Replace google-dork with google-query in all templates (#5328)

* dos2unix to standardize line endings

* Replace google-dork with google-query
patch-1
sullo 2022-09-08 18:39:14 -04:00 committed by GitHub
parent da389ca675
commit 0126f9426e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
62 changed files with 73 additions and 73 deletions

View File

@ -18,7 +18,7 @@ info:
cve-id: CVE-2013-6281
cwe-id: CWE-79
metadata:
google-dork: inurl:/wp-content/plugins/dhtmlxspreadsheet
google-query: inurl:/wp-content/plugins/dhtmlxspreadsheet
verified: "true"
tags: wp,wpscan,cve,cve2013,wordpress,xss,wp-plugin

View File

@ -17,7 +17,7 @@ info:
cve-id: CVE-2015-1579
cwe-id: CWE-22
metadata:
google-dork: inurl:/wp-content/plugins/revslider
google-query: inurl:/wp-content/plugins/revslider
tags: wordpress,wp-plugin,lfi,revslider,wp,wpscan,cve,cve2015
requests:

View File

@ -17,7 +17,7 @@ info:
cve-id: CVE-2018-20526
cwe-id: CWE-434
metadata:
google-dork: intitle:"Roxy file manager"
google-query: intitle:"Roxy file manager"
verified: "true"
tags: cve,cve2018,roxy,fileman,rce,fileupload,intrusive,packetstorm,edb

View File

@ -16,7 +16,7 @@ info:
cve-id: CVE-2018-5715
cwe-id: CWE-79
metadata:
google-dork: intext:"SugarCRM Inc. All Rights Reserved"
google-query: intext:"SugarCRM Inc. All Rights Reserved"
shodan-query: http.html:"SugarCRM Inc. All Rights Reserved"
tags: sugarcrm,xss,edb,cve,cve2018

View File

@ -16,7 +16,7 @@ info:
cve-id: CVE-2019-1010287
cwe-id: CWE-79
metadata:
google-dork: inurl:"/timesheet/login.php"
google-query: inurl:"/timesheet/login.php"
tags: cve,cve2019,timesheet,xss
requests:

View File

@ -16,7 +16,7 @@ info:
cve-id: CVE-2019-12593
cwe-id: CWE-22
metadata:
google-dork: Powered By IceWarp 10.4.4
google-query: Powered By IceWarp 10.4.4
shodan-query: title:"icewarp"
tags: cve,cve2019,lfi,icewarp

View File

@ -16,7 +16,7 @@ info:
cve-id: CVE-2021-20031
cwe-id: CWE-601
metadata:
google-dork: inurl:"auth.html" intitle:"SonicWall"
google-query: inurl:"auth.html" intitle:"SonicWall"
tags: sonicwall,redirect,edb,packetstorm,cve,cve2021
requests:

View File

@ -17,7 +17,7 @@ info:
cve-id: CVE-2021-24370
cwe-id: CWE-434,CWE-434
metadata:
google-dork: inurl:“/wp-content/plugins/fancy-product-designer”
google-query: inurl:“/wp-content/plugins/fancy-product-designer”
tags: fancyproduct,wpscan,cve,cve2021,wordpress,rce,wp-plugin,wp
requests:

View File

@ -17,7 +17,7 @@ info:
cve-id: CVE-2021-27330
cwe-id: CWE-79
metadata:
google-dork: intitle:TriConsole.com - PHP Calendar Date Picker
google-query: intitle:TriConsole.com - PHP Calendar Date Picker
verified: "true"
tags: xss,edb,cve,cve2021,triconsole

View File

@ -17,7 +17,7 @@ info:
cve-id: CVE-2021-31589
cwe-id: CWE-79
metadata:
google-dork: '"BeyondTrust" "Redistribution Prohibited"'
google-query: '"BeyondTrust" "Redistribution Prohibited"'
shodan-query: 'set-cookie: nsbase_session'
tags: xss,packetstorm,cve,cve2021,beyondtrust,bomgar

View File

@ -16,7 +16,7 @@ info:
cve-id: CVE-2021-45043
cwe-id: CWE-22
metadata:
google-dork: intitle:"HD-Network Real-time Monitoring System V2.0"
google-query: intitle:"HD-Network Real-time Monitoring System V2.0"
tags: camera,edb,cve,cve2021,hdnetwork,lfi,iot
requests:

View File

@ -14,7 +14,7 @@ info:
cve-id: CVE-2022-0656
cwe-id: CWE-552
metadata:
google-dork: inurl:"/wp-content/plugins/udraw"
google-query: inurl:"/wp-content/plugins/udraw"
verified: "true"
tags: wp,wordpress,wp-plugin,unauth,cve,cve2022,lfi,udraw,wpscan

View File

@ -17,7 +17,7 @@ info:
cve-id: CVE-2022-1597
cwe-id: CWE-79
metadata:
google-dork: inurl:/wp-content/plugins/wpqa
google-query: inurl:/wp-content/plugins/wpqa
verified: "true"
tags: wpscan,xss,wordpress,wp-plugin,wp,cve,cve2022,wpqa

View File

@ -15,7 +15,7 @@ info:
cve-id: CVE-2022-1598
cwe-id: CWE-284
metadata:
google-dork: inurl:/wp-content/plugins/wpqa
google-query: inurl:/wp-content/plugins/wpqa
verified: "true"
tags: cve,cve2022,wordpress,wp-plugin,wpqa,idor,wpscan

View File

@ -16,7 +16,7 @@ info:
cve-id: CVE-2022-1906
cwe-id: CWE-79
metadata:
google-dork: inurl:/wp-content/plugins/digiproveblog
google-query: inurl:/wp-content/plugins/digiproveblog
verified: "true"
tags: wordpress,xss,wp-plugin,wp,wpscan,cve,cve2022

View File

@ -15,7 +15,7 @@ info:
cve-id: CVE-2022-1946
cwe-id: CWE-79
metadata:
google-dork: inurl:"/wp-content/plugins/gallery-album/"
google-query: inurl:"/wp-content/plugins/gallery-album/"
verified: "true"
tags: wpscan,cve2022,wp,xss,wordpress,gallery,unauth,cve,wp-plugin

View File

@ -16,7 +16,7 @@ info:
cve-id: CVE-2022-27849
cwe-id: CWE-200
metadata:
google-dork: inurl:/wp-content/plugins/simple-ajax-chat/
google-query: inurl:/wp-content/plugins/simple-ajax-chat/
tags: wp,wordpress,wp-plugin,cve,cve2022,disclosure
requests:

View File

@ -16,7 +16,7 @@ info:
cve-id: CVE-2022-29548
cwe-id: CWE-79
metadata:
google-dork: inurl:"carbon/admin/login"
google-query: inurl:"carbon/admin/login"
verified: "true"
tags: cve,cve2022,wso2,xss

View File

@ -12,7 +12,7 @@ info:
metadata:
fofa-query: title=="Acrolinx Dashboard"
shodan-query: http.title:"Acrolinx Dashboard"
google-dork: inurl:"Acrolinx Dashboard"
google-query: inurl:"Acrolinx Dashboard"
tags: acrolinx,panel
requests:

View File

@ -11,7 +11,7 @@ info:
cwe-id: CWE-200
metadata:
shodan-query: html:"amcrest"
google-dork: intext:"amcrest" "LDAP User"
google-query: intext:"amcrest" "LDAP User"
tags: panel,camera,amcrest,edb
requests:

View File

@ -11,7 +11,7 @@ info:
classification:
cwe-id: CWE-200
metadata:
google-dork: intitle:"atvise - next generation"
google-query: intitle:"atvise - next generation"
tags: panel,atvise,edb
requests:

View File

@ -5,7 +5,7 @@ info:
author: pussycat0x,daffainfo
severity: info
metadata:
google-dork: inurl:EMSWebClient/
google-query: inurl:EMSWebClient/
tags: panel,ems
requests:

View File

@ -8,7 +8,7 @@ info:
- https://www.exploit-db.com/ghdb/7941
metadata:
verified: true
google-dork: sap/bc/ui5_ui5/ui2/ushell/shells/abap/FioriLaunchpad.html -site:sap.com
google-query: sap/bc/ui5_ui5/ui2/ushell/shells/abap/FioriLaunchpad.html -site:sap.com
tags: sap,fiori,edb,panel
requests:

View File

@ -8,7 +8,7 @@ info:
metadata:
verified: true
shodan-query: http.html:"FTM manager"
google-dork: intitle:"FTM manager"
google-query: intitle:"FTM manager"
tags: panel,ftm
requests:

View File

@ -8,7 +8,7 @@ info:
- https://www.exploit-db.com/ghdb/7272
metadata:
shodan-query: http.title:"Intelbras"
google-dork: intitle:"Intelbras" "All Rights Reserved" -.com
google-query: intitle:"Intelbras" "All Rights Reserved" -.com
tags: panel,edb
requests:

View File

@ -8,7 +8,7 @@ info:
- https://www.exploit-db.com/ghdb/7380
- https://github.com/projectsend/projectsend
metadata:
google-dork: intext:Provided by ProjectSend
google-query: intext:Provided by ProjectSend
tags: panel,projectsend,edb
requests:

View File

@ -6,7 +6,7 @@ info:
severity: info
metadata:
verified: true
google-dork: intitle:"Roxy file manager"
google-query: intitle:"Roxy file manager"
tags: tech,fileupload,roxy,fileman
requests:

View File

@ -9,7 +9,7 @@ info:
- https://www.commscope.com/ruckus/
metadata:
shodan-query: http.title:"Unleashed Login"
google-dork: intitle:"Unleashed Login"
google-query: intitle:"Unleashed Login"
tags: panel,ruckus
requests:

View File

@ -11,7 +11,7 @@ info:
- https://www.supermicro.com/white_paper/IPMI_white_paper.pdf
metadata:
shodan-query: http.title:"Supermicro BMC Login"
google-dork: intitle:"Supermicro BMC Login"
google-query: intitle:"Supermicro BMC Login"
tags: panel,supermicro,bmc
requests:

View File

@ -9,7 +9,7 @@ info:
- https://www.exploit-db.com/ghdb/7819
- https://teltonika-iot-group.com/
metadata:
google-dork: intitle:"Teltonika -Web UI" | intitle:"Teltonika-RUT -Web UI" inurl:"/cgi-bin/luci"
google-query: intitle:"Teltonika -Web UI" | intitle:"Teltonika-RUT -Web UI" inurl:"/cgi-bin/luci"
tags: panel,teltonika,edb
requests:

View File

@ -7,7 +7,7 @@ info:
reference:
- https://www.exploit-db.com/ghdb/7001
metadata:
google-dork: intitle:"Webmodule" inurl:"/webmodule-ee/login.seam" "Version"
google-query: intitle:"Webmodule" inurl:"/webmodule-ee/login.seam" "Version"
shodan-query: title:"Webmodule"
tags: edb,panel,webmodule-ee,login

View File

@ -5,7 +5,7 @@ info:
author: princechaddha
severity: info
metadata:
google-dork: inurl:"xweb500.cgi"
google-query: inurl:"xweb500.cgi"
tags: panel,xweb500
requests:

View File

@ -6,7 +6,7 @@ info:
severity: info
metadata:
verified: true
google-dork: intitle:"index of" "build.properties"
google-query: intitle:"index of" "build.properties"
tags: exposure,config
requests:

View File

@ -7,7 +7,7 @@ info:
reference: https://www.exploit-db.com/ghdb/7959
metadata:
verified: true
google-dork: intitle:"index of" "docker-cloud.yml"
google-query: intitle:"index of" "docker-cloud.yml"
tags: exposure,cloud,devops,docker
requests:

View File

@ -6,7 +6,7 @@ info:
severity: low
metadata:
verified: true
google-dork: intitle:"index of" "pantheon.upstream.yml"
google-query: intitle:"index of" "pantheon.upstream.yml"
tags: exposure,devops,patheon,config
requests:

View File

@ -8,7 +8,7 @@ info:
- https://www.exploit-db.com/ghdb/5803
metadata:
verified: true
google-dork: intitle:"index of" configuration.yml
google-query: intitle:"index of" configuration.yml
tags: exposure,redmine,devops,edb
requests:

View File

@ -7,7 +7,7 @@ info:
reference: https://www.exploit-db.com/ghdb/5796
metadata:
verified: true
google-dork: intitle:"index of" "settings.yml"
google-query: intitle:"index of" "settings.yml"
tags: misconfig,redmine,devops
requests:

View File

@ -6,7 +6,7 @@ info:
severity: low
metadata:
verified: true
google-dork: intitle:"index of" storage.yml
google-query: intitle:"index of" storage.yml
tags: exposure,ruby,devops
requests:

View File

@ -7,7 +7,7 @@ info:
reference: https://www.exploit-db.com/ghdb/6283
metadata:
verified: true
google-dork: intitle:"index of" "secrets.yml"
google-query: intitle:"index of" "secrets.yml"
tags: misconfig,cloud,devops
requests:

View File

@ -6,7 +6,7 @@ info:
severity: info
metadata:
verified: true
google-dork: intitle:"index of" "properties.ini"
google-query: intitle:"index of" "properties.ini"
tags: symfony,exposure
requests:

View File

@ -6,7 +6,7 @@ info:
severity: info
metadata:
verified: true
google-dork: intitle:"index of" "security.yml"
google-query: intitle:"index of" "security.yml"
tags: symfony,devops,exposure
requests:

View File

@ -6,7 +6,7 @@ info:
severity: low
metadata:
verified: true
google-dork: intitle:"Index of" ws_ftp.ini
google-query: intitle:"Index of" ws_ftp.ini
tags: exposure,ftp
requests:

View File

@ -11,7 +11,7 @@ info:
- https://www.integrigy.com/oracle-application-server-fastcgi-echo-vulnerability-reports
metadata:
verified: true
google-dork: inurl:fcgi-bin/echo
google-query: inurl:fcgi-bin/echo
tags: exposure,logs,oracle,fastcgi,edb
requests:

View File

@ -8,7 +8,7 @@ info:
- https://www.exploit-db.com/ghdb/7295
metadata:
shodan-query: http.title:"C-more -- the best HMI presented by AutomationDirect"
google-dork: intitle:"C-more -- the best HMI presented by AutomationDirect"
google-query: intitle:"C-more -- the best HMI presented by AutomationDirect"
tags: panel,iot,edb
requests:

View File

@ -8,7 +8,7 @@ info:
- https://www.exploit-db.com/ghdb/7288
metadata:
shodan-query: http.title:"NETSurveillance WEB"
google-dork: intitle:"NETSurveillance WEB"
google-query: intitle:"NETSurveillance WEB"
tags: tech,iot,edb
requests:

View File

@ -8,7 +8,7 @@ info:
- https://www.exploit-db.com/ghdb/8002
metadata:
verified: true
google-dork: intitle:"NoVus IP camera" -com
google-query: intitle:"NoVus IP camera" -com
tags: camera,novus,edb,iot,panel
requests:

View File

@ -10,7 +10,7 @@ info:
- https://www.exploit-db.com/exploits/39963
metadata:
verified: "true"
google-dork: intitle:"Roxy file manager"
google-query: intitle:"Roxy file manager"
tags: intrusive,misconfig,edb,roxy,fileman,rce,fileupload
requests:

View File

@ -9,7 +9,7 @@ info:
reference:
- http://aetherlab.net/2012/09/experiences-in-pentesting-dwr/
metadata:
google-dork: intitle:"DWR Test Index"
google-query: intitle:"DWR Test Index"
tags: tech,misconfig,dwr
requests:

View File

@ -8,7 +8,7 @@ info:
- https://www.exploit-db.com/ghdb/7380
- https://github.com/projectsend/projectsend
metadata:
google-dork: intext:Provided by ProjectSend
google-query: intext:Provided by ProjectSend
tags: tech,projectsend,edb
requests:

View File

@ -8,7 +8,7 @@ info:
- https://www.exploit-db.com/ghdb/7296
metadata:
shodan-query: http.title:"TileServer GL - Server for vector and raster maps with GL styles"
google-dork: intitle:"TileServer GL - Server for vector and raster maps with GL styles"
google-query: intitle:"TileServer GL - Server for vector and raster maps with GL styles"
tags: tech,tileserver,edb
requests:

View File

@ -9,7 +9,7 @@ info:
- https://www.exploit-db.com/exploits/50639
- https://nvd.nist.gov/vuln/detail/CVE-2021-45420
metadata:
google-dork: inurl:"xweb500.cgi"
google-query: inurl:"xweb500.cgi"
tags: lfw,iot,dixell,xweb500,edb,fileupload,intrusive
requests:

View File

@ -9,7 +9,7 @@ info:
- https://www.exploit-db.com/exploits/48166
- https://github.com/UniSharp/laravel-filemanager
metadata:
google-dork: inurl:"laravel-filemanager?type=Files" -site:github.com -site:github.io
google-query: inurl:"laravel-filemanager?type=Files" -site:github.com -site:github.io
shodan-query: http.html:"Laravel FileManager"
tags: lfr,edb,lfi,unisharp,laravel,filemanager,fileupload

View File

@ -8,7 +8,7 @@ info:
reference: https://blog.reigningshells.com/2019/12/reviving-old-cves-reflected-xss-in-ca.html
metadata:
verified: true
google-dork: inurl:"smpwservices.fcc"
google-query: inurl:"smpwservices.fcc"
tags: dom,xss,siteminder
requests:

View File

@ -12,7 +12,7 @@ info:
cvss-score: 7.5
cwe-id: CWE-22
metadata:
google-dork: 'inurl:index.php?page= intext:Webbdesign: SL-Studio.'
google-query: 'inurl:index.php?page= intext:Webbdesign: SL-Studio.'
tags: slstudio,lfi
requests:

View File

@ -13,7 +13,7 @@ info:
cvss-score: 7.5
cwe-id: CWE-22
metadata:
google-dork: inurl:pacs/login.php, inurl:pacsone/login.php, inurl:pacsone filetype:php home, inurl:pacsone filetype:php login
google-query: inurl:pacs/login.php, inurl:pacsone/login.php, inurl:pacsone filetype:php home, inurl:pacsone filetype:php login
tags: sofneta,lfi,edb
requests:

View File

@ -10,7 +10,7 @@ info:
- https://wpscan.com/vulnerability/b8415ed5-6fd0-42fe-9201-73686c1871c5
metadata:
verified: true
google-dork: inurl:/wp-content/plugins/wp-analytify
google-query: inurl:/wp-content/plugins/wp-analytify
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
cvss-score: 7.2

View File

@ -8,7 +8,7 @@ info:
reference:
- https://packetstormsecurity.com/files/136340/WordPress-HB-Audio-Gallery-Lite-1.0.0-Arbitrary-File-Download.html
metadata:
google-dork: inurl:/wp-content/plugins/hb-audio-gallery-lite
google-query: inurl:/wp-content/plugins/hb-audio-gallery-lite
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss-score: 7.5

View File

@ -8,7 +8,7 @@ info:
reference:
- https://packetstormsecurity.com/files/128024/WordPress-ShortCode-1.1-Local-File-Inclusion.html
metadata:
google-dork: inurl:wp/wp-content/force-download.php
google-query: inurl:wp/wp-content/force-download.php
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss-score: 7.5

View File

@ -7,7 +7,7 @@ info:
reference:
- https://cxsecurity.com/issue/WLB-2021090078
metadata:
google-dork: inurl:/wp-content/themes/haberadam/
google-query: inurl:/wp-content/themes/haberadam/
tags: wordpress,idor,wp-theme,disclosure
requests:

View File

@ -6,7 +6,7 @@ info:
severity: low
description: Searches for sensitive directories present in the wordpress-plugins plugin.
metadata:
google-dork: inurl:/wp-content/plugins/mstore-api/
google-query: inurl:/wp-content/plugins/mstore-api/
tags: wordpress,listing,wp-plugin
requests:

View File

@ -9,7 +9,7 @@ info:
- https://twitter.com/momika233/status/1540325055280070656
metadata:
verified: true
google-dork: inurl:"/wp-includes/sym404/"
google-query: inurl:"/wp-includes/sym404/"
tags: wordpress,listing,wp,exposure
requests: