updates

2023-03-27 11:56:00 +05:30 · 2023-03-27 11:56:00 +05:30 · 22fe5eb282
parent 5aade83e84
commit 22fe5eb282
4 changed files with 11 additions and 12 deletions
--- a/cves/2020/CVE-2020-14144.yaml
+++ b/cves/2020/CVE-2020-14144.yaml
@ -1,7 +1,7 @@
 id: CVE-2020-14144

 info:
-  name: Gitea Git Hooks Remote Code Execution
+  name: Gitea Git Hooks - Remote Code Execution
  author: theamanrawat
  severity: high
  description: |
@ -20,7 +20,7 @@ info:
  metadata:
    shodan-query: html:"Powered by Gitea Version"
    verified: "true"
-  tags: cve,cve2020,rce,gitea,authenticated
+  tags: cve,cve2020,rce,gitea,authenticated,git

 requests:
  - raw:
--- a/cves/2022/CVE-2022-1329.yaml
+++ b/cves/2022/CVE-2022-1329.yaml
@ -1,7 +1,7 @@
 id: CVE-2022-1329

 info:
-  name: Elementor Website Builder Remote Code Execution Vulnerability
+  name: Elementor Website Builder - Remote Code Execution Vulnerability
  author: theamanrawat
  severity: high
  description: |
--- a/cves/2023/CVE-2023-28432.yaml
+++ b/cves/2023/CVE-2023-28432.yaml
@ -1,6 +1,6 @@
 id: CVE-2023-28432
 info:
-  name: Minio Information Disclosure in Cluster Deployment
+  name: Minio Cluster Deployment - Information Disclosure
  author: Mr-xn
  severity: high
  description: |
@ -19,7 +19,8 @@ info:
  metadata:
    shodan-query: title:"Minio Console"
    verified: "true"
-  tags: cve,cve2023,minio,console
+  tags: cve,cve2023,minio,console,exposure
+
 requests:
  - raw:
      - |+
@ -44,4 +45,4 @@ requests:

      - type: status
        status:
-          - 200
+          - 200
--- a/vulnerabilities/splash/splash-render-ssrf.yaml
+++ b/vulnerabilities/splash/splash-render-ssrf.yaml
@ -1,7 +1,7 @@
 id: splash-render-ssrf

 info:
-  name: Splash Render SSRF
+  name: Splash Render - SSRF
  author: pwnhxl
  severity: high
  reference:
@ -11,21 +11,19 @@ info:
    verified: "true"
    shodan-query: title:"Splash"
    hunter-query: web.title="Splash" && header="TwistedWeb"
-  tags: splash,ssrf
+  tags: splash,ssrf,oast,oss

 requests:
  - method: GET
    path:
-      - "{{BaseURL}}/render.html?url=http://example.com"
+      - "{{BaseURL}}/render.html?url=https://oast.live"

    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
-          - '<title>Example Domain</title>'
-          - '<h1>Example Domain</h1>'
-        condition: and
+          - 'Interactsh Server'

      - type: status
        status: