🔥 Highlights of this release:
✅ [CVE-2023-34362] MOVEit Transfer - Remote Code Execution (@princechaddha,@rootxharsh,@ritikchaddha,@pdresearch) [critical]
✅ [CVE-2023-34960] Chamilo Command Injection (@dhiyaneshdk) [high]
✅ [CVE-2023-33246] RocketMQ <= 5.1.0 - Remote Code Execution (@iamnoooob,@rootxharsh,@pdresearch) [critical]
✅ [CVE-2023-25157] GeoServer OGC Filter - SQL Injection (@ritikchaddha,@dhiyaneshdk,@iamnoooob,@rootxharsh) [critical]
✅ [CVE-2023-23333] SolarView Compact 6.00 - OS Command Injection (@Mr-xn) [critical]
✅ [CVE-2023-20887] VMware VRealize Network Insight - Remote Code Execution (@sinsinology) [critical]
✅ [CVE-2022-23544] MeterSphere < 2.5.0 SSRF (@j4vaovo) [medium]
✅ [CVE-2022-24706] CouchDB Erlang Distribution - Remote Command Execution (@Mzack9999,@pussycat0x) [critical]
✅ [CVE-2017-12617] Apache Tomcat - Remote Code Execution (@pussycat0x) [high]
✅ [CVE-2016-6195] vBulletin <= 4.2.3 - SQL Injection (@mastercho) [high]
What's Changed
New Templates Added: 62
New CVEs Added: 28
- http/cves/2023/CVE-2023-34960.yaml by @DhiyaneshDK 🔥
- http/cves/2023/CVE-2023-34362.yaml by @princechaddha,@rootxharsh,@ritikchaddha,@pdresearch 🔥
- http/cves/2023/CVE-2023-33568.yaml by @DhiyaneshDK
- http/cves/2023/CVE-2023-25157.yaml by @ritikchaddha,@DhiyaneshDK,@iamnoooob,@rootxharsh 🔥
- http/cves/2023/CVE-2023-24243.yaml by @ritikchaddha
- http/cves/2023/CVE-2023-23333.yaml by @Mr-xn 🔥
- http/cves/2023/CVE-2023-20887.yaml by @sinsinology 🔥
- http/cves/2023/CVE-2023-0630.yaml by @DhiyaneshDK
- http/cves/2022/CVE-2022-23544.yaml by @j4vaovo 🔥
- http/cves/2022/CVE-2022-0869.yaml by @ctflearner
- http/cves/2021/CVE-2021-44138.yaml by carrot2
- http/cves/2021/CVE-2021-24647.yaml by @DhiyaneshDK
- http/cves/2019/CVE-2019-1943.yaml by @bhutch
- http/cves/2019/CVE-2019-10098.yaml by @ctflearner
- http/cves/2017/CVE-2017-12617.yaml by @pussycat0x 🔥
- http/cves/2016/CVE-2016-6195.yaml by @mastercho 🔥
- http/cves/2013/CVE-2013-2621.yaml by @ctflearner
- http/cves/2012/CVE-2012-4982.yaml by @ctflearner
- http/cves/2011/CVE-2011-5252.yaml by @ctflearner
- http/cves/2010/CVE-2010-1586.yaml by @ctflearner
- http/cves/2009/CVE-2009-0347.yaml by @ctflearner
- http/cves/2008/CVE-2008-7269.yaml by @ctflearner
- http/cves/2008/CVE-2008-1547.yaml by @ctflearner
- http/cves/2005/CVE-2005-3634.yaml by @ctflearner
- http/cves/2004/CVE-2004-1965.yaml by @ctflearner
- http/cves/2001/CVE-2001-0537.yaml by @DhiyaneshDK
- network/cves/2022/CVE-2022-24706.yaml by @Mzack9999,@pussycat0x 🔥
- network/cves/2023/CVE-2023-33246.yaml by @iamnoooob,@rootxharsh,@pdresearch 🔥
- http/vulnerabilities/nuxt/nuxt-js-lfi.yaml by @DhiyaneshDK
- http/vulnerabilities/nuxt/nuxt-js-semi-lfi.yaml by @DhiyaneshDK
- http/vulnerabilities/nuxt/nuxt-js-xss.yaml by @DhiyaneshDK
- http/vulnerabilities/other/epp-server-lfi.yaml by @DhiyaneshDK
- http/misconfiguration/bravia-signage.yaml by @DhiyaneshDK
- http/misconfiguration/symfony-fragment.yaml by Palanichamy_perumal,TechbrunchFR
- http/default-logins/riello/netman-default-login.yaml by @mabdullah22
- http/exposed-panels/c2/brute-ratel-c4.yaml by @pussycat0x
- http/exposed-panels/c2/empire-c2.yaml by @pussycat0x
- http/exposed-panels/c2/evilginx.yaml by @pussycat0x
- http/exposed-panels/c2/nh-c2.yaml by @pussycat0
- http/exposed-panels/c2/viper-c2.yaml by @pussycat0x
- http/exposed-panels/cryptobox-panel.yaml by @righettod
- http/exposed-panels/iclock-admin-panel.yaml by @deFr0ggy
- http/exposed-panels/rancher-dashboard.yaml by @ritikchaddha
- http/miscellaneous/crypto-mining-malware.yaml by @geeknik
- ssl/c2/asyncrat-c2.yaml by @johnk3r
- ssl/c2/bitrat-c2.yaml by @pussycat0x
- ssl/c2/covenant-c2-ssl.yaml by @pussycat0x
- ssl/c2/dcrat-server-c2.yaml by @pussycat0x
- ssl/c2/gozi-malware.yaml by @pussycat0x
- ssl/c2/icedid.yaml by @pussycat0x
- ssl/c2/orcus-rat-c2.yaml by @pussycat0x
- ssl/c2/posh-c2.yaml by @pussycat0x
- ssl/c2/quasar-rat-c2.yaml by @johnk3r,@pussycat0x
- ssl/c2/shadowpad-c2.yaml by @pussycat0x
- http/technologies/magento-eol.yaml by @dogancanbakir
- http/technologies/magento-version-detect.yaml by @sullo,@dogancanbakir
- http/technologies/openproject-detect.yaml by @ricardomaia
- http/technologies/phplist-detect.yaml by @ricardomaia
- http/technologies/wordpress/plugins/breeze.yaml by @ricardomaia
- http/technologies/wordpress/plugins/fast-indexing-api.yaml by @ricardomaia
- http/osint/facebook-page.yaml by @gpiechnik2
- http/osint/stackoverflow.yaml by @lu4nx
New Contributors
- @6mile made their first contribution in #7367
- @impalanichamy made their first contribution in #7121
- @ctflearner made their first contribution in #7381
- @carr0t2 made their first contribution in #7369
- @sinsinology made their first contribution in #7405
- @gpiechnik2 made their first contribution in #7396
- @mabdullah22 made their first contribution in #7390
- @AgnellusX1 made their first contribution in #7416
Full Changelog: v9.5.2...v9.5.3