projectdiscovery/nuclei-templates v9.5.3

on GitHub

🔥 Highlights of this release:

✅ [CVE-2023-34362] MOVEit Transfer - Remote Code Execution (@princechaddha,@rootxharsh,@ritikchaddha,@pdresearch) [critical]
✅ [CVE-2023-34960] Chamilo Command Injection (@dhiyaneshdk) [high]
✅ [CVE-2023-33246] RocketMQ <= 5.1.0 - Remote Code Execution (@iamnoooob,@rootxharsh,@pdresearch) [critical]
✅ [CVE-2023-25157] GeoServer OGC Filter - SQL Injection (@ritikchaddha,@dhiyaneshdk,@iamnoooob,@rootxharsh) [critical]
✅ [CVE-2023-23333] SolarView Compact 6.00 - OS Command Injection (@Mr-xn) [critical]
✅ [CVE-2023-20887] VMware VRealize Network Insight - Remote Code Execution (@sinsinology) [critical]
✅ [CVE-2022-23544] MeterSphere < 2.5.0 SSRF (@j4vaovo) [medium]
✅ [CVE-2022-24706] CouchDB Erlang Distribution - Remote Command Execution (@Mzack9999,@pussycat0x) [critical]
✅ [CVE-2017-12617] Apache Tomcat - Remote Code Execution (@pussycat0x) [high]
✅ [CVE-2016-6195] vBulletin <= 4.2.3 - SQL Injection (@mastercho) [high]

What's Changed

New Templates Added: 62

New CVEs Added: 28

• http/cves/2023/CVE-2023-34960.yaml by @DhiyaneshDK 🔥
• http/cves/2023/CVE-2023-34362.yaml by @princechaddha,@rootxharsh,@ritikchaddha,@pdresearch 🔥
• http/cves/2023/CVE-2023-33568.yaml by @DhiyaneshDK
• http/cves/2023/CVE-2023-25157.yaml by @ritikchaddha,@DhiyaneshDK,@iamnoooob,@rootxharsh 🔥
• http/cves/2023/CVE-2023-24243.yaml by @ritikchaddha
• http/cves/2023/CVE-2023-23333.yaml by @Mr-xn 🔥
• http/cves/2023/CVE-2023-20887.yaml by @sinsinology 🔥
• http/cves/2023/CVE-2023-0630.yaml by @DhiyaneshDK
• http/cves/2022/CVE-2022-23544.yaml by @j4vaovo 🔥
• http/cves/2022/CVE-2022-0869.yaml by @ctflearner
• http/cves/2021/CVE-2021-44138.yaml by carrot2
• http/cves/2021/CVE-2021-24647.yaml by @DhiyaneshDK
• http/cves/2019/CVE-2019-1943.yaml by @bhutch
• http/cves/2019/CVE-2019-10098.yaml by @ctflearner
• http/cves/2017/CVE-2017-12617.yaml by @pussycat0x 🔥
• http/cves/2016/CVE-2016-6195.yaml by @mastercho 🔥
• http/cves/2013/CVE-2013-2621.yaml by @ctflearner
• http/cves/2012/CVE-2012-4982.yaml by @ctflearner
• http/cves/2011/CVE-2011-5252.yaml by @ctflearner
• http/cves/2010/CVE-2010-1586.yaml by @ctflearner
• http/cves/2009/CVE-2009-0347.yaml by @ctflearner
• http/cves/2008/CVE-2008-7269.yaml by @ctflearner
• http/cves/2008/CVE-2008-1547.yaml by @ctflearner
• http/cves/2005/CVE-2005-3634.yaml by @ctflearner
• http/cves/2004/CVE-2004-1965.yaml by @ctflearner
• http/cves/2001/CVE-2001-0537.yaml by @DhiyaneshDK
• network/cves/2022/CVE-2022-24706.yaml by @Mzack9999,@pussycat0x 🔥
• network/cves/2023/CVE-2023-33246.yaml by @iamnoooob,@rootxharsh,@pdresearch 🔥
• http/vulnerabilities/nuxt/nuxt-js-lfi.yaml by @DhiyaneshDK
• http/vulnerabilities/nuxt/nuxt-js-semi-lfi.yaml by @DhiyaneshDK
• http/vulnerabilities/nuxt/nuxt-js-xss.yaml by @DhiyaneshDK
• http/vulnerabilities/other/epp-server-lfi.yaml by @DhiyaneshDK
• http/misconfiguration/bravia-signage.yaml by @DhiyaneshDK
• http/misconfiguration/symfony-fragment.yaml by Palanichamy_perumal,TechbrunchFR
• http/default-logins/riello/netman-default-login.yaml by @mabdullah22
• http/exposed-panels/c2/brute-ratel-c4.yaml by @pussycat0x
• http/exposed-panels/c2/empire-c2.yaml by @pussycat0x
• http/exposed-panels/c2/evilginx.yaml by @pussycat0x
• http/exposed-panels/c2/nh-c2.yaml by @pussycat0
• http/exposed-panels/c2/viper-c2.yaml by @pussycat0x
• http/exposed-panels/cryptobox-panel.yaml by @righettod
• http/exposed-panels/iclock-admin-panel.yaml by @deFr0ggy
• http/exposed-panels/rancher-dashboard.yaml by @ritikchaddha
• http/miscellaneous/crypto-mining-malware.yaml by @geeknik
• ssl/c2/asyncrat-c2.yaml by @johnk3r
• ssl/c2/bitrat-c2.yaml by @pussycat0x
• ssl/c2/covenant-c2-ssl.yaml by @pussycat0x
• ssl/c2/dcrat-server-c2.yaml by @pussycat0x
• ssl/c2/gozi-malware.yaml by @pussycat0x
• ssl/c2/icedid.yaml by @pussycat0x
• ssl/c2/orcus-rat-c2.yaml by @pussycat0x
• ssl/c2/posh-c2.yaml by @pussycat0x
• ssl/c2/quasar-rat-c2.yaml by @johnk3r,@pussycat0x
• ssl/c2/shadowpad-c2.yaml by @pussycat0x
• http/technologies/magento-eol.yaml by @dogancanbakir
• http/technologies/magento-version-detect.yaml by @sullo,@dogancanbakir
• http/technologies/openproject-detect.yaml by @ricardomaia
• http/technologies/phplist-detect.yaml by @ricardomaia
• http/technologies/wordpress/plugins/breeze.yaml by @ricardomaia
• http/technologies/wordpress/plugins/fast-indexing-api.yaml by @ricardomaia
• http/osint/facebook-page.yaml by @gpiechnik2
• http/osint/stackoverflow.yaml by @lu4nx

New Contributors

• @6mile made their first contribution in #7367
• @impalanichamy made their first contribution in #7121
• @ctflearner made their first contribution in #7381
• @carr0t2 made their first contribution in #7369
• @sinsinology made their first contribution in #7405
• @gpiechnik2 made their first contribution in #7396
• @mabdullah22 made their first contribution in #7390
• @AgnellusX1 made their first contribution in #7416

Full Changelog: v9.5.2...v9.5.3