v9.7.8 - Fishing for Phishing

🔥 Release Highlights 🔥

In our latest release, we are thrilled to announce new addition of 120+ OSINT - Phishing Detection templates, thanks to the contributions of our community member @rxerium. These templates are accessible at Phishing Detection templates.

These templates are specifically added to help OSINT analysts, threat researchers, and security professionals in discovering and studying phishing campaigns therefore, we have added them to the OSINT scan profile here. Users can execute the OSINT scan configuration profile with nuclei -u <host> -config ~/nuclei-templates/config/osint.yml

Please note that these templates are not included in the default run. To use them, users can simply include them in the scan using nuclei -u <host> -tags phishing -itags phishing.

By identifying and analyzing phishing sites, OSINT analysts can discover patterns, monitor the activities of threat actors, and collect data essential for broader security research or investigative journalism. This makes it a valuable addition to the OSINT toolkit.

What's Changed

New Templates Added: 126

• http/cves/2023/CVE-2023-43187.yaml by @0xParth
• http/cves/2023/CVE-2023-5089.yaml by @JPG0mez
• http/vulnerabilities/chanjet-tplus/chanjet-tplus-unauth-passreset.yaml by @0xr2r
• http/exposed-panels/atlassian-bamboo-panel.yaml by @righettod
• http/exposed-panels/cleanweb-panel.yaml by @righettod
• http/exposed-panels/eset-protect-panel.yaml by @charles D.
• http/exposed-panels/graylog-panel.yaml by @righettod
• http/exposed-panels/lockself-panel.yaml by @righettod
• http/exposed-panels/moodle-workplace-panel.yaml by @righettod
• http/exposed-panels/nexus-panel.yaml by @righettod
• http/exposed-panels/pahtool-panel.yaml by @righettod
• http/technologies/hcpanywhere-detect.yaml by @righettod
• http/technologies/admiralcloud-detect.yaml by @righettod
• http/osint/phishing/1password-phish.yaml by @rxerium
• http/osint/phishing/adobe-phish.yaml by @rxerium
• http/osint/phishing/aliexpress-phish.yaml by @rxerium
• http/osint/phishing/amazon-phish.yaml by @rxerium
• http/osint/phishing/amazon-web-services-phish.yaml by @rxerium
• http/osint/phishing/american-express-phish.yaml by @rxerium
• http/osint/phishing/anydesk-phish.yaml by @rxerium
• http/osint/phishing/avast-phish.yaml by @rxerium
• http/osint/phishing/avg-phish.yaml by @rxerium
• http/osint/phishing/bank-of-america-phish.yaml by @rxerium
• http/osint/phishing/battlenet-phish.yaml by @rxerium
• http/osint/phishing/bestbuy-phish.yaml by @rxerium
• http/osint/phishing/bitdefender-phish.yaml by @rxerium
• http/osint/phishing/bitwarden-phish.yaml by @rxerium
• http/osint/phishing/blender-phish.yaml by @rxerium
• http/osint/phishing/booking-phish.yaml by @rxerium
• http/osint/phishing/box-storage-phish.yaml by @rxerium
• http/osint/phishing/brave-phish.yaml by @rxerium
• http/osint/phishing/brighthr-phish.yaml by @rxerium
• http/osint/phishing/ccleaner-phish.yaml by @rxerium
• http/osint/phishing/chase-phish.yaml by @rxerium
• http/osint/phishing/chrome-phish.yaml by @rxerium
• http/osint/phishing/costa-phish.yaml by @rxerium
• http/osint/phishing/dashlane-phish.yaml by @rxerium
• http/osint/phishing/deezer-phish.yaml by @rxerium
• http/osint/phishing/deliveroo-phish.yaml by @rxerium
• http/osint/phishing/digital-ocean-phish.yaml by @rxerium
• http/osint/phishing/discord-phish.yaml by @rxerium
• http/osint/phishing/disneyplus-phish.yaml by @rxerium
• http/osint/phishing/dropbox-phish.yaml by @rxerium
• http/osint/phishing/duckduckgo-phish.yaml by @rxerium
• http/osint/phishing/ebay-phish.yaml by @rxerium
• http/osint/phishing/edge-phish.yaml by @rxerium
• http/osint/phishing/ee-mobile-phish.yaml by @rxerium
• http/osint/phishing/eset-phish.yaml by @rxerium
• http/osint/phishing/evernote-phish.yaml by @rxerium
• http/osint/phishing/facebook-phish.yaml by @rxerium
• http/osint/phishing/figma-phish.yaml by @rxerium
• http/osint/phishing/filezilla-phish.yaml by @rxerium
• http/osint/phishing/firefox-phish.yaml by @rxerium
• http/osint/phishing/gimp-phish.yaml by @rxerium
• http/osint/phishing/github-phish.yaml by @rxerium
• http/osint/phishing/google-phish.yaml by @rxerium
• http/osint/phishing/icloud-phish.yaml by @rxerium
• http/osint/phishing/instagram-phish.yaml by @rxerium
• http/osint/phishing/kaspersky-phish.yaml by @rxerium
• http/osint/phishing/kayak-phish.yaml by @rxerium
• http/osint/phishing/keepass-phish.yaml by @rxerium
• http/osint/phishing/keepersecurity-phish.yaml by @rxerium
• http/osint/phishing/keybase-phish.yaml by @rxerium
• http/osint/phishing/lastpass-phish.yaml by @rxerium
• http/osint/phishing/libre-office-phish.yaml by @rxerium
• http/osint/phishing/linkedin-phish.yaml by @rxerium
• http/osint/phishing/malwarebytes-phish.yaml by @rxerium
• http/osint/phishing/mcafee-phish.yaml by @rxerium
• http/osint/phishing/mega-phish.yaml by @rxerium
• http/osint/phishing/messenger-phish.yaml by @rxerium
• http/osint/phishing/microcenter-phish.yaml by @rxerium
• http/osint/phishing/microsoft-phish.yaml by @rxerium
• http/osint/phishing/microsoft-teams-phish.yaml by @rxerium
• http/osint/phishing/netflix-phish.yaml by @rxerium
• http/osint/phishing/nordpass-phish.yaml by @rxerium
• http/osint/phishing/norton-phish.yaml by @rxerium
• http/osint/phishing/notion-phish.yaml by @rxerium
• http/osint/phishing/o2-mobile-phish.yaml by @rxerium
• http/osint/phishing/openai-phish.yaml by @rxerium
• http/osint/phishing/opera-phish.yaml by @rxerium
• http/osint/phishing/paramountplus-phish.yaml by @rxerium
• http/osint/phishing/paypal-phish.yaml by @rxerium
• http/osint/phishing/pcloud-phish.yaml by @rxerium
• http/osint/phishing/pintrest-phish.yaml by @rxerium
• http/osint/phishing/plusnet-phish.yaml by @rxerium
• http/osint/phishing/proton-phish.yaml by @rxerium
• http/osint/phishing/putty-phish.yaml by @rxerium
• http/osint/phishing/python-phish.yaml by @rxerium
• http/osint/phishing/quora-phish.yaml by @rxerium
• http/osint/phishing/reddit-phish.yaml by @rxerium
• http/osint/phishing/roblox-phish.yaml by @rxerium
• http/osint/phishing/roboform-phish.yaml by @rxerium
• http/osint/phishing/royal-mail-phish.yaml by @rxerium
• http/osint/phishing/samsung-phish.yaml by @rxerium
• http/osint/phishing/signal-phish.yaml by @rxerium
• http/osint/phishing/sky-phish.yaml by @rxerium
• http/osint/phishing/skype-phish.yaml by @rxerium
• http/osint/phishing/skyscanner-phish.yaml by @rxerium
• http/osint/phishing/slack-phish.yaml by @rxerium
• http/osint/phishing/sophos-phish.yaml by @rxerium
• http/osint/phishing/spotify-phish.yaml by @rxerium
• http/osint/phishing/steam-phish.yaml by @rxerium
• http/osint/phishing/sync-storage-phish.yaml by @rxerium
• http/osint/phishing/target-phish.yaml by @rxerium
• http/osint/phishing/teamviewer-phish.yaml by @rxerium
• http/osint/phishing/telegram-phish.yaml by @rxerium
• http/osint/phishing/three-mobile-phish.yaml by @rxerium
• http/osint/phishing/thunderbird-phish.yaml by @rxerium
• http/osint/phishing/ticketmaster-phish.yaml by @rxerium
• http/osint/phishing/tiktok-phish.yaml by @rxerium
• http/osint/phishing/trading212-phish.yaml by @rxerium
• http/osint/phishing/trend-micro-phish.yaml by @rxerium
• http/osint/phishing/trip-phish.yaml by @rxerium
• http/osint/phishing/twitch-phish.yaml by @rxerium
• http/osint/phishing/uber-phish.yaml by @rxerium
• http/osint/phishing/visual-studio-code-phish.yaml by @rxerium
• http/osint/phishing/vlc-player-phish.yaml by @rxerium
• http/osint/phishing/vodafone-phish.yaml by @rxerium
• http/osint/phishing/vultr-phish.yaml by @rxerium
• http/osint/phishing/walmart-phish.yaml by @rxerium
• http/osint/phishing/wetransfer-phish.yaml by @rxerium
• http/osint/phishing/whatsapp-phish.yaml by @rxerium
• http/osint/phishing/wikipedia-phish.yaml by @rxerium
• http/osint/phishing/winscp-phish.yaml by @rxerium
• http/osint/phishing/yahoo-phish.yaml by @rxerium
• http/osint/phishing/zoom-phish.yaml by @rxerium

New Contributors

• @Sandr0x00 made their first contribution in #9297
• @0xParth made their first contribution in #9294

Full Changelog: v9.7.7...v9.7.8

v9.7.7

🔥 Release Highlights 🔥

• http/cves/2024/CVE-2024-1071.yaml by @dhiyaneshdk,@Iamnooob 🔥
• http/cves/2024/CVE-2024-1709.yaml by @johnk3r 🔥
• http/cves/2024/CVE-2024-23334.yaml by @dhiyaneshdk 🔥
• http/cves/2024/CVE-2024-25600.yaml by @Christbowel 🔥
• http/cves/2024/CVE-2024-27198.yaml by @dhiyaneshdk 🔥
• http/cves/2024/CVE-2024-27199.yaml by @dhiyaneshdk 🔥
• http/cves/2024/CVE-2024-27497.yaml by @dhiyaneshdk 🔥
• http/cves/2023/CVE-2023-38203.yaml by @yiran 🔥
• http/cves/2023/CVE-2023-42344.yaml by @0xr2r 🔥
• http/cves/2023/CVE-2023-48777.yaml by @dhiyaneshdk 🔥

What's Changed

New Templates Added: 82 | CVEs Added: 21 | First-time contributions: 8

• http/cves/2024/CVE-2024-0305.yaml by @BMcEL
• http/cves/2024/CVE-2024-0713.yaml by @dhiyaneshdk
• http/cves/2024/CVE-2024-1021.yaml by @BMcEL
• http/cves/2024/CVE-2024-1071.yaml by @dhiyaneshdk,@Iamnooob 🔥
• http/cves/2024/CVE-2024-1208.yaml by @ritikchaddha
• http/cves/2024/CVE-2024-1209.yaml by @ritikchaddha
• http/cves/2024/CVE-2024-1210.yaml by @ritikchaddha
• http/cves/2024/CVE-2024-1709.yaml by @johnk3r 🔥
• http/cves/2024/CVE-2024-22319.yaml by @dhiyaneshdk
• http/cves/2024/CVE-2024-22320.yaml by @dhiyaneshdk
• http/cves/2024/CVE-2024-23334.yaml by @dhiyaneshdk 🔥
• http/cves/2024/CVE-2024-25600.yaml by @Christbowel 🔥
• http/cves/2024/CVE-2024-27198.yaml by @dhiyaneshdk 🔥
• http/cves/2024/CVE-2024-27199.yaml by @dhiyaneshdk 🔥
• http/cves/2024/CVE-2024-27497.yaml by @dhiyaneshdk 🔥
• http/cves/2023/CVE-2023-38203.yaml by @yiran 🔥
• http/cves/2023/CVE-2023-42344.yaml by @0xr2r 🔥
• http/cves/2023/CVE-2023-45671.yaml by @ritikchaddha
• http/cves/2023/CVE-2023-48777.yaml by @dhiyaneshdk 🔥
• http/cves/2023/CVE-2023-6895.yaml by @Archer
• http/cnvd/2023/CNVD-2023-96945.yaml by @dhiyaneshdk
• http/cves/2015/CVE-2015-1635.yaml by @phillipo
• http/vulnerabilities/chanjet-tplus/chanjet-tplus-unauth-update.yaml by @0xr2r
• http/vulnerabilities/dahua/dahua-bitmap-fileupload.yaml by @dhiyaneshdk
• http/vulnerabilities/joomla/joomla-easyshop-lfi.yaml by @ritikchaddha
• http/vulnerabilities/other/lucee-unset-credentials.yaml by @JPG0mez
• http/vulnerabilities/yonyou/yonyou-ufida-nc-lfi.yaml by @dhiyaneshdk
• http/misconfiguration/cloudflare-rocketloader-htmli.yaml by @j3ssie
• http/misconfiguration/installer/connectwise-setup.yaml by @dhiyaneshdk
• http/default-logins/ibm/ibm-dcbc-default-login.yaml by @dhiyaneshdk
• http/default-logins/ibm/ibm-dcec-default-login.yaml by @dhiyaneshdk
• http/default-logins/ibm/ibm-dsc-default-login.yaml by @dhiyaneshdk
• http/default-logins/ibm/ibm-hmc-default-login.yaml by @r3s OST
• http/default-logins/ibm/imm-default-login.yaml by @JPG0mez
• http/default-logins/lucee/lucee-default-login.yaml by @JPG0mez
• http/exposed-panels/c2/meduza-stealer.yaml by @dwisiswant0
• http/exposed-panels/cisco-unity-panel.yaml by @HeeresS
• http/exposed-panels/connectwise-panel.yaml by @johnk3r
• http/exposed-panels/fortinet/fortiauthenticator-detect.yaml by @johnk3r
• http/exposed-panels/ibm/ibm-dcec-panel.yaml by @dhiyaneshdk
• http/exposed-panels/ibm/ibm-decision-server-console.yaml by @dhiyaneshdk
• http/exposed-panels/ibm/ibm-odm-panel.yaml by @dhiyaneshdk
• http/exposed-panels/koel-panel.yaml by @rxerium
• http/exposed-panels/kopano-webapp-panel.yaml by @righettod
• http/exposed-panels/linshare-panel.yaml by @righettod
• http/exposed-panels/openvas-panel.yaml by @rxerium
• http/exposed-panels/opinio-panel.yaml by @righettod
• http/exposed-panels/redmine-panel.yaml by @righettod
• http/exposed-panels/rocketchat-panel.yaml by @righettod
• http/exposed-panels/webtransfer-client-panel.yaml by @righettod
• http/exposures/configs/sphinxsearch-config.yaml by @gtrrnr
• http/exposures/tokens/dependency/dependency-track-api.yaml by @dhiyaneshdk
• http/exposures/tokens/docker/docker-hub-pat.yaml by @dhiyaneshdk
• http/exposures/tokens/doppler/doppler-audit-token.yaml by @dhiyaneshdk
• http/exposures/tokens/doppler/doppler-cli-token.yaml by @dhiyaneshdk
• http/exposures/tokens/doppler/doppler-scim-token.yaml by @dhiyaneshdk
• http/exposures/tokens/doppler/doppler-service-account-token.yaml by @dhiyaneshdk
• http/exposures/tokens/doppler/doppler-service-token.yaml by @dhiyaneshdk
• http/exposures/tokens/dropbox/dropbox-access-token.yaml by @dhiyaneshdk
• http/exposures/tokens/huggingface/huggingface-user-access-token.yaml by @dhiyaneshdk
• http/exposures/tokens/linkedin/linkedin-client-id.yaml by @dhiyaneshdk
• http/exposures/tokens/linkedin/linkedin-secret-key.yaml by @dhiyaneshdk
• http/exposures/tokens/newrelic/newrelic-api-service-key.yaml by @dhiyaneshdk
• http/exposures/tokens/newrelic/newrelic-license-key-non.yaml by @dhiyaneshdk
• http/exposures/tokens/newrelic/newrelic-license-key.yaml by @dhiyaneshdk
• http/exposures/tokens/odbc/odbc-connection-string.yaml by @dhiyaneshdk
• http/exposures/tokens/okta/okta-api-token.yaml by @dhiyaneshdk
• http/exposures/tokens/particle/particle-access-token.yaml by @dhiyaneshdk
• http/exposures/tokens/react/react-app-password.yaml by @dhiyaneshdk
• http/exposures/tokens/react/react-app-username.yaml by @dhiyaneshdk
• http/exposures/tokens/salesforce/salesforce-access-token.yaml by @dhiyaneshdk
• http/exposures/tokens/thingsboard/thingsboard-access-token.yaml by @dhiyaneshdk
• http/exposures/tokens/truenas/truenas-api-key.yaml by @dhiyaneshdk
• http/exposures/tokens/twitter/twitter-client-id.yaml by @dhiyaneshdk
• http/exposures/tokens/twitter/twitter-secret-key.yaml by @dhiyaneshdk
• http/exposures/tokens/wireguard/wireguard-preshared-key.yaml by @dhiyaneshdk
• http/exposures/tokens/wireguard/wireguard-private-key.yaml by @dhiyaneshdk
• http/miscellaneous/maxforwards-headers-detect.yaml by @righettod
• http/technologies/ibm/ibm-decision-runner.yaml by @dhiyaneshdk
• http/technologies/ibm/ibm-decision-server-runtime.yaml by @dhiyaneshdk
• http/technologies/ibm/ibm-odm-detect.yaml by @dhiyaneshdk
• http/technologies/pexip-detect.yaml by @righettod

New Contributors

• @Christbowel made their first contribution in #9181
• @bmcxxx made their first contribution in #9225
• @zyrnj made their first contribution in #9235
• @g33gs made their first contribution in #9211
• @NeckBeardPrince made their first contribution in #9255
• @JPG0mez made their first contribution in #9271
• @trolldbois made their first contribution in #9289
• @Michal-Mikolas made their first contribution in #9282

Full Changelog: v9.7.6...v9.7.7

v9.7.6

🔥 Release Highlights 🔥

• http/cves/2024/CVE-2024-21893.yaml by @dhiyaneshdk 🔥
• http/cves/2024/CVE-2024-22024.yaml by @watchtowr 🔥
• code/cves/2023/CVE-2023-6246.yaml by @gy741 🔥

What's Changed

New Templates Added: 49 | CVEs Added: 22 | First-time contributions: 12

• code/cves/2023/CVE-2023-6246.yaml by @gy741 🔥
• http/cves/2024/CVE-2024-1061.yaml by @xxcdd
• http/cves/2024/CVE-2024-21644.yaml by @West-wise
• http/cves/2024/CVE-2024-21645.yaml by @isacaya
• http/cves/2024/CVE-2024-21893.yaml by @dhiyaneshdk 🔥
• http/cves/2024/CVE-2024-22024.yaml by @watchtowr 🔥
• http/cves/2024/CVE-2024-25669.yaml by @r3naissance
• http/cves/2024/CVE-2024-25735.yaml by @johnk3r
• http/cves/2023/CVE-2023-28662.yaml by @xxcdd
• http/cves/2023/CVE-2023-40355.yaml by @amir-h-fallahi
• http/cves/2023/CVE-2023-47115.yaml by @isacaya
• http/cves/2023/CVE-2023-52085.yaml by @Sanineng
• http/cves/2023/CVE-2023-6360.yaml by @xxcdd
• http/cves/2023/CVE-2023-6831.yaml by @byObin
• http/cves/2023/CVE-2023-6909.yaml by @Hyunsoo-ds
• http/cves/2022/CVE-2022-38131.yaml by @xxcdd
• http/cves/2021/CVE-2021-24442.yaml by @ritikchaddha
• http/cves/2021/CVE-2021-24849.yaml by @ritikchaddha
• http/cves/2021/CVE-2021-24943.yaml by @ritikchaddha
• http/cves/2021/CVE-2021-40651.yaml by @ctflearner
• http/cves/2011/CVE-2011-4640.yaml by @ctflearner
• http/cves/2007/CVE-2007-3010.yaml by @king-alexander
• http/vulnerabilities/generic/xss-fuzz.yaml by @kazet
• http/vulnerabilities/lucee-rce.yaml by @rootxharsh,@iamnoooob,@pdresearch
• http/vulnerabilities/other/glodon-linkworks-sqli.yaml by @dhiyaneshdk
• http/vulnerabilities/wordpress/wp-user-enum.yaml by @Manas_Harsh,@daffainfo,@geeknik,@dr0pd34d
• http/misconfiguration/node-express-dev-env.yaml by @flx
• http/misconfiguration/sap/sap-public-admin.yaml by @t3l3machus
• http/default-logins/webmethod/webmethod-integration-default-login.yaml by @ChristianPoeschl,@OleWagner,@usdAG
• http/exposures/logs/teampass-ldap.yaml by @josecosta
• http/exposed-panels/apigee-panel.yaml by @righettod
• http/exposed-panels/dockge-panel.yaml by @rxerium
• http/exposed-panels/dokuwiki-panel.yaml by @righettod
• http/exposed-panels/easyjob-panel.yaml by @righettod
• http/exposed-panels/friendica-panel.yaml by @righettod
• http/exposed-panels/gotify-panel.yaml by @righettod
• http/exposed-panels/haivision-gateway-panel.yaml by @righettod
• http/exposed-panels/haivision-media-platform-panel.yaml by @righettod
• http/exposed-panels/ivanti-connect-secure-panel.yaml by @rxerium
• http/exposed-panels/juniper-panel.yaml by @bhutch
• http/exposed-panels/ms-exchange-web-service.yaml by @bhutch
• http/exposed-panels/pairdrop-panel.yaml by @rxerium
• http/exposed-panels/passbolt-panel.yaml by @righettod
• http/exposed-panels/proofpoint-protection-server-panel.yaml by @johnk3r
• http/exposed-panels/sentry-panel.yaml by @righettod
• http/exposed-panels/vistaweb-panel.yaml by @righettod
• http/miscellaneous/balada-injector-malware.yaml by @kazet
• http/technologies/google/chromecast-detect.yaml by @LucianNitescu
• http/technologies/identity-server-v3-detect.yaml by @righettod

New Contributors

• @t3l3machus made their first contribution in #9044
• @West-wise made their first contribution in #9042
• @xxcdd made their first contribution in #9058
• @hazaldrv made their first contribution in #9049
• @Hyunsoo-ds made their first contribution in #9074
• @Deadbeastrs made their first contribution in #9103
• @Sanineng made their first contribution in #9075
• @attritionorg made their first contribution in #9144
• @byObin made their first contribution in #9098
• @k11h-de made their first contribution in #9145
• @amir-h-fallahi made their first contribution in #9135
• @msegoviag made their first contribution in #9155

Full Changelog: v9.7.5...v9.7.6

v9.7.5 - Local Privilege Escalation

🔥 Release Highlights 🔥

In our latest release, we have added a significant number of trending CVEs and are excited to announce the addition of new local privilege escalation templates. These valuable contributions come from our community, with a notable contribution from @daffainfo, and are available at Local Privilege Escalation Templates. These templates utilize the newly introduced code protocol, enhancing their capability to detect vulnerabilities more effectively.

It's important to note that these templates are specifically designed for local execution to identify privilege escalation vulnerabilities. For security reasons, they are not executed as part of the default Nuclei scan. We ensure the security and authenticity of these templates by signing them officially. To run these templates, users need to provide the -code flag along with -itags local. These additions are particularly useful for penetration testing and red-teaming focusing on privilege escalation, and we plan to further expand their coverage in future updates. Following are the other highlights of this release:

• javascript/cves/2024/CVE-2024-23897.yaml by @iamnoooob,@rootxharsh,@pdresearch 🔥
• http/cves/2024/CVE-2024-0204.yaml by @dhiyaneshdk 🔥
• http/cves/2023/CVE-2023-47211.yaml by @gy741 🔥
• http/cves/2023/CVE-2023-22527.yaml by @Iamnooob,@rootxharsh,@pdresearch 🔥
• http/cves/2023/CVE-2023-6875.yaml by @iamnoooob,@rootxharsh,@pdresearch 🔥
• http/cves/2019/CVE-2019-16469.yaml by @DomenicoVeneziano 🔥

What's Changed

New Templates Added: 106 | CVEs Added: 14 | First-time contributions: 14

• javascript/cves/2024/CVE-2024-23897.yaml by @iamnoooob,@rootxharsh,@pdresearch 🔥
• http/cves/2024/CVE-2024-0204.yaml by @dhiyaneshdk 🔥
• http/cves/2023/CVE-2023-48023.yaml by @cookiehanhoan,@harryha
• http/cves/2023/CVE-2023-47643.yaml by @isacaya
• http/cves/2023/CVE-2023-47211.yaml by @gy741 🔥
• http/cves/2023/CVE-2023-44352.yaml by @pwnwithlove
• http/cves/2023/CVE-2023-27640.yaml by @mastercho
• http/cves/2023/CVE-2023-27639.yaml by @mastercho
• http/cves/2023/CVE-2023-22527.yaml by @Iamnooob,@rootxharsh,@pdresearch 🔥
• http/cves/2023/CVE-2023-6977.yaml by @gy741
• http/cves/2023/CVE-2023-6875.yaml by @iamnoooob,@rootxharsh,@pdresearch 🔥
• http/cves/2023/CVE-2023-6023.yaml by @M0ck3d,@cookiehanhoan
• http/cves/2019/CVE-2019-16469.yaml by @DomenicoVeneziano 🔥
• http/cves/2018/CVE-2018-10942.yaml by @mastercho
• http/vulnerabilities/apache/apache-nifi-rce.yaml by @arliya
• http/vulnerabilities/juniper/junos-xss.yaml by @dhiyaneshdk
• http/vulnerabilities/prestashop/prestashop-blocktestimonial-file-upload.yaml by @mastercho
• http/vulnerabilities/vbulletin/vbulletin-backdoor.yaml by @mastercho
• code/privilege-escalation/linux/binary/privesc-aa-exec.yaml by @daffainfo
• code/privilege-escalation/linux/binary/privesc-ash.yaml by @daffainfo
• code/privilege-escalation/linux/binary/privesc-awk.yaml by @daffainfo
• code/privilege-escalation/linux/binary/privesc-bash.yaml by @daffainfo
• code/privilege-escalation/linux/binary/privesc-cdist.yaml by @daffainfo
• code/privilege-escalation/linux/binary/privesc-choom.yaml by @daffainfo
• code/privilege-escalation/linux/binary/privesc-cpulimit.yaml by @daffainfo
• code/privilege-escalation/linux/binary/privesc-csh.yaml by @daffainfo
• code/privilege-escalation/linux/binary/privesc-csvtool.yaml by @daffainfo
• code/privilege-escalation/linux/binary/privesc-dash.yaml by @daffainfo
• code/privilege-escalation/linux/binary/privesc-dc.yaml by @daffainfo
• code/privilege-escalation/linux/binary/privesc-distcc.yaml by @daffainfo
• code/privilege-escalation/linux/binary/privesc-elvish.yaml by @daffainfo
• code/privilege-escalation/linux/binary/privesc-enscript.yaml by @daffainfo
• code/privilege-escalation/linux/binary/privesc-env.yaml by @daffainfo
• code/privilege-escalation/linux/binary/privesc-expect.yaml by @daffainfo
• code/privilege-escalation/linux/binary/privesc-find.yaml by @daffainfo
• code/privilege-escalation/linux/binary/privesc-fish.yaml by @daffainfo
• code/privilege-escalation/linux/binary/privesc-flock.yaml by @daffainfo
• code/privilege-escalation/linux/binary/privesc-gawk.yaml by @daffainfo
• code/privilege-escalation/linux/binary/privesc-grc.yaml by @daffainfo
• code/privilege-escalation/linux/binary/privesc-ionice.yaml by @daffainfo
• code/privilege-escalation/linux/binary/privesc-julia.yaml by @daffainfo
• code/privilege-escalation/linux/binary/privesc-lftp.yaml by @daffainfo
• code/privilege-escalation/linux/binary/privesc-ltrace.yaml by @daffainfo
• code/privilege-escalation/linux/binary/privesc-lua.yaml by @daffainfo
• code/privilege-escalation/linux/binary/privesc-mawk.yaml by @daffainfo
• code/privilege-escalation/linux/binary/privesc-multitime.yaml by @daffainfo
• code/privilege-escalation/linux/binary/privesc-mysql.yaml by @daffainfo
• code/privilege-escalation/linux/binary/privesc-nawk.yaml by @daffainfo
• code/privilege-escalation/linux/binary/privesc-nice.yaml by @daffainfo
• code/privilege-escalation/linux/binary/privesc-node.yaml by @daffainfo
• code/privilege-escalation/linux/binary/privesc-nsenter.yaml by @daffainfo
• code/privilege-escalation/linux/binary/privesc-perl.yaml by @daffainfo
• code/privilege-escalation/linux/binary/privesc-pexec.yaml by @daffainfo
• code/privilege-escalation/linux/binary/privesc-php.yaml by @daffainfo
• code/privilege-escalation/linux/binary/privesc-posh.yaml by @daffainfo
• code/privilege-escalation/linux/binary/privesc-python.yaml by @daffainfo
• code/privilege-escalation/linux/binary/privesc-rake.yaml by @daffainfo
• code/privilege-escalation/linux/binary/privesc-rc.yaml by @daffainfo
• code/privilege-escalation/linux/binary/privesc-rlwrap.yaml by @daffainfo
• code/privilege-escalation/linux/binary/privesc-rpm.yaml by @daffainfo
• code/privilege-escalation/linux/binary/privesc-rpmdb.yaml by @daffainfo
• code/privilege-escalation/linux/binary/privesc-rpmverify.yaml by @daffainfo
• code/privilege-escalation/linux/binary/privesc-ruby.yaml by @daffainfo
• code/privilege-escalation/linux/binary/privesc-run-parts.yaml by @daffainfo
• code/privilege-escalation/linux/binary/privesc-sash.yaml by @daffainfo
• code/privilege-escalation/linux/binary/privesc-slsh.yaml by @daffainfo
• code/privilege-escalation/linux/binary/privesc-socat.yaml by @daffainfo
• code/privilege-escalation/linux/binary/privesc-softlimit.yaml by @daffainfo
• code/privilege-escalation/linux/binary/privesc-sqlite3.yaml by @daffainfo
• code/privilege-escalation/linux/binary/privesc-ssh-agent.yaml by @daffainfo
• code/privilege-escalation/linux/binary/privesc-sshpass.yaml by @daffainfo
• code/privilege-escalation/linux/binary/privesc-stdbuf.yaml by @daffainfo
• code/privilege-escalation/linux/binary/privesc-strace.yaml by @daffainfo
• code/privilege-escalation/linux/binary/privesc-tar.yaml by @daffainfo
• code/privilege-escalation/linux/binary/privesc-tcsh.yaml by @daffainfo
• code/privilege-escalation/linux/binary/privesc-time.yaml by @daffainfo
• code/privilege-escalation/linux/binary/privesc-timeout.yaml by @daffainfo
• code/privilege-escalation/linux/binary/privesc-tmate.yaml by @daffainfo
• code/privilege-escalation/linux/binary/privesc-torify.yaml by @daffainfo
• code/privilege-escalation/linux/binary/privesc-torsocks.yaml by @daffainfo
• code/privilege-escalation/linux/binary/privesc-unshare.yaml by @daffainfo
• code/privilege-escalation/linux/binary/privesc-vi.yaml by @daffainfo
• code/privilege-escalation/linux/binary/privesc-view.yaml by @daffainfo
• code/privilege-escalation/linux/binary/privesc-vim.yaml by @daffainfo
• code/privilege-escalation/linux/binary/privesc-xargs.yaml by @daffainfo
• code/privilege-escalation/linux/binary/privesc-xdg-user-dir.yaml by @daffainfo
• code/privilege-escalation/linux/binary/privesc-yash.yaml by @daffainfo
• code/privilege-escalation/linux/binary/privesc-zsh.yaml by @daffainfo
• code/privilege-escalation/linux/rw-shadow.yaml by @daffainfo
• code/privilege-escalation/linux/rw-sudoers.yaml by @daffainfo
• code/privilege-escalation/linux/sudo-nopasswd.yaml by @daffainfo
• code/privilege-escalation/linux/writable-etc-passwd.yaml by @daffainfo
• http/default-logins/node-red/nodered-default-login.yaml by @savik
• http/default-logins/powershell/powershell-default-login.yaml by @ap3r
• http/exposed-panels/autoset-detect.yaml by @mastercho
• http/exposed-panels/compalex-panel-detect.yaml by @mastercho
• http/exposed-panels/doris-panel.yaml by @ritikchaddha
• http/exposed-panels/lomnido-panel.yaml by @righettod
• http/exposures/configs/vbulletin-path-disclosure.yaml by @mastercho
• http/exposures/logs/go-pprof-debug.yaml by @w8ay
• http/miscellaneous/defacement-detect.yaml by @ricardomaia
• http/misconfiguration/doris-dashboard.yaml by @ritikchaddha
• http/misconfiguration/springboot/springboot-integrationgraph.yaml by @ELSFA7110
• http/misconfiguration/springboot/springboot-startup.yaml by @ELSFA7110
• http/technologies/tibco-businessconnect-detect.yaml by @righettod
• dns/dns-rebinding.yaml by @ricardomaia

New Contributors

• @PhillipoTF2 made their first contribution in #8965
• @sea-god made their first contribution in #7042
• @jmoraissec made their first contribution in #8966
• @hieuha made their first contribution in #8978
• @shivamsaraswat made their first contribution in #8919
• @dkasak made their first contribution in #8974
• @boy-hack made their first...

v9.7.4

🔥 Release Highlights 🔥

• http/cves/2020/CVE-2020-27838.yaml by @mchklt 🔥
• http/cves/2022/CVE-2022-47501.yaml by @your3cho 🔥
• http/cves/2023/CVE-2023-46805.yaml by @dhiyaneshdk 🔥
• http/cves/2023/CVE-2023-50290.yaml by @banana69,@dhiyaneshdk 🔥
• http/cves/2023/CVE-2023-6634.yaml by @iamnoooob,@rootxharsh,@pdresearch 🔥
• http/cves/2024/CVE-2024-21887.yaml by @pdresearch,@parthmalhotra,@iamnoooob 🔥

Full Changelog: v9.7.3...v9.7.4

v9.7.3

🔥 Release Highlights 🔥

• code/cves/2019/CVE-2019-14287.yaml by @daffainfo 🔥
• code/cves/2021/CVE-2021-3156.yaml by @pussycat0x 🔥
• http/cves/2023/CVE-2023-44353.yaml by @Salts 🔥
• http/cves/2023/CVE-2023-50917.yaml by @dhiyaneshdk 🔥
• http/cves/2023/CVE-2023-50968.yaml by @your3cho 🔥
• http/cves/2023/CVE-2023-51467.yaml by @your3cho 🔥
• http/cves/2023/CVE-2023-6063.yaml by @dhiyaneshdk 🔥
• http/cves/2023/CVE-2023-7028.yaml by @dhiyaneshdk,@rootxharsh,@Iamnooob,@pdresearch 🔥

What's Changed

New Templates Added: 45 | CVEs Added: 16 | First-time contributions: 6

• code/cves/2019/CVE-2019-14287.yaml by @daffainfo 🔥
• code/cves/2021/CVE-2021-3156.yaml by @pussycat0x 🔥
• http/cves/2015/CVE-2015-2794.yaml by @1337kro
• http/cves/2020/CVE-2020-12124.yaml by @dhiyaneshdk
• http/cves/2023/CVE-2023-41109.yaml by @princechaddha
• http/cves/2023/CVE-2023-42343.yaml by @dhiyaneshdk
• http/cves/2023/CVE-2023-44353.yaml by @Salts 🔥
• http/cves/2023/CVE-2023-46574.yaml by @dhiyaneshdk
• http/cves/2023/CVE-2023-50917.yaml by @dhiyaneshdk 🔥
• http/cves/2023/CVE-2023-50968.yaml by @your3cho 🔥
• http/cves/2023/CVE-2023-51467.yaml by @your3cho 🔥
• http/cves/2023/CVE-2023-6063.yaml by @dhiyaneshdk 🔥
• http/cves/2023/CVE-2023-6379.yaml by @msegoviag
• http/cves/2023/CVE-2023-6623.yaml by @iamnoooob,@rootxharsh,@pdresearch,@coldfish
• http/cves/2023/CVE-2023-7028.yaml by @dhiyaneshdk,@rootxharsh,@Iamnooob,@pdresearch 🔥
• http/cves/2024/CVE-2024-0352.yaml by @cookiehanhoan,@babybash,@samuelsamuelsamuel
• http/vulnerabilities/dahua/dahua-icc-backdoor-user.yaml by @dhiyaneshdk
• http/vulnerabilities/dlink/dlink-netgear-xss.yaml by @gtrrnr,@vulnspace
• http/vulnerabilities/ruijie/ruijie-nmc-sync-rce.yaml by @dhiyaneshdk
• http/vulnerabilities/ruijie/ruijie-rg-eg-web-mis-rce.yaml by @dhiyaneshdk
• http/vulnerabilities/wanhu/wanhuoa-downloadservlet-lfi.yaml by @wpsec
• http/vulnerabilities/yonyou/yonyou-ksoa-dept-sqli.yaml by @dhiyaneshdk
• javascript/network/smb/smb-anonymous-access.yaml by @pussycat0x
• javascript/network/smb/smb-shares.yaml by @pussycat0x
• javascript/network/smb/smb-signing-not-required.yaml by @pussycat0x
• javascript/network/smb/smb2-capabilities.yaml by @pussycat0x
• http/misconfiguration/apache/apache-server-status.yaml by @Thabisocn
• http/misconfiguration/cookies-without-httponly-secure.yaml by @princechaddha,@Mr.Bobo HP
• http/misconfiguration/php/php-composer-binary.yaml by @mayank_pandey01
• network/misconfig/erlang-daemon.yaml by @pussycat0x
• http/default-logins/camunda/camunda-default-login.yaml by @bhutch
• http/exposed-panels/goodjob-dashboard.yaml by @hahwul
• http/exposed-panels/onlyoffice-login-panel.yaml by @eremit4
• http/exposures/docker-daemon-exposed.yaml by @arm!tage
• http/osint/piratebay.yaml by @philippedelteil
• cloud/enum/aws-app-enum.yaml by @initstring
• cloud/enum/aws-s3-bucket-enum.yaml by @initstring
• cloud/enum/azure-db-enum.yaml by @initstring
• cloud/enum/azure-vm-cloud-enum.yaml by @initstring
• cloud/enum/azure-website-enum.yaml by @initstring
• cloud/enum/gcp-app-engine-enum.yaml by @initstring
• cloud/enum/gcp-bucket-enum.yaml by @initstring
• cloud/enum/gcp-firebase-app-enum.yaml by @initstring
• cloud/enum/gcp-firebase-rtdb-enum.yaml by @initstring
• http/technologies/cisco-asa-detect.yaml by @sdcampbell

New Contributors

• @Blackbird594 made their first contribution in #8858
• @malacupa made their first contribution in #8812
• @fail-open made their first contribution in #8896
• @mailler0xa made their first contribution in #8925
• @juicewrldxxx made their first contribution in #8924
• @wpsec made their first contribution in #8931

Full Changelog: v9.7.2...v9.7.3

v9.7.2

🔥 Release Highlights 🔥

• javascript/cves/2023/CVE-2023-46604.yaml by @Ice3man,@Mzack9999,@pdresearch 🔥
• code/cves/2023/CVE-2023-49105.yaml by @ChristianPoeschl,@FlorianDewald,@usdAG 🔥
• http/cves/2021/CVE-2021-29200.yaml by @your3cho 🔥
• http/cves/2023/CVE-2023-26035.yaml by @Unblvr1,@whotwagner 🔥
• http/cves/2023/CVE-2023-3368.yaml by @dwisiswant0 🔥
• http/cves/2023/CVE-2023-41265.yaml by @adamcrosser 🔥
• http/cves/2023/CVE-2023-43177.yaml by @iamnoooob,@rootxharsh,@pdresearch 🔥
• http/cves/2023/CVE-2023-49070.yaml by @your3cho 🔥
• http/cves/2023/CVE-2023-6553.yaml by @flx 🔥

What's Changed

New Templates Added: 61 | CVEs Added: 25 | First-time contributions: 8

• javascript/cves/2023/CVE-2023-46604.yaml by @Ice3man,@Mzack9999,@pdresearch 🔥
• code/cves/2023/CVE-2023-49105.yaml by @ChristianPoeschl,@FlorianDewald,@usdAG 🔥
• headless/cves/2018/CVE-2018-25031.yaml by @dhiyaneshdk
• http/cves/2018/CVE-2018-8823.yaml by @mastercho
• http/cves/2021/CVE-2021-29200.yaml by @your3cho 🔥
• http/cves/2021/CVE-2021-44910.yaml by @lbb
• http/cves/2022/CVE-2022-0087.yaml by @ShivanshKhari
• http/cves/2023/CVE-2023-22232.yaml by @1337kro
• http/cves/2023/CVE-2023-26035.yaml by @Unblvr1,@whotwagner 🔥
• http/cves/2023/CVE-2023-30534.yaml by @k0pak4
• http/cves/2023/CVE-2023-3368.yaml by @dwisiswant0 🔥
• http/cves/2023/CVE-2023-36144.yaml by @gy741
• http/cves/2023/CVE-2023-39002.yaml by @herry
• http/cves/2023/CVE-2023-41265.yaml by @adamcrosser 🔥
• http/cves/2023/CVE-2023-41266.yaml by @adamcrosser 🔥
• http/cves/2023/CVE-2023-43177.yaml by @iamnoooob,@rootxharsh,@pdresearch 🔥
• http/cves/2023/CVE-2023-46359.yaml by @mlec
• http/cves/2023/CVE-2023-49070.yaml by @your3cho 🔥
• http/cves/2023/CVE-2023-5556.yaml by @shankaracharya
• http/cves/2023/CVE-2023-6018.yaml by @byt3bl33d3r
• http/cves/2023/CVE-2023-6020.yaml by @byt3bl33d3r
• http/cves/2023/CVE-2023-6021.yaml by @byt3bl33d3r
• http/cves/2023/CVE-2023-6038.yaml by @DanMcInerney,@byt3bl33d3r
• http/cves/2023/CVE-2023-6380.yaml by @miguelsegoviagil
• http/cves/2023/CVE-2023-6553.yaml by @flx 🔥
• http/default-logins/dataease/dataease-default-login.yaml by @dhiyaneshdk
• http/default-logins/splunk/splunk-default-login.yaml by @pussycat0x
• http/exposed-panels/dataease-panel.yaml by @dhiyaneshdk
• http/exposed-panels/reportico-admin-panel.yaml by @geeknik
• http/exposed-panels/tailon-panel.yaml by @ritikchaddha
• http/exposed-panels/vue-pacs-panel.yaml by @righettod
• http/exposed-panels/woodwing-panel.yaml by @pdteam
• http/exposures/configs/dompdf-config.yaml by @kazet
• http/misconfiguration/aws/cdn-cache-poisoning.yaml by @0xcharan
• http/misconfiguration/h2o/h2o-arbitary-file-read.yaml by @DanMcInerney,@byt3bl33d3r
• http/misconfiguration/h2o/h2o-dashboard.yaml by @byt3bl33d3r
• http/misconfiguration/installer/businesso-installer.yaml by @ritikchaddha
• http/misconfiguration/installer/chamilo-installer.yaml by @dhiyaneshdk
• http/misconfiguration/installer/espocrm-installer.yaml by @dhiyaneshdk
• http/misconfiguration/installer/knowledgetree-installer.yaml by @ritikchaddha
• http/misconfiguration/installer/phpgedview-installer.yaml by @ritikchaddha
• http/misconfiguration/installer/wowcms-installer.yaml by @ritikchaddha
• http/misconfiguration/mixed-active-content.yaml by @Liwermor
• http/misconfiguration/mixed-passive-content.yaml by @Liwermor
• http/misconfiguration/secnet-info-leak.yaml by @dhiyaneshdk
• http/misconfiguration/woodwing-git.yaml by @pdteam
• http/misconfiguration/woodwing-phpinfo.yaml by @pdteam
• http/technologies/bamboo-detect.yaml by @bhutch
• http/technologies/element-web-detect.yaml by @davidegirardi
• http/technologies/iparapheur-detect.yaml by @righettod
• http/technologies/matrix-homeserver-detect.yaml by @davidegirardi
• http/vulnerabilities/dahua/dahua-wpms-lfi.yaml by @dhiyaneshdk
• http/vulnerabilities/dahua/dahua-wpms-rce.yaml by @dhiyaneshdk
• http/vulnerabilities/ecstatic/node-ecstatic-internal-path.yaml by @dhiyaneshdk
• http/vulnerabilities/ecstatic/node-ecstatic-listing.yaml by @dhiyaneshdk
• http/vulnerabilities/huawei/huawei-authhttp-lfi.yaml by @dhiyaneshdk
• http/vulnerabilities/jinhe/jinhe-jc6-sqli.yaml by @Ky9oss
• http/vulnerabilities/other/sslvpn-client-rce.yaml by @dhiyaneshdk
• http/vulnerabilities/other/yibao-sqli.yaml by @dhiyaneshdk
• http/vulnerabilities/other/yunanbao-rce.yaml by @dhiyaneshdk
• http/vulnerabilities/vbulletin/vbulletin-ajaxreg-sqli.yaml by @mastercho

New Contributors

• @davidegirardi made their first contribution in #8721
• @jfbes made their first contribution in #8726
• @invisiblethreat made their first contribution in #8719
• @your3ch0 made their first contribution in #8774
• @knavesec made their first contribution in #8784
• @RegularITCat made their first contribution in #8806
• @chrisusdag made their first contribution in #8835
• @Liwermor made their first contribution in #8838

Full Changelog: v9.7.1...v9.7.2

v9.7.1

What's Changed

• Removed logging statement from ssh template by @ehsandeep in #8736
• Updated CVE-2023-49103 to include htaccess rule bypass by @ehsandeep in #8737

Full Changelog: v9.7.0...v9.7.1

v9.7.0

🔥 Release Highlights 🔥

• code/cves/2023/CVE-2023-2640.yaml by @princechaddha 🔥
• http/cves/2023/CVE-2023-49103.yaml by @ritikchaddha 🔥
• http/cves/2023/CVE-2023-47246.yaml by @iamnoooob,@rootxharsh,@pdresearch 🔥
• http/cves/2021/CVE-2021-45382.yaml by @king-alexander 🔥
• http/cves/2021/CVE-2021-35395.yaml by @king-alexander 🔥
• http/cves/2021/CVE-2021-33690.yaml by DhiyaneshDK 🔥
• http/cves/2021/CVE-2021-26294.yaml by @johnk3r 🔥

What's Changed

New Templates Added: 51 | CVEs Added: 18 | First-time contributions: 7

• code/cves/2023/CVE-2023-2640.yaml by @princechaddha 🔥
• http/cves/2023/CVE-2023-49103.yaml by @ritikchaddha 🔥
• http/cves/2023/CVE-2023-47246.yaml by @iamnoooob,@rootxharsh,@pdresearch 🔥
• http/cves/2023/CVE-2023-45542.yaml by @r3Y3r53
• http/cves/2023/CVE-2023-43326.yaml by @r3Y3r53
• http/cves/2023/CVE-2023-43325.yaml by @r3Y3r53
• http/cves/2023/CVE-2023-39796.yaml by @youngpope
• http/cves/2023/CVE-2023-30258.yaml by @gy741
• http/cves/2023/CVE-2023-26347.yaml by @Salts
• http/cves/2023/CVE-2023-5375.yaml by @shankaracharya
• http/cves/2022/CVE-2022-1170.yaml by @akincibor,@ritikchaddha
• http/cves/2021/CVE-2021-45382.yaml by @king-alexander 🔥
• http/cves/2021/CVE-2021-35395.yaml by @king-alexander 🔥
• http/cves/2021/CVE-2021-33690.yaml by DhiyaneshDK 🔥
• http/cves/2021/CVE-2021-26294.yaml by @johnk3r 🔥
• http/cves/2021/CVE-2021-26292.yaml by @johnk3r
• http/cves/2017/CVE-2017-7855.yaml by @r3Y3r53
• javascript/cves/2016/CVE-2016-8706.yaml by @pussycat0x
• http/vulnerabilities/other/xxljob-executor-unauth.yaml by @k3rwin
• http/default-logins/structurizr/structurizr-default-login.yaml by DhiyaneshDK
• http/exposed-panels/adhoc-transfer-panel.yaml by @johnk3r
• http/exposures/configs/jsconfig-json.yaml by DhiyaneshDk
• http/exposures/configs/phinx-config.yaml by DhiyaneshDk
• http/exposures/configs/vite-config.yaml by DhiyaneshDk
• http/exposures/files/apdisk-disclosure.yaml by DhiyaneshDk
• http/exposures/files/auth-json.yaml by DhiyaneshDk
• http/exposures/files/azuredeploy-json.yaml by DhiyaneshDk
• http/exposures/files/php-cs-cache.yaml by DhiyaneshDk
• http/exposed-panels/afterlogic-webmail-login.yaml by @johnk3r
• http/exposed-panels/structurizr-panel.yaml by DhiyaneshDk
• http/misconfiguration/installer/mosparo-install.yaml by DhiyaneshDK
• http/misconfiguration/ms-exchange-user-enum.yaml by @righettod
• http/misconfiguration/node-express-status.yaml by DhiyaneshDk
• http/misconfiguration/tomcat-stacktraces.yaml by @Lucky0x0D
• http/takeovers/clever-takeover.yaml by @supr4s
• javascript/enumeration/obsolete-ssh-version.yaml by @pussycat0x
• javascript/enumeration/ssh-cbc-mode-ciphers.yaml by @pussycat0x
• javascript/enumeration/ssh-diffie-hellman-logjam.yaml by @pussycat0x
• javascript/enumeration/ssh-sha1-hmac-algo.yaml by @pussycat0x
• javascript/enumeration/ssh-weak-algo-supported.yaml by @pussycat0x
• javascript/enumeration/ssh-weak-mac-algo.yaml by @pussycat0x
• javascript/enumeration/ssh-weak-public-key.yaml by @pussycat0x
• javascript/enumeration/ssh-weakkey-exchange-algo.yaml by @pussycat0x
• network/detection/aws-sftp-detect.yaml by @johnk3r
• network/detection/moveit-sftp-detect.yaml by @johnk3r
• file/keys/kubernetes/kubernetes-dockercfg-secret.yaml by @dwisiswant0
• file/keys/kubernetes/kubernetes-dockerconfigjson-secret.yaml by @dwisiswant0
• http/technologies/4D-detect.yaml by @righettod
• http/technologies/aws/aws-detect.yaml by @6mile
• http/technologies/silverback-detect.yaml by @nodauf
• http/technologies/wordpress/plugins/templately.yaml by @ricardomaia

New Contributors

• @fullstackpotato made their first contribution in #8599
• @wahyuhadi made their first contribution in #8597
• @l0pens made their first contribution in #8618
• @rtvkiz made their first contribution in #8645
• @joelczk made their first contribution in #8644
• @Mr-B0hl00l made their first contribution in #8648
• @Jaclyn6 made their first contribution in #8675

Full Changelog: v9.6.9...v9.7.0

v9.6.9

🔥 Release Highlights 🔥

• network/cves/2023/CVE-2023-46604.yaml by @Ice3man,@Mzack9999,@pdresearch 🔥
• javascript/cves/2023/CVE-2023-34039.yaml by @tarunKoyalwar 🔥
• code/cves/2023/CVE-2023-4911.yaml by @nybble04 🔥
• http/cves/2023/CVE-2023-43795.yaml by @dhiyaneshdk 🔥
• http/cves/2022/CVE-2022-35653.yaml by @iamnoooob,@pdresearch 🔥
• http/cves/2023/CVE-2023-22518.yaml by @iamnoooob,@rootxharsh,@pdresearch 🔥
• http/cves/2023/CVE-2023-20198.yaml by @iamnoooob,@rootxharsh,@pdresearch 🔥
• http/cves/2020/CVE-2020-24701.yaml by @dhiyaneshdk 🔥
• http/cves/2023/CVE-2023-1719.yaml by @dhiyaneshdk 🔥

What's Changed

New Templates Added: 73 | CVEs Added: 13 | First-time contributions: 7

• network/cves/2023/CVE-2023-46604.yaml by @Ice3man,@Mzack9999,@pdresearch 🔥
• javascript/cves/2023/CVE-2023-34039.yaml by @tarunKoyalwar 🔥
• code/cves/2023/CVE-2023-4911.yaml by @nybble04 🔥
• http/cves/2023/CVE-2023-43795.yaml by @dhiyaneshdk 🔥
• http/cves/2023/CVE-2023-40068.yaml by @E1A
• http/cves/2022/CVE-2022-35653.yaml by @iamnoooob,@pdresearch 🔥
• http/cves/2023/CVE-2023-34020.yaml by @LeDoubleTake
• http/cves/2023/CVE-2023-33629.yaml by @dhiyaneshdk
• http/cves/2023/CVE-2023-22518.yaml by @iamnoooob,@rootxharsh,@pdresearch 🔥
• http/cves/2023/CVE-2023-20198.yaml by @iamnoooob,@rootxharsh,@pdresearch 🔥
• http/cves/2020/CVE-2020-24701.yaml by @dhiyaneshdk 🔥
• http/cves/2023/CVE-2023-1719.yaml by @dhiyaneshdk 🔥
• http/cves/2023/CVE-2023-4169.yaml by @dhiyaneshdk
• http/cves/2023/CVE-2023-4415.yaml by @dhiyaneshdk
• http/default-logins/dell/dell-dpi-default-login.yaml by @MegaManSec
• http/default-logins/goip-default-login.yaml by @drfabiocastro
• http/exposed-panels/appsuite-panel.yaml by @dhiyaneshdk
• http/exposed-panels/cisco/cisco-ios-xe-panel.yaml by @bhutch
• http/exposed-panels/fusionauth-admin-panel.yaml by @ritikchaddha
• http/exposed-panels/homer-panel.yaml by @rxerium
• http/exposed-panels/kiteworks-pcn-panel.yaml by @righettod
• http/exposed-panels/librephotos-panel.yaml by @ritikchaddha
• http/exposed-panels/librespeed-panel.yaml by @ritikchaddha
• http/exposed-panels/office-webapps-panel.yaml by @dhiyaneshdk
• http/exposed-panels/overseerr-panel.yaml by @rxerium
• http/exposed-panels/plausible-panel.yaml by @rxerium
• http/exposed-panels/rdweb-panel.yaml by @rxerium,@sorrowx3
• http/exposed-panels/servicenow-panel.yaml by @righettod
• http/exposed-panels/truenas-scale-panel.yaml by @rxerium
• http/exposed-panels/unauth/tautulli-unauth.yaml by @ritikchaddha
• http/honeypot/citrix-honeypot-detect.yaml by @UnaPibaGeek
• http/honeypot/dionaea-http-honeypot-detect.yaml by @UnaPibaGeek
• http/honeypot/elasticpot-honeypot-detect.yaml by @UnaPibaGeek
• http/honeypot/snare-honeypot-detect.yaml by @UnaPibaGeek
• http/misconfiguration/fusionauth-admin-setup.yaml by @ritikchaddha
• http/misconfiguration/installer/cube-105-install.yaml by @ritikchaddha
• http/misconfiguration/installer/imprivata-installer.yaml by @ritikchaddha
• http/misconfiguration/installer/orangescrum-install.yaml by @ritikchaddha
• http/misconfiguration/installer/ruckus-smartzone-install.yaml by @ritikchaddha
• http/misconfiguration/installer/ruckus-unleashed-install.yaml by @ritikchaddha
• http/misconfiguration/installer/sugarcrm-install.yaml by @ritikchaddha
• http/misconfiguration/installer/tautulli-install.yaml by @ritikchaddha
• http/misconfiguration/installer/webcalendar-install.yaml by @ritikchaddha
• http/misconfiguration/installer/webtrees-install.yaml by @ritikchaddha
• http/misconfiguration/less-history.yaml by @kazet
• http/misconfiguration/mysql-history.yaml by @kazet
• http/misconfiguration/searchreplacedb2-exposure.yaml by @kazet
• http/misconfiguration/untangle-admin-setup.yaml by @ritikchaddha
• http/technologies/dell/dell-dpi-panel.yaml by @MegaManSec
• http/technologies/wordpress/plugins/hostinger.yaml by @ricardomaia
• http/technologies/wordpress/plugins/metform.yaml by @ricardomaia
• http/vulnerabilities/hikvision/hikvision-js-files-upload.yaml by @Xc1Ym
• http/vulnerabilities/microsoft/office-webapps-ssrf.yaml by @dhiyaneshdk
• http/vulnerabilities/other/podcast-generator-ssrf.yaml by @ritikchaddha,@MrHarshvardhan
• javascript/default-logins/mssql-default-logins.yaml by @Ice3man543,@tarunKoyalwar
• javascript/default-logins/postgres-default-logins.yaml by @Ice3man
• javascript/default-logins/redis-default-logins.yaml by @tarunKoyalwar
• javascript/default-logins/ssh-default-logins.yaml by @tarunKoyalwar
• javascript/detection/mssql-detect.yaml by @Ice3man543,@tarunKoyalwar
• javascript/detection/ssh-auth-methods.yaml by @Ice3man543
• javascript/enumeration/ssh-password-auth.yaml by @princechaddha
• javascript/enumeration/ssh-server-enumeration.yaml by @Ice3man543,@tarunKoyalwar
• network/honeypot/adbhoney-honeypot-cnxn-detect.yaml by @UnaPibaGeek
• network/honeypot/adbhoney-honeypot-shell-detect.yaml by @UnaPibaGeek
• network/honeypot/conpot-siemens-honeypot-detect.yaml by @UnaPibaGeek
• network/honeypot/cowrie-ssh-honeypot-detect.yaml by @UnaPibaGeek
• network/honeypot/dionaea-ftp-honeypot-detect.yaml by @UnaPibaGeek
• network/honeypot/dionaea-mqtt-honeypot-detect.yaml by @UnaPibaGeek
• network/honeypot/dionaea-mysql-honeypot-detect.yaml by @UnaPibaGeek
• network/honeypot/dionaea-smb-honeypot-detect.yaml by @UnaPibaGeek
• network/honeypot/gaspot-honeypot-detect.yaml by @UnaPibaGeek
• network/honeypot/mailoney-honeypot-detect.yaml by @UnaPibaGeek
• network/honeypot/redis-honeypot-detect.yaml by @UnaPibaGeek

New Contributors

• @k0z4c made their first contribution in #8468
• @byt3bl33d3r made their first contribution in #8457
• @0xorOne made their first contribution in #8500
• @jzr made their first contribution in #8546
• @Xc1Ym made their first contribution in #8548
• @adilsoybali made their first contribution in #8540
• @rumble773 made their first contribution in #8572

Full Changelog: v9.6.8...v9.6.9