up nuclei-templates 2022-07-22

config/nuclei-templates/README.md

@@ -42,18 +42,18 @@ An overview of the nuclei template project, including statistics on unique tags,
 
 |    TAG    | COUNT |    AUTHOR     | COUNT |    DIRECTORY     | COUNT | SEVERITY | COUNT |  TYPE   | COUNT |
 |-----------|-------|---------------|-------|------------------|-------|----------|-------|---------|-------|
-| cve       |  1263 | daffainfo     |   605 | cves             |  1257 | info     |  1351 | http    |  3516 |
-| panel     |   586 | dhiyaneshdk   |   502 | exposed-panels   |   595 | high     |   930 | file    |    76 |
-| lfi       |   482 | pikpikcu      |   320 | vulnerabilities  |   483 | medium   |   750 | network |    50 |
-| xss       |   426 | pdteam        |   268 | technologies     |   266 | critical |   426 | dns     |    17 |
-| wordpress |   399 | geeknik       |   187 | exposures        |   254 | low      |   209 |         |       |
-| exposure  |   353 | dwisiswant0   |   169 | misconfiguration |   206 | unknown  |     6 |         |       |
-| cve2021   |   311 | 0x_akoko      |   152 | token-spray      |   206 |          |       |         |       |
-| rce       |   308 | princechaddha |   147 | workflows        |   187 |          |       |         |       |
-| wp-plugin |   295 | pussycat0x    |   127 | default-logins   |    99 |          |       |         |       |
-| tech      |   282 | gy741         |   124 | file             |    76 |          |       |         |       |
-
-**279 directories, 3884 files**.
+| cve       |  1294 | daffainfo     |   605 | cves             |  1277 | info     |  1352 | http    |  3554 |
+| panel     |   591 | dhiyaneshdk   |   503 | exposed-panels   |   600 | high     |   938 | file    |    76 |
+| lfi       |   486 | pikpikcu      |   321 | vulnerabilities  |   493 | medium   |   766 | network |    50 |
+| xss       |   439 | pdteam        |   269 | technologies     |   266 | critical |   436 | dns     |    17 |
+| wordpress |   401 | geeknik       |   187 | exposures        |   254 | low      |   211 |         |       |
+| exposure  |   355 | dwisiswant0   |   169 | misconfiguration |   207 | unknown  |     7 |         |       |
+| cve2021   |   322 | 0x_akoko      |   154 | token-spray      |   206 |          |       |         |       |
+| rce       |   313 | princechaddha |   147 | workflows        |   187 |          |       |         |       |
+| wp-plugin |   297 | pussycat0x    |   128 | default-logins   |   101 |          |       |         |       |
+| tech      |   282 | gy741         |   126 | file             |    76 |          |       |         |       |
+
+**281 directories, 3922 files**.
 
 </td>
 </tr>

config/nuclei-templates/TOP-10.md

@@ -1,12 +1,12 @@
 |    TAG    | COUNT |    AUTHOR     | COUNT |    DIRECTORY     | COUNT | SEVERITY | COUNT |  TYPE   | COUNT |
 |-----------|-------|---------------|-------|------------------|-------|----------|-------|---------|-------|
-| cve       |  1263 | daffainfo     |   605 | cves             |  1257 | info     |  1351 | http    |  3516 |
-| panel     |   586 | dhiyaneshdk   |   502 | exposed-panels   |   595 | high     |   930 | file    |    76 |
-| lfi       |   482 | pikpikcu      |   320 | vulnerabilities  |   483 | medium   |   750 | network |    50 |
-| xss       |   426 | pdteam        |   268 | technologies     |   266 | critical |   426 | dns     |    17 |
-| wordpress |   399 | geeknik       |   187 | exposures        |   254 | low      |   209 |         |       |
-| exposure  |   353 | dwisiswant0   |   169 | misconfiguration |   206 | unknown  |     6 |         |       |
-| cve2021   |   311 | 0x_akoko      |   152 | token-spray      |   206 |          |       |         |       |
-| rce       |   308 | princechaddha |   147 | workflows        |   187 |          |       |         |       |
-| wp-plugin |   295 | pussycat0x    |   127 | default-logins   |    99 |          |       |         |       |
-| tech      |   282 | gy741         |   124 | file             |    76 |          |       |         |       |
+| cve       |  1294 | daffainfo     |   605 | cves             |  1277 | info     |  1352 | http    |  3554 |
+| panel     |   591 | dhiyaneshdk   |   503 | exposed-panels   |   600 | high     |   938 | file    |    76 |
+| lfi       |   486 | pikpikcu      |   321 | vulnerabilities  |   493 | medium   |   766 | network |    50 |
+| xss       |   439 | pdteam        |   269 | technologies     |   266 | critical |   436 | dns     |    17 |
+| wordpress |   401 | geeknik       |   187 | exposures        |   254 | low      |   211 |         |       |
+| exposure  |   355 | dwisiswant0   |   169 | misconfiguration |   207 | unknown  |     7 |         |       |
+| cve2021   |   322 | 0x_akoko      |   154 | token-spray      |   206 |          |       |         |       |
+| rce       |   313 | princechaddha |   147 | workflows        |   187 |          |       |         |       |
+| wp-plugin |   297 | pussycat0x    |   128 | default-logins   |   101 |          |       |         |       |
+| tech      |   282 | gy741         |   126 | file             |    76 |          |       |         |       |

config/nuclei-templates/cves/2009/CVE-2009-1151.yaml

@@ -16,7 +16,7 @@ info:
     cvss-score: 10
     cve-id: CVE-2009-1151
     cwe-id: CWE-77
-  tags: cve,cve2009,phpmyadmin,rce,deserialization,cisa
+  tags: cve,cve2009,phpmyadmin,rce,deserialization,kev
 
 requests:
   - raw:

config/nuclei-templates/cves/2010/CVE-2010-2861.yaml

@@ -14,7 +14,7 @@ info:
     cve-id: CVE-2010-2861
   metadata:
     shodan-query: http.component:"Adobe ColdFusion"
-  tags: cve,cve2010,coldfusion,lfi,adobe,cisa
+  tags: cve,cve2010,coldfusion,lfi,adobe,kev
 
 requests:
   - method: GET

config/nuclei-templates/cves/2012/CVE-2012-1823.yaml

@@ -13,7 +13,7 @@ info:
     - http://www.php.net/ChangeLog-5.php#5.4.2
   classification:
     cve-id: CVE-2012-1823
-  tags: rce,php,cve,cve2012,cisa
+  tags: rce,php,cve,cve2012,kev
 
 requests:
   - raw:

config/nuclei-templates/cves/2013/CVE-2013-2251.yaml

@@ -12,7 +12,7 @@ info:
   remediation: Developers should immediately upgrade to Struts 2.3.15.1 or later.
   classification:
     cve-id: CVE-2013-2251
-  tags: cve,cve2013,rce,struts,apache,ognl,cisa
+  tags: cve,cve2013,rce,struts,apache,ognl,kev
 
 requests:
   - raw:

config/nuclei-templates/cves/2014/CVE-2014-3120.yaml

@@ -13,7 +13,7 @@ info:
     - http://bouk.co/blog/elasticsearch-rce/
   classification:
     cve-id: CVE-2014-3120
-  tags: cve,cve2014,elastic,rce,elasticsearch,cisa
+  tags: cve,cve2014,elastic,rce,elasticsearch,kev
 
 requests:
   - raw:

config/nuclei-templates/cves/2014/CVE-2014-6271.yaml

@@ -15,7 +15,7 @@ info:
     cvss-score: 9.8
     cve-id: CVE-2014-6271
     cwe-id: CWE-78
-  tags: cve,cve2014,rce,shellshock,cisa
+  tags: cve,cve2014,rce,shellshock,kev
 
 requests:
   - method: GET

config/nuclei-templates/cves/2015/CVE-2015-1427.yaml

@@ -12,7 +12,7 @@ info:
     - http://web.archive.org/web/20210506011817/https://www.securityfocus.com/bid/72585
   classification:
     cve-id: CVE-2015-1427
-  tags: cve,cve2015,elastic,rce,elasticsearch,cisa
+  tags: cve,cve2015,elastic,rce,elasticsearch,kev
 
 requests:
   - raw:

config/nuclei-templates/cves/2015/CVE-2015-7450.yaml

@@ -15,7 +15,7 @@ info:
     cvss-score: 9.8
     cve-id: CVE-2015-7450
     cwe-id: CWE-94
-  tags: cve,cve2015,websphere,deserialization,rce,oast,ibm,java
+  tags: cve,cve2015,websphere,deserialization,rce,oast,ibm,java,kev
 
 requests:
   - raw:

config/nuclei-templates/cves/2016/CVE-2016-1555.yaml

@@ -15,7 +15,7 @@ info:
     cvss-score: 9.8
     cve-id: CVE-2016-1555
     cwe-id: CWE-77
-  tags: cve,cve2016,netgear,rce,oast,router
+  tags: cve,cve2016,netgear,rce,oast,router,kev
 
 requests:
   - raw:

config/nuclei-templates/cves/2016/CVE-2016-3088.yaml

@@ -15,7 +15,7 @@ info:
     cvss-score: 9.8
     cve-id: CVE-2016-3088
     cwe-id: CWE-20
-  tags: cve,cve2016,apache,activemq,fileupload,cisa
+  tags: cve,cve2016,apache,activemq,fileupload,kev
 
 requests:
   - raw:

config/nuclei-templates/cves/2016/CVE-2016-4977.yaml

@@ -6,7 +6,7 @@ info:
   severity: high
   description: Spring Security OAuth versions 2.0.0 to 2.0.9 and 1.0.0 to 1.0.5 contain a remote command execution vulnerability. When processing authorization requests using the whitelabel views, the response_type parameter value was executed as Spring SpEL which enabled a malicious user to trigger remote command execution via the crafting of the value for response_type.
   reference:
-    - /~https://github.com/vulhub/vulhub/blob/master/spring/CVE-2016-4977/README_CN.md
+    - /~https://github.com/vulhub/vulhub/blob/master/spring/CVE-2016-4977/README.md
     - https://tanzu.vmware.com/security/cve-2016-4977
     - https://nvd.nist.gov/vuln/detail/CVE-2016-4977
     - https://pivotal.io/security/cve-2016-4977

config/nuclei-templates/cves/2016/CVE-2016-6277.yaml

@@ -15,7 +15,7 @@ info:
     cvss-score: 8.8
     cve-id: CVE-2016-6277
     cwe-id: CWE-352
-  tags: cve,cve2016,netgear,rce,iot,cisa
+  tags: cve,cve2016,netgear,rce,iot,kev
 
 requests:
   - method: GET

config/nuclei-templates/cves/2017/CVE-2017-1000486.yaml

@@ -15,7 +15,7 @@ info:
     cvss-score: 9.8
     cve-id: CVE-2017-1000486
     cwe-id: CWE-326
-  tags: cve,cve2017,primetek,rce,injection,cisa
+  tags: cve,cve2017,primetek,rce,injection,kev
 
 requests:
   - raw:

config/nuclei-templates/cves/2017/CVE-2017-10271.yaml

@@ -15,7 +15,7 @@ info:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
     cvss-score: 7.5
     cve-id: CVE-2017-10271
-  tags: cve,cve2017,rce,oracle,weblogic,oast,cisa
+  tags: cve,cve2017,rce,oracle,weblogic,oast,kev
 
 requests:
   - raw:

config/nuclei-templates/cves/2017/CVE-2017-12149.yaml

@@ -15,7 +15,7 @@ info:
     cvss-score: 9.8
     cve-id: CVE-2017-12149
     cwe-id: CWE-502
-  tags: cve,cve2017,jboss,java,rce,deserialization,cisa
+  tags: cve,cve2017,jboss,java,rce,deserialization,kev
 
 requests:
   - raw:

config/nuclei-templates/cves/2017/CVE-2017-12615.yaml

@@ -17,7 +17,7 @@ info:
     cvss-score: 8.1
     cve-id: CVE-2017-12615
     cwe-id: CWE-434
-  tags: cve,cve2017,apache,rce,tomcat,cisa
+  tags: cve,cve2017,apache,rce,tomcat,kev
 
 requests:
   - method: PUT

config/nuclei-templates/cves/2017/CVE-2017-17562.yaml

@@ -17,7 +17,7 @@ info:
     cvss-score: 8.1
     cve-id: CVE-2017-17562
     cwe-id: CWE-20
-  tags: cve,cve2017,rce,goahead,fuzz,cisa
+  tags: cve,cve2017,rce,goahead,fuzz,kev
 
 requests:
   - raw:

config/nuclei-templates/cves/2017/CVE-2017-3881.yaml

@@ -16,7 +16,7 @@ info:
     cvss-score: 9.8
     cve-id: CVE-2017-3881
     cwe-id: CWE-20
-  tags: cve,cve2017,cisco,rce,network,cisa
+  tags: cve,cve2017,cisco,rce,network,kev
 
 network:
   - inputs:

config/nuclei-templates/cves/2017/CVE-2017-5638.yaml

@@ -15,7 +15,7 @@ info:
     cvss-score: 10
     cve-id: CVE-2017-5638
     cwe-id: CWE-20
-  tags: cve,cve2017,struts,rce,apache,cisa
+  tags: cve,cve2017,struts,rce,apache,kev
 
 requests:
   - raw:

config/nuclei-templates/cves/2017/CVE-2017-7269.yaml

@@ -16,7 +16,7 @@ info:
     cvss-score: 9.8
     cve-id: CVE-2017-7269
     cwe-id: CWE-119
-  tags: cve,cve2017,rce,windows,iis,cisa
+  tags: cve,cve2017,rce,windows,iis,kev
 
 requests:
   - method: OPTIONS

config/nuclei-templates/cves/2017/CVE-2017-9791.yaml

@@ -14,7 +14,7 @@ info:
     cvss-score: 9.8
     cve-id: CVE-2017-9791
     cwe-id: CWE-20
-  tags: cve,cve2017,apache,rce,struts,cisa
+  tags: cve,cve2017,apache,rce,struts,kev
 
 requests:
   - method: POST

config/nuclei-templates/cves/2017/CVE-2017-9805.yaml

@@ -14,7 +14,7 @@ info:
     cvss-score: 8.1
     cve-id: CVE-2017-9805
     cwe-id: CWE-502
-  tags: cve,cve2017,apache,rce,struts,cisa
+  tags: cve,cve2017,apache,rce,struts,kev
 
 requests:
   - method: POST

config/nuclei-templates/cves/2017/CVE-2017-9822.yaml

@@ -15,7 +15,7 @@ info:
     cvss-score: 8.8
     cve-id: CVE-2017-9822
     cwe-id: CWE-20
-  tags: cve,cve2017,dotnetnuke,bypass,rce,deserialization,cisa
+  tags: cve,cve2017,dotnetnuke,bypass,rce,deserialization,kev
 
 requests:
   - raw:

config/nuclei-templates/cves/2017/CVE-2017-9841.yaml

@@ -16,7 +16,7 @@ info:
     cvss-score: 9.8
     cve-id: CVE-2017-9841
     cwe-id: CWE-94
-  tags: cve,cve2017,php,phpunit,rce,cisa
+  tags: cve,cve2017,php,phpunit,rce,kev
 
 requests:
 

config/nuclei-templates/cves/2018/CVE-2018-0296.yaml

@@ -16,7 +16,7 @@ info:
     cvss-score: 7.5
     cve-id: CVE-2018-0296
     cwe-id: CWE-22
-  tags: cve,cve2018,cisco,lfi,traversal,cisa,asa
+  tags: cve,cve2018,cisco,lfi,traversal,asa,kev
 
 requests:
   - method: GET

config/nuclei-templates/cves/2018/CVE-2018-1000861.yaml

@@ -15,7 +15,7 @@ info:
     cvss-score: 9.8
     cve-id: CVE-2018-1000861
     cwe-id: CWE-502
-  tags: cve,cve2018,jenkin,rce,jenkins,cisa
+  tags: cve,cve2018,jenkin,rce,jenkins,kev
 
 requests:
   - method: GET

config/nuclei-templates/cves/2018/CVE-2018-10562.yaml

@@ -15,7 +15,7 @@ info:
     cvss-score: 9.8
     cve-id: CVE-2018-10562
     cwe-id: CWE-78
-  tags: cve,cve2018,dasan,gpon,rce,oast
+  tags: cve,cve2018,dasan,gpon,rce,oast,kev
 
 requests:
   - raw:

config/nuclei-templates/cves/2018/CVE-2018-11776.yaml

@@ -16,7 +16,7 @@ info:
     cvss-score: 8.1
     cve-id: CVE-2018-11776
     cwe-id: CWE-20
-  tags: cve,cve2018,apache,rce,struts,cisa
+  tags: cve,cve2018,apache,rce,struts,kev
 
 requests:
   - method: GET

config/nuclei-templates/cves/2018/CVE-2018-1273.yaml

@@ -20,7 +20,7 @@ info:
     cvss-score: 9.8
     cve-id: CVE-2018-1273
     cwe-id: CWE-20
-  tags: cve,cve2018,vmware,rce,spring
+  tags: cve,cve2018,vmware,rce,spring,kev
 
 requests:
   - raw:

config/nuclei-templates/cves/2018/CVE-2018-13379.yaml

@@ -17,7 +17,7 @@ info:
   metadata:
     verified: true
     shodan-query: http.html:"/remote/login" "xxxxxxxx"
-  tags: cve,cve2018,fortios,cisa,lfi
+  tags: cve,cve2018,fortios,lfi,kev
 
 requests:
   - method: GET

config/nuclei-templates/cves/2018/CVE-2018-15961.yaml

@@ -17,7 +17,7 @@ info:
     cwe-id: CWE-434
   metadata:
     shodan-query: http.component:"Adobe ColdFusion"
-  tags: cve,cve2018,adobe,rce,coldfusion,fileupload,cisa
+  tags: cve,cve2018,adobe,rce,coldfusion,fileupload,kev
 
 requests:
   - raw:

config/nuclei-templates/cves/2018/CVE-2018-17246.yaml

@@ -6,7 +6,7 @@ info:
   severity: critical
   description: Kibana versions before 6.4.3 and 5.6.13 contain an arbitrary file inclusion flaw in the Console plugin. An attacker with access to the Kibana Console API could send a request that will attempt to execute JavaScript which could possibly lead to an attacker executing arbitrary commands with permissions of the Kibana process on the host system.
   reference:
-    - /~https://github.com/vulhub/vulhub/blob/master/kibana/CVE-2018-17246/README_CN.md
+    - /~https://github.com/vulhub/vulhub/blob/master/kibana/CVE-2018-17246/README.md
     - https://nvd.nist.gov/vuln/detail/CVE-2018-17246
     - https://www.elastic.co/community/security
     - https://discuss.elastic.co/t/elastic-stack-6-4-3-and-5-6-13-security-update/155594

config/nuclei-templates/cves/2018/CVE-2018-7600.yaml

@@ -15,7 +15,7 @@ info:
     cvss-score: 9.8
     cve-id: CVE-2018-7600
     cwe-id: CWE-20
-  tags: cve,cve2018,drupal,rce,cisa
+  tags: cve,cve2018,drupal,rce,kev
 
 requests:
   - raw:

config/nuclei-templates/cves/2018/CVE-2018-7602.yaml

@@ -14,7 +14,7 @@ info:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2018-7602
-  tags: cve,cve2018,drupal,authenticated,cisa
+  tags: cve,cve2018,drupal,authenticated,kev
 
 requests:
   - raw:

config/nuclei-templates/cves/2019/CVE-2019-0193.yaml

@@ -18,7 +18,7 @@ info:
     cvss-score: 7.2
     cve-id: CVE-2019-0193
     cwe-id: CWE-94
-  tags: cve,cve2019,apache,rce,solr,oast,cisa
+  tags: cve,cve2019,apache,rce,solr,oast,kev
 
 requests:
   - raw:

config/nuclei-templates/cves/2019/CVE-2019-10068.yaml

@@ -15,7 +15,7 @@ info:
     cvss-score: 9.8
     cve-id: CVE-2019-10068
     cwe-id: CWE-502
-  tags: cve,cve2019,rce,deserialization,kentico,iis,cisa
+  tags: cve,cve2019,rce,deserialization,kentico,iis,kev
 
 requests:
   - method: POST

config/nuclei-templates/cves/2019/CVE-2019-10758.yaml

@@ -16,7 +16,7 @@ info:
     cve-id: CVE-2019-10758
   metadata:
     shodan-query: http.title:"Mongo Express"
-  tags: cve,cve2019,mongo,mongo-express,cisa
+  tags: cve,cve2019,mongo,mongo-express,kev
 
 requests:
   - raw:

config/nuclei-templates/cves/2019/CVE-2019-11510.yaml

@@ -14,7 +14,7 @@ info:
     cvss-score: 10
     cve-id: CVE-2019-11510
     cwe-id: CWE-22
-  tags: cve,cve2019,pulsesecure,lfi,cisa
+  tags: cve,cve2019,pulsesecure,lfi,kev
 
 requests:
   - method: GET