unauthenticated SQL Injection in donate-display.php | ||
| author: topscoder | ||
| severity: critical | ||
| description: > | ||
| reference: | ||
| - https://www.wordfence.com/threat-intel/vulnerabilities/id/58bd4a75-8e24-4810-8b9d-c9ffad1c2208?source=api-scan | ||
| classification: | ||
| cvss-metrics: | ||
| cvss-score: | ||
| cve-id: CVE-2015-10122 | ||
| metadata: | ||
| fofa-query: "wp-content/plugins/UNKNOWN-CVE-2015-10122-1/" | ||
| google-query: inurl:"/wp-content/plugins/UNKNOWN-CVE-2015-10122-1/" | ||
| shodan-query: 'vuln:CVE-2015-10122' | ||
| tags: cve,wordpress,wp-plugin,UNKNOWN-CVE-2015-10122-1,critical | ||
|
|
||
| http: | ||
| - method: GET | ||
| redirects: true | ||
| max-redirects: 3 | ||
| path: | ||
| - "{{BaseURL}}/wp-content/plugins/UNKNOWN-CVE-2015-10122-1/readme.txt" | ||
|
|
||
| extractors: | ||
| - type: regex | ||
| name: version | ||
| part: body | ||
| group: 1 | ||
| internal: true | ||
| regex: | ||
| - "(?mi)Stable tag: ([0-9.]+)" | ||
|
|
||
| - type: regex | ||
| name: version | ||
| part: body | ||
| group: 1 | ||
| regex: | ||
| - "(?mi)Stable tag: ([0-9.]+)" | ||
|
|
||
| matchers-condition: and | ||
| matchers: | ||
| - type: status | ||
| status: | ||
| - 200 | ||
|
|
||
| - type: word | ||
| words: | ||
| - "UNKNOWN-CVE-2015-10122-1" | ||
| part: body | ||
|
|
||
| - type: dsl | ||
| dsl: | ||
| - compare_versions(version, '<= 1.4') |
58 changes: 58 additions & 0 deletions
58
nuclei-templates/2020/CVE-2020-5611-c769c373bb9f1ffe92fbf49a67c167c6.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,58 @@ | ||
| id: CVE-2020-5611-c769c373bb9f1ffe92fbf49a67c167c6 | ||
|
|
||
| info: | ||
| name: > | ||
| Social Rocket – Social Sharing Plugin < 1.2.10 - Cross-Site Request Forgery | ||
| author: topscoder | ||
| severity: medium | ||
| description: > | ||
| reference: | ||
| - https://www.wordfence.com/threat-intel/vulnerabilities/id/c4aa2813-6920-4886-b6d2-78fbcd00bdf7?source=api-scan | ||
| classification: | ||
| cvss-metrics: | ||
| cvss-score: | ||
| cve-id: CVE-2020-5611 | ||
| metadata: | ||
| fofa-query: "wp-content/plugins/UNKNOWN-CVE-2020-5611/" | ||
| google-query: inurl:"/wp-content/plugins/UNKNOWN-CVE-2020-5611/" | ||
| shodan-query: 'vuln:CVE-2020-5611' | ||
| tags: cve,wordpress,wp-plugin,UNKNOWN-CVE-2020-5611,medium | ||
|
|
||
| http: | ||
| - method: GET | ||
| redirects: true | ||
| max-redirects: 3 | ||
| path: | ||
| - "{{BaseURL}}/wp-content/plugins/UNKNOWN-CVE-2020-5611/readme.txt" | ||
|
|
||
| extractors: | ||
| - type: regex | ||
| name: version | ||
| part: body | ||
| group: 1 | ||
| internal: true | ||
| regex: | ||
| - "(?mi)Stable tag: ([0-9.]+)" | ||
|
|
||
| - type: regex | ||
| name: version | ||
| part: body | ||
| group: 1 | ||
| regex: | ||
| - "(?mi)Stable tag: ([0-9.]+)" | ||
|
|
||
| matchers-condition: and | ||
| matchers: | ||
| - type: status | ||
| status: | ||
| - 200 | ||
|
|
||
| - type: word | ||
| words: | ||
| - "UNKNOWN-CVE-2020-5611" | ||
| part: body | ||
|
|
||
| - type: dsl | ||
| dsl: | ||
| - compare_versions(version, '< 1.2.10') |
Oops, something went wrong.