projectdiscovery/nuclei-templates v9.6.6

on GitHub

🔥 Highlight of this release:

✅ [servicenow-widget-misconfig] ServiceNow Widget-Simple-List - Misconfiguration (@dhiyaneshdk) 🔥
✅ [CVE-2023-37979] Ninja Forms < 3.6.26 - Cross-Site Scripting (@r3y3r53) [medium] 🔥
✅ [CVE-2021-25016] Chaty < 2.8.2 - Cross-Site Scripting (@luisfelipe146) [medium] 🔥
✅ [CVE-2020-6950] Eclipse Mojarra - Local File Read (@iamnoooob,@pdresearch) [medium] 🔥
✅ [CVE-2023-4451] Cockpit - Cross-Site Scripting (@iamnoooob,@pdresearch) [medium] 🔥
✅ [CVE-2023-3710] Honeywell PM43 Printers - Command Injection (@win3zz) [critical] 🔥
✅ [CVE-2023-3219] EventON Lite < 2.1.2 - Arbitrary File Download (@r3y3r53) [medium] 🔥

What's Changed

New Templates Added : 161

New CVEs Added:99

• http/cves/2022/CVE-2022-47075.yaml by @r3Y3r53
• http/cves/2022/CVE-2022-44957.yaml by @theamanrawat
• http/cves/2022/CVE-2022-45365.yaml by @theamanrawat
• http/cves/2022/CVE-2022-44291.yaml by @theamanrawat
• http/cves/2022/CVE-2022-44290.yaml by @theamanrawat
• http/cves/2023/CVE-2023-41538.yaml by @r3Y3r53
• http/cves/2023/CVE-2023-40779.yaml by @r3Y3r53
• http/cves/2022/CVE-2022-40032.yaml by @r3Y3r53
• http/cves/2022/CVE-2022-40047.yaml by @r3Y3r53
• http/cves/2023/CVE-2023-40208.yaml by @theamanrawat
• http/cves/2023/CVE-2023-39700.yaml by @r3Y3r53
• http/cves/2023/CVE-2023-39110.yaml by @theamanrawat
• http/cves/2023/CVE-2023-39109.yaml by @theamanrawat
• http/cves/2023/CVE-2023-39108.yaml by @theamanrawat
• http/cves/2023/CVE-2023-37979.yaml by @r3Y3r53 🔥
• http/cves/2023/CVE-2023-37728.yaml by @technicaljunkie,@r3Y3r53
• http/cves/2022/CVE-2022-34093.yaml by @r3Y3r53
• http/cves/2022/CVE-2022-34094.yaml by @r3Y3r53
• http/cves/2022/CVE-2022-39048.yaml by @theamanrawat
• http/cves/2023/CVE-2023-36306.yaml by @r3Y3r53
• http/cves/2023/CVE-2023-34756.yaml by @theamanrawat
• http/cves/2023/CVE-2023-34755.yaml by @theamanrawat
• http/cves/2023/CVE-2023-34753.yaml by @theamanrawat
• http/cves/2023/CVE-2023-34752.yaml by @theamanrawat
• http/cves/2023/CVE-2023-34751.yaml by @theamanrawat
• http/cves/2023/CVE-2023-33584.yaml by @r3Y3r53
• http/cves/2023/CVE-2023-29439.yaml by @theamanrawat
• http/cves/2021/CVE-2021-29006.yaml by @r3Y3r53
• http/cves/2021/CVE-2021-25079.yaml by @r3Y3r53
• http/cves/2021/CVE-2021-25016.yaml by @luisfelipe146 🔥
• http/cves/2021/CVE-2021-24979.yaml by @r3Y3r53
• http/cves/2021/CVE-2021-24915.yaml by @r3Y3r53
• http/cves/2021/CVE-2021-24791.yaml by @r3Y3r53
• http/cves/2021/CVE-2021-24627.yaml by @theamanrawat
• http/cves/2021/CVE-2021-24286.yaml by @r3Y3r53
• http/cves/2021/CVE-2021-24215.yaml by @r3Y3r53
• http/cves/2023/CVE-2023-27922.yaml by @r3Y3r53
• http/cves/2022/CVE-2022-25148.yaml by @theamanrawat
• http/cves/2022/CVE-2022-25149.yaml by @theamanrawat
• http/cves/2023/CVE-2023-5244.yaml by @r3Y3r53
• http/cves/2023/CVE-2023-4974.yaml by @theamanrawat
• http/cves/2023/CVE-2023-4547.yaml by @theamanrawat
• http/cves/2023/CVE-2023-4451.yaml by @iamnoooob,@pdresearch 🔥
• http/cves/2023/CVE-2023-4168.yaml by @r3Y3r53
• http/cves/2023/CVE-2023-4148.yaml by @r3Y3r53
• http/cves/2023/CVE-2023-4116.yaml by @r3Y3r53
• http/cves/2023/CVE-2023-4115.yaml by @r3Y3r53
• http/cves/2023/CVE-2023-4114.yaml by @r3Y3r53
• http/cves/2023/CVE-2023-4113.yaml by @r3Y3r53
• http/cves/2023/CVE-2023-4112.yaml by @r3Y3r53
• http/cves/2023/CVE-2023-4111.yaml by @r3Y3r53
• http/cves/2023/CVE-2023-4110.yaml by @r3Y3r53
• http/cves/2023/CVE-2023-3849.yaml by @r3Y3r53
• http/cves/2023/CVE-2023-3848.yaml by @r3Y3r53
• http/cves/2023/CVE-2023-3847.yaml by @r3Y3r53
• http/cves/2023/CVE-2023-3846.yaml by @r3Y3r53
• http/cves/2023/CVE-2023-3845.yaml by @r3Y3r53
• http/cves/2023/CVE-2023-3844.yaml by @r3Y3r53
• http/cves/2023/CVE-2023-3843.yaml by @r3Y3r53
• http/cves/2023/CVE-2023-3710.yaml by @win3zz 🔥
• http/cves/2023/CVE-2023-3219.yaml by @r3Y3r53 🔥
• http/cves/2023/CVE-2023-2779.yaml by @r3Y3r53
• http/cves/2023/CVE-2023-2009.yaml by @r3Y3r53
• http/cves/2023/CVE-2023-1880.yaml by @r3Y3r53
• http/cves/2023/CVE-2023-1780.yaml by @r3Y3r53
• http/cves/2023/CVE-2023-1408.yaml by @r3Y3r53
• http/cves/2023/CVE-2023-1263.yaml by @r3Y3r53
• http/cves/2023/CVE-2023-0947.yaml by @r3Y3r53
• http/cves/2023/CVE-2023-0900.yaml by @r3Y3r53
• http/cves/2023/CVE-2023-0777.yaml by @r3Y3r53
• http/cves/2023/CVE-2023-0602.yaml by @r3Y3r53
• http/cves/2023/CVE-2023-0600.yaml by @r3Y3r53
• http/cves/2023/CVE-2023-0334.yaml by @r3Y3r53
• http/cves/2022/CVE-2022-0228.yaml by @r3Y3r53
• http/cves/2022/CVE-2022-0533.yaml by @r3Y3r53
• http/cves/2022/CVE-2022-0597.yaml by @Farish
• http/cves/2022/CVE-2022-0651.yaml by @theamanrawat
• http/cves/2022/CVE-2022-0658.yaml by @theamanrawat
• http/cves/2022/CVE-2022-0787.yaml by @theamanrawat
• http/cves/2022/CVE-2022-0814.yaml by @r3Y3r53
• http/cves/2022/CVE-2022-0899.yaml by @r3Y3r53
• http/cves/2022/CVE-2022-2174.yaml by @r3Y3r53
• http/cves/2022/CVE-2022-2535.yaml by @r3Y3r53
• http/cves/2022/CVE-2022-3142.yaml by @r3Y3r53
• http/cves/2022/CVE-2022-3242.yaml by @r3Y3r53
• http/cves/2022/CVE-2022-4049.yaml by @theamanrawat
• http/cves/2022/CVE-2022-4059.yaml by @r3Y3r53
• http/cves/2022/CVE-2022-4305.yaml by @r3Y3r53
• http/cves/2021/CVE-2021-35323.yaml by @r3Y3r53
• http/cves/2021/CVE-2021-41749.yaml by @iamnoooob,@ritikchaddha
• http/cves/2020/CVE-2020-12256.yaml by @r3Y3r53
• http/cves/2020/CVE-2020-12259.yaml by @r3Y3r53
• http/cves/2020/CVE-2020-13638.yaml by @theamanrawat
• http/cves/2020/CVE-2020-13851.yaml by @theamanrawat
• http/cves/2020/CVE-2020-6950.yaml by @iamnoooob,@pdresearch 🔥
• http/cves/2020/CVE-2020-8615.yaml by @r3Y3r53
• http/cves/2019/CVE-2019-15829.yaml by @r3Y3r53
• http/cves/2018/CVE-2018-7282.yaml by @theamanrawat
• http/cves/2015/CVE-2015-20067.yaml by @r3Y3r53
• http/vulnerabilities/joomla/joomla-com-booking-component.yaml by @r3Y3r53
• http/vulnerabilities/joomla/joomla-iproperty-real-estate-xss.yaml by @r3Y3r53
• http/vulnerabilities/joomla/joomla-joombri-careers-xss.yaml by @r3Y3r53
• http/vulnerabilities/joomla/joomla-jvtwitter-xss.yaml by @r3Y3r53
• http/vulnerabilities/joomla/joomla-marvikshop-sqli.yaml by @r3Y3r53
• http/vulnerabilities/joomla/joomla-marvikshop-xss.yaml by @r3Y3r53
• http/vulnerabilities/joomla/joomla-solidres-xss.yaml by @r3Y3r53
• http/vulnerabilities/other/applezeed-sqli.yaml by @r3Y3r53
• http/vulnerabilities/other/beyond-trust-xss.yaml by @r3Y3r53
• http/vulnerabilities/other/csz-cms-sqli.yaml by @r3Y3r53
• http/vulnerabilities/other/doorgets-info-disclosure.yaml by @r3Y3r53
• http/vulnerabilities/other/ep-web-cms-xss.yaml by @r3Y3r53
• http/vulnerabilities/other/erensoft-sqli.yaml by @r3Y3r53
• http/vulnerabilities/other/groomify-sqli.yaml by @theamanrawat
• http/vulnerabilities/other/gz-forum-script-xss.yaml by @r3Y3r53
• http/vulnerabilities/other/indonasia-toko-cms-sql.yaml by @r3Y3r53
• http/vulnerabilities/other/joomla-jlex-review-xss.yaml by @r3Y3r53
• http/vulnerabilities/other/joomla-jmarket-xss.yaml by @r3Y3r53
• http/vulnerabilities/other/khodrochi-cms-xss.yaml by @r3Y3r53
• http/vulnerabilities/other/kingsoft-vgm-lfi.yaml by @abbas.heybati
• http/vulnerabilities/other/lokomedia-cms-lfi.yaml by @r3Y3r53
• http/vulnerabilities/other/news-script-xss.yaml by @r3Y3r53
• http/vulnerabilities/other/office-suite-xss.yaml by @r3Y3r53
• http/vulnerabilities/other/ozeki-10-sms-gateway.yaml by @r3Y3r53
• http/vulnerabilities/other/phuket-cms-sqli.yaml by @r3Y3r53
• http/vulnerabilities/other/phuket-cms-xss.yaml by @r3Y3r53
• http/vulnerabilities/other/pmb-sqli.yaml by @r3Y3r53
• http/vulnerabilities/other/rentequip-xss.yaml by @r3Y3r53
• http/vulnerabilities/other/shoowbiz-xss.yaml by @r3Y3r53
• http/vulnerabilities/other/sound4-impact-auth-bypass.yaml by @r3Y3r53
• http/vulnerabilities/other/sound4-impact-password-auth-bypass.yaml by @r3Y3r53
• http/vulnerabilities/other/stackposts-sqli.yaml by @r3Y3r53
• http/vulnerabilities/other/taiwanese-travel-lfi.yaml by @r3Y3r53
• http/vulnerabilities/other/talroo-jobs-xss.yaml by @r3Y3r53
• http/vulnerabilities/other/webigniter-xss.yaml by @theamanrawat
• http/vulnerabilities/wordpress/knr-widget-xss.yaml by @theamanrawat
• http/vulnerabilities/wordpress/photoblocks-grid-gallery-xss.yaml by @r3Y3r53
• http/vulnerabilities/wordpress/wp-adivaha-sqli.yaml by @theamanrawat
• http/vulnerabilities/wordpress/wp-adivaha-xss.yaml by @r3Y3r53
• http/vulnerabilities/wordpress/wp-ellipsis-xss.yaml by @r3Y3r53
• http/vulnerabilities/wordpress/wp-gallery-file-upload.yaml by @r3Y3r53
• http/vulnerabilities/wordpress/wp-googlemp3-lfi.yaml by @theamanrawat
• http/vulnerabilities/wordpress/wp-mega-theme.yaml by @r3Y3r53
• http/vulnerabilities/wordpress/wp-portrait-archiv-xss.yaml by @r3Y3r53
• http/vulnerabilities/wordpress/wp-qwiz-online-xss.yaml by @r3Y3r53
• http/vulnerabilities/wordpress/wp-reality-estate-theme.yaml by @r3Y3r53
• http/vulnerabilities/wordpress/wp-smart-manager-sqli.yaml by @r3Y3r53
• http/vulnerabilities/wordpress/wp-social-warfare-rce.yaml by @theamanrawat
• http/vulnerabilities/wordpress/wp-statistics-sqli.yaml by @r3Y3r53
• http/vulnerabilities/wordpress/wp-superstorefinder-misconfig.yaml by @r3Y3r53
• http/vulnerabilities/wordpress/wp-upward-theme-redirect.yaml by @r3Y3r53
• http/misconfiguration/servicenow-widget-misconfig.yaml by @dhiyaneshdk
• http/default-logins/batflat/batflat-default-login.yaml by @r3Y3r53
• http/default-logins/eurotel/etl3100-default-login.yaml by @r3Y3r53
• http/default-logins/franklin-fueling-default-login.yaml by @r3Y3r53
• http/default-logins/rconfig-default-login.yaml by @theamanrawat
• http/default-logins/timekeeper/timekeeper-default-login.yaml by @theamanrawat
• http/default-logins/wazuh-default-login.yaml by @theamanrawat
• http/exposures/logs/redv-super-logs.yaml by @r3Y3r53
• http/exposed-panels/sphinxonline-panel.yaml by @righettod
• http/exposed-panels/unibox-panel.yaml by @theamanrawat
• http/technologies/checkpoint-mobile-detect.yaml by @righettod

New Contributors

• @Fisjkars made their first contribution in #8385
• @win3zz made their first contribution in #8394

Full Changelog: v9.6.5...v9.6.6