projectdiscovery/nuclei-templates v9.9.3

on GitHub

🔥 Release Highlights 🔥

• [CVE-2024-41107] Apache CloudStack - SAML Signature Exclusion (@iamnoooob, @rootxharsh, @pdresearch) [critical] 🔥
• [CVE-2024-40422] Devika v1 - Path Traversal (@s4e-garage, @alpernae) [critical] 🔥
• [CVE-2024-39907] 1Panel SQL Injection - Authenticated (@iamnoooob, @rootxharsh, @pdresearch) [critical] 🔥
• [CVE-2024-38856] Apache OFBiz - Remote Code Execution (@Co5mos) [critical] 🔥
• [CVE-2024-36104] Apache OFBiz - Path Traversal (@Co5mos) [critical] 🔥
• [CVE-2024-7339] TVT DVR Sensitive Device - Information Disclosure (@stuxctf) [medium] 🔥
• [CVE-2024-6782] Calibre <= 7.14.0 Remote Code Execution (@dhiyaneshdk) [critical] 🔥

What's Changed

New Templates Added: 56 | CVEs Added: 33 | First-time contributions: 4

• [CVE-2024-41628] Cluster Control CMON API - Directory Traversal (@s4e-garage) [high]
• [CVE-2024-41107] Apache CloudStack - SAML Signature Exclusion (@iamnoooob, @rootxharsh, @pdresearch) [critical] 🔥
• [CVE-2024-40422] Devika v1 - Path Traversal (@s4e-garage, @alpernae) [critical] 🔥
• [CVE-2024-39907] 1Panel SQL Injection - Authenticated (@iamnoooob, @rootxharsh, @pdresearch) [critical] 🔥
• [CVE-2024-39903] Solara <1.35.1 - Local File Inclusion (@iamnoooob, @rootxharsh, @pdresearch) [high]
• [CVE-2024-38856] Apache OFBiz - Remote Code Execution (@Co5mos) [critical] 🔥
• [CVE-2024-38514] NextChat - Server-Side Request Forgery (@dhiyaneshdk) [high]
• [CVE-2024-38288] TurboMeeting - Post-Authentication Command Injection (@rootxharsh, @iamnoooob, @pdresearch) [high]
• [CVE-2024-36104] Apache OFBiz - Path Traversal (@Co5mos) [critical] 🔥
• [CVE-2024-34061] Changedetection.io <=v0.45.21 - Cross-Site Scripting (@ritikchaddha) [medium]
• [CVE-2024-24763] JumpServer < 3.10.0 - Open Redirect (@ritikchaddha) [medium]
• [CVE-2024-7340] W&B Weave Server - Remote Arbitrary File Leak (@iamnoooob, @rootxharsh, @pdresearch) [high]
• [CVE-2024-7339] TVT DVR Sensitive Device - Information Disclosure (@stuxctf) [medium] 🔥
• [CVE-2024-7332] TOTOLINK CP450 v4.1.0cu.747_B20191224 - Hard-Coded Password Vulnerability (@s4e-garage) [critical]
• [CVE-2024-7188] Bylancer Quicklancer 2.4 G - SQL Injection (@s4e-garage) [high]
• [CVE-2024-7120] Raisecom MSG1200, MSG2100E, MSG2200 and MSG2300 3.90 - Command Injection (@pussycat0x) [medium]
• [CVE-2024-7008] Calibre <= 7.15.0 - Reflected Cross-Site Scripting (XSS) (@dhiyaneshdk) [medium]
• [CVE-2024-6922] Automation Anywhere Automation 360 - Server-Side Request Forgery (@dhiyaneshdk) [high]
• [CVE-2024-6782] Calibre <= 7.14.0 Remote Code Execution (@dhiyaneshdk) [critical] 🔥
• [CVE-2024-6781] Calibre <= 7.14.0 Arbitrary File Read (@dhiyaneshdk) [high]
• [CVE-2024-6396] Aimhubio Aim Server 3.19.3 - Arbitrary File Overwrite (@iamnoooob, @rootxharsh, @pdresearch) [critical]
• [CVE-2024-6366] User Profile Builder < 3.11.8 - File Upload (@s4e-garage) [high]
• [CVE-2024-6205] PayPlus Payment Gateway < 6.6.9 - SQL Injection (@s4e-garage) [critical]
• [CVE-2024-5975] CZ Loan Management <= 1.1 - SQL Injection (@s4e-garage) [critical]
• [CVE-2024-5936] PrivateGPT < 0.5.0 - Open Redirect (@ctflearner) [medium]
• [CVE-2023-44393] Piwigo - Cross-Site Scripting (@ritikchaddha) [medium]
• [CVE-2023-43323] mooSocial 3.1.8 - External Service Interaction (@ritikchaddha) [medium]
• [CVE-2023-6444] Seriously Simple Podcasting < 3.0.0 - Information Disclosure (@s4eio) [medium]
• [CVE-2023-5863] phpMyFAQ < 3.2.0 - Cross-site Scripting (@ctflearner) [medium]
• [CVE-2023-5222] Viessmann Vitogate 300 - Hardcoded Password (@ritikchaddha) [critical]
• [CVE-2022-27043] Yearning - Directory Traversal (@Co5mos) [high]
• [CVE-2022-3869] Froxlor < 0.10.38.2. - HTML Injection (@ctflearner) [medium]
• [CVE-2004-2687] Distccd v1 - Remote Code Execution (@pussycat0x) [high]
• [cloudstack-default-login] Apache CloudStack - Default Login (@dhiyaneshdk) [high]
• [airos-panel] AirOS Panel - Detect (@rxerium) [info]
• [fossbilling-panel] FOSSBilling Panel - Detect (@ritikchaddha) [info]
• [metube-detect] MeTube Instance Detected (@rxerium) [info]
• [openedge-panel] OpenEdge Login Panel - Detect (@rxerium) [info]
• [photoprism-panel] PhotoPrism Panel - Detect (@rxerium) [info]
• [privategpt-detect] PrivateGPT - Detect (@ritikchaddha) [info]
• [whatsup-gold-panel] Whatsup Gold Login Panel - Detect (@rxerium) [info]
• [gitlab-ci-yml] GitLab CI YAML - Exposure (@dhiyaneshdk) [medium]
• [changedetection-unauth] Changedetection.io Dashboard - Exposure (@ritikchaddha) [medium]
• [deployment-interface-exposed] Deployment Management Interface - Exposed (@dhiyaneshdk) [medium]
• [fossbilling-installer] FOSSBilling - Installation (@ritikchaddha) [high]
• [quickcms-installer] QuickCMS Installation Wizard (@dhiyaneshdk) [high]
• [manage-cabinet-register] Manage Cabinet Register - Exposed (@noel) [low]
• [substack] substack.com User Name Information - Detect (@cheesymoon) [info]
• [apache-ofbiz-detect] Apache OFBiz - Detect (@rxerium) [info]
• [apache-shenyu-detect] Apache Shenyu Gateway Management System - Detect (@icarot) [info]
• [searxng-detect] SearXNG - Detect (@rxerium) [info]
• [esafenet-netsecconfigajax-sqli] Esafenet CDG NetSecConfigAjax - Sql Injection (@adeljck) [high]
• [esafenet-noticeajax-sqli] Esafenet CDG NoticeAjax - Sql Injection (@adeljck) [high]
• [landray-oa-replaceextend-rce] Landray OA replaceExtend Function - Remote Code Execution (@adeljck) [critical]
• [x11-unauth-access] x11 - Unauthenticated Access (@pussycat0x) [high]
• [db2-discover] Broadcast DB2 Discover (@pussycat0x) [info]

New Contributors

• @lanyi1998 made their first contribution in #10402
• @eltociear made their first contribution in #10401
• @NoelV11 made their first contribution in #10387
• @gelim made their first contribution in #10420

Full Changelog: v9.9.2...v9.9.3