projectdiscovery/nuclei-templates v10.0.4

on GitHub

What's Changed

🔥 Release Highlights 🔥

• [CVE-2024-50340] Symfony Profiler - Remote Access via Injected Arguments (@dhiyaneshdk) [high] 🔥
• [CVE-2024-35219] OpenAPI Generator <= 7.5.0 - Arbitrary File Read/Delete (@iamnoooob, @rootxharsh, @pdresearch) [high] 🔥
• [CVE-2024-10914] D-Link NAS - Command Injection via Name Parameter (@s4e-io) [critical] 🔥
• [CVE-2024-9487] GitHub Enterprise - SAML Authentication Bypass (@iamnoooob, @rootxharsh, @pdresearch) [critical] 🔥
• [CVE-2024-8963] Ivanti Cloud Services Appliance - Path Traversal (@johnk3r) [critical] 🔥
• [CVE-2024-6049] Lawo AG vsm LTC Time Sync (vTimeSync) - Path Traversal (@s4e-io) [high] 🔥
• [CVE-2019-0192] Apache Solr - Deserialization of Untrusted Data (@hnd3884) [critical] 🔥

Bug Fixes

• Merging Duplicate - CVE-2024-7928 & fastadmin-lfi (Issue #11135).

False Negatives

No updates

False Positives

• False Positive Detection for Cloudflare in CSP (Issues #11138, #11139).
• CVE-2018-11784 FP (Issue #10495).
• False Positive … CVE-2023-46805 (Issue #11170).
• Fix FP CVE-2023-46805.yaml (Issue #11198).
• Fixfp phpwind-installer (Issue #11168).
• Fix: fp CVE-2023-43373.yaml (Issue #11130).
• Removing one case of FPs http/fuzzing/xff-403-bypass.yaml (Issue #10998).
• Fix fp http/misconfiguration/proxy/metadata-alibaba.yaml (Issue #10976).

Enhancements

• Refactor the “Thruk Panel” template (Issue #11206).
• Rename spring4shell-CVE-2022-22965.yaml to CVE-2022-22965.yaml for consistency (Issue #11204).
• Update linux-lfi-fuzz.yaml (Issue #11169).
• Update CVE-2022-0968.yaml (Issue #11150).

Template Updates

New Templates Added: 74 | CVEs Added: 26 | First-time contributions: 7

• [CVE-2024-51483] Changedetection.io <= 0.47.4 - Path Traversal (@iamnoooob, @rootxharsh, @pdresearch) [medium]
• [CVE-2024-50340] Symfony Profiler - Remote Access via Injected Arguments (@dhiyaneshdk) [high] 🔥
• [CVE-2024-48360] Qualitor <= v8.24 - Server-Side Request Forgery (@s4e-io) [high]
• [CVE-2024-36117] Reposilite >= 3.3.0, < 3.5.12 - Arbitrary File Read (@iamnoooob, @rootxharsh, @pdresearch) [high]
• [CVE-2024-35219] OpenAPI Generator <= 7.5.0 - Arbitrary File Read/Delete (@iamnoooob, @rootxharsh, @pdresearch) [high] 🔥
• [CVE-2024-10915] D-Link NAS - Command Injection via Group Parameter (@s4e-io) [critical]
• [CVE-2024-10914] D-Link NAS - Command Injection via Name Parameter (@s4e-io) [critical] 🔥
• [CVE-2024-10081] CodeChecker <= 6.24.1 - Authentication Bypass (@iamnoooob, @rootxharsh, @pdresearch) [critical]
• [CVE-2024-9487] GitHub Enterprise - SAML Authentication Bypass (@iamnoooob, @rootxharsh, @pdresearch) [critical] 🔥
• [CVE-2024-8963] Ivanti Cloud Services Appliance - Path Traversal (@johnk3r) [critical] 🔥
• [CVE-2024-8673] Z-Downloads < 1.11.7 - Cross-Site Scripting (@Splint3r7) [low]
• [CVE-2024-6420] Hide My WP Ghost < 5.2.02 - Hidden Login Page Disclosure (@JPG0mez) [high]
• [CVE-2024-6049] Lawo AG vsm LTC Time Sync (vTimeSync) - Path Traversal (@s4e-io) [high] 🔥
• [CVE-2024-4841] LoLLMS WebUI - Subfolder Prediction via Path Traversal (@s4e-io) [medium]
• [CVE-2023-49494] DedeCMS v5.7.111 - Cross-Site Scripting (@ritikchaddha) [medium]
• [CVE-2022-31260] ResourceSpace - Metadata Export (@ritikchaddha) [medium]
• [CVE-2022-28033] Atom.CMS 2.0 - SQL Injection (@ritikchaddha) [critical]
• [CVE-2022-0479] Popup Builder Plugin - SQL Injection and Cross-Site Scripting (@ritikchaddha) [critical]
• [CVE-2021-44260] WAVLINK AC1200 - Information Disclosure (@ritikchaddha) [high]
• [CVE-2021-24934] Visual CSS Style Editor < 7.5.4 - Cross-Site Scripting (@Splint3r7) [medium]
• [CVE-2019-1003000] Jenkins Script Security Plugin <=1.49 - Sandbox Bypass (@sttlr) [high]
• [CVE-2019-0192] Apache Solr - Deserialization of Untrusted Data (@hnd3884) [critical] 🔥
• [CVE-2018-10383] Lantronix SecureLinx Spider (SLS) 2.2+ - Cross-Site Scripting (@ritikchaddha) [medium]
• [CVE-2017-18590] Timesheet Plugin < 0.1.5 - Cross-Site Scripting (@Spling3r7) [medium]
• [CVE-2016-10976] Safe Editor Plugin < 1.2 - CSS/JS-injection (@Splint3r7) [medium]
• [CVE-2014-0160] OpenSSL Heartbleed Vulnerability (@pussycat0x) [high]
• [stack-notification-disabled] CloudFormation Stack Notification - Disabled (@dhiyaneshdk) [medium]
• [stack-policy-not-inuse] CloudFormation Stack Policy - Not In Use (@dhiyaneshdk) [medium]
• [stack-termination-disabled] CloudFormation Termination Protection - Disabled (@dhiyaneshdk) [medium]
• [cloudfront-compress-object] CloudFront Compress Objects Automatically (@dhiyaneshdk) [low]
• [cloudfront-custom-certificates] Cloudfront Custom SSL/TLS Certificates - In Use (@dhiyaneshdk) [medium]
• [cloudfront-geo-restriction] CloudFront Geo Restriction - Not Enabled (@dhiyaneshdk) [info]
• [cloudfront-insecure-protocol] CloudFront Insecure Origin SSL Protocols (@dhiyaneshdk) [medium]
• [cloudfront-integrated-waf] CloudFront Integrated With WAF (@dhiyaneshdk) [medium]
• [cloudfront-logging-disabled] Cloudfront Logging Disabled (@dhiyaneshdk) [medium]
• [cloudfront-origin-shield] CloudFront Origin Shield - Not Enabled (@dhiyaneshdk) [info]
• [cloudfront-security-policy] CloudFront Security Policy (@dhiyaneshdk) [medium]
• [cloudfront-traffic-unencrypted] CloudFront Traffic To Origin Unencrypted (@dhiyaneshdk) [medium]
• [cloudfront-viewer-policy] CloudFront Viewer Protocol Policy (@dhiyaneshdk) [medium]
• [secret-manager-not-inuse] Secrets Manager Not In Use (@dhiyaneshdk) [info]
• [secret-rotation-interval] Secret Rotation Interval (@dhiyaneshdk) [medium]
• [secrets-rotation-disabled] Secret Rotation Disabled (@dhiyaneshdk) [medium]
• [aspnet-framework-exceptions] ASP.NET Framework Exceptions (@aayush Dhakal) [info]
• [nodejs-framework-exceptions] Node.js Framework Exceptions (@aayush Dhakal) [info]
• [bigant-default-login] BigAnt - Default Password (@ritikchaddha) [critical]
• [minio-object-default-login] MinIO Console Object Store - Default Login (@johnk3r) [high]
• [actifio-panel] Actifio Resource Center - Panel (@Splint3r7) [info]
• [adapt-panel] Adapt Authoring Tool - Panel (@Splint3r7) [info]
• [aethra-panel] Aethra Telecommunications Login - Panel (@Splint3r7) [info]
• [akuiteo-panel] Akuiteo Login Panel - Detect (@righettod) [info]
• [alamos-panel] Alamos GmbH Panel - Detect (@Splint3r7) [info]
• [alfresco-panel] Alfresco Content App Panel - Detect (@Splint3r7) [info]
• [alternc-panel] AlternC Desktop Panel - Detect (@Splint3r7) [info]
• [anmelden-panel] Anmelden | OPNsense Panel - Detect (@Splint3r7) [info]
• [cyberpanel-panel] Cyberpanel Login Panel - Detect (@mailler) [info]
• [deepmail-panel] Advanced eMail Solution DEEPMail - Panel (@Splint3r7) [info]
• [ghe-encrypt-saml] GitHub Enterprise - Encrypted SAML (@rootxharsh, @iamnoooob, @pdresearch) [info]
• [hyperplanning-panel] HYPERPLANNING Login Panel - Detect (@righettod) [info]
• [nexpose-panel] Rapid7 Nexpose VM Security Console - Detect (@johnk3r) [info]
• [panos-management-panel] PAN-OS Management Panel - Detect (@bhutch) [info]
• [pronote-panel] PRONOTE Login Panel - Detect (@righettod) [info]
• [quest-panel] Quest Modem Configuration Login - Panel (@Splint3r7) [info]
• [quivr-panel] Quivr Panel - Detect (@s4e-io) [info]
• [thruk-panel] Thruk Login Panel - Detect (@ffffffff0x, @righettod) [info]
• [ip-webcam] IP Webcam Viewer Page - Detect (@gy741) [low]
• [azure-blob-core-detect] Azure Blob Core Service - Detect (@ProjectDiscoveryAI) [info]
• [atlantis-dashboard] Atlantis Dashboard - Exposure (@dhiyaneshdk) [medium]
• [pgwatch2-db-exposure] Pgwatch2 DBs to monitor - Exposure (@dhiyaneshdk) [high]
• [amazon-ecs-defualt-page] Amazon ECS Sample App Default Page - Detect (@Splint3r7) [info]
• [hubble-detect] Hubble - Detect (@righettod) [info]
• [localai-detect] LocalAI - Detect (@s4e-io) [info]
• [pghero-detect] PgHero - Detect (@righettod) [info]
• [flexmls-idx-detect] Flexmls IDX - Detect (@rxerium, @sorrowx3) [info]
• [lottie-backdoor] Lottie Player - Backdoor (@nagli-wiz) [critical]

New Contributors

• @AV-IO made their first contribution in #11132
• @aayush2561 made their first contribution in #11104
• @hnd3884 made their first contribution in #11127
• @s4hm4d made their first contribution in #11149
• @00xSayDoo made their first contribution in #11139
• @andymcao made their first contribution in #11169
• @cxbt made their first contribution in #11204

Full Changelog: v10.0.3...v10.0.4