Community curated list of templates for the nuclei engine to find security vulnerabilities.
61
| CVEs Added: 25
| First-time contributions: 8
Full Changelog: https://github.com/projectdiscovery/nuclei-templates/compare/v9.7.1...v9.7.2
Full Changelog: https://github.com/projectdiscovery/nuclei-templates/compare/v9.7.0...v9.7.1
π₯ Release Highlights π₯
51
| CVEs Added: 18
| First-time contributions: 7
Full Changelog: https://github.com/projectdiscovery/nuclei-templates/compare/v9.6.9...v9.7.0
π₯ Release Highlights π₯
73
| CVEs Added: 13
| First-time contributions: 7
Full Changelog: https://github.com/projectdiscovery/nuclei-templates/compare/v9.6.8...v9.6.9
π₯ Release Highlights π₯
Full Changelog: https://github.com/projectdiscovery/nuclei-templates/compare/v9.6.7...v9.6.8
Full Changelog: https://github.com/projectdiscovery/nuclei-templates/compare/v9.6.6...v9.6.7
π₯ Highlight of this release:
β [servicenow-widget-misconfig] ServiceNow Widget-Simple-List - Misconfiguration (@dhiyaneshdk) π₯ β [CVE-2023-37979] Ninja Forms < 3.6.26 - Cross-Site Scripting (@r3y3r53) [medium] π₯ β [CVE-2021-25016] Chaty < 2.8.2 - Cross-Site Scripting (@luisfelipe146) [medium] π₯ β [CVE-2020-6950] Eclipse Mojarra - Local File Read (@iamnoooob,@pdresearch) [medium] π₯ β [CVE-2023-4451] Cockpit - Cross-Site Scripting (@iamnoooob,@pdresearch) [medium] π₯ β [CVE-2023-3710] Honeywell PM43 Printers - Command Injection (@win3zz) [critical] π₯ β [CVE-2023-3219] EventON Lite < 2.1.2 - Arbitrary File Download (@r3y3r53) [medium] π₯
161
99
Full Changelog: https://github.com/projectdiscovery/nuclei-templates/compare/v9.6.5...v9.6.6
π₯ Highlight of this release:
β [CVE-2023-43261] Milesight Routers - Information Disclosure (@gy741) [high] π₯ β [CVE-2023-42793] JetBrains TeamCity < 2023.05.4 - Remote Code Execution (@iamnoooob,@rootxharsh,@pdresearch) [critical] π₯ β [CVE-2023-42442] JumpServer > 3.6.4 - Information Disclosure (@xianke) [high] π₯ β [CVE-2023-36845] Juniper J-Web - Remote Code Execution (@yaser_s) [medium] π₯ β [CVE-2023-35813] Sitecore - Remote Code Execution (@dhiyaneshdk,@iamnoooob) [critical] π₯ β [CVE-2023-29357] Microsoft SharePoint - Authentication Bypass (@pdteam) [critical] π₯ β [CVE-2023-22515] Atlassian Confluence - Privilege Escalation (@s1r1us,@iamnoooob,@rootxharsh,@pdresearch) [critical] π₯ β [CVE-2023-5074] D-Link D-View 8 v2.0.1.28 - Authentication Bypass (@dhiyaneshdk) [critical] π₯
75
25
12
Full Changelog: https://github.com/projectdiscovery/nuclei-templates/compare/v9.6.4...v9.6.5
π₯ Highlight of this release:
β [CVE-2023-41892] CraftCMS < 4.4.15 - Unauth Remote Code Execution (@iamnoooob,@rootxharsh,@pdresearch) [critical] π₯ β [CVE-2023-30943] Moodle - Cross-Site Scripting/Remote Code Execution (@ritikchaddha) [medium] π₯ β [CVE-2023-25573] Metersphere - Arbitrary File Read (@dhiyaneshdk) [high] π₯ β [CVE-2023-2813] Wordpress Multiple Themes - Reflected Cross-Site Scripting (@dhiyaneshdk) [medium] π₯ β [CVE-2022-0342] Zyxel - Authentication Bypass (@sleepingbag945,@powerexploit) [critical] π₯
121
10
3
Full Changelog: https://github.com/projectdiscovery/nuclei-templates/compare/v9.6.3...v9.6.4
π₯ Highlight of this release:
:white_check_mark: [CVE-2023-39361] Cacti 1.2.24 - SQL Injection (@ritikchaddha) [critical] :fire: :white_check_mark: [CVE-2023-36844] Juniper Devices - Remote Code Execution (@princechaddha,@ritikchaddha) [medium] :fire: :white_check_mark: [CVE-2023-34124] SonicWall GMS and Analytics Web Services - Shell Injection (@iamnoooob,@rootxharsh,@pdresearch) [critical] :fire: :white_check_mark: [CVE-2023-32563] Ivanti Avalanche - Remote Code Execution (@princechaddha) [critical] :fire: :white_check_mark: [CVE-2023-26469] Jorani 1.0.0 - Remote Code Execution (@pussycat0x) [critical] :fire: :white_check_mark: [CVE-2023-20073] Cisco VPN Routers - Unauthenticated Arbitrary File Upload (@princechaddha,@ritikchaddha) [critical] :fire: :white_check_mark: [CVE-2023-4634] Media Library Assistant < 3.09 - Remote Code Execution/Local File Inclusion (@pepitoh,@ritikchaddha) [critical] :fire:
54
21
6
Full Changelog: https://github.com/projectdiscovery/nuclei-templates/compare/v9.6.2...v9.6.3