Releases: projectdiscovery/nuclei-templates
Releases · projectdiscovery/nuclei-templates
v9.5.4
What's Changed
New Templates Added : 51
New CVEs Added: 26
- http/cves/2023/CVE-2023-35844.yaml by @dwisiswant0 🔥
- http/cves/2023/CVE-2023-35843.yaml by @dwisiswant0
- http/cves/2023/CVE-2023-34843.yaml by @dhiyaneshdk
- http/cves/2023/CVE-2023-34659.yaml by @ritikchaddha
- http/cves/2023/CVE-2023-34599.yaml by @ritikchaddha
- http/cves/2023/CVE-2023-34598.yaml by @dhiyaneshdk
- http/cves/2023/CVE-2023-34537.yaml by @harsh
- http/cves/2023/CVE-2023-33510.yaml by @dhiyaneshdk
- http/cves/2023/CVE-2023-31548.yaml by @harsh
- http/cves/2023/CVE-2023-30019.yaml by @dhiyaneshdk
- http/cves/2023/CVE-2023-27372.yaml by @dhiyaneshdk,@nuts7 🔥
- http/cves/2023/CVE-2023-26843.yaml by @harsh
- http/cves/2023/CVE-2023-26842.yaml by @harsh
- http/cves/2023/CVE-2023-25346.yaml by @harsh
- http/cves/2023/CVE-2023-24488.yaml by @johnk3r 🔥
- http/cves/2023/CVE-2023-20889.yaml by @iamnoooob,@rootxharsh,@pdresearch
- http/cves/2023/CVE-2023-20888.yaml by @iamnoooob,@rootxharsh,@pdresearch
- http/cves/2023/CVE-2023-1496.yaml by @pdteam
- http/cves/2023/CVE-2023-1454.yaml by @dhiyaneshdk 🔥
- http/cves/2023/CVE-2023-0563.yaml by @harsh
- http/cves/2023/CVE-2023-0562.yaml by @harsh
- http/cves/2023/CVE-2023-0527.yaml by @harsh
- http/cves/2023/CVE-2023-0126.yaml by @tess
- http/cves/2022/CVE-2022-40022.yaml by @dhiyaneshdk
- http/cves/2021/CVE-2021-46704.yaml by @dhiyaneshdk
- http/cves/2012/CVE-2012-6499.yaml by @ctflearner
- http/cnvd/2020/CNVD-2020-63964.yaml by @brucelsone
- http/vulnerabilities/hikvision-ivms-file-upload-rce.yaml by @brucelsone
- http/vulnerabilities/kkfileview-ssrf.yaml by @arm!tage
- http/vulnerabilities/vbulletin/arcade-php-sqli.yaml by @mastercho
- http/misconfiguration/codeigniter-errorpage.yaml by @j4vaovo
- http/misconfiguration/genieacs-default-jwt.yaml by @dhiyaneshdk,@pussycat0x
- http/misconfiguration/grav-register-admin.yaml by @dhiyaneshdk
- http/misconfiguration/installer/spip-install.yaml by @dhiyaneshdk
- http/misconfiguration/odoo-unprotected-database.yaml by @pdteam
- network/enumeration/psql-user-enum.yaml by @pussycat0x
- network/misconfig/unauth-psql.yaml by @pussycat0x
- http/exposed-panels/axxon-client-panel.yaml by @irshadahamed
- http/exposed-panels/jsherp-boot-panel.yaml by @dhiyaneshdk
- http/exposed-panels/openbullet2-panel.yaml by @mastercho
- http/exposed-panels/syncserver-panel.yaml by @dhiyaneshdk
- http/exposed-panels/wd-mycloud-panel.yaml by @dhiyaneshdk
- http/exposures/configs/aws-config.yaml by @m4lwhere
- http/exposures/configs/aws-credentials.yaml by @m4lwhere
- http/technologies/wordpress/plugins/wp-rollback.yaml by @ricardomaia
- file/nodejs/admzip-path-overwrite.yaml by @me_dheeraj (https://twitter.com/Dheerajmadhukar)
- file/nodejs/express-lfr.yaml by @me_dheeraj (https://twitter.com/Dheerajmadhukar)
- file/nodejs/generic-path-traversal.yaml by @me_dheeraj (https://twitter.com/Dheerajmadhukar)
- file/nodejs/tar-path-overwrite.yaml by @me_dheeraj (https://twitter.com/Dheerajmadhukar)
- file/nodejs/xss-serialize-javascript.yaml by @me_dheeraj (https://twitter.com/Dheerajmadhukar)
- file/nodejs/zip-path-overwrite.yaml by @me_dheeraj (https://twitter.com/Dheerajmadhukar)
New Contributors
- @m4lwhere made their first contribution in #7272
- @harsh2403 made their first contribution in #7530
- @vershinind made their first contribution in #7232
Full Changelog: v9.5.3...v9.5.4
Contributors
ricardomaia, johnk3r, and 18 other contributors
Assets 2
v9.5.3
🔥 Highlights of this release:
✅ [CVE-2023-34362] MOVEit Transfer - Remote Code Execution (@princechaddha,@rootxharsh,@ritikchaddha,@pdresearch) [critical]
✅ [CVE-2023-34960] Chamilo Command Injection (@dhiyaneshdk) [high]
✅ [CVE-2023-33246] RocketMQ <= 5.1.0 - Remote Code Execution (@iamnoooob,@rootxharsh,@pdresearch) [critical]
✅ [CVE-2023-25157] GeoServer OGC Filter - SQL Injection (@ritikchaddha,@dhiyaneshdk,@iamnoooob,@rootxharsh) [critical]
✅ [CVE-2023-23333] SolarView Compact 6.00 - OS Command Injection (@Mr-xn) [critical]
✅ [CVE-2023-20887] VMware VRealize Network Insight - Remote Code Execution (@sinsinology) [critical]
✅ [CVE-2022-23544] MeterSphere < 2.5.0 SSRF (@j4vaovo) [medium]
✅ [CVE-2022-24706] CouchDB Erlang Distribution - Remote Command Execution (@Mzack9999,@pussycat0x) [critical]
✅ [CVE-2017-12617] Apache Tomcat - Remote Code Execution (@pussycat0x) [high]
✅ [CVE-2016-6195] vBulletin <= 4.2.3 - SQL Injection (@mastercho) [high]
What's Changed
New Templates Added: 62
New CVEs Added: 28
- http/cves/2023/CVE-2023-34960.yaml by @dhiyaneshdk 🔥
- http/cves/2023/CVE-2023-34362.yaml by @princechaddha,@rootxharsh,@ritikchaddha,@pdresearch 🔥
- http/cves/2023/CVE-2023-33568.yaml by @dhiyaneshdk
- http/cves/2023/CVE-2023-25157.yaml by @ritikchaddha,@dhiyaneshdk,@iamnoooob,@rootxharsh 🔥
- http/cves/2023/CVE-2023-24243.yaml by @ritikchaddha
- http/cves/2023/CVE-2023-23333.yaml by @Mr-xn 🔥
- http/cves/2023/CVE-2023-20887.yaml by @sinsinology 🔥
- http/cves/2023/CVE-2023-0630.yaml by @dhiyaneshdk
- http/cves/2022/CVE-2022-23544.yaml by @j4vaovo 🔥
- http/cves/2022/CVE-2022-0869.yaml by @ctflearner
- http/cves/2021/CVE-2021-44138.yaml by carrot2
- http/cves/2021/CVE-2021-24647.yaml by @dhiyaneshdk
- http/cves/2019/CVE-2019-1943.yaml by @bhutch
- http/cves/2019/CVE-2019-10098.yaml by @ctflearner
- http/cves/2017/CVE-2017-12617.yaml by @pussycat0x 🔥
- http/cves/2016/CVE-2016-6195.yaml by @mastercho 🔥
- http/cves/2013/CVE-2013-2621.yaml by @ctflearner
- http/cves/2012/CVE-2012-4982.yaml by @ctflearner
- http/cves/2011/CVE-2011-5252.yaml by @ctflearner
- http/cves/2010/CVE-2010-1586.yaml by @ctflearner
- http/cves/2009/CVE-2009-0347.yaml by @ctflearner
- http/cves/2008/CVE-2008-7269.yaml by @ctflearner
- http/cves/2008/CVE-2008-1547.yaml by @ctflearner
- http/cves/2005/CVE-2005-3634.yaml by @ctflearner
- http/cves/2004/CVE-2004-1965.yaml by @ctflearner
- http/cves/2001/CVE-2001-0537.yaml by @dhiyaneshdk
- network/cves/2022/CVE-2022-24706.yaml by @Mzack9999,@pussycat0x 🔥
- network/cves/2023/CVE-2023-33246.yaml by @iamnoooob,@rootxharsh,@pdresearch 🔥
- http/vulnerabilities/nuxt/nuxt-js-lfi.yaml by @dhiyaneshdk
- http/vulnerabilities/nuxt/nuxt-js-semi-lfi.yaml by @dhiyaneshdk
- http/vulnerabilities/nuxt/nuxt-js-xss.yaml by @dhiyaneshdk
- http/vulnerabilities/other/epp-server-lfi.yaml by @dhiyaneshdk
- http/misconfiguration/bravia-signage.yaml by @dhiyaneshdk
- http/misconfiguration/symfony-fragment.yaml by Palanichamy_perumal,TechbrunchFR
- http/default-logins/riello/netman-default-login.yaml by @mabdullah22
- http/exposed-panels/c2/brute-ratel-c4.yaml by @pussycat0x
- http/exposed-panels/c2/empire-c2.yaml by @pussycat0x
- http/exposed-panels/c2/evilginx.yaml by @pussycat0x
- http/exposed-panels/c2/nh-c2.yaml by @pussycat0
- http/exposed-panels/c2/viper-c2.yaml by @pussycat0x
- http/exposed-panels/cryptobox-panel.yaml by @righettod
- http/exposed-panels/iclock-admin-panel.yaml by @deFr0ggy
- http/exposed-panels/rancher-dashboard.yaml by @ritikchaddha
- http/miscellaneous/crypto-mining-malware.yaml by @geeknik
- ssl/c2/asyncrat-c2.yaml by @johnk3r
- ssl/c2/bitrat-c2.yaml by @pussycat0x
- ssl/c2/covenant-c2-ssl.yaml by @pussycat0x
- ssl/c2/dcrat-server-c2.yaml by @pussycat0x
- ssl/c2/gozi-malware.yaml by @pussycat0x
- ssl/c2/icedid.yaml by @pussycat0x
- ssl/c2/orcus-rat-c2.yaml by @pussycat0x
- ssl/c2/posh-c2.yaml by @pussycat0x
- ssl/c2/quasar-rat-c2.yaml by @johnk3r,@pussycat0x
- ssl/c2/shadowpad-c2.yaml by @pussycat0x
- http/technologies/magento-eol.yaml by @dogancanbakir
- http/technologies/magento-version-detect.yaml by @sullo,@dogancanbakir
- http/technologies/openproject-detect.yaml by @ricardomaia
- http/technologies/phplist-detect.yaml by @ricardomaia
- http/technologies/wordpress/plugins/breeze.yaml by @ricardomaia
- http/technologies/wordpress/plugins/fast-indexing-api.yaml by @ricardomaia
- http/osint/facebook-page.yaml by @gpiechnik2
- http/osint/stackoverflow.yaml by @lu4nx
New Contributors
- @6mile made their first contribution in #7367
- @impalanichamy made their first contribution in #7121
- @ctflearner made their first contribution in #7381
- @carr0t2 made their first contribution in #7369
- @sinsinology made their first contribution in #7405
- @gpiechnik2 made their first contribution in #7396
- @mabdullah22 made their first contribution in #7390
- @AgnellusX1 made their first contribution in #7416
Full Changelog: v9.5.2...v9.5.3
Contributors
geeknik, ricardomaia, and 25 other contributors
Assets 2
v9.5.2 [Credential Stuffing Templates]
🔥 Highlights of this release:
This release adds a collection of credential-stuffing templates for both cloud and self-hosted services. These templates can be used for automating the identification and prevention of credential stuffing attempts across your organization's websites and applications.
Credential Stuffing Templates:
- http/credential-stuffing/cloud/atechmedia-codebase-login-check.yaml by @parthmalhotra,@pdresearch
- http/credential-stuffing/cloud/atlassian-login-check.yaml by @parthmalhotra,@pdresearch
- http/credential-stuffing/cloud/avnil-pdf-generator-check.yaml by @parthmalhotra,@pdresearch
- http/credential-stuffing/cloud/chefio-login-check.yaml by @parthmalhotra,@pdresearch
- http/credential-stuffing/cloud/codepen-login-check.yaml by @parthmalhotra,@pdresearch
- http/credential-stuffing/cloud/datadog-login-check.yaml by @parthmalhotra,@pdresearch
- http/credential-stuffing/cloud/docker-hub-login-check.yaml by @parthmalhotra,@pdresearch
- http/credential-stuffing/cloud/gitea-login-check.yaml by @parthmalhotra,@pdresearch
- http/credential-stuffing/cloud/github-login-check.yaml by @parthmalhotra,@pdresearch
- http/credential-stuffing/cloud/postman-login-check.yaml by @parthmalhotra,@pdresearch
- http/credential-stuffing/cloud/pulmi-login-check.yaml by @parthmalhotra,@pdresearch
- http/credential-stuffing/self-hosted/gitlab-login-check-self-hosted.yaml by @parthmalhotra,@pdresearch
- http/credential-stuffing/self-hosted/grafana-login-check.yaml by @parthmalhotra,@pdresearch
- http/credential-stuffing/self-hosted/jira-login-check.yaml by @parthmalhotra,@pdresearch
What's Changed
New Templates Added : 44
New CVEs Added: 29
- http/cves/2023/CVE-2023-32315.yaml by @vsh00t 🔥
- http/cves/2023/CVE-2023-29623.yaml by @theamanrawat
- http/cves/2023/CVE-2023-29622.yaml by @theamanrawat
- http/cves/2023/CVE-2023-2130.yaml by @theamanrawat
- http/cves/2023/CVE-2023-2122.yaml by @r3Y3r53
- http/cves/2023/CVE-2023-1362.yaml by @ctflearner
- http/cves/2023/CVE-2023-0948.yaml by @r3Y3r53
- http/cves/2022/CVE-2022-31984.yaml by @theamanrawat 🔥
- http/cves/2022/CVE-2022-31983.yaml by @theamanrawat
- http/cves/2022/CVE-2022-31982.yaml by @theamanrawat
- http/cves/2022/CVE-2022-31981.yaml by @theamanrawat
- http/cves/2022/CVE-2022-31980.yaml by @theamanrawat
- http/cves/2022/CVE-2022-31978.yaml by @theamanrawat
- http/cves/2022/CVE-2022-31977.yaml by @theamanrawat
- http/cves/2022/CVE-2022-31976.yaml by @theamanrawat
- http/cves/2022/CVE-2022-31975.yaml by @theamanrawat
- http/cves/2022/CVE-2022-31974.yaml by @theamanrawat
- http/cves/2022/CVE-2022-31879.yaml by @theamanrawat
- http/cves/2022/CVE-2022-28023.yaml by @theamanrawat
- http/cves/2022/CVE-2022-28022.yaml by @theamanrawat
- http/cves/2021/CVE-2021-43725.yaml by @theamanrawat
- http/cves/2021/CVE-2021-40973.yaml by @theamanrawat
- http/cves/2021/CVE-2021-40972.yaml by @theamanrawat
- http/cves/2021/CVE-2021-40971.yaml by @theamanrawat
- http/cves/2021/CVE-2021-40970.yaml by @theamanrawat
- http/cves/2021/CVE-2021-40969.yaml by @theamanrawat
- http/cves/2021/CVE-2021-40968.yaml by @theamanrawat
- http/cves/2021/CVE-2021-27124.yaml by @theamanrawat
- http/cves/2021/CVE-2021-24731.yaml by @theamanrawat
- http/exposed-panels/spotweb-login-panel.yaml by @theamanrawat
- http/credential-stuffing/cloud/atechmedia-codebase-login-check.yaml by @parthmalhotra,@pdresearch
- http/credential-stuffing/cloud/atlassian-login-check.yaml by @parthmalhotra,@pdresearch
- http/credential-stuffing/cloud/avnil-pdf-generator-check.yaml by @parthmalhotra,@pdresearch
- http/credential-stuffing/cloud/chefio-login-check.yaml by @parthmalhotra,@pdresearch
- http/credential-stuffing/cloud/codepen-login-check.yaml by @parthmalhotra,@pdresearch
- http/credential-stuffing/cloud/datadog-login-check.yaml by @parthmalhotra,@pdresearch
- http/credential-stuffing/cloud/docker-hub-login-check.yaml by @parthmalhotra,@pdresearch
- http/credential-stuffing/cloud/gitea-login-check.yaml by @parthmalhotra,@pdresearch
- http/credential-stuffing/cloud/github-login-check.yaml by @parthmalhotra,@pdresearch
- http/credential-stuffing/cloud/postman-login-check.yaml by @parthmalhotra,@pdresearch
- http/credential-stuffing/cloud/pulmi-login-check.yaml by @parthmalhotra,@pdresearch
- http/credential-stuffing/self-hosted/gitlab-login-check-self-hosted.yaml by @parthmalhotra,@pdresearch
- http/credential-stuffing/self-hosted/grafana-login-check.yaml by @parthmalhotra,@pdresearch
- http/credential-stuffing/self-hosted/jira-login-check.yaml by @parthmalhotra,@pdresearch
New Contributors
Full Changelog: v9.5.1...v9.5.2
Contributors
Ameston, parthmalhotra, and 3 other contributors
Assets 2
v9.5.1
🔥 Highlights of this release:
✅ [CVE-2023-32243] WordPress Elementor Lite 5.7.1 - Arbitrary Password Reset (@dhiyaneshdk) [critical]
✅ [CVE-2023-29923] PowerJob <=4.3.2 - Unauthenticated Access (@For3stCo1d) [medium]
✅ [CVE-2023-25717] Ruckus Wireless Admin - Remote Code Execution (@parthmalhotra,@pdresearch) [critical]
✅ [CVE-2023-2825] GitLab 16.0.0 - Path Traversal (@dhiyaneshdk,@rootxharsh,@iamnoooob,@pdresearch) [critical]
✅ [CVE-2023-2732] MStore API <= 3.9.2 - Authentication Bypass (@dhiyaneshdk) [critical]
✅ [CVE-2021-39165] Cachet <=2.3.18 - SQL Injection (@tess) [high]
✅ [CVE-2020-29583] ZyXel USG - Hardcoded Credentials (@canberbamber) [critical]
✅ [CVE-2020-1956] Apache Kylin 3.0.1 - Command Injection (@iamnoooob,@rootxharsh,@pdresearch) [high]
✅ [CVE-2016-3510] Oracle WebLogic Server - Remote Code Execution (@iamnoooob,@rootxharsh,@pdresearch) [critical]
What's Changed
New Templates Added: 56
New CVEs Added: 23
- http/cves/2023/CVE-2023-32243.yaml by @dhiyaneshdk 🔥
- http/cves/2023/CVE-2023-29923.yaml by @For3stCo1d 🔥
- http/cves/2023/CVE-2023-29919.yaml by @For3stCo1d
- http/cves/2023/CVE-2023-29887.yaml by @ctflearner
- http/cves/2023/CVE-2023-27482.yaml by @dhiyaneshdk
- http/cves/2023/CVE-2023-25717.yaml by @parthmalhotra,@pdresearch 🔥
- http/cves/2023/CVE-2023-2825.yaml by @dhiyaneshdk,@rootxharsh,@iamnoooob,@pdresearch 🔥
- http/cves/2023/CVE-2023-2780.yaml by @iamnoooob,@pdresearch
- http/cves/2023/CVE-2023-2732.yaml by @dhiyaneshdk 🔥
- http/cves/2023/CVE-2023-2356.yaml by @Co5mos
- http/cves/2023/CVE-2023-1434.yaml by @dhiyaneshdk
- http/cves/2022/CVE-2022-22733.yaml by @zeyad Azima
- http/cves/2022/CVE-2022-2733.yaml by @ctflearner
- http/cves/2021/CVE-2021-39165.yaml by @tess 🔥
- http/cves/2021/CVE-2021-37305.yaml by @ritikchaddha
- http/cves/2021/CVE-2021-37304.yaml by @ritikchaddha
- http/cves/2021/CVE-2021-24435.yaml by @xcapri,@ritikchaddha
- http/cves/2020/CVE-2020-29583.yaml by @canberbamber 🔥
- http/cves/2020/CVE-2020-1956.yaml by @iamnoooob,@rootxharsh,@pdresearch 🔥
- http/cves/2016/CVE-2016-4437.yaml by @iamnoooob,@rootxharsh,@pdresearch
- network/cves/2020/CVE-2020-11981.yaml by @pussycat0x
- network/cves/2017/CVE-2017-5645.yaml by @princechaddha
- network/cves/2016/CVE-2016-3510.yaml by @iamnoooob,@rootxharsh,@pdresearch 🔥
- http/cnvd/2023/CNVD-2023-12632.yaml by @daffainfo
- http/vulnerabilities/avtech/avtech-auth-bypass.yaml by @ritikchaddha
- http/vulnerabilities/avtech/avtech-dvr-ssrf.yaml by @ritikchaddha
- http/vulnerabilities/avtech/avtech-unauth-file-download.yaml by @ritikchaddha
- http/vulnerabilities/avtech/avtech-verification-bypass.yaml by @ritikchaddha
- http/vulnerabilities/weaver/ecology/ecology-mysql-config.yaml by @ritikchaddha
- http/vulnerabilities/zyxel/unauth-ztp-ping.yaml by @DMartyn
- http/misconfiguration/aem/aem-secrets.yaml by @boobooHQ,@j3ssie
- http/misconfiguration/ibm-websphere-xml.yaml by @r3nz0
- http/misconfiguration/sitecore-lfi.yaml by @dhiyaneshdk
- http/misconfiguration/teslamate-unauth-access.yaml by @For3stCo1d
- http/exposures/apis/jeecg-boot-swagger.yaml by @ritikchaddha
- http/exposures/configs/blazor-boot.yaml by @freakyclown
- http/exposures/configs/config-properties.yaml by @j4vaovo,@dhiyaneshdk
- http/exposures/tokens/azure/azure-connection.yaml by @dhiyaneshdk
- http/exposures/tokens/digitalocean/digital-ocean-personal-token.yaml by @dhiyaneshdk
- http/exposures/tokens/digitalocean/digitalocean-app-token.yaml by @dhiyaneshdk
- http/exposures/tokens/digitalocean/digitalocean-refresh.yaml by @dhiyaneshdk
- http/exposures/tokens/figma/figma-personal-token.yaml by @dhiyaneshdk
- http/exposed-panels/axway-api-manager-panel.yaml by @johnk3r
- http/exposed-panels/fortinet/fortinet-fortiddos-panel.yaml by @johnk3r
- http/exposed-panels/interactsoftware-interact.yaml by @righettod
- http/exposed-panels/isams-panel.yaml by @righettod
- http/exposed-panels/odoo-panel.yaml by @dhiyaneshdk
- http/exposed-panels/repetier-server-panel.yaml by @ritikchaddha
- http/exposed-panels/sauter-moduwebvision-panel.yaml by @righettod
- http/exposed-panels/shardingsphere-panel.yaml by @dhiyaneshdk
- ssl/insecure-cipher-suite-detect.yaml by @pussycat0x
- file/keys/azure/azure-connection-string.yaml by @dhiyaneshdk
- file/keys/digitalocean/digitalocean-access-token.yaml by @dhiyaneshdk
- file/keys/digitalocean/digitalocean-personal-access.yaml by @dhiyaneshdk
- file/keys/digitalocean/digitalocean-refresh-token.yaml by @dhiyaneshdk
- file/keys/figma-access-token.yaml by @dhiyaneshdk
New Contributors
- @ricardojba made their first contribution in #7221
- @PR05A1C made their first contribution in #7250
- @Zeyad-Azima made their first contribution in #7212
- @MillerMedia made their first contribution in #7264
- @waltersagehorn-praetorian made their first contribution in #7282
- @jub0bs made their first contribution in #7266
- @dm-ct made their first contribution in #7174
- @xcapri made their first contribution in #5615
- @mastercho made their first contribution in #7124
- @ruben-condor made their first contribution in #7304
Full Changelog: v9.5.0...v9.5.1
Contributors
freakyclown, zeyad, and 27 other contributors
Assets 2
Nuclei Templates v9.5.0 (breaking changes)
Release Highlight:
- Nuclei Templates Refactoring: organized and categorized directory structure for improved management of nuclei templates.
- Enhanced CVE Templates: more comprehensive vulnerability analysis with added information like CPE and EPSS Score.
- Template Metadata: auto-generated
max-requestcounter to each template, allowing easy filtering and visibility of maximum request. - Log4j Templates Update: updated templates addressing potential false positives related to Log4j.
- KEV & Trending CVEs: a curated selection of noteworthy Known Exploited Vulnerabilities (KEV) and Trending CVEs, highlighted with 🔥.
See nuclei-templates v9.5.0, projectdiscovery/nuclei#3648, https://blog.projectdiscovery.io/nuclei-template-v9-5-0-update/ for more details.
New Templates Added : 61
- http/cves/2023/CVE-2023-32235.yaml by @j3ssie 🔥
- http/cves/2023/CVE-2023-31059.yaml by @parthmalhotra,@pdresearch
- http/cves/2023/CVE-2023-30212.yaml by @theamanrawat
- http/cves/2023/CVE-2023-30210.yaml by @theamanrawat
- http/cves/2023/CVE-2023-29922.yaml by @Co5mos
- http/cves/2023/CVE-2023-29489.yaml by @dhiyaneshdk
- http/cves/2023/CVE-2023-27524.yaml by @dhiyaneshdk,@0xf4n9x
- http/cves/2023/CVE-2023-27350.yaml by @rootxharsh,@iamnoooob,@pdresearch 🔥
- http/cves/2023/CVE-2023-26360.yaml by @dhiyaneshdk 🔥
- http/cves/2023/CVE-2023-25135.yaml by @iamnoooob,@rootxharsh,@pdresearch 🔥
- http/cves/2023/CVE-2023-20864.yaml by @rootxharsh,@iamnoooob,@pdresearch 🔥
- http/cves/2023/CVE-2023-1671.yaml by @Co5mos 🔥
- http/cves/2023/CVE-2023-1020.yaml by @theamanrawat
- http/cves/2022/CVE-2022-46020.yaml by @theamanrawat
- http/cves/2022/CVE-2022-45038.yaml by @theamanrawat
- http/cves/2022/CVE-2022-45037.yaml by @theamanrawat
- http/cves/2022/CVE-2022-4328.yaml by @theamanrawat
- http/cves/2022/CVE-2022-42096.yaml by @theamanrawat
- http/cves/2022/CVE-2022-42095.yaml by @theamanrawat
- http/cves/2022/CVE-2022-3980.yaml by dabla
- http/cves/2022/CVE-2022-27985.yaml by @theamanrawat
- http/cves/2022/CVE-2022-27984.yaml by @theamanrawat
- http/cves/2022/CVE-2022-24716.yaml by @dhiyaneshdk 🔥
- http/cves/2022/CVE-2022-24266.yaml by @theamanrawat
- http/cves/2022/CVE-2022-24265.yaml by @theamanrawat
- http/cves/2022/CVE-2022-24264.yaml by @theamanrawat
- http/cves/2021/CVE-2021-44228.yaml by @melbadry9
- http/cves/2021/CVE-2021-30175.yaml by @edoardottt
- http/cves/2021/CVE-2021-27320.yaml by @theamanrawat
- http/cves/2021/CVE-2021-27319.yaml by @theamanrawat
- http/cves/2021/CVE-2021-27316.yaml by @theamanrawat
- http/cves/2021/CVE-2021-27315.yaml by @theamanrawat
- http/cves/2021/CVE-2021-27314.yaml by @theamanrawat
- http/cves/2020/CVE-2020-27481.yaml by @edoardottt
- http/cves/2019/CVE-2019-3398.yaml by @rootxharsh,@iamnoooob,@pdresearch
- http/cves/2017/CVE-2017-17731.yaml by @j4vaovo
- http/vulnerabilities/apache/apache-druid-kafka-connect-rce.yaml by @j4vaovo
- http/vulnerabilities/generic/generic-env.yaml by @kazet
- http/vulnerabilities/wordpress/advanced-booking-calendar-sqli.yaml by @theamanrawat
- http/vulnerabilities/wordpress/wp-autosuggest-sql-injection.yaml by @theamanrawat
- http/vulnerabilities/wordpress/wpml-xss.yaml by @bugvsme
- http/misconfiguration/apache/apache-zeppelin-unauth.yaml by @j4vaovo
- http/default-logins/powerjob-default-login.yaml by @j4vaovo
- http/default-logins/umami/umami-default-login.yaml by @barthy.koeln
- http/exposures/configs/platformio-ini.yaml by @dhiyaneshdk
- http/exposures/logs/nginx-shards.yaml by @dhiyaneshdk
- http/exposures/tokens/postman/postman-key.yaml by @dhiyaneshdk
- http/exposed-panels/eclipse-birt-panel.yaml by Shiva (Strobes Security)
- http/exposed-panels/jedox-web-panel.yaml by Team Syslifters
- http/exposed-panels/oracle-opera-login.yaml by @dhiyaneshdk
- http/exposed-panels/papercut-ng-panel.yaml by @ritikchaddha
- http/exposed-panels/proxmox-panel.yaml by @lum8rjack
- http/exposed-panels/red-lion-panel.yaml by @ritikchaddha
- http/exposed-panels/sophos-web-appliance.yaml by @dhiyaneshdk
- network/enumeration/smtp-commands-enum.yaml by @pussycat0x
- network/enumeration/smtp/smtp-user-enum.yaml by @pussycat0x
- http/fuzzing/ssrf-via-proxy.yaml by @geeknik,@petergrifin
- http/fuzzing/waf-fuzz.yaml by @dwisiswant0,@lu4nx,@Myst7ic
- http/osint/mail-archive.yaml by @lu4nx
- http/technologies/wordpress/plugins/gdpr-cookie-compliance.yaml by @ricardomaia
- file/keys/postman-api-key.yaml by @dhiyaneshdk
- headless/technologies/sap-spartacus.yaml by @TechbrunchFR
New Contributors
- @lum8rjack made their first contribution in #7110
- @barthy-koeln made their first contribution in #7164
- @mlec1 made their first contribution in #6967
- @ViCrack made their first contribution in #7182
- @j3ssie made their first contribution in #7188
- @chucklesb made their first contribution in #7195
- @david-bla made their first contribution in #7203
- @avisscr made their first contribution in #7172
Full Changelog: v9.4.3...v9.4.4
Contributors
geeknik, kazet, and 23 other contributors
Assets 2
v9.4.3
What's Changed
New Templates Added: 55
- cves/2023/CVE-2023-29084.yaml by @rootxharsh,@iamnoooob,@pdresearch 🔥
- cves/2023/CVE-2023-27179.yaml by @theamanrawat
- cves/2023/CVE-2023-27159.yaml by @dhiyaneshdk
- cves/2023/CVE-2023-27008.yaml by @r3Y3r53
- cves/2023/CVE-2023-22897.yaml by @dhiyaneshdk 🔥
- cves/2023/CVE-2023-22620.yaml by @dhiyaneshdk 🔥
- cves/2023/CVE-2023-0099.yaml by @r3Y3r53
- cves/2022/CVE-2022-42094.yaml by @theamanrawat
- cves/2022/CVE-2022-41441.yaml by @r3Y3r53
- cves/2022/CVE-2022-38467.yaml by @r3Y3r53
- cves/2022/CVE-2022-38296.yaml by @theamanrawat
- cves/2022/CVE-2022-38295.yaml by @theamanrawat
- cves/2022/CVE-2022-37191.yaml by @theamanrawat
- cves/2022/CVE-2022-37190.yaml by @theamanrawat
- cves/2022/CVE-2022-28032.yaml by @theamanrawat
- cves/2022/CVE-2022-27926.yaml by @rootxharsh,@iamnoooob,@pdresearch 🔥
- cves/2022/CVE-2022-25497.yaml by @theamanrawat
- cves/2022/CVE-2022-25489.yaml by @theamanrawat
- cves/2022/CVE-2022-25488.yaml by @theamanrawat
- cves/2022/CVE-2022-25487.yaml by @theamanrawat 🔥
- cves/2022/CVE-2022-25486.yaml by @theamanrawat
- cves/2022/CVE-2022-25485.yaml by @theamanrawat
- cves/2022/CVE-2022-24223.yaml by @theamanrawat
- cves/2022/CVE-2022-4321.yaml by @r3Y3r53
- cves/2022/CVE-2022-3062.yaml by @r3Y3r53
- cves/2022/CVE-2022-2219.yaml by @r3Y3r53
- cves/2022/CVE-2022-1903.yaml by @theamanrawat
- cves/2022/CVE-2022-0864.yaml by @dhiyaneshdk
- cves/2022/CVE-2022-0846.yaml by @theamanrawat
- cves/2022/CVE-2022-0773.yaml by @theamanrawat
- cves/2022/CVE-2022-0769.yaml by @theamanrawat
- cves/2022/CVE-2022-0747.yaml by @theamanrawat
- cves/2021/CVE-2021-35250.yaml by @johnk3r,@pdteam 🔥
- cves/2021/CVE-2021-25078.yaml by @r3Y3r53
- cves/2020/CVE-2020-10199.yaml by @rootxharsh,@iamnoooob,@pdresearch 🔥
- cves/2017/CVE-2017-16894.yaml by @j4vaovo
- vulnerabilities/generic/cache-poisoning-xss.yaml by @melbadry9,@xElkomy,@akincibor
- vulnerabilities/huawei/huawei-firewall-lfi.yaml by @taielab
- vulnerabilities/others/universal-media-xss.yaml by @r3Y3r53
- vulnerabilities/wordpress/ldap-wp-login-xss.yaml by @r3Y3r53
- default-logins/trassir/trassir-default-login.yaml by @gtrrnr,@metascan
- exposures/logs/yii-error-page.yaml by @dhiyaneshdk
- misconfiguration/apollo-adminservice-unauth.yaml by @j4vaovo
- misconfiguration/default-spx-key.yaml by @vagnerd
- misconfiguration/sql-server-report-viewer.yaml by @kazet
- misconfiguration/thinkphp-errors.yaml by @j4vaovo
- exposed-panels/appwrite-panel.yaml by @ritikchaddha
- exposed-panels/aspect-control-panel.yaml by @JustaAcat
- network/detection/msmq-detect.yaml by @bhutch
- network/enumeration/beanstalk-service.yaml by @pussycat0x
- osint/hashnode.yaml by @cheesymoon
- osint/imgbb.yaml by @cheesymoon
- osint/rubygems.yaml by @cheesymoon
- technologies/default-apache-shiro.yaml by @dhiyaneshdk
- technologies/switch-protocol.yaml by @pdteam
New Contributors
- @gtrrnr made their first contribution in #7023
- @kimcy7316 made their first contribution in #5316
- @bhutch made their first contribution in #7091
- @dogancanbakir made their first contribution in #7060
Full Changelog: v9.4.2...v9.4.3
Contributors
kazet, bhutch, and 19 other contributors
Assets 2
v9.4.2
What's Changed
New Templates Added: 78
- cves/2023/CVE-2023-24737.yaml by @r3Y3r53
- cves/2023/CVE-2023-24735.yaml by @r3Y3r53
- cves/2023/CVE-2023-24733.yaml by @r3Y3r53
- cves/2023/CVE-2023-24657.yaml by @r3Y3r53
- cves/2023/CVE-2023-24367.yaml by @r3Y3r53
- cves/2023/CVE-2023-24278.yaml by @r3Y3r53
- cves/2023/CVE-2023-1177.yaml by @iamnoooob,@pdresearch
- cves/2023/CVE-2023-1080.yaml by @r3Y3r53
- cves/2023/CVE-2023-0968.yaml by @r3Y3r53
- cves/2023/CVE-2023-0942.yaml by @r3Y3r53
- cves/2023/CVE-2023-0552.yaml by @r3Y3r53
- cves/2022/CVE-2022-48012.yaml by @r3Y3r53
- cves/2022/CVE-2022-46934.yaml by @r3Y3r53
- cves/2022/CVE-2022-45835.yaml by @theamanrawat
- cves/2022/CVE-2022-43769.yaml by @dwbzn
- cves/2022/CVE-2022-43140.yaml by @Co5mos
- cves/2022/CVE-2022-25125.yaml by @Co5mos
- cves/2022/CVE-2022-23898.yaml by @Co5mos
- cves/2022/CVE-2022-21661.yaml by @marcio Mendes
- cves/2022/CVE-2022-4140.yaml by @theamanrawat
- cves/2022/CVE-2022-3982.yaml by @theamanrawat
- cves/2022/CVE-2022-2756.yaml by @theamanrawat
- cves/2022/CVE-2022-2627.yaml by @ramondunker
- cves/2022/CVE-2022-2462.yaml by @dwisiswant0
- cves/2022/CVE-2022-1058.yaml by @theamanrawat
- cves/2022/CVE-2022-0827.yaml by @theamanrawat
- cves/2022/CVE-2022-0212.yaml by @theamanrawat
- cves/2021/CVE-2021-39152.yaml by @pwnhxl
- cves/2021/CVE-2021-39146.yaml by @pwnhxl
- cves/2021/CVE-2021-39144.yaml by @pwnhxl
- cves/2021/CVE-2021-39141.yaml by @pwnhxl
- cves/2021/CVE-2021-29505.yaml by @pwnhxl
- cves/2021/CVE-2021-24666.yaml by @theamanrawat
- cves/2021/CVE-2021-24351.yaml by @MAXIMUS Decimus
- cves/2021/CVE-2021-24239.yaml by @r3Y3r53
- cves/2021/CVE-2021-22502.yaml by @pikpikcu
- cves/2021/CVE-2021-21351.yaml by @pwnhxl
- cves/2021/CVE-2021-21345.yaml by @pwnhxl
- cves/2020/CVE-2020-26258.yaml by @pwnhxl
- cves/2020/CVE-2020-26217.yaml by @pwnhxl
- cves/2020/CVE-2020-13379.yaml by Joshua Rogers
- cves/2019/CVE-2019-15043.yaml by Joshua Rogers
- cves/2019/CVE-2019-12990.yaml by @gy741
- cves/2019/CVE-2019-12988.yaml by @gy741
- cves/2019/CVE-2019-12987.yaml by @gy741
- cves/2019/CVE-2019-12986.yaml by @gy741
- cves/2019/CVE-2019-12985.yaml by @gy741
- cves/2017/CVE-2017-9416.yaml by @Co5mos
- cves/2015/CVE-2015-2196.yaml by @theamanrawat
- cves/2014/CVE-2014-6287.yaml by @j4vaovo
- cves/2013/CVE-2013-7285.yaml by @pwnhxl
- cnvd/2020/CNVD-2020-26585.yaml by @pikpikcu,@Co5mos
- vulnerabilities/cisco/cisco-cloudcenter-suite-rce.yaml by @pwnhxl
- vulnerabilities/other/pmb-xss.yaml by @r3Y3r53
- vulnerabilities/wordpress/watu-xss.yaml by @r3Y3r53
- misconfiguration/cluster-panel.yaml by @tess
- misconfiguration/jupyter-lab-unauth.yaml by @j4vaovo
- misconfiguration/kubernetes/unauth-etcd-server.yaml by sharath,@pussycat0x
- misconfiguration/laravel-horizon-unauth.yaml by @vagnerd
- misconfiguration/mlflow-unauth.yaml by @pussycat0x
- default-logins/adminer-default-login.yaml by @j4vaovo
- exposed-panels/arcgis/arcgis-services.yaml by @HeeresS
- exposed-panels/arcgis/arcgis-tokens.yaml by @HeeresS
- exposed-panels/fortinet/fortinet-fortimanager-panel.yaml by @johnk3r
- exposed-panels/hestia-panel.yaml by @JustaAcat
- exposed-panels/i-mscp-panel.yaml by @JustaAcat
- exposed-panels/seagate-nas-login.yaml by @JustaAcat
- exposed-panels/sonic-wall-login.yaml by @JustaAcat
- exposed-panels/web-viewer-panel.yaml by @JustaAcat
- exposures/logs/opentsdb-status.yaml by @pussycat0x
- network/enumeration/kafka-topics-list.yaml by @pussycat0x
- ssl/kubernetes-fake-certificate.yaml by @kchason
- file/keys/github/github-outdated-key.yaml by @naglis
- technologies/cvsweb-detect.yaml by @lu4nx
- technologies/kubernetes/etcd/etcd-version.yaml by @pussycat0x
- technologies/openai-plugin.yaml by pdteam
- technologies/sitecore-cms.yaml by RandomDhiraj
- technologies/wordpress/plugins/host-webfonts-local.yaml by @ricardomaia
New Contributors
- @Co5mos made their first contribution in #6964
- @naglis made their first contribution in #6954
- @Marcio861 made their first contribution in #6952
- @j4vaovo made their first contribution in #6949
- @kchason made their first contribution in #6958
- @RootUp made their first contribution in #6953
- @Wade618 made their first contribution in #6960
- @JustaAcat made their first contribution in #6987
- @HeeresS made their first contribution in #6986
- @ramondunker made their first contribution in #6107
- @dwbzn made their first contribution in #7028
Full Changelog: v9.4.1...v9.4.2
Contributors
marcio, naglis, and 23 other contributors
Assets 2
v9.4.1
What's Changed
New Templates Added : 69
- cves/2023/CVE-2023-28432.yaml by @Mr-xn 🔥
- cves/2023/CVE-2023-28343.yaml by @pikpikcu 🔥
- cves/2023/CVE-2023-27587.yaml by @vagnerd
- cves/2023/CVE-2023-27292.yaml by @r3Y3r53
- cves/2023/CVE-2023-0261.yaml by @theamanrawat
- cves/2023/CVE-2023-0236.yaml by @r3Y3r53
- cves/2022/CVE-2022-31854.yaml by @theamanrawat
- cves/2022/CVE-2022-26833.yaml by @true13
- cves/2022/CVE-2022-4325.yaml by @r3Y3r53
- cves/2022/CVE-2022-4320.yaml by @r3Y3r53
- cves/2022/CVE-2022-4117.yaml by @theamanrawat
- cves/2022/CVE-2022-3933.yaml by @r3Y3r53
- cves/2022/CVE-2022-3908.yaml by @theamanrawat
- cves/2022/CVE-2022-3800.yaml by @JC175
- cves/2022/CVE-2022-1398.yaml by @theamanrawat
- cves/2022/CVE-2022-1329.yaml by @theamanrawat 🔥
- cves/2022/CVE-2022-0415.yaml by @theamanrawat
- cves/2022/CVE-2022-0206.yaml by @r3Y3r53
- cves/2021/CVE-2021-28419.yaml by @theamanrawat
- cves/2021/CVE-2021-24970.yaml by @r3Y3r53
- cves/2021/CVE-2021-24862.yaml by @theamanrawat
- cves/2021/CVE-2021-24452.yaml by @theamanrawat
- cves/2021/CVE-2021-24436.yaml by @theamanrawat
- cves/2020/CVE-2020-11530.yaml by @theamanrawat
- cves/2020/CVE-2020-14144.yaml by @theamanrawat
- cves/2020/CVE-2020-15867.yaml by @theamanrawat
- cves/2020/CVE-2020-7107.yaml by @theamanrawat
- vulnerabilities/gitea/gitea-rce.yaml by @theamanrawat
- vulnerabilities/splash/splash-render-ssrf.yaml by @pwnhxl
- exposed-panels/c2/cobalt-strike-c2.yaml by @pussycat0x
- misconfiguration/httponly-cookie-detect.yaml by Mr. Bobo HP
- misconfiguration/installer/gogs-installer.yaml by @dhiyaneshdk
- misconfiguration/nacos-authentication-bypass.yaml by @Esonhugh
- misconfiguration/unauth-apache-kafka-ui.yaml by @theamanrawat
- token-spray/api-networksdb.yaml by @0xpugazh
- ssl/untrusted-root-certificate.yaml by @pussycat0x
- file/audit/pfsense/configure-dns-server.yaml by @pussycat0x
- file/audit/pfsense/configure-session-timeout.yaml by @pussycat0x
- file/audit/pfsense/enable-https-protocol.yaml by @pussycat0x
- file/audit/pfsense/password-protected-consolemenu.yaml by @pussycat0x
- file/keys/adobe-secret.yaml by @dhiyaneshdk
- file/keys/age/age-identity-secret-key.yaml by @dhiyaneshdk
- file/keys/age/age-recipient-public-key.yaml by @dhiyaneshdk
- file/keys/amazon/amazon-account-id.yaml by @dhiyaneshdk
- file/keys/amazon/amazon-session-token.yaml by @dhiyaneshdk
- file/keys/code-climate-token.yaml by @dhiyaneshdk
- file/keys/cratesio-api-key.yaml by @dhiyaneshdk
- file/keys/facebook/fb-access-token.yaml by @dhiyaneshdk
- file/keys/gitlab/gitlab-personal-accesstoken.yaml by @dhiyaneshdk
- file/keys/gitlab/gitlab-pipeline-triggertoken.yaml by @dhiyaneshdk
- file/keys/gitlab/gitlab-runner-regtoken.yaml by @dhiyaneshdk
- file/keys/google/google-clientid.yaml by @dhiyaneshdk
- file/keys/google/google-oauth-clientsecret.yaml by @dhiyaneshdk
- file/keys/heroku-key.yaml by @dhiyaneshdk
- file/keys/jenkins-token.yaml by @dhiyaneshdk
- file/keys/newrelic/newrelic-pixie-apikey.yaml by @dhiyaneshdk
- file/keys/newrelic/newrelic-pixie-deploykey.yaml by @dhiyaneshdk
- file/keys/npm-accesstoken.yaml by @dhiyaneshdk
- file/keys/nuget-key.yaml by @dhiyaneshdk
- file/keys/openai-key.yaml by @dhiyaneshdk
- file/keys/pypi-token.yaml by @dhiyaneshdk
- file/keys/rubygems-key.yaml by @dhiyaneshdk
- file/keys/sauce-access-token.yaml by @dhiyaneshdk
- file/keys/segment-public-api.yaml by @dhiyaneshdk
- file/keys/shopify-public-access.yaml by @dhiyaneshdk
- file/keys/telegram-token.yaml by @dhiyaneshdk
- technologies/icecast-mediaserver-detect.yaml by @pussycat0x
- technologies/splash-rendering-service.yaml by @pussycat0x
- technologies/thinkphp-detect.yaml by @pwnhxl
New Contributors
- @vagnerd made their first contribution in #6903
- @Esonhugh made their first contribution in #6912
- @kazet made their first contribution in #6931
- @JC175 made their first contribution in #6772
- @ThePirateWhoSmellsOfSunflowers made their first contribution in #6939
- @sl4x0 made their first contribution in #6943
- @MrHarshvardhan made their first contribution in #6756
Full Changelog: v9.4.0...v9.4.1
Contributors
kazet, vagnerd, and 12 other contributors
Assets 2
v9.4.0
What's Changed
- Fixed cves/2022/CVE-2022-45362.yaml by @Bisstocuz
New Templates Added: 65
- cves/2023/CVE-2023-26255.yaml by @dhiyaneshdk
- cves/2023/CVE-2023-26256.yaml by @pikpikcu
- cves/2022/CVE-2022-47002.yaml by @iamnoooob,@rootxharsh,@pdresearch
- cves/2022/CVE-2022-47003.yaml by @iamnoooob,@rootxharsh,@pdresearch
- cves/2019/CVE-2019-6799.yaml by @pwnhxl
- cves/2017/CVE-2017-14524.yaml by @0x_Akoko
- cves/2015/CVE-2015-2863.yaml by @0x_Akoko
- vulnerabilities/other/brightsign-dsdws-ssrf.yaml by @0x_Akoko
- vulnerabilities/php/php-xdebug-rce.yaml by @pwnhxl
- vulnerabilities/phpmyadmin-unauth.yaml by @pwnhxl
- vulnerabilities/ueditor/ueditor-ssrf.yaml by @pwnhxl
- vulnerabilities/ueditor/ueditor-xss.yaml by @pwnhxl
- misconfiguration/apache/apache-nifi-unauth.yaml by @pwnhxl
- misconfiguration/everything-listing.yaml by @pussycat0x
- misconfiguration/installer/magnolia-installer.yaml by @pussycat0x
- misconfiguration/laravel-debug-infoleak.yaml by @pwnhxl
- default-logins/magnolia-default-login.yaml by @pussycat0x
- exposed-panels/magnolia-panel.yaml by @pussycat0x
- exposed-panels/veriz0wn-osint.yaml by @pussycat0x
- exposures/files/reactapp-env-js.yaml by @random-robbie
- exposures/tokens/adobe/adobe-oauth-secret.yaml by @dhiyaneshdk
- exposures/tokens/age/age-public-key.yaml by @dhiyaneshdk
- exposures/tokens/age/age-secret-key.yaml by @dhiyaneshdk
- exposures/tokens/amazon/aws-account-id.yaml by @dhiyaneshdk
- exposures/tokens/amazon/aws-api-key.yaml by @dhiyaneshdk
- exposures/tokens/amazon/aws-session-token.yaml by @dhiyaneshdk
- exposures/tokens/codeclimate/codeclimate-token.yaml by @dhiyaneshdk
- exposures/tokens/crates/crates-api-key.yaml by @dhiyaneshdk
- exposures/tokens/dynatrace/dynatrace-api-token.yaml by @dhiyaneshdk
- exposures/tokens/facebook/facebook-access-token.yaml by @dhiyaneshdk
- exposures/tokens/github/github-app.yaml by @dhiyaneshdk
- exposures/tokens/github/github-oauth-access.yaml by @dhiyaneshdk
- exposures/tokens/github/github-personal-access.yaml by @dhiyaneshdk
- exposures/tokens/github/github-refresh.yaml by @dhiyaneshdk
- exposures/tokens/gitlab/gitlab-personal-token.yaml by @dhiyaneshdk
- exposures/tokens/gitlab/gitlab-pipeline-token.yaml by @dhiyaneshdk
- exposures/tokens/gitlab/gitlab-runner-token.yaml by @dhiyaneshdk
- exposures/tokens/google/google-client-id.yaml by @dhiyaneshdk
- exposures/tokens/google/google-oauth-prefixed.yaml by @dhiyaneshdk
- exposures/tokens/heroku/heroku-api-key.yaml by @dhiyaneshdk
- exposures/tokens/jenkins/jenkins-crumb-token.yaml by @dhiyaneshdk
- exposures/tokens/mailgun/mailgun-api-token.yaml by @dhiyaneshdk
- exposures/tokens/newrelic/newrelic-pixie-api-key.yaml by @dhiyaneshdk
- exposures/tokens/newrelic/newrelic-pixie-deploy-key.yaml by @dhiyaneshdk
- exposures/tokens/npm/npm-access-token.yaml by @dhiyaneshdk
- exposures/tokens/nuget/nuget-api-key.yaml by @dhiyaneshdk
- exposures/tokens/openai/openai-api-key.yaml by @dhiyaneshdk
- exposures/tokens/pypi/pypi-upload-token.yaml by @dhiyaneshdk
- exposures/tokens/ruby/rubygems-api-key.yaml by @dhiyaneshdk
- exposures/tokens/sauce/sauce-token.yaml by @dhiyaneshdk
- exposures/tokens/segment/segment-public-token.yaml by @dhiyaneshdk
- exposures/tokens/shopify/shopify-app-secret.yaml by @dhiyaneshdk
- exposures/tokens/shopify/shopify-customapp-token.yaml by @dhiyaneshdk
- exposures/tokens/shopify/shopify-legacy-token.yaml by @dhiyaneshdk
- exposures/tokens/shopify/shopify-public-token.yaml by @dhiyaneshdk
- exposures/tokens/square/square-access.yaml by @dhiyaneshdk
- exposures/tokens/square/square-oauth-secret-token.yaml by @dhiyaneshdk
- exposures/tokens/stackhawk/stackhawk-api.yaml by @dhiyaneshdk
- exposures/tokens/telegram/telegram-bot-token.yaml by @dhiyaneshdk
- exposures/tokens/twilio/twilio-api-key.yaml by @dhiyaneshdk
- technologies/nacos-version.yaml by @arm!tage
- osint/couchsurfing.yaml by @philippedelteil
- ssl/revoked-ssl-certificate.yaml by @pussycat0x
- file/js/js-analyse.yaml by @ayadim
- file/audit/pfsense/set-hostname.yaml by @pussycat0x
New Contributors
- @ayadim made their first contribution in #6868
- @Bisstocuz made their first contribution in #6914
Full Changelog: v9.3.9...v9.4.0
Contributors
random-robbie, a-zz-rm, and 7 other contributors
Assets 2
v9.3.9
What's Changed
New Templates Added : 61
- cves/2023/CVE-2023-23492.yaml by @r3Y3r53
- cves/2022/CVE-2022-0693.yaml by @theamanrawat
- cves/2022/CVE-2022-0760.yaml by @theamanrawat
- cves/2022/CVE-2022-0949.yaml by @theamanrawat
- cves/2022/CVE-2022-1013.yaml by @theamanrawat
- cves/2022/CVE-2022-3934.yaml by @r3Y3r53
- cves/2022/CVE-2022-4060.yaml by @theamanrawat
- cves/2022/CVE-2022-4063.yaml by @theamanrawat
- cves/2022/CVE-2022-4301.yaml by @r3Y3r53
- cves/2022/CVE-2022-4306.yaml by @r3Y3r53
- cves/2022/CVE-2022-45805.yaml by @theamanrawat
- cves/2022/CVE-2022-46888.yaml by @r3Y3r53
- cves/2022/CVE-2022-48165.yaml by @For3stCo1d
- cves/2022/CVE-2022-4897.yaml by @r3Y3r53
- cves/2021/CVE-2021-24145.yaml by @theamanrawat
- cves/2021/CVE-2021-24155.yaml by @theamanrawat
- cves/2021/CVE-2021-24169.yaml by @r3Y3r53
- cves/2021/CVE-2021-24287.yaml by @r3Y3r53
- cves/2021/CVE-2021-24347.yaml by @theamanrawat
- cves/2021/CVE-2021-24554.yaml by @theamanrawat
- cves/2021/CVE-2021-24875.yaml by @r3Y3r53
- cves/2021/CVE-2021-24931.yaml by @theamanrawat
- cves/2021/CVE-2021-25067.yaml by @theamanrawat
- cves/2021/CVE-2021-27520.yaml by @r3Y3r53
- cves/2019/CVE-2019-5434.yaml by @omarjezi
- cves/2018/CVE-2018-16159.yaml by @theamanrawat
- cves/2017/CVE-2017-14622.yaml by @r3Y3r53
- cves/2015/CVE-2015-2755.yaml by @r3Y3r53
- cves/2015/CVE-2015-4062.yaml by @r3Y3r53
- cves/2015/CVE-2015-4063.yaml by @r3Y3r53
- cves/2015/CVE-2015-9312.yaml by @r3Y3r53
- network/cves/2011/CVE-2011-2523.yaml by @pussycat0x
- vulnerabilities/cisco/cisco-cloudcenter-suite-rce.yaml by pwnhxl
- vulnerabilities/discuz-downremoteimg-ssrf.yaml by pwnhxl
- vulnerabilities/skywalking/skywalking-log4j-rce.yaml by pwnhxl
- vulnerabilities/wordpress/3d-print-lite-xss.yaml by @r3Y3r53
- vulnerabilities/wordpress/wp-touch-redirect.yaml by @r3Y3r53
- misconfiguration/kubernetes/kube-state-metrics.yaml by @ja1sh
- exposed-panels/axway-securetransport-panel.yaml by @righettod
- exposed-panels/axway-securetransport-webclient.yaml by @righettod
- exposed-panels/dynatrace-panel.yaml by @ja1sh
- exposed-panels/gnu-mailman.yaml by Matt Galligan
- exposed-panels/kubeview-dashboard.yaml by @ja1sh
- exposed-panels/sensu-panel.yaml by @ja1sh
- exposed-panels/signet-explorer-dashboard.yaml by @ritikchaddha
- exposed-panels/wmw-enterprise-panel.yaml by Matt Galligan
- ssl/mismatched-ssl-certificate.yaml by @pdteam
- file/audit/pfsense/known-default-account.yaml by @pussycat0x
- osint/cal.yaml by @olearycrew
- osint/ctflearn.yaml by @olearycrew
- osint/npmjs.yaml by @olearycrew
- osint/platzi.yaml by @philippedelteil
- osint/polywork.yaml by @olearycrew
- osint/postnews.yaml by @olearycrew
- osint/skillshare.yaml by @olearycrew
- osint/tmdb.yaml by @olearycrew
- osint/tryhackme.yaml by @olearycrew
- technologies/ambassador-edge-stack-detect.yaml by @ja1sh
- technologies/limesurvey-detect.yaml by Matt Galligan
- technologies/nimplant-c2.yaml by @ja1sh
- technologies/wordpress/plugins/wpvivid-backuprestore.yaml by @ricardomaia
New Contributors
- @pwnhxl made their first contribution in #6816
- @ja1sh made their first contribution in #6802
- @SergeyRyadinskikh made their first contribution in #6807
- @JorianWoltjer made their first contribution in #6815
- @Yablargo made their first contribution in #6683
- @topscoder made their first contribution in #6826
- @olearycrew made their first contribution in #6827
- @zy9ard3 made their first contribution in #6808
Full Changelog: v9.3.8...v9.3.9
Contributors
ricardomaia, righettod, and 13 other contributors