Dashboard Content Enhancements (#5497)

Dashboard Content Enhancements

cnvd/2022/CNVD-2022-42853.yaml

@@ -3,12 +3,16 @@ id: CNVD-2022-42853
 info:
   name: ZenTao CMS - SQL Injection
   author: ling
-  severity: high
+  severity: critical
   description: |
-    Zen Tao has a SQL injection vulnerability. Attackers can exploit the vulnerability to obtain sensitive database information.
+    ZenTao CMS contains a SQL injection vulnerability. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site.
   reference:
     - https://github.com/z92g/ZentaoSqli/blob/master/CNVD-2022-42853.go
     - https://www.cnvd.org.cn/flaw/show/CNVD-2022-42853
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-89
   metadata:
     verified: true
     shodan-query: http.title:"zentao"
@@ -33,3 +37,5 @@ requests:
         part: body
         words:
           - 'c8c605999f3d8352d7bb792cf3fdb25'
+
+# Enhanced by mp on 2022/09/28

cves/2016/CVE-2016-7834.yaml

@@ -1,7 +1,7 @@
 id: CVE-2016-7834
 
 info:
-  name: Sony IPELA Engine IP Camera - Harcoded Account
+  name: Sony IPELA Engine IP Camera - Hardcoded Account
   author: af001
   severity: high
   description: |

cves/2017/CVE-2017-8917.yaml

@@ -5,11 +5,9 @@ info:
   author: princechaddha
   severity: critical
   description: |
-    Joomla! 3.7.x before 3.7.1 contains a SQL injection vulnerability that could allow attackers to execute arbitrary SQL commands via unspecified vectors.
+    Joomla! before 3.7.1 contains a SQL injection vulnerability. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site.
   reference:
     - https://developer.joomla.org/security-centre/692-20170501-core-sql-injection.html
-    - http://web.archive.org/web/20210421142819/https://www.securityfocus.com/bid/98515
-    - http://web.archive.org/web/20211207050608/https://securitytracker.com/id/1038522
     - https://nvd.nist.gov/vuln/detail/CVE-2017-8917
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
@@ -34,3 +32,5 @@ requests:
         part: body
         words:
           - '{{md5(num)}}'
+
+# Enhanced by mp on 2022/09/28

cves/2019/CVE-2019-10692.yaml

@@ -1,18 +1,16 @@
 id: CVE-2019-10692
 
 info:
-  name: WP Google Maps < 7.11.18 - Unauthenticated SQL Injection
+  name: WordPress Google Maps <7.11.18 - SQL Injection
   author: pussycat0x
   severity: critical
   description: |
-    In the wp-google-maps plugin before 7.11.18 for WordPress,
+    WordPress Google Maps plugin before 7.11.18 contains a SQL injection vulnerability. The plugin includes /class.rest-api.php in the REST API and does not sanitize field names before a SELECT statement. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site.
-    includes/class.rest-api.php in the REST API does not sanitize field names
-    before a SELECT statement.
   reference:
     - https://wpscan.com/vulnerability/475404ce-2a1a-4d15-bf02-df0ea2afdaea
-    - https://nvd.nist.gov/vuln/detail/CVE-2019-10692
     - https://wordpress.org/plugins/wp-google-maps/#developers
     - https://plugins.trac.wordpress.org/changeset?old_path=%2Fwp-google-maps&old=2061433&new_path=%2Fwp-google-maps&new=2061434&sfp_email=&sfph_mail=#file755
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-10692
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
@@ -44,3 +42,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/09/28

cves/2020/CVE-2020-20300.yaml

@@ -1,11 +1,17 @@
-id: weiphp-sql-injection
+id: CVE-2020-20300
 
 info:
-  name: WeiPHP 5.0 SQLI
+  name: WeiPHP 5.0 - SQL Injection
   author: pikpikcu
-  severity: high
+  severity: critical
+  description: WeiPHP 5.0 contains a SQL injection vulnerability via the wp_where function. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site.
   reference:
     - https://github.com/Y4er/Y4er.com/blob/15f49973707f9d526a059470a074cb6e38a0e1ba/content/post/weiphp-exp-sql.md
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-20300
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-89
   metadata:
     verified: true
     shodan-query: http.html:"WeiPHP5.0"
@@ -26,3 +32,5 @@ requests:
       - type: status
         status:
           - 500
+
+# Enhanced by mp on 2022/09/28

cves/2020/CVE-2020-5192.yaml

@@ -3,13 +3,13 @@ id: CVE-2020-5192
 info:
   name: Hospital Management System 4.0 - SQL Injection
   author: TenBird
-  severity: high
+  severity: critical
   description: |
-    PHPGurukul Hospital Management System in PHP v4.0 suffers from multiple SQL injection vulnerabilities: multiple pages and parameters are not validating user input, and allow for the application's database and information to be fully compromised.
+    Hospital Management System 4.0 contains multiple SQL injection vulnerabilities because multiple pages and parameters do not validate user input. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site.
   reference:
     - https://www.exploit-db.com/exploits/47840
-    - https://nvd.nist.gov/vuln/detail/CVE-2020-5192
     - https://phpgurukul.com/hospital-management-system-in-php/
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-5192
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 8.8
@@ -51,3 +51,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/09/28

cves/2020/CVE-2020-8654.yaml

@@ -1,15 +1,15 @@
 id: CVE-2020-8654
 
 info:
-  name: EyesOfNetwork 5.3 - Authenticated RCE
+  name: EyesOfNetwork 5.1-5.3 - SQL Injection/Remote Code Execution
   author: praetorian-thendrickson
-  severity: high
+  severity: critical
-  description: EyesOfNetwork version 5.1-5.3 is vulnerable to multiple exploits. Version 5.3 is vulnerable to CVE-2020-8654 (authenticated rce), CVE-2020-8655 (privesc), CVE-2020-8656 (SQLi - API version before 2.4.2), and 2020-8657 (hardcoded api key). Versions 5.1-5.3 are vulnerable to CVE-2020-9465 (SQLi).
+  description: EyesOfNetwork 5.1 to 5.3 contains SQL injection and remote code execution vulnerabilities. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site. See also CVE-2020-8655, CVE-2020-8656, CVE-2020-8657, and CVE-2020-9465.
   reference:
     - https://github.com/h4knet/eonrce
     - https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/eyesofnetwork_autodiscovery_rce.rb
-    - https://nvd.nist.gov/vuln/detail/CVE-2020-8657
     - https://github.com/EyesOfNetworkCommunity/eonweb/issues/50
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-8654
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 8.8
@@ -45,3 +45,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/09/28

cves/2021/CVE-2021-25104.yaml

@@ -1,16 +1,15 @@
 id: CVE-2021-25104
 
 info:
-  name: Ocean Extra < 1.9.5 - Reflected Cross-Site Scripting
+  name: WordPress Ocean Extra <1.9.5 - Cross-Site Scripting
   author: Akincibor
-  severity: medium
+  severity: high
-  description: The plugin does not escape generated links which are then used when the OceanWP theme is active, leading to a Reflected Cross-Site Scripting issue.
+  description: WordPress Ocean Extra plugin before 1.9.5 contains a cross-site scripting vulnerability. The plugin does not escape generated links which are then used when the OceanWP theme is active.
   reference:
     - https://wpscan.com/vulnerability/2ee6f1d8-3803-42f6-9193-3dd8f416b558
     - https://wordpress.org/plugins/ocean-extra/
-    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-25104
     - https://nvd.nist.gov/vuln/detail/CVE-2021-25104
-  remediation: Fixed in version 1.9.5
+  remediation: Fixed in version 1.9.5.
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
@@ -53,3 +52,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/09/28

cves/2021/CVE-2021-36873.yaml

@@ -1,11 +1,11 @@
 id: CVE-2021-36873
 
 info:
-  name: iQ Block Country plugin - Cross-Site Scripting
+  name: WordPress iQ Block Country <=1.2.11 - Cross-Site Scripting
   author: theamanrawat
-  severity: medium
+  severity: high
   description: |
-    Authenticated Persistent Cross-Site Scripting (XSS) vulnerability in WordPress iQ Block Country plugin (versions <= 1.2.11).
+    WordPress iQ Block Country plugin 1.2.11 and prior contains a cross-site scripting vulnerability. An attacker can execute arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
   reference:
     - https://wpscan.com/vulnerability/ba93f085-2153-439b-9cda-7c5b09d3ed58
     - https://wordpress.org/plugins/iq-block-country/
@@ -62,3 +62,5 @@ requests:
         regex:
           - 'name="_wpnonce" value="([0-9a-zA-Z]+)"'
         internal: true
+
+# Enhanced by mp on 2022/09/28

cves/2021/CVE-2021-39320.yaml

@@ -1,11 +1,11 @@
 id: CVE-2021-39320
 
 info:
-  name: WordPress underConstruction Plugin < 1.19 - Cross-Site Scripting
+  name: WordPress Under Construction <1.19 - Cross-Site Scripting
   author: dhiyaneshDK
-  severity: medium
+  severity: high
   description: |
-    The underConstruction plugin <= 1.18 for WordPress echoes out the raw value of `$GLOBALS['PHP_SELF']` in the ucOptions.php file. On certain configurations including Apache+modPHP, this makes it possible to use it to perform a reflected cross-site scripting attack by injecting malicious code in the request path.
+    WordPress Under Construction plugin before 1.19 contains a cross-site scripting vulnerability. The plugin echoes out the raw value of `$GLOBALS['PHP_SELF']` in the ucOptions.php file on certain configurations, including Apache+modPHP.
   reference:
     - https://wpscan.com/vulnerability/49ae1df0-d6d2-4cbb-9a9d-bf3599429875
     - https://www.wordfence.com/vulnerability-advisories/#CVE-2021-39320
@@ -50,3 +50,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/09/28

cves/2021/CVE-2021-41878.yaml

@@ -1,15 +1,15 @@
 id: CVE-2021-41878
 
 info:
-  name: i-Panel Administration System - Cross-Site Scripting
+  name: i-Panel Administration System 2.0 - Cross-Site Scripting
   author: madrobot
-  severity: medium
+  severity: high
   description: |
-    A reflected cross-site scripting vulnerability exists in the i-Panel Administration System Version 2.0 that enables a remote attacker to execute arbitrary JavaScript code in the browser-based web console.
+    i-Panel Administration System 2.0 contains a cross-site scripting vulnerability that enables an attacker to execute arbitrary JavaScript code in the browser-based web console.
   reference:
     - https://cybergroot.com/cve_submission/2021-1/XSS_i-Panel_2.0.html
-    - https://nvd.nist.gov/vuln/detail/CVE-2021-41878
     - https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-41878
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-41878
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
@@ -41,3 +41,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/09/28

cves/2021/CVE-2021-42667.yaml

@@ -1,16 +1,16 @@
 id: CVE-2021-42667
 
 info:
-  name: Online Event Booking and Reservation System version 2.3.0 - SQL injection
+  name: Online Event Booking and Reservation System 2.3.0 - SQL Injection
   author: fxploit
   severity: critical
   description: |
-    A SQL Injection vulnerability exists in Sourcecodester Online Event Booking and Reservation System in PHP in event-management/views. An attacker can leverage this vulnerability in order to manipulate the sql query performed. As a result he can extract sensitive data from the web server and in some cases he can use this vulnerability in order to get a remote code execution on the remote web server.
+    Online Event Booking and Reservation System 2.3.0 contains a SQL injection vulnerability in event-management/views. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site.
   reference:
     - https://github.com/0xDeku/CVE-2021-42667
     - https://www.sourcecodester.com/php/14241/online-event-booking-and-reservation-system-phpmysql.html
-    - https://nvd.nist.gov/vuln/detail/CVE-2021-42667
     - https://github.com/TheHackingRabbi/CVE-2021-42667
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-42667
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
@@ -49,3 +49,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/09/28

cves/2022/CVE-2022-29006.yaml

@@ -1,11 +1,11 @@
 id: CVE-2022-29006
 
 info:
-  name: Directory Management System  1.0 - SQLi Authentication Bypass
+  name: Directory Management System 1.0 - SQL Injection
   author: TenBird
   severity: critical
   description: |
-    Multiple SQL injection vulnerabilities via the username and password parameters in the Admin panel of Directory Management System v1.0 allows attackers to bypass authentication.
+    Directory Management System 1.0 contains multiple SQL injection vulnerabilities via the username and password parameters in the Admin panel. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site.
   reference:
     - https://www.exploit-db.com/exploits/50370
     - https://phpgurukul.com/directory-management-system-using-php-and-mysql/
@@ -45,3 +45,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/09/28

cves/2022/CVE-2022-29007.yaml

@@ -1,11 +1,11 @@
 id: CVE-2022-29007
 
 info:
-  name: Dairy Farm Shop Management System v1.0 - SQLi Authentication Bypass
+  name: Dairy Farm Shop Management System 1.0 - SQL Injection
   author: TenBird
   severity: critical
   description: |
-    Multiple SQL injection vulnerabilities via the username and password parameters in the Admin panel of Dairy Farm Shop Management System v1.0 allows attackers to bypass authentication.
+    Dairy Farm Shop Management System 1.0 contains multiple SQL injection vulnerabilities via the username and password parameters in the Admin panel. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site.
   reference:
     - https://www.exploit-db.com/exploits/50365
     - https://phpgurukul.com/dairy-farm-shop-management-system-using-php-and-mysql/
@@ -45,3 +45,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/09/28

cves/2022/CVE-2022-29009.yaml

@@ -1,11 +1,11 @@
 id: CVE-2022-29009
 
 info:
-  name: Cyber Cafe Management System Project v1.0 - SQLi Authentication Bypass
+  name: Cyber Cafe Management System 1.0 - SQL Injection
   author: TenBird
   severity: critical
   description: |
-    Multiple SQL injection vulnerabilities via the username and password parameters in the Admin panel of Cyber Cafe Management System Project v1.0 allows attackers to bypass authentication.
+    Cyber Cafe Management System 1.0 contains multiple SQL injection vulnerabilities via the username and password parameters in the Admin panel. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site.
   reference:
     - https://www.exploit-db.com/exploits/50355
     - https://phpgurukul.com/cyber-cafe-management-system-using-php-mysql/
@@ -44,3 +44,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/09/28

cves/2022/CVE-2022-31373.yaml

@@ -1,11 +1,11 @@
 id: CVE-2022-31373
 
 info:
-  name: SolarView Compact 6.00 - Cross-Site Scripting(XSS)
+  name: SolarView Compact 6.00 - Cross-Site Scripting
   author: ritikchaddha
-  severity: medium
+  severity: high
   description: |
-    SolarView Compact v6.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component Solar_AiConf.php.
+    SolarView Compact 6.00 contains a cross-site scripting vulnerability via Solar_AiConf.php. An attacker can execute arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
   reference:
     - https://github.com/badboycxcc/SolarView_Compact_6.0_xss
     - https://nvd.nist.gov/vuln/detail/CVE-2022-31373
@@ -41,3 +41,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/09/28

cves/2022/CVE-2022-32007.yaml

@@ -1,11 +1,11 @@
 id: CVE-2022-32007
 
 info:
-  name: Complete Online Job Search System v1.0 - SQL Injection
+  name: Complete Online Job Search System 1.0 - SQL Injection
   author: arafatansari
-  severity: high
+  severity: critical
   description: |
-    Complete Online Job Search System v1.0 is vulnerable to SQL Injection via /eris/admin/company/index.php?view=edit&id=.
+    Complete Online Job Search System 1.0 contains a SQL injection vulnerability via /eris/admin/company/index.php?view=edit&id=. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site.
   reference:
     - https://github.com/k0xx11/bug_report/blob/main/vendors/campcodes.com/online-job-search-system/SQLi-2.md
     - https://nvd.nist.gov/vuln/detail/CVE-2022-32007
@@ -40,3 +40,5 @@ requests:
         part: body
         words:
           - '{{md5({{num}})}}'
+
+# Enhanced by mp on 2022/09/28

cves/2022/CVE-2022-32015.yaml

@@ -1,11 +1,11 @@
 id: CVE-2022-32015
 
 info:
-  name: Complete Online Job Search System v1.0 - SQL Injection
+  name: Complete Online Job Search System 1.0 - SQL Injection
   author: arafatansari
-  severity: high
+  severity: critical
   description: |
-    Complete Online Job Search System v1.0 is vulnerable to SQL Injection via /eris/index.php?q=category&search=.
+    Complete Online Job Search System 1.0 contains a SQL injection vulnerability via /eris/index.php?q=category&search=. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site.
   reference:
     - https://github.com/k0xx11/bug_report/blob/main/vendors/campcodes.com/online-job-search-system/SQLi-8.md
     - https://nvd.nist.gov/vuln/detail/CVE-2022-32015
@@ -31,3 +31,5 @@ requests:
         part: body
         words:
           - '{{md5({{num}})}}'
+
+# Enhanced by mp on 2022/09/28

cves/2022/CVE-2022-32018.yaml

@@ -1,11 +1,11 @@
 id: CVE-2022-32018
 
 info:
-  name: Complete Online Job Search System v1.0 - SQL Injection
+  name: Complete Online Job Search System 1.0 - SQL Injection
   author: arafatansari
-  severity: high
+  severity: critical
   description: |
-    Complete Online Job Search System v1.0 is vulnerable to SQL Injection via /eris/index.php?q=hiring&search=.
+    Complete Online Job Search System 1.0 contains a SQL injection vulnerability via /eris/index.php?q=hiring&search=. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site.
   reference:
     - https://github.com/k0xx11/bug_report/blob/main/vendors/campcodes.com/online-job-search-system/SQLi-12.md
     - https://nvd.nist.gov/vuln/detail/CVE-2022-32018
@@ -31,3 +31,5 @@ requests:
         part: body
         words:
           - '{{md5({{num}})}}'
+
+# Enhanced by mp on 2022/09/28

cves/2022/CVE-2022-32022.yaml

@@ -1,15 +1,15 @@
 id: CVE-2022-32022
 
 info:
-  name: Car Rental Management System v1.0 - SQL Injection
+  name: Car Rental Management System 1.0 - SQL Injection
   author: arafatansari
-  severity: high
+  severity: critical
   description: |
-    Car Rental Management System v1.0 is vulnerable to SQL Injection via /admin/ajax.php?action=login.
+    Car Rental Management System 1.0 contains an SQL injection vulnerability via /admin/ajax.php?action=login. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site.
   reference:
+    - https://github.com/k0xx11/bug_report/blob/main/vendors/campcodes.com/car-rental-management-system/SQLi-1.md
     - https://github.com/k0xx11/bug_report/blob/main/vendors/campcodes.com/car-rental-management-system/SQLi-1.md
     - https://nvd.nist.gov/vuln/detail/CVE-2022-32022
-    - https://github.com/k0xx11/bug_report/blob/main/vendors/campcodes.com/car-rental-management-system/SQLi-1.md.
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 7.2
@@ -47,3 +47,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/09/28

cves/2022/CVE-2022-32024.yaml

@@ -1,11 +1,11 @@
 id: CVE-2022-32024
 
 info:
-  name: Car Rental Management System v1.0 - SQL Injection
+  name: Car Rental Management System 1.0 - SQL Injection
   author: arafatansari
-  severity: high
+  severity: critical
   description: |
-    Car Rental Management System v1.0 is vulnerable to SQL Injection via /booking.php?car_id=.
+    Car Rental Management System 1.0 contains an SQL injection vulnerability via /booking.php?car_id=. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site.
   reference:
     - https://github.com/k0xx11/bug_report/blob/main/vendors/campcodes.com/car-rental-management-system/SQLi-4.md
     - https://nvd.nist.gov/vuln/detail/CVE-2022-32024
@@ -48,3 +48,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by md on 2022/09/26

cves/2022/CVE-2022-32025.yaml

@@ -1,11 +1,11 @@
 id: CVE-2022-32025
 
 info:
-  name: Car Rental Management System v1.0 - SQL Injection
+  name: Car Rental Management System 1.0 - SQL Injection
   author: arafatansari
-  severity: high
+  severity: critical
   description: |
-    Car Rental Management System v1.0 is vulnerable to SQL Injection via /admin/view_car.php?id=.
+    Car Rental Management System 1.0 contains an SQL injection vulnerability via /admin/view_car.php?id=. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site.
   reference:
     - https://github.com/k0xx11/bug_report/blob/main/vendors/campcodes.com/car-rental-management-system/SQLi-6.md
     - https://nvd.nist.gov/vuln/detail/CVE-2022-32025
@@ -50,3 +50,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by md on 2022/09/26

cves/2022/CVE-2022-32026.yaml

@@ -1,11 +1,11 @@
 id: CVE-2022-32026
 
 info:
-  name: Car Rental Management System v1.0 - SQL Injection
+  name: Car Rental Management System 1.0 - SQL Injection
   author: arafatansari
-  severity: high
+  severity: critical
   description: |
-    Car Rental Management System v1.0 is vulnerable to SQL Injection via /admin/manage_booking.php?id=.
+    Car Rental Management System 1.0 contains an SQL injection vulnerability via /admin/manage_booking.php?id=. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site.
   reference:
     - https://github.com/k0xx11/bug_report/blob/main/vendors/campcodes.com/car-rental-management-system/SQLi-8.md
     - https://github.com/k0xx11/bug_report/blob/main/vendors/campcodes.com/car-rental-management-system/SQLi-5.md
@@ -50,3 +50,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by md on 2022/09/26

cves/2022/CVE-2022-32028.yaml

@@ -1,11 +1,11 @@
 id: CVE-2022-32028
 
 info:
-  name: Car Rental Management System v1.0 - SQL Injection
+  name: Car Rental Management System 1.0 - SQL Injection
   author: arafatansari
-  severity: high
+  severity: critical
   description: |
-    Car Rental Management System v1.0 is vulnerable to SQL Injection via /admin/manage_user.php?id=.
+    Car Rental Management System 1.0 contains an SQL injection vulnerability via /admin/manage_user.php?id=. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site.
   reference:
     - https://github.com/k0xx11/bug_report/blob/main/vendors/campcodes.com/car-rental-management-system/SQLi-8.md
     - https://nvd.nist.gov/vuln/detail/CVE-2022-32028
@@ -50,3 +50,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by md on 2022/09/26

cves/2022/CVE-2022-32094.yaml

@@ -1,11 +1,11 @@
 id: CVE-2022-32094
 
 info:
-  name: Hospital Management System v1.0 - SQL Injection
+  name: Hospital Management System 1.0 - SQL Injection
   author: arafatansari
   severity: critical
   description: |
-    Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter in /HMS/doctor.php.
+    Hospital Management System 1.0 contains a SQL injection vulnerability via the editid parameter in /HMS/doctor.php. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site.
   reference:
     - https://github.com/Danie1233/Hospital-Management-System-v1.0-SQLi-3/
     - https://nvd.nist.gov/vuln/detail/CVE-2022-32094
@@ -43,3 +43,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by md on 2022/09/26

cves/2022/CVE-2022-34590.yaml

@@ -1,11 +1,11 @@
 id: CVE-2022-34590
 
 info:
-  name: Hospital Management System v1.0 - SQL Injection
+  name: Hospital Management System 1.0 - SQL Injection
   author: arafatansari
-  severity: high
+  severity: critical
   description: |
-    Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter in /HMS/admin.php.
+    Hospital Management System 1.0 contains a SQL injection vulnerability via the editid parameter in /HMS/admin.php. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site.
   reference:
     - https://github.com/Renrao/bug_report/blob/master/blob/main/vendors/itsourcecode.com/hospital-management-system/sql_injection.md
     - https://nvd.nist.gov/vuln/detail/CVE-2022-34590
@@ -44,3 +44,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by md on 2022/09/28

cves/2022/CVE-2022-38637.yaml

@@ -1,15 +1,15 @@
 id: CVE-2022-38637
 
 info:
-  name: Hospital Management System v1.0 - SQL Injection
+  name: Hospital Management System 1.0 - SQL Injection
   author: arafatansari
   severity: critical
   description: |
-    Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter in /HMS/user-login.php.
+    Hospital Management System 1.0 contains a SQL injection vulnerability via the editid parameter in /HMS/user-login.php.  An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site.
   reference:
     - https://www.youtube.com/watch?v=m8nW0p69UHU
-    - https://nvd.nist.gov/vuln/detail/CVE-2022-38637
     - https://owasp.org/www-community/attacks/SQL_Injection
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-38637
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
@@ -44,3 +44,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by md on 2022/09/28

file/bash/bash.yaml

@@ -21,7 +21,7 @@ file:
           - ":(){:|:&};:"
 
       - type: regex
-        name: rm commad found
+        name: rm command found
         regex:
           - "rm -(f|r)"
           - "rm -(fr|rf)"

vulnerabilities/dedecms/dedecms-membergroup-sqli.yaml

@@ -1,12 +1,16 @@
 id: dedecms-membergroup-sqli
 
 info:
-  name: DedeCMS Membergroup SQLI
+  name: Dede CMS - SQL Injection
   author: pikpikcu
-  severity: medium
+  severity: critical
-  description: A vulnerability in the DedeCMS product allows remote unauthenticated users to inject arbitrary SQL statements via the 'ajax_membergroup.php' endpoint and the 'membergroup' parameter.
+  description: Dede CMS contains a SQL injection vulnerability which allows remote unauthenticated users to inject arbitrary SQL statements via the ajax_membergroup.php endpoint and the membergroup parameter.
   reference:
     - http://www.dedeyuan.com/xueyuan/wenti/1244.html
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-89
   metadata:
     shodan-query: http.html:"DedeCms"
   tags: sqli,dedecms
@@ -30,3 +34,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by md on 2022/09/28

vulnerabilities/other/alumni-management-sqli.yaml

@@ -1,13 +1,18 @@
 id: alumni-management-sqli
 
 info:
-  name: Alumni Management System 1.0 - SQLi Authentication Bypass
+  name: Alumni Management System 1.0 - SQL Injection
   author: arafatansari
-  severity: high
+  severity: critical
   description: |
-    Alumni Management System Admin Login page can be bypassed with a simple SQLi to the username parameter.
+    Alumni Management System 1.0 contains a SQL injection vulnerability via admin/login in the username parameter. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site.
   reference:
     - https://www.exploit-db.com/exploits/48883
+    - https://www.cvedetails.com/cve/CVE-2020-29214
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-89
   tags: sqli,auth-bypass,cms,edb,alumni
 
 requests:
@@ -42,3 +47,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by md on 2022/09/28

vulnerabilities/other/chamilo-lms-sqli.yaml

@@ -1,10 +1,15 @@
 id: chamilo-lms-sqli
 
 info:
-  name: Chamilo LMS SQL Injection
+  name: Chamilo 1.11.14 - SQL Injection
   author: undefl0w
-  severity: high
+  severity: critical
-  description: Finds sql injection in Chamilo version 1.11.14
+  description: Chamilo 1.1.14 contains a SQL injection vulnerability. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site.
+  reference: https://packetstormsecurity.com/files/162572/Chamilo-LMS-1.11.14-Remote-Code-Execution.html
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-89
   tags: chamilo,sqli
 
 requests:
@@ -28,3 +33,5 @@ requests:
       - type: dsl
         dsl:
           - 'contains(body_2, "{{randstr}}")'
+
+# Enhanced by md on 2022/09/28

vulnerabilities/other/cvms-sqli.yaml

@@ -1,13 +1,18 @@
 id: cvms-sqli
 
 info:
-  name: Company Visitor Management System (CVMS) 1.0 - SQLi Authentication Bypass
+  name: Company Visitor Management System 1.0 - SQL Injection
   author: arafatansari
-  severity: high
+  severity: critical
   description: |
-    Company Visitor Management System Login page can be bypassed with a simple SQLi to the username parameter.
+    Company Visitor Management System 1.0 contains a SQL injection vulnerability via the login page in the username parameter. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site.
   reference:
     - https://www.exploit-db.com/exploits/48884
+    - https://packetstormsecurity.com/files/158476/Company-Visitor-Management-System-CVMS-1.0-SQL-Injection.html
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-89
   metadata:
     verified: true
   tags: cvms,sqli,auth-bypass,cms,edb
@@ -36,3 +41,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/09/28

vulnerabilities/other/dotnetcms-sqli.yaml

@@ -1,15 +1,20 @@
 id: dotnetcms-sqli
 
 info:
-  name: DotnetCMS SQLi
+  name: Dotnet CMS -  SQL Injection
   author: ritikchaddha
-  severity: high
+  severity: critical
-  metadata:
+  description: Dotnet CMS contains a SQL injection vulnerability. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site.
-    verified: true
-    shodan-query: http.html:"dotnetcms"
   reference:
     - https://www.cnblogs.com/rebeyond/p/4951418.html
     - http://wy.zone.ci/bug_detail.php?wybug_id=wooyun-2015-0150742
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-89
+  metadata:
+    verified: true
+    shodan-query: http.html:"dotnetcms"
   tags: dotnetcms,dotnet,sqli
 
 requests:
@@ -27,3 +32,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/09/28

vulnerabilities/other/duomicms-sql-injection.yaml

@@ -1,11 +1,16 @@
 id: duomicms-sql-injection
 
 info:
-  name: DuomiCMS SQL Injection
+  name: Duomi CMS - SQL Injection
   author: pikpikcu
-  severity: high
+  severity: critical
+  description: Duomi CMS contains a SQL injection vulnerability. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site.
   reference:
     - https://redn3ck.github.io/2016/11/01/duomiCMS/
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-89
   metadata:
     verified: true
     shodan-query: title:"DuomiCMS"
@@ -28,3 +33,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by md on 2022/09/28

vulnerabilities/other/ecshop-sqli.yaml

@@ -1,16 +1,20 @@
 id: ecshop-sqli
 
 info:
-  name: ECShop 2.x/3.x SQL Injection
+  name: ECShop 2.x/3.x - SQL Injection
   author: Lark-lab,ImNightmaree,ritikchaddha
-  severity: high
+  severity: critical
   description: |
-    The vulnerability affects ECShop 2.x and 3.x versions allows remote unauthenticated users to inject arbitrary SQL statements into via the 'Referer' header field,and later via SQL injection vulnerability to malicious code injected into the dangerous eval function in order to achieve arbitrary code execution.
+    ECShop 2.x and 3.x contains a SQL injection vulnerability which can allow an attacker to inject arbitrary SQL statements via the referer header field and the dangerous eval function, thus possibly allowing an attacker to obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site.
   reference:
     - https://titanwolf.org/Network/Articles/Article?AID=af15bee8-7afc-4bb2-9761-a7d61210b01a
     - https://phishingkittracker.blogspot.com/2019/08/userphp-ecshop-sql-injection-2017.html
     - http://www.wins21.com/mobile/blog/blog_view.html?num=1172
     - https://www.shutingrz.com/post/ad_hack-ec_exploit/
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-89
   metadata:
     verified: true
     fofa-query: app="ECShop"
@@ -46,3 +50,5 @@ requests:
           - "PHP Extension"
           - "PHP Version"
         condition: and
+
+# Enhanced by mp on 2022/09/28

vulnerabilities/other/ems-sqli.yaml

@@ -1,14 +1,18 @@
 id: ems-sqli
 
 info:
-  name: Employee Management System 1.0 - SQLi Authentication Bypass
+  name: Employee Management System 1.0 - SQL Injection
   author: arafatansari
-  severity: high
+  severity: critical
   description: |
-    Employee Management System Login page can be bypassed with a simple SQLi to the username parameter.
+    Employee Management System 1.0 contains a SQL injection vulnerability via the username parameter.  An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site.
   reference:
     - https://www.exploit-db.com/exploits/48882
     - https://www.sourcecodester.com/sites/default/files/download/razormist/employee-management-system.zip
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-89
   metadata:
     verified: true
   tags: ems,sqli,cms,auth-bypass,edb
@@ -37,3 +41,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/09/28

vulnerabilities/other/etouch-v2-sqli.yaml

@@ -1,12 +1,17 @@
 id: etouch-v2-sqli
 
 info:
-  name: Ectouch v2 SQL Injection
+  name: ECTouch 2 - SQL Injection
   author: princechaddha
-  severity: high
+  severity: critical
+  description: ECTouch 2 contains a SQL injection vulnerability. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site.
   reference:
     - https://github.com/mstxq17/CodeCheck/
     - https://www.anquanke.com/post/id/168991
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-89
   tags: etouch,sqli
 
 variables:
@@ -27,3 +32,5 @@ requests:
         words:
           - '{{md5({{num}})}}'
         part: body
+
+# Enhanced by mp on 2022/09/28

vulnerabilities/other/finecms-sqli.yaml

@@ -3,11 +3,15 @@ id: finecms-sqli
 info:
   name: FineCMS 5.0.10 - SQL Injection
   author: ritikchaddha
-  severity: high
+  severity: critical
   description: |
-    SQL Injection exists in FineCMS 5.0.10.
+    FineCMS 5.0.10 contains a SQL injection vulnerability. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site.
   reference:
     - https://blog.csdn.net/dfdhxb995397/article/details/101385340
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-89
   tags: finecms,sqli
 
 variables:
@@ -22,3 +26,5 @@ requests:
       - type: word
         words:
           - '{{md5({{num}})}}'
+
+# Enhanced by mp on 2022/09/28

vulnerabilities/other/kevinlab-bems-sqli.yaml

@@ -1,15 +1,18 @@
 id: kevinlab-bems-sqli
 
 info:
-  name: KevinLAB BEMS 1.0 Unauthenticated SQL Injection/Authentication Bypass
+  name: KevinLAB BEMS 1.0 - SQL Injection
   author: gy741
-  severity: high
+  severity: critical
-  description: The application suffers from an unauthenticated SQL Injection vulnerability. Input passed through 'input_id' POST parameter in '/http/index.php' is not properly sanitised before being returned to the
+  description: KevinLAB BEMS 1.0 contains a SQL injection vulnerability. Input passed through input_id POST parameter in /http/index.php is not properly sanitized before being returned to the user or used in SQL queries. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site.
-    user or used in SQL queries.
   reference:
     - https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5655.php
     - https://www.exploit-db.com/exploits/50146
     - https://packetstormsecurity.com/files/163572/
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-89
   tags: kevinlab,sqli,edb,packetstorm
 
 requests:
@@ -32,3 +35,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/09/28

vulnerabilities/other/loancms-sqli.yaml

@@ -1,13 +1,18 @@
 id: loancms-sqli
 
 info:
-  name: Loan Management System 1.0 - SQLi Authentication Bypass
+  name: Loan Management System 1.0 - SQL Injection
   author: arafatansari
-  severity: high
+  severity: critical
   description: |
-    Loan Management System Login page can be bypassed with a simple SQLi to the username parameter.
+    Loan Management System 1.0 contains a SQL injection vulnerability via the username parameter. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site.
   reference:
     - https://www.exploit-db.com/exploits/50402
+    - https://packetstormsecurity.com/files/167860/Loan-Management-System-1.0-SQL-Injection.html
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-89
   metadata:
     verified: true
   tags: edb,loancms,sqli,auth-bypass,cms
@@ -41,3 +46,5 @@ requests:
         words:
           - 'login-form'
         negative: true
+
+# Enhanced by mp on 2022/09/28

vulnerabilities/other/pbootcms-database-file-download.yaml

@@ -1,12 +1,17 @@
 id: pbootcms-database-file-download
 
 info:
-  name: PbootCMS v2.0.7 - pbootcms.db File Download
+  name: PbootCMS 2.0.7 - SQL Injection
   author: ritikchaddha
-  severity: high
+  severity: critical
+  description: PbootCMS 2.0.7 contains a SQL injection vulnerability via pbootcms.db.  An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site.
   reference:
     - https://xz.aliyun.com/t/7628
     - https://www.cnblogs.com/0daybug/p/12786036.html
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-89
   tags: pbootcms,db,exposure,database,sqlite
 
 requests:
@@ -27,3 +32,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/09/28

vulnerabilities/other/phpok-sqli.yaml

@@ -1,9 +1,16 @@
 id: phpok-sqli
 
 info:
-  name: PHPOK - Sql Injection
+  name: PHPOK - SQL Injection
   author: ritikchaddha
-  severity: high
+  severity: critical
+  description: PHPOK contains a SQL injection vulnerability via a GET request. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site.
+  reference:
+    - https://cve.report/software/phpok/phpok
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-89
   metadata:
     verified: true
     fofa-query: app="phpok"
@@ -23,3 +30,5 @@ requests:
         part: body
         words:
           - '{{md5({{num}})}}'
+
+# Enhanced by mp on 2022/09/28

vulnerabilities/other/seacms-sqli.yaml

@@ -1,11 +1,16 @@
 id: seacms-sqli
 
 info:
-  name: SeaCMS V8.7 SQL Injection
+  name: SeaCMS 8.7 - SQL Injection
   author: ritikchaddha
-  severity: high
+  severity: critical
+  description: SeaCMS 8.7 contains a SQL injection vulnerability. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site.
   reference:
     - https://www.uedbox.com/post/54561/
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-89
   tags: seacms,sqli
 
 variables:
@@ -28,3 +33,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/09/28

vulnerabilities/other/vpms-auth-bypass.yaml

@@ -1,12 +1,16 @@
 id: vpms-auth-bypass
 
 info:
-  name: Vehicle Parking Management System 1.0 - Authentication Bypass
+  name: Vehicle Parking Management System 1.0 - SQL Injection
   author: dwisiswant0
-  severity: high
+  severity: critical
-  description: The Vehicle Parking Management System allows remote attackers to bypass the authentication system by utilizing an SQL injection vulnerability in the 'password' parameter.
+  description: Vehicle Parking Management System 1.0 contains a SQL injection vulnerability via the password parameter. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site.
   reference:
     - https://www.exploit-db.com/exploits/48877
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-89
   tags: auth-bypass,edb
 
 requests:
@@ -33,3 +37,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/09/28

vulnerabilities/other/wuzhicms-sqli.yaml

@@ -1,11 +1,17 @@
 id: wuzhicms-sqli
 
 info:
-  name: Wuzhicms v4.1.0 SQL Injection
+  name: Wuzhicms 4.1.0 - SQL Injection
   author: princechaddha
-  severity: high
+  severity: critical
+  description: Wuzhicms 4.1.0 contains a SQL injection vulnerability via the grouppid parameter of /coreframe/app/member/admin/group.php. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site.
   reference:
     - https://github.com/wuzhicms/wuzhicms/issues/184
+    - https://vulners.com/cnvd/CNVD-2022-36985
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-89
   tags: wuzhicms,sqli
 
 variables:
@@ -26,3 +32,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/09/28

vulnerabilities/other/xdcms-sqli.yaml

@@ -1,11 +1,16 @@
 id: xdcms-sqli
 
 info:
-  name: XdCMS SQL Injection
+  name: XdCMS - SQL Injection
   author: pikpikcu
-  severity: high
+  severity: critical
+  description: XdCMS contains a SQL injection vulnerability. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site.
   reference:
     - https://www.uedbox.com/post/35188/
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-89
   tags: sqli,xdcms
 
 variables:
@@ -36,3 +41,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/09/28

vulnerabilities/other/yeswiki-sql.yaml

@@ -1,13 +1,17 @@
 id: yeswiki-sql
 
 info:
-  name: YesWiki - SQL Injection
+  name: YesWiki <2022-07-07 - SQL Injection
   author: arafatansari
   severity: critical
   description: |
-    YesWiki before 2022-07-07 allows SQL Injection via the "id" parameter in the AccueiL URL.
+    YesWiki before 2022-07-07 contains a SQL injection vulnerability via the id parameter in the AccueiL URL. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site.
   reference:
-    - https://huntr.dev/bounties/32e27955-376a-48fe-9984-87dd77e24985/
+    - https://huntr.dev/bounties/32e27955-376a-48fe-9984-87dd77e24985
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-89
   metadata:
     verified: true
     shodan-query: http.html:"yeswiki"
@@ -31,3 +35,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by md on 2022/09/28

vulnerabilities/other/zcms-v3-sqli.yaml

@@ -1,11 +1,16 @@
 id: zcms-v3-sqli
 
 info:
-  name: ZCMS SQL Injection
+  name: ZCMS - SQL Injection
   author: princechaddha
-  severity: high
+  severity: critical
+  description: ZCMS contains a SQL injection vulnerability. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site.
   reference:
     - https://www.anquanke.com/post/id/183241
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-89
   tags: zcms,sqli
 
 variables:
@@ -26,3 +31,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/09/28

vulnerabilities/other/zms-auth-bypass.yaml

@@ -1,12 +1,17 @@
 id: zms-auth-bypass
 
 info:
-  name: Zoo Management System 1.0 - Authentication Bypass
+  name: Zoo Management System 1.0 - SQL Injection
   author: dwisiswant0
-  severity: high
+  severity: critical
-  description: A vulnerability in Zoo Management allows remote attackers to bypass the authentication mechanism via an SQL injection vulnerability.
+  description: Zoo Management System 1.0 contains a SQL injection vulnerability. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site.
   reference:
     - https://www.exploit-db.com/exploits/48880
+    - https://packetstormsecurity.com/files/159567/Zoo-Management-System-1.0-SQL-Injection.html
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-89
   tags: zms,edb,auth-bypass
 
 requests:
@@ -35,3 +40,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/09/28

vulnerabilities/other/zms-sqli.yaml

@@ -1,13 +1,18 @@
 id: zms-sqli
 
 info:
-  name: Zoo Management System (ZMS) 1.0 - SQLi Authentication Bypass
+  name: Zoo Management System 1.0 - SQL Injection
   author: arafatansari
-  severity: high
+  severity: critical
   description: |
-    Zoo Management System Login page can be bypassed with a simple SQLi to the username parameter.
+    Zoo Management System 1.0 contains a SQL injection vulnerability via the username parameter on the login page. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site.
   reference:
     - https://www.exploit-db.com/exploits/48880
+    - https://packetstormsecurity.com/files/167572/Zoo-Management-System-1.0-Cross-Site-Scripting.html
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-89
   metadata:
     verified: true
   tags: zms,sqli,auth-bypass,cms,edb
@@ -36,3 +41,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/09/28

vulnerabilities/weaver/ecology/ecology-syncuserinfo-sqli.yaml

@@ -1,11 +1,17 @@
 id: ecology-syncuserinfo-sqli
 
 info:
-  name: Ecology Syncuserinfo Sqli
+  name: Ecology Syncuserinfo - SQL Injection
   author: ritikchaddha
-  severity: high
+  severity: critical
+  description: Ecology Syncuserinfo contains a SQL injection vulnerability via a GET request. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site.
   reference:
     - https://www.weaver.com.cn/
+    - https://github.com/chaitin/xray/blob/master/pocs/ecology-syncuserinfo-sqli.yml
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-89
   metadata:
     fofa-query: app="泛微-协同办公OA"
   tags: ecology,sqli
@@ -28,3 +34,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/09/28

vulnerabilities/weaver/ecology/ecology-v8-sqli.yaml

@@ -1,11 +1,16 @@
 id: ecology-v8-sqli
 
 info:
-  name: Ecology V8 - SQL Injection
+  name: Ecology 8 - SQL Injection
   author: ritikchaddha
-  severity: high
+  severity: critical
+  description: Ecology 8 contains a SQL injection vulnerability via a GET request. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site.
   reference:
     - http://wiki.peiqi.tech/PeiQi_Wiki/OA%E4%BA%A7%E5%93%81%E6%BC%8F%E6%B4%9E/%E6%B3%9B%E5%BE%AEOA/%E6%B3%9B%E5%BE%AEOA%20V8%20SQL%E6%B3%A8%E5%85%A5%E6%BC%8F%E6%B4%9E.html
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-89
   metadata:
     fofa-query: app="泛微-协同办公OA"
   tags: ecology,sqli
@@ -25,3 +30,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/09/28

vulnerabilities/wordpress/age-gate-xss.yaml

@@ -1,14 +1,18 @@
 id: age-gate-xss
 
 info:
-  name: Age Gate < 2.20.4 - Cross-Site Scripting
+  name: WordPress Age Gate <2.20.4 - Cross-Site Scripting
   author: akincibor,daffainfo
-  severity: medium
+  severity: high
   description: |
-    The plugin does not escape some URLs before outputting them back in attributes, leading to Reflected Cross-Site Scripting.
+    WordPress Age Gate plugin before 2.20.4 contains a cross-site scripting vulnerability. The plugin does not escape some URLs before outputting them back in attributes.
   reference:
     - https://wpscan.com/vulnerability/a13148fe-ffc9-4003-a44d-652624ba5535
     - https://wordpress.org/plugins/age-gate/
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
+    cvss-score: 7.2
+    cwe-id: CWE-79
   tags: xss,authenticated,age-gate,wpscan,wordpress,wp-plugin,wp
 
 requests:
@@ -42,3 +46,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/09/28

vulnerabilities/yonyou/yonyou-u8-oa-sqli.yaml

@@ -1,11 +1,17 @@
 id: yonyou-u8-oa-sqli
 
 info:
-  name: Yonyou U8 OA Sqli
+  name: Yonyou U8 - SQL Injection
   author: ritikchaddha
-  severity: high
+  severity: critical
+  description: Yonyou U8 contains a SQL injection vulnerability. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site.
   reference:
     - http://wiki.peiqi.tech/PeiQi_Wiki/OA%E4%BA%A7%E5%93%81%E6%BC%8F%E6%B4%9E/%E7%94%A8%E5%8F%8BOA/%E7%94%A8%E5%8F%8B%20U8%20OA%20test.jsp%20SQL%E6%B3%A8%E5%85%A5%E6%BC%8F%E6%B4%9E.html
+    - https://www.tencentcloud.com/document/product/627/38435
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10.0
+    cwe-id: CWE-89
   tags: yonyou,oa,sqli
 
 variables:
@@ -26,3 +32,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/09/28