update nuclei-templates 2022-07-04 12:53:1656910414

Author: x51pwn

brute/dicts/fuzz404.txt

@@ -9,4 +9,6 @@
 网络防火墙
 网站防火墙
 访问拦截
-由于安全原因JSP功能默认关闭
+由于安全原因JSP功能默认关闭
+<title>网站改版中</title>
+Our website is under construction

config/nuclei-templates/README.md

@@ -42,18 +42,18 @@ An overview of the nuclei template project, including statistics on unique tags,
 
 |    TAG    | COUNT |    AUTHOR     | COUNT |    DIRECTORY     | COUNT | SEVERITY | COUNT |  TYPE   | COUNT |
 |-----------|-------|---------------|-------|------------------|-------|----------|-------|---------|-------|
-| cve       |  1219 | daffainfo     |   601 | cves             |  1224 | info     |  1284 | http    |  3361 |
-| panel     |   537 | dhiyaneshdk   |   441 | exposed-panels   |   548 | high     |   909 | file    |    76 |
-| lfi       |   471 | pikpikcu      |   316 | vulnerabilities  |   460 | medium   |   704 | network |    50 |
-| xss       |   391 | pdteam        |   268 | technologies     |   258 | critical |   420 | dns     |    17 |
-| wordpress |   380 | geeknik       |   185 | exposures        |   222 | low      |   193 |         |       |
-| exposure  |   320 | dwisiswant0   |   168 | token-spray      |   204 | unknown  |     6 |         |       |
-| rce       |   304 | 0x_akoko      |   145 | misconfiguration |   201 |          |       |         |       |
-| cve2021   |   302 | princechaddha |   143 | workflows        |   187 |          |       |         |       |
-| wp-plugin |   277 | gy741         |   124 | default-logins   |    96 |          |       |         |       |
-| tech      |   275 | pussycat0x    |   124 | file             |    76 |          |       |         |       |
-
-**273 directories, 3729 files**.
+| cve       |  1240 | daffainfo     |   601 | cves             |  1236 | info     |  1306 | http    |  3408 |
+| panel     |   556 | dhiyaneshdk   |   451 | exposed-panels   |   564 | high     |   920 | file    |    76 |
+| lfi       |   475 | pikpikcu      |   316 | vulnerabilities  |   468 | medium   |   716 | network |    50 |
+| xss       |   402 | pdteam        |   268 | technologies     |   260 | critical |   422 | dns     |    17 |
+| wordpress |   388 | geeknik       |   187 | exposures        |   222 | low      |   194 |         |       |
+| exposure  |   322 | dwisiswant0   |   169 | misconfiguration |   206 | unknown  |     6 |         |       |
+| cve2021   |   307 | 0x_akoko      |   148 | token-spray      |   206 |          |       |         |       |
+| rce       |   305 | princechaddha |   146 | workflows        |   187 |          |       |         |       |
+| wp-plugin |   283 | pussycat0x    |   125 | default-logins   |    98 |          |       |         |       |
+| tech      |   276 | gy741         |   124 | file             |    76 |          |       |         |       |
+
+**279 directories, 3776 files**.
 
 </td>
 </tr>

config/nuclei-templates/TEMPLATES-STATS.json

@@ -1,12 +1,12 @@
 |    TAG    | COUNT |    AUTHOR     | COUNT |    DIRECTORY     | COUNT | SEVERITY | COUNT |  TYPE   | COUNT |
 |-----------|-------|---------------|-------|------------------|-------|----------|-------|---------|-------|
-| cve       |  1219 | daffainfo     |   601 | cves             |  1224 | info     |  1284 | http    |  3361 |
-| panel     |   537 | dhiyaneshdk   |   441 | exposed-panels   |   548 | high     |   909 | file    |    76 |
-| lfi       |   471 | pikpikcu      |   316 | vulnerabilities  |   460 | medium   |   704 | network |    50 |
-| xss       |   391 | pdteam        |   268 | technologies     |   258 | critical |   420 | dns     |    17 |
-| wordpress |   380 | geeknik       |   185 | exposures        |   222 | low      |   193 |         |       |
-| exposure  |   320 | dwisiswant0   |   168 | token-spray      |   204 | unknown  |     6 |         |       |
-| rce       |   304 | 0x_akoko      |   145 | misconfiguration |   201 |          |       |         |       |
-| cve2021   |   302 | princechaddha |   143 | workflows        |   187 |          |       |         |       |
-| wp-plugin |   277 | gy741         |   124 | default-logins   |    96 |          |       |         |       |
-| tech      |   275 | pussycat0x    |   124 | file             |    76 |          |       |         |       |
+| cve       |  1240 | daffainfo     |   601 | cves             |  1236 | info     |  1306 | http    |  3408 |
+| panel     |   556 | dhiyaneshdk   |   451 | exposed-panels   |   564 | high     |   920 | file    |    76 |
+| lfi       |   475 | pikpikcu      |   316 | vulnerabilities  |   468 | medium   |   716 | network |    50 |
+| xss       |   402 | pdteam        |   268 | technologies     |   260 | critical |   422 | dns     |    17 |
+| wordpress |   388 | geeknik       |   187 | exposures        |   222 | low      |   194 |         |       |
+| exposure  |   322 | dwisiswant0   |   169 | misconfiguration |   206 | unknown  |     6 |         |       |
+| cve2021   |   307 | 0x_akoko      |   148 | token-spray      |   206 |          |       |         |       |
+| rce       |   305 | princechaddha |   146 | workflows        |   187 |          |       |         |       |
+| wp-plugin |   283 | pussycat0x    |   125 | default-logins   |    98 |          |       |         |       |
+| tech      |   276 | gy741         |   124 | file             |    76 |          |       |         |       |

config/nuclei-templates/TEMPLATES-STATS.md

@@ -6,10 +6,12 @@ info:
   severity: medium
   description: The Virtual Keyboard plugin for SquirrelMail is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.
   reference:
+    - http://www.redhat.com/support/errata/RHSA-2002-204.html
+    - http://www.debian.org/security/2002/dsa-191
+    - http://sourceforge.net/project/shownotes.php?group_id=311&release_id=110774
     - https://www.exploit-db.com/exploits/21811
     - https://web.archive.org/web/20051124131714/http://archives.neohapsis.com/archives/bugtraq/2002-09/0246.html
     - http://web.archive.org/web/20210129020617/https://www.securityfocus.com/bid/5763/
-    - http://archives.neohapsis.com/archives/bugtraq/2002-09/0246.html
   classification:
     cve-id: CVE-2002-1131
   tags: xss,squirrelmail,cve,cve2002

config/nuclei-templates/TOP-10.md

@@ -9,7 +9,6 @@ info:
     - http://pridels0.blogspot.com/2005/12/cofax-xss-vuln.html
     - https://nvd.nist.gov/vuln/detail/CVE-2005-4385
     - http://web.archive.org/web/20210121165100/https://www.securityfocus.com/bid/15940/
-    - http://www.securityfocus.com/bid/15940
   classification:
     cve-id: CVE-2005-4385
   tags: cofax,xss,cve,cve2005

config/nuclei-templates/cves/2002/CVE-2002-1131.yaml

@@ -8,8 +8,8 @@ info:
   reference:
     - http://web.archive.org/web/20210217161726/https://www.securityfocus.com/bid/17408/
     - https://nvd.nist.gov/vuln/detail/CVE-2006-1681
-    - http://secunia.com/advisories/19587
-    - http://www.securityfocus.com/bid/17408
+    - http://web.archive.org/web/20140803090438/http://secunia.com/advisories/19587/
+    - http://www.vupen.com/english/advisories/2006/1292
   classification:
     cve-id: CVE-2006-1681
   tags: cherokee,httpd,xss,cve,cve2006

config/nuclei-templates/cves/2005/CVE-2005-4385.yaml

@@ -9,7 +9,7 @@ info:
     - https://www.exploit-db.com/exploits/27948
     - http://squirrelmail.cvs.sourceforge.net/squirrelmail/squirrelmail/functions/global.php?r1=1.27.2.16&r2=1.27.2.17&view=patch&pathrev=SM-1_4-STABLE
     - http://www.squirrelmail.org/security/issue/2006-06-01
-    - http://secunia.com/advisories/20406
+    - http://web.archive.org/web/20160915101900/http://secunia.com/advisories/20406/
   classification:
     cve-id: CVE-2006-2842
   tags: cve2006,lfi,squirrelmail,cve

config/nuclei-templates/cves/2006/CVE-2006-1681.yaml

@@ -9,7 +9,6 @@ info:
     - http://web.archive.org/web/20201208220614/https://www.securityfocus.com/archive/1/459590/100/0/threaded
     - https://web.archive.org/web/20210119080228/http://www.securityfocus.com/bid/22503
     - https://exchange.xforce.ibmcloud.com/vulnerabilities/32418
-    - http://www.securityfocus.com/bid/22503
   classification:
     cve-id: CVE-2007-0885
   tags: cve,cve2007,jira,xss

config/nuclei-templates/cves/2006/CVE-2006-2842.yaml

@@ -9,7 +9,7 @@ info:
     - https://www.exploit-db.com/exploits/30090
     - http://lists.grok.org.uk/pipermail/full-disclosure/2007-May/063617.html
     - http://web.archive.org/web/20210130131735/https://www.securityfocus.com/bid/24182/
-    - http://secunia.com/advisories/25446
+    - http://web.archive.org/web/20161220160642/http://secunia.com/advisories/25446/
   classification:
     cve-id: CVE-2007-5728
   metadata:

config/nuclei-templates/cves/2007/CVE-2007-0885.yaml

@@ -8,7 +8,7 @@ info:
   reference:
     - https://exchange.xforce.ibmcloud.com/vulnerabilities/42546
     - http://web.archive.org/web/20210121181851/https://www.securityfocus.com/bid/29291/
-    - http://secunia.com/advisories/30333
+    - http://web.archive.org/web/20140724110348/http://secunia.com/advisories/30333/
     - http://securityreason.com/securityalert/3896
   classification:
     cve-id: CVE-2008-2398

config/nuclei-templates/cves/2007/CVE-2007-5728.yaml

@@ -9,7 +9,7 @@ info:
   reference:
     - http://www.cmsimple.com/forum/viewtopic.php?f=2&t=17
     - http://web.archive.org/web/20210121182016/https://www.securityfocus.com/bid/29450/
-    - http://secunia.com/advisories/30463
+    - http://web.archive.org/web/20140729144732/http://secunia.com:80/advisories/30463
   classification:
     cve-id: CVE-2008-2650
   tags: cve,cve2008,lfi

config/nuclei-templates/cves/2008/CVE-2008-2398.yaml

@@ -8,8 +8,8 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/7363
     - http://web.archive.org/web/20210121184707/https://www.securityfocus.com/bid/32670/
-    - http://secunia.com/advisories/33014
-    - http://secunia.com/advisories/33263
+    - http://web.archive.org/web/20160520063306/http://secunia.com/advisories/33014
+    - http://web.archive.org/web/20151104173853/http://secunia.com/advisories/33263
   classification:
     cve-id: CVE-2008-5587
   metadata:

config/nuclei-templates/cves/2008/CVE-2008-2650.yaml

@@ -8,7 +8,7 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/6809
     - https://www.cvedetails.com/cve/CVE-2008-6080
-    - http://secunia.com/advisories/32377
+    - http://web.archive.org/web/20140804231654/http://secunia.com/advisories/32377/
     - http://web.archive.org/web/20210121184101/https://www.securityfocus.com/bid/31877/
   classification:
     cve-id: CVE-2008-6080

config/nuclei-templates/cves/2008/CVE-2008-5587.yaml

@@ -8,7 +8,7 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/6817
     - https://www.cvedetails.com/cve/CVE-2008-6172
-    - http://secunia.com/advisories/32367
+    - http://web.archive.org/web/20140804232841/http://secunia.com/advisories/32367/
     - http://web.archive.org/web/20210121184108/https://www.securityfocus.com/bid/31892/
   classification:
     cve-id: CVE-2008-6172

config/nuclei-templates/cves/2008/CVE-2008-6080.yaml

@@ -8,7 +8,7 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/6980
     - https://www.cvedetails.com/cve/CVE-2008-6222
-    - http://secunia.com/advisories/32523
+    - http://web.archive.org/web/20111223225601/http://secunia.com/advisories/32523/
     - http://web.archive.org/web/20210121184244/https://www.securityfocus.com/bid/32113/
   classification:
     cve-id: CVE-2008-6222

config/nuclei-templates/cves/2008/CVE-2008-6172.yaml

@@ -9,7 +9,7 @@ info:
     - https://www.exploit-db.com/exploits/16154
     - https://nvd.nist.gov/vuln/detail/CVE-2009-0932?cpeVersion=2.2
     - http://cvs.horde.org/co.php/groupware/docs/groupware/CHANGES?r=1.28.2.5
-    - http://secunia.com/advisories/33695
+    - http://web.archive.org/web/20161228102217/http://secunia.com/advisories/33695
   classification:
     cve-id: CVE-2009-0932
   tags: cve,cve2009,horde,lfi,traversal

config/nuclei-templates/cves/2008/CVE-2008-6222.yaml

@@ -9,7 +9,6 @@ info:
     - https://www.exploit-db.com/exploits/8367
     - https://www.cvedetails.com/cve/CVE-2009-1496
     - http://web.archive.org/web/20210121190149/https://www.securityfocus.com/bid/34431/
-    - http://www.securityfocus.com/bid/34431
   classification:
     cve-id: CVE-2009-1496
   tags: cve,cve2009,joomla,lfi

config/nuclei-templates/cves/2009/CVE-2009-0932.yaml

@@ -9,7 +9,6 @@ info:
     - https://www.exploit-db.com/exploits/8946
     - https://www.cvedetails.com/cve/CVE-2009-2100
     - http://web.archive.org/web/20210121191226/https://www.securityfocus.com/bid/35378/
-    - http://www.securityfocus.com/bid/35378
   classification:
     cve-id: CVE-2009-2100
   tags: cve,cve2009,joomla,lfi

config/nuclei-templates/cves/2009/CVE-2009-1496.yaml

@@ -10,7 +10,7 @@ info:
     - https://www.exploit-db.com/exploits/33440
     - https://www.cvedetails.com/cve/CVE-2009-4679
     - https://nvd.nist.gov/vuln/detail/CVE-2009-4679
-    - http://secunia.com/advisories/37760
+    - http://web.archive.org/web/20140722130146/http://secunia.com/advisories/37760/
   classification:
     cve-id: CVE-2009-4679
   tags: cve,cve2009,joomla,lfi,nexus

config/nuclei-templates/cves/2009/CVE-2009-2100.yaml

@@ -8,7 +8,7 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/10943
     - https://www.cvedetails.com/cve/CVE-2010-0157
-    - http://secunia.com/advisories/37896
+    - http://web.archive.org/web/20151023032409/http://secunia.com/advisories/37896/
     - http://packetstormsecurity.org/1001-exploits/joomlabiblestudy-lfi.txt
   remediation: Upgrade to a supported version.
   classification:

config/nuclei-templates/cves/2009/CVE-2009-4679.yaml

@@ -8,7 +8,7 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/11447
     - https://www.cvedetails.com/cve/CVE-2010-0696
-    - http://secunia.com/advisories/38587
+    - http://web.archive.org/web/20140805102632/http://secunia.com/advisories/38587/
     - http://www.joomlaworks.gr/content/view/77/34/
   remediation: Upgrade to a supported version.
   classification:

config/nuclei-templates/cves/2010/CVE-2010-0157.yaml

@@ -8,7 +8,7 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/11498
     - https://www.cvedetails.com/cve/CVE-2010-0759
-    - http://secunia.com/advisories/38637
+    - http://web.archive.org/web/20151104183037/http://secunia.com/advisories/38637/
     - http://web.archive.org/web/20210121194344/https://www.securityfocus.com/bid/38296/
   remediation: Upgrade to a supported version.
   classification:

config/nuclei-templates/cves/2010/CVE-2010-0696.yaml

@@ -9,7 +9,7 @@ info:
     - https://www.exploit-db.com/exploits/11090
     - https://www.cvedetails.com/cve/CVE-2010-0943
     - http://web.archive.org/web/20210121193737/https://www.securityfocus.com/bid/37692/
-    - http://secunia.com/advisories/33486
+    - http://web.archive.org/web/20140724215426/http://secunia.com/advisories/33486/
   classification:
     cve-id: CVE-2010-0943
   tags: cve,cve2010,joomla,lfi

config/nuclei-templates/cves/2010/CVE-2010-0759.yaml

@@ -8,7 +8,7 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/11738
     - https://www.cvedetails.com/cve/CVE-2010-0972
-    - http://secunia.com/advisories/38925
+    - http://web.archive.org/web/20140804152652/http://secunia.com/advisories/38925/
     - http://www.exploit-db.com/exploits/11738
   remediation: Apply all relevant security patches and product upgrades.
   classification:

config/nuclei-templates/cves/2010/CVE-2010-0943.yaml

@@ -9,7 +9,7 @@ info:
     - https://www.exploit-db.com/exploits/10942
     - https://www.cvedetails.com/cve/CVE-2010-0982
     - http://web.archive.org/web/20210121193625/https://www.securityfocus.com/bid/37581/
-    - http://secunia.com/advisories/37917
+    - http://web.archive.org/web/20151104182451/http://secunia.com/advisories/37917/
   remediation: Apply all relevant security patches and product upgrades.
   classification:
     cve-id: CVE-2010-0982

config/nuclei-templates/cves/2010/CVE-2010-0972.yaml

@@ -9,7 +9,7 @@ info:
     - https://www.exploit-db.com/exploits/10948
     - https://www.cvedetails.com/cve/CVE-2010-0985
     - http://web.archive.org/web/20210623092041/https://www.securityfocus.com/bid/37560
-    - http://www.securityfocus.com/bid/37560
+    - http://www.exploit-db.com/exploits/10948
   remediation: Apply all relevant security patches and product upgrades.
   classification:
     cve-id: CVE-2010-0985

config/nuclei-templates/cves/2010/CVE-2010-0982.yaml

@@ -9,7 +9,7 @@ info:
     - https://www.exploit-db.com/exploits/11760
     - https://www.cvedetails.com/cve/CVE-2010-1056
     - http://web.archive.org/web/20210121194803/https://www.securityfocus.com/bid/38741/
-    - http://secunia.com/advisories/38982
+    - http://web.archive.org/web/20151023104850/http://secunia.com/advisories/38982/
   remediation: Apply all relevant security patches and product upgrades.
   classification:
     cve-id: CVE-2010-1056

config/nuclei-templates/cves/2010/CVE-2010-0985.yaml

@@ -9,7 +9,6 @@ info:
     - https://www.exploit-db.com/exploits/11511
     - https://www.cvedetails.com/cve/CVE-2010-1081
     - http://www.corejoomla.com/component/content/article/1-corejoomla-updates/40-community-polls-v153-security-release.html
-    - http://osvdb.org/62506
   remediation: Apply all relevant security patches and product upgrades.
   classification:
     cve-id: CVE-2010-1081

config/nuclei-templates/cves/2010/CVE-2010-1056.yaml

@@ -8,7 +8,7 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/11757
     - https://www.cvedetails.com/cve/CVE-2010-1219
-    - http://secunia.com/advisories/38952
+    - http://web.archive.org/web/20161009134632/http://secunia.com/advisories/38952
     - http://web.archive.org/web/20210617075625/https://www.securityfocus.com/bid/38746
   remediation: Upgrade to a supported version.
   classification:

config/nuclei-templates/cves/2010/CVE-2010-1081.yaml

@@ -9,7 +9,7 @@ info:
     - https://www.exploit-db.com/exploits/11978
     - https://www.cvedetails.com/cve/CVE-2010-1302
     - http://web.archive.org/web/20210121195144/https://www.securityfocus.com/bid/39108/
-    - http://secunia.com/advisories/39200
+    - http://web.archive.org/web/20140805062036/http://secunia.com/advisories/39200/
   remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2010-1302

config/nuclei-templates/cves/2010/CVE-2010-1219.yaml

@@ -9,7 +9,7 @@ info:
     - https://www.exploit-db.com/exploits/11998
     - https://www.cvedetails.com/cve/CVE-2010-1304
     - http://web.archive.org/web/20210518080735/https://www.securityfocus.com/bid/39174
-    - http://www.securityfocus.com/bid/39174
+    - http://www.exploit-db.com/exploits/11998
   remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2010-1304

config/nuclei-templates/cves/2010/CVE-2010-1302.yaml

@@ -9,7 +9,7 @@ info:
     - https://www.exploit-db.com/exploits/12065
     - https://www.cvedetails.com/cve/CVE-2010-1305
     - http://extensions.joomla.org/extensions/e-commerce/shopping-cart/7951
-    - http://secunia.com/advisories/39351
+    - http://web.archive.org/web/20140806165126/http://secunia.com/advisories/39351/
   remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2010-1305

config/nuclei-templates/cves/2010/CVE-2010-1304.yaml

@@ -8,7 +8,7 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/12058
     - https://www.cvedetails.com/cve/CVE-2010-1306
-    - http://secunia.com/advisories/39338
+    - http://web.archive.org/web/20140805134149/http://secunia.com/advisories/39338/
     - http://web.archive.org/web/20210121195240/https://www.securityfocus.com/bid/39200/
   remediation: Upgrade to a supported version.
   classification:

config/nuclei-templates/cves/2010/CVE-2010-1305.yaml

@@ -8,7 +8,7 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/12070
     - https://www.cvedetails.com/cve/CVE-2010-1307
-    - http://secunia.com/advisories/39348
+    - http://web.archive.org/web/20140806154402/http://secunia.com/advisories/39348/
     - http://www.vupen.com/english/advisories/2010/0806
   remediation: Upgrade to a supported version.
   classification:

config/nuclei-templates/cves/2010/CVE-2010-1306.yaml

@@ -8,7 +8,7 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/12077
     - https://www.cvedetails.com/cve/CVE-2010-1312
-    - http://secunia.com/advisories/39289
+    - http://web.archive.org/web/20140724200344/http://secunia.com/advisories/39289/
     - http://packetstormsecurity.org/1004-exploits/joomlanewportal-lfi.txt
   remediation: Upgrade to a supported version.
   classification:

config/nuclei-templates/cves/2010/CVE-2010-1307.yaml

@@ -9,7 +9,7 @@ info:
     - https://www.exploit-db.com/exploits/12082
     - https://www.cvedetails.com/cve/CVE-2010-1313
     - http://web.archive.org/web/20210121195302/https://www.securityfocus.com/bid/39237/
-    - http://www.securityfocus.com/bid/39237
+    - http://www.exploit-db.com/exploits/12082
   remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2010-1313

config/nuclei-templates/cves/2010/CVE-2010-1312.yaml

@@ -8,7 +8,7 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/12086
     - https://www.cvedetails.com/cve/CVE-2010-1314
-    - http://secunia.com/advisories/39359
+    - http://web.archive.org/web/20140724203458/http://secunia.com/advisories/39359/
     - http://packetstormsecurity.org/1004-exploits/joomlahsconfig-lfi.txt
   remediation: Upgrade to a supported version.
   classification:

config/nuclei-templates/cves/2010/CVE-2010-1313.yaml

@@ -8,7 +8,7 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/11999
     - https://www.cvedetails.com/cve/CVE-2010-1315
-    - http://secunia.com/advisories/39209
+    - http://web.archive.org/web/20140801092842/http://secunia.com/advisories/39209/
     - http://packetstormsecurity.org/1004-exploits/joomlaweberpcustomer-lfi.txt
   remediation: Upgrade to a supported version.
   classification: