tag:github.com,2008:https://github.com/projectdiscovery/nuclei-templates/releases
Release notes from nuclei-templates
2024-09-02T09:52:01Z
tag:github.com,2008:Repository/253044228/v9.9.4
2024-09-02T10:38:47Z
v9.9.4
<h2>What's Changed</h2>
<h3>🔥 Release Highlights 🔥</h3>
<ul>
<li>[CVE-2024-43425] Moodle - Remote Code Execution (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/iamnoooob/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/iamnoooob">@iamnoooob</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/rootxharsh/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/rootxharsh">@rootxharsh</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pdresearch/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pdresearch">@pdresearch</a>) [critical] 🔥</li>
<li>[<a title="CVE-2024-29868" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-cf3q-vg8w-mw84/hovercard" href="https://github.com/advisories/GHSA-cf3q-vg8w-mw84">CVE-2024-29868</a>] Apache StreamPipes - Weak PRNG in Recovery Token Generation (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/alessandro/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/alessandro">@alessandro</a> - DEVisions) [critical] 🔥</li>
<li>[CVE-2024-24809] Traccar - Unrestricted File Upload (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [high] 🔥</li>
<li>[<a title="CVE-2024-7593" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-8j5m-w2v7-mx38/hovercard" href="https://github.com/advisories/GHSA-8j5m-w2v7-mx38">CVE-2024-7593</a>] Ivanti vTM - Authentication Bypass (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/gy741/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/gy741">@gy741</a>) [critical] 🔥</li>
<li>[<a title="CVE-2024-6670" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-x5hw-48mf-cq3m/hovercard" href="https://github.com/advisories/GHSA-x5hw-48mf-cq3m">CVE-2024-6670</a>] WhatsUp Gold HasErrors SQL Injection - Authentication Bypass (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a>) [critical] 🔥</li>
<li>[<a title="CVE-2024-5932" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-v25r-h42w-j2vq/hovercard" href="https://github.com/advisories/GHSA-v25r-h42w-j2vq">CVE-2024-5932</a>] GiveWP - PHP Object Injection (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/iamnoooob/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/iamnoooob">@iamnoooob</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/rootxharsh/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/rootxharsh">@rootxharsh</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pdresearch/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pdresearch">@pdresearch</a>) [critical] 🔥</li>
</ul>
<hr>
<h4>Bug Fixes</h4>
<ul>
<li>Fixed typo in 'shodan-query' key in AirOS Panel detection (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2488820844" data-permission-text="Title is private" data-url="https://github.com/projectdiscovery/nuclei-templates/issues/10615" data-hovercard-type="pull_request" data-hovercard-url="/projectdiscovery/nuclei-templates/pull/10615/hovercard" href="https://github.com/projectdiscovery/nuclei-templates/pull/10615">#10615</a>).</li>
</ul>
<h4>False Positives</h4>
<ul>
<li>Fixed Nacos version detection false positive (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2500210714" data-permission-text="Title is private" data-url="https://github.com/projectdiscovery/nuclei-templates/issues/10647" data-hovercard-type="pull_request" data-hovercard-url="/projectdiscovery/nuclei-templates/pull/10647/hovercard" href="https://github.com/projectdiscovery/nuclei-templates/pull/10647">#10647</a>).</li>
<li>Fixed false positives for mixed active content (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2472823521" data-permission-text="Title is private" data-url="https://github.com/projectdiscovery/nuclei-templates/issues/10571" data-hovercard-type="pull_request" data-hovercard-url="/projectdiscovery/nuclei-templates/pull/10571/hovercard" href="https://github.com/projectdiscovery/nuclei-templates/pull/10571">#10571</a>).</li>
<li>Fixed false positives for weak login detection in XUI (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2465053822" data-permission-text="Title is private" data-url="https://github.com/projectdiscovery/nuclei-templates/issues/10533" data-hovercard-type="pull_request" data-hovercard-url="/projectdiscovery/nuclei-templates/pull/10533/hovercard" href="https://github.com/projectdiscovery/nuclei-templates/pull/10533">#10533</a>).</li>
<li>Fixed false positives in <a title="CVE-2023-33584" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-8wqh-3wxx-4342/hovercard" href="https://github.com/advisories/GHSA-8wqh-3wxx-4342">CVE-2023-33584</a> template (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2447562958" data-permission-text="Title is private" data-url="https://github.com/projectdiscovery/nuclei-templates/issues/10459" data-hovercard-type="issue" data-hovercard-url="/projectdiscovery/nuclei-templates/issues/10459/hovercard" href="https://github.com/projectdiscovery/nuclei-templates/issues/10459">#10459</a>).</li>
<li>Fixed false positives for <a title="CVE-2018-11784" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-5q99-f34m-67gc/hovercard" href="https://github.com/advisories/GHSA-5q99-f34m-67gc">CVE-2018-11784</a> detection (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2454981481" data-permission-text="Title is private" data-url="https://github.com/projectdiscovery/nuclei-templates/issues/10495" data-hovercard-type="issue" data-hovercard-url="/projectdiscovery/nuclei-templates/issues/10495/hovercard" href="https://github.com/projectdiscovery/nuclei-templates/issues/10495">#10495</a>).</li>
<li>Updated SQL injection delay time to reduce false positives in wp-statistics (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2427187649" data-permission-text="Title is private" data-url="https://github.com/projectdiscovery/nuclei-templates/issues/10377" data-hovercard-type="pull_request" data-hovercard-url="/projectdiscovery/nuclei-templates/pull/10377/hovercard" href="https://github.com/projectdiscovery/nuclei-templates/pull/10377">#10377</a>).</li>
<li>Updated SQL injection delay time for <a title="CVE-2023-6063" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-r4qv-crh6-rjvj/hovercard" href="https://github.com/advisories/GHSA-r4qv-crh6-rjvj">CVE-2023-6063</a> to reduce false positives (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2427180819" data-permission-text="Title is private" data-url="https://github.com/projectdiscovery/nuclei-templates/issues/10376" data-hovercard-type="pull_request" data-hovercard-url="/projectdiscovery/nuclei-templates/pull/10376/hovercard" href="https://github.com/projectdiscovery/nuclei-templates/pull/10376">#10376</a>).</li>
</ul>
<h4>Enhancements</h4>
<ul>
<li>Updated GitHub takeover matchers to match new 404 page (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2469061437" data-permission-text="Title is private" data-url="https://github.com/projectdiscovery/nuclei-templates/issues/10553" data-hovercard-type="pull_request" data-hovercard-url="/projectdiscovery/nuclei-templates/pull/10553/hovercard" href="https://github.com/projectdiscovery/nuclei-templates/pull/10553">#10553</a>).</li>
<li>Improved <a title="CVE-2014-6271" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-6hfc-grwp-2p9c/hovercard" href="https://github.com/advisories/GHSA-6hfc-grwp-2p9c">CVE-2014-6271</a> detection (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2492481368" data-permission-text="Title is private" data-url="https://github.com/projectdiscovery/nuclei-templates/issues/10621" data-hovercard-type="issue" data-hovercard-url="/projectdiscovery/nuclei-templates/issues/10621/hovercard" href="https://github.com/projectdiscovery/nuclei-templates/issues/10621">#10621</a>).</li>
<li>Enhanced detection of HashiCorp Vault login panel (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2484284488" data-permission-text="Title is private" data-url="https://github.com/projectdiscovery/nuclei-templates/issues/10599" data-hovercard-type="pull_request" data-hovercard-url="/projectdiscovery/nuclei-templates/pull/10599/hovercard" href="https://github.com/projectdiscovery/nuclei-templates/pull/10599">#10599</a>).</li>
<li>Added new endpoint detection for phpMyAdmin panel (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2443238066" data-permission-text="Title is private" data-url="https://github.com/projectdiscovery/nuclei-templates/issues/10451" data-hovercard-type="issue" data-hovercard-url="/projectdiscovery/nuclei-templates/issues/10451/hovercard" href="https://github.com/projectdiscovery/nuclei-templates/issues/10451">#10451</a>).</li>
</ul>
<h2>Template Updates</h2>
<h3>New Templates Added: <code>59</code> | CVEs Added: <code>30</code> | First-time contributions: <code>13</code></h3>
<ul>
<li>[<a title="CVE-2024-45241" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-v5f5-778p-qh56/hovercard" href="https://github.com/advisories/GHSA-v5f5-778p-qh56">CVE-2024-45241</a>] CentralSquare CryWolf - Path Traversal (@s4e-io) [high]</li>
<li>[CVE-2024-43425] Moodle - Remote Code Execution (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/iamnoooob/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/iamnoooob">@iamnoooob</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/rootxharsh/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/rootxharsh">@rootxharsh</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pdresearch/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pdresearch">@pdresearch</a>) [critical] 🔥</li>
<li>[<a title="CVE-2024-32231" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-75jf-52jg-qqh4/hovercard" href="https://github.com/advisories/GHSA-75jf-52jg-qqh4">CVE-2024-32231</a>] Stash < 0.26.0 - SQL Injection (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/iamnoooob/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/iamnoooob">@iamnoooob</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/rootxharsh/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/rootxharsh">@rootxharsh</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pdresearch/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pdresearch">@pdresearch</a>) [critical]</li>
<li>[<a title="CVE-2024-29868" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-cf3q-vg8w-mw84/hovercard" href="https://github.com/advisories/GHSA-cf3q-vg8w-mw84">CVE-2024-29868</a>] Apache StreamPipes <= 0.93.0 - Use of Cryptographically Weak PRNG in Recovery Token Generation (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/alessandro/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/alessandro">@alessandro</a> Albani - DEVisions) [critical] 🔥</li>
<li>[<a title="CVE-2024-29272" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-pmm3-68q9-57jg/hovercard" href="https://github.com/advisories/GHSA-pmm3-68q9-57jg">CVE-2024-29272</a>] VvvebJs < 1.7.5 - Arbitrary File Upload (@s4e-io) [medium]</li>
<li>[CVE-2024-24809] Traccar - Unrestricted File Upload (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [high] 🔥</li>
<li>[CVE-2024-23163] GestSup - Account Takeover (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/eeche/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/eeche">@eeche</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/chae1xx1os/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/chae1xx1os">@chae1xx1os</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/persona-twotwo/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/persona-twotwo">@persona-twotwo</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/soonghee2/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/soonghee2">@soonghee2</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/gy741/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/gy741">@gy741</a>) [critical]</li>
<li>[<a title="CVE-2024-8181" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-2q4w-x8h2-2fvh/hovercard" href="https://github.com/advisories/GHSA-2q4w-x8h2-2fvh">CVE-2024-8181</a>] Flowise <= 1.8.2 Authentication Bypass (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/iamnoooob/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/iamnoooob">@iamnoooob</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/rootxharsh/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/rootxharsh">@rootxharsh</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pdresearch/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pdresearch">@pdresearch</a>) [high]</li>
<li>[<a title="CVE-2024-7954" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-42mv-3h37-wfh9/hovercard" href="https://github.com/advisories/GHSA-42mv-3h37-wfh9">CVE-2024-7954</a>] SPIP Porte Plume Plugin - Remote Code Execution (@s4e-io) [critical]</li>
<li>[<a title="CVE-2024-7928" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-gp9j-wjxg-4r78/hovercard" href="https://github.com/advisories/GHSA-gp9j-wjxg-4r78">CVE-2024-7928</a>] FastAdmin < V1.3.4.20220530 - Path Traversal (@s4e-io) [medium]</li>
<li>[<a title="CVE-2024-7593" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-8j5m-w2v7-mx38/hovercard" href="https://github.com/advisories/GHSA-8j5m-w2v7-mx38">CVE-2024-7593</a>] Ivanti vTM - Authentication Bypass (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/gy741/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/gy741">@gy741</a>) [critical] 🔥</li>
<li>[<a title="CVE-2024-6911" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-p7hh-r4jx-72fm/hovercard" href="https://github.com/advisories/GHSA-p7hh-r4jx-72fm">CVE-2024-6911</a>] PerkinElmer ProcessPlus <= 1.11.6507.0 - Local File Inclusion (@s4e-io) [high]</li>
<li>[<a title="CVE-2024-6893" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-9hxq-vv35-9r5r/hovercard" href="https://github.com/advisories/GHSA-9hxq-vv35-9r5r">CVE-2024-6893</a>] Journyx - XML External Entities Injection (XXE) (@s4eio) [high]</li>
<li>[CVE-2024-6842] AnythingLLM - Information Disclosure (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ingbunga/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ingbunga">@ingbunga</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/rahaaaiii/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/rahaaaiii">@rahaaaiii</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/asteria121/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/asteria121">@asteria121</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/breakpack/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/breakpack">@breakpack</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/gy741/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/gy741">@gy741</a>) [high]</li>
<li>[<a title="CVE-2024-6670" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-x5hw-48mf-cq3m/hovercard" href="https://github.com/advisories/GHSA-x5hw-48mf-cq3m">CVE-2024-6670</a>] WhatsUp Gold HasErrors SQL Injection - Authentication Bypass (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a>) [critical] 🔥</li>
<li>[<a title="CVE-2024-6095" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-fgv5-qx89-qjrh/hovercard" href="https://github.com/advisories/GHSA-fgv5-qx89-qjrh">CVE-2024-6095</a>] LocalAI - Partial Local File Read (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/iamnoooob/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/iamnoooob">@iamnoooob</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pdresearch/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pdresearch">@pdresearch</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/rootxharsh/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/rootxharsh">@rootxharsh</a>) [medium]</li>
<li>[<a title="CVE-2024-5932" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-v25r-h42w-j2vq/hovercard" href="https://github.com/advisories/GHSA-v25r-h42w-j2vq">CVE-2024-5932</a>] GiveWP - PHP Object Injection (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/iamnoooob/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/iamnoooob">@iamnoooob</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/rootxharsh/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/rootxharsh">@rootxharsh</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pdresearch/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pdresearch">@pdresearch</a>) [critical] 🔥</li>
<li>[<a title="CVE-2024-5827" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-c89v-fg7j-r5qj/hovercard" href="https://github.com/advisories/GHSA-c89v-fg7j-r5qj">CVE-2024-5827</a>] Vanna - SQL injection (@olfloralo, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/nukunga/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/nukunga">@nukunga</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/harksu/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/harksu">@harksu</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/nechyo/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/nechyo">@nechyo</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/gy741/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/gy741">@gy741</a>) [critical]</li>
<li>[<a title="CVE-2024-5765" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-qjh7-f97r-9p56/hovercard" href="https://github.com/advisories/GHSA-qjh7-f97r-9p56">CVE-2024-5765</a>] WpStickyBar <= 2.1.0 - SQL Injection (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/theamanrawat/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/theamanrawat">@theamanrawat</a>) [high]</li>
<li>[<a title="CVE-2024-5421" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-8pqj-vj9j-2jf2/hovercard" href="https://github.com/advisories/GHSA-8pqj-vj9j-2jf2">CVE-2024-5421</a>] SEH utnserver Pro/ProMAX/INU-100 20.1.22 - File Exposure (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/bl4ckp4r4d1s3/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/bl4ckp4r4d1s3">@bl4ckp4r4d1s3</a>) [high]</li>
<li>[<a title="CVE-2024-5420" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-x9ph-fmr9-w768/hovercard" href="https://github.com/advisories/GHSA-x9ph-fmr9-w768">CVE-2024-5420</a>] SEH utnserver Pro/ProMAX/INU-100 20.1.22 - Cross-Site Scripting (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/bl4ckp4r4d1s3/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/bl4ckp4r4d1s3">@bl4ckp4r4d1s3</a>) [high]</li>
<li>[<a title="CVE-2024-3850" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-r4pf-fm74-w9rw/hovercard" href="https://github.com/advisories/GHSA-r4pf-fm74-w9rw">CVE-2024-3850</a>] Uniview NVR301-04S2-P4 - Cross-Site Scripting (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/bleron/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/bleron">@bleron</a> Rrustemi, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/r3naissance/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/r3naissance">@r3naissance</a>) [medium]</li>
<li>[<a title="CVE-2023-46818" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-qfc7-gwmc-9vvr/hovercard" href="https://github.com/advisories/GHSA-qfc7-gwmc-9vvr">CVE-2023-46818</a>] ISPConfig - PHP Code Injection (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/non-things/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/non-things">@non-things</a>) [high]</li>
<li>[<a title="CVE-2023-40504" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-qw6m-c2fr-wrgr/hovercard" href="https://github.com/advisories/GHSA-qw6m-c2fr-wrgr">CVE-2023-40504</a>] LG Simple Editor <= v3.21.0 - Command Injection (@s4e-io) [critical]</li>
<li>[<a title="CVE-2023-34754" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-8p9v-gxh4-q762/hovercard" href="https://github.com/advisories/GHSA-8p9v-gxh4-q762">CVE-2023-34754</a>] Bloofox v0.5.2.1 - SQL Injection (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a>) [critical]</li>
<li>[<a title="CVE-2023-29506" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-jjm5-5v9v-7hx2/hovercard" href="https://github.com/advisories/GHSA-jjm5-5v9v-7hx2">CVE-2023-29506</a>] XWiki >= 13.10.8 - Cross-Site Scripting (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a>) [medium]</li>
<li>[<a title="CVE-2023-22893" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-583x-23h9-f5w7/hovercard" href="https://github.com/advisories/GHSA-583x-23h9-f5w7">CVE-2023-22893</a>] Strapi Versions <=4.5.6 - Authentication Bypass (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/iamnoooob/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/iamnoooob">@iamnoooob</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/rootxharsh/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/rootxharsh">@rootxharsh</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pdresearch/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pdresearch">@pdresearch</a>) [high]</li>
<li>[<a title="CVE-2023-3521" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-f2hf-p7mp-7x9v/hovercard" href="https://github.com/advisories/GHSA-f2hf-p7mp-7x9v">CVE-2023-3521</a>] FOSSBilling < 0.5.3 - Cross-Site Scripting (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ctflearner/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ctflearner">@ctflearner</a>) [medium]</li>
<li>[<a title="CVE-2023-2624" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-2xjf-f4mq-m3q5/hovercard" href="https://github.com/advisories/GHSA-2xjf-f4mq-m3q5">CVE-2023-2624</a>] KiviCare WordPress Plugin - Cross-Site Scripting (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a>) [medium]</li>
<li>[<a title="CVE-2020-28429" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-w83x-fp72-p9qc/hovercard" href="https://github.com/advisories/GHSA-w83x-fp72-p9qc">CVE-2020-28429</a>] geojson2kml - Command Injection (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/eeche/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/eeche">@eeche</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/chae1xx1os/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/chae1xx1os">@chae1xx1os</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/persona-twotwo/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/persona-twotwo">@persona-twotwo</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/soonghee2/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/soonghee2">@soonghee2</a>) [critical]</li>
<li>[cookie-consent-detection] Cookie Consent Detection (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/rxerium/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/rxerium">@rxerium</a>) [info]</li>
<li>[couchdb-default-login] CouchDB - Default Login (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/thefoggiest/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/thefoggiest">@thefoggiest</a>) [high]</li>
<li>[fuji-xerox-default-login] Fuji Xerox ApeosPort - Default Login (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/morgan/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/morgan">@morgan</a> Robertson) [high]</li>
<li>[ispconfig-hcp-default-login] ISPConfig Hosting Control Panel - Default Login (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a>) [high]</li>
<li>[jellyfin-default-login] Jellyfin Console - Default Login (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/thefoggiest/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/thefoggiest">@thefoggiest</a>) [high]</li>
<li>[rundeck-default-login] Rundeck - Default Login (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/karkis3c/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/karkis3c">@karkis3c</a>) [high]</li>
<li>[ivanti-traffic-manager-panel] Ivanti Traffic Manager Panel - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/rxerium/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/rxerium">@rxerium</a>) [info]</li>
<li>[kiali-panel] Kiali - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/righettod/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/righettod">@righettod</a>) [info]</li>
<li>[malwared-byob] Malwared (Build Your Own Botnet) - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pdteam/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pdteam">@pdteam</a>) [info]</li>
<li>[procore-panel] Procore Login - Panel (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/rxerium/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/rxerium">@rxerium</a>) [info]</li>
<li>[elgg-installer] Elgg - Installation (@s4e-io) [high]</li>
<li>[jackett-installer] Jackett - Installer (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a>) [high]</li>
<li>[jackett-unauth] Jackett UI - Unauthenticated (@ProjectDiscoveryAI) [high]</li>
<li>[lidarr-dashboard-unauth] Lidarr Dashboard - Unauthenticated (@ProjectDiscoveryAI) [medium]</li>
<li>[prowlarr-dashboard-unauth] Prowlarr Dashboard - Unauthenticated (@ProjectDiscoveryAI) [medium]</li>
<li>[radarr-dashboard-unauth] Radarr Dashboard - Unauthenticated (@ProjectDiscoveryAI) [medium]</li>
<li>[readarr-dashboard-unauth] Readarr Dashboard - Unauthenticated (@ProjectDiscoveryAI) [medium]</li>
<li>[sonarr-dashboard-unauth] Sonarr Dashboard - Unauthenticated (@ProjectDiscoveryAI) [medium]</li>
<li>[whisparr-dashboard-unauth] Whisparr Dashboard - Unauthenticated (@ProjectDiscoveryAI) [medium]</li>
<li>[akamai-bot-manager-detect] Akamai Bot Manager Protection - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/Fazle/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/Fazle">@Fazle</a> Arefin) [info]</li>
<li>[apache-streampipes-detect] Apache StreamPipes - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/alessandro/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/alessandro">@alessandro</a> Albani - DEVisions) [info]</li>
<li>[bigip-apm-detect] BIGIP APM - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/nodauf/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/nodauf">@nodauf</a>) [info]</li>
<li>[spip-detect] SPIP - Detect (@s4e-io) [info]</li>
<li>[malwared-byob-rce] Malwared BYOB - Unauthenticated Remote Code Execution (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pdteam/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pdteam">@pdteam</a>) [critical]</li>
<li>[mobsf-apktool-lfi] MobSF - Path Traversal (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/will/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/will">@will</a> Mccardell) [high]</li>
<li>[elgg-sqli] Elgg 5.1.4 - SQL Injection (@s4e-io) [high]</li>
<li>[prest-sqli-auth-bypass] pREST < 1.5.4 - SQLi Via Authentication Bypass (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/mihail8531/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/mihail8531">@mihail8531</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/iamnoooob/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/iamnoooob">@iamnoooob</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/rootxharsh/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/rootxharsh">@rootxharsh</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pdresearch/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pdresearch">@pdresearch</a>) [critical]</li>
<li>[readymade-unilevel-sqli] Readymade Unilevel Ecommerce MLM - SQL Injection (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/s4e-garage/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/s4e-garage">@s4e-garage</a>) [high]</li>
<li>[readymade-unilevel-xss] Readymade Unilevel Ecommerce MLM - Cross-Site Scripting (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/s4e-garage/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/s4e-garage">@s4e-garage</a>) [high]</li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/Parshva87/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/Parshva87">@Parshva87</a> made their first contribution in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2467075374" data-permission-text="Title is private" data-url="https://github.com/projectdiscovery/nuclei-templates/issues/10536" data-hovercard-type="pull_request" data-hovercard-url="/projectdiscovery/nuclei-templates/pull/10536/hovercard" href="https://github.com/projectdiscovery/nuclei-templates/pull/10536">#10536</a></li>
<li><a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/syntacticNaCl/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/syntacticNaCl">@syntacticNaCl</a> made their first contribution in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2469061437" data-permission-text="Title is private" data-url="https://github.com/projectdiscovery/nuclei-templates/issues/10553" data-hovercard-type="pull_request" data-hovercard-url="/projectdiscovery/nuclei-templates/pull/10553/hovercard" href="https://github.com/projectdiscovery/nuclei-templates/pull/10553">#10553</a></li>
<li><a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/fazlearefin/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/fazlearefin">@fazlearefin</a> made their first contribution in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2483423341" data-permission-text="Title is private" data-url="https://github.com/projectdiscovery/nuclei-templates/issues/10596" data-hovercard-type="pull_request" data-hovercard-url="/projectdiscovery/nuclei-templates/pull/10596/hovercard" href="https://github.com/projectdiscovery/nuclei-templates/pull/10596">#10596</a></li>
<li><a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/flyingllama87/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/flyingllama87">@flyingllama87</a> made their first contribution in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2484333892" data-permission-text="Title is private" data-url="https://github.com/projectdiscovery/nuclei-templates/issues/10600" data-hovercard-type="pull_request" data-hovercard-url="/projectdiscovery/nuclei-templates/pull/10600/hovercard" href="https://github.com/projectdiscovery/nuclei-templates/pull/10600">#10600</a></li>
<li><a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ingbunga/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ingbunga">@ingbunga</a> made their first contribution in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2439815299" data-permission-text="Title is private" data-url="https://github.com/projectdiscovery/nuclei-templates/issues/10427" data-hovercard-type="pull_request" data-hovercard-url="/projectdiscovery/nuclei-templates/pull/10427/hovercard" href="https://github.com/projectdiscovery/nuclei-templates/pull/10427">#10427</a></li>
<li><a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/thefoggiest/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/thefoggiest">@thefoggiest</a> made their first contribution in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2441506892" data-permission-text="Title is private" data-url="https://github.com/projectdiscovery/nuclei-templates/issues/10435" data-hovercard-type="pull_request" data-hovercard-url="/projectdiscovery/nuclei-templates/pull/10435/hovercard" href="https://github.com/projectdiscovery/nuclei-templates/pull/10435">#10435</a></li>
<li><a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/oIfloraIo/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/oIfloraIo">@oIfloraIo</a> made their first contribution in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2439905755" data-permission-text="Title is private" data-url="https://github.com/projectdiscovery/nuclei-templates/issues/10429" data-hovercard-type="pull_request" data-hovercard-url="/projectdiscovery/nuclei-templates/pull/10429/hovercard" href="https://github.com/projectdiscovery/nuclei-templates/pull/10429">#10429</a></li>
<li><a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/non-things/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/non-things">@non-things</a> made their first contribution in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2468369986" data-permission-text="Title is private" data-url="https://github.com/projectdiscovery/nuclei-templates/issues/10549" data-hovercard-type="pull_request" data-hovercard-url="/projectdiscovery/nuclei-templates/pull/10549/hovercard" href="https://github.com/projectdiscovery/nuclei-templates/pull/10549">#10549</a></li>
<li><a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/DEVisions/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/DEVisions">@DEVisions</a> made their first contribution in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2373313738" data-permission-text="Title is private" data-url="https://github.com/projectdiscovery/nuclei-templates/issues/10131" data-hovercard-type="pull_request" data-hovercard-url="/projectdiscovery/nuclei-templates/pull/10131/hovercard" href="https://github.com/projectdiscovery/nuclei-templates/pull/10131">#10131</a></li>
<li><a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/nil0x42/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/nil0x42">@nil0x42</a> made their first contribution in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2488820844" data-permission-text="Title is private" data-url="https://github.com/projectdiscovery/nuclei-templates/issues/10615" data-hovercard-type="pull_request" data-hovercard-url="/projectdiscovery/nuclei-templates/pull/10615/hovercard" href="https://github.com/projectdiscovery/nuclei-templates/pull/10615">#10615</a></li>
<li><a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/willmccardell/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/willmccardell">@willmccardell</a> made their first contribution in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2426358859" data-permission-text="Title is private" data-url="https://github.com/projectdiscovery/nuclei-templates/issues/10367" data-hovercard-type="pull_request" data-hovercard-url="/projectdiscovery/nuclei-templates/pull/10367/hovercard" href="https://github.com/projectdiscovery/nuclei-templates/pull/10367">#10367</a></li>
<li><a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/BrunoTeixeira1996/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/BrunoTeixeira1996">@BrunoTeixeira1996</a> made their first contribution in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2492506951" data-permission-text="Title is private" data-url="https://github.com/projectdiscovery/nuclei-templates/issues/10622" data-hovercard-type="pull_request" data-hovercard-url="/projectdiscovery/nuclei-templates/pull/10622/hovercard" href="https://github.com/projectdiscovery/nuclei-templates/pull/10622">#10622</a></li>
<li><a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/eeche/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/eeche">@eeche</a> made their first contribution in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2453782675" data-permission-text="Title is private" data-url="https://github.com/projectdiscovery/nuclei-templates/issues/10489" data-hovercard-type="pull_request" data-hovercard-url="/projectdiscovery/nuclei-templates/pull/10489/hovercard" href="https://github.com/projectdiscovery/nuclei-templates/pull/10489">#10489</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a class="commit-link" href="https://github.com/projectdiscovery/nuclei-templates/compare/v9.9.3...v9.9.4"><tt>v9.9.3...v9.9.4</tt></a></p>
princechaddha
tag:github.com,2008:Repository/253044228/v9.9.3
2024-08-16T22:05:05Z
v9.9.3
<h3>🔥 Release Highlights 🔥</h3>
<ul>
<li>[<a title="CVE-2024-41107" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-gmm6-5xx7-57r6/hovercard" href="https://github.com/advisories/GHSA-gmm6-5xx7-57r6">CVE-2024-41107</a>] Apache CloudStack - SAML Signature Exclusion (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/iamnoooob/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/iamnoooob">@iamnoooob</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/rootxharsh/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/rootxharsh">@rootxharsh</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pdresearch/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pdresearch">@pdresearch</a>) [critical] 🔥</li>
<li>[<a title="CVE-2024-40422" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-39m5-v8xj-6c9r/hovercard" href="https://github.com/advisories/GHSA-39m5-v8xj-6c9r">CVE-2024-40422</a>] Devika v1 - Path Traversal (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/s4e-garage/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/s4e-garage">@s4e-garage</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/alpernae/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/alpernae">@alpernae</a>) [critical] 🔥</li>
<li>[<a title="CVE-2024-39907" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-5grx-v727-qmq6/hovercard" href="https://github.com/advisories/GHSA-5grx-v727-qmq6">CVE-2024-39907</a>] 1Panel SQL Injection - Authenticated (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/iamnoooob/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/iamnoooob">@iamnoooob</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/rootxharsh/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/rootxharsh">@rootxharsh</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pdresearch/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pdresearch">@pdresearch</a>) [critical] 🔥</li>
<li>[<a title="CVE-2024-38856" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-gp2r-34c8-48xq/hovercard" href="https://github.com/advisories/GHSA-gp2r-34c8-48xq">CVE-2024-38856</a>] Apache OFBiz - Remote Code Execution (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/Co5mos/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/Co5mos">@Co5mos</a>) [critical] 🔥</li>
<li>[<a title="CVE-2024-36104" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-77m3-6865-xvqj/hovercard" href="https://github.com/advisories/GHSA-77m3-6865-xvqj">CVE-2024-36104</a>] Apache OFBiz - Path Traversal (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/Co5mos/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/Co5mos">@Co5mos</a>) [critical] 🔥</li>
<li>[<a title="CVE-2024-7339" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-vcqx-95xm-6xh4/hovercard" href="https://github.com/advisories/GHSA-vcqx-95xm-6xh4">CVE-2024-7339</a>] TVT DVR Sensitive Device - Information Disclosure (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/stuxctf/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/stuxctf">@stuxctf</a>) [medium] 🔥</li>
<li>[<a title="CVE-2024-6782" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-g8v6-86f6-jj9q/hovercard" href="https://github.com/advisories/GHSA-g8v6-86f6-jj9q">CVE-2024-6782</a>] Calibre <= 7.14.0 Remote Code Execution (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [critical] 🔥</li>
</ul>
<h3>What's Changed</h3>
<h4>New Templates Added: <code>56</code> | CVEs Added: <code>33</code> | First-time contributions: <code>4</code></h4>
<ul>
<li>[<a title="CVE-2024-41628" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-cm9f-fpj4-64q9/hovercard" href="https://github.com/advisories/GHSA-cm9f-fpj4-64q9">CVE-2024-41628</a>] Cluster Control CMON API - Directory Traversal (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/s4e-garage/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/s4e-garage">@s4e-garage</a>) [high]</li>
<li>[<a title="CVE-2024-41107" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-gmm6-5xx7-57r6/hovercard" href="https://github.com/advisories/GHSA-gmm6-5xx7-57r6">CVE-2024-41107</a>] Apache CloudStack - SAML Signature Exclusion (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/iamnoooob/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/iamnoooob">@iamnoooob</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/rootxharsh/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/rootxharsh">@rootxharsh</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pdresearch/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pdresearch">@pdresearch</a>) [critical] 🔥</li>
<li>[<a title="CVE-2024-40422" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-39m5-v8xj-6c9r/hovercard" href="https://github.com/advisories/GHSA-39m5-v8xj-6c9r">CVE-2024-40422</a>] Devika v1 - Path Traversal (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/s4e-garage/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/s4e-garage">@s4e-garage</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/alpernae/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/alpernae">@alpernae</a>) [critical] 🔥</li>
<li>[<a title="CVE-2024-39907" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-5grx-v727-qmq6/hovercard" href="https://github.com/advisories/GHSA-5grx-v727-qmq6">CVE-2024-39907</a>] 1Panel SQL Injection - Authenticated (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/iamnoooob/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/iamnoooob">@iamnoooob</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/rootxharsh/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/rootxharsh">@rootxharsh</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pdresearch/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pdresearch">@pdresearch</a>) [critical] 🔥</li>
<li>[<a title="CVE-2024-39903" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-9794-pc4r-438w/hovercard" href="https://github.com/advisories/GHSA-9794-pc4r-438w">CVE-2024-39903</a>] Solara <1.35.1 - Local File Inclusion (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/iamnoooob/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/iamnoooob">@iamnoooob</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/rootxharsh/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/rootxharsh">@rootxharsh</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pdresearch/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pdresearch">@pdresearch</a>) [high]</li>
<li>[<a title="CVE-2024-38856" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-gp2r-34c8-48xq/hovercard" href="https://github.com/advisories/GHSA-gp2r-34c8-48xq">CVE-2024-38856</a>] Apache OFBiz - Remote Code Execution (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/Co5mos/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/Co5mos">@Co5mos</a>) [critical] 🔥</li>
<li>[CVE-2024-38514] NextChat - Server-Side Request Forgery (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [high]</li>
<li>[CVE-2024-38288] TurboMeeting - Post-Authentication Command Injection (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/rootxharsh/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/rootxharsh">@rootxharsh</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/iamnoooob/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/iamnoooob">@iamnoooob</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pdresearch/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pdresearch">@pdresearch</a>) [high]</li>
<li>[<a title="CVE-2024-36104" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-77m3-6865-xvqj/hovercard" href="https://github.com/advisories/GHSA-77m3-6865-xvqj">CVE-2024-36104</a>] Apache OFBiz - Path Traversal (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/Co5mos/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/Co5mos">@Co5mos</a>) [critical] 🔥</li>
<li>[<a title="CVE-2024-34061" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-pwgc-w4x9-gw67/hovercard" href="https://github.com/advisories/GHSA-pwgc-w4x9-gw67">CVE-2024-34061</a>] Changedetection.io <=v0.45.21 - Cross-Site Scripting (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a>) [medium]</li>
<li>[CVE-2024-24763] JumpServer < 3.10.0 - Open Redirect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a>) [medium]</li>
<li>[<a title="CVE-2024-7340" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-r49h-6qxq-624f/hovercard" href="https://github.com/advisories/GHSA-r49h-6qxq-624f">CVE-2024-7340</a>] W&B Weave Server - Remote Arbitrary File Leak (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/iamnoooob/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/iamnoooob">@iamnoooob</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/rootxharsh/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/rootxharsh">@rootxharsh</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pdresearch/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pdresearch">@pdresearch</a>) [high]</li>
<li>[<a title="CVE-2024-7339" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-vcqx-95xm-6xh4/hovercard" href="https://github.com/advisories/GHSA-vcqx-95xm-6xh4">CVE-2024-7339</a>] TVT DVR Sensitive Device - Information Disclosure (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/stuxctf/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/stuxctf">@stuxctf</a>) [medium] 🔥</li>
<li>[<a title="CVE-2024-7332" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-2pxp-hm79-mvqx/hovercard" href="https://github.com/advisories/GHSA-2pxp-hm79-mvqx">CVE-2024-7332</a>] TOTOLINK CP450 v4.1.0cu.747_B20191224 - Hard-Coded Password Vulnerability (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/s4e-garage/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/s4e-garage">@s4e-garage</a>) [critical]</li>
<li>[<a title="CVE-2024-7188" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-v799-6j2c-ph3p/hovercard" href="https://github.com/advisories/GHSA-v799-6j2c-ph3p">CVE-2024-7188</a>] Bylancer Quicklancer 2.4 G - SQL Injection (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/s4e-garage/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/s4e-garage">@s4e-garage</a>) [high]</li>
<li>[<a title="CVE-2024-7120" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-9254-9wvc-gmqr/hovercard" href="https://github.com/advisories/GHSA-9254-9wvc-gmqr">CVE-2024-7120</a>] Raisecom MSG1200, MSG2100E, MSG2200 and MSG2300 3.90 - Command Injection (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [medium]</li>
<li>[<a title="CVE-2024-7008" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-5q8g-5hhx-x3c8/hovercard" href="https://github.com/advisories/GHSA-5q8g-5hhx-x3c8">CVE-2024-7008</a>] Calibre <= 7.15.0 - Reflected Cross-Site Scripting (XSS) (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [medium]</li>
<li>[<a title="CVE-2024-6922" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-wwxv-fvxx-vp4c/hovercard" href="https://github.com/advisories/GHSA-wwxv-fvxx-vp4c">CVE-2024-6922</a>] Automation Anywhere Automation 360 - Server-Side Request Forgery (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [high]</li>
<li>[<a title="CVE-2024-6782" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-g8v6-86f6-jj9q/hovercard" href="https://github.com/advisories/GHSA-g8v6-86f6-jj9q">CVE-2024-6782</a>] Calibre <= 7.14.0 Remote Code Execution (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [critical] 🔥</li>
<li>[<a title="CVE-2024-6781" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-p89v-3g23-m6q2/hovercard" href="https://github.com/advisories/GHSA-p89v-3g23-m6q2">CVE-2024-6781</a>] Calibre <= 7.14.0 Arbitrary File Read (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [high]</li>
<li>[<a title="CVE-2024-6396" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-w9pm-mp9p-gpgc/hovercard" href="https://github.com/advisories/GHSA-w9pm-mp9p-gpgc">CVE-2024-6396</a>] Aimhubio Aim Server 3.19.3 - Arbitrary File Overwrite (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/iamnoooob/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/iamnoooob">@iamnoooob</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/rootxharsh/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/rootxharsh">@rootxharsh</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pdresearch/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pdresearch">@pdresearch</a>) [critical]</li>
<li>[<a title="CVE-2024-6366" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-wrpc-6v65-cc7f/hovercard" href="https://github.com/advisories/GHSA-wrpc-6v65-cc7f">CVE-2024-6366</a>] User Profile Builder < 3.11.8 - File Upload (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/s4e-garage/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/s4e-garage">@s4e-garage</a>) [high]</li>
<li>[<a title="CVE-2024-6205" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-h8w3-xwp6-m9v8/hovercard" href="https://github.com/advisories/GHSA-h8w3-xwp6-m9v8">CVE-2024-6205</a>] PayPlus Payment Gateway < 6.6.9 - SQL Injection (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/s4e-garage/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/s4e-garage">@s4e-garage</a>) [critical]</li>
<li>[<a title="CVE-2024-5975" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-rp4m-cvm9-gmvp/hovercard" href="https://github.com/advisories/GHSA-rp4m-cvm9-gmvp">CVE-2024-5975</a>] CZ Loan Management <= 1.1 - SQL Injection (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/s4e-garage/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/s4e-garage">@s4e-garage</a>) [critical]</li>
<li>[<a title="CVE-2024-5936" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-gxxw-7m39-6fjm/hovercard" href="https://github.com/advisories/GHSA-gxxw-7m39-6fjm">CVE-2024-5936</a>] PrivateGPT < 0.5.0 - Open Redirect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ctflearner/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ctflearner">@ctflearner</a>) [medium]</li>
<li>[CVE-2023-44393] Piwigo - Cross-Site Scripting (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a>) [medium]</li>
<li>[<a title="CVE-2023-43323" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-6pgc-3w24-9rcw/hovercard" href="https://github.com/advisories/GHSA-6pgc-3w24-9rcw">CVE-2023-43323</a>] mooSocial 3.1.8 - External Service Interaction (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a>) [medium]</li>
<li>[<a title="CVE-2023-6444" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-qhfg-qx72-6jw4/hovercard" href="https://github.com/advisories/GHSA-qhfg-qx72-6jw4">CVE-2023-6444</a>] Seriously Simple Podcasting < 3.0.0 - Information Disclosure (@s4eio) [medium]</li>
<li>[<a title="CVE-2023-5863" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-j4vj-w5rj-8grw/hovercard" href="https://github.com/advisories/GHSA-j4vj-w5rj-8grw">CVE-2023-5863</a>] phpMyFAQ < 3.2.0 - Cross-site Scripting (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ctflearner/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ctflearner">@ctflearner</a>) [medium]</li>
<li>[<a title="CVE-2023-5222" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-cm4f-g738-hp2g/hovercard" href="https://github.com/advisories/GHSA-cm4f-g738-hp2g">CVE-2023-5222</a>] Viessmann Vitogate 300 - Hardcoded Password (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a>) [critical]</li>
<li>[<a title="CVE-2022-27043" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-mm3v-rh75-phcp/hovercard" href="https://github.com/advisories/GHSA-mm3v-rh75-phcp">CVE-2022-27043</a>] Yearning - Directory Traversal (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/Co5mos/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/Co5mos">@Co5mos</a>) [high]</li>
<li>[<a title="CVE-2022-3869" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-6rjv-xxgr-v57x/hovercard" href="https://github.com/advisories/GHSA-6rjv-xxgr-v57x">CVE-2022-3869</a>] Froxlor < 0.10.38.2. - HTML Injection (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ctflearner/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ctflearner">@ctflearner</a>) [medium]</li>
<li>[<a title="CVE-2004-2687" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-88vv-hvrc-733q/hovercard" href="https://github.com/advisories/GHSA-88vv-hvrc-733q">CVE-2004-2687</a>] Distccd v1 - Remote Code Execution (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [high]</li>
<li>[cloudstack-default-login] Apache CloudStack - Default Login (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [high]</li>
<li>[airos-panel] AirOS Panel - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/rxerium/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/rxerium">@rxerium</a>) [info]</li>
<li>[fossbilling-panel] FOSSBilling Panel - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a>) [info]</li>
<li>[metube-detect] MeTube Instance Detected (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/rxerium/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/rxerium">@rxerium</a>) [info]</li>
<li>[openedge-panel] OpenEdge Login Panel - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/rxerium/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/rxerium">@rxerium</a>) [info]</li>
<li>[photoprism-panel] PhotoPrism Panel - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/rxerium/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/rxerium">@rxerium</a>) [info]</li>
<li>[privategpt-detect] PrivateGPT - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a>) [info]</li>
<li>[whatsup-gold-panel] Whatsup Gold Login Panel - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/rxerium/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/rxerium">@rxerium</a>) [info]</li>
<li>[gitlab-ci-yml] GitLab CI YAML - Exposure (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [medium]</li>
<li>[changedetection-unauth] Changedetection.io Dashboard - Exposure (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a>) [medium]</li>
<li>[deployment-interface-exposed] Deployment Management Interface - Exposed (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [medium]</li>
<li>[fossbilling-installer] FOSSBilling - Installation (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a>) [high]</li>
<li>[quickcms-installer] QuickCMS Installation Wizard (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [high]</li>
<li>[manage-cabinet-register] Manage Cabinet Register - Exposed (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/noel/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/noel">@noel</a>) [low]</li>
<li>[substack] substack.com User Name Information - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/cheesymoon/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/cheesymoon">@cheesymoon</a>) [info]</li>
<li>[apache-ofbiz-detect] Apache OFBiz - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/rxerium/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/rxerium">@rxerium</a>) [info]</li>
<li>[apache-shenyu-detect] Apache Shenyu Gateway Management System - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/icarot/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/icarot">@icarot</a>) [info]</li>
<li>[searxng-detect] SearXNG - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/rxerium/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/rxerium">@rxerium</a>) [info]</li>
<li>[esafenet-netsecconfigajax-sqli] Esafenet CDG NetSecConfigAjax - Sql Injection (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/adeljck/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/adeljck">@adeljck</a>) [high]</li>
<li>[esafenet-noticeajax-sqli] Esafenet CDG NoticeAjax - Sql Injection (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/adeljck/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/adeljck">@adeljck</a>) [high]</li>
<li>[landray-oa-replaceextend-rce] Landray OA replaceExtend Function - Remote Code Execution (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/adeljck/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/adeljck">@adeljck</a>) [critical]</li>
<li>[x11-unauth-access] x11 - Unauthenticated Access (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [high]</li>
<li>[db2-discover] Broadcast DB2 Discover (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [info]</li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/lanyi1998/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/lanyi1998">@lanyi1998</a> made their first contribution in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2434003823" data-permission-text="Title is private" data-url="https://github.com/projectdiscovery/nuclei-templates/issues/10402" data-hovercard-type="pull_request" data-hovercard-url="/projectdiscovery/nuclei-templates/pull/10402/hovercard" href="https://github.com/projectdiscovery/nuclei-templates/pull/10402">#10402</a></li>
<li><a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/eltociear/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/eltociear">@eltociear</a> made their first contribution in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2433503342" data-permission-text="Title is private" data-url="https://github.com/projectdiscovery/nuclei-templates/issues/10401" data-hovercard-type="pull_request" data-hovercard-url="/projectdiscovery/nuclei-templates/pull/10401/hovercard" href="https://github.com/projectdiscovery/nuclei-templates/pull/10401">#10401</a></li>
<li><a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/NoelV11/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/NoelV11">@NoelV11</a> made their first contribution in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2429754981" data-permission-text="Title is private" data-url="https://github.com/projectdiscovery/nuclei-templates/issues/10387" data-hovercard-type="pull_request" data-hovercard-url="/projectdiscovery/nuclei-templates/pull/10387/hovercard" href="https://github.com/projectdiscovery/nuclei-templates/pull/10387">#10387</a></li>
<li><a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/gelim/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/gelim">@gelim</a> made their first contribution in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2438053967" data-permission-text="Title is private" data-url="https://github.com/projectdiscovery/nuclei-templates/issues/10420" data-hovercard-type="pull_request" data-hovercard-url="/projectdiscovery/nuclei-templates/pull/10420/hovercard" href="https://github.com/projectdiscovery/nuclei-templates/pull/10420">#10420</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a class="commit-link" href="https://github.com/projectdiscovery/nuclei-templates/compare/v9.9.2...v9.9.3"><tt>v9.9.2...v9.9.3</tt></a></p>
princechaddha
tag:github.com,2008:Repository/253044228/v9.9.2
2024-07-26T07:41:53Z
v9.9.2
<h3>🔥 Release Highlights 🔥</h3>
<ul>
<li>[<a title="CVE-2024-40348" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-v64x-66h7-9cfg/hovercard" href="https://github.com/advisories/GHSA-v64x-66h7-9cfg">CVE-2024-40348</a>] Bazarr < 1.4.3 - Arbitrary File Read (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/s4e-garage/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/s4e-garage">@s4e-garage</a>) [high] 🔥</li>
<li>[<a title="CVE-2024-38526" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-5vgj-ggm4-fg62/hovercard" href="https://github.com/advisories/GHSA-5vgj-ggm4-fg62">CVE-2024-38526</a>] Polyfill Supply Chain Attack Malicious Code Execution (@abut0n) [high] 🔥</li>
<li>[<a title="CVE-2024-34351" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-fr5h-rqp8-mj6g/hovercard" href="https://github.com/advisories/GHSA-fr5h-rqp8-mj6g">CVE-2024-34351</a>] Next.js - Server Side Request Forgery (SSRF) (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/righettod/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/righettod">@righettod</a>) [high] 🔥</li>
<li>[<a title="CVE-2024-5217" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-5xx6-pf4v-cpf2/hovercard" href="https://github.com/advisories/GHSA-5xx6-pf4v-cpf2">CVE-2024-5217</a>] ServiceNow - Incomplete Input Validation (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a>) [critical] 🔥</li>
<li>[<a title="CVE-2024-4879" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-355h-wpr8-m2qx/hovercard" href="https://github.com/advisories/GHSA-355h-wpr8-m2qx">CVE-2024-4879</a>] ServiceNow UI Macros - Template Injection (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a>) [unknown] 🔥</li>
<li>[CVE-2023-43662] ShokoServer System - Local File Inclusion (LFI) (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [high] 🔥</li>
<li>[<a title="CVE-2023-4220" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-9wc2-3gq5-2f4c/hovercard" href="https://github.com/advisories/GHSA-9wc2-3gq5-2f4c">CVE-2023-4220</a>] Chamilo LMS <= 1.11.24 - Remote Code Execution (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/s4e-garage/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/s4e-garage">@s4e-garage</a>) [medium] 🔥</li>
<li>[<a title="CVE-2022-34267" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-84m5-wq3j-47c4/hovercard" href="https://github.com/advisories/GHSA-84m5-wq3j-47c4">CVE-2022-34267</a>] RWS WorldServer - Auth Bypass (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pdresearch/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pdresearch">@pdresearch</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/iamnoooob/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/iamnoooob">@iamnoooob</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/rootxharsh/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/rootxharsh">@rootxharsh</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/parthmalhotra/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/parthmalhotra">@parthmalhotra</a>) [critical] 🔥</li>
</ul>
<h3>What's Changed</h3>
<p>Bug Fixes</p>
<ul>
<li>Corrected issue with mismatched redirects (Issue <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2372515481" data-permission-text="Title is private" data-url="https://github.com/projectdiscovery/nuclei-templates/issues/10125" data-hovercard-type="issue" data-hovercard-url="/projectdiscovery/nuclei-templates/issues/10125/hovercard" href="https://github.com/projectdiscovery/nuclei-templates/issues/10125">#10125</a>).</li>
<li>Resolved invalid template error for <a title="CVE-2024-36991" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-fg59-j242-rcj9/hovercard" href="https://github.com/advisories/GHSA-fg59-j242-rcj9">CVE-2024-36991</a> (Issue <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2422840752" data-permission-text="Title is private" data-url="https://github.com/projectdiscovery/nuclei-templates/issues/10352" data-hovercard-type="issue" data-hovercard-url="/projectdiscovery/nuclei-templates/issues/10352/hovercard" href="https://github.com/projectdiscovery/nuclei-templates/issues/10352">#10352</a>).</li>
</ul>
<p>False Negatives</p>
<ul>
<li>Improved detection in the SVN configuration leak template, reducing underreporting (Issue <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2421543243" data-permission-text="Title is private" data-url="https://github.com/projectdiscovery/nuclei-templates/issues/10344" data-hovercard-type="issue" data-hovercard-url="/projectdiscovery/nuclei-templates/issues/10344/hovercard" href="https://github.com/projectdiscovery/nuclei-templates/issues/10344">#10344</a>).</li>
<li>Addressed false negatives in the following:</li>
<li>Exposed SVN configuration (PR <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2425002948" data-permission-text="Title is private" data-url="https://github.com/projectdiscovery/nuclei-templates/issues/10362" data-hovercard-type="pull_request" data-hovercard-url="/projectdiscovery/nuclei-templates/pull/10362/hovercard" href="https://github.com/projectdiscovery/nuclei-templates/pull/10362">#10362</a>)</li>
<li><a title="CVE-2019-7139" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-4j6w-9rf8-hg7r/hovercard" href="https://github.com/advisories/GHSA-4j6w-9rf8-hg7r">CVE-2019-7139</a> template (PR <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2418255677" data-permission-text="Title is private" data-url="https://github.com/projectdiscovery/nuclei-templates/issues/10339" data-hovercard-type="pull_request" data-hovercard-url="/projectdiscovery/nuclei-templates/pull/10339/hovercard" href="https://github.com/projectdiscovery/nuclei-templates/pull/10339">#10339</a>)</li>
</ul>
<p>False Positives</p>
<ul>
<li>Reduced false positives and improved accuracy in the following templates:</li>
<li>IdeMia biometrics default login (Issues <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2372522451" data-permission-text="Title is private" data-url="https://github.com/projectdiscovery/nuclei-templates/issues/10126" data-hovercard-type="issue" data-hovercard-url="/projectdiscovery/nuclei-templates/issues/10126/hovercard" href="https://github.com/projectdiscovery/nuclei-templates/issues/10126">#10126</a>, <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2405969094" data-permission-text="Title is private" data-url="https://github.com/projectdiscovery/nuclei-templates/issues/10277" data-hovercard-type="pull_request" data-hovercard-url="/projectdiscovery/nuclei-templates/pull/10277/hovercard" href="https://github.com/projectdiscovery/nuclei-templates/pull/10277">#10277</a>)</li>
<li>jan-file-upload (PR <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2424583465" data-permission-text="Title is private" data-url="https://github.com/projectdiscovery/nuclei-templates/issues/10361" data-hovercard-type="pull_request" data-hovercard-url="/projectdiscovery/nuclei-templates/pull/10361/hovercard" href="https://github.com/projectdiscovery/nuclei-templates/pull/10361">#10361</a>)</li>
<li>Apache XSS (PR <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2418516412" data-permission-text="Title is private" data-url="https://github.com/projectdiscovery/nuclei-templates/issues/10342" data-hovercard-type="pull_request" data-hovercard-url="/projectdiscovery/nuclei-templates/pull/10342/hovercard" href="https://github.com/projectdiscovery/nuclei-templates/pull/10342">#10342</a>)</li>
<li>Beanstalk service (PR <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2416603261" data-permission-text="Title is private" data-url="https://github.com/projectdiscovery/nuclei-templates/issues/10334" data-hovercard-type="pull_request" data-hovercard-url="/projectdiscovery/nuclei-templates/pull/10334/hovercard" href="https://github.com/projectdiscovery/nuclei-templates/pull/10334">#10334</a>, duplicated issue)</li>
<li>DS-Store file discovery (PR <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2406036482" data-permission-text="Title is private" data-url="https://github.com/projectdiscovery/nuclei-templates/issues/10278" data-hovercard-type="pull_request" data-hovercard-url="/projectdiscovery/nuclei-templates/pull/10278/hovercard" href="https://github.com/projectdiscovery/nuclei-templates/pull/10278">#10278</a>)</li>
<li>GOIP default login (PR <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2405930454" data-permission-text="Title is private" data-url="https://github.com/projectdiscovery/nuclei-templates/issues/10276" data-hovercard-type="pull_request" data-hovercard-url="/projectdiscovery/nuclei-templates/pull/10276/hovercard" href="https://github.com/projectdiscovery/nuclei-templates/pull/10276">#10276</a>)</li>
</ul>
<p>Enhancements</p>
<ul>
<li>Enhanced detection capabilities in dom-xss.yaml (PR <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2424577827" data-permission-text="Title is private" data-url="https://github.com/projectdiscovery/nuclei-templates/issues/10360" data-hovercard-type="pull_request" data-hovercard-url="/projectdiscovery/nuclei-templates/pull/10360/hovercard" href="https://github.com/projectdiscovery/nuclei-templates/pull/10360">#10360</a>).</li>
<li>Improved accuracy in generic-xxe.yaml (PR <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2424538311" data-permission-text="Title is private" data-url="https://github.com/projectdiscovery/nuclei-templates/issues/10359" data-hovercard-type="pull_request" data-hovercard-url="/projectdiscovery/nuclei-templates/pull/10359/hovercard" href="https://github.com/projectdiscovery/nuclei-templates/pull/10359">#10359</a>).</li>
</ul>
<h4>New Templates Added: <code>67</code> | CVEs Added: <code>32</code> | First-time contributions: <code>7</code></h4>
<ul>
<li>[<a title="CVE-2024-40348" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-v64x-66h7-9cfg/hovercard" href="https://github.com/advisories/GHSA-v64x-66h7-9cfg">CVE-2024-40348</a>] Bazarr < 1.4.3 - Arbitrary File Read (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/s4e-garage/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/s4e-garage">@s4e-garage</a>) [high] 🔥</li>
<li>[CVE-2024-39914] FOG Project < 1.5.10.34 - Remote Command Execution (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/s4e-garage/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/s4e-garage">@s4e-garage</a>) [critical]</li>
<li>[<a title="CVE-2024-39250" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-3w9x-7c3c-4gxq/hovercard" href="https://github.com/advisories/GHSA-3w9x-7c3c-4gxq">CVE-2024-39250</a>] EfroTech Timetrax v8.3 - Sql Injection (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/s4e-garage/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/s4e-garage">@s4e-garage</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/efran/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/efran">@efran</a>) [high]</li>
<li>[<a title="CVE-2024-38526" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-5vgj-ggm4-fg62/hovercard" href="https://github.com/advisories/GHSA-5vgj-ggm4-fg62">CVE-2024-38526</a>] Polyfill Supply Chain Attack Malicious Code Execution (@abut0n) [high] 🔥</li>
<li>[CVE-2024-38289] TurboMeeting - Boolean-based SQL Injection (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/rootxharsh/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/rootxharsh">@rootxharsh</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/iamnoooob/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/iamnoooob">@iamnoooob</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pdresearch/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pdresearch">@pdresearch</a>) [critical]</li>
<li>[<a title="CVE-2024-37843" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-hq4f-mv3q-8wcv/hovercard" href="https://github.com/advisories/GHSA-hq4f-mv3q-8wcv">CVE-2024-37843</a>] Craft CMS <=v3.7.31 - SQL Injection (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/iamnoooob/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/iamnoooob">@iamnoooob</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/rootxharsh/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/rootxharsh">@rootxharsh</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pdresearch/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pdresearch">@pdresearch</a>) [critical]</li>
<li>[<a title="CVE-2024-34351" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-fr5h-rqp8-mj6g/hovercard" href="https://github.com/advisories/GHSA-fr5h-rqp8-mj6g">CVE-2024-34351</a>] Next.js - Server Side Request Forgery (SSRF) (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/righettod/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/righettod">@righettod</a>) [high] 🔥</li>
<li>[<a title="CVE-2024-34257" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-vvf7-q7rc-3m2m/hovercard" href="https://github.com/advisories/GHSA-vvf7-q7rc-3m2m">CVE-2024-34257</a>] TOTOLINK EX1800T TOTOLINK EX1800T - Command Injection (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [high]</li>
<li>[<a title="CVE-2024-32238" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-w4fx-77wp-mx4j/hovercard" href="https://github.com/advisories/GHSA-w4fx-77wp-mx4j">CVE-2024-32238</a>] H3C ER8300G2-X - Password Disclosure (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/s4e-garage/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/s4e-garage">@s4e-garage</a>) [critical]</li>
<li>[<a title="CVE-2024-6746" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-97m9-vjwc-7vr3/hovercard" href="https://github.com/advisories/GHSA-97m9-vjwc-7vr3">CVE-2024-6746</a>] EasySpider 0.6.2 - Arbitrary File Read (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/s4e-garage/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/s4e-garage">@s4e-garage</a>) [medium]</li>
<li>[<a title="CVE-2024-6646" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-632x-gwj4-c7gf/hovercard" href="https://github.com/advisories/GHSA-632x-gwj4-c7gf">CVE-2024-6646</a>] Netgear-WN604 downloadFile.php - Information Disclosure (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [medium]</li>
<li>[CVE-2024-6587] LiteLLM - Server-Side Request Forgery (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pdresearch/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pdresearch">@pdresearch</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/iamnoooob/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/iamnoooob">@iamnoooob</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/rootxharsh/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/rootxharsh">@rootxharsh</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/lambdasawa/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/lambdasawa">@lambdasawa</a>) [high]</li>
<li>[<a title="CVE-2024-6289" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-87fp-vpx2-6v83/hovercard" href="https://github.com/advisories/GHSA-87fp-vpx2-6v83">CVE-2024-6289</a>] WPS Hide Login < 1.9.16.4 - Hidden Login Page Disclosure (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/s4e-garage/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/s4e-garage">@s4e-garage</a>) [medium]</li>
<li>[<a title="CVE-2024-5315" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-q8x7-jc3h-p8xc/hovercard" href="https://github.com/advisories/GHSA-q8x7-jc3h-p8xc">CVE-2024-5315</a>] Dolibarr ERP CMS <code>list.php</code> - SQL Injection (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/rootxharsh/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/rootxharsh">@rootxharsh</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/iamnoooob/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/iamnoooob">@iamnoooob</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pdresearch/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pdresearch">@pdresearch</a>) [critical]</li>
<li>[<a title="CVE-2024-5217" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-5xx6-pf4v-cpf2/hovercard" href="https://github.com/advisories/GHSA-5xx6-pf4v-cpf2">CVE-2024-5217</a>] ServiceNow - Incomplete Input Validation (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a>) [critical] 🔥</li>
<li>[<a title="CVE-2024-4885" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-qcj6-wq2r-c3xh/hovercard" href="https://github.com/advisories/GHSA-qcj6-wq2r-c3xh">CVE-2024-4885</a>] Progress Software WhatsUp Gold GetFileWithoutZip Directory Traversal - RCE (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/sinsinology/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/sinsinology">@sinsinology</a>,<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/iamnoooob/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/iamnoooob">@iamnoooob</a>,<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/rootxharsh/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/rootxharsh">@rootxharsh</a>,<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pdresearch/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pdresearch">@pdresearch</a>) [critical] 🔥</li>
<li>[<a title="CVE-2024-4879" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-355h-wpr8-m2qx/hovercard" href="https://github.com/advisories/GHSA-355h-wpr8-m2qx">CVE-2024-4879</a>] ServiceNow UI Macros - Template Injection (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a>) [unknown] 🔥</li>
<li>[<a title="CVE-2024-4295" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-m47j-h8wj-cg29/hovercard" href="https://github.com/advisories/GHSA-m47j-h8wj-cg29">CVE-2024-4295</a>] Email Subscribers by Icegram Express <= 5.7.20 - Unauthenticated SQL Injection via Hash (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/iamnoooob/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/iamnoooob">@iamnoooob</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/rootxharsh/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/rootxharsh">@rootxharsh</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pdresearch/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pdresearch">@pdresearch</a>) [critical]</li>
<li>[<a title="CVE-2024-4257" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-25vr-5957-xv46/hovercard" href="https://github.com/advisories/GHSA-25vr-5957-xv46">CVE-2024-4257</a>] BlueNet Technology Clinical Browsing System 1.2.1 - Sql Injection (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/s4e-garage/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/s4e-garage">@s4e-garage</a>) [medium]</li>
<li>[<a title="CVE-2024-3742" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-q9cj-qf3m-4wrv/hovercard" href="https://github.com/advisories/GHSA-q9cj-qf3m-4wrv">CVE-2024-3742</a>] Electrolink FM/DAB/TV Transmitter (controlloLogin.js) - Credentials Disclosure (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/Farish/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/Farish">@Farish</a>) [high]</li>
<li>[<a title="CVE-2024-2330" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-4wf2-8qpc-j8cv/hovercard" href="https://github.com/advisories/GHSA-4wf2-8qpc-j8cv">CVE-2024-2330</a>] NS-ASG Application Security Gateway 6.3 - Sql Injection (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/s4e-garage/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/s4e-garage">@s4e-garage</a>) [medium]</li>
<li>[<a title="CVE-2024-1512" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-ggw9-q2xm-2xhm/hovercard" href="https://github.com/advisories/GHSA-ggw9-q2xm-2xhm">CVE-2024-1512</a>] MasterStudy LMS WordPress Plugin <= 3.2.5 - SQL Injection (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/s4e-garage/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/s4e-garage">@s4e-garage</a>) [critical]</li>
<li>[<a title="CVE-2023-48728" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-wv3w-qq6q-g9j3/hovercard" href="https://github.com/advisories/GHSA-wv3w-qq6q-g9j3">CVE-2023-48728</a>] WWBN AVideo 11.6 - Cross-Site Scripting (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a>) [medium]</li>
<li>[<a title="CVE-2023-44012" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-pwh7-gpmp-jq64/hovercard" href="https://github.com/advisories/GHSA-pwh7-gpmp-jq64">CVE-2023-44012</a>] mojoPortal v.2.7.0.0 - Cross-Site Scripting (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a>) [medium]</li>
<li>[CVE-2023-43662] ShokoServer System - Local File Inclusion (LFI) (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [high] 🔥</li>
<li>[<a title="CVE-2023-29204" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-xwph-x6xj-wggv/hovercard" href="https://github.com/advisories/GHSA-xwph-x6xj-wggv">CVE-2023-29204</a>] XWiki - Open Redirect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a>) [medium]</li>
<li>[<a title="CVE-2023-4450" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-j8h5-8rrr-m6j9/hovercard" href="https://github.com/advisories/GHSA-j8h5-8rrr-m6j9">CVE-2023-4450</a>] JeecgBoot JimuReport - Template injection (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/sumanth/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/sumanth">@sumanth</a> Vankineni) [critical]</li>
<li>[<a title="CVE-2023-4220" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-9wc2-3gq5-2f4c/hovercard" href="https://github.com/advisories/GHSA-9wc2-3gq5-2f4c">CVE-2023-4220</a>] Chamilo LMS <= 1.11.24 - Remote Code Execution (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/s4e-garage/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/s4e-garage">@s4e-garage</a>) [medium] 🔥</li>
<li>[<a title="CVE-2023-2309" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-f9rf-7669-xvj8/hovercard" href="https://github.com/advisories/GHSA-f9rf-7669-xvj8">CVE-2023-2309</a>] wpForo Forum <= 2.1.8 - Cross-Site Scripting (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/s4e-garage/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/s4e-garage">@s4e-garage</a>) [medium]</li>
<li>[<a title="CVE-2022-45269" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-v4v6-4j9w-2v9j/hovercard" href="https://github.com/advisories/GHSA-v4v6-4j9w-2v9j">CVE-2022-45269</a>] Linx Sphere - Directory Traversal (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/robotshell/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/robotshell">@robotshell</a>) [high]</li>
<li>[<a title="CVE-2022-38322" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-22m6-3h9c-gw7v/hovercard" href="https://github.com/advisories/GHSA-22m6-3h9c-gw7v">CVE-2022-38322</a>] Temenos Transact - Cross-Site Scripting (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/Qotoz/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/Qotoz">@Qotoz</a>) [high]</li>
<li>[<a title="CVE-2022-34267" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-84m5-wq3j-47c4/hovercard" href="https://github.com/advisories/GHSA-84m5-wq3j-47c4">CVE-2022-34267</a>] RWS WorldServer - Auth Bypass (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pdresearch/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pdresearch">@pdresearch</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/iamnoooob/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/iamnoooob">@iamnoooob</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/rootxharsh/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/rootxharsh">@rootxharsh</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/parthmalhotra/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/parthmalhotra">@parthmalhotra</a>) [critical] 🔥</li>
<li>[CNVD-2023-72138] LiveGBS user/save - Logical Flaw (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [high]</li>
<li>[deluge-default-login] Deluge - Default Login (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a>) [high]</li>
<li>[gitblit-default-login] Gitblit - Default Login (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a>) [high]</li>
<li>[netflow-default-login] Netflow Analyzer - Default Login (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [high]</li>
<li>[adguard-panel] AdGuard Panel - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a>) [info]</li>
<li>[falcosidekick-panel] Falcosidekick UI Login Panel - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/righettod/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/righettod">@righettod</a>) [info]</li>
<li>[freshrss-panel] Freshrss Panel - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a>) [info]</li>
<li>[gradle-develocity-panel] Gradle Develocity Build Cache Node Login Panel - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/righettod/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/righettod">@righettod</a>) [info]</li>
<li>[hal-management-panel] HAL Management Console Panel (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [info]</li>
<li>[netflow-analyzer-panel] Netflow Analyzer Login - Panel (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [info]</li>
<li>[tomcat-exposed] Tomcat Exposed - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/Podalirius/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/Podalirius">@Podalirius</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/righettod/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/righettod">@righettod</a>) [info]</li>
<li>[apache-ozone-conf] Apache Ozone - Exposure (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/icarot/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/icarot">@icarot</a>) [info]</li>
<li>[snoop-servlet] Snoop Servlet - Information Disclosure (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/omranisecurity/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/omranisecurity">@omranisecurity</a>) [low]</li>
<li>[adcs-certificate] Certification Authority Web Enrollment (ADCS) - Detection (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/Pastaga/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/Pastaga">@Pastaga</a>, <a class="user-mention notranslate" data-hovercard-type="organization" data-hovercard-url="/orgs/DefTe/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/DefTe">@DefTe</a>) [info]</li>
<li>[freshrss-unauth] Freshrss Admin Dashboard - Exposed (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a>) [high]</li>
<li>[adguard-installer] AdGuard - Installation (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a>) [high]</li>
<li>[freshrss-installer] FreshRSS - Installation (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a>) [high]</li>
<li>[mongod-exposure] MongoD Server - Exposure (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [low]</li>
<li>[servicenow-title-injection] Service Now - Title Injection (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [high]</li>
<li>[sftpgo-admin-setup] SFTPGo Admin - Setup (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a>) [high]</li>
<li>[ssrpm-arbitrary-password-reset] SSRPM - Arbitary Password Reset on Default Client Interface Installation (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/vince-isec/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/vince-isec">@vince-isec</a>) [high]</li>
<li>[apache-gravitino-detect] Apache Gravitino - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/icarot/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/icarot">@icarot</a>) [info]</li>
<li>[apache-ozone-detect] Apache Ozone - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/icarot/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/icarot">@icarot</a>) [info]</li>
<li>[wordpress-fluent-smtp] FluentSMTP – WP SMTP Plugin with Amazon SES, SendGrid, MailGun, Postmark, Google and Any SMTP Provider Detection (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ricardomaia/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ricardomaia">@ricardomaia</a>) [info]</li>
<li>[wordpress-wp-crontrol] WP Crontrol Detection (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ricardomaia/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ricardomaia">@ricardomaia</a>) [info]</li>
<li>[hikvision-isecure-info-leak] HIKVISION iSecure Center - Information Leak (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/adeljck/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/adeljck">@adeljck</a>) [high]</li>
<li>[nextjs-middleware-cache] Next.js - Cache Poisoning (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [high]</li>
<li>[nextjs-rsc-cache] Next.js - Cache Poisoning (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [high]</li>
<li>[jan-file-upload] Jan - Arbitrary File Upload (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [high]</li>
<li>[lvs-download-lfi] LVS DownLoad.aspx - Local File Inclusion (LFI) (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [high]</li>
<li>[ncast-lfi] Ncast HD Intelligent Recording - Arbitrary File Reading (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [high]</li>
<li>[wifisky7-rce] WIFISKY-7 Layer Flow Control Router - Remote Code Execution (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [high]</li>
<li>[7777botnet-detect] 7777-Botnet - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/johnk3r/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/johnk3r">@johnk3r</a>) [info]</li>
<li>[thinkphp6-arbitrary-write] ThinkPHP 6.0.0~6.0.1 - Arbitrary File Write (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/arliya/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/arliya">@arliya</a>) [critical]</li>
<li>[nacos-workflow] Nacos Security Checks (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/Co5mos/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/Co5mos">@Co5mos</a>)</li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/kimtruth/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/kimtruth">@kimtruth</a> made their first contribution in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2402988833" data-permission-text="Title is private" data-url="https://github.com/projectdiscovery/nuclei-templates/issues/10260" data-hovercard-type="pull_request" data-hovercard-url="/projectdiscovery/nuclei-templates/pull/10260/hovercard" href="https://github.com/projectdiscovery/nuclei-templates/pull/10260">#10260</a></li>
<li><a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/omranisecurity/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/omranisecurity">@omranisecurity</a> made their first contribution in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2387982046" data-permission-text="Title is private" data-url="https://github.com/projectdiscovery/nuclei-templates/issues/10178" data-hovercard-type="pull_request" data-hovercard-url="/projectdiscovery/nuclei-templates/pull/10178/hovercard" href="https://github.com/projectdiscovery/nuclei-templates/pull/10178">#10178</a></li>
<li><a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/divatchyano/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/divatchyano">@divatchyano</a> made their first contribution in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2405818491" data-permission-text="Title is private" data-url="https://github.com/projectdiscovery/nuclei-templates/issues/10275" data-hovercard-type="pull_request" data-hovercard-url="/projectdiscovery/nuclei-templates/pull/10275/hovercard" href="https://github.com/projectdiscovery/nuclei-templates/pull/10275">#10275</a></li>
<li><a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/Sumanthsec/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/Sumanthsec">@Sumanthsec</a> made their first contribution in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2406574855" data-permission-text="Title is private" data-url="https://github.com/projectdiscovery/nuclei-templates/issues/10280" data-hovercard-type="pull_request" data-hovercard-url="/projectdiscovery/nuclei-templates/pull/10280/hovercard" href="https://github.com/projectdiscovery/nuclei-templates/pull/10280">#10280</a></li>
<li><a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/allendemoura/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/allendemoura">@allendemoura</a> made their first contribution in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2406483653" data-permission-text="Title is private" data-url="https://github.com/projectdiscovery/nuclei-templates/issues/10279" data-hovercard-type="pull_request" data-hovercard-url="/projectdiscovery/nuclei-templates/pull/10279/hovercard" href="https://github.com/projectdiscovery/nuclei-templates/pull/10279">#10279</a></li>
<li><a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/Matsue/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/Matsue">@Matsue</a> made their first contribution in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2383198490" data-permission-text="Title is private" data-url="https://github.com/projectdiscovery/nuclei-templates/issues/10165" data-hovercard-type="pull_request" data-hovercard-url="/projectdiscovery/nuclei-templates/pull/10165/hovercard" href="https://github.com/projectdiscovery/nuclei-templates/pull/10165">#10165</a></li>
<li><a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/adeljck/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/adeljck">@adeljck</a> made their first contribution in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2426552185" data-permission-text="Title is private" data-url="https://github.com/projectdiscovery/nuclei-templates/issues/10370" data-hovercard-type="pull_request" data-hovercard-url="/projectdiscovery/nuclei-templates/pull/10370/hovercard" href="https://github.com/projectdiscovery/nuclei-templates/pull/10370">#10370</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a class="commit-link" href="https://github.com/projectdiscovery/nuclei-templates/compare/v9.9.1...v9.9.2"><tt>v9.9.1...v9.9.2</tt></a></p>
princechaddha
tag:github.com,2008:Repository/253044228/v9.9.1
2024-07-10T13:33:12Z
v9.9.1
<h3>🔥 Release Highlights 🔥</h3>
<ul>
<li>[<a title="CVE-2024-37032" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-8hqg-whrw-pv92/hovercard" href="https://github.com/advisories/GHSA-8hqg-whrw-pv92">CVE-2024-37032</a>] Ollama - Remote Code Execution (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/kaks3c/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/kaks3c">@kaks3c</a>) [critical] 🔥</li>
<li>[<a title="CVE-2024-36991" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-fg59-j242-rcj9/hovercard" href="https://github.com/advisories/GHSA-fg59-j242-rcj9">CVE-2024-36991</a>] Splunk Enterprise - Local File Inclusion (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [high] 🔥</li>
<li>[<a title="CVE-2024-36401" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-6jj6-gm7p-fcvv/hovercard" href="https://github.com/advisories/GHSA-6jj6-gm7p-fcvv">CVE-2024-36401</a>] GeoServer RCE in Evaluating Property Name Expressions (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [critical] 🔥</li>
<li>[<a title="CVE-2024-34102" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-m8cj-3v68-3cxj/hovercard" href="https://github.com/advisories/GHSA-m8cj-3v68-3cxj">CVE-2024-34102</a>] Adobe Commerce & Magento - CosmicSting (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [critical] 🔥</li>
<li>[<a title="CVE-2024-33113" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-vf5w-x6g7-5c7q/hovercard" href="https://github.com/advisories/GHSA-vf5w-x6g7-5c7q">CVE-2024-33113</a>] D-LINK DIR-845L bsc_sms_inbox.php file - Information Disclosure (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [medium] 🔥</li>
<li>[<a title="CVE-2024-29972" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-9c67-m3v4-35rv/hovercard" href="https://github.com/advisories/GHSA-9c67-m3v4-35rv">CVE-2024-29972</a>] Zyxel NAS326 Firmware < V5.21(AAZF.17)C0 - NsaRescueAngel Backdoor Account (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/gy741/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/gy741">@gy741</a>) [critical] 🔥</li>
<li>[<a title="CVE-2024-6028" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-8fcc-fcfx-x9gq/hovercard" href="https://github.com/advisories/GHSA-8fcc-fcfx-x9gq">CVE-2024-6028</a>] Quiz Maker <= 6.5.8.3 - SQL Injection (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/s4e-garage/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/s4e-garage">@s4e-garage</a>) [critical] 🔥</li>
<li>[CVE-2023-52251] Kafka UI 0.7.1 Command Injection (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/yhy0/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/yhy0">@yhy0</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/iamnoooob/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/iamnoooob">@iamnoooob</a>) [high] 🔥</li>
<li>[<a title="CVE-2020-10189" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-cx3q-6fpx-362x/hovercard" href="https://github.com/advisories/GHSA-cx3q-6fpx-362x">CVE-2020-10189</a>] ManageEngine Desktop Central Java Deserialization (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/king-alexander/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/king-alexander">@king-alexander</a>) [critical] 🔥</li>
</ul>
<h3>What's Changed</h3>
<h4>New Templates Added: <code>75</code> | CVEs Added: <code>29</code> | First-time contributions: <code>5</code></h4>
<ul>
<li>[<a title="CVE-2024-37881" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-jcmc-rcp5-r722/hovercard" href="https://github.com/advisories/GHSA-jcmc-rcp5-r722">CVE-2024-37881</a>] SiteGuard WP Plugin <= 1.7.6 - Login Page Disclosure (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/s4e-garage/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/s4e-garage">@s4e-garage</a>) [medium]</li>
<li>[<a title="CVE-2024-37152" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-87p9-x75h-p4j2/hovercard" href="https://github.com/advisories/GHSA-87p9-x75h-p4j2">CVE-2024-37152</a>] Argo CD Unauthenticated Access to sensitive setting (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [medium]</li>
<li>[<a title="CVE-2024-37032" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-8hqg-whrw-pv92/hovercard" href="https://github.com/advisories/GHSA-8hqg-whrw-pv92">CVE-2024-37032</a>] Ollama - Remote Code Execution (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/kaks3c/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/kaks3c">@kaks3c</a>) [critical] 🔥</li>
<li>[<a title="CVE-2024-36991" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-fg59-j242-rcj9/hovercard" href="https://github.com/advisories/GHSA-fg59-j242-rcj9">CVE-2024-36991</a>] Splunk Enterprise - Local File Inclusion (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [high] 🔥</li>
<li>[<a title="CVE-2024-36401" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-6jj6-gm7p-fcvv/hovercard" href="https://github.com/advisories/GHSA-6jj6-gm7p-fcvv">CVE-2024-36401</a>] GeoServer RCE in Evaluating Property Name Expressions (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [critical] 🔥</li>
<li>[<a title="CVE-2024-34102" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-m8cj-3v68-3cxj/hovercard" href="https://github.com/advisories/GHSA-m8cj-3v68-3cxj">CVE-2024-34102</a>] Adobe Commerce & Magento - CosmicSting (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [critical] 🔥</li>
<li>[CVE-2024-33610] Sharp Multifunction Printers - Cookie Exposure (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/gy741/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/gy741">@gy741</a>) [medium]</li>
<li>[CVE-2024-33605] Sharp Multifunction Printers - Directory Listing (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/gy741/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/gy741">@gy741</a>) [high]</li>
<li>[<a title="CVE-2024-33113" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-vf5w-x6g7-5c7q/hovercard" href="https://github.com/advisories/GHSA-vf5w-x6g7-5c7q">CVE-2024-33113</a>] D-LINK DIR-845L bsc_sms_inbox.php file - Information Disclosure (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [medium] 🔥</li>
<li>[<a title="CVE-2024-32709" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-x927-6m9w-2r98/hovercard" href="https://github.com/advisories/GHSA-x927-6m9w-2r98">CVE-2024-32709</a>] WP-Recall <= 16.26.5 - SQL Injection (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/s4e-garage/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/s4e-garage">@s4e-garage</a>) [critical]</li>
<li>[<a title="CVE-2024-29972" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-9c67-m3v4-35rv/hovercard" href="https://github.com/advisories/GHSA-9c67-m3v4-35rv">CVE-2024-29972</a>] Zyxel NAS326 Firmware < V5.21(AAZF.17)C0 - NsaRescueAngel Backdoor Account (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/gy741/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/gy741">@gy741</a>) [critical] 🔥</li>
<li>[<a title="CVE-2024-27292" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-jq57-3w7p-vwvv/hovercard" href="https://github.com/advisories/GHSA-jq57-3w7p-vwvv">CVE-2024-27292</a>] Docassemble - Local File Inclusion (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/johnk3r/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/johnk3r">@johnk3r</a>) [high]</li>
<li>[<a title="CVE-2024-25852" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-p5q9-4vg3-6x89/hovercard" href="https://github.com/advisories/GHSA-p5q9-4vg3-6x89">CVE-2024-25852</a>] Linksys RE7000 - Command Injection (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/s4e-garage/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/s4e-garage">@s4e-garage</a>) [high]</li>
<li>[<a title="CVE-2024-6188" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-c4p5-rq8v-r8c2/hovercard" href="https://github.com/advisories/GHSA-c4p5-rq8v-r8c2">CVE-2024-6188</a>] TrakSYS 11.x.x - Sensitive Data Exposure (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/s4e-garage/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/s4e-garage">@s4e-garage</a>) [medium]</li>
<li>[<a title="CVE-2024-6028" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-8fcc-fcfx-x9gq/hovercard" href="https://github.com/advisories/GHSA-8fcc-fcfx-x9gq">CVE-2024-6028</a>] Quiz Maker <= 6.5.8.3 - SQL Injection (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/s4e-garage/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/s4e-garage">@s4e-garage</a>) [critical] 🔥</li>
<li>[<a title="CVE-2024-5947" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-gxv6-85rj-hm78/hovercard" href="https://github.com/advisories/GHSA-gxv6-85rj-hm78">CVE-2024-5947</a>] Deep Sea Electronics DSE855 - Authentication Bypass (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/s4e-garage/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/s4e-garage">@s4e-garage</a>) [medium]</li>
<li>[<a title="CVE-2024-5522" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-3vf3-j8cr-x4g6/hovercard" href="https://github.com/advisories/GHSA-3vf3-j8cr-x4g6">CVE-2024-5522</a>] WordPress HTML5 Video Player < 2.5.27 - SQL Injection (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/JohnDoeAnonITA/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/JohnDoeAnonITA">@JohnDoeAnonITA</a>) [critical]</li>
<li>[<a title="CVE-2024-5084" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-rgr9-6xwp-v98f/hovercard" href="https://github.com/advisories/GHSA-rgr9-6xwp-v98f">CVE-2024-5084</a>] Hash Form <= 1.1.0 - Arbitrary File Upload (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/s4e-garage/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/s4e-garage">@s4e-garage</a>) [critical]</li>
<li>[<a title="CVE-2024-4836" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-w2w9-635q-99v6/hovercard" href="https://github.com/advisories/GHSA-w2w9-635q-99v6">CVE-2024-4836</a>] Edito CMS - Sensitive Data Leak (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/s4e-garage/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/s4e-garage">@s4e-garage</a>) [high]</li>
<li>[<a title="CVE-2024-4434" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-4h95-2x33-pw42/hovercard" href="https://github.com/advisories/GHSA-4h95-2x33-pw42">CVE-2024-4434</a>] LearnPress WordPress LMS Plugin <= 4.2.6.5 - SQL Injection (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/s4e-garage/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/s4e-garage">@s4e-garage</a>) [critical]</li>
<li>[CVE-2023-52251] Kafka UI 0.7.1 Command Injection (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/yhy0/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/yhy0">@yhy0</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/iamnoooob/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/iamnoooob">@iamnoooob</a>) [high] 🔥</li>
<li>[<a title="CVE-2023-47117" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-6hjj-gq77-j4qw/hovercard" href="https://github.com/advisories/GHSA-6hjj-gq77-j4qw">CVE-2023-47117</a>] Label Studio - Sensitive Information Exposure (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/iamnoooob/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/iamnoooob">@iamnoooob</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/rootxharsh/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/rootxharsh">@rootxharsh</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pdresearch/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pdresearch">@pdresearch</a>) [high]</li>
<li>[<a title="CVE-2023-41599" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-g57g-8xw6-gwrx/hovercard" href="https://github.com/advisories/GHSA-g57g-8xw6-gwrx">CVE-2023-41599</a>] JFinalCMS v5.0.0 - Directory Traversal (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [medium]</li>
<li>[<a title="CVE-2023-35161" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-4xm7-5q79-3fch/hovercard" href="https://github.com/advisories/GHSA-4xm7-5q79-3fch">CVE-2023-35161</a>] XWiki >= 6.2-milestone-1 - Cross-Site Scripting (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a>) [medium]</li>
<li>[<a title="CVE-2023-35160" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-r8xc-xxh3-q5x3/hovercard" href="https://github.com/advisories/GHSA-r8xc-xxh3-q5x3">CVE-2023-35160</a>] XWiki >= 2.5-milestone-2 - Cross-Site Scripting (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a>) [medium]</li>
<li>[<a title="CVE-2023-35159" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-x234-mg7q-m8g8/hovercard" href="https://github.com/advisories/GHSA-x234-mg7q-m8g8">CVE-2023-35159</a>] XWiki >= 3.4-milestone-1 - Cross-Site Scripting (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a>) [medium]</li>
<li>[<a title="CVE-2023-35156" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-834c-x29c-f42c/hovercard" href="https://github.com/advisories/GHSA-834c-x29c-f42c">CVE-2023-35156</a>] XWiki >= 6.0-rc-1 - Cross-Site Scripting (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a>) [medium]</li>
<li>[<a title="CVE-2023-3380" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-qgjc-gjpm-c9qr/hovercard" href="https://github.com/advisories/GHSA-qgjc-gjpm-c9qr">CVE-2023-3380</a>] WAVLINK WN579X3 - Remote Command Execution (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [critical]</li>
<li>[<a title="CVE-2020-10189" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-cx3q-6fpx-362x/hovercard" href="https://github.com/advisories/GHSA-cx3q-6fpx-362x">CVE-2020-10189</a>] ManageEngine Desktop Central Java Deserialization (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/king-alexander/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/king-alexander">@king-alexander</a>) [critical] 🔥</li>
<li>[CNVD-2023-03903] EduSoho < v22.4.7 - Local File Inclusion (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/s4e-garage/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/s4e-garage">@s4e-garage</a>) [high]</li>
<li>[CNVD-2021-64035] Leadsec VPN - Arbitrary File Read (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/xiaoWangSec/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/xiaoWangSec">@xiaoWangSec</a>) [high]</li>
<li>[spring4shell-<a title="CVE-2022-22965" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-36p3-wjmg-h94x/hovercard" href="https://github.com/advisories/GHSA-36p3-wjmg-h94x">CVE-2022-22965</a>] Spring Framework RCE via Data Binding on JDK 9+ (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a>) [critical] 🔥</li>
<li>[csv-injection] CSV Injection Detection (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a>) [medium]</li>
<li>[xinclude-injection] XInclude Injection - Detection (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a>) [high]</li>
<li>[apache-apollo-default-login] Apache Apollo - Default Login (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a>) [high]</li>
<li>[caprover-default-login] Caprover - Default Login (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a>) [high]</li>
<li>[dialogic-xms-default-login] Dialogic XMS Admin Console - Default Login (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a>) [high]</li>
<li>[jeedom-default-login] Jeedom - Default Login (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a>) [high]</li>
<li>[ruijie-nbr-default-login] Ruijie NBR Series Routers - Default Login (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [high]</li>
<li>[apache-apollo-panel] Apache Apollo Panel - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a>) [info]</li>
<li>[dialogic-xms-console] Dialogic XMS Admin Console - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a>) [info]</li>
<li>[endpoint-protector-panel] Endpoint Protector Login Panel - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [info]</li>
<li>[label-studio-panel] Label Studio - Login Panel (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [info]</li>
<li>[sql-server-dump] SQL Server - Dump Files (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/userdehghani/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/userdehghani">@userdehghani</a>) [medium]</li>
<li>[apache-pinot-config] Apache Pinot - Exposure (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/icarot/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/icarot">@icarot</a>) [medium]</li>
<li>[filestash-admin-config] Filestash Admin Password Configuration (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [high]</li>
<li>[neo4j-neodash-config] Neo4j Neodash Config - Exposure (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/icarot/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/icarot">@icarot</a>) [medium]</li>
<li>[jwk-json-leak] JSON Web Key File - Exposure (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/mohsen/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/mohsen">@mohsen</a> Yaghoubi) [low]</li>
<li>[coolify-register-account] Coolify Register User Account - Enabled (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [medium]</li>
<li>[forgejo-repo-exposure] Forgejo Repositories - Exposure (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [medium]</li>
<li>[kodbox-installer] Kodbox Installation Page - Exposure (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [high]</li>
<li>[piwigo-installer] Piwigo Installation Page - Exposure (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [high]</li>
<li>[poste-io-installer] Poste.io - Installer (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [high]</li>
<li>[subrion-installer] Subrion CMS Web Installer - Exposure (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a>) [high]</li>
<li>[label-studio-signup] Label Studio - Sign-up Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [unknown]</li>
<li>[laragon-phpinfo] Laragon - phpinfo Disclosure (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [low]</li>
<li>[seq-dashboard-unauth] Seq Dashboard - Unauthenticated (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [high]</li>
<li>[apache-cloudstack-detect] Apache CloudStack - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [info]</li>
<li>[apache-pinot-detect] Apache Pinot - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/icarot/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/icarot">@icarot</a>) [info]</li>
<li>[neo4j-neodash-detect] Neo4j Neodash - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/icarot/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/icarot">@icarot</a>) [info]</li>
<li>[wordpress-chaty] Floating Chat Widget' Contact Chat Icons, Telegram Chat, Line Messenger, WeChat, Email, SMS, Call Button – Chaty Detection (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ricardomaia/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ricardomaia">@ricardomaia</a>) [info]</li>
<li>[polyfill-backdoor] Polyfill.io - Detection (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/kazet/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/kazet">@kazet</a>) [low]</li>
<li>[hjsoft-hcm-lfi] Hongjing HCM - Local File Inclusion (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/s4e-garage/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/s4e-garage">@s4e-garage</a>) [high]</li>
<li>[hjsoft-hcm-sqli] Hongjing HCM - Sql Injection (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/s4e-garage/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/s4e-garage">@s4e-garage</a>) [high]</li>
<li>[hjsoft-hcm-tb-sqli] Hongjing HCM - Time-Based Sql Injection (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/s4e-garage/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/s4e-garage">@s4e-garage</a>) [high]</li>
<li>[jinhe-oa-c6-upload-lfi] Jinhe OA_C6_UploadFileDownLoadnew - Arbitrary File Read (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [high]</li>
<li>[next-js-cache-poisoning] Next.js Cache Poisoning (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/Ice3man543/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/Ice3man543">@Ice3man543</a>) [high]</li>
<li>[azon-dominator-sqli] Azon Dominator - SQL Injection (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/s4e-garage/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/s4e-garage">@s4e-garage</a>) [high]</li>
<li>[bagisto-csti] Bagisto 2.1.2 Client-Side Template Injection (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/s4e-garage/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/s4e-garage">@s4e-garage</a>) [medium]</li>
<li>[crocus-lfi] Crocus system Service.do - Arbitrary File Read (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [high]</li>
<li>[enjoyrmis-sqli] EnjoyRMIS - SQL Injection (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/s4e-garage/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/s4e-garage">@s4e-garage</a>) [high]</li>
<li>[h3c-cnsss-arbitrary-file-upload] H3C CNSSS - Arbitrary File Upload (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/s4e-garage/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/s4e-garage">@s4e-garage</a>) [critical]</li>
<li>[pingsheng-electronic-sqli] Pingsheng Electronic Reservoir Supervision Platform - Sql Injection (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/s4e-garage/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/s4e-garage">@s4e-garage</a>) [high]</li>
<li>[sharp-printers-lfi] Sharp Multifunction Printers - Local File Inclusion (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/gy741/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/gy741">@gy741</a>) [high]</li>
<li>[ldap-metadata] LDAP Metadata - Enumeration (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [info]</li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/yhy0/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/yhy0">@yhy0</a> made their first contribution in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2185789382" data-permission-text="Title is private" data-url="https://github.com/projectdiscovery/nuclei-templates/issues/9345" data-hovercard-type="pull_request" data-hovercard-url="/projectdiscovery/nuclei-templates/pull/9345/hovercard" href="https://github.com/projectdiscovery/nuclei-templates/pull/9345">#9345</a></li>
<li><a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/JohnDoeAnonITA/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/JohnDoeAnonITA">@JohnDoeAnonITA</a> made their first contribution in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2375253296" data-permission-text="Title is private" data-url="https://github.com/projectdiscovery/nuclei-templates/issues/10137" data-hovercard-type="pull_request" data-hovercard-url="/projectdiscovery/nuclei-templates/pull/10137/hovercard" href="https://github.com/projectdiscovery/nuclei-templates/pull/10137">#10137</a></li>
<li><a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/zeroc00I/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/zeroc00I">@zeroc00I</a> made their first contribution in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2384822258" data-permission-text="Title is private" data-url="https://github.com/projectdiscovery/nuclei-templates/issues/10171" data-hovercard-type="pull_request" data-hovercard-url="/projectdiscovery/nuclei-templates/pull/10171/hovercard" href="https://github.com/projectdiscovery/nuclei-templates/pull/10171">#10171</a></li>
<li><a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/IPv4v6/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/IPv4v6">@IPv4v6</a> made their first contribution in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2391865986" data-permission-text="Title is private" data-url="https://github.com/projectdiscovery/nuclei-templates/issues/10212" data-hovercard-type="pull_request" data-hovercard-url="/projectdiscovery/nuclei-templates/pull/10212/hovercard" href="https://github.com/projectdiscovery/nuclei-templates/pull/10212">#10212</a></li>
<li><a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/BitThr3at/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/BitThr3at">@BitThr3at</a> made their first contribution in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2395495686" data-permission-text="Title is private" data-url="https://github.com/projectdiscovery/nuclei-templates/issues/10224" data-hovercard-type="pull_request" data-hovercard-url="/projectdiscovery/nuclei-templates/pull/10224/hovercard" href="https://github.com/projectdiscovery/nuclei-templates/pull/10224">#10224</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a class="commit-link" href="https://github.com/projectdiscovery/nuclei-templates/compare/v9.9.0...v9.9.1"><tt>v9.9.0...v9.9.1</tt></a></p>
princechaddha
tag:github.com,2008:Repository/253044228/v9.9.0
2024-06-28T06:51:12Z
v9.9.0 - Kubernetes Cluster Security 🎉
<h3>🔥 Release Highlights 🔥</h3>
<p>We are expanding the Nuclei Templates to include a specialized set of security checks dedicated to Kubernetes environments. This initiative will cover various Kubernetes components such as Pods, Deployments, StatefulSets, Services, and Network Policies. The new templates will focus on common misconfigurations, compliance issues, and adherence to industry best practices, utilizing the enhanced capabilities like flow, code & javascript protocol.</p>
<p>The addition of these Kubernetes-specific templates will enable security teams to perform in-depth security assessments of Kubernetes clusters, identifying critical misconfigurations and vulnerabilities. Additionally, this update will support customizable checks that align with unique operational needs, helping teams efficiently detect and address security gaps in their Kubernetes setups.</p>
<p>We invite contributors and reviewers to offer their insights and suggestions to refine and advance the development of these Kubernetes security templates. You can read more about it in this <a href="https://blog.projectdiscovery.io/kubernetes/" rel="nofollow">blog post</a>.</p>
<h4>Other Highlights</h4>
<ul>
<li>[<a title="CVE-2024-32113" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-38cv-ch3v-j5cw/hovercard" href="https://github.com/advisories/GHSA-38cv-ch3v-j5cw">CVE-2024-32113</a>] Apache OFBiz Directory Traversal - Remote Code Execution (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [high] 🔥</li>
<li>[<a title="CVE-2024-31982" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-2858-8cfx-69m9/hovercard" href="https://github.com/advisories/GHSA-2858-8cfx-69m9">CVE-2024-31982</a>] XWiki < 4.10.20 - Remote code execution (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a>) [critical] 🔥</li>
<li>[<a title="CVE-2024-29973" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-2w49-w2vv-p84h/hovercard" href="https://github.com/advisories/GHSA-2w49-w2vv-p84h">CVE-2024-29973</a>] Zyxel NAS326 Firmware < V5.21(AAZF.17)C0 - Command Injection (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a>) [critical] 🔥</li>
<li>[CVE-2024-29895] Cacti cmd_realtime.php - Command Injection (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [critical] 🔥</li>
<li>[<a title="CVE-2024-29824" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-qr27-wgh8-6hcg/hovercard" href="https://github.com/advisories/GHSA-qr27-wgh8-6hcg">CVE-2024-29824</a>] Ivanti EPM - Remote Code Execution (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [critical] 🔥</li>
<li>[<a title="CVE-2024-28995" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-gr87-q8xh-gq3c/hovercard" href="https://github.com/advisories/GHSA-gr87-q8xh-gq3c">CVE-2024-28995</a>] SolarWinds Serv-U - Directory Traversal (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [high] 🔥</li>
<li>[<a title="CVE-2024-23692" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-cw5c-xm7f-wx63/hovercard" href="https://github.com/advisories/GHSA-cw5c-xm7f-wx63">CVE-2024-23692</a>] Rejetto HTTP File Server - Template injection (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/johnk3r/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/johnk3r">@johnk3r</a>) [critical] 🔥</li>
<li>[<a title="CVE-2023-51449" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-6qm2-wpxq-7qh2/hovercard" href="https://github.com/advisories/GHSA-6qm2-wpxq-7qh2">CVE-2023-51449</a>] Gradio Hugging Face - Local File Inclusion (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/nvn1729/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/nvn1729">@nvn1729</a>) [high] 🔥</li>
<li>[<a title="CVE-2023-50719" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-p6cp-6r35-32mh/hovercard" href="https://github.com/advisories/GHSA-p6cp-6r35-32mh">CVE-2023-50719</a>] XWiki < 4.10.15 - Sensitive Information Disclosure (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a>) [high] 🔥</li>
<li>[<a title="CVE-2023-43472" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-wqxf-447m-6f5f/hovercard" href="https://github.com/advisories/GHSA-wqxf-447m-6f5f">CVE-2023-43472</a>] MLFlow < 2.8.1 - Sensitive Information Disclosure (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a>) [high] 🔥</li>
</ul>
<h3>What's Changed</h3>
<h4>New Templates Added: <code>164</code> | CVEs Added: <code>41</code> | First-time contributions: <code>4</code></h4>
<ul>
<li>[<a title="CVE-2024-37393" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-m2cr-jxg8-pr4v/hovercard" href="https://github.com/advisories/GHSA-m2cr-jxg8-pr4v">CVE-2024-37393</a>] SecurEnvoy Two Factor Authentication - LDAP Injection (s4e-garage) [critical]</li>
<li>[<a title="CVE-2024-36837" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-294q-5vvf-xj65/hovercard" href="https://github.com/advisories/GHSA-294q-5vvf-xj65">CVE-2024-36837</a>] CRMEB v.5.2.2 - SQL Injection (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [high]</li>
<li>[<a title="CVE-2024-36527" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-9q42-j26w-29g5/hovercard" href="https://github.com/advisories/GHSA-9q42-j26w-29g5">CVE-2024-36527</a>] Puppeteer Renderer - Directory Traversal (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/Stux/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/Stux">@Stux</a>) [medium]</li>
<li>[CVE-2024-36412] SuiteCRM - SQL Injection (s4e-garage) [critical]</li>
<li>[<a title="CVE-2024-34982" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-c4mm-9h9f-6xf6/hovercard" href="https://github.com/advisories/GHSA-c4mm-9h9f-6xf6">CVE-2024-34982</a>] LyLme-Spage - Arbitary File Upload (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [high]</li>
<li>[<a title="CVE-2024-32113" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-38cv-ch3v-j5cw/hovercard" href="https://github.com/advisories/GHSA-38cv-ch3v-j5cw">CVE-2024-32113</a>] Apache OFBiz Directory Traversal - Remote Code Execution (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [high] 🔥</li>
<li>[<a title="CVE-2024-31982" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-2858-8cfx-69m9/hovercard" href="https://github.com/advisories/GHSA-2858-8cfx-69m9">CVE-2024-31982</a>] XWiki < 4.10.20 - Remote code execution (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a>) [critical] 🔥</li>
<li>[<a title="CVE-2024-31750" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-x8vw-8mw4-42v9/hovercard" href="https://github.com/advisories/GHSA-x8vw-8mw4-42v9">CVE-2024-31750</a>] F-logic DataCube3 - SQL Injection (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [high]</li>
<li>[<a title="CVE-2024-29973" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-2w49-w2vv-p84h/hovercard" href="https://github.com/advisories/GHSA-2w49-w2vv-p84h">CVE-2024-29973</a>] Zyxel NAS326 Firmware < V5.21(AAZF.17)C0 - Command Injection (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a>) [critical] 🔥</li>
<li>[CVE-2024-29895] Cacti cmd_realtime.php - Command Injection (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [critical] 🔥</li>
<li>[<a title="CVE-2024-29824" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-qr27-wgh8-6hcg/hovercard" href="https://github.com/advisories/GHSA-qr27-wgh8-6hcg">CVE-2024-29824</a>] Ivanti EPM - Remote Code Execution (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [critical] 🔥</li>
<li>[<a title="CVE-2024-28995" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-gr87-q8xh-gq3c/hovercard" href="https://github.com/advisories/GHSA-gr87-q8xh-gq3c">CVE-2024-28995</a>] SolarWinds Serv-U - Directory Traversal (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [high] 🔥</li>
<li>[<a title="CVE-2024-27718" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-j4wq-m2h7-q8qx/hovercard" href="https://github.com/advisories/GHSA-j4wq-m2h7-q8qx">CVE-2024-27718</a>] Smart s200 Management Platform v.S200 - SQL Injection (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [high]</li>
<li>[<a title="CVE-2024-24565" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-475g-vj6c-xf96/hovercard" href="https://github.com/advisories/GHSA-475g-vj6c-xf96">CVE-2024-24565</a>] CrateDB Database - Arbitrary File Read (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [medium]</li>
<li>[<a title="CVE-2024-24112" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-qv88-9x4p-qm78/hovercard" href="https://github.com/advisories/GHSA-qv88-9x4p-qm78">CVE-2024-24112</a>] Exrick XMall - SQL Injection (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [critical]</li>
<li>[<a title="CVE-2024-23692" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-cw5c-xm7f-wx63/hovercard" href="https://github.com/advisories/GHSA-cw5c-xm7f-wx63">CVE-2024-23692</a>] Rejetto HTTP File Server - Template injection (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/johnk3r/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/johnk3r">@johnk3r</a>) [critical] 🔥</li>
<li>[<a title="CVE-2024-21650" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-rj7p-xjv7-7229/hovercard" href="https://github.com/advisories/GHSA-rj7p-xjv7-7229">CVE-2024-21650</a>] XWiki < 4.10.20 - Remote code execution (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a>) [critical]</li>
<li>[<a title="CVE-2024-4443" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-j37f-whq4-vg6v/hovercard" href="https://github.com/advisories/GHSA-j37f-whq4-vg6v">CVE-2024-4443</a>] Business Directory Plugin <= 6.4.2 - SQL Injection (s4e-garage) [critical]</li>
<li>[<a title="CVE-2024-3922" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-xprj-wrvh-8ppj/hovercard" href="https://github.com/advisories/GHSA-xprj-wrvh-8ppj">CVE-2024-3922</a>] Dokan Pro <= 3.10.3 - SQL Injection (s4e-garage) [critical]</li>
<li>[<a title="CVE-2024-3552" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-jwg5-qqgr-9462/hovercard" href="https://github.com/advisories/GHSA-jwg5-qqgr-9462">CVE-2024-3552</a>] Web Directory Free < 1.7.0 - SQL Injection (s4e-garage) [critical]</li>
<li>[<a title="CVE-2024-3274" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-gfv4-5h96-2r6f/hovercard" href="https://github.com/advisories/GHSA-gfv4-5h96-2r6f">CVE-2024-3274</a>] D-LINK DNS-320L,DNS-320LW and DNS-327L - Information Disclosure (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [medium]</li>
<li>[<a title="CVE-2024-2621" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-82p8-25ww-x6g6/hovercard" href="https://github.com/advisories/GHSA-82p8-25ww-x6g6">CVE-2024-2621</a>] Fujian Kelixin Communication - Command Injection (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [medium]</li>
<li>[<a title="CVE-2024-1728" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-3f95-mxq2-2f63/hovercard" href="https://github.com/advisories/GHSA-3f95-mxq2-2f63">CVE-2024-1728</a>] Gradio > 4.19.1 UploadButton - Path Traversal (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/isacaya/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/isacaya">@isacaya</a>) [high]</li>
<li>[<a title="CVE-2024-0939" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-pxvc-5jrx-h52p/hovercard" href="https://github.com/advisories/GHSA-pxvc-5jrx-h52p">CVE-2024-0939</a>] Smart S210 Management Platform - Arbitary File Upload (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [critical]</li>
<li>[<a title="CVE-2024-0250" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-2h8g-h9q5-4vvx/hovercard" href="https://github.com/advisories/GHSA-2h8g-h9q5-4vvx">CVE-2024-0250</a>] Analytics Insights for Google Analytics 4 < 6.3 - Open Redirect (s4e-garage) [medium]</li>
<li>[<a title="CVE-2023-51449" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-6qm2-wpxq-7qh2/hovercard" href="https://github.com/advisories/GHSA-6qm2-wpxq-7qh2">CVE-2023-51449</a>] Gradio Hugging Face - Local File Inclusion (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/nvn1729/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/nvn1729">@nvn1729</a>) [high] 🔥</li>
<li>[<a title="CVE-2023-50720" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-2grh-gr37-2283/hovercard" href="https://github.com/advisories/GHSA-2grh-gr37-2283">CVE-2023-50720</a>] XWiki < 4.10.15 - Email Disclosure (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a>) [medium]</li>
<li>[<a title="CVE-2023-50719" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-p6cp-6r35-32mh/hovercard" href="https://github.com/advisories/GHSA-p6cp-6r35-32mh">CVE-2023-50719</a>] XWiki < 4.10.15 - Sensitive Information Disclosure (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a>) [high] 🔥</li>
<li>[<a title="CVE-2023-48241" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-7fqr-97j7-jgf4/hovercard" href="https://github.com/advisories/GHSA-7fqr-97j7-jgf4">CVE-2023-48241</a>] XWiki < 4.10.15 - Information Disclosure (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a>) [high]</li>
<li>[<a title="CVE-2023-46732" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-j9rc-w3wv-fv62/hovercard" href="https://github.com/advisories/GHSA-j9rc-w3wv-fv62">CVE-2023-46732</a>] XWiki < 14.10.14 - Cross-Site Scripting (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a>) [medium]</li>
<li>[<a title="CVE-2023-45136" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-qcj9-gcpg-4w2w/hovercard" href="https://github.com/advisories/GHSA-qcj9-gcpg-4w2w">CVE-2023-45136</a>] XWiki < 14.10.14 - Cross-Site Scripting (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a>) [medium]</li>
<li>[<a title="CVE-2023-43472" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-wqxf-447m-6f5f/hovercard" href="https://github.com/advisories/GHSA-wqxf-447m-6f5f">CVE-2023-43472</a>] MLFlow < 2.8.1 - Sensitive Information Disclosure (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a>) [high] 🔥</li>
<li>[<a title="CVE-2023-38194" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-wwfp-p79h-2x5v/hovercard" href="https://github.com/advisories/GHSA-wwfp-p79h-2x5v">CVE-2023-38194</a>] SuperWebMailer - Cross-Site Scripting (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a>) [medium]</li>
<li>[<a title="CVE-2023-37645" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-h4h4-7hv6-xjwj/hovercard" href="https://github.com/advisories/GHSA-h4h4-7hv6-xjwj">CVE-2023-37645</a>] EyouCms v1.6.3 - Information Disclosure (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [medium]</li>
<li>[<a title="CVE-2023-32068" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-6gvj-8vc5-8v3j/hovercard" href="https://github.com/advisories/GHSA-6gvj-8vc5-8v3j">CVE-2023-32068</a>] XWiki - Open Redirect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a>) [medium]</li>
<li>[CVE-2023-6786] Payment Gateway for Telcell < 2.0.4 - Open Redirect (s4e-garage) [medium]</li>
<li>[<a title="CVE-2023-6505" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-2g38-fxhq-9w3p/hovercard" href="https://github.com/advisories/GHSA-2g38-fxhq-9w3p">CVE-2023-6505</a>] Prime Mover < 1.9.3 - Sensitive Data Exposure (s4e-garage) [high]</li>
<li>[<a title="CVE-2021-43831" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-rhq2-3vr9-6mcr/hovercard" href="https://github.com/advisories/GHSA-rhq2-3vr9-6mcr">CVE-2021-43831</a>] Gradio < 2.5.0 - Arbitrary File Read (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/isacaya/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/isacaya">@isacaya</a>) [high]</li>
<li>[<a title="CVE-2021-38147" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-qx47-qw9g-58j7/hovercard" href="https://github.com/advisories/GHSA-qx47-qw9g-58j7">CVE-2021-38147</a>] Wipro Holmes Orchestrator 20.4.1 - Information Disclosure (s4e-garage) [high]</li>
<li>[<a title="CVE-2021-38146" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-r23x-gq8q-5637/hovercard" href="https://github.com/advisories/GHSA-r23x-gq8q-5637">CVE-2021-38146</a>] Wipro Holmes Orchestrator 20.4.1 - Arbitrary File Download (s4e-garage) [high]</li>
<li>[<a title="CVE-2021-4436" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-v78v-jm8m-vmmw/hovercard" href="https://github.com/advisories/GHSA-v78v-jm8m-vmmw">CVE-2021-4436</a>] 3DPrint Lite < 1.9.1.5 - Arbitrary File Upload (s4e-garage) [critical]</li>
<li>[sns-public-subscribe-access] Public Subscription Access of SNS Topics via Policy (@Ritesh_Gohil(#L4stPL4Y3R)) [high]</li>
<li>[k8s-cpu-limits-not-set] CPU limits not set in Deployments (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a>) [medium]</li>
<li>[k8s-cpu-requests-not-set] CPU Requests not set in Deployments (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a>) [medium]</li>
<li>[k8s-default-namespace-used] Default Namespace Usage in Deployments (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a>) [high]</li>
<li>[k8s-host-ports-check] Host ports should not be used (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a>) [medium]</li>
<li>[k8s-image-pull-policy-always] Image Pull Policy set to Always (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a>) [low]</li>
<li>[k8s-image-tag-not-fixed] Image Tag should be fixed - not latest or blank (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a>) [low]</li>
<li>[k8s-liveness-probe-not-configured] Liveness Probe Not Configured in Deployments (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a>) [medium]</li>
<li>[k8s-memory-limits-not-set] Memory limits not set in Deployments (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a>) [medium]</li>
<li>[k8s-memory-requests-not-set] Memory requests not set in Deployments (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a>) [medium]</li>
<li>[minimize-added-capabilities] Minimize container added capabilities (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a>) [high]</li>
<li>[k8s-privileged-containers] Privileged Containers Found in Deployments (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a>) [critical]</li>
<li>[k8s-readiness-probe-not-set] Readiness Probes not set in Deployments (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a>) [medium]</li>
<li>[k8s-root-container-admission] Minimize the admission of root containers (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a>) [critical]</li>
<li>[k8s-seccomp-profile-set] Set appropriate seccomp profile (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a>) [medium]</li>
<li>[kubernetes-code-env] Kubernetes Cluster Validation (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a>) [info]</li>
<li>[k8s-netpol-egress-rules] Network policies define egress rules (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a>) [medium]</li>
<li>[k8s-netpol-namespace] Network Policies specify namespace (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a>) [medium]</li>
<li>[k8s-network-ingress-rules] Define network ingress rules (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a>) [medium]</li>
<li>[k8s-allow-privilege-escalation-set] Containers run with allowPrivilegeEscalation enabled (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a>) [critical]</li>
<li>[k8s-containers-share-host-ipc] Containers sharing host IPC namespace (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a>) [critical]</li>
<li>[k8s-host-network-namespace-shared] Host Network Namespace Sharing (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a>) [high]</li>
<li>[k8s-host-pid-namespace-sharing] Host PID Namespace Sharing (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a>) [critical]</li>
<li>[k8s-readonly-fs] Enforce Read-Only Filesystem for Containers (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a>) [critical]</li>
<li>[k8s-readonly-rootfs] Pods with read-only root filesystem (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a>) [medium]</li>
<li>[k8s-root-user-id] Pods run with root user ID (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a>) [low]</li>
<li>[audit-log-path-set] Ensure audit-log-path set (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a>) [medium]</li>
<li>[k8s-enc-prov-conf] Ensure that encryption providers are configured (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a>) [medium]</li>
<li>[k8s-etcd-cafile-set] Ensure etcd-cafile argument set (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a>) [medium]</li>
<li>[k8s-etcd-files-set] Ensure etcd cert and key set (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a>) [medium]</li>
<li>[k8s-ns-usage-check] Ensure namespaces are utilized (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a>) [info]</li>
<li>[k8s-svc-acct-issuer-set] Checks if service-account-issuer is correctly configured (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a>) [medium]</li>
<li>[k8s-svc-acct-key] Ensure service-account-key-file set (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a>) [medium]</li>
<li>[k8s-svc-acct-lookup-set] Ensure service-account-lookup set (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a>) [medium]</li>
<li>[k8s-tls-config-set] Ensure TLS config appropriately set (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a>) [medium]</li>
<li>[time-based-sqli] Time-Based Blind SQL Injection (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/0xKayala/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/0xKayala">@0xKayala</a>) [critical]</li>
<li>[anthem-deeppanda-malware-hash] Anthem DeepPanda Trojan Kakfum Malware Hash - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [info]</li>
<li>[applejeus-malware-hash] AppleJeus Malware Hash - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [info]</li>
<li>[avburner-malware-hash] AVBurner Malware Hash - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [info]</li>
<li>[backwash-malware-hash] Backwash Malware Hash - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [info]</li>
<li>[blackenergy-driver-amdide-hash] Blackenergy-Driver Amdide Hash - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [info]</li>
<li>[blackenergy-driver-malware-hash] BlackEnergy Driver USBMDM Malware Hash - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [info]</li>
<li>[blackenergy-killdisk-malware-hash] BlackEnergy KillDisk Malware Hash - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [info]</li>
<li>[blackenergy-ssh-malware-hash] BlackEnergy BackdoorPass DropBear SSH Malware Hash - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [info]</li>
<li>[blackenergy-vbs-malware-hash] BlackEnergy VBS Agent Malware Hash - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [info]</li>
<li>[bluelight-malware-hash] bluelight Malware Hash - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [info]</li>
<li>[bluetermite-emdivi-malware-hash] Bluetermite Emdivi Malware Hash - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [info]</li>
<li>[bluetermite-emdivi-sfx-hash] Bluetermite Emdivi SFX Malware Hash - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [info]</li>
<li>[charmingcypress-malware-hash] CharmingCypress Malware Hash - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [info]</li>
<li>[cheshirecat-malware-hash] CheshireCat Malware Hash - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [info]</li>
<li>[cloudduke-malware-hash] CloudDuke Malware Hash - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [info]</li>
<li>[codoso-gh0st-malware] Codoso APT Gh0st Malware Hash - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [info]</li>
<li>[codoso-malware-hash] Codoso APT Malware Hash - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [info]</li>
<li>[codoso-pgv-malware-hash] Codoso APT PGV_PVID Malware Hash - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [info]</li>
<li>[codoso-plugx-malware-hash] Codoso APT PlugX Malware Hash - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [info]</li>
<li>[disgomoji-malware-hash] DISGOMOJI Malware Hash - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [info]</li>
<li>[dubnium-malware-hash] Dubnium Malware Hash - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [info]</li>
<li>[dubnium-sshopenssl-malware-hash] Dubnium Sample SSHOpenSSL Hash - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [info]</li>
<li>[emissary-malware-hash] Emissary APT Malware Hash - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [info]</li>
<li>[evilbamboo-malware-hash] EvilBamboo Malware Hash - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [info]</li>
<li>[fakem-malware-hash] FakeM_Generic Malware Hash - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [info]</li>
<li>[flipflop-ldr-malware-hash] Flipflop Loader Hash - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [info]</li>
<li>[furtim-malware-hash] Furtim Malware Hash - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [info]</li>
<li>[gimmick-malware-hash] GIMMICK Malware Hash - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [info]</li>
<li>[godzilla-webshell-hash] Godzilla Webshell Hash - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [info]</li>
<li>[greenbug-malware-hash] Greenbug Malware Hash - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [info]</li>
<li>[ico-malware-hash] ICO Malware Hash - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [info]</li>
<li>[industroyer-malware-hash] Industroyer Malware Hash - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [info]</li>
<li>[ironpanda-htran-malware-hash] Iron Panda Malware Htran Hash - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [info]</li>
<li>[ironpanda-dnstunclient-malware-hash] Iron Panda malware DnsTunClient Hash - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [info]</li>
<li>[ironpanda-malware-hash] Iron Panda Malware Hash - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [info]</li>
<li>[locky-ransomware-hash] Locky Ransomware Hash - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [info]</li>
<li>[minidionis-readerview-malware-hash] MiniDionis Malware Hash - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [info]</li>
<li>[minidionis-vbs-malware-hash] MiniDionis VBS Dropped File Hash - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [info]</li>
<li>[naikon-apt-malware-hash] Backdoor Naikon APT Malware Hash - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [info]</li>
<li>[neuron2-malware-hash] Neuron2 Loader Strings Turla APT loader Hash - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [info]</li>
<li>[oilrig-malware-hash] OilRig Malware Campaign Gen1 Hash - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [info]</li>
<li>[passcv-ntscan-malware-hash] PassCV Sabre Tool NTScan Malware Hash - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [info]</li>
<li>[passcv-sabre-malware-hash] PassCV Sabre Malware Hash - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [info]</li>
<li>[passcv-signingcert-malware-hash] PassCV Sabre Malware Signing Cert Hash - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [info]</li>
<li>[petya-ransomware-hash] Petya Ransomware Hash - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [info]</li>
<li>[poseidongroup-maldoc-malware-hash] Poseidon Group Malicious Word Document Hash - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [info]</li>
<li>[poseidongroup-malware-hash] Poseidon Group Malware Hash - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [info]</li>
<li>[powerstar-malware-hash] PowerStar Malware Hash - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [info]</li>
<li>[purplewave-malware-hash] PurpleWave v1.0 Malware Hash - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [info]</li>
<li>[red-leaves-malware-hash] Red Leaves Malware Hash - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [info]</li>
<li>[regeorg-webshell-hash] ReGeorg Webshell Hash - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [info]</li>
<li>[revil-ransomware-hash] Revil Ransomware Hash - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [info]</li>
<li>[rokrat-malware-hash] ROKRAT Loader Malware Hash- Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [info]</li>
<li>[sauron-malware-hash] Sauron Malware Hash - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [info]</li>
<li>[seaduke-malware-hash] SeaDuke Malware Hash - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [info]</li>
<li>[sfx1-malware-hash] Malicious SFX1 Hash - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [info]</li>
<li>[sfxrar-acrotray-malware-hash] SFXRAR Acrotray Malware Hash - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [info]</li>
<li>[sharpext-malware-hash] Sharpext Malware Hash - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [info]</li>
<li>[sofacy-winexe-malware-hash] Sofacy Group Winexe Tool Hash - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [info]</li>
<li>[sofacy-bundestag-malware-hash] Sofacy Group Malware - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [info]</li>
<li>[sofacy-fybis-malware-hash] Sofacy Fybis Linux Backdoor Hash - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [info]</li>
<li>[tidepool-malware-hash] TidePool Malware Hash - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [info]</li>
<li>[turla-malware-hash] Turla APT Malware - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [info]</li>
<li>[unit78020-malware-hash] Unit 78020 Malware Hash - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [info]</li>
<li>[upstyle-malware-hash] Upstyle Malware Hash - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/Kazgangap/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/Kazgangap">@Kazgangap</a>) [info]</li>
<li>[wildneutron-malware-hash] WildNeutron APT Sample Hash - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [info]</li>
<li>[mantisbt-anonymous-login] mantisbt - Anonymous Login (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [medium]</li>
<li>[lorex-panel] Lorex Panel - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/rxerium/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/rxerium">@rxerium</a>) [info]</li>
<li>[oracle-application-server-panel] Oracle Application Server Panel - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/righettod/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/righettod">@righettod</a>) [info]</li>
<li>[trellix-panel] Trellix Login Panel (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/johnk3r/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/johnk3r">@johnk3r</a>) [info]</li>
<li>[turnkey-lamp-panel] TurnKey LAMP Panel - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a>) [info]</li>
<li>[veeam-backup-manager-login] Veeam Backup Enterprise Manager Login - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/charles/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/charles">@charles</a> D) [info]</li>
<li>[wildix-collaboration-panel] Wildix Collaboration Panel - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/rxerium/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/rxerium">@rxerium</a>) [info]</li>
<li>[apache-server-status-localhost] Server Status Disclosure (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pdteam/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pdteam">@pdteam</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/geeknik/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/geeknik">@geeknik</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/NaN-KL/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/NaN-KL">@NaN-KL</a>) [low]</li>
<li>[cookies-without-secure] Cookies without Secure attribute - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/vthiery/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/vthiery">@vthiery</a>) [info]</li>
<li>[apache-allura-detect] Apache Allura - Detection (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/icarot/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/icarot">@icarot</a>) [info]</li>
<li>[nperf-server-detect] nPerf Server - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/rxerium/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/rxerium">@rxerium</a>) [info]</li>
<li>[wordpress-copy-delete-posts] Duplicate Post Detection (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ricardomaia/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ricardomaia">@ricardomaia</a>) [info]</li>
<li>[wordpress-image-optimization] Image Optimizer by Elementor (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ricardomaia/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ricardomaia">@ricardomaia</a>) [info]</li>
<li>[wordpress-royal-elementor-addons] Royal Elementor Addons and Templates Detection (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ricardomaia/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ricardomaia">@ricardomaia</a>) [info]</li>
<li>[wordpress-simple-history] Simple History – Track, Log, and Audit WordPress Changes Detection (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ricardomaia/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ricardomaia">@ricardomaia</a>) [info]</li>
<li>[wordpress-sticky-header-effects-for-elementor] Sticky Header Effects for Elementor Detection (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ricardomaia/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ricardomaia">@ricardomaia</a>) [info]</li>
<li>[wordpress-woocommerce-legacy-rest-api] WooCommerce Legacy REST API Detection (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ricardomaia/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ricardomaia">@ricardomaia</a>) [info]</li>
<li>[gradio-lfi] Gradio 3.47 – 3.50.2 - Local File Inclusion (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/nvn1729/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/nvn1729">@nvn1729</a>) [high]</li>
<li>[gradio-ssrf] Gradio 3.47 - 3.50.2 - Server-Side Request Forgery (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/nvn1729/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/nvn1729">@nvn1729</a>) [high]</li>
<li>[fastadmin-lfi] Fastadmin framework - Arbitrary File Read (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/Hel10-Web/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/Hel10-Web">@Hel10-Web</a>) [high]</li>
<li>[mikrotik-ssh-detect] MikroTik RouterOS SSH - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/staticnoise/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/staticnoise">@staticnoise</a>) [info]</li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/chovanecadam/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/chovanecadam">@chovanecadam</a> made their first contribution in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2348497482" data-permission-text="Title is private" data-url="https://github.com/projectdiscovery/nuclei-templates/issues/10016" data-hovercard-type="pull_request" data-hovercard-url="/projectdiscovery/nuclei-templates/pull/10016/hovercard" href="https://github.com/projectdiscovery/nuclei-templates/pull/10016">#10016</a></li>
<li><a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/NaN-KL/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/NaN-KL">@NaN-KL</a> made their first contribution in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2302142769" data-permission-text="Title is private" data-url="https://github.com/projectdiscovery/nuclei-templates/issues/9825" data-hovercard-type="pull_request" data-hovercard-url="/projectdiscovery/nuclei-templates/pull/9825/hovercard" href="https://github.com/projectdiscovery/nuclei-templates/pull/9825">#9825</a></li>
<li><a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/vthiery/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/vthiery">@vthiery</a> made their first contribution in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2356552247" data-permission-text="Title is private" data-url="https://github.com/projectdiscovery/nuclei-templates/issues/10048" data-hovercard-type="pull_request" data-hovercard-url="/projectdiscovery/nuclei-templates/pull/10048/hovercard" href="https://github.com/projectdiscovery/nuclei-templates/pull/10048">#10048</a></li>
<li><a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/KristinnVikar/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/KristinnVikar">@KristinnVikar</a> made their first contribution in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2340715108" data-permission-text="Title is private" data-url="https://github.com/projectdiscovery/nuclei-templates/issues/9996" data-hovercard-type="pull_request" data-hovercard-url="/projectdiscovery/nuclei-templates/pull/9996/hovercard" href="https://github.com/projectdiscovery/nuclei-templates/pull/9996">#9996</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a class="commit-link" href="https://github.com/projectdiscovery/nuclei-templates/compare/v9.8.9...v9.9.0"><tt>v9.8.9...v9.9.0</tt></a></p>
princechaddha
tag:github.com,2008:Repository/253044228/v9.8.9
2024-06-13T07:23:53Z
Added CVE-2024-4577 + Bug fixes
<h3>🔥 Release Highlights 🔥</h3>
<p>[<a title="CVE-2024-4577" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-vxpp-6299-mxw3/hovercard" href="https://github.com/advisories/GHSA-vxpp-6299-mxw3">CVE-2024-4577</a>] PHP CGI - Argument Injection (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/h/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/h">@h</a>üseyin TINTAŞ, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/sw0rk17/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/sw0rk17">@sw0rk17</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/s4e-garage/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/s4e-garage">@s4e-garage</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pdresearch/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pdresearch">@pdresearch</a>) [critical]</p>
<h2>What's Changed</h2>
<ul>
<li>Lorex Favicon Hash by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/rxerium/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/rxerium">@rxerium</a> in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2341766322" data-permission-text="Title is private" data-url="https://github.com/projectdiscovery/nuclei-templates/issues/10001" data-hovercard-type="pull_request" data-hovercard-url="/projectdiscovery/nuclei-templates/pull/10001/hovercard" href="https://github.com/projectdiscovery/nuclei-templates/pull/10001">#10001</a></li>
<li>add <a title="CVE-2024-4577" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-vxpp-6299-mxw3/hovercard" href="https://github.com/advisories/GHSA-vxpp-6299-mxw3">cve-2024-4577</a> by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/Kazgangap/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/Kazgangap">@Kazgangap</a> in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2340717428" data-permission-text="Title is private" data-url="https://github.com/projectdiscovery/nuclei-templates/issues/9997" data-hovercard-type="pull_request" data-hovercard-url="/projectdiscovery/nuclei-templates/pull/9997/hovercard" href="https://github.com/projectdiscovery/nuclei-templates/pull/9997">#9997</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a class="commit-link" href="https://github.com/projectdiscovery/nuclei-templates/compare/v9.8.8...v9.8.9"><tt>v9.8.8...v9.8.9</tt></a></p>
princechaddha
tag:github.com,2008:Repository/253044228/v9.8.8
2024-06-25T12:11:01Z
v9.8.8
<h3>🔥 Release Highlights 🔥</h3>
<ul>
<li>[<a title="CVE-2024-27348" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-29rc-vq7f-x335/hovercard" href="https://github.com/advisories/GHSA-29rc-vq7f-x335">CVE-2024-27348</a>] Apache HugeGraph-Server - Remote Command Execution (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [high] 🔥</li>
<li>[CVE-2024-24919] Check Point Quantum Gateway - Information Disclosure (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/johnk3r/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/johnk3r">@johnk3r</a>) [high] 🔥</li>
<li>[<a title="CVE-2024-21683" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-vr88-2hv2-5jvf/hovercard" href="https://github.com/advisories/GHSA-vr88-2hv2-5jvf">CVE-2024-21683</a>] Atlassian Confluence Data Center and Server - Remote Code Execution (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pdresearch/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pdresearch">@pdresearch</a>) [high] 🔥</li>
<li>[CVE-2024-4358] Progress Telerik Report Server - Authentication Bypass (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [critical] 🔥</li>
<li>[<a title="CVE-2024-3495" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-5p44-j78m-mc5m/hovercard" href="https://github.com/advisories/GHSA-5p44-j78m-mc5m">CVE-2024-3495</a>] Wordpress Country State City Dropdown <=2.7.2 - SQL Injection (<a class="user-mention notranslate" data-hovercard-type="organization" data-hovercard-url="/orgs/apple/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/apple">@apple</a>) [critical] 🔥</li>
</ul>
<h3>What's Changed</h3>
<h4>New Templates Added: <code>77</code> | CVEs Added: <code>17</code> | First-time contributions: <code>8</code></h4>
<ul>
<li>[<a title="CVE-2024-34470" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-fv57-985w-x39v/hovercard" href="https://github.com/advisories/GHSA-fv57-985w-x39v">CVE-2024-34470</a>] HSC Mailinspector 5.2.17-3 through 5.2.18 - Local File Inclusion (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/topscoder/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/topscoder">@topscoder</a>) [high]</li>
<li>[<a title="CVE-2024-27348" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-29rc-vq7f-x335/hovercard" href="https://github.com/advisories/GHSA-29rc-vq7f-x335">CVE-2024-27348</a>] Apache HugeGraph-Server - Remote Command Execution (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [high] 🔥</li>
<li>[<a title="CVE-2024-25723" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-vf7j-cmrj-pmmm/hovercard" href="https://github.com/advisories/GHSA-vf7j-cmrj-pmmm">CVE-2024-25723</a>] ZenML ZenML Server - Improper Authentication (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/david/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/david">@david</a> Botelho Mariano) [critical]</li>
<li>[CVE-2024-24919] Check Point Quantum Gateway - Information Disclosure (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/johnk3r/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/johnk3r">@johnk3r</a>) [high] 🔥</li>
<li>[<a title="CVE-2024-21683" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-vr88-2hv2-5jvf/hovercard" href="https://github.com/advisories/GHSA-vr88-2hv2-5jvf">CVE-2024-21683</a>] Atlassian Confluence Data Center and Server - Remote Code Execution (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pdresearch/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pdresearch">@pdresearch</a>) [high] 🔥</li>
<li>[<a title="CVE-2024-5230" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-3832-cq7m-8xc3/hovercard" href="https://github.com/advisories/GHSA-3832-cq7m-8xc3">CVE-2024-5230</a>] FleetCart 4.1.1 - Information Disclosure (<a class="user-mention notranslate" data-hovercard-type="organization" data-hovercard-url="/orgs/SecurityForEveryone/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/SecurityForEveryone">@SecurityForEveryone</a>) [medium]</li>
<li>[CVE-2024-4358] Progress Telerik Report Server - Authentication Bypass (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [critical] 🔥</li>
<li>[<a title="CVE-2024-3822" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-56m5-6v25-whgm/hovercard" href="https://github.com/advisories/GHSA-56m5-6v25-whgm">CVE-2024-3822</a>] Base64 Encoder/Decoder <= 0.9.2 - Cross-Site Scripting (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/omranisecurity/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/omranisecurity">@omranisecurity</a>) [medium]</li>
<li>[<a title="CVE-2024-3495" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-5p44-j78m-mc5m/hovercard" href="https://github.com/advisories/GHSA-5p44-j78m-mc5m">CVE-2024-3495</a>] Wordpress Country State City Dropdown <=2.7.2 - SQL Injection (<a class="user-mention notranslate" data-hovercard-type="organization" data-hovercard-url="/orgs/apple/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/apple">@apple</a>) [critical] 🔥</li>
<li>[<a title="CVE-2024-1380" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-4223-r78w-6q8p/hovercard" href="https://github.com/advisories/GHSA-4223-r78w-6q8p">CVE-2024-1380</a>] Relevanssi (A Better Search) <= 4.22.0 - Query Log Export (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/flx/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/flx">@flx</a>) [medium]</li>
<li>[<a title="CVE-2023-48084" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-x3mv-x599-m8pw/hovercard" href="https://github.com/advisories/GHSA-x3mv-x599-m8pw">CVE-2023-48084</a>] Nagios XI < 5.11.3 - SQL Injection (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a>) [critical]</li>
<li>[<a title="CVE-2023-35162" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-q9hg-9qj2-mxf9/hovercard" href="https://github.com/advisories/GHSA-q9hg-9qj2-mxf9">CVE-2023-35162</a>] XWiki < 14.10.5 - Cross-Site Scripting (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a>) [medium]</li>
<li>[<a title="CVE-2023-3077" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-95vf-7jgr-4c75/hovercard" href="https://github.com/advisories/GHSA-95vf-7jgr-4c75">CVE-2023-3077</a>] MStore API < 3.9.8 - SQL Injection (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [critical]</li>
<li>[<a title="CVE-2023-2059" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-g733-c497-r4hx/hovercard" href="https://github.com/advisories/GHSA-g733-c497-r4hx">CVE-2023-2059</a>] DedeCMS 5.7.87 - Directory Traversal (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [medium]</li>
<li>[<a title="CVE-2022-34534" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-2jw2-755p-5gqq/hovercard" href="https://github.com/advisories/GHSA-2jw2-755p-5gqq">CVE-2022-34534</a>] Digital Watchdog DW Spectrum Server 4.2.0.32842 - Information Disclosure (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a>) [high]</li>
<li>[<a title="CVE-2022-1580" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-62wv-mf7j-h7rg/hovercard" href="https://github.com/advisories/GHSA-62wv-mf7j-h7rg">CVE-2022-1580</a>] Site Offline WP Plugin < 1.5.3 - Authorization Bypass (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/Kazgangap/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/Kazgangap">@Kazgangap</a>) [medium]</li>
<li>[<a title="CVE-2022-0666" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-3wwj-wh2w-g4xp/hovercard" href="https://github.com/advisories/GHSA-3wwj-wh2w-g4xp">CVE-2022-0666</a>] Microweber < 1.2.11 - CRLF Injection (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a>) [high]</li>
<li>[sns-topic-public-accessible] Public Access of SNS Topics via Policy (@Ritesh_Gohil(#L4stPL4Y3R)) [high]</li>
<li>[webpack-sourcemap] Webpack Sourcemap (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/Lucky0x0D/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/Lucky0x0D">@Lucky0x0D</a>, @PulseSecurity.co.nz) [low]</li>
<li>[CNVD-2024-15077] AJ-Report Open Source Data Screen - Remote Code Execution (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [high]</li>
<li>[ampjuke-default-login] AmpJuke - Default Login (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a>) [high]</li>
<li>[cambium-networks-default-login] Canopy 5.7GHz Access Point - Default Login (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/defektive/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/defektive">@defektive</a>) [high]</li>
<li>[digital-watchdog-default-login] Digital Watchdog - Default Login (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/omranisecurity/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/omranisecurity">@omranisecurity</a>) [high]</li>
<li>[busybox-repository-browser] Busybox Repository Browser - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a>) [info]</li>
<li>[cisco-firepower-panel] Cisco Firepower Management Center login - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/charles/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/charles">@charles</a> D) [info]</li>
<li>[cox-business-panel] Cox Business Dominion Gateway Login Panel - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [info]</li>
<li>[digital-watchdog-panel] Digital Watchdog - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a>) [info]</li>
<li>[f5-admin-interface] F5 Admin Interface - Detect (@drewvravick) [info]</li>
<li>[fortisiem-panel] FortiSIEM Login Panel - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [info]</li>
<li>[oracle-access-management] Oracle Access Management Login Panel - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/righettod/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/righettod">@righettod</a>) [info]</li>
<li>[oracle-peoplesoft-panel] Oracle PeopleSoft Login Panel - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/idealphase/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/idealphase">@idealphase</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/righettod/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/righettod">@righettod</a>) [info]</li>
<li>[vrealize-hyperic-panel] vRealize Hyperic Login Panel - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/charles/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/charles">@charles</a> D) [info]</li>
<li>[wechat-corpsecret-key] Enterprise WeChat Corpsecret Key (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/N0el4kLs/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/N0el4kLs">@N0el4kLs</a>) [info]</li>
<li>[netgear-boarddataww-rce] Netgear Devices boardDataWW.php - Unauth RCE (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [critical]</li>
<li>[directory-listing] Directory Listing Enabled (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/themiddle/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/themiddle">@themiddle</a>) [low]</li>
<li>[dont-panic-traceback] DON'T PANIC Traceback (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a>) [low]</li>
<li>[cowboy-detect] Cowboy - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/Sechunt3r/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/Sechunt3r">@Sechunt3r</a>) [info]</li>
<li>[gabia-server-detect] Gabia Server - Detection (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/jadu101/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/jadu101">@jadu101</a>) [info]</li>
<li>[gotweb-detect] GotWeb Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/lu4nx/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/lu4nx">@lu4nx</a>) [info]</li>
<li>[sparklighter-detect] Spark Lighter Detection (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/icarot/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/icarot">@icarot</a>) [info]</li>
<li>[aquatronica-info-leak] Aquatronica Control System 5.1.6 - Information Disclosure (<a class="user-mention notranslate" data-hovercard-type="organization" data-hovercard-url="/orgs/SecurityForEveryone/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/SecurityForEveryone">@SecurityForEveryone</a>) [high]</li>
<li>[array-vpn-lfi] Array VPN - Arbitrary File Reading Vulnerability (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [high]</li>
<li>[cerio-dt-rce] CERIO-DT Interface - Command Execution (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [critical]</li>
<li>[easycvr-info-leak] EasyCVR video management - Users Information Exposure (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [high]</li>
<li>[proftpd-backdoor] ProFTPd-1.3.3c - Backdoor Command Execution (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [critical]</li>
<li>[samba-detect] Samba - Detection (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [info]</li>
<li>[rsync-list-modules] Rsync List Modules - Enumeration (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [low]</li>
<li>[bitvise-detect] SSH Bitvise Service - Detect (@abdullahisik) [info]</li>
<li>[activecollab-installer] ActiveCollab Installation Page - Exposure (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [high]</li>
<li>[call-com-installer] Call.com Setup Page - Exposure (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [high]</li>
<li>[cms-made-simple-installer] CMS Made Simple Installation Page - Exposure (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [high]</li>
<li>[confluence-installer] Confluence Installation Page - Exposure (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [high]</li>
<li>[cubebackup-setup-installer] CubeBackup Setup Page - Exposure (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [high]</li>
<li>[easy-wi-installer] Easy-WI Installation Page - Exposure (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [high]</li>
<li>[ejbca-enterprise-installer] EJBCA Enterprise Cloud Configuration Wizard - Exposure (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [high]</li>
<li>[flarum-installer] Flarum Installation Page - Exposure (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [high]</li>
<li>[fleetcart-installer] FleetCart Installation Page - Exposure (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [high]</li>
<li>[glpi-installer] GLPI Installation Page - Exposure (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [high]</li>
<li>[invicti-enterprise-installer] Invicti Enterprise Installation Page - Exposure (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [high]</li>
<li>[invoice-ninja-installer] Invoice Ninja Setup Page - Exposure (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [high]</li>
<li>[jfa-go-installer] jfa-go Setup Page - Exposure (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [high]</li>
<li>[justfans-installer] JustFans Installation Page - Exposure (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [high]</li>
<li>[librenms-installer] LibreNMS Installation Page - Exposure (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [high]</li>
<li>[mura-cms-setup-installer] Mura CMS Setup Page - Exposure (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [high]</li>
<li>[onlyoffice-installer] OnlyOffice Wizard Page - Exposure (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [high]</li>
<li>[openemr-setup-installer] OpenEMR Setup Installation Page - Exposure (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [high]</li>
<li>[orchard-installer] Orchard Setup Wizard - Exposure (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [high]</li>
<li>[pandora-fms-installer] Pandora FMS Installation Page - Exposure (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [high]</li>
<li>[profittrailer-installer] ProfitTrailer Setup Page - Exposure (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [high]</li>
<li>[projectsend-installer] ProjectSend Installation Page - Exposure (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [high]</li>
<li>[snipe-it-installer] Snipe-IT Setup Page - Exposure (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [high]</li>
<li>[stackposts-installer] StackPosts Installation Page - Exposure (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [high]</li>
<li>[tastyigniter-installer] TastyIgniter Setup Page - Exposure (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [high]</li>
<li>[ubersmith-installer] Ubersmith Setup Page - Exposure (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [high]</li>
<li>[uvdesk-helpdesk-installer] UVDesk Helpdesk Installation Page - Exposure (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [high]</li>
<li>[virtual-smartzone-installer] Virtual SmartZone Setup Wizard - Exposure (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [high]</li>
<li>[wowonder-installer] WoWonder Installation Page - Exposure (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [high]</li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/defektive/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/defektive">@defektive</a> made their first contribution in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2310615574" data-permission-text="Title is private" data-url="https://github.com/projectdiscovery/nuclei-templates/issues/9845" data-hovercard-type="pull_request" data-hovercard-url="/projectdiscovery/nuclei-templates/pull/9845/hovercard" href="https://github.com/projectdiscovery/nuclei-templates/pull/9845">#9845</a></li>
<li><a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/N0el4kLs/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/N0el4kLs">@N0el4kLs</a> made their first contribution in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2313481011" data-permission-text="Title is private" data-url="https://github.com/projectdiscovery/nuclei-templates/issues/9867" data-hovercard-type="pull_request" data-hovercard-url="/projectdiscovery/nuclei-templates/pull/9867/hovercard" href="https://github.com/projectdiscovery/nuclei-templates/pull/9867">#9867</a></li>
<li><a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/moyue83/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/moyue83">@moyue83</a> made their first contribution in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2322811817" data-permission-text="Title is private" data-url="https://github.com/projectdiscovery/nuclei-templates/issues/9929" data-hovercard-type="pull_request" data-hovercard-url="/projectdiscovery/nuclei-templates/pull/9929/hovercard" href="https://github.com/projectdiscovery/nuclei-templates/pull/9929">#9929</a></li>
<li><a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/isikabdullah44/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/isikabdullah44">@isikabdullah44</a> made their first contribution in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2311518662" data-permission-text="Title is private" data-url="https://github.com/projectdiscovery/nuclei-templates/issues/9850" data-hovercard-type="pull_request" data-hovercard-url="/projectdiscovery/nuclei-templates/pull/9850/hovercard" href="https://github.com/projectdiscovery/nuclei-templates/pull/9850">#9850</a></li>
<li>@Dev0psSec made their first contribution in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2331021100" data-permission-text="Title is private" data-url="https://github.com/projectdiscovery/nuclei-templates/issues/9967" data-hovercard-type="pull_request" data-hovercard-url="/projectdiscovery/nuclei-templates/pull/9967/hovercard" href="https://github.com/projectdiscovery/nuclei-templates/pull/9967">#9967</a></li>
<li><a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/icarot/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/icarot">@icarot</a> made their first contribution in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2304738072" data-permission-text="Title is private" data-url="https://github.com/projectdiscovery/nuclei-templates/issues/9827" data-hovercard-type="pull_request" data-hovercard-url="/projectdiscovery/nuclei-templates/pull/9827/hovercard" href="https://github.com/projectdiscovery/nuclei-templates/pull/9827">#9827</a></li>
<li><a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pdteamx/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pdteamx">@pdteamx</a> made their first contribution in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2333815614" data-permission-text="Title is private" data-url="https://github.com/projectdiscovery/nuclei-templates/issues/9978" data-hovercard-type="pull_request" data-hovercard-url="/projectdiscovery/nuclei-templates/pull/9978/hovercard" href="https://github.com/projectdiscovery/nuclei-templates/pull/9978">#9978</a></li>
<li><a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/L4stPL4Y3R/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/L4stPL4Y3R">@L4stPL4Y3R</a> made their first contribution in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2338691452" data-permission-text="Title is private" data-url="https://github.com/projectdiscovery/nuclei-templates/issues/9988" data-hovercard-type="pull_request" data-hovercard-url="/projectdiscovery/nuclei-templates/pull/9988/hovercard" href="https://github.com/projectdiscovery/nuclei-templates/pull/9988">#9988</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a class="commit-link" href="https://github.com/projectdiscovery/nuclei-templates/compare/v9.8.7...v9.8.8"><tt>v9.8.7...v9.8.8</tt></a></p>
princechaddha
tag:github.com,2008:Repository/253044228/v9.8.7
2024-05-23T15:31:32Z
v9.8.7
<h3>🔥 Release Highlights 🔥</h3>
<ul>
<li>[<a title="CVE-2024-0200" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-g39r-hh73-78xj/hovercard" href="https://github.com/advisories/GHSA-g39r-hh73-78xj">CVE-2024-0200</a>] Github Enterprise - Authenticated RCE (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/iamnoooob/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/iamnoooob">@iamnoooob</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/rootxharsh/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/rootxharsh">@rootxharsh</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pdresearch/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pdresearch">@pdresearch</a>) [critical] 🔥</li>
<li>[<a title="CVE-2024-4956" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-6cgv-69mq-8w7x/hovercard" href="https://github.com/advisories/GHSA-6cgv-69mq-8w7x">CVE-2024-4956</a>] Sonatype Nexus Repository Manager 3 - Local File Inclusion (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a>) [high] 🔥</li>
<li>[<a title="CVE-2024-0195" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-m6pc-42rj-wc4v/hovercard" href="https://github.com/advisories/GHSA-m6pc-42rj-wc4v">CVE-2024-0195</a>] SpiderFlow Crawler Platform - Remote Code Execution (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [critical] 🔥</li>
<li>[<a title="CVE-2023-43374" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-f9q7-q7fp-p8wj/hovercard" href="https://github.com/advisories/GHSA-f9q7-q7fp-p8wj">CVE-2023-43374</a>] Hoteldruid v3.0.5 - SQL Injection (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a>) [critical] 🔥</li>
</ul>
<h3>What's Changed</h3>
<h4>New Templates Added: <code>62</code> | CVEs Added: <code>16</code> | First-time contributions: <code>3</code></h4>
<ul>
<li>[CVE-2024-33288] Prison Management System - SQL Injection Authentication Bypass (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/Kazgangap/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/Kazgangap">@Kazgangap</a>) [high]</li>
<li>[<a title="CVE-2024-4956" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-6cgv-69mq-8w7x/hovercard" href="https://github.com/advisories/GHSA-6cgv-69mq-8w7x">CVE-2024-4956</a>] Sonatype Nexus Repository Manager 3 - Local File Inclusion (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a>) [high] 🔥</li>
<li>[<a title="CVE-2024-3097" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-w249-f84q-3v47/hovercard" href="https://github.com/advisories/GHSA-w249-f84q-3v47">CVE-2024-3097</a>] NextGEN Gallery <= 3.59 - Missing Authorization to Unauth Information Disclosure (@DhiyanesDK) [medium]</li>
<li>[<a title="CVE-2024-1561" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-g9cj-cfpp-4g2x/hovercard" href="https://github.com/advisories/GHSA-g9cj-cfpp-4g2x">CVE-2024-1561</a>] Gradio Applications - Local File Read (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/diablo/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/diablo">@diablo</a>) [high]</li>
<li>[<a title="CVE-2024-0200" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-g39r-hh73-78xj/hovercard" href="https://github.com/advisories/GHSA-g39r-hh73-78xj">CVE-2024-0200</a>] Github Enterprise - Authenticated RCE (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/iamnoooob/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/iamnoooob">@iamnoooob</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/rootxharsh/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/rootxharsh">@rootxharsh</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pdresearch/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pdresearch">@pdresearch</a>) [critical] 🔥</li>
<li>[<a title="CVE-2024-0195" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-m6pc-42rj-wc4v/hovercard" href="https://github.com/advisories/GHSA-m6pc-42rj-wc4v">CVE-2024-0195</a>] SpiderFlow Crawler Platform - Remote Code Execution (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [critical] 🔥</li>
<li>[<a title="CVE-2023-45855" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-cr2w-gfw6-cgj8/hovercard" href="https://github.com/advisories/GHSA-cr2w-gfw6-cgj8">CVE-2023-45855</a>] qdPM 9.2 - Directory Traversal (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [high]</li>
<li>[<a title="CVE-2023-44813" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-vp27-mx7m-wr59/hovercard" href="https://github.com/advisories/GHSA-vp27-mx7m-wr59">CVE-2023-44813</a>] mooSocial v.3.1.8 - Cross-Site Scripting (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a>) [medium]</li>
<li>[<a title="CVE-2023-43374" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-f9q7-q7fp-p8wj/hovercard" href="https://github.com/advisories/GHSA-f9q7-q7fp-p8wj">CVE-2023-43374</a>] Hoteldruid v3.0.5 - SQL Injection (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a>) [critical] 🔥</li>
<li>[<a title="CVE-2023-36347" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-323x-wpgh-r8q4/hovercard" href="https://github.com/advisories/GHSA-323x-wpgh-r8q4">CVE-2023-36347</a>] POS Codekop v2.0 - Broken Authentication (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a>) [high]</li>
<li>[<a title="CVE-2023-36284" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-33vr-wwjf-63w6/hovercard" href="https://github.com/advisories/GHSA-33vr-wwjf-63w6">CVE-2023-36284</a>] QloApps 1.6.0 - SQL Injection (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a>) [high]</li>
<li>[<a title="CVE-2023-35158" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-mwxj-g7fw-7hc8/hovercard" href="https://github.com/advisories/GHSA-mwxj-g7fw-7hc8">CVE-2023-35158</a>] XWiki - Cross-Site Scripting (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a>) [medium]</li>
<li>[<a title="CVE-2023-29827" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-j5pp-6f4w-r5r6/hovercard" href="https://github.com/advisories/GHSA-j5pp-6f4w-r5r6">CVE-2023-29827</a>] Embedded JavaScript(EJS) 3.1.6 - Template Injection (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a>) [critical]</li>
<li>[<a title="CVE-2023-6065" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-g9xh-cc3h-8ghx/hovercard" href="https://github.com/advisories/GHSA-g9xh-cc3h-8ghx">CVE-2023-6065</a>] Quttera Web Malware Scanner <= 3.4.1.48 - Sensitive Data Exposure (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/Kazgangap/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/Kazgangap">@Kazgangap</a>) [medium]</li>
<li>[<a title="CVE-2023-5991" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-5c4q-4rqx-7fcj/hovercard" href="https://github.com/advisories/GHSA-5c4q-4rqx-7fcj">CVE-2023-5991</a>] Hotel Booking Lite < 4.8.5 - Arbitrary File Download & Deletion (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/Kazgangap/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/Kazgangap">@Kazgangap</a>) [critical]</li>
<li>[<a title="CVE-2023-4542" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-85cp-hm7f-pwxw/hovercard" href="https://github.com/advisories/GHSA-85cp-hm7f-pwxw">CVE-2023-4542</a>] D-Link DAR-8000-10 - Command Injection (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [critical]</li>
<li>[CNVD-2017-06001] Dahua DSS - SQL Injection (@napgh0st, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a>) [high]</li>
<li>[softether-vpn-default-login] SoftEther VPN Admin Console - Default Login (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/bhutch/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/bhutch">@bhutch</a>) [high]</li>
<li>[ackee-panel] Ackee Panel - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/userdehghani/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/userdehghani">@userdehghani</a>) [info]</li>
<li>[craftercms-panel] CrafterCMS Login Panel - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/righettod/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/righettod">@righettod</a>) [info]</li>
<li>[easyvista-panel] EasyVista Login Panel - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/righettod/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/righettod">@righettod</a>) [info]</li>
<li>[f5-next-central-manager] F5 Next Central Manager Panel - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/EgemenKochisarli/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/EgemenKochisarli">@EgemenKochisarli</a>) [info]</li>
<li>[ghost-panel] Ghost Panel - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/userdehghani/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/userdehghani">@userdehghani</a>) [info]</li>
<li>[matomo-panel] Matomo Panel - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/Arr0way/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/Arr0way">@Arr0way</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/userdehghani/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/userdehghani">@userdehghani</a>) [info]</li>
<li>[microfocus-lifecycle-panel] Micro Focus Application Lifecycle Management - Panel (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/righettod/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/righettod">@righettod</a>) [info]</li>
<li>[n8n-panel] n8n Panel - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/userdehghani/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/userdehghani">@userdehghani</a>) [info]</li>
<li>[nocodb-panel] NocoDB Panel - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/userdehghani/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/userdehghani">@userdehghani</a>) [info]</li>
<li>[oracle-ebusiness-panel] Oracle E-Business Suite Login Panel - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/righettod/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/righettod">@righettod</a>) [info]</li>
<li>[pocketbase-panel] PocketBase Panel - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/userdehghani/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/userdehghani">@userdehghani</a>) [info]</li>
<li>[qlikview-accesspoint-panel] QlikView AccessPoint Login Panel - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/righettod/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/righettod">@righettod</a>) [info]</li>
<li>[tiny-rss-panel] Tiny RSS Panel - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/userdehghani/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/userdehghani">@userdehghani</a>) [info]</li>
<li>[unleash-panel] Unleash Panel - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/userdehghani/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/userdehghani">@userdehghani</a>) [info]</li>
<li>[tpot-honeypot-detect] T-Pot Honeypot - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/rxerium/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/rxerium">@rxerium</a>) [info]</li>
<li>[imgproxy-unauth] Imgproxy Unauthorized Access (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/userdehghani/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/userdehghani">@userdehghani</a>) [low]</li>
<li>[custom-xoops-installer] XOOPS Custom - Installation (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [high]</li>
<li>[easy-viserlabs-installer] Easy Installer by ViserLab - Exposure (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [high]</li>
<li>[forgejo-installer] Forgejo Installation Page - Exposure (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [high]</li>
<li>[froxlor-installer] Froxlor Server Management - Installer (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [high]</li>
<li>[growi-installer] GROWI Installer - Exposure (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [high]</li>
<li>[ids-skills-installer] IDP Skills Installer - Exposure (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [high]</li>
<li>[moosocial-installer] mooSocial Installation - Exposure (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a>) [high]</li>
<li>[octoprint-installer] OctoPrint Installation Page - Exposure (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [high]</li>
<li>[openfire-setup] Openfire Setup - Exposure (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [high]</li>
<li>[phpmyfaq-installer] phpMyFAQ Installation - Exposure (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a>) [high]</li>
<li>[qloapps-installer] QloApps - Installation (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a>) [high]</li>
<li>[trilium-notes-installer] Trilium Notes Installer - Exposure (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [high]</li>
<li>[wiki-js-installer] Wiki.js Setup - Exposure (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [high]</li>
<li>[xbackbone-installer] XBackBone Installer - Exposure (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>) [high]</li>
<li>[unigui-server-monitor-exposure] UniGUI Server Monitor Panel - Exposure (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/serrapa/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/serrapa">@serrapa</a>) [low]</li>
<li>[apache-answer-detect] Apache Answer - Detection (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/omranisecurity/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/omranisecurity">@omranisecurity</a>) [info]</li>
<li>[boa-web-server] Boa Web Server - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/johnk3r/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/johnk3r">@johnk3r</a>) [info]</li>
<li>[craftercms-detect] CrafterCMS - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/righettod/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/righettod">@righettod</a>) [info]</li>
<li>[imgproxy-detect] Imgproxy Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/userdehghani/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/userdehghani">@userdehghani</a>) [info]</li>
<li>[meilisearch-detect] Meilisearch - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/userdehghani/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/userdehghani">@userdehghani</a>) [info]</li>
<li>[microfocus-iprint-detect] Micro Focus iPrint Appliance - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/righettod/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/righettod">@righettod</a>) [info]</li>
<li>[statamic-detect] Statamic - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/geeknik/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/geeknik">@geeknik</a>) [info]</li>
<li>[tinyproxy-detect] Tinyproxy - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/bhutch/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/bhutch">@bhutch</a>) [info]</li>
<li>[uni-gui-framework] UniGUI Framework - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/serrapa/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/serrapa">@serrapa</a>) [info]</li>
<li>[wp-bricks-builder-theme] WordPress Bricks Builder Theme Version (@Anonymous) [info]</li>
<li>[castel-digital-sqli] Castel Digital - Authentication Bypass (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/Kazgangap/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/Kazgangap">@Kazgangap</a>) [high]</li>
<li>[tendat-credential] Tendat Router Credential - Exposure (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [high]</li>
<li>[checkpoint-firewall-enum] Check Point Firewall - Detect (<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a>) [info]</li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/x676f64/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/x676f64">@x676f64</a> made their first contribution in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2276254480" data-permission-text="Title is private" data-url="https://github.com/projectdiscovery/nuclei-templates/issues/9690" data-hovercard-type="pull_request" data-hovercard-url="/projectdiscovery/nuclei-templates/pull/9690/hovercard" href="https://github.com/projectdiscovery/nuclei-templates/pull/9690">#9690</a></li>
<li><a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/Ahsraeisi/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/Ahsraeisi">@Ahsraeisi</a> made their first contribution in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2294638742" data-permission-text="Title is private" data-url="https://github.com/projectdiscovery/nuclei-templates/issues/9793" data-hovercard-type="pull_request" data-hovercard-url="/projectdiscovery/nuclei-templates/pull/9793/hovercard" href="https://github.com/projectdiscovery/nuclei-templates/pull/9793">#9793</a></li>
<li><a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/jmac774/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/jmac774">@jmac774</a> made their first contribution in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2310001001" data-permission-text="Title is private" data-url="https://github.com/projectdiscovery/nuclei-templates/issues/9844" data-hovercard-type="pull_request" data-hovercard-url="/projectdiscovery/nuclei-templates/pull/9844/hovercard" href="https://github.com/projectdiscovery/nuclei-templates/pull/9844">#9844</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a class="commit-link" href="https://github.com/projectdiscovery/nuclei-templates/compare/v9.8.6...v9.8.7"><tt>v9.8.6...v9.8.7</tt></a></p>
princechaddha
tag:github.com,2008:Repository/253044228/v9.8.6
2024-05-12T02:34:20Z
v9.8.6
<h3>🔥 Release Highlights 🔥</h3>
<ul>
<li>http/cves/2024/<a title="CVE-2024-23917" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-73v5-rhgg-73mq/hovercard" href="https://github.com/advisories/GHSA-73v5-rhgg-73mq">CVE-2024-23917</a>.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/iamnoooob/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/iamnoooob">@iamnoooob</a>,<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/rootxharsh/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/rootxharsh">@rootxharsh</a>,<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pdresearch/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pdresearch">@pdresearch</a> 🔥</li>
<li>http/cves/2024/<a title="CVE-2024-27956" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-xv4r-44qp-78wm/hovercard" href="https://github.com/advisories/GHSA-xv4r-44qp-78wm">CVE-2024-27956</a>.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a> 🔥</li>
<li>http/cves/2024/<a title="CVE-2024-2876" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-w55j-5hxw-v35j/hovercard" href="https://github.com/advisories/GHSA-w55j-5hxw-v35j">CVE-2024-2876</a>.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/iamnoooob/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/iamnoooob">@iamnoooob</a>,<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/rootxharsh/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/rootxharsh">@rootxharsh</a>,<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pdresearch/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pdresearch">@pdresearch</a> 🔥</li>
<li>http/cves/2024/<a title="CVE-2024-3136" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-3jgm-wf2v-2mpq/hovercard" href="https://github.com/advisories/GHSA-3jgm-wf2v-2mpq">CVE-2024-3136</a>.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/iamnoooob/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/iamnoooob">@iamnoooob</a>,<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/rootxharsh/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/rootxharsh">@rootxharsh</a>,<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pdresearch/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pdresearch">@pdresearch</a> 🔥</li>
<li>http/cves/2024/<a title="CVE-2024-31848" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-cjgj-qv8v-fhgh/hovercard" href="https://github.com/advisories/GHSA-cjgj-qv8v-fhgh">CVE-2024-31848</a>.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a> 🔥</li>
<li>http/cves/2024/<a title="CVE-2024-4040" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-46vf-c8gj-2pgq/hovercard" href="https://github.com/advisories/GHSA-46vf-c8gj-2pgq">CVE-2024-4040</a>.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>,<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a> 🔥</li>
<li>http/cves/2023/<a title="CVE-2023-2227" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-67mg-gm8m-ph5r/hovercard" href="https://github.com/advisories/GHSA-67mg-gm8m-ph5r">CVE-2023-2227</a>.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a>,<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a> 🔥</li>
<li>http/cves/2023/<a title="CVE-2023-31446" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-89ph-wr9x-hcfc/hovercard" href="https://github.com/advisories/GHSA-89ph-wr9x-hcfc">CVE-2023-31446</a>.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a> 🔥</li>
<li>http/cves/2023/<a title="CVE-2023-43208" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-pj5c-qr29-6746/hovercard" href="https://github.com/advisories/GHSA-pj5c-qr29-6746">CVE-2023-43208</a>.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a> 🔥</li>
<li>http/cves/2023/<a title="CVE-2023-6989" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-72xj-cfw6-3c4q/hovercard" href="https://github.com/advisories/GHSA-72xj-cfw6-3c4q">CVE-2023-6989</a>.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/Kazgangap/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/Kazgangap">@Kazgangap</a> 🔥</li>
<li>http/cves/2019/<a title="CVE-2019-7139" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-4j6w-9rf8-hg7r/hovercard" href="https://github.com/advisories/GHSA-4j6w-9rf8-hg7r">CVE-2019-7139</a>.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/mastercho/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/mastercho">@mastercho</a> 🔥</li>
</ul>
<h3>What's Changed</h3>
<h4>New Templates Added: <code>65</code> | CVEs Added: <code>41</code> | First-time contributions: <code>3</code></h4>
<ul>
<li>http/cves/2024/<a title="CVE-2024-0235" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-w32c-7vqv-h5gw/hovercard" href="https://github.com/advisories/GHSA-w32c-7vqv-h5gw">CVE-2024-0235</a>.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>http/cves/2024/<a title="CVE-2024-0881" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-73jw-m44p-r46h/hovercard" href="https://github.com/advisories/GHSA-73jw-m44p-r46h">CVE-2024-0881</a>.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/Kazgangap/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/Kazgangap">@Kazgangap</a></li>
<li>http/cves/2024/<a title="CVE-2024-1183" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-qh6x-j82h-vpf9/hovercard" href="https://github.com/advisories/GHSA-qh6x-j82h-vpf9">CVE-2024-1183</a>.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a></li>
<li>http/cves/2024/<a title="CVE-2024-22927" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-qh6x-9qph-mmv5/hovercard" href="https://github.com/advisories/GHSA-qh6x-9qph-mmv5">CVE-2024-22927</a>.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a></li>
<li>http/cves/2024/<a title="CVE-2024-2340" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-wvrc-7835-9grj/hovercard" href="https://github.com/advisories/GHSA-wvrc-7835-9grj">CVE-2024-2340</a>.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/t3l3machus/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/t3l3machus">@t3l3machus</a></li>
<li>http/cves/2024/<a title="CVE-2024-23917" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-73v5-rhgg-73mq/hovercard" href="https://github.com/advisories/GHSA-73v5-rhgg-73mq">CVE-2024-23917</a>.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/iamnoooob/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/iamnoooob">@iamnoooob</a>,<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/rootxharsh/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/rootxharsh">@rootxharsh</a>,<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pdresearch/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pdresearch">@pdresearch</a> 🔥</li>
<li>http/cves/2024/<a title="CVE-2024-24131" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-gfhx-2xqr-982p/hovercard" href="https://github.com/advisories/GHSA-gfhx-2xqr-982p">CVE-2024-24131</a>.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a></li>
<li>http/cves/2024/<a title="CVE-2024-27956" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-xv4r-44qp-78wm/hovercard" href="https://github.com/advisories/GHSA-xv4r-44qp-78wm">CVE-2024-27956</a>.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a> 🔥</li>
<li>http/cves/2024/<a title="CVE-2024-2876" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-w55j-5hxw-v35j/hovercard" href="https://github.com/advisories/GHSA-w55j-5hxw-v35j">CVE-2024-2876</a>.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/iamnoooob/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/iamnoooob">@iamnoooob</a>,<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/rootxharsh/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/rootxharsh">@rootxharsh</a>,<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pdresearch/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pdresearch">@pdresearch</a> 🔥</li>
<li>http/cves/2024/<a title="CVE-2024-3136" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-3jgm-wf2v-2mpq/hovercard" href="https://github.com/advisories/GHSA-3jgm-wf2v-2mpq">CVE-2024-3136</a>.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/iamnoooob/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/iamnoooob">@iamnoooob</a>,<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/rootxharsh/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/rootxharsh">@rootxharsh</a>,<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pdresearch/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pdresearch">@pdresearch</a> 🔥</li>
<li>http/cves/2024/<a title="CVE-2024-31621" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-6wp6-22x5-rr3w/hovercard" href="https://github.com/advisories/GHSA-6wp6-22x5-rr3w">CVE-2024-31621</a>.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a></li>
<li>http/cves/2024/<a title="CVE-2024-31848" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-cjgj-qv8v-fhgh/hovercard" href="https://github.com/advisories/GHSA-cjgj-qv8v-fhgh">CVE-2024-31848</a>.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a> 🔥</li>
<li>http/cves/2024/<a title="CVE-2024-31849" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-f3hc-9q6r-j846/hovercard" href="https://github.com/advisories/GHSA-f3hc-9q6r-j846">CVE-2024-31849</a>.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a></li>
<li>http/cves/2024/<a title="CVE-2024-31850" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-wfw8-wpjj-mf7v/hovercard" href="https://github.com/advisories/GHSA-wfw8-wpjj-mf7v">CVE-2024-31850</a>.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a></li>
<li>http/cves/2024/<a title="CVE-2024-31851" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-225x-44w7-hh2f/hovercard" href="https://github.com/advisories/GHSA-225x-44w7-hh2f">CVE-2024-31851</a>.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a></li>
<li>http/cves/2024/<a title="CVE-2024-32399" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-33pj-qv5w-c27r/hovercard" href="https://github.com/advisories/GHSA-33pj-qv5w-c27r">CVE-2024-32399</a>.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a></li>
<li>http/cves/2024/CVE-2024-32640.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/iamnoooob/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/iamnoooob">@iamnoooob</a>,<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/rootxharsh/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/rootxharsh">@rootxharsh</a>,<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pdresearch/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pdresearch">@pdresearch</a></li>
<li>http/cves/2024/CVE-2024-32651.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/edoardottt/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/edoardottt">@edoardottt</a></li>
<li>http/cves/2024/<a title="CVE-2024-33575" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-5xxc-3cwr-rgj7/hovercard" href="https://github.com/advisories/GHSA-5xxc-3cwr-rgj7">CVE-2024-33575</a>.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/Kazgangap/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/Kazgangap">@Kazgangap</a></li>
<li>http/cves/2024/CVE-2024-33724.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/Kazgangap/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/Kazgangap">@Kazgangap</a></li>
<li>http/cves/2024/<a title="CVE-2024-4040" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-46vf-c8gj-2pgq/hovercard" href="https://github.com/advisories/GHSA-46vf-c8gj-2pgq">CVE-2024-4040</a>.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a>,<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a> 🔥</li>
<li>http/cves/2024/<a title="CVE-2024-4348" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-hxqh-5g3f-7rjx/hovercard" href="https://github.com/advisories/GHSA-hxqh-5g3f-7rjx">CVE-2024-4348</a>.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/Kazgangap/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/Kazgangap">@Kazgangap</a></li>
<li>http/cves/2023/<a title="CVE-2023-1892" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-h3r8-h5qw-4r35/hovercard" href="https://github.com/advisories/GHSA-h3r8-h5qw-4r35">CVE-2023-1892</a>.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a>,<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>http/cves/2023/<a title="CVE-2023-2227" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-67mg-gm8m-ph5r/hovercard" href="https://github.com/advisories/GHSA-67mg-gm8m-ph5r">CVE-2023-2227</a>.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a>,<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a> 🔥</li>
<li>http/cves/2023/<a title="CVE-2023-27032" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-m963-5mrx-529j/hovercard" href="https://github.com/advisories/GHSA-m963-5mrx-529j">CVE-2023-27032</a>.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/mastercho/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/mastercho">@mastercho</a></li>
<li>http/cves/2023/<a title="CVE-2023-2948" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-9942-rg4x-mcpv/hovercard" href="https://github.com/advisories/GHSA-9942-rg4x-mcpv">CVE-2023-2948</a>.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a>,<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>http/cves/2023/<a title="CVE-2023-2949" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-ffmm-jx9r-2g49/hovercard" href="https://github.com/advisories/GHSA-ffmm-jx9r-2g49">CVE-2023-2949</a>.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a>,<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>http/cves/2023/<a title="CVE-2023-31446" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-89ph-wr9x-hcfc/hovercard" href="https://github.com/advisories/GHSA-89ph-wr9x-hcfc">CVE-2023-31446</a>.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a> 🔥</li>
<li>http/cves/2023/<a title="CVE-2023-32077" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-8x8h-hcq8-jwwx/hovercard" href="https://github.com/advisories/GHSA-8x8h-hcq8-jwwx">CVE-2023-32077</a>.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/iamnoooob/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/iamnoooob">@iamnoooob</a>,<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/rootxharsh/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/rootxharsh">@rootxharsh</a>,<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pdresearch/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pdresearch">@pdresearch</a></li>
<li>http/cves/2023/<a title="CVE-2023-38964" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-jhh6-w77r-5vf6/hovercard" href="https://github.com/advisories/GHSA-jhh6-w77r-5vf6">CVE-2023-38964</a>.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a></li>
<li>http/cves/2023/<a title="CVE-2023-43208" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-pj5c-qr29-6746/hovercard" href="https://github.com/advisories/GHSA-pj5c-qr29-6746">CVE-2023-43208</a>.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a> 🔥</li>
<li>http/cves/2023/<a title="CVE-2023-44812" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-4gqm-mfjj-vwrr/hovercard" href="https://github.com/advisories/GHSA-4gqm-mfjj-vwrr">CVE-2023-44812</a>.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a></li>
<li>http/cves/2023/<a title="CVE-2023-4521" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-2j3g-p2x2-c94q/hovercard" href="https://github.com/advisories/GHSA-2j3g-p2x2-c94q">CVE-2023-4521</a>.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>http/cves/2023/<a title="CVE-2023-45375" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-559q-gjf6-hx34/hovercard" href="https://github.com/advisories/GHSA-559q-gjf6-hx34">CVE-2023-45375</a>.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/mastercho/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/mastercho">@mastercho</a></li>
<li>http/cves/2023/<a title="CVE-2023-46347" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-8v8r-33p8-hh47/hovercard" href="https://github.com/advisories/GHSA-8v8r-33p8-hh47">CVE-2023-46347</a>.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/mastercho/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/mastercho">@mastercho</a></li>
<li>http/cves/2023/<a title="CVE-2023-4973" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-28ww-p6p6-8629/hovercard" href="https://github.com/advisories/GHSA-28ww-p6p6-8629">CVE-2023-4973</a>.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a>,<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>http/cves/2023/<a title="CVE-2023-5003" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-2vvx-5g27-9gvj/hovercard" href="https://github.com/advisories/GHSA-2vvx-5g27-9gvj">CVE-2023-5003</a>.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/Kazgangap/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/Kazgangap">@Kazgangap</a></li>
<li>http/cves/2023/<a title="CVE-2023-6389" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-8622-rmmr-47jv/hovercard" href="https://github.com/advisories/GHSA-8622-rmmr-47jv">CVE-2023-6389</a>.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/Kazgangap/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/Kazgangap">@Kazgangap</a></li>
<li>http/cves/2023/<a title="CVE-2023-6989" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-72xj-cfw6-3c4q/hovercard" href="https://github.com/advisories/GHSA-72xj-cfw6-3c4q">CVE-2023-6989</a>.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/Kazgangap/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/Kazgangap">@Kazgangap</a> 🔥</li>
<li>http/cves/2019/<a title="CVE-2019-7139" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-4j6w-9rf8-hg7r/hovercard" href="https://github.com/advisories/GHSA-4j6w-9rf8-hg7r">CVE-2019-7139</a>.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/mastercho/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/mastercho">@mastercho</a> 🔥</li>
<li>http/cves/2015/<a title="CVE-2015-4455" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-548f-66xm-vfq4/hovercard" href="https://github.com/advisories/GHSA-548f-66xm-vfq4">CVE-2015-4455</a>.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/mastercho/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/mastercho">@mastercho</a></li>
<li>http/vulnerabilities/citrix/citrix-oob-memory-read.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/Ice3man/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/Ice3man">@Ice3man</a></li>
<li>http/vulnerabilities/prestashop/prestashop-cartabandonmentpro-file-upload.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/mastercho/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/mastercho">@mastercho</a></li>
<li>http/vulnerabilities/titan/titannit-web-rce.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a></li>
<li>http/vulnerabilities/vbulletin/vbulletin-search-sqli.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/mastercho/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/mastercho">@mastercho</a></li>
<li>http/default-logins/crushftp/crushftp-anonymous-login.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a></li>
<li>http/default-logins/crushftp/crushftp-default-login.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a></li>
<li>http/default-logins/soplanning/soplanning-default-login.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/Kazgangap/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/Kazgangap">@Kazgangap</a></li>
<li>http/misconfiguration/installer/eyoucms-installer.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a></li>
<li>http/misconfiguration/installer/sabnzbd-installer.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a></li>
<li>http/misconfiguration/microsoft/ms-exchange-local-domain.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/userdehghani/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/userdehghani">@userdehghani</a></li>
<li>http/misconfiguration/titannit-web-exposure.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a></li>
<li>http/takeovers/squadcast-takeover.yaml by @philippedelteil</li>
<li>http/exposed-panels/bmc/bmc-remedy-sso-panel.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/righettod/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/righettod">@righettod</a></li>
<li>http/exposed-panels/bonobo-server-panel.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/bhutch/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/bhutch">@bhutch</a></li>
<li>http/exposed-panels/cassia-bluetooth-gateway-panel.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a></li>
<li>http/exposed-panels/cyberchef-panel.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/rxerium/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/rxerium">@rxerium</a></li>
<li>http/exposed-panels/femtocell-panel.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a></li>
<li>http/exposed-panels/monitorr-panel.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a></li>
<li>http/exposed-panels/openwebui-panel.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/rxerium/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/rxerium">@rxerium</a></li>
<li>http/exposed-panels/teamforge-panel.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/lstatro/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/lstatro">@lstatro</a></li>
<li>http/exposed-panels/tixeo-panel.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/righettod/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/righettod">@righettod</a></li>
<li>http/exposed-panels/umami-panel.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/userdehghani/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/userdehghani">@userdehghani</a></li>
<li>network/detection/aix-websm-detect.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/righettod/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/righettod">@righettod</a></li>
<li>network/detection/bluecoat-telnet-proxy-detect.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/righettod/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/righettod">@righettod</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/theMiddleBlue/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/theMiddleBlue">@theMiddleBlue</a> made their first contribution in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2259101574" data-permission-text="Title is private" data-url="https://github.com/projectdiscovery/nuclei-templates/issues/9637" data-hovercard-type="pull_request" data-hovercard-url="/projectdiscovery/nuclei-templates/pull/9637/hovercard" href="https://github.com/projectdiscovery/nuclei-templates/pull/9637">#9637</a></li>
<li><a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/userdehghani/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/userdehghani">@userdehghani</a> made their first contribution in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2269813336" data-permission-text="Title is private" data-url="https://github.com/projectdiscovery/nuclei-templates/issues/9666" data-hovercard-type="pull_request" data-hovercard-url="/projectdiscovery/nuclei-templates/pull/9666/hovercard" href="https://github.com/projectdiscovery/nuclei-templates/pull/9666">#9666</a></li>
<li><a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/jason3e7/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/jason3e7">@jason3e7</a> made their first contribution in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2285767282" data-permission-text="Title is private" data-url="https://github.com/projectdiscovery/nuclei-templates/issues/9731" data-hovercard-type="pull_request" data-hovercard-url="/projectdiscovery/nuclei-templates/pull/9731/hovercard" href="https://github.com/projectdiscovery/nuclei-templates/pull/9731">#9731</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a class="commit-link" href="https://github.com/projectdiscovery/nuclei-templates/compare/v9.8.5...v9.8.6"><tt>v9.8.5...v9.8.6</tt></a></p>
princechaddha
tag:github.com,2008:Repository/253044228/v9.8.5
2024-04-22T16:51:11Z
v9.8.5 - AWS Cloud Config Review
<h3>🔥 Release Highlights 🔥</h3>
<p>We're excited to share about Nuclei-Templates v9.8.5! This new version includes newly added AWS cloud config review templates.<br>
These templates can be used by companies or pentesters for identifying misconfigurations in the AWS cloud environment.</p>
<p>Similarly by leveraging aws code templates, security teams will be able to write their own checks for identifying misconfigurations that are specific to their particular workflows. This will enable them to effectively identify and remediate potential security issues within AWS environments.</p>
<p>To use cloud configuration review templates, first we need set up the environment. This setup is similar to using the <code>aws-cli</code>, where you either add <code>aws_access_key_id</code> and <code>aws_secret_access_key</code> to the <code>~/.aws/credentials</code> file or export them as environment variables.</p>
<div class="highlight highlight-source-yaml notranslate position-relative overflow-auto" data-snippet-clipboard-copy-content="nuclei -id aws-code-env -code"><pre><span class="pl-s">nuclei -id aws-code-env -code</span></pre></div>
<p>We've also introduced the concept of profiles, which allow users to run a specific set of templates tailored for a particular use case. For running AWS templates, we have a profile named <code>aws-cloud-config</code>.</p>
<p>Now you're all set to run the templates!</p>
<div class="highlight highlight-source-yaml notranslate position-relative overflow-auto" data-snippet-clipboard-copy-content="nuclei -config ~/nuclei-templates/profiles/aws-cloud-config.yml -cloud-upload"><pre><span class="pl-s">nuclei -config ~/nuclei-templates/profiles/aws-cloud-config.yml -cloud-upload</span></pre></div>
<h3>What's Changed</h3>
<h4>New Templates Added: <code>142</code> | CVEs Added: <code>10</code> | First-time contributions: <code>6</code></h4>
<ul>
<li>http/cves/2024/<a title="CVE-2024-26331" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-f685-p7gp-hwrf/hovercard" href="https://github.com/advisories/GHSA-f685-p7gp-hwrf">CVE-2024-26331</a>.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/carsonchan12345/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/carsonchan12345">@carsonchan12345</a> 🔥</li>
<li>http/cves/2024/<a title="CVE-2024-3400" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-v475-xhc9-wfxg/hovercard" href="https://github.com/advisories/GHSA-v475-xhc9-wfxg">CVE-2024-3400</a>.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/Salts/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/Salts">@Salts</a>,<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/parthmalhotra/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/parthmalhotra">@parthmalhotra</a> 🔥</li>
<li>http/cves/2024/<a title="CVE-2024-3273" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-52h8-5hwm-jv8x/hovercard" href="https://github.com/advisories/GHSA-52h8-5hwm-jv8x">CVE-2024-3273</a>.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a> 🔥</li>
<li>code/cves/2024/<a title="CVE-2024-3094" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-rxwq-x6h5-x525/hovercard" href="https://github.com/advisories/GHSA-rxwq-x6h5-x525">CVE-2024-3094</a>.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pdteam/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pdteam">@pdteam</a> 🔥</li>
<li>http/cves/2024/<a title="CVE-2024-2879" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-53x2-fcg3-m32m/hovercard" href="https://github.com/advisories/GHSA-53x2-fcg3-m32m">CVE-2024-2879</a>.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/d4ly/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/d4ly">@d4ly</a> 🔥</li>
<li>http/cves/2024/<a title="CVE-2024-2389" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-9p5w-7f45-v3jm/hovercard" href="https://github.com/advisories/GHSA-9p5w-7f45-v3jm">CVE-2024-2389</a>.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pdresearch/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pdresearch">@pdresearch</a>,<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/parthmalhotra/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/parthmalhotra">@parthmalhotra</a> 🔥</li>
<li>http/cves/2024/<a title="CVE-2024-0337" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-7ph5-37r4-fwh8/hovercard" href="https://github.com/advisories/GHSA-7ph5-37r4-fwh8">CVE-2024-0337</a>.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/Kazgangap/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/Kazgangap">@Kazgangap</a></li>
<li>javascript/cves/2023/<a title="CVE-2023-48795" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-45x7-px36-x8w8/hovercard" href="https://github.com/advisories/GHSA-45x7-px36-x8w8">CVE-2023-48795</a>.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a></li>
<li>http/cves/2022/<a title="CVE-2022-24627" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-v6q9-3q27-xxg6/hovercard" href="https://github.com/advisories/GHSA-v6q9-3q27-xxg6">CVE-2022-24627</a>.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/geeknik/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/geeknik">@geeknik</a></li>
<li>http/cves/2022/<a title="CVE-2022-0424" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-28vh-fggg-795m/hovercard" href="https://github.com/advisories/GHSA-28vh-fggg-795m">CVE-2022-0424</a>.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/Kazgangap/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/Kazgangap">@Kazgangap</a></li>
<li>http/vulnerabilities/other/opencart-core-sqli.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/Kazgangap/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/Kazgangap">@Kazgangap</a></li>
<li>http/vulnerabilities/other/quick-cms-sqli.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/Kazgangap/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/Kazgangap">@Kazgangap</a></li>
<li>http/vulnerabilities/other/user-management-system-sqli.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/f0xy/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/f0xy">@f0xy</a></li>
<li>cloud/aws/acm/acm-cert-expired.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/acm/acm-cert-renewal-30days.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/acm/acm-cert-renewal-45days.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/acm/acm-cert-validation.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/acm/acm-wildcard-cert.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/aws-code-env.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/cloudtrail/cloudtrail-data-events.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/cloudtrail/cloudtrail-disabled.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/cloudtrail/cloudtrail-dup-logs.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/cloudtrail/cloudtrail-global-disabled.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/cloudtrail/cloudtrail-integrated-cloudwatch.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/cloudtrail/cloudtrail-log-integrity.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/cloudtrail/cloudtrail-logs-not-encrypted.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/cloudtrail/cloudtrail-mfa-delete.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/cloudtrail/cloudtrail-mgmt-events.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/cloudtrail/cloudtrail-public-buckets.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/cloudtrail/cloudtrail-s3-bucket-logging.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/cloudtrail/s3-object-lock-not-enabled.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/cloudwatch/cw-alarm-action-set.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/cloudwatch/cw-alarms-actions.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/ec2/ec2-imdsv2.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/ec2/ec2-public-ip.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/ec2/ec2-sg-egress-open.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/ec2/ec2-sg-ingress.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/ec2/ec2-unrestricted-cifs.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/ec2/ec2-unrestricted-dns.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/ec2/ec2-unrestricted-ftp.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/ec2/ec2-unrestricted-http.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/ec2/ec2-unrestricted-https.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/ec2/ec2-unrestricted-icmp.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/ec2/ec2-unrestricted-memcached.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/ec2/ec2-unrestricted-mongodb.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/ec2/ec2-unrestricted-mssql.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/ec2/ec2-unrestricted-mysql.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/ec2/ec2-unrestricted-netbios.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/ec2/ec2-unrestricted-opensearch.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/ec2/ec2-unrestricted-oracle.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/ec2/ec2-unrestricted-pgsql.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/ec2/ec2-unrestricted-rdp.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/ec2/ec2-unrestricted-redis.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/ec2/ec2-unrestricted-smtp.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/ec2/ec2-unrestricted-ssh.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/ec2/ec2-unrestricted-telnet.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/ec2/publicly-shared-ami.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/ec2/unencrypted-aws-ami.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/iam/iam-access-analyzer.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/iam/iam-expired-ssl.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/iam/iam-full-admin-privileges.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/iam/iam-key-rotation-90days.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/iam/iam-mfa-enable.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/iam/iam-password-policy.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/iam/iam-root-mfa.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/iam/iam-ssh-keys-rotation.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/iam/iam-unapproved-policy.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/iam/iam-user-password-change.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/iam/ssl-cert-renewal.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/rds/aurora-copy-tags-snap.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/rds/aurora-delete-protect.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/rds/iam-db-auth.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/rds/rds-backup-enable.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/rds/rds-deletion-protection.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/rds/rds-encryption-check.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/rds/rds-event-notify.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/rds/rds-event-sub-enable.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/rds/rds-event-sub.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/rds/rds-gp-ssd-usage.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/rds/rds-public-snapshot.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/rds/rds-public-subnet.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/rds/rds-ri-payment-fail.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/rds/rds-snapshot-encryption.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/s3/s3-access-logging.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/s3/s3-auth-fullcontrol.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/s3/s3-bucket-key.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/s3/s3-bucket-policy-public-access.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/s3/s3-mfa-delete-check.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/s3/s3-public-read-acp.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/s3/s3-public-read.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/s3/s3-public-write-acp.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/s3/s3-public-write.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/s3/s3-server-side-encryption.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/s3/s3-versioning.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/vpc/nacl-open-inbound.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/vpc/nacl-outbound-restrict.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/vpc/nat-gateway-usage.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/vpc/unrestricted-admin-ports.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/vpc/vpc-endpoint-exposed.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/vpc/vpc-endpoints-not-deployed.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/vpc/vpc-flowlogs-not-enabled.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>cloud/aws/vpc/vpn-tunnel-down.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/princechaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/princechaddha">@princechaddha</a></li>
<li>http/misconfiguration/apple-cups-exposure.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a></li>
<li>http/misconfiguration/dlink-unauth-cgi-script.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a></li>
<li>http/misconfiguration/helm-dashboard-exposure.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a></li>
<li>http/misconfiguration/installer/phpipam-installer.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a></li>
<li>http/misconfiguration/intelbras-dvr-unauth.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pussycat0x/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pussycat0x">@pussycat0x</a></li>
<li>http/misconfiguration/sentinel-license-monitor.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a></li>
<li>http/misconfiguration/thanos-prometheus-exposure.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a></li>
<li>http/default-logins/allnet/allnet-default-login.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a></li>
<li>http/default-logins/asus/asus-rtn16-default-login.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a></li>
<li>http/default-logins/asus/asus-wl500g-default-login.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a></li>
<li>http/default-logins/asus/asus-wl520GU-default-login.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a></li>
<li>http/default-logins/barco-clickshare-default-login.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a></li>
<li>http/exposed-panels/akhq-panel.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a></li>
<li>http/exposed-panels/algonomia-panel.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/righettod/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/righettod">@righettod</a></li>
<li>http/exposed-panels/beyondtrust-priv-panel.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/righettod/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/righettod">@righettod</a></li>
<li>http/exposed-panels/chemotargets-clarityvista-panel.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/righettod/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/righettod">@righettod</a></li>
<li>http/exposed-panels/mitel-micollab-panel.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/righettod/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/righettod">@righettod</a></li>
<li>http/exposed-panels/mitric-checker-panel.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/righettod/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/righettod">@righettod</a></li>
<li>http/exposed-panels/ni-web-based-panel.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a></li>
<li>http/exposed-panels/ollama-llm-panel.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/pbuff07/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/pbuff07">@pbuff07</a></li>
<li>http/exposed-panels/outsystems-servicecenter-panel.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/righettod/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/righettod">@righettod</a></li>
<li>http/exposed-panels/powerchute-network-panel.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a></li>
<li>http/exposed-panels/rtm-web-panel.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a></li>
<li>http/exposed-panels/suprema-biostar-panel.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/ritikchaddha/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/ritikchaddha">@ritikchaddha</a></li>
<li>http/exposed-panels/tibco-spotfire-panel.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/righettod/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/righettod">@righettod</a></li>
<li>http/exposed-panels/uipath-orchestrator-panel.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/righettod/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/righettod">@righettod</a></li>
<li>http/exposed-panels/urbackup-panel.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a></li>
<li>http/exposed-panels/zenml-dashboard-panel.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/dhiyaneshdk/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dhiyaneshdk">@dhiyaneshdk</a></li>
<li>http/exposures/apis/aspnet-soap-webservices-asmx.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/righettod/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/righettod">@righettod</a></li>
<li>http/exposures/apis/redfish-api.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/righettod/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/righettod">@righettod</a></li>
<li>http/exposures/files/ht-deployment.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/Michal-Mikolas/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/Michal-Mikolas">@Michal-Mikolas</a></li>
<li>http/takeovers/gohire-takeover.yaml by @philippedelteil</li>
<li>http/takeovers/helpdocs-takeover.yaml by @philippedelteil</li>
<li>http/takeovers/softr-takeover.yaml by @philippedelteil</li>
<li>http/takeovers/uptime-takeover.yaml by @philippedelteil</li>
<li>http/technologies/citrix-xenmobile-version.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/Puben/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/Puben">@Puben</a></li>
<li>http/technologies/splunkhec-detect.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/idealphase/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/idealphase">@idealphase</a></li>
<li>http/technologies/tibco-spotfire-services-detect.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/righettod/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/righettod">@righettod</a></li>
<li>ssl/c2/sliver-c2.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/johnk3r/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/johnk3r">@johnk3r</a></li>
<li>dns/bimi-detect.yaml by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/rxerium/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/rxerium">@rxerium</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/d4lyw/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/d4lyw">@d4lyw</a> made their first contribution in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2227759713" data-permission-text="Title is private" data-url="https://github.com/projectdiscovery/nuclei-templates/issues/9512" data-hovercard-type="pull_request" data-hovercard-url="/projectdiscovery/nuclei-templates/pull/9512/hovercard" href="https://github.com/projectdiscovery/nuclei-templates/pull/9512">#9512</a></li>
<li><a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/Puben/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/Puben">@Puben</a> made their first contribution in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2233617734" data-permission-text="Title is private" data-url="https://github.com/projectdiscovery/nuclei-templates/issues/9530" data-hovercard-type="pull_request" data-hovercard-url="/projectdiscovery/nuclei-templates/pull/9530/hovercard" href="https://github.com/projectdiscovery/nuclei-templates/pull/9530">#9530</a></li>
<li><a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/carsonchan12345/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/carsonchan12345">@carsonchan12345</a> made their first contribution in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2239171663" data-permission-text="Title is private" data-url="https://github.com/projectdiscovery/nuclei-templates/issues/9566" data-hovercard-type="pull_request" data-hovercard-url="/projectdiscovery/nuclei-templates/pull/9566/hovercard" href="https://github.com/projectdiscovery/nuclei-templates/pull/9566">#9566</a></li>
<li><a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/0xKayala/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/0xKayala">@0xKayala</a> made their first contribution in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2241374402" data-permission-text="Title is private" data-url="https://github.com/projectdiscovery/nuclei-templates/issues/9573" data-hovercard-type="pull_request" data-hovercard-url="/projectdiscovery/nuclei-templates/pull/9573/hovercard" href="https://github.com/projectdiscovery/nuclei-templates/pull/9573">#9573</a></li>
<li><a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/scottdharvey/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/scottdharvey">@scottdharvey</a> made their first contribution in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2244402221" data-permission-text="Title is private" data-url="https://github.com/projectdiscovery/nuclei-templates/issues/9585" data-hovercard-type="pull_request" data-hovercard-url="/projectdiscovery/nuclei-templates/pull/9585/hovercard" href="https://github.com/projectdiscovery/nuclei-templates/pull/9585">#9585</a></li>
<li><a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/Eyub-kurnaz/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/Eyub-kurnaz">@Eyub-kurnaz</a> made their first contribution in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2212968546" data-permission-text="Title is private" data-url="https://github.com/projectdiscovery/nuclei-templates/issues/9450" data-hovercard-type="pull_request" data-hovercard-url="/projectdiscovery/nuclei-templates/pull/9450/hovercard" href="https://github.com/projectdiscovery/nuclei-templates/pull/9450">#9450</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a class="commit-link" href="https://github.com/projectdiscovery/nuclei-templates/compare/v9.8.1...v9.8.5"><tt>v9.8.1...v9.8.5</tt></a></p>
princechaddha