github projectdiscovery/nuclei-templates v10.1.2
on GitHub

12 hours ago

What's Changed

🔥 Release Highlights 🔥

Bug Fixes

  • NA

False Negatives

  • Report Google Client ID from headers #11443
  • kong-detect misses valid kong endpoint [nuclei-template] #11468
  • False Negatives in missing-sri #11337

False Positives

Enhancements

  • Update crxde-lite.yaml #11477 (Based on AdobeDocs for AEM 6.5)
  • Update kong-detect.yaml #11484
  • Update google-client-id.yaml #11470
  • Update mfa-console-password-disabled.yaml #11437
  • Updated hybris-default-login template with default HAC locations #11431
  • Update jolokia-createstandardhost-rce.yaml #11428
  • Update old-copyright.yaml #11425
  • Update sonarqube-cloud-token.yaml #11422
  • Severity Update Of DAST Templates #11413
  • Update missing-sri.yaml with css checks #11338
  • Update php-debugbar-exposure.yaml #10968

Template Updates

New Templates Added: 52 | CVEs Added: 23 | First-time contributions: 14

  • [CVE-2024-57727] SimpleHelp <= 5.5.7 - Unauth Path Traversal (@iamnoooob, @rootxharsh, @pdresearch, @3th1cyuk1) [high] 🔥
  • [CVE-2024-56512] Apache NiFi - Information Disclosure (@dhiyaneshdk) [medium]
  • [CVE-2024-56145] Craft CMS - Remote Code Execution via Template Path Manipulation (@jackhax) [critical] 🔥
  • [CVE-2024-55457] MasterSAM Star Gate v11 - Local File Inclusion (@dhiyaneshdk) [high]
  • [CVE-2024-55218] IceWarp Server 10.2.1 - Cross-Site Scripting (@s4e-io) [medium]
  • [CVE-2024-54385] Radio Player <= 2.0.82 - Server-Side Request Forgery (@s4e-io) [high]
  • [CVE-2024-54330] Hurrakify <= 2.4 - Server-Side Request Forgery (@s4e-io) [high]
  • [CVE-2024-50603] Aviatrix Controller - Remote Code Execution (@newlinesec, @securing.pl) [critical] 🔥
  • [CVE-2024-48455] Netis Wifi Router - Information Disclosure (@s4e-io) [high]
  • [CVE-2024-38353] CodiMD <2.5.4 - Insecure Filename Randomization (@denandz, @PulseSecurity.co.nz) [medium]
  • [CVE-2024-12849] Error Log Viewer By WP Guru <= 1.0.1.3 - Missing Authorization to Arbitrary File Read (@s4e-io) [high]
  • [CVE-2024-11921] Give WP Plugin < 3.19.0 - Cross-Site Scripting (@Splint3r7) [high]
  • [CVE-2024-9989] Crypto <= 2.15 - Authentication Bypass (@s4e-io) [critical]
  • [CVE-2024-9264] Grafana Post-Auth DuckDB - SQL Injection To File Read (@princechaddha) [critical] 🔥
  • [CVE-2024-9047] WordPress File Upload <= 4.24.11 - Arbitrary File Read (@s4e-io) [critical] 🔥
  • [CVE-2024-7097] WSO2 User Registration - Arbitrary Account Creation (@iamnoooob, @rootxharsh, @pdresearch) [medium] 🔥
  • [CVE-2024-0986] Issabel Authenticated - Remote Code Execution (@EunJi) [medium]
  • [CVE-2023-48788] Fortinet Forticlient Endpoint Management Server - SQL Injection (@james Horseman, @ItshMoh) [critical] 🔥
  • [CVE-2022-40624] pfSense pfBlockerNG - OS Command Injection (@ritikchaddha) [critical]
  • [CVE-2022-40443] ZZCMS 2022 - Path Information Disclosure (@ritikchaddha) [low]
  • [CVE-2021-35394] RealTek AP Router SDK - Arbitrary Command Injection (@king-alexander) [critical] 🔥
  • [CVE-2021-31324] CentOS Web Panel - OS Command Injection (@ritikchaddha) [critical]
  • [CVE-2021-31316] CentOS Web Panel - SQL Injection (@ritikchaddha) [critical]
  • [privesc-agetty] agetty - Privilege Escalation (@bobAKAbill) [high]
  • [CNVD-2024-33023] UFIDA U8 Cloud - SQL Injection (@s4e-io) [high]
  • [cloudlog-panel] Cloudlog Panel - Detect (@s4e-io) [info]
  • [frappe-helpdesk-panel] Frappe Helpdesk Login Panel - Detect (@righettod) [info]
  • [huly-panel] Huly Login Panel - Detect (@righettod) [info]
  • [i-librarian-panel] I-Librarian Panel - Detect (@s4e-io) [info]
  • [opnsense-panel] OPNsense Panel - Detect (@Splint3r7, @johnk3r) [info]
  • [stirling-pdf-panel] Stirling PDF Panel - Detect (@s4e-io) [info]
  • [tabby-panel] Tabby Panel - Detect (@s4e-io) [info]
  • [vaultwarden-panel] Vaultwarden Login Panel - Detect (@righettod) [info]
  • [yunohost-admin-panel] YunoHost Admin Panel - Detect (@s4e-io) [info]
  • [javascript-env] JavaScript Environment Configuration - Detect (@pdp, @geeknik, @hetyh) [low]
  • [sonarqube-cloud-token] SonarQube Cloud Token Disclosure (@dhiyaneshdk) [high]
  • [crxde-lite] CRXDE Lite - Exposure (@Nadino) [low]
  • [symfony-rce] Symfony _fragment - Default Key RCE (@Yablargo) [critical]
  • [khoj-detect] Khoj - Detect (@s4e-io) [info]
  • [stirling-pdf-detect] Stirling PDF - Detect (@s4e-io) [info]
  • [tyk-gateway-detect] Tyk API Gateway - Detection (@davidfegyver) [info]
  • [codimd-unauth-file-upload] CodiMD - File Upload (@denandz, @PulseSecurity.co.nz) [medium]
  • [jolokia-acceslogvalve-rce] Jolokia write to RCE valve (@pathtaga) [critical]
  • [jolokia-createstandardhost-rce] Jolokia file write to RCE jfr (@laluka, @pathtaga) [critical]
  • [jolokia-tomcat-creds-leak] Jolokia <= 1.7.1 Information Leakage (@pathtaga) [critical]
  • [mamp-server-xss] MAMP Server - Cross-Site Scripting (@ritikchaddha) [medium]
  • [cloudlog-system-sqli] Cloudlog System - SQL Injection (@s4e-io) [high]
  • [cpas-managment-lfi] CPAS Management System - Arbitrary Fi23le Read (@s4e-io) [high]
  • [cpas-managment-sqli] CPAS Management System - SQL Injection (@s4e-io) [high]
  • [jeeplus-cms-resetpassword-sqli] JeePlus CMS - SQL Injection (@WingBy_fkalis) [high]
  • [xhibiter-nft-sqli] Xhibiter NFT Marketplace 1.10.2 - SQL Injection (@ProjectDiscoveryAI) [high]
  • [lantronix-xport-unauth] Lantronix XPort 6.10.0.1 - Unauthenticated Access (@john Osborn (Summit Security Group, @LLC)) [high]

New Contributors

Full Changelog: v10.1.1...v10.1.2

Check out latest releases or
releases around projectdiscovery/nuclei-templates v10.1.2

Don't miss a new nuclei-templates release

NewReleases is sending notifications on new releases.

Get notifications