Nuclei Templates Versions Save

Community curated list of templates for the nuclei engine to find security vulnerabilities.

v9.8.5

1 week ago

🔥 Release Highlights 🔥

We're excited to share about Nuclei-Templates v9.8.5! This new version includes newly added AWS cloud config review templates. These templates can be used by companies or pentesters for identifying misconfigurations in the AWS cloud environment.

Similarly by leveraging aws code templates, security teams will be able to write their own checks for identifying misconfigurations that are specific to their particular workflows. This will enable them to effectively identify and remediate potential security issues within AWS environments.

To use cloud configuration review templates, first we need set up the environment. This setup is similar to using the aws-cli, where you either add aws_access_key_id and aws_secret_access_key to the ~/.aws/credentials file or export them as environment variables.

nuclei -id aws-code-env -code

We've also introduced the concept of profiles, which allow users to run a specific set of templates tailored for a particular use case. For running AWS templates, we have a profile named aws-cloud-config.

Now you're all set to run the templates!

nuclei -config ~/nuclei-templates/profiles/aws-cloud-config.yml -cloud-upload

What's Changed

New Templates Added: 142 | CVEs Added: 10 | First-time contributions: 6

  • http/cves/2024/CVE-2024-26331.yaml by @carsonchan12345 🔥
  • http/cves/2024/CVE-2024-3400.yaml by @salts,@parthmalhotra 🔥
  • http/cves/2024/CVE-2024-3273.yaml by @pussycat0x 🔥
  • code/cves/2024/CVE-2024-3094.yaml by @pdteam 🔥
  • http/cves/2024/CVE-2024-2879.yaml by @d4ly 🔥
  • http/cves/2024/CVE-2024-2389.yaml by @pdresearch,@parthmalhotra 🔥
  • http/cves/2024/CVE-2024-0337.yaml by @Kazgangap
  • javascript/cves/2023/CVE-2023-48795.yaml by @pussycat0x
  • http/cves/2022/CVE-2022-24627.yaml by @geeknik
  • http/cves/2022/CVE-2022-0424.yaml by @Kazgangap
  • http/vulnerabilities/other/opencart-core-sqli.yaml by @Kazgangap
  • http/vulnerabilities/other/quick-cms-sqli.yaml by @Kazgangap
  • http/vulnerabilities/other/user-management-system-sqli.yaml by @f0xy
  • cloud/aws/acm/acm-cert-expired.yaml by @princechaddha
  • cloud/aws/acm/acm-cert-renewal-30days.yaml by @princechaddha
  • cloud/aws/acm/acm-cert-renewal-45days.yaml by @princechaddha
  • cloud/aws/acm/acm-cert-validation.yaml by @princechaddha
  • cloud/aws/acm/acm-wildcard-cert.yaml by @princechaddha
  • cloud/aws/aws-code-env.yaml by @princechaddha
  • cloud/aws/cloudtrail/cloudtrail-data-events.yaml by @princechaddha
  • cloud/aws/cloudtrail/cloudtrail-disabled.yaml by @princechaddha
  • cloud/aws/cloudtrail/cloudtrail-dup-logs.yaml by @princechaddha
  • cloud/aws/cloudtrail/cloudtrail-global-disabled.yaml by @princechaddha
  • cloud/aws/cloudtrail/cloudtrail-integrated-cloudwatch.yaml by @princechaddha
  • cloud/aws/cloudtrail/cloudtrail-log-integrity.yaml by @princechaddha
  • cloud/aws/cloudtrail/cloudtrail-logs-not-encrypted.yaml by @princechaddha
  • cloud/aws/cloudtrail/cloudtrail-mfa-delete.yaml by @princechaddha
  • cloud/aws/cloudtrail/cloudtrail-mgmt-events.yaml by @princechaddha
  • cloud/aws/cloudtrail/cloudtrail-public-buckets.yaml by @princechaddha
  • cloud/aws/cloudtrail/cloudtrail-s3-bucket-logging.yaml by @princechaddha
  • cloud/aws/cloudtrail/s3-object-lock-not-enabled.yaml by @princechaddha
  • cloud/aws/cloudwatch/cw-alarm-action-set.yaml by @princechaddha
  • cloud/aws/cloudwatch/cw-alarms-actions.yaml by @princechaddha
  • cloud/aws/ec2/ec2-imdsv2.yaml by @princechaddha
  • cloud/aws/ec2/ec2-public-ip.yaml by @princechaddha
  • cloud/aws/ec2/ec2-sg-egress-open.yaml by @princechaddha
  • cloud/aws/ec2/ec2-sg-ingress.yaml by @princechaddha
  • cloud/aws/ec2/ec2-unrestricted-cifs.yaml by @princechaddha
  • cloud/aws/ec2/ec2-unrestricted-dns.yaml by @princechaddha
  • cloud/aws/ec2/ec2-unrestricted-ftp.yaml by @princechaddha
  • cloud/aws/ec2/ec2-unrestricted-http.yaml by @princechaddha
  • cloud/aws/ec2/ec2-unrestricted-https.yaml by @princechaddha
  • cloud/aws/ec2/ec2-unrestricted-icmp.yaml by @princechaddha
  • cloud/aws/ec2/ec2-unrestricted-memcached.yaml by @princechaddha
  • cloud/aws/ec2/ec2-unrestricted-mongodb.yaml by @princechaddha
  • cloud/aws/ec2/ec2-unrestricted-mssql.yaml by @princechaddha
  • cloud/aws/ec2/ec2-unrestricted-mysql.yaml by @princechaddha
  • cloud/aws/ec2/ec2-unrestricted-netbios.yaml by @princechaddha
  • cloud/aws/ec2/ec2-unrestricted-opensearch.yaml by @princechaddha
  • cloud/aws/ec2/ec2-unrestricted-oracle.yaml by @princechaddha
  • cloud/aws/ec2/ec2-unrestricted-pgsql.yaml by @princechaddha
  • cloud/aws/ec2/ec2-unrestricted-rdp.yaml by @princechaddha
  • cloud/aws/ec2/ec2-unrestricted-redis.yaml by @princechaddha
  • cloud/aws/ec2/ec2-unrestricted-smtp.yaml by @princechaddha
  • cloud/aws/ec2/ec2-unrestricted-ssh.yaml by @princechaddha
  • cloud/aws/ec2/ec2-unrestricted-telnet.yaml by @princechaddha
  • cloud/aws/ec2/publicly-shared-ami.yaml by @princechaddha
  • cloud/aws/ec2/unencrypted-aws-ami.yaml by @princechaddha
  • cloud/aws/iam/iam-access-analyzer.yaml by @princechaddha
  • cloud/aws/iam/iam-expired-ssl.yaml by @princechaddha
  • cloud/aws/iam/iam-full-admin-privileges.yaml by @princechaddha
  • cloud/aws/iam/iam-key-rotation-90days.yaml by @princechaddha
  • cloud/aws/iam/iam-mfa-enable.yaml by @princechaddha
  • cloud/aws/iam/iam-password-policy.yaml by @princechaddha
  • cloud/aws/iam/iam-root-mfa.yaml by @princechaddha
  • cloud/aws/iam/iam-ssh-keys-rotation.yaml by @princechaddha
  • cloud/aws/iam/iam-unapproved-policy.yaml by @princechaddha
  • cloud/aws/iam/iam-user-password-change.yaml by @princechaddha
  • cloud/aws/iam/ssl-cert-renewal.yaml by @princechaddha
  • cloud/aws/rds/aurora-copy-tags-snap.yaml by @princechaddha
  • cloud/aws/rds/aurora-delete-protect.yaml by @princechaddha
  • cloud/aws/rds/iam-db-auth.yaml by @princechaddha
  • cloud/aws/rds/rds-backup-enable.yaml by @princechaddha
  • cloud/aws/rds/rds-deletion-protection.yaml by @princechaddha
  • cloud/aws/rds/rds-encryption-check.yaml by @princechaddha
  • cloud/aws/rds/rds-event-notify.yaml by @princechaddha
  • cloud/aws/rds/rds-event-sub-enable.yaml by @princechaddha
  • cloud/aws/rds/rds-event-sub.yaml by @princechaddha
  • cloud/aws/rds/rds-gp-ssd-usage.yaml by @princechaddha
  • cloud/aws/rds/rds-public-snapshot.yaml by @princechaddha
  • cloud/aws/rds/rds-public-subnet.yaml by @princechaddha
  • cloud/aws/rds/rds-ri-payment-fail.yaml by @princechaddha
  • cloud/aws/rds/rds-snapshot-encryption.yaml by @princechaddha
  • cloud/aws/s3/s3-access-logging.yaml by @princechaddha
  • cloud/aws/s3/s3-auth-fullcontrol.yaml by @princechaddha
  • cloud/aws/s3/s3-bucket-key.yaml by @princechaddha
  • cloud/aws/s3/s3-bucket-policy-public-access.yaml by @princechaddha
  • cloud/aws/s3/s3-mfa-delete-check.yaml by @princechaddha
  • cloud/aws/s3/s3-public-read-acp.yaml by @princechaddha
  • cloud/aws/s3/s3-public-read.yaml by @princechaddha
  • cloud/aws/s3/s3-public-write-acp.yaml by @princechaddha
  • cloud/aws/s3/s3-public-write.yaml by @princechaddha
  • cloud/aws/s3/s3-server-side-encryption.yaml by @princechaddha
  • cloud/aws/s3/s3-versioning.yaml by @princechaddha
  • cloud/aws/vpc/nacl-open-inbound.yaml by @princechaddha
  • cloud/aws/vpc/nacl-outbound-restrict.yaml by @princechaddha
  • cloud/aws/vpc/nat-gateway-usage.yaml by @princechaddha
  • cloud/aws/vpc/unrestricted-admin-ports.yaml by @princechaddha
  • cloud/aws/vpc/vpc-endpoint-exposed.yaml by @princechaddha
  • cloud/aws/vpc/vpc-endpoints-not-deployed.yaml by @princechaddha
  • cloud/aws/vpc/vpc-flowlogs-not-enabled.yaml by @princechaddha
  • cloud/aws/vpc/vpn-tunnel-down.yaml by @princechaddha
  • http/misconfiguration/apple-cups-exposure.yaml by @DhiyaneshDK
  • http/misconfiguration/dlink-unauth-cgi-script.yaml by @pussycat0x
  • http/misconfiguration/helm-dashboard-exposure.yaml by @DhiyaneshDk
  • http/misconfiguration/installer/phpipam-installer.yaml by @DhiyaneshDK
  • http/misconfiguration/intelbras-dvr-unauth.yaml by @pussycat0x
  • http/misconfiguration/sentinel-license-monitor.yaml by @DhiyaneshDk
  • http/misconfiguration/thanos-prometheus-exposure.yaml by @DhiyaneshDk
  • http/default-logins/allnet/allnet-default-login.yaml by @ritikchaddha
  • http/default-logins/asus/asus-rtn16-default-login.yaml by @ritikchaddha
  • http/default-logins/asus/asus-wl500g-default-login.yaml by @ritikchaddha
  • http/default-logins/asus/asus-wl520GU-default-login.yaml by @ritikchaddha
  • http/default-logins/barco-clickshare-default-login.yaml by @ritikchaddha
  • http/exposed-panels/akhq-panel.yaml by @DhiyaneshDK
  • http/exposed-panels/algonomia-panel.yaml by @righettod
  • http/exposed-panels/beyondtrust-priv-panel.yaml by @righettod
  • http/exposed-panels/chemotargets-clarityvista-panel.yaml by @righettod
  • http/exposed-panels/mitel-micollab-panel.yaml by @righettod
  • http/exposed-panels/mitric-checker-panel.yaml by @righettod
  • http/exposed-panels/ni-web-based-panel.yaml by @DhiyaneshDK
  • http/exposed-panels/ollama-llm-panel.yaml by @pbuff07
  • http/exposed-panels/outsystems-servicecenter-panel.yaml by @righettod
  • http/exposed-panels/powerchute-network-panel.yaml by @DhiyaneshDK
  • http/exposed-panels/rtm-web-panel.yaml by @DhiyaneshDK
  • http/exposed-panels/suprema-biostar-panel.yaml by @ritikchaddha
  • http/exposed-panels/tibco-spotfire-panel.yaml by @righettod
  • http/exposed-panels/uipath-orchestrator-panel.yaml by @righettod
  • http/exposed-panels/urbackup-panel.yaml by @DhiyaneshDk
  • http/exposed-panels/zenml-dashboard-panel.yaml by @DhiyaneshDK
  • http/exposures/apis/aspnet-soap-webservices-asmx.yaml by @righettod
  • http/exposures/apis/redfish-api.yaml by @righettod
  • http/exposures/files/ht-deployment.yaml by @Michal-Mikolas
  • http/takeovers/gohire-takeover.yaml by @philippedelteil
  • http/takeovers/helpdocs-takeover.yaml by @philippedelteil
  • http/takeovers/softr-takeover.yaml by @philippedelteil
  • http/takeovers/uptime-takeover.yaml by @philippedelteil
  • http/technologies/citrix-xenmobile-version.yaml by @Puben
  • http/technologies/splunkhec-detect.yaml by @idealphase
  • http/technologies/tibco-spotfire-services-detect.yaml by @righettod
  • ssl/c2/sliver-c2.yaml by @johnk3r
  • dns/bimi-detect.yaml by @rxerium

New Contributors

Full Changelog: https://github.com/projectdiscovery/nuclei-templates/compare/v9.8.1...v9.8.5

v9.8.1

3 weeks ago

What's Changed

New Templates Added: 77 | CVEs Added: 29 | First-time contributions: 6

  • http/cves/2024/CVE-2024-20767.yaml by @iamnoooob,@rootxharsh,@pdresearch
  • http/cves/2024/CVE-2024-27564.yaml by @DhiyaneshDK
  • http/cves/2024/CVE-2024-28255.yaml by @DhiyaneshDK,@iamnooob
  • http/cves/2024/CVE-2024-28734.yaml by @Kazgangap
  • http/cves/2024/CVE-2024-29059.yaml by @iamnoooob,@rootxharsh,@DhiyaneshDk,@pdresearch
  • http/cves/2024/CVE-2024-29269.yaml by @ritikchaddha
  • http/cves/2023/CVE-2023-0159.yaml by @c4sper0
  • http/cves/2023/CVE-2023-0678.yaml by @princechaddha,@ritikchaddha
  • http/cves/2023/CVE-2023-34993.yaml by @dwisiswant0
  • http/cves/2023/CVE-2023-47218.yaml by @ritikchaddha
  • http/cves/2022/CVE-2022-29013.yaml by @DhiyaneshDK
  • http/cves/2022/CVE-2022-32430.yaml by @DhiyaneshDK
  • http/cves/2022/CVE-2022-41412.yaml by @null_hypothesis
  • http/cves/2021/CVE-2021-46418.yaml by @DhiyaneshDK
  • http/cves/2021/CVE-2021-46419.yaml by @DhiyaneshDK
  • http/cves/2019/CVE-2019-9632.yaml by @pdteam
  • http/cves/2018/CVE-2018-10735.yaml by @DhiyaneshDk
  • http/cves/2018/CVE-2018-10736.yaml by @DhiyaneshDK
  • http/cves/2018/CVE-2018-10737.yaml by @DhiyaneshDK
  • http/cves/2018/CVE-2018-10738.yaml by @DhiyaneshDk
  • http/cves/2018/CVE-2018-6605.yaml by @DhiyaneshDk
  • http/cves/2018/CVE-2018-7314.yaml by @DhiyaneshDK
  • http/cves/2016/CVE-2016-5674.yaml by @DhiyaneshDK
  • dast/cves/2018/CVE-2018-19518.yaml by @princechaddha
  • dast/cves/2021/CVE-2021-45046.yaml by @princechaddha
  • dast/cves/2022/CVE-2022-34265.yaml by @princechaddha
  • dast/cves/2022/CVE-2022-42889.yaml by @mordavid,@princechaddha
  • dast/vulnerabilities/cmdi/blind-oast-polyglots.yaml by @pdteam,@geeknik
  • dast/vulnerabilities/cmdi/ruby-open-rce.yaml by @pdteam
  • dast/vulnerabilities/crlf/cookie-injection.yaml by @pdteam
  • dast/vulnerabilities/crlf/crlf-injection.yaml by @pdteam
  • dast/vulnerabilities/csti/angular-client-side-template-injection.yaml by @theamanrawat
  • dast/vulnerabilities/lfi/lfi-keyed.yaml by @pwnhxl
  • dast/vulnerabilities/lfi/linux-lfi-fuzz.yaml by @DhiyaneshDK
  • dast/vulnerabilities/lfi/windows-lfi-fuzz.yaml by @pussycat0x
  • dast/vulnerabilities/redirect/open-redirect.yaml by @princechaddha
  • dast/vulnerabilities/rfi/generic-rfi.yaml by @m4lwhere
  • dast/vulnerabilities/sqli/sqli-error-based.yaml by @geeknik,@pdteam
  • dast/vulnerabilities/ssrf/blind-ssrf.yaml by @pdteam
  • dast/vulnerabilities/ssrf/response-ssrf.yaml by @pdteam,@pwnhxl,@j4vaovo
  • dast/vulnerabilities/ssti/reflection-ssti.yaml by @pdteam
  • dast/vulnerabilities/xss/dom-xss.yaml by @theamanrawat
  • dast/vulnerabilities/xss/reflected-xss.yaml by @pdteam
  • dast/vulnerabilities/xxe/generic-xxe.yaml by @pwnhxl
  • http/vulnerabilities/dahua/dahua-eims-rce.yaml by @DhiyaneshDk
  • http/vulnerabilities/huatian/huatian-oa-sqli.yaml by @ritikchaddha
  • http/vulnerabilities/landray/landray-eis-sqli.yaml by @DhiyaneshDK
  • http/vulnerabilities/other/voyager-lfi.yaml by @mammad_rahimzada
  • javascript/cves/2012/CVE-2012-2122.yaml by @pussycat0x
  • javascript/cves/2019/CVE-2019-9193.yaml by @pussycat0x
  • javascript/enumeration/minecraft-enum.yaml by @pussycat0x
  • javascript/enumeration/pgsql/pgsql-default-db.yaml by @pussycat0x
  • javascript/enumeration/pgsql/pgsql-file-read.yaml by @pussycat0x
  • javascript/enumeration/pgsql/pgsql-list-database.yaml by @pussycat0x
  • javascript/enumeration/pgsql/pgsql-list-password-hashes.yaml by @pussycat0x
  • javascript/enumeration/pgsql/pgsql-list-users.yaml by @pussycat0x
  • javascript/enumeration/pgsql/pgsql-version-detect.yaml by @pussycat0x
  • javascript/misconfiguration/pgsql/pgsql-extensions-rce.yaml by @pussycat0x
  • javascript/misconfiguration/pgsql/postgresql-empty-password.yaml by @pussycat0x
  • javascript/udp/detection/tftp-detect.yaml by @pussycat0x
  • http/default-logins/3com/3Com-wireless-default-login.yaml by @ritikchaddha
  • http/default-logins/3ware-default-login.yaml by @ritikchaddha
  • http/default-logins/next-terminal/next-terminal-default-login.yaml by @ritikchaddha
  • http/exposed-panels/amprion-gridloss-panel.yaml by @righettod
  • http/exposed-panels/safenet-authentication-panel.yaml by @righettod
  • http/exposed-panels/syfadis-xperience-panel.yaml by @righettod
  • http/exposures/configs/deployment-ini.yaml by @Michal Mikolas (nanuqcz)
  • http/miscellaneous/form-detection.yaml by @pdteam
  • http/misconfiguration/https-to-http-redirect.yaml by @kazet
  • http/technologies/celebrus-detect.yaml by @righettod
  • http/technologies/privatebin-detect.yaml by @righettod
  • http/technologies/simplesamlphp-detect.yaml by @righettod
  • http/technologies/yourls-detect.yaml by @lstatro
  • network/c2/darkcomet-trojan.yaml by @pussycat0x
  • network/c2/darktrack-rat-trojan.yaml by @pussycat0x
  • network/c2/orcus-rat-trojan.yaml by @pussycat0x
  • network/c2/xtremerat-trojan.yaml by @pussycat0x

New Contributors

Full Changelog: https://github.com/projectdiscovery/nuclei-templates/compare/v9.8.0...v9.8.1

v9.8.0

1 month ago

🔥 Release Highlights 🔥

We're thrilled to share that with the launch of Nuclei Templates version 9.8.0, we've broadened our scope in network security checks. Our template library now boasts over 8,000 entries, encompassing more than 7,202 templates for web applications. This collection includes 2,200 web-related CVEs and features more than 850 templates aimed at identifying web vulnerabilities.

With the help of active community contributions, we have been adding all the latest web CVEs and vulnerabilities in the wild. While we continue to do so, we are focused on expanding our template offerings to include network vulnerabilities, providing the most comprehensive scanning.

With this release, we're inviting contributors to aid us in enriching our network vulnerability detection, facilitated by the new JS protocol. This makes it simpler to incorporate network checks through the newly introduced JS modules. For guidance on crafting JS templates, check out our documentation here.

Next, we are aiming to expand coverage of LDAP and Kerberos related checks. We are looking forward to getting more contributions from the community

What's Changed

New Templates Added: 85 | CVEs Added: 8 | First-time contributions: 5

  • http/cves/2023/CVE-2023-49785.yaml by @high 🔥
  • http/cves/2023/CVE-2023-5830.yaml by @Mbb5546
  • http/cves/2023/CVE-2023-5914.yaml by @DhiyaneshDK
  • http/cves/2023/CVE-2023-6114.yaml by @DhiyaneshDk
  • http/cves/2023/CVE-2023-6567.yaml by @iamnoooob,@rootxharsh,@pdresearch 🔥
  • http/cves/2024/CVE-2024-1212.yaml by @DhiyaneshDK 🔥
  • http/cves/2024/CVE-2024-1698.yaml by @DhiyaneshDk
  • http/cves/2024/CVE-2024-27954.yaml by @iamnoooob,@rootxharsh,@pdresearch 🔥
  • javascript/audit/mysql/mysql-load-file.yaml by @pussycat0x
  • javascript/enumeration/mysql/mysql-default-login.yaml by @DhiyaneshDk,@pussycat0x,@ritikchaddha
  • javascript/enumeration/mysql/mysql-info.yaml by @pussycat0x
  • javascript/enumeration/mysql/mysql-show-databases.yaml by @DhiyaneshDk
  • javascript/enumeration/mysql/mysql-show-variables.yaml by @DhiyaneshDk
  • javascript/enumeration/mysql/mysql-user-enum.yaml by @pussycat0x
  • javascript/enumeration/pop3/pop3-capabilities-enum.yaml by @pussycat0x
  • javascript/enumeration/redis/redis-info.yaml by @DhiyaneshDK
  • javascript/enumeration/redis/redis-require-auth.yaml by @DhiyaneshDK
  • javascript/enumeration/rsync/rsync-version.yaml by @DhiyaneshDK
  • javascript/enumeration/smb/smb-default-creds.yaml by @pussycat0x
  • javascript/enumeration/smb/smb-enum-domains.yaml by @DhiyaneshDK
  • javascript/enumeration/smb/smb-os-detect.yaml by @pussycat0x
  • javascript/enumeration/smb/smb-version-detect.yaml by @pussycat0x
  • javascript/enumeration/smb/smb2-server-time.yaml by @DhiyaneshDK
  • javascript/misconfiguration/mysql/mysql-empty-password.yaml by @DhiyaneshDk
  • http/vulnerabilities/esafenet/esafenet-mysql-fileread.yaml by @DhiyaneshDk
  • http/vulnerabilities/idoc/idocview-2word-fileupload.yaml by @DhiyaneshDK
  • http/vulnerabilities/idoc/idocview-lfi.yaml by @DhiyaneshDK
  • http/vulnerabilities/landray/landray-eis-ws-infoleak.yaml by @Fur1na
  • http/vulnerabilities/other/office365-indexs-fileread.yaml by @DhiyaneshDK
  • http/vulnerabilities/other/ups-network-lfi.yaml by @Kazgangap
  • http/default-logins/ispconfig-default-login.yaml by @pussycat0x
  • http/misconfiguration/installer/posteio-installer.yaml by @ritikchaddha
  • http/exposures/files/generic-db.yaml by @Michal Mikolas (nanuqcz)
  • http/exposed-panels/bynder-panel.yaml by @righettod
  • http/exposed-panels/c2/ares-rat-c2.yaml by @pussycat0x
  • http/exposed-panels/c2/caldera-c2.yaml by @pussycat0x
  • http/exposed-panels/c2/hack5-cloud-c2.yaml by @pussycat0x
  • http/exposed-panels/c2/pupyc2.yaml by @pussycat0x
  • http/exposed-panels/c2/supershell-c2.yaml by @pussycat0x
  • http/exposed-panels/cisco/cisco-expressway-panel.yaml by @righettod
  • http/exposed-panels/emqx-panel.yaml by @righettod
  • http/exposed-panels/fortinet/forticlientems-panel.yaml by @h4sh5
  • http/exposed-panels/fortinet/fortiwlm-panel.yaml by @EgemenKochisarli
  • http/exposed-panels/neocase-hrportal-panel.yaml by @righettod
  • http/exposed-panels/osnexus-panel.yaml by @Charles D.
  • http/exposed-panels/posteio-admin-panel.yaml by @ritikchaddha
  • http/exposed-panels/skeepers-panel.yaml by @righettod
  • http/exposed-panels/softether-vpn-panel.yaml by @bhutch
  • network/detection/wing-ftp-detect.yaml by @ritikchaddha
  • ssl/c2/venomrat.yaml by @pussycat0x
  • http/osint/phishing/kakao-login-phish.yaml by @hahwul
  • http/osint/phishing/naver-login-phish.yaml by @hahwul
  • http/technologies/directus-detect.yaml by @ricardomaia
  • http/technologies/microsoft/aspnet-version-detect.yaml by @lucky0x0d,@PulseSecurity.co.nz
  • http/technologies/microsoft/aspnetmvc-version-disclosure.yaml by @lucky0x0d,@PulseSecurity.co.nz
  • http/technologies/wing-ftp-service-detect.yaml by @ritikchaddha
  • dns/soa-detect.yaml by @rxerium
  • dns/spf-record-detect.yaml by @rxerium
  • dns/txt-service-detect.yaml by @rxerium
  • file/keys/dependency/dependency-track.yaml by @DhiyaneshDK
  • file/keys/docker/dockerhub-pat.yaml by @DhiyaneshDK
  • file/keys/doppler/doppler-audit.yaml by @DhiyaneshDK
  • file/keys/doppler/doppler-cli.yaml by @DhiyaneshDK
  • file/keys/doppler/doppler-scim.yaml by @DhiyaneshDK
  • file/keys/doppler/doppler-service-account.yaml by @DhiyaneshDK
  • file/keys/doppler/doppler-service.yaml by @DhiyaneshDK
  • file/keys/dropbox/dropbox-access.yaml by @DhiyaneshDK
  • file/keys/huggingface/huggingface-user-access.yaml by @DhiyaneshDK
  • file/keys/linkedin/linkedin-client.yaml by @DhiyaneshDK
  • file/keys/linkedin/linkedin-secret.yaml by @DhiyaneshDK
  • file/keys/newrelic/newrelic-api-service.yaml by @DhiyaneshDK
  • file/keys/newrelic/newrelic-license-non.yaml by @DhiyaneshDK
  • file/keys/newrelic/newrelic-license.yaml by @DhiyaneshDK
  • file/keys/odbc/odbc-connection.yaml by @DhiyaneshDK
  • file/keys/okta/okta-api.yaml by @DhiyaneshDK
  • file/keys/particle/particle-access.yaml by @DhiyaneshDK
  • file/keys/react/reactapp-password.yaml by @DhiyaneshDK
  • file/keys/react/reactapp-username.yaml by @DhiyaneshDK
  • file/keys/salesforce/salesforce-access.yaml by @DhiyaneshDK
  • file/keys/thingsboard/thingsboard-access.yaml by @DhiyaneshDK
  • file/keys/truenas/truenas-api.yaml by @DhiyaneshDK
  • file/keys/twitter/twitter-client.yaml by @DhiyaneshDK
  • file/keys/twitter/twitter-secret.yaml by @DhiyaneshDK,@gaurang,@daffainfo
  • file/keys/wireguard/wireguard-preshared.yaml by @DhiyaneshDK
  • file/keys/wireguard/wireguard-private.yaml by @DhiyaneshDK

B636160776167737022757F6025667965636562702C6C6967702275667275637024627F636379644022757F602E6F602C656E6E61686360237564716C607D65647D29656C63657E60256864702E6960222C6C61402D654720286364716342202567616373756D602F64702E6F63727560702473727966602568645 🐛

New Contributors

Full Changelog: https://github.com/projectdiscovery/nuclei-templates/compare/v9.7.8...v9.8.0

v9.7.8

1 month ago

🔥 Release Highlights 🔥

In our latest release, we are thrilled to announce new addition of 120+ OSINT - Phishing Detection templates, thanks to the contributions of our community member @rxerium. These templates are accessible at Phishing Detection templates.

These templates are specifically added to help OSINT analysts, threat researchers, and security professionals in discovering and studying phishing campaigns therefore, we have added them to the OSINT scan profile here. Users can execute the OSINT scan configuration profile with nuclei -u <host> -config ~/nuclei-templates/config/osint.yml

Please note that these templates are not included in the default run. To use them, users can simply include them in the scan using nuclei -u <host> -tags phishing -itags phishing.

By identifying and analyzing phishing sites, OSINT analysts can discover patterns, monitor the activities of threat actors, and collect data essential for broader security research or investigative journalism. This makes it a valuable addition to the OSINT toolkit.

What's Changed

New Templates Added: 126

  • http/cves/2023/CVE-2023-43187.yaml by @0xParth
  • http/cves/2023/CVE-2023-5089.yaml by @jpg0mez
  • http/vulnerabilities/chanjet-tplus/chanjet-tplus-unauth-passreset.yaml by @0xr2r
  • http/exposed-panels/atlassian-bamboo-panel.yaml by @righettod
  • http/exposed-panels/cleanweb-panel.yaml by @righettod
  • http/exposed-panels/eset-protect-panel.yaml by @Charles D.
  • http/exposed-panels/graylog-panel.yaml by @righettod
  • http/exposed-panels/lockself-panel.yaml by @righettod
  • http/exposed-panels/moodle-workplace-panel.yaml by @righettod
  • http/exposed-panels/nexus-panel.yaml by @righettod
  • http/exposed-panels/pahtool-panel.yaml by @righettod
  • http/technologies/hcpanywhere-detect.yaml by @righettod
  • http/technologies/admiralcloud-detect.yaml by @righettod
  • http/osint/phishing/1password-phish.yaml by @rxerium
  • http/osint/phishing/adobe-phish.yaml by @rxerium
  • http/osint/phishing/aliexpress-phish.yaml by @rxerium
  • http/osint/phishing/amazon-phish.yaml by @rxerium
  • http/osint/phishing/amazon-web-services-phish.yaml by @rxerium
  • http/osint/phishing/american-express-phish.yaml by @rxerium
  • http/osint/phishing/anydesk-phish.yaml by @rxerium
  • http/osint/phishing/avast-phish.yaml by @rxerium
  • http/osint/phishing/avg-phish.yaml by @rxerium
  • http/osint/phishing/bank-of-america-phish.yaml by @rxerium
  • http/osint/phishing/battlenet-phish.yaml by @rxerium
  • http/osint/phishing/bestbuy-phish.yaml by @rxerium
  • http/osint/phishing/bitdefender-phish.yaml by @rxerium
  • http/osint/phishing/bitwarden-phish.yaml by @rxerium
  • http/osint/phishing/blender-phish.yaml by @rxerium
  • http/osint/phishing/booking-phish.yaml by @rxerium
  • http/osint/phishing/box-storage-phish.yaml by @rxerium
  • http/osint/phishing/brave-phish.yaml by @rxerium
  • http/osint/phishing/brighthr-phish.yaml by @rxerium
  • http/osint/phishing/ccleaner-phish.yaml by @rxerium
  • http/osint/phishing/chase-phish.yaml by @rxerium
  • http/osint/phishing/chrome-phish.yaml by @rxerium
  • http/osint/phishing/costa-phish.yaml by @rxerium
  • http/osint/phishing/dashlane-phish.yaml by @rxerium
  • http/osint/phishing/deezer-phish.yaml by @rxerium
  • http/osint/phishing/deliveroo-phish.yaml by @rxerium
  • http/osint/phishing/digital-ocean-phish.yaml by @rxerium
  • http/osint/phishing/discord-phish.yaml by @rxerium
  • http/osint/phishing/disneyplus-phish.yaml by @rxerium
  • http/osint/phishing/dropbox-phish.yaml by @rxerium
  • http/osint/phishing/duckduckgo-phish.yaml by @rxerium
  • http/osint/phishing/ebay-phish.yaml by @rxerium
  • http/osint/phishing/edge-phish.yaml by @rxerium
  • http/osint/phishing/ee-mobile-phish.yaml by @rxerium
  • http/osint/phishing/eset-phish.yaml by @rxerium
  • http/osint/phishing/evernote-phish.yaml by @rxerium
  • http/osint/phishing/facebook-phish.yaml by @rxerium
  • http/osint/phishing/figma-phish.yaml by @rxerium
  • http/osint/phishing/filezilla-phish.yaml by @rxerium
  • http/osint/phishing/firefox-phish.yaml by @rxerium
  • http/osint/phishing/gimp-phish.yaml by @rxerium
  • http/osint/phishing/github-phish.yaml by @rxerium
  • http/osint/phishing/google-phish.yaml by @rxerium
  • http/osint/phishing/icloud-phish.yaml by @rxerium
  • http/osint/phishing/instagram-phish.yaml by @rxerium
  • http/osint/phishing/kaspersky-phish.yaml by @rxerium
  • http/osint/phishing/kayak-phish.yaml by @rxerium
  • http/osint/phishing/keepass-phish.yaml by @rxerium
  • http/osint/phishing/keepersecurity-phish.yaml by @rxerium
  • http/osint/phishing/keybase-phish.yaml by @rxerium
  • http/osint/phishing/lastpass-phish.yaml by @rxerium
  • http/osint/phishing/libre-office-phish.yaml by @rxerium
  • http/osint/phishing/linkedin-phish.yaml by @rxerium
  • http/osint/phishing/malwarebytes-phish.yaml by @rxerium
  • http/osint/phishing/mcafee-phish.yaml by @rxerium
  • http/osint/phishing/mega-phish.yaml by @rxerium
  • http/osint/phishing/messenger-phish.yaml by @rxerium
  • http/osint/phishing/microcenter-phish.yaml by @rxerium
  • http/osint/phishing/microsoft-phish.yaml by @rxerium
  • http/osint/phishing/microsoft-teams-phish.yaml by @rxerium
  • http/osint/phishing/netflix-phish.yaml by @rxerium
  • http/osint/phishing/nordpass-phish.yaml by @rxerium
  • http/osint/phishing/norton-phish.yaml by @rxerium
  • http/osint/phishing/notion-phish.yaml by @rxerium
  • http/osint/phishing/o2-mobile-phish.yaml by @rxerium
  • http/osint/phishing/openai-phish.yaml by @rxerium
  • http/osint/phishing/opera-phish.yaml by @rxerium
  • http/osint/phishing/paramountplus-phish.yaml by @rxerium
  • http/osint/phishing/paypal-phish.yaml by @rxerium
  • http/osint/phishing/pcloud-phish.yaml by @rxerium
  • http/osint/phishing/pintrest-phish.yaml by @rxerium
  • http/osint/phishing/plusnet-phish.yaml by @rxerium
  • http/osint/phishing/proton-phish.yaml by @rxerium
  • http/osint/phishing/putty-phish.yaml by @rxerium
  • http/osint/phishing/python-phish.yaml by @rxerium
  • http/osint/phishing/quora-phish.yaml by @rxerium
  • http/osint/phishing/reddit-phish.yaml by @rxerium
  • http/osint/phishing/roblox-phish.yaml by @rxerium
  • http/osint/phishing/roboform-phish.yaml by @rxerium
  • http/osint/phishing/royal-mail-phish.yaml by @rxerium
  • http/osint/phishing/samsung-phish.yaml by @rxerium
  • http/osint/phishing/signal-phish.yaml by @rxerium
  • http/osint/phishing/sky-phish.yaml by @rxerium
  • http/osint/phishing/skype-phish.yaml by @rxerium
  • http/osint/phishing/skyscanner-phish.yaml by @rxerium
  • http/osint/phishing/slack-phish.yaml by @rxerium
  • http/osint/phishing/sophos-phish.yaml by @rxerium
  • http/osint/phishing/spotify-phish.yaml by @rxerium
  • http/osint/phishing/steam-phish.yaml by @rxerium
  • http/osint/phishing/sync-storage-phish.yaml by @rxerium
  • http/osint/phishing/target-phish.yaml by @rxerium
  • http/osint/phishing/teamviewer-phish.yaml by @rxerium
  • http/osint/phishing/telegram-phish.yaml by @rxerium
  • http/osint/phishing/three-mobile-phish.yaml by @rxerium
  • http/osint/phishing/thunderbird-phish.yaml by @rxerium
  • http/osint/phishing/ticketmaster-phish.yaml by @rxerium
  • http/osint/phishing/tiktok-phish.yaml by @rxerium
  • http/osint/phishing/trading212-phish.yaml by @rxerium
  • http/osint/phishing/trend-micro-phish.yaml by @rxerium
  • http/osint/phishing/trip-phish.yaml by @rxerium
  • http/osint/phishing/twitch-phish.yaml by @rxerium
  • http/osint/phishing/uber-phish.yaml by @rxerium
  • http/osint/phishing/visual-studio-code-phish.yaml by @rxerium
  • http/osint/phishing/vlc-player-phish.yaml by @rxerium
  • http/osint/phishing/vodafone-phish.yaml by @rxerium
  • http/osint/phishing/vultr-phish.yaml by @rxerium
  • http/osint/phishing/walmart-phish.yaml by @rxerium
  • http/osint/phishing/wetransfer-phish.yaml by @rxerium
  • http/osint/phishing/whatsapp-phish.yaml by @rxerium
  • http/osint/phishing/wikipedia-phish.yaml by @rxerium
  • http/osint/phishing/winscp-phish.yaml by @rxerium
  • http/osint/phishing/yahoo-phish.yaml by @rxerium
  • http/osint/phishing/zoom-phish.yaml by @rxerium

New Contributors

Full Changelog: https://github.com/projectdiscovery/nuclei-templates/compare/v9.7.7...v9.7.8

v9.7.7

1 month ago

🔥 Release Highlights 🔥

  • http/cves/2024/CVE-2024-1071.yaml by @DhiyaneshDK,@iamnooob 🔥
  • http/cves/2024/CVE-2024-1709.yaml by @johnk3r 🔥
  • http/cves/2024/CVE-2024-23334.yaml by @DhiyaneshDk 🔥
  • http/cves/2024/CVE-2024-25600.yaml by @christbowel 🔥
  • http/cves/2024/CVE-2024-27198.yaml by @DhiyaneshDk 🔥
  • http/cves/2024/CVE-2024-27199.yaml by @DhiyaneshDk 🔥
  • http/cves/2024/CVE-2024-27497.yaml by @DhiyaneshDk 🔥
  • http/cves/2023/CVE-2023-38203.yaml by @yiran 🔥
  • http/cves/2023/CVE-2023-42344.yaml by @0xr2r 🔥
  • http/cves/2023/CVE-2023-48777.yaml by @DhiyaneshDK 🔥

What's Changed

New Templates Added: 82 | CVEs Added: 21 | First-time contributions: 8

  • http/cves/2024/CVE-2024-0305.yaml by @BMCel
  • http/cves/2024/CVE-2024-0713.yaml by @DhiyaneshDK
  • http/cves/2024/CVE-2024-1021.yaml by @BMCel
  • http/cves/2024/CVE-2024-1071.yaml by @DhiyaneshDK,@iamnooob 🔥
  • http/cves/2024/CVE-2024-1208.yaml by @ritikchaddha
  • http/cves/2024/CVE-2024-1209.yaml by @ritikchaddha
  • http/cves/2024/CVE-2024-1210.yaml by @ritikchaddha
  • http/cves/2024/CVE-2024-1709.yaml by @johnk3r 🔥
  • http/cves/2024/CVE-2024-22319.yaml by @DhiyaneshDK
  • http/cves/2024/CVE-2024-22320.yaml by @DhiyaneshDK
  • http/cves/2024/CVE-2024-23334.yaml by @DhiyaneshDk 🔥
  • http/cves/2024/CVE-2024-25600.yaml by @christbowel 🔥
  • http/cves/2024/CVE-2024-27198.yaml by @DhiyaneshDk 🔥
  • http/cves/2024/CVE-2024-27199.yaml by @DhiyaneshDk 🔥
  • http/cves/2024/CVE-2024-27497.yaml by @DhiyaneshDk 🔥
  • http/cves/2023/CVE-2023-38203.yaml by @yiran 🔥
  • http/cves/2023/CVE-2023-42344.yaml by @0xr2r 🔥
  • http/cves/2023/CVE-2023-45671.yaml by @ritikchaddha
  • http/cves/2023/CVE-2023-48777.yaml by @DhiyaneshDK 🔥
  • http/cves/2023/CVE-2023-6895.yaml by @archer
  • http/cnvd/2023/CNVD-2023-96945.yaml by @DhiyaneshDk
  • http/cves/2015/CVE-2015-1635.yaml by @Phillipo
  • http/vulnerabilities/chanjet-tplus/chanjet-tplus-unauth-update.yaml by @0xr2r
  • http/vulnerabilities/dahua/dahua-bitmap-fileupload.yaml by @DhiyaneshDK
  • http/vulnerabilities/joomla/joomla-easyshop-lfi.yaml by @ritikchaddha
  • http/vulnerabilities/other/lucee-unset-credentials.yaml by @jpg0mez
  • http/vulnerabilities/yonyou/yonyou-ufida-nc-lfi.yaml by @DhiyaneshDk
  • http/misconfiguration/cloudflare-rocketloader-htmli.yaml by @j3ssie
  • http/misconfiguration/installer/connectwise-setup.yaml by @DhiyaneshDk
  • http/default-logins/ibm/ibm-dcbc-default-login.yaml by @DhiyaneshDK
  • http/default-logins/ibm/ibm-dcec-default-login.yaml by @DhiyaneshDK
  • http/default-logins/ibm/ibm-dsc-default-login.yaml by @DhiyaneshDK
  • http/default-logins/ibm/ibm-hmc-default-login.yaml by @R3S OST
  • http/default-logins/ibm/imm-default-login.yaml by @jpg0mez
  • http/default-logins/lucee/lucee-default-login.yaml by @jpg0mez
  • http/exposed-panels/c2/meduza-stealer.yaml by @dwisiswant0
  • http/exposed-panels/cisco-unity-panel.yaml by @HeeresS
  • http/exposed-panels/connectwise-panel.yaml by @johnk3r
  • http/exposed-panels/fortinet/fortiauthenticator-detect.yaml by @johnk3r
  • http/exposed-panels/ibm/ibm-dcec-panel.yaml by @DhiyaneshDK
  • http/exposed-panels/ibm/ibm-decision-server-console.yaml by @DhiyaneshDK
  • http/exposed-panels/ibm/ibm-odm-panel.yaml by @DhiyaneshDK
  • http/exposed-panels/koel-panel.yaml by @rxerium
  • http/exposed-panels/kopano-webapp-panel.yaml by @righettod
  • http/exposed-panels/linshare-panel.yaml by @righettod
  • http/exposed-panels/openvas-panel.yaml by @rxerium
  • http/exposed-panels/opinio-panel.yaml by @righettod
  • http/exposed-panels/redmine-panel.yaml by @righettod
  • http/exposed-panels/rocketchat-panel.yaml by @righettod
  • http/exposed-panels/webtransfer-client-panel.yaml by @righettod
  • http/exposures/configs/sphinxsearch-config.yaml by @gtrrnr
  • http/exposures/tokens/dependency/dependency-track-api.yaml by @DhiyaneshDK
  • http/exposures/tokens/docker/docker-hub-pat.yaml by @DhiyaneshDK
  • http/exposures/tokens/doppler/doppler-audit-token.yaml by @DhiyaneshDK
  • http/exposures/tokens/doppler/doppler-cli-token.yaml by @DhiyaneshDK
  • http/exposures/tokens/doppler/doppler-scim-token.yaml by @DhiyaneshDK
  • http/exposures/tokens/doppler/doppler-service-account-token.yaml by @DhiyaneshDK
  • http/exposures/tokens/doppler/doppler-service-token.yaml by @DhiyaneshDK
  • http/exposures/tokens/dropbox/dropbox-access-token.yaml by @DhiyaneshDK
  • http/exposures/tokens/huggingface/huggingface-user-access-token.yaml by @DhiyaneshDK
  • http/exposures/tokens/linkedin/linkedin-client-id.yaml by @DhiyaneshDK
  • http/exposures/tokens/linkedin/linkedin-secret-key.yaml by @DhiyaneshDK
  • http/exposures/tokens/newrelic/newrelic-api-service-key.yaml by @DhiyaneshDK
  • http/exposures/tokens/newrelic/newrelic-license-key-non.yaml by @DhiyaneshDK
  • http/exposures/tokens/newrelic/newrelic-license-key.yaml by @DhiyaneshDK
  • http/exposures/tokens/odbc/odbc-connection-string.yaml by @DhiyaneshDK
  • http/exposures/tokens/okta/okta-api-token.yaml by @DhiyaneshDK
  • http/exposures/tokens/particle/particle-access-token.yaml by @DhiyaneshDK
  • http/exposures/tokens/react/react-app-password.yaml by @DhiyaneshDK
  • http/exposures/tokens/react/react-app-username.yaml by @DhiyaneshDK
  • http/exposures/tokens/salesforce/salesforce-access-token.yaml by @DhiyaneshDK
  • http/exposures/tokens/thingsboard/thingsboard-access-token.yaml by @DhiyaneshDK
  • http/exposures/tokens/truenas/truenas-api-key.yaml by @DhiyaneshDK
  • http/exposures/tokens/twitter/twitter-client-id.yaml by @DhiyaneshDK
  • http/exposures/tokens/twitter/twitter-secret-key.yaml by @DhiyaneshDK
  • http/exposures/tokens/wireguard/wireguard-preshared-key.yaml by @DhiyaneshDK
  • http/exposures/tokens/wireguard/wireguard-private-key.yaml by @DhiyaneshDK
  • http/miscellaneous/maxforwards-headers-detect.yaml by @righettod
  • http/technologies/ibm/ibm-decision-runner.yaml by @DhiyaneshDK
  • http/technologies/ibm/ibm-decision-server-runtime.yaml by @DhiyaneshDK
  • http/technologies/ibm/ibm-odm-detect.yaml by @DhiyaneshDK
  • http/technologies/pexip-detect.yaml by @righettod

New Contributors

Full Changelog: https://github.com/projectdiscovery/nuclei-templates/compare/v9.7.6...v9.7.7

v9.7.6

2 months ago

🔥 Release Highlights 🔥

  • http/cves/2024/CVE-2024-21893.yaml by @DhiyaneshDk 🔥
  • http/cves/2024/CVE-2024-22024.yaml by @watchTowr 🔥
  • code/cves/2023/CVE-2023-6246.yaml by @gy741 🔥

What's Changed

New Templates Added: 49 | CVEs Added: 22 | First-time contributions: 12

  • code/cves/2023/CVE-2023-6246.yaml by @gy741 🔥
  • http/cves/2024/CVE-2024-1061.yaml by @xxcdd
  • http/cves/2024/CVE-2024-21644.yaml by @West-wise
  • http/cves/2024/CVE-2024-21645.yaml by @isacaya
  • http/cves/2024/CVE-2024-21893.yaml by @DhiyaneshDk 🔥
  • http/cves/2024/CVE-2024-22024.yaml by @watchTowr 🔥
  • http/cves/2024/CVE-2024-25669.yaml by @r3naissance
  • http/cves/2024/CVE-2024-25735.yaml by @johnk3r
  • http/cves/2023/CVE-2023-28662.yaml by @xxcdd
  • http/cves/2023/CVE-2023-40355.yaml by @amir-h-fallahi
  • http/cves/2023/CVE-2023-47115.yaml by @isacaya
  • http/cves/2023/CVE-2023-52085.yaml by @sanineng
  • http/cves/2023/CVE-2023-6360.yaml by @xxcdd
  • http/cves/2023/CVE-2023-6831.yaml by @byObin
  • http/cves/2023/CVE-2023-6909.yaml by @Hyunsoo-ds
  • http/cves/2022/CVE-2022-38131.yaml by @xxcdd
  • http/cves/2021/CVE-2021-24442.yaml by @ritikchaddha
  • http/cves/2021/CVE-2021-24849.yaml by @ritikchaddha
  • http/cves/2021/CVE-2021-24943.yaml by @ritikchaddha
  • http/cves/2021/CVE-2021-40651.yaml by @ctflearner
  • http/cves/2011/CVE-2011-4640.yaml by @ctflearner
  • http/cves/2007/CVE-2007-3010.yaml by @king-alexander
  • http/vulnerabilities/generic/xss-fuzz.yaml by @kazet
  • http/vulnerabilities/lucee-rce.yaml by @rootxharsh,@iamnoooob,@pdresearch
  • http/vulnerabilities/other/glodon-linkworks-sqli.yaml by @DhiyaneshDK
  • http/vulnerabilities/wordpress/wp-user-enum.yaml by @Manas_Harsh,@daffainfo,@geeknik,@dr0pd34d
  • http/misconfiguration/node-express-dev-env.yaml by @FLX
  • http/misconfiguration/sap/sap-public-admin.yaml by @t3l3machus
  • http/default-logins/webmethod/webmethod-integration-default-login.yaml by @ChristianPoeschl,@OleWagner,@usdAG
  • http/exposures/logs/teampass-ldap.yaml by @josecosta
  • http/exposed-panels/apigee-panel.yaml by @righettod
  • http/exposed-panels/dockge-panel.yaml by @rxerium
  • http/exposed-panels/dokuwiki-panel.yaml by @righettod
  • http/exposed-panels/easyjob-panel.yaml by @righettod
  • http/exposed-panels/friendica-panel.yaml by @righettod
  • http/exposed-panels/gotify-panel.yaml by @righettod
  • http/exposed-panels/haivision-gateway-panel.yaml by @righettod
  • http/exposed-panels/haivision-media-platform-panel.yaml by @righettod
  • http/exposed-panels/ivanti-connect-secure-panel.yaml by @rxerium
  • http/exposed-panels/juniper-panel.yaml by @bhutch
  • http/exposed-panels/ms-exchange-web-service.yaml by @bhutch
  • http/exposed-panels/pairdrop-panel.yaml by @rxerium
  • http/exposed-panels/passbolt-panel.yaml by @righettod
  • http/exposed-panels/proofpoint-protection-server-panel.yaml by @johnk3r
  • http/exposed-panels/sentry-panel.yaml by @righettod
  • http/exposed-panels/vistaweb-panel.yaml by @righettod
  • http/miscellaneous/balada-injector-malware.yaml by @kazet
  • http/technologies/google/chromecast-detect.yaml by @LucianNitescu
  • http/technologies/identity-server-v3-detect.yaml by @righettod

New Contributors

Full Changelog: https://github.com/projectdiscovery/nuclei-templates/compare/v9.7.5...v9.7.6

v9.7.5

3 months ago

🔥 Release Highlights 🔥

In our latest release, we have added a significant number of trending CVEs and are excited to announce the addition of new local privilege escalation templates. These valuable contributions come from our community, with a notable contribution from @daffainfo, and are available at Local Privilege Escalation Templates. These templates utilize the newly introduced code protocol, enhancing their capability to detect vulnerabilities more effectively.

It's important to note that these templates are specifically designed for local execution to identify privilege escalation vulnerabilities. For security reasons, they are not executed as part of the default Nuclei scan. We ensure the security and authenticity of these templates by signing them officially. To run these templates, users need to provide the -code flag along with -itags local. These additions are particularly useful for penetration testing and red-teaming focusing on privilege escalation, and we plan to further expand their coverage in future updates. Following are the other highlights of this release:

  • javascript/cves/2024/CVE-2024-23897.yaml by @iamnoooob,@rootxharsh,@pdresearch 🔥
  • http/cves/2024/CVE-2024-0204.yaml by @DhiyaneshDK 🔥
  • http/cves/2023/CVE-2023-47211.yaml by @gy741 🔥
  • http/cves/2023/CVE-2023-22527.yaml by @iamnooob,@rootxharsh,@pdresearch 🔥
  • http/cves/2023/CVE-2023-6875.yaml by @iamnoooob,@rootxharsh,@pdresearch 🔥
  • http/cves/2019/CVE-2019-16469.yaml by @DomenicoVeneziano 🔥

What's Changed

New Templates Added: 106 | CVEs Added: 14 | First-time contributions: 14

  • javascript/cves/2024/CVE-2024-23897.yaml by @iamnoooob,@rootxharsh,@pdresearch 🔥
  • http/cves/2024/CVE-2024-0204.yaml by @DhiyaneshDK 🔥
  • http/cves/2023/CVE-2023-48023.yaml by @cookiehanhoan,@harryha
  • http/cves/2023/CVE-2023-47643.yaml by @isacaya
  • http/cves/2023/CVE-2023-47211.yaml by @gy741 🔥
  • http/cves/2023/CVE-2023-44352.yaml by @pwnwithlove
  • http/cves/2023/CVE-2023-27640.yaml by @MaStErChO
  • http/cves/2023/CVE-2023-27639.yaml by @MaStErChO
  • http/cves/2023/CVE-2023-22527.yaml by @iamnooob,@rootxharsh,@pdresearch 🔥
  • http/cves/2023/CVE-2023-6977.yaml by @gy741
  • http/cves/2023/CVE-2023-6875.yaml by @iamnoooob,@rootxharsh,@pdresearch 🔥
  • http/cves/2023/CVE-2023-6023.yaml by @m0ck3d,@cookiehanhoan
  • http/cves/2019/CVE-2019-16469.yaml by @DomenicoVeneziano 🔥
  • http/cves/2018/CVE-2018-10942.yaml by @MaStErChO
  • http/vulnerabilities/apache/apache-nifi-rce.yaml by @arliya
  • http/vulnerabilities/juniper/junos-xss.yaml by @DhiyaneshDK
  • http/vulnerabilities/prestashop/prestashop-blocktestimonial-file-upload.yaml by @MaStErChO
  • http/vulnerabilities/vbulletin/vbulletin-backdoor.yaml by @MaStErCho
  • code/privilege-escalation/linux/binary/privesc-aa-exec.yaml by @daffainfo
  • code/privilege-escalation/linux/binary/privesc-ash.yaml by @daffainfo
  • code/privilege-escalation/linux/binary/privesc-awk.yaml by @daffainfo
  • code/privilege-escalation/linux/binary/privesc-bash.yaml by @daffainfo
  • code/privilege-escalation/linux/binary/privesc-cdist.yaml by @daffainfo
  • code/privilege-escalation/linux/binary/privesc-choom.yaml by @daffainfo
  • code/privilege-escalation/linux/binary/privesc-cpulimit.yaml by @daffainfo
  • code/privilege-escalation/linux/binary/privesc-csh.yaml by @daffainfo
  • code/privilege-escalation/linux/binary/privesc-csvtool.yaml by @daffainfo
  • code/privilege-escalation/linux/binary/privesc-dash.yaml by @daffainfo
  • code/privilege-escalation/linux/binary/privesc-dc.yaml by @daffainfo
  • code/privilege-escalation/linux/binary/privesc-distcc.yaml by @daffainfo
  • code/privilege-escalation/linux/binary/privesc-elvish.yaml by @daffainfo
  • code/privilege-escalation/linux/binary/privesc-enscript.yaml by @daffainfo
  • code/privilege-escalation/linux/binary/privesc-env.yaml by @daffainfo
  • code/privilege-escalation/linux/binary/privesc-expect.yaml by @daffainfo
  • code/privilege-escalation/linux/binary/privesc-find.yaml by @daffainfo
  • code/privilege-escalation/linux/binary/privesc-fish.yaml by @daffainfo
  • code/privilege-escalation/linux/binary/privesc-flock.yaml by @daffainfo
  • code/privilege-escalation/linux/binary/privesc-gawk.yaml by @daffainfo
  • code/privilege-escalation/linux/binary/privesc-grc.yaml by @daffainfo
  • code/privilege-escalation/linux/binary/privesc-ionice.yaml by @daffainfo
  • code/privilege-escalation/linux/binary/privesc-julia.yaml by @daffainfo
  • code/privilege-escalation/linux/binary/privesc-lftp.yaml by @daffainfo
  • code/privilege-escalation/linux/binary/privesc-ltrace.yaml by @daffainfo
  • code/privilege-escalation/linux/binary/privesc-lua.yaml by @daffainfo
  • code/privilege-escalation/linux/binary/privesc-mawk.yaml by @daffainfo
  • code/privilege-escalation/linux/binary/privesc-multitime.yaml by @daffainfo
  • code/privilege-escalation/linux/binary/privesc-mysql.yaml by @daffainfo
  • code/privilege-escalation/linux/binary/privesc-nawk.yaml by @daffainfo
  • code/privilege-escalation/linux/binary/privesc-nice.yaml by @daffainfo
  • code/privilege-escalation/linux/binary/privesc-node.yaml by @daffainfo
  • code/privilege-escalation/linux/binary/privesc-nsenter.yaml by @daffainfo
  • code/privilege-escalation/linux/binary/privesc-perl.yaml by @daffainfo
  • code/privilege-escalation/linux/binary/privesc-pexec.yaml by @daffainfo
  • code/privilege-escalation/linux/binary/privesc-php.yaml by @daffainfo
  • code/privilege-escalation/linux/binary/privesc-posh.yaml by @daffainfo
  • code/privilege-escalation/linux/binary/privesc-python.yaml by @daffainfo
  • code/privilege-escalation/linux/binary/privesc-rake.yaml by @daffainfo
  • code/privilege-escalation/linux/binary/privesc-rc.yaml by @daffainfo
  • code/privilege-escalation/linux/binary/privesc-rlwrap.yaml by @daffainfo
  • code/privilege-escalation/linux/binary/privesc-rpm.yaml by @daffainfo
  • code/privilege-escalation/linux/binary/privesc-rpmdb.yaml by @daffainfo
  • code/privilege-escalation/linux/binary/privesc-rpmverify.yaml by @daffainfo
  • code/privilege-escalation/linux/binary/privesc-ruby.yaml by @daffainfo
  • code/privilege-escalation/linux/binary/privesc-run-parts.yaml by @daffainfo
  • code/privilege-escalation/linux/binary/privesc-sash.yaml by @daffainfo
  • code/privilege-escalation/linux/binary/privesc-slsh.yaml by @daffainfo
  • code/privilege-escalation/linux/binary/privesc-socat.yaml by @daffainfo
  • code/privilege-escalation/linux/binary/privesc-softlimit.yaml by @daffainfo
  • code/privilege-escalation/linux/binary/privesc-sqlite3.yaml by @daffainfo
  • code/privilege-escalation/linux/binary/privesc-ssh-agent.yaml by @daffainfo
  • code/privilege-escalation/linux/binary/privesc-sshpass.yaml by @daffainfo
  • code/privilege-escalation/linux/binary/privesc-stdbuf.yaml by @daffainfo
  • code/privilege-escalation/linux/binary/privesc-strace.yaml by @daffainfo
  • code/privilege-escalation/linux/binary/privesc-tar.yaml by @daffainfo
  • code/privilege-escalation/linux/binary/privesc-tcsh.yaml by @daffainfo
  • code/privilege-escalation/linux/binary/privesc-time.yaml by @daffainfo
  • code/privilege-escalation/linux/binary/privesc-timeout.yaml by @daffainfo
  • code/privilege-escalation/linux/binary/privesc-tmate.yaml by @daffainfo
  • code/privilege-escalation/linux/binary/privesc-torify.yaml by @daffainfo
  • code/privilege-escalation/linux/binary/privesc-torsocks.yaml by @daffainfo
  • code/privilege-escalation/linux/binary/privesc-unshare.yaml by @daffainfo
  • code/privilege-escalation/linux/binary/privesc-vi.yaml by @daffainfo
  • code/privilege-escalation/linux/binary/privesc-view.yaml by @daffainfo
  • code/privilege-escalation/linux/binary/privesc-vim.yaml by @daffainfo
  • code/privilege-escalation/linux/binary/privesc-xargs.yaml by @daffainfo
  • code/privilege-escalation/linux/binary/privesc-xdg-user-dir.yaml by @daffainfo
  • code/privilege-escalation/linux/binary/privesc-yash.yaml by @daffainfo
  • code/privilege-escalation/linux/binary/privesc-zsh.yaml by @daffainfo
  • code/privilege-escalation/linux/rw-shadow.yaml by @daffainfo
  • code/privilege-escalation/linux/rw-sudoers.yaml by @daffainfo
  • code/privilege-escalation/linux/sudo-nopasswd.yaml by @daffainfo
  • code/privilege-escalation/linux/writable-etc-passwd.yaml by @daffainfo
  • http/default-logins/node-red/nodered-default-login.yaml by @savik
  • http/default-logins/powershell/powershell-default-login.yaml by @ap3r
  • http/exposed-panels/autoset-detect.yaml by @MaStErCho
  • http/exposed-panels/compalex-panel-detect.yaml by @MaStErCho
  • http/exposed-panels/doris-panel.yaml by @ritikchaddha
  • http/exposed-panels/lomnido-panel.yaml by @righettod
  • http/exposures/configs/vbulletin-path-disclosure.yaml by @MaStErChO
  • http/exposures/logs/go-pprof-debug.yaml by @w8ay
  • http/miscellaneous/defacement-detect.yaml by @ricardomaia
  • http/misconfiguration/doris-dashboard.yaml by @ritikchaddha
  • http/misconfiguration/springboot/springboot-integrationgraph.yaml by @ELSFA7110
  • http/misconfiguration/springboot/springboot-startup.yaml by @ELSFA7110
  • http/technologies/tibco-businessconnect-detect.yaml by @righettod
  • dns/dns-rebinding.yaml by @ricardomaia

New Contributors

Full Changelog: https://github.com/projectdiscovery/nuclei-templates/compare/v9.7.4...v9.7.5

v9.7.4

3 months ago

🔥 Release Highlights 🔥

  • http/cves/2020/CVE-2020-27838.yaml by @mchklt 🔥
  • http/cves/2022/CVE-2022-47501.yaml by @your3cho 🔥
  • http/cves/2023/CVE-2023-46805.yaml by @DhiyaneshDK 🔥
  • http/cves/2023/CVE-2023-50290.yaml by @Banana69,@DhiyaneshDK 🔥
  • http/cves/2023/CVE-2023-6634.yaml by @iamnoooob,@rootxharsh,@pdresearch 🔥
  • http/cves/2024/CVE-2024-21887.yaml by @pdresearch,@parthmalhotra,@iamnoooob 🔥

Full Changelog: https://github.com/projectdiscovery/nuclei-templates/compare/v9.7.3...v9.7.4

v9.7.3

3 months ago

🔥 Release Highlights 🔥

  • code/cves/2019/CVE-2019-14287.yaml by @daffainfo 🔥
  • code/cves/2021/CVE-2021-3156.yaml by @pussycat0x 🔥
  • http/cves/2023/CVE-2023-44353.yaml by @salts 🔥
  • http/cves/2023/CVE-2023-50917.yaml by @DhiyaneshDK 🔥
  • http/cves/2023/CVE-2023-50968.yaml by @your3cho 🔥
  • http/cves/2023/CVE-2023-51467.yaml by @your3cho 🔥
  • http/cves/2023/CVE-2023-6063.yaml by @DhiyaneshDK 🔥
  • http/cves/2023/CVE-2023-7028.yaml by @DhiyaneshDk,@rootxharsh,@iamnooob,@pdresearch 🔥

What's Changed

New Templates Added: 45 | CVEs Added: 16 | First-time contributions: 6

  • code/cves/2019/CVE-2019-14287.yaml by @daffainfo 🔥
  • code/cves/2021/CVE-2021-3156.yaml by @pussycat0x 🔥
  • http/cves/2015/CVE-2015-2794.yaml by @1337kro
  • http/cves/2020/CVE-2020-12124.yaml by @DhiyaneshDK
  • http/cves/2023/CVE-2023-41109.yaml by @princechaddha
  • http/cves/2023/CVE-2023-42343.yaml by @DhiyaneshDK
  • http/cves/2023/CVE-2023-44353.yaml by @salts 🔥
  • http/cves/2023/CVE-2023-46574.yaml by @DhiyaneshDk
  • http/cves/2023/CVE-2023-50917.yaml by @DhiyaneshDK 🔥
  • http/cves/2023/CVE-2023-50968.yaml by @your3cho 🔥
  • http/cves/2023/CVE-2023-51467.yaml by @your3cho 🔥
  • http/cves/2023/CVE-2023-6063.yaml by @DhiyaneshDK 🔥
  • http/cves/2023/CVE-2023-6379.yaml by @msegoviag
  • http/cves/2023/CVE-2023-6623.yaml by @iamnoooob,@rootxharsh,@pdresearch,@coldfish
  • http/cves/2023/CVE-2023-7028.yaml by @DhiyaneshDk,@rootxharsh,@iamnooob,@pdresearch 🔥
  • http/cves/2024/CVE-2024-0352.yaml by @CookieHanHoan,@babybash,@samuelsamuelsamuel
  • http/vulnerabilities/dahua/dahua-icc-backdoor-user.yaml by @DhiyaneshDk
  • http/vulnerabilities/dlink/dlink-netgear-xss.yaml by @gtrrnr,@vulnspace
  • http/vulnerabilities/ruijie/ruijie-nmc-sync-rce.yaml by @DhiyaneshDk
  • http/vulnerabilities/ruijie/ruijie-rg-eg-web-mis-rce.yaml by @DhiyaneshDk
  • http/vulnerabilities/wanhu/wanhuoa-downloadservlet-lfi.yaml by @wpsec
  • http/vulnerabilities/yonyou/yonyou-ksoa-dept-sqli.yaml by @DhiyaneshDK
  • javascript/network/smb/smb-anonymous-access.yaml by @pussycat0x
  • javascript/network/smb/smb-shares.yaml by @pussycat0x
  • javascript/network/smb/smb-signing-not-required.yaml by @pussycat0x
  • javascript/network/smb/smb2-capabilities.yaml by @pussycat0x
  • http/misconfiguration/apache/apache-server-status.yaml by @thabisocn
  • http/misconfiguration/cookies-without-httponly-secure.yaml by @princechaddha,@Mr.Bobo HP
  • http/misconfiguration/php/php-composer-binary.yaml by @mayank_pandey01
  • network/misconfig/erlang-daemon.yaml by @pussycat0x
  • http/default-logins/camunda/camunda-default-login.yaml by @bhutch
  • http/exposed-panels/goodjob-dashboard.yaml by @hahwul
  • http/exposed-panels/onlyoffice-login-panel.yaml by @eremit4
  • http/exposures/docker-daemon-exposed.yaml by @Arm!tage
  • http/osint/piratebay.yaml by @philippedelteil
  • cloud/enum/aws-app-enum.yaml by @initstring
  • cloud/enum/aws-s3-bucket-enum.yaml by @initstring
  • cloud/enum/azure-db-enum.yaml by @initstring
  • cloud/enum/azure-vm-cloud-enum.yaml by @initstring
  • cloud/enum/azure-website-enum.yaml by @initstring
  • cloud/enum/gcp-app-engine-enum.yaml by @initstring
  • cloud/enum/gcp-bucket-enum.yaml by @initstring
  • cloud/enum/gcp-firebase-app-enum.yaml by @initstring
  • cloud/enum/gcp-firebase-rtdb-enum.yaml by @initstring
  • http/technologies/cisco-asa-detect.yaml by @sdcampbell

New Contributors

Full Changelog: https://github.com/projectdiscovery/nuclei-templates/compare/v9.7.2...v9.7.3

v9.7.2

4 months ago

🔥 Release Highlights 🔥

  • javascript/cves/2023/CVE-2023-46604.yaml by @Ice3man,@Mzack9999,@pdresearch 🔥
  • code/cves/2023/CVE-2023-49105.yaml by @ChristianPoeschl,@FlorianDewald,@usdAG 🔥
  • http/cves/2021/CVE-2021-29200.yaml by @your3cho 🔥
  • http/cves/2023/CVE-2023-26035.yaml by @Unblvr1,@whotwagner 🔥
  • http/cves/2023/CVE-2023-3368.yaml by @dwisiswant0 🔥
  • http/cves/2023/CVE-2023-41265.yaml by @AdamCrosser 🔥
  • http/cves/2023/CVE-2023-43177.yaml by @iamnoooob,@rootxharsh,@pdresearch 🔥
  • http/cves/2023/CVE-2023-49070.yaml by @your3cho 🔥
  • http/cves/2023/CVE-2023-6553.yaml by @FLX 🔥

What's Changed

New Templates Added: 61 | CVEs Added: 25 | First-time contributions: 8

  • javascript/cves/2023/CVE-2023-46604.yaml by @Ice3man,@Mzack9999,@pdresearch 🔥
  • code/cves/2023/CVE-2023-49105.yaml by @ChristianPoeschl,@FlorianDewald,@usdAG 🔥
  • headless/cves/2018/CVE-2018-25031.yaml by @DhiyaneshDK
  • http/cves/2018/CVE-2018-8823.yaml by @MaStErChO
  • http/cves/2021/CVE-2021-29200.yaml by @your3cho 🔥
  • http/cves/2021/CVE-2021-44910.yaml by @lbb
  • http/cves/2022/CVE-2022-0087.yaml by @ShivanshKhari
  • http/cves/2023/CVE-2023-22232.yaml by @1337kro
  • http/cves/2023/CVE-2023-26035.yaml by @Unblvr1,@whotwagner 🔥
  • http/cves/2023/CVE-2023-30534.yaml by @k0pak4
  • http/cves/2023/CVE-2023-3368.yaml by @dwisiswant0 🔥
  • http/cves/2023/CVE-2023-36144.yaml by @gy741
  • http/cves/2023/CVE-2023-39002.yaml by @Herry
  • http/cves/2023/CVE-2023-41265.yaml by @AdamCrosser 🔥
  • http/cves/2023/CVE-2023-41266.yaml by @AdamCrosser 🔥
  • http/cves/2023/CVE-2023-43177.yaml by @iamnoooob,@rootxharsh,@pdresearch 🔥
  • http/cves/2023/CVE-2023-46359.yaml by @mlec
  • http/cves/2023/CVE-2023-49070.yaml by @your3cho 🔥
  • http/cves/2023/CVE-2023-5556.yaml by @shankaracharya
  • http/cves/2023/CVE-2023-6018.yaml by @byt3bl33d3r
  • http/cves/2023/CVE-2023-6020.yaml by @byt3bl33d3r
  • http/cves/2023/CVE-2023-6021.yaml by @byt3bl33d3r
  • http/cves/2023/CVE-2023-6038.yaml by @danmcinerney,@byt3bl33d3r
  • http/cves/2023/CVE-2023-6380.yaml by @MiguelSegoviaGil
  • http/cves/2023/CVE-2023-6553.yaml by @FLX 🔥
  • http/default-logins/dataease/dataease-default-login.yaml by @DhiyaneshDK
  • http/default-logins/splunk/splunk-default-login.yaml by @pussycat0x
  • http/exposed-panels/dataease-panel.yaml by @DhiyaneshDK
  • http/exposed-panels/reportico-admin-panel.yaml by @geeknik
  • http/exposed-panels/tailon-panel.yaml by @ritikchaddha
  • http/exposed-panels/vue-pacs-panel.yaml by @righettod
  • http/exposed-panels/woodwing-panel.yaml by @pdteam
  • http/exposures/configs/dompdf-config.yaml by @kazet
  • http/misconfiguration/aws/cdn-cache-poisoning.yaml by @0xcharan
  • http/misconfiguration/h2o/h2o-arbitary-file-read.yaml by @danmcinerney,@byt3bl33d3r
  • http/misconfiguration/h2o/h2o-dashboard.yaml by @byt3bl33d3r
  • http/misconfiguration/installer/businesso-installer.yaml by @ritikchaddha
  • http/misconfiguration/installer/chamilo-installer.yaml by @DhiyaneshDk
  • http/misconfiguration/installer/espocrm-installer.yaml by @DhiyaneshDk
  • http/misconfiguration/installer/knowledgetree-installer.yaml by @ritikchaddha
  • http/misconfiguration/installer/phpgedview-installer.yaml by @ritikchaddha
  • http/misconfiguration/installer/wowcms-installer.yaml by @ritikchaddha
  • http/misconfiguration/mixed-active-content.yaml by @Liwermor
  • http/misconfiguration/mixed-passive-content.yaml by @Liwermor
  • http/misconfiguration/secnet-info-leak.yaml by @DhiyaneshDk
  • http/misconfiguration/woodwing-git.yaml by @pdteam
  • http/misconfiguration/woodwing-phpinfo.yaml by @pdteam
  • http/technologies/bamboo-detect.yaml by @bhutch
  • http/technologies/element-web-detect.yaml by @davidegirardi
  • http/technologies/iparapheur-detect.yaml by @righettod
  • http/technologies/matrix-homeserver-detect.yaml by @davidegirardi
  • http/vulnerabilities/dahua/dahua-wpms-lfi.yaml by @DhiyaneshDk
  • http/vulnerabilities/dahua/dahua-wpms-rce.yaml by @DhiyaneshDK
  • http/vulnerabilities/ecstatic/node-ecstatic-internal-path.yaml by @DhiyaneshDK
  • http/vulnerabilities/ecstatic/node-ecstatic-listing.yaml by @DhiyaneshDK
  • http/vulnerabilities/huawei/huawei-authhttp-lfi.yaml by @DhiyaneshDk
  • http/vulnerabilities/jinhe/jinhe-jc6-sqli.yaml by @Ky9oss
  • http/vulnerabilities/other/sslvpn-client-rce.yaml by @DhiyaneshDK
  • http/vulnerabilities/other/yibao-sqli.yaml by @DhiyaneshDK
  • http/vulnerabilities/other/yunanbao-rce.yaml by @DhiyaneshDK
  • http/vulnerabilities/vbulletin/vbulletin-ajaxreg-sqli.yaml by @MaStErChO

New Contributors

Full Changelog: https://github.com/projectdiscovery/nuclei-templates/compare/v9.7.1...v9.7.2