🔥 Highlight of this release:
✅ [CVE-2023-43261] Milesight Routers - Information Disclosure (@gy741) [high] 🔥
✅ [CVE-2023-42793] JetBrains TeamCity < 2023.05.4 - Remote Code Execution (@iamnoooob,@rootxharsh,@pdresearch) [critical] 🔥
✅ [CVE-2023-42442] JumpServer > 3.6.4 - Information Disclosure (@xianke) [high] 🔥
✅ [CVE-2023-36845] Juniper J-Web - Remote Code Execution (@yaser_s) [medium] 🔥
✅ [CVE-2023-35813] Sitecore - Remote Code Execution (@dhiyaneshdk,@iamnoooob) [critical] 🔥
✅ [CVE-2023-29357] Microsoft SharePoint - Authentication Bypass (@pdteam) [critical] 🔥
✅ [CVE-2023-22515] Atlassian Confluence - Privilege Escalation (@s1r1us,@iamnoooob,@rootxharsh,@pdresearch) [critical] 🔥
✅ [CVE-2023-5074] D-Link D-View 8 v2.0.1.28 - Authentication Bypass (@dhiyaneshdk) [critical] 🔥
What's Changed
New Templates Added : 75
New CVEs Added: 25
First-time contributions: 12
- http/cves/2023/CVE-2023-43261.yaml by @gy741 🔥
- http/cves/2023/CVE-2023-42793.yaml by @iamnoooob,@rootxharsh,@pdresearch 🔥
- http/cves/2023/CVE-2023-42442.yaml by @xianke 🔥
- http/cves/2023/CVE-2023-41642.yaml by @ritikchaddha
- http/cves/2023/CVE-2023-38501.yaml by @ctflearner
- http/cves/2023/CVE-2023-37474.yaml by @shankar acharya,@theamanrawat
- http/cves/2023/CVE-2023-36845.yaml by @yaser_s 🔥
- http/cves/2023/CVE-2023-35813.yaml by @dhiyaneshdk,@iamnoooob 🔥
- http/cves/2023/CVE-2023-34259.yaml by @gy741
- http/cves/2023/CVE-2023-33831.yaml by @gy741
- http/cves/2023/CVE-2023-33405.yaml by @shankar Acharya
- http/cves/2023/CVE-2023-31465.yaml by @ritikchaddha
- http/cves/2023/CVE-2023-30625.yaml by @gy741
- http/cves/2023/CVE-2023-30013.yaml by @gy741
- http/cves/2023/CVE-2023-29357.yaml by @pdteam 🔥
- http/cves/2023/CVE-2023-22515.yaml by @s1r1us,@iamnoooob,@rootxharsh,@pdresearch 🔥
- http/cves/2023/CVE-2023-22432.yaml by @dhiyaneshdk
- http/cves/2023/CVE-2023-5074.yaml by @dhiyaneshdk 🔥
- http/cves/2023/CVE-2023-4568.yaml by @dhiyaneshdk
- http/cves/2023/CVE-2023-2766.yaml by @dhiyaneshdk
- http/cves/2023/CVE-2023-2479.yaml by @zn9988
- http/cves/2023/CVE-2023-2224.yaml by @luisfelipe146
- http/cves/2022/CVE-2022-48197.yaml by @ctflearner
- http/cves/2022/CVE-2022-25568.yaml by @dhiyaneshdk
- http/cves/2014/CVE-2014-9180.yaml by @shankar Acharya
- http/default-logins/xploitspy/xploitspy-default-login.yaml by @andreluna
- http/exposed-panels/audiobookshelf-panel.yaml by @ritikchaddha
- http/exposed-panels/bitwarden-vault-panel.yaml by @ritikchaddha
- http/exposed-panels/dashy-panel.yaml by @ritikchaddha
- http/exposed-panels/filebrowser-login-panel.yaml by @ritikchaddha
- http/exposed-panels/jellyseerr-login-panel.yaml by @ritikchaddha
- http/exposed-panels/klr300n-panel.yaml by @andreluna
- http/exposed-panels/portainer-panel.yaml by @ritikchaddha
- http/exposed-panels/qBittorrent-panel.yaml by @ritikchaddha
- http/exposed-panels/ws_ftp-server-web-transfer.yaml by @johnk3r
- http/exposures/configs/mercurial-hgignore.yaml by @dhiyaneshdk
- http/exposures/configs/phpcs-config.yaml by @dhiyaneshdk
- http/exposures/configs/phpsys-info.yaml by @fpatrik
- http/exposures/configs/protractor-config.yaml by @dhiyaneshdk
- http/exposures/configs/psalm-config.yaml by @dhiyaneshdk
- http/exposures/configs/rakefile-disclosure.yaml by @dhiyaneshdk
- http/exposures/files/viminfo-disclosure.yaml by @dhiyaneshdk
- http/exposures/logs/milesight-system-log.yaml by @ritikchaddha
- http/exposures/tokens/jotform/jotform-api-key.yaml by @shankar Acharya
- http/iot/kyocera-printer-panel.yaml by @gy741
- http/misconfiguration/filebrowser-unauth.yaml by @ritikchaddha
- http/misconfiguration/installer/akeeba-installer.yaml by @dhiyaneshdk
- http/misconfiguration/installer/alma-installer.yaml by @dhiyaneshdk
- http/misconfiguration/installer/bitrix24-installer.yaml by @dhiyaneshdk
- http/misconfiguration/installer/clipbucket-installer.yaml by @dhiyaneshdk
- http/misconfiguration/installer/dolphin-installer.yaml by @dhiyaneshdk
- http/misconfiguration/installer/gibbon-installer.yaml by @dhiyaneshdk
- http/misconfiguration/installer/klr300n-installer.yaml by @andreluna
- http/misconfiguration/installer/mantisbt-installer.yaml by @dhiyaneshdk
- http/misconfiguration/installer/ojs-installer.yaml by @dhiyaneshdk
- http/misconfiguration/installer/shopware-installer.yaml by @dhiyaneshdk
- http/misconfiguration/installer/spa-cart-installer.yaml by @pussycat0x
- http/misconfiguration/installer/vironeer-installer.yaml by @dhiyaneshdk
- http/misconfiguration/installer/zabbix-installer.yaml by @dhiyaneshdk
- http/misconfiguration/installer/zencart-installer.yaml by @dhiyaneshdk
- http/misconfiguration/unauth-celery-flower.yaml by @dhiyaneshdk
- http/misconfiguration/vercel-source-exposure.yaml by @Hlop
- http/technologies/blazor-webassembly-detect.yaml by @righettod
- http/technologies/default-amazon-cognito.yaml by @pussycat0x
- http/technologies/devexpress-detect.yaml by @CravateRouge
- http/vulnerabilities/apache/shiro/shiro-deserialization-detection.yaml by @hotpot,@j4vaovo
- http/vulnerabilities/copyparty-xss.yaml by @theamanrawat
- http/vulnerabilities/sangfor/sangfor-ngaf-lfi.yaml by @dhiyaneshdk
- http/vulnerabilities/wordpress/wp-yoast-user-enumeration.yaml by @flx
- http/vulnerabilities/yonyou/yonyou-u8-sqli.yaml by @xianke
- network/detection/bgp-detect.yaml by @danfaizer
- network/detection/exim-detect.yaml by @ricardomaia
- network/detection/ws_ftp-ssh-detect.yaml by @johnk3r
- ssl/wildcard-tls.yaml by @Lucky0x0D
- file/android/google-storage-bucket.yaml by @Thabisocn
New Contributors
- @5hank4r made their first contribution in #8086
- @fmunozs made their first contribution in #8240
- @fapami made their first contribution in #8246
- @zn9988 made their first contribution in #8216
- @joaonevess made their first contribution in #8274
- @danfaizer made their first contribution in #8287
- @sttlr made their first contribution in #8227
- @Thabisocn made their first contribution in #8289
- @jainiresh made their first contribution in #8286
- @CravateRouge made their first contribution in #8217
- @Osb0rn3 made their first contribution in #8322
- @thehlopster made their first contribution in #8252
Full Changelog: v9.6.4...v9.6.5