Auto Updated

data.json

@@ -188,5 +188,6 @@
     "2024-09-10": 41800,
     "2024-09-11": 41825,
     "2024-09-12": 41851,
-    "2024-09-13": 41783
+    "2024-09-13": 41783,
+    "2024-09-14": 42206
 }

links.csv

@@ -462,3 +462,4 @@ https://github.com/MuhammadWaseem29/Nuclei-templates-w
 https://github.com/Kennyslaboratory/Nuclei-Templates
 https://github.com/MuhammadWaseem29/Nuclei-templates-waseem
 https://github.com/machevalia/Custom-Nuclei-Templates
+https://github.com/dat-ayush/custom-nuclei-templates

nuclei-templates/CVE-2001/CVE-2001-0537.yaml

@@ -6,25 +6,30 @@ info:
   severity: critical
   description: |
     HTTP server for Cisco IOS 11.3 to 12.2 allows attackers to bypass authentication and execute arbitrary commands, when local authorization is being used, by specifying a high access level in the URL.
+  impact: |
+    Successful exploitation of this vulnerability could lead to unauthorized access to the affected device.
+  remediation: |
+    Apply the appropriate patch or upgrade to a fixed version of the Cisco IOS software.
   reference:
     - https://www.rapid7.com/db/modules/auxiliary/scanner/http/cisco_ios_auth_bypass/
     - https://nvd.nist.gov/vuln/detail/CVE-2001-0537
     - http://www.ciac.org/ciac/bulletins/l-106.shtml
     - https://exchange.xforce.ibmcloud.com/vulnerabilities/6749
+    - https://github.com/ARPSyndicate/cvemon
   classification:
     cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C
     cvss-score: 9.3
     cve-id: CVE-2001-0537
     cwe-id: CWE-287
-    epss-score: 0.88063
+    epss-score: 0.87683
+    epss-percentile: 0.98569
     cpe: cpe:2.3:o:cisco:ios:11.3:*:*:*:*:*:*:*
-    epss-percentile: 0.9824
   metadata:
-    max-request: 1
     verified: true
-    shodan-query: product:"Cisco IOS http config" && 200
+    max-request: 1
     vendor: cisco
     product: ios
+    shodan-query: product:"Cisco IOS http config" && 200
   tags: cve,cve2001,cisco,ios,auth-bypass
 
 http:
@@ -45,3 +50,4 @@ http:
       - type: status
         status:
           - 200
+# digest: 4a0a0047304502201530427f983f1ac47d92a3e00fb141fab33efd4f9ac109b29beca3488669ca5b022100e7ab1cc3fec5da235092a57848d0f83403d81bff12d5ed347ee7d6442b19444c:922c64590222798bb761d5b6d8e72950

nuclei-templates/CVE-2003/CVE-2003-1598.yaml

@@ -1,18 +1,14 @@
 id: CVE-2003-1598
 
 info:
-  name: "WordPress Core < 0.72 - SQL Injection"
+  name: >
+    WordPress Core < 0.72 - SQL Injection
   author: topscoder
   severity: high
-  description: "SQL injection vulnerability in log.header.php in WordPress 0.7 and earlier allows remote attackers to execute arbitrary SQL commands via the posts variable."
+  description: >
+    SQL injection vulnerability in log.header.php in WordPress 0.7 and earlier allows remote attackers to execute arbitrary SQL commands via the posts variable.
   reference:
-    - http://www.kernelpanik.org/docs/kernelpanik/wordpressadv.txt
-    - http://seclists.org/oss-sec/2012/q1/77
-    - http://secunia.com/advisories/8954/
-    - http://osvdb.org/show/osvdb/4610
-    - http://www.securityfocus.com/bid/7784
-    - https://exchange.xforce.ibmcloud.com/vulnerabilities/12204
-    - https://wordpress.org/news/2003/10/072-final-version-available/
+    - https://www.wordfence.com/threat-intel/vulnerabilities/id/0534bc03-5d7d-47fe-9c07-c9a61af38df2?source=api-prod
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 8.8
@@ -36,9 +32,9 @@ http:
     matchers:
       - type: dsl
         dsl:
-          - compare_versions(version_by_generator, '< 0.72')
-          - compare_versions(version_by_js, '< 0.72')
-          - compare_versions(version_by_css, '< 0.72')
+          - compare_versions(version_by_generator, '<= 0.72')
+          - compare_versions(version_by_js, '<= 0.72')
+          - compare_versions(version_by_css, '<= 0.72')
 
       - type: status
         status:

nuclei-templates/CVE-2003/CVE-2003-1599.yaml

@@ -1,17 +1,14 @@
 id: CVE-2003-1599
 
 info:
-  name: "WordPress Core <= 0.70 - Remote File Inclusion"
+  name: >
+    WordPress Core <= 0.70 - Remote File Inclusion
   author: topscoder
   severity: critical
-  description: "PHP remote file inclusion vulnerability in wp-links/links.all.php in WordPress 0.70 allows remote attackers to execute arbitrary PHP code via a URL in the $abspath variable."
+  description: >
+    PHP remote file inclusion vulnerability in wp-links/links.all.php in WordPress 0.70 allows remote attackers to execute arbitrary PHP code via a URL in the $abspath variable.
   reference:
-    - https://exchange.xforce.ibmcloud.com/vulnerabilities/12205
-    - http://www.kernelpanik.org/docs/kernelpanik/wordpressadv.txt
-    - http://www.openwall.com/lists/oss-security/2012/01/06/3
-    - http://www.securityfocus.com/bid/7785
-    - http://www.osvdb.org/4611
-    - https://wordpress.org/news/2003/06/wordpress-071-now-available/
+    - https://www.wordfence.com/threat-intel/vulnerabilities/id/da760bcf-b252-4b88-9f54-af0a097e3295?source=api-prod
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8

nuclei-templates/CVE-2004/CVE-2004-1559.yaml

@@ -1,18 +1,14 @@
 id: CVE-2004-1559
 
 info:
-  name: "WordPress Core < 1.2.1 - Cross-Site Scripting"
+  name: >
+    WordPress Core < 1.2.1 - Cross-Site Scripting
   author: topscoder
   severity: medium
-  description: "Multiple cross-site scripting (XSS) vulnerabilities in Wordpress 1.2 allow remote attackers to inject arbitrary web script or HTML via the (1) redirect_to, text, popupurl, or popuptitle parameters to wp-login.php, (2) redirect_url parameter to admin-header.php, (3) popuptitle, popupurl, content, or post_title parameters to bookmarklet.php, (4) cat_ID parameter to categories.php, (5) s parameter to edit.php, or (6) s or mode parameter to edit-comments.php."
+  description: >
+    Multiple cross-site scripting (XSS) vulnerabilities in Wordpress 1.2 allow remote attackers to inject arbitrary web script or HTML via the (1) redirect_to, text, popupurl, or popuptitle parameters to wp-login.php, (2) redirect_url parameter to admin-header.php, (3) popuptitle, popupurl, content, or post_title parameters to bookmarklet.php, (4) cat_ID parameter to categories.php, (5) s parameter to edit.php, or (6) s or mode parameter to edit-comments.php.
   reference:
-    - https://exchange.xforce.ibmcloud.com/vulnerabilities/17532
-    - http://secunia.com/advisories/12683
-    - http://marc.info/?l=bugtraq&m=109641484723194&w=2
-    - http://www.securityfocus.com/bid/11268
-    - http://securitytracker.com/id?1011440
-    - https://wordpress.org/news/2005/02/strayhorn/
-    - https://wordpress.org/news/2004/10/wp-121/
+    - https://www.wordfence.com/threat-intel/vulnerabilities/id/e8687bf7-4172-4cc3-bd6e-830fc5fc28e9?source=api-prod
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
@@ -36,9 +32,9 @@ http:
     matchers:
       - type: dsl
         dsl:
-          - compare_versions(version_by_generator, '< 1.2')
-          - compare_versions(version_by_js, '< 1.2')
-          - compare_versions(version_by_css, '< 1.2')
+          - compare_versions(version_by_generator, '<= 1.2')
+          - compare_versions(version_by_js, '<= 1.2')
+          - compare_versions(version_by_css, '<= 1.2')
 
       - type: status
         status:

nuclei-templates/CVE-2004/CVE-2004-1584.yaml

@@ -1,17 +1,14 @@
 id: CVE-2004-1584
 
 info:
-  name: "WordPress Core <= 1.2 - HTTP Response Splitting"
+  name: >
+    WordPress Core <= 1.2 - HTTP Response Splitting
   author: topscoder
   severity: medium
-  description: "CRLF injection vulnerability in wp-login.php in WordPress 1.2 allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server via the text parameter."
+  description: >
+    CRLF injection vulnerability in wp-login.php in WordPress 1.2 allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server via the text parameter.
   reference:
-    - http://marc.info/?l=bugtraq&m=109716327724041&w=2
-    - http://www.securityfocus.com/bid/11348
-    - http://secunia.com/advisories/12773
-    - http://wordpress.org/development/2004/10/wp-121/
-    - http://www.gentoo.org/security/en/glsa/glsa-200410-12.xml
-    - https://exchange.xforce.ibmcloud.com/vulnerabilities/17649
+    - https://www.wordfence.com/threat-intel/vulnerabilities/id/ec8ad817-9716-4d29-a02a-57eb9aa58a13?source=api-prod
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
     cvss-score: 5.3
@@ -35,9 +32,9 @@ http:
     matchers:
       - type: dsl
         dsl:
-          - compare_versions(version_by_generator, '< 1.2.1')
-          - compare_versions(version_by_js, '< 1.2.1')
-          - compare_versions(version_by_css, '< 1.2.1')
+          - compare_versions(version_by_generator, '<= 1.2.1')
+          - compare_versions(version_by_js, '<= 1.2.1')
+          - compare_versions(version_by_css, '<= 1.2.1')
 
       - type: status
         status:

nuclei-templates/CVE-2004/CVE-2004-1965.yaml

@@ -6,6 +6,10 @@ info:
   severity: medium
   description: |
     Multiple cross-site scripting (XSS) vulnerabilities in Open Bulletin Board (OpenBB) 1.0.6 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) redirect parameter to member.php, (2) to parameter to myhome.php (3) TID parameter to post.php, or (4) redirect parameter to index.php.
+  impact: |
+    Successful exploitation of these vulnerabilities could lead to unauthorized access, phishing attacks, and potential data theft.
+  remediation: |
+    Upgrade to a patched version of Open Bulletin Board (OpenBB) or apply necessary security patches to mitigate the vulnerabilities.
   reference:
     - https://www.exploit-db.com/exploits/24055
     - https://nvd.nist.gov/vuln/detail/CVE-2004-1965
@@ -17,8 +21,8 @@ info:
     cve-id: CVE-2004-1965
     cwe-id: NVD-CWE-Other
     epss-score: 0.0113
+    epss-percentile: 0.84351
     cpe: cpe:2.3:a:openbb:openbb:1.0.0_beta1:*:*:*:*:*:*:*
-    epss-percentile: 0.82864
   metadata:
     max-request: 1
     vendor: openbb
@@ -35,3 +39,4 @@ http:
         part: header
         regex:
           - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$'
+# digest: 4a0a0047304502200942a34b2650323617b6c0a05aed0e60c5452d3b77477cfa2760dd51678d7371022100cf0d486cba6f8042c311e7cc3134723dd8e8b86ff44b5cdb22e0adbfe3ba3776:922c64590222798bb761d5b6d8e72950

nuclei-templates/CVE-2005/CVE-2005-1102.yaml

@@ -1,16 +1,14 @@
 id: CVE-2005-1102
 
 info:
-  name: "WordPress Core <= 1.5 - Stored Cross-Site Scripting"
+  name: >
+    WordPress Core <= 1.5 - Stored Cross-Site Scripting
   author: topscoder
   severity: medium
-  description: "Multiple cross-site scripting (XSS) vulnerabilities in template-functions-post.php in WordPress 1.5 and earlier allow remote attackers to execute arbitrary commands via the (1) content or (2) title of the post."
+  description: >
+    Multiple cross-site scripting (XSS) vulnerabilities in template-functions-post.php in WordPress 1.5 and earlier allow remote attackers to execute arbitrary commands via the (1) content or (2) title of the post.
   reference:
-    - http://marc.info/?l=bugtraq&m=111336102101571&w=2
-    - http://security.gentoo.org/glsa/glsa-200506-04.xml
-    - http://bugs.gentoo.org/show_bug.cgi?id=88926
-    - http://wordpress.org/support/topic.php?id=30721
-    - https://wordpress.org/news/2005/05/security-update/
+    - https://www.wordfence.com/threat-intel/vulnerabilities/id/1d2f973a-1fb3-4c75-8c33-6d1fadf9c906?source=api-prod
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
     cvss-score: 6.4

nuclei-templates/CVE-2005/CVE-2005-1687.yaml

@@ -1,15 +1,14 @@
 id: CVE-2005-1687
 
 info:
-  name: "WordPress Core < 1.5.1 - SQL Injection"
+  name: >
+    WordPress Core < 1.5.1 - SQL Injection
   author: topscoder
   severity: high
-  description: "SQL injection vulnerability in wp-trackback.php in Wordpress 1.5 and earlier allows remote attackers to execute arbitrary SQL commands via the tb_id parameter."
+  description: >
+    SQL injection vulnerability in wp-trackback.php in Wordpress 1.5 and earlier allows remote attackers to execute arbitrary SQL commands via the tb_id parameter.
   reference:
-    - http://security.gentoo.org/glsa/glsa-200506-04.xml
-    - http://marc.info/?l=bugtraq&m=111661517716733&w=2
-    - http://bugs.gentoo.org/show_bug.cgi?id=88926
-    - https://wordpress.org/news/2005/05/one-five-one/
+    - https://www.wordfence.com/threat-intel/vulnerabilities/id/faf3fb76-847f-447f-b6c6-49bd0d30d3c7?source=api-prod
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 8.8
@@ -33,9 +32,9 @@ http:
     matchers:
       - type: dsl
         dsl:
-          - compare_versions(version_by_generator, '< 1.5.1')
-          - compare_versions(version_by_js, '< 1.5.1')
-          - compare_versions(version_by_css, '< 1.5.1')
+          - compare_versions(version_by_generator, '<= 1.5.1')
+          - compare_versions(version_by_js, '<= 1.5.1')
+          - compare_versions(version_by_css, '<= 1.5.1')
 
       - type: status
         status:

nuclei-templates/CVE-2005/CVE-2005-1688.yaml

@@ -1,13 +1,14 @@
 id: CVE-2005-1688
 
 info:
-  name: "WordPress Core < 1.5.1 - Full Path Disclosure"
+  name: >
+    WordPress Core < 1.5.1 - Full Path Disclosure
   author: topscoder
   severity: medium
-  description: "Wordpress 1.5 and earlier allows remote attackers to obtain sensitive information via a direct request to files in (1) wp-content/themes/, (2) wp-includes/, or (3) wp-admin/, which reveal the path in an error message."
+  description: >
+    Wordpress 1.5 and earlier allows remote attackers to obtain sensitive information via a direct request to files in (1) wp-content/themes/, (2) wp-includes/, or (3) wp-admin/, which reveal the path in an error message.
   reference:
-    - http://marc.info/?l=bugtraq&m=111661517716733&w=2
-    - https://wordpress.org/news/2005/05/one-five-one/
+    - https://www.wordfence.com/threat-intel/vulnerabilities/id/3d3b090a-71a3-4430-871d-f19ee1033e01?source=api-prod
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
     cvss-score: 5.3
@@ -31,9 +32,9 @@ http:
     matchers:
       - type: dsl
         dsl:
-          - compare_versions(version_by_generator, '< 1.5.1')
-          - compare_versions(version_by_js, '< 1.5.1')
-          - compare_versions(version_by_css, '< 1.5.1')
+          - compare_versions(version_by_generator, '<= 1.5.1')
+          - compare_versions(version_by_js, '<= 1.5.1')
+          - compare_versions(version_by_css, '<= 1.5.1')
 
       - type: status
         status:

nuclei-templates/CVE-2005/CVE-2005-1810.yaml

@@ -1,19 +1,14 @@
 id: CVE-2005-1810
 
 info:
-  name: "WordPress Core < 1.5.1.2 - SQL Injection"
+  name: >
+    WordPress Core < 1.5.1.2 - SQL Injection
   author: topscoder
   severity: high
-  description: "SQL injection vulnerability in template-functions-category.php in WordPress 1.5.1 allows remote attackers to execute arbitrary SQL commands via the $cat_ID variable, as demonstrated using the cat parameter to index.php."
+  description: >
+    SQL injection vulnerability in template-functions-category.php in WordPress 1.5.1 allows remote attackers to execute arbitrary SQL commands via the $cat_ID variable, as demonstrated using the cat parameter to index.php.
   reference:
-    - http://bugs.gentoo.org/show_bug.cgi?id=94512
-    - http://marc.info/?l=bugtraq&m=111817436619067&w=2
-    - http://secunia.com/advisories/15517
-    - http://www.osvdb.org/16905
-    - http://security.gentoo.org/glsa/glsa-200506-04.xml
-    - http://www.securityfocus.com/bid/13809
-    - http://wordpress.org/development/2005/05/security-update/
-    - https://wordpress.org/news/2005/05/security-update/
+    - https://www.wordfence.com/threat-intel/vulnerabilities/id/78669d4f-3c1e-49e6-af8d-56f105f99d01?source=api-prod
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 8.8

nuclei-templates/CVE-2005/CVE-2005-2107.yaml

@@ -1,15 +1,14 @@
 id: CVE-2005-2107
 
 info:
-  name: "WordPress Core <= 1.5.1.2 - Cross-Site Scripting"
+  name: >
+    WordPress Core <= 1.5.1.2 - Cross-Site Scripting
   author: topscoder
   severity: high
-  description: "Multiple cross-site scripting (XSS) vulnerabilities in post.php in WordPress 1.5.1.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) p or (2) comment parameter."
+  description: >
+    Multiple cross-site scripting (XSS) vulnerabilities in post.php in WordPress 1.5.1.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) p or (2) comment parameter.
   reference:
-    - http://secunia.com/advisories/15831
-    - http://www.gulftech.org/?node=research&article_id=00085-06282005
-    - http://marc.info/?l=bugtraq&m=112006967221438&w=2
-    - https://wordpress.org/news/2005/06/wordpress-1513/
+    - https://www.wordfence.com/threat-intel/vulnerabilities/id/35ac717c-e299-4a56-bead-cb1d050da75c?source=api-prod
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
     cvss-score: 7.2

nuclei-templates/CVE-2005/CVE-2005-2108.yaml

@@ -1,15 +1,14 @@
 id: CVE-2005-2108
 
 info:
-  name: "WordPress Core < 1.5.1.3 - SQL Injection"
+  name: >
+    WordPress Core < 1.5.1.3 - SQL Injection
   author: topscoder
   severity: high
-  description: "SQL injection vulnerability in XMLRPC server in WordPress 1.5.1.2 and earlier allows remote attackers to execute arbitrary SQL commands via input that is not filtered in the HTTP_RAW_POST_DATA variable, which stores the data in an XML file."
+  description: >
+    SQL injection vulnerability in XMLRPC server in WordPress 1.5.1.2 and earlier allows remote attackers to execute arbitrary SQL commands via input that is not filtered in the HTTP_RAW_POST_DATA variable, which stores the data in an XML file.
   reference:
-    - http://secunia.com/advisories/15831
-    - http://www.gulftech.org/?node=research&article_id=00085-06282005
-    - http://marc.info/?l=bugtraq&m=112006967221438&w=2
-    - https://wordpress.org/news/2005/06/wordpress-1513/
+    - https://www.wordfence.com/threat-intel/vulnerabilities/id/11d53df8-f7b3-467c-8b3a-515974f1ea69?source=api-prod
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 8.8
@@ -33,9 +32,9 @@ http:
     matchers:
       - type: dsl
         dsl:
-          - compare_versions(version_by_generator, '< 1.5.1.3')
-          - compare_versions(version_by_js, '< 1.5.1.3')
-          - compare_versions(version_by_css, '< 1.5.1.3')
+          - compare_versions(version_by_generator, '<= 1.5.1.3')
+          - compare_versions(version_by_js, '<= 1.5.1.3')
+          - compare_versions(version_by_css, '<= 1.5.1.3')
 
       - type: status
         status: