projectdiscovery/nuclei-templates v9.6.4

on GitHub

🔥 Highlight of this release:

✅ [CVE-2023-41892] CraftCMS < 4.4.15 - Unauth Remote Code Execution (@iamnoooob,@rootxharsh,@pdresearch) [critical] 🔥
✅ [CVE-2023-30943] Moodle - Cross-Site Scripting/Remote Code Execution (@ritikchaddha) [medium] 🔥
✅ [CVE-2023-25573] Metersphere - Arbitrary File Read (@dhiyaneshdk) [high] 🔥
✅ [CVE-2023-2813] Wordpress Multiple Themes - Reflected Cross-Site Scripting (@dhiyaneshdk) [medium] 🔥
✅ [CVE-2022-0342] Zyxel - Authentication Bypass (@SleepingBag945,@powerexploit) [critical] 🔥

What's Changed

New Templates Added: 121

New CVEs Added: 10

First-time contributions: 3

• http/cves/2023/CVE-2023-41892.yaml by @iamnoooob,@rootxharsh,@pdresearch 🔥
• http/cves/2023/CVE-2023-39677.yaml by @meme-lord
• http/cves/2023/CVE-2023-39676.yaml by @meme-lord
• http/cves/2023/CVE-2023-37629.yaml by @harsh
• http/cves/2023/CVE-2023-30943.yaml by @ritikchaddha 🔥
• http/cves/2023/CVE-2023-4714.yaml by @Farish
• http/cves/2023/CVE-2023-2813.yaml by @dhiyaneshdk
• http/cves/2023/CVE-2023-25573.yaml by @dhiyaneshdk
• http/cves/2023/CVE-2023-22463.yaml by @dhiyaneshdk
• http/cves/2022/CVE-2022-0342.yaml by @SleepingBag945,@powerexploit 🔥
• http/cnvd/2023/CNVD-C-2023-76801.yaml by @SleepingBag945
• http/cnvd/2022/CNVD-2022-43245.yaml by @SleepingBag945
• http/cnvd/2021/CNVD-2021-33202.yaml by @SleepingBag945
• http/vulnerabilities/chanjet-tplus-rce.yaml by @SleepingBag945
• http/vulnerabilities/dbgate-unauth-rce.yaml by @H0j3n
• http/vulnerabilities/landray/landray-oa-sysSearchMain-editParam-rce.yaml by @SleepingBag945
• http/vulnerabilities/landray/landray-oa-treexml-rce.yaml by @tangxiaofeng7,@SleepingBag945
• http/vulnerabilities/other/aic-intelligent-password-exposure.yaml by @SleepingBag945
• http/vulnerabilities/other/cloud-oa-system-sqli.yaml by @SleepingBag945
• http/vulnerabilities/other/cmseasy-crossall-act-sqli.yaml by @SleepingBag945
• http/vulnerabilities/other/comai-ras-cookie-bypass.yaml by @SleepingBag945
• http/vulnerabilities/other/huiwen-bibliographic-info-leak.yaml by @SleepingBag945
• http/vulnerabilities/other/phpldapadmin-xss.yaml by @GodfatherOrwa,@herry
• http/vulnerabilities/other/sanhui-smg-file-read.yaml by @SleepingBag945
• http/vulnerabilities/other/seeyon-oa-log4j.yaml by @SleepingBag945
• http/vulnerabilities/other/zhixiang-oa-msglog-sqli.yaml by @SleepingBag945
• http/vulnerabilities/qax/secsslvpn-auth-bypass.yaml by @SleepingBag945
• http/vulnerabilities/realor/realor-gwt-system-sqli.yaml by @SleepingBag945
• http/vulnerabilities/ruijie/ruijie-nbr-fileupload.yaml by @SleepingBag945
• http/vulnerabilities/sangfor/sangfor-login-rce.yaml by @SleepingBag945
• http/vulnerabilities/secworld/secgate-3600-file-upload.yaml by @SleepingBag945
• http/vulnerabilities/seeyon/seeyon-config-exposure.yaml by @SleepingBag945
• http/vulnerabilities/seeyon/seeyon-createmysql-exposure.yaml by @SleepingBag945
• http/vulnerabilities/seeyon/seeyon-initdata-exposure.yaml by @SleepingBag945
• http/vulnerabilities/seeyon/seeyon-oa-fastjson-rce.yaml by @SleepingBag945
• http/vulnerabilities/seeyon/seeyon-oa-setextno-sqli.yaml by @SleepingBag945
• http/vulnerabilities/seeyon/seeyon-oa-sp2-file-upload.yaml by @SleepingBag945
• http/vulnerabilities/shiziyu-cms/shiziyu-cms-apicontroller-sqli.yaml by @SleepingBag945
• http/vulnerabilities/smartbi/smartbi-deserialization.yaml by @SleepingBag945
• http/vulnerabilities/spring/jolokia-logback-jndi-rce.yaml by @SleepingBag945
• http/vulnerabilities/tongda/tongda-action-uploadfile.yaml by @SleepingBag945
• http/vulnerabilities/tongda/tongda-api-file-upload.yaml by @SleepingBag945
• http/vulnerabilities/tongda/tongda-arbitrary-login.yaml by @SleepingBag945
• http/vulnerabilities/tongda/tongda-contact-list-exposure.yaml by @SleepingBag945
• http/vulnerabilities/tongda/tongda-getdata-rce.yaml by @SleepingBag945
• http/vulnerabilities/tongda/tongda-getway-rfi.yaml by @SleepingBag945,@pussycat0x
• http/vulnerabilities/tongda/tongda-insert-sqli.yaml by @SleepingBag945
• http/vulnerabilities/tongda/tongda-login-code-authbypass.yaml by @SleepingBag945
• http/vulnerabilities/tongda/tongda-meeting-unauth.yaml by @SleepingBag945
• http/vulnerabilities/tongda/tongda-oa-swfupload-sqli.yaml by @SleepingBag945
• http/vulnerabilities/tongda/tongda-report-func-sqli.yaml by @SleepingBag945
• http/vulnerabilities/tongda/tongda-video-file-read.yaml by @SleepingBag945
• http/vulnerabilities/topsec/topsec-topacm-rce.yaml by @SleepingBag945
• http/vulnerabilities/topsec/topsec-topapplb-auth-bypass.yaml by @SleepingBag945
• http/vulnerabilities/wanhu/wanhu-documentedit-sqli.yaml by @SleepingBag945
• http/vulnerabilities/wanhu/wanhu-download-ftp-file-read.yaml by @SleepingBag945
• http/vulnerabilities/wanhu/wanhu-download-old-file-read.yaml by @SleepingBag945
• http/vulnerabilities/wanhu/wanhu-oa-fileupload-controller-arbitrary-file-upload.yaml by @SleepingBag945
• http/vulnerabilities/wanhu/wanhu-teleconferenceservice-xxe.yaml by @SleepingBag945
• http/vulnerabilities/wanhu/wanhuoa-officeserverservlet-file-upload.yaml by @SleepingBag945
• http/vulnerabilities/wanhu/wanhuoa-smartupload-file-upload.yaml by @SleepingBag945
• http/vulnerabilities/weaver/ecology-jqueryfiletree-traversal.yaml by @SleepingBag945
• http/vulnerabilities/weaver/ecology-verifyquicklogin-auth-bypass.yaml by @SleepingBag945
• http/vulnerabilities/weaver/ecology/ecology-oa-byxml-xxe.yaml by @SleepingBag945
• http/vulnerabilities/weaver/weaver-checkserver-sqli.yaml by @SleepingBag945
• http/vulnerabilities/weaver/weaver-e-cology-validate-sqli.yaml by @SleepingBag945
• http/vulnerabilities/weaver/weaver-e-mobile-rce.yaml by @SleepingBag945
• http/vulnerabilities/weaver/weaver-ebridge-lfi.yaml by @SleepingBag945
• http/vulnerabilities/weaver/weaver-ecology-bshservlet-rce.yaml by @SleepingBag945
• http/vulnerabilities/weaver/weaver-ecology-getsqldata-sqli.yaml by @SleepingBag945
• http/vulnerabilities/weaver/weaver-ecology-hrmcareer-sqli.yaml by @SleepingBag945
• http/vulnerabilities/weaver/weaver-group-xml-sqli.yaml by @SleepingBag945
• http/vulnerabilities/weaver/weaver-jquery-file-upload.yaml by @SleepingBag945
• http/vulnerabilities/weaver/weaver-ktreeuploadaction-file-upload.yaml by @SleepingBag945
• http/vulnerabilities/weaver/weaver-lazyuploadify-file-upload.yaml by @SleepingBag945
• http/vulnerabilities/weaver/weaver-login-sessionkey.yaml by @SleepingBag945
• http/vulnerabilities/weaver/weaver-mysql-config-info-leak.yaml by @SleepingBag945
• http/vulnerabilities/weaver/weaver-office-server-file-upload.yaml by @SleepingBag945
• http/vulnerabilities/weaver/weaver-officeserver-lfi.yaml by @SleepingBag945
• http/vulnerabilities/weaver/weaver-signaturedownload-lfi.yaml by @SleepingBag945
• http/vulnerabilities/weaver/weaver-sptmforportalthumbnail-lfi.yaml by @SleepingBag945
• http/vulnerabilities/weaver/weaver-uploadify-file-upload.yaml by @SleepingBag945
• http/vulnerabilities/weaver/weaver-uploadoperation-file-upload.yaml by @SleepingBag945
• http/vulnerabilities/weaver/weaver-userselect-unauth.yaml by @SleepingBag945
• http/vulnerabilities/wechat/wechat-info-leak.yaml by @SleepingBag945
• http/vulnerabilities/yonyou/chanjet-gnremote-sqli.yaml by @SleepingBag945
• http/vulnerabilities/yonyou/chanjet-tplus-checkmutex-sqli.yaml by @unknown
• http/vulnerabilities/yonyou/chanjet-tplus-file-read.yaml by @SleepingBag945
• http/vulnerabilities/yonyou/chanjet-tplus-fileupload.yaml by @SleepingBag945
• http/vulnerabilities/yonyou/chanjet-tplus-ufida-sqli.yaml by @SleepingBag945
• http/vulnerabilities/yonyou/grp-u8-uploadfiledata-fileupload.yaml by @SleepingBag945
• http/vulnerabilities/yonyou/yonyou-fe-directory-traversal.yaml by @SleepingBag945
• http/vulnerabilities/yonyou/yonyou-filereceiveservlet-fileupload.yaml by @bjxsec
• http/vulnerabilities/yonyou/yonyou-grp-u8-xxe.yaml by @SleepingBag945
• http/vulnerabilities/yonyou/yonyou-nc-accept-fileupload.yaml by @SleepingBag945
• http/vulnerabilities/yonyou/yonyou-nc-baseapp-deserialization.yaml by @SleepingBag945
• http/vulnerabilities/yonyou/yonyou-nc-dispatcher-fileupload.yaml by @SleepingBag945
• http/vulnerabilities/yonyou/yonyou-nc-grouptemplet-fileupload.yaml by @SleepingBag945
• http/vulnerabilities/yonyou/yonyou-nc-info-leak.yaml by @SleepingBag945
• http/vulnerabilities/yonyou/yonyou-nc-ncmessageservlet-rce.yaml by @SleepingBag945
• http/vulnerabilities/yonyou/yonyou-u8-crm-fileupload.yaml by @SleepingBag945,@pussycat0x
• http/vulnerabilities/yonyou/yonyou-u8-crm-lfi.yaml by @SleepingBag945
• http/default-logins/d-link/dlink-centralized-default-login.yaml by @SleepingBag945
• http/default-logins/o2oa/o2oa-default-login.yaml by @SleepingBag945
• http/default-logins/others/aruba-instant-default-login.yaml by @SleepingBag945
• http/default-logins/others/ciphertrust-default-login.yaml by @SleepingBag945
• http/default-logins/others/cnzxsoft-default-login.yaml by @SleepingBag945
• http/default-logins/others/supershell-default-login.yaml by @SleepingBag945
• http/default-logins/seeyon/seeyon-a8-default-login.yaml by @SleepingBag945
• http/default-logins/seeyon/seeyon-monitor-default-login.yaml by @SleepingBag945
• http/default-logins/smartbi/smartbi-default-login.yaml by @SleepingBag945
• http/default-logins/wayos/ac-weak-login.yaml by @SleepingBag945
• http/misconfiguration/gitlab/gitlab-public-registration.yaml by @axrk
• http/exposed-panels/dbgate-panel.yaml by @H0j3n
• http/exposed-panels/phpldapadmin-panel.yaml by @ritikchaddha,@dhiyaneshdk
• http/exposed-panels/quilium-panel.yaml by @righettod
• http/exposed-panels/satis-repository.yaml by @FlorianMaak
• http/exposed-panels/symantec/symantec-phishing-panel.yaml by @andreluna
• http/osint/hackenproof.yaml by @philippedelteil
• http/osint/intigriti.yaml by @philippedelteil
• http/osint/yeswehack.yaml by @philippedelteil

New Contributors

• @axrk made their first contribution in #8194
• @herry2525 made their first contribution in #8198
• @H0j3n made their first contribution in #8221

Full Changelog: v9.6.3...v9.6.4