projectdiscovery/nuclei-templates v9.6.8

on GitHub

🔥 Release Highlights 🔥

• CVE-2023-46747 (F5 BIG-IP - Unauthenticated RCE via AJP Smuggling)
• CVE-2023-37679 (NextGen Mirth Connect - Remote Code Execution)
• CVE-2023-45852 (Viessmann Vitogate 300 - Remote Code Execution)
• CVE-2023-4966 (Citrix Bleed - Leaking Session Tokens)

What's Changed

New Templates Added: 79 (CVE: 33)

• http/cves/2023/CVE-2023-46747.yaml by @iamnoooob,@rootxharsh,@pdresearch
• http/cves/2023/CVE-2023-45852.yaml by @iamnoooob,@rootxharsh,@pdresearch
• http/cves/2023/CVE-2023-37679.yaml by @iamnoooob,@rootxharsh,@pdresearch
• http/cves/2023/CVE-2023-4966.yaml by @dhiyaneshdk
• http/cves/2022/CVE-2022-36553.yaml by @HUTA0
• http/cves/2017/CVE-2017-18566.yaml by @luisfelipe146
• http/cves/2017/CVE-2017-18565.yaml by @luisfelipe146
• http/cves/2017/CVE-2017-18564.yaml by @luisfelipe146
• http/cves/2017/CVE-2017-18562.yaml by @luisfelipe146
• http/cves/2017/CVE-2017-18558.yaml by @luisfelipe146
• http/cves/2017/CVE-2017-18557.yaml by @luisfelipe146
• http/cves/2017/CVE-2017-18556.yaml by @luisfelipe146
• http/cves/2017/CVE-2017-18542.yaml by @luisfelipe146
• http/cves/2017/CVE-2017-18537.yaml by @luisfelipe146
• http/cves/2017/CVE-2017-18532.yaml by @luisfelipe146
• http/cves/2017/CVE-2017-18530.yaml by @luisfelipe146
• http/cves/2017/CVE-2017-18529.yaml by @luisfelipe146
• http/cves/2017/CVE-2017-18528.yaml by @luisfelipe146
• http/cves/2017/CVE-2017-18527.yaml by @luisfelipe146
• http/cves/2017/CVE-2017-18518.yaml by @luisfelipe146
• http/cves/2017/CVE-2017-18517.yaml by @luisfelipe146
• http/cves/2017/CVE-2017-18516.yaml by @luisfelipe146
• http/cves/2017/CVE-2017-18505.yaml by @luisfelipe146
• http/cves/2017/CVE-2017-18502.yaml by @luisfelipe146
• http/cves/2017/CVE-2017-18501.yaml by @luisfelipe146
• http/cves/2017/CVE-2017-18500.yaml by @luisfelipe146
• http/cves/2017/CVE-2017-18496.yaml by @luisfelipe146
• http/cves/2017/CVE-2017-18494.yaml by @luisfelipe146
• http/cves/2017/CVE-2017-18493.yaml by @luisfelipe146
• http/cves/2017/CVE-2017-18492.yaml by @luisfelipe146
• http/cves/2017/CVE-2017-18491.yaml by @luisfelipe146
• http/cves/2017/CVE-2017-18490.yaml by @luisfelipe146
• http/cves/2017/CVE-2017-18487.yaml by @luisfelipe146
• http/misconfiguration/tiny-file-manager-unauth.yaml by @ritikchaddha,@HUTA0
• http/misconfiguration/unauth-opache-control-panel.yaml by @pussycat0x
• http/vulnerabilities/backdoor/cisco-implant-detect.yaml by @dhiyaneshdk,@rxerium
• http/vulnerabilities/cisco/cisco-broadworks-log4j-rce.yaml by @shaikhyaser
• http/vulnerabilities/cisco/cisco-webex-log4j-rce.yaml by @shaikhyaser
• http/vulnerabilities/other/citrix-xenapp-log4j-rce.yaml by @shaikhyaser
• http/vulnerabilities/other/f-secure-policymanager-log4j-rce.yaml by @shaikhyaser
• http/vulnerabilities/other/flexnet-log4j-rce.yaml by @shaikhyaser
• http/vulnerabilities/other/fortiportal-log4j-rce.yaml by @shaikhyaser
• http/vulnerabilities/other/jitsi-meet-log4j-rce.yaml by @shaikhyaser
• http/vulnerabilities/other/livebos-file-read.yaml by @Yusakie
• http/vulnerabilities/other/logstash-log4j-rce.yaml by @shaikhyaser
• http/vulnerabilities/other/manage-engine-dc-log4j-rce.yaml by @shaikhyaser
• http/vulnerabilities/other/okta-log4j-rce.yaml by @shaikhyaser
• http/vulnerabilities/other/openshift-log4j-rce.yaml by @shaikhyaser
• http/vulnerabilities/other/papercut-log4j-rce.yaml by @shaikhyaser
• http/vulnerabilities/other/pega-log4j-rce.yaml by @shaikhyaser
• http/vulnerabilities/other/sonicwall-nsm-log4j-rce.yaml by @shaikhyaser
• http/vulnerabilities/other/splunk-enterprise-log4j-rce.yaml by @shaikhyaser
• http/vulnerabilities/other/symantec-sepm-log4j-rce.yaml by @shaikhyaser
• http/vulnerabilities/wordpress/blog-designer-pack-rce.yaml by @iamnoooob,@rootxharsh,@pdresearch
• http/vulnerabilities/wordpress/wp-kadence-blocks-rce.yaml by @theamanrawat
• http/exposed-panels/authelia-panel.yaml by @rxerium
• http/exposed-panels/automatisch-panel.yaml by @rxerium
• http/exposed-panels/changedetection-panel.yaml by @rxerium
• http/exposed-panels/chronos-panel.yaml by @righettod
• http/exposed-panels/homebridge-panel.yaml by @rxerium
• http/exposed-panels/immich-panel.yaml by @rxerium
• http/exposed-panels/memos-panel.yaml by @rxerium
• http/exposed-panels/opentouch-multimediaservices-panel.yaml by @righettod
• http/exposed-panels/rcdevs-webadm-panel.yaml by @righettod
• http/exposed-panels/regify-panel.yaml by @righettod
• http/exposed-panels/scribble-diffusion-panel.yaml by @rxerium
• http/exposed-panels/security-onion-panel.yaml by @rxerium
• http/exposed-panels/solarwinds-arm-panel.yaml by @bhutch
• http/exposed-panels/speedtest-panel.yaml by @rxerium
• http/exposed-panels/tautulli-panel.yaml by @rxerium
• http/exposed-panels/vinchin-panel.yaml by @pussycat0x
• http/exposed-panels/webtitan-cloud-panel.yaml by @ritikchaddha
• http/technologies/atlassian-connect-descriptor.yaml by @pussycat0x
• http/technologies/mappproxy-detect.yaml by @philippedelteil
• http/technologies/orbit-telephone-detect.yaml by @HeeresS
• http/token-spray/api-onyphe.yaml by @0xPugazh
• headless/technologies/js-libraries-detect.yaml by @adamparsons,@cbadke,@ChetGan,@ErikOwen,@jacalynli
• javascript/detection/oracle-tns-listner.yaml by @pussycat0x
• javascript/enumeration/smb-enum.yaml by @pussycat0x

New Contributors

• @shaikhyaser made their first contribution in #8419
• @rxerium made their first contribution in #8427

Full Changelog: v9.6.7...v9.6.8