-
Notifications
You must be signed in to change notification settings - Fork 121
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Template regeneration (Scanner feed)
- Loading branch information
Showing
14,250 changed files
with
827,182 additions
and
0 deletions.
The diff you're trying to view is too large. We only load the first 3000 changed files.
There are no files selected for viewing
58 changes: 58 additions & 0 deletions
58
nuclei-templates/2013/CVE-2013-0291-58ddfbc8f08958c578758b38baef9c64.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,58 @@ | ||
| id: CVE-2013-0291-58ddfbc8f08958c578758b38baef9c64 | ||
|
|
||
| info: | ||
| name: > | ||
| NextGEN Gallery Plugin <= 0.96 - Cross-Site Scripting | ||
| author: topscoder | ||
| severity: high | ||
| description: > | ||
| reference: | ||
| - https://www.wordfence.com/threat-intel/vulnerabilities/id/f7ff27af-2b78-4214-9232-042357287ba8?source=api-scan | ||
| classification: | ||
| cvss-metrics: | ||
| cvss-score: | ||
| cve-id: CVE-2013-0291 | ||
| metadata: | ||
| fofa-query: "wp-content/plugins/UNKNOWN-CVE-2013-0291-DELETEME/" | ||
| google-query: inurl:"/wp-content/plugins/UNKNOWN-CVE-2013-0291-DELETEME/" | ||
| shodan-query: 'vuln:CVE-2013-0291' | ||
| tags: cve,wordpress,wp-plugin,UNKNOWN-CVE-2013-0291-DELETEME,high | ||
|
|
||
| http: | ||
| - method: GET | ||
| redirects: true | ||
| max-redirects: 3 | ||
| path: | ||
| - "{{BaseURL}}/wp-content/plugins/UNKNOWN-CVE-2013-0291-DELETEME/readme.txt" | ||
|
|
||
| extractors: | ||
| - type: regex | ||
| name: version | ||
| part: body | ||
| group: 1 | ||
| internal: true | ||
| regex: | ||
| - "(?mi)Stable tag: ([0-9.]+)" | ||
|
|
||
| - type: regex | ||
| name: version | ||
| part: body | ||
| group: 1 | ||
| regex: | ||
| - "(?mi)Stable tag: ([0-9.]+)" | ||
|
|
||
| matchers-condition: and | ||
| matchers: | ||
| - type: status | ||
| status: | ||
| - 200 | ||
|
|
||
| - type: word | ||
| words: | ||
| - "UNKNOWN-CVE-2013-0291-DELETEME" | ||
| part: body | ||
|
|
||
| - type: dsl | ||
| dsl: | ||
| - compare_versions(version, '<= 0.96') |
58 changes: 58 additions & 0 deletions
58
nuclei-templates/2014/CVE-2014-4663-086335e3764d29c07c7d7cc4e2750c93.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,58 @@ | ||
| id: CVE-2014-4663-086335e3764d29c07c7d7cc4e2750c93 | ||
|
|
||
| info: | ||
| name: > | ||
| Multiple Themes (Various Versions) - Cross-Site Request Forgery to Notice Dismissal | ||
| author: topscoder | ||
| severity: medium | ||
| description: > | ||
| reference: | ||
| - https://www.wordfence.com/threat-intel/vulnerabilities/id/3b007d8a-3096-42f3-a7be-e0e0d3addf0b?source=api-scan | ||
| classification: | ||
| cvss-metrics: | ||
| cvss-score: | ||
| cve-id: CVE-2014-4663 | ||
| metadata: | ||
| fofa-query: "wp-content/plugins/UNKNOWN-CVE-2014-4663/" | ||
| google-query: inurl:"/wp-content/plugins/UNKNOWN-CVE-2014-4663/" | ||
| shodan-query: 'vuln:CVE-2014-4663' | ||
| tags: cve,wordpress,wp-plugin,UNKNOWN-CVE-2014-4663,medium | ||
|
|
||
| http: | ||
| - method: GET | ||
| redirects: true | ||
| max-redirects: 3 | ||
| path: | ||
| - "{{BaseURL}}/wp-content/plugins/UNKNOWN-CVE-2014-4663/readme.txt" | ||
|
|
||
| extractors: | ||
| - type: regex | ||
| name: version | ||
| part: body | ||
| group: 1 | ||
| internal: true | ||
| regex: | ||
| - "(?mi)Stable tag: ([0-9.]+)" | ||
|
|
||
| - type: regex | ||
| name: version | ||
| part: body | ||
| group: 1 | ||
| regex: | ||
| - "(?mi)Stable tag: ([0-9.]+)" | ||
|
|
||
| matchers-condition: and | ||
| matchers: | ||
| - type: status | ||
| status: | ||
| - 200 | ||
|
|
||
| - type: word | ||
| words: | ||
| - "UNKNOWN-CVE-2014-4663" | ||
| part: body | ||
|
|
||
| - type: dsl | ||
| dsl: | ||
| - compare_versions(version, '<= 3.15.3') |
58 changes: 58 additions & 0 deletions
58
nuclei-templates/2022/CVE-2022-28700-eee72fcaef7d6d7710f8503cc05b2365.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,58 @@ | ||
| id: CVE-2022-28700-eee72fcaef7d6d7710f8503cc05b2365 | ||
|
|
||
| info: | ||
| name: > | ||
| GiveWP <= 2.20.2 - Authenticated Arbitrary File Read | ||
| author: topscoder | ||
| severity: low | ||
| description: > | ||
| reference: | ||
| - https://www.wordfence.com/threat-intel/vulnerabilities/id/3fe1bb24-1f60-40f6-9b5e-58e0158bdfd3?source=api-scan | ||
| classification: | ||
| cvss-metrics: | ||
| cvss-score: | ||
| cve-id: CVE-2022-28700 | ||
| metadata: | ||
| fofa-query: "wp-content/plugins/UNKNOWN-CVE-2022-28700/" | ||
| google-query: inurl:"/wp-content/plugins/UNKNOWN-CVE-2022-28700/" | ||
| shodan-query: 'vuln:CVE-2022-28700' | ||
| tags: cve,wordpress,wp-plugin,UNKNOWN-CVE-2022-28700,low | ||
|
|
||
| http: | ||
| - method: GET | ||
| redirects: true | ||
| max-redirects: 3 | ||
| path: | ||
| - "{{BaseURL}}/wp-content/plugins/UNKNOWN-CVE-2022-28700/readme.txt" | ||
|
|
||
| extractors: | ||
| - type: regex | ||
| name: version | ||
| part: body | ||
| group: 1 | ||
| internal: true | ||
| regex: | ||
| - "(?mi)Stable tag: ([0-9.]+)" | ||
|
|
||
| - type: regex | ||
| name: version | ||
| part: body | ||
| group: 1 | ||
| regex: | ||
| - "(?mi)Stable tag: ([0-9.]+)" | ||
|
|
||
| matchers-condition: and | ||
| matchers: | ||
| - type: status | ||
| status: | ||
| - 200 | ||
|
|
||
| - type: word | ||
| words: | ||
| - "UNKNOWN-CVE-2022-28700" | ||
| part: body | ||
|
|
||
| - type: dsl | ||
| dsl: | ||
| - compare_versions(version, '<= 2.20.2') |
58 changes: 58 additions & 0 deletions
58
nuclei-templates/2023/CVE-2023-6485-3e71b451d444e56f20cac2bd5a92795e.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,58 @@ | ||
| id: CVE-2023-6485-3e71b451d444e56f20cac2bd5a92795e | ||
|
|
||
| info: | ||
| name: > | ||
| HTML5 Video Player <= 2.5.24 - Unauthenticated SQL Injection via id | ||
| author: topscoder | ||
| severity: low | ||
| description: > | ||
| reference: | ||
| - https://www.wordfence.com/threat-intel/vulnerabilities/id/0abd2533-5cb3-4568-8ad2-f2852ab3a8db?source=api-scan | ||
| classification: | ||
| cvss-metrics: | ||
| cvss-score: | ||
| cve-id: CVE-2023-6485 | ||
| metadata: | ||
| fofa-query: "wp-content/plugins/UNKNOWN-CVE-2023-6485-1/" | ||
| google-query: inurl:"/wp-content/plugins/UNKNOWN-CVE-2023-6485-1/" | ||
| shodan-query: 'vuln:CVE-2023-6485' | ||
| tags: cve,wordpress,wp-plugin,UNKNOWN-CVE-2023-6485-1,low | ||
|
|
||
| http: | ||
| - method: GET | ||
| redirects: true | ||
| max-redirects: 3 | ||
| path: | ||
| - "{{BaseURL}}/wp-content/plugins/UNKNOWN-CVE-2023-6485-1/readme.txt" | ||
|
|
||
| extractors: | ||
| - type: regex | ||
| name: version | ||
| part: body | ||
| group: 1 | ||
| internal: true | ||
| regex: | ||
| - "(?mi)Stable tag: ([0-9.]+)" | ||
|
|
||
| - type: regex | ||
| name: version | ||
| part: body | ||
| group: 1 | ||
| regex: | ||
| - "(?mi)Stable tag: ([0-9.]+)" | ||
|
|
||
| matchers-condition: and | ||
| matchers: | ||
| - type: status | ||
| status: | ||
| - 200 | ||
|
|
||
| - type: word | ||
| words: | ||
| - "UNKNOWN-CVE-2023-6485-1" | ||
| part: body | ||
|
|
||
| - type: dsl | ||
| dsl: | ||
| - compare_versions(version, '<= 2.5.24') |
58 changes: 58 additions & 0 deletions
58
nuclei-templates/cve-less/plugins/0mk-shortener-17c0f8c5353b51c76be9ea996254e492.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,58 @@ | ||
| id: 0mk-shortener-17c0f8c5353b51c76be9ea996254e492 | ||
|
|
||
| info: | ||
| name: > | ||
| 0mk Shortener <= 0.2 - Cross-Site Request Forgery to Stored Cross-Site Scripting | ||
| author: topscoder | ||
| severity: medium | ||
| description: > | ||
| reference: | ||
| - https://www.wordfence.com/threat-intel/vulnerabilities/id/3b798c64-3434-427d-b578-5abbdac8cd0e?source=api-scan | ||
| classification: | ||
| cvss-metrics: | ||
| cvss-score: | ||
| cve-id: | ||
| metadata: | ||
| fofa-query: "wp-content/plugins/0mk-shortener/" | ||
| google-query: inurl:"/wp-content/plugins/0mk-shortener/" | ||
| shodan-query: 'vuln:' | ||
| tags: cve,wordpress,wp-plugin,0mk-shortener,medium | ||
|
|
||
| http: | ||
| - method: GET | ||
| redirects: true | ||
| max-redirects: 3 | ||
| path: | ||
| - "{{BaseURL}}/wp-content/plugins/0mk-shortener/readme.txt" | ||
|
|
||
| extractors: | ||
| - type: regex | ||
| name: version | ||
| part: body | ||
| group: 1 | ||
| internal: true | ||
| regex: | ||
| - "(?mi)Stable tag: ([0-9.]+)" | ||
|
|
||
| - type: regex | ||
| name: version | ||
| part: body | ||
| group: 1 | ||
| regex: | ||
| - "(?mi)Stable tag: ([0-9.]+)" | ||
|
|
||
| matchers-condition: and | ||
| matchers: | ||
| - type: status | ||
| status: | ||
| - 200 | ||
|
|
||
| - type: word | ||
| words: | ||
| - "0mk-shortener" | ||
| part: body | ||
|
|
||
| - type: dsl | ||
| dsl: | ||
| - compare_versions(version, '<= 0.2') |
58 changes: 58 additions & 0 deletions
58
nuclei-templates/cve-less/plugins/0mk-shortener-cbd2f40afcea324b1b6628d63c264b5b.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,58 @@ | ||
| id: 0mk-shortener-cbd2f40afcea324b1b6628d63c264b5b | ||
|
|
||
| info: | ||
| name: > | ||
| 0mk Shortener <= 0.2 - Authenticated (Administrator+) Stored Cross-Site Scripting | ||
| author: topscoder | ||
| severity: low | ||
| description: > | ||
| reference: | ||
| - https://www.wordfence.com/threat-intel/vulnerabilities/id/de9f3b83-4575-4566-9731-0af9107c7c30?source=api-scan | ||
| classification: | ||
| cvss-metrics: | ||
| cvss-score: | ||
| cve-id: | ||
| metadata: | ||
| fofa-query: "wp-content/plugins/0mk-shortener/" | ||
| google-query: inurl:"/wp-content/plugins/0mk-shortener/" | ||
| shodan-query: 'vuln:' | ||
| tags: cve,wordpress,wp-plugin,0mk-shortener,low | ||
|
|
||
| http: | ||
| - method: GET | ||
| redirects: true | ||
| max-redirects: 3 | ||
| path: | ||
| - "{{BaseURL}}/wp-content/plugins/0mk-shortener/readme.txt" | ||
|
|
||
| extractors: | ||
| - type: regex | ||
| name: version | ||
| part: body | ||
| group: 1 | ||
| internal: true | ||
| regex: | ||
| - "(?mi)Stable tag: ([0-9.]+)" | ||
|
|
||
| - type: regex | ||
| name: version | ||
| part: body | ||
| group: 1 | ||
| regex: | ||
| - "(?mi)Stable tag: ([0-9.]+)" | ||
|
|
||
| matchers-condition: and | ||
| matchers: | ||
| - type: status | ||
| status: | ||
| - 200 | ||
|
|
||
| - type: word | ||
| words: | ||
| - "0mk-shortener" | ||
| part: body | ||
|
|
||
| - type: dsl | ||
| dsl: | ||
| - compare_versions(version, '<= 0.2') |
Oops, something went wrong.