What's Changed

🔥 Release Highlights 🔥

• [CVE-2024-45409] GitLab - SAML Authentication Bypass (@iamnoooob, @rootxharsh, @pdresearch) [critical] 🔥
• [CVE-2024-43917] TI WooCommerce Wishlist Plugin <= 2.8.2 - SQLi (@iamnoooob, @rootxharsh, @pdresearch) [critical] 🔥
• [CVE-2024-38816] WebMvc.fn/WebFlux.fn - Path Traversal (@pussycat0x) [high] 🔥
• [CVE-2024-9465] Palo Alto Expedition - SQL Injection (@DhiyaneshDK) [high] 🔥
• [CVE-2024-9463] PaloAlto Networks Expedition - Remote Code Execution (@princechaddha) [critical] 🔥
• [CVE-2024-7354] Ninja Forms 3.8.6-3.8.10 - Cross-Site Scripting (@ritikchaddha) [medium] 🔥
• [CVE-2024-5488] SEOPress < 7.9 - Authentication Bypass (@pdresearch, @iamnoooob, @rootxharsh) [critical] 🔥
• [CVE-2021-25094] Wordpress Tatsubuilder <= 3.3.11 - RCE (@iamnoooob, @rootxharsh, @pdresearch) [high] 🔥

Bug Fixes

• Resolved parsing issue in WordPress-WP-Mail-Logging template. (Issue #10908)

False Negatives

• Improved detection in WordPress detection. (Issue #10463)
• Enhanced detection in Adminer Panel. (Issue #10797)

False Positives

• Corrected false positives for CVE-2018-11784. (PR #10916)
• Fixed false positives for CVE-2021-29484. (PR #10880)
• Addressed false positives for CVE-2024-34982. (PR #10879)
• Resolved false positives in Fumengyun-SQLi. (PR #10886)

Enhancements

• Improved SQL injection template for error-based scenarios. (PR #10996)
• Updated CVE-2024-9465 for better accuracy. (PR #10986)
• Enhanced XSS detection in Ninja-Forms. (PR #10974)
• Updated Fumengyun-SQLi for better detection. (PR #10960)
• Enhanced management of CVE-2024-7354. (PR #10925)
• Ensured accurate detection in WordPress update. (PR #10915)
• Refactored Strapi template for efficiency. (PR #10887)
• Updated CONTRIBUTING.md to enhance contributions. (PR #10890)

Template Updates

New Templates Added: 68 | CVEs Added: 30 | First-time contributions: 5

• [CVE-2024-46627] DATAGERRY - REST API Auth Bypass (@gy741) [critical]
• [CVE-2024-45440] Drupal 11.x-dev - Full Path Disclosure (@DhiyaneshDK) [medium]
• [CVE-2024-45409] GitLab - SAML Authentication Bypass (@iamnoooob, @rootxharsh, @pdresearch) [critical] 🔥
• [CVE-2024-43917] TI WooCommerce Wishlist Plugin <= 2.8.2 - SQLi (@iamnoooob, @rootxharsh, @pdresearch) [critical] 🔥
• [CVE-2024-43160] BerqWP <= 1.7.6 - Arbitrary File Uplaod (@s4e-io) [critical]
• [CVE-2024-38816] WebMvc.fn/WebFlux.fn - Path Traversal (@pussycat0x) [high] 🔥
• [CVE-2024-35627] TileServer API - Cross Site Scripting (@DhiyaneshDK) [medium]
• [CVE-2024-32964] Lobe Chat <= v0.150.5 - Server-Side Request Forgery (@s4e-io) [critical]
• [CVE-2024-9465] Palo Alto Expedition - SQL Injection (@DhiyaneshDK) [high] 🔥
• [CVE-2024-9463] PaloAlto Networks Expedition - Remote Code Execution (@princechaddha) [critical] 🔥
• [CVE-2024-8877] Riello Netman 204 - SQL Injection (@s4e-io) [critical]
• [CVE-2024-8021] Gradio - Open Redirect (@DhiyaneshDK) [medium]
• [CVE-2024-7854] Woo Inquiry <= 0.1 - SQL Injection (@s4e-io) [critical]
• [CVE-2024-7714] AI Assistant with ChatGPT by AYS <= 2.0.9 - Unauthenticated AJAX Calls (@s4e-io) [medium]
• [CVE-2024-7354] Ninja Forms 3.8.6-3.8.10 - Cross-Site Scripting (@ritikchaddha) [medium] 🔥
• [CVE-2024-6517] Contact Form 7 Math Captcha <= 2.0.1 - Cross-site Scripting (@s4e-io) [medium]
• [CVE-2024-5488] SEOPress < 7.9 - Authentication Bypass (@pdresearch, @iamnoooob, @rootxharsh) [critical] 🔥
• [CVE-2024-4940] Gradio - Open Redirect (@DhiyaneshDK) [medium]
• [CVE-2024-4340] sqlparse - Denial of Service (@KoYejune0302, @cheoljun99, @sim4110, @gy741) [high]
• [CVE-2024-3753] Hostel < 1.1.5.3 - Cross-Site Scripting (@ritikchaddha) [medium]
• [CVE-2024-3234] Chuanhu Chat - Directory Traversal (@DhiyaneshDk) [critical]
• [CVE-2023-47105] Chaosblade < 1.7.4 - Remote Code Execution (@s4e-io) [high]
• [CVE-2023-39007] OPNsense - Cross-Site Scripting to RCE (@ritikchaddha) [critical]
• [CVE-2023-27641] L-Soft LISTSERV 16.5 - Cross-Site Scripting (@ritikchaddha) [medium]
• [CVE-2023-4151] Store Locator WordPress < 1.4.13 - Cross-Site Scripting (@ritikchaddha) [medium]
• [CVE-2023-0676] phpIPAM 1.5.1 - Cross-site Scripting (@ritikchaddha) [medium]
• [CVE-2021-40272] IRTS OP5 Monitor - Cross-Site Scripting (@ritikchaddha) [medium]
• [CVE-2021-25094] Wordpress Tatsubuilder <= 3.3.11 - RCE (@iamnoooob, @rootxharsh, @pdresearch) [high] 🔥
• [CVE-2019-19411] Huawei Firewall - Local File Inclusion (@taielab) [low]
• [CVE-2017-5871] Odoo <= 8.0-20160726 & 9.0 - Open Redirect (@1337rokudenashi) [medium]
• [datagerry-default-login] Datagerry - Default Login (@gy741) [high]
• [netdisco-default-login] Netdisco Admin - Default Login (@ritikchaddha) [critical]
• [dockwatch-panel] Dockwatch Panel - Detect (@s4e-io) [info]
• [enablix-panel] Enablix Panel - Detect (@DhiyaneshDk) [info]
• [gitlab-explore] GitLab Instance Explore - Detect (@Sujal Tuladhar) [info]
• [gitlab-saml] Gitlab SAML - Detection (@rootxharsh, @iamnoooob, @pdresearch) [info]
• [loxone-web-panel] Loxone WebInterface Panel - Detect (@DhiyaneshDk) [info]
• [m-bus-panel] M-Bus Converter Web Interface - Detect (@DhiyaneshDk) [info]
• [macos-server-panel] macOS Server Panel - Detect (@DhiyaneshDk) [info]
• [riello-netman204-panel] Riello UPS NetMan 204 Panel - Detect (@s4e-io) [info]
• [rstudio-panel] RStudio Sign In Panel - Detect (@DhiyaneshDk) [info]
• [saia-pcd-panel] Saia PCD Web Server Panel - Detect (@DhiyaneshDk) [info]
• [workspace-one-uem-ssp] VMware Workspace ONE UEM Airwatch Self-Service Portal - Detect (@KoratSec) [info]
• [action-controller-exception] Action Controller Exception - Page (@DhiyaneshDk) [info]
• [delphi-mvc-exception] Delphi MVC Exception - Page (@DhiyaneshDk) [info]
• [expression-engine-exception] ExpressionEngine Exception - Page (@DhiyaneshDk) [info]
• [lua-runtime-error] LUA Runtime Error - Page (@DhiyaneshDk) [info]
• [mako-runtime-error] Mako Runtime Error - Page (@DhiyaneshDk) [info]
• [microsoft-runtime-error] Microsoft Runtime Error Page (@DhiyaneshDk) [info]
• [mongodb-exception-page] MongoDB Exception - Page (@DhiyaneshDk) [info]
• [sap-logon-error-message] SAP Logon Error Message (@DhiyaneshDK) [info]
• [twig-runtime-error] Twig Runtime Error - Page (@DhiyaneshDk) [info]
• [seized-site] Seized Site (@rxerium) [info]
• [ariang-debug-console] AriaNg Debug Console - Exposure (@DhiyaneshDk) [medium]
• [aspnetcore-dev-env] ASP.NET Core Development Environment - Exposure (@Mys7ic) [info]
• [netdisco-unauth] Netdisco - Unauth Access (@ritikchaddha) [critical]
• [arcgis-detect] ArcGIS - Detect (@righettod) [info]
• [dizquetv-detect] dizqueTV - Detect (@s4e-io) [info]
• [ivanti-epm-detect] Ivanti Endpoint Manager (EPM) - Detect (@rxerium) [info]
• [default-azure-function-app] Azure Function App - Default Page (@dhiyaneshDk) [info]
• [vertigis-detect] VertiGIS - Detect (@righettod) [info]
• [wiki-js-detect] Wiki.js - Detect (@righettod) [info]
• [windows-communication-foundation-detect] Windows Communication Foundation - Detect (@r3naissance) [info]
• [api-delighted] Delighted API Test (@0xpugal) [info]
• [api-intigriti-researcher] Intigriti-Researcher API Test (@0xpugal) [info]
• [api-telegram] Telegram API Test (@0xpugal) [info]
• [retool-svg-xss] Retool < 3.88 - SVG Cross-Site Scripting (@iamnoooob, @iamnoooob, @pdresearch) [high]
• [ninja-forms-xss] Ninja Forms < 3.5.5 - Cross-Site Scripting (@ritikchaddha) [medium]

New Contributors

• @stvnhrlnd made their first contribution in https://github.com/projectdiscovery/nuclei-templates/pull/10878
• @KoratSec made their first contribution in https://github.com/projectdiscovery/nuclei-templates/pull/10937
• @ShaneIan made their first contribution in https://github.com/projectdiscovery/nuclei-templates/pull/10518
• @evilgensec made their first contribution in https://github.com/projectdiscovery/nuclei-templates/pull/10911
• @aviadavi made their first contribution in https://github.com/projectdiscovery/nuclei-templates/pull/10949

Full Changelog: https://github.com/projectdiscovery/nuclei-templates/compare/v10.0.1...v10.0.2